The Truths We Hold
Page 22
Climate change imperils industries, too. Temperature and current changes in the oceans are already hurting the fishing industry. The agriculture industry faces dangers on multiple fronts: a rise in invasive species, pests, fungus, and disease; changing weather patterns that will lower yields; and the constant fear of drought.
Put bluntly, we have work to do. Hard work. Indispensable work. We have everything we need—all of the raw ingredients—to build an economy for the twenty-first century that is fair and sturdy, an economy that rewards the work of those who sustain it. But we have to hurry. And we have to be willing to speak truth.
We need to acknowledge that the jobs of the future are going to require people to earn an education after high school, whether it’s a certification or a university degree. This isn’t optional anymore. If we want to be true to the principle that all Americans deserve access to public education, then we can’t stop funding it after high school. We need to invest in our workforce, now and in the future, and that means we’re going to have to invest in more post–high school education, too. It means, among other things, that we have to make debt-free college a reality.
Let’s speak truth about housing affordability. We can’t have a functioning society if people can’t afford to live in it. The housing crisis is not something we can just shrug off as if it is a fact of nature. We’ve got to make a major effort, from changing zoning laws to encourage new and affordable housing to giving relief to people who are struggling—right now—to pay their rent. For starters, I introduced a Senate bill that would give overburdened renters some relief. If someone is paying more than 30 percent of their income in rent and utilities, they would receive a new refundable tax credit to help defray their housing costs. But there’s much more to do.
Let’s speak truth about child care. If we don’t find a way to make it affordable, we’re not only subjugating people in financial crisis; we are also making it harder for women to stay in the workforce when they want to. This is one of the systemic barriers to women’s growth and success in the workplace. We need to tear it down.
And let’s speak truth about what we have to build up. To put people to work in well-paid jobs, and to prevent our economy from lagging, we should be investing in rebuilding our nation’s infrastructure. We have roads and bridges that need building and upgrading. We have broadband internet infrastructure to build in rural areas that still lack it. We have new wind farms and transmission lines that need installing. We have airports that need modernizing and subways in dire need of repair. If not for ourselves, shouldn’t we at least do this work for our children and grandchildren?
Let’s also speak truth about organized labor, which has been systematically dismantled by the Republican Party. Less than 7 percent of the private workforce is represented by unions today, and a 2018 Supreme Court ruling is likely to decimate public sector union membership as well. Many people have already written the obituary for the labor movement. But we can’t accept that. Unions are the ones lobbying in Washington exclusively on behalf of workers. They are the only ones who have given the power to the people in the workplace. In the midst of a Republican effort to hollow out the middle class, it is the unions that have successfully compelled management to pay better wages and provide better benefits. We need a rebirth of organized labor in America.
And let’s speak one final truth: big corporations and the richest people in the richest country in the world can afford to pay their fair share of taxes so that we can fix the economy. It’s necessary, it’s moral, and it’s wise.
Nine
SMART ON SECURITY
When I arrived in the Senate, I was surprised to learn that there was a seat open on the Senate Select Committee on Intelligence. I asked outgoing senator Barbara Boxer why this was. She told me that the committee’s work was fascinating, meaningful, and critical to the country, but that most of it took place behind closed doors. Members of the committee couldn’t talk publicly about their activities, because reviewing the country’s most sensitive intelligence involved the highest levels of security clearance. Consequently, she explained, there usually wasn’t much of a spotlight on the committee.
That didn’t matter to me. I knew that, by the very nature of the job, if I had something important to say, I could find a bouquet of microphones to speak into. But when it came to the daily work, I wanted to be informed in real time about the threats facing my constituents and our country.
So I joined the Senate Intelligence Committee, fully expecting the work to be done in the shadows, away from the press and outside the day-to-day focus of the national conversation. But days after I was sworn in as a United States senator, those expectations were upended. On January 6, 2017, the intelligence community released a public assessment that determined that Russia had conducted multiple cyber operations against the United States, with the intent of influencing the outcome of the 2016 presidential election. Suddenly our work—an investigation into what had gone so terribly wrong—would become one of the most consequential undertakings in the history of the Senate.
Most of what I do on the committee involves classified information, so there’s a real limit to what I can write about here. But there are times when the intelligence community releases its assessments to the public, stripped of the information sources and methods by which the information was obtained, and meticulously written to avoid revealing anything that could compromise national security or endanger people’s lives. And there are times when our committee works in close coordination with the intelligence community to release our own assessments publicly so that we can balance the critical need for the American people to know what is happening from our oversight perspective against the equally critical need to keep our intelligence-gathering efforts covert. I can—and will—reference that work.
Twice a week, for two hours at a time, members of the Intelligence Committee get together behind closed doors to speak with the men and women who lead our seventeen intelligence agencies and receive briefings on the latest information. I can’t tell you the details of what we talk about, but I can tell you what it’s like. For starters, the room we gather in is known as a SCIF, which stands for Sensitive Compartmented Information Facility. It has been designed to prevent eavesdropping of any kind. Before we enter, we have to put our cell phones in a cupboard outside the door. Inside, we take classified notes by hand, and even those must be kept locked away in the SCIF.
When the committee holds public hearings, Democrats sit on one side of the dais and Republicans on the other as we face witnesses and cameras. But inside the SCIF and away from the cameras, it is a very different environment. Often senators take off their jackets. We get down to business. It is not just the absence of cameras and the seating arrangement that changes the dynamic; it is the work itself. The rigid partisanship that has paralyzed much of Washington somehow fades as we enter the room. We are, all of us, keenly focused on the weight of the work we are undertaking and its consequences. There is simply no room for anything other than a focus on America’s national security and the protection of Americans’ privacy and civil liberties. The public can’t be there, nor the media, nor other senators who aren’t on the committee. It’s just us, to do oversight with global reach. It is invigorating, even inspiring. It is a scene I wish the American people could see, if just for a moment. It is a reminder that even in Washington, some things can be bigger than politics.
My work on the Intelligence Committee and the Homeland Security Committee covers a broad range of issues, from building and maintaining counterterrorism capability at home and abroad to the work of disrupting and destroying ISIS; to protecting and securing our borders; to the challenge of nuclear proliferation; and to the ever delicate balance between gathering intelligence and protecting civil liberties. But rather than run through the laundry list of issues we deal with in all their complexity, I want to focus on a few of the threats that keep me up at night.
First
and foremost, I think of cybersecurity—a new front in a new kind of battle. If we had a daily visual of attacks under way—of explosions in our cities, of Russian, Chinese, North Korean, and Iranian warplanes overhead—the American people would insist that we respond, clear in the knowledge that the future of the American experiment was very much at risk. But cyber warfare is silent warfare, and its consequences are often difficult to grasp before the damage is done. I sometimes refer to it as a war without blood: there are no soldiers in the field, no bullets and bombs. But the reality is cyber warfare aims to weaponize infrastructure and, at its worst, could result in casualties. Imagine, for example, a cyberattack on railroad switching signals or hospital generators or a nuclear power plant.
The intelligence community and private companies alike are waging a defensive battle against cyberattacks on a minute-by-minute basis. But the reality is that we still remain unprepared for this new kind of terrain. Our systems and infrastructure need to be seriously upgraded.
We are currently under attack. Our elections are top of mind, especially given the nefarious—and effective—attacks by the Russian government. The January 2017 assessment found that “Russian President Vladimir Putin ordered an influence campaign in 2016 aimed at the U.S. presidential election. Russia’s goals were to undermine public faith in the U.S. democratic process, denigrate Secretary Clinton, and harm her electability and potential presidency.” Though many have become numb to it through the news cycle, the significance of this finding is hard to overstate. The intelligence community assessed, with a high degree of confidence, that Russia’s intelligence services conducted cyber operations to hack into a U.S. presidential campaign and to release data they gathered with the intent of influencing the outcome of the election.
Russian agents and propagandists exploited U.S. social media platforms such as Facebook, Twitter, and YouTube to spread false and inflammatory information about Secretary Clinton and to stoke divisions in the United States. And what I think is very telling is exactly how they went about it.
They focused on hot-button issues, from race to LGBTQ and immigrant rights. This means that they knew that racism and other forms of hate have always been our nation’s Achilles’ heel. They knew precisely where to strike us, deliberately targeting—and tearing away at—some of the most painful, divisive parts of our nation’s history.
I first made this point during an Intelligence Committee meeting. A few days later, I was sitting at my desk on the Senate floor, the last one in the far back. I had chosen the desk for two reasons: it wasn’t visible on the C-SPAN cameras, which made it easier for me to concentrate on the work at hand. But, more important, it was the desk closest to the candy drawer.
I looked up and noticed that Senator James Lankford, a Republican from Oklahoma, was walking toward me, literally crossing the aisle so we could have a conversation.
“Kamala, I’ve been listening to what you’ve been saying about race as our Achilles’ heel, and I think you’re on to something important,” he said. “Personally, I think it starts with the question ‘Have you had a family over to your house that doesn’t look like you? Have you ever really had that kind of interaction? I think that’s a good place to start.”
“I’m glad to hear you say that,” I told him. “We have to start somewhere.”
Lankford and I sat across from each other in closed sessions of the Intelligence Committee, and though there are very few things we agree about when it comes to policy, I found him to be genuinely kind and thoughtful. It didn’t take long for us to build a friendship.
Together with our colleagues on the committee, we spent more than a year working with the intelligence community to understand the information that led to the January 2017 assessment about Russian attacks. Of particular interest to me was the threat of Russian penetration of our election equipment itself. In May 2018, we released our preliminary findings on the issue of election security. We let the public know that in 2016, the Russian government had conducted a coordinated cyber campaign against the election infrastructures of at least eighteen individual states, and possibly as many as twenty-one. Other states also saw malicious activity, which the intelligence community has been unable to attribute to Russia. What we do know is that Russian operatives scanned election databases looking for vulnerabilities. They attempted to break in. And in some cases, they were actually successful in penetrating voter registration databases. Thankfully, as of May 2018, our committee had not seen any evidence that actual vote tallies or voter registration rolls were changed. But given our limited information on state audits and forensic examinations of states’ own election infrastructures, we cannot rule out that activities were successfully carried out that we just don’t know about yet.
In our report, we raised concerns about a number of potential vulnerabilities that remain in our election infrastructure. Voting systems are outdated, and many of them do not have a paper record of votes. Without a paper record, there is no way to reliably audit a vote tally and confirm that numbers haven’t been changed. We found that thirty states use paperless voting machines in some jurisdictions, and that five states use them exclusively, leaving them vulnerable to manipulation that cannot be reconciled and reversed. We also found that many of our election systems are connected to the internet, leaving them open to hacking. Even systems not regularly connected to the internet are nevertheless updated by software that must be downloaded from the internet.
It’s misleading to suggest that impenetrable cybersecurity is possible; our focus must be on defending against, detecting, deterring, managing, and mitigating any effort to do us harm. There’s a grim joke: What’s the difference between being hacked and not being hacked? Knowing you’ve been hacked. The truth hurts—but we simply can’t afford to be naive.
To help members of Congress and their staffs understand the nature of the risk, I invited a computer science and engineering professor from the University of Michigan to visit the Capitol and demonstrate the ease with which a hacker could change an election’s outcome. We gathered in a room in the Capitol Visitor Center, where the professor had set up a paperless voting machine used in numerous states, including swing states like Florida, Pennsylvania, and Virginia. Four senators participated—Senators Lankford, Richard Burr, Claire McCaskill, and me—and the room was filled with staffers who had come to better understand the process.
The professor simulated a vote for president, where we were given a choice between George Washington and the infamous Revolutionary War traitor Benedict Arnold. As you might imagine, all four of us voted for George Washington. But when the result came back, Benedict Arnold had prevailed. The professor had used malicious code to hack the software of the voting machine in a way that assured Arnold’s victory, no matter how the four of us had voted.
He told us that the machine was very easily hacked, enough so that, in a demonstration elsewhere, he turned one into a video game console and played Pac-Man on it. Can you imagine?
America’s electoral infrastructure consists of outdated machines and local officials who often have little or no cyber-threat training. When you consider how many major corporations have experienced data breaches, despite having invested in the best cybersecurity money can buy, our vulnerability becomes all the more stark. Some might think it is alarmist to be talking this way, but I think we should be preparing to defend against the worst-case scenario: that foreign actors will target these outmoded machines and manipulate vote tallies. Given Russia’s unprecedented effort to undermine confidence in our election system while attempting to interfere with the outcome of a presidential election, there’s no question that the Kremlin is emboldened—along with other state and nonstate actors—to try again.
At the time, James Lankford and I were the only members of the Senate who served on both the Homeland Security and Intelligence Committees. As such, we were uniquely suited to come together in a nonpartisan way to develop legislation to combat t
hese attacks. At the end of December 2017, together with other senators, we introduced a bill—the Secure Elections Act—that would protect the United States from future foreign interference in our elections.
The legislation—which grew out of hearings and testimony in front of both the Homeland Security and Intelligence Committees, would improve cybersecurity information sharing between federal and state agencies. It would create a process by which election officials could receive top-secret security clearance, allowing them to have timely access to classified material (as in a case where we learned that Russia had attacked their machines). It would establish clear expert guidelines for securing election systems—including, for example, the need for paper ballots. Russia might be able to hack a machine from afar, but it can’t hack a piece of paper. And it would provide $386 million in grants for cybersecurity improvements.
It would also establish what’s known as a bug bounty program for election infrastructure. Commonly used in tech firms, a bug bounty is a system by which altruistic hackers are paid for identifying software vulnerabilities. It’s an economically efficient way to quickly patch bugs that could be exploited by malicious actors. We owe it to ourselves to continually test our system’s security, just as we’d test the smoke alarm in our home. No one wants to wait for the house to catch on fire in order to realize the battery’s dead.
Remarkably, despite the bill’s bipartisan support, as of this writing, it has yet to receive a vote in the United States Senate. Though it was introduced nearly a year before the 2018 midterm elections, the White House opposed the bill, and the Senate majority leader refused to bring it to the floor. And so I am, indeed, kept up at night, knowing the scale of our vulnerabilities and knowing that actions we should be taking immediately have stalled out without any justification.