The Truths We Hold
Page 23
It’s also important to remember that election systems aren’t the only area in which we are vulnerable to foreign interference.
In March 2018, for example, the Department of Homeland Security and the FBI issued a joint alert that showed that Russian hackers had gained access to the computer systems of organizations and U.S. government entities in sectors ranging from energy and water to aviation and manufacturing. DHS and the FBI described the actions as a “multi-stage intrusion campaign by Russian government cyber actors who targeted commercial facilities’ networks and staged malware, conducted spear phishing, and gained remote access into energy sector networks.” After they got access, the Russians did extensive reconnaissance. They were able to gain access to at least one power plant’s control system. And they placed tools in the systems that would allow them, in certain cases, to shut down power plants at will.
This is, needless to say, an extraordinary vulnerability. Millions of Americans recall the blackout of August 2003, when an electricity surge overloaded the grid covering parts of eight northeastern states. Major cities were plunged into darkness. Fire departments rushed to free people from elevators as building temperatures rose. Hundreds of trains were stopped in their tracks, and thousands of passengers had to be rescued from darkened subway tunnels. Waste treatment plants lost power; 490 million gallons of raw sewage were spilled in New York City alone. Cell phone service was disrupted. ATMs went down. Hospitals had to rely on generators to care for vulnerable patients. Analysts later concluded that mortality rates in New York City rose 28 percent during the two-day blackout.
In the intelligence community’s Worldwide Threat Assessment in 2018, the director of national intelligence detailed increased risks to critical infrastructure over the coming year. “The use of cyber-attacks as a foreign policy tool outside of military conflict has been mostly limited to sporadic lower-level attacks,” the report explained. “Russia, Iran, and North Korea, however, are testing more aggressive cyberattacks that pose growing threats to the United States and U.S. partners.”
Iran, which in the past has attacked a large U.S. corporation and stolen personal data, is expected to continue its work penetrating the United States’ cyber infrastructure. North Korea, which conducted a destructive attack on Sony in November 2014, and which the U.S. government identified as responsible for a massive cyberattack in the United Kingdom that paralyzed that country’s health care system, is expected to use its cyber operations to steal money in the wake of sanctions, as it did in 2016, when it took $81 million from the Bangladesh Bank. China, meanwhile, has been advancing its own cyberattack capabilities since 2015 and has directed attacks at U.S. private industry, particularly defense contractors and IT and communications firms whose products and services support worldwide networks. An investigation by the Office of the United States Trade Representative found that Chinese theft of American intellectual property costs us more than $200 billion annually.
And then there are nonstate actors. As the DNI threat assessment indicates, “Transnational criminals will continue to conduct for-profit cyber-enabled crimes, such as theft and extortion against US networks.” This is costly business: in February 2018, cybersecurity software provider McAfee and the nonpartisan Center for Strategic and International Studies released a report that put such cybercrime’s toll in North America at $140 billion to $175 billion. And we can also expect state actors to fund such criminal activity, which represents both an inexpensive and deniable way for them to pursue their malicious aims.
Cybersecurity has to become one of our highest priorities in this new age. It’s not enough to make sure that our troops have the very best weapons when they go into battle. We also have to make sure our military, intelligence community, and private sector have the very best cyber defenses to protect against these new and ever-changing threats. As General Keith Alexander, former NSA director and inaugural head of U.S. Cyber Command, said in 2016, Department of Defense systems are probed by hackers about 250,000 times an hour. That’s six million times each day.
In a world where tech can be weaponized, we need to deploy the very best technology in order to respond. And that means constantly upgrading our efforts so that we are always a step ahead.
I remember that when I first became attorney general, in 2011, I was shocked by what we lacked in terms of technology. So I put together a team, led by Special Assistant Attorney General Travis LeBlanc, to upgrade and overhaul our system so that we could better fight crime in the digital era. In my first year in office, we organized an “eCrime Unit,” which we staffed with attorneys and investigators who focused on technology-related crimes like identity theft and cyber exploitation. I spent much of the remainder of my tenure working to institutionalize California’s technological advantages. Those efforts culminated in the creation of our Cyber Crime Center, which gave all of our tech crime fighters access to state-of-the-art digital forensics capabilities, making California one of the first states to do so.
But in addition to deploying our best technology now, we need to invest in the innovations and breakthroughs that we’ll need in order to stay protected down the line. That’s one of the reasons I’ve put forward a bill to invest in quantum computing, a frontier technology that would put the United States at the forefront of the race for technological superiority. Our pursuit of innovation cannot be viewed from an economic lens alone. It matters to national security, too. It’s also one of the reasons I believe we must be a country that welcomes highly skilled students and professionals from around the world to study at our universities and work at our companies.
Ultimately, I believe we are going to need to develop a cyber doctrine. As a matter of principle, we will have to decide when and whether a cyberattack is an act of war, and what kind of response it warrants.
* * *
• • •
On January 12, 2017, Mike Pompeo came before the Senate Intelligence Committee for his confirmation hearing as CIA director. By tradition, questions at public hearings are asked in order of seniority, so, as the newest member of the committee, I questioned Pompeo last. Throughout the hearings, I listened as my colleagues asked Pompeo a wide range of questions, touching on traditional issues ranging from intelligence sharing and collection to preventing terrorist attacks in the United States and abroad. When it was finally my turn, I focused on a subject area that seemed to surprise Pompeo and others on the committee. I wanted to know how his public position rejecting the science of climate change was going to impact his role at the top of America’s intelligence apparatus.
Right-wing pundits from Fox to the Heritage Foundation took great pleasure in calling my questions “dumb,” “ridiculous,” and “off-base.” Evidently, they felt my concerns were divorced from issues of national security. But they were wrong. This was about analytic objectivity and not politicizing intelligence. The CIA had already made an unclassified assessment regarding the threat of climate change. Pompeo’s previous statements disregarded the CIA assessment. How would he brief the president? Would he let his personal views override the findings of CIA professionals when it came to climate change—and, if so, what would that mean for other dire threats against our nation?
Climate change can be seen from many angles. Some see it purely as an environmental issue. They point to the destruction of habitats, the melting of ice sheets, and a coming mass extinction of species. Others see it as a public health issue that demands a world where clean air and clean water are readily available. There is also the economic dimension of climate change: ask farmers about the complexity of their work, about their precise and measured focus on weather patterns, about the incredibly narrow margins that exist between a successful harvest and a ruinous one, and you will come to understand that extreme weather events and unpredictable shifts in the climate are nothing to dismiss.
But when you speak to generals, when you speak to senior members of the intelligence community and experts on interna
tional conflicts, you will find that they look at climate change as a national security threat—a “threat multiplier” that will exacerbate poverty and political instability, creating conditions that enable violence, despair, even terrorism. An unstable, erratic climate will beget an unstable, erratic world.
For example, climate change will lead to droughts. Droughts will lead to famine. Famine will drive desperate people to leave their homes in search of sustenance. Massive flows of displaced people will lead to refugee crises. Refugee crises will lead to tension and instability across borders.
Climate change also increases the risk of deadly global pandemics making their way to the United States. The Centers for Disease Control and Prevention reported that between 2006 and 2016, the number of Americans infected by diseases like West Nile, Zika, and Lyme more than tripled. As temperatures continue to warm, diseases are flourishing in parts of America where they wouldn’t have been able to survive in the past. In fact, the CDC has already identified nine types of infections that had never been seen before in the United States.
The hard truth is that climate change is going to cause terrible instability and desperation, and that will put American national security at risk. That’s why former CIA director John Brennan has said that when CIA analysts look for deeper causes of rising instability in the world, one of the causes they point to is climate change. That’s why, as part of President Obama’s national security strategy, climate change was identified as a national security threat of the highest priority. That’s why the Pentagon has been ahead of the curve in developing resilience to the effects of climate change, including strategies to protect the dozens of military bases that will be affected by rising seas and extreme weather events. And it’s why I didn’t hesitate in asking the person who would become the nation’s CIA director how and whether climate change would be a factor in his strategy to protect the American people.
This isn’t the stuff of science fiction or of a dystopian novel set far in the future. Climate-driven crisis is already on the rise. In late 2017, for example, water reserves fell so low in Cape Town, South Africa, that the city of more than three million people, South Africa’s second largest, was at risk of having its taps run dry. Residents started showering over buckets so that they could reuse the water in their washing machines. Farmers had to abandon about a quarter of their crops.
This is an issue we will face at home, too, and it’s a matter of national security that we prepare for it. We need a diversified water security strategy to ensure a reliable, sustainable supply. Growing up in California, I understood from an early age that the water supply is precious and precarious. In elementary school, my classmates and I studied ecology; I remember my mother smiling when she had to explain to me the difference between a conservative and a conservationist. I saw the drought of 1976–77 through a child’s eyes—unflushed toilets, shower timers, and dried-out brown lawns. I think a lot about water security, and I never take it for granted.
A diversified approach would work on multiple fronts simultaneously. Conservation is the cheapest, most effective way to increase our water resources. But we also need to update our aging water infrastructure, improve our storm water capture and storage capacity, and make smart investments in water recycling, purification, and desalination.
There’s a lot we can learn from friends and partners who have already made such investments—especially Israel, a global leader on water security issues. In February 2018, I traveled to Israel and toured its Sorek desalination plant, which uses reverse osmosis to produce clean drinking water from the sea. I had a glass. It tasted as good as any water I’ve ever had.
And that’s not all. As many have said, the Israelis have made the desert bloom. They’ve done so in part by successfully reclaiming 86 percent of their wastewater and purifying it for agricultural reuse. By contrast, the United States, which produces 32 billion gallons of municipal wastewater each day, reclaims only 7 to 8 percent. Surely we can do better than that.
Conserving water and safeguarding against scarcity must be a top priority. The same can be said, in this era of climate change, for the need to protect against floods. In India, Bangladesh, and Nepal, flooding in the summer of 2017 killed 1,200 people and affected more than 40 million. Nearly 1 million homes were destroyed. In 2010, flooding in Pakistan rocked 20 percent of the country, killing more than 1,700 people and affecting at least 12 million. Here at home, the destructive force of Hurricane Maria left the island of Puerto Rico in ruins. I visited Puerto Rico in November 2017 and saw some of that devastation firsthand—homes obliterated, roads collapsed and destroyed, and a community in crisis. It was disheartening. The official death toll has been revised from 64 to more than 2,900, but a report from scientists at Harvard’s T. H. Chan School of Public Health estimates that the storm and its aftermath were responsible for the deaths of at least 4,600 American citizens in Puerto Rico.
And if it isn’t floods, it’s fires. Fires aren’t caused by climate change, but they are exacerbated by it. Higher temperatures and longer dry spells turn our forests into kindling. California has always had wildfires, but because of climate change, they are becoming more frequent and getting bigger and bigger. When I was attorney general, I had toured a fire overhead by helicopter. From that height, the scale of the devastation came into view—entire streets, entire neighborhoods burned to the ground. It looked like a graveyard, with chimneys as headstones.
In August 2018, I flew home to California to meet with firefighters and evacuees from the Mendocino Complex Fire, which burned more than 450,000 acres, making it the largest fire in the state’s history.
When I arrived in Lake County, I went to a convention center where evacuated families were being sheltered temporarily. Some of them knew they had lost their homes and all of their possessions. Others were left to wonder. I met a mom who was pregnant with her third child. She was trying to keep her family’s spirits up. I remember how proud her daughter was to show me how neatly she had tidied the sheets on top of the Red Cross cots where they now slept.
A year earlier, I met a firefighter who lost his own home in a fire he was fighting. He said he had always thought he understood the pain of losing everything, given how often he had seen it happen to others—but that it was so much worse than he imagined. Still, he reminded himself and me, it wasn’t as bad as the families that got the call that their husband or son had been one of the many firefighters who lost their lives that year.
There is a theme that runs through all of these issues, be it cybersecurity or climate change or keeping aggressors like Russia and North Korea in check. Though the United States is a superpower, there are real limits to what we can do alone. In order to keep the American people safe, in order to ensure that our national interests and homeland are secure, we must work in partnership with our allies—economically, diplomatically, and militarily. We must protect NATO, the most important defensive treaty the world has ever known, especially in the face of Russia’s increasingly flagrant aggression. We must rejoin the Paris Agreement, because only together can we reverse the trends of climate change and prevent some of its more terrifying outcomes. And we must remind ourselves that the work we do to protect the American people must also be in service of American values. That the actions we take project a message to the world about who we are.
It was that final truism that I held in mind when Gina Haspel came before our committee in a confirmation hearing to replace Mike Pompeo as CIA director. Haspel, a thirty-three-year veteran of the CIA, had been at the agency during a time when prisoners were tortured. She had been asked many questions about this work by other senators—about whether her actions had been legal; about whether she would ever authorize such actions again.
When it was my turn to speak, I underscored that this hearing wasn’t about the incredible and unquestionable importance of the service and sacrifice of the men and women of the CIA, nor was it about the agency’s mission, bot
h of which I wholeheartedly support. The hearing, I explained, was about her suitability to be the director of the CIA, and it was our job, as senators, to understand that who we chose for that position would send a signal to the men and women of the agency, the American people, and our neighbors around the world about our values and our moral authority. With that in mind, I initiated what became a revealing exchange:
“So one question I have not heard you answer is: Do you believe that the previous interrogation techniques were immoral?”
Haspel paused as she considered the answer. “Senator, I believe that CIA officers to whom you refer—”
“It’s a yes-or-no answer. Do you believe the previous interrogation techniques were immoral? I’m not asking do you believe they were legal; I’m asking do you believe they were immoral?”
She paused again. “Senator, I believe that CIA did extraordinary work to prevent another attack on this country, given the legal tools that we were authorized to use.”
“Please answer yes or no. Do you believe in hindsight that those techniques were immoral?”
“Senator, what I believe sitting here today is that I support the higher moral standard we have decided to hold ourselves to.”
“Can you please answer the question?”
“Senator, I think I’ve answered the question.”
“No, you have not. Do you believe the previous techniques—now armed with hindsight—do you believe they were immoral? Yes or no?”
“Senator, I believe that we should hold ourselves to the moral standard outlined in the Army Field Manual.”
Shortly after Haspel refused to answer the question, the late Senator John McCain, who had been subjected to five years of brutal torture as a prisoner of war in North Vietnam, released a statement saying that he would not support her confirmation as CIA director.