James Clapper, the US Director of National Intelligence, has tendered his resignation. He says he will serve through the handover to the new administration, whereupon Donald Trump will inherit an arsenal of cyberweapons and a $52B/year army of 107,000 secret, unaccountable spies that Clapper has strengthened and emboldened in one of the most sustained and successful exercises in empire-building in US governmental history.
Trump's new security establishment has made a habit of conducting routine surveillance of every person in the USA — for example, harvesting all available data about their locations, phone calls, and emails — and lying about it to Congress (Clapper's public, false assertion to Senator Ron Wyden denying this surveillance was one of the decisive factors in motivating Edward Snowden to go public with what he knew).
Under Clapper's leadership, the US surveillance apparatus aggressively built out and acquired cyber-weapons. To create these, they discovered — and even introduced — defects in commonly used technologies and then kept them secret in order to weaponize them, though this tactic left Americans open to attack from foreign spies and criminals who discovered these flaws.
This tactic reflects Clapper's publicly stated belief the doctrine of "deterrence," in which the US would assemble such a massive arsenal of flaws and defects that it would frighten America's enemies away from using those defects against the USA.
This deterrence doctrine also accounts for Clapper's repeated calls to ban working cryptography in favor of cryptography with known defects that could be exploited at will by governments (and anyone who learned the secrets held by those governments), something he euphemistically described as "backdoors."
Terrifyingly, Clapper admits that he doesn't actually know how deterrence would work in practice. He told Wired that "People understood nuclear deterrence. Cyber's much harder to grasp. I don't want that homework assignment." Instead, Clapper told Wired that he would leave that to his successor to work out.
Donald Trump promised to deport 11 million undocumented residents of the USA, to place people of Muslim faith, or whose family come from countries that are predominantly Muslim, under surveillance on the basis of their ethnic origin and religious faith. He has promised to use the office of the President to attack the free press and silence his critics there. He has called for expanded programs of cyber-warfare against America's adversaries (he said that America should sever all internet links to hostile countries). He promised that he would force companies like Apple to build security defects into their products to facilitate government surveillance and law-enforcement.
Trump demonstrated a serious lack of understanding of technology and security during the debates, claiming that hackers were often "somebody sitting on their bed that weighs 400 pounds" and that the best way to understand the complexities was through the lens of his 10 year old son: "I have a son. He's 10 years old. He has computers. He is so good with these computers, it's unbelievable. The security aspect of cyber is very, very tough. And maybe it's hardly doable."
However, Trump has begun to fill his transition team with some of America's most accomplished lobbyists, empire-builders and DC insiders — the people who reaped multibillion-dollar paydays under Clapper, and who stand to get much richer if Trump makes good on his surveillance and cyber-warfare agenda.
Government and private networks aren't nearly as secure as they need to be, Clapper says. At the same time, he sees the offensive capability of the NSA and the Pentagon as key to keeping the peace online. Clapper has lamented the rapid spread of apps and services that offer end-to-end encryption; he argues that Snowden's revelations have "sped up" the world's adoption of advanced encryption by as much as seven years. He says that he and FBI director James Comey have never advocated for backdoor access to private data—a move that critics say is sure to make everyone more vulnerable to hacking by third parties who will inevitably discover and exploit the same back door. He believes the government needs to work with the tech industry to balance society's desire for security with concerns over personal privacy. "I think with all the creativity and intellectual horsepower that's in the industry, if they put their minds to it and some resources, they could come up with a solution." He wonders if a type of escrow system in which encryption keys could be held by multiple parties would work. "There's got to be a better way than this absolutist business, so that pornographers, rapists, criminals, terrorists, druggies, and human traffickers don't get a pass." Clapper has little faith in encryption as a bulwark against cyberattacks. Instead he thinks the answer lies in a strategy of deterrence.
"People understood nuclear deterrence. Cyber's much harder to grasp. I don't want that homework assignment."
That's why it doesn't bother him that America inaugurated the era of cyberwarfare. "I'm glad, if we were in fact the first," he says. He hopes that the use of weapons like Stuxnet—and their demonstrated power to wreak real-world havoc—will eventually help keep the peace between state adversaries and perhaps even engender a strategic analogue to the cold war's mutually assured destruction doctrine. If nations recognize that any act of cyberaggression is certain to result in retaliatory strikes that will wipe out their own critical systems, then they won't act. "Until we create the substance and psychology of deterrence, these attacks are going to continue," he says. He has little idea what that strategic deterrence looks like, though. "People understood nuclear deterrence. Cyber's much harder to grasp." That's one problem for which he's happy to pass the buck to his successor: "I don't want that homework assignment."
America's Top Spy Talks Snowden Leaks and Our Ominous Future [Garrett M Graff/Wired]
Top US intelligence official: I submitted my resignation [Nicole Gaouette/CNN]
(Image: Gage Skidmore, CC-BY-SA)