The author ofan, a new book on Cyber Security. Happy new year. Welcome ladies and gentlemen to the center. It is a wonderful evening in cambridge, massachusetts. We have cspan with us today and a good twitter presence as well. For those of you not in the room, it is very sunny, very warm outside. ,lease visit cambridge anytime especially our Cyber Security project. It is a wonderful panel we have today. First, our colleague ben buchanan, david sanger, and fiona hill joins us from washington, currently at the brookings institution, had been National Intelligence officer for russia. Also a harvard alumnus several times over. Welcome back. Thank you everyone for cramming in here to the absolute full house. Absolutely packed. We will note that if you have your cell phone on, please turn it to silent or turn it off, a remarkable idea. If youd like to live tweet, go for it. It is on the record. Have at it. What we would ask is when it comes time for q a, we do have microphones on the left and right. When it is time for questions, please use them. That way our audience here and on tv will be able to be able t participate and hear e are talking about for the q a. With that, lets begin. Let me ask our guest, fiona, tell us a little bit about where we are at with russia today. Where have we been . We have a new administration that comes in with a slightly different approach and thought about russia then previous administrations. Set the stage for us, if you would, where we are at with russia today. Thank you for being here. Thank you. Thank you very much. It is great to be back at harvard and see so many familiar faces. Really nice to be here. Interestingly enough, we are not at much of a different place than we usually are at the beginning of administrations. There are plenty of people in this room who will think back, sorry i dont want to be rude to anybody, back to reagangorbachev, when Ronald Reagan wanted to change the trajectory of the relationship with the soviet union, and did through summits with mikael gorbachev, and successive president s had to rethink the relationship. They have all tried to find new relationships, so that is not unusual. What is unusual is the backdrop to the president ial election here in the United States with an unprecedented level of efforts by russia to have some kind of influence over those selections. Elections. It has been hotly denied by moscow, but the reason we are having this panel, articles from david sanger and others, that is quite clear that those denials are meant to throw us off the scent of what is happening. Also, attempts to influence elections by russia or the soviet union or the russian the choice of leadership, the choice of kings and queens, it is also not unusual. This is not unprecedented for an outside power to have a say in what happens with another power, an adversary or friend. It is just that the technology we are here to discuss has given everybody opportunities to have influence in different ways. Anyone in this room who is able to code can hack into somebody elses computer. Back in the day, it was more difficult to have political influence. You had to spread rumors, you have to have physical spies in different places, or even plant people to sway the day. Now we are in a situation where with a few taps of computer keys, you can have a major impact, or at least have people talking about that impact, so i would argue that we are not in an entirely unusual and unprecedented position, but the scale of the efforts we have seen to have an impact in u. S. Politics is somewhat unprecedented. Excellent. Thank you for that great opening. If that is the intro for the russian side of the story, help us think through the cyber side of the story. Thats right. Thank you for coming. It is a pleasure to be here. A lot of things are new, and a lot of things arent new, and that is true on the cyber side of the ledger as well. Russian Cyber Operations go back a long time. One of the first operations, operations,te cyber moonlight maze, late 1990s, and that was tied clearly to the russians, so this is not new, but for those of you who might be new to the Cyber Operations, a way to conceptualize them is we have a category of operations, espionage, and this is an old tactic in new clothes gathering information , through signals intelligence, and this is incredible by able to nations today. It is difficult to overestimate the degree to which modern nations, including the United States and russia, rely on signals intelligence and Cyber Intelligence to inform their decisionmaking processes, and also sometimes in 2016 to leak information and carry out influence operations. That is one side of the cyber ledger. That is one half of the cyber ledger. The other half is holding targets at risk or developing attack capabilities. The russians have done a fair amount in this area as well. What is significant is here for here for those who have not studied Cyber Operations before, if you build a missile, you build a missile and target later. If you want advanced Cyber Capabilities, you need to do reconnaissance and prep work in the adversarys network well before you want to launch the capability. We have seen the russians doing some of this prep work before. So this is a significant part of their operations, even if it is not a high profile influence our operation or espionage operation. Make no mistake about it, russia has recognized the power of Cyber Operations to steal information and attack. Terrific, all right. Well, not terrific for victims of russian attacks, but terrific in terms of opening comments. Thank you for that. David, link the two if you would together with a wonderful story that you had written back in december, december 13, on a saturday, a very detailed account in the New York Times called the perfect weapon, how russian cyber power invaded the United States. Thanks. It is great to see so many friends here. Thank you for coming out. The title of this piece, and it is a long piece, about 7000 words long, was an effort to do a reconstruction of what had happened. The title of the perfect weapon came about because the more we discussed it, the more we came to the conclusion that it was perfect for the situation that russia finds itself in today. The russians, like the iranians, like the north koreans, in fact like almost everybody else, do not see any advantage in confronting the United States frontally or any advantage in doing anything that would actually provoke a major response or certainly a kinetic response. Cyber is perfectly well designed as was pointed out for the option of doing a low level attack that could be used for espionage, could be used in this case for influence operations that merge a very old soviet tactic from the 1940s with the very modern technology of cyber. Or it could be used in a much bigger case for fullscale attack, what the United States did in the Olympic Games against the iranian infrastructure. And so the trick for the russians here was to find something that was inexpensive, deniable, and that would count on our ability or our inability to both detect it quickly and to respond decisively. Now on that last point, counting on the u. S. For a slow response, and then for a confused one, i think they got a payback that was bigger than they ever possibly could have imagined. Just to take you briefly through the timeline for any who may have missed this, the United States was first alerted by an allied Intelligence Service about an attack on the dnc, and intrusion into the dnc, in the fall of 2015. Because the u. S. Never wants to reveal exactly where the intelligence came from, it routed this through the dhs, department of homeland security, and the fbi sends a midlevel agent out to go find a completely Clueless Group that i. T. Group that was defending the dncs computer systems. I would not say defending the dncs computer systems. They were hanging around the dnc s computing systems. The special agent calls, leaves a message, asks for a callback. The person running this, you cant make this stuff up, doesnt believe he is from the fbi, but doesnt check or call back for a while. They spend months in the stands dance back and forth where they are presented with the evidence,. The fbi said a group called the dukes appeared to be responsible for this. This is part of russian intelligence. But the response is so slow that the president of the United States did not actually hear about any of this until june 2016, nine months. In an era when we talk about how cyber means we have to be able to respond quickly, have a playbook ready, be able to look at your array of options, whether sanctions or a counter cyber attack or some other form of active defense, or something else, you cant do that if you are responding this slowly, and in the interim, what did the russians do . They went beyond the dnc into the email accounts of john podesta, who in march 2016, who was the chairman of Hillary Clintons campaign. We found evidence of 128 private email accounts within the Clinton Campaign they tried to get into. They actually only broke into two. Why did they only break into two . Because only two people did not in the entire group did not have two factor identification on their email. If there is a lesson for all of you in the audience here, it is so but a little bit out there, leave immediately and put your two factor identification on. They gathered all this stuff from john podesta, who had checked with his i. T. People and somebody still hit the button that allowed a spear Phishing Campaign to get his password, and it was months later after another attack was discovered, run basically by gru, the people Russian Military intelligence, that people discovered what was going on, cleaned out the dnc hard drives. By that time, the russians had everything, and the first material was made public in the days before the opening of the democratic convention, and that was the set of releases of the internal dnc material that led to the resignation of Debbie Wasserman schultz as the chairman of the dnc, and then they did a another set of releases during the campaign, of the podesta emails, most of which got released within hours of that now famous videotape of thencandidate trump saying some fairly crude things. The release of the emails came 24 hours later. These came over several different channels. First over two channels we believe the russians themselves set up, and when not enough people were clicking on those, somebody gave the material to wikileaks. So what was unusual here . First, we had not anticipated. We had a failure of imagination that the russians would take a series of techniques and used it against the United States. Secondly, we failed to anticipate that a group like the dnc or rnc would be easy targets. Thirdly, we had an fbi that responded so slowly that they never did what we did during the reporting of the piece, walking which was walk between the fbi building and the dnc headquarters. It was a 14 minute walk, including a stop to get coffee at starbucks. This would not have required a lot of effort on their part. Then fifth, president obama when he got the data did not want to be accused of getting involved in the election on Hillary Clintons behalf, so he reacted fairly slowly and carefully. We reported in late july that the Intelligence Community had concluded the russians were behind the attack. The intelligence communities ys First Published attribution of this was not until october 7, and the u. S. Response was not until a few weeks before president obama left office, so if youre looking for a case study of how not to respond quickly to one of these things, you have got one. That has got to be maddening, and one of the best things about moderating a panel with david sanger is he cant ask you to explain why the government was so slow in responding, so we will leave that for the q a. Let me come back to ben to take on an article this morning from the succeeding and victorious New York Times to contrast with another adjective being used. The article this morning in the paper says, czech suspects a foreign power in gmail hacking. What do we make of this . What do you think of that . Is this the russians . Fiona is this the part of the , playbook . I will handle the czech thing. I will let fiona handle the playbook. There is no doubt in my mind this is not a new trick. Between 19452000, the United States and russia, then soviet union, combined to try influence 117 foreign elections, overtly sometimes overtly, sometimes covertly so this trick has been , around for a while, but doing it in an electronic fashion is new, and there is no reason to think the United States in 2016 was the first time the russians tried it in electronic fashion. If you look at the 2014 election in ukraine there is pretty good , evidence the russians were involved in that. And what appears to be a successful 2016 campaign by the russians in the u. S. Elections, theres no reason to think they will stop. I have heard from folks in europe that the russians feel y are concerned that they feel like the russians got away with it, so nothing will deter them from doing it to us, germany, france, Czech Republic with elections coming up are quite concerned, and in my view, rightfully so. The question for those nations is, what are they going to do about it . Germany has pursued a policy of aggressively calling out russian hacking far more than any other nation, and it is not clear that that is itself deterring russia, and certainly smaller states like the Czech Republic, who might not have advanced Cyber Security or a history of working in Cyber Operations have a lot to be concerned about, so if you are looking for new stories in 2017, this is one that is not going away, and this is one that will get a lot of attention. I think just to set fiona up on this, an article on the brookings website, what makes putin tick and what the west should do. That is very much worth reading. One of the opening lines is that we may have underestimated his willingness to fight for as long and as hard and as dirty as he needs to. Is this an extension of that . The kinds of activity, an extension of that argument . I think it is an extension. One of the reasons is the conclusion of the 2015 book, precisely because the analysis prefigures this. It was mostly focused on russian activity in eastern europe, so the failure of imagination was the failure to extend it to the United States and larger western European Countries, but just to pick up about the question you posed to ben. In december 2016, the head of german intelligence also announced come and this has been that announced, and this has been picked up in the new york the New York Times and elsewhere, that the personal email accounts of the German Parliament has also been hacked, and presumably other accounts as well. There is evidence of shell Bank Accounts in switzerland for a more conventional type of influence operations, funding fo Political Parties in advance of german elections, so we can fully anticipate the kind of activity we are seeing an in countries normally not on the front page of the New York Times, moldova, belarus, montenegro, the kinds of operations to influence and push the tide of elections there to be attempted in germany, the Czech Republic, the netherlands, french elections are coming up, although there seemed to be selfgenerated problems in the french elections, although one could say that his information through the kinds of sources we are talking about as well. This is a pattern that has been continued for some. Long period of time. It in our own backyard. As david said, it was a failure of imagination on our part not to see this given back if you go back 30 years to the 1980s and further, this is a feature of the kind of cold war activities that we and the soviet union were undertaking. In terms of that playbook, putin is a former operative in the kgb. He continues to think like an operative. He himself is extremely proud of that skill set he acquired. He talks quite frequently of being a specialist in human resources. Also in the use of information. He never shies away from extolling the virtues of the techniques he learned to play dirty in the kgb in politics, and he saw in the u. S. Political race something incredibly contentious. We are familiar with the nature of the Political Campaign we just went through, and an incredible amount of opportunity to exploit on all fronts. Putin and the people around him are strategists. We always underestimate and have underestimated for the reasons my colleague mentioned and why i wanted to write this book about putin that we always assumed he is an opportunist. You cant take advantage of opportunities unless you have an idea about what you would do are going to do with them. The people who came out of the kgb like putin were trained, but in contingency planning, but also have clear goals about what they wanted to do. In this instance, for a long time, putin has been in the interests of russia first read. This was his slogan back in 2000. I am not just picking up on the meme of the moment. When putin came into the preside