Disruption is usually spoken of in positive terms: Breaking through stagnation, forcing a reevaluation of assumptions and promoting innovation. But for the Intelligence Community, it also means new challenges in gathering and analyzing data that could have profound national security implications. COVID-19 was one such disrupter, forcing the IC to balance workforce safety with a need for secure environments, and exposing supply chain vulnerabilities. Now it’s on the lookout for the next big disrupter.
Gen. Paul Nakasone, commander of U.S. Cyber Command and director of the National Security Agency, predicts that will take the form of influence operations, a type of information warfare. One reason he expects to see it become more common is that the barrier for entry is low, far lower than that of armed conflict.
“We’ve seen it now in our democratic processes. I think we’re going to see it in our diplomatic processes. We’re going to see it in warfare. We’re going to see it in sowing civil distrust in different countries,” he said during the Sept. 16 Intelligence and National Security Summit. “It’s all enabled by technology. The great technology that’s enabling so much of what we’re doing is also that dual edged sword that malicious cyber actors and others are being able to use to create doubt or to be able to question authority or to be able to spread messages that are far from true. I think influence operations just in general will be for us, one of the things that we’ll be dealing with not just every two or four years, but this is the competitive space that we’re going to be in as intelligence agencies and as our nation.”
Vice Adm. Robert Sharp, director of the National Geospatial-Intelligence Agency, agreed with Nakasone, saying the strategic environment is undergoing both evolutionary and revolutionary changes. Cyber and space, the two newest warfighting domains, are becoming increasingly contested and operationalized, which is a natural evolution. Technologies like smart devices and artificial intelligence, on the other hand, are driving the revolution by democratizing the availability of geo-located data.
And that’s driving questions around a concept known as GEOINT assurance.
“How do you have confidence in the ones and zeros that you’re using for making decisions based off of?” he asked. “So that revolutionary side is really, I think, our challenge and our opportunity and our competition space. It’s going to define our investments and how we operate over the next decade.”
One way to address that issue of assurance is through tradecraft. That means intelligence professionals and leaders need to be able to understand the processes, algorithms and training that goes into analysis technologies like artificial intelligence. That’s commonly referred to as the “black box.” Lt. Gen. Robert Ashley, director of the Defense Intelligence Agency, said that understanding is integral to having confidence in the decisions made by or based upon these technologies.
And that’s important, because the IC as a whole is beginning to push the boundaries on cooperation and collaboration with industry. For the most part, it’s not effective for the IC to design its own technologies anymore. Instead, Ashley said, he looks to industry for a product that can be minimally customized to serve IC purposes.
“I’m looking for the 80% solution, that’s the head start, cause there’s probably a commercial variant of this thing that I need. But I’ve got to be able to plot against the different problems,” he said. “So I’ll give you a simple example. So Waze is great: You’re right on the interstate, and somebody goes, ‘Hey, there’s a car stopped over here, right in front.’ And what I want to know is what Russian regiment just moved? What’s my Order of Battle out-of-garrison version of Waze?”
“If you help me figure out my Order of Battle Waze out-of-garrison, I’ll buy you a beer,” he added.
That dynamic has been playing out in certain domains for years, and not just around information. Federal agencies that operate in space are becoming more reliant on commercial capabilities. For example, Christopher Scolese, director of the National Reconnaissance Office, said this isn’t a new thought for the NRO.
“Just this year we had two launches from New Zealand on a commercial rocket; that’s two big firsts. It’s a commercial rocket. And it’s the first acknowledged NRO launch outside of the U.S.,” he said. “Those are fairly significant events and also indicates our strong partnership with our international partners, to say that our, you know, our boundaries are not just just entirely within the United States, but with our allies as well, to accomplish mission.”
But this growing partnership with industry is also leading to an interdependency, where the private sector is becoming a part of adversaries’ attack surface, and the IC is taking on some responsibility for helping to protect that.
“We need to work together to assure that our commercial entities can remain commercial and be able to provide their information commercially as they see fit, but at the same time, assure that we can protect the information and supply chains that we need in order to accomplish our mission,” Scolese said. “And supply chains not only on the data side, but also on the component side, which is what we worry about a fair amount. And one of the things that I believe we’ve seen during the pandemic — and we’ve heard this particularly from the Department of Defense — is how we have to protect our supply chains. And I think the pandemic has helped us get a laser focus on the supply chain and what we need to do going forward to ensure that we have the integrity of the supply chain.”
In one prime example of this dynamic, Nakasone said earlier this year NSA provided Microsoft with information to fix a major vulnerability with its operating systems. Handing out that kind of information is not exactly standard operating procedure at the NSA.
“When we were having the discussion early on at the agency among senior leaders, you can imagine what that discussion was like. That’s not a natural act around here. That’s not something that we necessarily would do,” he said. “But I think it’s the world in which we live today. Cybersecurity is foundational to what our nation does, it’s obviously the foundation for our nation’s wealth and where we’re headed in the future.”