tv Russian Interference in 2016 U.S. Elections CSPAN June 26, 2018 1:52am-3:23am EDT
washington journal lives at 7 am eastern life. join the discussion. next a hearing examine the policy response to russia's interference in the 2016 elections. we hear about the timeline and initial government response to cyber security warnings about russia. witnesses predict that china will most likely be the next major cyber security threat to the u.s. from the senate intelligence committee this is an hour and a half. >> i would like to not only
welcome our witnesses. i would like to apologize to our witnesses for the hour delay. unfortunately neither the vice chair or i have control over the boat. we had a couple snuck in on us. i will do everything i can to navigate through this open session and the closed session as quickly as we can. i would like to welcome ambassador victoria noland. and michael daniel former special assistant to the president and cyber security. today's hearings next step and to explain how russia interfered in the 2016 rushes election. -- russia election. the committee moved quickly to discuss what the american people -- we welcomed legislation that
sent urgent assistance to the state. we reviewed the intelligence community assessment on russia interference produced in november of 17 and all the sources and held a closed hearing with the agency directors responsible for that product. the committee is ready to finalize our assessment of the obama's administration. today's meeting would be the first of a series of several capstone events. i would advise ambassador rice to join us in a few weeks. we have invited former leaders from the f vi and the department of justice -- fbi and the department of justice to testify in july. you sat on different sides of the same policy debate. mr. daniels sat on the government cyber apparatus seeing indicators of russia
hacking activities unfold, both here in the u.s. as well as in countries like germany and ukraine. meanwhile ambassador nuland saw moscow pursue its interest in ukraine, syria, -- syria and elsewhere. this is with the new quest. the kremlin began to use social media, hacking leak operations and cause i operations to weekend others. in effect use the metaphor, each of our witnesses are from a different part of the same element. today we would like to know when the bigger picture emerged and how policymakers responded. did they seek to deter russia from undermining our democratic
institutions. did they take action? if not what held them back? i would like to think them publicly today on behalf of the committee for coming voluntarily to talk to our staff and for their candid interviews and testimony. they consistently said that they were operating in the summer and fall of 2016 without a playbook. this was a new threat with an undefined set of rules. it seemed they struggled to balance convening priorities, they wanted to warn the russians to stop interfering but avoid the appearance that the white house was putting a some -- a thumb on a political scale during an election year. they wanted to warn the public of russia's interference but not carry russia's water for them. they wanted states to secure their systems but not alienate state election officials or undermine public confidence.
we can look back with the benefit of time and distance and talk about what could have been done. as we do so, we must also look forward a few short months to 2018 elections and forward a few more short years to the 2020 elections. more broadly we now realize that the russian campaign was to fracture our society and cause general discord using all the tools that our technological connected society offers. our focus should be to prevent, to deter, and harden our elections and society for the future. again, i want to thank both of you for being here and i turned to the vice chairman for any comments you might have. >> thank you mr. chairman and welcome to our witnesses. appreciate you recapping how much good work this committee has done on a bipartisan basis. we look forward to continuing that work. as the january 2017 assessment,
the russian efforts of the 2016 presidential elections demonstrated a significant escalation in directness, level of activity and scope of effort compared to previous operations. as we examine the policy questions faced by the obama ministration and this congress during the 2016 campaign, it is evident that in many ways we were caught flat footed at the outset. our collective response was inadequate to meet russia's escalation. at the end of the day, it is hard to see the russian influence campaign as anything but a success of vladimir putin. today is about learning from these past missteps. we all know going forward we have to do better. i want to stipulate up front there are far too many monday morning quarterbacks around these days. however looking back, we should
not have been surprised about how far russia was willing to go. the flashing signals were all over there. allies in the baltics and eastern europe have long experienced aggressive russian cyber attacks and disinformation campaigns. ukraine in many ways was a test that for many of these tactics we saw in our own elections. a first-hand witness to the weaponization of leaks in 2014 when private conversations were intercepted and released. separately, i believe we profoundly missed the mark in tracking and responding to influence operations on our social media platforms. russian backed operatives were wreaking havoc and spreading disinformation across facebook, twitter, youtube, and other platforms. we, both at the governmental
level and at the company level were unprepared to address those attacks. even to this day over a year and a half later i have significant concerns that we are still behind the eight ball in effectively combating these efforts. despite being too slow to see the threat initially, it is not true that the obama administration stood by and did nothing. steps were taken both public and classified to try to better understand and defend against the russia activities and objectives. a direct warning was issued to russian counterparts. the administration engaged the cyber hotline with russia for the first time ever to warn the kremlin against further action. dhs attempted a series of engagements with state election officials. president obama himself took the warning directly to president putin at the september g 20 in china.
finally, in what should have been a more significant event, the administration attempted a fairly unprecedented public statement attributing recent hacks and leaks to russia. as we all know, that joint dni dhs statement was overshadowed as the media diverted its attention to the access hollywood video and the wikileaks release of emails. it remains unclear if the wikileaks release was actually timed to undermine the joint statement. it is perhaps impossible to know whether these steps the administration took ultimately deterred additional an even more aggressive action the russians. however with the benefit of hindsight it is evident that we could have done more to push back in the heat of the campaign. but, the administration was not
solely responsible. two factors made an already difficult policy challenge much more problematic. first, as we all know and have heard in testimony the white house was concerned that engaging more publicly would be seen as trying to put its thumb on the scale of the election. no one did more to fan the flame of what he termed a rigged election then candidate trump. the trump campaign and its allies craven lee painted any attempt to call out russia for its attack as a political effort to help clinton and to steal the election. those irresponsible statements further reinforced the dangers of speaking publicly of the obama administration. any scrutiny of policy decisions during the campaign needs to also address congressional inaction. congress, all of us, need to look ourselves in the mere and
see whether we could have done better. in particular the lack of bipartisan congressional warning to russia. in the weeks of delay it took to get a letter out to state electi officials now looks like a failure to put democracy ahead of politics. again, i appreciate the witnesses willingness to come forward and relive 2016. as the chairman mentored 2018 is already upon us. this time there is no excuse for missing the threat. we heard unanimously that russia continues to try and undermine our democracy. they are attacking us and our allies on a regular basis even today. if we allow this to happen again, if we don't do all we can in a united front to protect our democracy, then shame on all of us. i hope to hear from our
witnesses today some thought on where we go from here. the threat as we all know is real. the time to act is urgent. thank you mr. chairman. >> think the vice chairman before i turn to the ambassador for opening remarks from both her and mr. daniel. let me say that we don't have full confidence today not because they are not interested but we are in competition with a meeting at the white house and numerous other things. i apologize to you. i also say this to members. if our delayed start causes a conflict in your schedules, if anyone would just let me know i will try to expedite recognition of you if that helps alleviate anyone's problem with schedules. with that, ambassador nuland the floor is yours. >> thank you, chairman burr and vice chairman warner. i appreciate the opportunity to
appear before you today to discuss the policy response to russian influence in u.s. politics. as a citizen and a 32 year veteran of the u.s. diplomatic service and a regular target of russian measures, i want to commend the leadership of this committee and the members for your thoroughness and your integrity in pursuing your investigation into russia's involvement in the 2016 elections. i especially commend the bipartisan spirit with which you have done your work. it has a powerful example in this country. when i testified before you and classified session last summer i put forward a number of recommendations regarding how the u.s. government could organize itself and work with the private sector to expose, deter, and defeat the threat to the national security and democracy. rather than going back in history, i will focus my remarks on what we can do. since then many of the ideas that i put forward a year ago have been advocated publicly by
others including the atlantic council, the alliance for securing democracy of the german marshall fund. russia has not stopped its efforts to divide our society and use our open system against us to spread false narratives. there is every reason to believe the kremlin will again target our elections this fall and 2020. a major technology company whose problems we exploit have taken some countermeasures but not enough. other countries and malign actors are now adopting and improving on russia's methodology. china now runs disinformation campaigns and influence operations in taiwan, australia, and other neighboring countries and is working to acquire information technology assets and data sets across asia, europe, and the united states. the trump administration has taken some sanction steps to
punish russia for past actions, it has not launched the kind of presidentially led whole of government effort that is needed to protect our democracy and security from maligned state actors who are intent on weapon i think the internet. we must urgently -- intent on weapon icing the internet. we need to call it out and take countermeasures to sharpen our toolbox so that improve regulatory legal standards and lead a global campaign with allied partners to expose and defeat this threat together. today i put forward five steps to protect our democracy, improve deterrence and blunt this new weapon in the hands of any of our adversaries.
first on the presidents direction and with congressional support, the trump administration could immediately establish a multi agency center modeled on the national counterterrorism center but smaller in size to put together all the information and resources of our government, classified and open source to identify, expose, and respond to state-sponsored efforts to undermine american democracy through different cyber attacks and abuse of the internet. all the relevant intelligence and national security agencies should be represented and should the treasury department and other agencies who have knowledge about how dirty money and criminality often fueled these activities and with the tools to help with deterrence. as this committee knows much of our problem in responding quickly enough in 2016 stemmed from insufficient immigration and policy options among government agencies which led
to delays and attributions, slow response time and debates about the right over and covert tools to apply. second, the white house could establish and host a standing u.s. public private commission to combat internet abuse and disinformation. inviting participation by all the major technology companies with owner abilities. the academic community and the private forensic experts in the space. the commission would be charged with developing technical, regulatory and legal recommendations to protect the integrity of the internet user experience and blunt the ability of maligned state actors to sobor the democracy through the internet. it could provide a protected space for private shareholders to share information with themselves and with others and to collaborate on responses and build campaigns. third and
flowing from the second recommendation, the u.s. government has to better advise, advocate for and protect u.s. companies when they do take bold and commercially costly actions to stand up to state sponsors of malign influence at home and abroad. when and how to act, our companies often face the threat of retaliation against their staff and their platforms, it defines the closure of their operations. our companies need a place to seek advice, free coordination and rapid support from the u.s. government when they take decisions to resist government pressure when they close malign accounts and when they expose anti-democratic tactics. the president can appoint an international coordinator to launch and lead a campaign to multi i's our efforts in this
state. fifth and finally, the administration could put forward and the congress could support a significant budget increase to strengthen u.s. budget in this area. the funding should be targeted to appropriate u.s. agencies to strengthen their forensic capabilities, shorten attribution timelines, improve the government's ability to expose and debunk truly fake news in real time, brought in public outreach and education of the american people about the threat and strengthen our stable of national experts in the field. in the coming year, the center for an american security, which i leave, plans to join the community of think tanks working on these issues. we will put special emphasis on pulling together the best minds in industry, academia, and government to craft full-
spectrum deterrence strategies against malign actors in the cyber room. this work can't replace responsibility of federal and state government but we hope it will help inform wise choices. thank you for inviting me to appear before you today. >> thank you ambassador. mr. daniel, floor is yours. >> thank you mr. chairman. thank you mr. vice chairman and distinguished committee members for the opportunity to testify on the issue of russian interference and the 2016 election cycle. understanding what happened in 2016 is really critical to better protecting ourselves in future elections and in future activities that we do. given that this committee has extensively reported on this topic and the findings, i very strongly support i'm going to keep my opening remarks at a high level this morning. i think going into the late spring of 2016, we fully expected russian cyber base
espionage activities against our major political campaigns. it had happened in previous election cycles and we assumed it would happen again in 2016. but by late june, early july, as stolen information began to show up in public and as states began reporting suspicious activity against some of their electoral infrastructure, we began to realize that the russians were doing more and collecting intelligence. they were carrying out operations aimed at the very least influencing our election and potentially disrupting it. but the true scope, scale, and breadth of this activity remained unclear and actually developed over time and in fact this committee has contributed a lot to our understanding of what was going on. within the u.s. government, we really developed two lines of effort in order to respond to this activity. one was very public and outward facing and it was designed to improve the security of our electoral infrastructure across
the board. the second was more behind the scenes and it was designed to respond to the actions that the russians were carrying out to impose costs on them and to deter future exhalation for future actions. -- future escalation or future actions. so the first line of effort was focused on the state and local electoral systems. the first up was deciding what it was we were trying to protect. given that most of us at the federal level didn't have a lot of experience with how elections actually worked as a mechanical thing at the state and local level, we all got a crash course in how elections actually operate down at the state and local level. we very quickly realized as part of that process that the voting machines, while vulnerable, were not the most likely vector for any russian activity, nor was changing the outcome of the election the most likely goal. achieving that goal was simply
not feasible as you have noted in some of your reports. instead, undermining confidence in the electoral process and disrupting it where the more likely goals. we then began to look for the points e the russians could most easily accomplished that goal and that turned out to be the point at which the electoral infrastructure touched the public internet. including voter registration data, and media reporting on election night. since date and local governments run the election process in the u.s., our efforts became focused on providing assistance to the states. the department of homeland security spearheaded those efforts for the administration backed up by the department of justice and the fbi. over time, we also began to shift our focus to preparing for election day and being able to respond quickly to any disruption that might have occurred. fortunately, by the time i got around to election day none of what we feared actually
materialized. so from that perspective that turned out to be a good thing. on the second line of activity, pushing back on the russians and imposing costs, this line of effort was focused on developing options for the decision-makers. the goal was to respond to ongoing activity and to defer further escalation or future activity. we use the normal nsc lead interagency process to develop a suite of options to respond to this activity. the key bodies that worked on that with the cyber response chair that i chaired within the white house. the specific actions that we developed were to my knowledge remain classified other than those that became public by necessity once implement it. i can say that the options that we developed spanned the full gamut of u.s. power, including diplomatic, intelligence, law enforcement, economic and cyber
cities. within these broad categories we created a range of potential actions from low risk, low impact, to high risk higher impact options as we would for any national security issue. my responsibility was ensuring that the nsc principles up to and including the principles -- president had a full range of options to consider including pros and cons. due to the concerns around escalation, the overall geopolitical situation we were in, the tensions within the u.s. election, the presidential race that was happening the desire not to do the russians work for them undermining confidence in the electoral process, senior decision-makers proceeded carefully and judiciously and eventually we settled on a set of options and actions that have been widely reported in the press. not all of the options that we laid out were taken but that is not a surprise to anyone who
has worked in the policy process. that is how it works. decision-makers never take all the possible actions that you develop. in looking forward to the future , which is, i think, the key aspect of what the committee is working on, now that the russians have proven that it can be done. --, we should expect not only the russians but others to follow their lead. we should expect other nationstates and non-nation state actors to attempt to do similar activities. in response, i think we need to do several actions. one is that we need to continue to invest in improving the cyber security of our electoral infrastructure in its entirety across the board. we need to figure out how to enable the federal government to better support state and local governments because i think maintaining that state and local control of elections is incredibly important. it is very central to our system of federalism and democracy and we need to sustain that.
the stick to expect state and local governments on their own to go up against nationstate actors. we need to figure out how to enable the federal government to assist those entities to better to protect themselves while enabling themselves to maintain control of the electoral process. we should also invest in our resilience operations which is related to but separate to the cyber security issues. internationally we should continue to promote the idea that it is not acceptable to interfere in another nations electoral process. the u.s. should continue to work with other allied governments to identify, expose, and respond to russian activities in this area and embedded with actions to do with other russian activity. we also need to maintain a whole of government campaign to counter russian cyber activity across the board. those are my thoughts on where we need to head in the future in order to continue dealing with this issue that i think will be with us for all of our
future election cycles and it is something we will need to learn how to deal with and be able to counter as a nation going forward. thank you very much. michael, thank you -- >> michael thank you for that testimony. the chair would like to announce the members. i understand we are going to have to vote scheduled for about 1230, it is my intention to finish this open session no later than 12:45. we will immediately after completing the second vote, come back for a closed session and that will give our witnesses time to do a choke and run on some lunch. all recognized members by seniority up to five minutes and the chair would recognize himself and michael. -- himself. and michael, let me just say looking back what seemed like the right thing at the time which was for the secretary of homeland security to the clear
that the election system was critical infrastructure in hindsight was the worst thing we could have said to state officials. they took it as a federal government taking over the election process. we have tried to point some of these things out and need to be sensitive in the future. ambassador, we have been told that all potential responses to russia's acts were on the table. most of them debated. and at the end of the day prior to election, not the. in between election and swearing-in, really the only big thing that was done that the president contacted putin personally and raised this issue. is that an accurate depiction that we have been given by people we've interviewed? and two, what should have we done that would have changed where we are today? >> thanks chairman. in this open session let me say i assume you are talking to
what was done with regard to russia rather than the thing that mr. daniel had talked about with state >> yes. >> so it is accurate to say that in september the president made a stern and personal warning to president that there were follow-up conversations and other government channels with appropriate parts including use of some pre-existing channels that we had with the russians. but we did not take deterrent measures in the select oral period. -- electoral period. there was a lot going on from june onward as to what kind of deterrent measures we could take either in the electoral period or afterwards a lot of that work informed what was done later in december. for a variety of reasons, some of them you highlighted your self, some mr. daniels
mentioned, there are others that are more classified. the president chose to launch the full investigation and response after the election. i think it is fair to say that all of us in the process assumed that what was done in december/january of 2016/2017 would be a starting point for what the incoming administration with and build on. so i think there is still plenty of work to be done. >> we would agree with you. why do you think it is russia thought they could get away with treating the united states just like the other countries that they meddled in that they really considered to be part of the soviet union? >> i think they saw and increasingly understood the vulnerabilities in our democratic system. the same technologies and ways of
communicating that are so powerful in terms of the way we connect with each other, also offered opportunities to turbocharge techniques that they had been applying even since the soviet. to try to -- soviet period to try to cause dissent in the u.s. and pit us against each other and they got better at it. this gremlin is highly opportunistic. it will do, whether it is in their own country in ukraine, in europe, or other continents, they will throw out lots of chaff, lots of opportunities to probe and when they feel a weak spot, they will push further and probe further. there is a great quote attributed to lenin. rest in the bayonet, when you hit them, stop. if you hit much, push. i think they had a lot of mush. >> michael, how exposed do you think the social media platforms
make us in the future and do you have any confidence in the belief that they can self police bad actors? >> so i think that as with all that kind of technology it is a double edged sword. it provides opportunity to get messages out rapidly better clear and accurate but also provides an opportunity for misinformation. on their own without allied governments, it will be hard for social media platforms to find all the malicious actors. they are quite good at finding a fair amount, but it is incumbent upon all western governments to figure out how to work with the social media platforms to better identify the kind of misinformation and
align information that's on those platforms. >> we believe there needs to be a new type of collaboration between us and those companies and we are working on that. ambassador, i'm going to come back to you with a couple of quick things and i will get into the specifics on it when we get to close session. at what point did you become aware of mr. steele's efforts? >> mr. steele's efforts with regard to the -- >> the dossier. >> i was first shown excerpts from the dossier i believe in mid july of 2016. it wasn't the complete thing which i didn't see until it was published in the u.s. press. >> i know you talked extensively with our staff relative to mr. steele. based upon our review of the
visitor logs at the state department, mr. steele visited the state department briefing officials on the dossier in october 2016. did you have any role in that briefing? >> i did not. i actively chose not to be a part of that briefing. >> but you are aware of that briefing? >> know i was not aware until afterwards. >> okay. vice chairman? >> thank you mr. chairman. i'm going to start with similar questions as the chairman but with a slightly different approach. i don't think enough was done but there were a series of actions taken. we have the president talking directly to putin. we had mr. brennan talking to his counterpart. there was the first use of the cyber hotline. there was the october 7 oh dni dhs warning. do you think any of those actions resulted in a
munition of russian activities? did they slow down anything or was it full steam ahead? if we had not done those with the russians then even more nefarious? >> it is certainly the case that it was very important to tell the russians at every level including the top level that we were watching what they were doing. whether they slowed the russians role, whether they did less particularly after the president spoke directly to putin in early september, i don't know. if you look at the record of their activity, they were generally a little bit less active in september than they later were in october and they particularly were at the end of october where they were quite active when they thought the election might turn out
different the than they previously thought. >> mr. daniel? >> i would generally agree with the ambassador's remarks on that. i would drop a distinction between we saw dominion mission -- we see an increase in what they are doing on social media and the influence operation. i think my conclusion would be that they shifted their focus away from pure cyber operations and more to the information operations area as a result of what we were communicating. >> even the president warning, rendon's warning, cyber hotline, dhs, odni, public warnings didn't seem to have that much effect in terms of the munition it appears to me
that we were caught relatively flat-footed in terms of how the russians use social media. companies were caught flat footed as well. they exploited a theme where foreign agents impersonating americans but detonating -- distributing the content in american -- america fell between the cracks. we have seen activities to any
explanation of why we were caught so flat-footed? >> i think there are a number of explanations, some of which we will talk about in the follow-up session. the russians were overtime perfecting their ability to target social media to specific political objectives in their own country, in ukraine, and across europe well before 2016. i think some companies were aware of some abuse of their platforms and other countries. because they weren't talking to each other, they weren't integrating what the various companies were seeing. and developing a pattern as the chairman said and as i said last year. the private companies were each touching a piece of the elephant and not seeing the whole. i also think there was a tendency in the u.s. intelligence community to look only -- committee to look only at classified information and
the necessary integration of open source and classified information was not happening the way it needed to. we were as a government not as aware of what was happening in the private sector. >> holding on top of that, my position was cyber security coordinator focused on the protection of information systems. we were set up then and we aren't set up now to have a focused effort with in the u.s. government to counter operations. many -- the russian agents signed up for facebook accounts. that is not a cyber security problem that is an information problem. while they can be blended and while the russians are good at combining their cyber capabilities with their information cop abilities --
capabilities, those are separate things and require separate disciplines in order to counter. >> you said certain companies were aware that russians were interfering. what i think is remarkable is none of those companies acknowledged that i had of time. as a matter of the fact in the aftermath of the election, public officials raised the concern that facebook and others could have been misused by the russians, the leadership in many of those companies dismiss the notion wholeheartedly. it was literally months and months before the social media companies acknowledged they had been misused. thank you mr. chairman. >> thank you. thank you for your well thought out recommendations. i think those are serious and deserve serious considerations. i want to summarize here a little bit. both of you have indicated that this whole thing started in the spring of 16 and gradually grew
through the year. to the point where in september, at the g 20 summit president obama confronted mr. pruden -- mr. payton and as close to him we knew what they were doing. i'm not criticizing him, that is the president job to do that. that confrontation may have slowed them down briefly but just briefly. it then continued on in the direction we are headed. is that a fair statement? >> that appears to be fair based on what we know. obviously we don't have full knowledge of the kremlin's thinking. >> one of the thing that puzzles me, next month in october, dni went public with the fact that we knew what the russians were doing. and people need to pay attention to it at least to
some degree. this is the question i have for you mr. daniel. this puzzled me. there is a quote i want to review from an article that appeared from what happened in late august of 2016. at his morning staff meeting, he said it had to stop working on options to counter the russia attack. we have been told to stand down. that is a quote from you. one of daniel's top deputies recalled old, i was incredulous and in disbelief. it took me a moment to process. in my head i was like did i hear that correctly? then he asked, quote, why are we standing down? michael, can you help us understand? is that an accurate description of what happened? >> that is an accurate rendering of the conversation at the staff meeting, but the larger context is something we can
discuss in the classified session. i can say that there were many concerns about how many people were involved in the development of the options and so the decision at that point was to cut down the number of people that were involved in developing our ongoing response operations. it is not accurate to say that all activity ceased at that point. >> what about your area of supervision. did it completely sees as far as that was concerned? >> know we shifted our focus in that september and october timeframe to focus heavily on better protecting and assisting the states and better protecting the electoral infrastructure and ensuring that we had as great a visibility as possible into what the russians were doing
and developing an incident response plan for election day. you have described that. as far as your cyber response, you were told to stand down, is that correct? >> those actions were put on the back burner, yes. that was not the focus of our activity during that time. -- time period. >> what cyber options did you recommend and which ones were taken and which were rejected? >> this is something we will have to discuss in the classified session. i am more than happy to described -- describe some of those there. it was a full range of potential actions that we could use to use our cyber capabilities to impose costs on the russians, both openly to demonstrate that we could do it as a deterrent and also clandestinely to disrupt the
operations as well. >> were any of those accepted? i can't really go into that here. >> how about you, ambassador? what did you recommend, what did they take and what did they trash? >> i think it is more appropriate to do specific recommendations in the closed session. what i will say is that we were aware as early as december 2015 that the dnc had been hacked. we didn't know by whom. it for signatures from what we had seen of the russians. as we saw more hacked activity during the spring, those of us on the russia account pushed very hard internally to put more intelligent resources on this
to better understand what was going on. we didn't know whether this would take the form of intelligence gathering during an election. or whether it would be used for influence and of what kind before or after the election. we became more alarmed when throughout the spring and in june my team was authorized by secretary carrie to begin working internally at state on what kind of deterrent opportunities there might be, whether in the siebel realm or using other tools. we developed a full blue of options. -- a full slew of options in july. we understood that this issue would be taken up after the election. we were authorized to continue our work on what might be effective in the august and september period. we did that so that we were ready for the formal conversations when president obama authorize them after the
election. >> thank you both. the term and have called an important hearing. we are talking about policy responses to the russian attack on our democracy. i have felt for a long time that one of the best ways to be able to push back on russian attack on our democracy is to have a lot of allies close to us. allies that will stand with us. if you are going to focus on that it is important to focus on president trump's behavior. that -- at the g7 did the president criticized our allies both individually and collectively, he was unhappy that vladimir putin had not been invited. and this week he has undermined the german government and making false claims about migration and crime.
at every step of the way on these key kinds of questions, climate came -- climate change, basic issues of human rights, it seems to me that the net effect is that the president has isolated us from allies that we very much need to help us stand up to russia and the attacks on our democracy. given your background, how important in your view are these alliances to be able to push back against the russians and what is your take, how would you evaluate the president recent actions i have described? >> senator wyden , in my professional experience and studying history, the u.s. alliance system has served our nation superbly in terms of security and prosperity and in terms of defense of the values in our constitution and declaration of independence for
more than 70 years. we don't always think our allies are doing enough. we sometimes have conflict. in every decade, whether it was over vietnam or over iraq, it is important that we work together to get through those as a family. fundamentally the system we have in place is a collective security system where we jointly pay for it and jointly execute against r economy -- our common enemy and a shared security system where we push for maximum openness where we can all benefit and process -- prosper. adjustments are needed. our allies for more than a half the combat burden form more than half is your take on the president recent actions i described?
>> i am very concerned when america's adversaries appear to get better public and private treatment than america's closest friends. we certainly should not be in the business of interfering in internal politics. i am also quite concerned on the trade side that if we are not careful, we could set off a renewed recession in europe and perhaps even in the united states. >> i'm glad you pointed out this kind of double standard. it is a double standard that cuts against america's security interest in my view when people who have been hostile to us appear to get better treatment than those who do not. one last question for the remainder of my time, mr. daniel. your position was eliminated as you know recently, at a time when it seems to me you have more and more cyber threats of
a wide variety, we saw press reports with respect to hacks from north korea during the middle of the discussion in our me in your view, what capabilities do you think are lost with respect to the illumination of your position? i was going to ask you for your assessment of threat today, but i said mr. daniels in a position where he doesn't have that kind of current situational awareness . tell me if you would, what capabilities are lost by the elimination of your position? >> it is not so much the capabilities but the ability to integrate those capabilities. and employ them.
given the relative newness of the law and policy and interagency cooperation on cyber issues and the use of our capabilities, i think it is still very important to have a senior official at the nsc d the white house that is driving policy and driving operational collaboration in that area. >> thank you, chairman. >> thank you both for being here. mr. daniel and ambassador newman, brought the campaign the administration took a few steps to warn russia and direct warnings from the president throughout the cyber hotline. do you believe efforts had any deterrent effect at all? >> i think it is unknowable what the total effect might have
been. there may have been a slowing of russian activity in september after the president warned president putin. by the middle of october that activity had resumed in full force. >> i would agree that it essentially unknowable. i think it did, it prompted them to shift some of their focus away from trying to penetrate state level voter systems and focus more on the influence operations. again, i think it is a difficult question to answer. >> in that context the date you pointed to was october. you said it might have restarted up and gone a different direction in mid- october? >> i think the russians were constantly reevaluating the opportunity that this operation gave them and seeing more and more advantage. i think by mid-to-late october,
they may well have changed their calculus about the outcome of the elections and accelerated their influence operations accordingly. >> in the context, this happened after the president warning. the later police of the emails, do you ascribe that to moving in a different direction in terms of the influence campaign mr. daniel refer to as opposed to the attacks on state systems? >> i wasn't involved in working with the states. i was involved in the release of the emails and the political conversation among ourselves moving later in the campaign to the acceleration using the bought networks and the internet accounts that they had
established to push both narratives that were popular on the fringes of u.s. politics and try to mainstream those. >> i ot the exact quote but you said earlier that if you push and use it -- if you hit something hard, you stop but if you feel much you keep pushing. why did you think could get away with treating united states the way he treats countries abroad that they think should be under russia's control? why do you feel in your opinion that he can get away with treating us in the same way? >> in my experience with this particular leader, if you don't make these aggressive moves directly for him and his circle in his own context, then he will keep pushing.
>> i don't really have anything to add on top of what the ambassador has said. >> i guess it sounds like you are saying that he has a cost- benefit analysis, here's the price and benefit of doing it. i believe the benefit outweighs the cost and therefore i'm going to do it. >> i think it is probably the case that the russians expected to current measures and didn't see them and so thought they could keep pushing. >> in that context and this is kind of a hindsight 2020 situation, if we could do it over again and go back to 2015 and 2016 and try to deter this activity, what would you do? what language do you believe he would have understood? what could we have done differently? part of this inquiry is to learn about what our policy should be moving forward and in addition to the rhetorical one, the actions that we would take, what would have worked in your
opinion looking back now? >> we can talk more about this in classified session. i think part of the problem we had was that we didn't have sufficient integration of information to understand fully how their campaign was structured. we didn't have sufficient agreement in the inter-agency as to what the deterrence tools were and what the effect might be if the russians chose to excavate because we hadn't -- to escalate because we hadn't studied it full enough. we were beginning to work with our allies but we hadn't done enough. if you look at the more successful counter operation that the president later -- the french president later did, what he was able to do was to much more quickly than we were, identify russian influence
operations, to call them out and to put legal structure in place to counter them. he essentially neutered the influence by telling people that it was not part of the debate in france, one concrete example there was a pole -- a poll in the french election that showed a candidate in the lead. it was a russian operation. it was not a true poll. the french were able to pull that -- prove that in terms of the origin of the information heading back to russia and in terms of their own data. within a week they were able to debunk it publicly and therefore they blunted the weapon. we have to be in the same situation in terms of countermeasures inside of russia and other adversaries so they know this will cripple them as well. we can talk about that later.
you explain and expose how the campaign works, it's manipulated by somebody else, not only does it change the processing of the information, it actually radically turns them off to that information because they feel appropriately they've manipulated. >> when did you two first meet in person? >> i don't remember. we certainly were part of
meetings in the summer of 2016. did we meet then? >> that was the point of my question. there were meetings, you were in some mtings but i want to go to your first recommendation, which is a fusion center. it seems to me it should be someone overall with a piece of this. right now, i'm getting frustrated. i hear the term whole of government and to me that means none of government because there's no one in charge. do you believe there's some central authority and somebody in government who's responsibility to think about sybbe expirer producing this -- shabbier and protecting -- cyber and protecting this country? >> senator, cyber is a big issue and in the concept of the
fusion center, there'll be a director as there is for the national counter terrorism center who would be the single belly button for leaders. >> as mr. daniel pointed out, someone to integrate the data, and that was one of the problems early on in our response, was it not, we had data coming into the fbi and nsa and various places and we didn't really have a full picture of the magnitude of this attack until fairly late in the summer or early fall, is that correct, mr. daniels? >> i would argue we didn't have a full appreciation for the scope of what was going on till well into 2017. in the fall of 2016, the full extent of the russian information operations, everything that they were doing on social media and the vast number of trolls and activity
that they had going on, we didn't fully understand that in the fall of 2016 and it has really been a picture that's continued to evolve over time as, you know, committees like this have done their work, and i think that was as the ambassador pointed out, part of the problem was we didn't actually have a complete understanding of what was -- of the campaign being carried out against us. >> ambassador, a different tack, the president -- president obama was criticized for not acting certainly not strong enough. what was the thinking without revealing classified conversations but what was the president's thinking in so far as you know of how to respond to this and what was the risks and benefits? >> why didn't he take a more -- for example, why wasn't there a strong classified sanction or some activity as opposed to a
stern admonition at the g20 summit? >>ator, we can talk a little bit more about this in classified session as we did last year. i think some of the reasons have been ventilated here. you know, there was incomplete information at the right moment, which i think is a fault of the systems that we had in place to integrate as you said, including the ability to inti integrate by the govern expirer president trump and there was a concern that if this wasn't handled properly, any move publicly would be seen as president obama playing into those accusations. there were concerns about how this might escalate if we took counter measures. there could be escalator
measures because one russian goal was obviously to undercut the integrity of electrical system and notmenting to play into that. -- not wanting to play into that and there was a perception that this could be dealt with after the election in a more full some way and whoever was elected could continue to work that the administration started to get to the bottom of it more fully. >> thank you, thank you, mr. chairman. >> senator colins. >> thank you, mr. chairman. >> mr. daniels, how did the administration view wiki lane? for example, did you view it as a news organization or social platform like facebook or as -- in that sense a hostile intelligence service. >> senator, i would actually say that in many ways it was all of the above and at various
points certainly from someone who spent a large amount of time working with the intelligence community in my career, we did not view a lot of what wiki leaks was doing as favorable. i think our view was always split as to exactly how witting a lot of people involved were with what was going on. again, that's something we can explore in more detail in the classified session, but, you know, clearly the russians used them to great advantage. >> exactly. do you think that realization existed in 2016 or is that only a realization that we have looking back? >> i don't think we fully appreciated the scope and scale of the russian influence operations and at the time we
were kernelly what prompted our initial work was the release of information into wiki leaks and we're aimed at activity on the state and patrol systems. it wasn't till i think later in the year and even after, you know, after the change of administrations that we became fully cognizant of the scope and scale of the influence operations. >> you mention the state and local electoral systems. we have received from the department of homeland security inconsistent and varying numbers on the number of states whose systems were scanned by the russians. how likely do you think it is
that russian cyber actors at least scanned all 50 states? >> i think it is highly likely. it was always my judgment that given the number that we reached where we had pretty good evidence of that led me to believe that there was no reason of at least attempted reconnaissance of all 50 and more likely that we didn't detect it than it didn't occur. >> i really appreciate you being forthright about that because i believe if states understood that, they'd be more respecteddive to the help that i know secretary -- representative to the help that i know secretary johnson offered and the help they're being offered now. certainly that threat continues. ambassador newland, in 2016, the fbi was complaining to this
committee that russian diplomats in the united states were not following these established rules about travel and they were not notifying the state department and it seemed that they were traveling to odd locations on short notice. were you aware at the state department of the fbi's concerns? >> yes, senator. as i testified in classified session a year ago and as i think we should review again in the closed session, we had significant conversations with the fbi about their concerns and took some actions and prepared others as early as july and august of 2016 without concerns. we had a severe understaffing problem in terms of ability to do their job to do their job when the russians didn't follow
the rules . >> do you think that travel was related to the russian active measures against our e lek thirl system? >> i do. >> thank you. >> thank you, mr. chairman and thank y'all both for being here and i don't think there's any question that russians were attempting to be involved as they possibly could and higher level than they ever have dope before. so i would ask, do you think we had assurances that we know exactly what they did. they're moving in that direction. go ahead. mr. daniels will speak from his experience. >> among the reasons i put forward, the five recommendations that i did, i do not think that we are yet organized, funded. >> the internet research area
basically in st. petersburg and is that what -- >> i would say we know quite a bit about that one with the help of the companies. what we don't know is how many more of those there are in russia or other parts of the world. >> i would say that i have too much appreciation for the capabilities of the russians. they're an incredibly sophisticated actor on the cyber side and information side. i have too much respect for that to believe that we've detected all of the activity that they either did do or are continuing to do. >> with that being said, do believe we should have a pollty to treat -- policy to treat cyber attack to have direct contact with a foreign government and automatically retaliate in cyber space? >> i think that as with any issue in had the physical realm, i think what we have long argued and i support is
that the same ideas and concepts of proportionality and the laws of war apply in cyber space just as in the physical realm. if you had an act of -- if you had a cyber incident that rose to the same level of -- a use of force? >> you should be able to respond using all the tools of national power the same way we would to an incident in the physical world. >> midterm elections we're all concerned about and very critical for those involved and everybody else paying attention to it. i'd like to know for the people in west virginia that our systems are safe. if there's any indication that there might be an infiltration by a foreign actor, can they prevent that or detect it? >> senator and mr. daniels, in west virginia, i would say as a
matter of u.s. russia policy, this would be a moment for the prent tofirst be working with this policy of the team to decide what the cost for russia should be physical there's proven interference of the 2018 election. >> there should be the same alert for a nuclear attack because of a cyber attack. >> i would repeat what mr. daniels said that we want to make any president a full tool box and in some cases, may be that economic pressure is more effective or costly. >> do you believe there was anything the obama administration could have done to breakthrough the political waves and make people take that threat seriously? >> it got to the point where everything was after the fact and they knew something before the fact. >> yeah, i think in my
experience, it always takes a extended period of education and engagement whether it's the financial sector rkts the ebbing lektorial sector. -- electoral sector. they all followed a similar pattern in it takes time for people to grasp and understand that the threat is real, that it's present, that it can affect them directly. then there are things that they can actually do to try to address it. in fact actually i would say that that time span has actually been shortened in the electoral infrastructure than in some of our other areas. >> i believe that there were deterrents, measures that we could have taken and should have taken earlier in 2016. >> to make the public aware? >> i think obviously the public should be aware but for a lot of reasons, some of which we'll
discuss in the next season, we were not sufficiently aware ourselves at the rielle moment but more importantly going forward, we know that they may very well do this again so now we need to be planning what the retaliation will be and they need to be signaling it so that the cost is evident. >> my time is running out so i'm just saying you don't see the russians or another other foreigners backing off at all. >> so not having access to, you know, classified information right now certainly if you look at just the most recent activity associated with a piece of malware called vpn filter that is most assuredly associated with the russians. it's a type of malware that we have for a cyber security. that shows quite clearly the
intent of the russians with cyber capabilities. >> senator, before i move to senator language langford, what was the knowledge of russia to form the complete picture of the threat. >> chairman, as i was sitting at the work of russia, i was a consumer of all the intelligence information. >> we put this together and see the complete picture. >> my feeling about this is that it wasn't till the president ordered all of us to
sit together and map what we knew that the full elephant came into view for all of us together, but even so that was only an elephant that represented the government's holdings of information as mr. daniel has said, we learned much more later about the holdings of the companies had the information. >> roughly that time that you first -- when the president was together. >> december of 16. >> 16. >> i don't want to interrupt but other words, if the president had not asked for this, there was in process in place that would have immediately aggravated this information on a regular -- normal operating basis. >> there should have been but there wasn't and that's why i advocate the fusion center and the second recommendation to also have continuing conversation with the company. >> i would just add that to the
extent that, again, this is -- i would separate out some information on the influence operations and information operations side but on l the targeting of the electoral structure and cyber threat center within the office of dni and that's why the entity was created and cyber technical intelligence with geopolitical intelligence because you can't understand one without the other. >> tell me a bit more about the second recommendation you have to work with public and private. how should that be form ed? >> should be a presidentially elected commission and meets at a technical level at ongoing basis and leader level or thereafter. after i left government and had a opportunity to talk to a lot of the big actors in the u.s.
private cyber space, it becomes clear that for reasons of company privacy et cetera proprietary business information that i want to talk to each other. they're not comfortable, they worry and yet facing many of the same problems and they're also having conversations with the government about what they're seeing but it's limited to cyber experts and cyber experts and it's not integrated with policy and often it wasn't getting to a high enough level. when i say the companies knew some of what was going on on their plat tomorrows in russia, ukraine in 14 and 15, this would ideally be a safe space where companies can speak to each other or government or regulatory legal policy can be formed and where the company is say what kinds of protection they need from governments to
take bold moves. >> from this perspective, how often should they meet and who should be the primary contacts to be sent there. >> there should be an ongoing conversation at least a virtual conversation at the working level. there should be mid upper level meetings at least monthly and probably senior cabinet level meetings quarterly unless there's an emergent crisis in 2016. >> who should be at that table? >> again, i would want to do more work with the company's on this and more work with government to get a bert sense of it but on the company's side, i would want to see both cyber security experts and policy experts to make sure they're integrating on the government side the same. >> it is our great frustration as you know well that we've worked with several of the social media platforms and they saw things and were taking ads in -- that were election
related. they were aware of it in trying to figure out what to do with it basically. they've had fairly significant changes in the policy and how to address this. they saw it as well. why i'm pressing you on this is that's one aspect. there'll be others. that one's been tested and they're trying to respond and there'll be others and our imagination taking us into place where is you can go next. the goal of meeting time, is it maintaining what we already have or imagine what could be coming in the cooperation in sharing. as you know in the private sector, there's not a lot of cooperation and sharing between wishing this threat are you and they typically see this and trying to figure out how to manage it the same as 2016. >> to do past forensic in order to inform the same, russia's done pretty well with this tool
but other actors starting to get even better notably including china. >> so, let me back up a bit on this. this is for both of you. use your imagination. you know the russians and know that. when you talk about other actors leaning into this and nation states and other activists and want to engage and people have a political beef and want to affect this. for you in particular with the russians and mr. daniel and broader session and what is the next move? where are they going next. based on what you've seen. you're not there all the time. what do you think is the next move? >> i think we're already seeing some of the moves on the russian side. there's obviously the electoral target between the course of 2017-2018, they've had great success turbo charging their efforts to divide the u.s. on race, on issues, on gun control, on any of the scenes
that stretch us. so i any they will accelerate -- i think they will accelerate that. i don't know whether they will have a view about the 2020 election but having been more successful than they anticipated the last time, you could see them be quite aggressive on both sides, both at primary time and election time in trying to influence how americans choose their next leaders. >> right. mr. daniel, any review for actors? >> i would certainly say that both the russians and other actors including china, guam, north korea, criminal organizations, terrorist organizations, activists all are discovering that cyber space is a great place to try to advance their agenda. we are seeing a proliferation of capabilities across the globe and we should expect that to continue. our adversaries are also going to get better at integrating
their capabilities with aspects of national power. the russians are familiar in that but the chinese and others are not far behind. >> senator, if i may highlight one, it's also the risk that you'll have american on american violence in this space. that, you know, if we don't put the right laws and regulatory policy in place, it'll be a -- it'll create a jungle in our own politics against each other. >> thank you. >> if no members are seeking any additional questions, i think we've come to the end of the open session. i have one final question if i could, ambassador, could you provide any incite as to why inr was not included in the team that comprised the ica, the intelligence community assessment? chairman, if they were
included, mr. daniel would know better because he was closer, but i thought that they were included. they were certainly included in the work we did on potential de- definite steps. >>-- deterrent steps. >> to the best of my knowledge, they should have been included and by deaf nation, icas should be coshed nated across -- coordinated across the community. >> we'll check. >> vie i -- i have a vague memory of them coming to us on the policy side that things could be more rigorous in december and they might have been involved in some way. >> that's our understanding and the participants were fbi, nia, and cia. again, it gets back to our ability to look forward and to figure out how we create a pathway with no pipes where
they're instinctively created collectively. let me say thank you to both of you for your incite for everything on this important issue. while we'd all like to look exclusively forward, our issue for this investigation was to fully review russia's involvement and intentions in the 2016 election. you both played a pivotal role and i hope you both stay engaged and provide texture and clarify and hope you'll stay involved with the committee as it relates to future policies. ambassador, i assure you we'll be on the table and nobody would like -- nobody would like
to concentrate solely on the russian investigationive team. i assure you. it's my -- investigative team. it's my hope and belief that this helped us get closer to the end than the beginning. you have helped us today getter understand some of the issues weftes led with in the -- we've tuz tussled with. i would close this hearing and start the closed hearing at approximately 1:15 and advice you to seek nourishment during that time. this hearing is closed.