At a Senate Armed Services Committee hearing yesterday on foreign cyber threats to the U.S., there were several references to the saying that “people who live in glass houses should not throw stones.” The point, made by DNI James Clapper, was that the U.S. should not be too quick to penalize the very espionage practices that U.S. intelligence agencies rely upon, including clandestine collection of information from foreign computer networks.
But perhaps a more pertinent saying would be “It takes a thief to catch a thief.”
U.S. intelligence agencies should be well-equipped to recognize Russian cyber threats and political intervention since they have been tasked for decades to carry out comparable efforts.
A newly disclosed intelligence directive from 1999 addresses “information operations” (IO), which are defined as: “Actions taken to affect adversary information and information systems while defending one’s own information and information systems.”
“Although still evolving, the fundamental concept of IO is to integrate different activities to affect [adversary] decision making processes, information systems, and supporting information infrastructures to achieve specific objectives.”
The elements of information operations may include computer network attack, computer network exploitation, and covert action.
See Director of Central Intelligence Directive 7/3, Information Operations and Intelligence Community Related Activities, effective 01 July 1999.
The directive was declassified (in part) on December 2 by the Interagency Security Classification Appeals Panel, and was first obtained and published by GovernmentAttic.org.
In recent months, we’ve seen much of these decades’ worth of progress erased. Contracts for evaluations of government programs were canceled, FFRDCs have been forced to lay off staff, and federal advisory committees have been disbanded.
This report outlines a framework relying on “Cooperative Technical Means” for effective arms control verification based on remote sensing, avoiding on-site inspections but maintaining a level of transparency that allows for immediate detection of changes in nuclear posture or a significant build-up above agreed limits.
At a recent workshop, we explored the nature of trust in specific government functions, the risk and implications of breaking trust in those systems, and how we’d known we were getting close to specific trust breaking points.
tudents in the 21st century need strong critical thinking skills like reasoning, questioning, and problem-solving, before they can meaningfully engage with more advanced domains like digital, data, or AI literacy.