Skip to main content

tv   Discussion on Ways to Fight Disinformation  CSPAN  November 12, 2021 1:00pm-2:04pm EST

1:00 pm
don't have to start paying for your classes until you have been employed for like two months or something of that nature. host: how do you go about getting a grant? caller: it was through the workforce center of colorado, but it's through the job source center. i think all the states have, basically it's your unemployment centers. you talk to your career counselor. you get a career counselor at the workforce center which every state, i do believe, has one because it is part of the unemployment system. go to the paperwork and apply. that you're serious about it. plus they help you out with a resume and things of that nature. lot of these trucking schools
1:01 pm
have ongoing >> we believe this program at this point, but you can finish watching it at live now to a conversation about combating disinformation. this is hosted by the american enterprise institute. >> a senior fellow of the johns hopkins university physics laboratory. we are privileged to be joined by senior fellow elizabeth braun. dr. stockton's service as an assistant secretary for president obama put him on his path to meet emerging challenges and infrastructure resilience, cybersecurity, and strategic planning. as an assistant secretary he was responsible for ensuring the department could meet its missions, even if adversaries launched cyber attacks. to build resilience against such
1:02 pm
threats he developed unprecedented ships with electric utilities, regulators, and the department of energy. paul also led the departments spots to superstorm sandy and other natural catastrophes. now that he has left office, he provides strategic advice to major electric utilities, trade associations, and the electrical subsector coordinating council to help them strengthen preparedness against cyber threats. he chairs the resilience subcommittee of the department of energy's electricity advisory council, and serves on the national association of regulatory utility commissioners task force on emergency preparedness. miss elizabeth braun's work focuses on defense against emerging national security challenges, specifically focusing on hybrid and gray zone threats. she published a new book
1:03 pm
identifying gray zone aggression. she is a columnist with foreign policy, she writes on national security and the globalized economy, and a member of the national preparedness commission of the u.k. elizabeth was a senior research fellow at the royal united services institute for defense and security studies in london, where she found it its modern deterrence project. she has also been an associate fellow at the european leadership network, a senior fellow at the atlantic council, and at a global risk consultancy. she started her career as a journalist and has published with the economist, foreign affairs, the times of london, and the wall street journal. she is also the author of "god's spies." in may 2021 the congressional
1:04 pm
research service published a report on deepfakes, reporting that such forgeries could present a variety of national security challenges in the years to come. while a crs report emphasized the political risks, including eroding public trust and the blackmailing of public officials, deepfakes also forewarned much more urgent, broad, and dangerous challenges for the future security of the united states. in military parlance, deepfakes are in form of deception, and deception is as old as recorded history. today deception writ large is the achilles' heel that poses potential existential threats to the united states and our interests. flailing responses to the cyber attacks that forced the shutdown of a pipeline -- in contrast to the inconvenience of the colonial pipeline
1:05 pm
debacle, if ai systems for the u.s. military are undermined, the threat could be existential, rendering our nation and allies open to catastrophic attacks. retrofitting fixes will not be an option at the time of attack, particularly if we are engaged in war or all -- or are on the verge of conflict. the concepts are useful for draft -- for grasping the scale of what deception means in the context of military systems. first, americans must confront that information always will be weaponized by our adversaries. second, the exponential growth of active and passive deception across all types of data and information that feed our national security systems is mirrored by the rise of disinformation or broadly, targeted at open and free societies. third, creative solutions will be required.
1:06 pm
fortunately, both paul and elizabeth have talked about -- have thought about how the united states should be organized to confront this crisis. paul has written a book on defeating information operations , and elizabeth has written an outstanding book entitled "the defender's dilemma." i want to share some logistical guidance. audience members can submit their questions at any time this afternoon for our panelists to address during the question and answer portion of our program. you can send them to an email account or use a hashtag on twitter. the hashtag is #ioataei. the email is listed on the events page, on the aei website as well. without further delay would like to invite dr. stockton to share
1:07 pm
his opening remarks. dr. stockton: it is an honor to participate in this event. aei has been a source of cutting edge analysis of the threats posed by this information, and, elizabeth, you and john have both proposed studies. i would like to start with a different cut at the problem. we are familiar with the ongoing chinese and russian campaigns to corrode public faith in democratic governance. it has been less attention to the risk that a severe regional crisis, adversaries will conduct information operations to coerce our behavior. and above all threaten the u.s. public and decision-makers that unless the united states backs down and bails out on our allies, then we will face catastrophic cyber attacks against the power grid, water
1:08 pm
systems, and other critical infrastructure. chinese military doctrine and capabilities focus on achieving just these coercive effects. last week the pentagon released its annual review of chinese military developments. let me quote from that report. the people's liberation army seeks to employ digital influence operations as overt and covert influence activities conducted through the internet and social media platforms during peacetime and war. elizabeth, this goes to your important analysis of understanding the dark gray zone, but also hybrid warfare, how from time to war, what the joint staff called the conflict continuum, we can expect operations to go forward. giving a conflict we should
1:09 pm
expect china to conduct "psychological warfare" to affect decision-making using propaganda, deception, threats, and coercion. the adversary, of course, us. russia has an equivalent doctrine and capabilities to coerce u.s. behavior. today ukraine is facing coercive threats from russia. the deployment of additional russian forces along the border, designed to shape u.s. behavior, vis-a-vis ukraine. and nuclear-capable russian bombers are flying over belarus airspace near the polish border. ongoing information operations are important, but at any moment -- in the taiwan straits, eastern europe -- we could fall into an edge of war crisis.
1:10 pm
let's get ready for operations designed to divide the west and discourage us from coming to the aid of those that we need to. the recommendations that elizabeth john -- and john have offered offer a terrific foundation for defeating coercive operations, but much more remains to be done. i look forward to discussing those defensive options, and elizabeth, your ideas on deterrence, in the minutes to come. thank you, john. mr. ferrari: thank you, paul. i wouldn't like -- i would like to know invite elizabeth to state her opening remarks. ms. braun: thank you. if i can add to what paul said, he has written a fantastic study . i think it is the most important study that has been written about electric grid security, primarily electricity, but it may seem like an irrelevant question until we don't have electricity.
1:11 pm
so, what i would like to talk about is when daily like looks like for citizens of western democracies. if we look at the situation in poland and lithuania as we speak, there is what is called a migrant crisis, but i would also call it primarily an assault on these countries, these citizens trust in their country's ability to run their countries, because the migrants are simply just a tool that belarus has chosen to use to weaken these countries. what he is doing is suggesting the citizens of these countries, and by extension other eu states, that their governments are not capable of keeping -- fulfilling the requirements of a
1:12 pm
government, including keeping the borders safe. what does that mean? i don't think anybody else on this call remembers the 20 incident off the coast of stockholm. there was a submarine intrusion and the swedish navy was sent out. as most of us are not experts in submarine hunts, it is an area where you can easily cede this information, which is what russian media outlets and officials did, by suggesting it was not a submarine at all or that it was a nato submarine, or the swedish navy had confused ac animal with a submarine. all of this because we are not submarine experts. it was actually more successful than you might think it would have been, because it suggested
1:13 pm
that the swedish navy is, oh, it is not up to the task. what does that mean? swedish citizens would not have faith in the armed forces. that is really quite something. it was the mere rumor-spreading campaign. the reason it is so successful, i think, even on what you might call a smaller scale, like the submarine hunt, or indeed the so-called migrant crisis on belarus' borders with lithuania and poland, is that today citizens feel empowered to have opinions about sundry issues that they do not have expertise in. certainly 80 years ago citizens may have had an opinion about what they heard, but they did not expect their opinion to count.
1:14 pm
today we consume -- we as ordinary citizens consume information that we may or may not be correct, because we do not know how to identify disinformation. do not know how to verify the information that comes our way. make up our minds and then expect to be able to broadcast our opinions to the outside world, whether that be our immediate family or especially our contacts on social media. that poses a really fundamental dilemma, i think, to western governments, which is, how do you run a country, especially in a crisis, in your own citizens may develop opinions based on incorrect information, whether it is their intention, but anyway they develop opinions based on incorrect information can be fed by hostile states or their friends, who may not know
1:15 pm
better? at any rate, they develop these opinions and they may then form strong public opinion against whatever it is your government is trying to do. that is a challenge in peacetime, but even more of a challenge when conflicts work armed conflicts erupt. i don't have an answer to it, but i do have a potential solution, which is that we as citizens, our education should not stop when we leave high school, we believe university, because technology is advancing so fast that we have to keep our driving skills up-to-date, we should have to keep our information skills up-to-date. for example, i think there is potential for public libraries to have information courses -- information literacy courses. if you complete them you get an information literacy certificate you can put on your resume, and that signals that this potential
1:16 pm
employee is skilled -- or is certified -- to identify information -- identify what information is really information. that skill should not be underestimated in the workplace. organizations of all kinds are affected by disinformation. it is important not to lose faith, considering the challenges to democracies. these challenges are so immense, but if we draw on the potential of our population to be part of the solution, if they are opportunity -- the opportunity, i think many will rise to the occasion. who wants to be a night when you can be a well-informed citizen? over to you, john. mr. ferrari: thank you, paul and elizabeth. elizabeth, let's start with you. the focus of this panel is on how the united states should be
1:17 pm
confronting information operations as a subset of gray zone aggressions from foreign adversaries. most prominently including russia and china. in your book you explain one state -- once state actors started undertaking gray zone actions in recent years. how did -- ms. braw: it is an attractive choice. we here in the west, where our vulnerability is in the hot seat, we communicate to other countries that they should exploit our weaknesses. that is inevitable, because we are free and open societies and we are not going to tell our citizens what to say. nevertheless, as a result of the current complete lack of involvement by the population in national security, i think most
1:18 pm
people don't even realize what they say or do and how they react could have an influence on the country's well-being. people will happily share information because it is fun or entertaining, or juicy. ever the reason may be. it is too good to pass up, right? we don't have the same opportunity with them, because their governments can tell citizens to a much larger extent what to say, what to communicate on social media, and in the case of china, people don't even have access to some of our favorite social media companies that are based in the west. i think of gray zone aggression as a soup. you can put in whatever ingredients you happen to have available.
1:19 pm
you don't always have to add it. it is dependent on what you happen to have available. unfortunately today in most countries it is an ingredient that seems -- it is almost like a stable and other countries try to harm us simply because our citizens have so little understanding of national security and their role in it. their negative role in spreading disinformation that can harm the country, but also a profiting role in making sure that the information environment is kept clean. in the u.s. this is on both sides of the political spectrum. this notion of alternative facts exists among some people, but among other people on the others out of the spectrum people talk about my truth, or your truth. how was that? there is one truth.
1:20 pm
there is even a common basis on which to debate or have a dialogue about opinions, then we are lost. i fear that if it continues the country will become ungovernable, which is in nobody's interest. i think if people knew the effects that they had on the country's security -- in this case, the u.s. security -- would want to be part of the solution. and if i can just add, it is currently russia and china, because we are such a wide-open field, if another country decided it wished to weaken the u.s., it could avail itself of this as well, because it is not particularly sophisticated. you don't need particularly sophisticated skills. one of the most powerful rumors spread originated during the cold war was at east germany's rumor that aids originated.
1:21 pm
it remains in circulation to this day. mr. ferrari: thank you. paul, your research focuses on information operation campaigns as a subset of broader gray zone challenges, which you call a dark gray zone. you also distinguish between i/o campaigns and those that might shape u.s. decision-making. what do you mean by the dark ray zone, and why is it important to distinguish between different types of operation information's jack -- information operations? are you on mute? dr. stockton: thank you. let me rewind. i'm going to define the gray zone the same way elizabeth does in her terrific book. defined by the special forces community, gray zone aggression
1:22 pm
comprises competitive interactions among and within state and nonstate actors that falls between the traditional realm of war. -- war and peace. in urging we get prepared for the dark gray zone, that is when little green men start pouring across the border from russia into with a whiny or latvia, when, finally, things heat up in the taiwan straits, when there is an elevated risk of warfare between the united states, russia, and china, we know from social science research that in stressful events -- marathon bombings, horrific hurricane events -- americans turn to social media as their primary source of information. well, the bad guys are going to exploit that. and exploit the tendency of americans to want to stay on
1:23 pm
social media platforms that are conveying fear mongering content. that is bread-and-butter for them. we need to get ready for a situation in which the american public is looking at social media, china and russia are using that to try to shape u.s. behavior, not only by influencing public perceptions, but by reaching out to everyone in the situation room, in the white house, with personalized messaging in order to shape their views, and above all to threaten the united states with punishment unless we abandon our allies. we have to get ready for them also to move from the dark gray zone into an initial period of conflict, where they will begin to make good on their threats of disrupting u.s. infrastructure, begin conducting demonstrative attacks against u.s. critical
1:24 pm
infrastructure with social media , portraying vividly -- and maybe with deep fakes -- and warning that more suffering will, unless the united states caves into the adversary's demands. mr. ferrari: elizabeth, a question to you, then paul, you can follow in what elizabeth has to answer. what are the examples of the most aggressive i/o operations conducted by russia or china and their impacts? how seriously is the united states senior security infrastructure taking the threats of i/o's? ms. braw: i don't know that it is possible to grade. certainly opinions with a very them being successful. let me give an example of a recent this information campaign
1:25 pm
that, i think, was extremely telling. it exploited people's lack of knowledge. that is when covid vaccines were first being developed. that seems like a long time ago, but it was last year. we all knew nothing about covid vaccines, just like we all knew nothing about covid until february 2020. even then people were worried that this vaccine might somehow be harmful, and don't you think that russian media started publishing stories that were then widely picked up by western media? not copied, but they were mentioned. the disinformation is being spread. it gained enormous traction, even with negative coverage of -- coverage it gained traction.
1:26 pm
this russian disinformation, and, by the way, the same with china, essentially portrayed the vaccines being developed in the west as harmful. not in terms of autism, but that it would alter your appearance or things like that. if you read information like that then you are concerned about covid, you are concerned about this new vaccine, if you read that is going to alter your appearance you think, quite obviously by using it, it may only gain small traction in the west, but actually -- and i don't think we need to debate the mask mandates and covid vaccines more widely -- maybe on this panel, but nevertheless -- it is a huge issue, and if you can only convince a small part of the population to act in the
1:27 pm
way that is detrimental to the country, then you have done harm to the country. i was interested, paul, in your views on how disinformation about covid vaccines are affecting u.s. armed forces. it seems to me that is not time spent on military at hand, but as i said, i do not want to belabor the issue of vaccines, but just to say that it is one of these issues where, including submarine hunts, where everybody can have an opinion, even as they know nothing about the details of the subject area. dr. stockton: john, i would like to tackle the second part of your question, and that is how seriously the u.s. is tackling these challenges.
1:28 pm
the government is doing a great job now ramping up the protection of the u.s. electoral system against foreign influence. in this last series of elections, showed significant progress. i think more and more we are getting better positioned in the state department and dhs to counter the coercive campaigns to corrode faith in democratic governments. in the realm of coercive operations in future crises, i see progress. on the one hand the u.s. military -- and, john, let me mentioned -- mentioned the day after veterans day, congratulations on your distinguished military service and thank you. the u.s. military is getting ready for transitioning of u.s. doctrine away from the physical destruction of the enemy's order of battle, toward shaping the adversary's behavior and perception, trying to win in the
1:29 pm
cognitive realm as opposed to annihilation of forces. the u.s. military is transitioning toward this new information from, what i don't see u.s. defensive capabilities getting ready for the risk that adversaries will do onto us as we are preparing to do on -- onto them. and that is crazy, right? given chinese and russian doctor and i alluded to earlier, it makes sense to only focus on ongoing coercive -- i'm sorry, ongoing corrosive campaigns and ignore the risk that hybrid warfare techniques, for example, that elizabeth wrote about, mike adapted to very different circumstances. -- might be adapted to very different circumstances. mr. ferrari: i will pick up the point on how it is affecting the u.s. military. if we were to say couple of years ago that china or russia could reach into the u.s.
1:30 pm
military and eliminate 5% of the force overnight, causing the training and widespread readiness levels to go down, that is essentially what is happening with the vaccines and covid. in addition to spending time on it, the cost of separating people and the readiness levels lost and the skills lost will impact for years to come. elizabeth, -- paul, you first, and elizabeth. we have recently seen the u.s. congress has had facebook hearings on their algorithms and how they amplify, perhaps, different messages. given the blended nature of ray's own aggression and its impact on the private sector, to what degree should the u.s. government be offering support or punishment to industry partners to defeat coercive information campaigns and other forms of gray zone warfare?
1:31 pm
paul, you first. dr. stockton: we absolutely need to strengthen partnerships between the government and other social media and operators. because in a crisis we know what is coming. we need those social media partners to block coercive messaging against the united states. john, i believe a template exists to borrow from. that is the ability for these platforms to filter and block child pornography and sexual exploitation of children. there are some models about how to clearly define what needs to be blocked and then develop the ggb's to do so. we also need to understand that many of these platforms have is this plans that depend on conveying divisive, frightening content.
1:32 pm
that keeps americans on their platforms longer, so they will click and purchase more stuff, right? there is a fundamental, underlying conflict here that we need to resolve, because their participation is going to be absolutely vital. mr. ferrari: thank you. elizabeth, the united states had a pandemic plan before the pandemic, and that did not turn out too well. we have templates and plans. what do you suggest, giving this blended nature that the u.s. government will use to make sure it is something more than just a plan going forward? ms. braw: in disinformation how do you ensure it is not just a plan? it starts with working with the companies. to date social media companies, and tomorrow they may be more additional companies.
1:33 pm
even social media is changing quickly. it occurs to me that this is an area where the u.s., like every western country, has changed since the cold war. during the cold war it would have been possible for the government to go to ceo's and say, please do this, or please do that. we cannot force you, but you should do it because you are good citizens. captains of industry took great pride in the role their companies played in america and in other countries. now we have an environment, or a generation of ceos, who not feel that responsibility. it may be because of the reporting requirements have changed, or company performance to shareholders. those reporting requirements
1:34 pm
have changed, so every ceo is the slave of quarterly reports. ever the reason, i do not think ceo's feel the same responsibility for doing the right thing for the country. as we know, mark zuckerberg has said many times that it is company over country. short of legislating and -- i don't know if even the best plan would be possible without legislative acquirement for companies to participate. but nevertheless, even if we do not have participation, a plan should involve regular consultation with leaders of crucial companies, including -- especially in social media sector, when it comes to disinformation. maybe it is a naive hope, if i think if they were made to realize -- not through aggressive questioning by
1:35 pm
congress, through regular dialogue -- the immense role they play in helping keep the country safe, i would hope that would at least take some of that into account. but i must say, i'm not too optimistic. i would be curious to hear paul's view on that. dr. stockton: i am optimistic, because it is so important we make progress. it is essential. the federal government can never block objection on messaging. there have been repeated supreme court rulings to that effect. last thing we want to do is throughout the constitution and our respect for the first amendment in an effort to seek coercive messaging. we need social media companies to partner with the government to block this kind of messaging
1:36 pm
and narrowly define what constitutes coercive messaging. that is threats of punishment of united states citizens. understand what that is, then develop the algorithms and supporting technologies needed. narrowly focus at, let's have it as a just break glass initiative. on a day-to-day basis these would be used, but when there is an intense crisis -- over ukraine or whenever the crisis is going to be -- then we would have something to fall back on. we would have some operational capabilities. above all, let's exercise those capabilities, because they are not real unless you exercise them first. mr. ferrari: one of the points made by the proponents of operations in russia and china is that there is no time period between war and peace. we live in this constant gray zone, and both of you have made this point. first off, how would you
1:37 pm
exercise in case of emergency break glass, when really we are in this constant fight? second, to elisabeth point attack --'s point on these ceos, i believe a lot of them view their role as global in nature. if you look at microsoft and amazon and twitter and instagram, they all -- they are global firms and they are reacting to input and stimulus of disinformation around the world. how do we avoid this gray zone warfare not just in the united states -- because it is one thing for the united states have a plan which may or may not work -- but also different countries have different rules. how do we look at this globally? paul, why don't you go first? dr. stockton: it is a great question, john. looking at the ongoing efforts of russia to weaken nato and to
1:38 pm
divide nato partners so that when a crisis comes we will be less likely to be able to operate under article five, agreed that collective defense is needed, they are going to find a weak link in the in -- the alliance in order to disrupt that decision-making, just as i believe they did so in slowing the western response to rush's invasion of ukraine and seizure of crimea. i would like to take your point a step further. right now we are at risk of creating two silos of excellence. over here we have preparedness for information operations. over here we have cyber resilience for the electric power grid and other infrastructure. the bad guys are going to combine attacks. they are going to use information operations together with cyber attacks in order to coerce our behavior.
1:39 pm
john, we need an integrated defensive strategy that brings together traditional notions of cyber resilience together with information operations. and we need to do it with our partners. mr. ferrari: elisabeth, any comments? ms. braw: maybe just a useful case study. the efp in the baltic states, it became obvious they were being targeted by disinformation. it was protected -- directed particularly against germans in lithuania, where russian media and accounts spread falsehoods about these soldiers engaging in neo-nazi activities, and really shameful suggestions that were being made.
1:40 pm
we know that germany is very vulnerable to such accusations. this information -- this disinformation -- was of course, completely inaccurate, what it did do was make completely obvious to even the lowliest soldier who is there that everybody has a role to play in defeating disinformation. you might think -- and, john, you are clearly the expert here -- one might think that the lowly soldier does not count. in this instance everybody counts. commanders made clear to their soldiers that they needed to be really careful when they were out and about in these countries, and for example there was a story circulating about italian troops in latvia buying
1:41 pm
alcohol. that was incorrect, but if you happen to be an italian soldier, you got in by some alcohol, but you are not safe from being turned into disinformation. the lesson learned, and i think all of these countries contributing troops have learned this lesson, is that everybody has a role to play. mr. ferrari: thank you. paul, let's pivot a little bit away from information operations to cyber attacks. they can be a combination of attacking the internet of things or ransomware in general, right? what are your thoughts in looking at the colonial pipeline on how the install base of the internet of things has come together and how do we harden ourselves to make ourselves more resilient going forward? dr. stockton: colonial pipeline was an important wake-up call. i think ransomware was -- he is
1:42 pm
going to intensify the threat, because so much terrific ransomware is available on the dark web, and essentially off-the-shelf. i think that as we simultaneously strengthen our resilience against those day-to-day kinds of attacks, we also need to think about much more serious threats to come. john, again, because of your military expertise a lot of focus on one particular issue. that is, when the balloon goes up in the taiwan straits or the baltics and we need to send army officers and soldiers from fort hood to the u.s. east coast ports, and then onto where they are going to be received and provide for forward movement, every step of that infrastructure might come under attack -- cyberattack -- by our adversaries as we are trying to deploy those forces, paired with
1:43 pm
information operations designed to tell the american people, you cannot win, you are going to lose, you are going to be punished. look at the disruption that is happening to u.s. transportation operations. you are doomed to fail. let's have a reasonable settlement to this conflict over the baltics. we need to understand how cyber attacks fit into u.s. military plans to prevail in regional conflict, and how adversaries will use information operations in order to encourage the united states to bail on its allies. mr. ferrari: thanks, paul. great points. elisabeth, what about deterrence in general for both the harder side of cyber attacks first, and then perhaps the softer side of i/o? ms. braw: here, again, is where the wider public can play such a
1:44 pm
crucial role. and go from being a burden to being an asset. at the moment the public as a burden because governments are too afraid to articulate to the public that something dangerous could come their way. as a result we get situations like colonial, where people panicked because they were not prepared. they panicked and made the situation much worse. i also think that, in a sense, this is an opportunity for us to think differently about members of our fight who are overlooked and taken for granted. colonial in particular highlighted that. it was highlighted by the ceo himself when he gave evidence to the senate. i remember specifically josh hawley asked, was there anything -- well, could you have switched to manual?
1:45 pm
the ceo said, well, we were lucky we had some capabilities and we were able to do something along those lines. but the more important point he raised was that neither colonial nor other companies today have the expertise to go fully manual in case of a cyberattack of various kinds, because the people who have those skills, as the ceo said, they are either retired or dead. i think, let's utilize the ones who are still among us and how about if companies went out and found -- still have their names on their employee roles -- they brought them back in as a force of contingency experts who would be able to take over in case of a cyberattack and switch
1:46 pm
operations that can be switched to manual, to the extent the equipment still has that manual switch. there would be able to operate that equipment and keep operations going, so that the company did not face the horrible choice of paying or going dark. mr. ferrari: thanks. one of the great things about the panel today is, elisabeth, your focus in deterring the aggression, and paul's in defeating coercive information go well together. we had a couple of questions from the audience. we will let, paul, if you want to go first, then we will let elisabeth. we talked about russia and china a lot. do you see non-state actors and
1:47 pm
smaller countries unfriendly to the u.s. or its allies rapidly improving their ability to conduct larger and effective i/o operations, essentially giving them what one might call superpowers to conduct warfare? paul? dr. stockton: you bet. the pace of technology now, the availability of deepfake capabilities, for example, is turning smaller states into very formidable adversaries. i think there is a level of analysis required here. curtis lemay -- it is tempting to think we can take care of the cats, we can take care of the kittens. that is we can counter china and russia, we can handle rogue states, but they may attack us in very different ways. countries like north korea and syria that are not part of the
1:48 pm
international financial system in a way that involves the united states, they may target the u.s. financial system, financial infrastructure, and use combined cyber attacks and information operations to create market panics and disruptive psychological effects, as well as physical effects, because they do not depend on the u.s. economy for their well-being in a way that is different for china. mr. ferrari: elisabeth, your thoughts? ms. braw: that was a very good example. in a sense america has been spoiled over at least 75 years by its formidable armed forces. i think of national security as a combined shield. you have the armed forces, but behind that you have this softer part.
1:49 pm
that is where i think america has been a little bit complacent, because if you have the formidable part, why do you need to worry about the softer part behind it? it is a combined shield. what if the attack is not directed against the steely part? that is clearly something the smaller countries can exploit. belarus is a country of less than 10 million residents. it has a terrible economy. it does not have very much. it has a friend in russia, you cannot always count on your one friend. nevertheless, belarus is managing to cause alarm across the west. and spreading this information is extremely easy, because, again, our citizens are not aware of the negative role they
1:50 pm
are playing in spreading falsehoods, but also the positive role they could play to keep the country safe. then if we think about other forms of attack, i think the incentive for -- following belarus' relative success in keeping the world on pins and needles, is that other countries with authoritarian rulers, they may experiment, we are going to cook up a gray zone superior. dr. stockton: i think america has been spoiled for almost 250 years, since its founding, right? we have two oceans and friendly nations to the north and south. there was no real threat that could attack the homeland. then in the 1950's forward it was the nuclear weapons of the soviet union, and more recently china. those were the threats. now any country, any person, any 12th grader with these cyber
1:51 pm
weapons can actually target and hit our country. we have talked a lot about structuring. there is a question about organizing for battle. the question is, talked about forming a better integrated strategy against information operations. what do you both think about how this requires a structural or organizational change, be it via nato, or american organizations? or is this a problem of how we do information sharing and coordination? so, are we organized for battle correctly? elisabeth, you first. ms. braw: given an example of something i think would work very well as being pioneered by the czech republic. the flipside of what we are talking about, smaller countries being able to harm america and
1:52 pm
powerful countries using gray zone so easy, the flipside is that america's smaller allies are also much more adept at innovating in the gray zone. simply because they don't have the resources, and the armed forces, to rely on at any given moment. the czech republic is pioneering. -- pioneering joint military gray zone exercises. they wargame with companies in every sector, various contingencies. that has a psychological effect that the private sector in the czech republic feels, at least moderately prepared, for whatever come the czech republic's way. for the armed forces as well. it gives the armed forces opportunities to exercise scenarios with actors they would need to work with in a gray zone crisis.
1:53 pm
that is something the u.s. could learn from, and that is the advantage of having allies. you don't have to always do everything yourself. you can learn from one another and adopt and adapt. mr. ferrari: paul, organizing for battle? dr. stockton: i think that nato has a robust organizational structure now, though i am not sure the article five decision-making structures are adequate for these kinds of combined operations. i think the bigger problem, john, i would be interested in your thoughts, is the concept of operations. and we need playbooks ready to go and exercised so that when, for example, china -- as the pentagon described its doctrine -- conducts exemplary cyber attacks then uses information operations to inside public panic and disorder to magnify
1:54 pm
the psychological effects of those very limited attacks, what have we got in our playbooks? let's not be making this stuff up in the midst of a coercive campaign. let's exercise, let's anticipate, let's build new coalition defense operations not only in nato, but with our partners who are going to be essential for countering chinese aggression. mr. ferrari: paul, if i could pull on the string of your previous job, what about organizing within the united states? you know that the military is either prohibited or does not want to operate within the borders of the united states. yet the attacks are coming from external. how do we organize private industry, state and local government, the federal government, and the military to either pardon ourselves and deter it, but also to defeat these i/o and cyber threats
1:55 pm
internally to the united states? dr. stockton: the first step is to develop an assessment of the threat. our discussion today only begins to assess what is coming. without a threat assessment we are stuck in the mud. then i think we need to agree on some fundamental principles here. above all, uphold the constitution of the united states as we build defenses. and let's not get dod into the business of homeland defense against information operations. the department of defense is already busy with its existing portfolio. there are sensible constraints on the operations of the department at home. let's turn to the department of homeland security, the federal bureau of investigations, two other federal agencies. let's make sure that they can effectively partner with the private sector in their existing portfolios of responsibilities, to build the kinds of defensive
1:56 pm
-- defenses we don't yet have against coercive i/o's and combined attacks. mr. ferrari: we have about five minutes left. i would like to throw one question out for each of you to address. then i will turn it back over to you for posing comments, each of you. have talked a lot about i/o and attacks against people and information warfare. what about -- as the military develops more ai systems, how do we protect the ai systems from being deceived? elisabeth, you first. ms. braw: that is a tricky one. if i could make a related point, again, every single one of us has such an important role to play in realizing the data we leave behind, or data trails we leave as part of our daily lives.
1:57 pm
it is not specifically an answer to this question, but it opens a new front for those who wish us harm. for example, think about that fitbit technology that was, until a couple of years ago, popular among american soldiers. the only reason we know it was popular is that somebody on the internet managed to figure out, using the company's usage worldwide, that it was being used in efforts in iraq and who goes jogging in those remote areas. that is how you knew that is where american soldiers were. if you think about the use of ai and how exponentially it is going to be part of our lives -- first of all, it is an opportunity for others to learn
1:58 pm
much more about us, either as collective groups of citizens and our practices, or as individuals. i will leave paul to address the deception of ai. we don't do deception at aei. again, it really comes down to everybody understanding that they may just feel like an insignificant person or cog in the wheel, but their data trail could be exploited by somebody wishing us ill. then if i may just make one more point, so, speed is of the essence. that much is clear when it comes to disinformation operations and cyber operations. it seems to me that one of our biggest vulnerabilities is that we need a lot of time to
1:59 pm
conclusively establish what is behind the cyberattack or cyber intrusion, or disinformation campaign, and then a lot of time goes by. by the time we have established that such and such government was behind it, it is almost too late to do anything. i wish we could establish protocols that would allow us to act even without reaching the level of certainty beyond reasonable doubt. i wonder if we have to part with that self-imposed requirement? mr. ferrari: thank you. we are approaching the end of our time. paul, you can answer the ai question quickly, than i also need concluding comments. -- then i also need concluding comments. dr. stockton: uses artificial intelligence to
2:00 pm
conduct cyberattacks against critical infrastructure, we will need to develop ai plans and capabilities to match their machines. operations. therefore, as we build those defenses -- subversion, manipulation of the data on which our ai defenses depend, anything else will be essential going forward. i urge aei to conduct a follow event. elisabeth: aei was clearly set up to be the leader own ai, so congratulations to our founders. [laughter] hopefully this gives us a window into the future. companies are developing -- so essentially robot that you can have in your house, you can talk to them, they talk back. lovely.
2:01 pm
how is that for an ai target? the amount of information our digital friends would have about us and also how those digital friends can be manipulated by somebody wishing us ill, that is a conversation for the next panel. host: thank you. this has been an honor to have both paul and elisabeth on. the work you have done for defeating misinformation is powerful and also very timely. as you know, i would also like to thank -- none of this happens with a lot of support. aei in general, and the staff behind the scenes that helped put this together. from myself, all, and elizabeth, thank you. until we meet again, thank you very much to everybody who attended today. this concludes our session.
2:02 pm
>> coming up shortly, house democratic lawmakers held a news conference to talk about the 2030 climate goals president biden's social spending plan, hosted by the group climate power. right now, a portion of today's washington journal. while we wait for your cause let's listen to the president. he was asked about the port of baltimore and what that -- and this is what he had to say about inflation. >> my plan is going to help address has to do with the supply chain. you will hear a lot about the supply chain, not a little less not a lot of people -- not a lot of people have a clear understanding about how a supply chain works. what is the impact on the economy? it's perfectly understandable
2:03 pm
because supply chains are incredibly complex. as long as goods and materials are getting where they need to go on time, there's usually no need to worry about the supply chain's. when global disruptions hit like a pandemic, it hits supply chain particulate heart. suddenly, when you go to order a pair of sneakers or a bicycle or christmas presents you are met with higher prices and long delays. the reason for that last year was it has a lot to do with most companies make their product. raw materials plus labor, shipping. these supply chains are complex, even products as simple


info Stream Only

Uploaded by TV Archive on