NEWS AND ANALYSIS:
A senior CIA analyst said China is continuing to conduct aggressive cyberespionage operations against the U.S., contrary to claims by security experts who say Beijing curbed cyberattacks in the past few years.
“We know the Chinese are very active in targeting our government, U.S. industry and those of our partners through cyberespionage,” said Michael Collins, deputy assistant CIA director and head of the agency’s East Asia Mission Center.
“It’s a very real, big problem, and we need to do more about it,” Mr. Collins told a recent security conference in Aspen, Colorado.
Mr. Collins said solving the problem of Chinese cyberattacks will require an “all-of-government, all-of-country approach to pushing back against it.”
The comments contradict a number of cybersecurity experts who have said Beijing’s digital spying and information theft decreased sharply as a result of the 2015 agreement between President Obama and Chinese President Xi Jinping.
The two leaders announced the cyber deal with great fanfare and said both countries had agreed to curtail cyberespionage against businesses.
Last year, the cybersecurity firm FireEye said in a report that Chinese hacking against U.S. entities had declined by 90 percent over two years.
The most serious cyberattack by China was the theft of some 22 million federal records from the Office of Personnel Management. U.S. intelligence and security officials said the massive breach of OPM records likely produced an intelligence windfall for China’s main hacking unit, the 3rd Department of the People’s Liberation Army General Staff, known as 3PLA.
The OPM hack included sensitive personal information on tens of thousands of federal workers and contractors who have access to classified information.
According to intelligence experts, China is expected to use the stolen OPM data to target officials with access to secrets, along with targeting network administrators throughout government who can be hacked as part of cyberoperations designed to break into sensitive government networks.
SOCOM CHIEF ON BIN LADEN KILLING
The commander of the Special Operations Command who took part in the effort to kill al Qaeda’s Osama bin Laden said the death of the terrorist leader was a landmark event but did not end the global war on terrorism.
Speaking at a security forum in Aspen, Colorado, Army Gen. Raymond A. “Tony” Thomas III said he was forward-deployed near Pakistan when Navy SEALs conducted the May 2, 2011, raid on a compound in Abbottabad, Pakistan, when bin Laden was shot.
“Truthfully, at the time, it seemed incredibly cathartic, and in fact when I think of hearing, you know, the code word ‘Geronimo,’ which is in too many books and movies, I was actually flushed thinking, ‘Man, it’s been a long 10 years. A lot of hard work went into this,’” Gen. Thomas recalled.
Geronimo was the code word used by the commandos to signal that the al Qaeda leader was either killed or captured.
“You know, it seemed like a seminal moment and, truthfully, it’s actually brought home I think the lesson that that was one guy, albeit a pretty powerful and symbolic guy, he’s one guy on top of a network. And if you don’t dismantle the whole network, if you don’t address the ideology, you’ve killed one guy,” he said.
The comments reflect some of the thinking that officials of the Trump administration say will guide counterterrorism operations designed to kill terrorist leaders and to address the radical Islamic ideology that motivates groups such as al Qaeda and the Islamic State.
During the Obama administration, political correctness and fears of creating a backlash against Islam prevented effective efforts to target the terrorist ideology. The Trump administration has vowed to do more to attack the Islamists’ ideology as something that ultimately will produce the defeat of terrorist groups.
Gen. Thomas emphasized that the lesson of the long, difficult intelligence and military effort to kill bin Laden didn’t translate into solving the problem of terrorism.
“To me, it was needful it had happened. I think it was good for the country to know that we would relentlessly pursue somebody who had attacked us,” he said. “But the reality is it was just another steppingstone in this kind of epic fight that we’ve been at.”
Addressing the fate of Abu Bakr al-Baghdadi, Gen. Thomas said the Islamic State leader remains the iconic head of the terrorist group and is absolutely relevant to the organization.
Despite al-Baghdadi’s silence in recent weeks, the four-star general said he does not believe the Islamic State leader was killed, as Russian reports have stated.
“He’s been an utterly ineffective leader by our assessment, if at all, as opposed to [al Qaeda leader Aymen] Zawahri, who’s still trying to hold on in the al Qaeda time framework,” he said.
“Al-Baghdadi, literally, [we] had not heard peeps from him,” Gen. Thomas said. “No, he’s not quite dead yet. He might be south of Raqqa.”
For U.S. special operations forces, al-Baghdadi remains a high-priority target, and commandos have been close to him in the past.
“The bottom line is we will get him eventually,” Gen. Thomas said. “It’s not safe for him on this earth for what he’s done and what his organization has done, but in the meantime we have absolutely dismantled his network.”
Overall, an estimated 60,000 to 70,000 of al-Baghdadi’s followers have been killed, especially his top aides, he said.
NSA WANTS RENEWED ELECTRONIC SPY AUTHORITY
As part of efforts to persuade Congress to renew the National Security Agency’s foreign electronic spying authority, Director of National Intelligence Daniel Coats recently revealed how the NSA took down a senior Islamic State leader. Mr. Coats said last week that he asked the NSA to declassify an example of how the agency has been successful in using Section 702 of the Foreign Intelligence Surveillance Act, which is set to expire this year unless lawmakers act.
Critics of electronic surveillance claim the spying power has been abused to gather intelligence on Americans. Congress is expected to approve new spying authority, but a robust debate and possible changes could be added.
“First of all, understand this is authorized collection against a foreign individual, a foreign target, as we by law cannot target a U.S. person whether they’re in the United States or whether they’re anywhere else in the world,” Mr. Coats said. “This is designed specifically and authorized specifically to go after a foreign target.”
Mr. Coats said the NSA was instrumental in locating a key Islamic State terrorist leader named Haji Imam, the group’s No. 2 leader.
“We had a $7 million bounty out there if someone could give us information as to his whereabouts,” Mr. Coats said. “For two years, NSA diligently, 24/7/365, was trying to find out how we could locate this guy. Finally they did. They located somebody who had a very close relationship with Haji.”
Through electronic means, the NSA located Haji and passed the information on to U.S. special operations commanders.
“We sent a special group out to take out Haji,” Mr. Coats said. “As they were approaching, they started to fire, got into a firefight, we were able to kill Haji, the No. 2 in ISIS, and that’s usually the operational guy. The No. 1 guy’s the propaganda guy, the leader, inspirational leader and so forth. Haji was a key, key person. That’s just one example.”
The imam was killed in early March and was regarded as a key Islamic State operative and finance chief.
The DNI said he had the incident declassified to better inform Congress and the public on the need to renew the Section 702 authority.
Mr. Coats, a former senator and onetime U.S. ambassador to Germany, said some of his former Senate colleagues have claimed falsely that the NSA is listening to all Americans’ cellphone calls.
“Well, there’s some 330 million Americans; that would take 330 million people 24 hours a day listening to whatever time, whenever you picked up your phone call.”
Intelligence officials have said the NSA is working on gathering statistics on how many Americans had their communications inadvertently swept up during the NSA’s overseas spying. However, the task of segregating out data on what the NSA terms “U.S. persons” — both people and companies whose identities by law are masked in communications interceptors — has been difficult because of the large amount of data gathered by the electronic spy service.
• Contact Bill Gertz on Twitter via @BillGertz.