OPINION:
If one judged only by Hollywood’s depiction of the American intelligence community, one could be forgiven for believing we are possessed of an awesome, best-in-class assembly of hackers, spies, gatekeepers and various assortment of keyboard warriors, all at the ready to break-in, shutdown and generally disrupt the digital machinations of our enemies.
The reality, however, is that once-venerable agencies like the Central Intelligence Agency (CIA) have done such a poor job in both hiring personnel and managing the security of our cyber defensive and offensive capabilities, that some of our most cutting-edge digital weapons are now floating around cyberspace, and presumably in the hands of our enemies.
So much for the fictions of Tinsel Town. Let’s take a look at some hard truths.
Earlier this week, an internal report at the CIA was released describing how a degraded security environment allowed for the largest theft of data in the agency’s history. The theft happened in 2016, but made headlines a year later when WikiLeaks published the crown jewels of the heist, blueprints for the most advanced hacking tools on the face of the Earth. These tools are — or were — the weapons that allowed the U.S. government to remain on the forefront of global digital surveillance. They are now in possession of anyone who wants them.
So how, exactly, did the CIA lose some of its most prized possessions? Surely it was the result of some foreign invasion or multiple countries blitzing our systems until our defenses became overwhelmed?
Surely the greatest breach in the history of the most famous intelligence agency in the world did not happen because one man, Joshua Schulte, a then-CIA employee, was able to steal billions of pages of text simply because sensitive information was not compartmentalized, because administrator-level passwords were passed around like candy between employees, and because, as if this is not all ridiculous enough, thumb drives — yes, thumb drives — were potentially used to take home data.
But, of course, that’s exactly what happened. And while it turned out to be Schulte, hundreds — and let that sink in for a second — of people had unmitigated, unaudited, unsupervised, access to the same data. This blunder (there are expressions perhaps more apt, but this is a family newspaper) should make every American angry.
More importantly, it should also give pause to Americans about Joe Biden’s ability to keep America safe. After all, it was under his and former President Obama’s tenure that the Edward Snowden breach at the National Security Agency occurred and so, too, the hack of the Office of Personnel Management database, which resulted in a foreign adversary (China) making off with the highly sensitive security clearance information of untold thousands of Americans.
So, what’s to be done?
Well, the first step is admitting we have a problem. Our so-called leading intelligence agencies cannot guard their own secrets. There is a lot of tough-talk and reputation management that keep positive change from happening. That needs to stop. Full disclosure of where we have been weak in the past and where we remain weak is crucial.
The second step is accountability. Thanks to the clandestine nature of our deep state apparatus, at the moment there is seemingly zero repercussions for mistakes that imperil the well-being of individual Americans. (Consider that, perversely, if it was not for the WikiLeaks expose, then the Schulte leak would have remained undetected and once detected, hidden from public view!) Past intelligence leaders like CIA Director John O. Brennan must face public congressional hearings for the leaks they presided over.
Finally, our intelligence agencies need reformation based on the exposed weaknesses. Whether it’s rethinking hiring practices that allowed a Snowden and Schulte into its ranks, or a shift of resources to counter-intelligence to better safeguard our secrets, change needs to happen and it needs to happen fast.
Keep all this in mind as you head to the polls in November. Your safety depends on it.
Please read our comment policy before commenting.