Worse Before It Gets Better: The Threat From ISIS

| Michael Morell
Michael J. Morell
Former Acting Director, CIA

Last Thursday, Director of the Central Intelligence Agency John Brennan testified before the Senate Select Committee on Intelligence about the current capabilities of the Islamic State saying, “despite all of our progress against ISIL (also known as ISIS) on the battlefield and in the financial realm, our efforts have not reduced the group’s terrorism capability and global reach.” Former CIA Acting Director and Deputy Director Michael Morell spoke with The Cipher Brief about Brennan’s testimony, the current U.S. strategy in Syria, and the challenge of combatting the lone wolf terrorist threat.

The Cipher Brief: Two years after Mosul—and 13,000 airstrikes later—Brennan said that battlefield losses in Iraq and Syria have not reduced ISIS’s capabilities or global reach. What is the significance of the CIA Director providing open testimony—and not the Director for National Intelligence or the Director of the National Counterterrorism Center? Is Brennan saying that the President’s terrorism policy has failed?

Michael Morell:  I thought that Director Brennan’s testimony last Thursday was extremely important.  I thought it was the most candid and important public comment by an Administration official that we have seen on ISIS.  I thought Brennan made three very significant points:

(1) Despite the progress the Coalition has made in Iraq and Syria against ISIS, the group’s overseas terrorist capabilities have not yet been degraded;

(2) The overseas terrorist threat from ISIS will get worse before it gets better (as western operatives flee the fighting in Iraq and Syria and return home); and

(3) Defeating ISIS now requires not only defeating them in Iraq and Syria but also defeating them in all the places where they have spread, most importantly in Libya. 

The bottom line of his analysis:  expect more attacks.  As Brennan pointed out, none of this is to take anything away from the important progress that has been made in Iraq and Syria and that will need to be continued if we are to ultimately defeat ISIS.    

I also thought Brennan’s testimony was exactly what the nation should expect from the Director of CIA – candid, objective, free from the bias of policy or politics, right-down-the-middle analysis.  His testimony undoubtedly made some folks in the White House uncomfortable (who prefer to emphasize the progress made in Iraq and Syria) as well as some Congressional Republicans (who prefer to emphasize only the threat).  Not a bad place for a CIA Director to be when testifying publicly about an issue that has become as politicized as this one.  And kudos to the leadership of the Senate Intelligence Committee for holding this hearing in open session so the country could hear first-hand from the CIA Director on this important issue.  

TCB: Brennan also said that Syrian President Bashar Assad is in a stronger position today than a year ago.  This assessment came on the same day that Senator John McCain (R-AZ) said that President Barack Obama’s decision to withdraw combat troops from Iraq in 2010 had created the ISIS problem.  And the New York Times reported on Thursday that 51 State Department employees had signed an internal cable calling for a direct U.S. effort to oust Assad.  Do you believe the U.S. needs a different approach to Syria and Iraq to disrupt and ultimately defeat ISIS?

MM:  No, I think we have the right overall approach – that is, a military strategy that emphasizes local troops, supported by the U.S. and its coalition partners, taking territory from ISIS, as well as a political strategy that gives the Sunnis in Iraq and Syria a sense that they have a future in both countries so that ISIS, or something like ISIS, does not return.  Where I would differ with the Administration is how aggressive we have been and how much risk we have been willing to take in executing this strategy.  I have found it interesting that we have upped the ante – that is, we have gotten more aggressive, and we have been willing to take more risks (for example, putting advisers closer and closer to the fighting, placing Special Operations Forces in Syria, etc.) – in reaction to significant events, such as the attacks in Paris, San Bernardino, and Brussels.  In each case, I’ve asked myself, why were we not doing these more aggressive measures before the event?     

TCB:  In his remarks, Brennan also highlighted the spread of ISIS beyond Syria and Iraq, noting that the Intelligence Community assessed that ISIS now has 5,000 – 8,000 fighters in Libya.   What does the spread of ISIS fighters beyond Syria and Iraq mean?  How important is ISIS’ hold on territory to its ability to recruit operatives and inspire homegrown terrorists? 

MM:  Quite simply, it gives the group a fallback position should it lose in Iraq and Syria.  This is important to the group’s strategic messaging about its long-term viability, it is important to its recruitment (more foreign fighters are now flowing to Libya than they are to Iraq and Syria), and it is important to its fundraising.  Having groups waving the ISIS flag around the world is also important to its ability to reach out and attack Western targets.  The ISIS group in Libya that Director Brennan focused on in his remarks, for example, is working to conduct attacks in Western Europe. 

TCB: Cyber capabilities were also featured in Brennan’s remarks.   He said as of May, CIA no longer received aggregate Twitter data from Dataminr and called for a national consensus on cyber.   How has improved encryption and the fallout from Edward Snowden disclosures affected U.S. efforts to detect and disrupt terror plots?   What way ahead would you like to see on cyber as it relates to national security issues?

MM: As I told you in April, I have four thoughts.  The first is that both sides in the debate have a very compelling argument.  The FBI’s powerful argument is how can you (Apple) not help us discover if there is information on a phone that might save lives? Apple’s powerful argument is how could you (the government) ask us to do something to our operating system that would create a broad security vulnerability that any number of adversaries would most definitely exploit and that would severely damage a U.S. industry that is so important to the future of the economy?  

Second, where I come out on all of this, and here I am moving from the narrow issue of getting into a specific phone to the broader issue of keyless encryption, is the result of a simple practical consideration—that the vast majority of the communication applications that are encrypted without keys are outside the U.S.  There are literally hundreds of them.  If the government forces U.S. firms to create keys for their encryption, the bad guys would simply communicate using keyless apps produced overseas.  In that highly likely scenario, there would be little gained in terms of security, but there would be a significant loss to U.S. firms (their apps would be less secure and fewer people would use them as a result).  

Third, I can’t remember a time during my service in government when we physically had an IT device in our hands and we could not ourselves get the data from it that we needed. The fact that multiple U.S. agencies could not get into the phone of the San Bernardino attacker was, for me, a wake-up call that advances in technology had outstripped the capabilities of the U.S. Government.  We should see it as a Sputnik moment. 

And this sets up the fourth reaction, that the conversation on this very important issue is not occurring in the right place.  What do I mean by that?  The conversation now is taking place between the government and industry.  Before the FBI found its way into the phone of the San Bernardino attacker, based on a suggestion from an outsider, the conversation was taking place between the two in the courts and in the media.  And that conversation continues with regard to other specific phones and with regard to the broader issue of keyless encryption.   

That conversation should be occurring within the government.  What does that mean?  In my view, the National Security Advisor should say the following to the Director of National Intelligence, the Director of CIA, the Director of the FBI, and the Director of NSA:  “The President’s expectation is that we, that is you, should have the capability to break the commercial, keyless encryption being used by our adversaries, and that we should have the ability to get inside a particular IT device that is in our possession.  We should keep our ability to do these things as one of our most closely guarded secrets.  And, if we need a Manhattan Project style effort to get us there, the President will support that.  Get to work.”  

Achieving this vision would give us the best outcome.  We would have the ability to read the communications of the bad guys, they would not know it, we would not be asking any U.S. companies to weaken the security of their products, and we would not be undermining them in the market place.  

TCB: Brennan predicted more ISIS attacks in the future—directed and inspired.   What should the Intelligence Community and U.S. law enforcement be doing to better protect the homeland and identify “lone wolf” attacks?

MM:  This is a very important question.  The Intelligence Community has a much better chance of discovering and disrupting a directed attack, because such an attack requires some communication between the group and the attacker(s) and some communication between the attackers if there is more than one person being directed.  Disrupting an ISIS inspired attacker is much harder, because there are simply fewer opportunities to discover them.     

I believe the key lies in community policing and in a close relationship between local Muslim communities and law enforcement.  Almost always, an attacker’s family and his/her closest friends and colleagues see worrying signs.  We want these individuals to be incentivized to report their concerns to law enforcement.  That can only happen if law enforcement is not conducting blanket surveillance in these communities (which nearly every study on radicalization shows does not work anyway), because such surveillance drives communities away from law enforcement.  And it can only happen if our nation’s leaders do not push Muslim communities further away from law enforcement by demonizing them, as Donald Trump has unfortunately done.   

The Author is Michael J. Morell

Michael Morell, the former Acting Director and Deputy Director of the Central Intelligence Agency, is one of our nation's leading national security professionals, with extensive experience in intelligence and foreign policy.  He has been at the center of our nation's fight against terrorism, its work to prevent the proliferation of weapons of mass destruction, and its efforts to respond to trends that are altering the international landscape—including the Arab Spring, the rise of China,... Read More

Learn more about The Cipher Brief's Network here.

CLICK TO ADD YOUR POINT OF VIEW

Share your point of view

Your comment will be posted pending moderator approval. No ad hominem attacks will be posted. Your email address will not be published. Required fields are marked *