The top counterintelligence priorities of the United States government are insider threats, protecting critical infrastructure, and supply chain security, according to National Counterintelligence Executive Bill Evanina, and tackling those requires a “team approach” of the government and private sector.
“The threats are real and our adversaries are more brazen than ever,” Evanina told security professionals on Monday at the Intelligence and National Security Alliance conference, “Unprecedented Counterintelligence Threats: Protecting People, Information, and Assets in the 21st Century.”
Tackling the insider threat issue demands that the Intelligence Community “quickly, and with urgency, eliminate this mindset that the only threats are contractors,” Evanina said. In the same way, he said, there is no evidence that points to millennials also being the only insider threats.
Two of the highest profile examples of the insider threat problem in recent years have been younger employees — Edward Snowden and Chelsea Manning — but Snowden was a defense contractor, while Manning was in the Army. Meanwhile, National Security Agency contractor Harold Martin, who was indicted in February for allegedly stealing massive amounts of classified information, is over 50.
He also cited, for instance, the recent arrest of a 60-year-old State Department employee who was charged with concealing extensive contacts with Chinese foreign intelligence agents.
Monitoring systems, people, and data “hasn’t stopped the bleeding — it hasn’t stopped the insider threat,” he said. Understanding the “mind of the insider” is a critical component of trying to wrestle with this issue, he said, and it is important to offer a way to interrupt an employee’s path toward potentially destructive behavior.
“You have to find a way to understand Bob or Sue and provide a venue for them to act out,” he said, such as offering peer consultations or interviews with someone in the security department.
The government and private sector must focus on the psychological factors that come into play with malicious insiders — narcissism, Machiavellianism, and psychopathy, or having a cold, callous personality, he said.
“There is no auditing or monitoring that can identify” whether a person has had a significant life event, such as being passed over for a promotion or going through a tough divorce with financial strains, Evanina noted, so trying to understand and identify those factors is crucial for managers across the government and private sector.
“We’re not anywhere where we need to be with respect to understanding the psychology of a human being, and the private sector is probably the same,” he said.
Assessing the risk indicators related to personality traits — with behavioral testing, for instance — demands buy-in not only from employees but from an organization’s legal counsel, he noted.
For critical infrastructure, the government has zeroed in especially on the financial, energy, and telecommunications sectors as its top priorities. The government can help provide strategic plans to the private sector to try to mitigate the counterintelligence threats hitting those areas, Evanina said.
With supply chain security, the biggest problem is in acquisition and procurement, according to Evanina. Adversaries who are able to penetrate the supply chain are able to impact things that are going to be usable years from now, such as weapons systems or other technology. The solution is to “aggressively and expeditiously have our acquisition and procurement folks in our security apparatus immediately,” he said.
“Probably the least trained people are acquisition and procurement folks, specifically with the threat we face,” Evanina said.
He pointed to the recent $1.2 billion fine on ZTE, China’s second-largest telecoms equipment maker. The company agreed to plead guilty in March for breaking sanctions and selling electronics to Iran and North Korea. That’s a counterintelligence issue, Evanina said, given that “any time you can take restricted electronics and send them to the folks who shouldn’t have them, they are bound to be used against us.”
“If we are going to solve these problems, it needs to be a whole of country approach,” he said.
Evanina, who also works on counterintelligence issues with NATO, also addressed the counterintelligence threat that was highlighted in the 2016 U.S. election. The Intelligence Community assessed that Russian President Vladimir Putin ordered a cyber and influence campaign aimed at interfering in the election and boosting President Donald Trump’s chances.
“When Mr. Putin wakes up every morning, do you think he is smiling? Yes, he is,” Evanina said.
A few years ago, Evanina told the crowd, he did not give much thought to the “risk and threat” that NATO member nations said they felt from Russia. “Now I’m listening with eyes wide open.” The U.S. government used to be worried primarily with the “open-faced threat” of espionage and from known or suspected intelligence officers.
“Clearly the asymmetric threat has changed, it’s always been there — but now the ability to manipulate us as a country, we have to understand it,” he said, and it requires working with the private sector to “find a common solution.”
Mackenzie Weinger is a national security reporter at The Cipher Brief. Follow her on Twitter @mweinger.