In the CIA’s mission of global influence and espionage, its hackers have just been elevated to a powerful new role.
On Friday afternoon, CIA director John Brennan publicly issued a memo to the agency’s staff calling for a massive re-organization of its hierarchy and priorities. And center stage in the CIA’s new plans is a new Cyber Directorate that will treat “cyber”—in federal-speak, hackers and hacking—as a major new focus for both offense and defense.
“Digital technology holds great promise for mission excellence, while posing serious threats to the security of our operations and information, as well as to U.S. interests more broadly,” Brennan’s memo reads. “We must place our activities and operations in the digital domain at the very center of all our mission endeavors. To that end, we will establish a senior leadership position to oversee the acceleration of digital and cyber integration across all of our mission areas.”
The CIA’s interest in hacking isn’t new: After all, it’s known to have actively participated in the mission to disable Iranian nuclear facilities using the Stuxnet malware, in partnership with the NSA and Israeli intelligence. But more than ever, those sorts of digital elements are being integrated into the CIA’s human intelligence operations, says Jim Lewis, a fellow at the Center for Strategic and International Studies who has had conversations with intelligence and military officials over the last year about the plans for the CIA’s digital overhaul. Those “humint” operations, as the intelligence community calls them, typically involve real spies on the ground, unlike the NSA’s remote cyberespionage or the cyberwarfare activities of the Pentagon’s Cyber Command. “This kind of cyber activity has become increasingly important to them,” says Lewis. “It’s not NSA’s [signals intelligence] mission; it’s not Cyber Command’s war fighting mission. It’s traditional espionage using cyber techniques,” says Lewis. That combination of humint and digital operations could mean a spy infiltrating an organization to plant spyware by hand, for instance, or a digital investigation to check the bona fides of a source or agent. “If you think of NSA as a vacuum cleaner and Cyber Command as a hammer, this is a little more precise, and it’s about supporting human operations.”
The CIA’s announcement represents yet another sign that cyber-offense is gaining importance for practically every intelligence and military agency. The FBI late last year asked for new rules of criminal procedure that would vastly expand its power to hack into the computers of criminal suspects. And we know from Snowden leaks that the NSA has built the world’s most powerful hacking organization, pulling off high-resource operations that have rarely been seen elsewhere in the cybersecurity world. The NSA’s most recent operations reportedly include hacking SIM card manufacturer Gemalto and planting insidious malware in the firmware of hard drives.
But Lewis argues that the CIA announcement is also intended to help the CIA shift from its paramilitary role during the wars in Iraq and Afghanistan into more of a peacetime espionage role, where digital spying will be doubly important. “They’ve been involved in armed conflict and operating drones,” says Lewis. “Now they have to go back to old-school spying, recruiting agents, getting people to tell you secrets in a peaceful environment.”
Brennan’s announcement is also intended largely as a personnel move, says Alan Paller, research director for the SANS Institute, which educates and evaluates the cybersecurity skills of many government staffers. “His reorg is at least 80 percent about…giving the cybersecurity mission more of a front and center position and equal authority, rather than a technical support role at the beck and call of intelligence analysts,” Paller says.
That new level of prestige and opportunity for the CIA’s hackers, says Paller, will be crucial to recruiting in an age where human minds, not stockpiles of weapons, can decide foreign conflicts. “Only extraordinarily skilled cyber defenders and cyber operators can enable a unit or a business or a nation to survive,” Paller says. “You cannot train your way to supremacy. You have to recruit people with the right brain wiring and invest heavily in constantly building their skills. Those correctly wired people are rare.”