| Speaker | Time | Text |
|---|---|---|
|
unidentified
|
They'll also reflect on the network's five decades of coverage, including many of its signature projects, and C-SPAN's continued role in delivering democracy unfiltered in the years to come. | |
| Watch the C-SPAN story tonight at 8 Eastern on C-SPAN or online at c-SPAN.org. | ||
| C-SPAN, bringing you democracy unfiltered. | ||
| C-SPAN's Washington Journal, our live forum inviting you to discuss the latest issues in government, politics, and public policy. | ||
| From Washington, D.C. to across the country. | ||
| Coming up Thursday morning, we'll talk about potential changes to Medicaid coverage under the Trump administration with the Century Foundation's Chiquita Brooks-Leshure and the Cato Institute's Michael Cannon. | ||
| Also, Doug Plain, non-resident fellow at the Atlantic Council's Eurasia Center, on the war in Ukraine and the Trump administration's efforts to reach a ceasefire deal. | ||
| C-SPAN's Washington Journal. | ||
| Join in the conversation live at 7 Eastern Thursday morning on C-SPAN, C-SPAN Now, our free mobile app, or online at C-SPAN.org. | ||
| Welcome back to Washington Journal. | ||
| We're joined now by Martin Matashak. | ||
| He's a senior cybersecurity reporter for The Record. | ||
| Martin, welcome to the program. | ||
|
unidentified
|
Thank you for having me. | |
| Good morning. | ||
|
unidentified
|
You broke the story for the record. | |
| Heckseth orders Cyber Command to stand down on Russia planning. | ||
| What does that mean? | ||
| How big of a deal is this? | ||
|
unidentified
|
It's a very big deal. | |
| Russia is one of the top four, I would say, adversaries to the U.S. in cyberspace. | ||
| It is a bastion for criminal cyber activity, state cyber activity, threat actors that are either backed by the state or blessed by the state. | ||
| And to say, for the command to be told, you will no longer go after them. | ||
| And to be clear, when I say we're talking about offensive cyber operations, we're not talking about open warfare. | ||
| The example people always like to go to is, oh, well, Moscow can turn off the lights in D.C. and vice versa. | ||
| And oh my gosh, we're talking about things like driving people off of networks. | ||
| We're talking about taking away access to other networks. | ||
| But for Cyber Command to stop doing that altogether is a very big deal because now Russia sort of has free reign, if you will, and they're not expecting to be pushed back in any way, shape, or form. | ||
| But explain this a little bit more. | ||
| Offensive operations against Russia. | ||
| Are we in their networks? | ||
|
unidentified
|
Are we doing things? | |
| Are we doing cyber attacks against Russia? | ||
|
unidentified
|
Well, I mean, it depends on what you mean by attacks, I guess. | |
| Like I said, we're not talking about open warfare here. | ||
| It doesn't rise to the level of warfare, like bombing a building. | ||
| Very clearly, that's an act of war. | ||
| But if we're talking about driving them off a network or taking away their access or let's say cutting off one of their capabilities online, that could be perceived as an offensive action, that we're actually going out there and say, severing something that they're doing or stopping them from doing something. | ||
| Now, if we're not doing that, that's sort of what we're talking about. | ||
| We're not talking about, we're talking about cyber effects, really. | ||
| Maybe not attacks, maybe effects is a better word for it in terms of just preventing what they're doing online or messing with what they're doing online. | ||
| And why would the Defense Department do that? | ||
|
unidentified
|
According to people that I've talked to and others have reported, it seems to be a bargaining chip in the talks between the U.S. and Moscow about Ukraine. | |
| Essentially, the administration has said, we're going to take this, to use an analogy, we're going to take this finger out of your eye for a little while. | ||
| And if you come to the table and negotiate in good faith, this is not going to happen. | ||
| This aspect of our relationship, of our adversarial relationship, is not going to happen for the time being. | ||
| After the talks they were in Riyadh last week, where some intelligence sharing and military support was turned back on for Ukraine, I asked my sources, like, is now Cyber Command off the leash again? | ||
| Are they now doing this? | ||
| People that I talk to say, no, they're still being told to hold their fire, if you will. | ||
| So, well, this is interesting because this is what DOD Rapid Response says on X. In all caps, to be clear, the SEC DEF has neither canceled nor delayed any cyber operations directed against malicious Russian targets, and there has been no standdown order whatsoever from that priority. | ||
|
unidentified
|
I'm glad you brought that up because my story that came out, I believe that came out on Tuesday, my story came out the Friday before. | |
| I have a comment from a defense official talking about my story. | ||
| So, this came out on this anonymous account several days later after several publications followed my reporting, confirmed my reporting, including the Washington Post, the Associated Press, the New York Times. | ||
| What you're looking at there is, according to my sources, classic Pentagon wordplay. | ||
| You'll notice the word canceled or delayed. | ||
| Well, you can't cancel or delay something if there's nothing to cancel or delay. | ||
| So, if you're not telling, if the command is not being given an order, go do this, go do XYZ, you can't really cancel or delay it then because there's nothing to do. | ||
| So, something is not happening, you can't cancel or delay it. | ||
| And all respect to DOD from this anonymous account that they now run, it's wrong. | ||
| What did we get in response for standing down offensive operations against Russia? | ||
|
unidentified
|
That is very unclear right now. | |
| Russia, like I said, is a hub, an oasis for malicious cyber actors. | ||
| And let's be clear, like, it's not simply like they have this, you know, this threat actor, this organization is doing it. | ||
| Sometimes it is a state-connected actor. | ||
| Sometimes it is a criminal organization that has the blessing or the blind eye of the government there. | ||
| Sometimes it's one and the same, where a hacker who might work at, say, like the FSB of the GRU in Russia has a nighttime job where they're a ransomware actor hitting a public school system in Seattle, say, or Oklahoma or in D.C. and earning extra cash that way, or stealing cryptocurrency that way. | ||
| So, in terms of what we got in response, that part is completely unclear. | ||
| It's unclear. | ||
| I mean, we haven't heard of any major ransomware attacks recently, but Russia is, like I said, a top four adversary in cyberspace, the United States, on a host of fronts, from insolence operations to ransomware to other ways. | ||
| And what we're getting in response, it's unclear. | ||
| If you'd like to join our conversation, Martin Mataszak of the record will be with us until the end of the program in about 20 minutes. | ||
| You can give us a call. | ||
| The numbers are 202748-8000 for Democrats, 202748-8001 for Republicans, and 202748-8002 for Independents. | ||
| These cyber operations are run out of U.S. Cyber Command. | ||
| Can you explain what that command does, when it was stood up, and about how big it is? | ||
|
unidentified
|
Sure, sure. | |
| So, U.S. Cyber Command is the U.S. military's premier cyber operations, cyber operators. | ||
| They are the tip of the spear, if you will, in terms of getting things done online, in terms of the online battle space. | ||
| It was established in 2010-ish after a series of devastating breaches at the Pentagon, including, I think, also their super secret network. | ||
| So, it was stood up then because it was like, this is a new domain of warfare to us. | ||
| It remained, it grew and grew under U.S. Strategic Command, which oversees the U.S. nuclear forces. | ||
| And in 2018, under the Trump administration, the first Trump administration, it was boosted to a combatant command, I believe the 10th at the time. | ||
| It is located at Fort Meade, Maryland, which it shares a campus with NSA. | ||
| The leader of Cyber Command is also the leader of the National Security Agency, which is the country's largest spy agency and is the top electronic spy agency possibly in the world. | ||
| And it's around exact numbers are always classified and depends on what sort of you're talking about, but we're talking about thousands of people who are at cyber command. | ||
| And how does this fit into the larger cyber strategy of the United States? | ||
| So you have the NSA that you just mentioned. | ||
| You also have CISA, which is a cybersecurity infrastructure security administration component of Department of Homeland Security. | ||
| So how does Cyber Command fit in that? | ||
| How do they play in that space? | ||
|
unidentified
|
They're a central player in it because they do both offensive and defensive operations. | |
| You think about CISA, you just mentioned CISA, they do the homeland. | ||
| That is their remit. | ||
| NSA is signals intelligence. | ||
| They are forward-facing. | ||
| They do nothing inside the United States. | ||
| Cyber Command also doesn't do anything inside the United States, but because of their defensive and on facetive nature, they're always sharing information, performing operations, and sharing what they've learned with places like CISA, like the FBI, like the Department of Justice. | ||
| Cyber Command and its cyber national mission force do something, they do something called hunt forward missions per se. | ||
| And that's when a foreign country, let's say Ukraine, invites U.S. operators to come in and say, look at our networks. | ||
| And you can look at our networks and see what you see. | ||
| They can observe tactics and techniques and procedures that way. | ||
| They might find new malware or ransomware or other sort of malicious code that way. | ||
| Cyber Command operators then come back to the United States with it. | ||
| They spread it not only to government agencies, but also the private sector to help guerrill against that for future attacks. | ||
| So in terms of, they underpin most everything the U.S. does in U.S. in cyberspace these days. | ||
| There's a report by the New York Times with the headline, Russia escalated sabotage to pressure U.S. and allies on Ukraine. | ||
| Studies say, now this isn't necessarily cyber, but it certainly includes that. | ||
| The study they're referring to is CSIS. | ||
| How big of an issue is Russia's cyber attacks on allies, specifically on our allies in Europe? | ||
|
unidentified
|
It's a huge deal, especially in Ukraine. | |
| Ukraine has been, even prior to the invasion a couple years ago, has been a hotbed of cyber activity, malicious cyber activity by Russia, targeting their infrastructure, targeting their communications, their state agencies. | ||
| The U.S. has learned a great deal prior and since the invasion in terms of how to guird against such attacks. | ||
| You know, Ukraine moved a lot of their infrastructure to the cloud, so that way if something was turned off, they still had access to it. | ||
| But the U.S. has watched very closely what Russia has been doing in cyberspace via Ukraine, just to see how they use it for intelligence, what kind of attacks they're using, what kind of malware they're using, what kind of data theft they're conducting. | ||
| So it is, it's been a very lively zone, and that's spilled out into other activities. | ||
| I mean, we've seen in recent years that Britain and Germany have said that Russia's been behind hacks of their governments as well. | ||
| And I think that then all the information sharing with the U.S. is happening that way in terms of how are they doing this? | ||
| How are they gaining access? | ||
| How can we prevent future attacks? | ||
| And then how do we potentially impose costs on Russia, be it cyber warfare, cyber effects, like we were talking about, cyber attacks, whether it be indictments by DOJ, whether it be arrests by the FBI, extraditions by the FBI. | ||
| So Europe has been, especially Ukraine, has been a hotbot of activity for years now and continues to be, which is why this stand down order has some of the command very worried, because if you're not engaging, if we're not going after Russia, they might feel like they have free reign inside of Ukraine to do as they will. | ||
| Let's talk to callers and start with Barbara in Tennessee. | ||
| Independent Line, good morning. | ||
| Barbara, are you there? | ||
|
unidentified
|
Yes, good morning. | |
| Yes, go right ahead. | ||
|
unidentified
|
Okay, I was wondering on this attack that, well, on our information that we were helping Ukraine with and we cut off everything, how much did that set them back and how much did that hurt them? | |
| And during that time, is there any way Russia could hack in and get information that Ukraine had? | ||
| And that's all I want to know. | ||
| Thank you for the question. | ||
| In terms of hacking Ukraine, Russia is always looking to hack Ukraine. | ||
| We actually have a colleague who's based in Ukraine who's done terrific reporting on this. | ||
| Everything is always a target from ATMs to state registries to satellite networks. | ||
| Ukraine is always a target for Russia in terms of cyberspace, has been since before the invasion a few years ago. | ||
| In terms of how much it set them back, I think that's still unclear. | ||
| I know that some of the military support and intelligence sharing was turned off for a few weeks, and President Zelensky has talked about even losing a few hours has been detrimental. | ||
| So in terms of the full effect of that shutoff, that switch off, and now it's back on, that still remains to be seen. | ||
| Here is Anthony in Arizona, aligned for Democrats. | ||
| Good morning. | ||
|
unidentified
|
Thanks, teammates. | |
| Thank you to all who are on the show this morning. | ||
| We have to always realize that someone is looking at what we're doing. | ||
| You cannot catch anyone in any violation unless you have the ability to know who's on your network, who's doing what. | ||
| One key aspect of that is you do not always want to stop them. | ||
| Why? | ||
| Because you need to know where they are going. | ||
| In other words, if they're in this device, if they're looking at this part of the industry or country, they have an intent behind that. | ||
| So therefore, when you stop surveilling them, you don't have the ability to bring them to a table and say, we know what you are doing. | ||
| Stop it. | ||
| They can never have plausible deniability if they know we know they're on the network, what they're doing, and where they're going. | ||
| I'd like the author to address that. | ||
| Thank you for the question. | ||
| I think what you're talking about is sort of the inherent tension that's always in cyber operations, especially at Cyber Command and NSA, which, as I said, share a campus at Fort Meade, Maryland. | ||
| You know, it's about do you want to turn off their access? | ||
| Let's say someone, let's say Russia or another actor is on a network. | ||
| We know they're in there. | ||
| Do we want to turn off their access or do we want to see what they're doing? | ||
| Because if we then let them know that we know, then we can never use potentially that tool that found them out. | ||
| They might try a different tactic. | ||
| They might avoid, they might go someplace else. | ||
| So that's sort of an inherent tension that's always there. | ||
| I think something that is interesting about this standdown order from Secretary Hegset is that in the first Trump administration, they adapted the cyber strategy of Defend Ford, which is instead of being on the back foot and reactive, the United States is going to be proactive and we're going to go after malicious activity as close to, if not on, our adversaries' network. | ||
| And they do that. | ||
| Cyber Command does that through a strategy called persistent engagement, where they're just engaged 24-7, 365 with their adversaries. | ||
| But if you're not engaging them and effects or attacks or what have you, whatever nomenclature you're comfortable with, then you're not learning what they're doing. | ||
| Then you may not be seeing what they're doing. | ||
| And it does give Russia more free reign to operate online. | ||
| Jimbo in Bakersfield, California, asks you if you have reason to believe that our adversaries already have the ability to disable our energy grids and are just waiting for hostilities to erupt to activate a cyber attack. | ||
|
unidentified
|
Thank you for the question. | |
| I think what you're referring to there might be China in this instance. | ||
| According to reporting and reporting that I've done and others have done, that we don't believe that Russia has this kind of access. | ||
| However, China might, through the SALT typhoon and Volt typhoon actors that have been identified by the previous administration and by various private organizations, they might still be in networks of critical infrastructure, including energy, including things like water. | ||
| The last administration was doing its best in terms of trying to keep the public updated as best they could. | ||
| But in terms of, could they ever give an answer about these people are out of our networks, they're out of the critical infrastructure networks, they're out of our telecom networks? | ||
| They could not. | ||
| And that's something that remains to be seen. | ||
| There was actually a letter this week sent by the House Homeland Security Committee to the administration saying we want all the data you have, all the stuff you have, on China's access to our critical infrastructure. | ||
| It's unclear if Russia might be also going to be included in that request or if the administration might throw that in, but that I think gets to the heart of your question. | ||
| Here's Patricia in Naples, Florida. | ||
| Republican, good morning. | ||
|
unidentified
|
Oh, good morning. | |
| Mr. Matuszak, I have a question about number one, how much information do we really have about the nature of this suspension, temporary suspension of our cyber activities against these bad actors? | ||
| And does this suspension mean that there is some sort of danger for a dangerous penetration of our systems? | ||
| It seems to me that I think if based on what you said yourself, how much we learned through the aggression of Russia into Ukraine and how much Europe and Ukraine and we have been able to gather information about how these actors operate, | ||
| why can't we just wait and see who ventures out into this new cyber attack free space and discover some more things about the way that they operate? | ||
| All right, Patricia. | ||
|
unidentified
|
Thank you for the questions, especially the first one, because I think it's important. | |
| So your question was how much information do we have about this pause, about this freeze or stand down, whatever you're comfortable saying? | ||
| The truth is no one from the administration has spoken publicly about this. | ||
| Not the National Security Advisor, not Secretary Hegseth, not the President. | ||
| No one has said it. | ||
| So there's still a gray area in terms of the duration of this, what else might be included in it, and what it might take to turn cyber command, to take cyber command back off the leash. | ||
| That is still, there are still many questions about that. | ||
| And that's why I'm going back to my sources with every development that's happening in negotiations between the U.S. and Moscow about peace and Ukraine. | ||
| Like, okay, does this mean it's still off or still back on? | ||
| Does this mean it's still back off or still on? | ||
| Now, I don't know. | ||
| There was a call yesterday between President Trump and President Zelensky. | ||
| It's possible that it still remains off. | ||
| I haven't checked my sources yet. | ||
| Or it's possible that it's back on. | ||
| But there's some murkiness to this order, to this direction, instruction from Secretary Hegseth, because no one from the administration has talked publicly about it. | ||
| In terms of what else we might learn, as I made clear in my story and others have as well, this pertained to Cyber Command. | ||
| The National Security Agency, our pre-eminent electronic spying agency, is still surveilling Russia, is still watching what they're doing. | ||
| Now, there is also a concern there in that agency in terms of if we're not engaging, because NSA is a combat support agency. | ||
| They are to support combat. | ||
| So, intelligence gleaned by NSA is then fed to cyber command others for operations in real life, in meat space, if you will. | ||
| But there is concern at NSA that if we're not going after them in any way, shape, or form, kicking them off of networks, severing their access, maybe knucking with their networks a little bit, then what's the point of us surveilling them? | ||
| So, I think that intelligence gathering is still happening. | ||
| And what's going to be used during this, what's being, what might be gleaned during this time where the stand down is in effect, remains to be seen. | ||
| But that work is still ongoing, though there are concerns about to what end, how the information is going to be used. | ||
| I'll just read a portion of that CSIS report on Russia's covert efforts. | ||
| It says that Russian agencies utilized electronic attack and cyber operations with physical effects against transportation targets. | ||
| Estonia, Finland, Lithuania, Norway, and Poland all reported a specific incidence of deliberate GPS signal jamming from Russia, which led to navigation errors, flight deviations, and communication breakdowns, endangering the lives of those on board. | ||
| Several countries, such as Poland, also reported cyber attacks against transportation targets, such as rail lines. | ||
| More broadly, Russian-linked actors conducted hundreds of cyber attacks against targets in Europe, the U.S., and other regions to collect intelligence, deface websites, orchestrate a denial of service, and occasionally conduct sabotage. | ||
| So, Martin, what's, I mean, beyond this cyber command, are there other changes to the Trump administration's policies regarding cybersecurity and misinformation coming out of Russia? | ||
|
unidentified
|
I think there have been. | |
| Specifically, I'm talking about CISA, which has been at, which is in the Department of Homeland Security, and has been involved in not only defending networks but also calling out misinformation and disinformation when they see it. | ||
| Also, at DOJ, there's been an issue there in terms of election security and election influence operations. | ||
| Both those missions at those agencies have seemingly been eradicated for the time being. | ||
| Now, CISA doesn't even have a confirmed chief right now, so that it's possible that it comes back in some way, shape, or form. | ||
| But in terms of those missions, those missions have been taken apart. | ||
| So, it's all, you know, you could see it across the government. | ||
| And I mean, we're even talking about, we're talking about specifically the Pentagon on cyber. | ||
| You know, we're talking about, you know, the intelligence community and intelligence sharing was also turned off with Ukraine for a while. | ||
| It's been turned back on after the talks in Rihad. | ||
| But I think what you're seeing is across the government, there's been kind of a lessening, a kind of taking the foot off the pedal in terms of keeping pressure on Russia, especially as the war in Ukraine rages on. | ||
| There's definitely been a pumping of the brakes by the administration in terms of taking Russia on these various fronts: misinformation, disinformation, cybersecurity, and even real-life sabotage. | ||
| This is Patty in Connecticut, Independent Line. | ||
| Good morning. | ||
|
unidentified
|
Good morning. | |
| I want to ask, why are we catering to Putin? | ||
| He's the culprit. | ||
| He went in and killed women and children, and we're catering to him. | ||
| He's from the KGB. | ||
| He was a murderer. | ||
| He doesn't care about anybody but himself. | ||
| He doesn't even care about the Russian people. | ||
| They don't want war. | ||
| The Russians are peaceful people, but he stirs people up to do what he wants to do. | ||
| And he's causing havoc in the world. | ||
| And I met Russian people, and they told me they have to keep their mouth shut. | ||
| If they say a word, either them or their families will be killed. | ||
| They're afraid. | ||
| It's a sad, sad country. | ||
| All right, Patty. | ||
|
unidentified
|
Now in terms of, to use your phrase, cozying up to Putin, I think that the administration sees this as a bargaining chip, that we will take this pressure off of your government, essentially your government, your infrastructure there in Russia, if you play ball with us on Ukraine. | |
| Now, it's possible that if talks fall apart or if something else happens, you know, that impacts the talks that are going on between the two sides. | ||
| It's possible that Cyber Command gets taken off a leash again and they go back to what they were doing and they might go back to what they're doing to X amount, tenfold, if you will. | ||
| But for right now, it's definitely a bargaining chip, as people have told to me, that the administration sees that by taking this off the table, |