More On: Intelligence
How can Washington harness these emerging technologies—and ensure that the U.S. intelligence community does not fall behind?
Russian aggression towards Ukraine marks a turning point in the history of intelligence. For weeks prior to the start of the bombardment, Washington publicly disclosed a steady stream of extremely precise facts regarding everything from Russian troop deployments to false-flag activities the Kremlin would use to justify the invasion.
Spy agencies are used to keeping information secret, so this new policy of openness was a departure from the norm. However, the results were excellent. The United States was able to quickly unite friends and organize hard-hitting penalties by getting the truth out before Russian disinformation gained root. It became harder for other countries to hide behind Putin's lies and side with Russia when intelligence leaks put Russian President Vladimir Putin on the defensive. Putin wondered who and what in his government had been infiltrated so deeply by U.S. agencies.
The revelations were only the start. The war has ushered in a new era of intelligence sharing between Ukraine, the United States, and other friends and partners, which has assisted Ukrainian troops in attacking Russian targets on the battlefield, defended digital systems from cyberattacks, and countered bogus Russian narratives. And it has revealed an important new truth: intelligence isn't the exclusive domain of government espionage agencies.
In the past year, individuals and organizations have been monitoring Russia's plans and actions in levels unthinkable in previous conflicts. Using pictures taken by private satellites orbiting the Earth, reporters have detailed recent developments on the battlefield. On Twitter, ex-government and military officials have been keeping track of daily developments on the ground and providing long-term forecasts of the conflict's future. Using commercial-satellite thermal and electro-optical imaging, TikTok videos, geolocation tools, and more, a group of Stanford University students led by former U.S. Army and open-source imagery analyst Allison Puccioni have been reporting on Russian human rights atrocities in Ukraine to the United Nations. An interactive map of the fight based solely on open-source intelligence has been developed by researchers at the Institute for the Study of War, a trusted resource for military specialists and analysts.
To a large extent, this change can be attributed to technological development. Technologies like the Internet, social media, satellites, automated analytics, and other innovations have given regular people access to information that was once only available to governments. Although advancements in technology have shed light on Russian military operations, this hasn't been a completely positive development. In the eyes of the 18 agencies that make up the U.S. intelligence community, the pace at which technological innovation generates new dangers is increasing exponentially. As a result, analysts will have to deal with an enormous influx of new information. They are creating a new demand for intelligence among businesses and individuals so that the private sector may aid in protecting national security. They are also expanding the number of non-U.S. governments that have access to enhanced intelligence capabilities.
Intelligence community heads have been preparing for these changes for years. However, in today's technological age, more is required for future forecasting. In order to comprehend and utilize new technologies, Washington must accept fundamental shifts. The establishment of a new intelligence agency focused on open-source data is an area where it must prioritize its efforts. If not, American spies will lag behind, leaving the country wide open to devastating shocks.
BRAVE NEW WORLD
There was an exceptional degree of global instability in 1947, the year the CIA was founded. Despite the Allied victory in WWII, the Soviet Union continued to pose a threat to Europe. There was a proliferation of repressive regimes, a waning of democratic strength, and a fragmentation of the international system into liberal and authoritarian enclaves. The United States was asked to take the lead in establishing a new international order in the face of rising international tensions. U.S. policymakers understood that greater intelligence was just one component of the new tools they would need to fulfill this mission. They believed that by putting all of their intelligence resources under one roof, they could predict and avert future disasters like Pearl Harbor and ultimately win the Cold War.
The present day resembles the immediate postwar period in many ways. It's back to utilizing force and intimidation to get what you want in this world of strong states. Moscow is being invaded by an authoritarian leader who once again poses a threat to all of Europe. Democracies are once again appearing vulnerable. The United States and its allies are involved in another great-power competition, this time with China, whose rise is becoming less benign by the day due to its crackdown on freedoms in Hong Kong, belligerent rhetoric about retaking Taiwan, and provocative military exercises that encircled the island. Even Marxism and Leninism are on the rise again. At the 20th Party Congress, President Xi Jinping made it clear to party officials that philosophy and personal commitment were more essential than ongoing economic liberalization. Hu Jintao, Xi's predecessor who advocated for economic reform, was forcibly removed from his seat and carried out of the party sessions in a perp walk in full view of the press.
However, one should not judge a book by its cover. Today's problems are very different from those that existed after World War II, mostly because of technical advancements. New technologies are reshaping the world in ways and at a rate that have never been seen before. The combined effects of technological advancements are increasing global connectivity and shifting the balance of power. Emerging technologies and data are becoming increasingly important sources of national power, despite the fact that they are intangible, less easy to visualize and understand, and are often generated and controlled by corporations rather than governments. The CIA and other intelligence services will undoubtedly find it far more difficult to decipher the geopolitical threats and dynamics of the twenty-first century than they did in the twentieth.
Think about the Internet. At the middle of the 1990s, less than 1% of the world's people were online. Now, 66% of the world is connected, from the farthest reaches of the Arctic to Bedouin tents in the desert. Over a billion more people have gone online in just the last three years. Global politics have already changed because of this connectivity, both for the better and for the worse. Social media has helped protests against dictatorships like the Arab Spring and the Umbrella Movement in Hong Kong grow. But it has also given Beijing the power to lead a new wave of government surveillance using technology, and it has made it easier for Russia's massive operations to spread false information to influence elections and weaken democracies from the inside.
Technology is changing the world in many ways, and digital connectivity is just one of them. Artificial intelligence is changing almost every industry, from medicine to trucking. One expert now thinks that AI could take away up to 40% of jobs around the world in the next 25 years. It is changing how wars are fought by automating everything from logistics to cyberdefenses. It is even making it possible for countries to build fighter jets that don't need pilots and can fly faster and better than human pilots. So, it's not surprising that Vladimir Putin, the president of Russia, said that whoever is first in developing AI "will become the ruler of the world." China has also made it clear that it wants to be the leader in AI around the world by 2030.
Technological advances are also making it much easier for anyone, including weak states and terrorist groups, to see what's happening on earth from space. The capabilities of commercial satellites have grown a lot, giving anyone who wants them eyes in the sky. Between 2016 and 2018, the number of satellite launches more than doubled. Now, more than 5,000 satellites circle the earth, and some are no bigger than a loaf of bread. Commercial satellites aren't as good at sensing as their spying counterparts, but civilian technology is getting better all the time. Some commercial satellites now have resolutions so good that they can see manhole covers, signs, and even road conditions. Others can find radio frequency emissions, watch the movement of vehicles and nuclear cooling plumes, and work at night, when it's cloudy, or when there's a lot of foliage and camouflage. Small satellites can go back to the same spot several times a day to look for changes in a short amount of time, which used to be impossible. All of these changes are making everyone smarter, which isn't always a good thing. In 2020, for example, Iran used commercial satellite images to keep an eye on U.S. forces in Iraq before launching a ballistic missile attack that hurt more than 100 people.
Quantum computing is another technological advance that could affect national security because it could eventually break the encryption that protects almost all of the world's data, giving enemies access to even the most secret information. Scientists can now make living things by using synthetic biology. This could lead to big changes in how we make food, medicine, data storage, and weapons of war.
Intelligence needs to figure out what these and other new technologies can do and what risks they pose. The U.S. government needs to know who is likely to win important technology competitions and what might happen if they do. It has to figure out how wars will be fought and won in the future. It needs to figure out how new technologies could be used to deal with global problems like climate change. It needs to figure out how its enemies will use data and tech tools to force people to do bad things, avoid sanctions, make dangerous weapons, and get other advantages.
But it is getting harder to answer these important questions because the landscape of innovation has changed and grown. This makes it harder to track and understand inventions. In the past, new technologies like the Internet and GPS were created by U.S. government agencies and then sold by the private sector. Most innovations that affected national security were not widely used in business, so they could be classified from the start and, if necessary, banned for good. Today, things have changed. Most technological innovations are "dual use," which means they can be used for both business and the military. They are also much more likely to be made in the private sector, where they are backed by foreign investors, made by a multiethnic team, and sold to private and public customers around the world.
Those that come from the private sector are easier to access and harder to limit. AI has become so common and easy to use that even high school students who have never coded before can make deepfakes, which are videos made by AI that show people saying and doing things they never said or did. In March 2022, someone released a deepfake of Ukrainian President Volodymyr Zelensky telling Ukrainian soldiers to put down their weapons. Deepfakes that look like the former U.S. ambassador to Russia, Michael McFaul, have been used more recently to trick Ukrainian officials into giving up information about the war effort. McFaul deepfakes have become so common that the real McFaul had to tweet warnings about what he called "a new Russian weapon of war" that people shouldn't fall for.
Changes in the way innovation works are giving leaders in the private sector new power and giving people in charge of national security new challenges. It's not just happening in other countries. At home, power is changing. Social media sites in the U.S. are now on the front lines of information warfare. They have to decide what is real and what is fake, as well as what speech is allowed and what speech is not. Startup founders are making things that can be used by enemies in ways that the founders can't predict or control. Meanwhile, U.S. defense and intelligence agencies are struggling to use important new technologies from outside and move at the speed of invention instead of the speed of bureaucracy. Leaders in the private sector have jobs they don't want, and leaders in the public sector want skills they don't have.
UP TO SPEED
People often get intelligence wrong. Spy agencies have to deal with secrets, but they are not in the business of secrets. Their main goal is to give policymakers insights and predict the future faster and better than their enemies. Secret information from things like intercepted phone calls or spy reports from the field is important, but secrets are only part of the picture. Most of the information in an intelligence report is not secret or is available to the public. And raw information, whether it is secret or not, is rarely useful on its own because it is often incomplete, unclear, contradictory, based on bad sources, misleading, purposely false, or just plain wrong. Analysis is the process of putting together different pieces of information and figuring out their context, reliability, and meaning.
Intelligence doesn't always have the right answer. But when they are, they can be worth more than money. When U.S. intelligence agencies said that Russia was going to invade Ukraine, it gave Washington the time it needed to help arm Kyiv and get the West on the same page about what to do. But spy agencies may soon find it harder to repeat this success because the global threat landscape has never been more crowded or complicated than it is now, and threats are moving faster than ever. Intelligence officers are finding it harder to do their jobs now. After spending almost 50 years fighting against the Soviet Union and 20 years fighting against terrorists, they now have to deal with a wide range of threats. They have to deal with global threats like pandemics and climate change, as well as competition between big powers like China and Russia, terrorism and other threats from weak and failed states, and cyberattacks that steal, spy, disrupt, destroy, and trick at a speed and scale that is shocking. To put it mildly, intelligence agencies have too much to do.
Technology has made the list of threats longer and more dangerous. For hundreds of years, countries have kept themselves safe by building strong armies and taking advantage of their good location. But in cyberspace, anyone can attack from anywhere without having to break through defenses in the air, on land, or at sea. In fact, the most powerful countries are often the most vulnerable because their power depends on digital systems for business, education, health care, military operations, and more. Big attacks that shut down their most important infrastructure can happen in these states. They can be attacked over and over in small ways that add up to do a lot of damage before the security team even knows. China, for example, has stolen from U.S. companies one hack at a time to gain technological advantages in many fields, from fighter jets to pharmaceuticals. FBI Director Christopher Wray has called this "one of the greatest transfers of wealth in human history" and "the biggest long-term threat to our economic and national security."
Russia has also been very successful with cyberattacks, showing that technology can be used by bad people to hack minds as well as machines. During the 2016 U.S. presidential election, Russian agents used bots and fake social media profiles to pose as Americans and spread false information across the country. This divided the country and hurt its democracy. China could turn Americans against each other today without using any U.S. technology. TikTok, a popular social media app with more than a billion users, is owned by the Chinese company ByteDance. About 135 million Americans, or about 40 percent of the U.S. population, use TikTok. Now, both Democrats and Republicans are worried that the Chinese government could use TikTok to gather a lot of information about Americans and start large-scale influence campaigns that serve Beijing's interests, all while pretending to give U.S. consumers what they want. In the world of information warfare we live in now, weapons no longer look like weapons.
Because cyberattacks can happen so quickly and because policymakers can follow breaking news and get hot takes with the click of a button, U.S. intelligence agencies also need to move faster. Timing has always been important in spycraft. During the Cuban missile crisis in 1962, U.S. President John F. Kennedy had 13 days to look over intelligence and think about his policy options after surveillance photos from a U-2 spy plane showed Soviet nuclear installations in Cuba. On September 11, 2001, U.S. President George W. Bush had less than 13 hours after the World Trade Center attacks to look over intelligence and announce a response. Today, presidents may have as little as 13 minutes or even 13 seconds to think about intelligence before making big policy decisions.
But there are also risks when you move quickly. It takes time to check the reliability of a source, talk to experts in different fields, and think of different ways to explain a finding. Without careful analysis of intelligence, leaders could make decisions that are too soon or even dangerous. In December 2016, a news story said that Israel's former defense minister had threatened a nuclear attack on Pakistan if Islamabad sent troops to Syria. This showed how dangerous it could be to act too quickly. Pakistan's Defense Minister, Khawaja Muhammad Asif, quickly tweeted, "Israeli def min threatens nuclear retaliation assuming pak role in Syria against Daesh. Israel seems to forget that Pakistan is also a nuclear state. The first story, though, was made up. Asif had quickly written his answer before he knew the truth. It has always been hard to find the right balance between policymakers' need for speed and the need to carefully collect, check, and evaluate intelligence. This balance is getting harder to find.
NEED TO KNOW
Intelligence agencies have to deal with a huge amount of data that moves quickly. It's almost impossible to imagine how much information is now available online. The World Economic Forum says that every day in 2019, Internet users will send 500 million tweets, 294 billion emails, and 350 million photos to Facebook. Every second, the Internet sends out about one petabyte of data, which is about as much data as a person would use if they watched movies nonstop for more than three years.
Already, U.S. intelligence agencies gather a lot more information than people can effectively analyze. In 2018, the intelligence community captured more than three NFL seasons' worth of high-definition images every day on each sensor they put in a combat theater. A source in the Department of Defense says that in 2020, one soldier in the Middle East was so worried about the overwhelming number of classified intelligence emails he was getting that he decided to count them. In all, 10,000 emails were sent in 120 days. This number is likely to go up. According to some estimates, the amount of digital information on earth doubles every 24 months.
And intelligence agencies are getting more and more requests from people who don't run troops, have security clearances, or even work for the government. Today, many important people who make decisions don't live anywhere near Washington. Instead, they make important policy decisions in boardrooms and living rooms, not in the White House Situation Room. Big Tech companies like Microsoft and Google need to know what cyberthreats are coming to and going through their systems. Most of the critical infrastructure in the United States is run by private companies, like energy companies. These companies also need to know about cyber risks that could damage or shut down their systems. Voters need to know how foreign governments are trying to influence elections and drive a wedge between people. And because cyberthreats don't stop at the border, U.S. security depends more and more on allies and partners sharing information faster and better.
To serve a wider range of customers, the U.S. intelligence community is making products that aren't secret and working with the outside world in ways it hasn't done before. The National Security Agency, the FBI, and other intelligence agencies are now making public service videos about foreign threats to U.S. elections. The CIA started a podcast called The Langley Files in September 2022. The goal of the podcast was to explain what the CIA does and teach people about it. The National Geospatial-Intelligence Agency, which collects and analyzes satellite imagery and other geospatial intelligence, started a project called Tearline. This is a partnership with think tanks, universities, and nonprofits to make unclassified reports about climate change, Russian troop movements, human rights issues, and more. In 2021, the NSA started putting out joint advisories with the FBI and the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency. These advisories explained major cyberthreats, named the groups behind them, and told businesses how to make their security stronger. In October, these three agencies even shared the technical details of the top 20 cyber vulnerabilities that the Chinese government used to hack into U.S. and allied networks, along with detailed instructions on how to improve cyber defenses. The U.S. government is now also putting out advisories with foreign intelligence partners.
In Ukraine, this strategy of putting on a good show for the public has worked very well. It helped the US warn the world that Russia was going to invade. It helped the West come together to act quickly. And it still makes Moscow angry. Recently, after intelligence from Washington showed that senior Russian military leaders were talking about using tactical nuclear weapons in Ukraine, Xi issued a rare public warning against the "use of or threats to use" nuclear weapons. The relationship that Xi and Putin said had "no limits" turned out to have limits after all.
Technology has given U.S. intelligence agencies not only more customers, but also more competitors. All kinds of people and private organizations are now able to collect, analyze, and share intelligence thanks to the growth of open-source information online, commercial satellite capabilities, and AI.
In the past few years, for example, the volunteer investigators of Bellingcat, which calls itself "an intelligence agency for the people," have found a lot of interesting things. Bellingcat found the Russian hit team that tried to kill former Russian spy Sergei Skripal in the UK. It also found people in Europe who support the Islamic State, which is also known as ISIS. It also showed that the people who shot down Malaysia Airlines flight 17 over Ukraine were Russians.
Bellingcat is not the only effort by civilians to gather intelligence. When the Iranian government said in 2020 that a small fire had started in an industrial shed, two independent U.S. researchers used only their computers and the Internet to show that Tehran was lying within hours. David Albright and Fabian Hinz quickly found out that the building was actually a place where Iran's main uranium enrichment site put together nuclear centrifuges. The damage was so bad that the fire could have been caused by an explosion, which makes it more likely that it was done on purpose. Nuclear sleuths at the James Martin Center for Nonproliferation Studies in California used commercial satellite imagery to find more than 200 new intercontinental ballistic missile silos in China in 2021. This could mean that China's nuclear arsenal is growing in a way that has never been seen before.
As the world of open-source intelligence grows, it brings both new opportunities and risks for U.S. intelligence agencies. On the plus side, citizen-sleuths give more eyes and ears around the world to keep an eye out for changes and dangers as they happen. The knowledge of many people can be very useful, especially when it comes to putting together small pieces of information. Analysts of open-source intelligence can work quickly because they are not limited by bureaucracy. And because open-source information is declassified by definition, it can be easily shared within government agencies, between them, and with the public without revealing sensitive sources or methods.
But these are also bad things. Anyone, anywhere can get open-source intelligence, no matter what they want to do, what country they support, or what skills they have. Citizen-sleuths don't have to answer to anyone or train anywhere, which puts them in a lot of dangerous situations. Volunteer analysts are rewarded for being fast (especially online), but they are rarely punished for being wrong. This means they are more likely to make mistakes. And there isn't much difference between a group of smart people and a dangerous mob. After a terrorist attack at the Boston Marathon in 2013 killed three people and hurt more than 260 others, people on Reddit stepped up to help. Amateur investigators posted pet theories, unconfirmed police scanner chatter, and other crowdsourced bits of information that pointed to two "suspects," and the mainstream media spread the news. Both of them turned out to be good.
These problems can give governments a lot of trouble. When mistakes spread like wildfire, intelligence agencies have to spend time and money checking the facts of other people's work and reassuring policymakers that their original intelligence assessments should not change. True open-source discoveries can also lead to trouble. Findings, for example, could put policymakers in a tough spot by letting the public know about information that, if kept secret, could have left room for compromise and smooth exits from crises. For example, to stop the Cuban missile crisis, Kennedy agreed to take U.S. nuclear weapons out of Turkey in secret if the Soviets took their missiles out of Cuba. If people could have seen images from satellites, Kennedy might have been too worried about political backlash at home to make a deal.
Leaders in U.S. intelligence know that their success in the twenty-first century will depend on how well they adapt to a world with more threats, more speed, more data, more customers, and more competitors. Their agencies have been working hard to meet these challenges by putting in place organizational changes, programs to improve technology, and new ways to find and hire the best scientists and engineers. They have done a lot of good things. But these are hard problems to solve, and so far, the efforts of the intelligence community have been scattered.
Even though the problems are well known, the stakes are high, and intelligence weaknesses have been getting worse for years, the rate of progress is very worrying. Multiple reports and articles, including one in this magazine, have found that intelligence agencies are not keeping up with technological changes. These reports show that something bad is happening. Washington can't solve its problems by making small changes to agencies that are already in place. Instead, improving U.S. intelligence for the 21st century will require building something new: a dedicated, open-source intelligence agency whose job is to look through unclassified data and figure out what it means.
Adding a 19th intelligence agency might seem like a waste of time and money. But it is important. Even though Washington tried hard, open-source intelligence has always been a second-class citizen in the U.S. intelligence community because it has never had an agency with the budget, hiring power, or a seat at the table to champion it. As long as open-source intelligence is part of secret agencies that put the most value on secret information, it will stagnate. The adoption of cutting-edge technical tools from the business world will continue to be stifled by a culture of secrecy. Agencies will have a hard time finding and keeping the talent they need to understand and use new technologies. And attempts to use the power of people outside the government who collect and analyze open-source intelligence will fail.
A new open-source intelligence agency would bring innovation, not just information, to the U.S. intelligence community. It would do this by making it easy for big changes to happen in human capital, technology adoption, and collaboration with the growing open-source intelligence ecosystem. Such an agency would be a powerful way to bring in the people who will work in the future. Because it deals with non-classified information, the agency could hire top scientists and engineers right away without making them wait months or years to get security clearances. Putting open-source agency offices in tech hubs like Austin, San Francisco, and Seattle, where engineers already live and want to stay, would make it easier for talented people to move in and out of the government. As a result, there could be a group of tech-savvy public servants who move back and forth between the government and the private sector, acting as bridges between the two. They would make the intelligence community more well-known and respected in the tech world and bring a steady flow of new tech ideas back inside.
By working with non-classified information, the open-source agency could also help the intelligence community adopt new technologies for collecting and analyzing data faster and better. (The open-source agency could test new ideas and, if they worked, send them to agencies that work with secrets.) The agency would also be in a great place to work with the best open-source intelligence groups and people outside of the government. These partnerships could help U.S. intelligence agencies give more of their work to responsible non-government collectors and analysts. This would give intelligence officials more time and resources to focus on missions that no one else can do, like gathering information in secret.
There will still be a lot of missions like this. Even the best open source intelligence can only tell you so much. Satellite images can show that China has built new missile silos, but they can't show what the Chinese government plans to do with them. Identifying things or following their movements online is important, but it's not enough to gain insight. Secret methods are still the best way to find out what foreign leaders know, think, and want. There is no alternative to sending human spies into the inner circle of a foreign leader or into an enemy's communications system to find out what that enemy is saying and writing. Analysts with clearances will also always be needed to figure out what classified discoveries mean, how credible they are, and how they fit with other, non-classified discoveries.
But secret organizations aren't enough anymore. The country is facing a dangerous new era with competition between the world's biggest powers, a return to war in Europe, ongoing terrorist attacks, and cyberattacks that change quickly. These threats are caused by new technologies, which also show who will be able to understand and plan for the future. To be successful, the U.S. intelligence community needs to adapt to a world that is more open and full of technology.