180. Mic Drop Exclusive: Gen. Nakasone says reports about influence campaigns are ‘a sign of success’ - Click Here

Summary4 min read

Click Here Podcast Episode 180: Mic Drop Exclusive with Gen. Paul Nakasone

Release Date: November 5, 2024
Host: Dina Temple-Raston
Guest: Gen. Paul Nakasone, Former Commander of U.S. Cyber Command and Director of the National Security Agency

Introduction to Gen. Paul Nakasone

The episode opens with Dina Temple-Raston introducing Gen. Paul Nakasone, a prominent figure in American cyber warfare and intelligence. Gen. Nakasone, who retired from the Army in February, brings a wealth of experience from his tenure as the commander of U.S. Cyber Command and director of the NSA.

Evolution of U.S. Cyber Defense Strategies

Gen. Nakasone delves into the significant advancements in U.S. cyber defense since 2018. He emphasizes the transformation in policy and operational capabilities aimed at securing elections and countering foreign interference.

“What's different this year is that when we see it, we say something about it.”
— Gen. Paul Nakasone [00:56]

He highlights the establishment of frameworks such as National Security Policy Memorandum 13 and congressional support through the National Defense Authorization Act (NDAA) of 2019, which have empowered Cyber Command to take more assertive actions against adversaries.

Transparency and Public Disclosure

A pivotal shift discussed is the increased transparency in U.S. cyber operations. Gen. Nakasone reflects on the 2018 cyber operation against Russia's Internet Research Agency (IRA), noting the importance of making such actions public to deter future attempts.

“There has been an inflection point with regards to how we look at offensive cyberspace operations... more accepted.”
— Gen. Paul Nakasone [02:43]

Strengthening Partnerships and Collaborative Efforts

The General underscores the expansion of partnerships beyond traditional allies. He mentions the involvement of interagency bodies, the Department of Justice (DOJ), the Department of Defense (DoD), and the private sector in enhancing cyber defenses.

“We believe that we have greater security through a number of different partnerships.”
— Gen. Paul Nakasone [06:49]

Addressing Chinese Cyber Threats: The Volt Typhoon Groups

A significant portion of the discussion centers on the escalating cyber threats posed by China, specifically the Volt Typhoon, Flax Typhoon, and Salt Typhoon groups. Gen. Nakasone describes these groups' sophisticated operations targeting critical infrastructure, IoT devices, and telecommunications.

“This is a scope and scale. This is intelligence gathering... The scale is what is concerning.”
— Gen. Paul Nakasone [09:07]

He elaborates on the implications of Salt Typhoon's access to American telecommunications, highlighting the potential risks to personal communications and national security.

Artificial Intelligence: A Double-Edged Sword

Gen. Nakasone expresses optimism about the role of artificial intelligence (AI) in enhancing cyber defenses. He notes that AI advancements have significantly improved the ability to detect and respond to adversarial activities.

“Our artificial intelligence platforms have become very, very good at the defense.”
— Gen. Paul Nakasone [10:49]

He contrasts the initial fears of AI being used offensively by adversaries with its current effectiveness in defensive applications, such as identifying and mitigating disinformation campaigns.

Election Security and Influence Campaigns

With the 2024 elections approaching, the conversation shifts to the security measures in place to protect the electoral process. Gen. Nakasone assures listeners that past lessons have been integrated into current strategies, making the upcoming elections more secure.

“This is exactly what we want to be doing instead of 2016. We knew all this information and didn't share it.”
— Gen. Paul Nakasone [06:25]

He acknowledges the ongoing threat of disinformation but remains confident in the enhanced capabilities and strategies to counteract such efforts.

Extended Election Concerns

Addressing concerns raised by Senator Mark Warner, Gen. Nakasone extends the period of vigilance beyond the immediate pre-election phase. He emphasizes the importance of securing the vote certification process, which culminates in Congress finalizing the election results.

“I think the confidence as we go to the polls on the 5th of November really is warranted.”
— Gen. Paul Nakasone [12:05]

Conclusion and Final Thoughts

Gen. Nakasone concludes by reinforcing the strides made in U.S. cyber defense and the critical role of transparency and partnerships in maintaining national security. His insights provide a comprehensive overview of the current cyber threat landscape and the measures in place to safeguard democratic processes.

Key Takeaways

Increased Transparency: U.S. cyber operations are now more transparent, deterring adversaries by publicizing actions against them.
Expanded Partnerships: Collaboration extends beyond traditional allies, involving interagency bodies and the private sector.
Sophisticated Threats from China: Chinese cyber groups, notably the Typhoons, pose significant threats to critical infrastructure and communications.
AI in Cyber Defense: Advancements in AI have bolstered defensive measures against cyber threats and disinformation.
Election Security: Enhanced strategies and extended vigilance periods ensure the security and integrity of the 2024 elections.

Notable Quotes

“What's different this year is that when we see it, we say something about it.” — Gen. Paul Nakasone [00:56]
“There has been an inflection point with regards to how we look at offensive cyberspace operations... more accepted.” — Gen. Paul Nakasone [02:43]
“Our artificial intelligence platforms have become very, very good at the defense.” — Gen. Paul Nakasone [10:49]

This episode of Click Here offers an in-depth exploration of the evolving landscape of cyber warfare and intelligence, providing listeners with valuable insights into the strategies and challenges faced by the U.S. in safeguarding its digital frontier.

Loading summary

Transcript47 lines

[00:07]
Dina Temple Raston
I'm so not used to having headphones on, so let's just start with a really easy one. Could you introduce yourself to us, please?
[00:12]
Paul Nakasone
Hi, Dina. I'm Paul Nakasone. I was the former commander of U.S. cyber Command and the director of the National Security Agency.
[00:18]
Dina Temple Raston
Excellent. Okay, I think people might recognize the name. I'm Dina Temple Raston and this is Click. Here's Mic Drop, an extended cut of an interview we think you'd like to hear more of. We had a rare one on one with General Nakasone last week to talk about all things cyber and intelligence, and in particular, we asked him about the 2024 elections. We're hearing so much in this cycle about Russian influence operations and Chinese hacks that you'd think adversaries are winning the day. But Nakasone says it's just the opposite.
[00:57]
Paul Nakasone
What's different this year is that when we see it, we say something about it.
[01:05]
Dina Temple Raston
Stay with us.
[01:08]
Jon Favreau
If you're getting tired of the same old Sunday routine of drinking coffee and doom scrolling, try something new and listen to Offline with me, Jon Favreau. Offline is a different kind of Sunday show. A chance to step away from our social media fueled news cycles and hear smarter, lighter conversations about all the ways that our chronically online existence is shaping everything about the way we interact with the world around us. So put down your screens, grab your headphones, and listen to new episodes of Offline every Sunday. Wherever you get your podcasts.
[01:44]
Dina Temple Raston
From. Recorded future news. This is Click Here's Mic Drop. Paul Nakasone is one of America's first cyber warriors, an architect of the military cyber operation we call Cyber Command. I've interviewed him about half a dozen times about everything from Cybercom's attacks against ISIS to ransomware operations and disinformation campaigns. He doesn't talk to journalists much, but last week we had a rare sit down on the sidelines of a supply chain conference in Washington. And he remembered that our last interview at Fort Meade kind of freaked people out.
[02:23]
Paul Nakasone
So we're right now in a beautiful ballroom here in a hotel. But the last time we met, we were in the conference room of the National Security Agency. Yes, with a number of National Security Agency employees that were very, very nervous that I was actually having a reporter come in and do a live. Not a live, but a. Certainly a taped podcast.
[02:43]
Dina Temple Raston
Right. Nervous is an understatement. We had all our microphones out to be able to record our greeting with the general and the staff in the outer office went nut. There's no Recording here? There's no recording here. They kept saying wildly waving their hands.
[02:59]
Paul Nakasone
But I think the important piece is twofold. One is that there was a degree of transparency that was set that day that our agency, our command, had to talk and really tell America what we were doing. And you did that so marvelously in that podcast.
[03:19]
Dina Temple Raston
If you saw General Paul Nakasone on the street, you might not recognize him. He retired from the army back in February and now out of uniform. He has kind of a suburban dad vibe. Our interview took place one week before the 2024 elections. Can you talk about this year's election? Is it going to be safe and secure? We're hearing so much that suggests that it might not be.
[03:42]
Paul Nakasone
If you take a look at the election history of what we've been able to do as a government really since 2018, it's a series of safe and secure elections. We began in 2018 with this idea of ensure that we understand our adversaries, we share the information, and we take action if we see adversaries operating outside the United States.
[04:03]
Dina Temple Raston
November 2018 is an inflection point because of what had happened two years earlier. US intelligence was taken by surprise by the Kremlin's assault on the 2016 presidential elections. It wasn't until that fall that the US realized that Russia's Internet Research Agency used fake accounts and bogus online Personas to stir up division in this country. So when that same Russian troll farm tried to do something similar in November 2018, the response was swift. The NSA and Cybercom launched a cyber operation that took out the Internet Research Agency's Internet access and then followed that with something they don't often do. They made the operation public.
[04:45]
Paul Nakasone
There has been an inflection point with regards to how we look at offensive cyberspace operations, and it begins in 2018 with this idea of we're going to have a safe and secure election. And one of the ways that we're going to ensure we have a safe and secure election is if any adversary tries to interfere or influence our election, we're going to operate outside the United States to take them on. And we had both the authorities and the policies that came with that. In 2018, that's matured. There has become a greater degree of experience and I think know how on how to do these operations. I think it has become, to the point, more accepted. And I think this is one of many options that the President's going to need in the future.
[05:25]
Dina Temple Raston
Do you see it as being more accepted now or more turned to as A tool than, say, when we were talking five years ago, Certainly.
[05:33]
Paul Nakasone
And I think that the policy and the authorities have changed dramatically. National security policy memorandum 13, which was signed in 2018, ability for us to look at traditional military activities. Cyberspace being part of that was a congressional part of the NDAA in 2019. Those things ensured that we could do our operations.
[05:54]
Dina Temple Raston
In other words, it cleared the way for much more nimble and aggressive US Offensive cyber operations. Do you think you'll be more open about them?
[06:04]
Paul Nakasone
I think that we will be, as with any operation, as transparent as we can be. Right. And there will be things that we will talk about, and there are things that we won't be able to talk about, but I think that y. It won't be as obtuse as perhaps it was 10 years ago.
[06:18]
Dina Temple Raston
Now, Cassoni says the US is building on that strategy and being more public about what they see, when they see it.
[06:25]
Paul Nakasone
This has been the pattern. 2018, 2020, 2022. What's different this year is the fact that we're hearing so much about so many adversaries at different times. I see this as success. This is exactly what we want to be doing instead of 2016. We knew all this information and didn't share it. No, no. This is when we see it, we say something about it.
[06:44]
Dina Temple Raston
And is what we're doing now in 2024 radically different than what we were doing, say, four years ago?
[06:50]
Paul Nakasone
Not radically different, but I would say more informed and better. Why do I say that? We believe that we have greater security through a number of different partnerships. We began with a very, very small set of partners. Nsa, Cybercom, FBI, dhs. Now it's the interagency. Now it's private sector. Now it's international partners. And the other thing I would say is that in 2018, we thought about being able to impact our adversaries or go after them when they try to conduct influence or interference. We do this now in a much more sophisticated way. It's dod, it's doj, it's the private sector. We have become much better at it.
[07:28]
Dina Temple Raston
So that's the good news. More partners, a more holistic view of how to respond to threats in cyberspace. The bad news is that one of our adversaries, and we're talking about you, China seems to be leaning in developing new skills and broadening the threat.
[07:43]
Paul Nakasone
I think we need to also think about this in the greater context of China as really our pacing challenge. In May of 2023, we talked about a series of actors which we termed Volt Typhoon.
[07:57]
Dina Temple Raston
Chinese state sponsored hackers are sometimes known as the Typhoons. Microsoft researchers gave them that name. And so far there are three typhoon groups that we know of. Volt Typhoon, which has been known to target US Critical infrastructure. Flax Typhoon, which focuses on Taiwan and the US and has compromised a lot of Internet of Things devices like thermostats. And Salt Typhoon, which appears to have targeted telecom companies and potentially the systems the US uses to conduct court approved wiretaps. According to a Congressional Research Service report, the concern is that Salt Typhoon may have been able to access voice calls and text messages across a wide swath of Americans. Among the list of phones the group has allegedly targeted devices used by former President Trump, his family, Vice President Kamala Harris staff, and dozens of other people who might have had a hand in China policy. The FBI is investigated and General Nakasone says we need to understand how aggressive China's effort has become and how widespread it is.
[09:07]
Paul Nakasone
This is a scope and scale. This is intelligence gathering. You know, should we be surprised that unencrypted communications are being intercepted by an adversary? No, we shouldn't. But the scale of it is what.
[09:19]
Dina Temple Raston
Is concerning of the Salt Typhoon.
[09:22]
Paul Nakasone
Right. The scale of being in American telecommunications companies. So this portends what are we going to do now that we've discovered them? And this is really the next step that our government, the private sector need to come together to be able to act on what.
[09:34]
Dina Temple Raston
So everything's encrypted. How would you respond?
[09:36]
Paul Nakasone
Well, I think you begin with how did they get in? Once they begin, let's patch that vulnerability. Let's ensure that we have better understanding of some type of anomalous behavior that alerts us to an adversary trying to do this. Do we need to go to greater encryption? You bet. Do we need to be much more sophisticated in the way that we communicate? Certainly. But begins by discovering we've done that. Now it's the action.
[09:58]
Dina Temple Raston
Got it. And it seems to me that Salt Typhoon seems more like from the old China playbook. Whether you know, it's Office of Personnel Management, the Office of Personnel Management hack happened back in 2015. Chinese hackers got into government computer systems and stole a trove of personal information. The assumption is that they vacuumed up about 15 years of government background check information that had been housed at opm.
[10:25]
Paul Nakasone
So I've seen this picture show for well over a decade. Remember, we begin with this idea of gathering intelligence and then it moves to intellectual property. Then, as you indicated, personal identifiable information. Then it moves to our critical infrastructure. Yes, this is a rheostat of what the options are and what our adversaries are trying to do to us.
[10:42]
Dina Temple Raston
Are you surprised about anything that's been happening in the lead up to the election, or is this pretty much what you were expected?
[10:49]
Paul Nakasone
I think the piece that has surprised me, and perhaps pleasantly so, is the fact that our artificial intelligence platforms have become very, very good at the defense. At the defense. Whether or not it's been OpenAI, whether or not it's been anthropic, there have been a number of different initiatives that have really paid, I think, dividends in being able to identify adversaries. We always were concerned about artificial intelligence being used in the offensive sense. I think right now what we're seeing is that it's also pretty effectively defensive, too.
[11:16]
Dina Temple Raston
So, for example, those Russian bots that were trying to sow division in the run up to the 2016 elections, AI can spot them pretty readily now, which means response time can be much faster.
[11:29]
Paul Nakasone
It's spotting the type of behaviors that we can immediately pinpoint and say, hey, that looks like influencer interference. Let's make sure that, you know, we cancel their account.
[11:42]
Dina Temple Raston
Click here. Listeners may remember that we spoke with Senator Mark Warner, the chairman of the Senate Intelligence Committee, about election interference back in September, and he said that he was most worried about the 48 hours before the election and the 48 hours after. General Nakasone said he thinks the time for concern is a little bit longer than that.
[12:05]
Paul Nakasone
I would say that I'm. I'm concerned most about the lead up to the election and then the certification of the votes. It's not necessarily. It could be 48 hours, it could be 48 days, but we have to get the votes certified. This is what completes the entire election process. So we want to ensure that our defenses don't just end on the 5th of November, that it goes through, as I said, towards a certification process.
[12:27]
Dina Temple Raston
Congress meets on January 6, 2025 to finalize the election results, and things already feel a little bit unsettled.
[12:36]
Jade Abdul Malik
Ballot dropboxes on fire, mountains of fake information cluttering the Internet.
[12:41]
Jon Favreau
And us violent extremists inspired by election related conspiracy theories pose a major threat to the elections.
[12:48]
Dina Temple Raston
These are the things that keep us all up at night. How do you respond to something like that?
[12:53]
Paul Nakasone
I think the proper way is exactly what CISA is doing, which is to identify it, show it, talk about it, this is where it's coming from. And then to have our leaders talk about it, to see leaders in the United States say, hey, that is disinformation that's particularly powerful. I think that the piece on the election that really is important to all Americans is this fact that we have become so far in terms of ensuring the safety and security of what's being done, particularly against foreign adversaries. This is a much different field in 2016. We do not see that today, and so I think the confidence as we go to the polls on the 5th of November really is warranted.
[13:35]
Dina Temple Raston
This is click here's mic drop. Here are some of the top cyber and intelligence stories of the past week. Secretary Raffensperger is warned about a new election disinformation campaign in Georgia. It's Election Day, which, if recent cycles are any indication, has meant some incident is going to come out of left field to cast doubt on the process this year. A lot of those events appear to be the handiwork of a Russian disinformation gang called Storm 1516. Their specialty appears to be fake whistleblower videos, someone who appears to be revealing some election fraud, or a CIA plot to defeat Trump, or a fabricated hit and run linked to Vice President Harris. Storm 1516 has produced dozens of fake narratives since last fall, and the latest offerings include a video purporting to show Haitians illegally voting for Kamala Harris in Georgia and a viral video of someone ripping up ballots for Trump in Pennsylvania. That video appears to feature West African actors posing as black Americans destroying a pile of ballots, and the content was posted on an account linked to Storm 1516. Jumpy Pisces, a North Korean hacking group, appears to have teamed up with an outside ransomware gang for the first time, officials say. Pisces appears to have joined forces with Play, a closed ransomware group that first came on the scene in 2023. It's been linked to dozens of attacks against governments in Europe and the US Unit 42, a team of Palo Alto Networks researchers, said they found that Jumpy Pisces was harvesting personal details and blinding sensors that detected suspicious activity before deploying ransomware built by play. Researchers are still trying to figure out whether Jumpy Pisces was selling initial access broker services or is actually working with the Play ransomware gang to launch attacks.
[15:47]
Paul Nakasone
Russia, like so many other countries, has a messy history of flip flopping when.
[15:52]
Dina Temple Raston
It comes to crypto. Just months after legalizing crypto mining, the Russian government has done an about face and banned mining in regions of Russia that are low on electricity, according to Russia's deputy minister of energy. Crypto miners in Russia's Far east, southwest Siberia and southern Russia have used up all the available power capacity. They're gobbling up so much energy that new consumers can't access the grid until 2030 at the earliest. The numbers tell the story. Just in the past two years, crypto miners have increased their energy consumption by 14%. Russia isn't abandoning crypto altogether, though. The Kremlin is looking to allow the country's central bank to create some sort of crypto instrument that can be used in cross border transactions. The idea is to get around sanctions. A former Disney World employee is accused of hacking into software used by the theme park's restaurants and changing allergen information on menus. The happiest place on earth just got a little more sinister. A former Disney World employee allegedly hacked into the software used by the theme park's restaurants and methodically removed all its peanut allergy warnings. Disney had fired the suspected employee back in June and then about a month later started noticing problems with its menu software. They figured out the problem was linked to some unauthorized intrusions in their network. The suspect in the case had been working as the menu production manager. Disney, for its part, has changed all his passwords and an FBI investigation is continuing. And finally, gamers in Tajikistan got tough news last week. The government banned the video games Grand Theft Auto and Counter Strike for its elements of violence, murder and robbery. Tajikistan officials say they worry the games propaganda of cruelty is adding to adolescent crime. The Ministry of Internal affairs said local computer clubs should be on alert. Authorities intend to conduct raids to ensure these bans are being followed.
[18:27]
Jade Abdul Malik
Today's episode was produced by Megan Dietrich, Sean Powers, Erica Gaida and me, Jade Abdul Malik. It was edited by Karen Duffin, Fact Check by Darren Ancrum and contains original music by Ben Levingston with some other music from Blue Dot Sessions. Our staff writer is Lucas Riley and our illustrator is Megan Gough. Martin Peralta is our sound designer and engineer. Click Here is a production of Recorded Future News. We'll have a new episode of Click Here on Friday. We'll see you then. Looking for more of the cybersecurity and intelligence coverage you get on Click Here. Then check out our sister publication, the Record from Recorded Future News. You'll get breaking cyber news from reporters in New York, Washington, London and Kiev, among others. And you'll see for yourself why it attracts hundreds of thousands of page views every month. Just go to therecord Media.