CIA Director Brennan to expand agency’s cyber espionage capabilities
WASHINGTON — CIA Director John Brennan plans a major expansion of the agency’s cyber espionage capabilities as part of a broad restructuring of an intelligence service long defined by its human spy work, current and former officials said.
The proposed shift reflects a determination that the CIA’s approach to conventional espionage is increasingly outmoded amid the exploding use of smartphones, social media and other technologies.
Officials said Brennan’s plans call for increased use of cyber capabilities in almost every category of operations — whether identifying foreign officials to recruit as CIA informants, confirming the identities of targets of drone strikes or penetrating Internet-savvy adversaries such as the Islamic State.
Several officials said Brennan’s team has even considered establishing a new cyber directorate — a step that would put the agency’s technology experts on equal footing with the operations and analysis branches that have been pillars of the CIA’s structure for decades.
Officials emphasized that the plans would not involve new legal authorities, and that Brennan may stop short of a new directorate. But the suggestion underscores the scope of Brennan’s ambitions, as well as their potential to raise privacy concerns or lead to turf skirmishes with the National Security Agency, the dominant player in electronic espionage.
“Brennan is trying to update the agency to make sure it is prepared to tackle the challenges in front of it,” said an official familiar with the reorganization plan. “I just don’t think you can separate the digital world people operate in from the human intelligence” mission that is the CIA’s traditional domain.
The expanded emphasis on cyber is part of a broader restructuring envisioned by Brennan that is expected to break down long-standing boundaries between its operations and analysis directorates, creating hybrid “centers” that combine those and other disciplines.
Brennan is expected to begin implementing aspects of his plan this month, officials said. He recently met with senior members of the House and Senate intelligence committees to outline the proposed changes.
CIA spokesman Dean Boyd declined to comment, saying that “final decisions have not yet been made with respect to agency reorganization efforts.” In a notice to the CIA workforce last year, Brennan said he had become “increasingly convinced that the time has come to take a fresh look at how we are organized.”
The changes are designed to replicate the model of the CIA’s Counterterrorism Center, which has surged in size and influence since the Sept. 11, 2001, attacks. The restructuring could lead to new reporting lines for thousands of CIA employees, as longstanding units such the Latin America and the Near East divisions give way to new centers that combine analysis, collection and covert operations.
The National Clandestine Service and Directorate of Intelligence — the formal names for the operations and analysis branches – would continue to exist, but focus more on developing talent and resources that can be distributed to the new centers.
“It would be a huge deal,” said Michael Allen, a former White House and congressional aide who wrote a 2013 book about intelligence reform. Unlike the FBI and other security agencies, Allen said, “there hasn’t been wholesale structural reform in the CIA post-9/11.”
Former officials who are familiar with the plan said it has caused generational friction within the CIA’s ranks, with longtime officers resisting changes that younger employees have been more eager to embrace.
The head of the clandestine service recently resigned in part over objections to the scope of Brennan’s plan, officials said. Brennan quickly replaced him with a longtime officer who had led an internal review panel that broadly endorsed the director’s reform agenda.
Although limited compared with the larger NSA, the CIA has substantial cyber capabilities. Its Information Operations Center, which handles assignments such as extracting information from stolen laptops and planting surveillance devices, is now second only to the CTC in size, former officials said.
The CIA also oversees the Open Source Center, an intelligence unit formed in 2005 to scour publicly available data, including Twitter feeds, Facebook postings and web forums where al-Qaida and other terrorist groups post material.
Brennan hopes to make the use of such capabilities more pervasive, U.S. officials said, ensuring that expertise and tools that now reside in the Information Operations Center are distributed across the agency.
The move comes at a time when the CIA has struggled to gain traction against adversaries – including the Islamic State and the Jabhat al-Nusra terrorist group – that recruit and communicate extensively online but operate in combat zones that CIA officers are generally not able to enter.
But officials said that digital changes have transformed even the most conventional cloak-and-dagger scenarios. Secrets that were once obtained by recruiting a source or meeting in a safe house increasingly reside in clouds of digital transmissions that surround espionage targets.
To recruit a Russian spy, “you may need to manipulate someone’s email, read someone’s email, and track the whereabouts of the FSB,” a former official said, referring to Russian security service. “Cyber is now part of every mission. It’s not a specialized, boutique thing.”
Beyond elevating the role of the Information Operations Center, U.S. officials said that Brennan is seeking to ensure that the agency is not lagging in other areas, such as counter-intelligence work and the CIA’s internal email system.
Brennan provided only broad outlines of his plan in recent congressional meetings that excluded all but the four highest-ranking members of the House and Senate intelligence panels. A senior U.S. intelligence official said that some senior NSA executives remain in the dark on Brennan’s cyber ambitions.
In recent years, the CIA has collaborated extensively with the NSA on a range of covert programs including its drone campaign against al-Qaida. Documents released by former NSA contractor Edward Snowden showed that emails and cellphone signals intercepted by the NSA were used to confirm the identities of targets in strikes.
But the CIA also has fought budget and bureaucratic battles to maintain its own standalone capability, prompting some to view the latest push as an attempt to capitalize on Washington’s growing alarm over cyber threats – and the corresponding shifts in federal budgets.
Former CIA officials said that the agency is mainly concerned about having direct control over the cyber components of its operations, and that Brennan’s plans would not encroach on the global surveillance programs run by the NSA. Nor would it interfere with the work of a new agency the Obama administration is creating to fuse intelligence on cyberattacks.
Brennan’s push to expand the CIA’s cyber capabilities is “entirely appropriate, even overdue,” said Stephen Slick, a former CIA official who directs the Intelligence Studies Project at the University of Texas at Austin. “Advances in digital technology are having a revolutionary impact on the intelligence business, and it’s important for CIA to adapt its collection and covert action missions to account for the new opportunities and dangers.”