IoT, AI Mean More Targets for US Adversaries, says Gordon

WASHINGTON: The more we connect different devices together, and the more we trust those devices to make decisions for us, the more targets we give hackers. That means that the rise of the much-hyped Internet of Things (IoT), from self-driving cars to networked baby monitors, and the increasing use of automated decision-making aides, in both the national security establishment and the private sector, are together creating an ever-increasing number of targets for America’s adversaries, warned Susan Gordon, the principal deputy Director of National Intelligence.

“The surge of Internet connected devices and the delegation of more and more decisions to machines offers the potential for rich new targets for our adversaries, and raises the potential consequences when they gain access to our digital systems,” she told a packed room at the annual Defense One Tech Summit today. Former DNI James Clapper way back in 2016 warned the Intelligence Community that IoT was going to present a huge problem for monitoring and protecting networks against attacks, simply because of the enormous number of devices that will be connected.

These two trends — increasing adversary access to data and the potential for greater consequences from that access — will only accelerate “as additional technologies such as AI (artificial intelligence), autonomous vehicles, and 5G-and-beyond mobile networks begin to come on line,” she said.

“Data is a key technology for the future,” she explained. “This is such a data-rich world that the person who can command that data first is the one who’s gonna have a real advantage.” In particular, she noted that “5G is “such a jump shift in communications … it’s going to require us to think differently about notion of security.”

President Donald Trump in May signed an executive order that gives the administration the tools to bar the use in the United States of 5G equipment made by Chinese telecommunications giant Huawei, due to fears within the IC and national security about the possibility of ‘back doors’ that would allow Beijing to pilfer information. Gordon noted that in addition to those concerns, she also worries about China using a Huawei-built network to push disinformation through those networks.

The challenges presented in dealing with “threats to and through information” require the Intelligence Community (IC), the national security community and the private sector to collaborate more closely than ever before if the US is to “win in the information world,” she said.

For one thing, “threat surface is entirely different” than in the past, Gordon explained, because “90 percent of the targets lie outside government.” This means that the private sector now has to understand that “they are responsible for national security too.” She implored industry to work closely with the IC and the military to ensure that the “cool” stuff they are developing can scale, and actually be used by the government for national security needs.

She said the IC itself needs to “learn how to do intelligence for people want to do” — that is, policymakers and military commanders who want information that allows them to act. She urged the IC practitioners to look beyond their individual silos — geospatial intelligence, signals intelligence, human intelligence — and find ways to synthesize their knowledge. “We’re going to have to remember that as proud as we are of each of our individual crafts — I love my GEOINT; my SIGINT and HUMINT have delivered eye watering knowledge for the community — but those ‘INTS’ are the ‘what,’ not the ‘why’,’ she said.”The why is national security.”

In addition, she said the IC needs to re-look current policies regarding data sharing in order to allow improved partnerships with industry, and allies. Concerns about over-classification and the need to explain to the public about threats facing the US were the factors in the Defense Intelligence Agency’s decision to craft, for the first time, a public report on threats to US space systems that was released in February.

Lastly, Gordon challenged US national security leaders “to see the world as it really is” rather than “long for a simpler time where the threats made sense.” She added that it also is imperative for the national security community to put more resources into “fundamental research” at universities and other academic institutions, or risk losing the technology edge in the long run.