Today, Secretary Mayorkas delivered remarks at the Munich Security Conference Intelligence Luncheon.
The transcript is below:
Almost exactly a year ago, just before its brutal invasion of Ukraine, Russia launched a cyber attack on an American commercial satellite communications company. The attack was designed to impact Ukraine, but it also disrupted energy-related critical infrastructure and internet services for thousands throughout the continent – rendering the hardware of tens of thousands of European users useless and disabling remote operations for thousands of wind turbines in Germany.
One of the lessons learned from the first year of this conflict is that modern wars of aggression are fought on new battlefields with consequences that extend beyond the nations involved.
Whether we are the target or collateral damage, the new weapons of war are no longer constrained by borders or defined only by military maneuvers. As members of the Intelligence Community, you, of course, grapple with this on a daily basis.
Destruction comes in many forms; the damage is not always as visible as the physical destruction inflicted on the cities of Mariupol, Kharkiv, Kyiv, and Sumy. Objectives that once required armies to achieve can now be done with keystrokes, targeting our hospitals, schools, small businesses, local governments, or other critical infrastructure – the growing list of victims by just one pro-Russian hacker group includes the European Parliament, hospitals in the Netherlands, and, most recently, humanitarian aid to earthquake victims in Turkey and Syria.
Given the complex, dynamic security environment we face in each of our countries, it is more vital than ever that we collect the right intelligence, and that we do everything within our power to ensure that the intelligence can be put to use by those who need it most.
Who then is best positioned to respond and mitigate those threats?
At the beginning of every work day, I receive the President’s Daily Brief, or PDB as we call it, which contains the most current, compelling intelligence available from our Intelligence Community on the full range of threats we face.
Even as I read that intelligence and am briefed on its significance, my mind turns immediately to who across my Department and across our wide array of partners needs to know about the threats in that day’s PDB.
On any given day, it might be the head of our Transportation Security Administration or our Cybersecurity and Infrastructure Security Agency. It might mean asking our Office of Intelligence and Analysis to render the intelligence into actionable information that can be shared with our partners, including state and local governments, law enforcement, and the private sector.
My point is simply this – the intelligence we collectively gather and analyze must make its way into the hands of the operators in the field who are ultimately responsible for protecting our people, our borders, and our infrastructure.
If this is true within my Department, it is, of course, even more true in the context of our international partnerships. The intelligence that we in the United States gather and the intelligence that you gather must ultimately contribute to our collective security.
That is why this gathering is so important. And why I am so pleased to be here today.
Our shared challenges and common adversaries create a heightened threat environment that requires more of us than ever before – more and better information sharing. More and better information to share. Nothing has made that more apparent than the latest Russian invasion, our need and desire to support Ukraine, its people, and our imperative to protect our homelands.
Before the Russian invasion began last year, governments quietly accelerated efforts to share information with each other, the private sector, and subnational government stakeholders to prepare for potential escalation, particularly in cyberspace. And it was that preparation that prevented me from attending this conference last year.
One of the most extraordinary aspects of that uncertain time leading up to the invasion was the unprecedented level of declassification and dissemination of highly sensitive intelligence.
From briefing podiums on both sides of the Atlantic, the United States and our European partners and others around the world exposed Putin’s intentions and myriad of false pretenses that would mask what his invasion truly was—a horrific war of aggression.
For the United States, the impending invasion of Ukraine underscored the urgency of sharing timely, actionable intelligence domestically with the private sector, particularly with critical infrastructure sectors – power, water, and transportation – that are essential to our daily lives. Leaders inside and outside government require timely, actionable warning. We must ensure the intelligence we provide informs our partners of both current and emerging threats, provides them with decision advantage, and equips them to take action when warranted.
The development and sharing of objective and timely intelligence are the foundation of what we do at the Department of Homeland Security. We have one of the broadest customer sets within the Intelligence Community and benefit from a close relationship with intelligence agencies around the world and, of course, at home.
Prior to the Russian cyber attack I mentioned at the outset, we mobilized the private sector to proactively harden its cyber defenses against Russian retaliatory or spillover cyber attacks through a public awareness campaign we called “Shields Up," the largest effort of its kind in our history. We conducted unclassified and classified briefings to share threat intelligence with critical infrastructure owners and fused intelligence with information shared with us from our industry partners. We produced actionable cybersecurity guidance that could be more broadly shared and provided hundreds of briefings to thousands of stakeholders on how to protect against Russian cyber operations.
We are also breaking new ground in our international security partnerships with the recent expansion of the Abraham Accords to include cybersecurity, and I had the pleasure of meeting my colleague from Bahrain with whom we have launched that important platform. Leaders from the cyber agencies in Israel, the United Arab Emirates, Bahrain, and Morocco and my Department are working together to build cyber defense and resilience across the Middle East against our shared common threats, not least from irresponsible cyber actors like Iran. We are committed to sharing information with our partners regarding Iran’s widespread ransomware attacks. We have already received actionable information relevant to protecting critical infrastructure as a result of this partnership.
The development of objective and timely intelligence is the foundation for everything we do. We look to our intelligence colleagues to take advantage of every possible information source to provide those insights while ensuring the protection of civil rights, privacy, and civil liberties.
Traditionally, we relied on human intelligence and signals intelligence to identify and assess threats. The volume and diversity of the information available to our intelligence services are growing exponentially every year. Now, the exquisite intelligence that our leadership demands for effective decision-making has come and, I think, increasingly will come from many other domains, including the open source world.
Our challenge as security and intelligence professionals is to glean from that mound of data as clear a picture as possible of the threats we face so that we can mitigate those threats and protect our populations.
We have made enhancing our open source collection capabilities a top priority. One recent example – the Department was one of the first in the Intelligence Community to locate the manifesto of the shooter responsible for the racist attack in Buffalo, New York – he attacked people in a supermarket. Within minutes of the attack, we provided the manifesto to our stakeholders, enabling them to determine any potential nexus to their local jurisdictions, and to allocate and deploy resources and personnel accordingly.
Attacks such as this often have a transnational dimension to them. Racially or ethnically motivated violent extremists often cite the acts of other attackers located overseas as justifications for their own actions. The Buffalo attacker cited Brenton Tarrant, the attacker in Christchurch, as inspiring his radicalization. Last year’s attacker in Bratislava cited in his manifesto the actions of Anders Brevik in Norway and a U.S. attacker in Poway, California.
In the United States, we are committed to deepening the exchange of information about these evolving threats with partners all around the world with all of you. We are grateful to all of you who are doing the same. The importance of this kind of information exchange will only grow as the threat landscape grows more complex and unpredictable.
The response to the cyber spillover risks of Russia’s invasion of Ukraine is a reminder that addressing the homeland security challenges of 2023 and beyond requires equipping society with the information, tools, and best practices to prevent threats from materializing and to build resilience.
We are at an inflection point regarding the sharing of information that could impact the lives of millions of people. Are we equipped and ready to share information broadly enough? Is the right information reaching those who need it most, in sufficient time?
None of us can do this alone or in isolation. It requires a whole-of-society effort. It requires a community effort. We need to increase exponentially our investment in international and subnational partnerships to prepare our nations for the threats we can predict and the ones we cannot.
Meeting the moment requires collaboration and more risk-taking than ever before.
This is our model at the Department of Homeland Security to confront the threats of 2023 and beyond, and I suspect that each of you are operating in much the same way as you deal with your own security challenges.
The more we invest, the more we invest in all our own homeland security, the safer we will all become. The more we work together to enhance the way we share information, not just with our national governments, but with the communities we serve, the more protected all our nations will be.
I think, the safety and security of our homelands and all of us together demands it.
Thank you very much.