JEFFREY BROWN: And now: cyber-war, drone strikes and very public revelations.
SEN. JOHN MCCAIN, R-Ariz.: Over the past few months, there’s been a disturbing stream of articles in the media. And common among them is that they cite leaked, classified or highly sensitive information.
JEFFREY BROWN: Starting with comments from Sen. John McCain on Tuesday, a debate has intensified over recent revelations of national security programs, accounts driven by what appear to be high-level government leaks.
One story cited by McCain, published in Friday’s New York Times, provided a detailed account, based on mostly anonymous sources, of what was termed America’s first sustained use of cyber-weapons, the so-called Stuxnet program against Iran’s nuclear enrichment facilities.
Other news reports have looked at secret drone attacks against militants in Yemen and elsewhere, including President Obama’s personal role. Sen. McCain saw a political motivation behind the revelations.
SEN. JOHN MCCAIN: One could draw the conclusion from reading these articles that it is an attempt to further the president’s political ambitions for the sake of his reelection.
JEFFREY BROWN: Yesterday, White House Press Secretary Jay Carney responded, saying, “Any suggestion that this administration has authorized intentional leaks of classified information for political gain is grossly irresponsible.”
But there were bipartisan concerns expressed today by top members of the Senate and House Intelligence Committees, who said they would push for tougher legislation to crack down on the leaks.
SEN. DIANNE FEINSTEIN, D-Calif.: This has to stop. When people say they don’t want to work with the United States because they can’t trust us to keep a secret, that’s serious.
SEN. SAXBY CHAMBLISS, R-Ga.: It put lives in danger and it infringes upon the ability of the intelligence community to do their job.
JEFFREY BROWN: Friday’s New York Times article was in fact adapted from a new book, titled “Confront and Conceal: Obama’s Secret Wars and Surprising Use of American Power.”
Its author, David Sanger, is chief Washington correspondent for the paper.
And David Sanger joins us now.
David, the cyber-weapon attack on Iran was code-named Olympic Games, right?
DAVID SANGER, The New York Times: That’s right.
JEFFREY BROWN: It started under President Obama, but ramped up under President Obama.
And you referred to it as a far more sophisticated attack than ever before. In what way?
DAVID SANGER: Well, several ways, Jeff.
First, the code itself was very large. But, secondly, this is not the usual cyber-attack of my computer attacks your laptop or you go after an ATM machine or Visa’s subscriber list. This was an attack that went through the computer system that is in the Natanz enrichment plant, where they make nuclear fuel.
It’s walled off from the Internet. So they had to get it basically over an electronic moat. hand then it went in and attacked the actual centrifuges, speeding them up, slowing them down and ultimately making many of them blow up, all the while sending signals to the Iranian control room that everything was operating normally.
JEFFREY BROWN: Now, up to this point, we had thought — always talked about this as an Israeli operation, well, at least speculation, right? So you’re suggesting that — you’re laying out the details here about how this was originally a U.S. operation?
DAVID SANGER: It was a U.S. and the Israelis together.
And we ran the story in January of 2010 that said as much, that said that looking at this code and from the reporting we did, we believed it had been a U.S.-Israeli operation. What I did as I started working on “Confront and Conceal” was pull on that string to figure out what had happened.
And, really, the big revelation here, the first big break in the story wasn’t anybody talking about it. It was the escape of this computer code, this computer virus.
JEFFREY BROWN: When you say escape, you mean literally.
DAVID SANGER: Literally, it escaped from the Natanz plant.
It was supposed to stay inside Natanz. And there were repeated attacks engineered in Washington, in Israel. They brought a new version in. It had a slight flaw in it. We have all gotten software over the years that needed a little bit more work. And this one leapt aboard a laptop computer of an Iranian engineer who was just working inside the plant doing maintenance work.
He goes home, he plugs into the Internet. It starts propagating around the world. And suddenly, everyone, including the Iranians, realized that this was a cyber-code attack. And so the Iranians maybe for the first few years thought their equipment was just failing. They had bought some pretty bad design. Now they realized the truth.
JEFFREY BROWN: Now, when you put this into the larger perspective, with the drone attacks, how much just debate was in there inside the White House, how much attempt at a legal justification, or debate over the effectiveness of these things?
Because, as you write about — this is what makes it so interesting — this — particular with cyber-weaponry, it’s sort of like the early days of nuclear weapons, right? Everybody’s trying to figure out where the boundaries are and what’s effective.
DAVID SANGER: It is. And that’s the fascinating part of this debate.
In nuclear weapons, it took us, what, 20 years to come up with some rules about when they would and wouldn’t be used. Remember, MacArthur wanted to use them in Korea. There was debate about using them during the Cuban Missile Crisis 50 years ago this year.
In the drones debate, there’s been debate for 10 years about when it’s the right time to do drone attacks. And we’re still having that debate. In cyber, it hasn’t been a public debate, but it’s now becoming one.
President Obama sitting in the Situation Room getting briefed on these attacks was very concerned about whether or not there would be collateral damage, whether you would be shutting down hospitals, for example. He was quite concerned about whether or not countries might use the fact that the United States is using cyber-weaponry to attack back at the U.S.
JEFFREY BROWN: In fact, you — I mean, that’s very interesting, because you quote people as being concerned about whether you’re offering a justification for others to use it.
DAVID SANGER: That’s right, that’s right.
Now, many said to me the Chinese, the Russians, they have figured out by now that we have cyber-weapons and they have figured it out because of Stuxnet escaped. But these debates took place. But we’re at the very infancy. We’re sort of at that same equivalent moment of 1945 to ’49. We were figuring out nuclear. We’re at that moment right now with cyber.
JEFFREY BROWN: So your revelations and other recent stories that have come out have, as we have seen, stirred up a lot of debate and controversy and even some anger.
Do you think that the revelations such as this are putting people at risk?
DAVID SANGER: Well, it’s always a very big concern, particularly at The New York Times.
We deal with a lot of national security stories every month. We are fairly experienced at how to do this. We dealt, for example, with WikiLeaks, which was thousands of secret documents. So I did in this case with the newspaper’s understanding exactly what we do in the others. We went to the government. We explained the outlines of the story.
And we said, if there are details here that affect operational events, could put somebody’s life at risk, let’s discuss it and we will see what we can do to make sure those don’t get into print.
JEFFREY BROWN: You’re confident about that?
DAVID SANGER: And we had those discussions. And in the end, I deleted — as I say in a note on sources at the end of the book, I deleted some technical details that they asked. Everything they asked to be deleted, we deleted.
JEFFREY BROWN: What about addressing Sen. McCain’s other point, which of course is again something you have to deal with all the time, that in some ways, you run the risk of being used by — in this case, it would be the White House for political reasons. The articles make it seem as though President Obama is very much involved, right, very active, a strong leader.
DAVID SANGER: Right.
Jeff, I can just tell you what my experience was in reporting this. This was an 18-month-long process, because the Stuxnet worm first made its way out in 2010. I was doing this as part of a much larger look at the Obama national security policy, which is really what most of the book is about, Afghanistan, Pakistan, China and so forth.
And I reported this from the bottom up. So, you know, you hear the word leaks, it really doesn’t do justice to the process of piecing things together out in the old-fashioned way of doing reporting. And. . .
JEFFREY BROWN: But you are quoting people who are inside these meetings.
DAVID SANGER: That’s right. But that, by and large, comes only after you have put together the essence of the meeting — the essence of the story.
And that’s — there’s an important public policy purpose that is served for this. People aren’t just publishing stories like this because these are cool revelations. They’re publishing it because it meets the test of a subject matter that the American people have to debate how you want to go use these weapons, whether it’s drones, whether it’s cyber, whether it’s special forces.
These are the biggest decisions the United States has to make as it presents a new face to the world. And the trick is, can you do that without endangering lives?
JEFFREY BROWN: All right, the new book is “Confront and Conceal.”
David Sanger of The New York Times, thanks so much.
DAVID SANGER: Thank you.