Nes/istock

American Spies Are Fighting the Last War, Again

When the Cold War ended, the intelligence community failed to adapt. Today it faces a similar challenge.

Twenty years ago, al-Qaeda hijackers carried out the worst-ever terrorist attack on American soil, killing nearly 3,000 innocents, terrifying the nation, and forever changing the course of history—ushering in America’s wars in Afghanistan and Iraq.

Yet September 11 was also something else: our worst intelligence failure in more than half a century. It was a surprise attack that should not have been a surprise. The agonizing truth is that American intelligence agencies saw the danger coming but failed to stop it because they were hardwired to fight a different enemy from a bygone era. My research found that when the Cold War ended and the threats shifted in the 1990s, America’s intelligence community failed to adapt.

Today, we face a similar challenge. Since 9/11, spies have become adept at countering al Qaeda but al Qaeda is no longer the overarching problem it once was. The global threat landscape has become much more crowded and complex, encompassing escalating cyberattacks, a rising China, Russian aggression, nuclear proliferation in Iran and North Korea, the fallout from climate change, and more. And once again, spy agencies are struggling to keep up.

Like generals, intelligence officials are often left fighting the last war even when new dangers are evident. Why? Because no matter what politicians and agency leaders say, no matter how clearly they see new adversaries looming over the horizon, government agencies are tailored to fight the enemy they already know. Bureaucracies are designed to last, not adapt. Businesses go under if they fail, but government agencies almost never die. Instead, over time, organizations harden, budgets balloon, capabilities and cultures become ingrained. Early innovations grow obsolete. Even when reports are issued, warnings are raised, and courageous champions press for action, change comes slowly. The old ways endure. Meanwhile adversaries grow stronger, and the nation is left vulnerable once again.

[Read: None of my students remember 9/11]

Throughout the 1990s, even as America’s spy agencies warned of al-Qaeda’s growing danger, these institutions were stuck in the Cold War. Money poured into technological platforms that could count Soviet warheads from space instead of human intelligence efforts better suited for penetrating terrorist groups on the ground. George Tenet, the CIA director on September 11, had tried but failed to upgrade his agency’s counterterrorist capabilities and better coordinate counterterrorism intelligence across the federal government. Although the FBI formally declared terrorism its No. 1 priority years before 9/11, in 2001 only 6 percent of FBI personnel were working on counterterrorism issues and FBI special agents received more time for vacation than for counterterrorism training. A massive effort to reform the bureau’s counterterrorism capabilities across the FBI’s U.S. field offices ended in disaster: Just weeks before 9/11, an internal report gave all 56 offices failing grades. The assessment was considered so embarrassing, it was highly classified and only a handful of copies was ever produced.

I found that organizational weaknesses led the CIA and the FBI to miss 23 opportunities to penetrate and possibly stop the 9/11 plot. Among them are the facts that CIA officers had identified two suspected terrorists attending an al-Qaeda planning meeting in Malaysia, learned their full names, and discovered that one held a U.S. visa and the other had traveled to the United States. More than 50 CIA officials had access to this information, yet nobody told the State Department or the FBI for more than a year. Until 9/11, there was no formal training, no clear process, and no priority placed on warning other government agencies about dangerous terrorists who might travel to the United States. When the CIA finally did tell the FBI, 19 days before 9/11, the bureau designated its manhunt for the two suspected terrorists as “routine,” the lowest level of priority, and assigned it to a special agent who had just finished his rookie year. This wasn’t a mistake, either: For the FBI, catching perpetrators of past crimes had always been far more important than gathering intelligence to stop a potential terrorist attack.

The pair should not have been that hard to find. They were hiding in plain sight inside the United States, using their true names on identifiers such as rental agreements and credit cards. One was even listed in the San Diego telephone directory. And while living in San Diego, they made contact with several targets of FBI counterterrorism investigations, at one point living with an FBI informant.

The two operatives went on to crash American Airlines Flight 77 into the Pentagon. They didn’t need secret identities or clever schemes to succeed. They just needed the CIA and the FBI to operate as they usually did.

[Read: What Bobby McIlvaine left behind]

In the 20 years since 9/11, American intelligence agencies have been retooled and revamped to combat terrorism. Reforms include the creation of a director of national intelligence, the National Counterterrorism Center, and the Department of Homeland Security—in sum, the largest restructuring of American intelligence since 1947. Budgets have skyrocketed, and integration between intelligence and military operations has reached new levels, yielding stunning counterterrorism successes, including the operation against the 9/11 mastermind Osama bin Laden.

But the threat landscape never sleeps. Today, American intelligence agencies face another moment that requires rapid adaptation. This time, the dangers arise from technology. Technologies such as artificial intelligence, the internet, biotechnology, and satellite miniaturization are profoundly changing global economics and politics, empowering old adversaries, unleashing new threats, and challenging every facet of the intelligence business. Never have so many technological advances converged so quickly and changed so much.

In the old days, power and geography protected America. Not anymore. Cyberspace is enabling adversaries to attack us across long distances without firing a shot, hacking machines as well as minds. China has prosecuted a sustained and successful campaign to steal huge amounts of American intellectual property for economic and military advantage. Russia is using cyber-enabled information operations to interfere in elections and undermine democracies from within. Criminal groups are waging ransomware attacks against American cities, energy suppliers, and other crucial infrastructure. The array of threats facing the country has never been greater because cyberspace is strengthening the weak and weakening the strong. Advanced industrial democracies are exceptionally vulnerable to cyber breaches of all kinds because they are the most digitally connected and because their freedom of speech enables nefarious actors to deceive at scale.

Technology is also disrupting the ability of American intelligence agencies to make sense of the world. Intelligence has always been a business of finding needles in haystacks to generate insight. Now the haystacks are everywhere and growing exponentially, because the amount of data on Earth doubles about every two years. Connective technologies are driving this data overload, with no end in sight.

The U.S. intelligence community needs a radical reimagining to succeed in this new era. In the past, advantage came from stealing secrets. Secrets still matter, but advantage more and more derives from harnessing open information available to anyone and from human thinking, augmented by machines, that can sift through enormous troves of data to find hidden patterns.

Success requires three key ingredients. The first is the creation of a new, independent intelligence agency dedicated to open-source intelligence. The CIA, the National Security Agency, and other elements of the intelligence community have open-source efforts under way, but secret agencies will always favor secrets. The U.S. will never be able to win the race for insight so long as open-source intelligence remains trapped inside agencies that believe more in their secret missions.

The second necessary ingredient is talent. Our intelligence community was designed for an era when intelligence officers were expected to be lifers. Today’s best and brightest typically move jobs multiple times in their career. What’s more, our greatest talent needs are in science and technology, precisely the areas with the toughest private-sector competition. Attracting the right workforce for the digital era starts by enabling technologists to move much more easily into and out of government at all stages of their career.

The third ingredient is strategy. We need to rethink what intelligence is and who it serves. Today, the policy makers who need intelligence to protect the nation don’t just live in Washington and hold security clearances. They include chief executives whose companies own and operate 85 percent of crucial American infrastructure—much of it vulnerable to a cyberattack—and tech leaders whose platforms have become disinformation superhighways.

Navigating the era of digital threats will not be easy. The private sector answers to global shareholders, not American voters. Our national security does not rest in the hands of the government as it once did. Protecting the nation from the next surprise attack requires faster action and a far-reaching transformation of intelligence.

This article was originally published in The Atlantic. Sign up for their newsletter

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.