CIA Director John Brennan is planning a major expansion of the agency’s cyber-espionage capabilities as part of a broad restructuring of an intelligence service long defined by its human spy work, current and former U.S. officials said.
The proposed shift reflects a determination that the CIA’s approach to conventional espionage is increasingly outmoded amid the exploding use of smartphones, social media and other technologies.
U.S. officials said Brennan’s plans call for increased use of cyber capabilities in almost every category of operations — whether identifying foreign officials to recruit as CIA informants, confirming the identities of targets of drone strikes or penetrating Internet-savvy adversaries such as the Islamic State.
Several officials said Brennan’s team has even considered creating a new cyber-directorate — a step that would put the agency’s technology experts on equal footing with the operations and analysis branches, which have been pillars of the CIA’s organizational structure for decades.
U.S. officials emphasized that the plans would not involve new legal authorities and that Brennan may stop short of creating a new directorate. But the suggestion underscores the scope of his ambitions, as well as their potential to raise privacy concerns or lead to turf skirmishes with the National Security Agency, the dominant player in electronic espionage.
“Brennan is trying to update the agency to make sure it is prepared to tackle the challenges in front of it,” said a U.S. official familiar with the reorganization plan. “I just don’t think you can separate the digital world people operate in from the human intelligence” mission that is the CIA’s traditional domain.
Like others, the official spoke on the condition of anonymity to discuss internal decision-making.
The expanded emphasis on cyber is part of a broader restructuring envisioned by Brennan that is expected to break down long-standing boundaries between the CIA’s operations and analysis directorates, creating hybrid “centers” that combine those and other disciplines.
Brennan is expected to begin implementing aspects of his plan this month, officials said. He recently met with senior members of the House and Senate Intelligence Committees to outline the proposed changes.
CIA spokesman Dean Boyd declined to comment, saying that “final decisions have not yet been made with respect to agency reorganization efforts.” In a notice to the CIA workforce last year, Brennan said that he had become “increasingly convinced that the time has come to take a fresh look at how we are organized.”
The changes are designed to replicate the model of the CIA’s Counterterrorism Center, which has surged in size and influence since the Sept. 11, 2001, attacks. The restructuring could lead to new reporting lines for thousands of CIA employees, as long-standing units such the Latin America and Near East divisions give way to new centers that combine analysis, collection and covert operations.
The National Clandestine Service and the Directorate of Intelligence — the formal names for the operations and analysis branches — would continue to exist, but would focus more on developing talent and resources that could be distributed to the new centers.
“It would be a huge deal,” said Michael Allen, a former White House and congressional aide who wrote a 2013 book about intelligence reform. Unlike at the FBI and other security agencies, Allen said, “there hasn’t been wholesale structural reform in the CIA post-9/11.”
Former officials who are familiar with the plan said it has caused generational friction within the CIA’s ranks, with longtime officers resisting changes that younger employees are more eager to embrace.
The head of the clandestine service recently resigned, in part over objections to the scope of Brennan’s plan, officials said. Brennan quickly replaced him with a longtime officer who had led an internal review panel that broadly endorsed the director’s reform agenda.
Although limited compared with the larger NSA, the CIA has substantial cyber capabilities. Its Information Operations Center, which handles assignments such as extracting information from stolen laptops and planting surveillance devices, is now second only to the Counterterrorism Center in size, former officials said.
The CIA also oversees the Open Source Center, an intelligence unit created in 2005 to scour publicly available data, including Twitter feeds, Facebook postings and Web forums where al-Qaeda and other terrorist groups post material.
Brennan hopes to make the use of such capabilities more pervasive, U.S. officials said, ensuring that expertise and tools that now reside in the Information Operations Center are distributed across the agency.
The move comes at a time when the CIA has struggled to gain traction against adversaries — including the Islamic State and the Jabhat al-Nusra terrorist group — that recruit and communicate extensively online but operate in combat zones that CIA officers are generally not able to enter.
But officials said digital changes have transformed even the most conventional cloak-and-dagger scenarios. Secrets that were once obtained by recruiting a source or meeting in a safe house increasingly reside in clouds of digital transmissions that surround espionage targets.
To recruit a Russian spy, “you may need to manipulate someone’s e-mail, read someone’s e-mail and track the whereabouts of the FSB,” a former official said, referring to the Russian security service. “Cyber is now part of every mission. It’s not a specialized, boutique thing.”
Beyond elevating the role of the Information Operations Center, U.S. officials said, Brennan is seeking to ensure that the agency is not lagging in other areas, such as counterintelligence work and the CIA’s internal e-mail system.
Brennan provided only broad outlines of his plan in recent congressional meetings, which excluded all but the four highest-ranking members of the House and Senate intelligence panels. A senior U.S. intelligence official said some senior NSA executives remain in the dark on Brennan’s cyber ambitions.
In recent years, the CIA has collaborated extensively with the NSA on a range of covert programs, including its drone campaign against al-Qaeda. Documents released by former NSA contractor Edward Snowden showed that e-mails and cellphone signals intercepted by the NSA were used to confirm the identities of targets in strikes.
But the CIA also has fought budget and bureaucratic battles to maintain its standalone capability, prompting some to view the latest push as an attempt to capitalize on Washington’s growing alarm over cyberthreats — and the corresponding shifts in federal budgets.
Former CIA officials said that the agency is mainly concerned about having direct control over the cyber components of its operations and that Brennan’s plans would not encroach on the global surveillance programs run by the NSA. Nor would they interfere with the work of a new agency the Obama administration is creating to fuse intelligence on cyberattacks.
Brennan’s push to expand the CIA’s cyber capabilities is “entirely appropriate, even overdue,” said Stephen Slick, a former CIA official who directs the Intelligence Studies Project at the University of Texas at Austin. “Advances in digital technology are having a revolutionary impact on the intelligence business, and it’s important for CIA to adapt its collection and covert action missions to account for the new opportunities and dangers.”
Ellen Nakashima and Julie Tate contributed to this report.
By Greg Miller February 23
Find this story at 23 February 2015