I agree with McMahon and Schellhammer that the intelligence community must embrace emerging information technology and abandon paper-based products. Getting rid of paper, however, would not fix the underlying problem.
In Stop the Printers! Ditch Paper to Prevent National Security Leaks, my colleagues Heather McMahon and Michael Schellhammer flagged the U.S. government’s reliance on paper as an enduring security flaw that has led to multiple leaks. I agree with McMahon and Schellhammer that the intelligence community must embrace emerging information technology and abandon paper-based products. Getting rid of paper, however, would not fix the underlying problem. The FBI’s list of spying’s “who’s who” is a testament that the character of espionage and mishandling information is ever-changing, but its nature endures. Counterintelligence professionals must focus on the nature of the espionage environment to respond as the character changes.
Stop Focusing on the Media
Stop the Printer’s examples focused on the character of espionage (the symptom), not the nature (cause). Focusing only on paper as the threat overlooks the myriad of other methods people have used to copy, retain, exploit, and provide information to foreign intelligence services. One of the citations presented as proof of paper’s malfeasance contained 11 examples of mishandling of information, of which only four were solely from printing, the rest being handwritten notes, media, or a combination of all three. Other recent examples prove that paper is not the primary issue. Employees bypassed security protocols to extract classified information from secure spaces in each instance. U.S. Air Force Airman First Class Jack Teixeira transcribed top-secret material, which he then shared on a digital platform. Special Operations Command linguist Mariam Thompson, convicted of providing information to Hezbollah, hand-copied information from secure terminals. U.S. Army soldiers Ethan Melzer and Cole Bridges, who also pleaded guilty to multiple charges, provided sensitive information from memory. Other examples include Edward Snowden downloading information from the NSA onto a thumb drive and the U.S. Navy sailor who “collected and recorded” information to provide to China’s foreign intelligence service. Finally, the arrest of a U.S. Army specialist accused of providing intelligence to China is the most recent example that paper was not the underlying cause. A search of the items listed in the Department of Justice press release revealed that most were easily obtainable online, i.e., they did not need to be printed.
The common denominator in all of these examples remains human nature, which can be compelled or coerced to disclose information for a particular motivation. Instead of solely focusing on the medium of disclosure, U.S. counterintelligence professionals must consider the environment that shapes a lax security attitude and build redundancies that address the nature of espionage regardless of the method used, whether through paper, a cell phone, a burned CD labeled Lady Gaga, or memorization. The best counter is to ensure a perpetrator must encounter multiple obstacles to remove information and increase the probability of their being detected.
Enforce the rules and frameworks that already exist
The security/convenience continuum posits that 100 percent security equals 0 percent convenience, and 100 percent convenience equals 0 percent security. Since it is impractical to have ultimate security, some degree of loss is inevitable. As such, a balance between the two is necessary but not sufficient for either one. Security procedures that address the nature of espionage remain the best defense. Enforced policies such as random bag checks, polygraph examinations, counterintelligence briefings, security education, and security screenings are essential mechanisms that form obstacles to mishandling information and increase the probability of detection.
The lax security apparatus at the Air National Guard unit enabled Jack Teixeira to collect and mishandle information. The Department of the Air Force’s report noted multiple instances of the unit overlooking or not enforcing security procedures. In two examples provided in Stop the Printers, government officials, over numerous years, had been able to walk out with reams of classified information. Random bag checks and analyzing printer logs would very likely have prevented or detected these actions. Even if paper were not available, these individuals would very likely have found other means to mishandle classified information.
Bring counterintelligence out of the twentieth-century
Artificial intelligence (AI) and machine learning, which are changing the character of war, will also change how intelligence services spy and collect information. China, Russia, Iran, and North Korea already embrace large language models to exploit vulnerabilities. The Islamic State of Iraq and Syria is employing AI avatars to create and disseminate jihadist ideology. The FBI’s Counterintelligence Division also notes that spying is “quickly becoming cyber-based,” and paper’s relevance as a spying medium will almost certainly decrease.
Instead of restricting paper, the U.S. counterintelligence community must risk a forward posture of machine learning and AI adaptation to detect disclosures and espionage before it happens.
Because counterintelligence is figuring out what Red knows about Blue and preventing Red from discovering more, U.S. counterintelligence services must keep pace with or leap ahead of our adversaries. As the U.S. government moves towards cyber-based operations, embracing AI-enabled systems would pull counterintelligence ahead of the changing character of espionage. Instead of restricting paper, the U.S. counterintelligence community must risk a forward posture of machine learning and AI adaptation to detect disclosures and espionage before it happens. Counterintelligence services possess an extensive dataset of legacy investigations and intelligence reporting that, if adequately curated and in accordance with intelligence oversight to protect civil liberties, would form a suitable dataset for machine learning that would augment counterintelligence activities. Computer and printer logs already exist and could form the foundation of curated data sets to “teach” an algorithm the average output to enable detection across platforms. Employing AI to construct assessments of the likely avenues an adversary would attempt exploitation, especially in overseas environments, would prove critical to getting ahead of a threat. Instead of “dirty word searches,” AI can detect if the content of the information itself is classified, and a keylogger system could determine if someone is transcribing text from a classified system to an unclassified one.
The Department of Homeland Security is already fielding AI through private/government partnerships and incorporating AI into its operations. Within the DoD, counterintelligence units need to work with the Chief Digital and AI Office to help craft relevant policies for counterintelligence operations and investigations to include encouraging the use of AI, promoting AI in professional education, and experimenting with AI “sandboxes,” such as the one MITRE is creating for the DoD.
Conclusion
My colleagues have done a great service by highlighting a serious national security threat, but ditching paper will not prevent information leaks. Restricting paper (or notebooks, cellphones, etc.) would only shift disclosures to other media. Instead, the U.S. government must enforce the security frameworks already in place to confront the enduring nature of espionage and unauthorized disclosures. Likewise, the counterintelligence profession must innovate and adapt machine learning and AI to augment the profession. Our adversaries already leverage AI’s potential to exploit our vulnerabilities and spy on the United States and our allies. We must embrace emerging technologies to keep pace with our adversary’s capabilities or risk more frequent and damaging disclosures.
Tom Jackson is a supervisory special agent with the U.S. Army Counterintelligence (CI) Command. Prior to his arrival at Carlisle Barracks, Mr. Jackson was detailed as a program manager to FBI HQ, CI Division, where he managed the CI national security portfolio of two FBI field offices. He is a graduate of the AY24 Resident Course at the U.S. Army War College.
The views expressed in this article are those of the author and do not necessarily reflect those of the U.S. Army War College, the U.S. Army, or the Department of Defense.
Photo Credit: Created with Bing AI image generator