Exclusive: Biden's spy chief, Avril Haines, on Russian cyberattacks, the climate crisis and the intelligence community's role in domestic terrorism

·Editor in Chief, Yahoo News
·28 min read
Director Avril Haines of the Office of the Director of National Intelligence (ODNI) testifies during a Senate Select Committee on Intelligence hearing about worldwide threats, on Capitol Hill in Washington, Wednesday, April 14, 2021. (Graeme Jennings/Pool via AP)
Avril Haines, director of national intelligence, at a Senate Intelligence Committee hearing on April 14. (Graeme Jennings/Pool via AP)

As you approach the Office of the Director of National Intelligence, a sprawling compound in northern Virginia, you could easily mistake it for any other drab office park in the D.C. suburbs. But it’s from there that Avril Haines, who has been on the job as director for just over five months, will undoubtedly help shape the posture and tone of the intelligence community during the Biden administration. Events will dictate how much and how quickly, however. In national security there is always both continuity and change from administration to administration. On any given day, Haines must deal with the immediate threat of a foreign terrorist attack on the homeland or the three-dimensional chess of the U.S.-China rivalry; she is facing ever-present but always-evolving threats like cyber and ransomware strikes; and there’s a growing list of nontraditional threats like the next pandemic, climate change and the fierce competition over emerging technologies such as artificial intelligence and quantum computing.

Haines, a lawyer and former deputy CIA director who once owned and ran an independent bookstore in a transitional neighborhood in Baltimore, sat down with Yahoo News’ editor in chief, Daniel Klaidman, to discuss the challenges as she sees them. Among the topics: why she believes it is entirely possible we will never know the true source of the COVID-19 pandemic, why in the wake of the Jan. 6 attack on the Capitol her office has a legitimate role to play in the fight against purely domestic terrorism, and why the intelligence community “simply cannot succeed” without a “diverse and talented workforce.”

This interview has been lightly edited for clarity and length.

Daniel Klaidman: I wanted to start with a couple of controversies that have been in the news a lot lately that relate to the intelligence community.

The first one is clearly something that everyone here cares a lot about, that the whole country and the whole world cares about, which is the question about the origin of the COVID-19 pandemic. After 600,000 Americans have died, and close to 4 million people worldwide have died, there's still uncertainty about the origin of this terrible virus. The intelligence community has been tasked by the president with reviewing very closely the intelligence and to figure out where this thing started.

As you know, there are these two main theories: that it emerged from human contact with an infected animal or that it leaked from a research lab. Most people talk about the Wuhan Institute of Virology.

Do you have anything to report today on that review?

Avril Haines: No. I mean, you're exactly right that there are two theories that we have postulated as the most plausible, one of them being a lab accident and the other being human contact with an infected animal. At this point, the majority of components [of the intelligence community] effectively look at these two theories and say there's not enough information to choose between them, in effect. There's two components on one side that lean towards one, there's one component that leans towards the other. But honestly, we simply don't have enough information at this stage. The 90-day review is really a direction to redouble our efforts, to think of every possible additional source of information that we could unearth to try to answer this question. So that's what we're doing for the president.

Can you tell us a little bit about how the review is being conducted?

Absolutely, I can give you some sense of it. This is an issue that the intelligence community has been focused on for some time, so it's not as if we brought in a whole bunch of new people to do the work. Within ODNI, the National Counterproliferation Center is taking the lead on this, facilitating work across the intelligence community. We have meetings about whether there are other collection options that we should be considering, bring in outside experts, and even talk to partners and allies to find out if they have any additional information that would be useful. We also test any assumptions we’ve made, and even do exercises in which we test our hypotheses. This is something we do regularly in the context of intelligence community work, such as when we “red cell” our work. We will try to think of other ways to look at the problem in order to see whether or not we might be missing something in our analysis.

So it's all about looking at it from different angles, making sure you're not blinded by your assumptions?

Right, exactly. But also trying to identify any new information that could be applied against the challenge, perhaps in new ways. For example, sometimes by simply brainstorming about different ways to approach a problem, you realize that information that you hadn't thought could be relevant and useful to you, might help you answer a critical question. President Biden believes in looking at science, bringing it in as much as possible in the context of our work, and certainly across the community we've seen the value of doing that. This is an area where science is critical, and so among the things that we're doing is working with our national labs, working with academics and thinking through whether any additional expertise or knowledge might be valuable to us as we try to solve this challenge.

Most scientists believe that the origin was likely natural, moving from an animal to a human. Do you think that is still the most plausible theory but you allow for the possibility that there was a leak from a lab? Or do you just not know?

Honestly, two things on that. I think I don't know between these two plausible theories which one is the right answer.

Do you have a feeling about which one is more plausible?

I don't. When you come to the conversation, I think you may have a particular bent. I don’t know which one is the right answer. As I've listened to the analysts, I really see why it is that they perceive these two theories as being in contest with each other, and why it's very challenging for them to assess one over the other. Consider that even if it's a lab accident, it could be a scenario, for example, in which a scientist comes into contact with an animal that they're getting a sample from, and gets the virus through that, right? So that's a variation that's weird.

Kind of a hybrid.

Exactly.

So it's really hard. And part of this, too, is proving a negative. You don't know what you don't know. It's true that the vast majority, as I understand it, of these types of viruses have been through natural contact. So statistically, that's why a lot of folks look at it that way. Otherwise, you also look at the fact that it appears to have come from the area in which this lab was doing work on coronaviruses, and you have to look at that option as well. You can make an argument in either direction.

At the end of the day, do you think it's possible that the intelligence community will never have high confidence or a smoking gun of the definitive origin of this virus?

Yeah, absolutely it's possible. I mean, in some ways, we're hoping to find a smoking gun, but it might not happen.

As the government’s most senior intelligence officer, what do you then do in terms of the advice and guidance that you give to policymakers who want to know, for all the obvious reasons, how to prevent the next one?

I think the best thing I can do is to present the facts as we know them and to present the analysis that we've done in as unbiased a way as possible. Honestly, I feel very blessed for having policymakers who recognize that we may not have an answer at the end of the day, that we're just going to do our damnedest to try to get to an answer. But what they hope and expect for me, I think, is that I actually present to them what it is that we do and we don't know, and I don't try to make something up in this context for purposes of giving them an answer that I think they might like to have.

On another subject of controversy, the Biden administration and the Justice Department have now said that they will not seize the records of reporters in leak investigations. You're likely going to come under pressure from within the intelligence community, people who want these national security cases investigated, because of the importance of protecting national security, protecting sources and methods and those sorts of things. What will you tell your own workforce about the balance between protecting the First Amendment and the importance of stopping or preventing unauthorized leaks of classified information?

I don't expect there to be a challenge, to be honest. I don't anticipate that. There was a similar policy perspective from President Obama's administration, and I would expect that we would comply with any edict that the Department of Justice or that the president lays out.

The reality is, as you know, there are lots of scenarios in which we, as a prudential matter, because of our values, because of our laws or for other reasons, do not engage in certain activities, such as collection, or adjust the way we do our work. As a society we make decisions about what we think is appropriate. A good example of this is the exclusionary rule associated with the Fourth Amendment. We have taken the decision that under certain circumstances the government may not use evidence that may even prove someone’s guilt if it was gathered from an unreasonable search and seizure in violation of the Fourth Amendment. And we're saying, because of a societal concern about unreasonable searches in violation of an individual’s rights, we believe this is the best way to deter law enforcement officers from conducting such searches.

At the end of the day, we are trying to protect our communities, our democracy, our way of life — and in doing so we need to make sure that we are in fact living up to those ideals, or we will lose the very thing we are protecting. In my experience, the intelligence community understands that.

It's striking that over the last few years we've really moved in such a significant way from foreign terrorism as the primary threat against the United States to big-power competitions and to all of these evolving nontraditional threats that are out there. On China, what is the most worrisome threat that China poses to the United States, in your assessment?

It's a great question, because I think as a general matter we look at China as being the priority, and there's remarkable, frankly, bipartisan consensus on this point across the board. But you have to prioritize. One priority is obviously countering unfair, illegal or aggressive actions that undermine democratic processes, the international order or our values, but without going to war. Frankly, neither country wants to go to war. And yet both countries are worried about the potential for escalation. And that's a space where the intelligence community can be particularly helpful — making sure that there is a better understanding of key tension points in the relationship, including why another country is reacting the way they are reacting, but also ground truth on what they are doing. To do our job, we have to have a decent understanding of each country’s motivations, intentions, moves, etc., in order to avoid mistakes and miscalculations, but also in order to help our policymakers make better decisions as they pursue U.S. interests.

There's a whole series of things that our policy community has identified for us within the China space that are critically important issues. For example, there's countering them from the perspective of unfair trade practices and economic issues. And so, obviously, we spend a fair amount of time trying to make sure that we understand what they're doing, when they're doing it, why are they doing it, that sort of thing.

We also look at Chinese theft of intellectual property, malicious cyberactivity and so on. And of course we spend a fair amount of time on what is often described as a competition between democracy and authoritarianism in today's world. In doing so, China is again a major focus as it pursues global influence countering democracy and, in some cases, human rights values, whether it's in the context of the Uyghurs and forced labor or other areas that we've tried to call out.

Are you ranking these issues? China using its economic leverage for global dominance or undermining democracy around the world? How do you think of the priorities, just in your own mind?

The policy community provides to us what it perceives to be the priorities we should follow, and of course there are a variety of different ways to develop such rankings. But as I noted, neither country wants to go to war, and in some respects we have a similar objective, which is stable prosperity where we can pursue our interests. The challenge is that our vision of what that future looks like and their vision of what that future looks like are very different.

One of the challenges that we see is China's perception of the United States — obviously not our perception of the situation, but China's perception — seems quite clearly to be that they're on the rise, while they perceive us to be on the relative decline. They believe that there's likely to be the most potential for escalation when we pass each other. They also believe that we are trying to contain them. And they increasingly believe, and I think this is really at the heart of our challenge right now, that it is a zero-sum game, despite what we say or what they have been willing to consider in the past.

As a consequence, so much of what's happening is left of boom — it is basically a scenario where you're not actually engaging in military conflict but you're effectively trying to use every lever to pursue and to promote leverage and deterrence against what you perceive as actions that are against your interests. This means bringing together economic, political, military and even our values as part of the play. So if you're in the South China Sea, it may be that they're taking actions that are aggressive but not directly in conflict. They're pursuing both symbolic and real gains that give them greater capacity for military action should they choose to use it and to send a message.

At the same time, they're taking action that relates to trade and to economic levers. So each of these things are interconnected in many ways, and part of the challenge for us is bringing them all together in a way that allows the policymakers to see the bigger picture. And I think the thing that is the golden thread for all of this from the policy side and across the board is just, there's no way for us to really effectively address the challenges that we're facing without partners and allies. And so it's also a question of understanding not just what they're doing vis-à-vis us, but how that's impacting partners and allies and how we can bring together our coalitions in order to actually match those issues.

What about Russia?

Part of the challenge is actually separating out Russia from China, because they really are so different and the implications and the trajectories that they're on are different, and therefore the way we should be responding to them has to be different. And Russia, I would say, is not in the same place, quite obviously. Russia is not on the rise the way China is. I think some people would say it's on the decline, but it is without question both capable of and interested in disrupting the international order the United States supports and benefits from. And while China tends to be deliberate and focused on the long term in their approach to things — and that's kind of a classic caricature of them, and it doesn't mean in every circumstance — but I think Russia's doing a kind of a rugby game, they know where they want to go, what's in their interest, and then they're using every opportunity to push forward on the field.

And so they're actually quite adept, I think, at shifting when they need to play on something that they are interested in. And so I think they're going to do a fair number of things that are disruptive. They have less to lose in many of those scenarios than we do, because we benefit from the international [order], or it helps to promote our prosperity and our allies’ and partners' prosperity. And so when they take those actions, they frequently are not disrupting an order that is as valuable to them, at the same time that they're trying to gain an advantage. And so in our context we do try to increase the cost. But again, doing it in a way that is not just on a bilateral basis, but actually is with partners and allies. I think that has consistently been the best way to do it.

And as you say, we've responded to things, like [the poisoning of Russian opposition leader Alexei] Navalny, and I actually think they have received some cost as a consequence of that. I mean, I think the sanctions that we did, the fact that we had Europeans with us in doing that, I think there's a fair amount of opportunity for pushback in these areas. But I also think not overreacting in some respects, doing it in a proportionate way, doing it in a deliberate way, is helpful.

Does that dynamic, doing it proportionately in a deliberate way, also relate to the cyber challenge?

Yeah.

Because there's some ambiguity there about their role. And clearly, there have been a lot of attacks lately on our infrastructure, on different economic sectors. How does the intelligence community currently assess connections between the Russian state and these criminal hackers who have been waging this latest onslaught of ransomware attacks, some of which have been linked back to Russian criminals?

Gosh, Dan. I don't know what the public line has been on this. Let me give you a general piece on this, and then I think we'll get to the heart of your question regardless. We have seen an increase in ransomware attacks and in particular towards critical infrastructure over the last few years, and there's consistently a concern, and this isn't just in cyberspace, about Russia not taking action to ensure that criminal actors don't use their territory in order to conduct attacks. There are a series of concerns that one might have in that area. One is if you take — as I do, at least — the proposition that any attack on critical infrastructure in another country is an absolutely fundamentally important issue, and that such an attack can be destabilizing.

And we know that it can be done fairly easily on a cross-border basis. Then it's like so many other things that we've seen in transnational crime, where all of us have a responsibility to set up a framework that allows us to ensure that people are not using our territory from which to conduct those kinds of attacks. And whether it was in the context of terrorism, like aircraft bombings, these are the kinds of things that countries have gotten together and said "no" to. And so that is critically important. Even if they're not directly connected to a criminal organization within their country, one of the challenges is that those countries that are engaging in cyberactivity as a state are also training people on how to do it. And that means that they are even more susceptible to this challenge. I really believe that there's not going to be a way for us to manage this unless we actually work together in order to ensure that folks are not engaging in that activity from each other's countries. From an intelligence-community perspective, I'd say this is something that we're tracking. This is something that we see as being on the rise. This is something that we continue to provide the policy community with as much information on as possible.

Do you think the intelligence community needs any new or additional authorities to monitor U.S. networks? And is that something that you may be talking to Congress about?

Yeah. Let me start with the fact that [National Security Director and Commander of U.S. Cyber Command] Gen. [Paul] Nakasone has talked about the challenge with actually providing analysis, right, on attacks on cyber, where so much of what's happening is inside the United States, because it's on networks and infrastructure that is in the United States and owned by the private sector. And the challenge is in part collecting, obviously, on those targets, because there's a different legal regime that exists.

And also recognizing, as he does when he talks about this, that there are good reasons for many of the different legal regimes. Additionally, from a resiliency standpoint, the private companies who are managing or connected to our critical infrastructure are not subject to legal or cyber hygiene standards, and of course there are things that everyone should be doing to improve their cybersecurity. And in many ways in this space, if one entity in the chain is vulnerable, then everybody's vulnerable as a consequence, to some extent. An additional issue is that there isn't an obligation on the private sector to provide to the government information about attacks that occur on their infrastructure, which is something that Congress is looking at changing.

I am in favor of that. I also recognize that this is not an easy issue, in the sense that private companies are also just worried about protecting their customers’ information, all things that we need to be thoughtful about. But the fact is that the United States is reliant on our digital infrastructure, that we use it in ways that allow us to take advantage of opportunities, smart energy, policies and efforts, which require us in many respects to connect our electric infrastructure to the digital grid so that you can adjust what it is that you're doing in those spaces in order to save energy. That makes an awful lot of sense, that if you're on a network you're going to be able to do that. But it also means that we're more vulnerable as a consequence. So the more advanced we've become, the more challenging it is to protect. And so that is a piece of the puzzle in addition to the fact that, as I mentioned, the private sectors don't have to live up to certain standards. They don't have to provide us with information, right? All of these things just build.

But bottom line, these disadvantages are built into our system.

Yes.

Will that require some new authorities?

We’ve been looking at this question, and Congress has also asked whether there are additional authorities that we need to address the threat. NSA, DOJ, FBI, DHS and others are looking at this question, but in doing so, they will not simply look at whether they need new authorities to collect more information — they will also take into account privacy and civil liberty concerns as they do so, in an effort to pursue what makes sense from a security and a values perspective.

On the SolarWinds cyberattack, there's been some skepticism about how the administration has talked about it. Obviously, we've imposed sanctions, we've kicked out diplomats. But the skepticism is that, isn't this in the realm of espionage and isn't this the kind of thing that the United States does against its rivals on a regular basis?

I think it's virtually impossible for me to answer that in an unclassified way.

In a recent interview, Alejandro Mayorkas told Yahoo News that domestic violent extremism is the greatest terrorism threat we face, greater than al-Qaida, ISIS or other jihadi groups. Do you agree with that? Is he right about that?

Yeah. We've stated that in public and in the annual threat assessment.

Help us understand what the intelligence community's role ought to be in this. Because it's an important question. I mean, should the CIA have a role in combating domestic terrorism that does not have a nexus with foreign terrorism? What's the appropriate role of the director of national intelligence?

Yeah. So I find this issue totally fascinating. And by the way, I really think this deserves more time, for what it's worth, Dan. Because to me, one of the things that will characterize our work over the next few years is this seam between domestic and international. And it just came up in our conversation about cyber.

This is an issue. It's also true for malign influence. It's impossible to really assess what the threat is in malign influence without looking at what is happening domestically. And it's true with counternarcotics. And it's just increasingly true across the range of things as the line between what is domestic and international collapses. We talked about, frankly, in the context of the transition [of administrations], that this was a reality and that we needed to integrate our policy between the domestic and international. It is also true for our threat assessments and how we look at them.

It's really hard. Start with domestic violent extremism, which is where your question originates. NCTC [the National Counterterrorism Center], which is a part of the Office of Director of National Intelligence, has its own statute, which explicitly indicates that domestic intelligence and international intelligence can and should be brought together. It gives them the mandate to do that in order to pull together a whole-of-government national counterterrorism strategy.

And in fact, in the original IRTPA [Intelligence Reform and Terrorism Prevention Act], you look at the term used in the statute — “national intelligence,” which originally was proposed to be “foreign intelligence,” and that got pulled out and “national intelligence” was used for this purpose, because in the context of terrorism we have learned the lesson that keeping these two things apart is a problem for us, that we actually need to connect the dots in order to understand the whole picture.

And so NCTC has the ability and the legal authority to bring this information together for the purpose of analysis. The challenge is — and I think here is what we appropriately can and should do, in my view — is to provide support to FBI and DHS as they are taking the lead for the U.S. government in approaching how to respond to those issues.

Well, let me give you a specific example here. If there is a purely domestic cell operating in this country that poses a threat, a mortal threat to Americans or to our way of life, would DNI provide resources? Would you get involved in providing analysis to deal with something like that?

Yeah. I mean, so again, we could do so in support of FBI and DHS. And in that context, it's not that we would be tasking collection. We weren't doing any of those things. What we were doing was simply pulling together the information and providing analysis in support of their work. So yes, it can include information about purely domestic issues, but this is all in the small-p political context, which is to say that our work in this area has really been at the third rail for the intelligence community, because historically, this is the space where we tend to be. ... We're providing analysis. It can be perceived as us pursuing purely domestic [intelligence].

Right, but that's the distinction that you see, collection versus analysis?

There is a big difference, yes. Like so many things, it's very challenging to draw very bright-line rules in [crosstalk].

Is it fair to say that the lines are a little blurry and you're in the process of trying to figure that out still?

I would say it's less that the lines are blurry, to be honest, because we have a lot more authority. That's not so much the challenge. The challenge is in clearly articulating, I think, both to the American people and to others, "Here's what we're doing and here's what we're not doing, and this is what we think makes sense, and here's why." And I do think it's virtually impossible to feel as if you're doing your job. Part of our mission is to help the rest of the government work through these issues. And so I also don't want to shy away from it. When there's something that we can do to help those who are trying to respond to these issues, we want to do that so long as it's legal and it's appropriate.

You've talked a lot about the shifting landscape of intelligence, national security. You obviously couldn't have a better example than COVID-19. What are other examples of these new and emerging nontraditional threats, and how do you get the American people, the Congress, the media, to take these threats as seriously as the traditional ones, like international terrorism, nuclear proliferation?

I think there's a panoply of issues that are shifting the landscape in long-term, destabilizing ways that we have to integrate into our short-term work, in effect. And I think that's really the challenge. Climate is a perfect example of this. Climate is an urgent crisis, but it's very hard for a variety of institutional reasons to actually integrate it into your day-to-day work in a fully successful way, which is to say that it's much easier to focus on climate negotiations or what states are doing in their policies. But to actually bring it into your day-to-day work and say, "Here's the impact that the JCPOA [Joint Comprehensive Plan of Action, the 2015 Iran nuclear deal] has on climate," things like that, you need to drive it into the space.

Public health is another example. The bio-threat issues are expanding and changing quite rapidly, particularly as it converges with different technologies. Biotechnology is such a revolutionary field that just keeping ahead of understanding how it's impacting all of these other things is critical. And that's a similar problem to the climate one that I mentioned, but it's a different variation on the theme.

In bringing together the intelligence community component heads, I asked them, "What are your priorities looking forward in the next budget cycle?" And it's astonishing the degree to which, in addition to focusing on China and all of our major threats that we talk about in our annual threat hearings, all of us have come to the conclusion that a diverse and talented workforce, investing in science and technology and tools that allow us to be better at what we're doing, our institutions, our partnerships, our resilience, our capacity to integrate this expertise, is what is really important at this critical time in our history. All of those things allow us to be more effective at actually addressing the rapidly changing landscape of threats.

You talk about diversity, inclusion and equity, and you call these mission imperatives that are emerging as one of the top national security issues of our time. What do you mean by that?

I think we cannot succeed unless we get a diverse and talented workforce, unless we are inclusive, unless we are paying attention to equity. We just simply cannot succeed. And so I see that as fundamental. And part of the challenge here is that it's really hard work. It's not just saying it or going to recruiting events. This is something that you have to keep on talking about and thinking about and doing something about every single day. And that's something that I think makes it really one of the fundamental issues of our time, and one that we just cannot underestimate the importance of.

And I'll tell you, we're doing a whole series of things, whether it's in the context of thinking through not just the recruitment grant — ways in which you can actually bring in different parts of the population, starting to talk to them so they understand what we do so that they might be interested in coming in — but also thinking through, How do you retain that incredible talent once it gets in the door? How do you deal with that?

____

Read more from Yahoo News:

Our goal is to create a safe and engaging place for users to connect over interests and passions. In order to improve our community experience, we are temporarily suspending article commenting