“The ACD/EWI… is an invaluable source for a broad range of information about the risks to the West from economic attack, particularly from the militant Muslim world.” -Michael B. Mukasey, former U.S. Attorney General
Economic warfare is the direct or indirect manipulation of an economy by a state actor or other entity through legal or illegal means. It has been waged between states for centuries, but U.S. national security agencies are caught by surprise, time and again, in the current day.
“Economic Warfare Subversions: Anticipating the Threats”
Report and Some Preliminary Insights
An ACD/EWI Capitol Hill Briefing
July 9th, 2014
Sponsor: Senator Jon Kyl (R-AZ)
The American Center for Democracy and Economic Warfare Institute recently held a briefing on Capitol Hill that brought together ninpreeminent experts on national security to discuss U.S. readiness to prevent or mitigate attacks on its financial and economic infrastructure.
The purpose of the event was not simply to get their perspectives on topics such as financial vulnerabilities, cyber espionage (both commercial and defense-related), cyber warfare, transnational crime, and the like. This ACD/EWI briefing took the first steps necessary toward generating ideas regarding future threats, the relationships between threats of various sorts, and the policies and possible actions of government and business to meet such threats.
The July 9 event was the first in what we hope will be a series of briefings, both for the government and the private sector, carrying this generation of ideas forward.
The remarks of July 9 speakers are available on
*You may click the Next button on the control panel within the video below to skip to the next speaker.
*The link above with take you the video playlist.
Click here for the report.
Click to watch, “Like” it, and forward to expose the public to economic warfare threats.
In due course, ACD/EWI will produce a summary report on the event and the new ideas it generated. This will appear on the ACD/EWI website https://www.acdemocracy.org and will be circulated to our email lists and to those in attendance on July 9. Other products will be generated from the event, including a pdf of the transcript.
Some Preliminary Insights
The following bullet points identify our preliminary insights from the July 9 event. In some cases, the insight derives from a single speaker’s remarks. In others, what we say here is a distillation of related remarks by a number of speakers.
*The greatest threats to the U.S. economy are posed by wealthy states ruled by authoritarian leadership and by non-state actors. They have the most to gain and the means to make the greatest and most persistent efforts.
*Serious economic threats are most likely to proceed from the exploitation of small vulnerabilities at times when confidence in the economy and our ability to protect it are low. As with the crisis of 2008, which was self-inflicted, the effects of small disruptions of various sorts cascade and otherwise come together and can produce crises in confidence with mass effect.
*The financial sector represents some 8.4 percent of the U.S. economy, four times larger than a generation ago. Given exponential increases in the electronic management of financial industry, we face vulnerabilities and potential mass effects that neither government nor the private sector could have imagined just a short time ago. Accordingly, policy, regulation, and practice related to protecting the financial sector and mitigating future threats are far behind the vulnerability curve.
*It is worthwhile to compare the terrorist attacks of 9/11 and the financial crisis of 2008. Though one was kinetic and committed by outside forces, the other was self-inflicted. September 11, which was intended as an economic attack-that is, to shake confidence in the U.S. economic system-failed. Instead of creating crisis, it increased economic confidence because our response showed national resilience. The 2008 crisis diminished confidence in the system to a degree that still hinders our economic recovery. Again, that crisis was self-inflicted, but could have been caused by an economic attack from the outside. The loss of confidence has had many domestic and international ramifications. We have yet to find out exactly what happened in 2008 so we can take the proper action to prevent its reoccurrence.
*Potential economic threats are diverse. Anticipating them begins with the recognition and acknowledgement of vulnerabilities. These must not be conceived simply as weaknesses in the financial and physical infrastructures. A good example of a vulnerability we haven’t recognized, but al-Qaeda has (as evidenced in Osama’s documents), is the susceptibility of America’s West to wild lands arson. While the effect on life and property may not be catastrophic to the nation, the economic costs are enormous.
*Transnational organized crime, terrorism, and insurgency have finally been recognized as working lock-step with one another, both in terms of funding and action. This, in its turn, has caused vast increases in the corruption of government officials (in, for example, Mexico, Honduras, and other South American countries) and, in some cases, as in Lebanon, has effectively caused whole countries to fail. The linchpin that holds this insidious three-way partnership together is drug trafficking.
*In the cyber-realm, state and non-state actors who wish to harm the U.S. economy are likely to strike when the economy is most susceptible, adjusting their strategy and tactics according to the nature of the vulnerability. Nation-states present the greatest threat to the U.S. economy, with criminals (increasingly in league with terrorists) close behind. Nation-states, however, are constrained by their very status internationally. Criminals, for their part, are parasites who do not really want to kill the economies they’re stealing from. But they can be manipulated and empowered by states to act as surrogates. Least capable are private individuals and groups wishing to disrupt the economy for political, religious, or social purposes. This makes them intrinsically the most dangerous. Their capabilities will only grow as the digital world develops.
*Cyber espionage is not simply a threat to American businesses and commerce. It can be used to produce information useful in manipulating public opinion, swaying elections and influencing legislation.
*Defending computers and computer networks against cyber intrusion does not solve the problem. The best defense is cyber offense. Intruders must themselves be intruded upon. And the beneficiaries of cyber intrusion, whether foreign businesses or governments, need to be sanctioned. Tracing cyber intrusions is difficult, but possible with a large, concerted effort. If the U.S. private sector is the principal victim of cyber espionage, its resources and talents need to be harnessed to go on the offense. However, only government intelligence agencies can legally “hack.” There is a need for partnership between government and the private sector, as government has the authority and the private sector the means.
*Despite the multiple government agencies engaging in securing U.S. national security, there is no single entity that oversees the efforts to protect the country’s economy from outside attacks.
Our briefing illuminated the fact that whatever is claimed regarding increased government agency cooperation in dealing with economic threats is hyperbole. There is no ultimate authority that thinks in terms of economic threats and works on the synergies among them, coordinating the host of official agencies accordingly. U.S. offices that deal with threats continue to regard their work as limited and proscribed. And, in the current budget climate, there is less flexibility to adapt to developments and only small capacity to deal with new threats. These facts not only reflect circumstances of “bureaucratic history” but also the lack of understanding as to the limitations of our means to deal with threats that come from old thinking in the policy, regulatory, and legal areas. A few industries in the private sector have initiated programs to protect their assets, but most are looking for immediate gains and do not allocate the necessary resources to mitigate future threats because, for one thing, the government does not require it. In fact, both government and the private sector should bear the responsibility to secure our economy and cooperate to find the best way to tackle this threat.
*In dealing with new economic threats and circumstances, the law has a strong tendency to get in the way. This is not to disparage the law but, rather, to recognize that new circumstances beg some jettisoning of old principles and the creation of new ones. For example, the legal lines traditionally drawn between what government and the private sector can and cannot do are put under stress by cyber threats and approaches to meeting them. The inter-governmental Committee on Foreign Investments in the United States, which overseas foreign acquisitions in which the government has a bona fide interest, deals almost exclusively with screening foreign defense contractors. Greater transparency regarding foreign private sector investors can be pursued, but it is not conceived of as a government problem.
*Economic warfare is a form of aggression, whether it is pursued by state or non-state actors. However, “aggression” and the “right of self-defense” as concepts enshrined in international law (e.g., in the UN Charter) are of little use when it comes to countering economic threats. The problem is that there is not now, nor has there ever been, any clarity in international law as to what aggression is. We do, however, know it when we see it and react as we reasonably, carefully, cautiously, and prudentially can. Because of this, the law needs to get out of the way for the time being and, thereafter, learn from actions undertaken in defense against economic threats.
*Dr. Rachel Ehrenfeld, Director, Economic Warfare Institute, and author of Funding Evil: How Terrorism is Financed – and How to Stop It.: Overview and Introductions
*David Hamon, Distinguished Analyst for Analytic Services, (ANSER), former Director for Strategic Research and Dialogues, Defense Threat Reduction Agency: “Future Threats”
*Gen. Michael Hayden, principal, Chertoff Group, and former director CIA and NSA: “Cyber Nightmare: The Worst Weapons with the Worst Actors. How much should we fear ‘hacktivists’ achieving state like capabilities?”
*R. James Woolsey, Chairman of Woolsey Partners LLC and former director, CIA: “The Impact of Oil on Economic Warfare” (Member, ACD/EWI Board of Directors)
*Daniel Heath, Managing Director for North America, Maxwell Stamp PLC, and former U.S. Executive Director Alternate, IMF: “Financial Warfare-Policy, Practice and Vulnerabilities in U.S. Finance”
*Stewart Baker, partner, Steptoe & Johnson LLP, former assistant secretary for policy, Department of Homeland Security, and author of Skating on Stilts.: “State-Sponsored Cyberespionage”
*William Scott, former editor, Aviation Week; former official, National Security Agency; and author of Space Wars: “Fire Wars”
*David Aufhauser, partner, Williams & Connolly LLP, and former general counsel and chief legal officer, U.S. Department of the Treasury: “Transnational Crime-Unholy Allies to Disorder, Terror and Proliferation”
*Michael Mukasey, partner, Debevoise & Plimpton, and former attorney general of the United States: “Legal Perspectives” (Member, ACD/EWI Board of Directors)