Could Chinese Telecom Giant Huawei Put U.S. Cyber-Security At Risk?
TERRY GROSS, HOST:
This is FRESH AIR. I'm Terry Gross. There's good news about the future of the Internet. A new 5G network is being created now, which will not only offer faster downloading on cell phones. It will provide the kind of connectivity we need in the era of the Internet of Things - driverless cars, Internet-connected medical devices, smart TVs and virtual assistants. But there are dangers that could be lurking in the equipment needed to build the new network. The Chinese telecommunications equipment giant Huawei is dominating the creation of 5G networks around the world. For years, classified intelligence reports from the U.S. have warned that China would one day use Huawei to penetrate American networks for cyber-espionage or cyberattacks.
In the U.S., the National Security Agency has banned AT&T and Verizon from using Huawei products in America's 5G network. And last month, the U.S. had a top executive from Huawei arrested in Canada so she could be extradited to the U.S. The growing cyberthreat posed by China was stressed in the Worldwide Threat Assessment - a report from the U.S. intelligence community - that was released this week. And all this is part of the backdrop for this week's trade negotiations between the U.S. and China. My guest David Sanger is the author of a book about cyberwar and cyber-sabotage called "The Perfect Weapon." He's a national security correspondent for The New York Times.
David Sanger, welcome back to FRESH AIR. Let's start with the 5G network. What is it? And how will it affect our phones, our devices and all our interconnectivity?
DAVID SANGER: Well, at its simplest, the 5G network is an increase in speed and range for what you see on your cell phone. So 5G means just fifth generation. But it's actually much more than that. The hope is that when you're using your phone or some other device over Wi-Fi, you'll get no lag time and that you'll get near instantaneous download of data, webpages and so forth. But as 5G was being rolled out, there was a recognition that the Internet had fundamentally changed, that this was a moment to roll out something that could accommodate a world in which the Internet of Things was connecting up to all of these other wireless devices. And so that's autonomous cars, which, of course, need to constantly get data back and forth from the cloud, constant connectivity so that they know where they are in addition to their sensors helping you drive. It's for every other Internet-connected device that you have.
And, you know, when you think about it, Terry, it was just about 10 years ago that in your own house, you probably only had one or two Internet-connected devices - a laptop computer and a desktop computer, maybe. But today you walk into your house and, you know, you've got your Fitbit. And you're waking up Alexa and getting it to play you music. And you've got a smart TV. And you probably have an Internet-connected car parked outside. Even if it isn't a fancy car, most basic cars have some Internet connectivity to them. You might have an Internet-connected refrigerator. You have all of these different devices. And right now worldwide - at the end of last year, we think that there were about 14 billion Internet of Things devices around the world. And by the end of next year, 2020, the estimate is there will be 20 billion.
So that gives you a sense of how rapidly we're changing the environment. And the next network has to be able to handle all of that and, of course, handle the GPS needs for navigation, handle greater government and military needs. So this next 5G network is more than just something that'll make your phone faster. It's actually going to be the central nervous system, the backbone of the next generation of the Internet.
GROSS: And that's exactly the concern about the Chinese telecom giant Huawei because they're building some of these 5G networks around the world. So what is the concern about this Chinese telecom giant and the 5G network?
SANGER: Well, the first thing about Huawei is that while most Americans haven't come in direct contact with it because Huawei phones are not sold that widely in the United States, they are sold nearly universally when you're in Asia and very widely in Europe, in Africa, in Latin America. In fact, at the end of last year, Huawei actually just edged out Apple as the second-largest provider of cell phones in the world. The only one ahead of it is Samsung. But the other part of their business and the part that we really worry about the most is the construction of the giant switches that make up these 5G networks.
Now, in the old days of switching, you would think of switches as big, physical devices. What's happened and what is particularly notable about 5G is that the network itself, while it has some hardware to it and, obviously, there are cell phone towers and sort of a radio part of it, the switches are almost entirely software. And they constantly reconfigure themselves. And they are enormously complex. So the old days of doing what the defense department and the National Security Agency and others used to do - which is take a piece of foreign equipment, put it in a laboratory, poke around it, try to figure out if there are flaws or back doors or something that could help an adversary - that's virtually impossible to do when the product is an ever-evolving piece of software. It gets updated as often as your iPhone gets updated when you have it sitting on your bedside table and Apple sends a new, updated operating system to it overnight. So that's what will happen with this 5G network.
The concern is that for the first time in our history, we would be reliant on a foreign manufacturer - in this case, a foreign manufacturer of a potential adversary that's also the world's second largest economy - building the highway, backbone, central nervous system of a system that we rely on for everything from our financial transactions to our - many of our military operations to, of course, our communications. And the question is, can you trust a foreign actor to be responsible for that? And what happens when Huawei gets that command under Chinese law from the Chinese government to either grab a piece of information or close down part of the network?
GROSS: So describe some more of the kind of trouble that China could create with Huawei building 5G networks in countries around the world where China is becoming increasingly powerful.
SANGER: If China is in command of the network itself and has sort of end end control from phones for which it makes its own chips to the software on the switch to all of the other tentacles of the central nervous system, that it, basically, can do whatever it wants. And the chances that you would see it are relatively diminished. Big network operators like AT&T and Verizon, if they bought Huawei equipment - and it's pretty clear the government is not going to allow them to do that - would have some visibility into the system.
But it's also possible that Huawei might be able to reach back from China directly into the equipment and software it's put in to go manipulate data. What could you do with that? Well, in the Worldwide Threat Assessment that came out earlier this week, the nation's intelligence chiefs mentioned, in particular, that China already has the capability to shut down, at least briefly, the natural gas network. They also said the Russians could do the same briefly with the electric grid.
If you had a country that was in full control of your networks, they could shut it down. They could siphon the traffic off to a place you didn't want it to go. They could siphon it back to China. And they would probably have a easier time intercepting it. Now, of course, a lot of that traffic is going to run encrypted. It's not as if the Chinese would be able to look at everything or would want to. But the more network equipment they put in, the more control they would have. And, of course, the Chinese government reserves the right to tell them what to go do with it.
GROSS: So is Huawei involved in any aspect of the construction of the 5G network in the U.S.?
SANGER: Not anything notable in the United States now - there were a number of classified meetings that took place between the intelligence agencies, the executives of the big telecom firms - AT&T, Verizon, T-Mobile, so forth. And there was a lot of discussion about letting - whether or not to let Huawei bid on the construction of some parts of this 5G network as they are doing around the world. And, in fact, some of the telecom companies argued to Congress and to the intelligence agencies that it would make sense to let Huawei bid.
And the reason is that if they wanted to bid, they would have to provide their software, their equipment to a test facility in the United States. And the National Security Agency, which is the nation's largest electronic spy agency, and the telecom providers would all be able to crawl around in that software and see if there were any backdoors, see how it was designed. But in the end, the intelligence community didn't even want to take that risk.
GROSS: The founder of Huawei is a former engineer with the People's Liberation Army in China, and some people think he's still connected to the People's Liberation Army. And some people also argue that private companies like Huawei are still under the control of Chinese - of China's authoritarian government. So what's your assessment of how much control the Chinese government has over Huawei and how much control Chinese intelligence has over Huawei and has access to whatever data Huawei gets or can tell Huawei, collect data from this country; collect this data from that country?
SANGER: Well, the founder who you're describing, Ren Zhengfei, is, as you said, a former PLA officer. He then, when he left the PLA, built Huawei initially in the - wiring up the rural parts of China. And he's become obviously one of the most powerful businessmen in China. He's a member of the Communist Party. He's enormously influential there. He has insisted that the Chinese military, the PLA, which has done much of the hacking against the United States, has no role in his company and no continuing control. I've never found any evidence that the United States could prove that the PLA has operative control over Huawei. And of course, Mr. Zheng (ph) has denied it.
Now, that issue consumed the U.S. government for years and years until about two years ago when the Chinese government issued a new set of laws under President Xi, Xi Jinping, that basically said any Chinese company - but particularly the telecom companies - would have to participate in Chinese intelligence operations if they are so instructed, that they would have to turn over data that they had. It's not clear, of course, in China what the legal process would be. And so now people say to me, you know, it doesn't make any difference, David, whether or not the PLA has control over Huawei because the law means that the Chinese government has turned the company into its agent.
GROSS: Well, let's take a short break here, and then we'll talk some more. If you're just joining us, my guest is David Sanger. He's a national security correspondent for The New York Times, and his latest book is called "The Perfect Weapon: War, Sabotage, And Fear In The Cyber Age." We'll be right back. This is FRESH AIR.
(SOUNDBITE OF ALEXANDRE DESPLAT'S "SPY MEETING")
GROSS: This is FRESH AIR. Let's get back to my interview with David Sanger, a national security correspondent for The New York Times. We're talking about the 5G network that is being created now and will soon become the central nervous system of the Internet. The Chinese telecom equipment giant Huawei is dominating the creation of 5G networks around the world. For years, classified U.S. intelligence reports have warned that China would one day use Huawei to penetrate American networks for cyber espionage or cyberattacks.
So we were talking about the founder of Huawei and his connections to the Chinese military and Huawei's connections to the Chinese government. The founder of Huawei - his daughter was arrested in Canada at the request of the U.S. and indicted last week. So what are those charges? And what are their significance?
SANGER: Well, the first thing we know about the daughter is, in her own right, she's a very powerful figure within Huawei. She's the chief financial officer. But she's also been the architect of a lot of Huawei's spread around the world. When she was arrested in Canada in December at the request of the United States, it was not for any charges that Huawei had participated in espionage against the U.S. It was not for - on any charges that it had participated in cyberattacks on the United States. Instead, it was based on a charge that she had been behind a giant fraud in which Huawei used a cut-out company to violate the sanctions that the United States had against Iran and that this company was in fact a Huawei - secretly a Huawei subsidiary and was doing business with Iran in violation of those sanctions.
So the U.S. is using the Iran sanctions violation to go after the company. Now, the other interesting part about this is that President Trump at one point in December after she was arrested but before she was indicted publicly mused about the fact that he might trade her away in the course of the trade negotiations. Thus the president was politicizing what until then had been a legal action going through normal legal channels. And one of the interesting questions is whether the Canadians are going to extradite her because there have been several Canadians now arrested in China so that they have counter-hostages. And it's possible that the Canadians may determine that this case is more political than criminal.
GROSS: President Trump has said that he knows more about technology than anyone. What's your understanding of how much he understands the issue of Huawei and its potential ability to hack America, to spy on America?
SANGER: Well, I have a couple of concerns. The first is the president's mind turns, as he has said himself many times, to things you can build. And so issues around software networks and so forth just don't come naturally to him. He hasn't shown much of an inclination to learn about it during the time he's president according to people who used to be in the administration, including in the national security field. The president has a somewhat hazy understanding about the risks of cyber-escalation. So when you think about our cyber-risk, one concern is one we've discussed already today, which is surveillance. Basically, you can use these networks to steal data.
But the coming concerns, Terry, have to do more with data manipulation - what happens if you change the data? That's the problem of deep fakes. Something that would look like a politician was speaking, but it wasn't really the words coming out of his mouth. It's been faked. It could be substituting numbers and financial transactions. It could be substituting the targeting information in nuclear or non-nuclear weapons. It could be changing the blood types of every soldier and sailor in the United States if you got into the databases of the military. So there's data manipulation that's a concern. And if any country that had access to the networks, you would worry about that.
And then the third is cyberattack, and that is that if we went to war or were conducting covert operations, every country in the world now has cyber in its battle plans, and usually in the first 24 hours of its battle plans. In "The Perfect Weapon," I describe a plan the United States had if we went to war with Iran, called Nitro Zeus, to basically unplug Iran's communications and electricity grids. Well, imagine that that's in the Chinese plans for the United States. If they're in control of the communications grid of the U.S. or its allies, you can imagine how much easier that is to do.
Now, there is a concern here that we could get into a world of Red Scare, and the president himself might be fueling that some. And I have concerns that we're blaming too much on the Chinese. But the fact of the matter is, these are all major, complex vulnerabilities that, as Henry Kissinger said to me as I was working on the book, are so much more complex than the issues that came up with China in the Cold War.
GROSS: And you're concerned that our president doesn't really comprehend those issues and therefore can't adequately address them.
SANGER: That's right. And, you know, there are escalation issues here, as well. I mean, there's still a big debate in the United States government about how you respond to a cyberattack. When the Chinese got into Google and other companies in 2009, there were Google engineers who wanted to retaliate directly against the servers where the attack was coming from. Fortunately, they were stopped. But had that gone ahead, or had it gone ahead with another company, the question would be to the Chinese, is this attack, this counterattack, coming from a private company, coming from some hackers, has it been commanded by the United States? Is a company operating on behalf of the U.S.? And then they would escalate.
So you get all the same kind of escalation issues that we worried about in the nuclear age, but you get them in this technology world in which shutting down or diverting data becomes your new weapon. And we don't really understand that escalatory response. Now, the president, in August of last year, issued a new classified order to the National Security Agency that basically gave the director of the National Security Agency more leeway to go respond to offensive cyberactions and to initiate some without presidential approval. But still we don't understand who's in control of the escalation.
GROSS: My guest is David Sanger, a national security correspondent for The New York Times who is also the author of the book, "The Perfect Weapon," about cyberwar and cyber-espionage. We'll talk more after we take a short break. And our jazz critic Kevin Whitehead will review a reissue featuring pianist Oscar Peterson and a studio orchestra playing 1960s pop covers. This is FRESH AIR.
(SOUNDBITE OF MUSIC)
GROSS: This is FRESH AIR. I'm Terry Gross. Let's get back to my interview with David Sanger, a national security correspondent for The New York Times and author of "The Perfect Weapon: War, Sabotage, And Fear In The Cyber Age." We're talking about the new 5G network that will soon become the central nervous system of the Internet, providing faster speeds and greater interconnectivity for the era we're entering where nearly everything, from cars to medical devices, connects to the Internet. The Chinese telecom equipment giant Huawei is dominating the creation of 5G networks around the world. For years, classified U.S. intelligence reports have warned that China would one day use Huawei to penetrate American networks for cyber-espionage or cyberattacks.
The Worldwide Threat Assessment that was released by intelligence agencies this week said that there's a growing cyberthreat from Russia and China, and that Russia and China are now more aligned than at any point since the mid-1950s. So what does that say to you about the cyberthreat posed by this alignment of Russia and China?
SANGER: Well, it was a fascinating assertion that they made, And I think it was accurate. We have not seen Russia and China cooperate this way since the mid-'50s. And, of course, China only came into being as the People's Republic in 1949. So it was very early in its history, and it was an extremely poor country. It's worth remembering today that Russia and China have very different objectives. Russia's main objective is one of disruption. It does not have much economic power. Its economy is basically the size of Italy's. It does not have the ability to go build these networks. It does not have much economic power. Its economy is basically the size of Italy's. It does not have the ability to go build these networks around the world the way China is doing. It does not have the technology to do it, but it can be a huge disruptor.
And of course, we saw them act to disrupt networks and voting systems in Ukraine. We saw their interference in the 2016 election here in the United States, and we've seen them take cyber action elsewhere in the world. We've seen their submarines go out and track where the fiber optic cables are laid around the world. They're only, you know, less than 200 major fiber optic undersea cables. And the Russians have the ability to cut those cables deep undersea. That would be a huge disruption. That could black out communications in the United States. So that's the Russian side.
The Chinese have a much different set of objectives. If the world gets disrupted, no one's going to suffer more than they will because their economy is so interdependent with ours and with other major economies around the world. So they're less likely to disrupt, but they're much more likely to want control and subtle ability to divert traffic in those networks. And that's the concern about Huawei.
GROSS: But with Russia and China being in closer cooperation than at any other time since the 1950s, what's the combination of those two countries looking like? Like, if Russia's about disruption and China is about control, when you put the two together, what's the new formula?
SANGER: Well, the new formula is a diminished role for the United States. That's part of the concern about the degree to which we have alienated our allies. And this issue about Huawei intersects with the alienation of the allies very closely because what's going on now is the United States is going around the world to allies and say, hey, we're living in a new world. The Russians and the Chinese are cooperating more than we've ever seen. We're trying to keep everybody from spinning into a new form of a cold war - Cold War 2.0. And while the Russians and the Chinese have very different strategic objectives, there may be moments - there will be moments when they will have a common objective in diminishing the power of the United States. That's the one area where they both have great common interests.
And so it's important that the United States be able to go work with its allies to figure out how you both contain this threat and respond to it, but also how you retain control of your own networks. So what the U.S. is doing right now is it's going around to its allies, particularly the NATO allies, and saying, don't build Huawei into your systems. And there's some urgency to this because the big decisions about contracts to build the 5G networks will be made in the next six months or so. The U.S. has been in Poland, where they have rather unsubtly suggested that if the Poles really want a new, small military - American military base in Poland - it's been referred to sort of informally as Fort Trump by the Polish leadership - they better build a network that does not use Huawei.
There's been pressure on the Canadians, the British. And of course, in Latin America and in Africa, the Chinese have been mounting their own counteroffensive where they're coming in offering very low-cost building of the networks, frequently with Chinese government loans to go do it. What's that remind you of? It's a lot like what the United States did in the 1950s and '60s when we tried to use our foreign aid to go build up close allies by building up their technology and their industry. But now the Chinese are doing it, and they're doing it with the networking technology.
GROSS: So our unilateral approach to world affairs, our alienation of our allies is really working against us when it comes to this new technological era of the 5G network.
SANGER: You know, Terry, the most interesting observation in that worldwide threat assessment was the assertion that the unilateralism of the United States - they didn't use the phrase America first, but they could've - has made American allies and partners - meaning people who were not necessarily full allies - reassess their relationship with the U.S. and look for power relationships and protection elsewhere. And of course, that means they're looking mostly to the Chinese because they're the only other ones who have a market big enough and have an economy big enough to actually be of significant help to them.
You've seen this happen in the Philippines - a country that used to be, at one point, an American colony - where the leadership of the Philippines, a great American ally, is getting closer and closer to the Chinese leadership. You're seeing it happen to some degree in South Korea where - by the way, in Seoul, Huawei was a big player in the competition to rebuild the cell network for Seoul, which is used by American forces who are based around Seoul. You're seeing this happen throughout Africa, where the United States has put a whole lot less money into rebuilding infrastructure, helping countries along than the Chinese have.
GROSS: Some of the things you've described about China's capabilities of spying on us and hacking data and interfering with cyberwar, even - I mean, that's - it's some pretty terrifying stuff. At the same time, the U.S. has done similar things to China and other countries. Would you describe an operation that was named Shotgiant?
SANGER: Terry, Shotgiant was a National Security Agency operation that happened around 2010. We know about it because some of the details were leaked out in the Snowden documents. It was an effort by the NSA to do to Huawei exactly what we have accused Huawei of doing to us, which is breaking into networks, figuring out how they operate and setting ourselves up to either steal information from those networks or cripple them in the future.
What did the NSA do? It got into Huawei's corporate systems in Shenzhen, the Chinese industrial city. It looked for any evidence that the Chinese PLA was actually secretly controlling the company - doesn't appear they found any. It looked to understand how Huawei's equipment operated, how the software worked so that if Huawei sold a network switching system to an American adversary - say, Venezuela or Cuba or someplace that clearly wouldn't buy American equipment - then the NSA would have an easier time breaking into that equipment. The - this is not unusual. This is what the United States government created the NSA to go do. This is the kind of offensive cyber activity that the NSA conducts not only against China but against Russia, Iran, North Korea and so forth.
But what it gets at - and the Chinese use it for these purposes - is that the United States is not above any of these kind of network manipulation issues that we've been worrying about in regard to Huawei. We do it ourselves. And Huawei's argument is, why would you be any safer in the world if you're a foreign country with an American or European-built network than with a Chinese-built network? - because they make the argument that the NSA is going to get into an American-built network or a network in Europe. And, certainly, the Snowden docs are full of examples of cases where we have done that.
SANGER: Well, let's take a short break here. And then we'll talk some more. If you're just joining us, my guest is David Sanger. He's a national security correspondent for The New York Times. And his latest book is called "The Perfect Weapon: War, Sabotage And Fear In The Cyber Age." We'll be right back. This is FRESH AIR.
(SOUNDBITE OF AMANDA GARDIER'S "FJORD")
GROSS: This is FRESH AIR. Let's get back to my interview with David Sanger, a national security correspondent for The New York Times. We've been talking about how the deep involvement of the Chinese telecom equipment giant Huawei in the development of the new 5G network in many countries could threaten our cybersecurity.
If you're negotiating an arms control deal, there are ways that you can verify or come close to verifying whether a nuclear program is continuing, how many weapons the country has, where they're being stored. You can have inspectors go to observe facilities that you know exist. When it comes to, like, cyber issues, it's so much harder to verify what's going on. So what kind of treaty is even possible when it comes to something that is invisible like cyber-control, cyberattack, cyber-espionage, cyber-sabotage?
SANGER: Terry, you've raised the fundamental question that has been haunting us in the cyber age. And it's one of the reasons I went to write "The Perfect Weapon" because this is so much more of a vexing problem than we had in the days of the 1950s, when we had nuclear weapons, the Russians did and the Chinese were about to. They first got theirs in the 1960s. You could do treaties in the nuclear age because there was a very limited number of players. First, it was just us and the Soviets, then the Chinese, of course, some other NATO players, later on, Israel, India, Pakistan. And you can count the weapons. And more importantly, you can count missiles. You can send inspectors just as you described. None of this is true in the cyber age.
In the cyber age, the aggressor could be a state - might be Russia or China or Iran or North Korea. But it could be a criminal group. It could be a terrorist group. It could be teenagers. And none of those groups sign treaties, particularly teenagers, right? So the first problem is there's just too many players. The second is the technology is so inexpensive. This is what makes it the perfect weapon because it's so cheap that you don't need to be a China or a Russia to play in the cyber arena. By my count, there are probably around 35 countries today that have sophisticated cybercapability and could mount a sophisticated cyberattack, not just a denial of service attack that turned out the lights but something more sophisticated. So treaties will not work here. So what are the other options?
Well, there are a lot of other ideas. But most of them circulate around codes of conduct - a sort of digital Geneva Convention. And it's an interesting concept because the real Geneva Conventions were not created by governments. The Geneva Convention meetings were organized by the Red Cross. And the idea was to protect civilians. So if you and I, Terry, were trying to come up with a list of things to protect, I think we'd probably sit down and say, OK. Electric grid should be off-limits because if you turn those off, you hurt the most vulnerable people. Communication systems and especially emergency communications - and that's where Huawei intersects with this. You'd want those to be off-limits from cyberattack. You'd probably want election systems to be off-limits.
So I could imagine a digital Geneva Convention in which you gathered countries together and they agree to this. And it's not enforceable or inspectable, but you're beginning to set some global standards. One of the difficulties with this idea - even though I think it's sort of the best of the bad ideas that are out there - is that I'm not sure the United States would sign on to that.
GROSS: Why not?
SANGER: Imagine the intelligence leaders gathering in the situation room, saying, do we really want to limit the next president of the United States or this president from interfering in an election if it would be a way to get Maduro out of office? Do you really want to stop us from turning off electric power grids if we might be able to bring a country to its knees without firing a shot? After all, we had a plan - Nitro Zeus - to turn off all the power in Iran if we got into a conflict with them. So I don't even think the U.S. would sign on to this.
GROSS: You know, the power equation, when it comes to cyber, has really changed because there was a period when the U.S. was the kind of ruler of cyberweapons and cyber potential. And that's just, like, no longer true. So if we do anything like that, there will be a cyber-counterattack and vice versa. So the stakes are really higher than they've ever been, I think.
SANGER: And our control of the technology, as you point out, is less than it's ever been. Look. The Internet was first invented in the United States - you know, the ARPANET - what became the Internet later on - only 35 years ago. And then, of course, it's Silicon Valley companies that have dominated the technology that's come out of that. That era is ending, just as the era in which Britain and Portugal and a few other major naval powers could rule the world because they had the best. That era is ending, just as the era in which Britain and Portugal and a few other major naval powers could rule the world because they had the best ships. And we're not going to get this back. It's not as if we're going to go back to an era when we were the ones who dominated all of this technology.
And now, for the first time in our modern history, we are facing a peer adversary in China that has an economy that will sooner or later overtake the United States in size and that is investing heavily in the major technologies on which 5G will allow big progress - artificial intelligence, autonomous vehicles, quantum computing. And, you know, you go into that worldwide threat assessment, I thought one of the most interesting points on it was that our absence of big strategy in many of these technologies is allowing adversaries to close the gap very quickly.
Now, if you wanted to declare a national emergency about something, that threat assessment would suggest that's the issue on which the president might want to go declare a national emergency and come up with a strategy, rather than just focusing on the wall.
GROSS: Is there anyone in the Trump administration who you look to as being, like, the foremost expert on cyber issues?
SANGER: You know, there were, Terry. I thought that the president got off to a pretty good start on this. He hired a homeland security adviser, Tom Bossert, who had had some fairly good experience in cyber issues in the Bush administration and had spent time on it when he was out of office. There was also a White House coordinator for cyber issues, a man named Rob Joyce, who had spent his entire career at the National Security Agency. And he ran something called the Tailored Access Operations unit. That's sort of the special forces of the NSA that breaks into foreign computing systems.
And the job of the White House cybersecurity coordinator was to try to bring together all of these complex defensive and offensive issues and the policy issues together. They were focused on it. So what happened? John Bolton came in in the spring as the new national security adviser after the firing of H.R. McMaster. Mr. Bolton, in his first week, got rid of the homeland security adviser, Tom Bossert, and replaced him with a Coast Guard admiral who is, by his own admission, not very familiar with cyber issues.
Then Mr. Bolton eliminated the position of cybersecurity coordinator. I guess he must have concluded we were over-coordinated in this government, I suspect because he didn't like the fact that the cybersecurity coordinator had a sort of direct line to the president. In eliminating the position, he has downgraded the number of people within the White House who deal with this.
And it doesn't seem to me that the policy is being debated at the level at which it needs to be or coordinated between the Pentagon, the NSA, the Department of Homeland Security, the Commerce Department and so many others who need to work on this. They have gotten policies out on Huawei. They may get this executive order out. But I'm afraid there's no big strategic thinking going on at the White House level.
GROSS: Well, David Sanger, thank you so much for talking with us.
SANGER: Great to be with you again.
GROSS: David Sanger is a national security correspondent for The New York Times and author of "The Perfect Weapon: War, Sabotage, And Fear In The Cyber Age." After we take a short break, our jazz critic, Kevin Whitehead, will review a reissue featuring pianist Oscar Peterson and a studio orchestra playing 1960s pop covers. This is FRESH AIR.
(SOUNDBITE OF AARON PARKS' "SMALL PLANET")
NPR transcripts are created on a rush deadline by Verb8tm, Inc., an NPR contractor, and produced using a proprietary transcription process developed with NPR. This text may not be in its final form and may be updated or revised in the future. Accuracy and availability may vary. The authoritative record of NPR’s programming is the audio record.