Senior Fellow @CarnegieEndow, Technology + International Affairs.
Feb 1 • 14 tweets • 3 min read
How can democracies fight disinformation?
Many think it’s the most urgent question of our time. Others say it’s poorly framed or misguided. Clearly, a serious problem exists—but we struggle to define, measure, or solve it.
That’s why Dean Jackson and I wrote this new report: 🧵
Our aim was to synthesize as much empirical data as possible on what “works” against disinformation, translated into practical policy language.
But you can’t do that without wrestling with the “disinformation” idea and admitting how little is known about it. We tried to do both.
Dec 19, 2022 • 22 tweets • 10 min read
Russian cyber operations in Ukraine: I’ve spent months collating and analyzing data on…
» Their military effectiveness
» Reasons why they weren’t more impactful
» Lessons for other states
2/ On strategic purpose: “This is not about the economic destruction of China... We’re not looking at a decoupling, that’s not where our focus is.” Solely about “national security.”
Jun 14, 2022 • 15 tweets • 5 min read
The latest Congressional proposal for outbound investment screening sounds like an improvement on prior bill, but it still needs work. Quick thread:
(1) What's the objective? Need to distinguish two issues that are commonly conflated...
First, there's the fear that U.S. investments in and/or offshoring to China can increase U.S. *dependence* on Beijing, and therefore might enable Chinese coercion, sabotage, espionage, or influence.
May 4, 2022 • 32 tweets • 7 min read
Huge US-China tech news: @Dimi reports the US is “laying the groundwork” to sanction Hikvision under the Global Magnitsky Act.
This would be a profound escalation of tech tensions—perhaps a turning point akin to Trump’s actions against Huawei. I think this is a mistake. 🧵
First, some background. Hikvision is a large, publicly-traded Chinese video surveillance equipment manufacturer with major a global presence and international sales to many governments and private companies (including in the U.S.).
I’m elated that @CarnegieEndow has released my big US-China tech “decoupling” report, w/ a kind foreword by @ericschmidt. Grateful for feedback + support from so many.
In lieu of a dry summary, a 🧵 on why I wrote this tome + what I learned along the way: carnegieendowment.org/2022/04/25/u.s…
Tech “decoupling” is extremely complicated + hard to define. It’s also one of the most consequential things happening in today’s world.
The US and China are the largest knots in a globe-spanning technological web. Rewiring this web will alter economies, societies, + geopolitics.
Mar 25, 2022 • 14 tweets • 4 min read
In @TheHillOpinion, I argue that the threat of major cyberattacks against the US may be higher now than ever before. This provocative idea is based on two simple claims. 🧵 /1 thehill.com/opinion/techno…
First: Conditions are ripe for Russia—America’s most capable and reckless cyber adversary—to launch cyber attacks against the US. I’ve been surprised at the number of cyber experts who have resisted this idea. /2
Sep 9, 2020 • 5 tweets • 3 min read
Calls to decouple the United States from China obscure steep obstacles and unknown risks that warrant fuller debate. In @CarnegieEndow's new digital magazine, I identify four major dilemmas facing the U.S. in the coming years. carnegieendowment.org/2020/09/09/on-…
This piece is part of @CarnegieEndow's new digital magazine, "The Day After: Navigating a Post-Pandemic World." It drew on our global network of experts to tackle major decisions facing boardrooms and situation rooms throughout the world.
THREAD: Today the Intelligence Community took a much-needed step towards greater transparency by publicly releasing election threat assessments. But there were notable flaws and omissions, too. My grade as a former cyber threat intel analyst: 1/
First let’s talk about what “right” looks like. Last month I called on the IC to release *actionable intelligence* on foreign influence—trustworthy, real-time info to inform voters of the main threat actors and their agendas & narratives. 2/
The 2020 election cycle began over 1.5 years ago and will end in 99 days. Yet the government has told Americans almost nothing about known, active foreign efforts to influence their votes. Why, and what can be done? I wrote a piece for @TheHillOpinion. 1/ thehill.com/opinion/nation…
Exhibit A was Friday’s big statement from ODNI on election interference. Despite the hype, it had just 2 sentences on Russian influence. The previous ODNI assessment was also 2 sentences. And there was an 18 month gap between them (spanning the entire primary season). 2/
Jul 13, 2020 • 11 tweets • 4 min read
Today I’m Tweeting about one more way that deepfakes & synthetic media could threaten the financial system. My paper calls it a “synthetic social botnet”—a network of humanlike fake accounts made from AI-generated photos and text. 1/11
Many people would not call these “deepfakes,” a term that usually means AI-generated video or audio. But AI can also generate other types of synthetic media, including photos and text. Combining these can be especially powerful. 2/11
Jul 10, 2020 • 9 tweets • 3 min read
I’m highlighting the 3 biggest financial threats from deepfakes & synthetic media, as identified in my recent paper. Number 2 is “deepfake private remarks”—fabricated recordings of behind-the-scenes comments by business and economic leaders. 1/9
This threat is a new spin on longstanding fears of political deepfakes, which could falsely show candidates saying offensive things or committing wrongdoing. The same techniques can be used against CEOs, regulators, and other public figures with financial influence. 2/9
Jul 9, 2020 • 7 tweets • 2 min read
How could deepfakes & synthetic media be used for financial wrongdoing? My paper highlights 3 key techniques with the broadest potential harm. The first is “deepfake voice phishing”—impersonating someone on the phone by cloning their voice. 1/7
“Cloning” a voice is very different than stringing together clips of pre-recorded phrases. AI algorithms can map the mathematical patterns underlying your unique inflections, then produce new words you’ve never said before. Listen to fake Joe Rogan: 2/7
Jul 8, 2020 • 12 tweets • 5 min read
Since “deepfakes” emerged in 2017, many people have worried that lifelike synthetic videos and other AI-generated media could manipulate elections. But could they also threaten the financial system? I’ve written a paper to answer that question. 1/11 carnegieendowment.org/2020/07/08/dee…
Deception is a fact of life in the financial world, and bad actors are adept at employing technology, from ransomware to robo-calls. Yet surprisingly, little has been published about how deepfakes and other synthetic media could facilitate financial harm. 2/11
Jun 6, 2020 • 9 tweets • 3 min read
THREAD: This week, as military helicopters thundered past my apartment to intimidate peaceful protestors, I thought about my own time at Pentagon. I wrote for @POLITICOMag on Trump's erosion of DoD leadership & how it could threaten the 2020 election. 1/ politico.com/news/magazine/…
SECDEF Esper has been praised for publicly defying Trump on the Insurrection Act. But it was a belated half-measure. The Pentagon’s adherence to law and its apolitical status have been weakening for years. 2/ cnn.com/2020/06/03/pol…
Feb 10, 2020 • 13 tweets • 4 min read
DOJ has indicted 4 Chinese military officers for the 2017 Equifax hack, one of the most costly and significant cyber breaches in recent years. State sponsorship of this hack has long been rumored but never confirmed. A thread with some implications: 1/
justice.gov/opa/speech/att…
This action from DOJ reflects a convergence of two trends: The Trump administration's increased use of indictments to combat state-sponsored cyberactivity, and DOJ's growing focus on Chinese espionage and influence in all forms. 2/
➣Instant offensive cyber program... Shortcut through years or even decades of painful technical/institutional development.
➣Access to highly sophisticated tools (some comparable to top-tier state actors'), which are constantly refreshed. 2/
Jan 13, 2020 • 12 tweets • 3 min read
NYT: Trump had "agreed to" "conduct a cyberattack to partly disable Iran's oil & gas sector" if Iran further escalated. If true, U.S. was ready to cross a Rubicon long associated w/rogue actors: cyber disruption of critical infrastructure outside of a conflict zone. Thread: 1/
Some questions. First—Was there any legal analysis of whether cyberattacks “to partly disable Iran’s oil and gas sector” would violate International Humanitarian law against attacking civilian objects? 2/ @oonahathaway@Schmitt_ILaw
Jan 7, 2020 • 6 tweets • 3 min read
With all the hype of Iranian cyberattacks, @Joseph_Marks_ is right: Election interference will be the top cyber issue in 2020, just like it was in 2019. Nothing else happening in cyberspace threatens such damage to the foundations of the U.S. system. 1/6
Another major episode of election interference could be spirit-shattering, particularly in a close election where the balance could be seen as tipped. Americans' self-confidence in our own political system is already at a modern nadir. 2/6
Dec 19, 2019 • 8 tweets • 3 min read
1. President Trump's #impeachment was another painful outgrowth of Russia's 2016 cyberoperations. The pathway was so long and circuitous, it’s easy to miss. But 3 years on, the nation is still being traumatized by old hacking and trolling—a remarkable sign of cyber vulnerability.
2. Russia's cyber-enabled 2016 election interference and the ensuing investigations dominated American politics for almost 3 years.
Nov 27, 2019 • 4 tweets • 2 min read
At the time, President Obama called it mere "cyber vandalism." In reality the Sony hack was 1st cyber incident with broad political and cultural impact. 5 years later, we can see how it ushered in the future of cyber threats and responses.
The 2014 Sony hack was an early warning that American political discourse itself will be attacked in cyberspace—not just our banks and power plants. Heeding this warning might have helped mentally prepared us to face Russia’s far more serious actions in 2016.
