FBI Director Christopher Wray risks posed by nation-state adversaries, cyber threats, and terrorism
New York -Rashad Alkhader-Free Yemen Eye -From News-FBI
Texas A&M University — Bush
School of Government & Public Service
College Station, Texas
Director Wray’s Remarks at Texas A&M University
Remarks as prepared for delivery.
Thanks, Mike, and “Howdy.” It’s an honor to be here at Texas A&M visiting the Bush School.
It’s easy to understand why President [George H.W.] Bush chose this university for his presidential library and the school of public service that bears his name. Texas A&M has long inspired its students to serve our country, particularly through your Corps of Cadets. In fact, I’m told that more American officers in World War II came from Texas A&M than from West Point and Annapolis combined.
But Texas Aggies haven’t just served our nation in the armed forces. They’ve done everything from fly on the space shuttle to oversee the development of our Interstate Highway System.
Others have served as FBI special agents—as Mike did for 23 years. I’m proud to report we currently have 267 Aggie alums serving at the Bureau, 161 of them special agents. That ranks fifth among all schools represented in our agent ranks—and I know you’ll be pleased to hear that outranks a certain school over in Austin, which comes in a distant 12th.
Your school’s namesake is especially fitting, because President Bush not only believed deeply in the nobility of public service, he embodied it—and I know Bush School students aspire to follow his example.
So this evening, I want to talk to you not just about our assessment of the most pressing national security challenges we face today, but where we see the threat landscape evolving in the coming years. And, most importantly, what we’ll need to successfully tackle those threats—namely, the contributions of dedicated public servants committed to making a difference.
If you happen to know anyone like that, please send ’em our way.
Today’s national security threats are as complex and sophisticated as ever, and it can be easy to get caught up in the day-to-day work of responding to those challenges.
But to stay ahead of the danger, we need to look five, 10 years down the road to anticipate where the threats are going.
When I look ahead, I expect hostile nation-states to become even more aggressive in their efforts to steal our secrets and our innovation, target our critical infrastructure, interfere with our democratic institutions, and export their repression to our shores.
Front-and-center in that expanded threat is China.
As I’ve said before, there’s no doubt that the greatest long-term threat to our nation’s ideas, our economic security, and our national security is that posed by the Chinese Communist government.
And to be clear—that threat stems from the Chinese government, not the Chinese people themselves, and certainly not Chinese Americans.
The current Chinese regime will stop at nothing to steal what they can’t create and to silence the messages they don’t want to hear—all in an effort to surpass us as a global superpower and shape a world order more friendly to their authoritarian vision.
What makes China’s economic espionage program so insidious is that they’re set on using every tool at their disposal to steal American technology, undercut our businesses, and dominate the market. They use human intelligence to target our most precious information, multiplying their efforts by working extensively through scores of “co-optees”—people who aren’t technically Chinese government officials but assist in intelligence operations—spotting and assessing sources to recruit, providing cover and communications, and helping steal secrets in other ways. And the PRC [People’s Republic of China] combines those efforts with a cyber hacking program that’s bigger than that of every other major nation combined, using cyber as the pathway to cheat and steal on a massive scale.
The result of all this theft is lost American leadership in key industries, lost American jobs, and lost opportunity.
Now I want to thank Texas A&M for your efforts to convey the seriousness of this threat to our partners across academia, because this is a threat that’s only going to increase in the coming years—both in sophistication and scale.
More and more, China is also targeting people inside the U.S. for personal and political retribution, trampling on the basic rights and freedoms of people here on U.S. soil who express opinions they don’t like.
Take the example of China’s recent repression on another college campus, in Indiana, where a Chinese American student posted online praise for the students killed in the Tiananmen Square massacre in 1989. Almost immediately, Chinese intelligence threatened the student’s parents back in China, and groups of Chinese students mobilized to threaten him personally, as well—demonstrating the lengths the Chinese government is willing to go to when it runs across even a hint of criticism of the regime.
But China is not the only foreign adversary that will pose a threat to our national security in the coming years.
The Iranian regime, for instance, has engaged—and, I expect, will continue to engage—in brazen behavior directed at the United States.
In recent years, people associated with Iran have plotted to kill a former U.S. national security advisor on American soil, launched a ransomware attack on a children’s hospital in New England, and carried out a covert influence campaign during our 2020 elections to undermine Americans’ confidence in our democratic system.
In January, we announced charges against three Iran-directed members of an organized crime group who plotted to kill an American journalist living in New York City.
Iran will continue to try to evade international sanctions by stealing our military technology through cyber hacking and illegal technology transfers—and of course, they remain the world’s leading state sponsor of terrorism.
And what about Russia?
Russia is carrying out persistent malign influence operations, hoping to sow divisions that will weaken our country.
They blend covert intelligence efforts—such as cyber activity—and “trolls” operating on social media, with activities by Russian government agencies out in the open, like state-funded media campaigns.
They’re targeting our secrets—especially our military technology—in a variety of ways, from traditional spying to sophisticated cyber intrusions, signals collection platforms, and other technical means.
Russia also uses its cyber resources as a weapon. During their invasion of Ukraine, for instance, we’ve seen Russia conduct reconnaissance against U.S. energy infrastructure right here at home.
These hostile nation-states and others will continue to present a serious challenge in years to come. As you’ve probably noticed, a common thread running throughout their activity is cyber.
In the coming years, cyber threats will become even more pervasive, hit a wider variety of victims, and carry the potential for greater damage than ever before.
We’ve seen countless examples of this, from the Solar Winds supply chain attacks by the Russian foreign intelligence service, the SVR, at the end of 2020 to the Chinese government’s Microsoft Exchange Server intrusions revealed two years ago, to our indictments last fall of three Iranian nationals for their roles in a multi-year scheme to compromise the networks of hundreds of organizations whose services Americans rely on every day. And recently, we’ve seen cybercriminals target hospitals, schools, and other critical infrastructure for theft or ransomware, causing massive disruption to our daily lives.
What makes confronting the cyber threat even more difficult is that there’s no bright line that separates where nation-state activity ends and cybercriminal activity begins. Some cybercriminals sell services to nation-states; some nation-state actors moonlight as cybercriminals to fund personal activities; and nation-states are increasingly using tools typically used by criminal actors, such as ransomware.
So, as dangerous as nation-states are in the cyber realm, we don’t have the luxury of focusing on them alone. Our opponents in this space are relentless and constantly evolving, so we’ve got to keep responding in kind.
With all the nation-state and cyber threats on the horizon, the threat of terrorism can get lost in the discussion. But I can tell you that protecting the American people from terrorism—both international and domestic—remains the FBI’s number one priority, and the terrorism threat today is as persistent and complex as ever.
For perhaps the first time in our history, the FBI’s counterterrorism operational tempo remains high for international terrorism, state-sponsored terrorism, and domestic terrorism, simultaneously.
ISIS continues to pose a threat in their ability and desire to direct, enable, and, in particular, inspire attacks inside the United States.
While that last category of inspired, or what we call homegrown violent extremists, remains our most immediate concern, groups like ISIS and al-Qaida remain committed to attacking U.S. and Western interests domestically and abroad. And our intelligence collection against these threats has been further strained without U.S. and coalition militaries on the ground and in the air above Afghanistan, making it harder to detect operational plotting against the West.
As I tell my folks all the time, we’ve got to be creative and leverage the partnerships we’ve built so we can keep getting the best intelligence possible on what’s actually happening on the ground.
The Challenges of Technology
These are just some of the national security challenges I see over the next five to ten years. The list doesn’t end there. I could also talk about the surge in violent crime in so many cities, the continual flow of fentanyl claiming thousands and thousands of American lives, or any number of the other serious threats coming across our Southwest border.
Cutting across all these threats, every criminal or national security threat the FBI investigates is growing more complex because of advances in technology.
The FBI’s bread-and-butter work involves following the money, collecting evidence, and talking to people. Unfortunately, technology is making all three of these things harder to do.
First, following the money is becoming harder because of the rise of cryptocurrency. Ransomware and other cyberattacks are one area where this issue comes into play, but it’s hardly limited to cyber investigations.
Second, collecting the stuff—the evidence—is also getting harder, because so much of that evidence now lives in the digital realm. Terrorists, hackers, child predators, and more are taking advantage of end-to-end encryption to conceal their communications and illegal activities from us.
Unfortunately, this means that even when we have rock-solid legal process—a warrant issued by a judge, based on probable cause—the FBI and our partners often can’t obtain digital evidence, which makes it even harder for us to stop the bad guys.
The issue is not encryption itself; we’re big fans of encryption, and want people and companies to be able to keep their data safe. But our country has a well-established, constitutional process for balancing individual privacy interests with law enforcement’s need to access evidence to protect the American people.
The public should not have to choose between safe data and safe communities. We should be able to have both—and we can have both.
But right now, the reality is we have an entirely unfettered space that’s completely beyond fully lawful access—a place where child predators, terrorists, and spies can conceal their communications and operate with impunity—and we’ve got to find a way to deal with that problem.
That’s why we want providers to design secure decryption capabilities that they alone can use if presented with a valid court order. That solution would keep data safe—but not warrant-proof.
So the money, the stuff or data, and third and finally, the people. Technology is making it harder for us to recruit, retain, and protect our human sources.
Our name for this problem is “ubiquitous technical surveillance.” That’s just fancy jargon for how our adversaries can combine things like facial recognition and AI [artificial intelligence] with the digital breadcrumbs we all leave behind these days, making it easier for them to track and jeopardize our people and our sources.
Bottom line, technology is making it harder to follow the money, collect evidence, and develop sources—so the way the FBI investigates threats has to continue evolving to overcome these changes in technology.
This was meant to be a conversation, and I want to make sure there’s plenty of time for that, but before I close, I want to emphasize that the challenges we’ve discussed this evening are not insurmountable.
To meet them effectively, we’ll need the right tools—and most importantly, we’ll need strong public institutions full of talented, innovative people ready to join the fight.
Fortunately, innovation has always been a hallmark of the FBI. Our innovations in law enforcement, like the FBI Lab, are world-renowned. And the good news is that advances in technology don’t just give the bad guys more ways to hurt us. They also provide us with more ways to fight back.
We’ve built deep expertise in virtual currency, for example—using advanced analytic techniques and tools to map illicit payment networks, seizing ill-gotten cryptocurrency gains to hit the bad guys where it hurts, and working to take down their technical infrastructure to disrupt future attacks.
In fact, just today, we struck another blow with the takedown of the Genesis Market, a global criminal marketplace used to steal and sell victim account credentials.
Before we took it offline, users on the Genesis marketplace had access to over 1.5 million different computer systems and held over 80 million access credentials—information those cybercriminals used to launch ransomware attacks, gain unauthorized access, steal intellectual property, and conduct millions of dollars of fraud. Victims of the Genesis Market can be found in almost every country in the world.
Disrupting and dismantling this international enterprise required an international operation of our own. The FBI leveraged our international partnerships and worked with law enforcement counterparts in 12 countries to collect data, identify infrastructure, and coordinate a global takedown of Genesis Market.
As with every cyber case we investigate, we leveraged the unique skillsets of our agents and computer scientists, and the tools they’ve developed to gain access to and acquire information from Genesis Market—information that led us to identify the users, and even several key administrators who hosted and ran the site.
With the actions taken here in the U.S. in combination with those by our international partners, this takedown represents the largest operation involving criminals dealing in stolen credentials we’ve ever conducted.
Turning to other key areas, we’ve also built or developed tools to help us meet the mission in everything from advanced biometrics, like facial and voice recognition, to improved tools for bomb techs to disable IEDs [improvised explosive devices]—and I’m confident we’ll continue to innovate to meet the challenges of tomorrow.
But we need more than just new technical tools. Given the range of threats we’re facing, the speed they’re coming at us, and the ever-expanding battlefield we’re fighting on, we need to make the best use of every tool at our disposal—including the unique combination of authorities the FBI has as both a national security and law enforcement agency.
One of those tools is our authorities under the Foreign Intelligence Surveillance Act, or FISA.
Many of you are probably familiar with, or have at least heard about, the FBI’s “traditional” FISA authority, which—like a criminal wiretap—requires an agent to submit an application to the FISA Court establishing probable cause on a particular foreign target in the U.S. What may be less familiar to you is our FISA Section 702 authority, which provides an indispensable way to identify, investigate, and mitigate threats to our homeland coming from foreign adversaries operating outside our borders.
702 allows us to collect on a target who is a non-U.S. person, outside the United States, for foreign intelligence purposes.
To put that in terms I think everyone can appreciate, 702 is the tool we use to collect foreign intelligence by targeting, say, an ISIS-K terrorist in Afghanistan—someone located overseas who is not a U.S. citizen, someone not covered by the constitutional protections we hold so dear.
With our querying authority, we can lawfully run searches against that collection to see who that foreign-based terrorist may be talking to here in the United States to build out the network and identify their potential targets. It’s how we connect the dots between foreign threats and targets here in our own backyard, using information already within our holdings—information that was already lawfully obtained.
But it’s not just counterterrorism. 702 is the tool we turn to when a suspected foreign actor launches a cyberattack—to quickly determine which of our foreign adversaries has hit us, to identify and reach out to victims who may not even know they’ve been compromised, and to warn those who may be targeted next. In a technology environment where foreign threat actors can move to new communication accounts and infrastructure in a matter of hours—if not minutes—702 provides the agility we need to stay ahead.
I say all of this because 702 is up for renewal by Congress at the end of this year, and we cannot afford to lose this critical tool. It’s too important to our ability to stay ahead the threats I’ve discussed this evening—threats the American people rightly expect us to protect them from. Imagine a future without 702—one in which we’re largely blind to China’s efforts, and unable to effectively protect ourselves from the PRC’s aggressive attempts to steal our intellectual property, hack our most sensitive systems, and disrupt essential services.
In recent years, people have raised some understandable compliance concerns about the FBI’s use of FISA. To fix these issues, we’ve made a whole host of important reforms—to our process, electronic systems, training, and oversight—ensuring we’re using our FISA authorities in a surgical and judicious way. And I’m happy to report we’re seeing improvements from these reforms and we’re confident they’re working, now that they’ve had time to take effect.
Bottom line, we’re committed to being good stewards of this tool, because 702 will only become more critical as all the threats become broader and more complex over the next five to ten years.
The Importance of Public Service
But over the long-term, more important for us than any technical tool or legal authority is maintaining a talented FBI workforce that has the trust and confidence of the American people.
There’s never been a more important time to have gifted people choose public service, and I can’t miss this chance to encourage you to consider the FBI as the place to do it.
I know many young people today value “optionality” in their careers—the ability to “reinvent” themselves, pick up new skills, and change gears often. As I hope you’ve seen tonight, there’s a wide range of challenging work to do at the Bureau—so if you pursue a career with us, I can guarantee you will never get bored.
Now, more than ever, we need people who believe, as President Bush said and demonstrated, that “public service is a noble calling.” And I’m told that here, at the Home of the 12th Man, I’m in a place where people are used to—in fact, look forward to—serving when called to do so. So Aggies, consider this your invitation.
Thanks for having me, and I look forward to continuing the conversation.