https://www.foreignaffairs.com/world/open-secrets-ukraine-intelligence-revolution-amy-zegart?utm_medium=newsletters&utm_source=fatoday&utm_campaign=Open%20Secrets&utm_content=20221222&utm_term=FA%20Today%20-%20112017Open Secrets
Ukraine and the Next Intelligence Revolution
By Amy Zegart
January/February 2023
Rob Dobi
Sign in and save to read later
Print this article
Send by email
Share on Twitter
Share on Facebook
Share on LinkedIn
Get a link
Page url
https://www.foreignaffairs.com/world/open-secrets-ukraine-intelligence-revolution-amy-zegartGet Citation
Request Reprint Permissions
Download Article
Russia’s invasion of Ukraine has been a watershed moment for the world of intelligence. For weeks before the shelling began, Washington publicly released a relentless stream of remarkably detailed findings about everything from Russian troop movements to false-flag attacks the Kremlin would use to justify the invasion.
This disclosure strategy was new: spy agencies are accustomed to concealing intelligence, not revealing it. But it was very effective. By getting the truth out before Russian lies took hold, the United States was able to rally allies and quickly coordinate hard-hitting sanctions. Intelligence disclosures set Russian President Vladimir Putin on his back foot, wondering who and what in his government had been penetrated so deeply by U.S. agencies, and made it more difficult for other countries to hide behind Putin’s lies and side with Russia.
The disclosures were just the beginning. The war has ushered in a new era of intelligence sharing between Ukraine, the United States, and other allies and partners, which has helped counter false Russian narratives, defend digital systems from cyberattacks, and assisted Ukrainian forces in striking Russian targets on the battlefield. And it has brought to light a profound new reality: intelligence isn’t just for government spy agencies anymore.
Stay informed.
In-depth analysis delivered weekly.
Over the past year, private citizens and groups have been tracking what Russia is planning and doing in ways that were unimaginable in earlier conflicts. Journalists have reported battlefield developments using imagery from commercial space satellites. Former government and military officials have been monitoring on-the-ground daily events and offering over-the-horizon analyses about where the war is headed on Twitter. A volunteer team of students at Stanford University, led by former U.S. Army and open-source imagery analyst Allison Puccioni, has been providing reports to the United Nations about Russian human rights atrocities in Ukraine—uncovering and verifying events using commercial-satellite thermal and electro-optical imaging, TikTok videos, geolocation tools, and more. At the Institute for the Study of War, a go-to source for military experts and analysts, researchers have even created an interactive map of the conflict based entirely on unclassified, or open-source, intelligence.
Technological advances have been central to this evolution. It is, after all, the Internet, social media, satellites, automated analytics, and other breakthroughs that have enabled civilians to collect, analyze, and disseminate intelligence. But although new technologies have helped shine a light on Russian military activity, their effects are far from uniformly positive. For the 18 agencies that make up the U.S. intelligence community, new technologies are creating more threats at a far faster rate. They are dramatically increasing the amount of data that analysts must process. They are giving companies and individual citizens a newfound need for intelligence, so that these private entities can help safeguard the country’s interests. And they are giving new intelligence capabilities to organizations and individuals outside the U.S. government, as well as to more countries.
These shifts have been years in the making, and intelligence leaders are working hard to adapt to them. But anticipating the future in the new tech era demands more. Washington must embrace wholesale changes in order to understand and harness emerging technologies. It must, in particular, get serious about creating a new agency dedicated to open-source intelligence. Otherwise, the U.S. intelligence community will fall behind, leaving Americans more vulnerable to catastrophic surprises.
BRAVE NEW WORLD
When the Central Intelligence Agency was created, in 1947, the world was in an unusually precarious place. The allies had won World War II, but Soviet troops already threatened Europe. Repressive regimes were on the rise, democracies were weary and weak, and the international system was dividing into free spheres and illiberal ones. Amid this intensifying uncertainty and anxiety, the United States was called to lead a new global order. U.S. policymakers realized that they needed new capabilities for this role, including better intelligence. Centralizing intelligence in a new agency, they thought, would deliver timely insights about the future to prevent the next Pearl Harbor and win the Cold War.
In many ways, the present looks eerily similar to those early postwar years. The dog-eat-dog world of strong states using brute force to get what they want has returned. An authoritarian leader in Moscow is invading neighbors and again menacing all of Europe. Once more, democracies are looking fragile. The United States and its allies are engaged in yet another great-power competition—this time with China, a country whose rise looks less peaceful by the day, with its crackdowns on freedoms in Hong Kong, belligerent rhetoric about retaking Taiwan, and provocative military exercises that encircled the island. Even Marxism-Leninism is making a comeback. In China’s carefully choreographed 20th Party Congress, President Xi Jinping made it clear to party officials that ideology and personal loyalty were more important than continued economic liberalization. In case anyone missed the message, Xi’s economic reform-minded predecessor, Hu Jintao, was pulled from his chair and escorted out of party proceedings, perp-walk style, in full view of the press.
But looks can be deceiving. Thanks to technological innovations, the challenges of today differ greatly from postwar ones. Emerging technologies are transforming the planet in an unprecedented fashion and at an unprecedented pace. Together, inventions are making the world far more interconnected and altering the determinants of geopolitical advantage in fundamental ways. Increasingly, emerging technologies and data are major sources of national power, and they are intangible, harder to see and understand, and often created and controlled by companies, not governments. For the CIA and other intelligence agencies, understanding the geopolitical dangers and dynamics of the twenty-first century will likely be much harder than it was in the twentieth.
A woman taking a selfie near a Russian military helicopter, Horlivka Raion, Ukraine, September 2022
Near a Russian military helicopter, Horlivka Raion, Ukraine, September 2022
Alexander Ermochenko / Reuters
Consider the Internet. In the mid-1990s, less than one percent of the global population was online. Now sixty-six percent of the world is connected, from the far reaches of the Arctic to Bedouin tents in the desert. In the last three years alone, more than a billion more people have come online. This connectivity has already transformed global politics, for better and for worse. Social media has fueled protests against autocracies, such as the Arab Spring and Hong Kong’s Umbrella Movement. But it has also empowered a new wave of government techno-surveillance led by Beijing and has enabled Russia’s massive disinformation operations to influence elections and undermine democracies from within.
Digital connectivity is not the only technology upending the world order. Artificial intelligence is disrupting nearly every industry—from medicine to trucking—to the point that one expert now estimates AI could eliminate up to 40 percent of jobs worldwide in the next 25 years. It is changing how wars are fought, automating everything from logistics to cyberdefenses. It is even making it possible for states to build unmanned fighter jets that could overwhelm defenses with swarms and maneuver faster and better than human pilots. Little wonder, then, that Russian President Vladimir Putin has declared that whoever leads in AI development “will become the ruler of the world.” China has also made no secret of its plans to become the global AI leader by 2030.
Technological breakthroughs are also making it far easier for anyone—including weak states and terrorist groups—to detect events unfolding on earth from space. Commercial satellite capabilities have increased dramatically, offering eyes in the sky for anyone who wants them. Satellite launches more than doubled between 2016 and 2018; now, more than 5,000 satellites circle the earth, some no larger than a loaf of bread. Commercial satellites have less sophisticated sensing capabilities than do their spying counterparts, but civilian technologies are rapidly improving. Some commercial satellites now have resolutions so sharp that they can identify manhole covers, signs, and even road conditions. Others have the ability to detect radio frequency emissions; observe vehicle movements and nuclear cooling plumes; and operate at night, in cloudy weather, or through dense vegetation and camouflage. Constellations of small satellites can revisit the same location multiple times a day to detect changes over short periods—something that was once impossible. All these changes are leveling the intelligence playing field, and not always in a good way. In 2020, for example, Iran used commercial satellite images to monitor U.S. forces in Iraq before launching a ballistic missile attack that wounded more than 100 people.
Other technological advances with national security implications include quantum computing, which could eventually unlock the encryption protecting nearly all the world’s data, making even highly classified information available to adversaries. Synthetic biology is enabling scientists to engineer living organisms, paving the way for what could be revolutionary improvements in the production of food, medicine, data storage, and weapons of war.
In modern warfare, weapons don’t look like weapons.
Understanding the promise and perils of these and other emerging technologies is an essential intelligence mission. The U.S. government needs to know who is poised to win key technological competitions and what the effects could be. It must assess how future wars will be fought and won. It must figure out how new technologies could tackle global challenges such as climate change. It needs to determine how adversaries will use data and tech tools to coerce others, commit atrocities, evade sanctions, develop dangerous weapons, and secure other advantages.
But these important questions are becoming harder to answer because the landscape of innovation has changed and expanded, making inventions more difficult to track and understand. In the past, technological breakthroughs, such as the Internet and GPS, were invented by U.S. government agencies and commercialized later by the private sector. Most innovations that affected national security did not have widespread commercial application, so they could be classified at birth and, if necessary, restricted forever. Today, the script has flipped. Technological innovations are more likely to be “dual use”: to have both commercial and military applications. They are also far more likely to be invented in the private sector, where they are funded by foreign investors, developed by a multinational workforce, and sold to global customers in private and public sectors alike.
Those that are born in the private sector are more widely accessible and not as easily restricted. Artificial intelligence, for example, has become so prevalent and intuitive that high school students with no coding background can make deepfakes—AI-generated, manipulated videos that show people saying and doing things they never said or did. In March 2022, someone released a deepfake of Ukrainian President Volodymyr Zelensky telling Ukrainian soldiers to lay down their arms. More recently, deepfakes impersonating Michael McFaul, the former U.S. ambassador to Russia, have been used to dupe Ukrainian officials into revealing information about the war effort. McFaul deepfakes have become so pervasive that the real McFaul had to tweet warnings asking people not to fall for what he called “a new Russian weapon of war.”
These changes in the innovation landscape are giving private-sector leaders new power and national security officials fresh challenges. Power isn’t just shifting abroad. Power is shifting at home. U.S. social media platforms now find themselves on the frontlines of information warfare, deciding what is real and what is fake, what speech is allowed and what speech is not. Startup founders are inventing capabilities that can be used by enemies they can’t foresee with consequences they can’t control. Meanwhile, U.S. defense and intelligence agencies are struggling to adopt critical new technologies from the outside and move at the speed of invention instead of at the pace of bureaucracy. Private-sector leaders have responsibilities they don’t want, and government leaders want capabilities they don’t have.
UP TO SPEED
Intelligence is often misunderstood. Although spy agencies deal with secrets, they are not in the secrets business. Their core purpose is delivering insights to policymakers and anticipating the future faster and better than adversaries. Clandestinely acquired information from sources such as intercepted phone calls or firsthand spy reports is important, but secrets are just part of the picture. Most information in a typical intelligence report is unclassified or publicly available. And raw information—secret or not—is rarely valuable on its own because it is often incomplete, ambiguous, contradictory, poorly sourced, misleading, deliberately deceptive, or just plain wrong. Analysis is what turns uncertain findings into insight by synthesizing disparate pieces of information and assessing its context, credibility, and meaning.
Intelligence insights are not always correct. But when they are, they can be priceless. When U.S. intelligence agencies warned that Russia was about to invade Ukraine, it gave Washington critical time to help arm Kyiv and unify the West around a response. But it may soon become harder for spy agencies to replicate this success because the global-threat landscape has never been as crowded or as complicated as it is today—and with threats that move faster than ever. It is now more difficult for intelligence officers to do their jobs. After spending nearly half a century largely focused on countering the Soviet Union and two decades fighting terrorists, they today must confront a diverse multitude of dangers. They must deal with transnational threats such as pandemics and climate change; great-power competition with China and Russia; terrorism and other threats from weak and failed states; and cyberattacks that steal, spy, disrupt, destroy, and deceive at stunning speeds and scale. Intelligence agencies are, to put it mildly, overtaxed.
Technology makes today’s threat list not only longer but more formidable. For centuries, countries defended themselves by building powerful militaries and taking advantage of good geography. But in cyberspace, anyone can attack from anywhere, without pushing through air, land, and sea defenses. In fact, the most powerful countries are now often the most vulnerable because their power relies on digital systems for business, education, health care, military operations, and more. These states can be hit by big attacks that disable their critical infrastructure. They can be subject to repeated small attacks that add up to devastating damage before security officials even know it. China, for example, has robbed its way to technological advantage in a variety of industries, from fighter jets to pharmaceuticals, by stealing from U.S. companies one hack at a time, in what FBI Director Christopher Wray has called one of the greatest transfers of wealth in human history and “the biggest long-term threat to our economic and national security.”
The line between the wisdom of crowds and the danger of mobs is thin.
Russia has also used cyberattacks to great effect, proving that technology can allow malignant actors to hack minds—not just machines. Russian operatives created bots and fake social media profiles impersonating Americans that spread disinformation across the United States during the 2016 U.S. presidential election, polarizing the country and undermining its democracy. Today, China could turn Americans against each other without even using U.S. tech platforms. The Chinese firm ByteDance owns TikTok, the popular social media app that boasts more than a billion users, including an estimated 135 million Americans, or 40 percent of the U.S. population. Both Democrats and Republicans now worry that TikTok could enable the Chinese government to vacuum all sorts of data about Americans and launch massive influence campaigns that serve Beijing’s interests—all under the guise of giving U.S. consumers what they want. In today’s world of information warfare, weapons don’t look like weapons.
Because cyberattacks can happen so quickly, and because policymakers can track breaking events and get hot takes with the touch of a button, U.S. intelligence agencies also need to operate with newfound speed. Timeliness, of course, has always been important to spycraft: in the 1962 Cuban missile crisis, U.S. President John F. Kennedy had 13 days to pore over intelligence and consider his policy options after surveillance photographs from a U-2 spy plane revealed Soviet nuclear installations in Cuba, and on September 11, 2001, U.S. President George W. Bush had less than 13 hours after the World Trade Center attacks to review intelligence and announce a response. Today, the time for presidents to consider intelligence before making major policy decisions may be closer to 13 minutes or even 13 seconds.
But moving fast also carries risks. It takes time to vet a source’s credibility, tap expert knowledge across fields, and consider alternative explanations for a finding. Without careful intelligence analysis, leaders may make premature or even dangerous decisions. The potential consequences of rash action became evident in December 2016, when a news story reported that Israel’s former defense minister was threatening a nuclear attack against Pakistan if Islamabad deployed troops in Syria. Pakistan’s Defense Minister, Khawaja Muhammad Asif, quickly tweeted: “Israeli def min threatens nuclear retaliation presuming pak role in Syria against Daesh. Israel forgets Pakistan is a Nuclear state too AH.” But the original story had been fabricated. Asif had dashed off his response before finding out the truth. Satisfying policymakers’ need for speed while carefully collecting, vetting, and assessing intelligence has always been a delicate balance, but that balance is getting harder to strike.
NEED TO KNOW
Intelligence agencies must deal with a data environment that is vast, not just fast. The volume of information available online has become almost unimaginably immense. According to the World Economic Forum, in 2019, Internet users posted 500 million tweets, sent 294 billion emails, and uploaded 350 million photos to Facebook every day. Every second, the Internet transmits roughly one petabyte of data: the amount of data that an individual would have consumed after binge-watching movies nonstop for over three years.
U.S. intelligence agencies are already collecting far more information than humans can analyze effectively. In 2018, the intelligence community was capturing more than three National Football League seasons’ worth of high-definition imagery a day on each sensor they deployed in a combat theater. According to a source at the Department of Defense, in 2020, one soldier deployed to the Middle East was so concerned about the crushing flow of classified intelligence emails he was receiving that he decided to count them. The total: 10,000 emails in 120 days. These quantities are likely to grow. Some estimates show that the amount of digital data on earth doubles every 24 months.
And increasingly, intelligence agencies must satisfy a wider range of customers—including people who do not command troops, hold security clearances, or even work in government. Today, plenty of important decision-makers live worlds apart from Washington, making consequential policy choices in boardrooms and living rooms—not the White House Situation Room. Big Tech companies, including Microsoft and Google, need intelligence about cyberthreats to and through their systems. Most of the United States’ critical infrastructure is controlled by private firms, such as energy companies, and they also need information about cyber risks that could disrupt or destroy their systems. Voters need intelligence about how foreign governments are interfering in elections and waging operations to polarize society. And because cyberthreats do not stop at the border, U.S. security increasingly depends on sharing intelligence faster and better with allies and partners.
To serve this broader array of customers, the U.S. intelligence community is making unclassified products and engaging with the outside world to an extent it has not before. The National Security Agency, the FBI, and other intelligence agencies are now creating public service videos about foreign threats to U.S. elections. In September 2022, the CIA launched a podcast called The Langley Files, aimed at demystifying the agency and educating the public. The National Geospatial-Intelligence Agency, which collects and analyzes satellite imagery and other geospatial intelligence, launched a project called Tearline—a collaboration with think tanks, universities, and nonprofits to create unclassified reports about climate change, Russian troop movements, human rights issues, and more. In 2021, the NSA began issuing joint advisories with the FBI and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency detailing major cyberthreats, exposing the entities behind them, and explaining how firms could shore up their security. In October, these three agencies even released the technical details of the top 20 cyber vulnerabilities exploited by the Chinese government to hack into U.S. and allied networks, along with meticulous instructions about how to improve cyber defenses. The U.S. government is now also issuing advisories with foreign intelligence partners.
The success of this public-facing strategy has been on full display in Ukraine. It helped the United States warn the world about Russia’s invasion. It helped rally the West behind a fast response. And it continues to frustrate Moscow. Most recently, after Washington revealed intelligence indicating that senior Russian military leaders were discussing using tactical nuclear weapons in Ukraine, Xi issued a rare public warning against the “use of, or threats to use, nuclear weapons.” Xi’s “no limits” relationship with Putin suddenly had limits after all.
CROWD SURFING
In addition to more customers, technology has given U.S. intelligence agencies more competition. The explosion of open-source information online, commercial satellite capabilities, and the rise of AI are enabling all sorts of individuals and private organizations to collect, analyze, and disseminate intelligence.
In the past several years, for instance, the amateur investigators of Bellingcat—a volunteer organization that describes itself as “an intelligence agency for the people”—have made all kinds of discoveries. Bellingcat identified the Russian hit team that tried to assassinate former Russian spy officer Sergei Skripal in the United Kingdom and located supporters of the Islamic State (also known as ISIS) in Europe. It also proved that Russians were behind the shootdown of Malaysia Airlines flight 17 over Ukraine.
Bellingcat is not the only civilian intelligence initiative. When the Iranian government claimed in 2020 that a small fire had broken out in an industrial shed, two U.S. researchers working independently and using nothing more than their computers and the Internet proved within hours that Tehran was lying. As David Albright and Fabian Hinz quickly found, the building was actually a nuclear centrifuge assembly facility at Iran’s main uranium enrichment site. The damage was so extensive that the fire may well have been caused by an explosion—raising the possibility of sabotage. In 2021, nuclear sleuths at the James Martin Center for Nonproliferation Studies in California used commercial satellite imagery to discover more than 200 new intercontinental ballistic missile silos in China, a finding that could signal historic increases in China’s nuclear arsenal.
A satellite picture of damage in Mariupol, Ukraine, October 2022
A satellite picture of damage in Mariupol, Ukraine, October 2022
Fabrice Coffrini / AFP / Getty
For U.S. intelligence agencies, this burgeoning world of open-source intelligence brings significant new opportunities as well as risks. On the positive side, citizen-sleuths offer more eyes and ears around the world scanning for developments and dangers as they arise. The wisdom of the crowd can be a powerful tool, especially for piecing together tiny bits of information. Unbound by bureaucracy, open-source intelligence analysts can work quickly. And because open-source information is by definition declassified, it can be shared easily within government agencies, across them, and with the public without revealing sensitive sources or methods.
But these features are also flaws. Open-source intelligence is available to everyone, everywhere, no matter their motives, national loyalties, or capabilities. Citizen-sleuths do not have to answer to anyone or train anywhere, and that invites all kinds of hazards. Volunteer analysts are rewarded for being fast (especially online) but are rarely punished for being wrong—which means they are more likely to make errors. And the line between the wisdom of crowds and the danger of mobs is thin. After a 2013 terrorist attack on the Boston Marathon killed three people and wounded more than 260 others, Reddit users jumped into action. Posting pet theories, unconfirmed chatter on police scanners, and other crowdsourced tidbits of information, amateur investigators fingered two “suspects” and the mainstream media publicized the findings. Both turned out to be innocent.
These weaknesses can create serious headaches for governments. When errors go viral, intelligence agencies have to burn time and resources fact-checking the work of others and reassuring policymakers that the agencies’ original intelligence assessments should not change. Accurate open-source discoveries can cause problems, too. Findings, for example, might force policymakers into corners by making information public that, if kept secret, could have left room for compromise and graceful exits from crises. To diffuse the Cuban missile crisis, for example, Kennedy agreed to secretly remove U.S. nuclear weapons from Turkey if the Soviets took their missiles out of Cuba. Had satellite imagery been publicly available, Kennedy might have been too worried about domestic political backlash to make a deal.
OPEN RELATIONSHIP
U.S. intelligence leaders know that their success in the twenty-first century hinges on adapting to a world of more threats, more speed, more data, more customers, and more competitors. Their agencies have been working hard to meet these challenges by launching organizational reforms, technology innovation programs, and new initiatives to recruit top science and engineering talent. They have had some important successes. But these are difficult problems to overcome, and so far, the intelligence community’s efforts have been piecemeal.
The rate of progress is especially concerning given that the challenges are well known, the stakes are high, and intelligence weaknesses have been festering for years. Multiple reports and articles (including one in this magazine) have found that intelligence agencies are not keeping pace with technological developments. These reports point to an unfortunate reality. Washington cannot address its present challenges by making incremental changes to existing agencies. Instead, developing U.S. intelligence capabilities for the twenty-first century requires building something new: a dedicated, open-source intelligence agency focused on combing through unclassified data and discerning what it means.
Creating a 19th intelligence agency may seem duplicative and unnecessary. But it is essential. Despite Washington’s best efforts, open-source intelligence has always been a second-class citizen in the U.S. intelligence community because it has no agency with the budget, hiring power, or seat at the table to champion it. As long as open-source intelligence remains embedded in secret agencies that value clandestine information above all, it will languish. A culture of secrecy will continue to strangle the adoption of cutting-edge technical tools from the commercial sector. Agencies will struggle to attract and retain talent that is desperately needed to help them understand and use new technologies. And efforts to harness the power of open-source intelligence collectors and analysts outside government will fall short.
Even the best open-source intelligence has limits.
A new open-source intelligence agency would bring innovation, not just information, to the U.S. intelligence community by providing fertile soil for the growth of far-reaching changes in human capital, technology adoption, and collaboration with the burgeoning open-source intelligence ecosystem. Such an agency would be a powerful lever for attracting the workforce of tomorrow. Because it deals with unclassified information, the agency could recruit top scientists and engineers to work right away, without requiring them to wait months or years for security clearances. Locating open-source agency offices in technology hubs where engineers already live and want to stay—places such as Austin, San Francisco, and Seattle—would make it easier for talent to flow in and out of government. The result could be a corps of tech-savvy officials who rotate between public service and the private sector, acting as ambassadors between both worlds. They would increase the intelligence community’s presence and prestige in technology circles while bringing a continuous stream of fresh tech ideas back inside.
By working with unclassified material, the open-source agency could also help the intelligence community do a better and faster job of adopting new collection and analysis technologies. (The open-source agency could test new inventions and, if they proved effective, pass them along to agencies that work with secrets.) The agency would also be ideally positioned to engage with leading open-source intelligence organizations and individuals outside the government. These partnerships could help U.S. intelligence agencies outsource more of their work to responsible nongovernmental collectors and analysts, freeing up intelligence officials to focus their capabilities and clandestine collection efforts on missions that nobody else can do.
And there will still be many such missions. After all, even the best open-source intelligence has limits. Satellite imagery can reveal new Chinese missile silos but not what Chinese leaders intend to do with them. Identifying objects or tracking movements online is important, but generating insight requires more. Secret methods remain uniquely suited to understanding what foreign leaders know, believe, and desire. There is no open-source substitute for getting human spies inside a foreign leaders’ inner circle or penetrating an adversary’s communications system to uncover what that adversary is saying and writing. Analysts with clearances will also always be essential for assessing what classified discoveries mean, how credible they are, and how they fit with other, unclassified findings.
But secret agencies are no longer enough. The country faces a dangerous new era that includes great-power competition, renewed war in Europe, ongoing terrorist attacks, and fast-changing cyberattacks. New technologies are driving these threats and determining who will be able to understand and chart the future. To succeed, the U.S. intelligence community must adapt to a more open, technological world