by Leon Panetta
Before I leave this subject, let me be crystal clear: We made every effort to help the U.S. personnel in Benghazi. I wish we could have saved them, and I am heartbroken that we could not. Nothing we say or do can ever bring them back to their loved ones, and all of us charged with defending the security of our country own that responsibility. But there was no conspiracy to sacrifice them and no conspiracy to cover up our actions. We did our best. Our best is not always enough. That’s been confirmed by the reports of the commission assigned to investigate the tragedy and by the Senate Intelligence Committee. The responsibility now, for both Democrats and Republicans, is to make sure it never happens again and to ensure that those responsible are brought to justice.
• • •
Tomorrow’s wars will surprise us, just as history’s always have. But one predictable facet of future war-fighting will be the use of cyber technology, which already commands a central place in our military calculations. That represents a profoundly new way of thinking about combat and highlights vulnerabilities that I suspect most Americans have never considered.
I first became conscious of the growing aggressiveness of cyber attacks at the CIA, where our computer system was subject to attempts to penetrate it every day. At the Defense Department, where we had nearly three million people logged on to computers, the number of attempted penetrations was almost too large to calculate.
When I became secretary, my daily briefing book included reports on attacks against American financial institutions. These efforts, known as denial-of-service attacks, were not very sophisticated (they vaguely resembled flooding a switchboard with phone calls), but they represented a new effort to hit U.S. infrastructure, and our analysts traced them to Iran. I felt it important to expose those attacks in order to make others appreciate the growing danger, so I asked Marcel Lettre, working with NSA director General Keith Alexander, to declassify as much information as possible.
On October 11, 2012, I tried to set out, within the limits imposed by security, some of the implications of the new world of warfare into which we are entering at a rapid pace. The occasion seemed right for it: I’d been invited to deliver an address to the Business Executives for National Security, a nonprofit organization dedicated to working with government to share best business practices in order to bolster national defense. The group was marking its thirtieth anniversary and gathered seven hundred of its members on the Intrepid Sea, Air, and Space Museum in New York City. I was honored at the dinner and offered the chance to make remarks.
After the introductions, I cut to the heart of the matter: “The Internet is open. It’s highly accessible, as it should be. But that also presents a new terrain for warfare. It is a battlefield of the future where adversaries can seek to do harm to our country, to our economy, and to our citizens.” Those threats, I explained, go way beyond the loss of personal information or identity theft. In addition to the denial-of-service attacks on American banks, hackers tied to the Iranian regime launched an even more pernicious effort against Saudi Arabia’s state-run oil company. Using a virus known as “Shamoon,” that attack wiped out programming files in the company’s computers and replaced them with an image of a burning American flag. It destroyed thirty thousand computers.
With so many systems reliant on the Internet for communication and operation, our vulnerability is frightening to consider. Imagine, I urged that night, a hostile nation or terrorist group infecting switching systems for railroads and using that access to crash passenger trains or trains carrying toxic chemicals. Or electrical power stations? Or water treatment facilities? Should a determined enemy wage war against the United States, a combination of physical and cyber attack could reap damage unimaginable just a few years ago. It would be, as I warned that night, a “cyber Pearl Harbor” that could lay us bare.
For that reason, not only did I speak out about this issue, but we invested heavily in cyber defense, began to build up a new cadre of cyber mission forces, and launched a new initiative to work with the private sector to share information about these attacks. I pressed for legislation from Congress to strengthen cyber security and extend liability protection to companies that share data about breaches with the government. Like so much before Congress these days, that legislation got bogged down.
There is no greater challenge for future presidents, members of Congress, secretaries of defense, and business leaders than finding ways to protect computer networks—not to make it easier for the government to snoop or control commerce, but to see that the country is safe from those who will exploit our cyber vulnerability.
• • •
As much as we worked for a “rebalance to Asia,” the Middle East seemed never to let us rest. In early November 2012, I was receiving my morning intelligence briefing in my office when General Dempsey interrupted to ask if he could bring in General James Mattis to see me. It was urgent, he said. I of course agreed, wondering what this was about. Mattis, who was commanding general of Central Command—responsible for the war zones and the Middle East—had a reputation for being plainspoken, whip smart, and having a spine of steel.
“Mr. Secretary,” Mattis began, “we fly routine surveillance missions with a Predator unmanned airplane in international space in the Arabian Gulf to monitor activity in the Strait of Hormuz.
“Today, our plane was shot at,” he continued. “An Iranian pilot flew an Su-25, an old Soviet-era ‘Frogfoot’ fighter, out of the Iranian airfield at Bandar Abbas along the coast. He came up alongside our drone and tried to shoot it down three times by firing his gun at it.”
As Mattis and Dempsey explained, this was a clear act of hostility—an Iranian fighter trying to shoot down a U.S.-flagged military airplane operating in international airspace over international waters. And we had proof. The smart camera operator on the Predator slewed the camera over and caught the three gun runs on video. The question was: Was this a deliberate act of war by Iran or the foolish work of a rogue pilot?
Without knowing the answer to that question, we also faced a second: Should we fly the routine mission again—it occurred every few days—or call it off? If we did fly, and the drone was shot down, we’d be in an explosive situation with Iran. If we didn’t, we’d effectively be acquiescing to Iran’s unwarranted attack. The last thing we needed was for Iran to conclude that it could shoot at us with impunity.
Within hours, the matter was being hotly discussed inside the Pentagon and across the river at the White House. Some officials wanted us to fly again. Others said we should back off and reassess our rules of engagement. One underlying issue was the Predator itself. Should we regard it as the equivalent of an American airplane or ship, and thus defend it as we would any other military asset? Or, recognizing that it’s an unmanned device, should we treat it as something less vital and less in need of defense?
I could sense that Mattis did not want to back down, and that the White House was wary of his resolve. As I knew already, the White House didn’t fully trust Mattis, regarding him as too eager for a military confrontation with Iran. I disagreed, but recognized that his recommendations were going to be treated with some caution because of that impression. As for me, I felt we could not afford to back down to Iran, but I also didn’t like the idea of sending the drone up just for the sake of testing our power and Iran’s objections.
“Give me some options here,” I told my team. “Let’s get creative. The Iranians aren’t smarter than us.”
What came back was creative, all right. CENTCOM and Joint Staff planners, working with Jim Miller’s policy shop, put together a plan that only a twenty-first-century warrior could appreciate. First, we wrote a sharply worded diplomatic rebuke—a “démarche,” in diplospeak—and sent it to the Iranian government. It said very clearly: We are going to fly this mission tomorrow. If you come near us, we are going to shoot you down.
To make good on that threat, we sent the unmanned Predator on its regular surveillance run u
nder escort by two F-16s, pilots in the cockpits. The escorts were there to defend American property and our right to fly in international airspace, and they were under orders to shoot down any aircraft that threatened our Predator.
Let me pause there. Yes, there’s something mind-boggling about the idea that we’d send manned aircraft to defend an unmanned vehicle, since the whole point of unmanned aircraft is to allow us to conduct operations without risking danger to our people. Now, instead of robots protecting people, we had two pilots defending a robot. Technology and diplomacy sometimes lead us to strange places. But they also can encourage fresh thinking. And occasionally they can produce important tactical results: The Iranians let the drone and its escorts pass overhead unimpeded.
This mini-crisis was telling. Though it was only about one airplane and one flight, it also demonstrated that diplomacy is most effective when the message is clear, the determination unambiguous, and the force behind it sufficient to make it stick. That’s a lesson for dealing with Iran and any number of adversaries.
SEVENTEEN
“I Cannot Imagine the Pain”
One hundred twenty-six million Americans cast their ballots for president of the United States on election day in 2012. The election did not have quite the energy that electrified the campaign four years earlier, but the results were fairly similar. After much handwringing about the president’s decline in popularity, he ended up winning by five million votes, carrying all but two of the states he had won over John McCain in 2008 and winning nine of the ten so-called battleground states. Having secured the Republican nomination with some difficulty, Mitt Romney briefly seemed viable—President Obama turned in a strangely passive performance in the first debate between the two, and many of his supporters panicked—but Romney never capitalized on that, and his brief blip of momentum quickly sputtered out. He won just 206 electoral votes, more than a hundred fewer than Obama’s 332.
For me, the final days of the campaign were a whirlwind of domestic activity, but only tangentially related to politics. Hurricane Sandy bore down on the northeastern United States, striking first on the evening of October 29 in New Jersey. The damage was staggering. Twelve states were hit by the hurricane; eight and a half million people lost electrical power; more than twenty-three thousand sought emergency shelter. New York, New Jersey, and Connecticut absorbed the brunt of that blow, and the vast federal response included a significant contribution from the Defense Department. My offices suddenly were a scramble. We dispatched water, blankets, and meals throughout the Northeast. National Guardsmen were called to duty, and the Army Corps of Engineers rushed to provide emergency power to huge areas plunged into darkness.
It was not a typical operation for the Defense Department. There were no enemies to combat, other than weather and fear. But in the direst emergencies, the largest organization on earth can deliver a lot of help. Our people responded with energy and a sense of common purpose, with Assistant Secretary Paul Stockton playing an important coordinating role. And, as I noted, while this was only tangentially related to politics, it did underscore a subtle philosophical point: To those who think government is intrusive or irrelevant, it’s worth remembering that when more than eight million people lose their electrical power, thousands are suddenly underwater, and hundreds of thousands are shivering and afraid, it’s not bad to have a government that can help.
By election day I was exhausted, but the day itself was for me a day at the office—inside the world’s largest office building. I started my morning at the Pentagon with an hour-long update on Afghanistan and spent the afternoon discussing the budget and the military’s role in helping restore order to the communities of the northeastern United States hit by Hurricane Sandy. I watched the election returns with Jeremy and a group of friends. I was of course delighted by the outcome and the endorsement of the American people of the president’s first term. I did not, however, have a direct stake in the results. I had made it clear to the president that I would only serve out his first term, and though he’d asked me to reconsider and stick around, I was committed to wrapping up my work and heading for home.
There was still plenty to do, and just three days after the election, a minor bombshell upended Obama’s national security team. It began weirdly, when FBI agents in Florida opened an investigation into allegations that a Florida woman named Jill Kelley was being threatened via e-mail from an unknown account. As the agents dug into the matter, they discovered that the account belonged to Paula Broadwell, an author and protégée of General David Petraeus, then still at the CIA. And then came the coup de grâce: Broadwell, they learned, was having an affair with Petraeus.
Petraeus was hardly the first Washington official to have an affair, but I did realize this might be trouble. The announcement was a shock and an embarrassment, not only for Petraeus and his family but also for the CIA. At the CIA, officers at all levels are urged to avoid behavior that might subject them to blackmail, so it was especially awkward for the director to acknowledge conduct that would be frowned upon if committed by his colleagues and subordinates. After the FBI warned Petraeus of what it had found, he weighed his options for two weeks—at least sparing the president a scandal on the eve of the election—and then on Friday, November 9, he acknowledged the affair and resigned. It was an ugly episode for all concerned, but I thought Petraeus handled his resignation with admirable dignity—disclosing the affair, apologizing for his “unacceptable” behavior, and recognizing that it damaged both his marriage and his office. He even credited the president, who at first resisted letting him go, with “graciously” accepting his resignation.
Barely had that news settled before another shoe dropped. It was just three days later, while I was en route to Australia, that we received word that General John Allen, our commander in Afghanistan, also had exchanged e-mails with Jill Kelley, the same woman who had complained of being harassed by Broadwell. The timing was terrible: John had been picked to serve as NATO’s top military officer, though the nomination had not yet formally been made; if the e-mails did reveal anything untoward, it would surely make his confirmation a difficult one.
It was late at night when the decision was made to cancel Allen’s forthcoming confirmation hearing, and I knew I needed to act quickly in order to stay ahead of the news. I asked George Little to wake up the sleeping press corps and alert them to the developments. Groggy and grumbling, they snapped to attention when George told them of the e-mails and of my decision to forward the matter to the Pentagon’s inspector general.
I regretted having to take that action with regard to Allen, especially when it later became clear that there was nothing improper about his communications with Jill Kelley. The tone of the messages was friendly but not unseemly, and certainly there was no evidence of any romantic relationship between the two. Still, I felt I had no choice but to order the investigation, if only to assure the public that we were not covering up a larger problem. Allen, an outstanding military officer by every measure, was cleared in early 2013. Allen was also dealing with some long-standing health issues in his family. Unfortunately, he opted to retire rather than accept the NATO nomination.
Neither David Petraeus nor John Allen broke any laws or compromised the public trust. Petraeus did expose himself to legitimate criticism, but he took responsibility for his actions and paid a steep price for them. Allen did nothing wrong at all, and, like Petraeus, had made huge contributions in Afghanistan. It was a shame to lose him.
• • •
When Congress had tried to frighten itself into behaving responsibly on the federal budget back in 2011, it had enacted the sequester—the threatened across-the-board cuts that were so universally disliked that they were supposed to brace Congress into acting responsibly. That hadn’t worked, but Congress also had allowed itself one last escape from its self-inflicted wound: The cuts were only to go into effect in 2013, so if a solution could be found in the interim, there was still a way to avo
id the damage.
I felt well positioned to make the case for avoiding the cliff. I had announced my intention to leave, so no one could accuse me of trying to pad my own budget. I’d balanced the budget under Clinton, so I was generally regarded as knowledgeable in this area. And I had reasonably good relations with members and leaders of both parties, so I could straddle, at least to some extent, the widening rift on Capitol Hill.
I worked it hard, trying to seize every opportunity to rail against sequestration. In June 2012, I told the Senate Subcommittee on Defense Appropriations that sequester was “designed as a disaster,” and that quick, decisive action would protect the priorities of both parties. When I testified on Benghazi a few months later, I urged members to recognize that even as they were complaining about inadequate military resources in the Mediterranean to rescue our mission when it came under fire, they were standing by and allowing deep cuts to degrade those capabilities further.
“One of the . . . greatest security risks we are now facing as a nation is that this budget uncertainty could prompt the most significant military readiness crisis in more than a decade,” I warned. Without congressional action, the armed services would be forced to cut $48 billion a year—after already having made cuts in 2011 and 2012. “We have a responsibility—and I take that responsibility seriously—to do everything we can to protect our citizens,” I concluded. “That responsibility, however, rests with both the executive branch and Congress. If we work together, we can keep Americans safe.”
I might as well have been talking to the wall. Privately, members would agree with me, would acknowledge that sequestration would damage important programs, inhibit modernization and creativity, slow economic growth, and cost the country jobs. Publicly, they dug in and hoped that whatever damage was done, the other side would get the blame. About the only people I spoke to who didn’t dread the outcome were a few fringe, Tea Party types who seemed to enjoy hurling the government into disrepute, since it served their larger mission of discrediting the organization they served. Inexorably, inaction became the option of choice.
