151 demonstrated the NSA had few, if any, fail-safe defenses against a would-be leakers of communication intelligence. In the new domain of cyber warfare, conventional defensive rules do not apply. “There are no rivers or hills up here. It’s all flat. All advantage goes to the attacker,” Michael Hayden said in an interview in 2015 with the publisher of the Wall Street Journal. His point was that since there are no defensive positions, cyber warfare must rely on an aggressive offensive. If fully successful such attacks would so deeply penetrate the defenses of an adversary intelligence organization that it could not mount any of its own unexpected cyber attacks Such offensive capabilities would make it difficult, if not impossible, for adversary services to recruit a spy in the NSA. .For example, the CIA penetration of the SVR in 2010 prevented it from using its the sleeper network against U.S. targets. “The best defense in this game may be an overwhelming offensive,” a former intelligence official said to me. “but that strategy only works if we can keep secret sensitive sources.” Central to this offensive strategy was the NSA’s National Threat Operations Center in Oahu, Hawaii. It employed threat analysts to surreptitiously monitor the secret activities of potential enemies, mainly China, Russia and North Korea. A large part of their job was to make transparent to the US the hostile activities of the Russian and Chinese services so that they posed little, if any, intelligence threat to America. This strategy worked so far as the NSA guarded itself but it also raised the issue, as the Roman Juvenal famously warned “Quis custodiet ipsos custodes?” Who will guard the guards themselves? Less than three years after the NSA had received the Poteyev warning, a 29-year old civilian trainee at the National Threat Operations Center, demonstrated its glaring vulnerability. Instead of guarding secrets, Snowden stole them. General Hayden described the Snowden breach as the “m