David Frederick's | iAIR BLOG

Consulting, Innovation, Strategy, Vision, Education, & Ideation

Archive for the ‘Intellegence’ Category

Perfect Citizen Is Big Brother

I am a huge opponent of government intrusion in my life, in my business, and in my family. There a limited things the government is good at doing. Getting involved in my life and business in not one of them. Think I am wrong? Look at health care, the economy, tax laws, enforcement of regulatory statutes currently in place, immigration, etc. But I digress.

With the continued probing, attacks, theft of critical IP and Intelligence, viruses and the malicious cyber activities of countries like China, Russia, North Korea, as well as organized crime and sometimes even countries that are our “friends”, more needs to done to protect our IT and operating infrastructure systems AND just as important, go offensive and take the fight to those that wish to do us harm. The good news is, we are now doing this with the U.S. Cyber Command. At least that’s the objective. Dicey stuff, cyber warfare can become (when did I start talking like Yoda!). Thats a another topic for another day.

So what do we do to protect our systems that are run by technology, especially older technology systems with big gaping holes in them i.e. nuclear power plants, aviation, rail, power grids, etc.? Well, up until recently not much. It was left to the masses, public sector, and business to protect against attack. Sometimes it worked, sometimes it didn’t. However, with the increase of “cyber” attacks and probes against our military, infrastructure, and business systems, more needs to be done to mitigate our exposure and risk both at a national and private sector level.

As I said, I am not a fan of government intrusion OR big government/brother, but in this case, the Feds need to step up, protect, and fight back. There is simply too much at risk and the consequences of a hostile attack on our power grid, nuclear power systems, air traffic control systems, etc. could be cataclysmic at worst and hugely disruptive and costly at best. It’s a no win situation for us if these systems are attacked and disrupted or disabled. Which is exactly why China, Russia, North Korea, Iran, and others are trying so hard to gain access and prepare to disrupt these systems. “Just in case”. Don’t believe me? Google the Chinese White Paper that just came out on how China could disrupt and shut down the U.S. Power Grid. That’s only the tip of the iceberg of what the “bad” guys are trying to do and preparing to do… just in case the need arises. If this is what “Nation States” are doing, what do you think terrorists are trying to doing? You don’t think there is value to these nut bags in hijacking the command and control software systems for a nuclear power plant and sending it into melt down? Who do you retaliate against? It’s very hard to find the “true” foot prints of bad guys )and good guys coincidentally) in cyber space, when attacks and systems probes are executed from servers in the U.K. or the U.S., ISP’s in China, and internet cafe’s in Norway with the real bad guys sitting on a fishing trawler using a sat-connection to access the internet in the Southern Yellow Sea. Trust me. Spooky stuff.

Check out this article in the WSJ on the new Perfect Citizen program. It’s a good start, but makes me nervous. As we have seen, any and everything can be abused. Lets put in place safeguards to ensure that systems and programs like this are used for the purpose intended. Not to control the very people it was put in place to protect.

What do you think?

-DF

U.S. Plans Cyber Shield for Utilities, Companies
By SIOBHAN GORMAN

The federal government is launching an expansive program dubbed “Perfect Citizen” to detect cyber assaults on private companies and government agencies running such critical infrastructure as the electricity grid and nuclear-power plants, according to people familiar with the program.

The surveillance by the National Security Agency, the government’s chief eavesdropping agency, would rely on a set of sensors deployed in computer networks for critical infrastructure that would be triggered by unusual activity suggesting an impending cyber attack, though it wouldn’t persistently monitor the whole system, these people said.

Defense contractor Raytheon Corp. recently won a classified contract for the initial phase of the surveillance effort valued at up to $100 million, said a person familiar with the project.
An NSA spokeswoman said the agency had no information to provide on the program. A Raytheon spokesman declined to comment. Some industry and government officials familiar with the program see Perfect Citizen as an intrusion by the NSA into domestic affairs, while others say it is an important program to combat an emerging security threat that only the NSA is equipped to provide.

“The overall purpose of the [program] is our Government…feel[s] that they need to insure the Public Sector is doing all they can to secure Infrastructure critical to our National Security,” said one internal Raytheon email, the text of which was seen by The Wall Street Journal. “Perfect Citizen is Big Brother.”

Raytheon declined to comment on this email.

A U.S. military official called the program long overdue and said any intrusion into privacy is no greater than what the public already endures from traffic cameras. It’s a logical extension of the work federal agencies have done in the past to protect physical attacks on critical infrastructure that could sabotage the government or key parts of the country, the official said.

U.S. intelligence officials have grown increasingly alarmed about what they believe to be Chinese and Russian surveillance of computer systems that control the electric grid and other U.S. infrastructure. Officials are unable to describe the full scope of the problem, however, because they have had limited ability to pull together all the private data.

Perfect Citizen will look at large, typically older computer control systems that were often designed without Internet connectivity or security in mind. Many of those systems—which run everything from subway systems to air-traffic control networks—have since been linked to the Internet, making them more efficient but also exposing them to cyber attack. The goal is to close the “big, glaring holes” in the U.S.’s understanding of the nature of the cyber threat against its infrastructure, said one industry specialist familiar with the program. “We don’t have a dedicated way to understand the problem.”

The information gathered by Perfect Citizen could also have applications beyond the critical infrastructure sector, officials said, serving as a data bank that would also help companies and agencies who call upon NSA for help with investigations of cyber attacks, as Google did when it sustained a major attack late last year.

The U.S. government has for more than a decade claimed a national-security interest in privately owned critical infrastructure that, if attacked, could cause significant damage to the government or the economy. Initially, it established relationships with utility companies so it could, for instance, request that a power company seal a manhole that provides access to a key power line for a government agency.

With the growth in concern about cyber attacks, these relationships began to extend into the electronic arena, and the only U.S. agency equipped to manage electronic assessments of critical-infrastructure vulnerabilities is the NSA, government and industry officials said. The NSA years ago began a small-scale effort to address this problem code-named April Strawberry, the military official said. The program researched vulnerabilities in computer networks running critical infrastructure and sought ways to close security holes.

That led to initial work on Perfect Citizen, which was a piecemeal effort to forge relationships with some companies, particularly energy companies, whose infrastructure is widely used across the country. The classified program is now being expanded with funding from the multibillion-dollar Comprehensive National Cybersecurity Initiative, which started at the end of the Bush administration and has been continued by the Obama administration, officials said. With that infusion of money, the NSA is now seeking to map out intrusions into critical infrastructure across the country.

Because the program is still in the early stages, much remains to be worked out, such as which computer control systems will be monitored and how the data will be collected. NSA would likely start with the systems that have the most important security implications if attacked, such as electric, nuclear, and air-traffic-control systems, they said. Intelligence officials have met with utilities’ CEOs and those discussions convinced them of the gravity of the threat against U.S. infrastructure, an industry specialist said, but the CEOs concluded they needed better threat information and guidance on what to do in the event of a major cyber attack. Access thousands of business sources not available on the free web. Learn More

Some companies may agree to have the NSA put its own sensors on and others may ask for direction on what sensors to buy and come to an agreement about what data they will then share with the government, industry and government officials said.

While the government can’t force companies to work with it, it can provide incentives to urge them to cooperate, particularly if the government already buys services from that company, officials said.
Raytheon, which has built up a large cyber-security practice through acquisitions in recent years, is expected to subcontract out some of the work to smaller specialty companies, according to a person familiar with the project.

READ THE FULL ARTICLE HERE

Written by David Frederick

July 8, 2010 at 1:17 PM

U.S.: Reaction to the CIA Assassination Program

More inexcusable negligence by congress. Very interesting read.

-DF

U.S.: Reaction to the CIA Assassination Program
July 15, 2009 | 1634 GMT
Global Security and Intelligence Report

By Scott Stewart and Fred Burton -Stratfor http://www.stratfor.com/

On June 23, 2009, Director of Central Intelligence Leon Panetta learned of a highly compartmentalized program to assassinate al Qaeda operatives that was launched by the CIA in the wake of the 9/11 attacks. When Panetta found out that the covert program had not been disclosed to Congress, he canceled it and then called an emergency meeting June 24 to brief congressional oversight committees on the program. Over the past week, many details of the program have been leaked to the press and the issue has received extensive media coverage.

That a program existed to assassinate al Qaeda leaders should certainly come as no surprise to anyone. It has been well-publicized that the Clinton administration had launched military operations and attempted to use covert programs to strike the al Qaeda leadership in the wake of the 1998 East Africa embassy bombings. In fact, the Clinton administration has come under strong criticism for not doing more to decapitate al Qaeda prior to 2001. Furthermore, since 2002, the CIA has conducted scores of strikes against al Qaeda targets in Pakistan using unmanned aerial vehicles (UAVs) like the MQ-1 Predator and the larger MQ-9 Reaper.

These strikes have dramatically increased over the past two years and the pace did not slacken when the Obama administration came to power in January. So far in 2009 there have been more than two dozen UAV strikes in Pakistan alone. In November 2002, the CIA also employed a UAV to kill Abu Ali al-Harithi, a senior al Qaeda leader suspected of planning the October 2000 attack against the USS Cole. The U.S. government has also attacked al Qaeda leaders at other times and in other places, such as the May 1, 2008, attack against al Qaeda-linked figures in Somalia using an AC-130 gunship.

As early as Oct. 28, 2001, The Washington Post ran a story discussing the Clinton-era presidential finding authorizing operations to capture or kill al Qaeda targets. The Oct. 28 Washington Post story also provided details of a finding signed by President George W. Bush following the 9/11 attacks that reportedly provided authorization to strike a larger cross section of al Qaeda targets, including those who are not in the Afghan theater of operations. Such presidential findings are used to authorize covert actions, but in this case the finding would also provide permission to contravene Executive Order 12333, which prohibits assassinations.

In the immediate aftermath of the 9/11 attacks, Bush and the members of his administration were very clear that they sought to capture or kill Osama bin Laden and the members of the al Qaeda organization. During the 2004 and 2008 presidential elections in the United States, every major candidate, including Barack Obama, stated that they would seek to kill bin Laden and destroy al Qaeda. Indeed, on the campaign trail, Obama was quite vocal in his criticism of the Bush administration for not doing more to go after al Qaeda’s leadership in Pakistan. This means that, regardless of who is in the White House, it is U.S. policy to go after individual al Qaeda members as well as the al Qaeda organization.

In light of these facts, it would appear that there was nothing particularly controversial about the covert assassination program itself, and the controversy that has arisen over it has more to do with the failure to report covert activities to Congress. The political uproar and the manner in which the program was canceled, however, will likely have a negative impact on CIA morale and U.S. counterterrorism efforts.
Program Details

As noted above, that the U.S. government has attempted to locate and kill al Qaeda members is not shocking. Bush’s signing of a classified finding authorizing the assassination of al Qaeda members has been a poorly kept secret for many years now, and the U.S. government has succeeded in killing al Qaeda leaders in Pakistan, Yemen and Somalia.

While Hellfire missiles are quite effective at hitting trucks in Yemen and AC-130 gunships are great for striking walled compounds in the Somali badlands, there are many places in the world where it is simply not possible to use such tools against militants. One cannot launch a hellfire from a UAV at a target in Milan or use an AC-130 to attack a target in Doha. Furthermore, there are certain parts of the world — including some countries considered to be U.S. allies — where it is very difficult for the United States to conduct counterterrorism operations at all. These difficulties have been seen in past cases where the governments have refused U.S. requests to detain terrorist suspects or have alerted the suspects to the U.S. interest in them, compromising U.S. intelligence efforts and allowing the suspects to flee.

A prime example of this occurred in 1996, when the United States asked the government of Qatar for assistance in capturing al Qaeda operational mastermind Khalid Sheikh Mohammed, who was living openly in Qatar and even working for the Qatari government as a project engineer. Mohammed was tipped off to American intentions by the Qatari authorities and fled to Pakistan. According to the 9/11 commission report, Mohammed was closely associated with Sheikh Abdullah bin Khalid al-Thani, who was then the Qatari minister of religious affairs. After fleeing Doha, Mohammed went on to plan several al Qaeda attacks against the United States, including the 9/11 operation.

Given these realities, it appears that the recently disclosed assassination program was intended to provide the United States with a far more subtle and surgical tool to use in attacks against al Qaeda leaders in locations where Hellfire missiles are not appropriate and where host government assistance is unlikely to be provided. Some media reports indicate that the program was never fully developed and deployed; others indicate that it may have conducted a limited number of operations.

Unlike UAV strikes, where pilots fly the vehicles by satellite link and can actually be located a half a world away, or the very tough and resilient airframe of an AC-130, which can fly thousands of feet above a target, a surgical assassination capability means that the CIA would have to put boots on the ground in hostile territory where operatives, by their very presence, would be violating the laws of the sovereign country in which they were operating. Such operatives, under nonofficial cover by necessity, would be at risk of arrest if they were detected.

Also, because of the nature of such a program, a higher level of operational security is required than in the program to strike al Qaeda targets using UAVs. It is far more complex to move officers and weapons into hostile territory in a stealthy manner to strike a target without warning and with plausible deniability. Once a target is struck with a barrage of Hellfire missiles, it is fairly hard to deny what happened. There is ample physical evidence tying the attack to American UAVs. When a person is struck by a sniper’s bullet or a small IED, the perpetrator and sponsor have far more deniability. By its very nature, and by operational necessity, such a program must be extremely covert.

Even with the cooperation of the host government, conducting an extraordinary rendition in a friendly country like Italy has proved to be politically controversial and personally risky for CIA officers, who can be threatened with arrest and trial. Conducting assassination operations in a country that is not so friendly is a far riskier undertaking. As seen by the Russian officers arrested in Doha after the February 2004 assassination of former Chechen President Zelimkhan Yandarbiyev, such operations can generate blowback. The Russian officers responsible for the Yandarbiyev hit were arrested, tortured, tried and sentenced to life in prison (though after several months they were released into Russian custody to serve the remainder of their sentences).

Because of the physical risk to the officers involved in such operations, and the political blowback such operations can cause, it is not surprising that the details of such a program would be strictly compartmentalized inside the CIA and not widely disseminated beyond the gates of Langley. In fact, it is highly doubtful that the details of such a program were even widely known inside the CIA’s counterterrorism center (CTC) — though almost certainly some of the CTC staff suspected that such a covert program existed somewhere. The details regarding such a program were undoubtedly guarded carefully within the clandestine service, with the officer in charge most likely reporting directly to the deputy director of operations, who reports personally to the director of the CIA.
Loose Lips Sink Ships

As trite as this old saying may sound, it is painfully true. In the counterterrorism realm, leaks destroy counterterrorism cases and often allow terrorist suspects to escape and kill again. There have been several leaks of “sources and methods” by congressional sources over the past decade that have disclosed details of sensitive U.S. government programs designed to do things such as intercept al Qaeda satellite phone signals and track al Qaeda financing. A classified appendix to the report of the 2005 Robb-Silberman Commission on Intelligence Capabilities (which incidentally was leaked to the press) discussed several such leaks, noted the costs they impose on the American taxpayers and highlighted the damage they do to intelligence programs.

The fear that details of a sensitive program designed to assassinate al Qaeda operatives in foreign countries could be leaked was probably the reason for the Bush administration’s decision to withhold knowledge of the program from the U.S. Congress, even though amendments to the National Security Act of 1947 mandate the reporting of most covert intelligence programs to Congress. Given the imaginative legal guidance provided by Bush administration lawyers regarding subjects such as enhanced interrogation, it would not be surprising to find that White House lawyers focused on loopholes in the National Security Act reporting requirements.

The validity of such legal opinions may soon be tested. House Intelligence Committee Chairman Silvestre Reyes, D-Texas, recently said he was considering an investigation into the failure to report the program to Congress, and House Democrats have announced that they want to change the reporting requirements to make them even more inclusive.

Under the current version of the National Security Act, with very few exceptions, the administration is required to report the most sensitive covert activities to, at the very least, the so-called “gang of eight” that includes the chairmen and ranking minority members of the congressional intelligence committees, the speaker and minority leader of the House of Representatives and the majority and minority leaders of the Senate. In the wake of the program’s disclosure, some Democrats would like to expand this minimum reporting requirement to include the entire membership of the congressional intelligence committees, which would increase the absolute minimum number of people to be briefed from eight to 40. Some congressmen argue that presidents, prompted by the CIA, are too loose in their invocation of the “extraordinary circumstances” that allow them to report only to the gang of eight and not the full committees. Yet ironically, the existence of the covert CIA program stayed secret for over seven and a half years, and yet here we are writing about it less than a month after the congressional committees were briefed.

The addition of that many additional lips to briefings pertaining to covert actions is not the only thing that will cause great consternation at the CIA. While legally mandated, disclosing covert programs to Congress has been very problematic. The angst felt at Langley over potential increases in the number of people to be briefed will be compounded by the recent reports that Attorney General Eric Holder may appoint a special prosecutor to investigate CIA interrogations and ethics reporting.

In April we discussed how some of the early actions of the Obama administration were having a chilling effect on U.S. counterterrorism programs and personnel. Expanding the minimum reporting requirements under the National Security Act will serve to turn the thermostat down several additional notches, as did Panetta’s overt killing of the covert program. It is one thing to quietly kill a controversial program; it is quite another to repudiate the CIA in public. In addition to damaging the already low morale at the agency, Panetta has announced in a very public manner that the United States has taken one important tool entirely out of the counterterrorism toolbox: Al Qaeda no longer has to fear the possibility of clandestine American assassination teams.

Written by David Frederick

July 15, 2009 at 7:52 PM