Entries Tagged "intelligence"

Page 23 of 25

Did Hezbollah Crack Israeli Secure Radio?

According to Newsday:

Hezbollah guerrillas were able to hack into Israeli radio communications during last month’s battles in south Lebanon, an intelligence breakthrough that helped them thwart Israeli tank assaults, according to Hezbollah and Lebanese officials.

Using technology most likely supplied by Iran, special Hezbollah teams monitored the constantly changing radio frequencies of Israeli troops on the ground. That gave guerrillas a picture of Israeli movements, casualty reports and supply routes. It also allowed Hezbollah anti-tank units to more effectively target advancing Israeli armor, according to the officials.

Read the article. Basically, the problem is operational error:

With frequency-hopping and encryption, most radio communications become very difficult to hack. But troops in the battlefield sometimes make mistakes in following secure radio procedures and can give an enemy a way to break into the frequency-hopping patterns. That might have happened during some battles between Israel and Hezbollah, according to the Lebanese official. Hezbollah teams likely also had sophisticated reconnaissance devices that could intercept radio signals even while they were frequency-hopping.

I agree with this comment from The Register:

Claims that Hezbollah fighters were able to use this intelligence to get some intelligence on troop movement and supply routes are plausible, at least to the layman, but ought to be treated with an appropriate degree of caution as they are substantially corroborated by anonymous sources.

But I have even more skepticism. If indeed Hezbollah was able to do this, the last thing they want is for it to appear in the press. But if Hezbollah can’t do this, then a few good disinformation stories are a good thing.

Posted on September 20, 2006 at 2:35 PMView Comments

More Than 10 Ways to Avoid the Next 9/11

From yesterday’s New York Times, “Ten Ways to Avoid the Next 9/11”:

If we are fortunate, we will open our newspapers this morning knowing that there have been no major terrorist attacks on American soil in nearly five years. Did we just get lucky?

The Op-Ed page asked 10 people with experience in security and counterterrorism to answer the following question: What is one major reason the United States has not suffered a major attack since 2001, and what is the one thing you would recommend the nation do in order to avoid attacks in the future?

Actually, they asked more than 10, myself included. But some of us were cut because they didn’t have enough space. This was my essay:

Despite what you see in the movies and on television, it’s actually very difficult to execute a major terrorist act. It’s hard to organize, plan, and execute an attack, and it’s all too easy to slip up and get caught. Combine that with our intelligence work tracking terrorist cells and interdicting terrorist funding, and you have a climate where major attacks are rare. In many ways, the success of 9/11 was an anomaly; there were many points where it could have failed. The main reason we haven’t seen another 9/11 is that it isn’t as easy as it looks.

Much of our counterterrorist efforts are nothing more than security theater: ineffectual measures that look good. Forget the “war on terror”; the difficulty isn’t killing or arresting the terrorists, it’s finding them. Terrorism is a law enforcement problem, and needs to be treated as such. For example, none of our post-9/11 airline security measures would have stopped the London shampoo bombers. The lesson of London is that our best defense is intelligence and investigation. Rather than spending money on airline security, or sports stadium security—measures that require us to guess the plot correctly in order to be effective—we’re better off spending money on measures that are effective regardless of the plot.

Intelligence and investigation have kept us safe from terrorism in the past, and will continue to do so in the future. If the CIA and FBI had done a better job of coordinating and sharing data in 2001, 9/11 would have been another failed attempt. Coordination has gotten better, and those agencies are better funded—but it’s still not enough. Whenever you read about the billions being spent on national ID cards or massive data mining programs or new airport security measures, think about the number of intelligence agents that the same money could buy. That’s where we’re going to see the greatest return on our security investment.

Posted on September 11, 2006 at 6:36 AMView Comments

Details on the British Terrorist Arrest

Details are emerging:

  • There was some serious cash flow from someone, presumably someone abroad.
  • There was no imminent threat.
  • However, the threat was real. And it seems pretty clear that it would have bypassed all existing airport security systems.
  • The conspirators were radicalized by the war in Iraq, although it is impossible to say whether they would have been otherwise radicalized without it.
  • They were caught through police work, not through any broad surveillance, and were under surveillance for more than a year.

What pisses me off most is the second item. By arresting the conspirators early, the police squandered the chance to learn more about the network and arrest more of them—and to present a less flimsy case. There have been many news reports detailing how the U.S. pressured the UK government to make the arrests sooner, possibly out of political motivations. (And then Scotland Yard got annoyed at the U.S. leaking plot details to the press, hampering their case.)

My initial comments on the arrest are here. I still think that all of the new airline security measures are an overreaction (This essay makes the same point, as well as describing a 1995 terrorist plot that was remarkably similar in both materials and modus operandi—and didn’t result in a complete ban on liquids.)

As I said on a radio interview a couple of weeks ago: “We ban guns and knives, and the terrorists use box cutters. We ban box cutters and corkscrews, and they hide explosives in their shoes. We screen shoes, and the terrorists use liquids. We ban liquids, and the terrorist will use something else. It’s not a fair game, because the terrorists get to see our security measures before they plan their attack.” And it’s not a game we can win. So let’s stop playing, and play a game we actually can win. The real lesson of the London arrests is that investigation and intelligence work.

EDITED TO ADD (8/29): Seems this URL is unavailable in the U.K. See the comments for ways to bypass the block.

Posted on August 29, 2006 at 7:20 AMView Comments

Last Week's Terrorism Arrests

Hours-long waits in the security line. Ridiculous prohibitions on what you can carry onboard. Last week’s foiling of a major terrorist plot and the subsequent airport security graphically illustrates the difference between effective security and security theater.

None of the airplane security measures implemented because of 9/11—no-fly lists, secondary screening, prohibitions against pocket knives and corkscrews—had anything to do with last week’s arrests. And they wouldn’t have prevented the planned attacks, had the terrorists not been arrested. A national ID card wouldn’t have made a difference, either.

Instead, the arrests are a victory for old-fashioned intelligence and investigation. Details are still secret, but police in at least two countries were watching the terrorists for a long time. They followed leads, figured out who was talking to whom, and slowly pieced together both the network and the plot.

The new airplane security measures focus on that plot, because authorities believe they have not captured everyone involved. It’s reasonable to assume that a few lone plotters, knowing their compatriots are in jail and fearing their own arrest, would try to finish the job on their own. The authorities are not being public with the details—much of the “explosive liquid” story doesn’t hang together—but the excessive security measures seem prudent.

But only temporarily. Banning box cutters since 9/11, or taking off our shoes since Richard Reid, has not made us any safer. And a long-term prohibition against liquid carry-ons won’t make us safer, either. It’s not just that there are ways around the rules, it’s that focusing on tactics is a losing proposition.

It’s easy to defend against what the terrorists planned last time, but it’s shortsighted. If we spend billions fielding liquid-analysis machines in airports and the terrorists use solid explosives, we’ve wasted our money. If they target shopping malls, we’ve wasted our money. Focusing on tactics simply forces the terrorists to make a minor modification in their plans. There are too many targets—stadiums, schools, theaters, churches, the long line of densely packed people before airport security—and too many ways to kill people.

Security measures that require us to guess correctly don’t work, because invariably we will guess wrong. It’s not security, it’s security theater: measures designed to make us feel safer but not actually safer.

Airport security is the last line of defense, and not a very good one at that. Sure, it’ll catch the sloppy and the stupid—and that’s a good enough reason not to do away with it entirely—but it won’t catch a well-planned plot. We can’t keep weapons out of prisons; we can’t possibly keep them off airplanes.

The goal of a terrorist is to cause terror. Last week’s arrests demonstrate how real security doesn’t focus on possible terrorist tactics, but on the terrorists themselves. It’s a victory for intelligence and investigation, and a dramatic demonstration of how investments in these areas pay off.

And if you want to know what you can do to help? Don’t be terrorized. They terrorize more of us if they kill some of us, but the dead are beside the point. If we give in to fear, the terrorists achieve their goal even if they were arrested. If we refuse to be terrorized, then they lose—even if their attacks succeed.

This op ed appeared today in the Minneapolis Star-Tribune.

EDITED TO ADD (8/13): The Department of Homeland Security declares an entire state of matter a security risk. And here’s a good commentary on being scared.

Posted on August 13, 2006 at 8:15 AMView Comments

DHS Report on US-VISIT and RFID

Department of Homeland Security, Office of the Inspector General, “Enhanced Security Controls Needed For US-VISIT’s System Using RFID Technology (Redacted),” OIG-06-39, June 2006.

From the Executive Summary:

We audited the Department of Homeland Security (DHS) and select organizational components’ security programs to evaluate the effectiveness of controls implemented on Radio Frequency Identification (RFID) systems. Systems employing RFID technology include a tag and reader on the front end and an application and database on the back end.

[…]

Overall, information security controls have been implemented to provide an effective level of security on the Automated Identification Management System (AIDMS). US-VISIT has implemented effective physical security controls over the RFID tags, readers, computer equipment, and database supporting the RFID system at the POEs visited. No personal information is stored on the tags used for US-VISIT. Travelers’ personal information is maintained in and can be obtained only with access to the system’s database. Additional security controls would need to be implemented if US-VISIT decides to store travelers’ personal information on RFID-enabled forms or migrates to universally readable Generation 2 (Gen2) products.

Although these controls provide overall system security, US-VISIT has not properly configured its AIDMS database to ensure that data captured and stored is properly protected. Furthermore, while AIDMS is operating with an Authority to Operate, US-VISIT had not tested its contingency plan to ensure that critical operations could be restored in the event of a disruption. In addition, US-VISIT has not developed its own RFID policy or ensured that the standard operating procedures are properly distributed and followed at all POEs.

I wrote about US-VISIT in 2004 and again in 2006. In that second essay, I gave a price of $15B. I have since come to not believe that data, and I don’t have any better information on the price. But I still think my analysis holds. I would much rather take the money spent on US-VISIT and spend it on intelligence and investigation, the kind of security that resulted in the U.K. arrests earlier this week and is likely to actually make us safer.

Posted on August 11, 2006 at 7:27 AMView Comments

Sloppy CIA Tradecraft

CIA agents exposed due to their use of frequent-flier miles and other mistakes:

The man and woman were pretending to be American business executives on international assignments, so they did what globe-trotting executives do. While traveling abroad they used their frequent-flier cards as often as possible to gain credits toward free flights.

In fact, the pair were covert operatives working for the CIA. Thanks to their diligent use of frequent-flier programs, Italian prosecutors have been able to reconstruct much of their itinerary during 2003, including trips to Brussels, Venice, London, Vienna and Oslo.

[…]

Aides to former CIA Director Porter Goss have used the word “horrified” to describe Goss’ reaction to the sloppiness of the Milan operation, which Italian police were able to reconstruct through the CIA operatives’ imprudent use of cell phones and other violations of basic CIA “tradecraft.”

I’m not sure how collecting frequent-flier miles is a problem, though. Assuming they’re traveling under the cover of being business executives, it makes sense for them to act just like other business executives.

It’s not like there’s no other way to reconstruct their travel.

Posted on July 26, 2006 at 1:22 PMView Comments

Sky Marshals Name Innocents to Meet Quota

One news source is reporting that sky marshals are reporting on innocent people in order to meet a quota:

The air marshals, whose identities are being concealed, told 7NEWS that they’re required to submit at least one report a month. If they don’t, there’s no raise, no bonus, no awards and no special assignments.

“Innocent passengers are being entered into an international intelligence database as suspicious persons, acting in a suspicious manner on an aircraft … and they did nothing wrong,” said one federal air marshal.

[…]

These unknowing passengers who are doing nothing wrong are landing in a secret government document called a Surveillance Detection Report, or SDR. Air marshals told 7NEWS that managers in Las Vegas created and continue to maintain this potentially dangerous quota system.

“Do these reports have real life impacts on the people who are identified as potential terrorists?” 7NEWS Investigator Tony Kovaleski asked.

“Absolutely,” a federal air marshal replied.

[…]

What kind of impact would it have for a flying individual to be named in an SDR?

“That could have serious impact … They could be placed on a watch list. They could wind up on databases that identify them as potential terrorists or a threat to an aircraft. It could be very serious,” said Don Strange, a former agent in charge of air marshals in Atlanta. He lost his job attempting to change policies inside the agency.

This is so insane, it can’t possibly be true. But I have been stunned before by the stupidity of the Department of Homeland Security.

EDITED TO ADD (7/27): This is what Brock Meeks said on David Farber’s IP mailing list:

Well, it so happens that I was the one that BROKE this story… way back in 2004. There were at least two offices, Miami and Las Vegas that had this quota system for writing up and filing “SDRs.”

The requirement was totally renegade and NOT endorsed by Air Marshal officials in Washington. The Las Vegas Air Marshal field office was (I think he’s retired now) by a real cowboy at the time, someone that caused a lot of problems for the Washington HQ staff. (That official once grilled an Air Marshal for three hours in an interrogation room because he thought the air marshal was source of mine on another story. The air marshal was then taken off flight status and made to wash the office cars for two weeks… I broke that story, too. And no, the punished air marshal was never a source of mine.)

Air marshals told they were filing false reports, as they did below, just to hit the quota.

When my story hit, those in the offices of Las Vegas and Miami were reprimanded and the practice was ordered stopped by Washington HQ.

I suppose the biggest question I have for this story is the HYPE of what happens to these reports. They do NOT place the person mention on a “watch list.” These reports, filed on Palm Pilot PDAs, go into an internal Air Marshal database that is rarely seen and pretty much ignored by other intelligence agencies, from all sources I talked to.

Why? Because the air marshals are seen as little more than “sky cops” and these SDRs considered little more than “field interviews” that cops sometimes file when they question someone loitering at a 7-11 too late at night.

The quota system, if it is still going on, is heinous, but it hardly results in the big spooky data collection scare that this cheapjack Denver “investigative” TV reporter makes it out to be.

The quoted former field official from Atlanta, Don Strange, did, in fact, lose his job over trying to chance internal policies. He was the most well-liked official among the rank and file and the Atlanta office, under his command, had the highest morale in the nation.

Posted on July 25, 2006 at 9:55 AMView Comments

UK Report on July 7th Terrorist Bombings

About the Intelligence and Security Committee:

Parliamentary oversight of SIS, GCHQ and the Security Service is provided by the Intelligence and Security Committee (ISC), established by the Intelligence Services Act 1994. The Committee examines the expenditure, administration and policy of the three Agencies. It operates within the ‘ring of secrecy’ and has wide access to the range of Agency activities and to highly classified information. Its cross­party membership of nine from both Houses is appointed by the Prime Minister after consultation with the Leader of the Opposition. The Committee is required to report annually to the Prime Minister on its work. These reports, after any deletions of sensitive material, are placed before Parliament by the Prime Minister. The Committee also provides ad hoc reports to the Prime Minister from time to time. The Chairman of the Intelligence and Security Committee is the Right Honourable Paul Murphy. The Committee is supported by a Clerk and secretariat in the Cabinet Office and can employ an investigator to pursue specific matters in greater detail.

They have released the “Intelligence and Security Committee Report into the London Terrorist Attacks on 7 July 2005,” and the UK government has issued a response.

Posted on May 31, 2006 at 11:19 AMView Comments

Reconceptualizing National Intelligence

From the Federation of American Scientists:

A new study published by the CIA Center for the Study of Intelligence calls for a fundamental reconceptualization of the process of intelligence analysis in order to overcome the “pathologies” that have rendered it increasingly dysfunctional.

“Curing Analytic Pathologies” (pdf) by Jeffrey R. Cooper has been available up to now in limited circulation in hard copy only. Like several other recent studies critical of U.S. intelligence, it was withheld from the CIA web site. It has now been published on the Federation of American Scientists web site.

It’s an interesting report. Unfortunately, the PDF on the website is scanned, so it’s hard to copy and paste sections into this blog.

Posted on May 15, 2006 at 7:21 AMView Comments

New Zealand Espionage History

This is fascinating:

Among the personal papers bequeathed to the nation by former Prime Minister David Lange is a numbered copy of a top secret report from the organisation that runs the ‘spy domes’ at Waihopai and Tangimoana. It provides an unprecedented insight into how espionage was conducted 20 years ago.

[…]

Much of the GCSB’s work involved translating and analysing communications intercepted by other agencies, “most of the raw traffic used … (coming) from GCHQ/NSA sources”, the British and US signals intelligence agencies.

Its report says “reporting on items of intelligence derived from South Pacific telex messages on satellite communications links was accelerated during the year.

“A total of 171 reports were published, covering the Solomons, Fiji, Tonga and international organisations operating in the Pacific. The raw traffic for this reporting provided by NSA the US National Security Agency).”

The GCSB also produced 238 intelligence reports on Japanese diplomatic cables, using “raw traffic from GCHQ/NSA sources”. This was down from the previous year: “The Japanese government implementation of a new high grade cypher system seriously reduced the bureau’s output.” For French government communications, the GCSB “relied heavily on (British) GCHQ acquisition and forwarding of French Pacific satellite intercept”.

The report lists the Tangimoana station’s targets in 1985-86 as “French South Pacific civil, naval and military; French Antarctic civil; Vietnamese diplomatic; North Korean diplomatic; Egyptian diplomatic; Soviet merchant and scientific research shipping; Soviet Antarctic civil. Soviet fisheries; Argentine naval; Non-Soviet Antarctic civil; East German diplomatic; Japanese diplomatic; Philippine diplomatic; South African Armed Forces; Laotian diplomatic (and) UN diplomatic.”

The station intercepted 165,174 messages from these targets, “an increase of approximately 37,000 on the 84/85 figure. Reporting on the Soviet target increased by 20% on the previous year”.

Posted on January 25, 2006 at 12:58 PMView Comments

1 21 22 23 24 25

Sidebar photo of Bruce Schneier by Joe MacInnis.