Schneier on Security: Tagged Iraq

Entries Tagged "Iraq"

Page 1 of 3

UK Admitting "Offensive Cyber" Against ISIS/Daesh

I think this might be the first time it has been openly acknowledged:

Sir Michael Fallon, the defence secretary, has said Britain is using cyber warfare in the bid to retake Mosul from Islamic State. Speaking at an international conference on waging war through advanced technology, Fallon made it clear Britain was unleashing its cyber capability on IS, also known as Daesh. Asked if the UK was launching cyber attacks in the bid to take the northern Iraqi city from IS, he replied:

I’m not going into operational specifics, but yes, you know we are conducting military operations against Daesh as part of the international coalition, and I can confirm that we are using offensive cyber for the first time in this campaign.

Posted on October 24, 2016 at 2:12 PM • View Comments

ISIS Cyberattacks

Citizen Lab has a new report on a probable ISIS-launched cyberattack:

This report describes a malware attack with circumstantial links to the Islamic State in Iraq and Syria. In the interest of highlighting a developing threat, this post analyzes the attack and provides a list of Indicators of Compromise.

A Syrian citizen media group critical of Islamic State of Iraq and Syria (ISIS) was recently targeted in a customized digital attack designed to unmask their location. The Syrian group, Raqqah is being Slaughtered Silently (RSS), focuses its advocacy on documenting human rights abuses by ISIS elements occupying the city of Ar-Raqah. In response, ISIS forces in the city have reportedly targeted the group with house raids, kidnappings, and an alleged assassination. The group also faces online threats from ISIS and its supporters, including taunts that ISIS is spying on the group.

Though we are unable to conclusively attribute the attack to ISIS or its supporters, a link to ISIS is plausible. The malware used in the attack differs substantially from campaigns linked to the Syrian regime, and the attack is focused against a group that is an active target of ISIS forces.

News article.

Posted on December 18, 2014 at 10:07 AM • View Comments

Insurgent Groups Exhibit Learning Curve

Interesting research:

After analyzing reams of publicly available data on casualties from Iraq, Afghanistan, Pakistan and decades of terrorist attacks, the scientists conclude that “insurgents pretty much seemed to be following a progress curve—or a learning curve—that’s very common in the manufacturing literature,” says physicist Neil Johnson of the University of Miami in Florida and lead author of the study.

Paper here.

Posted on July 12, 2011 at 7:13 AM • View Comments

The Power Law of Terrorism

Research result #1: “A Generalized Fission-Fusion Model for the Frequency of Severe Terrorist Attacks,” by Aaron Clauset and Frederik W. Wiegel.

Plot the number of people killed in terrorists attacks around the world since 1968 against the frequency with which such attacks occur and you’ll get a power law distribution, that’s a fancy way of saying a straight line when both axis have logarithmic scales.

The question, of course, is why? Why not a normal distribution, in which there would be many orders of magnitude fewer extreme events?

Aaron Clauset and Frederik Wiegel have built a model that might explain why. The model makes five simple assumptions about the way terrorist groups grow and fall apart and how often they carry out major attacks. And here’s the strange thing: this model almost exactly reproduces the distribution of terrorists attacks we see in the real world.

These assumptions are things like: terrorist groups grow by accretion (absorbing other groups) and fall apart by disintegrating into individuals. They must also be able to recruit from a more or less unlimited supply of willing terrorists within the population.

Research Result #2: “Universal Patterns Underlying Ongoing Wars and Terrorism,” by Neil F. Johnson, Mike Spagat, Jorge A. Restrepo, Oscar Becerra, Juan Camilo Bohorquez, Nicolas Suarez, Elvira Maria Restrepo, and Roberto Zarama.

In the case of the Iraq war, we might ask how many conflicts causing ten casualties are expected to occur over a one-year period. According to the data, the answer is the average number of events per year times 10^-2.3, or 0.005. If we instead ask how many events will cause twenty casualties, the answer is proportional to 20^-2.3. Taking into account the entire history of any given war, one finds that the frequency of events on all scales can be predicted by exactly the same exponent.

Professor Neil Johnson of Oxford University has come up with a remarkable result regarding these power laws: for several different wars, the exponent has about the same value. Johnson studied the long-standing conflict in Colombia, the war in Iraq, the global rate of terrorist attacks in non-G7 countries, and the war in Afghanistan. In each case, the power law exponent that predicted the distribution of conflicts was close to the value 2.5.

This doesn’t surprise me; power laws are common in naturally random phenomena.

Posted on January 12, 2010 at 1:46 PM • View Comments

Intercepting Predator Video

Sometimes mediocre encryption is better than strong encryption, and sometimes no encryption is better still.

The Wall Street Journal reported this week that Iraqi, and possibly also Afghan, militants are using commercial software to eavesdrop on U.S. Predators, other unmanned aerial vehicles, or UAVs, and even piloted planes. The systems weren’t “hacked”—the insurgents can’t control them—but because the downlink is unencrypted, they can watch the same video stream as the coalition troops on the ground.

The naive reaction is to ridicule the military. Encryption is so easy that HDTVs do it—just a software routine and you’re done—and the Pentagon has known about this flaw since Bosnia in the 1990s. But encrypting the data is the easiest part; key management is the hard part. Each UAV needs to share a key with the ground station. These keys have to be produced, guarded, transported, used and then destroyed. And the equipment, both the Predators and the ground terminals, needs to be classified and controlled, and all the users need security clearance.

The command and control channel is, and always has been, encrypted—because that’s both more important and easier to manage. UAVs are flown by airmen sitting at comfortable desks on U.S. military bases, where key management is simpler. But the video feed is different. It needs to be available to all sorts of people, of varying nationalities and security clearances, on a variety of field terminals, in a variety of geographical areas, in all sorts of conditions—with everything constantly changing. Key management in this environment would be a nightmare.

Additionally, how valuable is this video downlink is to the enemy? The primary fear seems to be that the militants watch the video, notice their compound being surveilled and flee before the missiles hit. Or notice a bunch of Marines walking through a recognizable area and attack them. This might make a great movie scene, but it’s not very realistic. Without context, and just by peeking at random video streams, the risk caused by eavesdropping is low.

Contrast this with the additional risks if you encrypt: A soldier in the field doesn’t have access to the real-time video because of a key management failure; a UAV can’t be quickly deployed to a new area because the keys aren’t in place; we can’t share the video information with our allies because we can’t give them the keys; most soldiers can’t use this technology because they don’t have the right clearances. Given this risk analysis, not encrypting the video is almost certainly the right decision.

There is another option, though. During the Cold War, the NSA’s primary adversary was Soviet intelligence, and it developed its crypto solutions accordingly. Even though that level of security makes no sense in Bosnia, and certainly not in Iraq and Afghanistan, it is what the NSA had to offer. If you encrypt, they said, you have to do it “right.”

The problem is, the world has changed. Today’s insurgent adversaries don’t have KGB-level intelligence gathering or cryptanalytic capabilities. At the same time, computer and network data gathering has become much cheaper and easier, so they have technical capabilities the Soviets could only dream of. Defending against these sorts of adversaries doesn’t require military-grade encryption only where it counts; it requires commercial-grade encryption everywhere possible.

This sort of solution would require the NSA to develop a whole new level of lightweight commercial-grade security systems for military applications—not just office-data “Sensitive but Unclassified” or “For Official Use Only” classifications. It would require the NSA to allow keys to be handed to uncleared UAV operators, and perhaps read over insecure phone lines and stored in people’s back pockets. It would require the sort of ad hoc key management systems you find in internet protocols, or in DRM systems. It wouldn’t be anywhere near perfect, but it would be more commensurate with the actual threats.

And it would help defend against a completely different threat facing the Pentagon: The PR threat. Regardless of whether the people responsible made the right security decision when they rushed the Predator into production, or when they convinced themselves that local adversaries wouldn’t know how to exploit it, or when they forgot to update their Bosnia-era threat analysis to account for advances in technology, the story is now being played out in the press. The Pentagon is getting beaten up because it’s not protecting against the threat—because it’s easy to make a sound bite where the threat sounds really dire. And now it has to defend against the perceived threat to the troops, regardless of whether the defense actually protects the troops or not. Reminds me of the TSA, actually.

So the military is now committed to encrypting the video … eventually. The next generation Predators, called Reapers—Who names this stuff? Second-grade boys?—will have the same weakness. Maybe we’ll have encrypted video by 2010, or 2014, but I don’t think that’s even remotely possible unless the NSA relaxes its key management and classification requirements and embraces a lightweight, less secure encryption solution for these sorts of situations. The real failure here is the failure of the Cold War security model to deal with today’s threats.

This essay originally appeared on Wired.com.

EDITED TO ADD (12/24): Good article from The New Yorker on the uses—and politics—of these UAVs.

EDITED TO ADD (12/30): Error corrected—”uncleared UAV operators” should have read “uncleared UAV viewers.” The point is that the operators in the U.S. are cleared and their communications are encrypted, but the viewers in Asia are uncleared and the data is unencrypted.

Posted on December 24, 2009 at 5:24 AM • View Comments

The U.S. Civil Rights Movement as an Insurgency

This is interesting:

Most Americans fail to appreciate that the Civil Rights movement was about the overthrow of an entrenched political order in each of the Southern states, that the segregationists who controlled this order did not hesitate to employ violence (law enforcement, paramilitary, mob) to preserve it, and that for nearly a century the federal government tacitly or overtly supported the segregationist state governments. That the Civil Rights movement employed nonviolent tactics should fool us no more than it did the segregationists, who correctly saw themselves as being at war. Significant change was never going to occur within the political system: it had to be forced. The aim of the segregationists was to keep the federal government on the sidelines. The aim of the Civil Rights movement was to “capture” the federal government—to get it to apply its weight against the Southern states. As to why it matters: a major reason we were slow to grasp the emergence and extent of the insurgency in Iraq is that it didn’t—and doesn’t—look like a classic insurgency. In fact, the official Department of Defense definition of insurgency still reflects a Vietnam era understanding of the term. Looking at the Civil Rights movement as an insurgency is useful because it assists in thinking more comprehensively about the phenomenon of insurgency and assists in a more complete—and therefore more useful—definition of the term.

The link to his talk is broken, unfortunately.

EDITED TO ADD (12/15): Video here. Thanks, mcb.

Posted on December 15, 2009 at 7:57 AM • View Comments

The Doghouse: ADE 651

A divining rod to find explosives in Iraq:

ATSC’s promotional material claims that its device can find guns, ammunition, drugs, truffles, human bodies and even contraband ivory at distances up to a kilometer, underground, through walls, underwater or even from airplanes three miles high. The device works on “electrostatic magnetic ion attraction,” ATSC says.

To detect materials, the operator puts an array of plastic-coated cardboard cards with bar codes into a holder connected to the wand by a cable. “It would be laughable,” Colonel Bidlack said, “except someone down the street from you is counting on this to keep bombs off the streets.”

Proponents of the wand often argue that errors stem from the human operator, who they say must be rested, with a steady pulse and body temperature, before using the device.

Then the operator must walk in place a few moments to “charge” the device, since it has no battery or other power source, and walk with the wand at right angles to the body. If there are explosives or drugs to the operator’s left, the wand is supposed to swivel to the operator’s left and point at them.

If, as often happens, no explosives or weapons are found, the police may blame a false positive on other things found in the car, like perfume, air fresheners or gold fillings in the driver’s teeth.

Complete quackery, sold by Cumberland Industries:

Still, the Iraqi government has purchased more than 1,500 of the devices, known as the ADE 651, at costs from $16,500 to $60,000 each. Nearly every police checkpoint, and many Iraqi military checkpoints, have one of the devices, which are now normally used in place of physical inspections of vehicles.

James Randi says:

This Foundation will give you our million-dollar prize upon the successful testing of the ADE651® device. Such test can be performed by anyone, anywhere, under your conditions, by you or by any appointed person or persons, in direct satisfaction of any or all of the provisions laid out above by you.

No one will respond to this, because the ADE651® is a useless, quack, device which cannot perform any other function than separating naïve persons from their money. It’s a fake, a scam, a swindle, and a blatant fraud. The manufacturers, distributors, vendors, advertisers, and retailers of the ADE651® device are criminals, liars, and thieves who will ignore this challenge because they know the device, the theory, the described principles of operation, and the technical descriptions given, are nonsense, lies, and fraudulent.

And he quotes from the Cumberland Industries literature (not online, unfortunately):

Ignores All Known Concealment Methods. By programming the detection cards to specifically target a particular substance, (through the proprietary process of electro-static matching of the ionic charge and structure of the substance), the ADE651® will “by-pass” all known attempts to conceal the target substance. It has been shown to penetrate Lead, other metals, concrete, and other matter (including hiding in the body) used in attempts to block the attraction.

No Consumables nor Maintenance Contracts Required. Unlike Trace Detectors that require the supply of sample traps, the ADE651® does not utilize any consumables (exceptions include: cotton-gloves and cleanser) thereby reducing the operational costs of the equipment. The equipment is Operator maintained and requires no ongoing maintenance service contracts. It comes with a hardware three year warranty. Since the equipment is powered electro statically, there are no batteries or conventional power supplies to change or maintain.

One interesting point is that the effectiveness of this device depends strongly on what the bad guys think about its effectiveness. If the bad guys think it works, they have to find someone who is 1) willing to kill himself, and 2) rational enough to keep his cool while being tested by one of these things. I’ll bet that the ADE651 makes it harder to recruit suicide bombers.

But what happened to the days when you could buy a divining rod for $100?

EDITED TO ADD (11/11): In case the company pulls the spec sheet, it’s archived here.

Posted on November 6, 2009 at 6:55 AM •

David Kilcullen on Security and Insurgency

Very interesting hour-long interview.

Australian-born David Kilcullen was the senior advisor to US General David Petraeus during his time in Iraq, advising on counterinsurgency. The implementation of his strategies are now regarded as a major turning point in the war.

Here, in a fascinating discussion with human rights lawyer Julian Burnside at the Melbourne Writers’ Festival, he talks about the ethics and tactics of contemporary warfare.

Posted on September 7, 2009 at 7:33 AM • View Comments

Matthew Alexander on Torture

Alexander is a former Special Operations interrogator who worked in Iraq in 2006. His op-ed is worth reading:

I learned in Iraq that the No. 1 reason foreign fighters flocked there to fight were the abuses carried out at Abu Ghraib and Guantanamo. Our policy of torture was directly and swiftly recruiting fighters for al-Qaeda in Iraq. The large majority of suicide bombings in Iraq are still carried out by these foreigners. They are also involved in most of the attacks on U.S. and coalition forces in Iraq. It’s no exaggeration to say that at least half of our losses and casualties in that country have come at the hands of foreigners who joined the fray because of our program of detainee abuse. The number of U.S. soldiers who have died because of our torture policy will never be definitively known, but it is fair to say that it is close to the number of lives lost on Sept. 11, 2001. How anyone can say that torture keeps Americans safe is beyond me—unless you don’t count American soldiers as Americans.

Also, this interview from Harper’s:

In Iraq, we lived the “ticking time bomb” scenario every day. Numerous Al Qaeda members that we captured and interrogated were directly involved in coordinating suicide bombing attacks. I remember one distinct case of a Sunni imam who was caught just after having blessed suicide bombers to go on a mission. Had we gotten there just an hour earlier, we could have saved lives. Still, we knew that if we resorted to torture the short term gains would be outweighed by the long term losses. I listened time and time again to foreign fighters, and Sunni Iraqis, state that the number one reason they had decided to pick up arms and join Al Qaeda was the abuses at Abu Ghraib and the authorized torture and abuse at Guantanamo Bay. My team of interrogators knew that we would become Al Qaeda’s best recruiters if we resorted to torture. Torture is counterproductive to keeping America safe and it doesn’t matter if we do it or if we pass it off to another government. The result is the same. And morally, I believe, there is an even stronger argument. Torture is simply incompatible with American principles. George Washington and Abraham Lincoln both forbade their troops from torturing prisoners of war. They realized, as the recent bipartisan Senate report echoes, that this is about who we are. We cannot become our enemy in trying to defeat him.

EDITED TO ADD (1/13): Yet another interview.

Posted on December 30, 2008 at 6:37 AM • View Comments

1 2 3 Next→

Sidebar photo of Bruce Schneier by Joe MacInnis.