Entries Tagged "military"

Page 3 of 16

US Identifies and Destroys ISIS Headquarters Because of "Selfie"

The news media is buzzing about how the US military identified the location of an ISIS HQ because someone there took a photo and posted it.

Quoting Air Force General Hawk Carlisle, head of Air Combat Command:

“The guys that were working down out of Hurlburt, they’re combing through social media and they see some moron standing at this command. And in some social media, open forum, bragging about the command and control capabilities for Daesh, ISIL. And these guys go: ‘We got an in.’ So they do some work, long story short, about 22 hours later through that very building, three [Joint Direct Attack Munitions] take that entire building out.”

It’s not clear how the location was identified: physical objects in the background of the selfie, location information in the EXIF fields, or something else.

I’m not sure I believe this story, but it’s certainly possible.

EDITED TO ADD (6/7): Here’s the photo. Looks like the roadsign in the background helped a lot.

Posted on June 5, 2015 at 2:38 PMView Comments

US Also Tried Stuxnet Against North Korea

According to a Reuters article, the US military tried to launch Stuxnet against North Korea in addition to Iran:

According to one U.S. intelligence source, Stuxnet’s developers produced a related virus that would be activated when it encountered Korean-language settings on an infected machine.

But U.S. agents could not access the core machines that ran Pyongyang’s nuclear weapons program, said another source, a former high-ranking intelligence official who was briefed on the program.

The official said the National Security Agency-led campaign was stymied by North Korea’s utter secrecy, as well as the extreme isolation of its communications systems.

Posted on June 1, 2015 at 6:33 AMView Comments

Understanding the Organizational Failures of Terrorist Organizations

New research: Max Abrahms and Philip B.K. Potter, “Explaining Terrorism: Leadership Deficits and Militant Group Tactics,” International Organizations.

Abstract: Certain types of militant groups—those suffering from leadership deficits—are more likely to attack civilians. Their leadership deficits exacerbate the principal-agent problem between leaders and foot soldiers, who have stronger incentives to harm civilians. We establish the validity of this proposition with a tripartite research strategy that balances generalizability and identification. First, we demonstrate in a sample of militant organizations operating in the Middle East and North Africa that those lacking centralized leadership are prone to targeting civilians. Second, we show that when the leaderships of militant groups are degraded from drone strikes in the Afghanistan-Pakistan tribal regions, the selectivity of organizational violence plummets. Third, we elucidate the mechanism with a detailed case study of the al-Aqsa Martyrs Brigade, a Palestinian group that turned to terrorism during the Second Intifada because pressure on the leadership allowed low-level members to act on their preexisting incentives to attack civilians. These findings indicate that a lack of principal control is an important, underappreciated cause of militant group violence against civilians.

I have previously blogged Max Abrahms’s work here, here, and here.

Posted on March 19, 2015 at 8:09 AMView Comments

US Air Force is Focusing on Cyber Deception

The US Air Force is focusing on cyber deception next year:

Background: Deception is a deliberate act to conceal activity on our networks, create uncertainty and confusion against the adversary’s efforts to establish situational awareness and to influence and misdirect adversary perceptions and decision processes. Military deception is defined as “those actions executed to deliberately mislead adversary decision makers as to friendly military capabilities, intentions, and operations, thereby causing the adversary to take specific actions (or inactions) that will contribute to the accomplishment of the friendly mission.” Military forces have historically used techniques such as camouflage, feints, chaff, jammers, fake equipment, false messages or traffic to alter an enemy’s perception of reality. Modern day military planners need a capability that goes beyond the current state-of-the-art in cyber deception to provide a system or systems that can be employed by a commander when needed to enable deception to be inserted into defensive cyber operations.

Relevance and realism are the grand technical challenges to cyber deception. The application of the proposed technology must be relevant to operational and support systems within the DoD. The DoD operates within a highly standardized environment. Any technology that significantly disrupts or increases the cost to the standard of practice will not be adopted. If the technology is adopted, the defense system must appear legitimate to the adversary trying to exploit it.

Objective: To provide cyber-deception capabilities that could be employed by commanders to provide false information, confuse, delay, or otherwise impede cyber attackers to the benefit of friendly forces. Deception mechanisms must be incorporated in such a way that they are transparent to authorized users, and must introduce minimal functional and performance impacts, in order to disrupt our adversaries and not ourselves. As such, proposed techniques must consider how challenges relating to transparency and impact will be addressed. The security of such mechanisms is also paramount, so that their power is not co-opted by attackers against us for their own purposes. These techniques are intended to be employed for defensive purposes only on networks and systems controlled by the DoD.

Advanced techniques are needed with a focus on introducing varying deception dynamics in network protocols and services which can severely impede, confound, and degrade an attacker’s methods of exploitation and attack, thereby increasing the costs and limiting the benefits gained from the attack. The emphasis is on techniques that delay the attacker in the reconnaissance through weaponization stages of an attack and also aid defenses by forcing an attacker to move and act in a more observable manner. Techniques across the host and network layers or a hybrid thereof are of interest in order to provide AF cyber operations with effective, flexible, and rapid deployment options.

More discussion here.

Posted on August 20, 2014 at 5:08 AMView Comments

US National Guard is Getting Into Cyberwar

The Maryland Air National Guard needs a new facility for its cyberwar operations:

The purpose of this facility is to house a Network Warfare Group and ISR Squadron. The Cyber mission includes a set of capabilities, expertise to enable the cyber operational need for an always-on, net-speed awareness and integrated operational response with global reach. It enables operators to drive upstream in pursuit of cyber adversaries, and is informed 24/7 by intelligence and all-source information.

Is this something we want the Maryland Air National Guard to get involved in?

Posted on July 17, 2014 at 3:16 PMView Comments

Finding People's Locations Based on Their Activities in Cyberspace

Glenn Greenwald is back reporting about the NSA, now with Pierre Omidyar’s news organization FirstLook and its introductory publication, The Intercept. Writing with national security reporter Jeremy Scahill, his first article covers how the NSA helps target individuals for assassination by drone.

Leaving aside the extensive political implications of the story, the article and the NSA source documents reveal additional information about how the agency’s programs work. From this and other articles, we can now piece together how the NSA tracks individuals in the real world through their actions in cyberspace.

Its techniques to locate someone based on their electronic activities are straightforward, although they require an enormous capability to monitor data networks. One set of techniques involves the cell phone network, and the other the Internet.

Tracking Locations With Cell Towers

Every cell-phone network knows the approximate location of all phones capable of receiving calls. This is necessary to make the system work; if the system doesn’t know what cell you’re in, it isn’t able to route calls to your phone. We already know that the NSA conducts physical surveillance on a massive scale using this technique.

By triangulating location information from different cell phone towers, cell phone providers can geolocate phones more accurately. This is often done to direct emergency services to a particular person, such as someone who has made a 911 call. The NSA can get this data either by network eavesdropping with the cooperation of the carrier, or by intercepting communications between the cell phones and the towers. A previously released Top Secret NSA document says this: "GSM Cell Towers can be used as a physical-geolocation point in relation to a GSM handset of interest."

This technique becomes even more powerful if you can employ a drone. Greenwald and Scahill write:

The agency also equips drones and other aircraft with devices known as "virtual base-tower transceivers"—creating, in effect, a fake cell phone tower that can force a targeted person’s device to lock onto the NSA’s receiver without their knowledge.

The drone can do this multiple times as it flies around the area, measuring the signal strength—and inferring distance—each time. Again from the Intercept article:

The NSA geolocation system used by JSOC is known by the code name GILGAMESH. Under the program, a specially constructed device is attached to the drone. As the drone circles, the device locates the SIM card or handset that the military believes is used by the target.

The Top Secret source document associated with the Intercept story says:

As part of the GILGAMESH (PREDATOR-based active geolocation) effort, this team used some advanced mathematics to develop a new geolocation algorithm intended for operational use on unmanned aerial vehicle (UAV) flights.

This is at least part of that advanced mathematics.

None of this works if the target turns his phone off or exchanges SMS cards often with his colleagues, which Greenwald and Scahill write is routine. It won’t work in much of Yemen, which isn’t on any cell phone network. Because of this, the NSA also tracks people based on their actions on the Internet.

Finding You From Your Web Connection

A surprisingly large number of Internet applications leak location data. Applications on your smart phone can transmit location data from your GPS receiver over the Internet. We already know that the NSA collects this data to determine location. Also, many applications transmit the IP address of the network the computer is connected to. If the NSA has a database of IP addresses and locations, it can use that to locate users.

According to a previously released Top Secret NSA document, that program is code named HAPPYFOOT: "The HAPPYFOOT analytic aggregated leaked location-based service / location-aware application data to infer IP geo-locations."

Another way to get this data is to collect it from the geographical area you’re interested in. Greenwald and Scahill talk about exactly this:

In addition to the GILGAMESH system used by JSOC, the CIA uses a similar NSA platform known as SHENANIGANS. The operation—previously undisclosed—utilizes a pod on aircraft that vacuums up massive amounts of data from any wireless routers, computers, smart phones or other electronic devices that are within range.

And again from an NSA document associated with the FirstLook story: “Our mission (VICTORYDANCE) mapped the Wi-Fi fingerprint of nearly every major town in Yemen.” In the hacker world, this is known as war-driving, and has even been demonstrated from drones.

Another story from the Snowden documents describes a research effort to locate individuals based on the location of wifi networks they log into.

This is how the NSA can find someone, even when their cell phone is turned off and their SIM card is removed. If they’re at an Internet café, and they log into an account that identifies them, the NSA can locate them—because the NSA already knows where that wifi network is.

This also explains the drone assassination of Hassan Guhl, also reported in the Washington Post last October. In the story, Guhl was at an Internet cafe when he read an email from his wife. Although the article doesn’t describe how that email was intercepted by the NSA, the NSA was able to use it to determine his location.

There’s almost certainly more. NSA surveillance is robust, and they almost certainly have several different ways of identifying individuals on cell phone and Internet connections. For example, they can hack individual smart phones and force them to divulge location information.

As fascinating as the technology is, the critical policy question—and the one discussed extensively in the FirstLook article—is how reliable all this information is. While much of the NSA’s capabilities to locate someone in the real world by their network activity piggy-backs on corporate surveillance capabilities, there’s a critical difference: False positives are much more expensive. If Google or Facebook get a physical location wrong, they show someone an ad for a restaurant they’re nowhere near. If the NSA gets a physical location wrong, they call a drone strike on innocent people.

As we move to a world where all of us are tracked 24/7, these are the sorts of trade-offs we need to keep in mind.

This essay previously appeared on TheAtlantic.com.

Edited to add: this essay has been translated into French.

Posted on February 13, 2014 at 6:03 AMView Comments

Book Review: Rise of the Warrior Cop

Rise of the Warrior Cop: The Militarization of America’s Police Forces, by Radley Balko, PublicAffairs, 2013, 400 pages.

War as a rhetorical concept is firmly embedded in American culture. Over the past several decades, federal and local law enforcement has been enlisted in a war on crime, a war on drugs and a war on terror. These wars are more than just metaphors designed to rally public support and secure budget appropriations. They change the way we think about what the police do. Wars mean shooting first and asking questions later. Wars require military tactics and weaponry. Wars mean civilian casualties.

Over the decades, the war metaphor has resulted in drastic changes in the way the police operate. At both federal and state levels, the formerly hard line between police and military has blurred. Police are increasingly using military weaponry, employing military tactics and framing their mission using military terminology. Right now, there is a Third Amendment case—that’s the one about quartering soldiers in private homes without consent—making its way through the courts. It involves someone who refused to allow the police to occupy his home in order to gain a “tactical advantage” against the house next-door. The police returned later, broke down his door, forced him to the floor and then arrested him for obstructing an officer. They also shot his dog with pepperball rounds. It’s hard to argue with the premise of this case; police officers are acting so much like soldiers that it can be hard to tell the difference.

In Rise of the Warrior Cop, Radley Balko chronicles the steady militarization of the police in the U.S. A detailed history of a dangerous trend, Mr. Balko’s book tracks police militarization over the past 50 years, a period that not coincidentally corresponds with the rise of SWAT teams. First established in response to the armed riots of the late 1960s, they were originally exclusive to big cities and deployed only against heavily armed and dangerous criminals. Today SWAT teams are nothing special. They’ve multiplied like mushrooms. Every city has a SWAT team; 80% of towns between 25,000 and 50,000 people do as well. These teams are busy; in 2005 there were between 50,000 and 60,000 SWAT raids in the U.S. The tactics are pretty much what you would expect—breaking down doors, rushing in with military weaponry, tear gas—but the targets aren’t. SWAT teams are routinely deployed against illegal poker games, businesses suspected of employing illegal immigrants and barbershops with unlicensed hair stylists.

In Prince George’s County, MD, alone, SWAT teams were deployed about once a day in 2009, overwhelmingly to serve search or arrest warrants, and half of those warrants were for “misdemeanors and nonserious felonies.” Much of Mr. Balko’s data is approximate, because police departments don’t publish data, and they uniformly oppose any attempts at transparency or oversight. But he has good Maryland data from 2009 on, because after the mayor of Berwyn Heights was mistakenly attacked and terrorized in his home by a SWAT team in 2008, the state passed a law requiring police to report quarterly on their use of SWAT teams: how many times, for what purposes and whether any shots were fired during the raids.

Besides documenting policy decisions at the federal and state levels, the author examines the influence of military contractors who have looked to expand into new markets. And he tells some pretty horrific stories of SWAT raids gone wrong. A lot of dogs get shot in the book. Most interesting are the changing attitudes of police. As the stories progress from the 1960s to the 2000s, we see police shift from being uncomfortable with military weapons and tactics—and deploying them only as the very last resort in the most extreme circumstances—to accepting and even embracing their routine use.

This development coincides with the rhetorical use of the word “war.” To the police, civilians are citizens to protect. To the military, we are a population to be subdued. Wars can temporarily override the Constitution. When the Justice Department walks into Congress with requests for money and new laws to fight a war, it is going to get a different response than if it came in with a story about fighting crime. Maybe the most chilling quotation in the book is from William French Smith, President Reagan’s first attorney general: “The Justice Department is not a domestic agency. It is the internal arm of national defense.” Today we see that attitude in the war on terror. Because it’s a war, we can arrest and imprison Americans indefinitely without charges. We can eavesdrop on the communications of all Americans without probable cause. We can assassinate American citizens without due process. We can have secret courts issuing secret rulings about secret laws. The militarization of the police is just one aspect of an increasing militarization of government.

Mr. Balko saves his prescriptions for reform until the last chapter. Two of his fixes, transparency and accountability, are good remedies for all governmental overreach. Specific to police departments, he also recommends halting mission creep, changing police culture and embracing community policing. These are far easier said than done. His final fix is ending the war on drugs, the source of much police violence. To this I would add ending the war on terror, another rhetorical war that costs us hundreds of billions of dollars, gives law enforcement powers directly prohibited by the Constitution and leaves us no safer.

This essay originally appeared in the Wall Street Journal.

Related essay.

Posted on August 13, 2013 at 1:31 PMView Comments

1 2 3 4 5 16

Sidebar photo of Bruce Schneier by Joe MacInnis.