International | Security Debrief - a blog of homeland security news and analysis

Archive for the ‘International’ Category

If the Cargo is not Screened, It Does Not Fly

Friday, July 30th, 2010

By Adam Salerno

Businesses Reengineering the Supply Chain for 100 Percent Screening

When Congress passed the Implementing Recommendations of the 9/11 Commission Act of 2007, the law mandated 100 Percent Screening of cargo onboard passenger aircraft “commensurate with checked baggage.” The deadline for that mandate is this weekend, August 1, 2010. The law seeks to ensure that all 20 million lbs. of cargo is screened in advance of flights for explosive detection prior to transport. As Douglas Brittin, the Director of Cargo Security at the Transportation Security Administration (TSA) says, “On August 1, if the cargo is not screened, it does not fly”.

In today’s economy, a vibrant supply chain can ensure that companies have instant access to overnight delivery to nearly 85 percent of the world’s population. While a changing world dictates new necessities to secure the supply chain, the need for expedited trade is an important priority that must be maintained. The U.S. Chamber of Commerce recognizes this fact, which is why we support a multi layered risk based approach to security which maximizes effectiveness and minimizes impact on businesses.

As with any unfunded mandate, the private sector was tasked with financing this effort and working with TSA to ensure this goal is accomplished. The cost has been dramatic. Most air carriers estimate their costs to be in the tens of millions of dollars range. That figure does not include delays or increasing lead time in the supply chain. To add complexity to the issue, the mandate also included all incoming cargo from around the globe be screened. In short, the law forced companies to completely reengineer their supply chain.

To push the mandate out of the confines of the airport, TSA developed the Certified Cargo Screening Program (CCSP). CCSP allows other trusted shippers in the supply chain to participate in the screening process, by securing their facilities, and the chain of custody from manufacturing to the belly of the aircraft. This too proved extremely costly for industry, but something that businesses in all modes of transportation have stepped up for.

Once the domestic deadline is hit, the focus will shift to international inbound flights. TSA needs to step forward at this point and begin to recognize foreign screening methods. Again, because of the nature of the unfunded mandate, it is clear that TSA has not had the resources to pursue this goal yet. However, programs like the German Aviation Security Program or the newly released European Union Framework 300, Rule 185 are comprehensive programs that mirror the basic fundamentals of the TSA program domestically. Working with the international community to ensure that our programs are mutually accepted is essential to ensure that businesses are not duplicating an already burdensome process.

It has been a long and costly road for industry, but with the August 1, 2010 deadline just days away, many are feeling cautiously optimistic that the deadline will be met. Thanks to the ingenuity of the freight forwarders, the airlines, and participants in CCSP, because without their time, effort, and serious investment, a dramatic halt of trade would have become reality. Their investment in security ensured that commerce will continue to move forward at the speed businesses rely on in the air environment.

Adam Salerno is a Senior Manager in the National Security and Emergency Preparedness Department at the U.S. Chamber of Commerce. He also manages the Chamber’s Global Supply Chain Security Working Group.

This piece was originally posted on The ChamberPost, the blog for the U.S. Chamber of Commerce.

Posted in Aviation and airport security, Congress, Politics & PR, Homeland Security Industry & Private Sector, Homeland State & Local, International, Management & Administration, Science & Technology, Supply Chain Security, WMD, Chemical & Biological, counterterrorism | Comments

Bill Would Nix Deadline for Scanning Cargo at Foreign Ports

Wednesday, July 28th, 2010

Bill Would Nix Deadline for Scanning Cargo at Foreign Ports – CQ Homeland Security

A new bipartisan bill would eliminate the congressional mandate for the Department of Homeland Security to scan all U.S.-bound cargo in foreign ports for radiation by 2012.

The bill is one of two measures introduced this week that would reauthorize the 2006 law known as the SAFE Port Act (PL 109-347), which aims to improve maritime and cargo security through layered defenses. One of those layers has involved pushing the scanning and X-ray imaging of cargo away from U.S. ports to the points of departure overseas. Technological and logistical challenges, however, along with difficulties securing the cooperation of foreign governments, have slowed the process. Last week, Customs and Border Protection head Alan D. Bersin called for an alternative approach.

Senate Homeland Security and Governmental Affairs ranking Republican Susan Collins of Maine and Patty Murray, D-Wash., responded to that call when they introduced their reauthorization bill, saying they want to drop the 2012 scanning deadline. The senators said the X-ray scanning technology that CBP has deployed, the reliability of which the agency has called into question, is not perfected. Their bill, as yet unnumbered, would eliminate the 100 percent requirement until Homeland Security Secretary Janet Napolitano certifies that such security measures are effective.

Posted in Border Security, Congress, Politics & PR, International, Maritime & Seaport Security, Science & Technology, WMD, Chemical & Biological, counterterrorism | Comments

Senate Panel to Discuss Afghanistan Amid Leak of War Documents

Monday, July 26th, 2010

Senate Panel to Discuss Afghanistan Amid Leak of War Documents – Homeland Security CQ

The Senate Foreign Relations Committee will hold a hearing Tuesday to discuss options for bringing about political reconciliation in Afghanistan.

The hearing is likely to be overshadowed, however, by a larger discussion on overall U.S. policy in Afghanistan and Pakistan following the release by WikiLeaks over the weekend of more than 92,000 pages of classified documents tracking the war in Afghanistan from January 2004 to December 2009. The New York Times reported that the documents suggest Pakistan’s spy agency, Inter-Services Intelligence, has provided support to the Afghan insurgency and has worked with al Qaeda to plan attacks against U.S. and NATO forces.

Posted in Congress, Politics & PR, Homeland Security & the Internet; Gov't 2.0, Intelligence, International, Management & Administration, counterterrorism | Comments

Should We Seek Cyber Attribution?

Monday, July 26th, 2010

Several news items of late have addressed the thorny issue of cyber attribution; that is, the ability to identify the sources of Web and network attacks. For cyber companies and some government agencies, attribution is the Holy Grail. Without attribution, there can be no real retribution for cyber attacks. If you don’t know (with certainty) who did it, you cannot respond. If you cannot respond, even if you have the means to do so, you become an impotent giant and therefore have no deterrence.

The counter augment, made last week by several experts before Congress, is that if we develop a means of attribution (technology that attributes cyber attacks to the criminals who conducted them), soon bad governments will get it too. They will surely use it against dissident elements inside their own countries to suppress free speech and abridge other civil rights of all sorts. Some folks in the United States worry that our own government will use technology of this sort for similarly nefarious purposes.

So, should we consciously forgo the possibility of deterring bad guys from cyber crime, cyber terror and cyber war because the technology could be used badly? I think the answer is clearly “no.”

Even if the United States and our democratic allies chose not to pursue the sort of technology needed to attribute cyber attacks, repressive countries will still eventually develop their own and use it against their people. We should be as vigorous as possible in discouraging the repression of civil rights, but we cannot give up the possibility of adding to our own protection.

This is one of those situations where national interests trump our idealist desires. If we could keep the attribution technology away forever, you might have an argument, but that is a pipe dream. We should develop it as soon as possible, keep it as closely held as we can for as long as we can, and then use diplomacy to mitigate its improper use. In some cases, that is the best we can do.

Posted in Cyber Security, Homeland Security & the Internet; Gov't 2.0, Intelligence, International, Management & Administration, Science & Technology, counterterrorism | Comments

Building a 21st-Century Strategy to Counter Piracy and al Shabaab

Thursday, July 22nd, 2010

The piracy question and how to deal with it is huge and is about to become a much larger question in the global supply-chain management continuum. I, like other folks, would like nothing more then to send in the Marines and clean out the nest of pirates. But alas, the days of gunboat diplomacy are of a bygone era.

We now engage our adversaries with not only guns and bullets, but also batteries to run our high-tech systems. Increasingly more important is the new adage, “bring lawyers, guns and money.” Nation building will take a great deal of finesse and understanding, as well as forceful measures.

One of these first opening salvos has been fired by the White House, though it seems to have been ignored by the business community with an interest in these matters. The Presidential Executive Order (EO), issued in April 2010, prevents U.S. citizens/entities from making payments to certain named individuals. It also has the potential to prevent any payments to individuals or groups involved in or supporting piracy in Somalia.

The regulatory guidelines for implementing this EO are yet to be promulgated, but given the recent Shabaab attack in Kampala, Uganda, in which at least one U.S. citizen was killed (a crime being investigated by the FBI), one can reasonably expect the enforcement issue of the EO to be forthcoming.

Shabaab is known to have sworn allegiance to bin Laden and Qaeda, and this Shabaab attack will clearly articulate the connections between piracy ransoms, Shabaab and the broader global war on terror. The probable outcome, in my opinion, will be the Lloyds, Joint Hull & Joint War Committees declaring that they will no longer underwrite insurance for kidnap and ransom in this arena. And now the lawyers and money come to the forefront.

In order to operate the critical sea lanes in the Gulf of Aden and the Somali environs, government resources from concerned nations will need to be deployed. The United States may not be the principal user of these lanes, but we are likely one of the principal end-users of the output from the associated supply chain. For this reason, it is important that we gain understanding and proactively look for how we engage the piracy issue. At least 85 percent of our critical infrastructure is privately held, and therein lays the bulk of the responsibility for defending those nodes. Building coalitions across industry and national borders, sharing information and supporting combined military action when needed will be a key effort to meeting the threat.

In one of his first acts of president, Thomas Jefferson met the challenge of pirates. Now, 200 years later, we face a similar situation, which will indeed need lawyers, guns and money. It will also take intelligence, technology and collaboration.

Posted in International, Law Enforcement, Management & Administration, Maritime & Seaport Security, Supply Chain Security, counterterrorism | Comments

The New Face of Aviation Security?

Wednesday, July 21st, 2010

The hunt for someone to lead the Transportation Security Administration (TSA) began in 2009, but it wasn’t until June this year that the Senate confirmed John Pistole as administrator. Pistole was the third nominee for the job, after two earlier hopefuls pulled out (see Southers and Harding). Security Debrief followed the confirmation process every step of the way and found the latest development in this week’s Air Cargo Week.

If you visit TSA’s website, you’ll find Pistole’s photo, which looks like this:

In Air Cargo Week’s Arrivals & Departures section, there is a note on Pistole’s confirmation (first bullet, right column). But the photo referenced is clearly not John Pistole.

Who is this man? Nominee #4? A hero cargo pilot? The publisher’s cousin?

It’s Chris Battle, Security Debrief’s founder and editor.

That’s some good PR.

Posted in Aviation and airport security, Congress, Politics & PR, Critical Infrastructure, Featured Feed, Homeland Security & the Internet; Gov't 2.0, Homeland Security Industry & Private Sector, International, Law Enforcement, Management & Administration, Maritime & Seaport Security, Military & Homeland Defense, Narcotics, counterterrorism | Comments

The Disturbing Value of the Washington Post’s Work

Wednesday, July 21st, 2010

There is always something in the media that captures the conversation of people in Washington, whether it is some unfortunate gaffe that a political figure makes, some new gossip about a government official’s missteps, or the latest poll numbers identifying the rising and falling fortunes of one political power over another. This week seems to be different though.

In a series of front-page exposes entitled, “Top Secret America,” the Washington Post has essentially blown the cover off a number of classified programs and their geographic locations around the country. Using public sources and their own talents as investigative journalists, Post reporters Dana Priest and William Arkin have put together a very impressive piece of work that raises a number of important questions about the explosive growth of the intelligence community since 9/11.

These questions (most notably, “What are we spending billions of tax dollars on?” and “What difference are these investments making?”) echo questions that have been raised by both sides of the political aisles over the past few years. The ability to spend money without thinking or an overarching strategy is a skill that Washington has long perfected to the detriment of American taxpayers. Priest and Arkin’s work highlights some of the waste of tax dollars, particularly those instances where multiple intelligence players are conducting the same intelligence analysis work as their peers.

Shining a light on those actions and raising the questions of why we are doing the same thing multiple times over is certainly of value. But Priest and Arkin and their employer, the Washington Post, have also done something of disturbing value that benefits no one but those persons foreign or domestic that wish to do us harm.

By identifying the geographic locations of some of our country’s top secret facilities (government and private sector) and surmising who does what and where at those spots, the Post reporters created an operative target list that is literally synthesized and ready for use by people whose allegiances are not in American’s best interest. While they used publicly available sources and had the cooperation of the public affairs offices of many of the federal intelligence pieces highlighted in the article, the authors seem to have taken the extra mile to share things that frankly need not be shared.

In the Editor’s note about the series, the Post does share that the newspaper removed from their map graphic the geographic locations of several sensitive facilities. As commendable as that may be, that which the Post details has potentially grave consequences for the men and women who work at those facilities. The fact is that every one of those facilities had a bull’s eye on their front door last week. After this series and its wide online dissemination, that bull’s eye just got a whole lot bigger.

There are very good reasons you are not allowed to photograph inside security screening areas (e.g. airport screening areas).

There are very good reasons that the President and other dignitaries’ motorcade routes are not published in the newspaper.

There are very good reasons that when you go to Google Earth or other digital map services some areas are not available for downloading and printing (e.g. Camp David, MD; Area 51; etc.).

There are also some very good reasons that organizations like the National Security Agency, the National Geospatial Information Agency, and others in the public and private sector do not actively place neon marquee signs outside their locations and say “WE DO INTELLIGENCE WORK HERE!”

Is there signage outside many of these facilities to denote who they are?

For many of these structures there is, but that does not mean any of them want to be featured on a local Chamber of Commerce tourism map. Each of those facilities is spread out around the country for reasons of politics, duplicity, expertise and assignments. None of them has made it a policy of publicly waving a flag to say, “Hey look at me” to draw attention to themselves or the people who work there.

Maybe the Post forgot about the 1993 shootings outside of the CIA’s Langley Headquarters, when Mir Amal Khasi got out of his car with an assault rifle and fired away at CIA employees killing two and injuring three more.

Maybe they’ve forgotten about the numerous shootings that have occurred at the Pentagon over the years by those individuals, whatever their grievance, who decided to open fire or display some type of weapon.

While CIA HQ and the Pentagon are much more publicly known (and accessible structures) than many of those identified by the Post series, the fact remains that the people who work at these lesser known facilities are much more vulnerable for potential harm than they were before. Lesser-known targets are easier to strike than the higher value and publicly recognizable ones. Those structures often have their own security forces to safeguard the perimeter. Some of these others facilities may not. As this series continues to be shared by friend and foe alike, the security posture at those locations is certain to change as terrorists, lunatics and the disenfranchised have been given a hefty menu of targets of opportunity.

According to the Editor’s note, as well as the reporters’ public comments, the Post is not interested in causing any personal harm. Unfortunately, their actions speak louder than their words.

Posted in Critical Infrastructure, Homeland Security Industry & Private Sector, Intelligence, International, Law Enforcement, Management & Administration, Military & Homeland Defense, Private and Physical Security, counterterrorism | Comments

E-passports Key to Border and Travel Security

Monday, July 19th, 2010

A top-rated lacrosse team representing the Iroquois Confederacy apparently won’t be competing in the world championship of the sport their ancestors helped invent. The United Kingdom—which is hosting the tournament—has indicated it will deny entry to the team because its members are not traveling on U.S. passports. The players are understandably upset that despite years of training and commitment, they won’t be able to compete for a championship. In addition, the team members and their supporters have made this an issue of Iroquois identity. However, the British authorities are correct that the decision is a matter of border and travel security rather than Iroquois sovereignty. Iroquois passports, which contain hand-written elements, simply aren’t as secure as the latest generation of U.S. passports.

To terrorists and other criminals, travel documents are as valuable as weapons. Altered passports and visas, or genuine documents obtained fraudulently, allow bad actors to cross borders in the course of planning or carrying out operations. Recognizing this, many countries in recent years have implemented higher security standards for these travel documents so they are considerably more difficult to counterfeit or for an impostor to use should it be lost or stolen. These upgrades significantly enhance the security of international travel. This is one reason, for example, that all citizens from newly designated Visa Waiver Program (VWP) countries are required to travel on electronic passports.

Electronic passports, or e-passports, contain a biometric identifier, either a digitized photo of the bearer or fingerprints or both. Digitized photographs and other biometrics are important because they are harder to substitute or alter than glued or laminated photos, for example.

In addition, e-passports contain a microchip that holds the digitized photograph, fingerprints (if used) and other information visible on the passport data page. The data written to the chip is protected from alteration by the use of a Public Key Infrastructure (PKI) digital signature. When an e-passport is scanned upon entry, the face of the traveler, the data on the data page, and the data on the chip will all match if the traveler is the person to whom the passport was issued. As a result, border officials are better able to intercept suspect travelers and speed entry of legitimate ones.

E-passports also incorporate several other, more technical security measures (such as watermarks and the like) to guard against fraud or other tampering. Just as important as the security of the document itself is compliance with international standards for reporting lost and stolen passports. The INTERPOL Stolen and Lost Travel Document (SLTD) database – which is the preferred repository for these reports – is used at primary passport inspection by countries around the world to detect those who travel on fraudulent documents.

The United States should continue its efforts to encourage countries to not only produce and issue secure travel documents, such as e-passports, but also, to establish a daily, automatic means of reporting lost and stolen passports to INTERPOL. Both of these measures are requirements of the U.S. VWP because they close gaps exploited by terrorists and other mala fide travelers. Indeed, the Iroquois themselves recognize the benefits of more secure documents, having nearly completed a transition to a new generation of passports.

Posted in Aviation and airport security, Border Security, Immigration & Visa Policy, Intelligence, International, Law Enforcement, Science & Technology, counterterrorism | Comments

GAO says TSA May Miss Air Cargo Screening Mandate

Friday, July 16th, 2010

The Government Accountability Office (GAO) recently released its review of the Transportation Security Administration’s Air Cargo Screening program. The report, requested by several members of Congress, audits the TSA’s program for achieving the Congressional mandate to screen 100 percent of all cargo carried on passenger aircraft by August 2010. For anyone in the business or closely following the issue, the report offers no surprises. (For those unfamiliar with this security challenge, check out the roundtable discussion on air cargo screening that I moderated in May.) If anything, the report illuminates the major hurdles TSA continues to face in achieving the 100 percent screening threshold.

What the report doesn’t do – what it wasn’t intended to do – is determine whether TSA’s program to screen all air cargo improves security. Assuming that the directive to screen every single piece of cargo improves aviation security may be a misplaced assumption.

What the report doesn’t conclude may be more illustrative of the problem with our government’s attitude towards homeland security. A more instructive use of the time and resources that went into generating this report would have been for the GAO to audit the quality of the nation’s air cargo screening program.

One way to accomplish this would be to start with a risk assessment – threat, vulnerability and consequence. Indentifying the weaknesses in the existing process for sending freight by air on passenger aircraft would instruct TSA where to focus its resources. It would also ensure that any weaknesses could be strengthened. And it could also help to develop objective metrics to test the security measures’ effectiveness.

Of course, the law is the law, and GAO’s audit merely considered whether TSA would meet the mandate. Not surprisingly, TSA most likely will not meet the mandate. And even if it does, there are still problems with key areas of the program, like the certification of screening technology, the authenticity of the methodology for calculating the percentage of cargo screened, and the screening of cargo coming from outside the United States.

The report found that TSA’s voluntary Certified Cargo Screening Program (CCSP) has failed to attract most of the shippers that would benefit from participation. The CCSP isn’t well populated and participation levels aren’t what they should be to inoculate the industry against more invasive and harmful regulations. A strong showing by shippers over the next several months will be needed to provide evidence that the industry is serious about achieving the mandate.

The report certainly hits on all the areas where TSA needs to make improvements to satisfy the law. Overall, this is instructive for complying with the law. Whether each of these efforts reduces the risk of passenger’s being harmed is uncertain.

Posted in Aviation and airport security, Congress, Politics & PR, Homeland Security Industry & Private Sector, International, Management & Administration, Supply Chain Security, Transportation Security, counterterrorism | Comments

Va. Man on No-Fly List Can Return Home from Egypt

Friday, July 16th, 2010

Va. Man on No-Fly List Can Return Home from Egypt – Tickle the Wire

A Virginia man who had been in no-fly list hell for months will now be allowed to return to the U.S., the Associated Press reported.

Yahya Wehelie spent 18 months in Yemen. In May, he was heading home to Virginia and was changing planes in Cairo when the FBI stopped him and told him he was on the no-fly list. He was then stuck in Egypt.

The New York Times had reported that the FBI wanted to question him about his contact with an American in Yemen accused of hooking up with al Qaeda and fatally shooting a hospital guard. He and his parents said at the time eh wanted to come home and finish his education and get a job. They also said he hated al Qaeda.

Posted in Aviation and airport security, Border Security, Immigration & Visa Policy, Intelligence, International, Law Enforcement, Management & Administration, counterterrorism | Comments

Nine States File Legal Briefs Declaring Support of Arizona Constitutional Authority

Friday, July 16th, 2010

Nine States File Legal Briefs Declaring Support of Arizona Constitutional Authority – Blogs for Borders

States have the authority to enforce immigration laws and protect their borders, Michigan Attorney General Mike Cox said Wednesday in a legal brief on behalf of nine states supporting Arizona’s immigration law.

Cox, one of five Republicans running for Michigan governor, said Michigan is the lead state backing Arizona in federal court and is joined by Alabama, Florida, Nebraska, Pennsylvania, South Carolina, South Dakota, Texas and Virginia, as well as the Northern Mariana Islands.

The Arizona law, set to take effect July 29, directs officers to question people about their immigration status during the enforcement of other laws such as traffic stops and if there’s a reasonable suspicion they’re in the U.S. illegally.

President Barack Obama’s administration recently filed suit in federal court to block it, arguing immigration is a federal issue. The law’s backers say Congress isn’t doing anything meaningful about illegal immigration, so it’s the state’s duty to step up.

Posted in Border Security, Congress, Politics & PR, Homeland State & Local, Immigration & Visa Policy, International, Law Enforcement, Management & Administration | Comments

Word to the Wise On Terrorism and Counterterrorism in Africa

Wednesday, July 14th, 2010

Terrorism in Africa, like all questions of strategy and of strategic consideration, is context specific – to time, space, actors and events. Generalizations of terrorism in Africa, past and present, are most unwise and unhelpful. Countering terrorist threats in Africa requires a deep understanding of Africa – from subregion to subregion, country to country, and small folk community to small folk community. Thus, as I teach my students, understanding terrorism and counterterrorism in Africa requires knowledge of Africa, first and foremost. Policymakers would be wise to follow suit.

For the past two years, I have taught a senior seminar to upper division undergraduate and graduate students called “Terrorism in Africa.” Three years prior, before the announcement of the formation of U.S. Africa Command, I was hired to be the Africa desk officer for an intelligence and terrorism analysis team working for the U.S. Government. To say that I have an interest in what transpired this past weekend in the Ethiopian Village restaurant and the Kyadondo Rugby Club in Kampala, Uganda, would be an understatement, to say the least.

The near-simultaneous attacks (approximately ten minutes apart in two different Kampala neighborhoods, Kabalagala and Lugogo) against civilians watching the World Cup finals match between Spain and the Netherlands herald a qualitative advance in the capabilities of the Somalia-based terrorist organization al Shabaab, which has claimed allegiance to Osama bin Laden and credit for these attacks. But before we begin worrying about future terrorist attacks in Africa and shifting our resources (diplomatic, intelligence, military and economic) to the next so-called battleground against al Qaeda, it is prudent to consider what terrorism is in Africa and what is needed to counter it.

Historical and geographic factors impinge directly on the meanings of terrorism in Africa. Do Africans consider immediately what occurred in Kampala on July 11 acts of terrorism? The question is more difficult to answer for Africans than for non-Africans. Uganda, the source of the Nile River, has been intimately linked to events in neighboring Kenya and, therefore, Somalia.

During the reign of its three leaders since independence, it has faced interstate and intrastate war, civil strife, and insurgency. To pundits who are speaking and writing today about the recent attacks in Kampala, the rationale for the attacks is the participation of the Ugandan People’s Defence Forces in the African Union Mission in Somalia. In short, this is pay-back from al Shabaab for meddling in the affairs of Somalis, and Burundi may be next.

Stepping back from such insightful analysis, however, we must recognize that terrorism and political violence motivated by Islam has and has not been called terrorism by Africans. In fact, this bears out in the history of Uganda itself: in late June 1976, Palestinian terrorists hijacked an Air France plane with Israeli passengers and received safe haven at Entebbe Airport by then dictator of Uganda, Idi Amin. Does this mean that Ugandans have sympathy for terrorists motivated by an extremist interpretation of Islam? Most likely, not. But to answer the question properly, we must develop a thorough understanding of the geography and politics of Uganda. Furthermore, the future terrorist threat of al Shabaab speaks to the heart of the failed Somali nation-state, policy solutions to which require understanding the geography and politics of Somalia. Word to the wise: to counter terrorism in Africa, understand Africa.

Posted in Intelligence, International, Radicalization, counterterrorism | Comments

The Value of Aspen

Friday, July 9th, 2010

As we continue to swelter in the ongoing summer heat wave, it is easy for me to reminisce about my recent visit to Aspen, Colo. Tucked amongst the Rockies with its clean air, fervent green and majestic views, a town known primarily for its skiing with the rich and famous was home to what was, simply put, the best conference program I have ever attended.

The first annual Aspen Security Forum put forward a program that I can only describe as pleasant, informational waterboarding. By the time each of the presenters and panelists were done, my hand was dead from writing so much and my head hurt from being given the firehouse treatment of a candor and content overload.

With a venerable “who’s who” of notable names in the national security arena attending the two and a half day program, attendees had the opportunity to hear first-hand from the men and women who have served or continue to serve in some of the most demanding positions in the world. It was literally very hard to turn around and not see a face that you did not recognize from some recent event or news program, sharing insights on our country’s national and homeland security challenges.

While the presented content was outstanding, the best part about the entire program was that the overwhelming majority of notable speakers and presenters made themselves available to engage with the attendees. All too often, speakers rush in, deliver their canned pitch, say thanks to the crowd and are whisked away by their aides to get back to the office, leaving actual human contact an afterthought. To have the many distinguished speakers stick around and engage in that lost art-form of “CONVERSATION” was an absolute pleasure.

Hosted by Clark Ervin and the Aspen Institute, this was the first time they had put on a program with this particular focus. You can call it beginner’s luck if you want, but they put together a top notch effort that literally became a “must attend” for anyone who is interested in national and homeland security issues. Fortunately, for those who weren’t able to attend the program, it was taped for later broadcast by C-Span, hopefully sometime this summer. I have to tell you, there is a significant portion of C-Span’s programming that can cure insomnia, but when they broadcast the presenters and panels from the Aspen Security Forum, it will be as NBC used to call it, “Must See TV!”

To understand why I write that, here’s a rundown of some sessions (with video hyperlinks):

Adm. Mike Mullen, Chairman of the Joint Chiefs of Staff

When your opening speaker travels all the way from Kabul to Tel Aviv to Aspen to take part in the program, it’s a pretty good indicator that the organizers are up to something big. That was especially true with Adm. Mullen. Coming off a week where Gen. McChrystal was taken out by a large Rolling Stone and replaced by Gen. Petraeus, and then traveling to Afghanistan and Israel to assuage any fears and concerns they may have about the big changes, Mullen made news by essentially not making news. While his comments about the state of the nation’s counter insurgency policy dovetailed those of the White House’s, the plainspoken manner in which they were delivered conveyed the gravity of the situation our military forces are faced with in Afghanistan. His comments about Iran’s nuclear ambitions – “They’ve given us no reason to trust them” – also spoke volumes about what few measures the Administration has left at its disposal in dealing with them.

Aviation Security Panel

There is probably no other facet of the post-9/11 world that Americans gripe about more than dealing with aviation security, but as the CEO of the Air Transport Association (ATA), Jim May, said, “What’s your alternative?” Joined by Erroll Southers of USC’s CREATE Program (and the first Obama Administration nominee to lead TSA) and Christopher Bidwell of the Airport Council International, this panel laid on the table the very real threats and frustrations that accompany this portion of the security environment. One of the most interesting things discussed was the use of full-body imaging devices by airports to screen passengers. While recognizing the civil rights and privacy concerns that people have about them, Jim May of ATA shared that he thought they should be mandatory. When it came to addressing the Government Accountability Office’s recently issued criticisms of TSA’s Behavioral Detection efforts, May and the other panelists pointed out that this program was part of many layers of security, and there was no one-size-fits-all solution or silver bullet that would reduce the aviation risks faced today.

Fran Townsend, former Homeland Security Advisor to President Bush

There are many things that have been written and said about Fran Townsend, the former Homeland Security Advisor to President Bush (43), but the word “shy” is not one that would be used to describe her. The only thing that could possibly surpass the candor of her public comments when she was working as a government employee was her candor in being a former government employee. With no holds barred, Townsend explained that, “We have a reason to expect we can connect the dots this time” given all of the post 9/11 work that has been done.

In a more than hour-long conversation with Walter Isaccson, the CEO of the Aspen Institute, and the Security Forum audience, Townsend pounded on the fact that much still needs to be done to improve information sharing amongst intelligence and law enforcement agencies across the board. Her declaration that there still needed to be a senior level official or “Cabinet Agency,” but “not a czar,” to “pound these government agencies into submission to do information sharing.” Her proposal that an NGO, public-private partnership, rather than a solely government-led approach to address the growing cyber security risks, was also interesting.

Bill Bratton, former Chief, Los Angeles Police Department

Dubbed by many media outlets as “America’s Top Cop” for having led the police departments of Boston, New York City and Los Angeles, I think Bill Bratton surprised everyone at the program when he explained how the terror attacks in Mumbai, India caused him to change the entire structure of the LAPD. His interview with CNN’s Jeanne Meserve detailed how 60 days after those attacks, he was able to transform his police department with new training, exercises and more. The relatively simply trained Mumbai terrorists were not interested in holding hostages; in fact, they were using so-called negotiations to buy time to kill more people. This showed Bratton that he had to change how his department was positioned to respond to a similar event, should it occur in Los Angeles.

Michael Leiter, Director of the National Counter Terrorism Center

For a man that much of Washington thought would have his head handed to him following the failed information sharing efforts surrounding the failed Christmas Day attack, Michael Leiter, the Director of the National Counter Terrorism Center (NCTC), displayed all of the skill and confidence that make him one of a few Bush Administration appointees to successfully transition into the Obama Administration. His description of his job, his work with the President to report on the range of threats to the country and how he thinks information sharing needs to work made this particular presentation one of the most revealing and compelling of the entire program. Interviewed by Michael Isikoff, a former Newsweek reporter and now Chief Investigative Correspondent for NBC News, ended up producing some great back and forth between the two men that was as revealing as it was humorous. This session again explained more about Leiter’s job and the mission of the NCTC than any government report or Congressional hearing to date.

Border Security Panel

Despite the countless GAO and IG reports and the many hearings before the U.S. House and Senate, there was no better overview of America’s border security than a panel made up of:

Bob Mocny, Director of DHS’ US VISIT Program;
Mark Borkowski, Director of CBP’s Secure Border Initiative (SBI); and
Steve Oswald, Vice President of Boeing.

These three gentlemen described what worked, what didn’t, what could be better and what the future may look like on programs that have regularly been making news for years. In presenting the details of these newsworthy programs, they did so with none of the drama or hysterics that are so often associated with the Congressional hearings that have exhaustively covered the respective programs. What each of them said frankly offered more substantive insight than any of the previous Congressional hearings have produced to date. That was an observation made not just by the conference attendees but also by the first-tier media, congressional staff and others who have observed each of these respective programs closely. Truth be told, if you want to know what is really happening with US VISIT and the Secure Border Initiative (minus the belligerent questions and political posturing), spending 90 minutes watching this panel when it is aired on C-Span will be time well spent.

Attending News Media

As I mentioned, the conference was a literal “who’s who” of notable current and former national and homeland security leaders, and the same could be said for the attending members of the media. With CNN’s Jeanne Meserve, Fox News’ Catherine Herridge, the Washington Post’s Spencer Hsu, Newsweek’s/NBC News’ Michael Isikoff, and more, it seemed as if there was a representative from every major news outlet, print and broadcast media in attendance. While many of them were there to serve as session/panel moderators for the various parts of the program, the entire forum was a reservoir of information for them on today’s security concerns and a background on the actions of the past. It was also a treasure trove for journalists in developing future sources for national and homeland security news stories.

Michael Chertoff, former Secretary of Homeland Security

After consecutive 12-hour days of literally (albeit pleasantly) waterboarding attendees with tons of substantive content, it’s hard to figure out how to end a program such as that in Aspen, but they picked a great closer in former DHS Secretary Chertoff. Whether it was the fact that he’s been out of office for almost a year and half and doesn’t have to worry about a 2 AM phone call from National Operations Center about someone doing something vile to the homeland, Chertoff’s candor and demeanor crystallized for everyone the seriousness of the threats we face while also assuring we should continue to go about our regular lives. As one of the very few “senior statesmen” on homeland issues that we have in this country, his conversation with Fox News’ Catherine Herridge conveyed the balance that we need to have when planning for and operating against the range of risks we face.

A wondering disappointment

I can say without doubt that I loved every moment at the Aspen Institute, but I can’t sign off without discussing the one disappointment that I and many others had in the presentation by DHS Deputy Secretary, Jane Holl Lute. Whether it was her discomfort at the conversational interview format led by CNN’s Jeanne Meserve, her fear in the week after the McChrystal debacle, not wanting to say anything to cause problems for herself or the Administration, or the fact that maybe she was having a bad day, her presentation left the overwhelming majority of attendees scratching their heads in wonder as to the real story at the Department.

All of the questions that were asked by Meserve were fair and nothing was out of the ordinary, but Lute’s responses were defensive, sometimes evasive and could have been dramatically better. Time and time again in her hour long session there were questions to which she could have responded with hard and fast examples of the Department’s accomplishments. Instead, she offered simplistic, almost apple-pie like anecdotal responses that left the audience wondering why she wouldn’t answer the most basic of questions.

When she stated, “the [U.S.] border has never been more secure,” and offered no facts to prove that statement, portions of the audience looked around at one another in shock while others openly chortled at the declaration.

When it came time for Q&A with the audience, the tenor of her responses seemed to be even more defensive. When Michael Isikoff asked her about her statement on the border’s security and her metrics to prove that it had never been more secure, Lute seemed to bristle at the question. She firmly retorted, “The Secretary has been very clear on what those metrics are,” and effectively cut him off.

Lute’s response referred to the speech Secretary Napolitano delivered at CSIS the week before, when she declared, “the U.S. border has never been more secure…but there is more work to be done” and that “no one is satisfied with the status quo.”

In that speech, Secretary Napolitano detailed a series of metrics to back up her statement, but none of those were shared by Lute with Isikoff or the observing audience. In speaking with Isikoff and some of the other attendees after her remarks, none of them were aware of the CSIS speech and the metrics behind the powerful declaration. To the credit of the Department, Bob Mocny and Mark Borkowski did an exceptional job during their joint appearance on the Border Security panel explaining why DHS leadership is stating things have improved on the border.

It is certainly a debatable point to make a declaration like the Secretary and the Deputy Secretary have made in recent forums about border security. When you back it up with information and facts, it provides some measure of credibility and fosters informed debate. When you state it and don’t want to defend it with facts, it leaves people wondering why you would state something like that and not be able to prove it. After her appearance in Aspen, a lot of people were left wondering about the Deputy Secretary, and after viewing her session either on-line or on C-Span, I expect there will be a lot more.

Final thoughts

All of our time is valuable, and God knows we don’t have enough of it, but if you can set your DVRs to record the Aspen Security Forum or go to the Aspen Institute webpage and download panels for your Ipod/MP3 player – DO IT. Think of each of the respective sessions as graduate level courses shared by esteemed faculty who have the real life scar tissue and experiences to tell you what happened and what we can all do better. If you do, I’m confident you will walk away from each session with a lot more knowledge and a bit of a mild headache too. That’s what pleasant informational waterboarding will do to you, but I have to say, it is much more enjoyable amongst the mountains and beautiful vistas of Aspen.

Posted in Aviation and airport security, Border Security, Congress, Politics & PR, Critical Infrastructure, Cyber Security, Homeland Security & the Internet; Gov't 2.0, Homeland Security Industry & Private Sector, Ideology & Public Diplomacy, Immigration & Visa Policy, Intelligence, International, Law Enforcement, Management & Administration, Military & Homeland Defense, Private and Physical Security, Science & Technology, Supply Chain Security, Terror Finance, Terror Strategic Analysis, Transportation Security, WMD, Chemical & Biological, counterterrorism | Comments

International Criminal Information Sharing

Wednesday, July 7th, 2010

A brief June 25 Washington Post article reports that Homeland Security Secretary Napolitano and Salvadoran Foreign Minister Martinez have agreed to share criminal information about deportees. The article goes on to note that the United States has a similar agreement in place with Mexico. DHS should be congratulated for this and other innovative agreements to share information to combat serious crime, especially serious transnational crime such as trafficking and smuggling.

In fact, over the past years more than a dozen agreements to share information about criminals have been signed with our Visa Waiver Program (VWP) partners. Known as Preventing and Combating Serious Crime (PCSC), these agreements stem from the more robust VWP information sharing requirements mandated by the 9/11 Act.

A PCSC agreement provides for the reciprocal exchange of biometric and biographic data and any relevant underlying information for law enforcement purposes. It works like this: The parties provide each other automated access to their fingerprint (and potentially DNA databases) on a hit/no hit basis. Each party can query the other’s database and, if a match is found, can request identity and other information about the individual through established, informal police-to-police channels. The parties may also “spontaneously” share terrorism or criminal information with each other, even without a query being made. This spontaneous or voluntary sharing may occur on a case-by-case basis or in bulk and may be used for criminal investigations, for preventing a serious threat to public security, and for other related uses. The PCSC contains extensive provisions designed to ensure that the data is protected from any unlawful release and that data will be swiftly corrected or deleted at the request of the party that originated and owns the data.

DHS and the Department of Justice lead PCSC negotiations for the U.S. government. Most recently, PCSCs have been signed with Finland, Spain, Portugal, Italy and Greece. Additional signatories include Germany, the Czech Republic and South Korea.

Although more agreements are on the way, significant work remains to be done to complete bilateral agreements with each VWP country in accordance with the 9/11 Act. A few countries have resisted the VWP’s core information-sharing requirements due to domestic political concerns or by citing restrictive privacy laws. DHS has continued its efforts to find common ground, and while no country has yet arrived at the point of outright non-compliance, several appear to be heading in that direction. It is therefore imperative for DHS—supported by the Departments of State and Justice—to continue to communicate a firm message on the necessity of timely compliance and clearly signal the costs of backward movement to VWP participants.

It is equally important that DHS be clear and consistent regarding the potential consequences of a failure to comply with the requirements, up to and including termination from the program. This method proved to be a successful approach for previous security enhancements to the VWP, such as mandating the adoption of electronic passports for VWP travel.

If a VWP participant continues to prove unwilling to comply with statutory standards, DHS would be forced to consider suspension or termination of that country from the program until the legal requirements are met. While necessity of suspending or terminating VWP countries from the program in the event of noncompliance is clear, the diplomatic, political and economic consequences of such a decision could be far-reaching. Even so, the Department’s relationship with Congress, which has demonstrated a strong interest in the VWP, as well as the broader goals of securing our borders and enforcing our immigration laws, depend on holding VWP members to these high standards in a timely manner.

Posted in Featured Feed, Immigration & Visa Policy, Intelligence, International, Law Enforcement, counterterrorism | Comments

NASA’s Mission to Muslims

Tuesday, July 6th, 2010

Having worked as a NASA contractor and as an employee, I like to think there is not much that happens at America’s Space Agency that doesn’t surprise me. I was wrong. The recent Al Jazeera interview with NASA Administrator Charles Bolden had me staring into my Blackberry screen to make sure it was not another hilarious out-take by The Onion. Unfortunately, it wasn’t and, even the editors of The Onion had to be wondering, “Why is this guy encroaching into our turf?”

In the interview, Administrator Bolden shared that President Obama directed him to do three things:

“”One was he wanted me to help re-inspire children to want to get into science and math, he wanted me to expand our international relationships, and third, and perhaps foremost, he wanted me to find a way to reach out to the Muslim world and engage much more with dominantly Muslim nations to help them feel good about their historic contribution to science … and math and engineering.”

Like any die hard space enthusiast, I am fully committed to boldly go where no one has gone before, but I never thought that meant catering to one ideology or theology.

Despite the dramatic competition that was the space race to the moon in the 1960s, the human adventure in space has been one of the most transformational and compelling actions we have ever had. Every continent, country and people could take pride in some form of study of the stars, but to select one particular people and their religion and work “to help them feel good about their historic contribution to science… and math and engineering” is political pandering in the worst way.

For all of the good intentions that may be in the President’s direction and Administrator Bolden’s heart for wanting Muslims “to feel good,” I’m more than certain that people of the Muslim religion are perfectly capable of feeling plenty of pride in their accomplishments in science, engineering, mathematics and so forth without the help of a U.S. government official.

If you want people to feel good, respect them – don’t pander to them. People, no matter their religion or ideology are smart enough to realize when you respect them and when you are needlessly sucking up. No amount of pandering (and that’s what it is) by a senior Administration official is going to restore or improve the standing of America in the eyes of the Muslim world.

Having had the pleasure of working at NASA for many years, I can attest to the fact that if you wanted to feel good it was exceeding your requirements; doing the research and hard science; executing your mission and sharing the lessons learned with those who wanted to learn more about our universe as well. Those were (and remain) daily actions completed by Christians, Jews, Muslims and people of other religions (or no religions) that were proudly part of the NASA team. Nowhere in any of those actions did it include pandering to any particular people or their faith. Adopting it as one of the “foremost” missions of the Agency is to boldly go where we don’t belong.

Posted in Aviation and airport security, Ideology & Public Diplomacy, International, Management & Administration, counterterrorism | Comments

Cyber Criminals May be Talented but they are not Superhuman

Tuesday, June 29th, 2010

Even the bad guys have vulnerabilities. It is perhaps poetic that many of the “successful” cyber criminals can be and are being hacked in the same ways they attack their legitimate targets. We tend to attribute near god-like cyber powers to these miscreants, when in reality, they write into their software the same kind of weaknesses that they are so good at exploiting.

At the SyScan 2010 Security Conference in Singapore, Laurent Oudot of Tehtri Security made exactly this point. His brief demonstrated the numerous exploitable flaws in the hacker kits available on the Web. He showed 13 unpatched vulnerabilities in some of the most widely purchased and used kits.

Additionally, Billy Rios of Google gave a similar presentation at the New York State Cyber Conference. Rios, a former U.S. Marine Corps officer and security expert walked the audience through breaking the security of a botnet software kit that would allow the user to either create bots or go after them. The bad guys need to read their own products.

On the other side, one wonders why law enforcement is not doing more “reverse hacking.” Hackers turned white hats should be recruited to attack botnet controllers and malware distribution systems through their own vulnerabilities. In the same way cops “sting” drug dealers, unscrupulous government officials, and other criminals, they should be attacking cyber criminals.

As long as we let cyber crime grow and prosper, they will become increasingly bold. My concern is the increasing likelihood that the most capable cyber criminal networks will connect with terrorist organizations. The lure of hard cash will not be turned down by the Cyber Organized Crime Underworld when offered, regardless of the source. They have large chinks in their armor, and they should be exploited now. If we continue to give the criminals a pass, and do not begin to retaliate, they will become a national security threat. Then it might be too late.

Posted in Critical Infrastructure, Cyber Security, International, Law Enforcement, Science & Technology, counterterrorism | Comments

Pakistani court convicts, sentences 5 American for terrorism

Thursday, June 24th, 2010

Pakistani court convicts, sentences 5 American for terrorism – Homeland Security Newswire

Five American men were convicted earlier today (Thursday, 24 June) on terror charges by a Pakistani court and sentenced to ten years in prison in a case that has heightened concerns about Westerners traveling to Pakistan to contact al Qaeda and other Islamist extremist groups.

AP reports that the trial of the young Muslim men, all of them from northern Virginia suburbs of Washington, D.C., was sensitive for the United States, which has a duty to ensure justice for its citizens abroad but also has pushed Pakistan to crack down on militancy.

The men were arrested in Pakistan in December after their families reported them missing. Prosecutors said e-mail records and witness statements proved they were plotting terror attacks in Pakistan and conspired to wage war against nations allied with it, a reference to Afghanistan, where the men were alleged to have been traveling.

Posted in Intelligence, International, Law Enforcement, Management & Administration, Radicalization, counterterrorism | Comments

Cyber Crime Continues to Grow Out of Control

Thursday, June 24th, 2010

A recent presentation by Special Agent Johnny Starrunner of the FBI at the NYS Cyber Conference in Albany was enlightening and frightening. To be honest, I have heard most of it before, but getting it all at once, from a front line guy fighting this war, drove it home. If we do not get hold of this threat, we are in deep trouble.

Cyber Crime comes in lots of flavors. It is diverse, sophisticated and expanding everyday. It includes Internet fraud, online banking fraud, a highly developed cyber underground, a growing number of targeted areas, and the “advanced persistent threat,” a term that until recently was classified.

It is almost impossible to accurately determine the “cost” of cyber crime. It is not just the dollars that must now be listed as losses but goes much wider. Reputations tarnished or destroyed are difficult to price. Additionally, many times we are dealing with unreported or under reported events. To give you at least an order of magnitude idea, the very conservative cost we know for the staggering 336,000 reported complaints in 2009 was $559.7 million – nearly double the numbers recorded in 2008. This does not include the loss of “pure” intellectual property, which is difficult to value accurately. Add that in and the numbers skyrocket.

Internet fraud (IF) is the best known form of cyber crime; it includes scams of all sorts. These have been tied to recent disasters (Haiti, tornados, the Gulf spill), electronic income taxes (give us your info, we’ll file for you), stimulus check collection and on line auctions – nearly anything that might convince the unwary to reveal personal information to the scammers. Many of these are crude but many are highly sophisticated and polished. Cyber criminals sometimes blast it out to anyone and everyone, but often, they are highly targeted and specific. The profit is potentially so big that the bad guys are highly motivated.

Online Banking Fraud (OBF) is more specific and aimed at bigger fish. These may start with attempts to steal individual information, but they are really desirous of stealing credentials, the higher the better, through malware or scams. They then use them for transactions all under $10,000 to keep it under the radar. They sometimes make false cards or simply do electronic transactions directly with the data. They can raise credit limits (it seems to be easier for them to do than for legitimate customers!), and then begin to transfer funds to “money mules.” These are individuals who work from home in online jobs. These folks then send the money on to overseas recipients. The main methods used to place malware for this sort of crime are the ZeuS Trojan, Clampi, and Bugat Trojan, according to Starrunner.

The Cyber Underground began as a completely decentralized activity but now operates like a corporation; it is transnational, very efficient and very evolved. They have huge numbers of the most talented cyber practitioners in the world working for them everyday. The compensation is lucrative, and the crime is relatively safe. They also reach out to unskilled folks and recruit them into the market. They use them for various low-level tasks, and test them to see if they have skills worth developing.

The underground is agile and adaptable. They move fast, and once a vulnerability is identified, within days they can pull off huge operations. They find an opening, develop the exploit that will allow them to grab as much useful data as possible in a short period, emplace it, and use it to extract the information they need. They use this to makes false cards, often with elevated account limits, then use them to pull lots of money out in near simultaneous transactions in multiple cities (and/or countries) using mules world wide. The last step in the operation is for the mules to send on the profits (minus their agreed upon commission) to the underground.

Another speaker at the NYS Cyber Conference described an operation where the bad guys replaced the self check out machines in 67 stores of a major supermarket chain, and for weeks harvested all credit card data from customers who used the machines. There were five to seven machines in each store, times 67, times “weeks” – you do the math. It was quick, slick and targeted normal folks just trying to buy groceries.

The highly developed social structure of the underground includes:

Coders/programmers: write the malware
Techies: develop the way in
Hackers: actually break in
Vendors: sell the kits and products (true capitalist diversification)
Fraudsters: English speakers who write phishing e-mails or may even do calls.
Carders: make the fake cards and machines to do so
Cashers: convert the data to cash
Money mules/Reshippers: the bad guys move the money to them, and they send it on. They do the same with merchandise
Tellers: convert money to other currency

There are Carding Forums where the underground sells info, credit card data and other criminal assets. They have websites, tech support organizations, entire structures to ensure they squeeze as much profit out of the enterprise as possible. They are now expanding their targets to include targeting Medical Personal Info, Electronic Health Records (EHR), etc. These are used to blackmail people, to perpetrate insurance fraud and to extort insurance companies. The target for this sort of information theft is individuals, hospitals, HR Departments, Government Offices and insurance companies. As we move toward greater use of EHR’s, we can only expect this to grow.

Social networking sites are also huge target areas for the bad guys. They use the ever-growing popularity of the sites (millions of participants) as vehicles for spam, to post fake adverts to launch malware, to harvest personal data to build a profile and figure out answers to “change your password questions.” These are subsequently used to hack you and go after all your friends next.

The really dangerous enemies use what is now referred to as the Advanced Persistent Threat (APT). This is a high level, extremely sophisticated class of threat that for now seems to be confined to nation-state intelligence organizations. How long it will remain in that area is unknown. These threats place long term leave behinds in order to steal information – IP, National security secrets, and other valuable info (they are after personal data). Their methodology is as follows:

Recon and find the vulnerabilities;
Execute the network intrusion;
Obtain user credentials (they work this until they can get administrator level);
Establish backdoors to enable multiple return capabilities;
Install multiple utilities;
Data Extraction is their goal, for the long term, but may also include potentially damaging booby traps for future use; and
Resilience (They will actually “clean up” the network of other maleware to ensure theirs works well).

APT’s will target the government and military, cleared Defense contractors, and lucrative Private Industry concerns (pharmaceutical, energy, high tech).

In short, this problem must be addressed, and it must be now. The bad guys are getting better at this, and law enforcement needs help. This is no longer a purely “criminal” activity but quickly shades into national security. There must be more cooperation, and it must be soon.

Posted in Critical Infrastructure, Cyber Security, Homeland Security & the Internet; Gov't 2.0, International, Law Enforcement, Management & Administration, Science & Technology, counterterrorism | Comments

A Victory in the War on Terrorism

Thursday, June 24th, 2010

The Supreme Court decision this week defining and clarifying “material support” as it relates to aid to designated terrorist organizations is a huge victory in this continuing war. In a 6 to 3 decision, the Court rejected a First Amendment challenge from humanitarian aid groups claiming the support is intended to move the terrorist groups toward peaceful and legal activities. The Court ruled that such support was illegal even if its intention was to support “non-violent” elements within such terrorist organizations.

The humanitarian aid groups were challenging provisions that “talking to terrorist organizations about non-violent activities” was material support as defined by the State Department. State Department designation as a “terrorist organization” bars material support from money to technical know-how to legal advice.

The decision strengthens an important weapon against terrorism that in lower courts has been challenged as vague and unconstitutional. It has been used by the Federal government on about 150 occasions since 9/11 resulting in convictions in half of the cases.

It reminds all of us as to what these terrorist organizations represent and does not lend legitimacy to their activities. It makes no distinction between the “moderate” and “radical” elements of these organizations but treats them as to who they are – terrorists.

Posted in International, Management & Administration, Terror Finance, counterterrorism | Comments

Police chief: Cartels threaten U.S. law enforcement in Arizona

Tuesday, June 22nd, 2010

Police chief: Cartels threaten U.S. law enforcement in Arizona – Homeland Security Newswire

We reported two months ago that there is a new twist in the on going war along the U.S.-Mexico border: Mexican smugglers now use “cloned” Border Patrol vehicles to smuggle drugs into the United States. There is an added danger here, as Mexican drug cartels have launched an assassination campaign against U.S. law enforcement personnel along the border; driving a Border Patrol look-alike vehicle allows the assailants to get closer to their targets without arousing suspicion (“Mexican smugglers clone Border Patrol vehicles to evade detection,” 12 April 2010 HSNW).

Speculation about death threats by Mexican drug cartels toward U.S. law enforcement has been widespread for some time, but this is the first time U.S. officials along the border confirmed a case.

CNN’s Nick Valencia reports that the threats began less than two weeks ago, after off-duty police officers from the Nogales police department seized several hundred pounds of marijuana from a drug smuggling operation they stumbled upon while horseback riding in the eastern fringes of Nogales, the chief said. The smugglers in the incident managed to flee into Mexico before they could be detained, Nogales Police Chief Jeffrey Kirkham told CNN.

Posted in Border Security, Homeland State & Local, Immigration & Visa Policy, International, Law Enforcement, Military & Homeland Defense, Narcotics, Smuggling, counterterrorism | Comments