---

---

Defeating Internet Terrorists

The Internet has become the “seductive hypermedia” for radical Islamic terrorists, with official and unofficial Web sites, forums and chatrooms that appeal to supporters worldwide. Most Web sites are intended to advance a group’s propaganda to increase their supporting audience, while some have operational intentions. But how do we defeat such terrorism in cyberspace?

Well worth your time, and that’s all I’ve got to say about that.

Hope for (Better) Oversight

This gem from Secrecy News is encouraging:

A bill introduced by Congressional Democrats would empower the Government Accountability Office GAO) to perform financial audits and other oversight of U.S. intelligence agencies, a function that those agencies have long resisted.

“Since 9/11, effective [intelligence] oversight is needed now more than ever,” said Sen. Daniel Akaka (D-HI) in a September 28 floor statement.

“However, now the Congress cannot do its job properly, in part, because its key investigative arm, the Government Accountability Office, is not given adequate access to the intelligence community.”

Normally I’m not a big fan of Akaka-sponsored legislation, but this makes up for a lot. Oversight committees have a tough job and the relative handful of staff they have cannot possibly hope to keep up with all tasks that need attention. They may have backgrounds in the field, but they’re not diggers and rooters like GAO investigators are. Being able to turn the GAO loose onto the IC would shine some much needed light on the machinations of self-serving mandarins and their precious rice-bowls. For everyone on the job who has stood in wonder of those who have abandonded any pretense about mission accomplishment in their quest for self-aggrandizement, this is most welcome news.

DOE Polys: Smart, Very Smart

Via Secrecy News

After years of public controversy, the Department of Energy has adopted a new polygraph testing policy that it said “will significantly reduce the number of individuals who will undergo a polygraph examination.”

In particular, “DOE has decided to alter the role of polygraph testing as a required element of the counterintelligence evaluation program by eliminating such testing for general screening of applicants for employment and incumbent employees without specific cause,” according to a notice published in the Federal Register.

Now, to get the point across Community-wide.  I’ve passed plenty, but I know plenty who have not. No good reason other than they didn’t respond well to the voodoo box (proof: excellent performance and no CI concerns raised by their employment at other sensitive places that didn’t require getting probed).

HLS: Confused?

The U.S. Department of Energy still hasn’t done enough to strengthen its cybersecurity protections, exposing critical systems to compromise and putting data at risk, according to a report issued last month by the agency’s inspector general.

In his annual report on the status of the agency’s cybersecurity efforts, Inspector General Gregory Friedman did note that the DOE has taken some steps to strengthen its security processes. However, the audit also found that key vulnerabilities persist, including some that the inspector general’s office and a congressional committee have highlighted in the past.

The agency has received failing grades for its cyber­security efforts in each of the past five years in a report card issued by the House Committee on Government Reform and its chairman, Rep. Tom Davis (R-Va.). Only the U.S. Department of Agriculture has had a record as bad as the DOE’s over the past five years, as noted by the committee.

This is a curious story given the sophisticated work the labs do in this realm and the apparent high demand foreign powers have for DOE data. It would seem that there is a left-hand/right-hand issue playing out because were they talking to each other DOE would be one of the few if not the only government entities that scored an “A” on congressional scorecards.

Maybe a little less persecution of staff a little more internal sharing . . .

Tooting the Horn

For a goodly portion of my time in the IC I focused on the technical threats posed by various actors and emerging technologies. While I’ll win no prizes for elegant computer code I like to keep active in the field. Various competing demands force me to stick to writing about pertinent issues and my latest ramblings can be found in the inaugural issue of the Cyber Conflict Studies Association Journal (PDF).

I’d like to think it is somewhat provocative and it is as funny as I could make it and still get it published in a serious medium. For those who think it unrealistic, take note: I’ve essentially sprinkled a little history and fleshed out the ideas put forth by a practitioner who described such a solution in giant air-quotes as as something that someone, somewhere, might have conteplated doing (wink, wink).

Now, to go convince clients I don’t plan on donning an eye patch any time soon . . .

PS: If you track these issues you should consider joining CCSA. It costs nothing but a little time and you get to hang with some talented and interesting people.

Irony with a capital "I"

Larger post in the works, still gathering data/thoughts. This gem is too good to wait though:

Shaffer still works as a civilian employee of the Defense Intelligence Agency and is seeking to have his security clearance restored, according to [his attorney] Zaid.

As an Army reservist, he’s assigned to the 9th Theater Support Command at Fort Belvoir, Va.

Shaffer is the command’s inspector general.

The (CT) Architect sounds off

Richard Clarke sounds off on the past, present and future. It starts out well enough:

FIVE years after the attacks of Sept. 11, 2001, three years after the 9/11 commission report, and just weeks before a national election, the issues of what happened before those attacks have resurfaced. Suddenly, we are again witnessing heated disputes about such insignificant issues as whether the Clinton administration prepared a draft “strategy” or, alternatively, “a series of required decisions” about Al Qaeda for the incoming Bush administration.

. . . and it closes well:

If we are going to defeat the enemy, we must learn again to discuss our differences about Iraq and terrorism in civil and analytical terms. We must reject the use of fear and terrorism to divide America for political advantage. And we must not let ourselves get trapped in pointless, partisan debates that result only in having the past obscure the future.

But in between is a mixed bag.

It is tough to take calls for a more analytical and less political approach to fighting the war from a guh who is so quick to repeat the “Iraq and the GWOT are separate” mantra. The pile of data that refutes the idea that Iraq wasn’t some naïve waif when it came to supporting terrorism is apparently some kind of distraction. 

He points out correctly that he was at a nexus of government intelligence activity, but then plays the “illegal wiretap” and “torture” cards, as if he is completely ignorant of the true capability, nature, and goals of both efforts. I am reminded of how colleagues and I used to laugh derisively over coffee after reading the then-cyber-terror-czar’s latest rant about the evils awaiting us online. Talk about scaring with hobgoblins.

Course adjustments are most assuredly in order, but waving a dismissive hand at the past is a sure-fire way to both whitewash ones own role in the current state of affairs and ensure that the mistakes of the past (honest though they may have been) will continue to be repeated in the future. He’s hit the target, but no where near the bulls eye.

« Previous Page