---

---

Analytical Approaches for Sensing Novel and Emerging Threats

We are proud to feature this new paper by John Sullivan:

Security and public safety agencies must address a range of current and emerging  threats. These range from conflicts, strategic crime, terrorism, disease and natural hazards, as well as the confluence of any or all occurring at a given point in time. A range of intelligence disciplines and agencies are needed to address these threats and various phases of operations (i.e., pre-, trans-, and post-event). Intelligence
fusion or the production of intelligence to anticipate and understand these complex threats is essential. This paper will provide an overview of the Transaction Analysis Model, Transaction Analysis Cycle, and Intelligence Preparation for Operations as ways to scan the horizon for indicators, monitor evolving threat potentials (i.e., alternative hypotheses), and forecast risk related to novel and emerging threats.
Warning intelligence, strategic foresight, operational net assessment, and the co- production of intelligence for interdisciplinary response will also be discussed.   Analytical Approaches for Sensing Novel and Emerging Threats (PDF Document)

Define “Bigger”

(cross-posted at Haft of the Spear)

I don’t get Insight Magazine so I don’t know the full story that goes along with this teaser:

The U.S. intelligence community has assessed that Osama bin Laden has benefited from a secure haven in Pakistan that allows him to plan a major attack on the U.S.

It took all of about an hour after this to hit the Web before various colleagues started to exchange thoughts on the matter, and like a well indoctrinated, NIC-conditioned drone I threw this wrench into the works:

“Define the term ‘bigger’. We’re assuming “bigger” means more spectacular in approach.”

The numerous weaknesses in airline security are well documented. The “security theater” that surrounds most supposed high-value targets/industries/infrastructure means there is less of a chance of a hijacking, but a bomb in the cargo hold – or a gas-filled tanker into city hall - is all too real an option. Hell, ratchet up the poop-to-lettuce ratio and you can send dozens of infidels to the hospital and probably kill a few too.

Bigger defined as more spectacular is an option, but the goal is terrorism, not something suitable for Broadway. As soon as airlines could fly after 9/11 people got on board; when the DC beltway snipers were loose everyone who had to leave their car was OJ Simpson (the Hertz version). There is no reason why the next grand plan might not originate farther down the amazing scale because simple works and if done close to home it hits close to home.

Consider these figures from data I borrowed from the Bookings Institution (PDF):

• IEDs have killed an average of 23 GIs/month since the start of the war.
• October of last year saw a peak of 52 troop deaths via IEDs.

The tactic varies, but generally speaking we’re talking about taking out 3-4 guys at a time in a HMMWV or on a dismounted patrol.

Now, add a little crude homeland-based math:

• A city bus in a major metro area at rush hour might hold 80 people.
• A light rail car might hold more than 100
• A vehicle-borne IED stopped in the middle of a traffic jam might take out a dozen or more people depending on the size of the vehicle and charge.

Coordinated to take place on the same day at the same time (London calling), cells in just the top ten US cities (let’s say a dozen-per – somewhere between the Miami 7 and Toronto 18) it is not inconceivable that a coordinated IED attack could kill significantly more innocents in the US than GIs in Iraq, and three times as many as those killed on 9/11 (80 bus passengers x 12 bombers x 10 cities = 9,600)

Is that “bigger” enough for UBL?

“Tanji, you’re just trying to justify this post.”

Possibly, but if the methodology of our adversary is violence-driven political/religious change, I can’t think of a better way to ride the recent domestic political wave than to focus my attention on the electorate.

Thoughts?

Posted by Mike Tanji

New Intel Sharing Paper

The Other Marshall Plan

I used to wax and wane about the need to purge national security functionaries, but I’ve stopped waning, as my latest commentary at ThreatsWatch indicates.

Define “Bigger”

(cross-posted at Haft of the Spear)

I don’t get Insight Magazine so I don’t know the full story that goes along with this teaser:

The U.S. intelligence community has assessed that Osama bin Laden has benefited from a secure haven in Pakistan that allows him to plan a major attack on the U.S.

It took all of about an hour after this to hit the Web before various colleagues started to exchange thoughts on the matter, and like a well indoctrinated, NIC-conditioned drone I threw this wrench into the works:

“Define the term ‘bigger’. We’re assuming “bigger” means more spectacular in approach.”

The numerous weaknesses in airline security are well documented. The “security theater” that surrounds most supposed high-value targets/industries/infrastructure means there is less of a chance of a hijacking, but a bomb in the cargo hold – or a gas-filled tanker into city hall - is all too real an option. Hell, ratchet up the poop-to-lettuce ratio and you can send dozens of infidels to the hospital and probably kill a few too.

Bigger defined as more spectacular is an option, but the goal is terrorism, not something suitable for Broadway. As soon as airlines could fly after 9/11 people got on board; when the DC beltway snipers were loose everyone who had to leave their car was OJ Simpson (the Hertz version). There is no reason why the next grand plan might not originate farther down the amazing scale because simple works and if done close to home it hits close to home.

Consider these figures from data I borrowed from the Bookings Institution (PDF):

• IEDs have killed an average of 23 GIs/month since the start of the war.
• October of last year saw a peak of 52 troop deaths via IEDs.

The tactic varies, but generally speaking we’re talking about taking out 3-4 guys at a time in a HMMWV or on a dismounted patrol.

Now, add a little crude homeland-based math:

• A city bus in a major metro area at rush hour might hold 80 people.
• A light rail car might hold more than 100
• A vehicle-borne IED stopped in the middle of a traffic jam might take out a dozen or more people depending on the size of the vehicle and charge.

Coordinated to take place on the same day at the same time (London calling), cells in just the top ten US cities (let’s say a dozen-per – somewhere between the Miami 7 and Toronto 18) it is not inconceivable that a coordinated IED attack could kill significantly more innocents in the US than GIs in Iraq, and three times as many as those killed on 9/11 (80 bus passengers x 12 bombers x 10 cities = 9,600)

Is that “bigger” enough for UBL?

“Tanji, you’re just trying to justify this post.”

Possibly, but if the methodology of our adversary is violence-driven political/religious change, I can’t think of a better way to ride the recent domestic political wave than to focus my attention on the electorate.

Thoughts?

Coalition of the Dastardly

(Cross posted to Haft of the Spear)

I engaged in several conversations about cyber threats this past week and each conversant repeated with certainty a lack of concern over a relationship between terrorists and mobsters in the virtual world. I’d like to think that an unholy alliance of that sort isn’t possible, but . . .

I don’t know that we’re ever going to see “cyber” placed in front of terrorism like “bio” or “nuclear” is today. Not that it won’t be possible, but as a wise man once said, “terrorists like a lot of people watching, not a lot of people dead.” Any T who is savvy enough to look at the Internet and related technologies as a weapons platform is also going to recognize that in the land of The Great Satan ™, more and more people are getting their information via online sources. Shut down the ‘Net and you drastically reduce the number of people watching (and as far as I know past localized outages failed to kill anyone).

The other big Internet boogie man is disruption, which can be a real pain in the rear, but not something people are going to panic over. It’s the war on terror, not the war on inconvenience. The economy would take a hard kick in the groin, but that virtual representation of your bank balance still translates into real money at some point. Now you’d just have to go and see a teller for it (how very 70s).

And money, speaking of which, is the nexus that some of my contemporaries seem to be missing. The reporting (public and private) is legion and it all points to one conclusion: a functioning ‘Net facilitates every non-kinetic terrorism-related activity. As I and others have pointed out, they can use it to recruit, spread propaganda, do pre-op planning, share TTP, and raise funds via legitimate or illegitimate means. That latter part is increasingly being controlled or facilitated (opinions vary) by organized crime.

Why is fund raising important? UBL isn’t cutting quarterly dividend checks to his franchisees. Running a global enterprise – even an illicit one – takes money. You need a lot of money, regularly, quickly, and you don’t care about Johnny Law then the answer is Willie Sutton obvious.

Is OC and AQ going to team up in some sort of bilateral team of super villains? To an extent I think the answer is “yes.”

You can nickel and dime your way to illicit wealth online, or you can make a modest investment and bring home some serious coin. That’s only going to happen if you cut a deal with the guys in shiny suits or “a friend of theirs.” Online crime networks are global, diverse (in the practical and political sense), sophisticated and very equal opportunity: they’ll deal with anyone who has the right data or l33t skillz. Ideologically speaking there is no real tie that would bind, but that whole “Sunis won’t deal with Shias” canard is rotting in the street and “conscience” and “mafiya” aren’t exactly terms that are heard together very often.

The question then becomes: can you help stop or hamstring terrorism by stopping or hindering organized crime (or more specifically online crime)? Again, to an extent the answer is “yes.”

We know what it takes to bust up OC rings, but the LCN of the 70s and 80s isn’t the Russian or Asian mobs of today; we might not be on as solid a tactical footing as we think. Since most of the activity we are trying to fight is carried out virtually and well outside the jurisdiction of US authorities, even if you infiltrate a gang, you will likely never meet face to face and facilitate an arrest (Oh no, look out Ivan, a strongly worded demarche!). Just the sheer scale of events has swamped our best law enforcement efforts; they have not been without success, but the little boy with his fingers in the dike had things well in hand for a while too.

Municipalities across the country are offering broadband wifi to their citizens, people are carrying more and more IP-enabled devices with PII that could be converted into cash, banks are starting to offer mobile-device-enabled banking (with requisite security issues unresolved): the aforementioned problems are only going to get worse. Even some of the more radical solutions (toot-toot) are likely to be limited in effectiveness. This is another non-kinetic way to help fight the war (Iraqi jobs program, IO programs, etc.) but is it worth pursuing? Is there a viable alternative?

More NIE Cherry Filling (Running Updates)

Love those tart cherries . . .

As predicted, it turns out that the recently leaked NIE isn’t exactly the scathing indictment of current war/counterterrorism efforts as certain elements would have you believe. In fact just a few snippets of the rest of the story paint a much more interesting picture. Amazing thing context.

Something no one seems to be talking about is the basis for claims about the terrorism problem allegedly getting worse. “Based on what?” is the question that should be asked. Reminds me of the day Rumsfeld’s snowflake came down asking about “metrics” related to our IO efforts. Everyone dutifully marched off to collect and cook numbers, but no one had the guts to say, “Ah, accurate metrics would require that we have baseline numbers collected before the war.” Funny thing math.

So, the real politicization of intelligence continues; pick the bits you like and leak them for a few bonus points during the news cycle and then hope that no one will call you on it.

Update: Leaks - they’re what’s for dinner! Will try to post as often as I can as things develop. Reportedly NIE Key Judgements are destined for release this afternoon. KJs are basically the “executive summary” of the larger report. Highly-distilled meta-view of the larger report.

Chocolate in My Peanut Butter

Cross posted at Haft of the Spear

As incoming Defense Secretary Robert M. Gates plots a fresh path through Iraq, he is also expected to chart a different course for Pentagon intelligence programs, rolling back some of Donald H. Rumsfeld’s aggressive expansion of intelligence operations that rankled agencies such as the CIA.

You see these stories every once in a while and it is like watching a slap-fight; no real damage, but you always hold out hope. More than anything it is simply embarrassing for the participants. In this case it is CIA vs. DOD/DIA, but depending on the issue it could be any one of the larger agencies against any other.

The arguments follow a familiar pattern: the dominant agency (and its supporters) in whatever the given issue is gets to point out their dominance and that now the interlopers will be brought to heel; the interlopers slag on those in dominance and point out that re-establishing the status quo would leave them the worse for wear. Both sides have points.

On the one hand (we’ll use HUMINT as an example) the CIA has a point that they are the large canine in the yard; they run the training programs, they’ve been around the longest, and they have a variety of umbrella authorities. On the other hand the CIA focuses on a very key but small member of the overall audience, leaving everyone else who is involved short. How short depends on a variety of factors, but when you are bearing the bulk of the burden, any shortfall is too much. Consequently you go out and get what you can the best you can and screw anyone who tells you “no.”

In reality any given agency would gladly assume all of any given shared mission if money and resources were no question. There is no reason why all of a given disciple could not fall exclusively under a single roof, with subordinate groups responding to the needs of their former organizational masters. Save for pockets of unique analytical expertise (e.g. squints) analysis is a fairly universal capability; what makes any agency special is the collection it brings to the table. The IC is not so old that radical change on this front would have the same impact as say rolling the Marines into the Army.

Rather than waste time and energy fighting over rice bowls, why is there not more serious discussion about consolidation?

An Interesting Challenge

(cross-posted at Haft of the Spear)

The Navy counter-intelligence officer who garnered a confession from Israeli spy Jonathon Pollard says that U.S. agencies missed a forest of red flags about him and risk repeating the same mistakes today they made more than 20 years ago.

Olive’s book reveals that administrative convenience and bureaucratic bungling allowed Pollard to be recruited and promoted despite being “a dreamer, a fantasist,” who repeatedly exhibited behavior that should have barred him from working for any U.S. government agency.

Among the red flags that investigators missed when Pollard was being considered for a top secret clearance from the Navy was his prior rejection by the CIA, where Pollard had applied for work in 1978.

Olive also faulted the background investigators, from the Pentagon’s Defense Investigative Service, for not even bothering to check whether Pollard had a masters degree from the Fletcher School of Law and Diplomacy at Tufts University, Boston, as he claimed. In fact Pollard had dropped out and never completed the degree.

[…]

Growing pressure for clearance investigations to be completed on a foreshortened timetable, so that people could begin work, is “a disaster waiting to happen,” he said.

Even after Pollard started work for the Navy, Olive pointed out, his bizarre behavior continued, and should have raised serious questions about his reliability.

On one occasion, Olive relates, Pollard excused his lateness and disheveled appearance at a job interview for a naval intelligence post by claiming that his wife had been kidnapped by the Irish Republican Army.

Must be Tuesday then . . .

Demand for cleared personnel is at an all-time high, the process to clear those people is cumbersome and the workforce that makes it happen too small, failing to properly screen out infiltrators and potential traitors can be catastrophic: what to do?

The easy and long-time answer of course has been to poly people, which actually eliminates more people from consideration for employment than it catches bad guys. It is a convenient short-cut that avoids the time-consuming and tedious work of actually ripping apart someone’s past life for signs they might be a complete and total nut-job.

The more recent answer has been to consolidate investigative operations and throw lots of young and inexperienced bodies at the problem (kind of like intelligence work in general). When I can recite the background check questions from memory better than the interviewing “investigator” can read them, that might be a sign that approach isn’t working all that well.

Unlike other manpower problems there is no H1B visa solution. Just when we need a large and strong CI capability it is being downshifted into second gear. So how do we meet the demand for loyal and reliable bodies without incurring more Pollards and Hanssens and Montes’?

Send your thoughts/ideas to the comments.

Changes

My friend Matt (the other, more taciturn GroupIntel blogger) and I envisioned GroupIntel as a multi-faceted, multi-user environment for discussions and analysis on intelligence and security-related issues. For those who are not aware GI also includes a Wiki and discussion forum. Participation environment-wide has been small but productive and anyone (national, state, local or otherwise) who takes the time to register is welcome to join the fun.

While I’ve loved monopolizing the GI blog I should have let it revert back to its original purpose long ago, so I’ve gotten off of the shared soapbox and found my own at Haft of the Spear (drop me a note if you need me to explain it to you).

Old posts (hopefully with old comments) will be slowly migrated to the new site over the next week or so. Links to pals old and new will be added in time and comments/trackbacks will be on as long as the spam stays away.

GI will still be around though future content will adjust to reflect this latest change. For the pure, unadulterated blather and gibberish you’ve come to enjoy, please bookmark or subscribe to the new site.

Thanks,

Michael

Next Page »