Posts Tagged ‘ intelligence ’

The Challenges of Coordinating Cybersecurity

Friday, November 12th, 2010
Matthew Dahl


Matt Dahl is a judicial clerk in Virginia and writes about national security law on his blog. The views expressed here are his own.

by Matthew Dahl

It goes without saying that National Security Agency and U.S. Cyber Command are playing a significant role in defending military and government computer networks.  It appears they’re now playing a role defending domestic U.S. civilian computer networks as well.  In past statements, General Keith Alexander – head of NSA and Cyber Command – said that the DoD entities would not be involved in the protection of domestic civilian networks because it is the purview of the Department of Homeland Security.  Despite those statements, a memorandum of agreement released on October 13 announced that the DoD and DHS would coordinate their cybersecurity efforts, collocating personnel.

While the NSA and Cyber Command both fall under the purview of the DoD, their missions are different.  The NSA is a hybrid civilian/military entity whose main function is to gather signals intelligence from foreign communications and provide information assurance to prevent foreign adversaries from accessing classified materials.  Cyber Command is a new, purely military entity that is responsible for providing the U.S. military with both offensive and defensive capabilities in cyberspace.

Because the NSA was at the center of the Bush administration’s domestic wiretapping scandal in the years just after 9/11, its involvement with protecting domestic computer networks makes privacy advocates uneasy. They’re worried that the NSA might use its new role to monitor U.S citizens. However, it’s worth noting that the NSA’s participation with U.S. domestic computer networks is not unprecedented.  In February, the NSA assisted Google in investigating an attack against the company in which it is believed that Chinese hackers stole large amounts of intellectual property as well as information about Chinese human rights activists.  More recently, the NSA was tasked with executing  “Perfect Citizen,” a program that gives NSA access to U.S. critical infrastructure networks in order to detect cyberspace threats. This means NSA would deploy sensors on many large privately owned networks.

Meanwhile, General Alexander stated in September that he did not believe Cyber Command should operate in the civilian sphere. However, that statement contradicts the memorandum of agreement, which specifically directs Cyber Command to locate personnel at a DHS facility to provide support and “operational synchronization.”  It also instructs Cyber Command to coordinate operational and mission planning with DHS and NSA.  Moreover, Cyber Command’s involvement with civilian networks was presaged by the June 2009 DoD memorandum announcing its formation which specifically states that part of its mission would be to protect civilian networks.

The question now is: how much of a role will DoD play? How much of a role should it play? In 2003, a presidential directive established DHS as the agency in charge of coordinating the overall effort of securing civilian networks.  The agency has since written a strategy and will to hire large numbers of cybersecurity professionals over the next few years, indicating the agency will maintain a large role in protecting civilian networks.

But critical cyber experience and technical expertise lies with the military, which would be foolish to ignore.   Furthermore, DHS wants to work with the military, admitting that it has at least contemplated leveraging NSA assets in its efforts to put together a comprehensive plan to protect critical cyberspace assets.  Even so, it’s not that straight forward: as the NSA wiretapping scandal shows, DoD’s involvement in civilian networks would stir civil liberties controversy.

Currently, no overarching cybersecurity strategy exists that clarifies agencies’ responsibilities.  Despite sweeping cybersecurity legislation being proposed in Congress – particularly by Senators Lieberman, Carper, and Collins – the White House must step in to clarify these roles.

photo credit: Patrick Hoesly

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
Posted in A Progressive Security Strategy, Daily Fix, Issues | 1 Comment »

Losing Patience in Pakistan

Wednesday, October 27th, 2010
Will Marshall


Will Marshall is the president of the Progressive Policy Institute.

by Will Marshall

At last, some good news from Afghanistan: The New York Times reported last week that U.S. and Afghan forces are “routing” the Taliban in Kandahar province. In the northwest, Special Operations forces and air strikes have taken a heavy toll on insurgent commanders and “shadow governors,” according to The Washington Post.

These tactical gains are impressive. But they also spotlight the weakest link in our strategic chain, and no, it’s not Afghanistan’s mercurial leader, Hamid Karzai, or the corrupt and feckless central government. It’s Pakistan.

President Obama’s surge seems to be taking hold, but coalition forces can’t break the insurgency’s back as long as Pakistan continues to provide a sanctuary for the Taliban and allied terrorist groups.

Aided by better intelligence and a highly accurate new mobile rocket, in addition to more troops, coalition forces have successfully targeted Taliban leaders and driven insurgents from strongholds they have long held in Kandahar. The onslaught apparently has demoralized some Taliban foot soldiers, who are said to resent their high command for urging them to stand and fight from the relative safety of Pakistan.

U.S. officials say they are under no illusion of crushing the insurgency altogether, but they hope that, by inflicting heavy losses, they can turn the tide and induce top Taliban leaders to enter into peace negotiations with the Afghan government.

But there’s a problem: insurgent leaders are slipping over the border to Pakistan, where they can regroup for new attacks, or simply wait for NATO forces to leave. Says Gen. David Petraeus, “There is quite relentless pressure. It forces them on the run. But again, if you don’t take away the safe haven, it doesn’t have a lasting effect.”

And the Quetta Shura, whose leader, Mullah Omar, was so hospitable to al Qaeda when the Taliban ran Afghanistation, continues to orchestrate and finance the insurgency from Pakistan with impunity. If the United States and NATO are to permanently weaken the Taliban and force them to the negotiating table, that has to change.

Zalmay Khalilzad, a former U.S. Ambassador to Afghanistan, argues that Pakistan’s double game threatens to prolong America’s costly intervention. On the one hand, Pakistan is an indispensible partner: it supplies the main supply routes for coalition forces, and tacitly colludes with drone strikes against al Qaeda and Taliban targets. On the other, Pakistan gives sanctuary not only to the Quetta Shura and but also the notorious Haqqani terrorist network, whose ties with Pakistani intelligence go back to the anti-Soviet jihad in Afghanistan.

Pakistan’s military leaders, he says, “believe that our current surge will be the last push before we begin a face-saving troop drawdown next July. They are confident that if they continue to frustrate our military and political strategy – even actively impede reconciliation between Kabul and Taliban groups willing to make peace – pro-Pakistani forces will have the upper hand in Afghanistan after the United States departs.”

Khalilzad is right: the United States can’t allow our supposed ally to subvert our strategic goals in Afghanistan. Yet just last week, the administration announced a new $2 billion military aid package to Pakistan. This comes on top of a five-year, $7.5 billion civilian aid package for Pakistan approved last year.

This is the kind of thing that gives engagement a bad name. We need a more challenging approach: The United States should demand that Pakistan break decisively with Islamist terrorist groups and not allow its territory to be used as a staging point for attacks on its neighbor. If Pakistan refuses, we should target insurgent havens anyway and freeze aid. If it complies, we should make a long-term commitment to strengthening Pakistan’s economic and governing institutions, and to mediating regional conflicts.

U.S. officials have been reluctant to put too much pressure on Pakistan to act against the Haqqani network and the Afghan Taliban leadership. They don’t want to undermine the democratically elected government of President Asi Ali Zardari, or risk alienating Pakistan’s military and intelligence services, which are cooperating in the U.S. campaign against al Qaeda.  But Pakistan already has demonstrated the military ability to reclaim tribal areas when it suited its purpose.  Up until now, Pakistan has tried to have it both ways: help America fight al Qaeda, while retaining ties to terrorist groups to influence future events in Afghanistan (and to keep the pot boiling in Kashmir). Such ambivalence collides with America’s strategic interest, and it’s time for Pakistan to choose.

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
Posted in A Progressive Security Strategy, Daily Fix | No Comments »

Paying Bad People In Afghanistan

Thursday, August 26th, 2010
Jim Arkedis


Jim Arkedis is the director of PPI's National Security Project.

by Jim Arkedis

Gasp!  The CIA is paying bad people in Afghanistan!

The New York Times implies there’s a problem with fighting corruption in the Afghan government while paying the corrupt, in this case Mohammed Zia Salehi, the chief administration on Afghanistan’s National Security Council:

Mr. Salehi’s relationship with the C.I.A. underscores deep contradictions at the heart of the Obama administration’s policy in Afghanistan, with American officials simultaneously demanding that Hamid Karzai root out the corruption that pervades his government while sometimes subsidizing the very people suspected of perpetrating it.

That’s not right.  If we begin holding every official in Afghanistan to some vague corruption-based litmus test, the intelligence community would be completely handcuffed: I’d bet you a paycheck that you could pin some sort of corruption charge on every single official in the entire country.

After all, it’s a bit of a Catch-22, right?  If Afghanistan was a graft-free Jeffersonian democracy, CIA wouldn’t have such a need need to recruit unsavory sources like Salehi.  But the country is a mess, and our intelligence community better damn-well have its ear to the ground.  And if we really want to stop corruption at the highest level, Salehi has regular access to the biggest fish of them all:  Karzai.  That’s highly valuable.

I understand the desire to keep things above-board, but tough situations demand hard choices, and paying a well-placed but corrupt source is clearly the lesser evil.

Photo credit: World Economic Forum’s photostream

Tags: , , , , ,
Posted in A Progressive Security Strategy, Daily Fix | 1 Comment »

For Intelligence, Big Doesn’t Always Mean Bad

Monday, July 19th, 2010
Jim Arkedis


Jim Arkedis is the director of PPI's National Security Project.

by Jim Arkedis

The Washington Post’s new series Top Secret America is well intentioned:

When it comes to national security, all too often no expense is spared and few questions are asked – resulting in an enterprise so massive that nobody in government has a full understanding of it.

That’s right. As an intelligence community analyst for some five years, I’ve seen plenty of the bureaucratic inefficiencies, excess and unchecked spending, and unwieldy sprawl that have mushroomed since 9/11. From this perspective, it’s important that questions get asked, money be justified, and overlap — where necessary and possible — be reduced.

My beef with the article — the first in a three-part series — is that it is framed as “big = bad.” Its thesis seems to be that more construction, more analysts, more information, more publications are all fleecing America. The series’ lede lays out this premise:

The investigation’s other findings include:

* Some 1,271 government organizations and 1,931 private companies work on programs related to counterterrorism, homeland security and intelligence in about 10,000 locations across the United States.

* An estimated 854,000 people, nearly 1.5 times as many people as live in Washington, D.C., hold top-secret security clearances.

* In Washington and the surrounding area, 33 building complexes for top-secret intelligence work are under construction or have been built since September 2001. Together they occupy the equivalent of almost three Pentagons or 22 U.S. Capitol buildings – about 17 million square feet of space.

* Many security and intelligence agencies do the same work, creating redundancy and waste. For example, 51 federal organizations and military commands, operating in 15 U.S. cities, track the flow of money to and from terrorist networks.

* Analysts who make sense of documents and conversations obtained by foreign and domestic spying share their judgment by publishing 50,000 intelligence reports each year – a volume so large that many are routinely ignored.

If you’re writing a piece of investigative journalism that is an implicit call for more oversight, pointing out physical size is an obvious organizing frame that seems to illustrate the problem. If there are a bunch of big buildings and no one knows what happens in them, are they necessary?

The problem, however, is delving into why physical size is symptomatic of the problem. Here, the article falls short — lost is that some of these mysterious, large building have contributed to our national security. Raw size isn’t the intelligence community’s problem.

For example, former Director of National Intelligence Dennis Blair released the IC’s budget for the first time. At $75 billion, it’s almost twice the State Department’s, but only ten percent of DoD’s (however, though the Pentagon’s intel spending is counted in Defense’s budget). If increased oversight improves efficiency by — oh, pick a number — 15 percent, the IC’s budget is still $64 billion and the vast majority of those new buildings out in suburban Maryland are still being built.

Or take the National Security Agency’s budget, the agency that controls our satellite spies that listen in to bad people (when not embroiled in Bush-era domestic eavesdropping cases). It’s budget has doubled.   Based on the “big = bad” frame, you might think this is inherently negative. I’d argue that there’s more to the story, and that the increase in signals intelligence collection has kept the country safer by forcing Al Qaeda to use arcane and slow means of communicating.

Buried are two important reasons why size matters, a link that should be made more explicitly. First:

The overload of hourly, daily, weekly, monthly and annual reports is actually counterproductive, say people who receive them. Some policymakers and senior officials don’t dare delve into the backup clogging their computers.

IC bean-counters value quantity over quality, the latter being more difficult to judge. I can’t tell you how many times we were told to “produce more,” irrespective of whether that production had any mission impact. A lot of dog shit is more valuable that one diamond. That’s because budgets are justified by numbers.

And second:

[S]ecrecy can undermine the normal chain of command when senior officials use it to cut out rivals or when subordinates are ordered to keep secrets from their commanders.  One military officer involved in one such program said he was ordered to sign a document prohibiting him from disclosing it to his four-star commander, with whom he worked closely every day, because the commander was not authorized to know about it.

Almost four years ago, I was in a meeting with the new intelligence chief for a certain country I was working on. He was briefed by my boss’s boss on a variety of secret operations my organization had going in the area. When the chief asked for further information about a specific operation, my boss’s boss continued on for several minutes about all the amazing intelligence we’re getting from it.

It was highly inconvenient that I knew better: in truth, that operation had been shut down for over a year, and continued to exist on paper only. My boss’s boss was giving the new chief a complete snow job, only to give the appearance of competence and justify more money. I decided to quit that afternoon.

In sum, there’s been no question that the intelligence community was ill-equipped to deal with the new security threats facing the country that grew in complexity and immediacy between the end of the Cold War and 9/11. An overhaul was necessary, and the community continues to face growing pains in the aftermath of that reorganization and the increased budgets that come along with it.

The central tension in intelligence spending is striking a balance between dollars and security. Much of the post-9/11 intel money has effectively contributed to the country’s security, an inconvenient truism that’s glossed over in the Post’s new series. In the remaining articles, I hope the focus is on the marginal rate of increased security for every dollar spent. And in cases where we’re not getting enough bang for our buck, I hope there’s a better explanation of what drives those inefficiencies. Raw size is an occasional indicator of a deeper problem, not the problem itself.

Photo Credit: Orin Zebest

Tags: , , , ,
Posted in A Progressive Security Strategy, Daily Fix | No Comments »

Gang of Eight Isn’t Enough

Tuesday, March 2nd, 2010
Jim Arkedis


Jim Arkedis is the director of PPI's National Security Project.

by Jim Arkedis

As an ex-intelligence guy, I’m particularly sensitive to intel’s uncomfortable place in American politics. Because the intelligence community is — by design — inherently secretive, it’s an easy punching bag for politicians looking to score cheap points because they know it can’t publicly respond. Who’s at fault for the Christmas Day bombing? Blame the intelligence community! Need to justify a hard line on Iran in the face of a lukewarm 2007 National Intelligence Estimate? Blame the intelligence community! Who should have stopped the Fort Hood tragedy?  … I think you know where I’m going.

The point is that though the intelligence community needs continued reform, in each of the above cases, it assumed an undue share of responsibility for each incident.

Naturally, then, I got a bit nervous reading that the Gang of Eight — the group of leading members of Congress who are regularly briefed on sensitive intelligence matters — is about to be widened. It follows that increasing Congress’s access to highly classified national security activities will lead to a greater risk of premature public disclosure for political motives.

However, Gang of Eight disclosure reform was necessary in the wake of the post-9/11 dual domestic eavesdropping and torture scandals. If in those cases the Bush administration had informed a wider congressional audience, perhaps the respective congressional oversight committees could have better done their jobs. Because what’s the point of having oversight if there’s nothing to oversee?

It appears as though this deal, which has been worked out but still needs to be passed in the intelligence authorization bill, strikes the right balance between politics, oversight, and national security. In broad strokes, the president would have to notify both intelligence committees that there had been an intelligence disclosure to the Gang of Eight, and provide the full committees with “general information on the content of the finding.” Of course, the devil is in the details — the White House’s interpretation of “general information” will probably differ from the Hill’s.

Even so, here’s the kicker: any one of the eight (theoretically acting on behalf of another committee member) could register opposition to the proposed intelligence operation with the Director of National Intelligence, thereby (hopefully) preempting unnecessary press disclosures.

The end result should create better oversight that pressures the intelligence community to remain within the law, while removing incentive for Congress to go public. Fingers crossed.

Tags: , , , , ,
Posted in A Progressive Security Strategy, Daily Fix | No Comments »