WIN #29-1 dated 23 July 2001
Weekly Intelligence Notes (WINs) are produced by Roy Jonkers for AFIO
members and for WIN subscribers, for non-profit educational uses. Associate
editors John Macartney and Don Harvey contributed to this WIN.
Support the AFIO Mission -- SPONSOR A NEW
MEMBER
SECTION I - CURRENT INTELLIGENCE
U.S. FORCES IN MIDEAST ON ALERT -- American
government outposts and businesses in the Arabian Peninsula have been on
high alert for possible attacks from terrorists sympathetic to renegade
Islamic leader Osama bin Laden since mid-June, after Western intelligence
agencies picked up "quite reliable" signs of increased activity
among Islamic extremists with Afghanistan ties. These indications are said
to have included information picked up through electronic monitoring of
suspected militants, who have acquired fairly sophisticated communications
and computer equipment. Interestingly, bin Laden is reportedly aware of US
communications intercept capabilities, but is said not to care.
It may be noted
that after the bombing last year of the USS Cole in Yemen, Naval security
procedures in the area have been enhanced. Ships in the region are no longer
spending extended time in port, they are making refueling stops on
unpredictable schedules, and are employing stepped-up security precautions
when they do go near land. (Jonkers) (Newsweek 30 July 2001, p.6, M.
Hosenball)
CARNIVORE /DCS 1000 OVERSIGHT LEGISLATION -- The
House has unanimously passed a bill requiring the FBI to provide a detailed
report on its use of the wiretap system formerly known as Carnivore, now
designated DCS-1000. The surveillance systems let law enforcement intercept
electronic transmissions such as e-mail. In addition to basic information
such as who, what, when, where and why the system was used, the Attorney
General and the FBI would have to reveal which officials authorized its use,
which court approved the warrant for its use, which specific law was invoked
in its use, and what additional information was gathered during the process
other than what the FBI was seeking to discover. (Jonkers) (ZGram 24 July)
http://www.reuters.com/news_article.jhtml?type=internetnews&StoryID=131120
(Levine 23 Jul01)
(http://www.zdnet.com/zdnn/stories/news/0,4586,5094558,00.html)
CIA CAUGHT BETWEEN CONGRESSIONAL COMMITTEES -- The
CIA has been taken to task in hearings before two subcommittees of the House
Government Reform Committee. The subcommittees are investigating how ready
the Executive Branch is to defend it's computer systems against cyberwar
attacks. Of the many Federal Government offices queried by the
subcommittees, only the CIA refused to cooperate, send anyone to testify or
answer questions of the committee.
At issue was not
computer security but where the oversight jurisdiction of the House
intelligence committee (HPSCI) ends. The HPSCI and the DCI both take the
position that House oversight of the CIA and other intelligence activities
is the responsibility of the HPSCI, and is essentially off limits to other
committees. In this case, HPSCI Chairman Porter Goss (R-FL) [an AFIO member]
evidently asked the DCI to refuse to cooperate with the Government Reform
committee. In complying with Rep Goss's request, the DCI antagonized the
other committee. (Macartney) (http://www.fas.org/irp/congress/2001_hr/index.html#oversight)
(http://www.gao.gov/cgi-bin/getrpt?gao-01-975t)
PRESSURES TO CREATE AN INFLATED CHINA THREAT -- A
previous WIN reported that an "outsider" TEAM-B, headed by retired
Army General John Tilleli, had
predictably concluded that CIA estimates were taking too benign a view of
China as a near-term threat to the US - and, so to say, was kow-towing to
China.
Now the word is
that the National Intelligence Council, anxious to please the Congressional
and other hawks on China, and to take some of the pressure off, leaned on
the Rand Corporation to provide a more hawkish assessment of the future
threat from China. When the Rand analysts were unable to provide a
sufficiently gloomy assessment, Rand was fired from a classified project,
according to a magazine report.
Further
confounding the hawks was another report indicating that DIA was on the
verge also of providing a balanced estimate. China is depicted as a growing
military power, but no match for the United States in the foreseeable
future. A senior NIC spokesman denied it was seeking a predetermined result,
but, according to the article, the NIC is shopping for a more compliant
contractor.
If any of this is
at all accurate, it would be a great example of the problem of providing a
decision-maker with intelligence that he doesn't want to hear, or
alternatively, how to go about getting an intelligence estimate to say what
you desire it to say - a puppet theater. (Jonkers) (U.S. News and World
Report, 23 July 2001)
(http://www.usnews.com/usnews/issue/010723/world/china.htm)
(http://www.washtimes.com/national/20010706-82706.htm)
(http://www.nytimes.com/2001/07/09/opinion/09SAFI.html)
SECURITY CLEARANCE PROBLEMS AT DEFENSE DEPARTMENT --
In its latest report, GAO said 68 of the 80 people convicted of
espionage from 1982 through 1999 were Defense employees [it is
assumed that both military personnel and contractor employees were
included). The GAO concluded that DOD agencies did not employ
"scrupulous decision-making" in screening people nominated for
security clearances.
In the current
study which focused on the adjudication process (the review of the
background checks and the decision whether to issue a clearance), the GAO
found instances where the adjudicating agency was "unable to
demonstrate that it fully considered all significant adverse
conditions" reflected in the individual's record. According to the
story, these conditions included failure to disclose foreign ties, arrests
for DUI, drug use, and "unexplained affluence."
While the Defense
Department has more than 500,000 people with security clearances, it was not
reported how many other Federal employees have clearances so the 68 out of
80 espionage cases for Defense may or may not be excessive on a percentage
basis. Apparently the GAO did not report to the press whether the horrible
examples cited in its study were actually serious or just instances of
inadequate paperwork to explain the actual situation. (Harvey) (USA Today, 1
June01, p.4, E. Pound)
SECTION II - CONTEXT AND PRECEDENCE
NEW SENATE SELECT INTELLIGENCE COMMITTEE CHAIRMAN BOB
GRAHAM -- With the change in party control in the Senate, Senator Bob
Graham (D-FL) has assumed the role of Chairman of the 17-member Senate
Select Committee on Intelligence. In a recent interview Graham noted that
U.S. intelligence capabilities amazed him. "There are technical things
that we can do that I was shocked were within our capability," he said.
"And there are some tactics that we use which aren't part of the Boy
Scout handbook."
The Senate Select
Committee on Intelligence was created on May 19, 1976; the House panel a
year later. The committees were born out of the turmoil spawned by Vietnam
protests in the mid-1970s, when stories were surfaced about assassination
plots, mind-control experiments on unwitting subjects, and domestic spying,
and Congress set up ad hoc committees to investigate. During a 15-month
investigation that began in January 1975, the Church Committee -- chaired by
Sen. Frank Church, D-Idaho surfaced, among other stories, allegations of at
least eight plots against Cuban leader Fidel Castro. In what appeared to be
a reprise of the McCarthy era, the Congress and the media then went
completely ballistic, arguably throwing overboard security and secrets
(leading to creation of organizations such as AFIO and NMIA to close ranks
and speak up in defense of the Intelligence Community). But the eventual
outcome when the dust settled, the Congressional Intelligence committees,
have worked well enough in terms of needed national oversight and
accountability.
Loch Johnson, a
political science professor who served on the Church Committee, says the
oversight committees tend to focus on three major categories of legislative
interest, including (1) the collection and assessments of information; (2)
the protection of the information (security) and counterintelligence; and
(3) covert action.
How well have the
committees done? Firstly, the job has been taken seriously. Former Sen.
David Boren, D-Okla., the longest-serving chairman of the committee, noted
that service on the committee carries enormous weight. "You really
stand there," said Boren, "as the trustee for the American
people." On the other hand, Professor Johnson cited a characteristic
shortcoming, noting that congressmen and senators do not have enough time to
devote to the task. "You get credit for passing bills," Johnson
said. "You get credit for pork. You don't get a lot of credit for
oversight."
National security
analysts generally credit the two committees with doing a good job. With a
combined work force of maybe 100 people, including members of Congress and
professional staff, the committees keep tabs on an intelligence network with
tens of thousands of people and an annual budget in the billions of dollars.
Committee staffers say that they pick and choose their targets to monitor
the high-tech, complicated intelligence community. The Chairman of the House
Permanent Select Committee on Intelligence, Porter Goss, a close friend of
the senator's, said the committees can use their control of the intelligence
budget as an effective oversight tool. "Without us, there's no
funding," he said. "We make it clear (about) being candid and
operating above board. If we get burned once, they'll get burned a longer
time." DCI Tenet pointed out that the budget process added transparency
to agency operations, adding that "in terms of focusing on the most
important things, they do a very good job."
Senator Graham
said one of the biggest challenges he faced was to learn how to keep quiet.
A seasoned politician, he had grown accustomed to courting the press, to
calling attention to himself and to his legislative agenda. Now as Chairman
of the Intelligence Committee, there are secrets he can't even share with
other members of the committee. Asked what his constituents would think
about the secrets he knows, Graham said "We just had a briefing on the
issues of terrorism, and I think people would be alarmed at how potentially
significant this threat is to the United States." And, "They'd
probably (also) be surprised at some of the techniques we are using to try
to control it."
The committee
members get briefings in a vault (SCIF), Room SH-219, in the Senate Hart
office building, a facility under constant armed guard. The vault seats
about a hundred people, including committee members and staff. Three video
monitors face the senators should they need to set up a conference with
intelligence officers around the world. The monitors also can hook up to a
classified computer network, to pull up secret maps and charts.
Unlike other
committees, the members of the Senate Select Intelligence Committee are
chosen by their Senate leaders, rather than by all senators of their party.
Senators and congressmen get a security clearance by virtue of getting
elected. The staffers -- the majority of them former members of the
intelligence community -- must undergo a national security background check.
Service on the committee is limited to eight years to avoid losing
objectivity. Senator Graham got a two-year extension because of the lack of
Democrats on the panel with experience.
The committee
deals with "special" information, gaining insight into esoteric US
intelligence collection means and actions that show what is
"really" going on in the world. Access to that type of information
gives the committee a certain mystique. Staffers say there is a waiting list
of at least 20 senators. Senator Graham devotes about 10 hours a week to the
job. Said CIA Director George Tenet of the senator, " "By virtue
of where he sits, he has access to know in real time the behind-the-scenes
of what's going on around the world." We wish him well. (Jonkers) (St
Petersburg Times, 22 July 2001, by Paul de la Garza.)
US EMBASSY SECURITY IMPROVEMENTS. So far, the State
Dept has spent some $3 billion on security upgrades in the aftermath of two
embassy bombings in Africa three years ago. The upgrades include
shatter-proof windows, high-tech screening devices and plainclothes
surveillance teams at embassies around the world. (Macartney)
http://www.washingtonpost.com/wp-dyn/articles/A35481-2001Jul22.html
SPECIAL OPERATIONS SUB-BOAT BUBBLES PROBLEM -- The
British Defense, Evaluation and Research Agency (DERA) will take delivery of
a special US "sub-boat" later this month in an attempt to solve
the problem of underwater "signature" which has prevented the
vessel from being deployed for operational use by US Navy "SEALs".
Originally
commissioned by the Pentagon in the early 1980s, the boats have never become
operational because of the bubble signature they leave when submerged. With
a two-man crew, and a complement of four lightly-armed SEALs, plus
explosives, the vessel reportedly has a surface speed of over 200 mph and is
powered by an outboard motor which "folds away" to allow the boat
to submerge to a depth of 10 meters, switching to a hydrojet system to move
silently underwater. The problem is that the hydrojet system leaves a trail
of bubbles and disturbs the surface, making it easy to track, if spotted.
The Pentagon has spent tens of millions of dollars and waited patiently for
almost two decades for US scientists to solve the problem without success.
Now, the British DERA has been asked to try to find a solution. (Macartney)
(Intelligence, N387, 9Jul01, p2)
STRIPPED FOR CASH -- In Russia's Far East, home to
the country's Pacific submarine fleet, thieves within the navy are stripping
subs of everything from radio equipment to radioactive isotopes. The crime
wave has sparked fears about the spread of nuclear weapons. It is all the
more alarming because of the area's proximity to North Korea, whose agents
operate in the region and have attempted to acquire submarine technology and
related information.
The most recent
known incident occurred in Petropavlovsk on April 24, when three officers
were arrested on charges of stealing parts that included radioactive
isotopes. Last year in Kamchatka, two sailors sneaked into the nuclear
reactor compartment of a submarine and stole the catalysts for igniting the
reactor because they contained palladium, a metal of the platinum group,
Interfax news service reported. The nine stolen tubes were worth $3,571 a
piece. The thieves also stole 12 radioactive calibrating plates, which
looked like gold. The sailors even tried to lift the control rods but failed
because an engineer had welded the lever down. If it hadn't been, they could
have sparked a catastrophe, venting radioactive material over the port and
thousands of people in the surrounding area. One of the most frightening
scenarios is that thieves could accidentally touch off a nuclear accident.
In 1999, the last
year for which statistics are available, the military crime rate was growing
by about 20 percent annually. "There are constant attacks on the
submarines by navy personnel, because they are so poorly paid that they have
to steal metal and cable and other things in order to get by and get their
families food," said James Clay Moltz, a research professor at the
Monterey Institute of International Studies. "The senior navy officials
have described it as 'a state of war,' and that's really what it is."
Russia still has
a large submarine fleet in the Far East. In Kamchatka, there are nine Delta
III nuclear submarines with a total of 143 long-range missiles carrying 429
nuclear warheads, along with an older Delta I sub carrying 12 missiles with
single warheads. Another 12 nuclear attack and guided-missile submarines in
port are designed to fire nuclear-tipped cruise missiles and torpedoes at
enemy ships. Many of these submarines no longer go to sea and are guarded
only by two-man skeleton crews. Twelve more nuclear attack submarines and
another Delta I are based in the nearby region of Primorye. Most of these
submarines, too, are decommissioned and guarded by light crews. The risky
situation has resulted in international (including the US and Japan) efforts
to pare the fleet.
Nuclear
submarines are not the only vessels being looted. Last year, the diesel
submarine fleet was even more subject to pillaging. An entire division of
Kilo class submarines was disabled by thefts.
North Korea is
eager to get its hands on Russian nuclear submarine technology. In 1999, a
former employee of the Zvezda shipyard near Vladivostok was arrested trying
to sell radioactive materials to undercover agents posing as a broker for
North Korea. In 1996, 17 North Korean guest workers were caught trying to
infiltrate a nuclear submarine facility in the Primorye region and were
repatriated. And authorities have arrested North Korean workers for trying
to buy dismantlement schedules and cruising patterns for nuclear vessels.
After the theft
from the nuclear reactor compartment of the submarine in Kamchatka, Russian
Navy commander Vladimir Kuroyedov fired two senior submarine officers, and
10 other officers and admirals were penalized for negligence. Obviously, to
have disgruntled individuals handling nuclear submarines could be a recipe
for disaster. (Jonkers)
(San Francisco Chronicle, June 25, 2001, page 9, // R. Working and N.
Chernyakova)
SECTION III - CYBER INTELLIGENCE
NATIONAL INFRASTRUCTURE PROTECTION CENTER (NIPC) ADVISORY
(01-015) "Ida Code Worm" -- Internet backbone providers
have notified the NIPC they are witnessing large-scale victimized web
servers scanning for Microsoft Internet Information Server (IIS)
vulnerabilities. The activity of Ida Code Redworm has the potential to
degrade services running on the Internet. Any web server running the
Microsoft IIS versions 4.0 or 5.0 that is not patched is susceptible to a
"Buffer Overflow". The NIPC is strongly urging consumers running
these versions of IIS 4.0/5.0 to check their systems and install the patch.
Additional information at http://nipc.gov/warnings/advisories/2001/01-013.htmlhttp://cert.org/advisori
The Microsoft
bulletin describing this vulnerability and its patch to fix the problem may
be found at: http://www.microsoft.com/technet/security/bulletin/MS01-033.asp
Microsoft strongly recommends that all web server administrators mitigate
this vulnerability immediately by applying the patch. Based on the life
cycle of such vulnerabilities, system administrators can expect to see an
increase in new exploits targeting this service.
Recipients of
this advisory are encouraged to report computer crime. Incidents may be
reported online at http://www.NIPC.gov/incident/cirr.htm The NIPC
Watch and Warning Unit can be reached at (202) 323-3204/3205/3206 or NIPC.Watch@fbi.gov.
(FBI ANSIR, G. Harter)
CODE RED WORM PROGRESS -- Called ``Code Red Worm,''
the bug has infested the Web servers of mostly large businesses and
organizations that use Microsoft Windows NT 4.0 and Windows 2000, leading to
the defacement of Web sites hosted by the tainted computers. The malicious
computer bug came within minutes of crippling the White House Web site late
Thursday. The Defense Department now has blocked public access to its Web
sites. So far, the worm has replicated itself onto at least 250,000 computer
systems.(Levine 23 Jul 01)
http://www.siliconvalley.com/docs/news/depth/coderd072101.htm
http://www.msnbc.com/news/603086.asp
http://www.gcn.com/vol1_no1/news/4708-1.html
http://www.newsbytes.com/news/01/168238.html
MICROSOFT DISPUTES THREATS TO NUCLEAR SECURITY --
Microsoft and the U.S. Department of Energy are disputing claims that bugs
in Microsoft's database software threatened nuclear security in the U.S. and
Russia. Earlier this month, Bruce Blair, president of the Center for Defense
Information, a non-profit military research organization based in
Washington, wrote a column asserting that Russian nuclear scientists found a
bug in Microsoft's SQL Server database software last year that not only
threatened the security of Russia's nuclear weapons materials, but
potentially U.S. nuclear materials as well. Microsoft executives and U.S.
Department of Energy representatives scoff at the charge, saying Blair is
overblowing the issue. Microsoft and Energy representatives say the two bugs
were never a threat, that no data was ever lost, and the issues that Russia
had with the software have been resolved. (Levine Newsbits 23 Jul)
http://www.zdnet.com/zdnn/stories/news/0,4586,5094508,00.html
SECTION IV - BOOKS AND SOURCES
PATTERNS OF GLOBAL TERRORISM 2000, U.S. Department of
State (Publication 10822), April 2001. US policy is described succinctly:
(1) Make no concession to terrorists and strike no deals; (2) bring
terrorists to justice for their crimes, (3) isolate and apply pressure on
states that sponsor terrorism to force them to change their behavior, and
(4) bolster the counter-terrorist capabilities of those countries that work
with the US and require assistance.
The scope of
terrorism: 19 US citizens were killed in 2000, seventeen of whom were part
of the crew of the USS Cole. The other two died in conflicts in East Timor
and in Sierra Leone. For the US, the billions spent on anti-terrorist
intelligence and actions appear to be paying off -- or the threat is way
overblown. The recent arrests of would-be attackers of targets within the US
points to the first conclusion.
The number of
anti-US attacks increased from 169 in '99 to 200 in 2000 -- but only because
there were 152 attacks against a pipeline in Colombia, considered a US
target. International incidents numbered 423, killing 405 persons, mostly in
Africa and Asia (354).
This publication,
recently available, is an outstanding source document on the topic, with a
country-by-country rundown of incidents, and useful appendices listing
incidents chronologically, describing terrorist groups throughout the world,
and providing excellent statistics as far back as 1981 as well as geographic
displays. Highly recommended. (Jonkers)
MI5 WORLD WAR II HISTORICAL DOCUMENTS. This is the
seventh and largest Security Service release, consisting of approximately
200 files, bringing the total number of MI5 records in the Public Record
Office to 919. As with previous releases, the bulk of records are personal
files, relating to agents, double agents, intelligence officers and
renegades, or those under suspicion of being so, the large proportion of
which relate to Germany during the period 1939-45. (Macartney)
http://www.pro.gov.uk/releases/july2001/secser1.htm
WHEN SECRET PLANES CRASH, FROM THE U-2 TO F-117.
Writing in Air Force magazine, Jeffrey Richelson discusses how the
govt has handled questions when secret aircraft have crashed.
http://www.afa.org/magazine/July2001/0701secrets.html
WINs are covered by copyright laws. WINs may be reproduced with permission
of the Producer (
afio@afio.com) or in
single instances for purposes of membership recruitment. Opinions expressed
are those of the authors and editors.
Check the AFIO Website for up-to-date event information and announcements
of coming events. (www.afio.com)
Sign up for the AFIO luncheon at Fort Myer, Virginia, on 21 August,
featuring Nigel West and Dr. William Anderson. Check the Website or contact afio@afio.com.
