Weekly Intelligence Notes #29-01
23 July 2001

WIN #29-1 dated 23 July 2001

Weekly Intelligence Notes (WINs) are produced by Roy Jonkers for AFIO members and for WIN subscribers, for non-profit educational uses. Associate editors John Macartney and Don Harvey contributed to this WIN.

Support the AFIO Mission -- SPONSOR A NEW MEMBER


SECTION I - CURRENT INTELLIGENCE

U.S. FORCES IN MIDEAST ON ALERT -- American government outposts and businesses in the Arabian Peninsula have been on high alert for possible attacks from terrorists sympathetic to renegade Islamic leader Osama bin Laden since mid-June, after Western intelligence agencies picked up "quite reliable" signs of increased activity among Islamic extremists with Afghanistan ties. These indications are said to have included information picked up through electronic monitoring of suspected militants, who have acquired fairly sophisticated communications and computer equipment. Interestingly, bin Laden is reportedly aware of US communications intercept capabilities, but is said not to care.
    It may be noted that after the bombing last year of the USS Cole in Yemen, Naval security procedures in the area have been enhanced. Ships in the region are no longer spending extended time in port, they are making refueling stops on unpredictable schedules, and are employing stepped-up security precautions when they do go near land. (Jonkers) (Newsweek 30 July 2001, p.6, M. Hosenball)

CARNIVORE /DCS 1000 OVERSIGHT LEGISLATION -- The House has unanimously passed a bill requiring the FBI to provide a detailed report on its use of the wiretap system formerly known as Carnivore, now designated DCS-1000. The surveillance systems let law enforcement intercept electronic transmissions such as e-mail. In addition to basic information such as who, what, when, where and why the system was used, the Attorney General and the FBI would have to reveal which officials authorized its use, which court approved the warrant for its use, which specific law was invoked in its use, and what additional information was gathered during the process other than what the FBI was seeking to discover. (Jonkers) (ZGram 24 July)
http://www.reuters.com/news_article.jhtml?type=internetnews&StoryID=131120 (Levine 23 Jul01)
(http://www.zdnet.com/zdnn/stories/news/0,4586,5094558,00.html)

CIA CAUGHT BETWEEN CONGRESSIONAL COMMITTEES -- The CIA has been taken to task in hearings before two subcommittees of the House Government Reform Committee. The subcommittees are investigating how ready the Executive Branch is to defend it's computer systems against cyberwar attacks. Of the many Federal Government offices queried by the subcommittees, only the CIA refused to cooperate, send anyone to testify or answer questions of the committee.
    At issue was not computer security but where the oversight jurisdiction of the House intelligence committee (HPSCI) ends. The HPSCI and the DCI both take the position that House oversight of the CIA and other intelligence activities is the responsibility of the HPSCI, and is essentially off limits to other committees. In this case, HPSCI Chairman Porter Goss (R-FL) [an AFIO member] evidently asked the DCI to refuse to cooperate with the Government Reform committee. In complying with Rep Goss's request, the DCI antagonized the other committee. (Macartney) (http://www.fas.org/irp/congress/2001_hr/index.html#oversight)
(http://www.gao.gov/cgi-bin/getrpt?gao-01-975t)

PRESSURES TO CREATE AN INFLATED CHINA THREAT -- A previous WIN reported that an "outsider" TEAM-B, headed by retired Army General John Tilleli, had predictably concluded that CIA estimates were taking too benign a view of China as a near-term threat to the US - and, so to say, was kow-towing to China.
    Now the word is that the National Intelligence Council, anxious to please the Congressional and other hawks on China, and to take some of the pressure off, leaned on the Rand Corporation to provide a more hawkish assessment of the future threat from China. When the Rand analysts were unable to provide a sufficiently gloomy assessment, Rand was fired from a classified project, according to a magazine report.
    Further confounding the hawks was another report indicating that DIA was on the verge also of providing a balanced estimate. China is depicted as a growing military power, but no match for the United States in the foreseeable future. A senior NIC spokesman denied it was seeking a predetermined result, but, according to the article, the NIC is shopping for a more compliant contractor.
    If any of this is at all accurate, it would be a great example of the problem of providing a decision-maker with intelligence that he doesn't want to hear, or alternatively, how to go about getting an intelligence estimate to say what you desire it to say - a puppet theater. (Jonkers) (U.S. News and World Report, 23 July 2001)
(http://www.usnews.com/usnews/issue/010723/world/china.htm)
(http://www.washtimes.com/national/20010706-82706.htm)
(http://www.nytimes.com/2001/07/09/opinion/09SAFI.html)

SECURITY CLEARANCE PROBLEMS AT DEFENSE DEPARTMENT -- In its latest report, GAO said 68 of the 80 people convicted of espionage from 1982 through 1999 were Defense employees [it is assumed that both military personnel and contractor employees were included). The GAO concluded that DOD agencies did not employ "scrupulous decision-making" in screening people nominated for security clearances.
    In the current study which focused on the adjudication process (the review of the background checks and the decision whether to issue a clearance), the GAO found instances where the adjudicating agency was "unable to demonstrate that it fully considered all significant adverse conditions" reflected in the individual's record. According to the story, these conditions included failure to disclose foreign ties, arrests for DUI, drug use, and "unexplained affluence."
    While the Defense Department has more than 500,000 people with security clearances, it was not reported how many other Federal employees have clearances so the 68 out of 80 espionage cases for Defense may or may not be excessive on a percentage basis. Apparently the GAO did not report to the press whether the horrible examples cited in its study were actually serious or just instances of inadequate paperwork to explain the actual situation. (Harvey) (USA Today, 1 June01, p.4, E. Pound)


SECTION II - CONTEXT AND PRECEDENCE

NEW SENATE SELECT INTELLIGENCE COMMITTEE CHAIRMAN BOB GRAHAM -- With the change in party control in the Senate, Senator Bob Graham (D-FL) has assumed the role of Chairman of the 17-member Senate Select Committee on Intelligence. In a recent interview Graham noted that U.S. intelligence capabilities amazed him. "There are technical things that we can do that I was shocked were within our capability," he said. "And there are some tactics that we use which aren't part of the Boy Scout handbook."
    The Senate Select Committee on Intelligence was created on May 19, 1976; the House panel a year later. The committees were born out of the turmoil spawned by Vietnam protests in the mid-1970s, when stories were surfaced about assassination plots, mind-control experiments on unwitting subjects, and domestic spying, and Congress set up ad hoc committees to investigate. During a 15-month investigation that began in January 1975, the Church Committee -- chaired by Sen. Frank Church, D-Idaho surfaced, among other stories, allegations of at least eight plots against Cuban leader Fidel Castro. In what appeared to be a reprise of the McCarthy era, the Congress and the media then went completely ballistic, arguably throwing overboard security and secrets (leading to creation of organizations such as AFIO and NMIA to close ranks and speak up in defense of the Intelligence Community). But the eventual outcome when the dust settled, the Congressional Intelligence committees, have worked well enough in terms of needed national oversight and accountability.
    Loch Johnson, a political science professor who served on the Church Committee, says the oversight committees tend to focus on three major categories of legislative interest, including (1) the collection and assessments of information; (2) the protection of the information (security) and counterintelligence; and (3) covert action.
    How well have the committees done? Firstly, the job has been taken seriously. Former Sen. David Boren, D-Okla., the longest-serving chairman of the committee, noted that service on the committee carries enormous weight. "You really stand there," said Boren, "as the trustee for the American people." On the other hand, Professor Johnson cited a characteristic shortcoming, noting that congressmen and senators do not have enough time to devote to the task. "You get credit for passing bills," Johnson said. "You get credit for pork. You don't get a lot of credit for oversight."
    National security analysts generally credit the two committees with doing a good job. With a combined work force of maybe 100 people, including members of Congress and professional staff, the committees keep tabs on an intelligence network with tens of thousands of people and an annual budget in the billions of dollars. Committee staffers say that they pick and choose their targets to monitor the high-tech, complicated intelligence community. The Chairman of the House Permanent Select Committee on Intelligence, Porter Goss, a close friend of the senator's, said the committees can use their control of the intelligence budget as an effective oversight tool. "Without us, there's no funding," he said. "We make it clear (about) being candid and operating above board. If we get burned once, they'll get burned a longer time." DCI Tenet pointed out that the budget process added transparency to agency operations, adding that "in terms of focusing on the most important things, they do a very good job."
    Senator Graham said one of the biggest challenges he faced was to learn how to keep quiet. A seasoned politician, he had grown accustomed to courting the press, to calling attention to himself and to his legislative agenda. Now as Chairman of the Intelligence Committee, there are secrets he can't even share with other members of the committee. Asked what his constituents would think about the secrets he knows, Graham said "We just had a briefing on the issues of terrorism, and I think people would be alarmed at how potentially significant this threat is to the United States." And, "They'd probably (also) be surprised at some of the techniques we are using to try to control it."
    The committee members get briefings in a vault (SCIF), Room SH-219, in the Senate Hart office building, a facility under constant armed guard. The vault seats about a hundred people, including committee members and staff. Three video monitors face the senators should they need to set up a conference with intelligence officers around the world. The monitors also can hook up to a classified computer network, to pull up secret maps and charts.
    Unlike other committees, the members of the Senate Select Intelligence Committee are chosen by their Senate leaders, rather than by all senators of their party. Senators and congressmen get a security clearance by virtue of getting elected. The staffers -- the majority of them former members of the intelligence community -- must undergo a national security background check. Service on the committee is limited to eight years to avoid losing objectivity. Senator Graham got a two-year extension because of the lack of Democrats on the panel with experience.
    The committee deals with "special" information, gaining insight into esoteric US intelligence collection means and actions that show what is "really" going on in the world. Access to that type of information gives the committee a certain mystique. Staffers say there is a waiting list of at least 20 senators. Senator Graham devotes about 10 hours a week to the job. Said CIA Director George Tenet of the senator, " "By virtue of where he sits, he has access to know in real time the behind-the-scenes of what's going on around the world." We wish him well. (Jonkers) (St Petersburg Times, 22 July 2001, by Paul de la Garza.)

US EMBASSY SECURITY IMPROVEMENTS. So far, the State Dept has spent some $3 billion on security upgrades in the aftermath of two embassy bombings in Africa three years ago. The upgrades include shatter-proof windows, high-tech screening devices and plainclothes surveillance teams at embassies around the world. (Macartney)
http://www.washingtonpost.com/wp-dyn/articles/A35481-2001Jul22.html

SPECIAL OPERATIONS SUB-BOAT BUBBLES PROBLEM -- The British Defense, Evaluation and Research Agency (DERA) will take delivery of a special US "sub-boat" later this month in an attempt to solve the problem of underwater "signature" which has prevented the vessel from being deployed for operational use by US Navy "SEALs".
    Originally commissioned by the Pentagon in the early 1980s, the boats have never become operational because of the bubble signature they leave when submerged. With a two-man crew, and a complement of four lightly-armed SEALs, plus explosives, the vessel reportedly has a surface speed of over 200 mph and is powered by an outboard motor which "folds away" to allow the boat to submerge to a depth of 10 meters, switching to a hydrojet system to move silently underwater. The problem is that the hydrojet system leaves a trail of bubbles and disturbs the surface, making it easy to track, if spotted. The Pentagon has spent tens of millions of dollars and waited patiently for almost two decades for US scientists to solve the problem without success. Now, the British DERA has been asked to try to find a solution. (Macartney) (Intelligence, N387, 9Jul01, p2)

STRIPPED FOR CASH -- In Russia's Far East, home to the country's Pacific submarine fleet, thieves within the navy are stripping subs of everything from radio equipment to radioactive isotopes. The crime wave has sparked fears about the spread of nuclear weapons. It is all the more alarming because of the area's proximity to North Korea, whose agents operate in the region and have attempted to acquire submarine technology and related information.
    The most recent known incident occurred in Petropavlovsk on April 24, when three officers were arrested on charges of stealing parts that included radioactive isotopes. Last year in Kamchatka, two sailors sneaked into the nuclear reactor compartment of a submarine and stole the catalysts for igniting the reactor because they contained palladium, a metal of the platinum group, Interfax news service reported. The nine stolen tubes were worth $3,571 a piece. The thieves also stole 12 radioactive calibrating plates, which looked like gold. The sailors even tried to lift the control rods but failed because an engineer had welded the lever down. If it hadn't been, they could have sparked a catastrophe, venting radioactive material over the port and thousands of people in the surrounding area. One of the most frightening scenarios is that thieves could accidentally touch off a nuclear accident.
    In 1999, the last year for which statistics are available, the military crime rate was growing by about 20 percent annually. "There are constant attacks on the submarines by navy personnel, because they are so poorly paid that they have to steal metal and cable and other things in order to get by and get their families food," said James Clay Moltz, a research professor at the Monterey Institute of International Studies. "The senior navy officials have described it as 'a state of war,' and that's really what it is."
    Russia still has a large submarine fleet in the Far East. In Kamchatka, there are nine Delta III nuclear submarines with a total of 143 long-range missiles carrying 429 nuclear warheads, along with an older Delta I sub carrying 12 missiles with single warheads. Another 12 nuclear attack and guided-missile submarines in port are designed to fire nuclear-tipped cruise missiles and torpedoes at enemy ships. Many of these submarines no longer go to sea and are guarded only by two-man skeleton crews. Twelve more nuclear attack submarines and another Delta I are based in the nearby region of Primorye. Most of these submarines, too, are decommissioned and guarded by light crews. The risky situation has resulted in international (including the US and Japan) efforts to pare the fleet.
    Nuclear submarines are not the only vessels being looted. Last year, the diesel submarine fleet was even more subject to pillaging. An entire division of Kilo class submarines was disabled by thefts.
    North Korea is eager to get its hands on Russian nuclear submarine technology. In 1999, a former employee of the Zvezda shipyard near Vladivostok was arrested trying to sell radioactive materials to undercover agents posing as a broker for North Korea. In 1996, 17 North Korean guest workers were caught trying to infiltrate a nuclear submarine facility in the Primorye region and were repatriated. And authorities have arrested North Korean workers for trying to buy dismantlement schedules and cruising patterns for nuclear vessels.
    After the theft from the nuclear reactor compartment of the submarine in Kamchatka, Russian Navy commander Vladimir Kuroyedov fired two senior submarine officers, and 10 other officers and admirals were penalized for negligence. Obviously, to have disgruntled individuals handling nuclear submarines could be a recipe for disaster. (Jonkers)
(San Francisco Chronicle, June 25, 2001, page 9, // R. Working and N. Chernyakova)


SECTION III - CYBER INTELLIGENCE

NATIONAL INFRASTRUCTURE PROTECTION CENTER (NIPC) ADVISORY (01-015) "Ida Code Worm" -- Internet backbone providers have notified the NIPC they are witnessing large-scale victimized web servers scanning for Microsoft Internet Information Server (IIS) vulnerabilities. The activity of Ida Code Redworm has the potential to degrade services running on the Internet. Any web server running the Microsoft IIS versions 4.0 or 5.0 that is not patched is susceptible to a "Buffer Overflow". The NIPC is strongly urging consumers running these versions of IIS 4.0/5.0 to check their systems and install the patch. Additional information at http://nipc.gov/warnings/advisories/2001/01-013.htmlhttp://cert.org/advisori
    The Microsoft bulletin describing this vulnerability and its patch to fix the problem may be found at: http://www.microsoft.com/technet/security/bulletin/MS01-033.asp   Microsoft strongly recommends that all web server administrators mitigate this vulnerability immediately by applying the patch. Based on the life cycle of such vulnerabilities, system administrators can expect to see an increase in new exploits targeting this service.
    Recipients of this advisory are encouraged to report computer crime. Incidents may be reported online at http://www.NIPC.gov/incident/cirr.htm The NIPC Watch and Warning Unit can be reached at (202) 323-3204/3205/3206 or NIPC.Watch@fbi.gov. (FBI ANSIR, G. Harter)

CODE RED WORM PROGRESS -- Called ``Code Red Worm,'' the bug has infested the Web servers of mostly large businesses and organizations that use Microsoft Windows NT 4.0 and Windows 2000, leading to the defacement of Web sites hosted by the tainted computers. The malicious computer bug came within minutes of crippling the White House Web site late Thursday. The Defense Department now has blocked public access to its Web sites. So far, the worm has replicated itself onto at least 250,000 computer systems.(Levine 23 Jul 01)
http://www.siliconvalley.com/docs/news/depth/coderd072101.htm
http://www.msnbc.com/news/603086.asp
http://www.gcn.com/vol1_no1/news/4708-1.html
http://www.newsbytes.com/news/01/168238.html

MICROSOFT DISPUTES THREATS TO NUCLEAR SECURITY -- Microsoft and the U.S. Department of Energy are disputing claims that bugs in Microsoft's database software threatened nuclear security in the U.S. and Russia. Earlier this month, Bruce Blair, president of the Center for Defense Information, a non-profit military research organization based in Washington, wrote a column asserting that Russian nuclear scientists found a bug in Microsoft's SQL Server database software last year that not only threatened the security of Russia's nuclear weapons materials, but potentially U.S. nuclear materials as well. Microsoft executives and U.S. Department of Energy representatives scoff at the charge, saying Blair is overblowing the issue. Microsoft and Energy representatives say the two bugs were never a threat, that no data was ever lost, and the issues that Russia had with the software have been resolved. (Levine Newsbits 23 Jul)
http://www.zdnet.com/zdnn/stories/news/0,4586,5094508,00.html


SECTION IV - BOOKS AND SOURCES

PATTERNS OF GLOBAL TERRORISM 2000, U.S. Department of State (Publication 10822), April 2001. US policy is described succinctly: (1) Make no concession to terrorists and strike no deals; (2) bring terrorists to justice for their crimes, (3) isolate and apply pressure on states that sponsor terrorism to force them to change their behavior, and (4) bolster the counter-terrorist capabilities of those countries that work with the US and require assistance.
    The scope of terrorism: 19 US citizens were killed in 2000, seventeen of whom were part of the crew of the USS Cole. The other two died in conflicts in East Timor and in Sierra Leone. For the US, the billions spent on anti-terrorist intelligence and actions appear to be paying off -- or the threat is way overblown. The recent arrests of would-be attackers of targets within the US points to the first conclusion.
    The number of anti-US attacks increased from 169 in '99 to 200 in 2000 -- but only because there were 152 attacks against a pipeline in Colombia, considered a US target. International incidents numbered 423, killing 405 persons, mostly in Africa and Asia (354).
    This publication, recently available, is an outstanding source document on the topic, with a country-by-country rundown of incidents, and useful appendices listing incidents chronologically, describing terrorist groups throughout the world, and providing excellent statistics as far back as 1981 as well as geographic displays. Highly recommended. (Jonkers)

MI5 WORLD WAR II HISTORICAL DOCUMENTS. This is the seventh and largest Security Service release, consisting of approximately 200 files, bringing the total number of MI5 records in the Public Record Office to 919. As with previous releases, the bulk of records are personal files, relating to agents, double agents, intelligence officers and renegades, or those under suspicion of being so, the large proportion of which relate to Germany during the period 1939-45. (Macartney)
http://www.pro.gov.uk/releases/july2001/secser1.htm

WHEN SECRET PLANES CRASH, FROM THE U-2 TO F-117. Writing in Air Force magazine, Jeffrey Richelson discusses how the govt has handled questions when secret aircraft have crashed.
http://www.afa.org/magazine/July2001/0701secrets.html


WINs are covered by copyright laws. WINs may be reproduced with permission of the Producer (afio@afio.com) or in single instances for purposes of membership recruitment. Opinions expressed are those of the authors and editors.

Check the AFIO Website for up-to-date event information and announcements of coming events. (www.afio.com)

Sign up for the AFIO luncheon at Fort Myer, Virginia, on 21 August, featuring Nigel West and Dr. William Anderson. Check the Website or contact afio@afio.com.




For comments, contact the editor Roy Jonkers at  afio@afio.com 
For back issues of the WIN, check the AFIO Website  www.afio.com 
For AFIO Website requests/comments, contact   afio@afio.com   

Back to Top

About AFIO | Chapters & Chapter Activities | Membership | Corporate | Weekly Intelligence Notes | Event Schedule | Bulletin Board | Legislative | Careers | Donations | Book Reviews | Search | AFIO Store | Academic Exchange | Other Intel Sites | Home Page

AFIO Central Office
6723 Whittier Avenue, Suite 303A
McLean, Virginia 22101-4533
Telephone: 703 790 0320 | Facsimile: 703 790 0264
Email: afio@afio.com