Weekly Intelligence Notes #09-02
4 March 2002

WIN 09-02 dtd 4 March 2002

Weekly Intelligence Notes (WINs) are produced and edited by Roy Jonkers for non-profit educational uses by AFIO members, ISIS associates and WIN subscribers. RADM (ret) Don Harvey contributes articles to selected WINs.

AFIO members in Washington DC area – see Quarterly Luncheon announcement for Tuesday 16 April .(Section V)


[HTML version recipients - Click title to jump to story or section, Click Article Title to return to Contents] [This feature does not work for Plaintext Edition recipients.  If you wish to change to HTML format, let us know at afio@afio.com. If you use AOL, you would need AOL version 6.0 or higher to receive HTML messages.] 

SECTION I - Current Intelligence

                Helgerson to be CIA Inspector General

                Georgia - Chechnya SITREP

SECTION II - Context and Precedence

                New National Alert System

                Russian Nuclear Security Report

                KGB Operations in Afghanistan 1978 - 1983

SECTION III - Cyber Intelligence

                Clock Is Ticking on KLEZ Worm Time Bomb

                Malicious Code Infections Soar

                Internet Laws

                Riding the Disinformation Super Highway

SECTION IV - Books and Sources

                KGB Lexicon - by Mitrokhin

SECTION V - Letters and Announcements

                AFIO National Luncheon - Tuesday, 16 April 02

                AFIO Business Intelligence Symposium Thursday, 16 May 02

                Employment Opportunity - Terrorism Threat Analysts


HELGERSON TO BE CIA INSPECTOR GENERAL -- CIA Director George Tenet announced on 27 February 2002 that President Bush had announced his intention to nominate John L. Helgerson to be the statutory Inspector General (IG) for the CIA. The CIA inspector general conducts inspections of different components of the agency to identify strengths and shortcomings, as well as financial audits. If confirmed by the Senate, Helgerson would fill the vacancy left by former CIA Inspector General Britt Snider, who retired in January 2001.

 While inspector general, Snider conducted reviews into the CIA's handling of the computer mis-use scandal involving former CIA Director John Deutch, who placed classified material onto non-secure home computers, and into the CIA picking a target for the NATO bombing campaign on Yugoslavia that mistakenly turned out to be the Chinese Embassy. Snider was recently appointed to lead a Congressional investigation into CIA and Intelligence Community missions, successes and failures, focusing on the failure of the Intelligence Community to infiltrate or detect the preparations of the minuscule sleeper cell of properly documented foreign nationals to attack the World Trade Center on September 11th.

 The incumbent IG, John Helgerson, 58, had a lengthy tenure with the CIA, joining in 1971 and serving from 1989 to 1993 as its Deputy Director for Intelligence (DDI). Helgerson currently is Chairman of the National Intelligence Council, which operates like a government think tank for intelligence issues, producing classified assessments on topics ranging from missile threats to terrorism. He joined the National Intelligence Council in August upon leaving his post of Deputy Director of the National Imagery and Mapping Agency (NIMA). Said Director Tenet, "John's breadth and depth of experience at CIA and throughout the intelligence community -- as well as his sense of fairness and his absolute integrity -- make him eminently qualified for this demanding and extraordinarily important position." (Jonkers) (CIA 28 Feb02 </cia/public_affairs/press_release/index.html> )(Reuters 27 Feb02)

GEORGIA - CHECHNYA SITREP -- Another flash point in the global war on terrorism could be the Pankisi Gorge, a lawless area in Georgia that abuts the state of Chechnya of the Russian Federation. Early this month, the US charg� d'affaires in Georgia, Philip Remler, told a local newspaper that dozens of Arab terrorists "connected with bin Laden" are holed up in the gorge. According to Russian security officials, there are between 600 and 1,500 hard-core foreign fighters in Chechnya, funded and armed by Al Qaeda and other groups through the same shadowy channels that prepared the Sept. 11 attacks on the United States. Before Russian forces invaded and occupied Chechnya in 1999, there were 15 terror-training camps in Chechnya, using the same instructors and textbooks that US forces have found in Al Qaeda camps in Afghanistan. "We are talking about an international network that shares the same sources of funding, political support, weapons, training, and ideology, operating in Chechnya, Afghanistan, and many other places," says Sergei Ignatchenko, spokesman of Russia's FSB security service, the domestic successor of the Soviet KGB, which oversees Moscow's counterinsurgency operation in Chechnya. "These are not nationalists or independence-seekers. They are disciplined international terrorists, united by a single aim: to seize power and bring in a new world order based on sharia [Islamic] law."

 Among items Ignatchenko is willing to share with journalists is a tape recording of recently intercepted satellite phone conversations - in Arabic - between al-Khattab (Arab-born Chechen warlord) and Chechen rebel operatives working in Saudi Arabia and other Arab countries. A Russian-language transcript provided by the FSB shows al-Khattab concerned with moving funds from unidentified sources into Chechnya, acquiring better radio equipment for his forces, and evacuating wounded fighters for medical treatment in Saudi Arabia. The transcript also reveals al-Khattab's fears about using his satellite phone - an understandable concern, given Mr. Dudayev's fate (he was killed by a Russian missile homing in on the source of the transmission). .

 The FSB also asserts that "hundreds" of battle-hardened Chechens served with Taliban and Al Qaeda forces in Afghanistan, as instructors in the terror training camps and as fighters. "Chechens were in great demand because they are some of the best experts in mine warfare," says Ignatchenko. Last week Russian Defense Minister Sergei Ivanov said of the Pankisi Gorge: "On the one hand it is, of course, sovereign Georgia's business. On the other, must we really sit and wait to see how tensions mount there and how this region is turning into a mini-Chechyna or mini-Afghanistan?"

 Georgian President Eduard Shevardnadze has asked Washington to step up American security assistance to his country. Increased US assistance, including special operations personnel training, has been arranged. (Jonkers) (CSciMon 26Feb p.1 //F. Weir)


NEW NATIONAL ALERT SYSTEM -- Homeland Security Director Tom Ridge has announced that the  federal government is close to completing a national alert system designed to allow authorities to disseminate information on terrorist threats to state and local officials quickly and efficiently. The government is "a couple of weeks away" from the presentation of a alert system that is based in part on systems in Indiana and New York, Ridge told the National Governors Association (NGA) recently. Since the Sept. 11 terrorist attacks, state and local officials have complained that the federal government is slow to share sensitive information with them or give them access to certain databases. "We are working toward an intelligence-sharing system and a protocol to keep our governors involved," Ridge said. The system will need governors' consent. (L. Sulc) (National Journal Technology Daily 3 Mar02 //L. Porteus)
http://www.govexec.com/dailyfed/0202/022502td2.htm  (courtesy Watreborne@aol.com )

RUSSIAN NUCLEAR SECURITY REPORT -- The annual report from the National Intelligence Council (NIC), required by Congress, indicates that the Russians seem to be doing all right in protecting their nuclear weapons from an outside threat, but their security measures "are not designed to counter the pre-eminent threat faced today--an insider who attempts unauthorized actions." After the Russians realized the threat of insider problems, they have instituted psychological, lie detector, and drug and alcohol tests using equipment provided by the United States. The NIC believes the threat most feared by the US in the past, an unauthorized launch or accidental use of a nuclear weapon, is highly unlikely.

 The situation with facilities housing weapons-grade and weapons-usable nuclear material -- uranium enriched with uranium-235 and certain types of plutonium -- is not as reassuring since these facilities typically receive low funding, lack trained security personnel, and do not have sufficient equipment for securely storing such materials. Undetected smuggling of stolen weapons-usable or weapons-grade material has occurred, but the extent or magnitude of the thefts is unknown. In one 1998 incident, a Russian nuclear control officer said the amount stolen was "quite sufficient material to produce an atomic bomb." In general, the outsider reading the report might conclude that Russia's nuclear security situation is slowly improving but has quite a way to go. Since Russia has announced plans to more than double its capacity to generate nuclear power over the next 20 years with enhanced security features, the number of possible targets for terrorist attacks or insider thefts will increase despite the planned increased security measures. (Harvey) (NIC "Annual Report to Congress on the Safety and Security of Russian Nuclear Facilities and Military Forces" of February 2002, NIO for Strategic and Nuclear Programs /// Wash Post 27 Feb '02, p. 15 /// W. Pincus)

KGB OPERATIONS IN AFGHANISTAN 1978 – 1983 -- In February, the former KGB archivist Vasili Mitrokhin released a 178-page paper quoting KGB messages and files describing the Soviet Union's campaign of bribery, sabotage, assassination and deception in Afghanistan between 1978 and 1983. Mitrovkin smuggled out handwritten notes he had made and saved based on his readings in the KGB archives, describing roughly 300,000 documents. His recently released paper was originally drafted in secret in 1987, translated and edited by scholars with the Woodrow Wilson Center in Washington.

 The summary of the Mitrovkin writings in the Washington Post recently notes that Afghanistan's unfinished 24-year war has been "shaped" by the rival activities of the KGB, the CIA, Pakistan's Inter-Services Intelligence Directorate, Saudi Arabia's General Intelligence Department, and the multiple clandestine services of Iran. It is probable that smaller national intelligence agencies played a role in Afghanistan from time to time as well. The outside agencies bought (or rented) the several Afghan tribes and factions with money and weapons, trained guerrilla troops, manipulated political affairs and fashioned propaganda campaigns.

 (1) The KGB operated from a Kabul "Residency" and through numerous ad-hoc training, sabotage and small-unit paramilitary missions. An overly simplified summary of the KGB activities during this period as depicted in KGB documents includes:

 (2) The KGB spent enormous sums to rapidly build up indigenous Afghan communist intelligence services. Trained and funded by the KGB, the main Afghan security service, the KHAD, grew from 700 in 1980 to over 16,000 by 1982 and became feared and hated for its use of torture and assassination.

 (3) The 8th Department of the KGB foreign division's "Directorate S" in Afghanistan, according to Mitrovkin's writings, "engaged in what is known in the criminal jargon as wet jobs, i.e., murder, sabotage, arson, explosions, poisoning, mechanical breakdowns and terrorism."

 (4) KGB "Cascade" units, consisting of about 150 men, were given "broad powers" to engage in sabotage, agent recruiting, coopting Afghan tribes through bribery, and disrupting the operations of the CIA-backed mujaheddin

 (5) Scores of Soviet-trained Afghan guerrilla units posed as CIA-supported, anti-Soviet mujaheddin rebels, to create confusion and flush out genuine rebels to be counterattacked. In January 1983, 86 armed, KGB-trained "false bands" provoked clashes between genuine rebel groups and falsely surrendered to the Kabul government when necessary. A significant number of clashes between mujaheddin groups apparently were carried out deliberately by paid KGB agents.

 (6) A KGB training camp in Afghanistan trained Afghan agents to run sabotage and other operations in the refugee camps that were then filling with Afghan civilians--as well as anti-Soviet rebel fighters--in Pakistan and Iran. Knowing the Pakistan intelligence services, backed by the CIA, were training and arming anti-Soviet guerrillas, the KGB worked to infiltrate and disrupt this activity with secret cross-border operations, some violent.

 (7) Mitrokhin documents Soviet efforts to destabilize Pakistan, using the KHAD to supply arms to dissidents in Baluchistan and Sind who opposed Islamabad. The KGB and the KHAD worked with a Pakistani leftist terrorist to organize and supervise the successful hijacking of a Pakistani civilian airliner in 1981.

 (8) According to the reporting Mitrokhin read, KGB-trained agents substantially penetrated CIA-backed mujaheddin groups, their training camps and their headquarters. According to the reports submitted to Moscow, some of the communist agents operated at least occasionally inside the headquarters of the seven major anti-Soviet mujaheddin parties and worked to sow dissent among the Afghan leaders. KGB -trained agents are notorious for exaggerating their achievements in reporting to the headquarters -- that said, the KHAD also claimed to the KGB that it had placed more than 200 Afghan agents and trainees inside Pakistan. It also claimed 110 agents inside Iran.

 (9) The KGB Residency in Kabul spent much of the Soviet war (bear in mind Mitrovkin retired in 1984 while the Soviet troops withdrew in 1989) complaining about how lazy, faction-ridden, and unreliable its Afghan communist clients had become. It candidly reported to Moscow about how badly the war was going, how little of the country communist forces controlled, and how badly the Kabul government had failed to earn the Afghan hearts and minds. Even the summary chronicle of the KGB machinations in the lives of the Afghan people illustrates how riven Afghanistan was in the 1980s with conspiracy, deception and confusion, obviously providing an underlay for the fractured civil war of the 1990s that enabled the advent and success of the Taliban and its penetration by Osama bin Laden's secret brotherhood.

 (Harvey) ( Washington Post 24 Feb '02, p. B 01 // S. Coll)


CLOCK IS TICKING ON KLEZ WORM TIME BOMB -- a new version of an old worm is set to trigger its destructive payload on March 6. Klez.E (w32.Klez.E@mm) is sometimes called the Twin Virus because the worm is used to spread an upgraded version of the ElKern virus (w32.elkern.b). The new version can now infect Windows 98, Me, 2000, and XP, attempting to corrupt files on these systems without changing their sizes. Klez.E is currently one of the fastest spreading worms on the Internet. (Levine 5 Mar 02)

MALICIOUS CODE INFECTIONS SOAR -- Despite increased spending, the rate of malicious code infection continues to climb. A staggering 1.2 million incidents took place over a period of just 20 months, according to a new study. The number works out to roughly 113 attacks per 1,000 machines per month, said ICSA Labs, a division of web security specialist TruSecure. In addition, 28 per cent of companies were hit with a virus 'disaster', defined as an attack which affects 25 or more servers or PCs.
http://www.vnunet.com/News/1129690  (Levine)

INTERNET LAWS -- Is the Internet a physical space bound by the laws of its various locales, or does it transcend the mere physical, putting it beyond the reach of any one country's regulations? That's essentially the question U.S. District Court Judge Ronald Whyte will answer when he decides on a defense motion to dismiss U.S. v. Elcomsoft, the case that began last July with the arrest of the Russian programmer Dmitri Sklyarov. (Levine) http://www.wired.com/news/politics/0,1283,50832,00.html

RIDING THE DISINFORMATION SUPER HIGHWAY -- Dubbed the information superhighway in its infancy, the Internet has in many ways fulfilled its early promise of providing unprecedented access to information and communication. But with all its shady characters and dangerous alleys, the Net might just as well have been called the disinformation superhighway. According to experts, today's users often can spot scams and outright lies by using the Web to find multiple sources of information and perspectives. However, the cons and creeps of the cyber world have mastered the same powerful tool, and they use it skillfully to propagate schemes and spread misinformation.



KGB LEXICON: The Soviet Intelligence Officer's Handbook, by Vasily Mitrokhin (ed), Frank Cass Publishers, Oregon (cass@isbs.com>), February 2002, Index (in Russian and in English) ISBN 07146 5257 (cloth)

This is, as the title states, a Soviet counterintelligence dictionary containing phrases and words, mostly commonplace. But there are some gems that tell a story of KGB intelligence and counterintelligence operations, some universal, some different. The Russian word is provided, with English translation, and then the explanation. You will find such words as "Mousetrap Premises" explained - residences used by the Soviet CI to ensnare enemy intelligence agents and other targeted individuals. Or a term for "Personal Qualities of an Agent" referring to a compilation of physical and professional and psychological characteristics. Or "Counterintelligence Measures," and "Active Measures," both relating to actions, one to achieve a tactical objective, the other to penetrate the enemy's thinking. There are also page-long descriptions of the OGPU, NKVD and the NKGB, and programs such as SMERSH, the "death to spies" program created in 1943.

Comrade Mithrokhin was a KGB archivist. He was also a Soviet equivalent of Robert Hanssen, one of our many moles within the Soviet intelligence and other structures. He copied KGB files for decades, defected to the West, and has mined the motherlode ever since it was released by the Intelligence agencies in Great Britain, where he lives now. The KGB Lexicon is easy to read, useful for researchers, historians, authors, students of intelligence. (Jonkers)



*** TUESDAY, 16 APRIL 2002 ***

Lt Gen James R. Clapper, USAF (Ret), Director of NIMA
speaking from 11:30 to 12:30 on
The Current Role and Future Direction of NIMA in the War on Terrorism

Jeffrey T. Richelson, speaking from 1:30 - 2:30 on
CIA's Science and Technology: Past, Present and Future

[Richelson is author of the best-seller, The Wizards of Langley: Inside the CIA's Directorate of Science and Technology]

TIME:  Registration starts at 11:00 a.m..; CASH Bar 1100 - 1130; LUNCH 1230 - 1330

RESERVE / PAY:  Credit Card [Visa, MC, or AMEX] Reservations to AFIO at afio@afio.com or via fax at 703 991-1278
Indicate names of guests, if any, for badges.  Provide full number, expiration date, and billing address.
Reservations and Payment may be phoned in to 703 790-0320.  Or mailed to AFIO, 6723 Whittier Ave #303A, McLean, VA 22101.
$27.00 for Members and Guests Seating Limited to 300 -- No Payment at Door

WHERE:  At Holiday Inn - Tyson's Corner Virginia


When: Thursday 16 May 02
Where: The Holiday Inn, Tyson's Corner 
(Rte 123 & Rte 7), McLean Virginia. 
Speakers from the White House, Department of Justice, FBI, CIA and Congress
have been invited, along with practicing professionals. 
Theme: The Impact of Terrorism on Business 
covering homeland and worldwide security, intelligence methods and counterintelligence practices
relevant to business and professional enterprises.
This one-day executive symposium is the fourth of an outstanding series of AFIO Business Intelligence conferences produced by two eminent AFIO Board members, Tom Spencer, Esq. , Chairman, assisted by Ted Shackley (CIA ret) , assuring the highest quality agenda and venue. It will be an exceptional opportunity for obtaining hard-hitting substantive information, legal and policy directions, professional contacts and useful networking.
To Register by e-mail: afio@afio.com - provide name, title, organization, address, phone and e-mail contact numbers. 
To Pay: You may charge the registration fee
to your VISA, MasterCard or American Express card via e-mail to afio@afio.com
or fax (703 790 0264).
Alternatively you may register by MAIL and enclose your check. Address: AFIO/Symposium, 6723 Whittier Avenue, Ste 303A, McLean, VA 22101-4533.
Registration fee, including lunch and parking, is $225.
An early discount of $50 to this fee is applicable to registrations received before 30 March 02.
A special discount rate of $135 is applicable to AFIO members (individual and corporate) and their guests, to professors and students, and to members of collegial intelligence professional organizations (SCIP, OPS, NIP, NMIA).
Early registration is recommended to avoid disappointment.

EMPLOYMENT OPPORTUNITY -- TERRORISM THREAT ANALYSTS -- for Southern Command (USSOUTHCOM) - needed are 4 - 7 experienced intelligence analysts. For more information contact Jack Massengale, tel. (202) 347 3100, fax (202) 347 3811, or by email fedservice@yahoo.com  (RJ)

WINs are protected by copyright laws and intellectual property laws, and may not be reproduced or re-sent without specific permission from the Producer. Opinions expressed in the WINs are solely those of the editor(s) or author(s) listed with each article.

AFIO Members -- Support the AFIO Mission – sponsor new members!

CHECK THE AFIO WEBSITE AT www.afio.com for back issues of the WINs, information about AFIO, conference agenda and registrations materials, and membership applications -- and much more!

For comments, contact the editor Roy Jonkers at� afio@afio.com
For back issues of the WIN, check the AFIO Website� www.afio.com
For AFIO Website�requests/comments, contact Webmaster at afio@afio.com

Back to Top

About AFIO | Chapters & Chapter Activities | Membership | Corporate | Weekly Intelligence Notes | Event Schedule | Bulletin Board | Legislative | Careers | Donations | Book Reviews | Search | AFIO Store | Other Sites | Home Page

AFIO Central Office
6723 Whittier Avenue, Suite 303A
McLean, Virginia 22101-4533
Telephone: 703 790 0320 | Facsimile: 703 991 1278
Email: afio@afio.com