Weekly Intelligence Notes #05-03
4 February 2003

WIN 05-03 dtd 4 Feb 03

Weekly Intelligence Notes (WINs) are produced and edited by Roy Jonkers for non-profit educational uses by AFIO members and WIN subscribers. RADM (ret) Don Harvey contributes articles to selected WINs.

CONTENTS of this WIN

[HTML version recipients - Click title to jump to story or section, Click Article Title to return to Contents] [This feature does not work for Plaintext Edition recipients. If you wish to change to HTML format, let us know at afio@afio.com. If you use AOL, you would need AOL version 6.0 or higher to receive HTML messages, and have that feature turned on. The feature also does not work for those who access their mail using webmail.]

SECTION I - Current Intelligence

            New Terrorist Analysis Center

            North Korea Intelligence

            Transportation Intelligence

SECTION II - Context and Precedence

            Bin Laden Used Deception to Escape

            Psychological Warfare Targets Iraq

            Kosovo Violence

SECTION III - Cyber Intelligence

            Cyber Security Chief Resigns

            FBI NIPC Warning - Worm Targets SQL Vulnerability

            Lock and Key Vulnerability

SECTION IV - Books and Sources

            Anticipating Surprise - Analysis for Strategic Warning

            No Room For Error - Covert Ops of America's Special Tactics Units

_____________________________

SECTION I - CURRENT INTELLIGENCE

NEW TERRORIST ANALYSIS CENTER -- President Bush announced on 28 January the creation of a new 'data-mining' Terrorist Threat Integration Center,  to close the "seam" between analysis of foreign and domestic intelligence on terrorism. The plan calls for cross-agency integration of terrorist-related information, collected both domestically and abroad, in order to form the "most comprehensive possible threat picture." The center will play the lead role in overseeing shared databases and for maintaining an up-to-date database of known and suspected terrorists that will be accessible to federal and non-federal officials and entities.

            The center is to function under CIA direction, and will be composed primarily from elements of the Department of Homeland Security, the FBI's Counter-Terrorism Division, the CIA's Counter-terrorist Center, and the Department of Defense. It will be headed by a senior U.S. government official who will be appointed by, and report to, DCI George Tenet, with input from FBI Director Robert Mueller, Attorney General John Ashcroft, Secretary of Defense Donald Rumsfield and Secretary of Homeland Defense Thomas Ridge. The White House called the creation of the Terrorist Threat Integration Center as the "next phase in the dramatic enhancement of the government's counterterrorism effort." 

            The media focus is on controversy - CIA wins, FBI loses, Homeland Security Dept. left at the gate, etc. Civil libertarians fear the trend of combining and equalizing foreign and domestic collection. Funding for the project was not mentioned, but creation of the center apparently will not require approval from Congress. How all this will fit together organizationally appears at this writing to be another bureaucratic Washington Work of Wonder. One scratches one's head, and hopes for the best. (Jonkers) (( White House fact sheet) (WashPost 30Jan03, p.9 //D. Eggen & J. Mintz) (NYT 29 Jan 03) (http://www.nytimes.com/2003/01/29/politics/29TERR.html)
(Cong.Quarterly - Homeland Security, 29 Jan 03//J. McGee) ( http://homeland.cq.com )

NORTH KOREA INTELLIGENCE -- Throughout January, US reconnaissance satellites have provided imagery and other data, and intelligence analysts have reported, extensive truck traffic and other activity at the Yongbyon nuclear complex in North Korea. The trucks may be moving the stockpile of 8,000 nuclear fuel rods to a reprocessing plant to convert them into bomb-grade plutonium, possibly as early as March. If the reprocessing goes smoothly, North Korea could produce about one bomb's worth of plutonium a month. The North Koreans made no real effort to hide their activity.             The North Korean nuclear weapons program could be set back for years with a precision strike on the reprocessing plant. Plans for a strike against the complex were developed during the Clinton administration in case diplomacy failed in the 1994 nuclear crisis. Such a strike is risky as North Korea could retaliate against South Korea or Tokyo, and also might not be decisive because North Korea has now admitted to a second nuclear program, involving enriched uranium, widely dispersed and hidden.

            Defense Secretary Donald H. Rumsfeld is reported to be immersed in the crisis. He is said to be pressing his senior military advisers not only on the options for using force pre-emptively, but on the readiness of American forces to wage a second conflict on the Korean Peninsula, if needed. Undoubtedly Intelligence targeting and weaponeering specialists must be highly stressed preparing for two war contingencies, each potentially with options to employ the full range of US weapons of mass destruction.

            North Korea is interpreting American behavior (the axis of evil etc) as threatening war and invasion. The communist party's internal control is reportedly under great stress. Desperation may breed desperate measures. The US has made public pledges to use diplomacy. It may be observed that War against Iraq is akin to squashing an ant, while War with North Korea is more like handling a scorpion. A high-stakes poker game is underway. The winners and losers are predetermined, but the costs are not. (Jonkers) (NYTImes 31Jan03 //D. Sanger & E. Schmitt) (http://www.nytimes.com/2003/01/31/international/asia/31KORE.html)

TRANSPORTATION INTELLIGENCE -- Beginning Feb. 1, sea carriers are required to provide specific details of the contents of containers being shipped to this country 24 hours before they are loaded onto vessels at foreign ports. This program addresses an immense security problem. Globally, nearly 48 million full cargo containers move annually between major seaports. Each year, more than 16 million of them arrive in this country by ship, truck and rail. Under a program known as the Container Security Initiative (CSI), the Customs Service will partner with foreign governments to target and screen high-risk containers for nuclear and radiological materials before they are shipped to U.S. ports. Those overseas companies that fail to provide accurate information concerning the content of containers bound for the United States 24 hours before loading could be barred from unloading cargo containers at a U.S. port and could be fined.

            The CSI program consists of four core elements: (1) automated information to identify and target high-risk containers; (2) prescreening containers identified as high-risk before they arrive at U.S. ports; (3) using detection technology to quickly prescreen high-risk containers; and (4) using smarter, tamper-proof containers. The targeting aspect of CSI involves the use of technology to identify high-risk containers, those that may contain terrorist weapons or even terrorists themselves. A risk assessment can be made in a just a few seconds. More than 5,000 personal radiation detectors have been given to Customs personnel to provide coverage at every port of entry into the United States and the agency has deployed more than 200 X-ray van-mounted radiation-detection units, which can detect radiation in small packages passed through the X-ray van. The Customs Service screening program has become a necessary and important part of President Bush's national strategy for homeland security. (Jonkers) (Wash Times, 16 Jan 03, p. 8 //J. Seper)

SECTION II - CONTEXT AND PRECEDENT

BIN LADEN USED DECEPTION TO ESCAPE -- With U.S. forces closing in on him during the battle of Tora Bora in late 2001, Osama bin Laden employed a simple feint against U.S. intelligence technology to vanish into the mountains that led to Pakistan and sanctuary. A Moroccan named Tabarak, who was one of bin Laden's longtime bodyguards, took possession of Osama's satellite phone, on the assumption that U.S. intelligence agencies were monitoring it to get a fix on their position. Tabarak then moved away from bin Laden and his entourage as they fled. He continued to use the phone in an effort to divert the Americans and allow bin Laden to escape. In the Tora Bora battle, U.S. B-52 bombers and attack helicopters, together with pro-Western Afghans and U.S. Special Forces troops, assaulted the high-altitude cave complexes where al Qaeda fighters had fled in November 2001, and where Osama was believed to be located. By some accounts, Osama's voice was heard on an intercepted radio transmission there.

            Tabarak was captured at Tora Bora. U.S. officials at first didn't realize exactly who they had, despite Tabarak's possession of the satellite phone. Unlike other captured senior officials, who were taken to secret locations, he was sent to Guantanamo Bay. His mug shot then was sent to cooperating intelligence agencies around the world, and the Moroccans immediately identified him
        More than a year later, Tabarak, 43, also known as Abu Omar, has established himself as the "emir" or camp leader of the more than 600 suspected al Qaeda and Taliban members, including 18 Moroccans, being held at the Guantanamo military prison. Tabarak's dedication to his cause has continued. He has steadfastly refused to cooperate with the U.S. interrogators, insisting as he did at the time of his capture that he is a textile trader who was in the wrong place at the wrong time. "He's very solid," said the official, noting that despite his somewhat frail physique, Tabarak is disciplined and tough-minded. He is respected even more because he helped bin Laden escape. The ploy involving the satellite phone is widely known and celebrated among the prisoners. It was a simple but successful deception. (Jonkers) (WashPost 21 Jan03, p.1 // P. Finn)

PSYCHOLOGICAL WARFARE TARGETS IRAQ  -- The media is reportings that the US intends to shatter Iraq "physically, emotionally and psychologically" by raining down on its people as many as 800 cruise missiles in two days. The alleged battle plan aims not only to crush Iraqi troops, cripple the civic infrastructure, but also to wipe out power and water supplies in the capital, Baghdad. It is reportedly based on a strategy known as "Shock and Awe", conceived at the National Defense University in Washington, in which between 300 and 400 cruise missiles would fall on Iraq each day for two consecutive days -- more than twice the number of missiles launched during the entire 40 days of the 1991 Gulf War. "There will not be a safe place in Baghdad," a Pentagon official told America's CBS News after a briefing on the plan. "The sheer size of this has never been seen before, never been contemplated before."

            Taken together with US aircraft dropping leaflets warning Iraqi soldiers not to employ chemical or biological munitions against US forces or face persecution, and broadcasts to Iraqi television receivers from Commando Solo special operations aircraft, the pressure on Iraq's ruling groups is increasing. From the perspective of their ruling groups, their alternatives are grim -- if they fight, it is combat between the ant against the elephant -- they will be squashed in a no-win war. If they overthrow Saddam and surrender, there will be occupation, humiliation, persecution ( promised trials for the Baath party leadership) and installation of a government responsive to the US. There is a reasonable chance that in the end the second route will be taken. (Jonkers) (Sun Herald, 26 Jan 03 //A. West)

KOSOVO VIOLENCE -- The Kosovo assembly held an emergency session to address the worsening security situation in the wake of the killing of a leading ally of Kosovo President Rugova earlier this month. Rugova's party, the Democratic League of Kosovo, LDK, declared that it finally had enough of the long-standing campaign of violence against its members and representatives. The culprits are the KLA Stalinist gangsters, who again seek to gain power in Kosovo through terrorism. This is a continuation of the earlier KLA terrorism conducted over a decade ago against Yugoslav federal government authorities, a terrorism the previous US Administration (and key European states) embraced and supported. This eventually resulted in a US ultimatum against Yugoslavia impossible to accept (required national surrender), followed by a US air campaign (which some regard as the US form of terrorism, antiseptically from the air, far from the blood and gore of the victims on the ground), breaking the civic structure and power of the federal Yugoslav government (arguable also not an admirable group). Intelligence had accurately classified the KLA as terrorists, but then had to respond to our national policymakers by supporting the war against the Yugoslav federal government and embracing the KLA. Our Special Operations forces in Kosovo became KLA buddies. Our shallow Balkan policy shattering a federal state in favor of little rump states, and supporting regional terrorists, is coming home to roost, with violence, unrest and instability in Kosovo, Macedonia and Bosnia. Our support for KLA terrorists is forgotten and our intelligence priorities now lie elsewhere. (Jonkers) (IWPR 24 Jan 03) (Pearson Peacekeeping Centre 27 Jan 03)

SECTION III - CYBER INTELLIGENCE

CYBER SECURITY CHIEF RESIGNS -- Richard A. Clarke, the top cyber-security adviser to President Bush, is confirming plans to resign from the White House. In parting he raised an ominous warning about the destructive effects of future attacks on the Internet. In an e-mail sent overnight Thursday to colleagues, he cited damage from the weekend's infection that struck hundreds of thousands of computers worldwide (see below), slowing e-mail and Web surfing and even shutting down some banking systems. He called the attacking software "a dumb worm that was easily and cheaply made." Clark wrote that "More sophisticated attacks against known vulnerabilities in cyberspace could be devastating . . . As long as we have vulnerabilities in cyberspace and as long as America has enemies, we are at risk of the two coming together to severely damage our great country." Clarke has focused recently on preventing disruptions to important computer networks from Internet attacks, compiling recommendations to improve security into a "National Strategy to Secure Cyberspace." In his e-mail, Clarke urged companies and government agencies to adopt these recommendations. (Jonkers) (AP 31 Jan 03 // T. Bridis)

FBI NIPC WARNING - WORM TARGETS SQL VULNERABILITY -- A self-propagating malicious code exploits multiple vulnerabilities in the Resolution Service of Microsoft SQL. This worm activity appears to have caused various levels of network degradation across the Internet. In addition to the compromise of vulnerable machines, the apparent effects of this fast-spreading, virus-like infection has overwhelmed the world's digital pipelines and interfered with Web browsing and delivery of e-mail. As of 27 January, "Slammer" continued to affect un-patched systems and networks. Properly patched home computers are unlikely to be vulnerable to the worm, but may experience delays or "timeouts".(NIPC Advisory 03-001.1, 27 Jan 03)*(WashPost 29 Jan 03, p. A1) (http://www.microsoft.com/security/slammer.asp)
(http://www.microsoft.com/technet/security/bulletin/MS02-039.asp)(http://www.microsoft.com/technet/security/virus/alerts/slammer.asp)(http://www.nipc.gov/warnings/warnings.htm).

LOCK AND KEY VULNERABILITY -- Applying the methods of cryptanalysis, a software security expert discovered a vulnerability in real-world locks and keys that lets someone create a copy of the master key for an entire building by starting with any key from the building. Find a key to any office or room, and re-create the master key that will open all doors. The details of the discovery will be published, and once on the Internet, will be useful worldwide to criminals, and by contemporary extension, possibly to terrorists. Counter-measures are possible, but inconvenient. As the expert noted, "As any security person knows, in a battle between convenience and security, convenience has a way of winning." (Jonkers) (NYTimes 23 Jan03 J. Schwartz) (<nytimes.com>)

SECTION IV -- BOOKS AND SOURCES

ANTICIPATING SURPRISE: ANALYSIS FOR STRATEGIC WARNING, by Cynthia Grabo, a classic imperishable text first published in the 1970's, has been re-published by the Joint Military Intelligence College (JMIC)and will be available in February. As soon as we receive a copy we will provide more information. (Jonkers)

NO ROOM FOR ERROR: The Covert Operations of America's Special Tactics Units, by John T. Carney & Benjamin Schlemmer, Ballantine, 2002. John Carney is a former Air Force colonel who commanded an elite team of forward air controllers, a part of special operations forces. He took part in the April 1980 attempt to rescue 53 Americans being held hostage by rampaging radical students at the American Embassy in Teheran. The attempt failed. According to the authors, a key reason for the failure was the decision to over-compartmentalize information in the name of 'operational security.' Because of secrecy Command weather experts had not been allowed to brief pilots on a common phenomenon in the Iranian desert, the massive dust clouds called "baboobs." The pilots got disoriented and collided, and that was the end of the mission. Eight men died. Similar mistakes were repeated several years later during operation Urgent Fury, the effort to prevent Marxists from taking over the government of Grenada -- an early example of US "regime change" policies. The operation was called a success, but instead of quick surprise operation, it lasted more than a bloody week. In the name of operational security the invading force was sent in without current maps. Nineteen soldiers were killed, 123 wounded. The balance between operational security and needed operational information is a difficult one -- and occasionally is overdone on one side or the other. (Jonkers) ( WPost Bk World, 15Dec 02)

 WINs are protected by copyright laws and intellectual property laws, and may not be reproduced or re-sent without specific permission from the Producer. Opinions expressed in the WINs are solely those of the editor(s) or author(s) listed with each article. AFIO Members -- Support the AFIO Mission - sponsor new members! CHECK THE AFIO WEBSITE at www.afio.com for back issues of the WINs, information about AFIO, conference agenda and registrations materials, and membership applications -- and much more!

(c) 2003, AFIO, 6723 Whittier Ave, Suite 303A, McLean, VA 22101. AFIO@afio.com; Voice: 703 790-0320; Fax: 703 790-0264.

For comments, contact the editor Roy Jonkers at  afio@afio.com 
For back issues of the WIN, check the AFIO Website  www.afio.com 
For AFIO Website requests/comments, contact Webmaster at afio@afio.com   

Back to Top

About AFIO | Chapters & Chapter Activities | Membership | Corporate | Weekly Intelligence Notes | Event Schedule | Bulletin Board | Legislative | Careers | Donations | Book Reviews | Search | AFIO Store | Other Sites | Home Page

AFIO Central Office
6723 Whittier Avenue, Suite 303A
McLean, Virginia 22101-4533
Telephone: 703 790 0320 | Facsimile: 703 790 0264
Email: afio@afio.com