Posts by KevinColeman:

    The Big Intelligence Picture

    November 30th, 2014

     

    By Kevin G. Coleman.

    Ever consider the massive amount of intelligence that the United States collects and uses in the defense of the country and our allies? It is surely massive given the scope of our collection effort.

    Many people do not realize that the U.S. intelligence community is comprised of 16 separate agencies, not including the Office of the Director of National Intelligence which is responsible for leading intelligence integration. These agencies are tasked with foreign and domestic intelligence collection, analysis support of military planning, and in some cases performing acts of espionage:

    1. Central Intelligence Agency (CIA)
    2. Air Force Intelligence, Surveillance and Reconnaissance Agency (AFISRA)
    3. Army Intelligence and Security Command (INSCOM)
    4. Defense Intelligence Agency (DIA)
    5. Marine Corps Intelligence Activity (MCIA)
    6. National Geospatial-Intelligence Agency (NGA)
    7. National Reconnaissance Office (NRO)
    8. National Security Agency (NSA)
    9. Office of Naval Intelligence (ONI)
    10. Office of Intelligence and Counterintelligence (OICI)
    11. Office of Intelligence and Analysis (I&A)
    12. Coast Guard Intelligence (CGI)
    13. Federal Bureau of Investigation (FBI)
    14. Office of National Security Intelligence (DEA/ONSI)
    15. Bureau of Intelligence and Research (INR)
    16. Dept of Treasury’s Office of Terrorism and Financial Intelligence (TFI)

    Source: Wikipedia

    Now we have to add U.S. Cyber Command to that list.

    In addition, we have to add all the private sector organizations that have established their own security intelligence and cyber intelligence gathering and analysis capabilities as well as those in industry protecting against cybersecurity threats as well.

    Oh – we should not forget the state and local law enforcement intelligence units that exist around the country.

    Now let’s add the black-ops (clandestine) intelligence community members.

    Add them all up and that paints a reasonable picture of the intelligence coverage we have in place. It sounds like allot, but given the number of kinetic and non-kinetic threat we face, it’s not!

    One has to wonder how much more effective our intelligence efforts could be if regulations requiring separation did not exist and a collaborative/sharing environment along with the systems required for collaborative support were in place.

    While those regulations were probably put in place for good reason when they were enacted, times have changed. Maybe it is time to revisit the restrictions.

    Comments Off on The Big Intelligence Picture

    Modern tradecraft moves in parallel with cyber operations

    September 18th, 2013

    By Kevin Coleman.


    The demands on today’s clandestine assets require unique training, education, and skill sets that must be continuously refreshed in order to stay up-to-date with the latest tradecraft, especially when it comes to cyber operations.

    A common misunderstanding is that the skill set and operational domain of today’s spy resides in the physical world. Another misconception is that the operational environment of today’s cyber spies  is confined to an office cubicle seated in front of a computer. Nothing could be further from the truth.

    The reality is the cyber side and the traditional operational environment of the spy intersect.

    It is difficult to think of a situation where tradecraft practices do not interact with a cyber component. The requirement is that spies must have cyber skills and maintain those skills.

    Today, most if not all field assets operating on the clandestine side routinely leverage digital tradecraft. Some of the individuals I have worked with over the years say it is not uncommon for meetings to pass intelligence to individuals tied to three-letter agencies in public places like McDonalds or Starbucks. One individual remarked that even the best spy thrillers barely come close to portraying the digital tradecraft that is currently being practiced.

    For example, consider the FBI announcement about the Russian spy ring that was taken down back in 2010. The ring was described as “long-term, deep cover” operation, 10 spies in total that operated for decades. This covert group leveraged modern digital tradecraft with unconfirmed reports of a digital brush-pass – a version of the physical transfer of messages commonly seen in spy thrillers.

    The Russian spies exchanged information via a free wireless network at the Times Square Starbucks as well as other locations. Consider that the next time you are at Starbucks ordering your favorite grande latte!

    So, again, it’s clear that the growing importance of cyber operations moves in parallel with modern tradecraft.

    No Comments "

    Digital Conflict

    May 17th, 2013

    By Kevin Coleman.

    Kevin Coleman

    Operating Solo in Cyber

    Few people would dispute the complexities that are all so common in the cyber domain of conflict. Arguably, one of the most complex areas deals with the laws of conflict and international law.

    A number of events, some as recent as two weeks ago, have once again demanded revisiting the comments made by U.S. government representatives as to how conflict in the cyber domain fits into the legal framework of war.

    It is not uncommon to reference comments recently made by government officials surrounding the rule of law as it is being applied to cyber conflict. For some unknown reasons, these comments did not receive a significant amount of notice, far short from that which they call for.

    In a recent cyber war game, the laws of cyber conflict once again came up. The question was, “Does international law apply to cyber space?” One document that I commonly reference (http://www.state.gov/s/l/releases/remarks/197924.htm) came out of the 2012 USCYBERCOM Inter-Agency Legal Conference, and it specifically answers that question, yes.

    The author, Harold Hongju Koh, legal advisor to the U.S. Department of State, went on to say at the conference that this view is not universally accepted in the international community.

    The United Nations has a web page that is helpful in respect to international law (http://www.un.org/en/law/index.shtml), but after reviewing their site I was unable to find the UN’s view of cyber conflict in the context of international law.

    It is impractical to operate solo in this domain. It is dangerous to operate without universal acceptance of the application of international law to the cyber domain by the majority if not all of the 231 countries/territories connected to the Internet.

    http://defensesystems.com/Blogs/Cyber-Report/List/Blog-List.aspx

    No Comments "

    UN Agency Opens International Internet Traffic To Government Scrutiny

    January 6th, 2013

     

    By Kevin G. Coleman.

    UN Agency Opens International Internet Traffic To Government Scrutiny

    The United Nation’s International Telecommunications Union sent shock waves across the Internet with an agreement approved last night which would give countries a right to access international telecommunications services including Internet traffic.(This story was updated a 4:30 p.m. ET to include additional reporting.)While the U.S., Canada, Australia, Norway, Denmark, and other countries refused to go along with the measure, the motion carried in a decision that caught many by surprise and now leaves organizations around the world who provide services that rely on the Internet in a sudden state of limbo.

    I was on the phone with a number of businesses that have employees and operations in multiple countries and a satellite communications equipment provider all of whom expressed concern that companies will put projects on hold and take a wait-and-see approach until there are answers to the many questions that the ITU action created!

    For more news and insights on innovations at work in government, please sign up for the AOL Gov newsletter. For the quickest updates, like us on Facebook.

    The ITU action opens up a fundamental rift between those nation’s who appreciate the economic power of an open Internet and those who would seek to control the Internet for more political reasons.

    ITU director general Hamadoun Toure expressed surprise with the US, UK and other nations for walking out of a vote to approve a new UN telecoms treaty, the first update to international regulation of the industry in 24 years. “I couldn’t imagine they wouldn’t sign it,” he said, insisting that the Internet and content were not part of the discussion.

    At issue is a provision outlined in Article 5B of the treaty, which reads: “Member states should endeavour to take necessary measures to prevent the propagation of unsolicited bulk electronic communications and minimize its impact on international telecommunication services.”

    Exactly what was intended by the ITU’s controversial provision remains somewhat in question, but it was clear from much of the interpretation that it was intended, among other things, to support actions by individual governments that focus on monitoring (plainly speaking, to intercept and read) Internet traffic packets. That would include emails, financial transactions (https traffic) or phone calls (VoIP and hard wired) without worrying about restrictions.

    Sources knowledgeable about this go as far as to suggest that some governments want to create the ability to read encrypted communications as well. Technology and cyber intelligence subject matter experts (SME) say this would require access to encryption keys or possibly a “master encryption key.”

    Either way, many of those familiar with the evolution of the Internet believe that is a very dangerous aspect of the ITU’s action.

    The ITU is a United Nations agency that regulates international telecommunications and traditionally set out to standardizetelephone services. It is made up of representatives of 193 Governments that are members of the UN. The regulatory measure is known as Y.2770 referred to as “Requirements for deep packet inspection.”

    One expert went as far as to say that even if new techniques are used, such as quantum encryption or biometric encryption (that is thought to be unbreakable), it is likely if the government doing the monitoring intercepted a message they could not read, they would just block the transmission and delete the packets!

    I would take that to the next step and suggest they would actually identify the source of that sophisticated communication and put them under increased scrutiny.

    Points to consider

    How all of this will shake out remains to be seen, but here are just a sampling of issues that will now need to be considered in light of the ITU’s move:

    – What about all the private or sensitive emails our government sends to government employees stationed in foreign countries?

    – How will they do this when point to point satellite communications is the method of connectivity?

    – What about sensitive communications of U.S. corporations to its staff and remote offices in foreign countries that contain competitive data or research and development information?

    – Since the cyber activists of Anonymous took action during the ITU meeting, will the group become much more aggressive given the adoption of these Internet control measures?

    There are so many questions and so few answers. One thing is certain this is far from the vision of the Internet we had when I was at Netscape!

    Kevin G. Coleman is a long-time security technology executive. He is a senior fellow with the Technolytics Institute, the former chief strategist at Netscape and writes periodically for AOL Government on the topic of cyber intelligence. (AOL Government’s Wyatt Kash contributed additional reporting to this story.)

    Photo: Hamadoun Toure (C), secretary general of the International Telecommunication Union (ITU), addresses a joint press conference on the final day of the World Conference on International Telecommunications (WCIT-12) in the Gulf emirate of Dubai on December 14, 2012.

    No Comments "