Adfero Group HSPI

In Washington, some things never change. There are and always will be vigorous debates about policies, programs and of course money. What does change are the names and faces of the people who make many of those decisions, and unless you’ve totally tuned out on the comings and goings in town, here’s a rundown of some things you should know.

The shooting of Arizona Rep. Gabrielle Giffords and many others on Saturday during a special event in Tucson is a tragedy. Yet, this tragedy was made worse by the irresponsible, faulty and unprofessional manner in which the media reported breaking information to the world. As of Saturday at 2:28 PM, Rep. Giffords was dead. By 4:16, doctors were optimistic about her survival. The Washington Post, NPR and BBC are to blame.

The end of the year is approaching, and it is time to look back and see what the major cyber events/issues have been in 2010. I tried to keep it manageable, but it was a busy year. So, here are my nominations for the most significant cyber issues.

By Elaine Bussjaeger
The notion of the “citizen watch” is tried and tested. In communities throughout the country, neighborhood watch programs operate on a simple principle – you watch my back, and I’ll watch yours. In the ever-advancing technological age, how can this basic concept be modified for a new generation of smart phone-using, social media-minded citizens? The Department of Homeland Security, with its Small Vessel Security Strategy, has taken steps to rally citizens through social media as a kind of nautical “neighborhood watch.”

I had the privilege of participating on a panel last week at American University. My “ah-ha!” moment was listening to two Baltimore cops who spoke on a panel after me, both of who work in cyber crime and cyber forensics. These guys are heroes. Local law enforcement has a role to play in cybersecurity. As cyber crime grows in magnitude, local cops will become increasingly critical to the fight. The problem is that they are chronically under funded and under manned.

If you are a police officer, there is no doubt sometime in your career you will work with a confidential informant. Whether you’re trying to crack a difficult case, gain key evidence in a conspiracy investigation or trying to learn about criminal activity before it happens, usually you will need to cultivate relationships with confidential criminal informants. Unfortunately, most agencies lack sophisticated systems for managing confidential informants, and they rely on rudimentary spreadsheets and notes on scraps of paper locked away in file cabinets. This archaic way of managing informants is not because technology doesn’t exist to modernize the process; it is because officers are trying to protect their informants’ identities from being divulged.

Here are the issues. None of the big legislative players lost on November 2. In that regard, all the legislative efforts should continue to move through the system. But will the new Congress be open to bipartisanship? Will these key areas of cooperation improve or fall by the wayside? On the executive side, theoretically, nothing has changed. That, however, is only a theory. Reality will steamroller that theory in a heartbeat. Cyber efforts could be deemed second-tier stuff and lose what momentum they have finally started to gain. I certainly hope not.

Well, there is a headline NO ONE ever expected to see…yeah, right. At the Homeland Security & Defense Business Council’s Cyber Security Awareness Month Conference, it actually happened – really. Roger Cressey of Good Harbor Consulting was the lead keynote speaker. After a good introduction by Marc Pearl, the head of the council, Cressey gave a super address that covered the water front of the key issues facing our nation in cyber. Yours truly had the honor of being the closing keynote speaker. I took exception with my friend Roger on a couple of areas. For one, he draws far too strong a line between cyber crime and cyber espionage, and does not consider cyber crime a national security issue but a law enforcement one. I could not disagree more.

A week or so ago, I did a post on 5th Generation Warfare (5GW), and it apparently stirred up some interest among the readers of Security Debrief. Given that interest, I thought I would look a little deeper into this subject. My title will probably bother some. Isn’t it always about “winning?” Actually, life would be much simpler if it were. Vince Lombardi’s famous quote (“Winning isn’t everything, it is the ONLY thing.”) works for football but not for 5GW. As much as Americans love a winner, in 5GW it will not be quite so clear cut.

I have spoken recently quite a few times about the possibility of cyber attacks on SCADA systems. Well, now we have had a very high profile one. The Stuxnet worm has infected a large number of PCs involved in industrial control systems. What I do know is that this shows that the so-called experts who have discounted control system attacks as low in likelihood (because they are not fully hooked to the net and because the systems are idiosyncratic) are wrong. It takes a better weapon, and more care to emplace it, but it can be done, and indeed has been.

At the National Press Club, the SANS Institute and GovExec Magazine held a superb two-hour session that broached the controversial, ill-defined and critical issues around Cyber War. It was an excellent discussion with true experts. It would have been worth it to go beyond the time limits, as we ran out of time well before we ran out of questions. What follows is not a transcript but my paraphrased review of what was covered.

The lawsuit filed on Tuesday, September 7, in the Second Circuit challenging the federal government’s border search policy is yet another attempt to complicate and restrict our ability to protect the United States. At issue is the government’s position that its authority to protect the border includes the ability to review and examine the contents of personal electronic devices.

Those who read my Security Debrief posts or my Tweets will recognize (maybe with a groan) that one of my “issues” is the lack of action in Awareness and Education with regard to cybersecurity. It is not a sexy, nor a potentially lucrative issue, but I believe with all my heart that it is the foundational piece of any eventual “solution” to our cyber woes. Bottom line of Bucci’s rant is this: we need to make Awareness and Education a real priority and expend the money, time, and personnel to do it correctly.

Fusion Centers are a fairly new concept in law enforcement, and many people don’t know the purpose they serve or how their local law enforcement agency should be engaging these centers. If you ask 20 people for a definition of “fusion center,” you’ll get 20 different answers. Some might even think these centers are making frozen coffee concoctions or protein drinks. But fusion centers are actually an attempt to deal with the fact that clues related to criminal activity often remain undiscovered in disconnected law enforcement databases.

A recent blog post on Wire.com “Cyberwar Against Wikileaks? Good Luck With That” was brought to my attention by a good friend. She nominally just wanted my thoughts on the provocative article, but in effect, challenged me to blog on the subject. Some have argued that the U.S. Government could levy its cyber capabilities to stop WikiLeaks from sharing the classified information leaked to the online outlet by a young U.S. soldier. That defined a target is well within the capabilities of several different parts of the government, but it would be entirely self defeating. Using cyber capabilities to silence those with whom we disagree is exactly what privacy and civil liberties advocates fear most about the development of our cyber defenses.

Next week, the Heritage Foundation will host “Homeland Security 2010: The Future of Defending the Homeland.” This will be a week-long series of panels aimed at providing a good background for Congressional Staffers new to Homeland Security issues. Heritage did this last year, and it was an excellent event. I will be sitting on two of the panels – maritime security and cybersecurity. The panels are open to the public and all are welcome. I highly recommend it.

By Justin Hienz
The United Arab Emirates (UAE) is home to bizarre sights, and the veneer of extreme luxury certainly impresses (or fools) most tourists. But when you pull back the curtain, the UAE is revealed as a developing country with many challenges, security among them. On Sunday, UAE officials announced that it would block BlackBerry mobile services. Clearly, the UAE is striving for security in every way, but at what cost? And are there parallels in our own country that deserve a closer look? Maintaining our individual freedoms is a never-ending struggle.

Several news items of late have addressed the thorny issue of cyber attribution; that is, the ability to identify the sources of Web and network attacks. For cyber companies and some government agencies, attribution is the Holy Grail. However, if we develop technology that provides attribution, soon bad governments will get it too. They will surely use it against dissident elements inside their own countries to suppress free speech and abridge other civil rights of all sorts. Should we consciously forgo the possibility of deterring bad guys from cyber crime, cyber terror and cyber war because the technology could be used badly? I think the answer is clearly “no.”

For the second straight week, Washington, DC and the nation are reeling from headlines and news coverage of events on the national security stage. Last week, it was the Washington Post’s series on Top Secret America, which details the explosive growth of the intelligence apparatus since 9/11. This week, it is the release of nearly 92,000 pages of classified details on the ongoing conflict in Afghanistan. What has been shared is a tremendous violation of trust amongst military/intelligence personnel that goes beyond the traditional Washington leak to a reporter. as interested as we may all be in what is really happening in the intelligence community and in Afghanistan, there is also a responsibility to not reveal everything. That is a line I think individuals and organizations like the WikiLeaks source, the Washington Post and others seem to cherish crossing.

Recently, there’s been a trend toward some agencies purchasing new data mining tools for their needs at fusion centers. It is great to see this investment in technology, but watch out – many of these solutions don’t have any inherent method for capturing Suspicious Activity Reports and Request for Service data, which fusion centers use to track case management activities. Here’s a review the four types of data that law enforcement officers encounter in their work and the federal guidelines that govern intelligence sharing.