News

Public-Private Partnerships Expand Amidst Cybersecurity Fears

A fascinating article in the San Jose Mercury News discusses the recent expansion of public-private partnerships in the growing effort to combat cyber threats from foreign governments and criminals. These partnerships occur through formal agreements between major corporations and government-backed organizations, such as law enforcement, the military or research institutions. The agreements usually involve sharing of intelligence between the government and corporate representatives, as well as participation in threat reporting programs and security exercises. In some cases, the partnerships relate directly to research and development regarding ways to mitigate security threats.

National Level Exercise 2012 Will Focus on Cyber Attacks Against Critical Infrastructure

Rather than combating natural disasters or a nuclear detonation in a major U.S. city, this year’s National Level Exercise will focus on cyber threats to critical infrastructure and the “real world” implications for government and law enforcement of large-scale cyber attacks. National Level Exercise 2012 (NLE 2012) is scheduled to take place in June and will involve emergency response personnel from at least thirteen states, four countries, nearly every major governmental department as well as a number of private companies, non-governmental organizations, institutions of higher education and local fusion centers. The exercise will span four FEMA regions and will include scenarios affecting the National Capital Region.

Meet Catalyst: IARPA’s Entity and Relationship Extraction Program

The Office of the Director of National Intelligence (ODNI) is building a computer system capable of automatically analyzing the massive quantities of data gathered across the entire intelligence community and extracting information on specific entities and their relationships to one another. The system which is called Catalyst is part of a larger effort by ODNI to create software and computer systems capable of knowledge management, entity extraction and semantic integration, enabling greater analysis and understanding of complex, multi-source intelligence throughout the government.

Garbage Collectors Around the U.S. Trained to Report Suspicious Activity

Several newspapers in southern Florida are reporting that trash collectors are receiving training from their employer Waste Management to work with local law enforcement to report crimes and other suspicious activities. The training is part of a program called Waste Watch that is designed to leverage the fact that “drivers are familiar with their routes and are in the same neighborhoods every day” which “puts them in the unique position to spot unusual activity and anything out of the ordinary.” Press releases from Waste Management describe the program as a way of opening “channels of communication with the authorities to help keep them informed and alert of what’s happening in their city’s streets and alleys.”

Where’s the Evidence Against Staff Sergeant Robert Bales?

The lawyer for the soldier accused of massacring seventeen people in a small Afghan village earlier this month has stated publicly that there is little or no evidence against his client. John Henry Browne, who is defending Staff Sergeant Robert Bales, told NBC that the U.S. government’s prosecution of Bales will be difficult as “They have no bodies, they have no autopsies, they have no forensics, they have no photographs, they have no witnesses. There is no Afghan who is going to come here to testify against this guy, so how do they prove premeditation? It’s going to be a problem for them.” In an interview with PBS, Browne reiterated this claim stating “There is no crime scene. There is no CSI stuff. There’s no DNA. There’s no fingerprints.” Browne has also stated that there is “no evidence about how many alleged victims” or “of where those remains are.”

The Department of Justice’s Principles for Conducting Online Undercover Operations

In 1999 the Department of Justice convened a working group to discuss the increasing role of technology in criminality and the challenges law enforcement face when conducting online investigations. The Online Investigations Working Group included members of the FBI, Treasury, Secret Service, IRS, ATF, Air Force and even NASA who worked to produce a series of general principles governing the legality of online investigative practices. The working group codified these eleven principles, governing everything from basic information gathering to undercover operations, and wrote a report titled “Online Investigative Principles for Federal Law Enforcement Agents” that detailed the group’s findings. Though the document was originally marked “Sensitive Law Enforcement Information” and “Distribution Limited to Law Enforcement Personnel” a significant portion of the document was released to the Electronic Privacy Information Center (EPIC) in 2004. However, very significant portions of the document that discuss online undercover operations were heavily redacted. These sections are highly relevant to understanding law enforcement’s pursuit of the hacktivist group Anonymous and the recent case of LulzSec leader “Sabu” who operated for nearly six months as a FBI informant after his arrest in June 2011.

Survey of Journalists Finds Public Information Officers Often Prevent the Public From Accessing Information

The Society of Professional Journalists conducted a study for this year’s Sunshine Week surveying 146 journalists who cover federal agencies regarding the role that public affairs or public information officers play in restricting the flow of relevant information to the public. The survey found that journalists face significant obstacles in the performance of their duties due to the obstructive activities of public affairs officers. Some of these obstacles include requiring pre-approval for interviews, prohibiting interviews of certain agency employees or rerouting interview requests, and the active monitoring of interviews being conducted with agency employees. Journalists who responded to the survey found that this obstruction is preventing the public from “getting all the information it needs because of barriers agencies are imposing on journalists’ reporting practices.”

Company Threatens to Sue Public Intelligence Over Trademark It Doesn’t Even Own

A well-known company specializing in forensic accounting and fraud investigations has threatened to sue Public Intelligence for infringing on a trademark that the company does not even own. Kessler International, a company founded by former Deputy Inspector General of the New York Metropolitan Transit Authority Michael G. Kessler, issued the threat on March 7, 2012 demanding that this website remove a Sprint/Nextel law enforcement guide for subpoenaing subscriber information because it happens to mention the word “Fraudbuster” on approximately three pages. The threat states that the publication of the document constitutes trademark infringement because “FRAUDBUSTERS” is the registered trademark of Kessler International. The threat also demands that we sign an agreement to never again infringe on their trademark and pay them any profits that we have earned from our unauthorized use of their trademark.

How to Get Invited to a State Department Luncheon

Last May, we wrote an unusual piece that went largely unnoticed about how a staggering phenomenon had begun to develop of people sending us mail for Henry Kissinger. Through some sort of confused “identity confusion” many people stumbled across a page on our site containing an unflattering profile of Henry Kissinger and his company’s past activities, including connections to money laundering, weapons trading banks. For some reason, this single posting on the site convinced a large number of people that we were Henry Kissinger and/or his firm Kissinger Associates. So, we wrote an elaborate and slightly comical article about how much mail we receive for Mr. Kissinger and a number of other entities. We detailed how we receive search warrants for criminal proceedings because we’ve published a number of lawful access guides for telecom companies, how we receive NSA purchase orders because we have a single page about the Maryland Procurement Office, and how we received an invitation to a White House event that was intended for Mr. Kissinger. We concluded the article with some useful commentary about the implications of such rampant misidentification even at seemingly high levels of government and business. We even added a large, bold warning at the top of the page about Kissinger Associates to make it emphatically clear that we are not Henry Kissinger.

What the FBI Wants to Hide From You In Their 2011 Gang Threat Assessment

What information from its most recent gang threat assessment does the FBI want to keep only for the eyes of law enforcement? Thanks to the publication of the full “law enforcement sensitive” version of the assessment on the website of the California Gang Investigator’s Association, we now know the answer to that question. The full version of the document contains approximately twenty additional pages of information regarding gang threats across the U.S. including details on the incredible proliferation of Mexican drug trafficking organizations. Most of the content derived from non-public reporting sources, such as FBI field reports, concerns specific incidents that are described more generally in the public version of the document. There are also some rather startling statistics omitted from the public version. For example, the fact that 36% of law enforcement report that gangs in their jurisdiction have ties to Mexican criminal gangs and drug trafficking organizations is omitted from the public version of the report.

Do You Like Online Privacy? You May Be a Child Pornographer

The government says anyone who opposes federal plans to make electronic surveillance easier for police and spies is siding with child pornographers. It’s the first salvo in a battle that will resume Tuesday when the government reintroduces legislation that would expand online monitoring powers. The issue pits the desire of intelligence and law-enforcement officials to have easier access to information about Internet users against the individual’s right to privacy.

Do You Believe in Conspiracy Theories? You May Be a Terrorist

A flyer from a series created by the FBI and Department of Justice to promote suspicious activity reporting states that espousing conspiracy theories or anti-US rhetoric should be considered a potential indicator of terrorist activity. The document, part of a collection published yesterday by Public Intelligence, indicates that individuals who discuss “conspiracy theories about Westerners” or display “fury at the West for reasons ranging from personal problems to global policies of the U.S.” are to be considered as potentially engaging in terrorist activity. For an example of the kinds of conspiracy theories that are to be considered suspicious, the flyer specifically lists the belief that the “CIA arranged for 9/11 to legitimize the invasion of foreign lands.”

Do You Like Online Privacy? You May Be a Terrorist

A flyer designed by the FBI and the Department of Justice to promote suspicious activity reporting in internet cafes lists basic tools used for online privacy as potential signs of terrorist activity. The document, part of a program called “Communities Against Terrorism”, lists the use of “anonymizers, portals, or other means to shield IP address” as a sign that a person could be engaged in or supporting terrorist activity. The use of encryption is also listed as a suspicious activity along with steganography, the practice of using “software to hide encrypted data in digital photos” or other media. In fact, the flyer recommends that anyone “overly concerned about privacy” or attempting to “shield the screen from view of others” should be considered suspicious and potentially engaged in terrorist activities.

The Most Technologically Secure Super Bowl Ever

If you watch the Super Bowl next Sunday, between the commercials and the elaborate half-time show, take a moment to to think about the one aspect of the event that you will not see: the massive deployment of federal and local law enforcement resources to achieve what is already being called “the most technologically secure Super Bowl in the history of the Super Bowl.” The game, which will take place February 5 at Lucas Oil Stadium in Indianapolis, will be secured by an unprecedented number of measures including dozens of newly-installed night-vision cameras, mobile gamma-ray scanners and a $18 million fusion center staffed with officials from various federal agencies and the military.

Anonymous Hacks Public Intelligence in “Friendly Audit”

On January 16, 2012 an unauthorized party associated with the hacktivist collective Anonymous gained access to this site’s web server. The attacker gained root access and posted a number of versions of a photo of a naked man. These images were used to deface the front of the site in multiple locations and contained the message “WAS HERE WITH 0DAY, ONLY SHIT I FOUND BAD WAS U LOGGING IN FROM A DSL CONNECTION… THEN AGAIN U BOUGHT THIS SERVER WITH UR PERSONAL CARD SO U CAN BE DOX’D… LEFT U THESE COX AS A FRIENDLY REMINDER THAT YOUR BOX CAN BE PWNED AT ALL TIMES…” The attackers then manipulated configuration files for the server which caused an error message to appear to visitors of the site. This state persisted for approximately eight hours blocking access to the site before it was later fixed by the attacker, who left a longer explanation for the hack in the server’s root directory.

New York Police Circulating Mysterious Government Guide to Criminal Tactics of “Protest Extremists”

An email contained in the latest AntiSec release indicates that law enforcement agencies in New York have been circulating an out-of-date manual that was previously criticized by the ACLU to instruct officers about issues related to Occupy protests. The brief email from December 5, 2011 was circulated to a number of law enforcement agencies affiliated with the Mid Hudson Chiefs of Police Association and contains several document attachments that describe tactics used by protesters, including basic guides on how to conduct your own “Occupy” protest. One of the documents is a police manual titled “Civil Disturbance and Criminal Tactics of Protest Extremists” that describes “illegal” tactics used by protesters and so-called “protest extremists”. The document, which was last revised in 2003, does not list its originating agency or author and is marked with a number of unusual protective markings indicating that it is not intended for public release.

Oakland Police Suppress Protesters With the Same Technology as Dictators

Photos from Tuesday evening’s violent police response to a march supporting the Occupy Oakland protest encampment indicate that the Oakland Police Department is using the same crowd suppression technologies that are used by foreign dictators. One photo by Reuters photographer Stephen Lam shows a broken canister from a “Han-Ball” rubber ball smoke grenade. The non-lethal munition is made by Defense Technology Corporation of America (Federal Laboratories), a company based in Casper, Wyoming and owned by BAE Systems, one of the largest defense contractors in the world. The use of non-lethal munitions manufactured by this company has been reported in recent popular protests in Yemen and Bahrain. Several Palestinian protesters were injured in early 2011 and one was killed after being struck by tear gas grenades made by several U.S. companies, including Defense Technology Corporation of America.

Think Like the Enemy: The U.S. Military’s Terrorist Training Exercise

A U.S. military training program designed to enhance soldiers’ abilities to operate in irregular conflicts includes exercises which encourage soldiers to think like terrorists in order to examine opposing ideologies. The exercises are part of a course designed to help trainees with practical decision-making skills in “irregular conflicts” and counterinsurgency called Combat Observation and Decision-making in Irregular and Ambiguous Conflicts (CODIAC). The course was initially created in 2010 as a way of enhancing the “ability of individuals and small teams to address irregular challenges by training enhanced observation, battlefield sensemaking, human terrain pattern recognition, and environmental analysis (including knowledge of combat tracking).” The CODIAC course incorporates curriculum from a number of other military programs, including the U.S. Marine Corps’ Combat Hunter program, and it is designed to primarily for military personnel as well as “interagency paramilitary personnel, such as Border Patrol or Police Officers, as well as multinational allies.” The course focuses on a number of core subject areas related to decision making, intelligence and observation, physical tracking and “human terrain” analysis.

One Step Closer to Fusion Center Transparency

The recent ten-year anniversary of the September 11 attacks brought a deluge of news regarding the transformation of the United States in the wake of the most devastating terrorist attacks in the country’s history. Many reports focused on debating the efficacy, or lack thereof, of policies implemented over the decade since the attacks occurred. One set of particularly revealing reports from the Center for Investigative Journalism discussed suspicious activity reporting at the Mall of America and the transformation of Homeland Security following September 11. Some publications discussed the waste inherent in the Department of Homeland Security (DHS) and its various grant programs. In addition to these critical evaluations of security policy, a number of public relations pieces from the national network of fusion centers appeared in local publications around the country. A local television station in Michigan covered the state’s local fusion center, having “unprecedented access” to walk around inside without cameras. Another piece from Tennessee discussed the Tennessee Bureau of Investigation’s fusion center, ending with appeals for viewers to report suspicious activity and “say something” if they “see something”. Articles from other states including Arkansas and Alabama, sometimes written by Homeland Security officials, emphasized the important work of their local fusion centers and the continued need for funding and support.

Document in Latest Anonymous Leak Shows Texas Has a Big Problem With Prescription Drugs

A 2010 assessment of pharmaceutical abuse released by the hacktivist collective known as Anonymous provides significant detail about the extent and human toll of prescription medication and “doctor shopping” in Houston and southeast Texas. The bulletin was reported on by major media sources, including the Houston Chronicle, but the report was never released publicly. As far back as 2007, southeast Texas has been referred to as a “mecca” for prescription drug abuse. In October 2007, the Houston Chronicle reported that the amount of Xanax seized by Houston Police had more than quadrupled from the previous year. That same year, narcotics investigators with the Houston Police Department seized 215,946 grams of hydrocodone, an increase of more than twenty-three times from the 9,030 grams seized in all 2005. By 2010, the Houston Chronicle estimated that since 2006 more than 1,300 people had died in Harris County due to the abuse of prescription medication.

DHS National Cybersecurity Center Warns of Crude, But Effective LulzSec/Anonymous/AntiSec Attacks

A bulletin released in late June by the Department of Homeland Security’s (DHS) National Cybersecurity and Communications Integration Center (NCCIC) warning of the recent activities by LulzSec and Anonymous has surfaced online. The unclassified bulletin titled “Hacktivist Groups Target U.S. and Foreign Networks” was recently posted to an unknown online network security website Aisle.net before being subsequently removed. The site it was posted to has also disappeared and now visitors to the domain are greeted with a blank screen. While the full document is not recoverable at this point in time, a cached version of the document’s summary contains a number of surprising admissions regarding the effectiveness of basic techniques utilized by LulzSec/Anonymous.

NSA $3.2 Billion “Site M” Expansion Planning Documents Reveal Cyberwar Command Center

In July 2010, the NSA revealed that it was expanding into a 227-acre parcel of land at Fort Meade called “Site M”, constructing a series of buildings that could cost as much as $5.2 billion. This expansion would displace two golf courses currently occupying the land and provide the NSA, which already occupies 630 acres at Fort Meade, with more space to build “an operational complex and to construct and operate consolidated facilities to meet the National Security Agency’s (NSA) continually evolving requirements and for Intelligence Community use”. The project has been shrouded in secrecy throughout its existence and there are only a few references to “Site M” in DoD budget planning documents. However, a recently discovered collection of development planning documents for the Site M project provide detailed information about the proposed $3.2 billion expansion, indicating that the facility will be a centralized command center for the NSA’s evolving cyberwarfare capabilities.

Photo of Passport for Osama bin Laden’s Wife Appears to Be Fake

A photo of Osama bin Laden’s wife’s passport that was released by Pakistani Television channel GEO TV appears to be fake in numerous respects. The finger pointing up to supposedly hold open the passport is surrounded by a number of angular white areas indicating that is was poorly cropped and taken from another photograph. The tip of the finger concludes in a notable point because of this poor cropping. Also, the photo of the women that is supposed to be bin Laden’s wife is noticeably an overlay from a separate photograph as it falls outside the margins of the space where the passport photo should be and is surrounded by a white “halo” that is visible over the colored background of the passport.

Examples of Security Research Aided by Public Intelligence

Coverage in the Netherlands of a recent request by the Dutch police to remove issues of Inspire magazine from this website has often misrepresented our position, referring to this site as an “al-Qaeda website”, while failing to explain the nature of what this website does. Articles about the request have even been accompanied by gratuitous photos of Osama Bin-Laden. The fact that our publication of Inspire magazine is not supportive or promotional, but done for “educational and informational purposes” seems to have been missed by many Dutch readers. This is despite the fact that we have included uncharacteristic disclaimers stating this fact on every page where we have made Inspire magazine available. To any regular reader of this site it should be painfully obvious that we are not supporting, condoning or encouraging the activities contained in the magazine, or any other material we publish.