Cybersecurity: Continued Federal Efforts Are Needed to Protect Critical Systems and Information

Since 2005, GAO has reported that DHS has yet to comprehensively satisfy its key cybersecurity responsibilities, including those related to establishing effective partnerships with the private sector. Shortcomings exist in key areas that are essential for DHS to address in order to fully implement its cybersecurity responsibilities (see table). DHS has since developed and implemented certain capabilities, but still has not fully satisfied aspects of these responsibilities and needs to take further action to enhance the public/private partnerships needed to adequately protect cyber critical infrastructure. GAO has also previously reported on significant security weaknesses in systems supporting two of the department’s programs, one that tracks foreign nationals entering and exiting the United States, and one for matching airline passenger information against terrorist watch-list records. DHS has corrected information security weaknesses for systems supporting the terrorist watch-list, but needs to take additional actions to mitigate vulnerabilities associated with systems tracking foreign nationals.

National Security Agency Headquarters

The Headquarters of the National Security Agency is located on Route 32 just south of the Baltimore/Washington Parkway, on Fort Meade. No formal means of visiting the NSA headquarters exists, but a look at the historic side of code breaking is provided at the neighboring National Cryptologic Museum located north of the headquarters on Route 32.

Cyberspace Policy Review

The President directed a 60-day, comprehensive, “clean-slate” review to assess U.S. policies and structures for cybersecurity. Cybersecurity policy includes strategy, policy, and standards regarding the security of and operations in cyberspace, and encompasses the full range of threat reduction, vulnerability reduction, deterrence, international engagement, incident response, resiliency, and recovery policies and activities, including computer network operations, information assurance, law enforcement, diplomacy, military, and intelligence missions as they relate to the security and stability of the global information and communications infrastructure. The scope does not include other information and communications policy unrelated to national security or securing the infrastructure. The review team of government cybersecurity experts engaged and received input from a broad cross-section of industry, academia, the civil liberties and privacy communities, State governments, international partners, and the Legislative and Executive Branches. This paper summarizes the review team’s conclusions and outlines the beginning of the way forward towards a reliable, resilient, trustworthy digital infrastructure for the future.

Establishment of a Subordinate Unified U.S. Cyber Command

Cyberspace and its associated technologies offer unprecedented opportunities to the United States and are vital to our Nation’s security and, by extension, to all aspects of military operations. Yet our increasing dependency on cyberspace, alongside a growing array of cyber threats and vulnerabilities, adds a new element of risk to our national security. To address this risk effectively and to sccure freedom of action in cyberspace, the Department of Defense requires a command that posscsses the required technical capability and remains fbcused on the integration or cyberspace operations. Further, this command must be capable or synchronizing wartIghting effects across the global security environment as well as providing support to civil authorities and intemnational partners.

Office of the Director of National Intelligence Data Mining Report

The Office of the Director of National Intelligence (ODNI) is pleased to provide to Congress its second report pursuant to the Data Mining Reporting Act. The Data Mining Reporting Act requires “the head of each departrnent or agency of the Federal Government” that is engaged in an activity to use or develop “data mining,” as defined by the Act, to report annually on such activities to the Congress.

7th Signal Command (T)

The 11 Star Memo, signed in 2005 By CGs FORSCOM, AMC and TRADOC also addressed this gap with specific recommendations to “Realign CONUS DOIMS from IMA to NETCOM for a more unified support similar to OCONUS; optimize C2 for IT management; provide central oversight for IT resources and support; provide MACOMs single POC; and provide adequate investment in DOIM operations” CSA has specifically directed that “ protecting the Army’s networks is not just G6 or G3 business, but rather it is Cdr’s business at all levels (MSG 161304Z Aug 04). Yet, there is no single commander responsible for security and quality of service ensuring CONUS LWN capabilities are prioritized and available to support warfighting, business, and intelligence domains. And, no one is responsible to represent the Information Needs of the Unit and User through all Operational Phases and ensure access to the global collaborative environment.

Intelligence Community Legal Reference Book

On behalf of the Director of National Intelligence, I am pleased to make available the Fall 2007 Intelligence Community Legal Reference Book. The Intelligence Community draws much of its authority and guidance from the body of law in this collection. As the Director of National Intelligence seeks to better integrate the Intelligence Community, we hope this proves to be a useful resource to intelligence professionals across the Community. This document is the result of many hours of hard work. I would like to extend my thanks to those across the Community who assisted the Office of General Counsel in recommending and preparing the authorities contained herein.

2009 Hedge Fund 100

Asset totals reflect internally run, single-manager hedge funds and separate accounts, including long-only funds that charge hedge-fund-style fees; they exclude funds of hedge funds, overlay accounts, funds managed by third parties, mutual funds and traditional long-only money, dynamic money market funds, assets in collateralized debt and bond obligations, private equity and venture capital.

Barron’s 2009 Top 100 Hedge Funds

Despite a horrible year in most global markets, these 100 funds all have three-year annualized returns that run to solid double digits; a majority were up in 2008. Remarkably, one firm, Paulson, has two funds in the top four, No. 1 Paulson Advantage Plus (event-driven) and No. 4 Paulson Enhanced (merger arbitrage). In second place is Balestra Capital Partners, a global macro fund, third is Vision Opportunity Capital, a merger arbitrage fund, and fifth was Quality Capital Management-Global Diversified. Strong performance in weak markets is hedge funds’ most basic appeal and these funds did nothing to dispel that idea last year.

Introduction brief to the ISCe Satellite and Communications Conference

The National Communications System is responsible for assuring key national security and emergency preparedness (NS/EP) decision-makers have the ability to communicate through the full spectrum of crises. With the vast majority of the communications infrastructure owned by corporations, any successful strategy requires regular and meaningful interaction with industry.

Unknown Navy Project

This site is in Washington, D.C. on the National Mall just south of the railroad bridge that runs beside Route 1 and I-395, approximately 2 miles northeast of the Pentagon. The site is comprised of 2 large temporary buildings, one of which has large exhaust fans on the roof. As of 2006, there were signs at the site for Kiewet, a prominent tunneling firm. According to a Washington Post article from November 26, 2004, the Navy controls the site and describes it as a “utility assessment and upgrade”. The article says that “theories abound about the four-acre complex, which is dead center in a ring that includes the White House, the U.S. Capitol, the Pentagon, Reagan National Airport and the National War College. Is it a sophisticated sensor station, guarding the 14th Street bridge and other Potomac River crossings? Is it an excavation point for underwater barriers to protect the Washington Channel and Potomac River from submarines? Is it a staging area for Navy Seabees securing underwater cables between the White House and the Pentagon, across the river?”

Open Source Information System

The Open Source Information System was an unclassified network of computer systems that provides the intelligence community with open source intelligence. As of 2006, the OSIS name was retired and the network and content portions of the system were decoupled. The network portion of the system is now called DNI-U and the content portion is known as Intelink-U. According to the Army Foreign Military Studies Office, “Intelink-U is a virtual private network — a government intranet. It provides a protected environment to exchange unclassified and FOUO/SBU US Government and other open source data among Intelligence Community and other selected organizations. The Intelink-U firewalls safeguard government information resources and allow customers access to both the Intelink-U network and the public Internet. This gives Intelink-U users a single point of access to an unprecedented amount of unclassified open source information. “

National Open Source Enterprise

This Intelligence Community (IC) Directive (ICD) establishes Director of National Intelligence (DNI) policy and specifies responsibilities for the oversight, management, and implementation of IC open source activities . This ICD recognizes and establishes the roles and responsibilities of the Assistant Deputy DNI for Open Source (ADDNI/OS), the DNI Open Source Center (the Center). and the IC to ensure efficient and effective use of open source information and analysis.

2009 Democratic People’s Republic of Korea Leadership Chart

The structure of this chart is primarily taken from a reference pamphlet published by the South Korean Ministry of Unification in January 2009, which appears to be based on the DPRK constitution. As such, this chart is a representation of the formal relationships between the various entities and does not necessarily reflect the actual hierarchy and power relationships in the North Korean system. Other sources include: DPRK, ROK, PRC, and Japanese media; the ROK National Intelligence Service website; the Ministry of Unification’s Key Figures of North Korea 2009; and Japan’s Radiopress North Korea Directory 2008.

The Agenda and Political Techniques of the American Israel Public Affairs Committee (AIPAC)

For over three decades the American Israel Public Affairs Committee (AIPAC) has been an effective lobby within Congress to ensure that Israel remains strong militarily and economically, and endures as a national homeland for Jews. While acknowledging its effectiveness, AIPAC critics maintain that AIPAC is an ex-officio arm of the Israeli government which shamelessly manipulates the political process whenever it decides that there is a perceived threat to Israel’s interests. This paper will examine AIPAC’s origins, its structure and agenda. and its lobbying techniques to better understand why AIPAC is considered by many to be the most influential Congressional lobby.

Avian Influenza Pandemic May Expand the Military Role in Disaster Relief

Recent involvement by the U.S. military with hurricane relief and comments by the President on expanding the DOD’s role in disaster relief indicates increased missions for an already stretched military. The next national disaster facing the U.S. could be an influenza pandemic. The bird flu virus H5N1 currently threatening Asia and Europe can potentially mutate into a deadly human influenza pandemic with global consequences. The last major flu pandemic in 1918 killed 50 million people worldwide and 600,000 in the U.S. alone. The United States is not prepared for a human pandemic and the military will have a significant role in any national response. While some departmental level planning has been accomplished recently, interdepartmental coordination and clear identification of the lead federal agency is still lacking. This project explains possible effects of a pandemic on the U.S. and current responsibilities of federal departments involved in disaster relief. Analysis is presented on the evolving role the DOD plays should this event become reality and finally recommends preparations that should be accomplished to prepare the nation for this very real threat. An ad-hoc approach to a pandemic will have severe negative and far reaching affects on our nation and must be avoided.

Information Operations, Electronic Warfare, and Cyberwar

This report describes the emerging areas of information operations, electronic warfare, and cyberwar in the context of U.S. national security. It also suggests related policy issues of potential interest to Congress. For military planners, the control of information is critical to military success, and communications networks and computers are of vital operational importance. The use of technology to both control and disrupt the flow of information has been generally referred to by several names: information warfare, electronic warfare, cyberwar, netwar, and Information Operations (IO). Currently, IO activities are grouped by the Department of Defense (DOD) into five core capabilities: (1) Psychological Operations, (2) Military Deception, (3) Operational Security, (4) Computer Network Operations, and (5) Electronic Warfare. Current U.S. military doctrine for IO now places increased emphasis on Psychological Operations, Computer Network Operations, and Electronic Warfare, which includes use of non-kinetic electromagnetic pulse (EMP) weapons, and nonlethal weapons for crowd control. However, as high technology is increasingly incorporated into military functions, the boundaries between all five IO core capabilities are becoming blurred.

Military Deception

Care should be taken to protect the quality of information available for friendly decisions and public dissemination. This will ensure the JFC has accurate information by not allowing staffs to unknowingly perceive the joint task force’s (JTF’s) MILDEC efforts as accurate information. This will also ensure the information made public by the JFC is not part of any MILDEC action and lose the public’s trust.

Leftwing Extremists

This assessment examines the potential threat to homeland security from cyber attacks conducted by leftwing extremists, a threat that DHS/I&A believes likely will grow over the next decade. It focuses on the more prominent leftwing groups within the animal rights, environmental, and anarchist extremist movements that promote or have conducted criminal or terrorist activities (see Appendix). This assessment is intended to alert DHS policymakers, state and local officials, and intelligence analysts monitoring the subject so they can better focus their collection requirements and analysis.

Rightwing Extremism

Rightwing extremist paranoia of foreign regimes could escalate or be magnified in the event of an economic crisis or military confrontation, harkening back to the “New World Order” conspiracy theories of the 1990s. The dissolution of Communist countries in Eastern Europe and the end of the Soviet Union in the 1990s led some rightwing extremists to believe that a “New World Order” would bring about a world government that would usurp the sovereignty of the United States and its Constitution, thus infringing upon their liberty. The dynamics in 2009 are somewhat similar, as other countries, including China, India, and Russia, as well as some smaller, oil-producing states, are experiencing a rise in economic power and influence.

Federal Continuity Directive 1

This Federal Continuity Directive (FCD) provides direction to the Federal executive branch for developing continuity plans and programs. Continuity planning facilitates the performance of executive branch essential functions during all-hazards emergencies or other situations that may disrupt normal operations. The ultimate goal of continuity in the executive branch is the continuation of National Essential Functions (NEFs).

Civilian Inmate Labor Program

This regulation provides Army policy and guidance for establishing civilian inmate labor programs and civilian prison camps on Army installations. Sources of civilian inmate labor are limited to on– and off–post Federal corrections facilities, State and/or local corrections facilities operating from on–post prison camps pursuant to leases under Section 2667, Title 10, United States Code (10 USC 2667), and off–post State corrections facilities participating in the demonstration project authorized under Section 1065, Public Law (PL) 103–337. Otherwise, State and/or local inmate labor from off–post corrections facilities is currently excluded from this program.