Investigative & Security Professionals for Legislative Action

Security Related Topics

<< First  < Prev   1   2   3   Next >  Last >> 
  • 16 Feb 2015 2:46 PM | Anonymous member (Administrator)

    Promoting Economic Competitiveness While Safeguarding Privacy, Civil Rights, and Civil Liberties in Domestic Use of Unmanned Aircraft Systems - February 15, 2015

    Today the White House issued a Presidential Memorandum to promote economic competitiveness and innovation while safeguarding privacy, civil rights, and civil liberties in the domestic use of Unmanned Aircraft Systems (UAS).

    This Presidential Memorandum builds on efforts already underway to integrate UAS into the national airspace system (NAS).  The Federal Aviation Administration has authorized the testing of UAS at six sites around the country in December 2013 as part of its efforts to safely integrate UAS into the NAS, as required by the Federal Aviation Administration Modernization and Reform Act of 2012.

    UAS are a potentially transformative technology in diverse fields such as agriculture, law enforcement, coastal security, military training, search and rescue, first responder medical support, critical infrastructure inspection, and many others.

    The Administration is committed to promoting the responsible use of this technology, strengthening privacy safeguards and ensuring full protection of civil liberties.

    The Presidential Memorandum released today ensures that the Federal Government’s use of UAS takes into account these important concerns and in service of them, promotes better accountability and transparent use of this technology, including through the following:

    First, the Presidential Memorandum requires Federal agencies to ensure that their policies and procedures are consistent with limitations set forth in the Presidential Memorandum on the collection and use, retention, and dissemination, of information collected through UAS in the NAS.

    Second, the Presidential Memorandum requires agencies to ensure that policies are in place to prohibit the collection, use, retention, or dissemination of data in any manner that would violate the First Amendment or in any manner that would discriminate against persons based upon their ethnicity, race, gender, national origin, religion, sexual orientation, or gender identity, in violation of law.

    Third, the Presidential Memorandum includes requirements to ensure effective oversight.

    Fourth, the Presidential Memorandum includes provisions to promote transparency, including a requirement that agencies publish information within one year describing how to access their publicly available policies and procedures implementing the Presidential Memorandum.

    Fifth, recognizing that technologies evolve over time, the Presidential Memorandum requires agencies to examine their UAS policies and procedures prior to the deployment of new UAS technology, and at least every three years, to ensure that protections and policies keep pace with developments.

    Consistent with these objectives, the Presidential Memorandum additionally requires the Department of Commerce, through the National Telecommunications and Information Administration, and in consultation with other interested agencies, to initiate a multi-stakeholder engagement process within 90 days to develop a framework for privacy, accountability, and transparency issues concerning the commercial and private use of UAS in the NAS.

  • 16 Feb 2015 2:37 PM | Anonymous member (Administrator)

    White House Summit on Cybersecurity and Consumer Protection-February 13, 2015

    As a nation, the United States has become highly digitally dependent.  Our economy, national security, educational systems, and social lives have all become deeply reliant on cyberspace.  Our use of digital networks provides a platform for innovation and prosperity and a means to improve general welfare around the country and around the globe, driving unparalleled growth. But this dependency also creates risks that threaten national security, private enterprises and individual rights. It is a threat not just here in the United States, but one that everyone, everywhere who is connected to cyberspace faces.

    On February 13, the President is convening leaders from throughout the country who have a stake in bolstering cybersecurity – from industry, tech companies, and consumer and privacy advocates to law enforcement, educators, and students.  Participants will discuss opportunities to spur collaboration and develop partnerships in the cybersecurity and consumer financial worlds to share best practices, promote stronger adherence to security standards, improve cyber threat information sharing, and encourage the adoption of more secure payment technologies. 

    This Summit comes at a crucial point.  The President has been committed to strengthening our Nation’s cybersecurity since the beginning of his Administration and we have made significant progress.  Yet, cyber threats to individuals, businesses, critical infrastructure and national security have grown more diffuse, acute, and destructive. Despite improvements in network defense, cyber threats are evolving faster than the defenses that counter them. Malicious actors ranging from sophisticated nation states to common criminals to hacktivists take advantage of the anonymity, reach, and broad range of effects that cyberspace offers. Because of the interconnected nature of the Internet, no one is isolated from these threats. We are at an inflection point, both domestically and internationally, and now is the time to raise the call for greater collective action.

    Public and Private Commitments

    Cybersecurity is a shared responsibility.  The Federal government has the responsibility to protect and defend the country and we do this by taking a whole-of-government approach to countering cyber threats. This means leveraging homeland security, intelligence, law enforcement, and military authorities and capabilities, which respectively provide for domestic preparedness, criminal deterrence and investigation, and our national defense.   Yet much of our nation’s critical infrastructure and a diverse array of other potential targets are not owned by the Federal government.  The Federal government cannot, nor would Americans want it to, provide cybersecurity for every private network.  Therefore, the private sector plays a crucial role in our overall national network defense.   To that end, both the Federal government and the private are announcing key commitments today. 

    The Cybersecurity Framework

    In 2013, the President signed an Executive Order on Critical Infrastructure Cybersecurity which resulted in the development of the Cybersecurity Framework, released on February 12, 2014.  In taking a risk management approach, the Framework recognizes that no organization can or will spend unlimited amounts on cybersecurity.  Instead, it enables a business to make decisions about how to prioritize and optimize its cybersecurity investments. The Framework also offers a flexible benchmarking tool for a wide range of organizations. For organizations that don’t know where to start, the Framework provides a roadmap. For organizations that are already sophisticated, the Framework offers a yardstick to measure against – and to use in communicating with partners and suppliers. Finally, the Framework creates a common vocabulary that can be used to effectively communicate about cyber risk management. The Framework is emerging as an important tool for technologists to communicate with organizational leaders on managing cyber risks. We have been encouraged by industry use of the Framework, and we will continue to promote its broad uptake both within the government and across the private sector.  Today, the following corporations are announcing a commitment to using the Framework.

    • Intel is releasing a paper on its use of the Framework and requiring all of its vendors to use the Framework by contract.
    • Apple is incorporating the Framework as part of the broader security protocols across its corporate networks.
    • Bank of America will announce that it is using the Framework and will also require it of its vendors.
    • U.S. Bank and Pacific Gas & Electric are announcing that they are committed to using the Framework.
    • AIG is starting to incorporate the NIST framework into how it underwrites cyber insurance for large, medium-sized, and small businesses and will use the framework to help customers identify gaps in their approach to cybersecurity.
    • QVC is announcing that it is using the Cybersecurity Framework in its risk management.
    • Walgreens is announcing its support for the Cybersecurity Framework and that it uses it as one of its tools for identifying and measuring risk.
    • Kaiser Permanente is committing to use the Framework.

    Information Sharing

    Today the President is also signing an Executive Order to encourage and promote the sharing of cybersecurity threat information within the private sector and between the private sector and Federal government. Rapid information sharing is an essential element of effective cybersecurity because it ensures that U.S. companies work together to respond to threats, rather than operating alone. This Executive Order lays out a framework for expanded information sharing designed to help companies work together with the federal government to quickly identify and protect against cyber threats.  From removing barriers, to helping to improve the delivery of timely and relevant intelligence to the private sector, to advocating for needed legislation, the President is committed to improving information sharing and collaboration with the private sector. 

    The following organizations will also be making commitments today:        

    • The Cyber Threat Alliance (including Palo Alto Networks and Symantec, Intel Security, and Fortinet) will announce that its new cyber threat sharing partnership is starting to build best practices and standards consistent with the new information sharing Executive Order.
    • The Entertainment Software Association is announcing the creation of a new information sharing and analysis organization that will be built consistent with the new information sharing Executive Order.
    • Crowdstrike is announcing that it will form an information sharing and analysis organization.
    • Box is announcing that it will participate in the standards-development process for ISAOs, and that it will explore ways to use the Box platform to enhance collaboration among ISAOs.
    • FireEye is launching its “Information Sharing Framework,” which allows FireEye customers to receive threat intelligence in near-real-time, and provides anonymized threat indicators 

    Secure Payment Technologies

    In October 2014, the President signed an Executive Order to advance consumer financial protection and launched the Buy Secure Initiative.  Today, the following organizations will announce new commitments to promote more secure payment technologies.

    • Visa is committing to tokenization – substituting credit card numbers with randomly generated tokens for each transaction - by the end of the 1st quarter of 2015.
    • MasterCard will invest more than $20 million in new cybersecurity tools, including the deployment of Safety Net, a new security solution that will reduce the risk of large-scale cyber attacks. 
    • Apple, Visa, MasterCard, Comerica Bank and U.S. Bank are committed to working together to make Apple Pay, a tokenized, encrypted service, available for users of federal payment cards, including DirectExpress and GSA SmartPay cards.
    • Square is working with the Small Business Administration to roll out an education program aimed at convincing small business to adopt more secure payment technologies.
    • The Financial Services Roundtable and the Retail Industry Leaders Association, on behalf of a partnership of 19 associations, are jointly announcing today the release of two papers to enhance collaboration in the development of technology standards and principles for the development of next generation technologies that minimize the value of payments information if it is stolen or lost.  

    Multi-Factor Authentication

    In order to replace the password as our primary means of security online, we must have new technologies that combine greater security and convenience.  This technology moves beyond usernames and passwords to employ multiple security steps to better ensure a person is who they say they are. 

    Through the National Strategy for Trusted Identities in Cyberspace, the US Government has invested more than $50 million over the past four years to advance this market in partnership with the research and development community and technology firms.  

    The following companies are announcing new initiatives to advance multi-factor authentication:

    • Intel is releasing a new authentication technology that will not rely on a password, but will instead employ other technologies, such as biometrics.
    • American Express is announcing rollout of new multi-factor authentication technologies for their consumers.
    • MasterCard, in partnership with First Tech Credit Union, will announce that they will implement a new pilot later this year that will allow consumers to authenticate and verify their transactions using a combination of unique biometrics such as facial and voice recognition. 
    • In September of last year, CloudFlare enabled more than a million of its customers' Web sites to support Universal SSL--for free.  Now, they are taking another step to secure the Web by enabling every CloudFlare customer to support DNSSEC, the open standard for authenticating domain names, by the end of the year. 

    Credit Score Transparency – A number of leaders in the financial services industry will be making credit scores more readily available to all Americans, improving consumers’ awareness of credit health, and providing them a tool to identify major shifts in their credit score – a key first sign of identity theft.

    • In partnership with FICO, Nationstar will join the growing list of firms making credit scores available for free to their customers by the end of the year

    Call for Legislative Action

    The government and private sector have made significant commitments to advance cybersecurity and consumer protection.   While we applaud Congress for successfully passing several pieces of important cybersecurity legislation last year, we still need Congress to pass key cybersecurity legislation.  To support that call for action, last month the President sent our updated cybersecurity legislative proposal to Congress. 

    Enabling Cybersecurity Information Sharing: The Administration’s updated proposal promotes better cybersecurity information sharing between the private sector and government and enhances collaboration and information sharing amongst the private sector.  Specifically, the proposal encourages the private sector to share appropriate cyber threat information with the Department of Homeland Security’s National Cybersecurity and Communications Integration Center (NCCIC), which will then share it with relevant federal agencies and with private sector-developed and operated Information Sharing and Analysis Organizations (ISAOs), by providing targeted liability protection for companies that share information.

    The legislation also encourages the formation of private-sector led Information Sharing and Analysis Organizations.  The Administration’s proposal safeguards Americans’ personal privacy by requiring private entities to comply with certain privacy restrictions such as removing unnecessary personal information and taking measures to protect any personal information that must be shared to qualify for liability protection.  The proposal further requires the Department of Homeland Security and the Attorney General, in consultation with the Privacy and Civil Liberties Oversight Board and others, to develop receipt, retention, use, and disclosure guidelines for the federal government’s sharing of cyber threat indicators.  Finally, the Administration intends this proposal to complement and not to limit existing effective relationships between government and the private sector.  These existing relationships between law enforcement and other federal agencies are critical to the cybersecurity mission.

    Modernizing Law Enforcement Authorities to Combat Cyber Crime: Law enforcement must have appropriate tools to investigate, disrupt and prosecute cyber crime.  The Administration’s proposal contains provisions that would allow for the prosecution of the sale of botnets, criminalize the overseas sale of stolen U.S. financial information like credit card and bank account numbers, expand federal law enforcement authority to deter the sale of spyware used to stalk or commit identity theft, and give courts the authority to shut down botnets engaged in distributed denial of service attacks and other criminal activity.  It also reaffirms important components of the Administration’s 2011 cyber legislative proposals to update the Racketeering Influenced and Corrupt Organizations Act (RICO), a key law used to prosecute organized crime, so that it applies to cybercrimes, clarifies penalties for computer crimes, and makes sure these penalties are in line with other similar non-cyber crimes.  Finally, the proposal modernizes the Computer Fraud and Abuse Act by ensuring that insignificant conduct does not fall within the scope of the statute, while making clear that it can be used to prosecute insiders who abuse their ability to access information to use it for their own purposes.

    National Data Breach Reporting: State laws have helped consumers protect themselves against identity theft while also encouraging business to improve cybersecurity.  These laws require businesses that have suffered an intrusion to notify consumers if consumers’ personal information has been compromised.  The Administration’s updated proposal helps businesses and consumers by simplifying and standardizing the existing patchwork of 46 state laws (plus the District of Columbia and several territories) that contain these requirements into one federal statute, and by putting in place a single clear and timely notice requirement to ensure that companies notify their employees and customers about security breaches.

    Moving Forward

    The Cybersecurity Summit marks a milestone in our Nation’s efforts to strengthen its cyber defenses.  It provides an opportunity to discuss what we have accomplished to date and to highlight immediate commitments that the Federal government and the private sector are making to improve the security of cyberspace.   However, in cybersecurity, we can never rest on past achievements.  Therefore, even as we and the private sector make good on these commitments, we need to keep moving forward.   We will continue to focus on strengthening the defenses of our critical infrastructure and government networks, improving our ability to disrupt, respond to, recover from, and mitigate malicious cyber activity, enhance our international cooperation, and shape the future of cyberspace to be inherently more secure.  And we look forward to doing this in close collaboration with our private sector partners.

  • 12 Feb 2015 12:19 PM | Anonymous member (Administrator)

    Private Investigators Indicted In E-Mail Hacking Scheme

    DOJ Release: U.S. Attorney's Office - Northern District of California

    SAN JOSE, CA –  Nathan Moser, Peter Siragusa, AKA Bobby Russo, Carlo Pacileo, Trent Williams, and Sumit Gupta, AKA Sumit Vishnoi, were charged with crimes related to a conspiracy to access the e-mail accounts, Skype accounts, and computers of people opposing Moser’s and Siragua’s clients’ in civil lawsuits, announced United States Attorney Melinda Haag and Federal Bureau of Investigation Special Agent in Charge David J. Johnson.

    A federal grand jury indicted Moser, 41, of Menlo Park, Calif.; Siragusa, 59, of Novato, Calif.; Pacileo, 44, of El Segundo, Calif.; Williams, 24, of Martinez, Calif.; and Gupta, 26, of Jabalapur, India, on January 15, 2015, charging them with one count of Conspiracy, in violation of 18 U.S.C. § 1030(b), six counts of Accessing a Protected Computer and Obtaining Information, in violation of 18 U.S.C. § 1030(a)(2)(C), and two counts of Interception of Electronic Communications, in violation of 18 U.S.C. § 2511(1)(a). The indictment was unsealed in court in San Jose, Calif., yesterday.

    According to the Indictment, Moser was a private investigator and owner of Moser and Associates in Menlo Park. Siragusa was also a private investigator and owner of Siragusa Investigations in Novato. Although Moser and Siragusa operated separate businesses, they often assisted in each other’s investigations. The Indictment further alleges that Williams and Gupta were computer hackers hired by Moser and Siragusa to access the e-mail accounts, Skype accounts, and protected computers of individuals without authorization. Pacileo was the director of security for ViSalus, a network marketing company based in Los Angeles and one of Moser’s clients.

    The Indictment alleges that the object of the defendants’ conspiracy was to obtain information that would assist Moser’s and Siragusa’s clients, including Pacileo, in the clients’ lawsuits. According to the indictment, once retained by a client, Moser and Siragusa would hire Williams and Gupta, among others, to hack into the victims’ e-mail accounts, Skype accounts, and protected computers. In addition to that conduct, the defendants allegedly installed and used a keylogger—a tool that intercepts and logs the particular keys struck on a keyboard in a covert manner so that the person using the keyboard is unaware that his or her actions are being monitored—to obtain information that would assist Moser’s and Siragusa’s clients.

    According to the Indictment, Ocean Avenue, a network marketing company based in South Jordan, Utah, was a competitor of ViSalus that had hired several former ViSalus employees. As a result, ViSalus initiated a civil lawsuit against Ocean Avenue employees. Pacileo hired Moser to investigate Ocean Avenue.  Moser allegedly enlisted Siragusa to assist with the investigation, and together they hired hackers to illegally obtain information to assist in the lawsuit.

    Moser, Siragusa, and Williams made their initial appearances in San Jose yesterday before the Honorable Paul S. Grewal, U.S. Magistrate Judge. Moser was released on a $100,000 bond, with his wife signing as surety and custodian. Moser’s next hearing is scheduled for identification of counsel today before Judge Grewal.  Siragusa was released pending the filing of a $100,000 secured bond on or before February 20, 2015. His next hearing is scheduled for February 23, 2015, at 1:30 p.m. before the Honorable Edward J. Davila, U.S. District Judge, in San Jose. Williams, who remains in custody, has a detention hearing scheduled for February 13, 2015, at 1:30 p.m., before Judge Grewal.

    Pacileo made his initial appearance in Los Angeles before the Honorable Ralph Zarefsky, U.S. Magistrate Judge, and was released pending the filing of a $25,000 secured bond on or before February 13, 2015. His next hearing is scheduled for February 23, 2015 before Judge Davila.

    An arrest warrant has been issued by the court for Gupta, who is believed to be in India. FBI Agents in San Jose are working with the FBI office in New Delhi, India, to secure Gupta’s prosecution.

    The maximum statutory penalty for a violation of 18 U.S.C. § 1030(b) is 5 years custody, 3 years supervised release, and a fine of $250,000.  The maximum statutory penalty for each violation of 18 U.S.C. § 1030(a)(2)(C) is 10 years custody, 3 years supervised release, and a fine of $250,000.  The maximum statutory penalty for each violation of 18 U.S.C. § 2511(1)(a) is 5 years custody, 3 years supervised release, and a fine of $250,000. However, any sentence will be imposed by the court only after consideration of the U.S. Sentencing Guidelines and the federal statute governing the imposition of a sentence, 18 U.S.C. § 3553.

    Matt Parrella and Michelle Kane are the Assistant U.S. Attorneys who are prosecuting the case with the assistance of Elise Etter. The prosecution is the result of an investigation by the FBI.

    Updated February 11, 2015
  • 18 Dec 2014 7:39 PM | Anonymous member (Administrator)

    A December 18, 2014 article "German researchers discover a flaw that could let anyone listen to your cell calls" by Craig Timberg of The Washington Post should be reviewed by investigative and security professionals. He points out that German researchers discovered security flaws that could allow hackers, spies and criminals listen to private phone calls and intercept text messages on a potentially massive scale – even when cellular networks are using the most advanced encryption presently available.

    The flaws, reported at a hacker conference in Hamburg this month, are the latest evidence of widespread insecurity on SS7, the global network that allows the world’s cellular carriers to route calls, texts and other services to each other. Experts say it’s increasingly clear that SS7, first designed in the 1980s, is riddled with serious vulnerabilities that undermine the privacy of the world’s billions of cellular customers.

    The flaws are actually functions built into SS7 for other purposes – such as keeping calls connected as users speed down highways, switching from cell tower to cell tower – that hackers can repurpose for surveillance because of the lax security on the network.

    Those skilled at the myriad functions built into SS7 can locate callers anywhere in the world, listen to calls as they happen or record hundreds of encrypted calls and texts at a time for later decryption. There also is potential to defraud users and cellular carriers by using SS7 functions, the researchers say. (The term is short for Signaling System 7 and replaced previous networks called SS6, SS5, etc.)

    These vulnerabilities continue to exist even as cellular carriers invest billions of dollars to upgrade to advanced 3G technology aimed, in part, at securing communications against unauthorized eavesdropping. But even as individual carriers harden their systems, they still must communicate with each other over SS7, leaving them open to any of thousands of companies worldwide with access to the network. That means that a single carrier in Congo or Kazakhstan, for example, could be used to hack into cellular networks in the United States, Europe or anywhere else.

    “It’s like you secure the front door of the house, but the back door is wide open,” said Tobias Engel, one of the German researchers. He is founder of Sternraute, who with Karsten Nohl, chief scientist for Security Research Labs, separately discovered these security weaknesses as they studied SS7 networks in recent months, after The Washington Post reported the widespread marketing of surveillance systems that use SS7 networks to locate callers anywhere in the world. The Post reported that dozens of nations had bought such systems to track surveillance targets and that skilled hackers or criminals could do the same using functions built into SS7.

    The researchers did not find evidence that their latest discoveries, which allow for the interception of calls and texts, have been marketed to governments on a widespread basis. But vulnerabilities publicly reported by security researchers often turn out to be tools long used by secretive intelligence services, such as the National Security Agency or Britain’s GCHQ, but not revealed to the public.

    “Many of the big intelligence agencies probably have teams that do nothing but SS7 research and exploitation,” said Christopher Soghoian, principal technologist for the ACLU and an expert on surveillance technology. “They’ve likely sat on these things and quietly exploited them.”

    The GSMA, a global cellular industry group based in London, did not respond to queries seeking comment about the vulnerabilities that Nohl and Engel have found. For the Post’s article in August on location tracking systems that use SS7, GSMA officials acknowledged problems with the network and said it was due to be replaced over the next decade because of a growing list of security and technical issues.

    The German researchers found two distinct ways to eavesdrop on calls using SS7 technology. In the first, commands sent over SS7 could be used to hijack a cell phone’s “forwarding” function -- a service offered by many carriers. Hackers would redirect calls to themselves, for listening or recording, and then onward to the intended recipient of a call. Once that system was in place, the hackers could eavesdrop on all incoming and outgoing calls indefinitely, from anywhere in the world.

    The second technique requires physical proximity but could be deployed on a much wider scale. Hackers would use radio antennas to collect all the calls and texts passing through the airwaves in an area. For calls or texts transmitted using strong encryption, such as is commonly used for advanced 3G connections, hackers could request through SS7 that each caller’s carrier release a temporary encryption key to unlock the communication after it has been recorded.

    Nohl on Wednesday demonstrated the ability to collect and decrypt a text message using the phone of a German senator, who cooperated in the experiment. But Nohl said the process could be automated to allow massive decryption of calls and texts collected across an entire city or a large section of a country, using multiple antennas.

    “It’s all automated, at the push of a button,” Nohl said. “It would strike me as a perfect spying capability, to record and decrypt pretty much any network… Any network we have tested, it works.”

    Those tests have included more than 20 networks worldwide, including T-Mobile in the United States. The other major U.S. carriers have not been tested, though Nohl and Engel said it’s likely at least some of them have similar vulnerabilities. (Several smartphone-based text messaging systems, such as Apple’s iMessage and Whatsapp, use end-to-end encryption methods that sidestep traditional cellular text systems and likely would defeat the technique described by Nohl and Engel.)

    In a statement, T-Mobile said: “T-Mobile remains vigilant in our work with other mobile operators, vendors and standards bodies to promote measures that can detect and prevent these attacks."

    The issue of cell phone interception is particularly sensitive in Germany because of news reports last year, based on documents provided by former NSA contractor Edward Snowden, that a phone belonging to Chancellor Angela Merkel was the subject of NSA surveillance. The techniques of that surveillance have not become public, though Nohl said that the SS7 hacking method that he and Engel discovered is one of several possibilities.

    U.S. embassies and consulates in dozens of foreign cities, including Berlin, are outfitted with antennas for collecting cellular signals, according to reports by German magazine Der Spiegel, based on documents released by Snowden. Many cell phone conversations worldwide happen with either no encryption or weak encryption.

    The move to 3G networks offers far better encryption and the prospect of private communications, but the hacking techniques revealed by Nohl and Engel undermine that possibility. Carriers can potentially guard their networks against efforts by hackers to collect encryption keys, but it’s unclear how many have done so. One network that operates in Germany, Vodafone, recently began blocking such requests after Nohl reported the problem to the company two weeks ago.

    Nohl and Engel also have discovered new ways to track the locations of cell phone users through SS7. The Post story, in August, reported that several companies were offering governments worldwide the ability to find virtually any cell phone user, virtually anywhere in the world, by learning the location of their cell phones through an SS7 function called an “Any Time Interrogation” query.

    Some carriers block such requests, and several began doing so after the Post’s report. But the researchers in recent months have found several other techniques that hackers could use to find the locations of callers by using different SS7 queries. All networks must track their customers in order to route calls to the nearest cellular towers, but they are not required to share that information with other networks or foreign governments.

    Carriers everywhere must turn over location information and allow eavesdropping of calls when ordered to by government officials in whatever country they are operating in. But the techniques discovered by Nohl and Engel offer the possibility of much broader collection of caller locations and conversations, by anyone with access to SS7 and the required technical skills to send the appropriate queries.

    “I doubt we are the first ones in the world who realize how open the SS7 network is,” Engel said.

    Secretly eavesdropping on calls and texts would violate laws in many countries, including the United States, except when done with explicit court or other government authorization. Such restrictions likely do little to deter criminals or foreign spies, say surveillance experts, who say that embassies based in Washington likely collect cellular signals.

    The researchers also found that it was possible to use SS7 to learn the phone numbers of people whose cellular signals are collected using surveillance devices. The calls transmit a temporary identification number which, by sending SS7 queries, can lead to the discovery of the phone number. That allows location tracking within a certain area, such as near government buildings.

    The German senator who cooperated in Nohl’s demonstration of the technology, Thomas Jarzombek of Merkel’s Christian Democratic Union party, said that while many in that nation have been deeply angered by revelations about NSA spying, few are surprised that such intrusions are possible.

    “After all the NSA and Snowden things we’ve heard, I guess nobody believes it’s possible to have a truly private conversation on a mobile phone,” he said. “When I really need a confidential conversation, I use a fixed-line" phone.

  • 10 Jul 2014 1:34 PM | Anonymous member (Administrator)

    In light of ongoing revelations regarding the NSA and the action of the German government on July 10, 2014 to have the US CIA station chief in Berlin recalled, below is ProPublica's article Here's One Way to Land on the NSA's Watch List: If you downloaded the privacy software Tor in 2011, you may have been flagged to be spied on by Julia Angwin and Mike Tigas.

    Last week, German journalists revealed that the National Security Agency has a program to collect information about people who use privacy-protecting services, including popular anonymizing software called Tor. But it's not clear how many users have been affected.

    So we did a little sleuthing, and found that the NSA's targeting list corresponds with the list of directory servers used by Tor between December 2010 and February 2012 – including two servers at the Massachusetts Institute of Technology. Tor users connect to the directory servers when they first launch the Tor service.

    The revelations were among the first evidence of specific spy targets inside the United States. And they have been followed by yet more evidence. The Intercept revealed this week that the government monitored email of five prominent Muslim-Americans, including a former Bush Administration official.

    It's not clear if, or how extensively, the NSA spied on the users of Tor and other privacy services.

    After the news, one of Tor's original developers, Roger Dingledine, reassured users that they most likely remained anonymous while using the service: "Tor is designed to be robust to somebody watching traffic at one point in the network – even a directory authority." It is more likely that users could have been spied on when they were not using Tor.

    For its part, the NSA says it only collects information for valid foreign intelligence purposes and that it "minimizes" information it collects about U.S. residents. In other words, NSA may have discarded any information it obtained about U.S. residents who downloaded Tor.

    However, according to a recent report by the Privacy and Civil Liberties Oversight Board, the NSA's minimization procedures vary by program. Under Prism, for example, the NSA shares unminimized data with the FBI and CIA.

    In addition, the NSA can also later search the communications of those it has inadvertently caught in its Prism dragnet, a tactic some have called a " backdoor" search. It's not clear if similar backdoors exist for other types of data such as IP addresses.

    In response to the Tor news, the NSA said it is following President Obama's January directive to not conduct surveillance for the purpose of "suppressing or burdening criticism or dissent, or for disadvantaging persons based on their ethnicity, race, gender, sexual orientation, or religion."

    [Disclosure: Mike Tigas is the developer of an app that uses Tor, called the Onion Browser.]

    We updated our chart of NSA revelations to include monitoring of privacy software.


     

  • 04 Nov 2013 9:34 PM | Anonymous member (Administrator)

    ISPLA is pleased to post the item below by Jeff Larson of November 4, 2013 with

    the permission of ProPublica:

    The federal institute that sets national standards for how government, private citizens and business guard the privacy of their files and communications is reviewing all of its previous recommendations [1].

    The move comes after ProPublica, The Guardian and The New York Times disclosed [2] that the National Security Agency had worked to secretly weaken standards to make it easier for the government to eavesdrop.

     The review, announced late Friday afternoon by the National Institute for Standards and Technology, will also include an assessment of how the institute creates encryption standards.

    The institute sets national standards for everything from laboratory safety to high-precision timekeeping. NIST’s cryptographic standards are used by software developers around the world to protect confidential data. They are crucial ingredients for privacy on the Internet, and are designed to keep Internet users safe from being eavesdropped on when they make purchases online, pay bills or visit secure websites.

    But as the investigation by ProPublica, The Guardian and The New York Times in September revealed, the National Security Agency spends $250 million a year on a project called “SIGINT Enabling [3]” to secretly undermine encryption. One of the key goals, documents said, was to use the agency’s influence to weaken the encryption standards that NIST and other standards bodies publish.

    “Trust is crucial to the adoption of strong cryptographic algorithms,” the institute said in a statement [1] on their website. “We will be reviewing our existing body of cryptographic work, looking at both our documented process and the specific procedures used to develop each of these standards and guidelines.”

    The NSA is no stranger to NIST’s standards-development process. Under current law, the institute is required to consult with the NSA when drafting standards. NIST also relies on the NSA for help with public standards because the institute doesn’t have as many cryptographers as the agency, which is reported to be the largest employer of mathematicians [4] in the country.

    “Unlike NSA, NIST doesn’t have a huge cryptography staff,” said Thomas Ptacek, the founder of Matasano Security [5], “NIST is not the direct author of many of most of its important standards.”

    Matthew Scholl, the deputy chief at the Computer Security Division of the institute, echoed that statement, "As NIST Director Pat Gallagher has said in several public settings, NIST is designed to collaborate and the NSA has some of the world’s best minds in cryptography." He continued, "We also have parallel missions to protect federal IT systems, so we will continue to work with the NSA."

    Some of these standards are products of public competitions among academic cryptography researchers, while others are the result of NSA recommendations. An important standard, known as SHA2, was designed by the NSA and is still trusted by independent cryptographers and software developers worldwide.

    NIST withdrew one cryptographic standard, called Dual EC DRGB, after documents provided to news organizations by the former intelligence contractor Edward Snowden raised the possibility that the standard had been covertly weakened by the NSA.

    Soon after, a leading cryptography company, RSA, told software writers to stop using the algorithm in a product it sells. The company promised to remove the algorithm in future releases.

    Many cryptographers have expressed doubt about NIST standards since the initial revelations were published. One popular encryption library changed its webpage [6] to boast that it did not include NIST-standard cryptography. Silent Circle [7], a company that makes encryption apps for smartphones, promised to replace the encryption routines in its products with algorithms not published by NIST.

    If the NIST review prompts significant changes to existing encryption standards, consumers will not see the benefit immediately. “If the recommendations change, lots of code will need to change,” said Tanja Lange, a cryptographer at the University of Technology at Eindhoven, in the Netherlands. “I think that implementers will embrace such a new challenge, but I can also imagine that vendors will be reluctant to invest the extra time.”

    In Friday’s announcement, NIST pointed to its long history of creating standards, including the role it had in creating the first national encryption standard in the 1970s — the Data Encryption Standard, known as DES. “NIST has a proud history in open cryptographic standards, beginning in the 1970s with the Data Encryption Standard,” the bulletin said. But even that early standard was influenced by the NSA. [8]

    During the development of DES, the agency insisted that the algorithm use weaker keys than originally intended — keys more susceptible to being broken by super computers. At the time, Whitfield Diffie, a digital cryptography pioneer, raised serious concerns about the keys. [9] “The standard will have to be replaced in as few as five years,” he wrote.

    The weakened keys in the standard were not changed. DES was formally withdrawn [10] by the institute in 2005.

    The announcement is the latest effort by NIST to restore the confidence of cryptographers. A representative from NIST announced in a public mailing list, also on Friday, that the institute would restore the original version of a new encryption standard, known as SHA3, that had won a recent design competition but altered by the institute after the competition ended. Cryptographers charged that NIST’s changes to the algorithm had weakened it.

    The SHA3 announcement referred directly to cryptographers’ concerns. “We were and are comfortable with that version on technical grounds, but the feedback we’ve gotten indicates that a lot of the crypto community is not comfortable with it,” wrote John Kelsey, NIST’s representative. There is no evidence the NSA was involved in the decision to change the algorithm.

    The reversal took Matthew Green, a cryptographer at Johns Hopkins University, by surprise. “NIST backed down! I’m not sure they would have done that a year ago,” he said.

    Update: A NIST spokesperson responded on Monday afternoon (this story initially stated that NIST declined to comment).

  • 10 Jan 2013 11:10 AM | Anonymous member (Administrator)

    Intelligence and Human Networks

    Stratfor Global Intelligence By Tristan Reed January 10, 2013

    Stratfor views the world through the lens of geopolitics, the study of hard, physical constraints on man's ability to shape reality. Political decisions are limited by the geography in which they take place, eliminating many of the options concocted by ideologues and making their human decisions easier to predict. But the study of geopolitics only takes the understanding of global affairs so far: It identifies the geographical constraints but leaves an array of options open to human actors. So when forecasting on a shorter time frame, analysis must go beyond geographical constraints to more specific, temporal constraints. For this reason, predicting the short-term activities of human actors requires an understanding of the constraints they face in the human terrain within which they operate.

    As a result, one task common to any intelligence organization is defining the human network of a state, criminal organization, militant movement or any other organization to better determine and understand a group's characteristics and abilities. A human network in this sense is a broad term used to describe the intricate web of relations existing in an organization and within a specific region. For anyone or any organization with interests in a given geographic area, understanding the networks of individuals with influence in the region is critical.

    Intelligence and Analysis

    People use human networks to organize the control of resources and geography. No person alone can control anything of significance. Presidents, drug lords and CEOs rely on people to execute their strategies and are constrained by the capabilities and interests of the people who work for them. Identifying these networks may be a daunting task depending on the network. For obvious reasons, criminal organizations and militant networks strive to keep their membership secret, and it is not always apparent who gives the orders and who carries out the orders in a political body. To discern who's who in a group, and therefore whether an individual matters in a group, requires both intelligence and analysis to make sense of the intelligence.

    How intelligence is acquired depends on the resources and methods available to an intelligence organization, while the analysis that follows differs depending on the intent. For example, International Security Assistance Force military operations aimed at disrupting militant networks in   

    Afghanistan would require the collection of informants and signals intelligence followed by analysis to pinpoint the exact location of individuals within a network to enable targeted operations. Simply knowing who belongs to a militant network and their location is not enough; the value lies in the significance and capabilities of an individual in the group. Detaining an individual who lays improvised explosive devices on a road may result in short-term disruptions to the target's area of operations, but identifying and detaining a bombmaker with exclusive experience and training will have a far greater impact.

    The true value of analysis lies in understanding the significance of a particular individual in a network. Mapping out a human network begins with the simple question of who belongs to a particular network. Next, identify and define relationships with other known individuals and organizations. For some, this process takes the form of link analysis, which is a visual representation of a network where each individual is represented in a diagram. Links between the individuals who interact with one another are then depicted. These links show an individual's significance in a group and establish whether he is a lowly scout within a transnational criminal organization who may only interact with his paymaster. The paymaster, by contrast, could be linked to dozens of other group members. Examining how many links within a group an individual has, however, is just scratching the surface of understanding the network.

    Every individual within a given human network has reasons to be tied to others within the network. Understanding what unites the individuals in an organization provides further depth of understanding. Whether it be ideology, mutual interests, familial ties or paid services, why a relationship exists will help determine the strength of such bonds, the motives of the network and the limitations to what a network can accomplish. For example, when assessing the strength of the Syrian regime, it is imperative to identify and examine the inner circle of President Bashar al Assad. Analyzing these members can indicate which factions of the Syrian population and which political and familial groupings support or reject the al Assad regime. That key posts within the government are now occupied primarily by Alawites indicates a combination of regime distrust of the Sunnis and dwindling levels of support from even high-ranking Sunnis. Similarly, examining the once-strong ties of inner circle members who have defected indicates which factions no longer support the regime and points toward other groups that might also have doubts about remaining loyal.

    Rarely is there a completely isolated human network. Human relations typically span multiple regions or even continents. Politicians can have their own business interests, drug traffickers may have counterparts in another country and militant groups may have the sympathy of other groups or even members in a state's government. There are no limits on how separate networks may interact with one another. Understanding a group's ties to other groups further defines the original group's influence. For example, a political leader at odds with the powerful military of his state may find significant constraints in governing (due to the limitations within the human network on figures linking the military assets to political leaders). A drug trafficker with a law enforcement officer on his payroll will likely find less resistance from authorities when conducting illicit business (due to the capabilities that a police officer would provide to the network).

    The reasons for, and methods of, defining a human network will vary depending on the intelligence organization. A nation with vast resources like the

    United States has an exceptionally large focus on human networks around the world and a full array of intelligence disciplines to gather the necessary information. At Stratfor, our reasons to map the intricate web of human relations within an organization differ as we look to understand the constraints that human networks place on actors.

    Challenges of Tracking Human Networks

    The individuals in an organization are constantly changing. This means the job of mapping the driving forces in an organization never ends, since relations shift, roles change and individuals often are taken out of the picture altogether. As a result, intelligence collectors must continually task their intelligence assets for new information, and analysts must continually update their organizational charts.

    Logically, the more fluid the membership of an organization, the more difficult it is for an intelligence organization -- or rival organization -- to follow it. As an example, take Los Zetas, who dominate the Mexican border town of

    Nuevo Laredo. The group always will have individuals in the city in charge of running daily criminal operations, such as coordinating gunmen, drug shipments, money laundering and retail drug sales. Within a Mexican transnational criminal organization, the person filling this role is typically called a "plaza boss." Several alleged Zetas plaza bosses of Nuevo Laredowere killed or captured during 2012 in Mexican military operations. With each kill or capture, an organization must replace the former plaza boss. This frequent succession of plaza bosses obviously reshapes the human network operating in Nuevo Laredo.

    It is no simple matter for a collector to ask his informants about, or to eavesdrop through surveillance, for information about the personnel changes. It takes time for a new plaza boss to assume his new responsibilities. A new office manager must get to know his employees and operations before making critical decisions. Additionally, an intelligence collector's assets may not be able to provide updates right away. In the case of an informant, does the informant have the same access to the new plaza boss as the former? Roles are more constant within an organization and can be split up among individuals. Thus, a person who had handled both gunmen and drug shipments may be replaced by two people to break up the responsibilities. Therefore, collectors and analysts must seek to understand the roles of the new plaza boss and whether he has the same influence as the prior one.

    What We Do

    Understanding that the players within organizations change frequently, but that the roles and constraints of an organization transform far more slowly, is key to how Stratfor approaches human networks. For the leader of a nation, the geopolitical imperatives of the nation serve as impersonal forces directing the decisions of a rational individual. For a criminal or insurgent leader, there is only so much that can be done while attempting to avoid notice by law enforcement and the military, and the organization's imperatives will likely remain in place. In determining the constraints and imperatives, we can better identify the significance and courses of actions of an organization without necessarily knowing the details about the individuals serving specific roles.

    Particularly with more clandestine human networks, we continually examine the external effects of known personnel changes. For example, how has the death of a Taliban leader in

    Pakistanaffected the operations of the Tehrik-i-Taliban Pakistanas a whole, such as in the case of the Jan. 3 death of Taliban leader Maulvi Nazir in South Waziristan? Nazir commanded a relatively benign faction of the Pakistani Taliban that kept more aggressive, anti-government factions out of South Waziristan. His removal, and the nature of his removal, could invite militants waging an active fight against the Pakistani government to return to South Waziristan. Ultimately, Nazir was a distinct figure in the Pakistani militant network due to his alliance with Islamabad. While his removal won't change the fact that militants will thrive on the Pakistani-Afghan border (which geography dictates), it does marginally tilt the balance away from Islamabadand toward the militants.

    With the example of Los Zetas in Nuevo Laredo, we know

    Nuevo Laredois a critical location for the transnational criminal organization. As a border town with one of the highest volumes of cross-border commercial shipping to the United States , the city serves as one of the principal sources of revenue for Zetas drug traffickers. For this reason, Los Zetas will certainly continue to replace figures who are removed by military and law enforcement.

    Using this known behavior and the imperatives, we can learn about Los Zetas elsewhere in

    Mexico : By observing the group at a broader geographic level, we can deduce the significance of a capture or death in a specific locale. If the losses of personnel in Nuevo Laredo have had a significant impact on the organization, operations would likely suffer in other geographic areas as the group accommodates its losses in Nuevo Laredo.

    In forecasting the political, economic or security climate of a geographic region, understanding human networks must be incorporated into any analysis. Areas such as

    Mexicoand Syria have geographic elements that define conflicts. Mexico's location between the cocaine producers of the northern Andes and cocaine consumers in the United States ensures that groups will profit off the cocaine flow from south to north. The Sierra Madre Occidental and Sierra Madre Oriental divide trafficking corridors between the east and west coasts of Mexico . But geography alone can't be used to predict how groups will organize and compete with each other within those trafficking corridors. Predicting the spread and scope of violence depends on knowledge of the human network and of who controls the resources and terrain. Similarly, the geographic significance of the Levant to Iranand Iraqdetermines the importance of Syriaas an access point to the Mediterranean, but that alone doesn't determine the future of al Assad's regime. Understanding who his most trusted confidants are, what their relationships are based on and watching their moves enables us to filter the constant news of death and destruction coming out of Syria and to focus on the individuals who directly support al Assad and determine his immediate fate. 

    Inasmuch that humans can overcome geography, they can do so through organizations that control terrain and resources. Understanding the nature of those organizations and how they control those assets requires knowledge of the human network.

    "<a href="http://www.stratfor.com/weekly/intelligence-and-human-networks">Intelligence and Human Networks</a> is republished with permission of Stratfor."

  • 13 Oct 2011 2:04 PM | Anonymous member (Administrator)

    Growing Concern Over the New York City Police Department's Counterterrorism Methods is Repudiated

     

    By Scott Stewart

    In response to the 9/11 attacks, the New York Police Department (NYPD) established its own Counter-Terrorism Bureau and revamped its Intelligence Division. Since that time, its methods have gone largely unchallenged and have been generally popular with New Yorkers, who expect the department to take measures to prevent future attacks.

    Preventing terrorist attacks requires a very different operational model than arresting individuals responsible for such attacks, and the NYPD has served as a leader in developing new, proactive approaches to police counterterrorism. However, it has been more than 10 years since the 9/11 attacks, and the NYPD is now facing growing concern over its counterterrorism activities. There is always an uneasy equilibrium between security and civil rights, and while the balance tilted toward security in the immediate aftermath of 9/11, it now appears to be shifting back.

    This shift provides an opportunity to examine the NYPD’s activities, the pressure being brought against the department and the type of official oversight that might be imposed.

    Under Pressure

    Reports that the NYPD’s Intelligence Division and Counter-Terrorism Bureau engage in aggressive, proactive operations are nothing new. STRATFOR has written about them since 2004, and several books have been published on the topic. Indeed, police agencies from all over the world travel to New York to study the NYPD’s approach, which seems to have been quite effective.

    Criticism of the department’s activities is nothing new, either. Civil liberties groups have expressed concern over security methods instituted after 9/11, and Leonard Levitt, who writes a column on New York police activities for the website NYPD Confidential, has long been critical of the NYPD and its commissioner, Ray Kelly. Associated Press reporters Adam Goldman and Matt Apuzzo have written a series of investigative reports that began on Aug. 24 detailing “covert” NYPD activities, such as mapping the Muslim areas of New York. This was followed by the Aug. 31 publication of what appears to be a leaked NYPD PowerPoint presentation detailing the activities of the Intelligence Division’s Demographics Unit.

    In the wake of these reports, criticism of the NYPD’s program has reached a new level. Members of the New York City Council expressed concern that their constituents were being unjustly monitored. Six New York state senators asked the state attorney general to investigate the possibility of “unlawful covert surveillance operations of the Muslim community.” A group of civil rights lawyers also asked a U.S. district judge in Manhattan to force the NYPD to publicize any records of such a program and to issue a court order to prevent their destruction. In response to the AP investigation, two members of Congress, Reps. Yvette Clarke, D-N.Y., and Rush Holt, D-N.J., asked the Justice Department to investigate. The heat is on.

    After an Oct. 7 hearing regarding NYPD intelligence and counterterrorism operations, New York City Council Public Safety Committee Chairman Peter Vallone said, “That portion of the police department’s work should probably be looked at by a federal monitor.”

    Following Vallone’s statement, media reports cited Congressional and Obama administration officials saying they have no authority to monitor the NYPD. While Vallone claims the City Council does not have the expertise to oversee the department’s operations, and the federal government says that it lacks the jurisdiction, it is almost certain that the NYPD will eventually face some sort of new oversight mechanisms and judicial review of its counterterrorism activities.

    New York City and the Terrorist Threat

    While 9/11 had a profound effect on the world and on U.S. foreign policy, it had an overwhelming effect on New York City itself. New Yorkers were willing to do whatever it took to make sure such an attack did not happen again, and when Kelly was appointed police commissioner in 2002, he proclaimed this as his primary duty (his critics attributed the focus to ego and hubris). This meant revamping counterterrorism and moving to an intelligence-based model of prevention rather than one based on prosecution.

    The NYPD’s Intelligence Division, which existed prior to 9/11, was known mainly for driving VIPs around New York, one of the most popular destinations for foreign dignitaries and one that becomes very busy during the U.N. General Assembly. Before 9/11, the NYPD also faced certain restrictions contained in a 1985 court order known as the Handschu guidelines, which required the department to submit “specific information” on criminal activity to a panel for approval to monitor any kind of political activity. The Intelligence Division had a very limited mandate. When David Cohen, a former CIA analyst, was brought in to run the division, he went to U.S. District Court in Manhattan to get the guidelines modified. Judge Charles Haight modified them twice in 2002 and 2003, and he could very well review them again. His previous modifications allowed the NYPD Intelligence Division to proactively monitor public activity and look for indications of terrorist or criminal activity without waiting for approval from a review panel.

    The Counter-Terrorism Bureau was founded in 2002 with analytical and collection responsibilities similar to those of the Intelligence Division but involving the training, coordination and response of police units. Differences between the two units are mainly bureaucratic and they work closely together.

    As the capabilities of the NYPD’s Intelligence Division and Counter-Terrorism Bureau developed, both faced the challenges of any new or revamped intelligence organization. Their officers learned the trade by taking on new monitoring responsibilities, investigating plots and analyzing intelligence from plots in other parts of the United States and abroad. One of their biggest challenges was the lack of access to information from the federal government and other police departments around the United States. The NYPD also believed that the federal government could not protect New York. The most high-profile city in the world for finance, tourism and now terrorism, among other things, decided that it had to protect itself.

    The NYPD set about trying to detect plots within New York as they developed, getting information on terrorist tactics and understanding and even deterring plots developing outside the city. In addition to the challenges it also had some key advantages, including a wealth of ethnic backgrounds and language skills to draw on, the budget and drive to develop liaison channels and the agility that comes with being relatively small, which allowed it to adapt to changing threat environments. The department was creating new organizational structures with specific missions and targeted at specific threats. Unlike federal agencies, it had no local competitors, and its large municipal budget was augmented by federal funding that has yet to face cyclical security budget challenges.

    Looking for Plots

    STRATFOR first wrote about the NYPD’s new proactive approach to counterterrorism in 2004. The NYPD’s focus moved from waiting for an attack to happen and then allowing police and prosecutors to “make the big case” to preventing and disrupting plots long before an attack could occur. This approach often means that operatives plotting attacks are charged with much lower charges than terrorism or homicide, such as document fraud or conspiracy to acquire explosives.

    The process of looking for signs of a terrorist plot is not difficult to explain conceptually, but actually preventing an attack is extremely difficult, especially when the investigative agency is trying to balance security and civil liberties. It helps when plotters expose themselves prior to their attack and ordinary citizens are mindful of suspicious behavior. Grassroots defenders, as we call them, can look for signs of pre-operational surveillance, weapons purchasing and bombmaking, and even the expressed intent to conduct an attack. Such activities are seemingly innocuous and often legal undefined taking photos at a tourist site, purchasing nail-polish remover, exercising the right of free speech undefined but sometimes these activities are carried out with the purpose of doing harm. The NYPD must figure out how to separate the innocent act from the threatening act, and this requires actionable intelligence.

    It is for this reason that the NYPD’s Demographics Unit, which is now apparently called the Zone Assessment Unit, has been carrying out open observation in neighborhoods throughout New York. Understanding local dynamics, down to the block-by-block level, provides the context for any threat reporting and intelligence that the NYPD receives. Also shaping perceptions are the thousands of calls to 911 and 1-888-NYC-SAFE that come in every day, partly due to the city’s “If you see something, say something” campaign. This input, along with observations by so-called rakers (undercover police officers) allows NYPD analysts to “connect the dots” and detect plots before an attack occurs. According to the AP reports, these rakers, who go to different neighborhoods, observe and interact with residents and look for signs of criminal or terrorist activity, have been primarily targeting Muslim neighborhoods.

    These undercover officers make the same observations that any citizen can make in places where there is no reasonable expectation of privacy. Indeed, law enforcement officers from the local to the federal level across the country have been doing this for a long time, looking for indicators of criminal activity in business, religious and public settings without presuming guilt.

    Long before the NYPD began looking for jihadists, local police have used the same methods to look for mafia activity in Italian neighborhoods, neo-Nazis at gun shows and music concerts, Crips in black neighborhoods and MS-13 members in Latino neighborhoods. Law enforcement infiltration into white hate groups has disrupted much of this movement in the United States. Location is a factor in any counterterrorism effort because certain targeted groups tend to congregate in certain places, but placing too much emphasis on classifications of people can lead to dangerous generalizations, which is why STRATFOR often writes about looking for the “how” rather than the “who.

    Understanding New Threats and Tactics

    As the NYPD saw it, the department needed tactical information as soon as possible so it could change the threat posture. The department’s greatest fear was that a coordinated attack would occur on cities throughout the world and police in New York would not be ramped up in time to prevent or mitigate it. For example, an attack on transit networks in Europe at rush hour could be followed by an attack a few hours later in New York, when New Yorkers were on their way to work. This fear was almost realized with the 2004 train attacks in Madrid. Within hours of the attacks, NYPD officers were in Madrid reporting back to New York, but the NYPD claims the report they received from the FBI came 18 months later. There was likely some intelligence sharing prior to this report, but the perceived lack of federal responsiveness explains why the NYPD has embarked on its independent, proactive mission.

    NYPD officers reportedly are located in 11 cities around the world, and in addition to facilitating a more rapid exchange of intelligence and insight, these overseas operatives are also charged with developing liaison relationships with other police forces. And instead of being based in the U.S. Embassy like the FBI’s legal attache, they work on the ground and in the offices of the local police. The NYPD believes this helps the department better protect New York City, and it is willing to risk the ire of and turf wars with other U.S. agencies such as the FBI, which has a broader mandate to operate abroad.

    Managing Oversight and Other Challenges

    The New York City Council does not have the same authority to conduct classified hearings that the U.S. Congress does when it oversees national intelligence activity. And the federal government has limited legal authority at the local level. What Public Safety Committee Chairman Vallone and federal government sources are implying is that they are not willing to take on oversight responsibilities in New York. In other words, while there are concerns about the NYPD’s activities, they are happy with the way the department is working and want to let it continue, albeit with more accountability. As oversight exists now, Kelly briefs Vallone on various NYPD operations, and even with more scrutiny from the City Council, any operations are likely be approved.

    The NYPD still has to keep civil rights concerns in mind, not only because of a legal or moral responsibility but also to function successfully. As soon as the NYPD is seen as a dangerous presence in a neighborhood rather than a protective asset, it will lose access to the intelligence that is so important in preventing terrorist attacks. The department has plenty of incentive to keep its officers in line.

    Threats and Dimwits

    One worry is that the NYPD is overly focused on jihadists, rather than other potential threats like white supremacists, anarchists, foreign government agents or less predictable “lone wolves.”

    The attack by Anders Breivik in Oslo, Norway, reminded police departments and security services worldwide that tunnel vision focused on jihadists is dangerous. If the NYPD is indeed focusing only on Muslim neighborhoods (which it probably is not), the biggest problem is that it will fail in its security mission, not that it will face prosecution for racial profiling. The department has ample incentive to think about what the next threat could be and look for new and less familiar signs of a pending attack. Simple racial profiling will not achieve that goal.

    The modern history of terrorism in New York City goes back to a 1916 attack by German saboteurs on a New Jersey arms depot that damaged buildings in Manhattan. However unlikely, these are the kinds of threats that the NYPD will also need to think about as it tries to keep its citizens safe. The alleged Iranian plot to carry out an assassination in the Washington area underscores the possibility of state-organized sabotage or terrorism.

    That there have been no successful terrorist attacks in New York City since 9/11 cannot simply be attributed to the NYPD. In the Faisal Shahzad case, the fact that his improvised explosive device did not work was just as important as the quick response of police officers in Times Square. Shahzad’s failure was not a result of preventive intelligence and counterterrorism work. U.S. operations in Afghanistan and other countries that have largely disrupted the al Qaeda network have also severely limited its ability to attack New York again.

    The NYPD’s counterterrorism and intelligence efforts are still new and developing. As such, they are unconstrained compared to those of the larger legacy organizations at the federal level. At the same time, the department’s activities are unprecedented at the local level. As its efforts mature, the pendulum of domestic security and civil liberties will remain in motion, and the NYPD will face new scrutiny in the coming year, including judicial oversight, which is an important standard in American law enforcement. The challenge for New York is finding the correct balance between guarding the lives and protecting the rights of its people.

    ISPLA is grateful for the permission granted by STRATFOR to republish this article. www.stratfor.com

     

  • 28 Apr 2011 1:38 PM | Anonymous member (Administrator)

    The Kapersky Kidnapping – Lessons Learned – Scott Stewart

    On April 24, officers from the anti-kidnapping unit of Moscow’s Criminal Investigation Department and the Russian Federal Security Service (FSB) rescued 20-year-old Ivan Kaspersky from a dacha in Sergiev Posad, a small town about 40 miles northeast of Moscow. Kaspersky, the son of Russian computer software services billionaire Eugene Kaspersky (founder of Kaspersky Lab), was kidnapped on April 19 as he was walking to work from his Moscow apartment. A fourth-year computer student at Moscow State University, Kaspersky was working as an intern at a software company located near Moscow’s Strogino metro station.

    Following the abduction, Kaspersky was reportedly forced to call his father and relay his captors’ demands for a ransom of 3 million euros ($4.4 million). After receiving the ransom call, the elder Kaspersky turned to Russian law enforcement for assistance. On April 21, news of the abduction hit the Russian and international press, placing pressure on the kidnappers and potentially placing Kaspersky’s life in jeopardy. In order to defuse the situation, disinformation was leaked to the press that a ransom had been paid, that Kaspersky had been released unharmed and that the family did not want the authorities involved. Kaspersky’s father also contacted the kidnappers and agreed to pay the ransom. Responding to the ruse, four of the five members of the kidnapping gang left the dacha where Kaspersky was being held to retrieve the ransom and were intercepted by Russian authorities as they left. The authorities then stormed the dacha, arrested the remaining captor and released Kaspersky. The five kidnappers remain in custody and are awaiting trial.

    According to Russia’s RT television network, Russian officials indicated that the kidnapping was orchestrated by an older couple who were in debt and sought to use the ransom to get out of their financial difficulties. The couple reportedly enlisted their 30-year-old son and two of his friends to act as muscle for the plot. Fortunately for Kaspersky, the group that abducted him was quite unprofessional and the place where he was being held was identified by the cell phone used to contact Kaspersky’s father. Reports conflict as to whether the cell phone’s location was tracked by the FSB, the police anti-kidnapping unit or someone else working for Kaspersky’s father, but in any case, in the end the group’s inexperience and naivete allowed for Kaspersky’s story to have a happy ending.

    However, the story also demonstrates that even amateurs can successfully locate and abduct the son of a billionaire, and some very important lessons can be drawn from this case.

    The Abduction

    According to the Russian news service RIA Novosti, Kaspersky’s abductors had been stalking him and his girlfriend for several months prior to the kidnapping. This pre-operational surveillance permitted the kidnappers to determine Kaspersky’s behavioral patterns and learn that he did not have any sort of security detail protecting him. Media reports also indicate that the kidnappers were apparently able to obtain all the information they required to begin their physical surveillance of the victim from information Kaspersky himself had posted on Vkontakte.ru, a Russian social networking site. According to RT, Kaspersky’s Vkontakte profile contained information such as his true name, his photo, where he was attending school, what he was studying, who he was dating, where we was working for his internship and even the addresses of the last two apartments where he lived.

    Armed with this cornucopia of information, it would be very easy for the criminals to establish physical surveillance of Kaspersky in order to gather the additional behavioral information they needed to complete their plan for the abduction. Kaspersky also appears to have not been practicing the level of situational awareness required to detect the surveillance being conducted against him undefined even though it was being conducted by amateurish criminals who were undoubtedly clumsy in their surveillance tradecraft. This lack of awareness allowed the kidnappers to freely follow him and plot his abduction without fear of detection. Kaspersky made himself an easy target in a dangerous place for high net worth individuals and their families. While kidnapping for ransom is fairly rare in the United States, Russian law enforcement sources report that some 300 people are kidnapped for ransom every year in Russia.

    Denial

    In terms of being an easy target, Kaspersky was not alone. It is not uncommon for the children of high net worth families to want to break free of their family’s protective cocoon and “live like a regular person.” This means going to school, working, dating and living without being insulated from the world by the security measures in place around their parents and their childhood homes. This tendency was exemplified by the well-publicized example of George W. Bush’s twin daughters “ditching” their Secret Service security details so they could go out and party with their friends when they were in college.

    Having personally worked as a member of an executive protection detail responsible for the security of a high net worth family, I have seen firsthand how cumbersome and limiting an executive protection detail can be undefined especially a traditional, overt-security detail. A low-key, “bubble-type” detail, which focuses on surveillance detection and protective intelligence, provides some space and freedom, but it, too, can be quite limiting and intrusive undefined especially for a young person who wants some freedom to live spontaneously. Because of the very nature of protective security, there will inevitably be a degree of tension between personal security and personal freedom.

    However, when reacting to this tension, those protected must remember that there are very real dangers in the world undefined dangers that must be guarded against. Unfortunately, many people who reject security measures tend to live in a state of denial regarding the potential threats facing them, and that denial can land them in trouble. We have seen this mindset most strongly displayed in high net worth individuals who have recently acquired their wealth and have not yet been victimized by criminals. A prime example of this was U.S billionaire Eddie Lampert, who at the time of his abduction in 2003 did not believe there was any threat to his personal security. His first encounter with criminals was a traumatic kidnapping at gunpoint. But this mindset can also appear in younger members of well-established families of means who have not personally been victimized by criminals.

    It is important to realize, however, that the choice between security and freedom does not have to be an either/or equation. There are measures that can be taken to protect high net worth individuals and children without employing a full protective security detail. These same measures can also be applied by people of more modest means living in places such as Mexico or Venezuela, where the kidnapping threat is pervasive and extends to almost every strata of society, from middle-class professionals and business owners to farmers.

    In this type of environment, the threat also applies to mid-level corporate employees who serve tours as expatriate executives in foreign cities. Some of the cities they are posted in are among the most crime-ridden in the world, including such places as Mexico City, Caracas, Sao Paulo and Moscow. When placed in the middle of an impoverished society, even a mid-level executive or diplomat is, by comparison, incredibly rich. As a result, employees who would spend their lives under the radar of professional criminals back home in the United States, Canada or Europe can become prime targets for kidnapping, home invasion, burglary and carjacking in their overseas posts.

    The Basics

    Before anything else can be done to address the criminal threat, like any other issue, the fact that there is indeed a threat must first be recognized and acknowledged. As long as a potential target is in a state of denial, very little can be done to protect him or her.

    Once the threat is recognized, the next step in devising a personal protection system is creating a realistic baseline assessment of the threat undefined and exposure to that threat. This assessment should start with some general research on crime and statistics for the area where the person lives, works or goes to school, and the travel corridors between these places. The potential for natural disasters, civil unrest undefined and in some cases the possibility of terrorism or even war undefined should also be considered. Based on this general crime-environment assessment, it might be determined that the kidnapping risk in a city such as Mexico City or Moscow will dictate that a child who has a desire to attend university without a protective security detail might be better off doing so in a safer environment abroad.

    Building on these generalities, then, the next step should be to determine the specific threats and vulnerabilities by performing some basic analyses and diagnostics. In some cases, these will have to be performed by professionals, but they can also be undertaken by the individuals themselves if they lack the means to hire professional help. These analyses should include:

    • In-depth cyberstalking report. Most of the people for whom we have conducted such reports have been shocked to see how much private information analysts are able to dig up on the Internet. This information is available for free (or for a few dollars) to anyone, including criminals, who might be targeting people for kidnapping, extortion or other crimes. The problem of personal information being available on the Internet is magnified when potential targets gratuitously post personal information online, as in the Kaspersky case. Even in cases where personal information is available only to online “friends,” it is quite easy for savvy Internet users to use a false social networking account with an attractive photo to social engineer their way into a circle of friends using common pretexting tactics. Therefore, potential targets need to be extremely careful what they post online, and they also must be aware of what information about them is publicly available on the Internet and how that information may make them vulnerable to being targeted. If it is determined that the information available makes them too vulnerable, changes may have to be made.
    • Baseline surveillance diagnostics. Surveillance diagnostics is a blend of surveillance-detection techniques that are designed to determine if an individual is under systematic criminal surveillance. This can be conducted by the potential targets themselves, if they receive the necessary training, or by a specialized professional surveillance-detection team. As the name suggests, this diagnostic level helps establish a baseline from which to plan future security and surveillance-detection operations.
    • Route analysis. This type of analysis examines the regular travel routes of a potential target in order to identify locations such as choke points that can be used by criminals for surveillance or to conduct an attack. Route analysis can be performed by the same team that conducts surveillance diagnostics, or even by a potential target if the person will thoughtfully examine his or her daily travel routes. Such an analysis allows the potential target to be cognizant of such locations and of the need to increase situational awareness for signs of surveillance or a potential attack as he or she passes through them undefined especially during a highly predictable move like the morning home-to-work commute.
    • Physical security surveys. Such surveys are performed for the home, workplace or school of the potential target. While individuals can effectively conduct such surveys using common sense, a professional assessment can be useful and will often be performed for free by alarm companies. Obviously, any security upgrades required at a workplace or school will require coordination with the security managers for these locations.
    • Response capability assessment. This is a realistic assessment of the capabilities and responsiveness of the local police and security forces as well as fire and medical first-responders. In some places, security personnel themselves may be involved in criminal activity, or prove to be generally unresponsive or incompetent. Knowing their true capabilities is necessary to create a realistic security plan.

    There are some very good private training facilities that can provide individuals with training in things like attack recognition/avoidance, surveillance detection and route analysis as well hands-on skills like tactical driving.

    Guns Alone Are Not the Answer

    Even if a potential target is being afforded a protection detail, it must be remembered that guards with guns are not in and of themselves a guarantee of security. If a group is brazen enough to undertake a kidnapping, they will in many cases and many places not hesitate to use deadly force in the commission of their crime. If they are given free rein to conduct pre-operational surveillance, they will be able to make plans to overcome any security measures in place, including the neutralizing of armed security personnel.

    After recognizing that a threat indeed exists, the next key concept that potential targets need to internalize is that criminals are vulnerable to detection as they plan their crimes, and that ordinary people can develop the skills required to detect criminal activity and take measures to avoid being victimized. The fact is, most criminals practice terrible surveillance tradecraft. They are permitted to succeed in spite of their lack of skill because, for the most part, people simply do not practice good situational awareness.

    The good news for potential targets is that being aware of one’s surroundings and identifying potential threats and dangerous situations is more a mindset or attitude than a hard skill. Because of this, situational awareness is not something that can be practiced only by highly trained government agents or specialized surveillance detection teams undefined it is something that can be practiced by anyone with the will and the discipline to do so. In the Kaspersky case, it is very likely that had the young man been practicing good situational awareness, he would have been able to note the criminals conducting surveillance on him and to take appropriate action to avoid being kidnapped.

    Armed guards, armored vehicles and other forms of physical security are all valuable protective tools, but they can all be defeated by kidnappers who are allowed to form a plan and execute it at the time and place of their choosing. Clearly, a way is needed to deny kidnappers the advantage of striking when and where they choose or, even better, to stop a kidnapping before it can be launched. This is where the intelligence tools outlined above come into play. They permit the potential target, and any security officers working to protect them, to play on the action side of the action/reaction equation rather than passively waiting for something to happen.

    ISPLA is grateful to Stratfor in granting permission to republish this article. www.stratfor.com

  • 26 Nov 2010 4:04 PM | Anonymous member (Administrator)

    Aviation Security Threats and Realities – Stratfor Global Intelligence - By Scott Stewart

    Over the past few weeks, aviation security undefined specifically, enhanced passenger-screening procedures undefined has become a big issue in the media. The discussion of the topic has become even more fervent as we enter Thanksgiving weekend, which is historically one of the busiest travel periods of the year. As this discussion has progressed, we have been asked repeatedly by readers and members of the press for our opinion on the matter.

    We have answered such requests from readers, and we have done a number of media interviews, but we’ve resisted writing a fresh analysis on aviation security because, as an organization, our objective is to lead the media rather than follow the media regarding a particular topic. We want our readers to be aware of things before they become pressing public issues, and when it comes to aviation-security threats and the issues involved with passenger screening, we believe we have accomplished this. Many of the things now being discussed in the media are things we’ve written about for years.

    When we were discussing this topic internally and debating whether to write about it, we decided that since we have added so many new readers over the past few years, it might be of interest to our expanding readership to put together an analysis that reviews the material we’ve published and that helps to place the current discussion into the proper context. We hope our longtime readers will excuse the repetition.

    We believe that this review will help establish that there is a legitimate threat to aviation, that there are significant challenges in trying to secure aircraft from every conceivable threat, and that the response of aviation security authorities to threats has often been slow and reactive rather than thoughtful and proactive.

    Threats

    Commercial aviation has been threatened by terrorism for decades now. From the first hijackings and bombings in the late 1960s to last month’s attempt against the UPS and FedEx cargo aircraft, the threat has remained constant. As we have discussed for many years, jihadists have long had a fixation with attacking aircraft. When security measures were put in place to protect against Bojinka-style attacks in the 1990s undefined attacks that involved modular explosive devices smuggled onto planes and left aboard undefined the jihadists adapted and conducted 9/11-style attacks. When security measures were put in place to counter 9/11-style attacks, the jihadists quickly responded by going to onboard suicide attacks with explosive devices concealed in shoes. When that tactic was discovered and shoes began to be screened, they switched to devices containing camouflaged liquid explosives. When that plot failed and security measures were altered to restrict the quantity of liquids that people could take aboard aircraft, we saw the jihadists alter the paradigm once more and attempt the underwear-bomb attack last Christmas.

    In a special edition of Inspire magazine released last weekend, al Qaeda in the Arabian Peninsula (AQAP) noted that, due to the increased passenger screening implemented after the Christmas Day 2009 attempt, the group’s operational planners decided to employ explosive devices sent via air cargo (we have written specifically about the vulnerability of air cargo to terrorist attacks).

    Finally, it is also important to understand that the threat does not emanate just from jihadists like al Qaeda and its regional franchises. Over the past several decades, aircraft have been attacked by a number of different actors, including North Korean intelligence officers, Sikh, Palestinian and Hezbollah militants and mentally disturbed individuals like the Unabomber, among others.

    Realities

    While understanding that the threat is very real, it is also critical to recognize that there is no such thing as absolute, foolproof security. This applies to ground-based facilities as well as aircraft. If security procedures and checks have not been able to keep contraband out of high-security prisons, it is unreasonable to expect them to be able to keep unauthorized items off aircraft, where (thankfully) security checks of crew and passengers are far less invasive than they are for prisoners. As long as people, luggage and cargo are allowed aboard aircraft, and as long as people on the ground crew and the flight crew have access to aircraft, aircraft will remain vulnerable to a number of internal and external threats.

    This reality is accented by the sheer number of passengers that must be screened and number of aircraft that must be secured. According to figures supplied by the Transportation Security Administration (TSA), in 2006, the last year for which numbers are available, the agency screened 708,400,522 passengers on domestic flights and international flights coming into the

    United States . This averages out to over 1.9 million passengers per day.

    Another reality is that, as mentioned above, jihadists and other people who seek to attack aircraft have proven to be quite resourceful and adaptive. They carefully study security measures, identify vulnerabilities and then seek to exploit them. Indeed, last September, when we analyzed the innovative designs of the explosive devices employed by AQAP, we called attention to the threat they posed to aviation more than three months before the Christmas 2009 bombing attempt. As we look at the issue again, it is not hard to see, as we pointed out then, how their innovative efforts to camouflage explosives in everyday items and hide them inside suicide operatives’ bodies will continue and how these efforts will be intended to exploit vulnerabilities in current screening systems.

    As we wrote in September 2009, getting a completed explosive device or its components by security and onto an aircraft is a significant challenge, but it is possible for a resourceful bombmaker to devise ways to overcome that challenge. The latest issue of Inspire magazine demonstrated how AQAP has done some very detailed research to identify screening vulnerabilities. As the group noted in the magazine: “The British government said that if a toner weighs more than 500 grams it won’t be allowed on board a plane. Who is the genius who came up with this suggestion? Do you think that we have nothing to send but printers?”

    AQAP also noted in the magazine that it is working to identify innocuous substances like toner ink that, when X-rayed, will appear similar to explosive compounds like PETN, since such innocuous substances will be ignored by screeners. With many countries now banning cargo from Yemen, it will be harder to send those other items in cargo from Sanaa, but the group has shown itself to be flexible, with the underwear-bomb operative beginning his trip to Detroit out of Nigeria rather than Yemen. In the special edition of Inspire, AQAP also specifically threatened to work with allies to launch future attacks from other locations.

    Drug couriers have been transporting narcotics hidden inside their bodies aboard aircraft for decades, and prisoners frequently hide drugs, weapons and even cell phones inside body cavities. It is therefore only a matter of time before this same tactic is used to smuggle plastic explosives or even an entire non-metallic explosive device onto an aircraft undefined something that would allow an attacker to bypass metal detectors and backscatter X-ray inspection and pass through external pat-downs.

    Look for the Bomber, Not Just the Bomb

    This ability to camouflage explosives in a variety of different ways, or hide them inside the bodies of suicide operatives, means that the most significant weakness of any suicide-attack plan is the operative assigned to conduct the attack. Even in a plot to attack 10 or 12 aircraft, a group would need to manufacture only about 12 pounds of high explosives undefined about what is required for a single, small suicide device and far less than is required for a vehicle-borne improvised explosive device. Because of this, the operatives are more of a limiting factor than the explosives themselves; it is far more difficult to find and train 10 or 12 suicide bombers than it is to produce 10 or 12 devices.

    A successful attack requires operatives who are not only dedicated enough to initiate a suicide device without getting cold feet; they must also possess the nerve to calmly proceed through airport security checkpoints without alerting officers that they are up to something sinister. This set of tradecraft skills is referred to as demeanor, and while remaining calm under pressure and behaving normally may sound simple in theory, practicing good demeanor under the extreme pressure of a suicide operation is very difficult. Demeanor has proved to be the Achilles’ heel of several terror plots, and it is not something that militant groups have spent a great deal of time teaching their operatives. Because of this, it is frequently easier to spot demeanor mistakes than it is to find well-hidden explosives. Such demeanor mistakes can also be accentuated, or even induced, by contact with security personnel in the form of interviews, or even by unexpected changes in security protocols that alter the security environment a potential attacker is anticipating and has planned for.

    There has been much discussion of profiling, but the difficulty of creating a reliable and accurate physical profile of a jihadist, and the adaptability and ingenuity of the jihadist planners, means that any attempt at profiling based only on race, ethnicity or religion is doomed to fail. In fact, profiling can prove counterproductive to good security by blinding people to real threats. They will dismiss potential malefactors who do not fit the specific profile they have been provided.

    In an environment where the potential threat is hard to identify, it is doubly important to profile individuals based on their behavior rather than their ethnicity or nationality undefined what we refer to as focusing on the “how” instead of the “who.” Instead of relying on physical profiles, which allow attack planners to select operatives who do not match the profiles being selected for more intensive screening, security personnel should be encouraged to exercise their intelligence, intuition and common sense. A Caucasian U.S. citizen who shows up at the U.S. Embassy in Nairobi or

    Dhaka claiming to have lost his passport may be far more dangerous than some random Pakistani or Yemeni citizen, even though the American does not appear to fit the profile for requiring extra security checks.

    However, when we begin to consider traits such as intelligence, intuition and common sense, one of the other realities that must be faced with aviation security is that, quite simply, it is not an area where the airlines or governments have allocated the funding required to hire the best personnel. Airport screeners make far less than FBI special agents or CIA case officers and receive just a fraction of the training. Before 9/11, most airports in the

    United States relied on contract security guards to conduct screening duties. After 9/11, many of these same officers went from working for companies like Wackenhut to being TSA employees. There was no real effort made to increase the quality of screening personnel by offering much higher salaries to recruit a higher caliber of candidate.

    There is frequent mention of the need to make

    U.S. airport security more like that employed in Israel . Aside from the constitutional and cultural factors that would prevent American airport screeners from ever treating Muslim travelers the way they are treated by El Al, another huge difference is simply the amount of money spent on salaries and training for screeners and other security personnel. El Al is also aided by the fact that it has a very small fleet of aircraft that fly only a small number of passengers to a handful of destinations.

    Additionally, airport screening duty is simply not glamorous work. Officers are required to work long shifts conducting monotonous checks and are in near constant contact with a traveling public that can at times become quite surly when screeners follow policies established by bureaucrats at much higher pay grades. Granted, there are TSA officers who abuse their authority and do not exhibit good interpersonal skills, but anyone who travels regularly has also witnessed fellow travelers acting like idiots.

    While it is impossible to keep all contraband off aircraft, efforts to improve technical methods and procedures to locate weapons and IED components must continue. However, these efforts must not only be reacting to past attacks and attempts but should also be looking forward to thwart future attacks that involve a shift in the terrorist paradigm. At the same time, the often-overlooked human elements of airport security, including situational awareness, observation and intuition, need to be emphasized now more than ever. It is those soft skills that hold the real key to looking for the bomber and not just the bomb.

    "Aviation Security Threats and Realities is republished with permission of STRATFOR." <ahref="http://www.stratfor.com/weekly/20101123_aviation_security_threats_and_realities">.

<< First  < Prev   1   2   3   Next >  Last >> 

                                                         ISPLA

Powered by Wild Apricot Membership Software