Pages

17 March 2017

*** Famines In The 21st Century? It's Not For Lack Of Food


Famine killed nearly 75 million people in the 20th century, but had virtually disappeared in recent decades. Now, suddenly, it is back. In late February a famine was declared in South Sudan, and warnings of famine have also recently been issued for Somalia, Nigeria and Yemen.

Moreover, in January the Famine Early Warning System (FEWSNET) - a U.S. government-funded organization created in 1985 specifically to predict famines and humanitarian emergencies - estimated that 70 million people affected by conflicts or disasters worldwide will need food assistance in 2017. This number has increased by nearly 50 percent in just the past two years.

What explains this rapid rise in the number of people who need emergency food assistance? And why, in an era of declining poverty and hunger worldwide, are we suddenly facing four potential famines in unconnected countries?
What are famines?

Famines are extreme events in which large populations lack adequate access to food, leading to widespread malnutrition and deaths. More of these deaths are caused by infectious disease than starvation because severe malnutrition compromises human immune systems. This makes people much more susceptible to killer diseases such as measles, or even common conditions such as diarrhea. Young children are especially vulnerable.

*** Zero Days, Thousands of Nights The Life and Times of Zero-Day Vulnerabilities and Their Exploits

by Lillian Ablon, Timothy Bogart
PDF file 1.8 MB 

Zero-day vulnerabilities — software vulnerabilities for which no patch or fix has been publicly released — and their exploits are useful in cyber operations — whether by criminals, militaries, or governments — as well as in defensive and academic settings.

This report provides findings from real-world zero-day vulnerability and exploit data that could augment conventional proxy examples and expert opinion, complement current efforts to create a framework for deciding whether to disclose or retain a cache of zero-day vulnerabilities and exploits, inform ongoing policy debates regarding stockpiling and vulnerability disclosure, and add extra context for those examining the implications and resulting liability of attacks and data breaches for U.S. consumers, companies, insurers, and for the civil justice system broadly.

The authors provide insights about the zero-day vulnerability research and exploit development industry; give information on what proportion of zero-day vulnerabilities are alive (undisclosed), dead (known), or somewhere in between; and establish some baseline metrics regarding the average lifespan of zero-day vulnerabilities, the likelihood of another party discovering a vulnerability within a given time period, and the time and costs involved in developing an exploit for a zero-day vulnerability.

** Backsliding on Pakistan


Brahma Chellaney

Last year was an unusual year: Never before had so many Indian security bases come under attack by Pakistan-based terrorists in a single year. For example, the terrorist strike on the Pathankot air base was New Year’s gift to India, while the strike on the Indian Army’s Uri base represented a birthday gift for Prime Minister Narendra Modi. Furthermore, the number of Indian security personnel killed in gunbattles with terrorists in Jammu and Kashmir in 2016 was the highest in years.

In this light, it is remarkable that Modi is seeking to return to business as usual with Pakistan, now that the state elections are over in India and Pakistan-related issues have been sufficiently milked by him for political ends. Modi’s U-turn on the Permanent Indus Commission (PIC) issue could mark the beginning of India’s backsliding.

After the Uri attack in September, his government, with fanfare, suspended the PIC. Now, quietly, that suspension has been lifted, and a PIC meeting will soon be held in Lahore. In reality, the suspension was just a sham because the PIC missed no meeting as a result. Its annual meeting in the current financial year is being held before the March 31 deadline.

Innovation is alive and well in India

R. Sukumar

Timing and this writer’s desire to be contrary have worked together to ensure this column isn’t about the results of the Uttar Pradesh election.

Timing because this column is being written before the actual results — the editors insist this piece be filed every Friday, at the latest — and I do not want to say anything based on the exit polls because they have been wrong, horribly wrong, in the past.

Anyway, since everyone and his pet cat will be weighing in on the elections (and I am sure that I too shall eventually succumb and do so on some platform), I do not want to write about them, at least not yet.

Time was when columnists would write about their areas of expertise; now, everyone wants to comment on the hot-button issue of the day. It would be alright if each had something new or different or insightful to say. Unfortunately, that isn’t the case. I put this down to a case of columnist arrogance, deadline pressure, and the increasingly visible tendency, among writers and editors, to offer readers intellectual click bait. The first because most columnists believe readers want to know their opinions on a subject, even if they are no different from other people’s, or shed no new light on it. The last because if Gurmehar Kaur is trending, it makes sense (or so some believe) to write something on it because it will mean more website traffic. The second is self-explanatory and entirely forgivable.

India rejects UN mediation offer


New Delhi. March 10: India on Friday rejected a suggestion from the UN secretary general's office that the new chief of the international organisation may offer to mediate between New Delhi and Islamabad on Kashmir, iterating its traditional refusal to accept third-party involvement in negotiations on the state's future.

A senior Indian official said New Delhi's "position on addressing all issues between India and Pakistan bilaterally has not changed".

Antonio Guterres, the secretary general, "will talk to different officials if it helps move the process along", the UN chief's deputy spokesman Farhan Haq said in New York yesterday.

"That's something that he is looking into," Haq said, adding that Guterres "will look into the issue, and certainly, he will try to see what can be done to improve the situation on the ground".

Successive UN bosses have articulated concerns over India-Pakistan tensions on Kashmir, and the need for a resolution for the larger stability of South Asia.

But they have traditionally focused on prodding India and Pakistan to revive talks on their disputes.

Kashmir's Reckoning With the Implications of the China-Pakistan Economic Corridor

By Saba Muzaffer Nazki

While India has continuously opposed the $46 billion China-Pakistan Economic Corridor (CPEC), saying that it passes through its territory in Pakistan-administered Kashmir, the ambitious project was discussed for the first time by experts in the region itself. A panel considered the effects of the corridor on China-Pakistan-India relations on Saturday in the summer capital of Indian-administered Kashmir, saying that the CPEC will have a definite impact on Kashmir and that the region needs to integrate itself into the South Asian and Central Asian paradigm to reap the project’s dividends.

The economic, political, and geostrategic aspects of the CPEC were discussed during a seminar titled, “Impact of China-Pakistan Economic Corridor on Kashmir,” which was organized by The Kashmir Institute – a think-tank focusing on all parts of Kashmir, including its interests vis-a-vis the governments of India, China, and Pakistan. The CPEC is an ambitious economic project between Pakistan and China that includes motorways, dams, hydropower projects, railways and pipelines. It connects Pakistan’s deep-sea Gwadar Port with the Xinjiang Uyghur Autonomous Region in northwest China. The project is part of China’s larger initiative, the One Belt, One Road, which is aimed at helping regional economic integration along.

Taliban’s strange new foreign friends


Brahma Chellaney

India has an important stake in the future of Afghanistan, its natural ally and close friend for long. India, under successive governments, has been a major aid donor to Afghanistan. As the U.S. military commander in Afghanistan, Gen. John Nicholson, recently told his country’s Senate Armed Services Committee, “With over $2 billion development aid executed since 2002, and another $1 billion pledged in 2016, India’s significant investments in Afghan infrastructure, engineering, training, and humanitarian issues will help develop Afghan human capital and long-term stability.” Recent developments, however, do not augur well for Indian or Afghan interests.

Despite being ravaged by successive wars for the past 36 years, Afghanistan remains a playground for the foreign powers that have fomented or engaged in hostilities there. The latest developments suggest that the Afghanistan-related geopolitics is only getting murkier. In the process, the Taliban is acquiring strange new friends.

Russia and Iran, the traditional patrons of the Northern Alliance, are now openly mollycoddling the Taliban and giving it political succour. In this effort, they have the cooperation of China and Pakistan, thus creating a regional axis. This development represents a shot in the arm for the Taliban’s fight against U.S.-led forces in Afghanistan and the government in Kabul.

China's Evolving Nuclear Deterrent

PDF file 1.9 MB 

China's approach to nuclear deterrence has been broadly consistent since its first nuclear test in 1964. Key elements are its no-first-use policy and reliance on a small force of nuclear weapons capable of executing retaliatory strikes if China is attacked. China has recently accelerated nuclear force building and modernization, and both international and domestic factors are likely to drive faster modernization in the future. Chinese nuclear planners are concerned by strategic developments in the United States, especially the deployment of missile defenses. Within the region, Beijing is also an actor in complex multilateral security dynamics that now include several nuclear states, and the improving nuclear capabilities of China's neighbors, especially India, are a growing concern for Beijing. Constituencies for nuclear weapons have gained in bureaucratic standing within the People's Liberation Army (PLA). With few, if any, firewalls between China's conventional and nuclear missile forces, new technologies developed for the former are already being applied to the latter, a trend that will almost certainly continue. Given these changes, China is likely to increase emphasis on nuclear deterrence, accelerate nuclear force modernization, and make adjustments (although not wholesale changes) to policy.

Key Findings

China's Approach to Nuclear Deterrence Has Been Broadly Consistent Since Its First Nuclear Test in 1964 

China has, however, recently accelerated nuclear force building and modernization. 

Chinese Nuclear Strategists Still Key Primarily on Nuclear Developments in the United States 

Observations on China’s New International Cyberspace Cooperation Strategy

By Graham Webster

The Chinese government last week released a new, wide-ranging strategy document (in English and Chinese) for international cooperation on cyberspace issues.

The strategy unsurprisingly emphasizes internet sovereignty, an idea whose first big splash came in connection with the Chinese government–sponsored World Internet Conference (WIC) in 2014 (specifically in a failed consensus document and an introductory message from President Xi Jinping). In this new document, officially titled “International Strategy of Cooperation on Cyberspace” in English, sovereignty appears as one of four “basic principles” (along with peace, shared governance, and shared benefit).

A document like this one, covering numerous diverse policy areas and repeating countless terms of art, defies summary. People interested in internet governance, international cybersecurity efforts, high-tech industries, and Chinese domestic and international development policy will find it worth reading. Here are a few of the elements worth noting:

Militarization and deterrence decried, but forces in development

“The tendency of militarization and deterrence buildup in cyberspace is not conducive to international security and strategic mutual trust.”

Japan’s Senkaku challenge



At a time of shifting power dynamics in Asia, Japan faces pressing security challenges. Of the 400 remote islands that serve as markers for determining Japan’s territorial waters, only about 50 are inhabited. But no group of islands poses a bigger challenge for its security than the Senkakus, a clutch of five uninhabited islets and three rocks.

This challenge is compounded by demographic and military trends. Japan has barely one-tenth the population of China’s. Moreover, its population is not just aging but also shrinking significantly; it declined by nearly a million just between 2010 and 2015.

About a decade ago, Japan’s defense budget was larger than China’s. But now China’s military spending surpasses the combined defense expenditure of Japan, Britain and France.

To make matters worse, China’s increasing territorial assertiveness and muscular foreign policy are contributing to a sense of insecurity in Japan.

President Xi Jinping declared much of the East China Sea, including the Senkakus, to be a Chinese air defense zone in 2013, and since then China has stepped up its challenge to Japan’s control over those islands, including through repeated intrusions by its military aircraft and warships. Beijing has hardened its stance by elevating its claim to the Senkakus to a “core interest,” while some in China have gone to the extent of questioning Japan’s sovereignty over even Okinawa.

Reinforcing the Front Line: U.S. Defense Strategy and the Rise of China


With some of the world’s largest economies, most vital sea lanes, and closest U.S. allies, the Asia-Pacific Region is quickly becoming centrally important to today’s international system.

It is also home to the first new great power of the twenty-first century: the People’s Republic of China. Managing China’s rise will not be easy. In recent years, Beijing has been modernizing its military forces, acting more assertively, and raising the risk of escalation, especially with respect to territorial disputes throughout its near seas.

In Reinforcing the Front Line: U.S. Defense Strategy and the Rise of China, CSBA Senior Fellow, Evan Montgomery outlines the key elements of a U.S. defense strategy for the region—one that is based on the enduring grand strategy of global leadership and engagement, but also recognizes the new challenges posed by China’s growing military power. 

To date, Washington’s preferred option in critical regions like East Asia can be described broadly as “forward defense”: preparing to counter threats when and where they materialize rather than responding directly long after aggression has occurred or responding indirectly by imposing costs in other theaters. By clearly and credibly signaling that the United States will oppose an adversary’s aims and come to the assistance of its allies, forward defense has underpinned both deterrence and assurance—and, as a result, has underwritten stability in the regions where it matters most. Looking ahead, forward defense remains the best approach for the United States in the Asia-Pacific.

Download full “Reinforcing the Front Line: U.S. Defense Strategy and the Rise of China” report. READ FULL PUBLICATION

Beware the New Mujahideen: The Threat from Future Jihadist Networks

Colin P. Clarke, Chad C. Serena,Amarnath Amarasingam

Today’s terrorist networks will multiply far beyond the current wars in Iraq and Syria.

The current wave of foreign fighters emerging from the conflict in Iraq and Syria will be larger and potentially more dangerous than the mujahideen guerrillas that were a byproduct of the Soviet-Afghan conflict in the 1980s, FBI Director James Comey warned last September.

That is an especially foreboding observation, since the foreign fighters borne from the Afghan conflict went on to form the core of Al Qaeda and fight in the internecine conflicts in Bosnia, Algeria and Chechnya during the 1990s.

When one conflict ends, these fighters often use their connections to move on and join another fight. This phenomenon is likely to worsen in the future.

The number of foreign fighters participating in the conflict in Iraq and Syria is significant compared to those who participated in Afghanistan in the 1980s. Even more concerning, jihadists have improved and facilitated their networking capacity—improved communication, eased transportation, and diversified access to sources of information and money can make even small cadres of experienced fighters a dangerous force. The foreign-fighter phenomenon is not new. Over the past two hundred years, they have appeared in more than a quarter of all civil wars. But now these fighters engage in foreign civil wars and insurgencies—and then export their expertise back to their home countries or to places they have newly immigrated.

WHY WIKILEAKS’ CIA HACKING TROVE IS A BOON TO PUTIN’S RUSSIA


BY OWEN MATTHEWS

Aside from damaging the agency's operations, the leaks have proved to be a propaganda win for Moscow. 

Trump concerned about Wikileaks and outdated CIA technology

The latest trove of documents released by WikiLeaks, which purports to reveal the CIA’s “entire” arsenal of hacking tools, could ultimately do as much damage to the agency’s operations as the revelations of Cold War–era spies Aldrich Ames and Robert Hanssen. But the leaks have also served as a highly useful propaganda tool for Moscow.

In the wake of the WikiLeaks release, Russian state media quickly seized on a clause to argue it was the CIA, not Moscow’s state-backed hackers, that was behind a series of politically damaging leaks from the Democratic Party last summer.

“It’s clear that the CIA’s operatives have been conducting their own covert operations while disguising themselves as so-called Russian hackers,” maintains General Nikolai Kovalev, who was Vladimir Putin’s predecessor as head of Russia’s Federal Security Service from 1996-98. “It’s like in a film—if you are caught or captured, the agency will disown all knowledge and blame the Russians.”

The U.S. Spends More On Defense Than All Other NATO Members Combined


U.S. President Donald Trump seemed to be highly skeptical of the North Atlantic Treaty Organization (NATO), calling it 'obsolete'.

At other instances he referred to it as 'very important to me'. Trump's defense chief, James Mattis, a former general in the Marines, has professed support for NATO. However, he too reprimanded NATO allies at a meeting of defense ministers this week in Brussels. They should pay their fair share for defense or face the consequences.


NATO had agreed that each member country should invest at least 2 percent of its GDP into its military. As our infographic shows, the United States spends more than double the amount on defense than all other members combined. The United Kingdom spends second most in absolute terms and is also past the 2 percent of GDP post, unlike Germany.

This chart shows defense spending of the United States and other NATO-Members 2016.

After ISIS: U.S. Political-Military Strategy in the Global War on Terror


Sooner or later, and probably within the next few months, the United States and its coalition partners will defeat the Islamic State in Iraq and al-Sham (ISIS) militarily, by collapsing its control of key areas in Iraq and Syria. That operational victory, however, will not necessarily prevent remnants of ISIS from reforming at a later date, nor will it bring a larger strategic triumph in the global war on terror. As long as large parts of the greater Middle East remain founts of ideological extremism, the United States will continue to confront a dangerous challenge from jihadist terrorism.

In this report, Hal Brands and Peter Feaver assess America's strategic options after ISIS by examining four politico-military strategies for counter-terrorism. They conclude that an enhanced version of the approach that the Obama administration took to defeating ISIS represents the best strategy for waging a dangerous conflict that is likely to endure for many years.


Download full “After ISIS: U.S. Political-Military Strategy in the Global War on Terror” report.

An Excellent Year For Energy

by Robert Rapier, Investing Daily

A year ago, a barrel of oil was worth something in the low $30s and natural gas prices stood below $2/MMBtu. This was the lowest natural gas price in nearly two decades, and some energy analysts seemed to be vying to make the most outrageously low prediction on future oil prices.

It was obviously a dumb time to invest in energy, right? Wrong! It was exactly the right time to invest in energy companies. It seems to be a well-kept secret, but energy was the top-performing S&P 500 sector in 2016:

A Strategy to Counter ISIL as a Transregional Threat

PDF file 0.4 MB 
The debate in the past over counter-ISIL strategies has tended to focus on rather stark alternatives that are based on different ways to employ U.S. military forces: disengagement, containment, and aggressive rollback using combat forces. Our strategy seeks to broaden the focus to policies beyond the military dimension. Even though U.S. leverage is limited to affect the political situations in Iraq and Syria, the United States should focus on removing the underlying conditions sustaining ISIL and other violent jihadist groups, i.e., the lack of security, justice, and political representation. In addition, the United States needs to re-evaluate how to balance the aims of the counter-ISIL campaign with future territorial and political ambitions of the Kurds, given the risk of violence between Shia and Kurds in Iraq and Turkey and the YPG in Syria. In the absence of commitments on the part of the Kurds to limit their territorial ambitions, and to avoid fueling conflict across the region, the United States should be cautious in the ways it supports the YPG and peshmerga in its counter-ISIL military campaign.

Did the Civilians keep the Military in dark on OBL? The Husain Huqqani Revelation

D Suba Chandran

Did the civilian administration of Pakistan during Zardari’s tenure gave intelligence information to the US on Osama bin Laden’s presence in the country, leading to the latter’s killing? Was the Pakistani military establishment kept out of picture in this Islamabad-Washington collusion? Did Husain Huqqani, then the Pakistani Ambassador to US facilitate this?

In his recent commentary published in the Washington Post, Husain Huqqani former Pakistani Ambassador to the US during 2008-11 (Obama-Zardari period) has touched a raw nerve that is likely to echo within Pakistan and in the policy circles elsewhere in the next few weeks.

There is nothing astonishing in his claim that he forged a relationship during Obama’s campaign itself (Huqqani was at the Hudson Institute in Washington and teaching at Boston before he was appointed as Pakistani Ambassador) helping him to build a closer cooperation between Pakistan and US. But what follows is a chocker; he claims, “These connections eventually enabled the United States to discover and eliminate bin Laden without depending on Pakistan’s intelligence service or military, which were suspected of sympathy toward Islamist militants.” (emphasis added) According to Huqqani, the US and the civilian administration in Pakistan could manage tracking OBL without the help of the ISI or the military, through the stationing of “US Special Operations and intelligence personnel on the ground in Pakistan.”

Army Confidential: Service Seeks Private Dialogue With Companies

By SYDNEY J. FREEDBERG JR

HUNTSVILLE, ALA.: Can we talk? In private? If you’re a defense contractor with a good idea, the US Army wants to say yes — but laws and regulations get in the way. That’s a problem the Army Capabilities Integration Center (ARCIC) is struggling to solve with what it calls a Capabilities Information Exchange.

Here’s the circle ARCIC’s trying to square. When discussing future technologies and military requirements, each company naturally wants to talk to the government customer one-on-one, with none of its competitors present. That way you can ask questions and suggest solutions freely, without tipping your hand to reveal your company strategy or proprietary information.

“They do not want to discuss… the secrets to making profit… in an open forum, and the Army is sensitive to that,” Maj. Gen. Robert “Bo” Dyess told reporters at the Association of the US Army conference here. Dyess is the acting chief of ARCIC, replacing H.R. McMaster, who’s now Trump’s National Security Advisor.

Government benefits because it gets a better reality check on what industry can actually deliver — and whether the Army is asking for the impossible.

Adding Data to the VEP Debate: RAND's New Report

By Grayson Clary

When WikiLeaks shed light on the CIA’s stockpile of software vulnerabilities last week, it revived—but hardly clarified—the debate on whether the government hoards too many bugs. In principle, the interagency Vulnerability Equities Process (VEP) ensures that a flaw is disclosed when the interest in patching it exceeds other governmental interests in exploiting it. Privacy advocates have long suspected that, in practice, the deck is stacked against disclosure. Every new compromise of intelligence community hacking tools feeds that suspicion, while public examples of the government handing over a bug remain rare. But a new study published by the RAND Corporation suggests the VEP might be working fine, even if it produces little to no disclosure.

The tradeoff that the VEP embodies is easy to express but hard to calculate. The VEP will necessarily never satisfy those who don’t accept the premise that intelligence and law enforcement agencies should do some hacking, but for those who do, each previously unknown or zero-day vulnerability that gets patched is a window closing on a legitimate target. Some vulnerabilities, though, place enough American citizens, businesses, or interests at risk that that intelligence advantage isn’t worth the harm. It’s no coincidence that the VEP’s existence was first disclosed in the wake of allegations that NSA had been sitting on knowledge of the especially catastrophic Heartbleed vulnerability.

Wikileaks and the CIA: What’s in Vault7?

by Adam Segal

On Tuesday, Wikileaks released a huge cache of documents it said were descriptions of CIA cyber tools used to break into smartphones, computers and internet-connected TVs. Wikileaks says the documents came from an inside source–speculation is it is either a CIA operator or contractor–and claimed the release was meant to spur a debate over “whether the CIA’s hacking capabilities exceed its mandated powers” and “the security, creation, use, proliferation and democratic control of cyberweapons.” In any case, it is damaging to the CIA and another in a growing list of embarrassing instances of the U.S. intelligence agencies losing control of their digital weapons (see, for example, Edward Snowden; Shadow Brokers; Harold Thomas Martin III). 

Here’s a roundup of what we know so far: 

Disentangling the NSA and Cyber Command

LEVI MAXEY

In 2013, former President Barack Obama was close to ending the “dual-hat” leadership of both the National Security Agency and U.S. Cyber Command, only to be dissuaded by senior officials arguing the close integration with the NSA continued to be necessary for the maturation of the then only 4-year-old Cyber Command. Prior to leaving their posts in the Obama Administration, former Secretary of Defense Ashton Carter and former Director of National Intelligence James Clapper again argued for the clean separation of the NSA and Cyber Command.

In turn, Senator John McCain (R-AZ), the Chairman of the Senate Armed Services Committee, vehemently criticized the push to end the dual-hat leadership role on the eve of the incoming Trump Administration, saying “if a decision is prematurely made to separate NSA and Cyber Command I will object to the confirmation of any individual nominated by the president to replace the director of the National Security Agency if that person is not also nominated to be the commander of Cyber Command.” At the same time, Admiral Mike Rogers, the current head of both the NSA and Cyber Command, has pushed against separating the roles entirely at this point, but acknowledges that the split will take place eventually with the two continuing to work closely with one another.

Cutting Cyber Command’s Umbilical Cord to the NSA

GENERAL MICHAEL HAYDEN

Despite the many logistical and operational challenges of a transition, many acknowledge that Cyber Command must eventually separate from the National Security Agency. The Cipher Brief spoke with General Michael Hayden, former director of both the NSA and CIA, about how Cyber Command came about, and the similar skill sets yet different roles and authorities of the two organizations, and why they must eventually be separated.

The Cipher Brief: How did U.S. Cyber Command come to be and what strategic role does it play in cyberspace?

Michael Hayden: I was the first commander of a Cyber Command-like entity. We called it Joint Functional Component Command Net Warfare (JFCCNW). I took authority for that in early 2005 and worked with General James Cartwright, who at the time was commander of Strategic Command. The idea is simply this: in the cyber domain the technical and operational aspects of defense, espionage, and cyberattack are frankly indistinguishable – they are all the same thing.

As the United States moved forward, it wanted to do more than just steal other countries’ secrets, but actually create effects. To do this in and through the cyber domain, it was a natural process to do it from Fort Meade, because again, operationally and technologically cyber espionage is not distinguishable from cyberattack.

Keeping Cyber Command and NSA Integrated Operationally

JOHN DICKSON

There as been discussion of a separation between the National Security Agency and U.S. Cyber Command for a while, only for the change in administrations to cause brief hesitation. Now that the Trump administration is in full swing, it is time to revisit the prospect of a split between the country’s premier signals intelligence agency, and the its relatively new cyber warfare command. The Cipher Brief spoke with John Dickson, a former Air Force intelligence officer and Principal at the Denim Group, about how the NSA and Cyber Command must work closely with each other at an operational level to achieve their missions, and why a complete separation could affect this.

The Cipher Brief: What are the different operational roles of the NSA and U.S. Cyber Command?

John Dickson: The roles are fairly distinct. One is to collect, analyze, and disseminate intelligence to national command authorities and decision-makers. That is the NSA’s intelligence side. The other side is to protect and defend U.S. computing assets and networks – in certain instances critical infrastructure – and to conduct the offensive missions when called upon. That is Cyber Command’s role.

The reason the NSA and Cyber Command need to be so tightly linked is that absent very detailed intelligence, an attacker at Cyber Command is really just flailing around without knowing what is on the other end of an attack. For instance, during the Stuxnet operation against Iran, if the attackers didn’t know about the Siemens programmable logic controller, the payload would have been completely ineffective.

Information Warfare: BFT2


March 11, 2017: After nearly a decade of development, testing and feedback from the troops the U.S. Army is installing its high-speed version of its "Blue Force Tracker" (of vehicles on the battlefield) device in nearly all of its armored and unarmored combat vehicles. The new BFT2 version is ten times faster, more reliable and has better security (encryption). Yet it all began by taking a chance.

During the 2003 invasion of Iraq, Blue Force Tracker (BFT, GPS/satellite telephone devices) were hastily placed in thousands of combat vehicles. Anyone with a laptop, satellite data receiver, the right software and access codes could then see where everyone was (via a map showing blips for each BFT user). This hasty (all the stuff was still in development) experiment was a huge success, and the United States has proceeded to add more of this capability by producing and distributing 50,000 additional tracker devices. There were some problems, however. The biggest hassle was the delay (often up to 300 seconds/5 minutes) between getting updated data from the satellite. Another big problem was that stationary icons, placed on BFT user screens to indicate enemy troops or dangers (like minefields or roadside bombs), didn't get updated accurately, or in a timely fashion. Once the troops began to encounter a lot of roadside bombs that don't exist (although Blue Force Tracker shows them), they begin to lose faith in the system. Fixing this was not easy, although several different solutions were tried often in parallel because BFT had become very popular with battlefield commanders.