Former Intel Chief: Call Off The Drone War (And Maybe the Whole War on Terror)

August 4, 2011 by · Leave a Comment 

By Noah Shachtman

ASPEN, Colorado Ground the U.S. drone war in Pakistan. Rethink the idea of spending billions of dollars to pursue al-Qaida. Forget chasing terrorists in Yemen and Somalia, unless the local governments are willing to join in the hunt.

Those arent the words of some human rights activist, or some far-left Congressman. Theyre from retired admiral and former Director of National Intelligence Dennis Blair the man who was, until recently, nominally in charge of the entire American effort to find, track, and take out terrorists. Now, hes calling for that campaign to be reconsidered, and possibly even junked.

Starting with the drone attacks. Yes, they take out some mid-level terrorists, Blair said. But theyre not strategically effective. If the drones stopped flying tomorrow, Blair told the audience at the Aspen Security Forum, its not going to lower the threat to the U.S. Al-Qaida and its allies have proven it can sustain its level of resistance to an air-only campaign, he said.

The statements wont exactly win Blair new friends in the Obama administration, which forced him out of the top intelligence job about a year after he was nominated. Not only has Obama drastically escalated the drone war thereve been 50 strikes in the first seven months of this year, almost as many as in all of 2009. Defense Secretary Leon Panetta called the remotely-piloted attacks the only game in town in terms of confronting or trying to disrupt the al-Qaida leadership.

Plus, American relations with the Pakistani government are at their lowest point in years. And every time Washington tries to tip off Islamabad to a raid, it seems, the targets of the raid seem to conveniently skip town. No wonder the U.S. kept the mother of all unilateral strikes the mission to kill Osama bin Laden a secret from their erstwhile allies in Pakistan.

But Blair believes the cooperation not only with Pakistan, but also with the government in Yemen and with whatever authorities can be found in Somalia is the only way to bring some measure of peace to the worlds ungoverned spaces. We have to change in those three countries, he told the Forum (Full disclosure: Im a moderator on one of the panels here.)

The reconsideration of our relationship with these countries is only the start of the overhaul Blair has in mind, however. He noted that the U.S. intelligence and homeland security communities are spending about $80 billion a year, outside of Afghanistan and Pakistan. Yet al-Qaida and its affiliates only have about 4,000 members worldwide. Thats $20 million per terrorist per year, Blair pointed out.

You think woah, $20 million. Is that proportionate? he asked. So I think we need to relook at the strategy to get the money in the right places.

Blair mentioned that 17 Americans have been killed on U.S. soil by terrorists since 9/11 14 of them in the Ft. Hood massacre. Meanwhile, auto accidents, murders and rapes combine have killed an estimated 1.5 million people in the past decade. What is it that justifies this amount of money on this narrow problem? he asked.

Blair purposely let his own question go unanswered.

13-32

Pentagon Report Calls for Office of ‘Strategic Deception’

January 28, 2010 by · Leave a Comment 

By Noah Shachtman

The Defense Department needs to get better at lying and fooling people about its intentions. That’s the conclusion from an influential Pentagon panel, the Defense Science Board (DSB), which recommends that the military and intelligence communities join in a new agency devoted to “strategic surprise/deception.”

Tricking battlefield opponents has been a part of war since guys started beating each other with bones and sticks. But these days, such moves are harder to pull off, the DSB notes in a January report (.pdf) first unearthed by InsideDefense.com. “In an era of ubiquitous information access, anonymous leaks and public demands for transparency, deception operations are extraordinarily difficult. Nevertheless, successful strategic deception has in the past provided the United States with significant advantages that translated into operational and tactical success. Successful deception also minimizes U.S. vulnerabilities, while simultaneously setting conditions to surprise adversaries.”

The U.S. can’t wait until it’s at war with a particular country or group before engaging in this strategic trickery, however. “Deception cannot succeed in wartime without developing theory and doctrine in peacetime,” according to the DSB. “In order to mitigate or impart surprise, the United States should [begin] deception planning and action prior to the need for military operations.”

Doing that will not only requires an “understanding the enemy culture, standing beliefs, and intelligence-gathering process and decision cycle, as well as the soundness of its operational and tactical doctrine,” the DSB adds. Deception is also “reliant … on the close control of information, running agents (and double-agents) and creating stories that adversaries will readily believe.”

Such wholesale obfuscation can’t be done on an ad-hoc basis, or by a loose coalition of existing agencies. The DSB writes that ”to be effective, a permanent standing office with strong professional intelligence and operational expertise needs to be established.” I wonder: what would you call that organization? The Military Deception Agency? Or something a bit more … deceptive?

12-5

Insurgents Intercept Drone Video in King-Size Security Breach

December 17, 2009 by · Leave a Comment 

By Noah Schachtman, Wired Magazine

Even worse…

In Iraq and Afghanistan, the U.S. military depends on an array of drones to snoop on and stalk insurgents. Now it looks as if insurgents are tapping into those same drones’ broadcasts, to see what the flying robot spies see. If true — and widespread — it’s potentially one of the most serious military security breaches in years.

“U.S. military personnel in Iraq discovered the problem late last year when they apprehended a Shiite militant whose laptop contained files of intercepted drone video feeds,” Wall Street Journal reports. “In July, the U.S. military found pirated drone video feeds on other militant laptops, leading some officials to conclude that militant groups trained and funded by Iran were regularly intercepting feeds.”

How’d the militants manage to get access to such secret data? Basically by pointing satellite dishes up, and waiting for the drone feeds to pour in. According to the Journal, militants have exploited a weakness: The data links between the drone and the ground control station were never encrypted. Which meant that pretty much anyone could tap into the overhead surveillance that many commanders feel is America’s most important advantage in its two wars. Pretty much anyone could intercept the feeds of the drones that are the focal point for the secret U.S. war in Pakistan.

Using cheap, downloadable programs like SkyGrabber, militants were apparently able to watch and record the video feed — and potentially be tipped off when U.S. and coalition forces are stalking them. The $26 software was originally designed to let users download movies and songs off of the internet. Turns out, the program lets you nab Predator drone feeds just as easily as pirated copies of The Hangover.

And here’s the real scandal: Military officials have known about this potential vulnerability since the Bosnia campaign. That was over 10 years ago. And, as Declan McCullagh observes, there have been a series of government reports warning of the problem since then. But the Pentagon assumed that their adversaries in the Middle East and Central Asia wouldn’t have the smarts to tap into the communications link. That’s despite presentations like this 1996 doozy from Air Combat Command, which noted that that “the Predator UAV is designed to operate with unencrypted data links.”

If you think militants are going to be content to just observe spy drone feeds, it’s time to reconsider. “Folks are not merely going to listen/watch what we do when they intercept the feeds, but also start to conduct ‘battles of persuasion’; that is, hacking with the intent to disrupt or change the content, or even ‘persuade’ the system to do their own bidding,” Peter Singer, author of Wired for War, tells Danger Room.

This has long been the nightmare scenario within Pentagon cybersecurity circles: a hacker not looking to take down the military grid, but to exploit it for his own purposes. How does a soldier trust an order, if he doesn’t know who else is listening — or who gave the order, in the first place? “For a sophisticated adversary, it’s to his advantage to keep your network up and running. He can learn what you know. He can cause confusion, delay your response times — and shape your actions,” one Defense Department cybersecurity official tells Danger Room.

Despite this rather massive vulnerability, drone operations show no signs of letting up. According to the Associated Press, “two suspected U.S. missile strikes, one using multiple drones, killed 17 people in a Pakistani tribal region.”

Meanwhile, military officials assure are scrambling to plug the hole. “The difficulty, officials said, is that adding encryption to a network that is more than a decade old involves more than placing a new piece of equipment on individual drones,”  the Journal notes. “Instead, many components of the network linking the drones to their operators in the U.S., Afghanistan or Pakistan have to be upgraded to handle the changes.”

So it may be quite some time before this enormous security breach is filled.

– Nathan Hodge and Noah Shachtman

Iran’s Cyber Battle

June 18, 2009 by · Leave a Comment 

By Noah Shachtman, Wired

2009-06-15T185045Z_01_TEH202_RTRMDNP_3_IRAN-ELECTION More and more of Iran’s pro-government websites are under assault, as opposition forces launch web attacks on the Tehran regime’s online propaganda arms.

What started out as an attempt to overload a small set of official sites has now expanded, network security consultant Dancho Danchev notes. News outlets like Raja News are being attacked, too. The semi-official Fars News site is currently unavailable.

“We turned our collective power and outrage into a serious weapon that we could use at our will, without ever having to feel the consequences. We practiced distributed, citizen-based warfare,” writes Matthew Burton, a former U.S. intelligence analyst who joined in the online assaults, thanks to a “push-button tool that would, upon your click, immediately start bombarding 10 Web sites with requests.”

But the tactic of launching these distributed denial of service, or DDOS, attacks remains hugely controversial. The author of one-web based tool, “Page Rebooter,” used by opposition supporters to send massive amounts of traffic to Iranian government sites, temporarily shut the service down, citing his discomfort with using the tool “to attack other websites.” Then, a few hours later, he turned on the service again, after his employers agreed to cover the costs of the additional traffic. WhereIsMyVote.info is opening up 16 Page Reboot windows simultaneously, to flood an array of government pages at once.

Other online supporters of the so-called “Green Revolution” worry about the ethics of a democracy-promotion movement inhibitting their foes’ free speech. A third group is concerned that the DDOS strikes could eat up the limited amount of bandwidth available inside Iran — bandwidth being used by the opposition to spread its message by Twitter, Facebook, and YouTube. “Quit with the DDOS attacks — they’re just slowing down Iranian traffic and making it more difficult for the protesters to Tweet,” says one online activist.

But Burton — who helped bring Web 2.0 tools to the American spy community — isn’t so sure. “Giving a citizenry the ability to turn the tables on its own government is, I think, what governance is all about. The public’s ability to strike back is something that every government should be reminded of from time to time.” Yet he admits to feeling “conflicted.” about participating in the strikes, he suddenly stopped. “I don’t know why, but it just felt…creepy. I was frightened by how easy it was to sow chaos from afar, safe and sound in my apartment, where I would never have to experience–or even know–the results of my actions.”

Meanwhile, San Francisco technologist Austin Heap has put together a set of instructions on how to set up “proxies”—intermediary internet protocol (IP) address—that allow activists to get through the government firewall. And the Networked Culture blog has assembled for pro-democracy sympathizers a “cyberwar guide for beginners.” Stop publicizing these proxies over Twitter, the site recommends. Instead, send direct messages to “@stopAhmadi or @iran09 and they will distributed them discretely [sic] to bloggers in Iran.”

11-26