I&W Cyber and Otherwise

Last month when we gathered around the browser, I was expressing my concerns about a “guns of October” scenario emerging in the Middle East and assuring you that I did not believe the attack in Benghazi on September 11 represented an intelligence failure.  Within days of posting, the conflict in Syria expanded to Turkey retaliating with cross border fire against Assad’s government forces.  Then on September 28th the DNI issued a statement clarifying that subsequent intelligence showed the attack on the US Consulate in Benghazi was not a spontaneous reaction to the YouTube “Innocence of Muslims” film trailer but rather it was a planned terrorist attack meant to kill Americans and embarrass the United States (http://www.dni.gov/index.php/newsroom/press-releases/96-press-releases-2012/731-statement-by-the-odni-s-director-of-public-affairs-on-intelligence-related-to-the-terrorist-attack-on-the-u-s-consulate-in-benghazi).  As I started to write this edition, Secretary of Defense Panetta spoke at Business Executives for National Security (BENS) dinner on October 11th aboard the INTREPID Museum in New York City laying out the cyber threat to national security and how DoD is preparing to deal with it (http://www.defense.gov/speeches/speech.aspx?speechid=1728).

It was inevitable that fighting between the Syrian Army and the Syrian Rebels in the northern cities of Idlib and Aleppo would bleed across the nearby Turkish border.  While Turkey may or may not be offering strategic sanctuary to the Syrian Rebels, it is likely that Bashar al Assad’s generals believe that Ankara is providing the rebels with more than moral support that is threatening the regime’s hold on power.  The continuation/expansion of armed conflict along the Turkish/Syrian border obviously has the potential for drawing NATO into this conflict in support of its member nation Turkey  – – – – which would cause Iran to come to the assistance of its Syrian ally with military equipment being provided behind the scenes by Russia, China and North Korea!  How dangerously reminiscent of the Cold War this is, but without the restraints of avoiding a strategic nuclear exchange between Moscow and Washington.  Presumably the IC has the right mix of collection and analytic capabilities spun up to warn America’s national leaders, diplomats and military commanders if and when Turkish national security interests are threatened by events in Syria.

Was DNI Clapper’s statement about the Benghazi Consulate attack, which resulted in the death of four Americans including our Ambassador, meant to protect the Office of the President  – – –  I hope so.  Was the statement politically motivated – – – I doubt it based on the person issuing it.  Most reading this understand that the media and both presidential campaigns are using “reports” and “intelligence” interchangeably when they should not.  As every young intelligence officer learns (usually from experience), “the first report is always wrong.” Director Clapper expanded on his official comment of 28 September by reminding  the GEOINT audience on 8 October that: (a) diplomacy is dangerous,( b) hindsight is cheap, (c) resources are limited; threats are not, and (d) the facts are never immediately known (http://geointv.com/archive/geoint-2012-tuesday-keynote-james-r-clapper-jr-director-of-national-intelligence/).   Based on my understanding of the limits of intelligence, I have seen nothing emerge yet to change my view that the Benghazi attack is more the result of a policy failure than an intelligence failure.  The 1979 seizure of the U.S. Embassy in Tehran, the 1983 attack on the American Embassy in Beirut, the 1998 bombings of our embassies in East Africa, the mortaring of the Green Zone in Baghdad, the RPG’s fired at the U.S. Embassy in Kabul last year, and now the Benghazi consulate all make Clapper’s point about diplomacy being the most dangerous often where it is the most important.  This list, however, is a reminder at least to me that the IC’s ability to warn our diplomatic missions of impending physical threats has not improved markedly over time.  I am sure this lack of improvement relates directly to the exposed nature of embassies and consulates as well as the non-coherency of the indigenous threats to them, but it would seem that the focused collection and analysis related to force protection in Iraq and Afghanistan could now be used to better warn our diplomatic missions in harm’s way.

Two days after Secretary Panetta spoke to BENS about the increasing cyber threats to national security and what DoD is doing to deal with them, the Wall Street Journal reported there were clear forensics linking Iran with recent cyber attacks against U.S. banks and energy companies in Saudi Arabia (http://online.wsj.com/article/SB10000872396390444657804578052931555576700.html?KEYWORDS=Iran+cyber).  When I read this I remarked in a different venue that I can see the US and Iran (and probably others) entering into an opaque cyber cycle of attack and react that by necessity will include probing (ISR) and exploiting of each other’s cyber infrastructures.  The analogy for me here is “the war of the cities” during the Iran/Iraq war in the 1980s when both countries’ armies were worn out from attrition combat in the field and the war devolved into each side lobbing missiles into each other’s cities —— essentially making the war a distant fact to both sides’ military forces. As we move deeper into the information age it would seem that cyber will become increasingly the domain of choice for influencing the behavior of governments, militaries, non-government organizations, and multi-national conglomerates. I view this as an “inevitable surprise” because of the low cost of entry for high impact cyber effects, the challenges of attributing actions in cyber space, and the general oblivion by most people to the light speed transactions of “1’s” and “0’s” in cyberspace.

Given all of its experience combined with the robustness of platforms, sensors and analytical centers for doing ISR to accomplish Indications and Warning (I&W) in the physical domains, I am concerned about what capabilities the IC has developed to discern, characterize, attribute and warn about the current levels of threatening activity in cyber space.  If we are facing a “cyber space Pearl Harbor” as Secretary Panetta says then we don’t want to replicate the I&W missteps of 1941 today.

That’s what I think; what do you think?