Homeland Security Watch

News and analysis of critical issues in homeland security

October 29, 2008

Chertoff Addresses the Beta

Filed under: Risk Assessment — by Jonah Czerwinski on October 29, 2008

When businesses consider investments in projects or acquisitions, they’ll often times use something called the capital asset pricing model, or CAPM. In that equation we quantify some ordinarily unquantifiable things. For example, risk. In the CAPM and other applications, risk is referred to as beta. This month, Secretary Chertoff delivered an address at the Wharton School of Business to explain his views on how the nation should deal with risk management and how his Department has tried to value the beta in our nation’s homeland security mission.

Chertoff explains his rule of thumb as follows: “I look at the issue of, you know, probability and consequence, I put a lot of weight on the consequence end of the equation.” In a nutshell: weight the consequences more than the likelihood of something bad happening.

This is an interesting choice, and a tough one for the head of DHS. The mindset Chertoff offered to the audience of business students and faculty was not the sort we are taught in M&A class or the kind you’ll find on Wall Street. If it was, firms that consider investing in a company would not value the assets, liabilities, and synergies; they’d first consider what the consequences would be if, say, the entire leadership of that target company turns out to be a bunch of frauds on the verge of indictment and what could limit the impact of such an outcome or limit the likelihood of it at all. It isn’t a smart on Wall Street and it could represent an imbalance when it comes to the homeland in general.

The Secretary explains that “managing risk is fundamentally looking ahead to the possibility of a disaster that is yet to happen and then to make cost-benefit driven plans to prevent disaster or to reduce our vulnerability to the disaster or mitigate the effects of the disaster that occurs.” Hard to argue with that. However, Don, a Wharton student in the audience asked the Secretary to clarify “how it’s possible to [defend the homeland] when the costs of remedying a risk are too great or the probability itself are too small and it’s necessary just to let it go.”

Secretary Chertoff offered “the one general principle” that he applies when considering risk management. “I put a lot of weight on consequences. [If the] consequence is catastrophic, even if it’s the low probability, is to me something that warrants a lot of effort to prevent and to prepare for. [If the consequence] is bad but not out of the ordinary is one where I might be more willing to be a little bit more modest in terms of preventive measures that I take…. So my big rule of thumb is when I look at the issue of, you know, probability and consequence, I put a lot of weight on the consequence end of the equation.”

Of course, this may not really be what happens in practice: In FY09 DHS received about $500 million to combat smuggled nuclear weapons (low likelihood/devastating consequence) and $1.3 billion to combat improvised explosive devices (high likelihood/less deadly consequence). So it appears that despite an advertised focus on consequences over likelihood, DHS continues to invest in combating those threats that are more likely over those that are more devastating.

October 27, 2008

Domestic Terrorists Plot to Assassinate Obama?

Filed under: Terrorist Threats & Attacks — by Jonah Czerwinski on October 27, 2008

News reports this evening revealed that two men met during the last month over the Internet to plan a suicide mission that would result in a mass killing of Americans and an assassination of Senator Barack Obama with guns they planned to steal from a gun dealer and a sawed-off shotgun and three hand guns they already possessed.

The FBI, the ATF, the Secret Service, and state and local authorities in Tennessee are investigating charges against Daniel Cowart, 20, of Bells, Tenn., and Paul Schlesselman 18, of Helena-West Helena, Ark, two self-described nazi skinheads.

Cowart – appropriately named – and his alleged accomplice, Schlesselman planned to kill 88 people, including 14 African-Americans by beheading, according to AP reports. ATF reports state that the two nazis expected to “get killed trying.”

The Anti-Defamation League explains that the numbers 14 and 88 are symbolic among hate groups like neo-nazis. The eighth letter in the alphabet, H, is repeated to represent the phrase “Heil Hitler.” The other number reflects a 14-word statement popular among white supremacists: “We must secure the existence of our people and a future for white children.”

Fortunately for the existence of Americans in general, Cowart and Schlesselman’s plot was disrupted. They are charged with possessing an unregistered firearm, conspiring to steal firearms from a federally licensed gun dealer, and threatening a candidate for president. The investigation is continuing, and more charges are possible, said Jim Cavanaugh, special agent in charge of the Nashville field office for the Bureau of Alcohol, Tobacco Firearms and Explosives.

Its worth noting that the Anti-Defamation League has monitored “a significant and troubling resurgence of racist skinhead activity” during the past five years across most sections of the country. The ADL, which was founded in 1913 to “anti-Semitism and all forms of bigotry, defends democratic ideals and protects civil rights for all”, has established what is called the Racist Skinhead Project as part of their work to end extremism in the U.S.

The ADL’s site explains that “This renewed growth of racist skinhead activity includes a rise in the number of organized racist skinhead groups as well as a rise in the number of “independent” or unaffiliated racist skinheads. It also includes a rise in the amount of skinhead-related criminal activity, primarily hate crimes but also including a few attempted acts of terrorism.”

October 24, 2008

CBP Plans New Data Sharing Rule for International Shippers to the U.S.

Filed under: Intelligence and Info-Sharing,Port and Maritime Security — by Jonah Czerwinski on October 24, 2008

DHS Customs and Border Protection plans to issue a new rule requiring U.S. importers and manufacturers to provide new data about U.S.-bound shipments. The data sharing procedure is designed to improve port security and prevent terrorist use of shipments and containers headed U.S. The proposed rule is part of the SAFE Port Act of 2006, in which CBP began requiring 12 new categories of data on shipments to the U.S. to be provided at least 24 hours before loading in foreign ports.

The Hill reports today that business groups oppose the rule, warning that it would “disrupt supply chains without improving security at a time when the U.S. economy is in the doldrums.” The National Association of Manufacturers (NAM) is been leading the effort to oppose, or at least modify, the proposed rule. NAM is joined by the U.S. Chamber of Commerce, the European-American Business Council, the Association of International Automobile Manufacturers, the American Petroleum Institute, and the Consumer Electronics Association.

DHS suggests the new rule could at first delay shipments by as much as 24 hours, and will eventually drop to 12 hours. Businesses, however, suggest that security would be actually reduced because cargo would sit unguarded while it awaited permission to be loaded and that today’s already fragile global economy can’t handle further strains like those they believe the new rule would impose. The new rule would prohibit a shipment from leaving its foreign port until DHS has the required data for each container. NAM argues that other hidden costs of compliance, longer delays in the supply chain, software needs, and added personnel for the new requirements would cost U.S. businesses about $20 billion a year.

These firms also argue it is more realistic to expect a two-to-five-day delay, depending on the complexity of the supply chain. As a compromise, opponents in the private sector are calling for a pilot program to be set up to test the new rule on a small scale first before full deployment.

While OMB and DHS are inundated with complaints from constituents in the manufacturing districts of Michigan and hard-hitting lobbying efforts by the U.S. Chamber of Commerce, a CBP spokeswoman told The Hill that OMB “is currently leading an interagency review of the rule, but would not comment on … why the agency wants to proceed without a pilot program.”

October 23, 2008

A Welcome Reversal on the Watchlist

Filed under: Aviation Security,Intelligence and Info-Sharing,Privacy and Security — by Jonah Czerwinski on October 23, 2008

Earlier this year DHS and the airlines went head-to-head over who should be responsible for checking passengers’ names against the federal no-fly list. DHS said they would maintain a list of names of people that would either be subject to additional screening (“selectee”) or not be permitted to fly (“no-fly”). It did not take long for the air lines to object, claiming an undue burden on their operations, and DHS fretted over inconsistent application of the list by the private air carriers. Eventually, all agreed the situation wasn’t working and today Secretary Chertoff issued a new “rule” reversing the process.

Under the new rule, part of Secure Flight, airlines will submit encrypted flight reservation information to TSA. TSA will compare that data with a constantly maintained/updated no-fly list and selectee list. Then TSA will send the results back to the airline “if there’s a problem,” said Chertoff during a press event today. It is unclear if the airlines only hear back from TSA in the event of a “hit” on the list. It may be the case that if TSA doesn’t comment, then the air lines are clear to board the passenger. Silence equals acceptance?

The private sector fell short in carrying out baggage screening, and so we gave it back to TSA. The private sector failed to meet expectations on the no-fly lists, and so it goes back to TSA. This would seem like a clear cut victory for the airlines. They offload all the risk to TSA at the screening lanes and with checking the no-fly lists.

But this is a win for the traveling public, too. Someone once said that “government is the name we give to those things we decide to do together.” This is a classic example. It never made sense to outsource this important process to the private sector.

And then the Secretary made it interesting: Ever wonder how many names are on that watch list? Well Chertoff decided to share some details. Estimates have ranged up to 1 million names. According to the Secretary, “there are fewer than 16,000 — that’s one six — 16,000 unique individuals who are selectees in TSA’s database.” (He further clarified, “That’s 16,000. One six.”)

He went on state that most people on the list “are not even American citizens” and the vast majority of the names are for further screening (selectee status); they are not necessarily banned from flying. That number is closer to 2,500, of which approximately 10% are American citizens, according to the Secretary.

October 22, 2008

DHS Budgeting Learns from DOD Practice; 5-Year Guidance to be Issued

Filed under: Budgets and Spending — by Jonah Czerwinski on October 22, 2008

The DHS Office of Strategic Plans will host a briefing to describe the new DHS Planning, Programming, Budgeting and Execution (PPBE) process and the forthcoming FY 2011-2015 Integrated Planning Guidance (IPG) that derives from it.

The Planning, Programming, Budgeting, and Execution (PPBE) process is the Department of Defense internal methodology used to allocate resources to capabilities deemed necessary to accomplish the Department’s missions. One output of the PPBE process is the funding proposed to be included in the President’s Budget submitted to Congress. The PPBE process evolved from the Planning, Programming, and Budgeting System (PPBS), introduced by Defense Secretary McNamara in the early 1960’s into.

Over the past year, the DHS Office of Policy and the DHS Management Directorate have modified and adapted a DHS-centric version of the PPBE process. While the DOD PPBE focuses on providing Unified Combatant Commanders with appropriate forces, equipment, and support, the IPG converts DHS strategic goals, strategic objectives, and policies into guidance for DHS directorates, components, and staff offices to conduct their own “programming, budgeting, execution, investment, and acquisition phases.”

On Oct. 27, DHS officials from throughout the department will make presentations about the PPBE process and the Integrated Planning Guidance for FY 2011-2015. I hope to attend and will blog here on anything insightful that comes of the five-year budget window.

UPDATE — Looks like I won’t be attending that briefing on the 2011-2015 budget guidance for DHS as it is for DHS personnel only. Shucks.

October 20, 2008

China’s Own Anti-Terror Tactics May Fan Flames of Extremism

Filed under: International HLS,Terrorist Threats & Attacks — by Jonah Czerwinski on October 20, 2008

The grand mosque in the isolated Chinese city of Khotan symbolizes the Communist country’s overt efforts to contain Islam (as well as most other religions), but it does so with greater force now as the Chinese government fears terrorism connected to Islam. I returned this weekend from Beijing to find a story in the New York Times about how concerns over restive Muslim populations are provoking the worst the efforts by official China to squelch freedom of religion. China has seen a recent spate of attacks, including one in August that left at least 22 security officers and one civilian dead.

If there is one thing we have learned since 9/11, however, is that the unintended consequences of confronting religion can be worse than what we seek to avoid in the first place.

The Times story describes how Chinese government officials dictate that the imam’s sermon at the Khotan mosque is limited to a half-hour, that prayer in public areas outside the mosque is strictly forbidden, and that residents of Khotan are not allowed to worship at mosques outside of the town.

Other edicts permit only the use of official versions of the Koran and imams may not teach the Koran in private. Students and government workers are compelled to eat during the fasting period of Ramadan, which ran from September to early October, and only government-run hajj tours are sanctioned. Moreover, government workers are not permitted to practice Islam.

In an effort to control what the Chinese government calls the “three forces” of separatism, terrorism and religious extremism, such harsh restrictions on Islam pose an equal if not greater risk of radicalizing this Chinese population.

According to the Chinese government and the Times report, there are 24,000 mosques and 29,000 religious leaders in Xinjiang, with concentrations among towns in the south like Kashgar, Yarkand and Khotan.

October 15, 2008

When CBP Searches Your Laptop

Filed under: Aviation Security,Border Security,Intelligence and Info-Sharing — by Jonah Czerwinski on October 15, 2008

~ Guest Blog ~

By Nathan A. Sales

Should customs officers be able to search your laptop computer at the border the same way they inspect your suitcase?

Not if public opinion is any guide. Earlier this year, the Washington Post caused some heartburn when it reported that border officials occasionally “look at information stored in electronic devices such as laptops without any suspicion of a crime.” One U.S. Senator calls the searches “truly alarming.”

He’s not alone. Laptop searches can do real harm to ordinary travelers’ privacy interests. When told that the government claims the power to rummage through computers, BlackBerries, and flash drives at the border, many people react with shock, even revulsion. A laptop search seems terribly invasive. The average traveler may be willing to hand over his suitcase for inspection, but his laptop seems a bridge too far.

Yet it’s also true that laptop searches are an important tool in the government’s efforts to detect terrorists and combat child exploitation. In fact, federal courts have decided twelve cases involving laptop searches at the border, and every single one has involved child pornography.

My sense is that suspicionless laptop searches generally are consistent with the Fourth Amendment. Under the Supreme Court’s border-search doctrine, “non-routine” searches (e.g., invasive searches of the body) are off-limits unless officers have a reasonable suspicion of wrongdoing. By contrast, “routine” searches (e.g., searches of property) need not be based on any suspicion whatsoever. Routine searches are constitutional simply by virtue of the fact that they occur at the border.

How does the border-search doctrine apply to laptops? The consensus among lower courts is that laptop searches are “routine”; officers therefore don’t need reasonable suspicion before conducting them.

The courts are probably right, for a simple reason: technological neutrality. The privacy protections we enjoy shouldn’t depend on whether we store our data in digital format or on paper. Customs can inspect mail, address books, and photo albums with no suspicion at all. Why should the rule change when we keep our correspondence, contacts, and pictures on a laptop? The mere fact of computerization shouldn’t make a difference.

Of course, laptops are different from other property. They contain more personal data than other items that cross the border; the information can be quite sensitive; and the government might keep data from a laptop for a long time, maybe indefinitely. But while laptops are different, they don’t deserve a blanket exception to the border-search doctrine. In fact, laptop searches have the potential to be less, not more, intrusive than traditional border inspections of physical objects. With keyword searches, automated computer processes can identify specific data points that might warrant further investigation. That means human beings don’t need to rifle through the laptop’s hard drive manually.

While the Fourth Amendment imposes few restrictions on laptop searches, policymakers should adopt some additional safeguards. In particular, the government should formalize the standards it uses to pick travelers for laptop searches, to ensure people aren’t singled out for impermissible reasons like race or religion. It also should adopt rules for retaining information from laptops; if a search uncovers no evidence of crime, customs would be hard pressed to justify keeping any data. And the government should apply special protections to sensitive data like trade secrets and privileged correspondence. Supplemental standards like these would equip the government with the tools it needs, while helping to prevent the privacy interests of law-abiding travelers from becoming collateral damage in the war on terrorism.

Readers interested in this topic may wish to download my recent article, “Run for the Border: Laptop Searches and the Fourth Amendment.”

Nathan A. Sales served as deputy assistant secretary of homeland security for policy development from 2006-2007 and is now on the faculty of George Mason University School of Law.

October 10, 2008

In China

Filed under: General Homeland Security — by Jonah Czerwinski on October 10, 2008

I’ll be in Beijing for the next week and doing my best to blog from there. We will have some guest contributors while I’m out. Stay tuned.


October 9, 2008

HLSwatch Interviews Chertoff on DHS Cyber Initiatives

Filed under: Budgets and Spending,Cybersecurity — by Jonah Czerwinski on October 9, 2008

In a meeting yesterday that comes as DHS kicks off its first National Cyber Security Awareness Month, Secretary Chertoff responded to a range of questions from a group of invited homeland security bloggers. The discussion focused on the Department of Homeland Security’s cyber security initiatives.

I asked about governance issues, budget priorities, and the gradual shift from passive defense to “active defense” in the Department’s role in dealing with cyber threats to the .gov environment.

Chertoff explained that “from our standpoint in the next year, the $350 million in the FY 09 appropriations for DHS cyber programs is actually slightly more than we requested. And what we’re doing is we’re building the basic infrastructure.”

That basic infrastructure includes the following:

• Deploying Einstein 2.0

• Equipment, personnel (recruiting over 100 programmers and operators of Einstein.)

• Additional space, leasing various utilities.

• DHS monetary contribution to support of the Cyber Security Center, which is in the process of standing up.

In the future, Chertoff references DHS plans to “get our control over the .gov domain.” He explained that “every 45 days we are reducing by half and consolidating the number of Internet connections [to the Internet from the federal computer networks.] According to the Secretary, DHS plans to consolidate federal Internet connections “from what started at as a thousand and we hope will be in the neighborhood of a hundred or two.”

This will enable more effective deployment of the DHS cyber security program called Einstein 2.0, which is designed to obtain “real time detection warning,” Chertoff said. The intention here would be to provide characterization of cyber intrusions or other threats as they occur so that an immediate response can be executed to counter the attack in some way. It is unclear if DHS also is responsible for the countermeasures.

I asked about another program he mentioned in a separate discussion that he called Einstein 3.0, which would be shifting us even further down the spectrum from defense to offense.

Chertoff responded by saying that “we are taking our Einstein 1.0, which is our current detection tool, we are now upgrading it to Einstein 2.0 and testing it out, and we’re also in the process of looking at turning it from a passive detection to an active detection device, active meaning that we would have the ability to actually stop an attack as opposed to merely warn about an attack.

Chertoff continued:

No, it’s still defense. It’s just a blocking capability. In other words, what 2.0 does is if I know malicious code is coming in, it enables me to give a real time warning. Someone described it the other day to me; it’s like a traffic cop sitting on the highway seeing people speed and he can immediately call in and say someone with license plate XYZ is speeding, and give warning down there.

3.0 would allow the traffic cop to make the arrest right on the spot.

It would be when you detected the attack, you would stop it cold.

I’ll update this post later today with more from the exchange. Other bloggers in attendance included I’ll update this post later today with more from the exchange. Other bloggers in attendance included Ben Bain with Federal Computer Week, Jeff Fox from ConsumerReports, Jena McNeill with the Heritage Foundation, Julian Sanchez from ArsTechnica, Jeff Stein from Congressional Quarterly, and John Solomon from In Case of Emergency Blog. Full transcript can be found here.

October 7, 2008

Chertoff Elaborates on DHS Cyber Posture

Filed under: Cybersecurity — by Jonah Czerwinski on October 7, 2008

DHS plans to go on the offensive in cyberspace. Secretary Chertoff told a group of reporters last week, including CNN, that following Einstein 2.0, which monitors and reports cyber intrusions in real time, we can expect a version 3.0 to act “like an anti-aircraft weapon, shoot down an attack before it hits its target,” Chertoff said. “And that’s what we call Einstein 3.0.”

The Bush administration introduced a National Cyber Security Initiative in January that is to be carried out by DHS, Defense, the Intel Community, and others. The role for DHS – and the extent to which it would lead any part of the Initiative – is the subject of some uncertainty. The “most immediate component” of the National Cyber Security Initiative for DHS, Chertoff said, is to increase security for federal government computer systems.

Tomorrow, Secretary Chertoff convenes a group of us from the blogosphere to discuss the DHS role in the National Cyber Security Initiative. I intend to ask about how the Department plans to deal with the implications of an offensive approach to cybersecurity, considered an escalation by some, for DHS. There is a wide spectrum of productive activity in cyber security between simply monitoring attacks and conducting the (counter)attacks. However, I’d like to know DHS is looking at this entire spectrum.

If you have questions on the topic of the National Cyber Security Initiative and the DHS role in it, please submit comments here.

October 6, 2008

Invitation to Readers, Part II

Filed under: General Homeland Security — by Jonah Czerwinski on October 6, 2008

Readers asked for information about other readers when I encouraged your commentary on this site. So in the Comments section of this post is a snapshot of the 100 most recent readers of HLSwatch.com.

Reader WRC also asked about international readership. The most recent 100 readers represents only the U.S., Mexico, Canada, Germany, Philippines, and Texas. HLSwatch is visited by readers on every continent, but my guess is that it depends on the time of day that we check sitemeter.

Study Shows Impact of Terror Threat on Voters

Filed under: Terrorist Threats & Attacks — by Jonah Czerwinski on October 6, 2008

Robb Willer and Nick Adams, research scientists at the University of California, Berkeley, conducted a field experiment to test whether concerns about terrorism affect the way Americans view the 2008 presidential candidates and how an event that increases the prominence of terrorism, like a threat or attack, would affect the 2008 election.

Since 9/11, research has linked the threat of terrorism with support for President Bush. For example, an analysis by Willer in 2004 showed that government issued- terror warnings were followed by increases in Bush’s Gallup approval level between 2001 and 2004. In 2006, the effect of media reports indicating a high threat of terrorist attack (e.g., video tapes of Osama Bin Laden, public pronouncements of risk by U.S. administration officials, and changes to the Department of Homeland Security’s color-coded Threat Level) showed that both increased fear of terrorist attacks and support for Bush.

This time around, the researchers find that exposure to terror threats increased concerns about “homeland security” without affecting candidate preferences. However, their analysis of politically moderate respondents with a high rate of undecided, likely voters – 40% of the total sample – showed that this group expressed significantly lower support for Senator John McCain when exposed to the terror threat than in the control condition.

October 1, 2008

Resilience as Viewed by the Congress, Presidential Campaigns & the Private Sector

Filed under: Risk Assessment,Strategy — by Jonah Czerwinski on October 1, 2008

Today the Reform Institute hosts a forum on Resilience in Homeland Security Policy: Congress, Presidential Campaigns & the Private Sector with the following discussants:

Robert W. Kelly, Senior Advisor, Homeland and National Security Center of the Reform Institute, Managing Partner, CenTauri Solutions, LLC
P.J. Crowley, representing the Obama campaign
Lee Carosi Dunn, representative from the McCain campaign, TBD
Mike Beland, House Committee on Homeland Security, Democratic Staff
Sterling Marchand, House Committee on Homeland Security, Republican Staff
Rob Strayer, Senate Committee on Homeland Security and Governmental Affairs, Republican Staff
Jason Yanussi, Senate Committee on Homeland Security and Governmental Affairs, Democratic Staff
Mary Arnold, Vice President, Government Relations, SAP America
Michael Hickey, Vice President – Government Affairs, National Security Policy, Verizon
Timothy Farrell, Sr. Vice President, Business Continuity Manager – Corporate, Bank of America

The Reform Institute also is using this event to introduce a new report on the subject, entitled “Building a Resilient Nation: Enhancing Security, Ensuring a Strong Economy.” The next Administration and Congress have an opportunity to refocus homeland security policy toward resilience and risk-informed investment strategies at its core. The Reform Institute writers argue that the resilience piece can be accomplished through a strategy that encompasses preparedness, protection, response, and recovery.

This panel event and report follow a growing chorus of policy experts calling for a change in strategy that seeks to balance the prevention-protection-response framework with an approach that proactively develops the governance, technology, and human capital necessary to weather an attack or disaster in such a way that not only limits damage, but also restarts the system to return to the pre-incident state as quickly as possible. Given how interdependent today’s economy and society are, this is a necessity.

For more on resilience, see this report from IBM, this post on a series of Congressional hearings on resilience, and attend today’s panel if possible:

Resilience in Homeland Security Policy: Congress, Presidential Campaigns & the Private Sector Wednesday, October 1, 2008
10:00 a.m. – 11:30 a.m.
The Phoenix Park Hotel, Ballroom
520 N. Capitol Street, NW, Washington, DC