Homeland Security Watch

News and analysis of critical issues in homeland security

March 31, 2009

Mehsud threatens D.C. attack

Filed under: General Homeland Security,Intelligence and Info-Sharing — by Philip J. Palin on March 31, 2009

Baitullah Mehsud, a Pakistani warlord allied with the Taliban and al-Qaeda, has taken credit for the recent attack on a police academy in Lahore.  In media interviews today he threatened to attack Washington D.C.

Mehsud told the Guardian newspaper, “You can’t imagine how we could avenge this threat inside Washington, inside the White House.”  He told the Associated Press, “Soon we will launch an attack in Washington that will amaze everyone in the world.”

The United States has authorized a reward of up to $5 million for information leading to capture of Mehsud.  He is believed to have been the mastermind of the January 2007 attack on the Islamabad Marriott.  Mehsud is also implicated in the assassination of Benazir Bhutto, former Prime Minister of Pakistan.

According to the Associated Press,  “FBI spokesman Richard Kolko says Mehsud has made similar threats in the past. Mehsud has no record of actually striking targets abroad although he is suspected of being behind a 10-man cell arrested in Barcelona in January 2008 for plotting suicide attacks in Spain.”

Related Headlines:

Pakistan’s Taliban leader threatens attacks in the U.S. (Los Angeles Times)

We will launch attack on America (Times of London Online)

Taliban Leader’s Washington Threat is Credible (Fox News)

After Lahore, Washington is our Target (NDTV)

Taliban threatens attack in D.C. (Washington Times)

Fusion Center Hearing Homework

Filed under: Intelligence and Info-Sharing — by Philip J. Palin on March 31, 2009

Tomorrow morning the House Homeland Security Committee, Subcommittee on Intelligence, Information Sharing, and Terrorism Risk Assessment  will hold a hearing on The Future of Fusion Centers: Potential Promise and Dangers.

Those testifying have been asked to focus their comments on two documents:

DHS Inspector General’s December 2008 report: DHS’ Role in State and Local Fusion Centers is Evolving.

DHS and DOJ policy paper: Baseline Capabilities for State and Major Urban Area Fusion Centers.

Significant attention will also be given to privacy concerns related to Fusion Centers.  The ACLU offers a related report and more: What’s Wrong with Fusion Centers.

Homeland Security Budget: WAPO channels OMB

Filed under: Budgets and Spending — by Philip J. Palin on March 31, 2009

Monday afternoon the Washington Post offered a summary of how the White House budget would impact each federal department.   Nothing new in the WAPO piece.  But just in case you missed earlier reports: DHS is written in for $43 billion, an increase of 6 percent.

According to the Post, “The Department of Homeland Security’s budget includes few new initiatives and would barely increase under Obama’s proposal, though some big-ticket items were funded by the recently passed stimulus package.”

“DHS is the only Cabinet department whose discretionary funds are forecast to drop annually after this year through 2014. The loss is supposed to be offset by phasing in a per-ticket airline passenger security fee after 2012, a proposal that Congress has repeatedly killed.”

Obama included $368 million to sustain the Border Patrol at a planned 20,000 agents and carve out more money, $1.4 billion, for Immigration and Customs Enforcement programs to deport illegal immigrants who commit crimes.”

Counter Terrorism: CT should also mean Clarity of Thought

Filed under: Strategy,Terrorist Threats & Attacks — by Philip J. Palin on March 31, 2009

Last Tuesday two HLSwatch readers had a quick dialogue related to the UKs new counterterrorism strategy.  Their comments are worth further consideration.

In describing the British document’s value, one of the readers observes it models the principle: “Be clear about the threat and the government response. See former Senator Bob Graham on the importance of talking about risks clearly and without talking down to the public. Does there exist a comparable document from our government that clearly delineates the threat and the strategy behind the response? I would argue no…”

The United Kingdom’s Strategy for Countering International Terrorism is well-written in a way that can elude US official prose.  We might amiably credit the Queen’s English or an Oxbridge literary education.  But it seems to me something more fundamental may be at work.

In intelligence circles the Brits  complain that Yanks are sloppy because we have too much money.   We don’t make choices.  We take-on everything… or at least try.  In contrast  the British spy services are careful in choosing their targets.  They are acutely aware of  post-imperial limits and make choices accordingly.

The British author and critic Anthony Daniels  (aka Theodore Dalrymple) has argued,  “In good writing, what is left out is at least as important as what is included.”  Is this what gives the British CT strategy the clarity on which the reader remarks?  Can Yanks learn what to leave out, in both our writing and in homeland security?

A second reader comments on the UK strategy, “Another example of where a smaller country demographically and geographically, and administratively centralized, can perform wonders that might fail or not work well in US.”  Is our sometimes complicated and confusing approach to homeland security an inevitable reflection of national scope and scale?  Does our size and diversity resist choosing what to leave out?

If so, doesn’t that argue for giving more priority to local, state, and regional approaches?  The Founders’ original sense of a federal union can be seen as a proto-network well-suited for confronting modern networks.

It is not merely a matter of better or worse writing.  Written words reflect and influence thought.  Thought — we can hope — has a relationship to decision and action.

March 30, 2009

Countering (a Chinese?) Conficker

Filed under: General Homeland Security — by Philip J. Palin on March 30, 2009

The US Computer Emergency Readiness Team (US-CERT) has released a detection tool for government use and is providing guidance to private users in regard to the Conficker worm.

A late Sunday report from CNET suggests that the Conficker Worm might originate in China.  A Vietnamese security firm “has found that Conficker’s code is closely related to that of the notorious Nimda, a virus that wreaked havoc on the Net and e-mail in 2001,” according to reporter Dong Ngo. (Someone  has definately pointed toward Beijing and yelled, “pile on.”)

According to the same CNET story, “Conficker is a very sophisticated worm that took advantage of a security hole mentioned in this Microsoft bulletin. The hole affected all 32-bit and 64-bit Windows operating systems, even those with latest service packs. The hole allowed the virus to infect the computer without any user interaction via the Internet, local network, or USB thumb drives. Once infected, it stops the computer’s security services and Windows update service and disables tools and software designed to remove it. The worm also allows the creator to remotely install other malicious codes on the infected computer.”

UPDATE: After-action report – fortunately NOT a post-mortem – from CNET.

Immigration raids: Surprise me once is one time too many

Filed under: General Homeland Security — by Philip J. Palin on March 30, 2009

While serving as Arizona Governor, Janet Napolitano was accused of – or applauded for(depending on the speaker) – walking a fine line on immigration policy.  Walking the line involves being a bad cop with employers and “coyotes” who exploit illegal immigrants,  being a good cop in terms of legal immigration,  and being a compassionate cop with the families of hard-working recent immigrants – regardless of status.

On the morning of the Secretary’s inaugural testimony to the House Homeland Security Committee she was informed after-the-fact of an ICE raid on Yamato Engine Specialists in Bellingham, Washington resulting in the arrest of 28. 

I happened to be in the hearing room when she was asked about the raid.  It was not necessary to see her face. The Secretary’s tone, more than her words, communicated her displeasure.  Whether her displeasure was at being surprised, or of an enforcement action with which she did not agree, or both was not made explicit.

The local Bellingham newspaper criticized the ICE raid as, “meaningless.” An editorial explained,  “It disrupted an important local business with many employees. It “rounded up” more than two dozen hard-working people in our community. And it did nothing to stop the flow of illegal immigration in to the United States.”

Last week several Chicago political, social, and religious leaders called for a moritorium on work-place raids as an immigration enforcement tool.  Cardinal Francis George, Archbishop of Chicago, said, “May this be the year that raids and separation of families stop… May this be the year that our legislators pass comprehensive Immigration reform.”

In this morning’s Washington Post, the headline reads: Delay in immigration raids may signal policy change.   I expect the “surprise” Bellingham raid was even more important than the Cardinal’s prayers in accelerating the shift.

UPDATE: Most of those arrested in the Bellingham raid are freed, according to the Seattle Times.

You, me, Obama, Osama, and Omar: hiking higher into the Hindu Kush

Filed under: Strategy,Terrorist Threats & Attacks — by Philip J. Palin on March 30, 2009


Friday President Obama set out his policy for Afghanistan, Pakistan, and combating terrorism in that region.  He explained, “I want the American people to understand that we have a clear and focused goal: to disrupt, dismantle and defeat al Qaeda in Pakistan and Afghanistan, and to prevent their return to either country in the future.”

During the President’s EOB remarks he set out the nature of the threat, saying, “The situation is increasingly perilous… Al Qaeda and its allies — the terrorists who planned and supported the 9/11 attacks — are in Pakistan and Afghanistan. Multiple intelligence estimates have warned that al Qaeda is actively planning attacks on the United States homeland from its safe haven in Pakistan. And if the Afghan government falls to the Taliban — or allows al Qaeda to go unchallenged — that country will again be a base for terrorists who want to kill as many of our people as they possibly can.”

The President continued, “The future of Afghanistan is inextricably linked to the future of its neighbor, Pakistan. In the nearly eight years since 9/11, al Qaeda and its extremist allies have moved across the border to the remote areas of the Pakistani frontier. This almost certainly includes al Qaeda’s leadership: Osama bin Laden and Ayman al-Zawahiri. They have used this mountainous terrain as a safe haven to hide, to train terrorists, to communicate with followers, to plot attacks, and to send fighters to support the insurgency in Afghanistan. For the American people, this border region has become the most dangerous place in the world.”

(A full transcript of the President’s remarks is available from the White House website.)

To deal with this most dangerous place in the world the President’s policy does not offer much that is new, but it does promise greater priority, resources, and energy being applied to Afghanistan.  Many will quibble with the simplification, but the policy shifts our gun scope from the Euphrates to the Hindu Kush.

Reaction to Friday’s policy roll-out was mostly positive.  Both Pakistani and Afghan leadership promised support.  President Kharzai of Afghanistan said, “It is exactly what the Afghan people were hoping for, and we’re seeking… This is better than we were expecting, as a matter of fact.”

Some others, of course, were not as positive.  In a Reuters interview Noor Muhammed, a prominent cleric in Quetta, Pakistan, said, “”America is foolish because it will only force more people here to stand up against it… If infidels occupy a Muslim land then it’s obligatory for all Muslims to do jihad.”

By coincidence or in response, on Sunday the Taliban kidnapped eleven Pakistani policemen in the Northwest and are suspected in a Monday morning attack on a police academy in the East.

Complicating the President’s policy is support for the Afghan Taliban by elements of Pakistan’s military and intelligence services.  Responding to questions about Pakistani support for the Taliban insurgency, General David Petraeus said, ““There are some cases that are indisputable in which that appears to have taken place…” Links between the Taliban and ISI “are very strong and some unquestionably remain to this day.” There is  also evidence that these ties – and sympathies – will resist quick dilution.

Tomorrow the President  leaves for Europe.  In addition to seeking international cooperation to manage the financial crisis, he will push for increased NATO support on the Afghan-Pakistan border and in the Taliban-dominated areas of Southern Afghanistan. Several argue that the President’s  Af-Pak policy depends largely on his ability to enlist more robust NATO involvement.   

So… we will renew and strengthen our fight in the Hindu Kush, where we began our fight in the weeks after September 11.   How this fight ends will, I think, influence how soundly we sleep for many years to come. 

One hundred-twenty years ago, Rudyard Kipling in A Man Who Would be King, wrote of the Hindu Kush, “That was a most mountainous country… They were tall and black, and coming home I saw them fight like wild goats… And these mountains, they never keep still, no more than goats.  Always fighting they are, and don’t let you sleep at night.”

(The policy White Paper  and a press briefing on the new policy is available from the White House website.)

UPDATE: “The chief of the Pakistani Taliban, Baitullah Mehsud, has told the BBC his group was behind Monday’s deadly attack on a police academy in Lahore.” (Read BBC report.)

SECOND UPDATE: On April 1 the Presidents of Afghanistan and Pakistan held a summit meeting in Turkey.

March 29, 2009

Cyber Spy Network Found

Filed under: Cybersecurity,General Homeland Security — by Philip J. Palin on March 29, 2009

The Munk Centre for International Studies at the University of Toronto has found evidence of a coordinated cyber-espionage effort that has infiltrated at least 1295 computers in 103 countries.   The report, released on Sunday afternoon, alledges official Chinese involvement.   The report was the subject of a front page story in the Sunday New York Times.

The finding tends to confirm observations regarding information and cyber warfare capabilities included in the recent DOD study on China’s military power.

Last week the White House gave lawmakers an update on the sixty day review of cybersecurity currently underway.

UPDATE: The Chinese government denies cyber-espionage charges, says China Daily.

Homeland Security This Week

Filed under: General Homeland Security — by Philip J. Palin on March 29, 2009

Following are a few Homeland Security events for this week.  Please access the links for more information on time, place, and purpose. Please use the comment function to add other events you would like to be covered in the days ahead.   If you are attending the hearings or otherwise directly involved, please consider contributing a report to HLSwatch.

Monday, March 30

3:00 pm (eastern) Brookings Institution preview of the NATO Summit with attention to the new Af-Pak policy.

Tuesday, March 31

10:00 am (eastern) House Homeland Security Committee, Subcommittee on Emergency Communications,  Preparedness, and Response holds a hearing on First Responder Communication and Coordination along the Southwest Border.

10:00 am (eastern) House Appropriations Committee, Subcommittee on Homeland Security holds hearing on transportation security.

11:00 am (eastern) Heritage Foundation panel discussion on using the National Guard for border security.

2:00 pm (eastern) House Homeland Security Committee, Subcommittee on Emerging Threats, Cybersecurity, and Science and Technology  holds a hearing on credit  card standards and cybercrime.

Defense Industrial Base Critical Infrastructure Conference opens in San Antonio.

Wednesday, April 1

9:30 am (eastern)  AEI panel discussion on Mexico’s war on drugs.

10:00 am (eastern) House Homeland Security Committee, Subcommmittee on Intelligence, Information Sharing and Terrorism Risk Assessment holds a hearing on the future of fusion centers.

10:00 am (eastern) House Appropriations Committee, Subcommittee on Homeland Security holds hearing on cargo and container security.

Thursday, April 2

10:00 am (eastern)  House Homeland Security Committee holds a hearing on the future of the Homeland Security Council.

10:00 am (eastern) House Appropriations Committee, Subcommittee on Homeland Security holds hearing on immigration enforcement and citizens verification.

Friday, April 3

11:00 am (eastern)  Center for American Progress panel discussion on Afghanistan.

This is the 35th Anniversary of the largest tornado outbreak in US history.

March 28, 2009

NORTHCOM to North Dakota

Filed under: Homeland Defense — by Philip J. Palin on March 28, 2009

According to a CNN report, it would seem that federal military assets are being deployed to assist with emergency operations in and around Fargo.  In a story filed late Friday, CNN reports, “Fifteen helicopters from the U.S. Northern Command along with active-duty military personnel are being sent to Fargo, North Dakota, to assist the state as it prepares for record flooding.” 

A related story in the Colorado Springs (NORTHCOM’s hometown) Gazette references a military news release and reports,  “The command will stage at the Grand Forks Air Force Base to aid the Federal Emergency Management Agency. NorthCom will help distribute supplies and coordinate the relief effort. A defense coordinating officer dispatched by NorthCom will act as the liaison between FEMA and NorthCom, relaying capabilities available to FEMA and coordinating movement of active-duty personnel and equipment to assist should the need arise.”

UPDATE:  A Saturday afternoon public affairs story from Minot (N.D) Air Force Base indicates that, “Two helicopters from the 54th Helicopter Squadron have been relocated from the Bismarck flood area to Grand Forks… The helicopters are being moved to Grand Forks staging as part of a larger NORTHCOM task force.”  The two hoist-equipped UH-1N  “hueys” are expected to be involved in search and rescue.

SECOND UPDATE:  As of Sunday afternoon at least four media releases are available from the NORTHCOM website.  While the information provided does not deal explicitly with the issue of the State Governor requesting Title 10 forces, it would appear the current deployment may be largely limited to use of the Grand Forks Air Force Base by FEMA and arrival in the potential theater of operations by  pre-deployment assessment teams. 

President speaks on flooding

Filed under: General Homeland Security — by Philip J. Palin on March 28, 2009

President Obama’s weekly radio and Internet comments  focus on the flooding in North Dakota and Minnesota.

The National Weather Service office in Grand Forks is now warning:


SUNDAY UPDATE: Freezing temperatures have slowed the river’s rise.  River levels are – at least temporarily – receding from a record-setting crest of 40.82 feet on Saturday about midmight.  But the flooded Red River remains dangerously high and a blizzard is expected to hit upstream beginning tonight.

DHS Efficiency Initiative

Filed under: Budgets and Spending — by Philip J. Palin on March 28, 2009

Friday Secretary Napolitano launched the Department’s Efficiency Review Initiative.  The Secretary explains her objectives in a Friday post to the DHS Leadership Journal (you will probably need to scroll down), writing, “Over the next 120 days, we will begin implementing nearly two dozen initiatives to trim costs, streamline operations, eliminate duplication, and better manage resources across the Department.”  CNN filed a related story.  So did NextGov.

Who, what, when, where, and why

Filed under: General Homeland Security — by Philip J. Palin on March 28, 2009

On Thursday I completed thirty days as an HLSwatch contributor.  Some preliminary observations:

Who are our readers?  This is really not knowable.  But from the data available we guess you are a combination of D.C. HS and related insiders and beyond-the-beltway HS practitioners. You seem to be largely male.  Compared to other blogs and webs with which I am involved, HLSwatch seems to be a rather closed set.  There is little evidence of current readers sharing what you read here.

What do you read?  In the last month the top-stories — by far — have been Chris Bellavita’s essay on 85% of what you know about homeland security is wrong and this Thursday’s piece on The Republic of Texas v. United States.  A  quick post on a terrorist training manual was close behind.

When do you read?  Mostly mornings starting about 8:20 (eastern).  Wednesday is usually our big day.  You are slow to get started on most Mondays and Fridays.  Weekend readership is half or less-than-half weekdays.  But the number of pageviews per reader tends to go up on the weekends.

Where are you? Mostly US-based, heavily entrenched in the Washington D.C. area, but about half are scattered across the country. We have concentrations of regular readers in New York, New Jersey, Ohio, Michigan, Illinois, Georgia, Florida, New Mexico, California, and Washington state.  We have regular readers in Japan, China, Singapore, India, Dubai, Germany, France, UK, Sweden, and Canada.

Why?  Once again, this is not knowable.  But given what is read most and what generates the most comments or Email you seem to prefer a post that connects to a “big issue” but uses an obscure fact or angle to illustrate the big issue in a non-traditional way.

I try to commit about two hours per day to researching, filtering, and posting. Mostly I do this in the evening or early morning. If professional obligations allow I come back in around mid-day or early afternoon to do updates. I use a full range of online search tools; receive lots of federal government news releases; readers, friends, and others call or write with suggestions; and for reasons that are not related to the blog I have to read many dense documents related to homeland security.

Given the limited time invested, most posts will be informational.  When possible the information will be placed in a policy or strategy context.  With the contributions of Chris Bellavita and a few others I hope HLSwatch will eventually offer at least one cutting-edge and thought-leading piece per week.

I originally signed-on to contribute one post per week, but so-far have found the daily discipline of posting to be productive and meaningful for me… and, I hope, for some of you.

March 27, 2009

Tornado outbreak predicted for today

Filed under: Preparedness and Response,State and Local HLS — by Philip J. Palin on March 27, 2009

The National Weather Service has issued a tornado watch for much of the Central Gulf Coast until 8:00 am (central) this morning.  Several severe thunderstorms – with wind gusts of up to 60 mph – are reported in the region.  Some meterologists are saying conditions are ripe for a tornado outbreak today and into tomorrow.

A “tornado outbreak” is the experience of  several — generally a minimum of six — near-continuous tornadoes during a single day or consecutive days.  The modern federal role in disaster response can be traced to the April 3, 1974 outbreak that produced 148 tornadoes, including six F5 twisters.  The outbreak extended from Southern Michigan to middle Alabama and resulted in 330 deaths, over 5400 injuries, and billions of dollars in property damage. (A scientific paper on tornado outbreaks is available from the American Meteorological Society.)

The National Disaster Relief Act of 1974 was a specific outcome of the April outbreak.  This legislation has subsequently been amended to become the now better known Stafford Act.

You can track severe weather and NWS watches and warnings at the NOAA/NWS National Warning Map.  This is constantly updated and allows for geographic drill-downs.

UPDATE: Up to twenty tornadoes were reported on Friday into Saturday morning.  The most damage was  reported along I-95 in Eastern North Carolina.  Tornado warnings for Saturday (or the most current day) can be tracked at the NOAA/NWS website.

Lieberman’s list for Lute

Filed under: Congress and HLS,Organizational Issues — by Philip J. Palin on March 27, 2009

At Thursday morning’s Senate committee hearing on the President’s nomination of Jane Holl Lute as Deputy Secretary of Homeland Security, Chairman Joseph Lieberman listed his priorities for the months ahead:

  • Improve acquisitions management;
  • Reduce reliance on contractors;
  • Increase attention – and transparency – related to cybersecurity; and
  • Ensure southern border security.

The Deputy Secretary is essentially the DHS Chief Operating Officer.  While the Secretary can easily be preoccupied as the external face and voice of the Department and administration, the Deputy may have more sustained influence on what the Department does and achieves.  The previous Deputy Secretary, Michael P. Jackson, seemed to inspire baldly binary assessments.  He was either  highly praised as a brilliant and hard-working task master or widely reviled as an inconsistent and interfering micro-manager. 

Good luck, Jane.

UPDATE: Perhaps best filed under RumorWatch: Some readers, friends, and others attending yesterday’s hearing have suggested my report is entirely too above-the-fray.  I was not at the hearing.  But I am reliably told it descended into an unfortunate rehashing of frustrations and concerns regarding the United Nations (where Ms. Lute has been recently engaged).  Further, Ms. Lute gave the orthodox non-answer to the whither-goest-FEMA question.  Many of those writing  consider the hearing a lost-opportunity for serious dialogue on key policy and strategy issues.  Which prompts me to again offer: good luck, Jane.  The Chairman’s list is substantive and gives all of us – including Ms. Lute – a helpful signal of the Committee’s priorities in weeks ahead.

One foot too far for Fargo?

Filed under: Preparedness and Response,State and Local HLS — by Philip J. Palin on March 27, 2009

Late yesterday the National Weather Service predicted the Red River will crest on Saturday at between 41 and 42 feet. But the NWS added a possibility that the crest could reach 43 feet.  “Record flows upstream of Fargo have produced unprecedented conditions” on the river, which “is expected to behave in ways never previously observed,” the weather service said.  City and state emergency officials have been constructing dikes to top-off at 43 feet.  It will be tough to meet the higher threshold in the time remaining.  More this morning from the Associated Press.

Sometime before 2:30 am (central) there was a breach in the dike at Linden Avenue in Fargo.

 Acting FEMA Administrator, Nancy Ward, will be in North Dakota today.

UPDATE: The Red River at Fargo rose to 40.2 feet early today, breaking a 112-year-old record.  More from CNN.

Next Page »