Homeland Security Watch

News and analysis of critical issues in homeland security

November 22, 2011

Vandalism is stupid and silly, like “connecting interfaces to your SCADA machinery to the Internet.”

Filed under: Cybersecurity,Infrastructure Protection — by Christopher Bellavita on November 22, 2011

Water System Hack – The System Is Broken

Hackers ‘hit’ US water treatment systems

Homeland Security investigates possible terrorism in Springfield

Water system may be cyber attack victim

Has stuxnet come to our critical infrastructure shores?  Is it duqu?  Could it be something even worse?

“DHS and the FBI are gathering facts surrounding the report of a water pump failure in Springfield Illinois.  At this time there is no credible corroborated data that indicates a risk to critical infrastructure entities or a threat to public safety,” DHS spokesman Peter Boogaard explains.

“I dislike, immensely, how the DHS tend to downplay how absolutely FUCKED the state of national infrastructure is” responds someone named “prOf” in a pastebin post that includes, according to pr0f, images of another water system that was hacked.

“I’m not going to expose the details of the box,” prOf promises. “No damage was done to any of the machinery; I don’t really like mindless vandalism. It’s stupid and silly. On the other hand, so is connecting interfaces to your SCADA machinery to the Internet. I wouldn’t even call this a hack, either, just to say. This required almost no skill and could be reproduced by a two year old with a basic knowledge of Simatic.”

————————–

Nick Catrantzos, who has written for Homeland Security Watch in the past, is an adjunct professor of Homeland Security and Emergency Management.  More relevant to today’s post, Nick is the former security director for a regional water utility.  Here are his thoughts on the most recent cyber event.

Spotting the Incidental Cyber Saboteur

You need not be evil to be wrong, and the true Achilles’ Heel of recent news about cyber attacks to water infrastructure in the Chicago area (details at http://www.cnn.com/2011/11/18/us/cyber-attack-investigation/index.html?iref=allsearch) is not foreign hackers of SCADA, the supervisory control and data acquisition system that makes it possible to turn a valve by remote control. Hackers have been a known external threat since the personal computer became widespread. Thus, makers of computer- and network-dependent tools like SCADA systems have to offer some protections against hackers just to make their systems marketable.

Why is no one therefore consulting other than self-avowed cyber security experts who are now issuing dire warnings about offshore SCADA hackers who may or may not be Russians? (The may-not possibility arises when these experts point out that clever hackers have the ability to misrepresent the origin of their attacks.). The same hand-wringing experts – or their fellow travelers – belong to the camp that opens the door to this vulnerability in the first place. They are not evil, just wrong.

Remote Access as Double-Edged Sword

Consider: Even the technologically challenged security professional sees the vulnerability to enabling remote access to critical systems, like water infrastructure. How do purveyors of such systems see remote access when marketing to fellow cyber aficionados? It is a selling feature, of course. Why, with remote access, the technician fielding a panic troubleshooting call at midnight can diagnose and solve the problem in pajamas instead of in the field. And the field, when it comes to water infrastructure, often turns out to be at distant sites over bad roads, poor lighting, and unattractive traveling conditions. Solving the problem from home is a win-win for all concerned, since it saves down time, isn’t it? Not if this debate includes security professionals charged with looking at the bigger picture of enterprise-wide vulnerabilities.

What makes it possible for these infrastructure attacks to abuse SCADA? Remote web access adopted in the name of expediency. What is the Achilles’ Heel? Naïve or myopic cyber professionals whose over attention to expediency permits convenient remote access for their technical support colleagues with insufficient attention to the exposure that this condition creates.

Discovering What Some Won’t Admit

How to zero in on the problem? The way not to do it is to rely exclusively on pronouncements of SCADA vendors and their like-minded counterparts in the organization who bought into web-based remote access in the first place. There is a good chance at least some of these people overlooked sharing details of remote access vulnerabilities in discussing the system before upper management and traditional security practitioners.

No, the short path to excellence in uncovering self-introduced remote access exposures is to check logs of trouble calls against field records of physical access to work sites. The more serious cyber professionals know to avoid web-based SCADA access from any home and, instead limit access to SCADA terminals that reside behind the secured perimeter of the institution’s work facilities. Maybe a SCADA technician fielding a trouble call won’t have to drive three hours to diagnose the problem at a remote field site, but he may still have to drive 20 minutes to get to a locked and alarmed office that houses a protected SCADA terminal. At least this is the ideal and advertised state of affairs. But even 20 minutes may, in time, seem too much of an imposition, so the SCADA tech quietly arranges to beta test remote access from — you guessed it — the convenience of his or her own residence. Unofficially, without a lot of fanfare. So much so, that even the boss may not realize this is happening, hence the futility of relying on the cyber function to verify its own status regarding this vulnerability. There is another way to check.

Uncovering the Rest of the Story

If expediency has come to trump security, an examination of audit trails will soon show that technician troubleshooting calls at midnight aren’t matching up to midnight access to facilities housing SCADA terminals. Maybe operators in the field are too immersed in the problem to ask or even care how a SCADA tech is responding to a trouble call. They just want help. Maybe the tech is shrewd enough to avoid volunteering details, reasoning that speed of problem resolution is more important than revealing that this is being done from home via means subject to compromise and exposure to hackers.

However, audit trails won’t lie. Whether it is via manual logs, automated access records, video surveillance archives, or a guard’s register used for having all employees sign in after normal business hours, the discrepancy will surface under scrutiny. The on-call tech who was supposed to go to an employer site to troubleshoot the problem on a protected SCADA terminal will have shown no record of having entered any employer business site at midnight. So how did he or she handle the problem? Remotely. From home. In pajamas. Expediently. And, in the process, exposing the system to exploitable vulnerability.

Caution on Experts Offering Homilies about Cyber Attack

The so-called expert who was quick to criticize government officials on this latest cyber attack claimed he was doing so out of concern that the Department of Homeland Security was deficient in sharing information with other water agencies that could be targeted. If he were truly as conversant with water security as he claimed, he would know that it is not DHS but EPA that exercises the role of lead federal agency for protection of the water infrastructure. He would also know that EPA supports Water ISAC, the Information Sharing and Analysis Center for the water sector, and that the Association of Metropolitan Water Agencies manages that function, which takes the lead in sharing this kind of threat information within the water community, while DHS and local fusion centers do their share of distributing such information as well.

Showing no sign of recognizing these particulars, how could this self-styled expert really know what information on this SCADA threat is or is not circulating within the affected community of interest? A skeptic might conclude that such considerations take a back seat, however, when dire warnings can generate free publicity.

IT vs. Ops

Some over zealous IT departments in utilities that use SCADA see SCADA as a means of supplying bandwidth on which to commingle business applications as well, thereby increasing likely needs for remote access by more employees and raising susceptibility to compromise at the same time.

If employees in Operations at water utilities don’t over concern themselves with security deficiencies in SCADA, it tends to be because they have their hands full avoiding one or two catastrophes a year when SCADA techs unthinkingly shut down the system for maintenance or cause some other disruption without telling Ops in advance. The techs forget that flow changes can result in catastrophic treatment or distribution problems that affect water quality. This often occurs after business hours or on weekends, when the techs operate on the assumption that it is the best time to tinker without users noticing or balking — true enough for the average business network, but not for 24/7 attention to water treatment and distribution.

One sign that too many debacles have been surfacing serially is when Ops wrests the SCADA function away from IT. This does wonders for reducing those kinds of snafu.

 

 

Share and Enjoy:
  • Digg
  • Reddit
  • Facebook
  • Yahoo! Buzz
  • Google Bookmarks
  • email
  • Print

November 21, 2011

Shortchanging the future

Filed under: Futures,Organizational Issues — by Arnold Bogis on November 21, 2011

The news out of Washington, DC this week is likely to focus on the failure of the “Supercommittee” to agree on a plan to cut the federal debt. Finger pointing has already begun and there is talk of undermining the automatic triggers put into law that were designed to cajole both sides into cutting a deal lest significant cuts into treasured programs and departments are made in budgets following 2012.

The focus of concern is the Defense Department and not entitlement programs, which troubles me for two reasons: (1) I’ve yet to read a non-biased argument (to give the most public of examples, it does seem to me that the opinion of the current Secretary of Defense is somewhat biased) explaining how even with the planned deep cuts into the Defense budget as called for in the triggers what near or plausibly near-peer competitor will leap ahead of us across any set of security parameters and seriously threaten our national security.  The cuts may drive a strategic reconsideration of our military footprint and national policies around the globe (for deeper thoughts on that subject, I would recommend Harvard professor Steve Walt’s blog: http://walt.foreignpolicy.com/), but I do not see how they lead to North Korea, Iran, or even China coming to represent an existential threat.  That is not to say I favor this outcome–I would much rather see a considered package of defense and entitlement cuts in addition to sensible new revenue–but I am not concerned that it represents the end of U.S. military hegemony.

Oh yeah, (2): while obviously our national security is of utmost importance, the imbalance between publicly displayed concern by politicians about cuts in defense vs. entitlements saddens me at some level.  As a citizen of such a powerful nation I wonder, where is our concern about those among the most vulnerable of our fellow citizens?  How many additional fighter aircraft provide a return on defense investment in comparison to helping to provide for the health of a poor child who can perhaps then realize his or her full potential and contribute to our society? Or the health of those who have spent a lifetime contributing?

While these are general, and somewhat philosophical, observations a more concrete example of shortchanging the future recently occurred in…wait for it…Congress:

The National Oceanic and Atmospheric Administration wanted to reshuffle its offices to establish a National Climate Service akin to the agency’s National Weather Service. It asked for no new funding to do so.

But in a political climate where talk of the earthly kind of climate can be radioactive, the answer in last week’s budget deal was “no.” Congress barred NOAA from launching what the agency bills as a “one-stop shop” for climate information.

Climate change is a particularly hot topic (pun intended), so this decision is not surprising. That does not make it any less disappointing.

Who would find such an office helpful?  Most likely some latte-drinking hippies:

Farmers are wondering when to plant. Urban planners want to know whether groundwater will stop flowing under subdivisions. Insurance companies need climate data to help them set rates.

The proposal has drawn wide-ranging support. NOAA’s administrator from 2001 to 2008 under Bush, Conrad C. Lautenbacher, urged Congress to approve it this year. So did scientific, weather and industry groups, including the Reinsurance Association of America, which represents huge firms that backstop home, car and life insurance companies.

This matters to homeland security because it impacts a wide range of risk areas:

Franklin W. Nutter, president of the RAA, said insurance companies are increasingly relying on the predictions of a changing future that NOAA provides. “It’s become clear that historic patterns of natural catastrophes — hurricanes, tornadoes, floods — are not good predictors of future risks,” he said. In other words, the future’s looking rougher.

The Intergovernmental Panel on Climate Change buttressed that message last week. A report from the world’s top climate science group warned of more extreme weather, more frequent droughts, worse downpours and more dramatic flooding.

Sometimes relatively small investments now can contribute to significant future savings.  Is this an example of preparedness, mitigation, or both?  Whatever box one wishes to throw it in, this decision seems to undercut our resilience.

At the very least, this decision must contribute to cutting government spending, right?

After the deal, which passed Congress last week, a House Appropriations Committee news release implied that Congress had saved $322 million in fiscal year 2012 by nixing the climate service.

The reality: Congress is still giving NOAA those funds for climate research and data delivery. But they’ll be distributed across the agency instead of consolidated under an umbrella climate service. The hundreds of millions in savings trumpeted by the Republican-led Appropriations Committee are an illusion.

Perhaps later this week there will be news that for which one can feel thankful.

Share and Enjoy:
  • Digg
  • Reddit
  • Facebook
  • Yahoo! Buzz
  • Google Bookmarks
  • email
  • Print

November 19, 2011

Homeland security: tasks applied in context

Filed under: General Homeland Security — by Philip J. Palin on November 19, 2011

Occupy activist Dorli Rainey, 84, after being hit with pepper spray during a protest in Seattle. Photograph: Joshua Trujillo/AP

This week the Seattle police provided the Occupy movement a powerful image of martyrdom. Dorli Rainey was not killed – let’s not overdo any analogies between economic protests in western democracies and the desperate struggle for freedom in Egypt or Syria. She was “only” pepper-sprayed. But she happens to be 84, and photographer Joshua Trujillo happened to be on hand to take a haunting photograph of her reddened eyes and shellshocked expression that subtly and strongly portrays Rainey as a modern martyr.

I am not suggesting this lightly. The martyrdom in Seattle conforms, in Trujillo’s photograph, to the deep religious roots of the idea of suffering for a cause. Rainey resembles a humiliated Christ in this picture. She is supported by two men, one on either side, who both lower their faces – one has his eyes closed in self-protection, the other wears defensive goggles – in what may be a sensible precaution to avoid getting sprayed themselves, but which also looks like a gesture of compassion, of quiet rage and dignified sorrow. It is at once a real moment – the men shielding their eyes while showing her hurt to the camera – and an image straight out of a Christian Renaissance painting.

The men look disconcertingly similar to the supporters of the dead Christ’s tormented body in paintings such as Giovanni Bellini’s The Dead Christ Supported by Angels. The Bellini painting is a great banner of emotion. Bellini depicts Christ nearly naked, his body frontal and wide, the expanse of his pale chest filling the painting with pity: in a similar way, the men supporting Rainey in this photograph frame her strong, striking face, which seems to grow to fill the scene with injured courage. The men display her political wounds just as Bellini’s angels display the spear wound in Christ’s side.

America is a religious nation and I can’t help thinking that either the people in the picture, or the photographer, consciously or unconsciously reached for an image from the iconography of Catholic faith. No movement, in its early history, recognised the power of martyrdom more thoroughly than Christianity did. Obviously, martyrdom is a Christian concept. To die for the faith, by being pinioned to the ground and beheaded – say – or crucified upside down, was to imitate Christ, to reenact the suffering of a God made flesh. The courage of the early Christian martyrs – fact or fiction – provided the church with a popular repository of heroes, relics, and sacred memories. Not all martyrdoms result in death, so even from a pedantic standpoint, Rainey conforms to the tradition – the arrows that pierce Saint Sebastian in so many paintings did not kill him, for instance.

Trujillo’s photograph recreates the image of Christian martyrdom in a modern context in a way that resembles contemporary spiritual artworks such as Bill Viola’s videos – yet it happened in the heat of the moment, on the streets of Seattle. This is not a staged photograph, it is real life. And as such it is a warning to the police and political bosses not to create too many martyrs, if they really want Occupy to disappear.

Lest we sentimentalise radical politics too much, let’s remember that no political movement guarded the memory of its martyrs more fulsomely than National Socialism did. Or that one of the most potent images of secular political martyrdom, David’s painting The Death of Marat, elegises a bloody architect of the Terror in the French Revolution. What does seem to be the case, looking at this photograph and its echoes of Christian art, is that from the time of the French revolution in the 1790s down to today, the idea of suffering for a cause has drifted from the declining cloisters of western Christianity onto the streets and the barricades. As they sing in The Red Flag: “The people’s flag is deepest red/ It shrouded oft our martyred dead.”

–+–

The previous paragraphs were written by Jonathan Jones in Friday’s edition of The Guardian (UK).  I edited out a few Brit-centric sentences.

I admire Jones’ writing,  insight, and analysis.  I have been impressed by The Guardian’s extraordinary coverage of the Occupy Wall Street movement.  See its aggregation site for a very full perspective.

Several days before the first Brooklyn Bridge foray, which stimulated considerable US media attention, The Guardian was giving front page attention to OWS… which I mostly dismissed.  The Guardian is reliably left-of-center and I initially perceived its New York reporter and London editors were over-indulging personal passions.  My mistake.

The Guardian team recognized an emerging social phenomenon at its earliest stage.  They engaged unfolding reality very effectively, given their place, resources and purpose.

Over the last several months I have been working with a Homeland Defense/Homeland Security agency to enhance its operational effectiveness implementing a key strategic objective.  The recurring problem is that agency professionals — and they are truly professionals by education, training, and commitment — are so task-focused as to be context-blind.  As a result, the tasks they undertake tend to have no influence on context or interact with context to produce outcomes contrary to the agency’s purpose.

How many of us are ready to recognize the context that Jones perceives in Trujillo’s photograph?

Share and Enjoy:
  • Digg
  • Reddit
  • Facebook
  • Yahoo! Buzz
  • Google Bookmarks
  • email
  • Print

November 18, 2011

Berlin, Oslo, and Gainesville, Georgia: Three or more angles on what?

Filed under: Preparedness and Response,Radicalization,Terrorist Threats & Attacks — by Philip J. Palin on November 18, 2011

Today the German government is hosting an emergency summit to consider an alleged neo-Nazi threat.  Federal and state police, prosecutors, intelligence agencies and others are gathering in Berlin to share information and, perhaps, undo the perception of lax attention to radical German nationalists.  (Der Spiegel has aggregated several stories.)

A three-member cell of the “National Socialist Underground” was recently uncovered by German authorities.  At least ten murders have been traced to the cell. Nine of those murdered were of Turkish or Greek descent.  Eighty-eight political and civic leaders were apparently targeted for assassination. (88 is a bit of neo-Nazi numerology.)  Two of the cell members have committed suicide.  The third is in custody.

But according to Deutsche Welle, the chairman of the German parliament’s oversight committee, Thomas Oppermann, said that “there is evidence of more helpers.” A report in the daily Berliner Zeitung on Wednesday said investigators had a handful of suspects.

Earlier this week Anders Breivik, the Norwegian mass murderer appeared in court and made his first public statement.  ”I am a military commander in the Norwegian resistance movement and Knights Templar Norway,” Breivik told the court. “I acknowledge the acts, but I do not plead guilty,” Breivik said, adding that he rejected the jurisdiction of the court because it “supports multiculturalism.”

In a manifesto released coincident with his deadly bombing of central Oslo and massacre of 69 on Utoeya Island, Breivik claimed to be part of a pan-European movement to save Western Civilization from Islam.  Norwegian police have been criticized for underestimating the threat of nationalist violence.

Brevik has been denounced by every major European political party, left, center, right, and even ultra-right. But many of his belief’s — if not his behavior — are more widely held.  Several neo-Nazi (difficult to define) and ultra-nationalist (ditto) movements show signs of attracting more support. According to Sarah Webb writing for Reuters, “As the euro zone shudders, Europe’s populist politicians from the Netherlands to Austria and Finland are exploiting its woes to build up support and even threaten some governments.”

Early this month Demos, the British think-tank, released a new study of “online populism” in Europe.  The study was conducted by reaching out to the Facebook communities associated with fourteen widely recognized – and often self-defined – right-wing political movements. (See brief profiles of each group compiled by The Guardian.)

Based on volunteer answers to a series of questions, Demos found:

  • Online supporters are primarily young men: an average of 63 per cent are under 30, and 75 per cent are male.
  • Those responding are motivated by positive identification with the party’s values and the desire to protect national and cultural identity.
  • Younger supporters are more likely to cite immigration than older supporters as a reason for joining.
  • Supporters display low levels of trust in both national and European political institutions compared with national population averages.
  • Online supporters are disgruntled democrats: they overwhelmingly believe that voting matters, and disavow violence, but do not believe that politics is an effective way to respond to their concerns.
  • A shift by the respondents from online activism to voting is motivated by concerns over immigration, and Islamic extremism.
  • The right-wing European respondents are not more inclined to violence than other elements of the general population

Meanwhile in North Georgia (USA), on Wednesday a federal magistrate denied bond to four elderly men accused in a plot to bomb federal buildings and disperse the toxin ricin.  According to the Atlanta Journal Constitution:

Federal authorities, who began infiltrating the group’s meetings in March with the help of an informant, said the men discussed dispersing ricin throughout Atlanta and other major U.S. cities. In Atlanta, the documents said, the plan was to unleash the powdery substance on I-285, I-75 and U.S. 41. They also talked about assassinating state and federal officials, blowing up federal buildings and buying enough explosives to do it, FBI affidavits said. Some of the men said in secretly recorded conversations that they were willing to die for their cause, the affidavits said.

According to court documents filed following their arrest on November 1, one of those charged, Frederick Thomas, age 73, of Cleveland, Georgia told the informant, “There is no way for us, as militiamen, to save this country, to save Georgia, without doing something that’s highly, highly illegal: murder… When it comes time to saving the Constitution, that means some people have got to die.”

These are only a few of several similar stories that made it to my web browser this week.  Coincidences happen.  Three proximate angles do not necessarily share any particular point.  But the proliferation did catch my attention.

Share and Enjoy:
  • Digg
  • Reddit
  • Facebook
  • Yahoo! Buzz
  • Google Bookmarks
  • email
  • Print

November 17, 2011

Where is Homeland?

Filed under: General Homeland Security — by Jessica Herrera-Flanigan on November 17, 2011

Today, Department of Defense Secretary Leon Panetta will be in Groton, Connecticut visiting a shipyard where attack submarines are being built.  It is expected that during his visit he will discuss how proposed spending cuts to the Department of Defense’s budget will adversely affect the nation, the industrial base, and the economy.   It is a message that he and others, both civilian and military, have repeated often over the past month.

The message has been clear: sequestration would be devastating to our national security.  Indeed, in a letter sent earlier this week by  Secretary Panetta to Senators John McCain and Lindsey Graham, he wrote the following:

If the JSCDR fails to meet its targets and sequestration is triggered, DoD would face huge cuts in its budgets. Compared with the President’s budget plan for FY 2012, we are already planning on budget reductions over the next ten years of more than $450 billion. These cuts are difficult and will require us to take some risks, but they are manageable. If the maximum sequestration is triggered, the total cut will rise to about $1 trillion compared with the FY 2012 plan.

The impact of these cuts would be devastating for the Department.

The letter goes on to say:

Unfortunately, while large cuts are being imposed, the threats to national security would not be reduced.  As a result, we would have to formulate a new security strategy that accepted substantial risk of not meeting our defense needs.  A sequestration budget is not one that I could recommend.

For a copy of the full letter, click here.

While there has been much discussion of how the Department of Defense will be adversely affected, there seems to have been little publicly on how the Department of Homeland Security, also facing significant cuts, will fare.  We have not seen Secretary Janet Napolitano out discussing how homeland security will be affected or think-tanks, experts, or others coming to the agency’s defense.  Even Governors and local officials seem to be muted in their warnings.

Indeed, the only concerns that have been raised over the past few months that have gained penetrable media coverage have involved FY2012 appropriations legislation, especially concerns regarding cuts proposed by the House, and issues relating to disaster spending.  The House cuts have largely focused on the research and science & technology budgets, which DHS has said will devastate its efforts on those fronts.  The disaster spending issues, which Secretary Napolitano has been vocal on, involved the House Republican Leadership’s call for disaster spending to be offset by cuts elsewhere.

With the deadline for the Supercommittee fast approaching and sequestration lurking as a possible reality, it is disconcerting to see the Department not being more vocal on the effects it will have on our homeland security mission.  It is likely that the Department of Defense will see a reprieve of some sort to ensure that our national security/defense mission remains intact.  It is not clear the same can be said for homeland security.  Even those of us who follow the agency closely do not have a clear message on how devastating sequestration will be to protecting our homeland.

Share and Enjoy:
  • Digg
  • Reddit
  • Facebook
  • Yahoo! Buzz
  • Google Bookmarks
  • email
  • Print

November 16, 2011

Who Do You Serve, Who Do You Protect

Filed under: State and Local HLS — by Mark Chubb on November 16, 2011

Many police departments have adopted some version of the somewhat standard or all-purpose police motto: “To serve and protect.” Last night, as NYPD officers, some in riot gear, cleared protestors from Zuccotti Park, some bystanders could be heard chanting, “Who Do You Serve! Who Do You Protect!” These are questions worth asking.

A few weeks ago, when I followed Chris Bellavita’s lead and began considering what the Occupy protests might portend for public safety and homeland security, I questioned what we could count on police officers and firefighters to do in the face of mounting public unrest and pressure to restore the status quo ante. My question was predicated on two observations: 1) Many cops and firefighters feel just as alienated and fearful in the current economic climate as many of the protestors do and 2) cops and firefighters, despite their relatively favored standing in public opinion have garned little public support as they have confronted job cuts, threats to collective bargaining rights and the looming prospects pension reform and benefit reductions.

Over the past few days, my questions have been answered. Cops and firefighters in city after city have seen fit to faithfully follow instructions and act against protestors, often upon the slimmest pretexts. Take for instance the characterization of Zuccotti Park and other Occupy encampments as threats to health and safety. In several instances, this was predicated at least in part on the operation of gasoline generators to produce electric power. The exhaust fumes were deemed hazardous sources of the toxic combustion gas carbon monoxide. The hot exhausts and fuel cans were also considered fire hazards. The close quarters in which these operations were conducted was said to compound these risks.

Now let’s consider what usually happens when fire inspectors find such conditions: Essentially nothing. You see, the model fire prevention codes adopted in nearly very city and state in the country, including post-9/11 New York City, do not address these hazards directly in such an environment. They simply do not envision such circumstances or call them out as dangerous. As such, the fire inspectors had to conclude based on the “professional judgment and opinion” that these conditions constituted a danger to life per se.

I’ve spent nearly all of my professional career crafting, interpreting or applying these codes, and I can say with complete confidence that this opinion is both baseless and unwarranted. That is unless you consider the intense political pressure fire officials must have been under to give the mayor and police commissioner the requisite pretext for acting against the occupation.

It saddens me to say this, by I find such behavior sorry and shameful. I reach this conclusion in substantial part because such action is so unprecedented even when it is clearly warranted. A case in point: No action was taken to suspend operations or seize private property in the Deutsche Bank Building when inspectors became aware of dangerous conditions during its demolition following the 9/11 attacks. Two firefighters sent to combat a fire there in August 2007 died, and 46 more suffered serious, career-ending injuries because of confusing and obstructed exit paths, failure to maintain firefighting features, and the use of high flame-spread materials and uncontrolled heat sources during asbestos removal operations. These conditions conspired to allow an otherwise minor fire started by discarded smoking materials  to spread through 10 floors before it was controlled.

In the aftermath of this fire, two very telling truths emerged. First, despite permit conditions that required inspections at least once every 15 days, city authorities had failed to conduct any recorded inspections of the demolition operation between March 2007 and the date the fire occurred.  Second, the city enabled if not facilitated the contractor’s malfeasance by taking a laissez faire approach to overseeing demolition operations despite repeated warnings a disaster could result. (I use the term “malfeasance” advisedly: The demolition contractor- employed by the Lower Manhattan Development Authority–the ironically named John Galt Corporation–was found guilty of reckless endangerment in 2009, although construction supervisors employed by the company were acquitted of involuntary manslaughter charges.)

If inspectors can so willingly look away in the face of clearly dangerous conditions like those present at Deutsche Bank, what makes them so eager to see fire hazards in Zuccotti Park when no such violations exist in fire codes? Is it possible they fear the fate of so many others who are now unemployed if they fail to accede to their superiors’ expectations?

I am reluctant to answer these questions, but I don’t mind asking them of those who made these decisions. In the end, the questions in play here are the same timeless ones we all face when values and principles collide: Who or what do you serve? Who or what are you protecting?

Share and Enjoy:
  • Digg
  • Reddit
  • Facebook
  • Yahoo! Buzz
  • Google Bookmarks
  • email
  • Print

November 15, 2011

Shooting little girls for fun

Filed under: Technology for HLS — by Christopher Bellavita on November 15, 2011

She looked maybe 8 or 9 years old.  Her brown hair reached her shoulders.  She wore a frilly blue dress and a white pinafore.  She looked like John Tenniel’s Alice in Wonderland, on her way to a tea party.

But she wasn’t in Wonderland.

A man in his thirties jumped out from behind a twisted thick rubber pole and with no warning fired three shot’s at Alice’s small chest.

“Good hit!” praised the mechanical voice from the man’s shoulder pads.

The man moved on to find his next victim.  Alice looked uncertain, not sure what to do next.

Welcome to laser tag.

—————

Last Saturday a friend and his fifth grade son invited me and my fifth grader to have pizza and play laser tag at a local entertainment center.  I’d heard the words “laser tag” before but I hadn’t paid much attention to what they signified.  If I thought of it at all, I would have thought tag is tag.  No biggie.

I was not socialized in a gun culture so I default to a mild “that’s a bit weird” internal reaction when I hear about people and their affinity for shooting guns.  I respect, however, that people who grew up with guns have a different response than I do.  Some of my best friends, as the old saying goes, have dozens of guns.

I live in a rural part of western Oregon, and guns have a different meaning to people here than they do to people in urban areas. At least I think so.  In my part of the rural west, firing guns is a hobby. I believe in cities some people still call the police when they hear gunshots.

While we were eating pizza, my friend explained what laser tag involved. That’s when I realized we would be shooting people.

All the “players” would receive a gun and a vest.  The gun fired a beam of light called, for game purposes, a laser.  The vest was the target. Hit someone’s vest and you’d hear “Good hit!” from shoulder speakers. Get hit, and you’d hear small explosion sounds.

There’s a little more to laser tag, but that’s basically it.  Oh, and ear draining overdrive guitar music fills the room during the laser battles.

—————

Before the game started, 31 players – men, women, boys, girls brought together by randomness – selected code names.  No point telling people who you really are.

Then we went into the briefing room to learn the rules of engagement: no running, no cursing, no physical contact with another player, and some other rules I do not remember.

“No running,” emphasized our briefer.  “I won’t say it again, but any running and out you go.”

Next an unseen master computer divided us into the Red Team and the Blue Team.  Then we each received a gun and vest.

The object of the game was to score as many points as possible by shooting the enemy and blasting the enemy’s base camp. The team with the most points wins.

“Any questions?” asked our briefer?

Hearing none, the digital guitars started blaring, and the battles began.

—————

Social identity theory hypothesizes that — as a largely unreflective part of normal cognition — we tend to divide various parts of our world into “them” vs. “us”: Yankee fans vs. Red Sox fans, liberals vs. conservatives, democrats vs. republicans, feds vs. locals, middle class vs. working class, the 99% vs. the 1%, Hutus vs. Tutsis, Bosnians vs. Serbs, Israelis vs. Palestinians, Christians vs. Muslims.

Social identity is created by putting people into categories (the red team vs. blue team in laser tag), adopting the identity of one’s group (red team wears the red vests, blue team has the blue equipment), and then comparing one’s group with the “other.”

The in-group (that would be “us”) is superior in important ways to the out-group (“them”).  Those in the in-group seek — and easily find — the negative aspects of the out-group, and by doing that, further build their superiority.

—————

About halfway thorough the first laser tag battle, Alice came around a corner near my position.  Without thinking, I pointed my “gun” toward the ground.  Like me, Alice was on the Red Team.  She was one of us.

A few seconds later, I saw Alice get shot by the Blue Team man.

“How could you shoot a little girl?” I immediately asked him in my imagination. “Are you really that slimy?”

Suddenly the game got serious.  I started hunting Blue Team.

I was surprised how quickly and automatically I adopted a shared social identity with 15 strangers, and how easy it was to consider 15 other strangers as the “them” who needed to be “tagged” with my laser gun.

Unlike the laser tag fantasy, us vs. them became reality.

—————

“Perhaps it’s impossible to wear an identity without becoming what you pretend to be,” says one of the characters in a book I’d read years ago, called “Ender’s Game.”

In the novel, the government trains a new generation to defend Earth from attack. Ender, the hero, is sent to a military training facility. He believes he is playing training games. Unknowingly and unwittingly he is actually fighting and destroying Earth’s enemy.  If I recall correctly, the enemy is a race of insects.

Unlike laser tag, Ender’s Game is fiction

—————

I have another friend who lives in a south western state. He is a gentle man devoted to protecting the nation. I haven’t talked with him for a while.  I remember one of our last conversations. He told me what a normal day was like for him:

“I’m up by 6 and get ready for work.  My wife and two daughters get up around 7 and get ready for school.  I kiss them goodbye and go to the office.  I fly a couple of missions, and on a good day I’m home by 4 or 5. The family has dinner together.  We do homework; maybe watch a little television. I usually read my girls a bedtime story or two before they go to sleep. I’m in bed by 10, ready to do it all again tomorrow.”

My friend flies drones — unmanned aerial vehicles — for one of the military services.  The drone takes off from one country.  He controls it from this country. It kills people in a third country.

Unlike laser tag, the drone attack is real.

—————

Phil Palin posted Pratap Chatterjee’s story last week about how 16 year old Tariq Aziz and his 12 year old cousin Waheed Khanwas were killed, apparently by a Hellfire missile launched by a drone.

Ethicists have spoken and written about the morality of drone warfare that cannot distinguish with precision combatants and innocents living among “the other.”   Scholars have described the expanding moral pitfalls created by technologies that promise precision, security, and user anonymity.

But technology does not wait for debates to be resolved.

The Air Force is developing drones that look to the naked eye like small birds. The Navy is planning to add refuelling capabilities to its X-47B drone, intended to be the first drone to take off and land from an aircraft carrier.  The Navy is also studying what fish can teach us about creating more effective drones.

In a moderately disturbing precursor to Ender’s Game, DARPA (the Defense Advanced Research Projects Agency) is exploring the use of insect as weapons.  Mary Shelley anyone?

That’s the world of homeland defense.  What about homeland security?

—————

DHS presently has seven drones, used primarily to monitor the US borders.  According to Danger Room’s Katie Drummond, however, the DHS drone program is running into budget problems.

“Officials acknowledge that [DHS is] short on pilots and maintenance — right now, they can only pay to fly the drones five days a week.”

Drummond’s story notes that Congress appropriated 32 million dollars this summer to buy 3 additional Predator drones for DHS, drones no one at DHS asked for.  According to Drummond,

The appropriation was the result of ongoing lobbying from the so-called “Unmanned Aerial Vehicle Caucus,” a group of several dozen congressmen, many of whom hail from Southern California — a hot-bed of drone development and home to General Atomics Aeronautical Systems, the company that makes the Predator drone in question.

“This is a symptom of how surveillance technology is spreading around the U.S.,” Jay Stanley, a senior privacy and technology analyst with the American Civil Liberties Union, said [in the story]. “A lot of times it is not being pulled by people on the ground. It is being pushed from above by people who want to sell it.”

—————

A recent military test demonstrated that maybe drones don’t need people to be effective.  They can locate targets without human “interference.”  The test suggests a future time “when drones hunt, identify and kill the enemy based on calculations made by software, not decisions made by humans.”

The tests were preliminary.  I don’t know how fast this particular technology will develop, but as machines get “smarter” in the sense that word is used in the technium, I hope smart does not include a cognition that considers machines the in-group, and humans as dangerous as a little girl in a party dress, carrying a gun.

If it’s anything like laser tag, the insight can happen very quickly.

 

 

Share and Enjoy:
  • Digg
  • Reddit
  • Facebook
  • Yahoo! Buzz
  • Google Bookmarks
  • email
  • Print

November 11, 2011

The jury is still out on Veterans Day

Filed under: General Homeland Security — by Christopher Bellavita on November 11, 2011

“All that is necessary for the triumph of evil is that good men do nothing.”

Edmund Burke gets credit for those words, but there’s no proof he’s the author.  Nonetheless, I think he would have agreed with the sentiment.

Burke supported the American revolutionaries.

“Reflect,” he wrote in 1774, “how you are to govern a people who think they ought to be free and think they are not.”

He could have been writing about governance in these days of Occupiers and Tea Partiers.

Burke helped create modern conservatism. He was also a classical liberal.  He lived in the days when conservative and liberal meant something more than a mindless curse or a cloak of ignorance.

—————————

I first saw the “good men do nothing” quote taped on the wall of a Georgia Bureau of Investigation agent I worked with.  He lived those words.

I thought about the quote watching the turmoil unwrap at Penn State this week.

Penn State is my undergraduate alma mater. Students rioted the other night apparently because the university trustees and the media forced a football coach to resign because he did not do more to report a man accused of raping a boy.

Evil triumphs when good men do nothing.

The quote echoed again watching University of California police break up an Occupy protest that apparently involved students violating rules about putting tents on the Berkeley campus.

Berkeley is my graduate alma mater.  Was it the police or the demonstrators responding to the imperative that good men — and women — must do something in the face of evil?

Alma mater means “nourishing mother.”  What a deceptive marketing shroud for a 21st century corporate education enterprise.

—————————

I thought about the quote on my way to jury duty earlier this week.  I was trying to remember which amendment guarantees the right to trial by jury.  I thought it was the 5th.

Wrong.  It’s the 6th amendment.

Since I had the Constitution open I kept reading and realized — to my untutored surprise — five of the first ten amendments have to do with the judicial and trial process: 4th, 5th, 6th, 7th and 8th.

The Declaration of Independence is included with the copy of the Constitution I have.  Although I have read it often, I guess I glossed over one of the colonists’ complaints: The King of Great Britain has deprived “us, in many cases, of the Benefits of Trial by Jury.”

Trial by jury is a big deal in the security of our homeland.

—————————

I took my place in a room along with 129 other people who had been called to serve that day on a jury.  Most of the people seemed nervous, out of place.  It’s not normal for us to be on a jury.  Most of the people were white, male and somewhat past their mid-40s. The women too were mostly white; a few were young enough to need an excuse slip to give their teachers as a justification for missing class.  I saw one Asian woman.

The conversations I heard were a variation of “too bad for us we couldn’t get out of jury duty.”  As if receiving the jury notice was like getting a tax audit, or a draft notice, or a DUI.

“They took a look at me last time,” said one guy with two 00 ear gauges, each as big as a Susan B. Anthony dollar coin, “and let me go.”

“I was called 6 months ago,” said another man. “I think they can only make you do this once every two years.”

“Do you think we’re going to be here all day?” a woman asked to no one in particular.

“Yeah, I’m stuck with jury duty,” said another guy into his cell phone, a little louder than he should have.

—————————

At 9:30 the jury coordinator — I think that’s what her title was — stood in front of a microphone and with her pleasant, easygoing voice welcomed everyone to the jury staging room.

She said the words “jury service is important.”  But her side comments, her ad hoc remarks, were all about “I know it’s inconvenient,” and “sorry it was your turn,” and “hey; it’s not going to be too painful,” and “it’ll be over soon.”

She explained there were two trials today.  Each trial needed a 6-person jury, and to get that number in a fair way they needed a 60-person pool. The rest of the people would be able to go home and that would be the end of their obligation for the next two years.

“I already let one man go today,” she said, as if jury service was about catch and release.  “He was on a jury a few months ago and he does not need to serve again for 18 more months.”

Her tone — not her words – said the man had won a prize, and you might too.

“I’ll be playing you a short video,” she went on, “that describes what you can expect today.”

She changed the channels on the two TVs that had been showing Regis Philbin’s apparently final week on television, and pressed play on what I think was a VCR.

For the next 15 minutes, I watched one of the best orientation videos I’d seen about anything government does.  You can watch the video here and judge for yourself.

I found the video to be informative, serious, and significant.  It did an outstanding job describing what would happen that day, and why jury service was an important part of being an American — maybe even more important than voting.

My words, not the video’s, but the video portrayed jury service as the Constitutional mechanism good men and women use to help make sure evil does not triumph.  I thought of it as the We The People part of homeland security.

Then we had a 20-minute break while we waited to get called.

—————————

“I had to work really hard not to bust up laughing at that video,” said my new friend with the 00 earrings.

“If I don’t say anything to him,” I thought, “am I helping evil triumph, or would I just be wasting my breath?”

I didn’t know the guy, but my gut told me he did not really believe what he was saying.  I figured he was trying to fit in with this crowd of still mostly nervous strangers by saying what he thought was expected, like being in Boston and pretending to be a Red Sox fan.

I kept my mouth shut.

When we came back from the break, the jury coordinator said, “I’ve heard from the judges.  A few minutes ago, the people in one of the two cases decided to settle out of court, so we are only going to need 30 people. We’ll pick the 30 of you at random. I will call your juror number in a moment.  If you are not called, then bye bye.  You’re done for the day.  And you’re done for the next two years.”

The odds of being on a jury had just plunged.  I wondered how many people thought, “Damn!”

“When I call your number,” said the coordinator, “come up here and take your paper work.  Then sit down until we release the others.”

She called thirty numbers.  Mostly men — including the ear ring guy — and a few women.  They walked to the front of the room, picked up their papers, and sat back down.  They did not look happy or disappointed.  Resigned may be a better word.  I couldn’t really tell.  I was trying to summon all the mystical power I possessed to have my number called, all the while knowing that using mystical powers for something this worldly automatically neutralizes — if not reverses — magic.

I was right.  And disappointed.  My number was not called.

“And to the rest of you, bye bye” said the coordinator again.  “And,” she ad libbed with a smile in her voice, “please don’t gloat over the others as you leave.”

———————-

On this date 93 years ago, World War I came to an end.  116,516 members of the U.S. armed forces died in that war.

405,399 died during World War II.

36,516 died in the Korean War.

58,151 died in the Vietnam War.

6,280 – and counting – died in the Terrorism Wars.

622,862 members of the military died in the 35,000 days between World War I and today.

That’s an average of 18 people a day, every day, for 93 years.

———————-

History is too messy to make many unambiguous claims. But I want to think these good men and these good women gave their lives to prevent the triumph of evil.

For this Veterans Day — as the good men and women in the Tea Party and the Occupy, and the mainstream, and its tributaries, and the police, and the candidates for office, and the people they want to replace, and the people called to service on a jury and elsewhere work, with mindfulness, to prevent the triumph of evil — it is what I wish to hope.

 

 

 

 

Share and Enjoy:
  • Digg
  • Reddit
  • Facebook
  • Yahoo! Buzz
  • Google Bookmarks
  • email
  • Print

November 9, 2011

This Is Only a Test

Filed under: Events,Technology for HLS — by Mark Chubb on November 9, 2011

Today at 2:00 pm EST/11:00 am PST the first nationwide test of the Emergency Alert System was conducted. Many wonder why it took this day so long to come, but I suspect most who experienced it wonder whether it did any good.

These days, EAS like its predecessor, the Emergency Broadcast System, seems more like a relic of our Cold War past than an essential element of a resilient national telecommunications infrastructure designed to keep people informed. With so many people receiving information on demand through smartphones, tablet computers, their desktop machines, and other “screens,” it’s worth wondering how many people missed the test entirely and remain as blissfully unaware of the system’s efficacy as they were yesterday.

Plans to conduct today’s test have been in development for months (many more months, that is, than we have in a year or maybe even several years). As the date approached, many broadcasters complained the date was coming too quickly. In the end, when it came, the test did little to prove that the technical investments made in recent years to upgrade the system to the latest digital technology and make it compatible with the Common Alerting Protocol will pay dividends, since many participating broadcasters have still not fulfilled the FCC mandate to make changes to their equipment.

I am sure that many of those who did hear today’s test thought it was the same one they hear every week or every month and paid little attention. These local and regional tests, although mandatory for most broadcasters, have never ensured that the system will perform one of its primary functions in the event of a major disaster or national emergency. This test remedies only part of that problem.

Broadcasters are under no obligation to carry most local and regional messages. Beyond installing and testing EAS equipment, participation — with the exception of relaying messages from the national command authority — is essentially voluntary. As such, today’s test really was the first practical test to see whether these investments might really pay-off.

Broadcasters and cable companies have 45 days to report results of the test. Early returns suggest mixed results. That said, it is not too early to ask, what next?

Efforts to rollout a next-generation Commercial Mobile Alert System via wireless (cellular telephone) carriers is already well underway. At least one service provider, it seems, has leaked test messages into the wild. Does this suggest the EAS test is too little and too late?

As citizens become more comfortable exchanging information via smartphones equipped with SMS, MMS, social media, streaming video, and GPS technology, the capacity of public safety and homeland security agencies to both transmit and receive important messages by means other than voice is increasingly outmoded as well as outdated. Investments to catch-up will likely run into the billions of dollars.

Public expectations already exceed public safety communications capabilities, especially when it comes to 911 and public warning and notifications systems. In the current fiscal and political environment, we should be asking not what we need to do about this situation, but how we will get the needed work done.

Share and Enjoy:
  • Digg
  • Reddit
  • Facebook
  • Yahoo! Buzz
  • Google Bookmarks
  • email
  • Print

November 8, 2011

Sheep in wolf clothing? Wolf in sheep clothing? What training does the shepherd give the sheepdog?

Filed under: Terrorist Threats & Attacks — by Philip J. Palin on November 8, 2011

The following is copied in its entirety from the November 7 online edition of  The Guardian (UK).  The author Pratap Chatterjee is an investigative journalist, author and a senior fellow at the Centre for American Progress, based in Washington, DC.  A British citizen, Chatterjee is a long-time resident of California.  At the Guardian link is a photograph of Tariq Aziz shortly before he was killed.  At the time I posted the essay there were over 170 public comments.

–+–

Last Friday, I met a boy, just before he was assassinated by the CIATariq Aziz was 16, a quiet young man from North Waziristan, who, like most teenagers, enjoyed soccer. Seventy-two hours later, a Hellfire missile is believed to have killed him as he was travelling in a car to meet his aunt in Miran Shah, to take her home after her wedding. Killed with him was his 12-year-old cousin, Waheed Khan.

Over 2,300 people in Pakistan have been killed by such missiles carried by drone aircraft such as the Predator and the Reaper, and launched by remote control from Langley, Virginia. Tariq and Waheed brought the known total of children killed in this way to 175, according to statistics maintained by the organisation I work for, the Bureau of Investigative Journalism.

The final order to kill is signed allegedly by Stephen Preston, the general counsel at the CIA headquarters. What evidence, I would like to know, does Mr Preston have against Tariq and Waheed? What right does he have to act as judge, jury and executioner of two teenage boys neither he nor his staff have ever met, let alone cross-examined, or given the opportunity to present witnesses?

It is not too late to call for a prosecution and trial of whoever pushed the button and the US government officials who gave the order: that is, Mr Preston and his boss, President Barack Obama.

There are many people whom I know who can appear as witnesses in this trial. We – a pair of reporters, together with several lawyers from Britain, Pakistan and the US – met the victim and dozens of other young men from North Waziristan for dinner at the Margalla hotel in Islamabad on Thursday 27 October. We talked about their local soccer teams, which they proudly related were named for Brazil, New Zealand and other nations, which they had heard about but never visited.

The next morning, I filmed young Tariq walking into a conference hall to greet his elders. I reviewed the tape after he was killed to see what was recorded of some of his last moments: he walks shyly and greets the Waziri elders in the traditional style by briefly touching their chests. With his friends, he walks to a set of chairs towards the back of the hall, and they argue briefly about where each of them will sit. Over the course of the morning, Tariq appears again in many photographs that dozens of those present took, always sitting quietly and listening intently.

Tariq was attending a “Waziristan Grand Jirga” on behalf of drone strike victims in Pakistan, which was held at the Margalla hotel the following day. As is the Pashtun custom, the young men, each of whom had lost a friend or relative in a drone strike, did not speak. For four hours, the Waziri elders debated the drone war, and then they listened to a resolution condemning the attacks, read out by Mirza Shahzad Akbar, a lawyer from the Foundation for Fundamental Rights. The group voted for this unanimously.

Neil Williams, a volunteer from Reprieve, the British legal charity, sat down and chatted with Tariq after the jirga was over. Together, they traveled in a van to the Pakistani parliament for a protest rally against drone strikes led by Imran Khan, a former cricketer, and now the leader of the Tehreek-e-Insaaf political party.

The next day, the group returned home to Waziristan. On Monday, Tariq was killed, according to his uncle Noor Kalam.

The question I would pose to the jury is this: would a terrorist suspect come to a public meeting and converse openly with foreign lawyers and reporters, and allow himself to be photographed and interviewed? More importantly, since he was so easily available, why could Tariq not have been detained in Islamabad, when we spent 48 hours together? Neither Tariz Aziz nor the lawyers attending this meeting had a highly trained private security detail that could have put up resistance.

Attending that jirga, however, were Clive Stafford Smith and Tara Murray, two US lawyers who trained at Columbia and Harvard. They tell me, unequivocally, that US law is based on the fact that every person is innocent until proven guilty. Why was Tariq, even if a terrorist suspect, not offered an opportunity to defend himself?

Let me offer an important alternative argument – the US government has a record of making terrible mistakes in this covert war. On 2 September 2010, the International Security Assistance Force in Afghanistan claimed to have killed Muhammad Amin, the alleged Taliban deputy governor of Takhar province in Afghanistan, in a drone strike. There was only one problem: Michael Semple, a Taliban expert at Harvard University, subsequently interviewed Muhammad Amin and confirmed that he was alive and well and living in Pakistan in March 2011.

The man who was killed was Zabet Amanullah, who was out campaigning in parliamentary elections – along with nine of his fellow election workers.This was confirmed by exhaustive research conducted by Kate Clark, a former BBC correspondent in Kabul who now works for the Afghanistan Analysts Network, who had met with Zabet Amanullah in 2008. The error could have been avoided, Clark points out in her report, if US militaryintelligence officers had just been “watching election coverage on television”, instead of living in its “parallel world” remote from “normal, everyday world of Afghan politics”.

If Barack Obama’s CIA believed in justice and judicial process, they could have attended the Islamabad jirga last Friday and met with Tariq. It was, after all, an open meeting. They could have arrested and charged Tariq with the help of the Pakistani police. If a prosecution is ever mounted over the death of Tariq, those of us who met him on several occasions last week would be happy to testify to the character of the young man that we had met. But if the CIA has evidence to the contrary, it should present it to the world.

Unless the CIA can prove that Tariq Aziz posed an imminent threat (as the White House’s legal advice stipulates a targeted killing must in order for an attack to be carried out), or that he was a key planner in a war against the US or Pakistan, the killing of this 16 year old was murder, and any jury should convict the CIA accordingly.

Share and Enjoy:
  • Digg
  • Reddit
  • Facebook
  • Yahoo! Buzz
  • Google Bookmarks
  • email
  • Print

November 7, 2011

The gathering Iranian nuclear storm

Filed under: Radiological & Nuclear Threats — by Arnold Bogis on November 7, 2011

This week the IAEA is expected to release a new report on Iran’s past work in developing nuclear warheads:

A Western diplomat who has seen drafts of the report said it will elaborate on secret intelligence collected since 2004 showing Iranian scientists struggling to overcome technical hurdles in designing and building nuclear warheads. The scientists’ studies include computer modeling of warhead design and field-testing the kinds of high-precision conventional explosives used to trigger a nuclear chain-reaction, said the diplomat, who insisted on anonymity to discuss the board’s internal deliberations. Some of the work continued after 2003, when Iran is believed to have halted its nuclear weapons research in response to international and domestic pressures, the official said.

There will be a lot of noise concerning this report, with calls for military action and concern expressed for the safety of our allies in the region.  The threat to the U.S. will likely be expressed through the scenario in which Iranian officials “hand off” a nuclear weapon to Hezbollah terrorists to be used against the homeland.

Putting aside questions of preemption and deterrence of nuclear armed states, I would like to list just a few points salient for homeland security:

  • The difficulty faced by Iran in producing nuclear weapons (assuming that or a virtual arsenal is their goal) should not be taken as evidence that it is a task too difficult for terrorists.  The nuclear aspirations of a state differ greatly from that of potential nuclear terrorists: a state desires an arsenal and not simply one (or, if they’re lucky, more) weapons; a state requires the ability to secure fissile material for multiple bombs, including the capability for enrichment or reprocessing, while this technology would be beyond the reach of non-state groups; a state’s weapon design would have to be generally of predictable yield and operate within particular design constraints, while a terrorist weapon would just have to have a good chance of working or even producing a fizzle to achieve much of the desired effect; and a state would want to fashion a small warhead deliverable by rudimentary ballistic missile or small aircraft, while terrorists could do with an  improvised device weighing a ton or more.

 

  • If Iran does develop a nuclear weapons capability, that does not automatically mean that Hezbollah or Hamas would have access.  A rudimentary nuclear arsenal would be highly valuable to a new nuclear state and it is considered unlikely that such prized “crown jewels” would be turned over to unreliable actors for deployment in situations not directly controlled by that state.  Instead, the greater danger in the connection between proliferation and nuclear terrorism is that the increased amount of bombs or simply fissile materials increases the potential for sympathetic insiders to facilitate transfer to wanna-be nuclear terrorists.  In other words, it is more likely that officials below those in charge of the nuclear weapon programs in Iran (or Pakistan) might be moved to share their access with terrorists against the wishes of their superiors and national leaders.

It is important to keep some perspective…nuclear terrorism remains a threat and a nuclear-armed Iran would be a very negative outcome for our national security, but this week’s news should not be taken as a sign that the sky is about to fall.

Update: As soon as I schedule this post, Washington Post reporter Joby Warrick publishes additional detail on what is contained in the IAEA report:

Intelligence provided to U.N. nuclear officials shows that Iran’s government has mastered the critical steps needed to build a nuclear weapon, receiving assistance from foreign scientists to overcome key technical hurdles, according to Western diplomats and nuclear experts briefed on the findings.

Documents and other records provide new details on the role played by a former Soviet weapons scientist who allegedly tutored Iranians over several years on building high-precision detonators of the kind used to trigger a nuclear chain reaction, the officials and experts said. Crucial technology linked to experts in Pakistan and North Korea also helped propel Iran to the threshold of nuclear capability, they added.

Interesting details, and I’m sure the actual report will contain even more, however nothing that yet radically changes the overall threat picture. While the names and other specifics were not previously public, this reporting seems to reinforce already existing perceptions about the nature of Iran’s nuclear work.  More worrisome would be Iran’s recent moves to shift its nuclear facilities to locations underground and the installation of advanced centrifuge equipment.

Update 2: The IAEA report can be found here: http://isis-online.org/uploads/isis-reports/documents/IAEA_Iran_8Nov2011.pdf

 

Share and Enjoy:
  • Digg
  • Reddit
  • Facebook
  • Yahoo! Buzz
  • Google Bookmarks
  • email
  • Print

November 4, 2011

Tic toc, tic toc, time’s a-wasting, where’s your BOC?

Filed under: Preparedness and Response,Private Sector,State and Local HLS — by Philip J. Palin on November 4, 2011

In a soon-to-be-published paper a multinational academic team that was in Japan at the time of the earthquake-and-tsunami credits “a handful of trucking/distribution companies” for saving thousands of lives.  ”Without their timely intervention, the situation in Tohoku would have taken the path of Haiti, where the lack of help from the local business class contributed to a crisis of huge proportions.”

Pause over this finding for just a moment: Without action by five or six key players in the supply chain, a major swath of the third largest economy in the world would have “taken the path of Haiti.”

The academic specialists in transportation, urban management, and civil engineering conclude the Japanese firms took the initiative because they “were in a position to know that the private sector supply chains had been severely disrupted, and that that the public sector was not ready to fill the gap.” (my italics)

Based on my own observations, in the first week after the earthquake-and-tsunami the Japanese government was not fully aware of its incapacity to fill the gap.  During the first five to six days, the government’s perimeter control was actually suppressing supply chain resilience.  A first step in restoring essential services to survivors was persuading the government they were incapable of doing so and to get out of the way.

This week Tesco,  the British — but international — grocery opened a new distribution center in Bangkok supplementing two existing DCs that have been impacted by the massive and ongoing floods.  This new site will focus on necessities such as water, instant noodles, and canned fish, importing these and other commodities from Malaysia, Vietnam, China, and elsewhere.   Since the flooding began Tesco has increased its distribution capacity in Thailand by about 40 percent.

Friends in Thailand complain the government’s response to the epic flooding has been totally incompetent.  A Bangkok expat who happened to be Japan during the earthquake-and-tsunami adds, “But the incompetence is so complete the government at least does not get in the way.”

Last week I was in a meeting with a senior officer of a major US food distribution company.   He shared one story after another from the Northridge earthquake, to wildfires in Southern California, to Katrina and more where grocery wholesalers and retailers were ready with product and transport, but were kept away… just as in Japan.

A factoid: the tonnage of food shipped into the typical US metropolitan census area each week exceeds what the US military shipped into Afghanistan during the first year of the war.  The US military’s effort is considered a marvel of modern logistics.  But even the US military does not have the logistics capability to fill the food, pharma, and other essential needs of a major urban area in case of a catastrophe.

Recognizing the challenge there are increasing efforts to facilitate private-public collaboration in advance of a catastrophe.  The FEMA Private Sector Office is hosting meetings, brokering relationships and pushing each state to establish effective public-private partnerships.  So far twenty-two states are in the process of doing so.

Over the last few years several cities (such as Los Angeles)  regions (such as the Bay Area) or states (such as New Jersey) have established Business Operations Centers (BOCs) or Business Emergency Operations Centers (BEOCs) or even Virtual Business Operations Center (VBOCs) to facilitate collaboration during emergencies, disasters, and catastrophes.

In some places a BOC is little more than some business seats in the government’s  Emergency Operations Center.  Several BOCs involve exchanging information and  facilitating resource management. Only a few seem to include common risk assessments, joint training and private-public exercises.

Yesterday (and continuing today) I am at a national conference focusing on the private-public interface in emergencies and establishing BOCs.  Some fly-on-the-wall impressions:

  • Lots of good will all around, reflecting a very practical sense of private-public mutual dependence.
  • Everyone recognizes that personal trust-building is essential and — given American mobility — not entirely sufficient.
  • The common value proposition seems to be information sharing for situational awareness and, if possible, situational analysis.
  • Lots of different technological approaches to achieving information sharing, situational awareness, and more.  Reminds me of the online learning market before BlackBoard emerged as the dominant player.  At some point there will be — needs to be — convergence.
  • Most innovative, forward-leaning solutions seem to involve some sort of mediator between public and private sectors, such as an educational institution or a not-for-profit operating as host, active party, or actual entity.  This seems to defuse a variety of legal, political, and perhaps command-and-control issues.
  • There is an implicit expectation by the public sector involved that when push comes to shove they are in charge.  This is unchallenged by private sector because they know when push comes to shove they will do (or not do) what seems best to them at the time.

In many respects it is amazing this kind of explicit and sustained private-public collaboration is such a recent phenomenon.

A leader of one the BOC’s reported that in his major city the private sector has welcomed the invitation to be involved and quickly taken the initiative to be more involved.

“They seem to think disasters are recurring faster and faster and getting bigger and bad-er.  They are trying to get ahead of the wave,” he explained.

Share and Enjoy:
  • Digg
  • Reddit
  • Facebook
  • Yahoo! Buzz
  • Google Bookmarks
  • email
  • Print

November 2, 2011

Standards of Service

Filed under: Organizational Issues — by Mark Chubb on November 2, 2011

Last week, I attended the Northeast Conference on Public Administration. The conference focused on efforts to build trust and confidence in public service. In principle, I have nothing against trust and confidence, but as last week’s post probably made clear, I think these feelings only get you so far.

Several theorists suggest that trust and confidence is an important prerequisite of democracy legitimacy. But practitioners know the absence of trust is often a prime mover among the disaffected who show up at public meetings to influence officials. It should come as no surprise then that the more involved someone is in the political and administrative processes of government, the more likely they are to have trust and confidence in the outcome of public processes and those who make them.

Most of the distrust in government and public officials stems from the sense that these individuals and institutions are increasingly removed from the experiences of those they serve and the effects of the decisions they make. Firefighters, teachers, nurses, and cops often enjoy public approval ratings far higher than politicians because they have intimate contact with people, and those with whom they come into contact have little or no understanding of what they actually do or how they do it. As such, routine exposure to the good works of public officials does not necessarily translate into public support much less political power.

This begs the question then, what is public trust and confidence good for and how can public officials, especially homeland security practitioners, build it and use it to achieve important public purposes? For starters, we should recognize that what people say they want and what these desires mean often requires clarification.

I work in the fire service, where people often express their expectations of us as follows:

Speedget there quickly.

Relevancedo the right thing.

Accuracydo things right.

I imagine that these same expectations apply to many other aspects of the homeland security enterprise. Who wouldn’t like to get through passenger screening at the airport quickly, while knowing that the screening procedures were both the minimum necessary as well as sufficient to prevent any acts of terrorism from occurring?

When questions or controversies arise surrounding our service, however, it become clearer that people understand that these expectations come at a cost, and their desire for each is more or less elastic depending upon their situation and the circumstances attending their need for service. Over the years, it has become clearer to me that people assess our performance and detect deviations from their expectations a little differently than they usually express them:

Speed –> consistency, dependabilityshowing up at all is just as important as getting there quickly.

Relevance –> coherence, qualityactions other than the expected are acceptable when they are based on sound reasoning.

Accuracy –> compassionwhether a decision or action is acceptable depends upon how it makes people feel.

These days people are increasingly surprised to get any response at all, much less a quick one. Knowing that someone will show up every time they need help has become every bit as important as knowing that such help will come quickly. People need to know they can depend upon government to try, even if it comes up short sometimes. Inconsistency lends itself to the impression of undependability, even when the lack of responsiveness in some circumstances leads to faster responses in others.

When performance deviates from expectations, people look to experts for understanding. They need to know that the actions fit the circumstances, and they often judge this in one of two ways: 1) by how hard people are trying and 2) by whether things get better or at the very least stop getting worse. It matters very little to those watching whether the actions they observe have a direct effect on the outcome so long as they can see people making an effort. If things get better or stop getting worse, they naturally assume that the result arises from the actions undertaken.

Even if things end badly, people often judge the quality of the outcome and its appropriateness by how those engaged in the effort made them feel. People understand implicitly that when things start badly they often end badly. But they also appreciate it when those who respond to remedy the effects of their errors avoid the temptation to find fault, allocate blame or pass judgment, especially without learning all the facts first.

I have translated these observations about public expectations into three fairly simple and straightforward statements to guide operations where I work:

We always show up! We are there for each other and our community when they need us.

We take decisive action to make things better. We are neither spectators nor observers. We take reasonable risks to achieve appropriate results and accept responsibility for all of our actions.

We engage everyone with compassion and respect. We treat people they way we want to be treated. We seek understanding by looking at ourselves and the situations we face the way others see us.

I cannot tell you that this approach will transform public opinion or translate into broad public approval or political support for our agency or its actions. But I  can say with confidence that taking this approach makes me feel better about what we do and how we do it. More importantly, it speaks to why wo do what we do: We serve the public for their sake not our own.

Share and Enjoy:
  • Digg
  • Reddit
  • Facebook
  • Yahoo! Buzz
  • Google Bookmarks
  • email
  • Print

Impressive reporting from the Port of Oakland

Filed under: General Homeland Security — by Philip J. Palin on November 2, 2011

The Guardian (UK) is reporting live from Oakland:

http://www.guardian.co.uk/world/blog/2011/nov/03/occupy-oakland-general-strike-live

Wednesday a crowd estimated at between 5000 to 7000 shut down the Port of Oakland.  During most of the day no violence was reported.  But overnight some isolated vandalism prompted a strong police response.

Several days before Occupy Wall Street was mentioned anywhere (that I noticed) in US media.  The Guardian was giving the then small group of protesters front-page treatment.

Last week The Guardian’s US coverage of the Occupy movement shifted from a New York focus to an Oakland focus, just in time for a series of major events in Oakland.

The live blog being used in Oakland is a form The Guardian has also used effectively in Egypt, Libya, and elsewhere.  Note that times reported are Greenwich Mean Time (GMT).

Share and Enjoy:
  • Digg
  • Reddit
  • Facebook
  • Yahoo! Buzz
  • Google Bookmarks
  • email
  • Print

November 1, 2011

Listening to a deaf falcon – homeland security in transition

Filed under: General Homeland Security — by Christopher Bellavita on November 1, 2011

I returned recently from almost two months of seminars and conferences about homeland security. During that time I spoke with close to 150 people, all of whom have some involvement with the homeland security enterprise. Here are some random, unscientific observations I took away from those conversations. They all lead me to the conclusion that homeland security could use some new DNA.

1. Homeland security does not have a center of gravity. I think it once did, back in the day when the prime directive was prevent another terrorist attack.

On the other hand, I did find one person who could cite — almost verbatim — the 32 words in the new national preparedness goal. That should count for something.

2. The parts of the homeland security enterprise focus on too many different and important things. Can whole of community move beyond FEMA’s nouvelle idée? How great would that be,TSA, CPB, ICE, USSS, S&T, DNO, I&A, USCIS, USCG, states, territories, and tribes?

What would it even look like?

3. The overall feeling about homeland security I came away with reminds me of the first part of a Yeats poem:

Turning and turning in the widening gyre
The falcon cannot hear the falconer;
Things fall apart; the centre cannot hold;
Mere anarchy is loosed upon the world,
The blood-dimmed tide is loosed, and everywhere
The ceremony of innocence is drowned;
The best lack all conviction, while the worst
Are full of passionate intensity.

But that was just a feeling.

4. The money’s just about gone. And what’s left is going to get smaller. This may have been the primary theme over the past 2 months.

There were two general reactions to that reality: “What a waste” and “Deal with it.”

The what a waste voices complained about the inevitable deterioration of the capabilities that have been built over the past decade. The deal with it voices said we’re going to have to suck it up and find new ways of working — like regionalization and sharing things — so the capabilities do not deteriorate.

The deal with it sounds gave me confidence that grownups continue to hold homeland security together.

5. Doing less with less. Government should be run more like a business, people often say.  Excluding, of course, those who say government is run by business.

Let’s try running homeland security — across the country — like Jack Welch used to run GE. Put programs in three categories: good (20%), average (70%), and poor (10%) performers. Each year, terminate the poor performing programs.

How to measure performance? Let the programs decide, in public.

No, it’s not perfect, and the 20/70/10 approach has significant disadvantages.  But combine that with the process Tim Harford describes in his book “Adapt: Why Success Always Starts with Failure” — try new things; know some will fail; make failure survivable; make sure you know when you’ve failed — and see what happens.

6. The threat is (still) overblown, I heard a few speakers suggest.  Maybe a few years ago the threat was significant — let’s just say it was. Now, not so much. Two out of our three wars are sort of over. (Even that sentence canot be expressed directly.) Al Qaeda is as gasping as Gaddafi’s final “Do you know right from wrong?” question.

There will always be natural disasters.  Not much prevention there.  What about “mitigation?” the emergency managers in the groups always brought up. Don’t forget pandemics, whispered the unceasingly quiet public health voice.

There is a non-zero probability of a biological attack, a dirty bomb, a domestic nuclear detonation, a chemical attack — you know the list. But the probability/possibility/plausibility of one of those events is too small to justify spending much money building prevention or response programs. The money could be better used elsewhere.

That message was never well received. Much of the time the listeners attacked the claim before allowing the speaker to finish constructing the argument. It was almost as if there were an incentive in the homeland security enterprise to amplify the threat.

There was one threat no one — speaker or listener — argued against: IEDs and small arms tactics.

7. In spite of the almost knee jerk defense of remaining alert to the conventional unconventional threats, there was a sense among the people I spoke with and listened to that these traditional threats are moving into the “Tired” category.

Several groups said focusing on Islam, al Qaeda, and typical terrorism was getting dull. Not because the issues were unimportant or uninteresting — “eternal vigiliance” and all that.  But because the topics focus too much on the past. They wanted homeland security to pay more attention to the future: cyber, synthetic biology, and slow moving threats like climate change and planetary resource depletion. Even Occupy Whatever came up as something worthy of homeland security concern — not the people bringing the message, but the message they bring.

8. There is a well known paper in the public safety community by Dave Grossman called “On Sheep, Wolves, and Sheepdogs.” Sheep (most Americans) live in denial that evil exists in the world; “that is what makes them sheep.” But there are wolves (the evil guys) who “feed on the sheep without mercy.” Then there are sheepdogs (the good guys) who “live to protect the flock and confront the wolf.”

Where, asked a friend who works in the Enterprise and who spends a lot of time thinking about doing the right thing, are the shepherds in this tactical metaphor?

9. There were numerous discussions about rights and duties, and about the need for some serious civic lessons throughout the country.

Occupy Wall Street — is that an example of people meeting their civic responsibility to remedy ineffective national governance and cororate greed? Are privacy objections to the new TSA “chat up” procedures — and there are objectors in the first responder community — examples of neglecting one’s civic duty to support legitimate authority?

The Constitution mentions rights over a dozen times. Duty shows up thrice, and in each case it refers to a financial charge not a responsibility.

What duties do Americans have in the homeland security enterprise? The QHSR says people have the responsibility to

“take the basic steps to prepare themselves for emergencies … reducing hazards in and around their homes… monitoring emergency communications carefully, volunteering with established organizations, mobilizing or helping to ensure community preparedness, enrolling in training courses, and practicing what to do in an emergency…. In addition, individual vigilance and awareness can help communities remain safer and bolster prevention efforts.”

These duties will not stir Tea Party or Occupy Party convictions.

10. To mashup Anne-Marie Slaughter’s introduction to the “National Strategic Narrative,”

The United States needs a homeland security narrative. We have a national security strategy [and a National Preparedness Goal],… but those are documents written by specialists for specialists. They do not answer a fundamental question that more and more Americans [should be] asking. Where is [homeland security] going? How can we get there? What are the guiding stars that will illuminate the path along the way? We need a story with a beginning, middle, and projected happy ending that will transcend our political divisions, orient us as a [people], and give us both a common direction and the confidence and commitment to get to our destination.

—————————————————–

Yeats ends his poem with a question:

The darkness drops again but now I know
That twenty centuries of stony sleep
Were vexed to nightmare by a rocking cradle,
And what rough beast, its hour come round at last,
Slouches towards Bethlehem to be born?

Maybe Steve Jobs spoke an answer with his final words: “Oh wow. Oh wow. Oh wow.”

That’s a feeling that might guide even a deaf falcon toward an evolutionary reconstruction of homeland security.

 

 

Share and Enjoy:
  • Digg
  • Reddit
  • Facebook
  • Yahoo! Buzz
  • Google Bookmarks
  • email
  • Print

October 31, 2011

Test anthrax vaccine on children: A bad biodefense policy idea

Filed under: Biosecurity,WMD — by Alan Wolfe on October 31, 2011

I was surprised, last week, to see this story in the Washington Post about the efforts of a working group of the National Biodefense Science Board. Seems that, back in April, the board decided to examine whether children should receive the standard anthrax vaccine in the event of a wide-area anthrax attack on the nation. Although it’s not explained well in the story, it is assumed that this would be a post-treatment administered under emergency matters after an attack, rather than as a pre-treatment.

“At the end of the day, do we want to wait for an attack and give it to millions and millions of children and collect data at that time?” said Daniel B. Fagbuyi of Children’s National Medical Center in Washington, who chaired the group. “Or do we want to say: ‘How do we best protect our children?’ We can take care of Grandma and Grandpa, Uncle and Auntie. But right now, we have nothing for the children.”

Yes, oh who will think of the children? As the article explains, the vaccine has been tested for safety for the military, but it doesn’t explain that the vaccine’s efficacy is sometimes in question. Critics of the vaccine note that it hasn’t been tested against humans who have been exposed to a weaponized form of anthrax. And that’s true. There have been animal models that show the airborne vaccine should be both safe and efficacious for humans. And all of our researchers and veterinarians who work with anthrax use the vaccine, without any losses. Both the airborne vaccine and the natural form of vaccine work in the same way on the human body. So we’re pretty sure it’s a very good vaccine.

But back to the children. Medical experts and emergency responders have always been concerned about the “sensitive population” and how they are treated in the event of an emergency. Yes, it’s possible that an anthrax vaccine developed for adults might be too powerful for children or have detrimental side effects. We don’t know. But the chance of a wide-area anthrax attack affecting thousands, let alone “millions and millions of children,” is almost zero. Close enough to zero to not worry about it.

Except for this National Biodefense Science Board.  They decided, on a vote of 12-1, that in fact, we do need to have the vaccine tested on children in order to prepare for that day that is “not a matter of if, but when.”

“We need to know more about the safety and immunogenicity of the vaccine as we develop plans to use the vaccine on a large number of children in the event of a bioterrorist’s attack,” said Ruth L. Berkelman of Emory University, a panel member.

Now these are smart people. I don’t doubt their sincerity or intelligence. I do question their common sense and rationality. The absolute possibility of a transnational terrorist attack involving kilograms of anthrax to cause such an event are just insignificant compared to the storm of controversy and outcry if the US government starts testing the anthrax vaccine on kids.

It doesn’t matter if the side effects of the anthrax vaccine are far less severe than nearly any other vaccine. It doesn’t matter if the U.S. government has been using this vaccine for over a decade and has literally millions of health records to study. The critics will argue that the government hasn’t proven the vaccine’s efficacy for adults, let alone children. And they’d be right, technically; but it still works. This is a lousy argument.

The recommendation to test the vaccine for use on children is just wrong.

Any sensible mayor or governor would suggest that the appropriate risk-management approach would be to plan and resource for the widespread use of Cipro or other antibiotics on the population, to include children and other sensitive population types, as a first course of action. And then if, and only if, an actual anthrax attack occurred, the parents would be asked if they want to take the chance on the vaccine – and sign a release form for its use. It needs to be explained that this is a post-treatment, and without its use, the affected patient may die a very horrible and sudden death. This testing is unnecessary because the scenario too remotely theoretical.

It’s really that simple. How our community responds to bioterrorism is too important to be left to the doctors. Let’s get some public policy analysts involved and make better decisions.

 

Share and Enjoy:
  • Digg
  • Reddit
  • Facebook
  • Yahoo! Buzz
  • Google Bookmarks
  • email
  • Print
« Previous PageNext Page »