Posts

Investigating National Security Personnel in the Post-Nidal Hasan Era

Three years and one day before FBI briefed DNI Clapper about the questionable email practices of David Petraeus, and less than three years before FBI alerted Leon Panetta to John Allen’s perhaps less questionable email practices, an Army officer who had been the subject of a 6-month investigation into his questionable emails killed 13 people and wounded another 29 at Fort Hood, TX.

While a number of people are criticizing the FBI (rightly, in the case of the agent who reportedly made this investigation his or her own personal project) for being out of control in the investigation that started with Jill Kelley’s email, I’d like to put the FBI’s decision to inform Petraeus’ and Allen’s superiors about their emails in the context of the failure to stop Nidal Hasan.

I don’t mean to suggest that Petraeus and Allen’s smutty emails to some beautiful middle aged housewives equate to an Army psychiatrist writing a radical anti-American cleric. At least given what we know, there were far more serious red flags in Hasan’s emails to Anwar al-Awlaki than there were in Petraeus’ love notes to Paula Broadwell (though Petraeus’ use of counter-surveillance techniques would, by themselves, be a red flag).

But the point is–and one key lesson of the failure to stop Hasan–is that the FBI can’t always know how important inappropriate email contacts are without talking to a person’s superiors. If they had done with Hasan what they did here–inform the officer’s superiors after concluding no criminal behavior had taken place (which is what they concluded with Hasan)–they might have learned of the more troubling context behind the emails.

Besides, the most damaging leak, today’s stories revealing a huge chunk of Allen emails that may be flirtatious but in no way problematic, came from a senior US defense official, not the FBI. There were surely more appropriate ways to delay Allen’s confirmation hearing later this week, but that decision was presumably DOD’s, not FBI’s.

Carrie Johnson captures some of the other disclosure issues FBI faced. But the question as to why FBI informed Clapper and Panetta can be answered, IMO, by pointing to lessons learned with the Nidal Hasan case. FBI almost certainly had no reason to doubt Petraeus and Allen. But I don’t blame FBI for not wanting to make the final decisions about how this email behavior affected the Generals’ fitness to command.

Breaking: Panetta Equating Crude Iranian Cyberattacks with Pearl Harbor, Iran Infiltrated Aramco

Today, the NYT–serving its role as spokesperson for the Cold War against Iran–confirms what blabby Joe Lieberman told CSPAN last month: the government suspects Iran was behind a series of crude cyberattacks on US banks.

Or to put it differently, Leon Panetta wants us to be more afraid of crude DNS attacks on US online banking sites than he wants us to be of the orders of magnitude greater damage the banks cause all by themselves. Because … Iran!

More interesting is the widely reported speculation we think Iran was behind the more serious attack on Aramco.

The attack under closest scrutiny hit Saudi Aramco, the world’s largest oil company, in August. Saudi Arabia is Iran’s main rival in the region and is among the Arab states that have argued privately for the toughest actions against Iran. Aramco, the Saudi state oil company, has been bolstering supplies to customers who can no longer obtain oil from Iran because of Western sanctions.

The virus that hit Aramco is called Shamoon and spread through computers linked over a network to erase files on about 30,000 computers by overwriting them. Mr. Panetta, while not directly attributing the strike to Iran in his speech, called it “probably the most destructive attack that the private sector has seen to date.”

Until the attack on Aramco, most of the cybersabotage coming out of Iran appeared to be what the industry calls “denial of service” attacks, relatively crude efforts to send a nearly endless stream of computer-generated requests aimed at overwhelming networks. But as one consultant to the United States government on the attacks put it several days ago: “What the Iranians want to do now is make it clear they can disrupt our economy, just as we are disrupting theirs. And they are quite serious about it.”

That’s interesting not because the attack did real damage–it didn’t, because it hit the business, not the production, computers.

Saudi Aramco has said that only office PCs running Microsoft Windows were damaged. Its oil exploration, production, export, sales and database systems all remained intact as they ran on isolated and heavily protected systems.

“All our core operations continued smoothly,” CEO Khalid Al-Falih told Saudi government and business officials at a security workshop on Wednesday.

“Not a single drop of oil was lost. No critical service or business transaction was directly impacted by the virus.”

It’s interesting because the malware was introduced into the Aramco network by an insider.

One or more insiders with high-level access are suspected of assisting the hackers who damaged some 30,000 computers at Saudi Arabia’s national oil company last month, sources familiar with the company’s investigation say.

[snip]

The hackers’ apparent access to a mole, willing to take personal risk to help, is an extraordinary development in a country where open dissent is banned.

“It was someone who had inside knowledge and inside privileges within the company,” said a source familiar with the ongoing forensic examination.

Once you translate the NYT’s spin, here’s what we’re left with:

  • We’re supposed to treat cyberattacks by Iran as an existential threat, even though they expose Iran’s relative impotence in the cyber sphere.
  • We’re supposed to get panicked about computers here at home because Iran succeeded in human espionage with Aramco.

And while Panetta cries wolf over and over, the banksters and the oil companies continue to real damage he ignores.

Confusion Rules in Afghanistan

Still steadfastly refusing to admit publicly that its Afghanistan strategy has failed completely and that a new, more rapid timetable for withdrawal must be developed before the November election, the Obama administration and its Department of Defense are reduced to utter confusion in trying to understand the sources of attacks on coalition forces. After halting most joint US-Afghan operations in the middle of September, Defense Secretary Leon Panetta led efforts last Thursday to claim that joint operations had returned to “nearly normal” levels while claiming that each joint operation would be evaluated carefully to reduce risks. It took less than two days for that evaluation process to be shown to be useless, as two Americans and three Afghan troops were killed in an exchange of gunfire while out on joint patrol.

The investigation into this event stands as a microcosm of the confused state of affairs in Afghanistan as the US struggles to understand that resistance to the presence of US forces now spreads through virtually all of Afghanistan and that uniforms for Afghan security forces are a tool for getting close to US targets. The military first announced Saturday’s attack as a green on blue killing and then backed off, claiming for a while that perhaps insurgents who were not a part of the joint patrol fired first and that US forces fired on the Afghan forces out of confusion. Yesterday, the Washington Post published details from a leaked report that suggests that it was indeed a member of the Afghan National Army platoon in the joint patrol who first opened fire and that he was quickly joined by other members of his patrol. Despite all of the accumulating evidence that Aghans resent our presence in the country, defense officials express surprise and confusion that multiple members of an Afghan patrol could all turn their weapons on US forces:

Two days after the U.S. military resumed joint operations with Afghan security forces last week following a spate of “insider attacks,” a platoon of American soldiers stopped at an Afghan army checkpoint in a volatile eastern province.

The Americans had a cordial conversation and cracked a few jokes with their Afghan comrades during the Saturday afternoon patrol in Wardak province. The Afghans offered the Americans tea. Then, according to a U.S. military official, an Afghan soldier, without warning or provocation, raised his weapon and opened fire — mortally wounding the senior American on the patrol.

In a war in which insider attacks have become commonplace, what happened next made the incident extraordinary, the American official said. Another Afghan soldier at the checkpoint opened fire on the Americans, killing a U.S. civilian contractor and wounding two other American soldiers. Soon, Afghan soldiers and possibly insurgents began firing at the Americans from several directions.

/snip/

A preliminary military report, however, has concluded that the gunfight began only after an Afghan soldier opened fire on U.S. troops, according to the American official, who spoke on the condition of anonymity.

“What sets this apart is that there were multiple attackers from multiple positions and there was zero provocation,” said the official, who had access to the report but was not authorized to speak for the record. Read more

Panetta, DoD Use Semantic Games to Claim Joint Operations Nearly Normal Again in Afghanistan

Civilian casualty rates in Afghanistan updated through August of 2012, as obtained by Spencer Ackerman at Danger Room. Click on image for a larger view.

Late Thursday, Leon Panetta contributed even further to his diminishing credibility by trying to claim that joint missions between US and Afghan troops are returning nearly to normal levels. From the Washington Post:

Most U.S. and NATO combat troops have resumed joint operations with Afghan forces, the Pentagon said Thursday, although U.S. officials said they remain worried about the threat of fratricidal “insider attacks.”

U.S. commanders had substantially scaled back the joint operations 10 days ago in an urgent effort to reduce the vulnerability of U.S. and NATO troops.

At a news conference, Defense Secretary Leon E. Panetta said “most” U.S. and NATO units had “returned to their normal partnered operations” with their Afghan allies. But he offered few details, and other Pentagon officials offered conflicting accounts of how many missions were still being conducted separately.

The new information was also found to be unclear by the New York Times:

In a significant restriction on a core element of the Western exit strategy from Afghanistan, the American-led military coalition said last week that all joint operations with Afghan forces conducted below the battalion level had to first go through a formal approval process — an effort to stem attacks by members of the Afghan security forces that have killed 51 American or allied service members this year. Officials now say those approvals were being handled efficiently enough that the number of partnered operations was returning to normal. . . . The number is now climbing again, said officials, who declined to offer specifics.

Spencer Ackerman is having none of this ploy, though, and the title of his piece from Thursday evening tells us all we need to know: “Whatever Pentagon Says, U.S. Patrols With Afghans Aren’t ‘Normal’ Yet“: Read more

Panetta Continues to Ignore Reality, Calls Surge a Success

Defense Secretary Leon Panetta looks as though he is going to be the last person on the planet to realize what a failure US strategy in Afghanistan has become. Today, while visiting New Zealand, he announced that the final surge troops have left Afghanistan, returning troop levels to 68,000 from a high of 101,000 at the peak of the surge President Obama ordered at the end of his first year in office.

The Washington Post set Panetta’s “success” language apart from other comments:

“There’s no question there will continue to be difficult days ahead in this campaign,” Panetta said at a news conference in Auckland, where he was making a visit, in part, to thank New Zealand for its contribution of about 180 troops to the NATO-led coalition in Afghanistan. “But this is an opportunity to recognize that the surge did accomplish its objectives.”

The New York Times gave a bit more of Panetta’s statement:

“As we reflect on this moment, it is an opportunity to recognize that the surge accomplished its objectives of reversing Taliban momentum on the battlefield, and dramatically increased the size and capability of the Afghan National Security Forces,” Mr. Panetta said.

It’s not until the very end of the article however, where we learn that Panetta’s claims don’t hold up:

However, the level of violence remains higher than it had been before the surge forces came. In the first six months of 2012, for instance, 1,145 civilians were killed, compared with 1,267 in the same period of 2010, when surge forces were only just arriving.

How can it be that the Taliban’s momentum has been reversed if civilian deaths are now higher than before the surge? [Correction: as pointed out by harpie in comment number 1, although the Times says violence levels are higher after the surge, the civilian death rate post-surge is slightly lower rather than slightly higher.]

Besides allowing Panetta to deny the reality of a Taliban that has lost no strength, the Times article article allows an anonymous military spokesman to lie about changes in the size of Afghan security forces during the surge:

“What did the surge give us?” a senior American official reflected on Friday. “We’re going to hit a point where, I won’t say that’s as good as it gets, but now it’s up to them to hold what we gave them. Now really it’s Karzai’s turn.”

The official spoke on condition of anonymity as a matter of military policy.

The surge brought American troops to a high of 101,000, along with as many as another 50,000 coalition troops, mostly from NATO countries. Over the past three years, the increase in American troops helped to enable an accelerated training program, the senior American official said, with the Afghan police and army more than doubling in number by this year, to 300,000.

Two things stand out immediately in the numbers supplied by the anonymous spokesman. First, until this statement, all recent stories have been referring to the size of the ANSF as 350,000. How did the number drop by 50,000? Is this a result of the re-screening that Afghanistan has been carrying out? This chart shows that the Afghan National Army, which accounts for about two thirds of the ANSF, saw a maximum attrition rate of just under 5600 in one month, so attrition alone cannot account for this large drop. [Note: I noticed when I checked the article again after 2 pm that the 300,000 number has been revised to 350,000. There is no indication within the article or at the usual slot at the bottom of the page where corrections are usually noted that this change has taken place. I had already pointed out that the military source was lying whether we used 300,000 or 350,000 as the current ANSF level.]

But the other thing that stands out in this anonymous statement is an outright lie. The official claims that during the surge, the ANSF “more than” doubled to 300,000. This Brookings publication (pdf) documents force size for the ANA and ANP, and it shows that in December 2009, when Obama ordered the surge, the force size was 195,089. If we use the source’s 300,000 figure for the current size, the current force is only 1.54 times the previous size, not more than twice. Even if we use the 350,000 figure that was used in all previous statements, the ratio only improves to 1.79, still well below twice the original size.

The military can lie all it wants, but it still cannot hide its failures in Afghanistan.

Leaky Leon Does More Damage

Even in his official photos Panetta can’t keep his lips closed.

Marcy pointed out even before it aired that Defense Secretary (and former CIA Director) Leon Panetta’s televised confirmation that Dr. Shakeel Afridi worked for the CIA in the effort to find and kill Osama bin Laden was a breech of security. Since then, both Marcy and I have documented the damage resulting from this disclosure, which includes Afridi being jailed instead of quietly slipping out of Pakistan and a UN doctor being shot while hundreds of thousands of Pakistani children have been denied vaccines. In further damage from Panetta’s improper disclosure, Pakistan is now in the process of expelling the aid group Save the Children over concerns that they may have a CIA tie through a link with Afridi.

But that is not the only time Panetta has disclosed secret information that he should have kept quiet. In this post where I was discussing what looked like signs of increasing cooperation between the US and Pakistan, I included video from an AP interview of Panetta. The segment I chose to post turns out to be very significant. Here is my description of the video clip and its significance:

The absence of drone strikes continued and then on August 13 Defense Secretary Leon Panetta was interviewed by Lolita Baldor and Robert Burns of AP. As seen in the video excerpt above, Panetta said that he expected Pakistan to launch military operations soon against Taliban militants in Pakistan’s Federally Administered Tribal Areas. As Bill Roggio noted at Long War Journal, this was a shocking development. After opening with “This is absolutely stunning”, Roggio went on to list his reasoning for why the announcement didn’t make much sense.

Panetta’s claim that Pakistan was about to launch military action in the FATA stunned those who watch the area closely. By publicly announcing such an unexpected action before it started, Panetta put Pakistan into an untenable position. Today’s Express Tribune details the damage arising from Panetta’s disclosure:

Pakistan has quietly conveyed to the United States to not make any public statement on its planned operation against militants in the restive North Waziristan Agency bordering Afghanistan.

The advice stems from the fact that any remarks by American officials may complicate the Pakistani authorities’ plan to create the ‘necessary environment’ for the Waziristan offensive, a senior government official said.

Speaking on the condition of anonymity, the official told The Express Tribune that the military does not want to be seen as aligned with the US on the issue of launching a fresh operation in the rugged tribal belt because of growing anti-American sentiments in the country.

Pakistan protested directly to the US about Panetta’s leak:

Islamabad voiced concerns when US Defence Secretary Leon Panetta disclosed last month that the Pakistani military was planning to start an operation against militants in North Waziristan.

/snip/

“It was inappropriate for Panetta to make that statement. There was no need for that … it really complicated the situation,” a military official commented.

Why does Leaky Leon still hold a security clearance? The Haqqani network, operating now with virtual impunity from Pakistan’s FATA, is seen as one of the largest barriers to a stable Afghanistan. By delaying Pakistan’s action against them, Panetta has made himself directly responsible for additional harm to NATO troops and innocent Afghan civilians who happen to be in the wrong place at the wrong time.

The First Rule of the Fight Club…

I’ve been waiting to comment on the news that one of the SEALs that killed Osama bin Laden has a book coming out on September 11.

The publication will undoubtedly be yet another telling episode in our government’s asymmetric treatment of secrecy, but thus far it is too soon to say how. After all, when a SEAL wants to “correct the story,” does he plan to engage in a little JSOC score-settling (I heard rumors the Rangers and the SEALs had competing versions not long after the operation). Will he reveal details that change our understanding of Pakistani knowledge of the operation? Or will he significantly upend the myth Obama’s team has spun about it? All were–and probably still are–possible.

In any case, the book publication will present an interesting challenge for the Obama Administration, which has gone to great lengths to prevent or disincent publication of other books revealing secret information. Nevertheless, the completely arbitrary system for prepublication review seems to encourage people to bypass the system. (This SEAL has already planned to donate much of the proceeds of the book, following a lead set by Ishmael Jones, which takes away one of the tools the government might use against him.)

Finally, there’s the political problem Obama will have. It’ll be hard for the Administration to villainize this SEAL the way it has given others. After all, the SEAL played a key role in half of Obama’s re-election bumper sticker: “Osama bin Laden is dead, GM is alive.” Either he’s a hero for killing OBL, or he’s not, right?

It’s against that background that I read the exposure–first by a Fox News Pentagon reporter, citing “multiple sources,” and then by Craig Whitlock, citing “Pentagon sources”–of the SEAL’s real identity. Given that the Pentagon was sharing (or at least confirming) the SEAL’s identity to the WaPo, then this line from the SOCOM spokesperson is rather ominous.

And Col. Tim Nye, a Special Operations Command spokesman, said the author “put himself in danger” by writing the book.

“This individual came forward. He started the process. Read more

Signs of Intelligence Sharing Give Way to Call for “Divorce”: US-Pakistan Relations Continue Extreme Swings

[youtube]http://www.youtube.com/watch?v=FqJPYlu8qls[/youtube]

Back on August 2, I noted a very interesting development. At a time when the US and Pakistan were holding high-level meetings both in Washington and Pakistan, a terror plot in Afghanistan reported to be in preparation by the Haqqani network was disrupted. This was a surprising development to me because at the time I was predicting that the talks between the new head of Pakistan’s ISI and CIA head David Petraeus would go badly and that the US would launch poorly targeted drone attacks in retaliation, perhaps even while General ul-Islam was in transit back to Pakistan. Instead, there seemed to be a distinct possibility that Pakistan had provided intelligence on movement of Haqqani network members from Pakistan into Afghanistan and that this intelligence allowed the plot to be disrupted before it was carried out.

Once the meetings in Washington ended, no new drone strikes occurred in Pakistan. In fact, another attack plot was thwarted in Afghanistan on August 12. Although this plot was not believed to be at the hands of the Haqqani network, there was evidence that Pakistanis were involved, which again led me to postulate that this plot also was disrupted with the help of intelligence information from Pakistan.

The absence of drone strikes continued and then on August 13 Defense Secretary Leon Panetta was interviewed by Lolita Baldor and Robert Burns of AP. As seen in the video excerpt above, Panetta said that he expected Pakistan to launch military operations soon against Taliban militants in Pakistan’s Federally Administered Tribal Areas. As Bill Roggio noted at Long War Journal, this was a shocking development. After opening with “This is absolutely stunning”, Roggio went on to list his reasoning for why the announcement didn’t make much sense. He concluded:

How many times has Pakistan promised to take action in North Waziristan, or claimed to take action there, only to make fools of top US defense officials?

The lull in drone strikes continued.

Did the US lose patience with Pakistan’s promise to launch an operation in North Waziristan? On August 18, the lull in drone strikes ended (don’t bother looking this or any other drone strike up in New America Foundation’s database, as it now appears to have been taken down). And it ended in a particularly ugly way, at midday on the day when the religious feast of Eid al-Fitr would begin at sunset. That strike has been followed up with three others, so that as of Tuesday, there were four drone strikes in as many days. The lull does not match up with Ramadan. Ramadan started on July 20 and The Bureau for Investigative Journalism’s database shows attacks on July 23 and July 29. Instead, that last strike prior to the lull was just before ul-Islam’s meetings in Washington, which started on August 1.

This sequence of events suggests to me that if there was indeed a time of increased cooperation in which ISI shared intelligence on movement of militants from the tribal areas into Afghanistan for attacks in return for no drone strikes occurring, this agreement has now fallen apart. The intense rate of drone strikes once they re-started is typical of US actions when retaliation is desired. It would not be surprising, then, for the next attack by militants moving from Pakistan to Afghanistan to be successful instead of being disrupted before it can take place.

It appears that I am not alone in thinking we are again at a low point in US-Pakistan relations. Former Pakistani envoy to the United States Hussein Haqqani suggested yesterday that the US and Pakistan should “divorce”. This latest outbreak of drone attacks could then be seen as the US serving notice of separation.

More Damage from Panetta’s Vaccine Ruse: UN Doctor on Polio Vaccine Drive Shot; Hundreds of Thousands Denied Polio Vaccine

As one of only three countries in the world where polio is still endemic, Pakistan launched a three day vaccination drive yesterday with a target of vaccinating the 318,000 children in North and South Waziristan who have not received their vaccinations. Across all of Pakistan, the goal is to vaccinate 34 million children under the age of five. The drive is being held despite a push by the Taliban to prevent vaccinations in tribal areas. The Taliban’s ban on vaccinations is aimed at stopping US drone strikes in the tribal areas and is in response to the vaccination ruse by the CIA.  Dr. Shakeel Afridi pretended to be doling out hepatitis vaccines in a failed attempt to retrieve DNA samples for the CIA from the bin Laden compound when it was under surveillance prior to the attack that killed Osama bin Laden. Today, a UN doctor and his driver were wounded when a shooter opened fire on them in Karachi. The doctor was reported to be working on the vaccine program.

Dawn reported yesterday that a jirga was convened today in the tribal areas to try to find a solution to the Taliban’s vaccine ban. That article gives good background information on the ban:

Although a nationwide anti-polio campaign was launched on Monday, the authorities were yet to convince the Taliban shura on the importance of getting children of North and South Waziristan vaccinated against the debilitating disease.

/snip/

Commander Hafiz Gul Bahadur, who leads the powerful Taliban Shura, had banned the anti-polio drive in North Waziristan on June 16 and said that children would not take polio drops unless the government stopped drone strikes in the area.

He was followed by Commander Mullah Nazir in South Waziristan and other militant commanders in FRs D.I. Khan and Kohat.

In South Waziristan, the ban is much stricter because it prohibits vaccination against all eight childhood diseases, including polio.

“We have asked health workers to be careful and don’t put their lives at risk,” the official said, adding that they were waiting for the government’s response.

However, the Taliban ban is not the only barrier to vaccines:

He [the official quoted above] said the military operation in Orakzai and Khyber agencies was one of the factors which deprived children of the much needed vaccines.

Just the two tribal agencies of North and South Waziristan account for a large number of unvaccinated children: Read more

Lamar Smith’s Futile Leak Investigation

Lamar Smtih has come up with a list of 7 national security personnel he wants to question in his own leak investigation. (h/t Kevin Gosztola)

House Judiciary Committee Chairman Lamar Smith, R-Texas, told President Obama Thursday he’d like to interview seven current and former administration officials who may know something about a spate of national security leaks.

[snip]

The administration officials include National Security Advisor Thomas Donilon, Director of National Intelligence James Clapper, former White House Chief of Staff Bill Daley, Assistant to the President for Homeland Security and Counterterrorism John Brennan, Deputy National Security Advisor Denis McDonough, Director for Counterterrorism Audrey Tomason and National Security Advisor to the Vice President Antony Blinken.

Of course the effort is sure to be futile–if Smith’s goal is to figure out who leaked to the media (though it’ll serve its purpose of creating a political shitstorm just fine)–for two reasons.

First, only Clapper serves in a role that Congress has an unquestioned authority to subpoena (and even there, I can see the Intelligence Committees getting snippy about their turf–it’s their job to provide impotent oversight over intelligence, not the Judiciary Committees).

As for members of the National Security Council (Tom Donilon, John Brennan, Denis McDonough, Audrey Tomason, and Antony Blinken) and figures, like Bill Daley, who aren’t congressionally approved? That’s a bit dicier. (Which is part of the reason it’s so dangerous to have our drone targeting done in NSC where it eludes easy congressional oversight.)

A pity Republicans made such a stink over the HJC subpoenaing Karl Rove and David Addington and backed Bush’s efforts to prevent Condi Rice from testifying, huh?

The other problem is that Smith’s list, by design, won’t reveal who leaked the stories he’s investigating. He says he wants to investigate 7 leaks.

Smith said the committee intends to focus on seven national security leaks to the media. They include information about the Iran-targeted Stuxnet and Flame virus attacks, the administration’s targeted killings of terrorism suspects and the raid which killed Usama bin Laden.

Smith wants to know how details about the operations of SEAL Team Six, which executed the bin Laden raid in Pakistan, wound up in the hands of film producers making a film for the president’s re-election. Also on the docket is the identity of the doctor who performed DNA tests which helped lead the U.S. to bin Laden’s hideout.

But his list doesn’t include everyone who is a likely or even certain leaker.

Take StuxNet and Flame. Not only has Smith forgotten about the programmers (alleged to be Israeli) who let StuxNet into the wild in the first place–once that happened, everything else was confirmation of things David Sanger and security researchers were able to come up with on their own–but he doesn’t ask to speak to the Israeli spooks demanding more credit for the virus.

Read more