Feds consider searches of terrorism blogs
The Homeland Security Department may soon start scouring the Internet to find blogs and message boards that terrorists use to plan attacks in the USA.
The effort comes as researchers are seeing terrorists increasingly use the Internet to plan bombings, recruit members and spread propaganda. "Blogging and message boards have played a substantial role in allowing communication among those who would do the United States harm," the department said in a recent notice.
Homeland Security officials are looking for companies to search the Internet for postings "in near to real-time which precede" an attack, particularly a bombing. Bombings are "of great concern" because terrorists can easily get materials and make an improvised-explosive device (IED), the department said.
"There is a lot of IED information generated by terrorists everywhere — websites, forums, people telling you where to buy fertilizer and how to plant IEDs," said Hsinchun Chen, director of the University of Arizona's Artificial Intelligence Lab. Chen's "Dark Web" research project has found 500,000,000 terrorist pages and postings, including tens of thousands that discuss IEDs.
Chen and others aren't sure how helpful blogs and message boards will be in uncovering planned attacks.
"I just can't envision a scenario where somebody posts to a message board, 'I'm getting ready to launch an IED at this location,' and the government will find that," said terrorism analyst Matt Devost. A lot of postings about attacks are "fantasy, almost role-playing," Devost said.
Internet searches are used routinely by government agencies, such as the Defense Department, in gathering intelligence, said Chip Ellis of the Memorial Institute for the Prevention of Terrorism.
The searches use methods similar to a Google query and can be helpful in uncovering the latest IED technology, Ellis said.
Steven Aftergood, an intelligence expert at the Federation of American Scientists, praised Homeland Security for "trying to develop innovative approaches" and said its effort would not jeopardize privacy because the department would be scanning public websites.
The department, which declined comment, has made no decision about using Internet searches and is reviewing statements that companies submitted last month describing their ability to do the searches.
By Thomas Frank, USA TODAY
2009 - The year of living cyberdangerously
The reliance on computers to operate key infrastructures has created a tunnel of vulnerability 
previously unrealized in the history of conflict.
I first wrote that sentence in 1993 as part of my M.A. thesis on information warfare and my thesis adviser made me remove it for being "overly sensational". Final revenge was mine, however, when I snuck it into the 1996 Defense Science Board on Information Warfare. Now you can search on that phrase and get a few dozen results as its been coopted along the way by other reports as well. Regardless, my little pet phrase will be old enough to drive this year and the infamous "Can You Trust Your Toaster" paper is a teenager.
While I've always believed that cyberthreats are misunderstood and that much of the current debate lacks a risk management context, I can't help but think that 2009 will be a precipice year in the cybersecurity domain. We've certainly had lots of build-up in 2008:
- A major think-tank issues what some regard as "yet another" cybersecurity strategy.
- We've had major and minor penetrations by foreign entities into dozens of major corporations, institutions, and even the political campaigns.
- For the first time, we are looking at a cabinet level Chief Technology Officer position at the White House.
- From my personal experience in dealing with the national security and intelligence communities, there is an increased understanding and appreciation of the issue over the past year. I can't tell you how many conversations I've had with folks who dismissed the topic in the past and now articulate how important an issue it is.
If one is optimistic, we might actually start turning the corner on cybersecurity issues, but will do so only to find ourselves faced with a really steep hill. The best-case scenario, we take some baby steps in 2010. Therefore, I'm declaring 2009, the year of living cyberdangerously. Here are just a few things to think about:
- Capability and intent are still mismatched, but that hasn't prevented major intrusions, just those with an impact on the operation of critical infrastructure.
- Big carrot, little stick. Cyberattacks have been launched against major companies, the U.S. government, and the McCain, Clinton, and Obama campaigns. Consequences for the attacker have been non-existent. This just further incentivizes adversaries to push the envelope.
- Economic disincentives are disintegrating. I've often cited economic interdependence as a major deterrent to cyberattack. However, when the U.S. economy is already in fail mode, the deterrent quotient diminishes.
- Attribution still sucks. See bullet number two.
- Budget cuts and economic issues will serve to diminish corporate security postures in 2009. End result, increased vulnerability. That said, current attackers don't seem to be lacking of vulnerabilities for intended targets.
These factors and a few others will bring a few stars into alignment and it should make for an exciting year.
As for me, I'm looking forward to taking a good hard look at these issues again this year at both the technical and national strategic level. Watch for a follow-up to the Toaster paper and some additional efforts. You can leave your title recommendations for the Toaster paper in the comments (e.g How I learned to stop worrying and love my toaster).
What's cooking?
One of my favorite recipes. I'm sick of searching for it, so I'm blogging it in hopes that others can enjoy. The Wegmans branded products can easily be replaced with more generic items. Enjoy!
Steamed Meatballs with Asian Green Beans
Serves: 4
1 lb 90% or 85% Ground Beef
1 egg
3/4 cup panko bread crumbs or 1 cup unseasoned bread crumbs
1/4 cup + 2 Tbsp Garlic Sauce, divided
1 bunch green onions, trimmed, sliced
1 clove Garlic, finely chopped
1/2 oz fresh ginger root, peeled, finely chopped
1 Tbsp fresh cilantro leaves, chopped
1/4 tsp cracked black pepper
Salt to taste
1 cup Instant Brown Rice
1 pkg (12 oz) Green Beans
1 red sweet pepper, seeded, cut in thin strips
1 Tbsp sesame seeds
1 tsp sesame oil
Combine ground beef, egg, bread crumbs, 1/4 cup garlic sauce, green
onions, garlic, ginger, cilantro, cracked pepper, and salt to taste;
mix thoroughly using hands. Shape into 16 (1 1/2-inch) meatballs.
Pour uncooked rice into shallow pan or bowl. Roll meatballs in
rice, pressing to coat.
Place green beans and pepper strips in steamer basket. Arrange
meatballs in separate basket; stack baskets with meatballs on the
bottom and cover.
Heat 1-inch water in wok or tegame pan on HIGH to rapid boil. Water
must be hot enough to create steam below items to be cooked, but must
not touch it.
Place layered baskets in pan. Steam about 12 min. Remove from heat;
using extreme caution, remove lid carefully away from your face,
avoiding steam. Meatballs should have internal temp of 160 F;
check by inserting thermometer into center of meatballs.
Heat saute pan on MEDIUM-HIGH. Add sesame seeds and cook, stirring,
1-2 min, until toasted. Add sesame oil, and remaining 2 Tbsp garlic
sauce. Heat just until warmed through, about 2 min. Serve over
vegetables with meatballs.
Option: Garnish with cilantro and drizzle with additional garlic
sauce.
Recipe featured in Wegmans Menu Magazine
Nutrition Info: Each serving (1 cup vegetables, 4 meatballs) contains
410 calories, 42g carbohydrate (6g fiber), 29g protein, 14g fat (6g
saturated fat), 125mg cholesterol and 250mg sodium.
Back to the basement
Yesterday was my last day of employment at the Terrorism Research Center/TIS. As an original co-founder of TRC in 1996 and it's only active President and CEO, I was able to grow the company beyond any of the expectations we originally had. It has been a fun and tremendously rewarding experiencing that will serve as a foundation for everything else I accomplish in my professional career. I am greatly indebted to the remarkable team of folks I had the privilege of working with as we built the company. I've often noted that one of my greatest skills as an entrepreneur was my ability to attract and retain talented and passionate employees. Without them, TRC would never have emerged as one of top research, analysis, and training organizations in the world.
We built the company from the basement to Ballston and watched it grow. Early employees fondly remember my wife's incessant questioning about when that large and loud web server was going to be moved from our basement coffee table to a more suitable location and the financial audit that was conducted by our customer while my daughter Maddie crawled around the basement floor.
Most importantly, TRC was positioned and ready to serve during a time when our nation and customers needed us most. We continued to provide innovative products, programs, and analysis keeping true to our mission of helping the nation understand and combat the threat of terrorism and other global risks. Many of the programs will have a living legacy for many years to come. Programs like the Responder Knowledge Base, Terrorism Early Warning Group Expansion, Mirror Image training, T4 training, Pediatric Preparedness, and of course, the unparalleled wealth of knowledge that exists on www.terrorism.com. In context, more than half of those programs were conceived and started prior to September 11, which shows how far ahead of the curve we were thinking.
Now it is time for a new generation of TRC leadership to take the helm and deliver the next generation of products and services our customers require. While I won't be with them to help, my heart will always be there and I wish them great success.
As for me, its back to the basement to figure out what's next. If you've got something in mind, feel free give me a call. It is an exciting and apprehensive time, but one filled with endless opportunity.
Photo credit to Jessica Hagy. You really must visit her site.
Social media intel sources
I've got a blog post up on GroupIntel that discusses some of the sources that I was impressed with during the Mumbai attacks. Check it our here -> Social Media Intel Links
Definitely felt like a swing day
with regards to the significance of social media and web 2.0 for tracking a real-world crisis. As Mike Arrington correctly points out the most up-to-date and accurate information about today's terror attacks in India came from Twitter, Flickr, and other social media sites. Also for the first time today, the site www.homelandsecurity.com linked not to CNN or another major news site in their early coverage, but to Mahalo.com. Mahalo was tracking new information and posting it to a dedicated page about the attack and included Twitter and other unconventional sites in their sourcing.
A few weeks ago I spoke with my friend Bob Gourley about some ideas I had for Twitter Early Warning on major events (earthquakes, terrorist attacks, or even flu outbreaks). Twitter proved today that it has a legitimate role in the open source intelligence arena.
Classic quote
“I always say that in investing you want to buy stock in a company that has a business that’s so good that an idiot can run it, because sooner or later one will. We have a country like that.” - Warren Buffet
T-mobile redeems itself
I had a follow-on call from the President's office at T-mobile today. They sorted out a way to get us G1 phones to try on our business account. They are shipping them at a discounted rate, and sending a few extra sim cards (as I lost mine) for free. Representative was very professional and customer oriented once I was able to talk to him live (as opposed to the voicemail message I describe below).
Interestingly, the same rep that left me a VM with all the negatives of the G1 and tried to move us to purchase new Blackberries, explained to me today that he has the G1 and he loves it. Go figure. I guess he was just following the script before.
Regardless, well played T-mobile. Well played.