October 31, 2003
Volume 1, Number 6

New Intelligence Alliances Not So Secret

By Robert Green

You know it’s not your grandfather’s federal government when the conference speaker tells his audience, “It’s only been the last two years now that I’ve been able to tell people where I work.”

Or, another conference speaker happily hands out his email address with the caveat, “This isn’t my real name but…”

Such was part of the fare at last week’s Federal Information Assurance Conference in College Park, Md., a gathering of U.S. intelligence and computer experts who are beginning to actively broach the brave new world of homeland security and “information sharing” that followed the September 11, 2001, terror attacks on the U.S.

Sharing Is An Achievment  

The atmosphere in which sharing is heralded as an achievement rather than punished as a security violation has been slow coming but might be finally arriving, if the “Alliance for a More Secure Nation” conference is any indication. The conference was put on by the Federal Business Council.

Officials from the CIA, Defense Intelligence Agency (DIA), National Security Agency and a new federal cyber security shop in the Homeland Security department were among those who gave attendees “snapshot” views of how intelligence is being gathered and shared by the government in response to the terrorist threat.

“Intelligence that is not actionable is just useless information,” said “Anthony Bargar,” a DIA officer who has probably never cashed a check under that name.

DIA Actively Soliciting The Private Sector 

DIA is not only talking out loud more often but is actively soliciting the private sector for ways to better enhance its Joint Worldwide Intelligence Communications System by using easier-to-employ commercial products rather than “government-only” systems,” the DIA speaker said.

The JWICS is one of those vital, behind-the-scenes networks that makes it possible for a special operations soldier on a hillside in the remotes of Afghanistan to pinpoint a target for a navy destroyer carrying cruise missiles hundreds of miles away.

Bargar said DIA is pursuing better defense of JWICS itself from outside hackers and disgruntled (or compromised) insiders at the secret agency. Systems like JWICS are increasingly likely to support the new homeland-centric U.S. Northern Command military effort, which has already begun to work with civilian law enforcement and intelligence agencies in the post-9/11 restructuring of government, several speakers said.

In bureaucratic Washington, money often talks loudest and Daniel G. Wolf, information assurance director at NSA, noted during a keynote address that budgets are beginning to shift away from “confidentiality” and more toward information “availability.”

Wolf said the old days of “need to know” will give way to a new era of “need to share,” as civilian flavors of defense-type systems are extended to cops, emergency responders, and federal law enforcement agencies.

Officials from two controversial new intelligence operations also offered peeks at what goes on at the Terrorist Threat Information Center (TTIC) and the National Cyber Security Division (NCSD)

The TTIC has been a source of concern in Congress, where some fear the CIA will maintain a stranglehold on an information analysis center also staffed by the FBI, DHS and others.

But longtime CIA agent Joseph Augustyn said the sharing process is already institutionalized and came into play as TTIC agents examined events such as the SARS epidemic and the Aug. 14 northeast power blackout for possible terrorist ramifications. Augustyn said the CIA, FBI, DHS and many other agencies including state and local departments “are working together in a way I never thought we would.”

We Have To
 

There’s no mystery to the current spirit of cooperation, the former chief of staff of the CIA’s operations directorate said. “We have to.”

Augustyn is senior advisor to the TTIC director and a 27-year veteran of the agency. “I’m a CIA officer who now talks routinely to the Department of Health and Human Services. Two years ago, I didn’t know who they were. I also talk routinely to the Postal Service, the Department of Agriculture, and the Nuclear Regulatory Agency, among others.”

The new lines of communication running from foreign intelligence to domestic interests were opened by the USA Patriot Act, he noted. It was the broader availability of information on suspected terrorists and plots that last year resulted in a Customs agent first identifying alleged radiological bomb trainee Jose Padilla’s effort to re-enter the U.S., officials at DHS have noted.

Augustyn said the TTIC was able to rule out any terrorist connection in the northeast electrical failure “in a matter of minutes” in part because so many different sources of information are within quick reach of the center, based in Reston, Va.

The power blackout and several recent computer attacks such as MSBlaster and So.Big gave the new NCSD’s cyber response team a chance to put fledgling processes into play also, said Lawrence Hale, acting director of US CERT. Hale said the Computer Emergency Response Team now works “closely with vendors, the academic community, the trade associations, and government agencies.”

As worms and viruses hit the Internet, the CERT team assembles information and then teleconferences with as many as 22 trade associations across the privately owned “critical infrastructure” U.S. sector, as well as all major agencies, Hale explained.

During the summer Blaster attacks, “we got good information in, we processed it, and came up with actionable information to give out to people,” he said. The CERT also did a hurry-up inspection across the Internet in August when the northeast power grid failed, looking for any “spikes” that might indicate a cyber attack caused it. Hale said there was no evidence of any linkage between the blackout and hackers.

Robert Green is senior editor for the Public Sector Institute, which monitors technology innovation issues in Washington. He can be reached at RobertGreen@PubSector.net.