13 JAN 17 – Executive Intelligence Summary – Forward Observer Shop

13 JAN 17 – Executive Intelligence Summary


[wcm_nonmember]In this EXSUM… (3625 words)

  • DHS designates election systems as critical infrastructure
  • Former CIA director’s advice on grid vulnerability
  • Russia & China SITREPs
  • “Paradox of Progress”: ODNI releases global trends report
  • How volatile will the Inauguration Day protests be?
  • Economists and business owners at odds over economy
  • And more…


This content is for subscribers only. To continue reading, please log in or subscribe here. [/wcm_nonmember]

[wcm_restrict plan =”fo-osint”]

ADMIN NOTE:  Next Friday, 20 January 2017, is Inauguration Day.  There are solid indications of wide scale protests, including several large cities across the nation.  My main focus next week will be running another battle tracking operation, just like I did for the Ferguson riots and the GOP Convention.  This will be a LIVE event from Austin, TX, so if you’d like to join us, please do.  We’ll be doing the Intelligence Preparation of the Battlefield/Community phase to prepare starting on Monday, and then we’ll officially kick off on Thursday, running shifts 24 hours a day until the end of the protests/riots.  I’m booking a hotel conference room for our work space and you’re more than welcome to join us.   There will be no EXSUM on Friday, 20 January 2017.  Instead, what I’ll be producing for subscribers is a series of videos and articles documenting how we’re battle tracking the event, along with publishing the intelligence reporting we produce.  I’ll also do live video chats and Q&A sessions for anyone interested in participating.

If you would like to run your own battle tracking operation to track Seattle, Chicago, Los Angeles, San Francisco, or any other city near you, then I’ll be holding a webinar to lead you through the steps.  This is an excellent opportunity to put theory into practice as we gather information, plot it on a map, and create our own local intelligence summaries.  This is practice for a much larger event, so I hope that you’ll take an interest in this process.  For more information, I recommend listening to FO Podcast Episodes 009 and 044.


Bottom Line Up Front:  The Obama administration has really struggled with challenges posed by foreign intelligence services, which badly bruised US counterintelligence in a string of information heists.  Nearly a year ago, former Congressman Mike Rogers (R-MI), then-chair of the House Intelligence Committee, claimed that there were more foreign intelligence operatives in America than ever before.  “And they’re stealing everything. If it’s not bolted down, it’s gone,” he said.

As if the Snowden leaks (2013) weren’t bad enough, the Office of Personnel Management (OPM) breach, first reported in June 2015, was particularly destructive.  Chinese intelligence services gained access to sensitive information about 21.5 million Americans who work in various organizations in the US Government.  Included in that breach were an unknown number of SF-86 forms, which are used by the Department of Defense in background checks for granting security clearances, including Top Secret/SCI.  In fact, the SF-86 for my TS/SCI clearance is now owned by the Chinese.

Throughout 2016, I reported on Russian espionage activities, both physical and online, directed towards the US and NATO.  Even before the election season, it was apparent that we were engaged in a war of espionage reminiscent of the Cold War, but that’s old news.   The direction I want to focus on now is forward: the Obama administration didn’t have a policy to deal with extreme cases of espionage, other than to warn countries to ‘cut it out‘.  In fact, this administration was caught flat-footed by the Chinese breach of OPM data, and then again by numerous cases of high-level espionage by the Russians, excluding any of the election-focused email leaks.

To reiterate, my personal opinion is that it’s possible that Russian Intelligence Services (referred to as RIS) facilitated at least one of the email leaks.  That’s based on my previous knowledge of Russian political warfare and information operations directed at the West, and not on any solid evidence.  Frankly, I don’t think it’s prudent to say that Russia played no role.  A lack of evidence does not necessarily indicate a lack of participation, and it’s difficult for me to come to the conclusion that RIS are wholly innocent in this matter.  For instance, many point to the fact that Wikileaks founder Julian Assange said that the Russians weren’t the source of the leaked emails.  Yet we know that RIS run proxies and ‘cut outs’ specifically for the purposes of masking their involvement in intelligence operations. On Sunday, Reince Preibus, Chief of Staff to Donald Trump, said on FoxNews that Trump is “not denying that entities in Russia were behind this particular hacking campaign.”  So we have confirmation that RIS were at least already involved in a hacking campaign, even if they didn’t leak the emails (which Putin referred to as “a public service”.)

Here’s a portion of the Trump statement on Russian hacking:

While Russia, China, other countries, outside groups and people are consistently trying to break through the cyber infrastructure of our governmental institutions, businesses and organizations including the Democrat National Committee, there was absolutely no effect on the outcome of the election including the fact that there was no tampering whatsoever with voting machines. There were attempts to hack the Republican National Committee, but the RNC had strong hacking defenses and the hackers were unsuccessful.

Whether it is our government, organizations, associations or businesses we need to aggressively combat and stop cyberattacks. I will appoint a team to give me a plan within 90 days of taking office.

The sanctions imposed by the Obama administration late last month against the Russians were a day late and a dollar short, but they illustrate that Russia has the upper-hand.  The expulsion of 35 Russian intelligence officers, who operated under diplomatic cover in the US, will probably set back Russian espionage in terms of access to human intelligence.  The Trump administration is not only asking for a plan to stop state-sponsored cyber attacks against the US, but they’re also going to change how the US Intelligence Community does business.

It’s no secret that the higher intelligence goes, the more it’s likely to be politicized to aid the implementation of desired foreign policy.  Those kinds of foreign policy decisions can be based on reality or on ideology, so the intelligence that supports decision makers is a critical asset or vulnerability.  Trump has repeatedly made it clear that his administration will take steps to fix US intelligence.  Specifically, he’s going to shrink the Office of the Director of National Intelligence (O/DNI), which will reduce the DNI’s influence on the Executive, and is looking at restructuring CIA, presumably aimed at purging political partisans.  The Trump plan also calls for an increase in foreign intelligence collection.

The greatest reason why I left the Intelligence Community is not because I was burnt out (which I was after my last tour of 18 months in Afghanistan), but because of the policies put into place by the Obama administration and how intelligence was being used and manipulated to support poor foreign policy decisions.  For eight years, the Obama administration slowly purged the highest ranks of the US military and Intelligence Community.  The higher your rank in the military, the more political your promotion becomes, and so I think there’s a risk of dysfunction and partisan activity when Trump takes office.  I think we’re likely to see backlash and accusations of partisan politics once high ranking officials are relieved of their posts, and so this certainly includes risks to national security.  The greatest risk, though, is that the Intelligence Community becomes more dysfunctional than it has already become.


Priority Intelligence Requirements:

PIR1: What are the current indicators of systems disruption that could lead to civil unrest?

PIR2: What are the current indicators of an outbreak of global conflict?

PIR3: What are the current indicators of military, government, political, or social-related instability or violence that leads to domestic unrest or conflict?

PIR4: What are the current indicators of economic, financial, or monetary instability that lead to worsening economic conditions or civil unrest?

PIR1: What are the current indicators of systems disruption that could lead to a civil unrest or domestic emergency?

DHS designates election systems as critical infrastructure

Late last week, DHS Sectretary Jeh Johnson announced the designation of election systems as critical infrastructure, a move which many hope will prevent systems disruption in the future.  In a statement, Secretary Johnson said, “Election infrastructure is vital to our national interests, and cyber attacks on this country are becoming more sophisticated, and bad cyber actors — ranging from nation states, cyber criminals and hacktivists — are becoming more sophisticated and dangerous.”  But not everyone is happy about the federal decision.  Secretaries of State from multiple states have voiced opposition.

  • NH: “I’m a strong advocate to keep the Federal government out of the election. I don’t like the idea that some Federal agency could cancel the presidential election.”  – Secretary of State William Gardner
  • GA: “I am completely opposed to this blatant overreach and will continue to fight to keep election systems under the control of state government where it belongs.” –  Secretary of State Brian Kemp
  • AL: The DHS designation over state election systems is “such blatant irreverence for Federal law.” – Secretary of State John Merrill

The National Association for Secretaries of State (NASS) convenes a meeting on 17 February where they will learn more about the DHS designation and how it will affect state election systems.  In a press release on Monday, NASS stated that, “State and local autonomy over elections is our greatest asset against malicious cyberattacks and manipulation.  Our decentralized, low [internet] connectivity electoral process is inherently designed to withstand such threats.”


Former CIA director’s advice on grid vulnerability

Former CIA Director and Trump supporter James Woolsey recently said that, “The hard thing, I think, is going to be… making the kind of changes that are hard for bureaucracies to accept,” he said speaking about making improvements to cybersecurity and strengthening the power grid. “Like the electricity companies. It’s going to be hard to get them to harden the grid. They don’t want anybody telling them about anything. There’s really a huge need to improve the resilience of our infrastructure. We have a very vulnerable infrastructure.”


LA community college pays $28,000 to unlock systems from ransonware

Continuing the trend of ransomware attacks against schools and hospitals — which depend on computer systems to manage heavy amounts of critical data — the Los Angeles Community College District (LACCD) paid a $28,000 ransom to unlock the network, email, and voicemail systems of an area community college.  The LACCD carried an insurance policy against ransomware attacks, so they will be reimbursed.  The latest FBI numbers show that ransomware payments totaled $209 million for the first quarter of 2016, which is up from $25 million for all of 2015.


This section includes no content from the Daily Open Source Infrastructure Report published by DHS.  We read each daily report for significant threats and vulnerabilities to critical infrastructure, and include those events in this EXSUM.  Please use this reporting section to form a baseline for the type and frequency of threats to critical infrastructure, and then make a determination of how future events could affect you.

PIR2: What are the current indicators of an outbreak of global conflict?

The prospects of global conflict continue to revolve around the usual players: Russia, China, and the Middle East. The ways in which global conflict could cause or contribute to a SHTF scenario in America are myriad and they largely depend on which conflict is initiated. We’re certainly at risk of cyber attack in the event of conflict in any of the three regions. Systems disruption, like the price and availability of fuel, is also a top concern that could cause a SHTF event.


As I write this, additional US forces are en route to their rotational destinations across Europe.  The 3rd Armored Brigade Combat Team (of the 4th Infantry Division) will be deployed to bases in Poland and Romania, while additional units from NATO member states are sent to Latvia, Estonia, and Lithuania.  This follows confirmation that US special operations forces were in the Baltics, as well.  While NATO and European leaders view these Baltic deployments as deterrence against a Russian invasion, Russian leaders are on record stating that the deployments represent a threat to Russian sovereignty and could be used for a preemptive invasion of Russia.  The spokeswoman for Russia’s Ministry of Foreign Affairs was recently quoted as saying, “We view these actions as another example of provocative military activity close to Russia’s borders in the framework of a notorious line towards containing Russia.”  She accused the Obama administration of complicating matters ahead of Trump’s inauguration, and continued that, “We will be forced to further take into consideration in our defense planning the US military preparations aimed against Russia, including in the Baltic states.”

Meanwhile in Senate confirmation hearings this week, nominee for Secretary of State Rex Tillerson said, “Russia today poses a danger, but it is not unpredictable in advancing its own interests.  We need an open and frank dialogue with Russia regarding its ambitions, so that we know how to chart our own course.”  And in another confirmation hearing, retired General James Mattis, nominee for Defense Secretary, answered that he believes the US should have a permanent military presence in the Baltic region, although he did not say what that might include.

During the campaign, Trump gave us ample reason to believe that he might reverse course on current US policy on Russia, however, it appears that easing on Russia won’t be easy.  I expect the Trump administration to work with Putin on issues like terrorism, but Europe (especially the Baltics) should remain a highly contested topic.



In remarks during his confirmation hearing this week, Rex Tillerson said, “We’re going to have to send China a clear signal that, first, the island-building stops.  And second, your access to those islands also is not going to be allowed.”

This is a serious amount of escalation to have been laid out in a matter of seconds.  And it brings to mind the real possibility not only of eventual conflict, but of a potential crisis early in Trump’s administration.  Many have predicted that China would test Trump early on (just like they tested Obama and Bush), and I think this changes China’s calculus on the matter for the worse.  The Obama administration policy has been that China is wrong for building islands and deploying both dual-use and military equipment to its neighbors’ territories, but Obama (and the UN) has lacked any desire to enforce international law.

Tillerson’s hard line approach is probably based in part on the assessment that China, either eventually or soon, will turn the South China Sea into a network of hard-target military outposts to challenge US presence in the region and hamper the economic trade of US-allied nations in the South Pacific.  But it’s also probably based on Tillerson’s time and experience in that region as CEO of Exxon Mobil, especially in and around Vietnam.

Tillerson also said that “The failure of a response [by the Obama administration] has allowed them just to keep pushing the envelope on this.”  His prognosis: “The way we’ve got to deal with this is we’ve got to show back up in the region with our traditional allies in Southeast Asia.”  And on that topic, the Times of India reported this week that the Indian government would go ahead with sales of a missile defense system to Vietnam, and the US lifted an arms embargo against the small nation last year.  I’ve reported several times on US-allies in the region — dubbed “global NATO” — increasing their military spending to combat what’s seen as an aggressive China.  If Tillerson’s comments reflect the policy of the Trump administration, then we’re likely going to see additional efforts to arm and prepare US-allied Pacific nations.


“Paradox of Progress”: ODNI releases global trends report

“For better and worse, the emerging global landscape is drawing to a close an era of American dominance following the Cold War. So, too, perhaps is the rules-based international order that emerged after World War II.”  That’s a statement from the latest Global Trends report, a publication written by a group of intelligence analysts from the Office of the Director of National Intelligence.  Along with the decline of the US and increased tensions among competing, near-peer militaries like Russia and China, the Global Trends also described worsening conditions for the West:

While decades of global integration and advancing technology enriched the richest and lifted that billion out of poverty, mostly in Asia, it also hollowed out Western middle classes and stoked pushback against globalization. Migrant flows are greater now than in the past 70 years, raising the specter of drained welfare coffers and increased competition for jobs, and reinforcing nativist, anti-elite impulses. Slow growth plus technology-induced disruptions in job markets will threaten poverty reduction and drive tensions within countries in the years to come, fueling the very nationalism that contributes to tensions between countries.

The report’s North American section also states the case that the next US recession will hit hard in Central American countries, where remittances from the US make up significant parts of some national economies.  (Remittances, via Western Union for instance, from the US make up ten to twenty percent of Gross Domestic Product for countries like Guatemala, El Salvador, Honduras, and Nicaragua.)  I highly recommend that you spend some time reading the North American section of the report, as well as “The Future Summarized” section, because it makes clear that the US Intelligence Community is expecting more challenging times ahead.


US Navy boat fires warning shots against Iranian fast attack craft

The USS Mahan (DDG-72) fired three warning shots at four Iranian fast attack craft as it was transiting into the Persian Gulf on Sunday.  The attack boats traveled at a high rate of speed and came within 900 yards of the USS Mahan, despite radio warnings and a siren.  These sort of maneuvers are not uncommon in this region, and they serve two purposes. The first is to identify the US Navy’s standard operating procedures when confronted with potential threats; this information is compiled and could be used to exploit potential vulnerabilities during an attack.  The second is to harass US Navy boats and attempt to contest US freedom of movement in international waters along the Iranian coast.  These kinds of antics we’ve seen in the past do not carry a high potential to start a conflict.


US Navy publishes surface force strategy

In an EXSUM from last month (09 DEC 16), I wrote that the US Navy would unveil an addendum this week to compliment Distributed Lethality.  In preparation for this week’s Navy summit, Surface Force Strategy: Return to Sea Control (DOWNLOAD) was published, and further clarifies the Navy’s Distributed Lethality strategy.  There’s nothing ground breaking in this report, but I thought that I’d pass it along.


Army’s RCO targeting electronic warfare capabilities

An official from the US Army’s Rapid Capabilities Office recently said that his organization was looking at speeding up the delivery and fielding of electronic warfare (EW) equipment to Europe.  Specifically, the RCO is looking at equipment “in the pipeline that can either be repurposed, accelerated, or prioritized to fielding in Europe, and how can we do operational assessments on that from now until the next two years.” (Emphasis mine.)

This is significant because numerous reports have indicated that the US Army is behind Russia in EW capabilities.  And since EW will target the radio frequency spectrum and communications, US Forces will be operating at a significant disadvantage if they can’t compete.  The goal of the RCO is to provide the Army “the ability to maneuver in an electronic warfare-contested domain, so they’ll be able to do the things they need to be able to do, and close a strategic gap and create the overmatch we need against any potential adversary that would challenge us in that domain.” (Emphasis mine.)


PIR3: What are the indicators of military, government, political, or social-related instability or violence that could lead to domestic unrest or conflict?

How volatile will the Inauguration Day protests be?

According to some estimates, Inauguration Day could have as many as 750,000 show up in protest against the incoming Trump administration.  And aiding the FBI and Secret Service in securing Washington DC will be some 7,500 National Guardsmen and 3,000 law enforcement officers from around the nation.  A protest group calling themselves DisruptJ20 having been claiming for weeks that they intend on disrupting the event.  “We’re planning a series of massive, direct actions that will shut down the inauguration ceremonies and any related celebrations.  We’re also planning to paralyze the city,” according to the group.

As we get ready to stand up the ACE for this event, I’ll be calling for volunteers.  If you’d like to participate or just virtually hang out and learn how this process works, you’re more than welcome to join us.  I’ll be sending out an email no later than Thursday, 19 January, with instructions for observers.  If you’d like to actively participate in Austin, send me an email and I’ll get everyone ‘read on’ to the project by Wednesday.


PIR4: What are the current indicators of economic, financial, or monetary instability that lead to worsening economic conditions or civil unrest?

Economists and business owners at odds over economy

Despite most economists being pessimistic about Trump’s plan for the US economy, the National Federation of Independent Businesses described their December survey results as “stratospheric” in the number of business owners optimistic about the US economy.  For the eight years Obama will have been in office, the economy grew at just 2.1 percent per year, which is low.  One thing to keep in mind is that statistically, 2017 should be a recession year, but middle America’s welcomed and optimistic outlook on Trumpnomics might delay that.



Mike Shelby is a former military intelligence NCO and contract intelligence analyst. He spent three years in Iraq and Afghanistan and is now the intelligence and warfare researcher at Forward Observer.

1 Comment

  1. I thought this was going to be some kind of paranoid, conspiracy theory, type of site. It turned to be very well thought out, and clearly explained, useful information. Thanks.

Leave a Reply

Your email address will not be published. Required fields are marked *

Name *