31 MAR 17 – Executive Intelligence Summary – Forward Observer Shop

31 MAR 17 – Executive Intelligence Summary


[wcm_nonmember]In this EXSUM… (3289 words)

  • 40 Percent of ICS, Critical Infrastructure Targeted by Cyberattacks
  • SECTREAS: One of the Top Threats to US Jobs Is “Not Even on Our Radar Screen”
  • Russia, China, & North Korea SITREPs
  • Defense in Brief
  • Political Violence Roll-Up
  • Jim Rogers comments on the Fed
  • Trump risks economic disruption in trade war with China
  • And more…


This content is for subscribers only. To continue reading, please log in or subscribe here. [/wcm_nonmember]

[wcm_restrict plan =”fo-osint”]

Bottom Line Up Front:  One thing we’ve learned over the past several years is that decision-makers at the highest levels of the U.S. Intelligence Community are more interested in conducing cyber offense than defense.  Reuters discovered this week that 90 percent of the federal cyber budget is used for offensive operations, and just 10 percent for defense.  I’m going to dive a bit deeper into this story for you…

Starting with the Snowden leaks in 2013, we learned (or had our suspicions confirmed) that NSA was really good at their jobs.  After 9/11, the US Intelligence Community began to prioritize gathering Signals Intelligence (SIGINT) from the Middle East.  Budgets expanded and intelligence organizations went on a hiring and buying spree.  This period of time coincided with the greatest era of technological advancement known to man.  And then all those personnel, tools, and lessons learned were unleashed at the globe at large, including against ourselves.

The US has engaged in various forms of SIGINT virtually since the birth of electronic communication.  But at some point after World War II, perhaps during the Cold War, the US became the global leader in SIGINT.  Yeah, lots of other nations have SIGINT programs, but only one has NSA.  Part of what makes us so good is that NSA, CIA, FBI and other organizations employed some of the world’s best cyber engineers, programmers, developers, and data scientists.  It also helped that the US had very robust academic research and development programs at some of the world’s top universities located in the US.  We had the world’s largest tech giants — Microsoft, Google, Apple, Facebook, Amazon, Verizon — and until several years ago had a very firm grasp over global finance.

In other words, the Intelligence Community had a lot of buttons to press.

But while former presidents Bush and Obama were focused on playing six degrees of separation with Angela Merkel, illegally spying on American citizens, and chasing the same terrorists that they helped create, foreign nations were pressing our buttons, too.  NSA director under the George H. W. Bush administration said in 2015 that, “The Chinese have penetrated every major corporation of any consequence in the United States and taken information.  We’ve never, ever not found Chinese malware.”  And there’s a long list of hacks associated with Chinese cyber espionage.

What really got my attention was when the Office of Personnel Management (OPM) very slowly and reluctantly reported that it lost very sensitive data about me and millions of other Americans who currently have or had security clearances.  Well, OPM didn’t just “lose” this information — it was taken from them by the Chinese, allegedly, in at least two attacks dating back to 2014 and 2015 (and perhaps 2012).  Once cybersecurity professionals stopped the first incident in 2014, Chinese hackers (allegedly) in 2015 were able to use a backdoor that they had set up in the previous attack.   What’s worse is that a year-long Congressional investigation called the hack “preventable,” because OPM had been warned numerous times since 2007 that their IT infrastructure was at risk of being exploited through poor security.  This theft of data was so massive that it could have been considered an act of war.  Regardless, it will have generational consequences.

Unfortunately, cyber espionage is a massive and growing threat to national security.

Former National Security Agency and U.S. Cyber Command chief Gen. Keith Alexander explained that foreign espionage directed at US commercial, industrial and economic targets has resulted in the “greatest transfer of wealth in history.”  (Second perhaps to the Federal Reserve and the international banking cartel.)  While the the US Government and American companies are spending hundreds of billions of dollars in technology research and development, why is it so relatively easy for the Chinese or other nation-state cyber teams (or cyber criminals) to steal that data for the cost of peanuts?

Well, we know part of that answer.  Recent NSA and CIA leaks show that US intelligence agencies are busy (and quite good at) identifying “bugs” in commercial and industrial software.  Instead of alerting companies to these “bugs” — or exploitable vulnerabilities — so they can be patched to protect US networks, NSA is using these same bugs for their own collection.  In other words, NSA wants to keep these exploits a secret, even at the risk of them being used by foreign intelligence against US companies and consumers.  What these leaks show us is that NSA is prioritizing its offensive operations over the defense of its own nation.

In 2014, then-president Obama made a policy decision that NSA would have to disclose any bugs it identifies so the vulnerabilities can be patched to protect national interests… unless those bugs can be used by NSA or law enforcement… which is why NSA is sitting on so many vulnerabilities, some of which have undoubtedly been used by foreign governments to hack US targets.

And now we find out that it’s not only a problem at NSA or CIA, but it’s endemic government-wide. Reuters reported that the federal government spends nine times as much on offensive operations and intelligence gathering than it does on defense.  It should be no wonder that the US government is getting bent over the barrel by foreign adversaries.  Virtually every week there’s news of another data leak or cyber exploitation — why is there not a larger effort to defense US national security in cyber space?  With as many critical failures as we’ve experienced over the past several years alone, why isn’t more being done to defend the nation?  But as problematic as this sounds, I and many others believe Americans are going to experience worse.

As far back as 2012, Gen. Keith Alexander was warning of the eventual implications when cyber exploitation moves from affecting just data to physical infrastructure.  “What we need to worry about is when these transition from disruptive to destructive attacks, which is going to happen…. We have to be ready for that,” Gen. Alexander said.  “The conflict is growing, the probably for crisis is mounting.  While we have the time, we should think about and enact those things that ensure our security in this area,” he said. “And do it now, before the crisis.”

Fast forward five years and we finally have a president who’s serious about cybersecurity.  One of the top three planks of President Trump’s agenda was increasing cybersecurity and fixing an inherently broken US cyber policy.  This week an official from the Trump administration said that they’re going to roll out a cyber “neighborhood watch” program as part of its cybersecurity agenda, in an effort to increase information sharing and decrease the attack surface provided to foreign and criminal hackers.  The official also said that DHS would be focusing on decreasing “systemic risk”, decreasing response times, and decreasing the amount of down time of critical infrastructure during by a cyber incident — whether that’s a virus or a sustained cyber attack.

Although I have high hopes that this administration will shore up loose ends in cybersecurity and work with the private sector to improve overall security, I do believe that we should temper our expectations.  One of those reasons is because security is a culture, and one challenge for the Trump administration is getting employees in both the private and public sector to take part in this security culture.  Another reason is because for years, the US Government has had staffing problems with being able to hire and retain cybersecurity professionals.  There’s currently an unfilled hiring gap in cybersecurity for the US Government  And retaining talent is another challenge, according to one DHS official:  “[W]hen we spend a couple years training forensic analysts, they’re very qualified, and they’re often spirited away by the private sector.”

My professional opinion is to continue to preparing for potential systems disruption.  That’s what I advise my readers to do, and the message I’ll continue to spread.


(ADMIN NOTE:  We finally have the new FO Members Area up and running.  Remember that it’s in beta right now, which means that we’re still testing some stuff, working out some kinks, and refining how it looks and feels.  In this article, I’ve included several links to reports in the Members Area.  Eventually we’ll move this EXSUM and all intelligence reporting over to this area of the website.  You can access it now by using your regular username and password at: https://members.shop.forwardobserver.com.  Once we’ve tested everything out and we’re ready to be live (o/a 14 APR), I’ll send out an email letting you know.  Feedback from the new site is requested.)


Priority Intelligence Requirements:

PIR1: What are the current indicators of systems disruption or instability that could lead to civil unrest or violence?

PIR2: What are the current indicators of an outbreak of global conflict?

PIR3: What are the current indicators of organized political violence?

PIR4: What are the current indicators of economic, financial, or monetary instability?

PIR1: What are the current indicators of systems disruption or instability that could lead to civil unrest or violence?

40 Percent of ICS, Critical Infrastructure Targeted by Cyberattacks

Cyberattacks against industrial control systems (ICS) and critical infrastructure remain problematic for the US.  Most of these attacks are aimed at intelligence gathering — schematics of networks, physical and cyber locations of infrastructure, and other data that can be used in an attack — and relatively few are targeted these systems for physical damage.  According to Kaspersky Labs, nearly 40 percent of ICS and critical infrastructure has come under cyberattack in the second half of 2016.  (SOURCE)


SECTREAS: One of the Top Threats to US Jobs Is “Not Even on Our Radar Screen”

US Treasury Secretary Steven Mnuchin said this week that machines replacing US jobs is not a near-term threat.  “I’m not worried at all” about robots replacing US jobs, Mnuchin said.  It’s “not even on our radar screen…[it’s] 50-100 more years away,” he continued. An Oxford University forecast reported that 47 percent of US jobs are at risk of being automated.  A PwC reported stated that 38 percent of US jobs were at ‘high risk’ of replacement by the 2030s.   (SOURCE)


PIR2: What are the current indicators of an outbreak of global conflict?

The prospects of global conflict continue to revolve four geopolitical actor: Russia, China, Iran, and North Korea. In the event of war with any of these nations, consider domestic systems disruption a distinct possibility.


 The Arctic continues to be a prominent piece of Russian president Vladimir Putin’s plans to reinvigorate the Russian Empire.  This week he ordered the Russian Defense Ministry and FSB (Russian Security Service) to ensure the protection of Russian interests in the Arctic. “The Defense Ministry, Federal Security Service and its border branch need to implement their plans aimed at protecting national interests from the point of view of bolstering the country’s defense capabilities and protecting our interests in the Arctic,” Putin said (i).  Putin ordered the military to expand its presence in the Arctic to challenge the US and Canada, and to potentially discover additional oil reserves.

Putin continued his warm remarks towards the US this week, saying, “Public opinion polls in the United States show that there are many friends of Russia in the USA. First of all, I want to say the following: we perceive and treat the United States as a great power, with which we want to develop very kind and partner relations” (ii).  But the US-Russia relationship is largely predicated on how Trump responds to NATO in Europe.  The Russians have made it clear that NATO’s military buildup, which is small compared to Russia’s military buildup, is a threat to Russian national security. Meanwhile, NATO countries — many of whom are comparatively tiny, like Estonia and Latvia — remain concerned about Russian intentions in the region.  In response, NATO nations are arming up and working together for the common defense of Europe against what they call Russian aggression.   A more likely way to view this scenario is that Putin has acted to deter NATO expansion towards Russia (in South Ossetia, Crimea, Donestk, and Lugansk) and now NATO is calling that ‘aggression’. During a recent NATO-Russian ambassador meeting, one Russian official reportedly urged NATO to abandon its policy of military dominance and containment of Russia (iii).


Read File:

i. Putin orders Defense Ministry, FSB to secure Arctic interests

ii.  Putin says Russia wants to build US relations

iii. Russian ambassador urges NATO to abandon military dominance



Focusing on bi-lateral trade, but with the ulterior motive of fostering cooperation against China, Taiwan’s president expressed her interest in working with the Philippines on South China Sea (SCS) issues (i).  But cooperation among Association of Southeast Asian Nations (ASEAN) members against China will be difficult because they all officially adhere to a One China policy, which states that both the People’s Republic of China and Taiwan (Republic of China) are the same nation.  Despite hinting to the opposite earlier in the year, last month President Trump confirmed that the US still supported the One China policy.

Next week President Trump meets with Chinese President Xi Jinping at Mar A Lago, FL (ii).  Last night, Trump warned in a tweet that the meeting “will be a very difficult one” due to the North Korea situation, the trade deficit, and other issues like the SCS.  Press Secretary Sean Spicer mentioned this week that, “He’s [Trump] spoken to him [President Xi] on the phone a few times, but we have big problems … everything from the South China Sea, to trade, to North Korea. There are big issues of national and economic security that need to get addressed.”  Spicer did not sound confident that the Trump administration would be able to achieve success in this meeting:  “[W]e will work on them [big issues].”


Read File:

i. Taiwan eyeing cooperation with Philippines on SCS

ii. China confirms details of meeting a Mar-a-Lago


North Korea SITREP:

After several critical remarks from SECSTATE Rex Tillerson on US policy failures regarding North Korea, SECDEF James Mattis weighed in this week, signaling that the Trump administration is serious about the threat.

“Right now, [North Korea] appears to be going in a very reckless manner … and that has got to be stopped,” Mattis said on Friday.  Mattis didn’t provide any details, however, he’s previously said that military options are ‘on the table’.  (Ref:  SECDEF Mattis: North Korea ‘Has Got to Be Stopped)

This comes after this week’s editorial from former CIA Director Woolsey and former CIA analyst Vincent Pry, who took the North Korean nuclear program to task in The Hill.  After positing two scenarios — one involving the delivery of a nuclear weapon via ocean freight pulling into a US harbor, and the other involving an aircraft taking off from Mexico and flying over the border — the editorial said that the US was vulnerable to those types of attacks.

“In this scenario, populous port cities like New York, New Orleans, Los Angeles, and San Francisco, or big cities nearest the Mexican border, like San Diego, Phoenix, Austin, and Santa Fe, would be most at risk.”

Both agreed in the editorial that US leaders were overlooking the nuclear threat posed by North Korea.  They reiterated their point of the past several years that potentially 9 in 10 Americans could die after an EMP strike on America.  (Ref:  Former CIA Officials: How North Korea Could Kill 90 Percent of Americans)


Defense in Brief:

China is scheduled to set up a military base several miles away from Camp Lemonnier in Djibouti, causing US Africa Command (AFRICOM) to have “very significant operational concerns”.  “It is a first for them — they’ve never had an overseas base — and we’ve never had a base of, let’s just say, a peer competitor as close as this one happens to be,” AFRICOM commander Gen. Waldhauser said. “So there’s a lot of learning going on and a lot of growing going on.” US Special Operations and other US Forces use Camp Lemonnier, which is a large cause for the concern.  “There are concerns, and we’re aware of those, and we’ve spoken to the [Djibouti] government about it. They know what our concerns are,” Gen. Waldhauser said.  The Chinese military base is expected to be completed this summer.

PIR3: What are the current indicators of organized political violence?

Political Violence Roll-Up:

CA: Violence erupts at Huntington Beach Trump rally

NE: Nine arrested in Omaha anti-Trump protests

PA: Philly Trump rally ends early over fear of violence

PA: Protestors disrupt speech at Villanova


Antifa Roll-Up:

AZ: Phoenix MAGA counterprotest report back (https://itsgoingdown.org/phoenix-az-maga-march-report-back/)

CA: Huntington Beach MAGA rally report back (https://www.indybay.org/newsitems/2017/03/27/18797740.php)

CO: Denver Antifa graffiti (https://itsgoingdown.org/denver-co-graffiti-solidarity-facing-repression/)

MI: Lansing Antifa disrupts MAGA rally (https://itsgoingdown.org/lansing-mi-antifascists-disrupt-trump-rally/)

NE: Omaha Antifa disrupts MAGA rally 9https://itsgoingdown.org/omaha-ne-disruptmaga-reportback-march-25th)

PA: Call to protest Mariner East 2 pipeline (https://itsgoingdown.org/call-action-camp-resist-mariner-east-2-pipeline-pennsylvania/)

TX: Houston Antifa disrupts MAGA rally (https://itsgoingdown.org/houston-tx-protesters-disruptmaga-march-25th/)

WI: Milwaukee Antifa shuts down MAGA rally (https://itsgoingdown.org/milwaukee-antifascists-completely-shut-maga-march/)

Events and resource for Week of Solidarity; 1-7 April (https://itsgoingdown.org/events-resources-week-solidarity-repression/)


Wake up, GOP: This could be Democrat Tea Party


Black Lives Matter Roll-Up:

CA: 200 show up for BLM co-founder speech at Sonoma State

IN: BLM speaks on Purdue panel

NY: NYPD officer reprimanded over BLM tweet

OR: BLM protests result in six arrests, reschedule of city council meeting

PA: BLM pressures Philly DA to resign

TN: BLM pressures Memphis area prosecutor to resign

VA: BLM activists furious at College of William & Mary President

Black Lives Blackout:  Has US mainstream media forgotten BLM?

BLM to join with ‘Fight for $15’ activists


PIR4: What are the current indicators of economic, financial, or monetary instability that lead to worsening economic conditions or civil unrest?

Jim Rogers comments on the Fed

Legendary American investor and market pundit Jim Rogers appeared on Bloomberg Markets this week and gave some comments on his outlook.  Echoing similar comments over the past years, Rogers was very critical of the Federal Reserve.  “The central bank in America have no clue what they’re doing. They’re going to ruin us all,” said Rogers, who lives in Singapore.  “They’ve driven interest rates to levels that have never been seen in history… Debt is skyrocketing, going through the roof. This is all going to end very, very, very badly.”


Trump risks economic disruption in trade war with China

On Thursday night, President Trump took to Twitter, warning that his upcoming meeting with the Chinese president “will be a very difficult one”.  Trump wrote: “We can no longer have massive trade deficits and job losses.  American companies must be prepared to look at other alternatives.”  That’s an ominous warning if it accurately reflects the position he’s prepared to take.  I believe that Trump is posturing ahead of his meeting with President Xi; however, we must be prepared for the consequences of a failed talk.  President Trump is no stranger to hostile negotiations, and while I remain hopeful that he makes headway in the ongoing dispute with China, I’m also realistic in my expectations that the meeting could turn south.

On a similar note, the US Commerce Department issued a statement urging China to alter its trade practices, which is a message that will anger the Chinese.  “China and others need to realize the games are over – continuing their unfair trade practices and operation as a non-market economy will have serious consequences,” the statement said.

In all, the effects of next Thursday and Friday (6-7 April) would have large consequences for the future of the US-China relationship, and also for the US economy; especially if American companies are forced to “look at other alternatives.”


Mike Shelby is a former military intelligence NCO and contract intelligence analyst. He spent three years in Iraq and Afghanistan and is now the intelligence and warfare researcher at Forward Observer.

1 Comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Name *