National Intelligence Bulletin For 21 September 2018

The National Intelligence Bulletin is a weekly look at national security, domestic systems disruption, the risk of failing critical infrastructure, and threats to social, political, economic, and financial stability in the United States. This report is available each week for Intelligence subscribers.


In this National Intelligence Bulletin… (2,524 words)

  • President Trump accuses China of, basically, political manipulation
  • US State Department staff email boxes hacked
  • Google caught again…
  • Ginsberg calls Kavanaugh Supreme Court Confirmation Process a “highly partisan show”
  • U.S. to slash refugee admissions to 30,000
  • DARPA wants to find bonnets before they attack
  • Homeland Security invests $11.6 million in countering Internet outages
  • DoD’s new cyber strategy emphasis ‘defend forward’ stance
  • Junk bond bubble redux?
  • How a cyber attack could cause the next financial crisis
  • Economic/Financial roll-up

Priority Intelligence Requirements

PIR1: What are the new significant indicators of systems disruption and threats to critical infrastructure?

PIR2: What are the new significant indicators of potentially disruptive social, cultural or political conditions or events?

PIR3: How are state and federal agencies preparing for domestic conflict, emergencies, or other instability?

PIR4: What are the new significant indicators of systems disruption and threats to the economic or financial industry?


PIR1: What are the new indicators of systems disruption and threats to critical infrastructure?

Major Trends

  • Nation-state and criminal hacking groups pose persistent threat to critical infrastructure
  • Natural disasters pose sporadic but enduring threat to critical infrastructure

President Trump accuses China of, basically, political manipulation

The president this week accused China of “actively trying to impact and change our election by attacking our farmers, ranchers and industrial workers because of their loyalty to me”. The tweet referenced China’s decision to, as the president claims, use tariffs to target industries and thereby voters in pro-Trump states. But that’s apparently not the full extent of China’s plans to target President Trump and the U.S. through political influence. Columnist Josh Rogin cites an unnamed Trump administration official who says, “We’ve seen a lot of preparatory work by the Chinese, and we understand what the realm of possibilities would be. Our position now is to make folks aware of the danger that exists. These Chinese activities are all about influencing our democratic processes.” Specifically, that source intimates that the Chinese might also target the U.S. via information warfare, a lot the Russian are. [source] (Analyst Comment: Just as the Department of Justice last year cracked down on Russian-owned media outlets operating in the U.S. (like Russia Today), two Chinese media outlets were ordered to register under the Foreign Agents Registration Act (FARA) this week. In previous reporting, we’ve mentioned the Confucius Institute, which trades cash for access to U.S universities, ostensibly as as cultural goodwill ambassador but in reality acts as a conduit for Chinese espionage and influence. The supreme challenge for the United States is how to keep its open and fairly free society when adversaries use that access to wage a parallel war against U.S. society, thereby effecting political change advantageous to their own foreign policy.)

U.S. State Department staff email boxes hacked

In a statement given to The Register, U.S. State Department officials confirmed that the personal information of the department’s staff had potentially been compromised following an unclassified staff email box hack. The State Department also confirmed that it has not “detected activity of concern in its unclassified email system” and that the hack is “affecting less than 1 per cent of employee inboxes.” A motive has not yet been given for the attack, however, the Department stated, “Like any large organization with a global presence, we know the Department is a constant target for cyber attacks.” [source]


PIR2: What are the new indicators of potentially disruptive social, cultural or political conditions or events?

Major Trends

  • Ongoing political instability due to the Russia collusion investigation
  • Simmering social grievances based on race, class, and political ideology
  • Sporadic political violence
  • Ongoing culture war featuring information operations and expanding to economic warfare

Google caught again…

The tech giant which, despite the nearly ubiquitous left-leaning politics of its executives and employees, doesn’t allow politics or ideology to interfere with its operations, has a new revelation this week. According to emails reviewed by the Wall Street Journal, Google employees brainstormed ways that they could “leverage” algorithms to push back on what they saw as “islamophobic” search queries on President Trump’s travel ban. [source] (Analyst Comment: Google released an official statement saying that these emails were “just a brainstorm of ideas” that were never implemented. Maybe that’s the case, but this is another data point in a long line of accusations that Google employees are — in this case — at least trying to use their positions to effect political and informational advantage in U.S. society.)

Ginsberg calls Kavanaugh Supreme Court confirmation process a “highly partisan show”

While speaking at the George Washington University Law School on 12 September, Supreme Court Justice Ruth Bader Ginsberg referred to the confirmation hearings of Supreme Court nominee Brett Kavanaugh a “highly partisan show.” When asked how her confirmation process compares to the modern process, Ginsberg stated, “The way it was, was right; the way it is, is wrong. The atmosphere in ’93 was truly bi-partisan. The vote on my confirmation was 96 to 3, even though I had spent about 10 years of my life litigating cases under the auspices of the ACLU.” [source]

U.S. to slash refugee admissions to 30,000 

The Trump Administration announced that it will be cutting down its cap on the annual amount of refugees accepted into the U.S. from 45,000 to 30,000. In a statement concerning the cuts, Secretary of State Mike Pompeo stated, “The improved refugee policy of this administration serves the national interest of the United States, and expands our ability to help those in need all around the world.” When discussing the threat that refugees pose to the U.S., Secretary Pompeo stated that leaders must be cautious when accepting refugees due to the potential of terror threats. “Already this year we have seen evidence that the system previously in place was defective…. It allowed a foreign national to slip through who was later discovered to be a member of ISIS, as well as other individuals with criminal backgrounds.” [source]


PIR3: How are state and federal agencies preparing for domestic conflict, emergencies, or other instability?

Major Trends

  • Large scale efforts to increase election security
  • Large scale efforts to increase national cyber security

DHS official highlights growth of cyber threats

During an event organized by the Professional Services Council, Matthew Travis, deputy under secretary for the National Protection and Programs Directorate (NPPD), stated that the Department of Homeland Security (DHS) is working to meet evolving primary threats to the country. One example of this, according to Travis, is the new National Risk Management Center (NRMC) that was announced by the DHS in July 2018. Travis also stated during the event that the NRMC is working to address vulnerabilities in US critical infrastructure posed by cyber threats, which have “eclipsed the threat of terrorism” since 9/11. Travis went into further detail about the DHS’ evolution, saying that the creation of the NRMC was spurred by the “recent trend of nation-states targeting critical infrastructure,” and that the NPPD is more focused on thieves and spies in cyberspace than hackers and vandals. [source]

DARPA wants to find bonnets before they attack 

The Defense Advanced Research Project Activity (DARPA) awarded cybersecurity firm Packet Forensics a $1.2 million contract to develop a system that will be able to seek out, identify, and terminate botnets. The security firm was awarded the contract by the Defense Advanced Research Projects Agency (DARPA), who hopes to construct a system that will “automatically pinpoint botnet-infected devices and disable their malware without their owners ever knowing.” According to a DARPA spokesperson, the agency is investing in an array of technological systems to better combat botnets. [source]

Homeland Security invests $11.6 million in countering Internet outages

To protect national critical infrastructure, the Department of Homeland Security’s Science and Technology Directorate has awarded $11.6 million to a number of organizations who are tasked with countering large-scale Internet outages. Organizations given grants by the DHS include the University of California at San Diego’s Center For Applied Internet Data Analysis and the San Antonio-based company SecureLogix. DHS Senior Official William N. Bryan said in a statement, “Successfully defending critical infrastructure systems requires providing owners and operators the capabilities to monitor, identify and defend against network/internet disruptive events…. These research and development efforts will significantly enhance our ability to spot and thwart attacks on the nation’s critical systems.” [source] [source]


DoD’s new cyber strategy emphasis ‘defend forward’ stance
The Department of Defense announced its new cyber strategy this week, which they claim will take a “more offensive stance” towards cybersecurity and “defend forward, shape the day-to-day competition, and prepare for war” in cyberspace. The DoD’s new strategy features five objectives, as well as five strategies they are implementing to achieve them:
DoD’s 5 Strategic Objectives:
  • Ensuring the Joint Force can achieve its missions in a contested cyberspace domain
  • Enhancing Joint Force military advantages through the integration of cyber capabilities into planning and operations
  • Deterring, preempting, or defeating malicious cyber activity targeting U.S. critical
    infrastructure that is likely to cause a significant cyber incident
  • Securing DoD information and systems, including on non-DoD-owned networks, against cyber espionage and malicious cyber activity
  • Expanding DoD cyber cooperation with allies, partners, and private sector entities

DoD’s 5 Strategic Approaches:

  • Build a more lethal force
  • Compete and deter in cyberspace
  • Expand alliances and partnerships
  • Reform the Department of Defense
  • Cultivate talent

A publicly available version of the DoD’s cyber strategy states, “Taken together, these mutually reinforcing activities will enable the Department to compete, deter, and win in the cyberspace domain.” [source] (Analyst Comment: In previous reporting, we’ve stressed the difference between the Trump and Obama administrations in their prioritization of cybsecurity. The Obama administration was plagued with well-documented feet-dragging on cyber issues, while then-candidate Trump campaigned on correcting the effects of those poor policies. This is the first update to the national cybersecurity strategy in 15 years, and it further represents a serious change in both tone and policy. In a speech promoting the strategy, national security advisor John Bolton said, “We will identify, counter, disrupt, degrade, and deter behavior in cyberspace that is destablilizing and contrary to national interests… we are going to do a lot of things offensively and I think our adversaries need to know that.” Last month, President Trump repealed Presidential Policy Directive 20, which limited the options available for cyber response. Like his military policy, President Trump is in pursuit of a ‘cyber peace through cyber strength’ policy, and we could see some cases of the U.S. Government ‘shooting back’ in order to make that point. I recall a cruise missile strike on a Syrian air base early in the Trump administration that defied red lines against Russia, for instance. According to Bolton, “The people who need to be worried about this are the people who have taken or are preparing to take hostile actions in cyberspace against us, whether it’s foreign states, terrorist organizations, criminal organizations or whatever it may be.”  Nation-states that could be affected include but are not limited to Iran, Russia, and China. Bolton added: “Our hands are not tied as they were in the Obama administration.” You can read the new Cyber Strategy in its entirety here.)


PIR4: What are the new indicators of systems disruption and threats to the economic or financial industry?

Major Trends

  •  Trade war with China poses risk to U.S. farmers and manufacturers, emerging markets
  • Unsustainable national debt to increase due to trillion dollar budget deficits in 2019+
  • High potential for an economic recession around 2019-2020 that causes significant financial disruption

Junk bond bubble redux?

New data published in an article at the Wall Street Journal begs the question: are we looking at another junk bond bubble? Post-recession corporate bonds have exploded, and no where is that more apparent than in BBB-rated bonds. BBB-rated bonds are still technically “investment grade” but are riskier than their superior quality bonds. BB- and B-rated bonds, on the other hand, are straight up “junk” and are sitting at or near highs since the 2008 recession. If we’re just two years away from an economic slowdown, could we be looking at a corporate debt bubble? [source]

How a cyber attack could cause the next financial crisis

Harvard Business Review published an article this week that assesses the threat cyberattacks pose to the financial system and concludes that the next financial crisis is more likely to be triggered by a cyberattack, than forced bankruptcy.The authors of the article, Paul Mee and Til Schuermann, state that a cyberattack could potentially cause “disruptions to financial services capabilities, especially payments systems, around the world.” Mee and Schuermann then back their claim, saying that, “Criminals have always sought ways to infiltrate financial technology systems” and that financial systems are vulnerable to “becoming collateral damage in a wider attack on critical national infrastructure.” The authors then theorize that such an attack on our economic infrastructure could “shake confidence in the global financial services system, causing banks, businesses and consumers to be stymied, confused or panicked.” [source]

 

Economic/Financial Roll-Up

U.S. stock futures were down this morning as investors fear that President Trump follows through with his recent comments about targeting China with tariffs on another $200 billion of goods. Chinese Vice Premier Liu He is expected to shore up plans to visit D.C. next week to meet with U.S. officials, but that trip will reportedly be cancelled if the president orders another round of tariffs. Meanwhile, top bankers from Goldman Sachs, Morgan Stanley, and Blackstone held discussions with Chinese officials yesterday. (Analyst Comment: U.S. bankers have historically pushed restraint against U.S. presidents not to rock the boat too much over Chinese trade and currency manipulation. Their bottom line is their bottom dollar, and disruption in U.S.-China relations threatens profits. One major trend we’ve seen is that there’s a powerful lobby interested in economic growth at any cost. That’s why we see influence towards mass immigration policies, which proponents say increases overall demand, and against the president’s strategy to disrupt the balance of rising Chinese power. Ultimately, these tariffs aren’t just about trade. They’re in place to modify China’s behavior in the region and are also meant to punish China for their continued theft of U.S. intellectual property, which is estimated at $200-300 billion being stolen each year. U.S. bankers in talks with Chinese officials are likely trying to calm their own waters and could be undermining the president’s strategy to gain concessions from the Chinese.) [17 Sep]

Yesterday, President Trump went ahead with additional tariffs on Chinese goods. China levied its own tariffs in response. On Monday, we reported that a group of Wall Street bankers were in Beijing for meetings with Chinese officials. The Chinese actually called that meeting as part of their strategy to enlist the help of powerful and influential U.S. financial executives to push back against the Trump tariffs. One additional note: Chinese holdings of U.S. Treasury bills dropped to a six-month low in July, according to the latest data available. That’s a trend that could continue as a Chinese response to its limited reach in imposing its own tariffs. [19 Sep]

Reports indicate that Goldman Sachs is now purchasing sovereign debt in hard-hit Turkey and Argentina and cutting their exposure to U.S. equities, marking a shift in strategy. That’s a good indicator that they see more upside abroad, and could expect U.S. markets to underperform or decline. It’s not just Goldman, though. Some JPMorgan Chase strategists are also suspicious of future U.S. growth as the upside effects of the Trump Bump and tax cuts slow down. Several other analysts have called a top in U.S. markets (though one analyst said the secular bull market had another 7-8 years left in it). I’ll keep an eye on who else is signalling a shift in growth expectations by moving money out of U.S. equities. [19 Sep]

According to new unemployment numbers, the jobless rate hit the lowest level since 1969 as the consumer comfort index hits the highest level since 2000 and both the Dow Jones and S&P 500 make new highs. [21 Sep]

In the past 10 years, student loan debt has more than doubled from $627 billion (2008) to $1.5 trillion (2018). [21 Sep]

These economic/financial briefs appear each morning in the Early Warning intelligence report. You can sign up for this email on your My Account page.

// END REPORT

S.C.

Leave a Reply

Your email address will not be published. Required fields are marked *

Name *