National Intelligence Bulletin For 26 October 2018

The National Intelligence Bulletin is a weekly look at national security, domestic systems disruption, the risk of failing critical infrastructure, and threats to social, political, economic, and financial stability in the United States. This report is available each week for Intelligence subscribers.


In this National Intelligence Bulletin

  • InFocus: FBI arrests the #MAGABomber
  • USBP helpless to stop drones at U.S. border
  • Are we prepared to handle cyberwar threats?
  • Drone makers swallow up sensitive data
  • 800 active-duty troops to be sent to Mexican border
  • Tim Cook warns of “Data Industrial Complex”
  • Rural Americans worried about addiction, jobs
  • DHS preps extra cyber support for states with close midterm races
  • Will the upcoming cyber agency change anything?
  • DOD invests $34M in Hack the Pentagon expansion
  • Senate Committee holds hearing on “Blackstart”
  • And more…

 

InFocus: This morning, authorities arrested a Florida man accused of building and sending ‘mail bombs’ to prominent Democrat politicians and party supporters. The man, Cesar Sayoc, has a long history of trouble including previous felony charges, home foreclosure, and bankruptcy. One of Sayoc’s previous attorneys described him as, a times, ‘not always in his right mind’. A former employer told reports, “He really couldn’t find his niche in life, and I guess he found it now.” The FBI still hasn’t released data on whether all or how many of the devices actually contained explosives.

DNA evidence on one of the devices led to Sayoc’s identification, and authorities then raided an AutoZone where Sayoc was quickly located using his cell phone’s location. Sayoc’s van in the parking lot is plastered in pro-Trump stickers, along with photos of Michael Moore, Hillary Clinton, and others with superimposed reticles putting them in the crosshairs.

Yesterday’s top-trending hashtag on Twitter was #MAGAbomber — an oblique reference to the Unabomber — and entrenched Leftists are using this as another case of right wing extremism as they try to flip the narrative of Leftist political violence that’s marked the past several years.

The best-case scenario going forward is that this is a wake up call for political violence in the country. Perhaps a more likely scenario is that this event continues to be politicized to cause further harm to the political divide, instead of being a cautionary warning of where our society is headed.

But who remembers when the North Carolina GOP office was fire bombed? Who remembers when threatening letters and white powder were sent to Donald Trump, Jr. and his then-wife, among others? We all remember but many have forgotten that Rep. Steve Scalise (R-LA) was nearly assassinated just over a year ago by a clearly deranged Bernie Sanders supporter. These kinds of events are routinely forgotten, which is why I believe they’re likely to continue once Cesar Sayoc’s 15 minutes of infamy fades.


Priority Intelligence Requirements

PIR1: What are the new significant indicators of systems disruption and threats to critical infrastructure?

PIR2: What are the new significant indicators of potentially disruptive social, cultural or political conditions or events?

PIR3: How are state and federal agencies preparing for domestic conflict, emergencies, or other instability?

PIR4: What are the new significant indicators of systems disruption and threats to the economic or financial industry?


PIR1: What are the new indicators of systems disruption and threats to critical infrastructure?

Major Trends

    • Nation-state and criminal hacking groups pose persistent threat to critical infrastructure
    • Natural disasters pose sporadic but enduring threat to critical infrastructure

USBP helpless to stop drones at U.S. border

The Department of Homeland Security and the FBI have identified drones as one of the greatest national security threats. This technology is already used by transnational criminal syndicates and drug cartels and is readily available to terrorist groups. Drones are being used regularly on the border between the U.S. and Mexico to observe Border Patrol agents’ activities and to transport drugs across the border. The drones are nearly impossible to take down with conventional weapons like firearms partially because of safety concerns and the speeds and altitudes at which the drones are operated. Drones are also often used in the cover of darkness. Although unconventional counter-drone devices have been developed that rely on use of telecommunications networks to take down or otherwise disable the drones, current law forbids the use of these devices. “In recent conversations, lawmakers of both parties have said that it’s because it’s a powerful lobbying group — the telecommunications industry — that it would take another terrible act of 9/11 with a drone to force Congress to make the changes right away,” said Andy Morabe, the director of business development for IXI Technology, a company that has the Drone Killer device in the counter drone marketplace. [source]

 

Are we prepared to handle cyberwar threats?

Connecticut’s chief cybersecurity risk officer Arthur H. House, recently published an article on The Post and Courier in which he writes that the U.S. may not be “prepared to handle cyberwar threats.” In the article, House claims that due to our “collective vulnerability,” we must put further emphasis on developing the U.S. into “an exemplar of defense.” House writes that the U.S. is more than capable of defending itself by land, air and sea, however, “foreign nations and sophisticated nonstate actors could devastate — some even say prevail over — the United States by hitting us where we are weakest.” To back his claims, House quotes the assistant secretary for cybersecurity, energy security and emergency response at the Department of Energy, Karen Evans, who testified on 27 September, 2018 that U.S. energy infrastructure has become “a primary target for hostile cyber-actors.” Evans further warned during her testimony that, “Energy cybersecurity and resilience has emerged as one of the nation’s most important security challenges” and stated that she is “not confident our utilities are prepared to withstand such attacks, particularly from potent actors such as Russia and North Korea.” [source]

 

Drone makers swallow up sensitive data

According to officials from the Department of Homeland Security (DHS) and the Federal Aviation Administration (FAA), drones are a threat to critical infrastructure due to terms of service agreements granting drone manufacturers access to data collected by drones in the field.
“More than a million unmanned aircraft systems (UAS) have taken to the sky in the U.S. in recent years, with many flown by first responders and companies inspecting bridges, railways, and utilities. Some of the manufacturers’ terms of service give them access to video and data collected by drones, posing a privacy and security risk for users that would otherwise lock down access to that data.”
In an e-mail an FAA spokesperson told Bloomberg Government, “The U.S. government, which also uses commercial [unmanned aerial systems], is also closely examining these issues and engaging with other government and industry partners on best practices for data protection.” Chinese drone manufacturer DJI Technology Company, which produces around 70% of non-hobbyist drones, has stated that it “does not access user data without permission.” [source]

 

800 active-duty troops to be sent to Mexican border

In preparation for the caravan of thousands of Central American migrants, Defense Secretary Jim Mattis is sending 800 troops to “bolster the roughly 2,100 National Guardsmen who have already been positioned at the U.S.-Mexico border.” According to The Military Times, the 800 troops being sent to the border are not National Guard forces, but active-duty troops; and will be “providing administrative duties, not law enforcement.” In an email to The Military Times, the spokesman for the Office of the Secretary of Defense, Navy Captain Bill Speaks, stated that the Department of Defense is:

“Committed to continuing its support to ensure the safety and security of CBP personnel involved in border security operations, increase the effectiveness of those operations, as well as support DHS efforts to stem the tide of illegal entry into the United States.” [source]


PIR2: What are the new indicators of potentially disruptive social, cultural or political conditions or events?

Major Trends

  • Ongoing political instability due to the Russia collusion investigation
  • Simmering social grievances based on race, class, and political ideology
  • Sporadic political violence
  • Ongoing culture war featuring information operations and expanding to economic warfare

 

Tim Cook urges regulators to rein in “Data Industrial Complex”

During a keynote address at the International Conference of Data Protection & Privacy Commissioners, Apple CEO Tim Cook reportedly “blasted” Silicon Valley tech companies for their “abuse of user privacy,” which he claims is being “weaponized against us with military efficiency.” The following are a few notable quotes from the CEO’s address:

“Every day, billions of dollars change hands, and countless decisions are made, on the basis of our ‘likes’ and dislikes…. These scraps of data — each one harmless enough on its own — are carefully assembled, synthesized, traded, and sold…. Taken to its extreme, this process creates an enduring digital profile that lets companies know you better than you may know yourself. Your profile is then run through algorithms that can serve up increasingly extreme content, pounding our harmless preferences into hardened convictions.” [source]

 

Former GOP candidate arrested for attempting to kill with ‘radioactive material’

Madison, Wisconsin Police Department has confirmed that former GOP House of Representatives candidate Jeremy Ryan was arrested by the FBI this week for “trying to buy radioactive material with the intent to kill someone.” According to The Daily Beast, Ryan could be facing up to a life sentence in prison and officials have not yet identified who the target was. [source]

 

Rural Americans worried about addiction, jobs

According to a new poll by NPR, the Robert Wood Johnson Foundation and the Harvard T.H. Chan School of Public Health, rural Americans are more worried about opioids and drug addiction in their communities than they are about local jobs and the economy.

Data from the polls shows that while 25% of Americans in rural communities say that drug addiction is the biggest problem facing their community, only 21% of rural Americans cite economic concerns as their primary concern. Meanwhile, an astounding 41% of rural Americans living in Appalachia say that the biggest problem facing their community is drug addiction/abuse. [source]


PIR3: How are state and federal agencies preparing for domestic conflict, emergencies, or other instability?

Major Trends

  • Large scale efforts to increase election security
  • Large scale efforts to increase national cyber security

 

DHS preps extra cyber support for states with close midterm races

Department of Homeland Security (DHS) Under Secretary Chris Krebs, the top cybersecurity official, stated on Tuesday that the DHS is “directing additional Election Day cybersecurity resources” to states that have “tight electoral races.” Under Secretary Krebs provided specific examples of how the DHS is working to tighten election security; stating that the DHS is taking into consideration “vulnerabilities in particular election systems,” such as voting systems that do not use paper trails that allow “auditors to verify whether a digital vote tally was recorded correctly.” In addition to discussing how the DHS plans to enhance the cybersecurity of the midterm election, Krebs announced an Election Day cyber operations center, which will be headquartered in Washington DC, and include a “virtual chat room to share unclassified cyber threat information to officials in all 50 states and more than 3,000 counties.” [source]

 

Will the upcoming cyber agency change anything?

A bill allowing the Department of Homeland Security (DHS) to create the first cyber agency is expected to be passed during the upcoming “lame-duck” session of Congress, according to The Washington Examiner. The legislation was first put forth by House Homeland Security Chairman Michael McCaul, R-Texas, and would grant the DHS the ability to “consolidate the DHS’s cyber functions in a standalone Cybersecurity and Infrastructure Security Agency.” Robert Mayer, the senior vice president for cybersecurity at the United States Telecom Association, released a statement about the new agency:

“The most significant impact from the legislation may be one of perception…. The new Cybersecurity and Critical Infrastructure Agency classification establishes the DHS as the central focal point for engagement with federal and non-federal entities on cybersecurity, arguably akin to the stature of FEMA or NASA. At the operational level, immediate changes will occur at the margins, while critical enhancements continue to evolve at a strong pace.”
Despite the increasing vulnerability of critical infrastructure to cyber attacks, legislators and analysts have expressed doubts about whether the new agency will have an impact on US cybersecurity; citing the “timeliness and relevance” of cyber info-sharing as their primary concerns. American Express Global Business Travel cybersecurity analyst Sean Hays has also provided criticism of the new agency, stating that “actual threat intelligence is coming from the private sector…. It’s frustrating that one of the largest consumers and producers of intelligence — the U.S. government — doesn’t face the same obstacles [as private entities] but isn’t taking the lead.” [source]

 

DOD invests $34M in Hack the Pentagon expansion

Following the Department of Defense (DoD) investing $34M into Hack the Pentagon, the Defense Digital Service announced that cybersecurity companies HackerOne, Synack and Bugcrowd would be included in the third Hack the Pentagon expansion. (Analyst comment: Defense Digital Service is a “team of innovative technologists from the private sector brought in to help the Defense Department modernize its IT. Hack the Pentagon is a “security initiative by the U.S. Department of Defense… designed to identify and resolve security vulnerabilities within Defense Department public facing websites through crowdsourced security.” [source])

An article by NextGov states that during the first Hack the Pentagon in 2016, hacker teams “discovered almost 140 vulnerabilities in five public-facing department websites at a cost of $150,000, half of which was paid out to participants as bounties.” In a statement, Defense Digital Service director Chris Lynch spoke highly of the DoD’s hacker initiative:

“Finding innovative ways to identify vulnerabilities and strengthen security has never been more important…. When our adversaries carry out malicious attacks, they don’t hold back and aren’t afraid to be creative. Expanding our crowdsourced security work allows us to build a deeper bench of tech talent and bring more diverse perspectives to protect and defend our assets.” [source]

Senate Committee holds hearing on “Blackstart”

(Analyst comment: On October 11, 2018, the Senate Committee on Energy and Natural Resources held a hearing to examine Blackstart, which is the process for returning energy to the power grid after a system-wide blackout. Sen. Lisa Murkowski chaired the hearing, and Sen. Maria Cantwell was the ranking member present. Both Senators made opening remarks. In turn, each of the six members of the witness panel listed below was given five minutes to introduce themselves and make opening remarks. These remarks were followed by a number of questions to the panel by the two Senators already mentioned and a number of other Senators present who form the committee.)
Some of the common themes that ran through the questions and answers were the following:
1) Cyber attacks are a relatively new concern regarding the security, resilience, and sustainability of our electrical grid, and although a grid-wide outage due to cyber threats is considered a high-impact, low-probability event, it must be taken seriously keeping in mind the cost and financial resources available.  At one point Andrew Ott said this requires “thoughtful analytics” rather than panic. Timothy Yardly indicated at one point that although our grid is well prepared for conventional interruptions such as natural disasters, we are not adequately prepared for cyber attacks.
2) The elimination of single points-of-failure and a diversity of fuel sources for the generators that comprise the Blackstart program are necessary and presently used. This topic was brought up a number of times, noting that back-up fuel sources for the Blackstart generators must be readily available. Most of the generators today are diesel and gas. Dr. David Ortiz indicated at one point that the program currently has sufficient resources to implement the program if needed. Mr. Andrew Ott pointed out a number of times that PJM Interconnection LLC will soon be publishing a fuel security study that may be a useful resource when reviewing this topic.
3) For the Blackstart program to be successful, the partnership between utilities, state and local governments, and federal regulators is imperative. Joy Ditto made this point a number of times during her opening remarks and questioning. Her concerns were that the Federal Communications Commission (FCC) and the Federal Energy Regulatory Commission (FERC) were not communicating, which could impact the communications capabilities of the utilities during emergencies.
4) Communications systems are integral to an operational electrical grid and the Blackstart program.  Utilities use wired and unwired communications systems to coordinate activities. The wired systems are independently owned and operated by the utilities. These systems are also vulnerable to cyber attacks.  As a backup, voice communications using radios are used. Joy Ditto pointed out that the FCC’s policies currently favor commercial use of the communications spectrum over critical infrastructure.  She pushed for better coordination between the FCC and FERC to ensure utility companies have reasonable access to the airwaves with a minimum of interruption.
5) Energy storage units, i.e. batteries, have a potential for providing an energy source for the Blackstart program. According to Juan Torres, batteries can be used to kick-start smaller generators. Dr. David Ortiz pointed out that one utility successfully used a battery to restore energy during Blackstart testing.  Galloway pointed out that batteries are an important part of the solution because renewable energy sources such as wind are intermittent.  Hydroelectric power is also a potentially promising source of Blackstart power where available.
6) Another viable recent technology that could enhance the Blackstart program is micro-grids. One Senator pointed out that such a system is already in use at Schofield Barracks in Hawaii. Ott said he has seen micro-grids effectively used to restore power to a greater grid after an outage.
7) All panel members seemed to agree that a nationwide outage of the electric grid was a low-probability event.  Ott pointed out that such an event would likely be the result of an intentional attack, such as a cyber attack, rather than a natural disaster. Ms. Ditto said for such an attack to be successful it would need to be a coordinated, multi-pronged attack on numerous sites.
8) Regular testing of the Blackstart units is an important component of the program. Utilities normally use planned maintenance outages to test these resources. Current guidance requires the testing of these units at least once every three calendar years, although most utilities conduct testing more often. Panel members agreed that the current guidance with regard to testing frequency is sufficient. According to Thomas Galloway Sr., complex exercise scenarios including simultaneous cyber attacks and natural disasters with simulated communications outages are sometimes used to test Blackstart plans.
9) Panel members cited the lack of properly trained and educated personnel as our biggest weakness with regard to the cyber security of our electrical grid. Yardley pointed out that although technology is important, it is of no value without people to operate it.
10) The final panel question concerned the cost of maintaining the Blackstart units by the utilities and whether or not they were being adequately compensated. Ott indicated that not enough is being done to ensure the utilities are being adequately compensated, particularly since building resilience into these systems is very costly. He also concluded by saying that the greater utilities community is in need of leadership to encourage the building of this system resilience. [source]

PIR4: What are the new indicators of systems disruption and threats to the economic or financial industry?

Major Trends

  • Trade war with China poses risk to U.S. farmers and manufacturers, emerging markets
  • Unsustainable national debt to increase due to trillion dollar budget deficits in 2019+
  • High potential for an economic recession around 2019-2020 that causes significant financial disruption

 

Economic/Financial Roll-Up

Commerce Secretary Wilbur Ross says he wants “quick negotiations that produce tangible results” when he and other U.S. trade officials meet with the European Union tomorrow. In July, the Trump administration struck a cease fire that prevented further measures in the short-lived trade war. President Trump hopes tomorrow’s negotiations will get the U.S. and Europe a step closer to “zero tariffs, zero non-tariff barriers, and zero subsidies on non-auto industrial goods.” [22 Oct]

According to new data from Capital Economics, the world’s non-financial debt has risen to 240 percent of the global gross domestic product. In other words, global debt outside the financial sector — things like household debt, sovereign (nation-state) debt, and debt from non-financial corporations — has risen to nearly 2.5 times the entire economic output of the world for 2018. That’s around 30 percent higher than it was during the 2008 recession. [23 Oct]

President Trump harped again on the Federal Reserve policy of raising interest rates. “Every time we do something great, he raises the interest rates,” the president said, referring to Fed chair Jerome Powell. The Fed says they’re raising interest rates to keep down inflation and prevent the economy from overheating, but President Trump accuses the Fed of needlessly slowing economic growth. [24 Oct]

An overlay of two economic numbers indicates we could be looking at another housing bubble. The chart below shows (1) the Federal Housing Finance Agency’s House Price Index against (2) the Owner’s Equivalent Rent of Residences, which measures how much homeowners could charge for the renting of their homes. During the last housing bubble, the spread was about 40 percent higher than the housing price index, and we’re seeing a similar growth in that spread today. After the last housing bubble, then-Federal Reserve chairman Ben Bernanke bet on American psychology by re-inflating home values and the stock market. The “Bernanke Put” stipulated that as long as Americans felt good about rising home values and market portfolios, they would behave in a way that would spur economic growth; i.e., a quick return to consumerism. The question is whether or not the Bernanke Put just re-inflated the previous housing bubble. This indicator lends some credence to another housing bubble, but it shouldn’t be taken as definitive proof of one.  [source] [25 Oct]

Energy analyst John Kemp released a reason to expect global trade/economic slowdown. He writes on Twitter: “SOUTH KOREA’s KOSPI-100 equity index is usually a good proxy for changes in global trade growth so the enormous decline in the index strongly suggests global trade will slow in the months ahead.” [25 Oct]

Earnings growth is slowing down for publicly traded S&P 500 companies. For three straight quarters, the number of beaten earnings estimates has declined, while earnings estimate misses have increased over the same period of time. Traditionally, a corporate earnings recession is a reliable leading indicator of economic recession, although we’re not there yet. It’s something I continue to watch because what we’re seeing now is in line with expectations of a recession within the next 24 months. [25 Oct]

President Trump’s economic advisor Larry Kudlow appeared in a Financial Times interview, where he blamed China for the lack of progress on trade negotiations. “We gave them a detailed list of asks, regarding technology for example, [which] basically hasn’t changed for five or six months. The problem with the story is that they don’t respond. Nothing. Nada. It’s really the [Chinese president Xi] and the Chinese Communist party, they have to make a decision and so far they have not. Or they have made a decision not to do anything, nothing. I’ve never seen anything like it,” Kudlow said. The Trump administration is planning to increase the tariff rates from 10 to 25 percent in early 2019 unless the two sides find a way out. [25 Oct]

Kudlow also warned about the economic impacts if the Democrats taking back the House. “The thing that worries me the most is a blue wave in two weeks. I don’t believe that’s going to happen but if it were to happen then the risk is they will overturn our policies and we will stop the boom… If they screw up the boom, we go back to 1-2 per cent growth.” [25 Oct]

Despite weak trade numbers, U.S. gross domestic product growth, by the numbers, was up 3.5 percent with inflation remaining muted at 1.6 percent. That’s good news for the Trump administration, although all data out today doesn’t ‘wow’ us. Capital goods and capital goods shipments were both way down from the month prior. The Kansas City Fed’s Manufacturing Index was also way down from the previous month. Meanwhile, the U.S. dollar continues to strengthen, which is expected to tighten financial conditions. [26 Oct]

These economic/financial briefs appear each morning in the Early Warning intelligence report. You can sign up for this email on your My Account page.

// END REPORT

S.C.

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *

Name *