The National Intelligence Bulletin is a weekly look at national security, domestic systems disruption, the risk of failing critical infrastructure, and threats to social, political, economic, and financial stability in the United States. This report is available each week for Intelligence subscribers.
In this National Intelligence Bulletin… (3,978 words)
- Quantum computing a ‘digital nuclear bomb’
- U.S. warns of supply chain cyber attacks
- ‘Standing Rock’ Take Two in the works
- Russian hackers reach U.S. control rooms
- National Drought Forecast
- Philadelphia to end ICE access to real-time arrest data
- Mexico’s president-elect pens letter to President Trump
- Plummeting employee faith in FBI’s senior leaders
- NIST forecasts quantum computing threat
- Weekly Economic Wrap-Up
ADMIN NOTE: Jon Dougherty has moved on from Forward Observer. We wish him the best of luck in his future endeavors. All reporting and analysis is the product of Samuel Culper.
Priority Intelligence Requirements
PIR1: What are the new indicators of systems disruption and threats to critical infrastructure?
PIR2: What are the new indicators of potentially disruptive social, cultural or political conditions or events?
PIR3: How are state and federal agencies preparing for domestic conflict, emergencies, or other instability?
PIR4: What are the new indicators of systems disruption and threats to the economic or financial industry?
PIR1: What are the new indicators of systems disruption and threats to critical infrastructure?
Quantum computing a ‘digital nuclear bomb’
Rep. Mike McCaul (R-TX) speaking at the American Enterprise Institute this week that quantum computing would be a “digital nuclear bomb”. “Whatever country that gets that first is going be an extraordinary superpower. It will blow computing as we know it out of the water… That would put us at a great disadvantage if [China] got there first.” [source] Analyst Comment: One way to think about quantum computing is in terms of size. Micro-chips are becoming smaller and smaller yet are becoming more powerful… but they can only get so small before they leave the realm of atoms and enter the realm of quantum: sub-atomic particles like photons, which is what quantum computing is. In quantum computing, “qubits” are used instead of bits. Whereas a bit is either a 1 or a 0, qubits can be interchangeably 1s or 0s, which makes processing information exponentially faster. In practice, quantum computing makes cracking encryption easier because the quantum nature of the computing means that instead of one process being done at any given time in succession, all processes are being done simultaneously. For instance, when NSA analysts try to crack an encryption key, their machines are processing one transaction at a time per machine, how many ever trillions of transactions they do per second, but in succession. These numbers are just made up for the sake of simplicity, but let’s say that it takes on average 100 trillion transactions to correctly guess an encryption key, and your machine can guess 1 trillion guesses per second; that would be 100 seconds (as an example) to break the encryption as of today. Through quantum computing, NSA analysts would be able to run all 100 trillion transactions on their machine, basically in parallel at the same time, instead of one at a time like conventional computers today; meaning they need one second to break an encryption key instead of 100 seconds. Again, these numbers are made up, and computers process at much higher rates than the example. But that’s the next evolution in computing, and it’s a game changer, especially for national security, but also for digital security, as well as cryptocurrencies. That’s why cryptocurrency researchers and engineers are trying to “quantum proof” their digital coins.
U.S. warns of supply chain cyber attacks
A new U.S. National Counterintelligence and Security Center (NSCS) report outlines cyber threats to the supply chain posed by Russia and China. “Software supply chain infiltration is one of the key threats that corporations need to pay attention to, particularly how software vulnerabilities are exploited,” said U.S. one official. “To get around increasingly hardened corporate perimeters, cyber-actors are targeting supply chains. The impacts to proprietary data, trade secrets, and national security are profound.” [source] Analyst Comment: Last year, I sat through a cybersecurity brief at Black Hat where the presenter spoke at length about what constitutes successful cyber attacks. He warned of “data integrity” issues, where foreign cyber actors don’t access data to steal it, but to alter it. He used the example of altering automated processes at a dog food factory, and how slight modifications to cooking temperatures or mixed ingredients could cause the food to become a danger to pets. The example is applicable to almost anything with automated controls. Software supply chain infiltration runs a similar risk, where malicious actors gain access to a product through one of its sub-components, specifically software. Instead of attacking a corporation directly, malicious actors will target a piece of software the corporation or supply chain uses, introduce malware, and then gain access to a network indirectly through the software.
Standing Rock Take Two?
An energy company is proposing to update an oil pipeline (Pipeline 3, or “Line 3”) that runs from Canada into northeast North Dakota, through Minnesota to Wisconsin, and environmentalists are preparing for another attempted disruption similar to the Dakota Access Pipeline protests in 2016 and 2017. The line, which is operating at 50 percent capacity, was built in the 1960s and is in need of repair. [source] Analyst Comment: Protestors are fighting right now in the Minnesota government, which still needs to approve some two dozen permits before construction can begin. A group called Honor the Earth (http://www.honorearth.org/sandpiper_line_3_corridor), which spearheaded the Dakota Access Pipeline protests, is involved in organizing protests. Activists set up an additional website at: https://www.stopline3.org.
Russian hackers reach U.S. control rooms
In a briefing on Monday, DHS officials confirmed that Russian hackers have penetrated U.S. energy control rooms and industrial control systems. “They got to the point where they could have thrown switches” to electrical power, said one DHS official. DHS warned that some companies still may not know that their systems have been penetrated. DHS is especially fearful that hackers may be automating some of these penetrations. [source] Analyst Comment: Two points: The first is that this is confirmation that a conflict with Russia in Europe is likely to have severe implications at home. We’ve known for years that both Russia and China were investigating U.S. critical infrastructure for exploitation, and they continue to do so. My particular concern going forward is that these two countries include small acts of cyber exploitation (something “just short of war”) along with their information operations campaigns against the U.S. After Vietnam and through Iraq and Afghanistan, strategic planners in both countries have to consider that U.S. public opinion is a high priority target for any military campaign. Either of these countries may consider targeting U.S. critical infrastructure to foment unrest domestically or to build public pressure against a U.S. intervention in the South China Sea (China) or in the Baltics (Russia). That means systems disruption and its follow-on effects. The threat isn’t limited to Russia and China; a new report also indicates that Iran is preparing to launch cyber attacks against the U.S. in case of an escalation of war. Earlier this month, Director of National Intelligence Dan Coats warned that the U.S. remains vulnerable to cyber attacks, and that successful attacks could cause widespread disruption. “Think about New England in January, the grid going down for three days. A lot of people are going to suffer and die,” he said. If you haven’t considered the second- and third-order effects of disruption to utilities or public services, either for hours or days, please take some time this weekend and think through the logical conclusions for your immediate area. My second point is that cyber actors are limited in what they can do through the internet. Successful, prolonged attacks would include physical access. According to a cybersecurity official at Pacific Gas and Electric, “We firmly believe that any significant impact to our operations will come from some form of an insider.”
National Drought Forecast
Here’s the latest national map from the University of Nebraska-Lincoln and drought forecast. (Taken verbatim from the UNL Drought Monitor. If you’d like this information to appear in this report each week, please let me know.)
“During the period covering July 17-24, precipitation fell across a vast majority of the East, the heaviest of which flooded parts of Maryland, including the Washington D.C. area. Heavy rains also fell in parts of Florida, Kentucky and South Carolina. In the central U.S., moderate precipitation fell in parts of the High Plains while lighter rains provided little to no relief in parts of Kansas. The drought-stricken areas of Oklahoma and Texas saw little to no precipitation and triple digit temperatures, exacerbating drought conditions.
NORTHEAST: Tropical moisture flowed in from the Atlantic, providing abundant moisture for a large area covering Maryland, central Pennsylvania, southern New York, and parts of New England. Washington Dulles International Airport broke its July daily precipitation record with 5.01 inches of rain on the 21st. The previous record was 3.71 inches set on July 11, 2013. Radar estimates for the 7-day period were as high as 10-12 inches in Maryland. Since the beginning of June the Baltimore-Washington International Airport has received nearly 18 inches of rain, surpassing 1889 for its wettest June/July total on record. Abnormal dryness was removed in Virginia and Maryland but remained in Delaware and southern New Jersey where lighter precipitation fell. Moderate drought (D1) was removed in Massachusetts where streamflows have rebounded. In contrast, moderate drought was expanded in upstate New York where 30-day precipitation deficits exist. Abnormal dryness was extended out through northern New York.
SOUTHEAST: Tropical moisture flowed in from the Atlantic, providing abundant moisture for much of the mid-Atlantic region resulting in generally above normal precipitation for much of the region during the USDM period. Some locations in coastal South Carolina and north central Florida received between 8 and 9 inches during the 7-day period. Much of Georgia and the western Carolinas received 1-3 inches from summertime convection.. Precipitation totals in northeast Virginia approached 10 inches. Abnormal dryness continued for some of the central Carolinas; however, it was contracted in areas where this week’s heaviest precipitation fell.
MIDWEST: The Midwest experienced a mixture of both above- and below-normal precipitation amounts during the USDM week. In eastern Kentucky and Tennessee and along the border of Ohio and Indiana, precipitation amounts were the highest. As much as 5 inches of rain fell in those areas. Farther west, dryness prevailed. Little to no rain was measured across much of Illinois, eastern Missouri and western Iowa. Precipitation totals in those areas were 25-50 percent below normal for the 30-day period. The USDA reported that topsoil conditions were 77 percent short to very short in Missouri while subsoil conditions were 72 percent short to very short. Farmers in Missouri are having to bail the corn crops since little to no ear development is widespread. In Michigan, topsoil was rated at 68 percent short to very short and subsoil conditions were 72 percent short to very short. Local reports indicated that soybeans in parts of Michigan were less than 2 feet high and the leaves were flipped and showing their undersides. USDA reported that soybean conditions were 20 percent poor to very poor across the entire state. D0 drought was expanded to cover most of Lower Michigan and D1 was expanded slightly in eastern Michigan and introduced in southern Michigan. Abnormal dryness was also introduced in central Wisconsin and southeast Illinois, and expanded in parts of northern Minnesota.
SOUTH: Across much of the South, no measureable rains fell during the period. This was especially true for Texas, Oklahoma, and Louisiana. Arkansas, Mississippi and Tennessee received moderate precipitation – generally less than 2 inches, although eastern Tennessee had locally higher amounts of 3-5 inches during the period. Departures during the last 30- and 60-days were generally about 10-25 percent below normal. One of the driest parts of the region was around the borders of Arkansas, Louisiana, Oklahoma, and Texas where two separate areas of extreme drought (D3) were introduced this week. Extreme drought was also introduced in a small area to the west of Dallas, Texas. The drought has been exacerbated by extreme heat. Many locations in Texas have had two straight weeks of maximum temperatures reaching 100 degrees F or more. On July 23, Waco, Texas recorded an all-time high temperature of 114 degrees F. The heat also stretched into Louisiana where, on the 22nd, Shreveport hit 108 degrees F, besting its monthly record. Conditions in some parts of Texas are being compared to the drought of 2010 and 2011. One rancher reported that he had only had 6 inches of rain since January and another reported just 4.5 inches. The persistent heat and dryness has browned grasses, dried up stock tanks and ponds and increased fire danger.
HIGH PLAINS: Precipitation across this region was scattered during the USDM week. The heaviest amount, generally in the range of 2-4 inches, fell in the eastern Dakotas and parts of Nebraska. Short- and long-term effects of drought/dryness remain along the Canadian/North Dakota border and northeast South Dakota. Recent rains in South Dakota contracted drought along the southern portion of the depiction, but expanded the abnormal dryness (D0) in the western part. Abnormal dryness was introduced in south central South Dakota. In Nebraska, drought/dryness began to creep back into the southeast part of the state where 30-day precipitation departures were apparent. Drought/dryness worsened in Kansas during the period, especially in the eastern half of the state where precipitation deficits have grown. Year-to-date precipitation percent of normal values were 25-50 percent across parts of east central Kansas. Exceptional drought (D4) was slightly expanded in this area and the two areas of extreme drought (D3) were connected. Drought conditions remained unchanged for the most part In Colorado. The lone exception was a slight contraction of exceptional drought in the southeast where heavy rains recently fell. Severe drought was expanded slightly in the north central part of Colorado.
WEST: Drought remained entrenched in the Four Corners region but, as the monsoon season begins to ramp up, there is hope that improvement is on the way. In fact, 30-day surpluses of 2-3 inches were common near and west of Flagstaff. Year-to-date precipitation totals were now reaching the positive side. It was reported that the Eastern Rim and the White Mountains have also seen very beneficial rains. As a result of the robust start of the monsoon season, there was some contraction of D3 and D4 in Arizona. In the Pacific Northwest, dryness in Oregon prompted the expansion of D2 across the Cascades and into the Willamette Valley. In California, persistent heat and dryness increased fire danger. As of July 24, it was reported that the Ferguson fire had burned 57 square miles in Yosemite, but was only 25 percent contained. Yosemite Park was closed for the first time in 28 years due to the fire hazard there.”
PIR2: What are the new indicators of potentially disruptive social, cultural or political conditions or events?
Philadelphia to end ICE access to real-time arrest data
The mayor of Philadelphia announced this afternoon that he’s not renewing a contract that allows ICE agents to have access to his police department’s real-time arrest data. In a statement released later, ICE officials said that Philadelphia would end up “harboring criminal aliens” unless ICE had access to the information and was able to arrest illegal immigrant criminals upon release from local law enforcement. [source]
Mexico’s president-elect pens letter to President Trump
On 01 December of this year, Andres Manuel Lopez Obrador (AMLO, as he’s called in Mexico) is set to take over as Mexico’s president, but he’s already met with U.S. officials. (Earlier this month, Secretary of State Mike Pompeo and DHS Secretary Kirstjen Nielsen traveled to Mexico.) In a letter to President Trump published last weekend, AMLO tried to allay some fears over his economic and migrant policies. He proposed a program for job creation and strengthening Mexico’s southern border to stem the flow of Central American migrants to the U.S. AMLO wrote that he wants to ensure that “Mexicans do not have to migrate because of poverty or violence. We will try to make emigration optional and not necessary. We will strive to ensure that people find work and well-being in their places of origin, where their families, their customs and their cultures are. To achieve this fundamental objective, the incoming government will carry out the greatest effort ever undertaken in Mexico.” [source] Analyst Comment: Hearing the rhetoric during the election season, many were worried about AMLO’s leftist populist domestic policies; myself included. He still plans to use confiscatory taxation and wealth redistribution as a means to solve inequality. That means more corruption at the highest levels — the corruption problem he was elected to solve. I’m reading a great book right now entitled Why Nations Fail, where the author explains in Third World Central America and Mexico, rampant corruption and obtaining wealth illegally at the highest levels removes the barrier to theft at the lowest levels. Politicians who get away with corruption and theft generally encourage more corruption and theft by others. I don’t expect much progress to be made in his six year term, although some high profile arrests and trials might help him win the message on that front. As for the migrant crisis, AMLO recognizes that it’s Mexico’s problem, too. Migrants from Guatemala, Honduras, and El Salvador, including gang members and other criminals, get stacked up on Mexico’s northern border as they await passage into the United States. With the high operational tempo of U.S. Border Patrol, the National Guard (which is responsible for 10 percent of all border apprehensions), and Immigration and Customs Enforcement, that means more problems for Mexico. It appears that AMLO doesn’t necessarily favor the policy of previous administrations that have encouraged mass migration to the United States. And I’m somewhat optimistic that AMLO will work in good faith with President Trump to solve some of these problems. That doesn’t remove the risk that some Mexico watchers see; namely the risk that AMLO becomes another Chavez-esque Leftist dictator. This is a situation that we’ll continue to monitor and report on via our sources in Mexico.
Plummeting employee faith in FBI’s senior leaders
According to an annual survey, the amount of faith that FBI employees have in senior leaders’ “honesty and integrity” is falling. FBI employees scored senior executives significantly lower in 2017 and 2018 on the matters of respect and “honesty and integrity” than in 2016. Although the annual survey is released publicly this year, the editor of a blog called Lawfare had to file a Freedom of Information Act to request this year’s survey. After the FBI failed to respond to the FOIA request, they sued the FBI to force the survey’s release. [source] Analyst Comment: One of my indicators of a modern society or empire in decline is a loss of faith in public institutions. This may be a momentary lapse in trust between the rank and file and their senior leaders if the Department of Justice can right the wrongs of the past couple years; but there’s no doubt that the information coming out about Peter Strzok and Lisa Page, former director Comey and deputy director McCabe, and their baseless support for a FISA warrant against former Trump campaign workers with regard to Trump-Russia collusion, has left an indelible stain on the Bureau. For some comparison, I found a 2001 survey of national adults which found that seven out of ten had a favorable view of the FBI. [source] Compared to a PBS/Marist poll in April 2018, just 54 percent of Americans had a favorable view and 41 percent had an unfavorable view or “no confidence at all”. [source] Predictably, there’s a divergence between Republicans and Democrats, which shows just how politicized the Trump-Russia probe is. [source]
PIR3: How are state and federal agencies preparing for domestic conflict, emergencies, or other instability?
NIST forecasts quantum computing threat
The National Institute of Standards and Technology (NIST) released a report this week on how quantum computing would affect government encryption. NIST researchers say that, as far as they know, AES-256, the government encryption standard, should be unaffected, but public key infrastructure, like the ones many email providers use would be vulnerable. “[T]he construction of a large-scale quantum computer would render many of these public key cryptosystems insecure. In particular, this includes those based on the difficulty of integer factorization, such as RSA, as well as ones based on the hardness of the discrete log problem. In contrast, the impact on symmetric key systems [like AES-256] will not be as drastic.” [source]
PIR4: What are the new indicators of systems disruption and threats to the economic or financial industry?
Economic/Financial Wrap-up
– Jeffrey Gundlach at DoubleLine Capital appeared in Barron’s this week with some more information about recession indicators. I’ve previously talked about the 2-year and 10-year Treasury yields and their correlation to recession. They’re pretty accurate. Gundlach shed some more light on that indicator: “When the curve goes flat from the two-year Treasury to the 10-year [meaning that the yields are identical], the recession risk is at least a year away. Recently, that spread was 28 basis points [hundredths of a percentage point], which is pretty close to being flat.” He expects a political left turn if the recession hits before the 2020 general election, “but it isn’t a winning message with the economy growing by 5%.” [source]
– According to a report by Russia Today (RT), the Chinese Communist Party is readying the country’s largest cities to begin the shift from coal to natural gas for its electrical power. In the next three years, China’s 82 cities will see up to 10 percent decreases in coal-powered electrical production. Russian business news outlet Vedomosti quotes an official from Gazprombank who says that it will lead to a decrease in global coal prices in 2020 and beyond. While the report from RT doesn’t mention it specifically, this is problematic for U.S. coal country, which is already struggling with job loss and a dying coal industry. [source]
– Federal data on beef, pork, and poultry are set to be published this week, and economists expect to see 2.5 billion pounds of U.S.-produced meat products stacking up in cold storage to due international tariffs and a slow down in trade. [source]
– One third of real estate companies so far are under performing their earnings expectations (image below) as we enter into the busiest week of earnings season. I was just talking to my dad yesterday about how/why Teavana — Starbucks’ tea brand — had closed all their store locations in the last year. Teavana’s main buying demographic was Millennials, who are shopping more online than in malls. In fact, we’ve seen a number of department stores close physical locations, which affects smaller shops that depend on those anchors for traffic. Residential real estate looks strong as home sales are expected to grow; however, we’ve heard quite a bit about a commercial real estate problem, and it’s something that we should keep an eye on as we think about the effects of the next recession.
– As if we needed any further evidence that we’re headed towards a recession, this graph from Deutsche Bank pretty much nails it. We know that troughs in unemployment (or the tops of labor force participation) are correlated with recessions. The economy is doing well now; we’ll probably hit four percent growth this quarter. But there’s a very good chance that, as Bank of America reported last week, a recession starts somewhere between the last half of 2019 through the first half of 2021. That’s our key assumption going forward.
-The Philadelphia Federal Reserve regional non-manufacturing index is forecasting a slight slowdown in economic activity. And Capital Economics joined a crowd of financial institutions and economists to forecast a recession next year: “The [yield] curve may have steepened in recent days but we still expect it to invert sometime next year, which will eventually be followed by an economic slowdown.”
– The Trump administration is scheduled to send a $12 billion aid package to farmers feeling the effects of foreign tariffs. WSJ reports: “The U.S. government plans to provide incremental payments to support prices of some of the hardest-hit commodities, including soybeans, sorghum, cotton, corn, wheat and pork, Vivian Salama and Jacob Bunge report. It’s a short-term solution for a sector that’s taken a series of hits. China, a huge market for U.S. agricultural exports, has applied tariffs on $34 billion worth of U.S. goods, including soybeans and pork. Other places applying retaliatory tariffs include allies such as Canada, Mexico and the EU.”
– Personal loan balances are climbing, matching a broader trend in consumer debt, in general. This is another reason why I’m concerned with the next recession: the potential for mass credit defaults all over again.
// END REPORT
S.C.
