Monday, April 30, 2012

SEALs, Spies, Security, and Celebrity: The Suits and Spooks Anti-Conference comes to Los Angeles

George Clooney’s Satellite Sentinel Project documenting the atrocities in Sudan has broken new ground in the use of “soft power” to drive change. Jonathan Hutson from the Enough Project will explain how Clooney and John Prendergast are doing it. Rob DuBois, a retired Navy SEAL, will discuss how and why he advises governments to use “smart power” before hard power. Matt Brazil, a former U.S. embassy commercial officer in Beijing, will show executives how to survive in China without losing all of their secrets. Jim Hake will discuss how NGOs and the U.S. military can work together in the worst problem spots on earth (Afghanistan, Central Asia, Africa).

All of these speakers and more will converge on June 29th in Los Angeles for a private day of frank discussions and problem solving at Taia Global’s third Suits and Spooks Anti-conference, co-sponsored by the Pacific Council on International Policy. The purpose of Suits and Spooks is to bring together individuals from the U.S. intelligence community with innovative thinkers from a wide variety of disciplines to address hard challenges in the national security space.

Attendance is open to the general public but is limited to no more than 120 people. Information and registration is available at Early bird registration ends on May 29, 2012 or once we sell out.

Thursday, April 26, 2012

What We Learned From The CEIEC Hack

CEC Third Party Congress March 2012
After hacktivist "Hardcore Charlie" announced on Twitter  that he had breached the email of a "Chinese military contractor" firm on April 1, 2012, we downloaded all of the archives for further analysis. While all of the documents appear genuine, it's doubtful that they're all from the CEIEC breach. The Philippines diplomatic documents and the files from the U.S. Army Transportion Corps are completely out of context with the rest of the CEIEC files nor is there any apparent reason for CEIEC to be interested in their content.  However, the balance of the documents are genuine and reveal new facts about CEIEC, it's relationship with NORINCO and their mutual interest in Burma's copper mine which NORINCO secretly bought from Ivanhoe of Canada through its subsidiary Wanbao.

The copper mining operation in Monywa, Burma was acquired from Canadian firm Ivanhoe by NORINCO subsidiary Wanbao. Wanbao has purchased Caterpillar earth-moving equipment for use in that copper mine in Burma. which would put NORINCO in violation of the U.S. Export Administration Act. The copper cathode is not going exclusively to the PLA (the Japanese firm Marubeni has bought some) but having this mine under Chinese control seems like a great way to guarantee copper cathode supplies to Chinese military manufacturing for the next three decades or more, which is how long this mine might last.  It is Burma's only copper mine.  Copper cathode is important in all sorts of military manufacturing including motors and ordnance.

There are over 800 documents with the pathnames NORINCOMYANMAR and MICCL_NORINCO concerning Wanbao Holdings, a Beijing conglomorate, and their apparent 100% interest in a large mine at Monywa, Burma (400 kilometers east of Chittagong and about 700 km NNW of Yangon/Rangoon).  Documents show that Wanbao purchased all of Myanmar Ivanhoe Copper Company Ltd, aka: MICCL, in 2010 or 2011 (see and  Wanbao maintains subsidiary offices in Hong Kong and Yangon, including Myanmar Yangtse Copper Ltd, which has five expatriate Chinese employees in Burma (Chinese Pay January 2012.pdf).  The documents show that the Monywa mine is under development and has extracted some copper ore, though in August 2011 they were plagued by a shortage of industrial explosive peripherals: the Burmese army had supplied enough ammonium nitrate explosive but not the necessary additional peripherals to safely detonate it.  See 008.doc Introduction to Wanbao; 11-10-Oct 11/Financial...).  The project is large and potentially lucrative: it has a capitalization of US$997m and a potential value $3.41b to $9.96b, according to their auditor Deloitte (See 万宝缅甸铜矿...0817-for negotiationpurpose2.pdf, p. 4)

Full extraction operations at Monywa are scheduled for 2013, and some production began this year (11-April.xls and 7 月份产量.pdf shows copper production details).  There may have been six expatriate employees there at one time but now there are three: a Canadian operations manager, Glenn Richard Wallis of Oakville, ONT(profile is available on; he was on a six month expat contract beginning 2 June 11) and an engineer named Antonio Di Somma of Naples, Italy (see Antonio Di Somma Curriculum Vitae.doc; no web profile found).  There is also a General Manager, Glenn Ford (no profile found) who may also be based at Monywa or may be in Yangon.  He is the company's contact with the Burmese military.

The huge but unsurprising gap in income between local people and the foreign managers:  US$60-80 a month for a local laborer versus an after tax income of US$8,000 a month for Mssrs. Di Somma and Wallis and $17,500 a month for Mr. Ford (see 17 Income Tax of Contractors...; 18 Income Tax of Laborers for Sep 2011...; Glenn R Wallis Contract.pdf; 07 Executives' Pay...; copper tt Glenn Ford 17500.tif).

Two documents show the purchase by NORINCO in August 2011 of a Catepillar model 834 wheel dozer for $750,000 from Westrac Hong Kong, Ltd, CIF to Tianjin, China, and other equipment worth over US$5m sold from NORINCO to Wanbao.  If NORINCO planned to transfer the equipment to Burma, as might be expected under the circumstances, it would be a violation by NORINCO and possibly by Westrac of the US Export Administration Act, due to the US embargo against Burma effective at the time.  See "copper to china north vehicle 5013400.tif;".

There's been a corruption scandal around this mine, Ivanhoe, and NORINCO which just came to light last month thanks to files from Wikileaks.

CEIEC is the trading arm of CEC, the China Electronics Corporation.  CEC is under the dual leadership of the Chinese Communist Party (CCP) and the State Council, as are so many large companies in the post 1989 restructuring of the Party.  NORINCO is under a separate military subordination (see table).  The two of them do business with each other in a modern profit driven manner, as we see in all those leaked CEIEC documents reflecting huge payments between CEIEC, NORINCO, Wanbao, etc.  In spite of its capitalist aura, today's system retains some parallels to the old system under Mao, where the civilian industrial ministries responded to military production requirements levied through the old State Planning Commission.  Then, it was socialist planning under the Party.  Now, it's profits and national security planning under the Party.

Tuesday, April 24, 2012

Book Review: "Powerful Peace: A Navy SEAL's Lessons on Peace from a Lifetime at War

When I began to read an advance copy of J. Robert DuBois's book "Powerful Peace: A Navy SEAL's Lessons on Peace from a Lifetime at War" I was immediately reminded of Miyamoto Musashi's "The Book of Five Rings".
  • Both are written by elite warriors at the end of their respective military careers. 
  • Both demonstrate a deep respect for the spiritual as well as the martial.
  • Both encourage the reader to pursue in practice the concepts that they've put down in writing. Musashi's most frequent phrase is "You should investigate this thoroughly". DuBois gives the reader assignments to do after each section.
  • Both divide their books into natural elements or components (Musashi: Earth, Water, Fire, Wind, Void; DuBois: Body, Mind, Heart, Soul, Hope).
  • Both understand and encourage a wide perspective rather than a narrow focus. DuBois wrote about the importance of Commonality, Self Interest, and "thinking broadly"; all of which contribute to DuBois's specialty - the use of Smart Power. Musashi had rules for his students, some of which included:
    1. Touch upon all of the arts.
    2. Know the Ways of all occupations.
    3. Know the advantages and disadvantages of everything.
    4. Develop a discerning eye in all matters.
    5. Pay attention to even small things.
Rob DuBois has written an exceptional book about peace-keeping; a book that could only have been written by a member of an elite special operations unit. In his chapter called "Harm" he talks about the cost of war to children and his feelings about two beautiful Iraqi girls who were wounded by a car bomb near a school:
God, how I long to suit up and rejoin the mission! I want to pay back, to the monsters that did this, everything they deserve—with interest. If you came to this table for a Kumbaya solution, you’ll be disappointed. I don’t denounce violence; I embrace it. I keep violence as close as my hands and my heart. Because I do, I am more often spared from having to use it. My heart doesn’t ache for these children. It explodes. Forcing out burning tears, my heart explodes like the car bomb that tore them and their playmates apart.
Yet despite a boiling rage, I remind myself—we must not abandon balance. We have to respond, not react. In the next chapter, we’ll look more at the Why Not of lashing out, but for now let me say, to be more effective we have to learn to engage among and across relationships, households, and societies—most especially into concentrations where the hatred is most firmly rooted. Destroying alone leads to more destroying. This is the terrible paradox. It’s almost impossible to imagine breaking the cycle of harm when you feel so hurt and hateful, but there is no other hope for these girls and millions like them.
DuBois's book, a relatively short 154 pages, is packed with wisdom derived from personal experiences in battle and in training with his peers in the SpecOps community world-wide. It underscores the many options available to us to resolve conflict before we engage with bullets and bombs. This is a critical book that both doves and hawks need to read, discuss and implement in their daily lives.

Monday, April 16, 2012

China: Our Incompetent Master Adversary?

According to an article in today's Guardian, State Department and Pentagon officials with their Chinese counterparts have engaged in at least two cyber war games in 2011 and have another planned for next month. These war games are coordinated by two think tanks: Center for Strategic and International Studies for the U.S. and the China Institute of Contemporary International Relations. The goal is to try to manage escalating hostilities between the two nations over China's perceived massive cyber espionage campaign against U.S. companies.

It's distressing to see that the tensions have risen to this point because its based on a seriously flawed evaluation of the facts by well-known companies plus former and present U.S. government officials. For example:

U.S. information security companies like RSA, McAfee, Mandiant, and others routinely issue reports blaming China and ONLY China for intrusions that they've encountered. It's incredible to me that in spite of the 30+ countries actively engaging in acts of cyber espionage, these security giants have only caught China in the act.

Secretary of State Hilary Clinton has been quick to blame China for cyber attacks that targeted Google but for no other reason then because Google said so. And the Secretary has never once warned other countries to cease their cyber attacks against the U.S.

The U.S. China Economic and Security Review Commission routinely puts out alarmist reports about China's military cyber buildup while deliberately refusing to hear testimony by experts who have contrary views to the commission's anti-China agenda.

Richard Clarke's sinophobic, alarmist op-eds routinely get published in the Wall Street Journal and elsewhere even though Mr. Clarke has no standing as a cyber security expert.

No wonder that the Chinese government's irritation with the U.S. has risen to the point where we need CSIS and its Chinese counterpart to conduct a mediation. Beijing is getting tired of being blamed for every attack against every company everywhere in the world, and they're right to be mad. As I've said many times before, it's not that China doesn't do it; they absolutely do, but so do many other countries and just as frequently yet we almost never hear about a major breach being blamed on any country other than China. Either China is the greatest and dumbest adversary that we've ever had, or the real dummies are those in the InfoSec industry who can't be bothered to question the obvious when doing incident response, or who choose to cater to the rising tide of Sinophobia in the U.S. in order to boost their sales; or to politicians and journalists who parrot back the faulty claims of those same companies thereby perpetuating a bad cycle that has resulted in real-world tensions that could have been handled in a more constructive way all along.

While the marketing of anti-China sentiment by some in the InfoSec industry is clearly one part of this disaster in foreign relations, Media deserves its share for opting to print stories that cater to China FUD because it results in higher readership which means more advertising revenue. Since the American public is generally naive about cyber operations by nation states, they believe what they hear about China in the media and cast their votes for the politician who will save them from the menacing red dragon who's sopping up their brain waves and living inside their electric wires. Politicians being what they are cater to that fear and make pronouncements and threats accordingly in order to win votes.

The solution to this problem is simple. As a nation, we need to ask more questions. Accept nothing at face value no matter which "authority" tells it to you, including me. Good intelligence analysts uses negative analysis to test their findings before sending it on to their customers. A little more negative analysis by all parties involved may be what's needed to reduce U.S.-China tensions and improve U.S. security. And it doesn't cost any money to do it. 

Friday, April 13, 2012

Taking a Closer Look at Cyber Covert Actions

I just published an article for on this topic. Here's the opening paragraph and a link to the full article:

As the U.S. government expands its cyber warfare capabilities including the development and use of offensive weapons, I thought it would be valuable to look at the process of planning and getting approval for a covert action. The President has the ability under Executive Order 12333 and Title 50 of the US Code to authorize a covert action whose purpose is "to influence political, economic, or military conditions abroad, where it is intended that the role of the United States Government will not be apparent or acknowledged publicly". [1] This includes the use of cyber weapons if the plan can secure the approval of the National Security Council's National Security Planning Group (NSPG) which is the NSC's committee overseeing covert action. [2] During the Reagan administration, which is time of reference for this recently de-classified document [3], members of the NSPG included the Vice President, SECDEF, SECSTATE, the DCI, the assistant for National Security Affairs, the White House Chief of Staff, his deputy and the President's counselor.

You can read the full article here.


[2] Covert Action and Accountability: Decision-Making for America's Secret Foreign Policy by Loch K. Johnson, International Studies Quarterly, Vol. 33, No. 1 (March, 1989), p. 93
[3] Ibid

Tuesday, April 3, 2012

Richard Clarke: A Little Knowledge Is A Dangerous Thing

Richard Clarke's editorial in today's New York Times underscores what I've written before about Mr. Clarke. He's not well-informed about the scale and scope of cyber espionage or any other cyber-related threat. And when you combine that lack of depth with his "name" power, then you have the dangerous combination of ignorance informing policy. Here's a quick survey of what's wrong with Clarke's editorial.

While China does engage in cyber espionage against U.S. companies, so do many other nation states. In my ebook, A Traveler's Guide to Cyber Security, I created an Appendix which lists multiple examples of cyber espionage by Brazil, China, France, Germany, Greece, Iran, Israel, Nigeria, Russia, Turkey, and Venezuela. The reality is that acts of espionage - cyber or other-wise - is very wide spread. You would never know that fact by reading Clarke's sinophobic writings.

Further, Richard Clarke attempts to provide a solution to this problem that is (a) impossible to implement and (b) reveals his lack of understanding of how data flows between networks. When sensitive data is located within a network, an attacker will encrypt those files and extract them in a way that doesn't draw attention. There's no way for any agency to see into those files and say "Hey - that's our secret sauce!".

Clearly Mr. Clarke is in the business of selling his time to clients who are worried about cyber attacks, and his background as a government bureaucrat is helping him do that - at least in the United Arab Emirates. However, if he's truly interested in contributing solutions to this very serious problem he needs to start by learning enough information about what's actually happening at a substantive level and then formulate an appropriate solution.