As the war on terror rages into its 14th year gains and losses echo throughout the campaign. In Afghanistan the Taliban was swiftly defeated only to reemerge a short time later. Questions abound as to why the Taliban has been able to regroup and reemerge as a significant threat to stability. Our ally, Pakistan, has also been under the microscope by US intelligence officials and has even been accused of aiding the Taliban domestically.
The relationship between the Taliban and Pakistan is a long and convoluted one. Depending on the point of view, the Pakistani government has been a steadfast supporter, or a staunch antagonist, to the Taliban. Currently, there is some question as to whether or not the Pakistanis are playing both sides of this conflict; supporting America as an ally in the Global War on Terror (GWOT) or helping the Taliban by providing intelligence support and safe haven.
Determining what role the Taliban plays in Pakistani politics and whether or not there is a greater threat to their current government and its support for US interests is a daunting task. To begin, it is important to look at the history of the two before analyzing current trends.
Brief history of the Taliban and its relationship with Pakistan
The Taliban emerged as part of the Mujahideen movement during the Soviet invasion which began in 1979. In 1994 the Taliban came to power in Afghanistan shortly after the ejection of the Soviets. With the promise of restoring peace and security in Pashtun areas surrounding the borders of Pakistan and Afghanistan, the Taliban rose to prominence and enforced strict adherence to Sharia law.
Pakistani funding and supply was critical to the Taliban movement and its rise to power. With assistance in the form of weapons, military training and financial support the Taliban was able to capture several Afghan cities. In 1996 they successfully took control of Kabul.
During the Taliban’s reign prior to the US invasion, from the 1990’s to 2001, Pakistan was one of only three nations that recognized the legitimacy of the regime, the other two being Saudi Arabia and the United Arab Emirates. At the height of their involvement, the Pakistani Inter-Service Intelligence agency, (ISI), was supplying the Taliban with hundreds of military advisors, small units of their Special Services Group, and thousands of Pakistani Pashtuns to man its infantry. Following international condemnation for harboring Al Qaeda terrorists responsible for the Sept. 11 attacks in New York, they were the last country to break diplomatic ties with the Taliban.
Pakistan/Taliban relationship post-GWOT
Since the beginning of the GWOT there has been suspicion that Pakistan has been playing both sides; an ally to the US on one side and secretly aiding the Taliban on the other. In general, the central Pakistani government has been the supporter of the United States, while the ISI is accused of, at best, being sympathetic to the Taliban cause and at worst, giving them aid.
A 2012 study published by NATO alleged that, following their toppling by coalition forces, ISI support for the Taliban was crucial to their reemergence in 2004. Without Pakistani assistance, it said, there would have been no hope for rebuilding a Taliban capable of combating the US and her allies.
Allegations of ISI involvement with the Taliban predate the 2012 NATO report. In a leaked report in 2006 the British Defense Ministry stated
“Indirectly, Pakistan through the ISI has been supporting terrorism and extremism.”
In 2008, Afghan officials accused the ISI of plotting a failed assassination attempt on then President Hamid Karzai, as well as insinuating their involvement with a terrorist attack on the Indian embassy. Indian officials also laid blame the attack on the ISI. In 2009, Secretary of Defense, Robert Gates said in an interview with 60 minutes: “To a certain extent, they play both sides.”
Taliban/ISI political influence in Pakistan
Accusations this year have brought up the idea that the ISI, which is responsible for dealing with external threats to the country, has been increasingly meddling with internal politics. Insiders accused the military and the ISI of stirring up political turmoil amidst accusations that Prime Minister Nawaz Sharif came to power via fraud.
Representatives Imran Khan and Tahir-ul Qudri accused Sharif’s government of rigging elections. Khan’s former party president, after being removed from power by Khan, stated that the party has been working closely with the ISI to undermine Sharif’s government with the promise of new elections should he be successfully ousted.
Pakistan political expert Aqil Shah said the military establishment is stirring up violence to send a message to parties not to meddle with them lest they face severe consequences. By manipulating anti-Sharif representatives the military seeks to position itself to be an arbiter for change. Once Sharif is out of the picture the ISI and the military can exercise greater control over the political process.
Stepping in to fill the void in poor areas lacking healthcare infrastructure, education and civic amenities, the Pakistani Taliban, or Tehrik-i-Taliban-Pakistani (TTP) has a long and enduring presence along the outskirts of the country in the federally administered tribal areas (FATA). Other accusations that the ISI and the Taliban are in bed spring from the perception that the Taliban is affecting the political process via intimidation. According to liberal politicians, Pakistani Taliban have been increasing their attacks on the liberal parties. A former official from the Awami National Party stated he was forced to leave Karachi after 25 of his offices were threatened by Taliban forces. A senior Karachi police officer said that the Taliban are swiftly expanding their influence amongst the poor suburbs as well as the city center.
The Awami National Party (ANP), The Pakistan People’s Party (PPP) and the Muttahida Qaumi Movement (MQM) have all been targeted for their secular platforms and opposition to Islamic extremism. As a result, they are unable to run effective campaigns and voters are intimidated come election time. They inevitably suffer defeat at the polls due to diminished support thus increasing TTP influence.
The Taliban’s influence is not limited to political persuasion, however. In suburbs across Karachi, Pakistan’s commercial hub, Taliban “courts” have emerged to settle disputes amongst residents. The fact that these courts are operating at all suggests that the public is becoming increasingly tolerant and sympathetic to Taliban presence. Their influence has the potential to shift political support in their favor as they extend into major cities like Karachi. Such power shift is a major concern for the US and its allies since they rely heavily on Pakistani support in the tribal regions.
Recognition of the Taliban is not limited to a growing number of Pakistanis either. In the summer of 2013 the government of Qatar agreed to let the Taliban open an office in Doha. This office is complete with the Taliban flag flying high above its doors and signs proclaiming it to be representative office to the “Islamic Emirate of Afghanistan”. The concern with this is obvious. Rather than treating them as a terrorist group responsible for the Afghan insurgency, the Qatari government is essentially acknowledging the Taliban’s legitimate claim to Afghanistan. This acknowledgement could do irreparable damage to the US backed government in Afghanistan and help to legitimize the Taliban struggle internationally.
Ramifications of increased Taliban influence in Pakistan
Should the TTP gain enough influence in the Pakistani government it could spell disaster for US operations in the GWOT and specifically in operational capacity throughout the Afghan and Asian theater. Pakistan has been an ally to the US in the sense that they allow us to conduct some operations along and across their borders. They are also recipients of billions of dollars in US aid meant to combat extremism within their own nation. As the US continues to draw down its forces in Afghanistan other questions have emerged: what role will Pakistan play in the Afghan theater and what is the military to do with the thousands of tons of supplies and equipment left in the country?
As we are now seeing in Iraq, the void created by a vacating US military could potentially leave significant assets to an enemy should they take the fight to a weakened post-US government. Pakistan and Afghanistan haven’t enjoyed the warmest of relationships since the toppling of the Taliban. Should the Taliban in Pakistan gain enough power and influence over the Pakistani government it is conceivable that their support for the Afghan Taliban will increase. With such support from the Pakistanis, the Afghan Taliban will be a serious threat to the stability of the fledgling and relatively weak central Afghan government.
A Taliban-controlled Pakistan could also spell disaster for regional stability. Pakistan is suspected of having hundreds of tactical nuclear weapons. Should the Pakistani military and the ISI ultimately back a coup in the country, and the TTP come to further prominence, the risk of these tactical nuclear weapons falling into Taliban hands is unacceptable. Many have speculated that the US has a contingency plan for dealing with such a threat, however top defense officials have denied such a plan exists and said that these reports are oversimplified.
A nuclear Taliban would most likely result in instant conflict. It is highly unlikely that India, Pakistan’s biggest foe in the region and a nuclear power itself, would allow such an eventuality. The ISI is suspected of supporting terrorist actions in the disputed Kashmir region of India and Taliban influence over the ISI could increase such support and lead to further escalations. To add insult to injury, Pakistan receives significant aid from China. This aid is often viewed as an annoyance to India since China and India do not have the warmest of relationships either. Furthermore, in 2013 Pakistan handed over control of the Gwadar port to the Chinese Navy. The port is a significant strategic asset to the region. Commerce flows in and out of the port annually. Control of the port by China could also mean hosting of significant Chinese military assets in the region.
In any event, Taliban influence or control of the Pakistani government is an eventuality that all interested parties should be wary of. Pakistan’s potential to meddle in the affairs of post-US Afghanistan, possession of nuclear weapons, poor nuclear security and relationships with international players that are not friendly to Western interests could destabilize an already fragile region. The vacuum created by vacating US forces could be filled by any number of unfavorable regimes from the Afghan Taliban to the Chinese. In any event, destabilization of the region would mean significant injury to US economic and strategic interests.
Religious institutions face unique security challenges. In addition to standard security practices they must contend with the possibility of increased hostility due to their beliefs, disgruntled members, and mentally or emotionally compromised individuals. Below is a brief overview of some standards and practices that leaders of a religious organization should implement in their quest to balance security and safety with openness and welcome. Due to its length I’ve included it as a PDF file so it will not smother the rest of the content on this blog.
The infiltration of the NOAA has been drawing attention, criticism and speculation since the weather service admitted to being infiltrated in September 2014. Most of the articles written up to date have focused on the who as opposed to the why. So, why is the infiltration of the National Weather Service a big deal?
As mentioned in this blog before, cyber warfare, cyber espionage and cyber theft are becoming more and more prominent. Many aspects of civilian infrastructure are vulnerable to cyber attacks including power stations, databases of classified information related to homeland security and infiltration of financial institutions. But the National Weather Service? What could someone possibly have to gain from hacking the Weather Service? After all, all it does is give us the daily weather…right? As it turns out, the Weather Service and its functions play a vital role in US national security.
The mission of the National Weather Service is to
“provide weather, hydrologic, and climate forecasts and warnings for the United States, its territories, adjacent waters and ocean areas, for the protection of life and property and the enhancement of the national economy…”
By this mission statement one might deduce that the Weather Service could have a significant impact on the national security of the United States. Information gathered and disseminated by them is critical to multiple aspects of our economy including, but not limited to, shipping, commercial fishing, farming, and air traffic control. They operate multiple satellite systems orbiting the earth which are responsible for gathering data regarding global weather patterns. These weather patterns are of significant use to the national intelligence community. The US Military relies on information from the Weather Service in order to properly run the gigantic logistical machine that is the armed services. In addition, the NWS also functions to warn the population about weather emergencies and natural disasters.
It is conceivable then that an infiltration and subsequent shutdown of the weather service would cause significant disruption in the government’s ability to function. Such a shutdown could lead to disruptions to air travel, maritime navigation, severe weather warnings and military operations.
Marshall Shepherd, Director of Atmospheric Sciences at the University of Georgia and past president of the American Meteorological Society, made the point clear when he stated
“Every sortie flown in the name of national security relies on weather information and intelligence. If you value Homeland Security, you have to value weather. That means we have to protect it as much as we do anything else.”
Indeed the infiltration of the NWS system should serve as a wake up call to an organization that has placed its cyber security at such low importance.
According to Chief Operations Officer David Titley much of the reason for the poor security at the NWS has to do with budget. He stated that the National Weather Service is in dire need of funding in order to boost their digital security.
“It’s pretty well documented that NOAA doesn’t have enough money to do what it wants to do the way it wants to do it,” he says. “Security is only one of those issues. This is an example of how things in the federal government start to break when they’re ignored.”
In his opinion cyber security was not a significant concern at the time the service was created and older systems remain vulnerable unless the government prioritizes protection.
The attacks in September were not the first of their kind either. In 2013 a hacker accessed sensitive NOAA data by using a contractor’s computer. In 2012 a hacker group from Kosovo reportedly hacked into the weather service computers and released sensitive data. The group responsible for the 2012 incident identified themselves as “Kosova Hacker’s Security” and claimed their attacks were in retribution for American hostility towards Muslim Nations
US response to incidents of cyber violation are dismal, at least in light of what is being released publicly. Leon Panetta even weighed in calling cyber warfare a “digital Pearl Harbor”, warning that the nation is woefully unprepared to deal with these types of violations. Whether the attacks are coming from China, Russia or fringe groups like “Kosova Hacker’s Security” is largely irrelevant. Accusing and threatening suspect nations with reprimands and empty repercussions is ineffective. The anonymous nature of the internet gives hackers and governments incredible plausible deniability. Therefore, focus must be on shoring up digital defenses and preventing attacks.
America’s Weather Forecasting System Is Under Attack – http://pulse.me/s/375P7K
Two new revelations from the intelligence community this week have reiterated the gravity of cyber warfare and its effect on US national defense. The first occurred during President Obama’s visit to China. During that time, China was busy hosting the 10th China International Aviation and Aerospace Exhibition in ZhuHai China (中国国际航空航天博览会). The main attraction at the airshow was the new chinese J-31 fighter. Almost immediately, opinion began circulating regarding how the J-31, like its predecessor prototype the J-20, looked remarkably like the US F-35 Joint Strike Fighter and the F-22 Raptor. A quick look at the above photograph and anyone can see that the resemblance is undeniable.
While much of the conversation surrounding the J-31 in the media, social media and blogosphere is writing off the new jet as a cheap knockoff of the F-35, likely incapable of the same technological feats, the underlying issue here is not the jet itself, but its implications. It is no secret that the Chinese are suspected of many sophisticated cyber attacks against US infrastructure and defense. Examples abound for this type of intrusion and for the sake of length this article will not expand on them, rather the point here is to focus on the ramifications of cyber warfare.
Cyber warfare is “action by a nation-state or international organization to attack and attempt to damage another nation’s computers or information networks” (Rand). Cyber attacks are not limited to attacks on defense apparatuses such as government contractors. These attacks can be targeted toward any number of areas to include critical infrastructure such as power grids or financial centers. The risks of a cyber attack are unique in that they can happen very quickly and be nigh untraceable. Compared to traditional forms of war, cyber warfare is inexpensive, highly effective and offers a high degree of anonymity and plausible deniability.
Two of the main concerns of cyber warfare are disruption of critical infrastructure and cyber espionage. For example, a foreign government may lack the will or ability to launch a true campaign which would cost billions, result in true warfare, and the loss of life and regional stability. Perhaps this country doesn’t want a traditional war with a superpower like the United States due to economic concerns, but still wants to degrade their capabilities and injure their economy. Cyber attacks against infrastructure are an attractive and potent option. Hacking into financial centers or energy infrastructure might allow them to damage our economy, cause widespread blackouts, civil unrest, etc. The ability for cyber warriors to cover their tracks provides this hypothetical country with plausible deniability and a certain degree of shelter from potential repercussions. Still, the risks associated with being discovered are severe which leads to cyber espionage as another attractive option.
Cyber espionage is the use of computer networks to gain illicit access to confidential information, typically held by a government or other organization (Oxford). In essence, it is the stealing of secrets by way of digital intrusion. Going back to the beginning of this piece the J-31 is a foreboding example of cyber espionage. Headlines going back to 2011 claim that both Lockheed Martin, the main company behind the F-35 program, and BAE systems, a program subcontractor, were affected by cyber attacks. What information was taken isn’t widely available but defense experts acknowledge that it played a large role in the production of Chinese 5th generation jets. Furthermore, China’s production of 5th generation equipment likely means that it will not remain in China but will be exported to their allies which are less than amicable to the US.
A huge concern over these attacks and others like it is the possibility that cyber warfare can be used in real time on the battlefield. Some have speculated that with information gained about network security, hackers could conceivably disable or even hijack electronic devices such as those found on the Joint Strike Fighter. This scenario might elicit eye rolls from many but the possibility exists.
During research for a past study I came across the SkyJack. The SkyJack is basically a Parrot AR Drone outfitted with a special program that allows it to sniff out wireless signals from other drones and then take control. Granted, we’re talking about toys here but it is compelling nonetheless. In the hands of sophisticated hackers armed with sensitive information about a next-generation fighter’s network capabilities, it is conceivable that the controls could be seized. At minimum, with access to flight controls and guidance system, the platform could be disabled and rendered useless.
Cyber warfare is a potent weapon in the digital age but is still in its infancy. Everyday, hackers are becoming more sophisticated in their methods. Keeping up with the changes in methodology and technical prowess is a daunting task and one that the bloated bureaucratic system has been failing. Nevertheless, President Obama’s Feb. 2013 executive order stressed the importance of improving our cyber security framework and denying intrusion into our critical infrastructure. Whether or not it is too little too late will remain to be seen but cyber attacks will continue and escalate. It is incumbent on the intelligence community and private industry alike to develop methods to counter such attacks and ensure sensitive information is not surrendered to third parties.
The recent revelation from the website insecam has brought to the forefront the importance of password management and privacy control. For those who are not familiar with insecam and similar sites, it is essentially a database of camera feeds from around the world. These camera feeds are not public feeds such as one might find on a city or state website overlooking a freeway. Many of these are personal, cloud based surveillance systems with feeds ranging from businesses to homes.
The purpose of insecam is allegedly to shed light on the shortcomings of keeping a default password on your system. Most security cameras come pre-programmed with passwords like admin or 1234. While there are some out there who are comfortable leaving default passwords on their systems, whether for convenience or the idea that they’ve nothing to hide and don’t believe they are vulnerable, insecam is out to prove you wrong, and prove it they have.
A short perusal of their site shows that there are nearly 10,000 cameras active in the United States alone. Next up is Republic of Korea with a whopping 6248 feeds. Randomly clicking one of these feeds reveals everything from coffee shops to the interior of a child’s bedroom. Insecam also shows geotags of where these feeds are located. The fact that the location of the camera is tagged should give everyone pause, especially those with private in-home systems. Their intent may be to outline the shortcomings of laziness in network security, but they have inadvertently opened the door to plenty of nefarious characters.
The purpose of this post is not to scare people, although if you are one of the folks with an open feed to your living room or child’s play area you should be plenty concerned. The purpose is to reiterate the importance of password management in all IT functions, especially those that deal with privacy.
Basic password tips
First and foremost: change your default password. Depending on your security needs the password need not be too complicated. In general, passwords should be at least 10 characters long and include a variety of letters, numbers and symbols. Most access controlled sites recommend at least 8 characters, however the US government has been advocating for years that passwords should be at least 15 characters. Also, avoid using whole words as they are easily guessed. A good idea is to use an easy to remember phrase and use letters from that phrase as your password. For example: I like to go fishing on the third of the month can become Iltgfot3RDotm. Also, avoid easy to guess words and dates like kids’ names and birthdays.
A note about password storage and variety
Many people like to store their passwords in a digital file on another device, or in their cloud drive. This is not a good idea. If that device were lost or compromised, that password is now available to whomever hacked the system. If you must store your information electronically try to disguise it well by giving the file a subtle name that does not betray its sensitive nature and consider using basic encryption software.
Many people prefer to write their password on real media such as notebooks and sticky notes and leave them in plain sight. This is especially risky in office environments where someone may see it. Industrial espionage is a real risk and isn’t necessarily the guy in a neoprene jumpsuit rappelling down an air shaft to break into the mainframe. A seemingly benign interaction between co workers can lead to the inadvertent spread of sensitive information. Keep your passwords out of plain sight!
As for variety, do not use the same password for every application. It is tempting to streamline your passwords, especially when you’re constantly jumping between email, social media and work. The obvious risk is that once your password is compromised they will have access to all of your data.
On Tuesday India issued a widespread call for international action regarding nuclear security.
Nuclear terrorism is at the forefront of nearly every national security and counter terror expert’s mind in the last decade or so. Although the likelihood of a terrorist group obtaining a fully assembled nuclear bomb is slim there is a strong possibility that one may obtain the requisite materials to construct a radiological dispersion device (RDD), more commonly known as a dirty bomb.
Unlike a conventional nuclear weapon an RDD does not use fission or fusion to obtain the dramatic and devastating explosion that most come to expect when thinking of a nuclear weapon. Rather, an amount of harmful radioactive material is packed around a conventional explosive. That explosive is used to disperse the harmful material in a wide area via detonation. The goal of such a device is not necessarily widespread destruction but rather the contamination of the area and instigation of mass fear.
India’s First Secretary in the Permanent Mission of India to the United Nations Abhishek Singh said “There is widespread recognition that the threat of nuclear terrorism is one of the pressing challenges facing the international community. Responsible national action and effective international cooperation are therefore required for strengthening nuclear security to prevent vulnerable nuclear material falling into hands of non-state actors.”
Indeed one of the most efficient ways to obtain radiological material for use in dirty bombs is from either the black market or orphan sources. An orphan source is radiological material designed for use in legitimate industrial applications. An example of an orphan source is Cobalt-60, which is used medically for radiation therapy. The CDC lists the effects of Cobalt-60: “external exposure to large sources of Co-60 can cause skin burns, acute radiation sickness, or death. Most Co-60 that is ingested is excreted in the feces; however, a small amount is absorbed by the liver, kidneys, and bones. Co-60 absorbed by the liver, kidneys, or bone tissue can cause cancer because of exposure to the gamma radiation.”
How would somebody get ahold of an orphaned Cobalt-60? Theft is the most common method. In December 2013 a truck transporting a dismantled radiation treatment device was stolen in Mexico. This device contained significant quantities of Cobalt-60. In this particular instance the truck and the materials were recovered a few days later, but this illustrates the risk of terrorists, or other fringe groups, obtaining sources of radiological material.
India has legitimate reasons to worry about nuclear and radiological threats from terrorist groups. In August of 2013 Mujahideen leader Ahmad Zarar Siddibappa, also known as Yasin Bhatkal was captured by Indian authorities. During his interrogation he divulged information that suggested he attempted to acquire a nuclear weapon from his superior based in Pakistan. This superior, Riyaz Bhaktal, told Yasin that “anything can be arranged in Pakistan.”
Pakistani nuclear security is of particular concern to the US intelligence community. In August 2012 armed militants attacked Minhas air force installation where an estimated 100 nuclear weapons are stored. The Pakistani military repelled the attack leaving eight insurgents and one security official dead. That same year Pakistani military officials bolstered security at Dera Ghazi Khan installation amidst signs of impending extremist attack.
Whether or not the Taliban or other groups will attempt to gain control of Pakistani nuclear weapons or material is still up for debate. Perhaps they won’t need to expend the significant resources necessary to assault a military installation, break into a secured nuclear storage area and then find a way to transport the material all the while risking pursuit and substantial international intervention. The sources necessary for construction of an RDD can be had by theft or the black market.
In a headline which stunned the international community and shattered perceptions of nuclear technology being limited to industrialized nations, Abdul Qadeer Khan, a Pakistani nuclear weapons scientist, was arrested in 2004 for trafficking in nuclear technology and fissile material. Without going into tremendous detail, AQ Khan’s network was believed to be supplying nuclear technology, designs and expertise to Iran, North Korea, Libya and other undisclosed nations for over two decades. It is also important to note that, in the black market, Khan’s was not the sole network for obtaining nuclear material.
In light of the availability of orphaned sources, poor security controls at nuclear facilities in some parts of the world and black market networks the likes of AQ Khan, Singh is undeniably right in calling for more stringent controls on nuclear material. With the rise of terrorist organizations worldwide the threat of a nuclear weapon or a radiological dispersion device is higher than ever. Hopefully it will not take a major attack to realize.
Thank you for reading my blog. I plan on updating this site regularly with information and opinion regarding the security industry, international affairs and political pieces. Also, I will have a separate page which will serve as a database for pieces I have written in pursuit of my degree. I will periodically update this with personal information and happenings.Thanks again and I will post shortly!
via A Brief Overview.