Wednesday, September 28, 2005

GS(3) Intelligence Briefing (9-28-05)

NOTE: GS(3) Intelligence Briefing is posted on a bi-weekly basis. As circumstances dictate, we may post special editions. The Briefing is organized into five sections: Europe, Middle East and Africa, Asia Pacific, Americas, Global and Cyberspace. Each issue will provide insight on terrorism, cyber crime, climate change, health emergencies, natural disasters and other threats, as well as recommendations on what actions your organizations should take to mitigate risks. Starting in Sept. 2005, “Words of Power" commentary will also be posted on a bi-weekly basis. This commentary will explore a range of issues in the interdependent realms of security, sustainability and spirit. For more information, go to

Europe, Middle East & Africa
Six recent stories from Turkey, Lebanon, Spain, Mauritania, South Africa and Somalia underscore the sweeping regional scope of terrorism and how it can impact your business, threaten your family and destabilize your society wherever and whoever you are. The great question, though, the most difficult one to answer, is who really benefits from it, and who is really pulling the strings. Of course, the answer to that question is of a geopolitical and macro-economic nature, and answering it is taboo. Yes, terrorism arises from radical groups, and yes, much of it is “state-sponsored” by “rogue nations,” but there is more to the story, e.g., the involvement of great nations and global corporate interests, that should be understood better and more openly.
While traveling to the U.S., Turkish Prime Minister Recep Tayyip Erdogan talking to journalists on board about the recent assassination attempt in Kutahya, said, “As a matter of fact, this is the third assassination attempt directed against me, however, the previous ones were not so close.”  It is known that during his son Bilal’s wedding ceremony in 2003, members of the Revolutionary People's Liberation Party-Front (DHKP-C) had planned to assassinate Erdogan. But according to a report in the Sabah daily, the assassination attempt that was concealed from the public, took place a year and a half ago. A bomb placed 50 meters from the prime minister’s home in Istanbul was to be set off by remote control as his car approached the target area…(Zaman, 9-17-05)
May Chidiac, 40, a Lebanese Christian, and a TV news personality, was maimed when a bomb planted in her car blew up in the northern outskirts of Beirut…It was the 13th in a wave of bombings unleashed in February, when Lebanon's billionaire former prime minister Rafiq Hariri was assassinated in a huge bomb blast on the Beirut seafront. A German investigator is preparing to report to the United Nations secretary general on his inquiry into the murder of Hariri in October. (Agence France Press, 9-26-05)
Spain's High Court sentenced Imad Eddin Barakat Yarkas, alias Abu Dahdah (head of a Spanish-based Al-Qaeda cell that had been under investigation since 1995) to 27 years in prison for conspiring to commit murder in the 9/11 attacks. They also sentenced 17 other people, including a reporter for the Al-Jazeera television station, for between six and 11 years in prison…The reporter Tayssir Alluni secured an interview with bin Laden in Afghanistan in 2001…Alluni, who had insisted on his innocence throughout the trial, was accused of acting as a financial courier to the group...The court said Alluni was not a member of the Dahdah-led Spanish cell, but "collaborated... in determined fashion" with Al-Qaeda and used his position to pass information to and from members of the organisation. (Agence France Press, 9-26-05)
South Africa’s special Scorpions unit are investigating a claim that a clandestine organisation based in Cape Town shipped 10 al-Qaeda operatives to South Africa from Afghanistan and Pakistan in 2003 and 2004. The organisation allegedly set them up with almost £1-million (R12-million) and false South African citizenship - before they were transferred to Britain. (, 8-27-05)
According to he minister of internal affairs of Somaliland (northwestern Somalia), four Al Qaeda members were apprehended after a firefight in downtown Hargeisa. Although he did not explain what connects these men to Al Qaeda, he said they came from southern Somalia to kill Somaliland officials and international workers in Somaliland. Three police officers and three suspects were wounded in the fight, and four suspects escaped into the dark. (, 9-23-05)
In June, terrorists ambushed an army patrol in Mauritania and massacred 15 soldiers. The culprits readily identified themselves with Osama bin Laden's al-Qaeda group. Indeed, they received immediate congratulatory messages on the Internet from far-flung affiliates of the al-Qaeda, including the Iraq-based al-Zarqawi Jihad organisation… Following the attack on the Mauritania army, the July 6 issue of Morocco's leading tabloid, The Liberation, reported that the al Qaeda had a grand objective to establish terrorist bases in the Sahel similar to those existing in Afghanistan before the Taliban regime was dismantled two years ago. The Sahel terrain is as torturous as the Afghan caves and mountains when it comes to policing, making it an ideal hiding place for terrorists. (, 8-29-05)
  • Major corporations, particularly with operations or interests in the major cities of Europe, or in the Middle East or Africa, should have contracts in place with security services (e.g., Control Risk’s CR24) and emergency medical services (e.g., International SOS) to deal with the aftermath of terrorist strikes, and distribute laminated wallet cards containing vital information, such as 24x7 telephone numbers and emergency protocols for all employees. The annual fees for such services are insignificant for any corporation with revenues in the hundreds of millions, or even the tens of millions. The cost of producing and distributing the wallet cards to all your people is trivial. There is no excuse for not taking these actions, particularly if you have already invested in the security services and simply lack the intestinal fortitude or the caring concern to cut through the resistance and get those cards into the hands of your people.

Asia Pacific
The big four global accounting firms are beyond the point of merely salivating over the delicious profits to be realized in the Chinese economy during the decades ahead. They have already taken their first few bites and are dreamy-eyed at how fulfilling this meal is going to be: e.g., Ernst and Young plans to “more than double its China staff to over 8,000 within five years to meet the growing demand for professional services (Shenzhen Daily, 5-19-5), and Deloitte will “invest 150 million USD, increase its number of employees [in China] to 8000 or four times as many it is now, and push its operating revenue up to five times what it is now (People’s Daily, 6-2-05).
Well, unfortunately, like lawyers and doctors, accountants often do not really understand security and security-related risks, particularly the reputational dimensions of it; and global accounting firms, as Enron, Parmalat and other market-shaking scandals illustrate, can find themselves in trouble.
“The severe and widespread nature of corruption in China is becoming a major source of social discontent and poses a threat to the legitimacy of the country's leaders, according to experts at the Organisation for Economic Co-operation and Development. Researchers at the Paris-based think-tank, which released its first comprehensive survey of China's economy earlier this month, also said that the problem posed a threat to the country's economic progress…“The economy is growing, so incidences [of corruption] are growing too,” said Janos Bertok, one of the OECD researchers in charge of evaluating corruption in China, and one of the authors of this month's ground-breaking report…Frederic Wehrle, a co-ordinator of OECD corruption research in Asia and also an author of this month's report, said that officials who received large kickbacks faced lengthy prison terms or even the death penalty, while such events were often reported in the domestic media. However, he said, China also needed stricter controls on people who pay bribes. “You cannot succeed in the fight against corruption if it is one-sided,” he said. He said that more could be done to encourage whistleblowers to come forward with allegations of wrongdoing. In recent years, many Chinese officials and bankers have escaped prosecution by fleeing abroad with large sums of money, often to other parts of Asia or to North America. The Ministry of Commerce has estimated that 4,000 corrupt officials have fled the country with roughly $50bn in the past two decades…”(Financial Times, 9-27-05)
  • Entering into the Chinese economy, where most of what you could merge with or acquire either started with the Communist Party or the Red Army, will expose your professional organizations (particularly those who assimilate thousands from the mainland workforce) to an array of threats and risks, including economic espionage on clients and involvement in corruption and money laundering. A coherent, rigorous background investigation process for all potential clients and all potential workers is a must, so is a world-class counter-intelligence program. But sadly, I do not expect that most organizations will do either. Therefore, expect trouble down the road.

The big stories related to Katrina and Rita that are being downplayed, misdirected or outright surpressed in the US mainstream news media are the environmental dangers (much worse than is reported), the death toll (much higher than is reported), the damage to the oil industry infrastructure in the Gulf (staggering) and the role of global warming (profoundly significant).
Hurricane Rita has caused more damage to oil rigs than any other storm in history and will force companies to delay drilling for oil in the US and as far away as the Middle East, initial damage assessments show. ODS-Petrodata, which provides market intelligence to the offshore oil and natural gas industry, said it expected a shortage of rigs in the US Gulf this year…Ken Sill of Credit Suisse First Boston said: “Early reports indicate numerous rigs are missing, destroyed or have suffered serious damage and several companies have yet to report. Rita may set an all-time record.”  The US Coast Guard said nine semisubmersible rigs had broken free from their moorings and were adrift…Rigs cost $90m-$550m to construct, depending on how sophisticated the structure and how deep the water in which it will drill. A rig ordered today is unlikely to be ready before 2008 or 2009, analysts said…Initial reports from companies are ominous. Global Santa Fe reported it could not find two of its rigs. Rowan Companies reported four rigs damaged, with two having moved, one losing its “legs” and the fourth presumed sunk. Noble has four rigs adrift, with two run aground one into a ChevronTexaco platform. (Financial Times, 9-27-05)
An estimated 80 percent of the buildings in the Louisiana town of Cameron, population 1,900, were leveled. Farther inland, half of Creole, population 1,500, was left in splinters… In Beaumont, five people, two adults and three children, died after moving their generator indoors so that it wouldn’t bother the neighbors or be stolen. The family had evacuated but after living in their cars and running out of money they returned to their apartment. (Associated Press, 9-27-05)
In Louisiana's coastal Cajun country, where Rita pushed up to 15 feet (4.5 metres) of sea water 35 miles (55 km) inland, Coast Guard, wildlife wardens and National Guard troops rescued hundreds of people from rooftops or atop water tanks…Two large refineries in Port Arthur, Texas, faced possible four-week outages and at least two others were damaged…(Reuters, 9-27-05)
AIR Worldwide Corp., based in Boston, estimated insured losses from Rita at $2.5 billion to $5 billion. That is far less than the estimated $35 billion in damage to insured property caused by Katrina last month, but still would put Rita among the 10 costliest storms, along with four hurricanes that swept through Florida last year…Rita also caused an estimated $300 million to $800 million in damage to insured property when it swept through the Florida Keys earlier in the week, according to EQECAT.  (MSNBC, 9-24-05)
This year has been the most active for hurricanes and tropical storms in the Atlantic since 1995. So far, the region has seen 17 tropical storms, compared with 19 in 1995. However, there could easily be several more storms between now and November, to make this the most active hurricane season for decades. (Financial Times, 9-23-05)
Super-powerful hurricanes now hitting the United States are the "smoking gun" of global warming, one of Britain's leading scientists believes. The growing violence of storms such as Katrina, which wrecked New Orleans, and Rita, now threatening Texas, is very probably caused by climate change, said Sir John Lawton, chairman of the Royal Commission on Environmental Pollution. Hurricanes were getting more intense, just as computer models predicted they would, because of the rising temperature of the sea, he said. "The increased intensity of these kinds of extreme storms is very likely to be due to global warming."  In a series of outspoken comments - a thinly veiled attack on the Bush administration, Sir John hit out at neoconservatives in the US who still deny the reality of climate change. Referring to the arrival of Hurricane Rita he said: "If this makes the climate loonies in the States realise we've got a problem, some good will come out of a truly awful situation." (Independent/UK, 9-23-05)
  • Those organizations with operations, people or interests in the Caribbean should remember that this hurricane season is not over, and next year’s will be as intense if not more intense. More storms are coming sooner and later, huge, fierce storms that act unpredictably. If you have disaster recovery, business continuity and crisis management capabilities you must test them and train on them regularly, revising them if necessary to reflect the rapid climate change we are undergoing. And, of course, if you have no plans you should look up the definition of criminal negligence in the jurisdictions you would be subject to.

The Indonesian government is struggling to meet the challenge of its bird flu outbreak, which does not bode well for the rest of the region, or the world as a whole.
“In Indonesia a taxi driver develops a fever and dies, the latest victim of the virulent H5N1 strain of bird flu. His wife grows ill and also dies. So do his children. And within 10 days so do many of his passengers, victims of a newly mutated virus that has finally found an efficient way to leap among humans. One of those unlucky passengers is a businessman heading to Jakarta's airport to fly home to Munich. On the first leg to Singapore he passes the virus on to an Australian grandmother sitting next to him and an Indian motorcycle magnate across the aisle. All make it home. All die within days. Before they do though, they each pass it on to dozens of people in the beginning of a frightening chain of infections. Welcome to the global flu pandemic. The scenario is, for the time being, fictional.” (Financial Times, 9-23-05)
There is a lot going wrong or undone in Indonesia.
Indonesia's efforts to stamp out bird flu are being cramped by a lack of funds, a shortage of veterinary doctors, and incomplete data on flocks of commercial breeders...Indonesia has not begun mass culls of infected birds because a recent outbreak of bird flu took authorities by surprise…(Reuters AlertNet, 9-27-05)
A week after the Indonesian government declared an "extraordinary situation", few measures have been taken to contain the disease…Despite advice from the WHO to carry out mass culls of poultry within a 3-mile radius of affected areas, the government has favoured vaccination as a less expensive option than a cull, due to the issue of farmer compensation. Indonesia's health ministry suspects that bird flu has affected 22 provinces in the country, with several towns in Java and South Sulawesi being the most seriously affected areas because of their high populations of poultry. (AKI, Jakarta Post, 9-26-05)
According to the Australian Foreign Minister, Indonesia was struggling to contain an outbreak of bird flu and had been slow in distributing drugs to counter the disease. (Courier-Mail, 9-26-05)
Meanwhile, as everywhere, awareness and education is inexpensive, effective and underutlized.
What is the key to combating bird flu? The answer may be as simple as good personal and environmental hygiene, but Jakarta health officials have been slow to share this information with the public…"We asked health officials to talk to local residents on how to deal with bird flu right after the closure of Ragunan Zoo," said Ragunan sub-district head Fihir Sadil.  But the campaign only reached a few locals since it was held in the sub-district office. The sub-district itself is diverse as kampong areas are located nearby upmarket residences.  Local health center staff have distributed flyers on preventive measures as well as the symptoms of bird flu…The health ministry's director for communicable diseases and environmental health  said if residents observed good hygiene the risk of the virus spreading would be reduced by 95 percent. "It will
also help us fight other diseases like hepatitis," he said. (Jakarta Post, 9-27-05)
Other governments in the region are scrambling to prepare their societies and develop their response.
Philippines said it was monitoring bird sanctuaries because of concerns that the seasonal arrival of migratory birds next month might bring avian flu to the country. The government also said it had ordered tighter surveillance of illegal trading of exotic birds in southern Mindanao island, and their immediate destruction if they came from bird-flu affected countries such as Indonesia. (Reuters, 9-26-05)
Labor wants the federal government to conduct an audit of Indonesia's ability to cope with the threat of bird flu. Federal opposition foreign affairs spokesman Kevin Rudd accused the government of being complacent about protecting Australia from a global avian influenza outbreak. Mr Rudd said Australia should convene a regional foreign ministerial forum on avian influenza "to audit the capability gap across the region, including Indonesia, and to help our friends in the region fulfil those gaps.” (The Age, 9-25-05)
South Korea will go on alert from mid-October, government officials said, warning that the arrival of migratory birds could lead to another outbreak of the deadly virus. Officials at the Ministry of Agriculture and Forestry said they will issue the alert next month and then begin special monitoring and quarantine precautions from November.  (Korean Times, 9-27-05)
The ministry of environment and forests has directed Assam to draw up a contingency plan to combat bird flu before migratory birds start arriving in the state…Alarmed by Delhi’s warning, the state forest department has convened a meeting of veterinarians, wildlife officials and other experts at the state zoo here. Quoting the ministry missive, sources here said the first flocks of three species — the bar-headed geese, the great black-headed gull and the great cormorant — migrating between Qianhai Hu in China and South Asia, mostly India and Bangladesh, have been sighted in the region…Tens of thousands of birds that could be carrying the virus are reported to have left the reserve in September and are headed for warmer climes across the Himalayas. These birds reach India mostly in early October.  (Telegraph, Calcutta, 9-27-05)
  • Too little too late? Better late than never? This is not the moment for clichés, this is a time for meaningful action. Those who engage in the harshest self-criticism, prepare for the worst and are very open with their populaces will fare the best. Those that tell themselves what they want to hear, do only minimum preparations and do not empower and engage their populaces will fail miserably. Your organization needs a bird flu specific crisis response plan. GS(3) Intelligence can help you if you do not already have one.

As the originator of the “CSI/FBI Computer Crime and Security Survey,” a study which did a tremendous amount of good but which should have been ended or radically redesigned several years ago (as I championed prior to moving on from my role as CSI Editorial Director), I am particularly interested in research on cyber attacks and related issues. One of the most intriguing projects is a semi-annual Internet security study that Symantec conducts. The data is compiled from 24,000 sensors monitoring network activity in numerous organizations in over 180 countries.
“In a report on robot program ('bot') activity for the period January 1 to June 30 2005, Internet security vendor Symantec found an average of 10,352 bots online per day. This compared with an average of 5,000 bots per day around December 2004. Bot networks are compromised computers on which attackers have installed software that listens for and responds to commands -- commonly over a chat channel -- allowing remote control of the computers.
Steven Deare, for ZDNET Australia, summarizes:
“The rise in bot activity follows the release of Microsoft's Service Pack 2 in August 2004, a free download issued by the vendor to combat a range of security exploits. Prior to its release, 30,000 bots per day had been recorded in July 2004. The 2005 rise was a sign that hackers and malicious users were fighting back against vendor patching, according to the report…Coinciding with the rise in bots, the report found denial of service (DoS) attacks jumped by 680 percent in the same period, to an average of 927 per day. Bot networks are commonly used to execute DoS attacks. "This increase in DoS activity is largely due to the corresponding increase in bot network activity. It may be related, at least in part, to financial motivation, as DoS attacks have been reported in extortion attempts," the report said.  Symantec also found such bot networks were available for hire. The report detailed an example from a chat service, whereby a bot network owner advertised the size, capacity and price of the network he was offerring. Customised bot binary code was available for between US$200 and US$300. (ZDNet Australia, 9-20-05)
Brian Krebs, in The Washington Post, observes, however, that this is only a narrow glimpse.
“…security experts say Symantec's estimates represent a small fraction of the global bot epidemic. The nonprofit SANS Internet Storm Center, which tracks hacking trends, sees an average of 260,000 bots each day being used to locate other vulnerable computers, said Johannes Ullrich, the center's chief technology officer…(Washington Post, 9-25-05)
  • There are so many false notions about cyber security. Some with expertise on the technical side see it self-servingly as a technical problem. Some with expertise on the human side see it self-servingly as a people problem. It is both, of course, and it requires a comprehensive program powered by a strong organizational commitment. You cannot rely on technology vendors alone to protect your information and information systems anymore than you can rely on governments alone to protect you and your family from bird flu or hurricanes. You have to address the growing threat of cyber crime by developing your own organizational will, understanding and capabilities.

Richard Power is the founder of GS(3) Intelligence and His work focuses on the inter-related issues of security, sustainability and spirit, and how to overcome the challenges of terrorism, cyber crime, global warming, health emergencies, natural disasters, etc. You can reach him via e-mail: For more information, go to