Tag Archives: United States

Shutdown Security: Grinding the Axe

As the US Government shutdown enters its fifth week, federal employees and the businesses that support them are feeling the pinch. While it is somewhat easy for the average American to see the effects of the impasse on the Transportation Security Administration or the US Coast Guard, there is an entire range of services from food safety inspection to scientific research that are just as important but less obvious. The same is true of security and counterintelligence programs that play a critical, yet largely unseen role in keeping America great.

US security and counterintelligence programs are designed with the principal aim of maintaining American advantage — and therefore our power — against foreign adversaries. These programs, and the legions of professionals that implement them, protect our sensitive sources and methods for gathering intelligence, our plans for responding to contingencies, and our valuable people and resources overseas. We simply cannot allow these things to be neutralized, countered, or lost; a job that is made increasingly difficult by the ongoing government shutdown. As one colleague, a former CIA case officer suggests, the intensifying financial hardships of US government workers present a growing opportunity for criminal organizations and foreign intelligence services. If you have an axe to grind, they will be happy to help.

Patrick Skinner @SkinnerPM
Patrick Skinner is a well-known former CIA officer.

Security & Counterintelligence

Though security and counterintelligence are related, they are not the same. Security refers to efforts to protect information, people, and resources from loss or exploitation. Security covers a broad spectrum of activities ranging from establishing standards for computer passwords to running armed convoys in high threat areas. Security of personnel at diplomatic and military facilities overseas is almost always a cooperative effort with the host nation government and, by extension, the community at large. With contracts frozen and a large percentage of US Embassy staff working without pay, it is only a matter of time before the Embassy relationship with partner governments and their citizens begins to sour as we fail to pay our bills. There will be incidents that result in security problems for our people as the shutdown drags on and there is no government budget that will cover expenses for individual staff members.

Inside Man Sulu Arms Market
As I wrote in my 2011 book, The Sulu Arms Market, an “inside man” embedded in the right place is extremely valuable for criminal and intelligence organizations. Both exploit the same vulnerabilities in their targets.

The much larger and more damaging fallout from the ongoing shutdown comes from intelligence threats. Unlike security, which attempts to prevent loss from within, counterintelligence programs prevent threat actors from coming in and taking what they want. Criminal organizations and hostile intelligence services both seek sensitive information from inside the US government and if possible, agents they can count on to reliably provide information and access when required. Not surprisingly, they both depend on the same human factors that assist in targeting and recruiting Americans to work for them. Among the most common of those factors are financial vulnerabilities: debt and greed. Where the shutdown makes our counterintelligence efforts more difficult is that it is rapidly and massively increasing the number of US government workers that are in financial trouble and frustrated with the Washington power play that caused it.

The Operations Cycle

Intelligence services and criminal organizations are continuously spotting and assessing those they believe have access and placement to the things they want as well as a vulnerability they can exploit. Traditionally American officials are particularly challenging to recruit because they are vetted for a whole range of vulnerabilities through the security clearance process. Though this falls into the realm of security, it is basically an assessment of one’s susceptibility to recruitment. The relatively good pay and benefits afforded to US government employees protected us by ensuring their needs were met and that few would be willing to take the risks inherent with spying against their country. In other words, decent government salaries are a security measure. Needless to say, spotting and assessing vulnerable recruitment targets is becoming a whole lot easier for our adversaries. Since financial difficulties are one of the easiest things for an intelligence service to manipulate, recruiting those targets is also becoming easier.

Cyber Awareness
Though they poke fun at the adolescent presentation, virtually every US government employee is educated in basic counterintelligence via the Cyber Security Awareness Challenge course required for access to government computers.

The recruitment phase usually begins with something mundane that escalates as the subject becomes entangled, knowingly or otherwise, with the adversary. Imagine being a furloughed foreign service officer struggling to pay your bills. You’re having coffee with a local colleague and sharing your distress with the situation. He tells you he has a friend that works at a well-known think tank that would pay $300 — an intentionally small sum — for an article written by a native English speaker with some professional credibility. It could help pay the bills, does not have to be about anything you work on for the Embassy, and does not even have to be attributed to you. You decline the offer initially but the think tank checks out, is not associated with a government, and produces good quality work. You wouldn’t say anything controversial, certainly not about something important to the United States, and no one will know you wrote the piece anyway. You accept, and though everything goes well, you have unknowingly stepped onto a very slippery slope.

A few days later your friend congratulates you on the popularity of the piece. He tells you his colleague would like to thank you in person. You feel honored and write another piece or two in the meantime. When you finally meet your benefactor he tells you he would like to contact the Embassy’s Consular section to vouch for an employee seeking a US Visa. He doesn’t know who exactly to talk to, so he asks for a phone list. Without thinking too much about such a benign request you provide the list. Besides, you want to keep this gentleman happy since he’s paying your bills…

Grinding the Shutdown Axe

One can see where the rest of this tale leads. The subject in the story took money from what may have been a foreign intelligence officer; provided official, though unclassified government documents; and attempted to conceal all of the above. He or she is now ripe for exploitation. Though blackmail and coercion are the least effective methods of recruiting a source, the disillusionment that may come from being left without a paycheck can be a more reliable and productive basis for recruitment. There is nothing better than an agent with a grievance against his own government.

Financial vulnerabilities among staff are a significant counterintelligence and security problem and they are exploding under the shutdown. Some 800,000 federal employees in nine cabinet agencies are furloughed or operating in “exempted” status, meaning they are working without pay. The number of federal contractors affected — some of whom serve in critical national security positions — is estimated to be 1.2 million, most of whom do not expect to receive back pay. Some of those working for Immigration and Customs Enforcement, for example, are aware of the irony of being furloughed due to a power struggle that started over immigration.

The same is true of the Federal Bureau of Investigation which has the unenviable responsibility of protecting the country from intelligence threats under these circumstances. One thing is certain, the longer this shutdown continues, intelligence and security breaches will become more common and will take longer to discover and neutralize. As federal employees burn through their savings, more and more will decide their axes require grinding. How many ultimately make that choice is something we may never know.


Lino Miani, CEO Navisio Global LLC

Lino Miani is a retired US Army Special Forces officer, author of The Sulu Arms Market, and CEO of Navisio Global LLC. He provided expertise in special and intelligence operations to NATO from 2013-2016 and occasionally writes about intelligence operations like the assassination of Kim Jong Nam.

Bad News: Cyber Norms Probably Won’t Constrain Cyber Conflict

The U.S. government has put the promotion of its cyber norms at the forefront of its cyber diplomacy with the hopes that it will constrain pervasive cyberattacks. Past experience with norm promotion efforts provide insight on whether the United States is likely to be successful. Unfortunately, the future is bleak.

As a general rule, states develop norms to promote their interests and a norm will only spread if other states perceive it to be in their interest to abide by it. Historical examples of this are plentiful. In the late 19th century, Russia pursued constraining norms against the possession and use of chemical and biological weapons as well as strategic bombing at the First Hague Conference. Russia had failed to master these new weapons and wanted to constrain potential adversaries. Britain, on the other hand, opposed a norm restricting strategic bombing because it saw bombing as a tool to offset the relatively small size of its ground forces. As a result, the conference agreed to prohibit the “discharge of projectiles and explosives from balloons or by other new analogous methods” for a temporary period of five years while prohibiting chemical and biological weapons indefinitely. These bans lasted until the powers of the day determined it was not in their self-interest to maintain them. Britain and Germany both used chemical weapons in World War I and strategic bombing was used throughout World War II by all parties.

1200px-Vickers_machine_gun_crew_with_gas_masks
British Vickers machine gun crew wearing PH-type anti-gas helmets near Ovillers, France during the Battle of the Somme, July 1916. (Courtesy John Warwick Brooke).

The requirement that states perceive a norm to be in their self-interest means that norms containing offensive cyber activity are unlikely to work. Unlike other forms of weaponry, cyber weapons are stealthy, making it difficult for planners to determine whether cyber weapons will be useful in the future. Furthermore, some states rely more on cyberspace than others, making states that are less dependent on the Internet less vulnerable to an attack. These relatively immune states will struggle to determine if constraining norms are in their interest as many states did with strategic bombing and will want to keep their options open.

Chinese, Russian, and U.S. cyber activities appear to indicate that these states believe they have more to gain from embracing cyberattack capabilities than constraining norms:

  • China has been unconstrained in its cyber espionage, as demonstrated by the recent OPM breach, but it is also preparing to use cyber weapons to cause economic harm, damage critical infrastructure, and influence armed conflict. The U.S. Department of Defense has pointed out that China is “looking at ways to use cyber for offensive operations” and Beijing appears to be developing and fielding advanced capabilities in cyberspace with strategic objectives in mind.
  • Russia’s early cyberattacks on Estonia, Georgia, and Ukraine indicate that it is largely unconstrained by restrictive cyber norms. Although Russia has diplomatically advocated for a ban on cyber weapons and an International Code of Conduct for Information Security, its efforts are analogous to the Soviet Union’s early advocacy for a prohibition on nuclear weapons while simultaneously pursuing such weapons or its support for a ban on biological weapons while simultaneously developing them in secret. Russian military doctrine proclaims that any future war will involve the “early implementation of measures of information warfare to achieve political objectives.”
  • The United States is significantly expanding its cyberattack capabilities at U.S. Cyber Command and engages in offensive cyber operations. However, unlike Russian attacks, the United States appears to avoid targeting nonmilitary assets yet this restraint is likely negated by its perceived general “militarization” of cyberspace by adversaries such as China. The United States has articulated few limits on cyberattacks. For example, the International Strategy for Cyberspace states that the United States reserves “the right to use all necessary means” consistent with the application of international law to defend itself and its allies and partners.

There are other reasons beyond self-interest that make containing cyber norms less likely to emerge. For example, unlike when the United States was briefly the only nuclear power after World War II and was able to establish a precedent of restraint in post-World War conflicts, it is too late to have a state establish a precedent through restraint or establish a prohibition on cyberattacks.

While policymakers are fixated on the development of constraining rules of the road for cyberspace, history shows that U.S. efforts to promote norms to constrain offensive cyber activities are unlikely to succeed.


About the Author: Dr. Brian M. Mazanec is an adjunct professor at George Mason University. His book, The Evolution of Cyber War: International Norms for Emerging-Technology Weapons, was recently published by Potomac Books.

Note: This article is cross-posted at the Council on Foreign Relations Net Politics blog.

Featured Image Source: Bill Smith