Future Threats Drive U.S. Intelligence

April 2008
By Robert K. Ackerman
E-mail About the Author

This map of global Internet flow from 2005 shows the high degree of traffic that passes through the United States. This places the country at “ground zero” for Internet traffic, DNI Mike McConnell points out.
The devil you don’t know is the top concern for national security.

The next threat” is the biggest worry facing the U.S. intelligence community, according to its director. While terrorism is the current primary threat facing the security of the Free World, the purveyors of terrorism might take new approaches to tactics and procedures that would change the nature of their threat—and the type of damage that they could inflict on an innocent populace. The same players would be doing harm, but they would be striking in entirely different ways—and they might be joining forces with others to pursue their agenda of destruction.

The threat from proliferating weapons of mass destruction is not receding, and both terrorists and rogue nation-states could employ them against the United States and its allies. Even without their use, these weapons could trigger arms races that cause more instability in already volatile parts of the world.

Adapting to meet these threats entails reshaping the intelligence community and adopting new procedures. Web 2.0 technologies offer revolutionary capabilities that could be vital to overcoming existing and future threats, if they can be incorporated into the intelligence environment. A new generation of intelligence professionals moving up through the ranks quickly may be the key to overcoming cultural inertia and implementing new information age assets.

The challenge for the intelligence community is to ensure access that allows for deep penetration of any adversary, says Mike McConnell, director of national intelligence (DNI). “I always worry about the next threat,” he emphasizes in a SIGNAL Magazine interview. “We tend to focus intently on the current threat, and I’d like to keep some group with wary eyes looking over the horizon at what might be next.”

This approach does not portend a shift away from the existing terrorist threat, McConnell emphasizes. Instead, the challenge facing the intelligence community is to be able to adjust when that terrorist threat metamorphoses into something entirely different from the attacks of the past seven years.

“Increasingly sophisticated terrorism” is what McConnell fears might be produced by that metamorphosis. Currently, major terrorist attacks have taken on a kinetic nature—setting off bombs in public places or crashing aircraft into buildings, for example. But vulnerabilities in many segments of the critical national infrastructure leave open the possibility of bioterrorism and cyberterrorism, to name just two. These types of terrorist attacks could be more insidious and difficult to confront than the currently expected terror strikes, he says.

The United States has done reasonably well in holding back kinetic terrorism, McConnell offers. It is much more difficult for a terrorist group to enter the country and carry out an attack than it was before 9/11, he reports.

But al-Qaida is still viable and is enjoying de facto safe haven in the Federally Administered Tribal Areas of Pakistan, he notes. The terror organization has leadership, middle managers and a place to train the new operatives it continues to actively recruit. That organization remains a threat.

The proliferation of weapons of mass destruction is another concern for the director. These could be nuclear or biological, for example, and their use could come from either terrorists or nation-states.

“I’m concerned, for example, that the Iranians are on a path to produce nuclear weapons,” McConnell says. “We did our national intelligence estimate [in which we noted that] they stopped a particular phase of that, and they did it in a time frame—late 2003—subsequent to the invasion of Iraq, when there was a lot of concern there.

“It was a secret program that they never admitted to, and when they stopped, it was a temporary halt. We don’t know if they have restarted it in even more secrecy. They are continuing to pursue fissile material, which is probably the most challenging aspect of a nuclear weapons program. They are continuing to develop ballistic missiles that could deliver such a weapon a great distance all the way to Egypt or all the way into Europe.

“The part that they canceled—the technical design of the warhead—is quite frankly the easiest part. Given their current path, they could have nuclear weapons some time after 2010—likely the 2012 to 2013 time frame,” McConnell declares.

If Iran develops nuclear weapons, the effect on the Persian Gulf region could be serious even without the use of a nuclear device. McConnell predicts that it will put huge pressure on other nations to obtain nuclear weapons as well. That will lead to a nuclear arms race in the region that supplies most of the world’s crude oil.

Among nonkinetic threats, cyberterrorism is at the top of McConnell’s list. Improving national cybersecurity is a key initiative underway by the intelligence community, he imparts. The connectivity of the Internet has done wonders for the economy and society, but it also has introduced a level of vulnerability that the director describes as unprecedented.

The main concern stems from cyberterrorists, who might not be deterred as would a nation-state. Many nation-states possess considerable cyberwar capabilities, but it would not be in their best interests for the United States to suffer a serious cyberattack that disrupts the world’s largest economy. Any nation with strong economic ties to the United States would be discouraged from engaging in that type of attack simply from the effect it would have on the attacker’s own economy as well as on the global marketplace as a whole.

However, terrorists have no such fear. Lacking a national economy, they would suffer little if any loss amid much gain from inflicting severe economic damage to the United States.

McConnell points out that most attacks on the U.S. cyberinfrastructure—both civilian and military—tend to focus on data exploitation rather than destruction. Foreign governments may be trying to access data for their own uses, while criminals are looking to access data for financial gain. Cyberterrorists, on the other hand seek destruction of data. The two very different goals often are mistakenly combined when people consider cyberthreats.

McConnell relates that he has directed the Intelligence Advanced Research Projects Activity, or IARPA (SIGNAL Magazine, October 2007), to pursue research into attribution and geolocation in cyberspace. Success in this endeavor is crucial for determining who is launching an attack in cyberspace—and from where.

Another concern is bioterrorism. If terrorists should learn how to spread a pandemic—such as a human-to-human mutation of avian flu—the death toll would be in the tens of millions.

He recounts how a post-9/11 wargame among government and industry experts featured a terrorist attack using an aerosol version of bubonic plague. The germ was released in a couple of U.S. athletic events, and because the participants did not realize what was happening until it was too late, the death toll was in the millions. The outcome was so traumatic to its participants that the wargame was restarted, and all the participants applied the lessons they learned in the first iteration. The number of deaths dropped by a full magnitude just because of what experts gleaned from the first event.

In addition to human deaths, a bioterror attack could cause severe economic upheaval. A natural outbreak of hoof-and-mouth disease devastated the livestock industry in the United Kingdom a few years ago. McConnell offers that any number of intentional epidemics could have a cascading effect that produces severe economic consequences.

The director allows that the intelligence community is not as worried about biological warfare technology from the old Soviet Union falling into the hands of terrorists. His sense is that this technology is “fairly well contained.” However, there always is the possibility that a dissatisfied professional from one of those programs might be enticed to aid some other group, including terrorists. This is the same concern that officials in Russia and the United States have had with former Soviet nuclear and chemical warfare experts, he notes.

But the threat of bioterrorism still looms large. “As heinous as 9/11 was, if terrorists did something in a cyber context or a bioterrorism context, it would have significantly greater dimensions in terms of impact—people dying or economic effect,” McConnell says.

McConnell sees his role as that of an integrator creating a collaborative culture. His goal is a community that creates decision advantage for the nation’s leadership. “This community is action oriented; it has an operational role,” he says. “The authorities under which we operate can be very dynamic and operationally focused, so part of our challenge is to penetrate targets that have interests contrary to our own. Once we do that, we must create decision advantage for the nation.”

He offers that his plans to reshape the intelligence community are progressing, but not as quickly as he would want. “There are 16 agencies in the intelligence community, and 15 of them work for someone other than the DNI,” McConnell relates. “Part of this challenge is to get willing cooperation and collaboration across a community that has departmental responsibilities as its first priorities.

“This is a huge cultural change, and that is why it is taking a long time,” he emphasizes.

For example, individuals need to be expert in their specialty areas to move up. That tends to preclude branching off into other areas of the community. McConnell says that he is challenging people who have come up through this traditional construct to identify with the community. They should consider themselves intelligence professionals first instead of specialists in one particular discipline or organization.

A significant achievement was to attain an agreement on joint duty, the director offers. In the same way that the Goldwater-Nichols Act required senior military officers to have jointness in their career history, the intelligence community has incorporated a joint duty concept. It took two years to achieve agreement across the community, McConnell relates, but now senior leaders in intelligence agencies must serve a tour of duty outside of their parent organizations. This helps breed appreciation for other elements of the community and enhances engagement among intelligence organizations.

The community has improved in many key areas, including information sharing across boundaries. Analysis quality has improved. In addition to increased sharing, new methodologies have generated processes for challenging hypotheses, using academic standards for training, conducting alternative analysis and red-teaming results.

The community also is better at collecting information, which McConnell attributes to better coordination. In a system “left on automatic,” everyone wants to know about the same subject at the same time. However, that approach narrows collection in areas that are related to that topic. Broader collection benefits all users, and the community now is better at coordinating collection than before, the director says.

Another effort aims at making the security clearance process “faster and cheaper,” he says. In the past, obtaining a government or industry clearance could take a year or more. To shorten that time span, the intelligence community and the Defense Department ran a pilot program based on processes established by the commercial financial services industry, which has a similar type of risk in its global money movement. These processes incorporate automation and life-cycle monitoring, which will help track the activities of cleared individuals throughout their careers.

McConnell relates that he and Lt. Gen. James R. Clapper Jr., USAF (Ret.), undersecretary of defense for intelligence, agreed to reform the clearance process rather than streamline it. The goal is to re-engineer the process by challenging its fundamental basis. The ongoing pilot is testing that approach, and officials are writing the necessary documentation for changing policy at the end of the process.

“If you’re going to engage this community, be trusted with these secrets, then a condition of employment is that you live under these [life-cycle monitoring] conditions,” McConnell explains.

“Can we make this commercial financial services model applicable here in government? Our hypothesis is that we can do it, and we can do it faster, cheaper and with better results. So we’re testing all of that now,” he said.

One initiative underway aims to improve the intelligence community’s legal foundation. In particular, the Foreign Intelligence Surveillance Act (FISA) is vital to the community’s mission against terrorism. McConnell says that the very nature of cyberspace has changed the playing field, and FISA aims to take account of those changes. Most Internet traffic passes through the United States as it girds the globe—“We are ground zero” for Internet traffic, he points out. A terrorist on one side of the Earth may message a confederate on the opposite side, with that data passing through the United States. The intelligence community must be able to access that message.

Another effort entails bringing the entire community into the post-Cold-War era. The Intelligence Reform and Terrorist Prevention Act of 2004 established the current intelligence structure. Executive Order 12333, which was signed by President Ronald Reagan in late 1981, governs the community. Updating this Cold War document is the goal of an interagency process to generate recommendations for its modernization.

McConnell shares that the community wants to embody the lessons learned and changes in the world since that order was issued more than 26 years ago. All of the issues that have been, and are being, addressed since 2001—collaboration, coordination, integration, information sharing and joint duty—are grist for this mill.

McConnell expresses disappointment that the intelligence community has not been able to keep pace with the commercial sector in the Web 2.0 revolution. He is astounded at the pace of change in that sector, but the intelligence community’s attempts to ride that wave are stymied by two challenges.

One is security. If the community becomes fully connected, interactive and integrated, that will introduce a vulnerability and a set of counterintelligence concerns that must be addressed. As a result, the community cannot proceed as quickly as it might want into this new era—even if it wants to.

Sources and methods must be protected in any type of collaborative environment. McConnell likens it to the U.S. Constitution—it focuses on freedom and security, but the two concepts occasionally are in conflict. The same dichotomy holds true for protecting sources and sharing information. Traditionally, the community would default to source protection, and the underlying philosophy was need-to-know. But now, community analysts have a responsibility to provide information, and they must know both their sources and their customers. McConnell wants to create a tension that impels information sharing with source protection.

Old practices must change for the community to be effective in the post-9/11 era. “Does terrorism threaten the very survival of the nation, as fascism and communism did? Probably not,” McConnell posits. “Therefore, we should take more risk to share more data so we could be more effective in confronting some of these threats.”

The other challenge is cultural. Any organization with mature personnel tends to be resistant to rapid change. However, half of the intelligence community joined after 9/11. McConnell relates that he has visited stations in Baghdad, Kabul and Islamabad, and many of the people there are young, highly motivated and integrated across agency lines. They are demanding and receiving the best tools possible, and McConnell credits them with many of the successes achieved in their assigned countries. Those young people will be returning to the United States, where the community must capture their lessons, enthusiasm, commitment, values and experiences.

These people also will receive credit for joint duty under the new doctrine, which will give them an advantage in rising through the ranks of the intelligence community. They will reach senior levels more quickly, where they will apply their new approaches to the cultural change underway.

On the technology front, industry must focus more on cybersecurity, the director states. The computing and communication technologies that created the information age have been a boon to the nation as a whole, but they also have introduced potentially devastating vulnerabilities that must be addressed. “What I would say to industry today is, ‘You gave us the benefit, you gave us the vulnerability. Now help us retain the benefit and mitigate the vulnerability,’” McConnell offers.

Web Resources
Office of the Director of National Intelligence: www.odni.gov
Executive Order 12333: www.archives.gov/federal-register/codification/executive-order/12333.html
Intelligence Reform and Terrorism Protection Act: www.nctc.gov/docs/pl108_458.pdf


Enjoyed this article? SUBSCRIBE NOW to keep the content flowing.