Chinese, Russian, Turkish Hackers Almost Certainly Targeting, Penetrating US Energy Provider Networks (Project Grey Goose)

Jeff Carr, author of Inside Cyber Warfare and IntelFusion, along with Sanjay Goel at the State University of New York, Albany and other contributors, has recently completed another of the Grey Goose reports, this time on hacker attacks on the power grid, both domestically and internationally.

The report's key findings are chilling:

• "State and/or Non-state actors from the Peoples Republic of China, the Russian Federation/Commonwealth of Independent States, and Turkey are almost certainly targeting and penetrating the networks of energy providers and other critical infrastructures in the U.S., Brazil, the Russian Federation, and the European Union."

• "Network attacks against the bulk power grid will almost certainly escalate steadily in frequency and sophistication over the next 12 months due in part to international emphasis among the G20 nations on Smart Grid research, collaborative development projects and the rich environment that creates for acts of cyber espionage"

• "The appeal of network intrusions against the U.S. Grid is enhanced by two key factors:"

• "90% of the U.S. Department of Defense's most critical assets are entirely dependent on the bulk power grid."
• "Most Grid asset owners and operators have been historically resistant to report cyber attacks against their networks as well as make the necessary investments to upgrade and secure their networks."

Grey Goose reports are volunteer efforts to analyze various cyber threats through the use of open source information. Previous reports have analyzed the Russia-Georgia cyber war and the evolution of cyber warfare.

In the interest of full disclosure: Jeff kindly listed me as a "reviewer" in the recent report but my input was limited to a little light editing. I don't consider myself a cyber war expert. I do think, however, that Jeff's record and the records of his co-contributors' speak for themselves and believe that those interested in this area (and those who should be interested in this area) need to read this report carefully (whether you ultimately agree with its conclusions or not).

Accelerated Analysis: A New And Promising Intelligence Process (Original Research)

In the near term, it seems to me that the Intelligence Community is going to be faced with (at least) three big challenges: Inexperienced analysts, tight time schedules and moving targets. "Accelerated Analysis", a process that emerged from our coursework and research projects here at Mercyhurst, seems to hold the promise to address all of those issues.

This promise largely stems from the work of one of our recent graduates, Mike Lyden, whose thesis, "The Efficacy of Accelerated Analysis in Strategic Level Intelligence Estimates," is now available for full text download here. I was Mike's primary reader and I can say, without hesitation, that his research is both compelling and provocative. The fact that Mike knows how to write also makes it a darn interesting read.

Mike puts his results succinctly in his abstract:

• "This thesis presents the findings comparing the accuracy of strategic-level estimative judgments made under conditions of accelerated analysis by undergraduate analysts at the Mercyhurst College Institute for Intelligence Studies to estimates of similar scope found in declassified National Intelligence Estimates produced by the United States National Intelligence Council. These historical research studies found that not only are the student estimates of greater nuance than their National Intelligence Estimates counterparts, but they were also of statistically equal accuracy."
  

I don't know about you but I'm hooked.

Mike lays out the need for alternative methods and processes in the very first part of the thesis. Experienced professionals will find little new here but students and academics just entering the field will find a good summary. The literature review gets more interesting when Mike begins to talk about the Accelerated Analysis process in the sections beginning with "A Model Found" (p . 23). He describes, in the remaining sections of his literature review, all of the disparate threads that seem to get tied together by the Accelerated Analysis process. All of this, in turn, points to a set of clearly worded hypotheses and an interesting method for testing them.

I'll only steal a little of Mike's thunder on the detailed results. One of the ancillary findings that emerged from his study was the relative accuracy of statements in National Intelligence Estimates that use words of certainty (like "will") versus those that use words of estimative probability (such as "likely"). The chart with the results is reproduced here but the counterintuitive bottomline is that the NIC was statistically significantly more likely to be correct when it used words of estimative probability than when it used words of certainty.

I don't think Mike would conclude that he has "proven" that Accelerated Analysis works. I do think his results suggest that it is a new process that is worthy of further study, however. Certainly our own, albeit anecdotal, results, imply that he is correct.

Related posts:
What Do Words Of Estimative Probability Mean?