Mercyhurst Offers Online Cyberthreat Analysis Course!

Billy Rios

The Mercyhurst College Institute Of Intelligence Studies is now accepting applications and inquiries for a 3 credit online graduate course in Cyberthreat Analysis.  It is scheduled to begin on 29 NOV 2010 and will end on or about 23 FEB 2011.

The course is open to anyone with a bachelor's degree from an accredited college or university and an interest in the topic.  The course is designed as an online, standalone, introductory graduate-level course -- there are are no prerequisites.

 The instructor for the course is Billy Rios (see picture).  Billy is currently a Senior Security Researcher with Google and has taught the course for us in the past.  Before Google, he was the Security Program Manager for Internet Explorer and one of authors of the book, Hacking:  The Next Generation.  Billy has also served as a Marine Corps officer in support of Operation Iraqi Freedom. 

According to the course description:  "This course explores the relatively new discipline of cyberthreat analysis at a basic level, introducing students to the methodology of investigation, the threat environment (cyberspace), some of the online tools used by analysts, and their application in real world examples. Students will be introduced to the key concepts, tools, and terminologies used by professionals in the field and apply what they learn in lab exercises that model real-world events."

Our recent informal survey of hiring managers indicated that cyberthreat analysis is still one of the hottest areas of hiring in intel.  This course is a great way to get your feet wet if you are looking to expand, improve or add depth to your professional portfolio as an intelligence analyst.

If you or anyone you know is interested, please have them contact Linda Bremmer at lbremmer at mercyhurst dot edu or call 814 824 2170.

SAM Goes Back To School, Part 4: Secure Your Laptop, Secure Your Data

Most college students have a laptop computer to work from. We did a survey a couple of years ago and the majority of the seniors we questioned actually recommended a laptop over even a high end desktop for intel studies students.

Many students keep the laptop in their rooms but, increasingly, I see students carrying their laptops with them everywhere: From dorm to class to work, etc. Obviously the more you have your laptop with you, the more use you are going to get out of it. Just as obviously, the more you move it around, the more chance you have for an accident, have someone steal it or just allow someone to mess with it.

Lifehacker had a great post earlier this week about setting up a free (or cheap, anyway) laptop security system. They talk about the different levels of security you can download, install or enable and cover applications for the Mac and the PC. Worth reading.

If you have one of those monster desktop replacement laptops or you just don't like carrying a laptop all the time, there is an alternative: PortableApps. You will need a flash drive (sometimes called a thumb drive). Get one with as much space as you can afford (They have gotten inexpensive, particularly through the online retailers. You can get a 1 gig drive for 3 bucks and an 8 gig drive for about 26 bucks at Amazon right now, for example).

The PortableApps website has some pretty clear instructions on how to download and load the apps (If you are having problems look for a Mercyhurst intel studies sophomore -- we gave a little extra credit for students who set up the system for themselves in Advanced Intel Analysis last year and most of them took advantage of the offer...).

The net result is that you can plug your thumb drive into any computer, work on the computer, and, when you are done, eject the thumb drive and leave taking all your work (and your browsing history) with you. Once enabled, all your work gets saved to the thumb drive.

The portable apps system comes with a whole host of open source software that you can use as well. Can't afford even the student version of MS Office? Then OpenOffice is for you and it comes pre-loaded in the PortableApps package (along with the Firefox browser, the Thunderbird email tool, Pidgin for IM, etc). If you find yourself going from the dorm to the computer lab and back, then PortableApps can keep you from carrying a ton of weight and reduce the risk of damage to the laptop from theft or, more likely, accident.

A third option (and one that teams of students working on various projects seem to be increasingly turning to) is Google Docs or some other online productivity suite (such as Zoho). Google's offerings are not as fully functional as the MS Office tools you likely use right now but most people use very few of the functions in MS Office anyway.

The Google tools do have the enormous advantage of making collaboration a snap. This has proven to be particularly true with the spreadsheet application and team projects. With Google Docs, the team knows that everyone is working from the same format. While you can ensure the same thing with email and MS Excel, it simply is not as easy to set up and monitor. In addition, since everyone can see the whole spreadsheet everytime they log on, input mistakes are less likely to go unnoticed.

People worry about the Google hegemon and what it might do with all the docs that are uploaded there, and whether your data is truly protected, etc. I agree that these are obviously legitimate concerns for businesses and other formal organizations. I think the equation is bit different for college students. Here the question is something more like: "Is my 20 page term paper on 'Correlates of Bubble Gum Consumption In Burkina Faso' safer with Google or with me and my buddies and their coffee, beer or wine and my busy schedule and my cheap backpack without any padding, etc." I know what the answer would have been when I was a student...

Related Posts (Sam Goes Back To School):
Part 1: Wake Up!
Part 2: Top Firefox Add-ons
Part 3: Blogs Of Note

Security Sector Reform In Sub-Saharan Africa: An Estimate (Original Research)

When Tom Dempsey of the US Army's Peacekeeping and Stability Operations Institute ("the US military's premier center of excellence for mastering stability and peace operations...") agreed to sponsor a strategic intelligence project with my graduate students last winter, I have to admit I was nervous. I had worked with Tom before and I knew he was going to ask tough questions and demand good, well researched and thoroughly analyzed answers. That didn't bother me, though. That is just another day at the office. What bothered me was the topic.

Africa.

I knew Tom was interested in security sector reform in Africa and that is a tough nut to crack from here in Erie. It requires our very best student analysts to use their most sophisticated open source skills to acquire and then analyze relevant and reliable information from Africa. Its not impossible; just hard to do and in a ten-week course, there is not much room for failure.

Fortunately, the team that put together A Strategic Study Of Security Sector Reform In Sub-Saharan Africa was top quality and their wiki based product is available as of today for public viewing (Tom was even kind enough to link it to the PKSOI site). Specifically, the students were asked to provide answers to the following questions (part of their Terms of Reference):

• What international or regional authorities, bilateral partnerships, or non-governmental organizations currently are and are likely to remain major players in security sector reform, specifically with regard to the civil oversight, administration of justice, and law enforcement sectors, in Liberia, Sierra Leone, Democratic Republic of Congo, and Sudan?
• What are the strategies and resources that are being used and are likely to continue to be used to build capacity and sustainability in the civil oversight, administration of justice, and law enforcement sectors in Liberia, Sierra Leone, Democratic Republic of Congo, and Sudan? Why have these strategies been selected and, if appropriate, why are they likely to continue to be used? Can any of these strategies be used as benchmarks for effectiveness?
• What are the likely short (12 months), medium (2-3 years), and long term (3-5 years) impacts of civil oversight, administration of justice, and law enforcement reform policies currently in place in Liberia, Sierra Leone, Democratic Republic of Congo, and Sudan?

The students provided over 70 summary and supporting reports that provided estimative answers to each of these questions. All of the reports are loaded onto the wiki along with internal and external hyperlinks to sources used in the reports, pictures, maps and videos used to support the reports and an extensive resources page for anyone who gets bored and needs something else to read.

If you are not particularly interested in security sector reform in any of the four targeted countries (Liberia, the Democratic Republic of Congo, Southern Sudan or Sierra Leone) and you are already familiar with wiki-based analytic projects (like this one and this one and this one), you might still find the methods used in the study to be of some interest. The students used a multi-method approach (much like the study on the role of non-state actors in sub-Saharan Africa) that included comparative case study analysis, accelerated analysis, social network analysis and a matrix-style analysis. The multi-method approach allows analysts to essentially triangulate their estimates and can be very effective if, as here, done correctly.

Of particular interest from a methodological standpoint are the social network analyses and the multi-attribute matrix. The social network analysis examined the connections between each of the organizations within the country in order to determine a wide variety of qualities (such as "closeness" and "betweenness") attributable to each of the organizations examined. The chart below is one of the 3-D graphs of a social network of agencies in Sierra Leone built using the amazing UCINET software.


The multi-attribute matrix looked at each of the programs in all four countries against the stated goals of those programs with respect to security sector reform and made estimative evaluations about how successful each of the programs was likely to be in meeting those criteria. Some of the programs did not do very well because they were small, some did not do well because they were only partially designed to impact the security sector and some did not do well because the political environment was not conducive to the methods that the program was using. Whatever the reason, in the end, the students were able to give a rough estimate of what were likely to be the most and least effective programs attempting in whole or in part to reform the security sector in the four countries. Combined with the data from the other methods used in the analysis, they were able to come up with some pretty nuanced answers to the questions they had been asked and some interesting trends in general.

Related Posts:
The Virtual Jihad Project
Non-state Actors In Sub-Saharan Africa
A Wiki Is Like A Room...

China Economic And Security Review Available: Wanna Play Connect The Dots?

The US-China Economic And Security Review Commission made its full report to Congress available to the public today. Executive Summary-like announcements were made earlier in the week and picked up and commented on by a number of blogs, etc. Here are some highlights of the report (all italics are mine and the points are listed in the order I found them in the report. I will talk about the color coding in my comments after the quotes):

"China’s economy remains heavily dependent on manufactured exports to sustain its rapid
economic growth and to provide jobs for a rural population moving to urban areas in search
of higher pay and benefits. Chinese authorities have not been willing to alter this pattern,
even if pushing exports means violating WTO rules or free market principles."

"China’s mercantilist policies are taking a huge toll on small and medium sized manufacturing
facilities and their workers in the United States. While U.S.-based multinationals can transfer
and have transferred much of their production to China to serve that market, small and
medium-sized manufacturers in the United States are not as mobile. They face the full brunt
of China’s unfair trade practices, including currency manipulation and illegal subsidies for
Chinese exports. This is significant because small and medium enterprises (SMEs) represent
60 percent of the manufacturing jobs in America."

"China’s economic policies violate the spirit and the letter of World Trade Organization
membership requirements. The United States is not limited to countering China’s industrial
policy tactics through the WTO, however. It can use other WTO-sanctioned trade remedies to
protect itself, such as Countervailing Duties (CVDs) and antidumping cases."

"At the present time, U.S. officials are neither carefully tracking the persistent attrition of the
U.S. defense industrial base as more and more manufacturing is outsourced offshore, nor
identifying and justifying on national security grounds an irreducible minimum defense
industrial base that the United States should retain regardless of the cost or effort required to
do so."

"Chinese military strategists have embraced disruptive warfare techniques, including the use
of cyber attacks, and incorporated them in China’s military doctrine."

"The Chinese defense industry, while still lagging far behind that of the United States, has
begun achieving noteworthy progress over the past ten years."

"China is supplementing the technologies that its defense industry obtains through
commercial transfers and direct production partnerships with an aggressive and large-scale
industrial espionage campaign. Chinese espionage activities in the United States are so
extensive that they comprise the single greatest risk to the security of American technologies."

"A major objective of Chinese S&T policy is to acquire technology that will strengthen the PLA
while it also realizes commercial benefits."

"China is pursuing an energy diversification strategy that seeks to find cleaner alternatives to
coal. However, as long as the environmental costs of burning coal are not built into coal’s
price, the degree of diversification into natural gas, nuclear power, and renewable energy
sources will have little impact on the complexion of the fuel supply, and China will continue to
rely on coal as its primary energy source and increase its reliance on oil."

"If China’s underlying environmental problems are not addressed effectively, this could
become another source of unrest that could challenge the Chinese Communist Party’s
control of the country."

"The bilateral relationships China is building around the world—many if not most of them
largely motivated by its quest for energy supplies and other resources—have resulted in an
increase of its global economic, political, diplomatic, and cultural influence that has the
potential to challenge U.S. interests."

"Although India does not want to be perceived as “ganging up” against China, it will seek to
expand its multilateral relationships to hedge against China’s growing influence and military
strength. In part because of this, opportunities exist for U.S.-India cooperation on economic
and security matters and in the promotion of democratic values and governance throughout
Asia."

"Through its media control regime, the Chinese government has been able to manipulate and
influence the perspectives of many Chinese citizens. While the majority of the Chinese
people understand that the information provided by Chinese state-owned media
organizations may not be free of censorship and propaganda, they have little choice but to
rely on it when forming their opinions about the outside world. Beijing has used this capacity
to create deep feelings of nationalism inside China and can use it to incite strong antiforeigner
sentiments among the Chinese people when it wishes to do so."

"The strong nationalism Beijing has fostered may constrain its options to respond to
international incidents. This could result in exacerbating tensions in a sensitive situation and
turning a misunderstanding into a conflict."

Comment: There seem to be three themes that cut across the boundaries laid out in the report that are worth exploring. In an effort to help connect the dots, I am experimenting with color coding the facts above as a way of linking them to the themes.

The first theme (color coded red) seems to be about a slow-motion economic death spiral. It goes something like this: China depends on manufacturing for its growth and it is growth that, to a certain extent, legitimizes the Chinese Communist Party's rule. The manufacturing depends on coal and oil for energy and this is unlikely to change. Coal and oil use cause terrible pollution and environmental degradation which could (will likely?) lead to unrest that could (will likely?) challenge the Chinese Communist Party's control over the country. Finally, if the CCP gets pushed to the wall, its hole card is to allow the government controlled press to drum up nationalist sentiment that essentially blames foreigners for China's problems -- sentiment which it may not (will likely not?) be able to control.

Yoikes! That is a pretty bleak picture of the future of China and, since so much of the US's and the rest of the world's stuff is now made in China, it is actually a pretty bleak picture for all of us.

If it is true.

What is maddening about this report is that it outlines lots of possibilities but makes few real estimative calls and provides no real time frame. As any battalion commander, CEO or Ambassador worth his salt will tell you, "Son, anything is possible. I need to know what is likely." The authors of the report should have read more Kent (or, if you don't like Kent, then
Schrage).

The second theme (color coded in blue) seems to have to do with China's impact on the US economy. As I read it, they are saying that what China is doing is unfair, particularly to small and medium enterprises, but that there is something the US can do about it. As a corollary to this, there seems to be some genuine concern that our defense industrial base has eroded to a point where we are essentially dependent on China.

This dependence seems to me to be due to the networked nature of a globalized economy. If globalization is about anything, it is about efficiency. It achieves this efficiency at the cost of robustness, however. This is not to say that the global economy is fragile; rather, it is overly concentrated. Imagine if the scenario described by the red quotes above comes to pass and we are faced with a China at some point in the future where the Communist Party has collapsed and has been replaced by any number of xenophobic strongmen, where western factories have been trashed by outraged Chinese tired of the pollution the factories bring. Where will you buy your TV? This is not as trivial as it may sound. The US, to the best of my knowledge, does not have the ability to manufacture CRTs, LCDs or Plasma screens anymore. We are wholly dependent on foreign companies, mostly Chinese, for these type products as well as many, many other products we need. You might be able to live without a computer screen but the US military can't.

I am reminded of Chapter 4 of Machiavelli's The Prince where he describes a similar situation involving the Sultan of the Ottoman Empire and the King of France (Yes, Machiavelli was the world's first network theorist...). The Ottomans, because their system was centralized around the Sultan, could move very quickly but, if the Sultan were removed, the system would collapse (or rapidly acquiesce to the new ruler). The French, on the other hand, had a largely decentralized system where it was relatively easy to conquer a single baron or what have you but to control all of France was nearly impossible. Modern scientists like Laszlo Barabasi have explored a middle ground where networks are more or less optimized -- mixing the best of robustness and efficiency. It seems like it would be possible to extend this same logic to the global economy and make a more rational and better informed judgment about the " irreducible minimum defense industrial base that the United States should retain regardless of the cost or effort required to do so."

The final theme (color coded in green) seems to have to do with the military threat represented by China. It doesn't seem to be much at present which means that the primary approaches will likely be asymmetric in the highly unlikely case of near term direct conflict. Over the medium to long term, though, the Chinese are going to try to steal any sort of technology they can (particularly if it has a military use), in order to try to catch up. Interestingly, the report all but anoints India as the strategic counterbalancing piece in this latest round of the Great Game.

Oldtimers used to say that the Soviets play chess while Americans play football as a way of highlighting the cultural differences between the two super-powers with regards to strategy. Well, the Chinese play Weiqi/Go. Anyone who has ever played this game knows that it requires a very long-term strategy. This, in turn, implies that the Chinese will view their defense strategy as a game of inches -- of small gains that accumulate; not big, flashy wins. I know that this is simplistic but it seems to track with the statements coming out of this third theme in the report.

Beyond all this idle speculation comes another interesting but apparently overlooked report suggesting that the Chinese economy is actually much smaller than most people think raising interesting concerns about the timing for all these possibilities.