(en) INTELLIGENCE, N. 56

AIMS / Intel-Info (aims@ext.jussieu.fr)
Fri, 4 Apr 97 18:15:20 METDST


A AA AAAA The A-Infos News Service AA AA AA AA INFOSINFOSINFOS http://www.tao.ca/ainfos/ AAAA AAAA AAAAA AAAAA

INTELLIGENCE ISSN 1245-2122 N. 56 New Series, 24 March 1997 Publishing since 1980

Editor Olivier Schmidt (email oschmidt@francenet.fr; web http://www.blythe.org/Intelligence; tel/fax 33 1 40 51 85 19; post ADI, 16 rue des Ecoles, 75005 Paris, France) Copyright ADI 1997, reproduction in any form forbidden without explicit authorization from the ADI. A one year subscription (23 issues with full index) is US $290.

COMING EXCLUSIVES IN INTELLIGENCE

DETAILED INDEXES OF INTELLIGENCE SINCE 1980 REPORT ON AFGHANISTAN'S INTELLIGENCE SERVICES

---------------------------------------------

TABLE OF CONTENTS, N. 56, 24 March 1997

FRONTPAGE

WESTERN EUROPE - WEU INTELLIGENCE PROBLEM IS "US", NOT THE U.S. p.1

TECHNOLOGY AND TECHNIQUES

SECURITY ASSESSMENT, PENETRATION TESTING & FIREWALLS p.2 CORONAGRAPH TECHNOLOGY AGAINST PLASMA CLOUD DAMAGE p.3 GULF WAR CHEMICAL ARMS DATA PILING UP p.4 SPY SHOPS - Transatlantic Roll-Up. p.5 FOAM - For Stretchers & Demining. p.6 VIDEO SURVEILLANCE - European Anti-Car Thief Network. p.7 SMUGGLING - Pipeline Technique in the Baltics. p.8

PEOPLE

U.S.A. - GEORGE J. TENET p.9 GREAT BRITAIN - MARTIN FURNIVAL-JONES p.10 NORTHERN IRELAND - ROISIN MCALISKEY p.11 SOUTH AFRICA - WOUTER BASSON p.12 U.S.A. - Judi Bari. p.13 HAITI - Michel Francois. p.14 PALESTINE - Khaled Al-Salam. p.15 JAPAN - Takaji Kunimatsu. p.16

AGENDA

COMING EVENTS THROUGH 1 MAY 1997 p.17

INTELLIGENCE AROUND THE WORLD

U.S.A. - SLOPPY FORENSIC PROCEDURES BLOWBACK ON FREEH p.18 DISCOVERY CHANNEL DISCOVERS THE CIA AT 50 p.19 THE BUREAU SUB-CONTRACTS OUT OVER THE INTERNET p.20 "Silent" FinCEN Uses a Bullhorn. p.21 Post-Cold War Spy Jobs. p.22

GREAT BRITAIN - TORY "JOLLY BAGMAN" WRECKS HAVOC p.23 SHIPWRECK IN 2002 FOR DEFENSE BUDGET p.24 SAS Still in the Press. p.25

FRANCE - EUROPEAN & WORLD MODEL FOR CODE POLICY p.26

GERMANY - CIA SPY FLAP KEEPS LEAKING IN THE PRESS p.27

EASTERN EUROPE - SPRING CLEANING IN INTELLIGENCE p.28

ALBANIA - CRISIS CATCHES BRIT TORIES IN THE THICK OF IT p.29

ARMENIA - HOOKING UP WITH RUSSIA & IRAN AGAINST BAKU p.30

INDONESIA - IN TIGHT WITH LONDON & CDS p.31

---------------------------------------------

TECHNOLOGY AND TECHNIQUES

Intelligence, N. 56, 24 March 1997, p. 2

SECURITY ASSESSMENT, PENETRATION TESTING & FIREWALLS

The Computer Security Institute (CSI) selected "Penetration Testing - Reward or Ruin?" (18 pp.), by Ray Kaplan of Security Services, as the inaugural subject of its Expert Tract studies, excerpted from "Computer Security Journal". The study's 30 sections cover, in non-technical language, all aspects of penetration test, from the overall level of security audit, planning and documentation, goals, and scope, all the way down to team selection, costs, legalities, and ethics. By far the most interesting section is "Our Experience and Recommendation". Indeed, it's not frequent in security and informatics for a specialist to recommend not paying for a service on cost-efficiency grounds. "The whole point is that audit and penetration attempts simply fall short as ways to find your infrastructure's most important weaknesses and help you get going to quickly fix them in mass. Our experience indicates that a security assessment is usually the best way to locate, report and fix many infrastructure weaknesses as quickly as possible."

Protection against penetration from the Internet, is a major issue since, in 80 percent of the computer-related crime cases investigated by the FBI, hackers entered corporate networks via the Internet. Firewalls are designed to block such penetration, and we previously published a list of tested or "accredited" firewalls (see "Firewalls - A 'Consumers' Guide' Testing Program"; INT, n. 41 10) to help our readers see through the myriad of new security products, including some useless software, now on this rapidly-expanding, two-year-old market. There are three types of firewalls which are, in decreasing order of security (but usually increasing speed of use): application-level gateways, packet filters, and circuit- level gateways. There are over 70 firewall products available on the market today, and many more that have been written in- house. Many are part of a hardware product, but most are available as stand-alone software. Several hardware companies, such as Digital Equipment, Harris Computer Systems, and Cisco Systems, offer their own firewalls. In software, there are products from many small firms, but supposedly 40 percent of this market is dominated by Check Point Software in Tel Aviv, Israel. Check Point "hit the big time" in 1994 when Sun Microsystems decided to integrate a Check Point firewall into Sun Internet servers and to sell the firewall as a stand-alone product.

In addition to firewalls, there are also user identification and authentication products for penetration protection. And for testing against penetrations, there are a certain number of tools to help measure and evaluate a system's security status. For example, a firewall scanner can check a network for security holes both at the application and the operating system level. Probably the most famous scanner is a freely available Unix program called the Security Administrator Tool for Analyzing Networks (SATAN; INT, n. 36 14), the first such network scanner which is used now by hackers. One of the supposedly best commercial scanners available is part of Internet Security Systems' Internet SafeSuite (ISS) which includes a Web Security Scanner, the Firewall Scanner, and an Intranet Scanner.

---------------------------------------------

Intelligence, N. 56, 24 March 1997, p. 4

GULF WAR CHEMICAL ARMS DATA PILING UP

Last October, we mentioned that more than 100 members of the U.S. 24th Naval Mobile Construction Battalion apparently underwent an Iraqi chemical agent attack on 19 January 1991 in northern Iraqi during the first days of Desert Storm (INT, n. 45 36). In June 1996, the Pentagon had admitted that 300 to 400 members of the U.S. Army's 37th Engineer Battalion may have been exposed to chemical agents during the explosion of a nerve gas weapons dump at Kamisiyah, Iraq, on 4 March 1991. In September, the figure was upped to 5,000 troops within a 25 km radius of the dump.

New information has recently revealed that the Iraqi regime may have authorized the use of chemical weapons, including sarin and mustard gas, during the Gulf War. Although the exact quantity has been difficult to estimate, according to Czech Army chemical specialist, Lieutenant Colonel Jiri Aberle, a member of a 198-strong Czech military anti-chemical weapons unit, sent to .i. Saudi Arabia; at the specific request of the Riyadh Defence Ministry. The team was equipped with the latest high-tech CLP-17 chemical detector and reported directly to the Saudi military command. Writing in a recent issue of the American journal, "Applied Science and Analysis", Lt. Col. Aberle disclosed that his unit detected mustard gas close to the military city of King Khalid, on 19 January 1991. In the same region, according to the Czech officer, a U.S. team using Fox CBDVs (chemical and biological detection vehicles) obtained readings for both mustard gas and sarin, but the samples were not concentrated enough to be measured later in laboratory tests.

In Great Britain, members of the Royal Air Force Special Investigation Bureau (RAF SIB) have been ordered to investigate how information regarding the use of organophosphate (OP) pesticides in the Gulf was withheld from ministers, a cover-up which resulted in the Armed Forces minister, Nicholas Soames, having to apologize to MPs for telling Parliament last December that OPs had not been used. The RAF SIB plainclothes unit, based at Rudloe Manor, Wiltshire;, has been assigned the task because most of those to be questioned are Army personnel, including Lieutenant Colonel John Graham and Major S. F. Drysdale, who were in charge of medical operations. Both men received post-operational reports compiled by Staff Sergeant Anthony Worthington and Corporal A. J. Hucklebury, concerning the use of OPs, which included complaints by environmental health technicians about the lack of protective clothing for those involved in the spraying.

Last August, with MPs still unaware of the use of OPs, Lt. Col. Graham circulated a memo within the Defence Medical Services Directorate in London admitting that pesticides "including a wide range of organophosphate compounds were extensively used by British personnel during Operation Granby". The RAF SIB will also question members of the Surgeon-General's organization, which was headed by Surgeon Vice Admiral Tony Revell, in order to establish the chain of command which had access to the information on OPs and their fairly extensive use.

---------------------------------------------

Intelligence, N. 56, 24 March 1997, p. 7

VIDEO SURVEILLANCE - European Anti-Car Thief Network. British video technology has already been used to read car licence plate numbers on freeways to trap speedsters and stolen cars. With rented luxury cars increasingly being "stolen" and sold in Europe, Africa and the Middle East, the same video surveillance technology was installed recently at the entrance of the Channel tunnel at Folkestone to read plates and check for stolen cars. This initiative, partially financed by six British car rental firms, is probably the first stepping stone in setting up the system on both sides of the "Chunnel", and then throughout the European Union. Indeed, car theft is one of the declared priorities of Europol for which it is authorized to set up computerized data bases for immediate European-wide supervision.

---------------------------------------------

AGENDA

Intelligence, N. 56, 24 March 1997, p. 17

COMING EVENTS THROUGH 1 MAY 1997

In the interest of efficiency, "Intelligence" lists all coming events in each issue as a single article in the section "Agenda". Additional information concerning these events, including contact information, is available at 33 1 40 51 85 19 (tel/fax) or oschmidt@francenet.fr (email). Events are listed only once and according to date. They are not repeated in subsequent issues. To post a paid advertisement presenting an event in greater detail, interested organizers should contact "Intelligence" for additional information.

On 25-27 March in San Diego, NDI is giving a seminar on hacker techniques, entitled "Addressing Intruder Threats from Hackers, Crackers and Sniffers". Winn Schwartau will be making a presentation.

On 2 April in San Jose, 3 April in Sacramento, 5 April in Fresno, 28 April in Bakerfield, 29 April in Santa Barbara, and 30 April in San Bernardino, all in California, the Oxford Club is giving a seminar entitled, "Asset Protection Strategies - Domestic & Offshore Techniques for Asset Protection, International Estate & Finance Planning".

On 2-4 April in La Colle-sur-Loup, France, on the Riveria, the French Artificial Intelligence Association (AFIA) is holding the fifth French-speaking conference on "Distributed Artificial Intelligence and Multi-Agent Systems".

On 3 April in Cambridge, Massachusetts, the Massachusetts Institute of Technology (MIT) is holding the fourth annual Gen. James H. Doolittle conference on the theme, "The Global Positioning System".

On 8-9 April in Chicago, Fuld & Co. is holding a seminar on "Competitor Intelligence - How to Get It and How to Use It".

On 10-11 April in Washington, Washington Researchers is giving courses on "Researching Markets, Industries and Business Opportunities" and "How to Find Information About Business Units and Private Companies".

On 14-15 April in McLean, Virginia, the National Computer Security Association (NCSA) is holding a conference on "Firewalls, Web and Internet Security". During the meeting, the NCSA will present the results of its firewall users' perception survey.

On 15 April in Tetbury, England, Infonortics is closing its call for papers for the 17-19 November 1997 conference in The Hague, Netherlands, entitled "From Data to Intelligence - Tools, Techniques and Tactics".

On 16 April in Vancouver, Canada, the new Canadian chapter of the Society of Competitive Intelligence Professionals (SCIP) is holding a meeting on "Competitive Intelligence - Identifying Threats & Opportunities". On 17 April in Ottawa, Canada, another meeting is also planned.

On 17-18 April in London, Shephard Conference & Exhibitions is holding the third international "Support Helicopter" conference which will be chaired by Air Vice-Marshal A. J. Stables, Commandant of the Royal Air Force College, Cranwell. The keynote speaker will be Brigadier General M. Vanderlinden, Deputy Commander Naval Striking and Support Force, Southern Europe.

On 20-23 April in San Antonio, Texas, the Association of Old Crows and the Armed Forces Communications and Electronics Association (AFCEA) are holding a symposium and exhibit on "Military Operations in an Information Age".

On 21-23 April in Reston, Virginia, the National Security Institute is holding its 1997 annual meeting, "Impact '97!", whose major theme is "Security Trends for the 21st Century". Senior industry and government officials will discuss information terrorism, industrial espionage, export control, encryption, computer security, intellectual property, and the Internet.

On 21-24 April in Glenden Beach, Oregon, the Lawrence Livermore and Los Alamos National Laboratories are holding a meeting on "High Speed Computing and National Security". Topics will cover Information Warfare, Crisis Management, Risk Assessment, Internet Law, and Privacy.

On 21-25 April in Washington, the Academy of Competitive Intelligence is holding a special training session covering topics such as Blindspots Analysis, Early Warning, Pro-Active Intelligence, and Human Source Collection.

On 22-24 April in La Rochelle, France, the fifth European general meeting on "Risk Prevention and Security" will take place.

On 22-25 April in Lausanne, Switzerland, International Training & Education Conferences and Exhibitions (ITEC) is holding its eight ITEC meeting intended for defense, emergency, and police forces.

On 23-26 April in Rio de Janeiro, Brazil, Feiras e Conferencias Internacionais is holding the international "Latin America Defentech (LAD '97)" exhibition and conference with the support of all Brazilian armed forces and the general staff. Defense delegations, at the ministerial level, have been invited from all South American countries, and there will be flight, mobility, firepower, and naval demonstrations.

On 24-27 April in Beijing, Seventh Wave is holding the third annual international exhibition of technologies and applications of multimedia, "Multimedia China '97", with technical presentations by Chinese and international CD-ROM and on-line information specialists.

On 28-30 April in Boston, Massachusetts, Frost & Sullivan is holding its second annual "Business Intelligence & Benchmarking" conference.

On 29 April-1 May in Virginia Beach, Virginia, the American Helicopter Society (AHS) is holding the second annual "Joint Strike Fighter" conference on the theme "Affordable Vertical Lift". Keynote speaker is Rear Admiral Craig E. Steidle, program director of the Joint Strike Fighter Program.

---------------------------------------------

INTELLIGENCE AROUND THE WORLD

Intelligence, N. 56, 24 March 1997, p. 18

U.S.A.

SLOPPY FORENSIC PROCEDURES BLOWBACK ON FREEH

The FBI has not improved its luck! In a strange turn of fate, one of FBI Director, Louis J. Freeh's major accomplishments as a Justice Department lawyer -- the 1991 conviction of Walter Leroy Moody for the murder of U.S. Circuit Judge Robert S. Vance and Georgia civil rights lawyer Robert E. Robinson -- has been put into question by sloppy FBI forensic laboratory procedures. Justice Department Inspector General Michael Bromwich examined the actual test results and concluded that they "appear to preclude the firm conclusion that the samples came from the same source or manufacturer" as laboratory supervisor James Thurman had testified concerning all four bombs allegedly built by Moody. According to Bromwich, Thurman is not at fault, since he was relying on the results of tests by laboratory examiner Robert Webb, who interpreted his tests in a manner that clearly reinforced the FBI's case. These tests involved gas chromatography of the paint on the bombs and infrared spectroscopy analysis of the tape adhesive used for packaging.

These blunt comments by the inspector general were soon followed by accusations by Bromwich that Freeh was responsible for three inaccuracies in his 5 March testimony to a House subcommittee about Bromwich's investigation into allegations made by suspended FBI scientist Frederic Whitehurst of mismanagement, sloppy work and bias at the forensic laboratories (see "U.S.A. - FBI's Scientific & Technological "Waterloo"; INT, n. 53 24). FBI director Freeh soon admitted giving incomplete testimony to Congress, but, on 17 March, Senator Charles Grassley, chairman of the Judiciary subcommittee that oversees the FBI, released an exchange of letters between Bromwich and Freeh and stated that "Freeh is playing damage control" and "misleading the public" about the severity of the lab's problems. According to Grassley: "The bureau is more worried about its image than its product (...) The bureau is now doing a mad scramble to control the problems. At the heart of its damage control operation is an effort to mislead, and that effort comes right from the top of the FBI. Right from the director himself -- Louis Freeh." The dispute arose because Freeh testified that Whitehurst was suspended with pay in January "solely and directly on the basis of the recommendation by the inspector general and their findings with respect to Mr. Whitehurst."

COMMENT -- According to some specialists, FBI "damage control" is also probably behind the recent National Institute of Justice (NIJ) report lauding the capabilities of "Smokeless Powder Residue Analysis by Capillary Electrophoresis". This report begins with a very a propos recommendation for the FBI: "Staying aware of current information and technology is essential for law enforcement agencies, especially in the area of forensics, where a new method of investigation may mean the difference between conclusive and inadmissible evidence." Capillary electrophoresis (CE) involves separating the chemical components of explosive powder residue, collected from the hand of shooters, clothing, spent shell casings, and other objects, as the chemicals move through a buffer liquid under the influence of a high-voltage electric field. The separation is caused by differences in size and positive or negative charge. The study was made available on 22 March at the Justice Department web site.

It also seems the FBI is learning quickly. As soon as "Time" magazine's on-line news service recently reported FBI investigators had linked the bombings in Georgia at Centennial Olympic Park, an abortion clinic and a nightclub to the same bomber or bombers, Bureau spokesman, Jay Spadafore, quickly replied that no such conclusion had been drawn: "We're saying there are similarities but there are also differences [between the bombs]. Consequently, it's not possible to conclude that any of the devices were made by the same person or persons." Investigators have not yet completed forensic testing of the 16 January bomb against the abortion clinic in suburban Atlanta or the 21 February bomb used against the gay and lesbian nightclub.

Local press reports also mentioned that the FBI agent, David Tubbs, responsible for the interrogation of Richard Jewell, the onetime suspect in the Olympic park bombing, now heads the FBI's Kansas City office, and was supposedly notified of proposed disciplinary action including possible suspension without pay for 15 days. Tubbs, reportedly the only agent involved in the Jewell interrogation to be notified of disciplinary action, stated that he would fight such disciplinary action.

---------------------------------------------

Intelligence, N. 56, 24 March 1997, p. 20

U.S.A.

THE BUREAU SUB-CONTRACTS OUT OVER THE INTERNET

On 23 February on the Internet, Dorothy E. Denning and William E. Baugh Jr. announced they were "writing a report on the impact of technology and encryption on domestic and international organized crime" for the National Strategy Information Center in Washington and asked for "input on how encryption and technology have affected your own cases or cases you are familiar with and on what you anticipate for the future." Baugh signed as Vice-President, Information Technology and Systems Sector, Science Applications International Corporation (SAIC), and Former Assistant Director, Information Resources Division, FBI. Denning signed as Professor, Computer Sciences Department, Georgetown University.

Two weeks later, on the Internet, Scott Brower, Executive Director, Electronic Frontiers Florida, added necessary information. "Denning advocates key recovery agents and the lack of secure encryption products for the general public." Brower doubted that Denning, working with Baugh, would produce a report "to strengthen the privacy of individuals." Brower suggested that interested individuals should read Denning's web page and its description of her "Cryptography project". It would have been simpler and more direct to say that Denning was one of the first -- but few -- senior academics to back the Clinton administrations Clipper Chip encryption program. Denning and Baugh's request for contributions and reports are an attempt to fill a glaring hole in the FBI's Digital Telephony argument that strong publicly-available encryption hinders law enforcement, specifically in apprehending drug traffickers, organized crime figures, and international terrorists. When challenged in Congress to produce hard evidence to back this accusation, the FBI couldn't come up with one single major criminal case in which encryption had stumped the G-men. It would appear that the Bureau has "sub-contracted out" the job of digging up such cases to Denning and Baugh.

---------------------------------------------

Intelligence, N. 56, 24 March 1997, p. 21

U.S.A. - "Silent" FinCEN Uses a Bullhorn. After we published several articles concerning the Department of the Treasury's Financial Crimes Enforcement Network (FinCEN) in 1994, there was talk of FinCEN "clamming up", in 1995 following the appointment of Stanley E. Morris as the new director who "doesn't talk in public". Those rumors were poorly informed, as Morris himself proved, in March 1996, with the publication of his article, "From FinCEN's Director" which opened the first issue of "FinCEN Advisory". Seven issues of the "Advisory" have now been published and cover questions such as the Seychelles, fund-transfer record keeping, money laundering typologies developed with the OECD/G-7 Financial Action Task Force (FATF), the "Safe Harbor" provision, Mexico and other questions.

---------------------------------------------

<END OF FILE>

******** The A-Infos News Service ******** COMMANDS: majordomo@tao.ca REPLIES: a-infos-d@tao.ca HELP: a-infos-org@tao.ca WWW: http://www.tao.ca/ainfos/