5 September 2017

Is technology a threat to human intelligence?

By: Mark Pomerleau 

Some have been critical that defense and intelligence agencies appear to under-prioritize, under-resource and neglect human intelligence (HUMINT), as evidenced by declined funding.

To some degree, this is in favor of remote intelligence collection using modern and technological intelligence disciplines, including signals intelligence (SIGINT), image intelligence (IMINT) or communications intelligence (COMINT). These disciplines take intelligence from signals intercepts and both manned and unmanned assets in response to an increasingly complex world posing threats to human assets on the ground.

HUMINT, according to the CIA, is collected through clandestine acquisition of pictures, documents and other materials, overt collection by personnel overseas, debriefing of foreign nationals abroad and official contacts with foreign governments.

This perception of less reliance on HUMINT is best exemplified by a recent profile of a former U.S. diplomat by the Wall Street Journal, which points to potential pitfalls of relying solely on technological forms of intelligences at the perils of incorporating human intelligence. As the volume of HUMINT gathered from personal relationships began to decline, “In its place, policy makers in Washington turned to another form of information — the kind collected electronically and surreptitiously,” the profile said, citing security concerns in volatile Middle Eastern and South Asian countries post-9/11 preventing direct human contact.

The Wall Street Journal’s reporting, citing officials, noted that during the Obama administration the U.S. government’s reliance on SIGINT made up anywhere from 60 to 75 percent of incoming intelligence information, which, without additional context or intelligence sources, can sometimes be difficult to assess its reliability.

Michael Hayden, former director of the National Security Agency and CIA, has said that the NSA, which is responsible for the nation’s SIGINT, creates roughly 60 percent of America’s intelligence every day.

Similarly, the practice of so-called “signature strikes,” conducted by armed drones that target particular areas or individuals based on a certain defined pattern of terrorist behavior, has sounded alarm bells in some circles as sometimes officials do not know who lies at the other end of a Hellfire missile.

Despite these perceptions, HUMINT is not going away and could be more important than ever. 

“I don’t think we’ll ever see a lessening of the need for human intelligence collection. At least not in the foreseeable future, any future I can see,” James Clapper, the former director of national intelligence, said last year. “We’re always going to need that.”

“Not only is [HUMINT] not going away … it’s more important than it’s ever been because it doesn’t rely on exquisite technology to do what it does best, which is down and dirty, on the ground making contacts and just doing what HUMINTers do,” Lt. Gen. Jack Shanahan, director for Defense Intelligence (war fighter support) within the office of the Undersecretary of Defense Intelligence, told C4ISRNET. “What we need on the technology is to be able to consolidate and collate, correlate and fuse reports that are coming in from a lot of different places.”

There are going to be certain things for which a well-placed human source is always going to be the most valuable source of information, Paul Pillar, former deputy director of the CIA’s Counterterrorism Center, told C4ISRNET. There would be no better source than a human source to get inside of a terrorist plot, he said, adding that those sources are often hard to get, thus SIGINT is often the best available tool to get as close as possible.

Shanahan described that in the past when a source or suspect was captured and interrogated, the individual’s “pocket litter,” which could include phone numbers or contacts of persons they interacted with, would be lifted and used to build a clearer picture. This is not as easy anymore given storage capacity of commercially available electronics.

“Where we’re really struggling right now — and this is where big data and data analytics is going to be so crucial — is site exploitation,” he said. “You’re pulling electronic devices off [of people] with terabytes, I mean terabytes, worth of data. How quickly can a human go through terabytes?”

It is no longer feasible for a HUMINT official to be able to sift through a suspect’s iPad, mobile device or laptop to cull actionable information, especially if some of this is what Shanahan called “perishable data,” or data that might have information on an imminent threat.

“I’ve just pulled someone in from Mosul [Iraq] and they’re an attack planner, an external ops planner, and they’re planning attacks, I don’t have the people or the time to go through ten terabytes worth of data,” Shanahan described using a hypothetical example. “But I do have technology that can help me with it. It doesn’t replace — it is never going to replace the human. HUMINT‘s too important.”

Intelligence today is and has coalesced around all-source and multi-INT approaches, meaning all intelligence disciplines — from HUMINT, SIGINT, IMINT, geospatial intelligence and open-source intelligence, to name a few — are fused together to present a more holistic picture for decision-makers.

For the most important intelligence questions, intelligence personnel use an all-source approach, Pillar said. It’s not about the prime nugget, but rather piecing together fragmentary and questionable information from all sources technical and human, he added.

Pillar said IT and big data approaches, such as the controversial bulk telephony data collection and querying disclosed by former NSA contractor Edward Snowden, lends itself more to the problem of finding a needle in a haystack. That’s useful in helping to discover a potential terrorist threat within a large, urban, civilian population as opposed to the model from the Cold War in which intelligence personnel tried to find everything they could on a given threat, such as Soviet military capabilities.

New CIA directorate

The CIA in 2015 stood up its first new directorate in 50 years to focus on the digital world. The Digital Directorate for Innovation, among other things, is focused on merging the digital and cyber-enabled world into the CIA’s current operations.

Former CIA director John Brennan has previously described the notion of “digital dust” that follows humans in today’s connected world. This includes ATM use, social media profiles and CCTV images that capture movements. The new directorate works to help understand the implications of this environment.

“Agency officers, when they come into the agency as new employees, they already have a digital history. And sometimes we operate under different types of cover legends. We need to make sure that their forensic history, their digital history, matches their cover legend as opposed to exposing them as a CIA officer in terms of where they worked, where they trained or whatever,” Brennan said during last year‘s Aspen Security Forum. “That’s just one example of this digital environment has fundamentally affected our ability to carry out our work.”

HUMINT is “more difficult today, right, with all the digital footprints that everybody leaves behind. It‘s more difficult to get an anonymous officer in undercover to the right place at the right moment. It‘s definitely trickier, but it’s just as important,” CIA Director Mike Pompeo saidduring an appearance at the Intelligence and National Security Alliance in July.

“Technology is no substitute for ‘penetrations’ — planting or recruiting human spies in foreign halls of power. The CIA missed India’s 1998 nuclear tests and misjudged Saddam Hussein’s arsenal in 2003 because it lacked spies in the right places,” Reuters, citing former officials and experts, reported.

Consider within the multi-INT approach the activity of attribution in cyberspace. While for the most part cyber operations are conducted remotely, “figuring out who is ordering such attacks — and why, and who is financing them — requires good old-fashioned human intelligence. The rubbing-elbows kind,” Alex Finley, the pen name of a former CIA officer, wrote in Politico. Finley noted that Clapper said the Intelligence Community report on Russia’s influence operation on the 2016 presidential election relied on human sources, among others.

The CIA did not respond to requests for this article.

Additionally, the most secretive cyber operations on isolated systems rely in part upon human operators to install thumb drives rife with malware that, once plugged into a computer, will infect the network even if it is not connected to the internet. This was a critical component to Operation Olympic Games, the campaign involving the Stuxnet virus that targeted Iran’s nuclear infrastructure.

DoD changing as well

“We also know that technology trends are changing how we do HUMINT. And we need to be able to adapt and invest in innovation, in how we conduct our human intelligence operations, as well,” Marcel Lettre, who most recently served as Under Secretary of Defense for Intelligence, told the Senate Armed Services in September.

“We have been making some investments over the last several years to continue to improve the effectiveness and capacity of defense-related human intelligence, working closely with CIA. And I think that that is a very important set of investments to be making.”

No comments: