COL Lansdale, CIC

CIC Detachment Ensures Success of the Manhattan Project

CIC Detachment Ensures Success of the Manhattan Project

Lori S. Tagg,  USAICoE Command Historian

The United States program to develop the atomic bomb, codenamed the Manhattan Project, began in August 1942.  From the beginning, the need for security was paramount.  The project had to be protected from sabotage and espionage and, equally important, the fact that the US was working on such a program had to be kept under wraps at all cost.  Early on, a Protective Security Section (PSS) handled personnel and information security, facility protection, and security education.

By February 1943, a more comprehensive counterintelligence program was warranted and Counter Intelligence Corps (CIC) agents Capt. Horace K. Calvert and Capt. Robert J. McLeod were assigned to the Manhattan Engineer District (MED) to organize the Intelligence Section.  More CIC personnel followed, with agents stationed at Oak Ridge, Tennessee; Chicago; St. Louis; Site Y (Los Alamos, New Mexico); and Berkeley, California.  By August 1943, when the project transferred to the Corps of Engineers, the Intelligence Section merged with the PSS and established its headquarters at Oak Ridge.  At this time, the Section assumed responsibility for every aspect of security within the MED.  Four months later, on December 18, 1943, a special CIC Detachment, commanded by Lt. Col. William B. Parsons, was organized, and Lt. Col. John Lansdale became the chief of intelligence and security for the entire Manhattan Project.

In the early 1940s, Lansdale, a graduate of the Virginia Military Institute (VMI) and a US Army Reserve officer, was a successful trial lawyer in Cleveland, Ohio.  He had turned down several calls for active duty before finally taking the advice of one of his VMI classmates to accept special duty within the War Department’s Military Intelligence Division (MID). Lansdale initially worked in the Investigation Branch, Counter Intelligence Group, reviewing investigative reports of prospective War Department employees.  He eventually became chief of both the Investigation and Review branches of MID.  Another one of his duties was to act as liaison between the PSS and the Assistant Chief of Staff, Intelligence.  When the Manhattan Project transferred to the Corps of Engineers and the CIC Detachment activated, Lansdale had the background and connections to move effortlessly into the position as head of intelligence and security.  Due to the criticality of his mission, Lansdale quickly became special assistant to Gen. Leslie Groves, the chief of the MED.

The CIC Detachment was initially comprised of 25 officers and 137 enlisted agents, each one hand-picked by Captains Calvert and McLeod.  Over the next year, the Detachment grew to 148 officers and 161 enlisted agents.  This included non-CIC military personnel with specific technical abilities critical to the security of the program.  Detachment Headquarters was centralized at Oak Ridge, but personnel were placed on detached service in 11 branch offices around the nation.  At times, these agents were so highly classified that they were referred to by code symbols and only the Finance Officer computing the pay of the agent knew his exact location.

Lansdale assumed full responsibility for all intelligence and security matters affecting the MED.  In addition to preventing unintentional disclosure of information and infiltration by enemy agents, Lansdale’s responsibilities included preventing fires and explosions, monitoring courier duties, protecting classified shipments, educating personnel about the importance of security measures, obtaining newspaper cooperation, and conducting 400,000 background investigations of potential personnel.  His agents acted as bodyguards for the project’s top scientists and went undercover to monitor local rumors about the various installations involved in the bomb development.  Lansdale also planned and executed the security measures for the 509th Composite Group, the special Army Air Forces’ organization formed to deliver the bombs.  Additionally, he was deeply involved in the Alsos Mission, an overseas task force that seized the technology and scientists involved in German atomic research.

The dropping of the atomic bomb on Hiroshima and Nagasaki, Japan brought about the end of World War II and saved the lives of thousands of US and Allied troops who would have died in an invasion of Japan.  The procedures put in place by Lansdale and his CIC Detachment led to the successful protection of the atomic bomb program, later called the “War’s Best Kept Secret.”

COL Lansdale, CIC

Colonel John Lansdale, Jr., was a civilian lawyer and Army reservist who requested a call to active duty with the War Department’s Military Intelligence Division. He served as the head of Intelligence and Security for the Manhattan Project from 1941 to 1946.

Article produced and shared by the Command Historian:

US Army Intelligence Center of Excellence
1889 Hatfield St, BLDG 62723
Fort Huachuca, Arizona 85613

It’s Time For DEF CON: Where’s Your Computer Security Expert?

By James R. Lint
Faculty Member, School of Business, American Military University

It is that time of the year. Hackers, corporate computer security personnel, network penetration testers and federal government computer security professionals are going to Las Vegas for DEF CON 24, running from August 4-7.

Origins of DEF CON

DEF CON is one of the oldest and largest hacker conferences. It started out as a 1992 Las Vegas party for a friend of DEF CON’s founder, Jeff Moss. The event was so popular that people wanted to hold it again.

There are many discussions about how the name DEF CON originated. One story says that the name came from the Matthew Broderick movie “WarGames,” featuring a teen hacker. The movie used the military term “DEFCON,” meaning “Defense Condition.” The other story is that the “DEF” is from the #3 key on a phone. The “CON” came from “conventions.”

Quirks of DEF CON

DEF CON does not allow the use of credit cards to pay or pre-register. This rule is to appease the concerns of the registrants. In the beginning, there were individuals who were very talented with phones and computers, and maybe some of their skills were unlawful. One of the registrants’ worst fears was that the FBI would collect the information on their registration forms and use that information to arrest people.

But the lack of registration caused consternation for other participants. In later years, many federal employees and investigators wanted to learn about the techniques of the hacker community. The lack of a registration receipt made it difficult for them to be reimbursed for attending DEF CON.

DEF CON Appeal’s to Computer Security Experts

DEF CON is a great learning and networking place for everyone. As a retired federal employee, I look forward to DEF CON to see my federal friends.

DEF CON is a place to discover out-of-the-box thinkers who may have ideas for computer security that have not been explored. For example, NSA General Keith Alexander spoke at DEF CON in 2013. He planted the seed in the hacker community that they should explore working for the U.S. government.

Many government employees support this hiring effort. As a nation, it is critical for us to grow this type of talent in computer security. Those future employees will work with large budgets and impact international operations.

DEF CON is also a target-rich recruiting event. The FBI will have a booth at DEF CON, staffed by FBI professionals assigned to the FBI Cyber Division. They will also provide special 10-15 minute presentations on FBI cyber capabilities and recruitment efforts.

Furthermore, this conference appeals to former military service members transitioning to corporate computer security. They want to learn the newest computer security defense measures and see the corporate security programs that are offered.

DEF CON Affects the Future of Computer Security

My first DEF CON was in 2005. Since then, the computer security industry has seen computer whiz kids graduate from college and create excellent computer penetration testing companies.

These network penetration testers, also known as white hat hackers, test computer systems for high pay. Many high-security companies are required to have penetration testing every six to 12 months to maintain their insurance. This is the evolution of “evil hackers” to well-paid corporate penetration testers.

DEF CON 24 is the birth of new ideas and new connections. Ideas and conversations held while participants are standing in line or in hallways will inspire new companies, new techniques, and maybe new industries.

Story was originally published at:

‘BSides’ Las Vegas Offers Fresh Cybersecurity Insights from Industry Leaders

By James R. Lint
Faculty Member, School of Business, American Military University

Overview: On August 2nd and 3rd, BSides Las Vegas held its eighth annual information security conference at the Tuscany Suites in Las Vegas. BSides is a community event organized and run by volunteers. The following is a survey of some of the many strategies, insights and experts that enriched the entire two-day experience for cybersecurity professionals.

BSides Keynote Speaker Dr. Lorrie Cranor Discusses Misconceptions in Password Security

The conference kicked off with an outstanding keynote speaker, Dr. Lorrie Cranor, Chief Technologist of the U.S. Federal Trade Commission. Having written over 150 research papers, she’s also a professor in the School of Computer Science and the Engineering and Public Policy Department at Carnegie Mellon University, and Director of the Carnegie Mellon Usable Privacy and Security Laboratory.

A thought leader in the information security industry, Dr. Cranor puts forth revolutionary ideas—especially in changing conventional security practices such as the mandatory password changes conducted in many organizations. Her research data shows that changing passwords is not as effective as one might think. Keylogger software programs detect password changes and can instantly compromise the new password.

She discussed a report by the University of North Carolina that studied 10,000 defunct accounts. The study found that people apply changes in predictable ways, making it easier for UNC to determine future passwords using an algorithm.

The UNC study discovered that users who are annoyed when they must frequently change passwords were statistically shown to create weaker passwords. Consequently, the weaker security choices of some users endangered cybersecurity for all users in an organization.

Dr. Cranor addressed misconceptions on password strength, noting that using keyboard patterns on any mobile device, including diagonal patterns, does not provide security for users. She discredited the infamous belief that an exclamation point at the end of a password offers greater security. To increase information security for passwords, Dr. Cranor recommended that users avoid common words or names and add digits and symbols to increase a password’s strength.

Dr. Cranor also presented an interesting bit of research that asked people to decide which password was more secure: “ILoveYou88” or “IEatKale88”? The Password “IEatKale88” is 4 trillion times more secure than “ILoveYou88”. It’s interesting to note how “super” common “ILoveYou” is as a password.

Expert Haydn Johnson Talks about Organizational Confusion with Information Security

Network penetration tester and vulnerability assessment expert Haydn Johnson of KPMG Canada spoke about his interesting concerns commonly used information security terms, such as penetration testing, vulnerability assessments and red teams. Managers who contract security testing and assessment services often confuse these terms and have unrealistic expectations about system and network security, he noted.

Johnson described concerns about how to modify scanning tools to keep up with new security vulnerabilities. He advised that information security companies should differentiate themselves from their competition in the future by providing much-needed education to customers about business risks and the impact of security vulnerabilities.

Cybersecurity Research Expert Keren Elazari Calls for Better Computer Software Content Identification

Another thought-provoking speaker was Keren Elazari, a senior cybersecurity researcher and computer security expert from the Balvatnick Interdisciplinary Cyber Research Center at Tel Aviv University in Israel. Elazari facilitates hacker/security researcher conferences in Israel and spoke during I Am The Cavalry’s track at the BSides conference.

Elazari discussed why security research matters for the coming decades and emphasized that third-party computer software needs to be better identified to determine potential vulnerabilities. She drew a startling comparison—while candy bar labels are required to list all of their ingredients, software has no labels that explain elements of the software code.

There’s danger in buying unfamiliar software. Large, multimillion-dollar companies may purchase smaller software companies, yet not have intimate knowledge of their acquisitions’ third-party software, which could contain harmful viruses.

Other noteworthy topics by Elazari included how “Hacker Heroes” wield their skills for the greater good. They have the knowledge to report on vulnerabilities and assist in the software patch to repair the problem.

BSides Conference Showcases Information Security Nonprofits

One of the interesting tables on display at BSides was The Open Web Application Security Project (OWASP), a nonprofit focused on improving the security of software. Their mission is to make software security visible, so that individuals and organizations are able to make informed decisions.

OWASP is in a unique position to provide impartial, practical information about application security to individuals, corporations, universities, government agencies and other worldwide organizations. Operating as a worldwide community of like-minded professionals, OWASP issues software tools and knowledge-based documentation on application security.

OWASP will hold a conference in Washington, DC in October 2016, and another conference in Belfast, Ireland, in 2017. Additionally, OWASP has programs to attract women into the application security career field.They also have projects working with military veterans to boost awareness of the critical need for the application security career field.

Similarly, I Am The Cavalry is a grassroots organization that is focused on issues where computer security intersects with public safety and human lives. I Am The Cavalry’s primary concerns are medical devices, automobiles, home electronics and public infrastructure.

During the conference, I Am The Cavalry offered a choice of speakers, including Keren Elazari, for the “I Am The Calvary” track of discussion sessions. The entire track was excellently managed and facilitated by Joshua Corman and Beau Woods.

With such a diverse choice of speakers and presentations at BSides, it’s hard to see everything. However, this conference offers something for everyone and is well worth attending.

Story was originally published at:

Cyber’s Hot, but Low-Tech Spies Are Still a Threat

The Edward Lin espionage case highlights America’s human vulnerabilities.
By: Neal Duckworth

It was recently made public that U.S. Navy Lt. Cmdr. Edward Lin was arrested by the Naval Criminal Investigative Service on September 11, 2015, and is in pretrial confinement charged with passing secrets to a foreign government, patronizing prostitutes and committing adultery (the latter being a crime under military law). Lin pleaded not guilty, and it has not been revealed whether Lin passed, or attempted to pass, classified information to either Taiwan or China—and just recently, several media reports claim an undercover FBI agent may have been involved. However, since Lin is of Taiwanese heritage, Taiwan’s National Security Bureau quickly disavowed any knowledge, as you would expect, and the People’s Republic of China’s government provide a comment similar to “Who? Never heard of him!”—also as would be expected.

Lin’s arrest is a stark reminder that traditional espionage is ongoing, and despite such a global focus on securing computer systems in the wake of (alleged) Chinese hacking of the Office of Personnel Management, Edward Snowden’s theft of National Security Agency data, Bradley Manning’s release of classified information to the website WikiLeaks and several others, we must continue and renew the focus on countering all of the foreign intelligence methods used to obtain U.S. information.

Too often in today’s world we wake up to find that personal or government data was stolen by unknown (although often suspected) persons who found a way to hack into what we thought was an unhackable computer system. The recurrent theft of our personal data, credit-card details or sensitive government information is almost numbing to the public, but has caused a renewed emphasis across governments and corporations for cybersecurity. The data stolen from the government is unclassified, yet when properly connected and analyzed with other unclassified information, such as personal financial data, could identify government personnel with high amounts of debt and an increased susceptibility for recruitment or coercion by foreign intelligence services.

However, the theft of computer data is but one method of foreign intelligence services. Foreign intelligence entities around the world use a full spectrum of espionage techniques—not just cyber theft. I hope it turns out that an undercover FBI agent posed as a foreign intelligence officer to intercept the classified information Lin had access to, but this case reminds me of two classic operations from the espionage playbook that foreign intelligence agencies may utilize, and of which others must be aware: the honey trap and the false flag.

The honey trap is an intelligence operation that utilizes sex, either to place the target in a compromising position (one that he or she does not want revealed, such as to a spouse or employer) or to establish a “genuine” personal/physical relationship. In Lin’s case, he is accused both of using prostitutes and of adultery, so it is possible that someone took pictures of him with a prostitute and/or having an affair with a person other his wife, which could be used to coerce Lin into stealing classified information on the intelligence-collecting EP-3 Aries II aircraft, to which he was assigned. While I do not believe Western intelligence agencies use this technique, the media has reported its use by China, Taiwan and North Korea, to name a few.

This case also provides an opportunity for a false flag operation. Lin is originally from Taiwan and became a naturalized U.S. citizen. With a false flag operation, a foreign intelligence officer, for example, would identify himself as a compatriot to his target and ask that he or she provide assistance in defending “their” homeland—by providing information. In Lin’s case, a foreign intelligence officer from a third country would identify himself or herself as Taiwanese and appeal to Lin’s Taiwanese heritage to learn about the capabilities and limitations of the EP-3 and how, specifically, the U.S. Pacific Command planned to assist Taiwan in case of an attack from China. That information would be extremely valuable to China, or even North Korea.

The computer system hacks we see today are compromising U.S. national and economic security. However, as shown in the media, the stolen data is accessed through the internet and unclassified. To obtain the really juicy classified information, a foreign nation must establish some type of human connection with a person who has access to the information they need. Long before computer hacking, adversaries were exploiting the personal vulnerabilities and mistakes of their fellow man, and manipulating them to obtain information. Classic foreign espionage is alive and well, and our adversaries lack moral, ethical or even legal limitations on how they steal secrets. The United States must work diligently to educate those with access to sensitive information about the techniques that foreign intelligence services will use.

Neal Duckworth is a former U.S. intelligence officer with multiple international deployments who currently works at Harvard’s John F. Kennedy School of Government.

Originally published:

Navy Cryptology
The Evolution of Navy Cryptology

BY U.S. NAVY – MARCH 11, 2016
By Vice Adm. Jan E. Tighe
Commander, Fleet Cyber Command, U.S. 10th Fleet

Eighty-one years ago today, the first unified organization coordinating Navy Cryptology, the Communications Security Group, was established. From Station HYPO, OP-20-G and the On the Roof Gang, to the present day, our community has continued to evolve to meet and defeat the threats we face.

The transition of the Information Dominance Corps to the Information Warfare Community in concert with the CNO’s Design for Maritime Superiority has given us another opportunity to formalize our evolution, and to deliberately examine our community identity. A great deal of our heritage can be traced to the Naval Security Group, and our collective identification as Navy cryptologists.

To that end, and based on thoughtful input from the affected members of our community, the name of some of our officer designators (181X, 681X, 781X) will be changing to cryptologic warfare officer. This choice honors our cryptologic heritage, reflects what we do, recognizes the military effects we deliver in the converged domain and more closely ties our officer corps with our enlisted and civilian force counterparts. Cryptologic warfare officers, together with cyber warfare engineers, cyber warrant officers, cryptologic technicians (interpretive, maintenance, networks, collection and technical) and civilians, engaged in cryptologic missions are a unified community—unified through understanding, unified in action and unified by name.

We are Navy cryptologists.

Whether we are executing mission under joint commanders, fleet commanders, Director of the National Security Agency (DIRNSA), or the Commander, United States Cyber Command (USCYBERCOM); and whether significant portions of our missions are organized under Communications Security Group, Naval Security Group, Naval Network Warfare Command or today’s Fleet Cyber Command/10th Fleet, we have our own enduring identity, culture and ethos.

We are the Navy cryptologic community.

On behalf of maritime and joint commanders, we execute cryptologic warfare, which encompasses signals intelligence (SIGINT), cyberspace operations and electronic warfare (EW) operations in order to deliver effects through sea, air, land, space and cyber domains at all levels of war.

As a symbol of what we do, I would also like to share with you our new Navy cryptologic community seal. While not a representative of a Navy organization or command in the traditional sense, this seal represents our own rich heritage, who we are and where we are going. It represents us.

The Naval officer crest and our cryptologic technician insignia, with its lightning bolt and quill, represent and respect our long history. These symbols have stood from the earliest days of our community to the present day.

The binary background overlaid on the globe represents our part in the larger information warfare community, whose seal shares the same symbolism, as well as our core expertise in cyber, along with our global reach.

The skeleton key reminds us that we are relied upon to unlock and solve puzzles, and in many cases find missing pieces to paint a complete picture of our Nation’s adversaries. The key is engraved with the date symbolic of our collective establishment as a naval profession: March 11, 1935.

The chain binds us all together — officer, enlisted, and civilian — and binds our core missions — SIGINT, Cyber, and EW — to us, and us to them. The three stars also symbolize these three core missions. Through the converged domain, we enable and deliver effects to the commander and fellow warfighters. Our Community Vision, an update to our 2012 Foundational Principles, is also under construction and I will share it with you as soon as it is complete.

Please join me in embracing this next evolution of our community, which has stood on the shoulders of giants, both seen and unseen. Today, you who serve in the Navy cryptologic community will be those giants upon whom future generations of Navy cryptologists stand.

The Future of Cryptology | The Lint Center for National Security Studies