Cyber Intelligence War 2000 to Present

Starting from Titan Rain to present Nation State Actors conducting Cyber Espionage

One of the best articles about Titan Rain was from Time Magazine.

The lesson of Titan Rain: Articulate the dangers of cyber attack to upper management. article by Homeland Security News Wire.

(2003). Intelligence in Support of Strategic Signal Units – starts page 40 by James R. Lint

Please send your information, story or pictures for this time in history. http://lc-vans.lintcenter.org/submit-your-story/

Titan Rain

Titan Rain: Chinese Cyberespionage? – TIME  Inside the Chinese Hack Attack 25 Aug 2005

The Invasion of the Chinese Cyberspies – TIME  29 Aug 2005

A look at how the hackers called TITAN RAIN are stealing U.S. secrets.

 Attack Via Chinese Web Sites – The Washington Post 25 Aug 2005

Value and Handling of Prisoners in World War I

Published with Permission by:
Lori S. Tagg, Command Historian,
US Army Intelligence Center of Excellence, Fort Huachuca, AZ.

“Prisoners or deserters constitute one of the most fruitful sources from which information of the enemy is obtained.”
Intelligence Regulations, American Expeditionary Forces, October 21, 1918

By the time of the Armistice ending World War I on November 11, 1918, the US held nearly 48,000 prisoners of war. The majority had been captured within the final months as the war moved out of the trenches.  The American Expeditionary Forces (AEF) G-2, Maj. (later Maj. Gen.) Dennis Nolan put much emphasis on the information obtained from enemy prisoners. After the war, he remarked, “[A prisoner] can, as a rule, tell you much more than a spy…who is trying to get around and find out about the enemy.  [A prisoner] knows and the other man is frequently guessing at it.”

In mid-October 1918, Capt. Ernst Howald (standing right), the lead interrogator for the 28th Division, Second US Army, used prisoner statements to construct a detailed template showing the enemy facing the division. After the war, his estimates were proven to be highly accurate.

As Nolan shaped his formal intelligence organization in the early months of American involvement, he recognized prisoners could be captured any time on any battlefield, and commanders at every echelon wanted to examine the prisoners they captured.  He also realized that, due to a lack of personnel and the high operating tempo, in-depth interrogations at lower echelons were not practicable or effectual.  Nolan developed a hierarchical system for the examination of prisoners at all echelons and outlined clear guidelines for handling prisoners in the 1918 Intelligence Regulations and Instructions for Regimental Intelligence Service. Those same guidelines were published in the Army’s first (provisional) Combat Intelligence Manual, also printed in 1918.

Nolan’s system started at the regiment.  The Regimental Intelligence Officer, typically a first lieutenant, determined the name, rank, and organization of any prisoners, as well as the time and place captured.  Prisoners were searched and then quickly transferred to division assembly points.  The division G-2 sections, led by a lieutenant colonel or major, conducted limited questioning, with the help of commissioned linguists from the Corps of Interpreters.  This questioning focused on necessary tactical information about the division sector to a depth of two miles behind the enemy front lines.

From the division, prisoners were transferred to the corps collecting centers, where more in-depth questioning began.  The number of prisoners, especially during offensive operations, often stressed the corps G-2 sections.  At those times, Army headquarters dispatched teams of four sergeants and one officer to augment the corps’ interrogation efforts.  During the St. Mihiel and Meuse-Argonne offensives in the fall of 1918, French interrogators also supplemented the US interrogators.

The corps intelligence sections found that simple and direct questioning, combined with kindness and courtesy, was the most effective method for eliciting information.  Many of the AEF’s interrogators had been lawyers in their civilian lives and could coax information out of the most recalcitrant prisoner.  Corps interrogators used a variety of other tactics to elicit information, as well.  One interrogator found that he could get prisoners to talk openly if he showed them aerial photographs with landmarks they recognized. The II Corps G-2, Col. “Vinegar Joe” Stilwell, recruited a drafted German soldier, who had previously lived in the United States and yearned to return there, to “work the prisoner cages” and glean information from his fellow prisoners.  Additionally, US interpreters donned German uniforms and wandered the collection points to eavesdrop on prisoners bragging about intentionally misleading their interrogators.  This use of “stool pigeons” was common practice throughout the war.

The quality and veracity of the information varied with the rank of the prisoner.  Lt. Col. Walter Sweeney, who served in the AEF G-2 during the war, claimed that “noncommissioned officers were by far the best sources for gaining information” and “few of them resisted insistent interrogation.”  About 60 percent of officers “invoked military honor” and refused to cooperate.  A typical German soldier had little knowledge about the larger battlefield, but he provided details on his own unit, weapons, troop losses, and general morale.  Enemy soldiers from Poland, Denmark, the Alsace-Lorraine region and southern Germany were particularly cooperative.  Unquestionably, the most important information obtained from prisoners was enemy order of battle, but they also gave up their routes of movement; the position and condition of trenches, dugouts and wire entanglements; their capacity to attack; and how susceptible they were to being attacked.

Based on the preceding outline, it is clear that World War I was no different than any other war in US Army history: prisoners of war have always been proven and valued sources of intelligence.  However, formalizing and standardizing the process for handling and examining prisoners in the 1918 Intelligence Regulations and provisional manuals was one more step in modernizing US Army Intelligence.  While field manuals published in 1940 provided more details on accepted interrogation techniques, the system for prisoner-of-war handling Nolan developed for World War I continued, with minor changes, throughout the 20th century.

What Will We Say About the North Korea Situation in 2021?

Published with Permission by:
Lint, James R., “Potential Worst-Case Scenarios from North Korea’s Nuclear Threat”, In Homeland Security, 19 Sept. 2017, Web, http://inhomelandsecurity.com/will-say-north-korea-situation-2021/

By James Lint
Faculty Member, School of Business, American Military University
Senior Editor for InCyberDefense and Contributor, In Homeland Security

Correctly anticipating attacks is a difficult science. Years after Pearl Harbor, historians and academics still study why we were so surprised by the Japanese attack on our largest Pacific naval base.

All Events Have Indicators and Warnings

On July 26, 1941, about five months before Pearl Harbor, President Roosevelt froze Japanese assets in the United States, which effectively ended commercial relations between the two nations. A week later, Roosevelt placed an embargo on oil exports to Japan. This action followed a string of other sanctions placed on Japan for its military aggression in Asia.

Similarly, the Korean War began in 1950 when North Korean troops invaded South Korea. We entered the Korean War at a time when U.S. military strength was at a much lower level than it was five years earlier at the end of World War II. When the North Koreans built up their troop strength, the U.S. and South Korea should have increased their troop strength and defenses to prevent the surprise attack that came on an early morning.

In addition, we remember the 9/11 attacks and how we later discovered that the terrorists attended flight schools in the U.S. We should have anticipated potential trouble when we discovered that those pilot terrorists were more interested in learning takeoffs than landings.

Foreign Policy Magazine stated: “Thinking about risks we face today, we should reflect on the major conclusion of the bipartisan 9/11 Commission established to investigate that catastrophe. The U.S. national security establishment’s principal failure prior to September 11, 2001, was, the commission found, a ‘failure of imagination.’”

Unfortunately, indications and warnings (I&W) are always clearer after an event.

How Should We Interpret North Korea’s Launch of a Potentially Nuclear Missile?

On July 4, North Korean leader Kim Jong Un launched an intercontinental ballistic missile (ICBM) which he said could carry a nuclear warhead. Launching the missile on America’s Independence Day was a strategic message to the United States from North Korea.

According to Newsweek magazine, Kim said, “the test should be considered retribution for the U.S.’s ‘arrogant’ decisions, ‘hostile policies’ and ‘nuclear threats.’ With a smile on his face, Kim also called on his officials to ‘frequently send large and small “gift packages” to the Yankees.’”

On September 16, Kim said there will be more missile tests in North Korea. The New York Times reported Kim as saying “all future drills should be ‘meaningful and practical ones for increasing the combat power of the nuclear force’ to establish an order in the deployment of nuclear warheads for ‘actual war.’”

Two days earlier, the Washington Post reported, “U.S. Secretary of State Rex Tillerson pressed China to cut oil exports in a bid to prod North Korea toward talks after Kim Jong Un’s regime threatened to sink Japan ‘into the sea’ with a nuclear strike and turn the U.S. into ‘ashes and darkness’ for agreeing to the latest UN sanctions.”

The Post continued, “In comments reflecting North Korea’s penchant for apocalyptic rhetoric, the state-run Korean Central News Agency [KCNA] said, ‘Japan is no longer needed to exist near us.’ Citing a statement by the Korea Asia-Pacific Peace Committee, KCNA said, ‘The four islands of the archipelago should be sunken into the sea by the nuclear bomb of Juche,’ a reference to the regime’s ideology of self-reliance.”

KCNA labeled South Korea’s military as “puppet forces.” It then blamed the South Korean “traitors and dogs of the U.S. for backing sanctions against their fellow countrymen.” According to the Post, KCNA added that the “group of pro-American traitors should be severely punished and wiped out with fire attack so that they could no longer survive.”

Pyongyang’s latest verbal assaults come while South Korea is considering providing $8 million in humanitarian aid to North Korea.

Do All of Kim’s Warnings Constitute Indications of a Potential Attack By North Korea?

When Kim stated in 2015 that he was ready to detonate an A-bomb and an H-bomb, few people believed him. But in 2017, Kim did precisely what he promised. Maybe people should have believed his statements.

So what will the U.S., Japan and South Korea do regarding Kim’s actions in 2017? Have they had enough indicators and warnings?

Will We Wonder in 2021 Why No One Saw the Loss of an American City?

Will we look back in 2021 at Kim’s statements over the years and wonder why no one foresaw the loss of an American city to North Korea’s nuclear weapons? In retrospect, most people in 2021 will probably see that we received plenty of warnings.

Kim’s warnings were credible because Kim said he would have ICBMs and he does. Kim said North Korea would soon have an atomic bomb and it does.

Kim also said North Korea would have a hydrogen bomb, and he has demonstrated that claim is also true. Kim seems to speak the truth.

The military often produces After Action Reports (AARs) or reviews of recent exercises or tests. They do so to look for lessons learned and to improve U.S. capabilities.

This AAR was conducted before the problem occurred to aid in predicting and analyzing the future and to prevent a disastrous AAR in 2021.

What we might see in 2021 AARs will be more of Kim’s claims about his nuclear capability and his intent to destroy other areas of the globe. Hopefully, it will be nothing more than that.

About the Author

James R. Lint recently retired as the (GG-15) civilian director for intelligence and security, G2, U.S. Army Communications Electronics Command. He is an adjunct professor at AMU. James has been involved in cyberespionage events from just after the turn of the century in Korea supporting 1st Signal Brigade to the DHS Office of Intelligence and Analysis as the first government cyber intelligence analyst. He has 38 years of experience in military intelligence with the U.S. Marine Corps, U.S. Army, government contracting and civil service.

Additionally, James started the Lint Center for National Security Studies, a nonprofit charity that recently awarded its 45th scholarship for national security students and professionals. James was also elected as the 2015 national vice president for the Military Intelligence Corps Association. He has also served in the Department of Energy’s S&S Security Office after his active military career in the Marine Corps for seven years and 14 years in the Army. His military assignments include South Korea, Germany and Cuba, in addition to numerous CONUS locations. In 2017, he was appointed to the position of Adjutant for The American Legion, China Post 1. James has authored a book published in 2013, “Leadership and Management Lessons Learned,” a book published in 2016 “8 Eyes on Korea, A Travel Perspective of Seoul, Korea,” and a new book in 2017 Secrets to Getting a Federal Government Job.”

Potential Worst-Case Scenarios from North Korea’s Nuclear Threat

Published with Permission by:
Lint, James R., “Potential Worst-Case Scenarios from North Korea’s Nuclear Threat”, In Homeland Security, 06 Sept. 2017, Web, http://inhomelandsecurity.com/worst-case-scenarios-north-korea/

By James Lint
Faculty Member, School of Business, American Military University
Senior Editor for
 InCyberDefense and Contributor, In Homeland Security

There are many reasons to be worried about North Korea. It seems that we actually have not been concerned enough about this rogue nation for the past few decades. We kept our head in the sand and levied small economic sanctions on a country whose motto is “Juche,” the Korean term for self-reliance.

Most of North Korea believes Juche is a reason to make sacrifices during food shortages or to tolerate other economic problems. Others believe Juche is a tool of the leadership to suppress the population.

The Realities of Juche in North Korea

An NKNews.org article on a new book by B.R. Myers, a North Korean scholar at Dongseo University in South Korea, challenges the notion that Juche is the ruling ideology of Pyongyang or was ever central to the North Korean leadership’s policymaking.

Myers argues that “the West’s misunderstanding of Juche has been harmful to our interpretation of North Korean actions. Instead of viewing the DPRK as a state focused on unification of the Korean race, Westerners have interpreted North Korea as a failed communist state that desperately clings to self-reliance in an age of globalization. Myers sees this misunderstanding of Juche as not only harmful but dangerous, as it results in the West’s misguided hope for reform in the DPRK or a thaw in relations between the DPRK and the United States.”

With the help of a people who believe they should expect hardships and that Juche is honorable, it is easy to see how North Korea – often unable to feed its people without United Nations and South Korean food donations – can focus on an expensive weapons program. That cost is one-fifth to one-quarter of its gross domestic product (GDP), estimated at about $30 billion to $40 billion.

Imagine the chaos that would ensue if any Western democracy focused on a weapons system of that amount while not feeding its people. By comparison, the United States spends 3.5 percent of GDP on the military.

North Korea has a long history of generating funds through nuclear and missile proliferation. It has also used  global racketeering in counterfeit currency, narcotics and even counterfeit U.S. postage stamps to earn funds.

North Korea’s Possible Nuclear Threat Arises from Sale of Nuclear and Missile Technology

The number one threat from North Korea is NOT the use of nuclear weapons against the United States. Unlike the U.S., North Korea does not have a large stockpile of nuclear weapons. Pyongyang cannot last long launching its nukes because it takes much more time to resupply or construct new weapons than it does for North Korea to launch them. Obviously, the U.S. can outlast North Korea in any exchange of nuclear strikes.

The more probable threat will come from the sale of nuclear and missile technology abroad, which helps feed North Korea’s population. These sales generate income for a country that is under severe economic sanctions.

In a January 5, 2015, article in the Foundation for the Defense of Democracies, journalist Claudia Rosett notes: “We do know that North Korea has a long and enterprising history of illicit activities, and has done plenty of business with countries that are becoming increasingly notorious for their cyber-warfare capabilities. These include China, Russia, and, most disturbingly, the world’s leading state sponsor of terrorism—Iran.” North Korea’s cyberattacks generate funds, as do most of Pyongyang’s illicit activities.

North Korea and Iran have openly signed agreements such as the Scientific Cooperation Agreement at meetings like a summit of the 120-member Non-Aligned Movement (NAM) in September 2012. North Korea’s state-run Korean Central News Agency (KCNA) described this agreement as “covering cooperation in science, technology and education.”

“Indeed, the recent Scientific Cooperation Agreement between North Korea and Iran bears an alarming resemblance not only to North Korea’s 2002 nuclear deal with Syria, but to a 1993 missiles-for-nuclear-technology bargain between North Korea and Pakistan….”

There is no doubt that nuclear proliferation will continue to be a problem. North Korea has the technology in weapons, nuclear technology and missiles, as well as a long history of operating clandestine organizations to acquire funds.

WMDs: Everyone Forgets North Korea’s Chemical and Biologic Weapons

Kevin Loria, writing in the July 26, 2017, issue of Business Insider, reported, “It’s likely that North Korea has been developing such weapons since the 1960s, according to most experts. Defectors and South Korean reports have suggested that North Korean researchers have worked with biological agents the U.S. government considers serious threats, including plague, anthrax, viral hemorrhagic fevers and potentially smallpox.”

In a June 2017 report by the U.S.-Korea Institute at Johns Hopkins School of Advanced International Studies, North Korea expert Joseph S. Bermudez Jr. suggests that, “North Korea has deliberately built its NBC [nuclear, biological, chemical] infrastructures in extreme secrecy; undertaken camouflage, concealment and deception operations to mask the NBC infrastructure; made extensive use of legitimate defensive or civilian industrial and research infrastructures; and dispersed NBC facilities around the country.”

According to Kyle Mizokami, a journalist writing for The National Interest magazine, North Korea’s chemical weapons should be taken seriously. In an August 10, 2017, article, Mizokami writes, “North Korea’s chemical weapons threat is real and the likelihood of their use in wartime is high.”

Mizokami goes on to say, “Chemical weapons will be used to create a local, tactical advantage on the front lines and neutralize some advantages, such as air power. Thanks to North Korea’s prodigious missiles and artillery, they can be employed beyond the battlefield as well. North Korea will likely attack South Korea (ROK) through its depth with chemical weapons, from the Demilitarized Zone to Busan [current spelling of Pusan].”

The attacker always has the element of surprise. The United States, South Korea and Japan always say they will not attack first, but will only respond to North Korea aggression.

However, North Korea has the ability to hold Seoul’s 11 million people hostage. If the U.S. does anything, Pyongyang will use its 15,000 North Korean cannons and rocket launchers, which, according to David Wood in the Huffington Post “are aimed at the glass skyscrapers, traffic-choked highways and blocks of apartment buildings 35 miles away in Seoul ― and the U.S. military bases beyond.”

Only Solution to North Korea Might Be a Preemptive Strike

The only solution would be a quick attack with new weapons like the recent “Mother of All Bombs,” the Massive Ordnance Air Blast (MOAB) bomb that the U.S. dropped on an ISIS target in Afghanistan in April 2017. Another option would be other newly created weapons targeting the artillery weapons near the Demilitarized Zone (DMZ) to break North Korea’s stranglehold over Seoul. Neutralizing that hostage threat before the North can fire is key to winning any battle with North Korea.

Giving North Korea the opportunity to decide when to start the next Korean War could result in a situation similar to the last Korean War. That would be a stalemate or a drive that pushes most of the Allied military forces into a small area in the south near Busan. No one wants that history repeated, especially the survivors of the last Korean War.

About the Author

James R. Lint recently retired as the (GG-15) civilian director for intelligence and security, G2, U.S. Army Communications Electronics Command. He is an adjunct professor at AMU. James has been involved in cyberespionage events from just after the turn of the century in Korea supporting 1st Signal Brigade to the DHS Office of Intelligence and Analysis as the first government cyber intelligence analyst. He has 38 years of experience in military intelligence with the U.S. Marine Corps, U.S. Army, government contracting and civil service.

Additionally, James started the Lint Center for National Security Studies, a nonprofit charity that recently awarded its 45th scholarship for national security students and professionals. James was also elected as the 2015 national vice president for the Military Intelligence Corps Association. He has also served in the Department of Energy’s S&S Security Office after his active military career in the Marine Corps for seven years and 14 years in the Army. His military assignments include South Korea, Germany and Cuba, in addition to numerous CONUS locations. In 2017, he was appointed to the position of Adjutant for The American Legion, China Post 1. James has authored a book published in 2013, “Leadership and Management Lessons Learned,” a book published in 2016 “8 Eyes on Korea, A Travel Perspective of Seoul, Korea,” and a new book in 2017 Secrets to Getting a Federal Government Job.”