US Homeland Security hearing: Senators scratching heads over IT-related testimony

The Senate Committee on Homeland Security yesterday heard testimony from the IT side of intelligence agencies with respect to the Christmas Day bombing attempt. The highlights illustrate the limitations of technology. The hearing demonstrates that elected members of Congress need to become IT literate.

Senator Susan Collins dug into issues she simply doesn’t understand and wants simple answers that should offer simple solutions - such as ‘Google searching’. The amount of noise intelligence agencies sift through every day is on a scale never seen before in the history of intelligence data collection. Both Senator Joseph Lieberman and Senator Collins are concerned about how privacy issues are creating roadblocks. Both are suggesting that regardless of citizenship, privacy rights should be overridden by security concerns.

The ongoing investigation heard from experts at government agencies. The testimony of the four experts overwhelmed the Senators looking for answers. Among the classic political opening statements by committee members were ‘connect the dots’ and ‘missed opportunities’ to catch Umar Farouk Abdulmutallab of Nigeria.

The session focused on vulnerabilities in watch-listing and airport pre-screening systems. What the panel heard is what most CIO’s hear every day in large corporate organizations let alone government institutions. All four witnesses gave clear answers to the members of the committee. Russell Travers gave the best testimony of the four and some of his key points are illustrated below. The committee was chaired by Senator Joseph Lieberman.

Some key highlights:

Russell E. Travers [view testimony] (edited)
Deputy Director, Information Sharing and Knowledge Development
National Counterterrorism Center, Office of the Director of National Intelligence

Mr. Abdulmutallab was in TIDE (database), but his name was not passed to the TSC for

watchlisting. This was due to two factors:

The TIDE record that existed on Mr. Abdulmutallab was based primarily on information provided to the U.S. Embassy in Abuja, Nigeria on November 20, 2009. The cable included one general sentence of derogatory information related to his possible association with Yemeni-based extremists. The entire watchlisting community agrees that the level of derogatory information contained in the November 20, 2009 cable did not meet the minimum standard highlighted above and was insufficient for any level of watchlisting—much less either the No Fly List or Selectee lists.

• As a result, Mr. Abdulmutallab was entered into TIDE November 23, 2009, but his name was not passed to the TSC for watchlisting. Additional biographic information was added to the record over the course of the next week, but no additional derogatory information was provided.

• In order to provide some context, on any given day hundreds of other names areadded to TIDE and virtually all of them would have far more alerting derogatory information than Mr. Abdulmutallab’s record.

While the November 20, 2009 cable formed the basis for the TIDE record and the watchlisting status as of December 25, 2009, we learned after the incident of additional reporting that—had it been linked to the November 20, 2009 cable—could have supported a watchlisting nomination.

• Had this information been linked to Mr. Abdulmutallab’s record, his name undoubtedly would have been entered on the visa screening “lookout” list and the border inspection list.

• Whether Mr. Abdulmutallab would have been placed on either the No Fly List or the Selectee List would have been determined by the strength of the analytic judgment.

• It is important to note that the linkage of these pieces of information appears far more apparent in hindsight than it would have at the time. The reporting existed in daily intelligence holdings that number well into the thousands. Partial names and different spellings complicated the linkage. To be sure, the Intelligence Community continues its efforts to improve performance, but linking two pieces of fragmentary information can be a very difficult analytic problem. The two cables existed largely “in the noise” and there was simply nothing particularly alerting about either “dot.”

Traver’s went on to explain how Intel information data collection is extremely complex. His opening remarks highlighted several difficult challenges. Among them:

• Alias name correlation with actual name of terrorist or watch list individuals.
• False - Positive ratio impacts results
• And that’s just 1/10^th of items Traver’s highlights.
• Privacy Laws creates difficulties on data management controls

Timothy J. Healy [view testimony]
Director, Terrorist Screening Center, Federal Bureau of Investigation
U.S. Department of Justice

• Joint information sharing not the only upgrade underway
• Privacy regulations create obstacles

Gale D. Rossides [view testimony]
Acting Administrator, Transportation Security Administration
U.S. Department of Homeland Security

• Active alerts after Detroit flight landed to other aircraft inbound to the U.S.
• Active alerts to all international anti-terrorism organizations

David V. Aguilar [view testimony]
Acting Deputy Commissioner, U.S. Customs and Border Protection
U.S. Department of Homeland Security

Committee Member Senator Susan M. Collins Statement   [View PDF]

Watching this hearing is worth watching in its entirety - C-SPAN Video Coverage of the Hearing

Other resources:

White House Video Blog - Airport Security Q&A with Janet Napolitano

FBI Director on cyber threats: We can’t do it alone

EPIC wants TSA to halt implementation of body scanners at airports

US Strategic Command recognizes cyber security challenges

Intelligence community warns Senate committee of increased terror threats

Human x-ray machines: Coming soon to an airport near you

Source:

http://government.zdnet.com/?p=7688&tag=nl.e539