Intelligence

Posted on Dec.17, 2018 in accountability, Censorship, Declassification, Intelligence, Israel, Nuclear Weapons, Satellite, Secrecy, South Korea by

Israel’s Official Map Replaces Military Bases with Fake Farms and Deserts

Somewhat unexpectedly, a blog post that I wrote last week caught fire internationally. On Monday, I reported that Yandex Maps—Russia’s equivalent to Google Maps—had inadvertently revealed over 300 military and political facilities in Turkey and Israel by attempting to blur them out.

In a strange turn of events, the fallout from that story has actually produced a whole new one. 

After the story blew up, Yandex pointed out that its efforts to obscure these sites are consistent with its requirement to comply with local regulations. Yandex’s statement also notes that “our mapping product in Israel conforms to the national public map published by the government of Israel as it pertains to the blurring of military assets and locations.”

The “national public map” to which Yandex refers is the official online map of Israel which is maintained by the Israeli Mapping Centre (מרכז למיפוי ישראל) within the Israeli government. Since Yandex claims to take its cue from this map, I wondered whether that meant that the Israeli government was also selectively obscuring sites on its national map.

I wasn’t wrong. In fact, the Israeli government goes well beyond just blurring things out. They’re actually deleting entire facilities from the map—and quite messily, at that. Usually, these sites are replaced with patches of fake farmland or desert, but sometimes they’re simply painted over with white or black splotches.

Some of the more obvious examples of Israeli censorship include nuclear facilities:

  • Tel-Nof Air Base is just down the road from a suspected missile storage site, both of which have been painted over with identical patches of farmland.

 

 

  • Palmachim Air Base doubles as a test launch site for Jericho missiles and is collocated with the Soreq Nuclear Research Center, which is rumoured to be responsible for nuclear weapons research and design. The entire area has been replaced with a fake desert.

 

 

  • The Haifa Naval Base includes pens for submarines that are rumoured to be nuclear-capable, and is entirely blacked out on the official map.

 

 

  • The Negev Nuclear Research Center at Dimona is responsible for plutonium and tritium production for Israel’s nuclear weapons program, and has been entirely whited out on the official map.

 

 

  • Hatzerim Air Base has no known connection to Israel’s nuclear weapons program; however, the sloppy method that was used to mask its existence (by basically just copy-pasting a highly-distinctive and differently-coloured patch of desert to an area only five kilometres away) was too good to leave out.

 

 

Given that all of these locations are easily visible through Google Earth and other mapping platforms, Israel’s official map is a prime example of needless censorship. But Israel isn’t the only one guilty of silly secrecy: South Korea’s Naver Maps regularly paints over sensitive sites with fake mountains or digital trees, and in a particularly egregious case, the Belgian Ministry of Defense is actually suing Google for not complying with its requests to blur out its military facilities.

 

 

Before the proliferation of high-resolution satellite imagery, obscuring aerial photos of military facilities was certainly an effective method for states to safeguard their sensitive data. However, now that anyone with an internet connection can freely access these images, it simply makes no sense to persist with these unnecessary censorship practices–especially since these methods can often backfire and draw attention to the exact sites that they’re supposed to be hiding.

Case studies like Yandex and Strava—in which the locations of secret military facilities were revealed through the publication of fitness heat-maps—should prompt governments to recognize that their data is becoming increasingly accessible through open-source methods. Correspondingly, they should take the relevant steps to secure information that is absolutely critical to national security, and be much more publicly transparent with information that is not—hopefully doing away with needless censorship in the process.

Posted on Dec.12, 2018 in Intelligence by

New Pre-Publication Review Policy is Coming

Two years ago, the House Intelligence Committee asked the Director of National Intelligence to improve the government’s controversial policy on reviewing books, articles and speeches by current and former intelligence employees prior to their publication, so as to make the process more uniform, timely and fair.

That has still not been accomplished, but a new policy is on the way, according to the Office of the Director of National Intelligence.

“An IC-wide policy on prepublication review is being formulated and is forthcoming,” wrote ODNI FOIA Chief Sally A. Nicholson on November 20. “However, it is not completed as of today’s date.”

In 2016, the House Intelligence Committee reported that it is “aware of the perception that the pre-publication review process can be unfair, untimely, and unduly onerous and that these burdens may be at least partially responsible for some individuals ‘opting out’ of the mandatory review process. The Committee further understands that IC agencies’ pre-publication review mechanisms vary, and that there is no binding, IC-wide guidance on the subject.”

The Committee specified its own view of what a new, improved policy should entail, including a clear statement of the scope of the policy, with requirements for timely responses and procedures for appealing adverse decisions.

“The Committee believes that all IC personnel must be made aware of pre-publication review requirements and that the review process must yield timely, reasoned, and impartial decisions that are subject to appeal. The Committee also believes that efficiencies can be identified by limiting the information subject to pre-publication review, to the fullest extent possible, to only those materials that might reasonably contain or be derived from classified information obtained during the course of an individual’s association with the IC. In short, the pre-publication review process should be improved to better incentivize compliance and to deter personnel from violating their commitments,” the Committee wrote in its report on the FY 2017 intelligence authorization act.

Until the new IC-wide policy is promulgated, current and former ODNI employees must comply with ODNI’s existing pre-publication review policy, last revised in 2014.

“Correct unclassified sourcing is critical in executing pre-publication review,” that 2014 policy states. “ODNI personnel must not use sourcing that comes from known leaks, or unauthorized disclosures of sensitive information. The use of such information in a publication can confirm the validity of an unauthorized disclosure and cause further harm to national security. ODNI personnel are not authorized to use anonymous sourcing.”

Other intelligence agency personnel are subject to the rules issued by their respective agencies.

Posted on Dec.12, 2018 in Intelligence, Security Clearances by

DNI Orders Security Clearance “Reciprocity”

One of the most vexatious aspects of the system of granting security clearances for access to classified information has been the reluctance of some government agencies to recognize the validity of clearances approved by other agencies, and to require new investigations and adjudications of previously cleared personnel.

A new directive from the Director of National Intelligence seeks to finally resolve this longstanding problem by mandating “reciprocity,” or mutual acceptance of security clearances issued by other agencies. See Reciprocity of Background Investigations and National Security Adjudications, Security Executive Agent Directive 7, November 9, 2018.

With certain exceptions, “Agencies shall accept national security eligibility adjudications conducted by an authorized adjudicative agency at the same or higher level,” DNI Daniel R. Coats wrote.

“Background investigations and national security eligibility adjudications, conducted by an authorized investigative agency or authorized adjudicative agency, respectively, shall be reciprocally accepted for all covered individuals,” again with certain exceptions.

In most cases, cleared personnel would not be required to fill out a new security clearance questionnaire or to undergo a new background investigation in order for their clearances to be recognized and accepted by another agency.

(Reciprocity refers to mutual recognition by agencies of an individual’s eligibility for access to classified information. Whether the individual also has the requisite “need to know” the information requires a separate determination.)

Security clearance reciprocity is an elusive policy goal that has been pursued since the Clinton Administration, if not longer.

A 2004 study by the Defense Personnel Research Center investigated the failure to fully implement reciprocity at that time and attributed it to issues of “turf and trust.”

“Virtually all respondents agreed that beneath the lack of complete reciprocity there is a certain lack of trust based on fear.” See Security Clearance Reciprocity: A Progress Report, PERSEREC, April 2004.

A new bill introduced by Sen. Mark Warner (D-VA) would require reporting on the number of individuals whose clearances take more than 2 weeks to be reciprocally recognized after they move to a new agency or department. See “Vice Chairman Warner Introduces Legislation to Revamp Security Clearance Process,” news release, December 6.

Posted on Dec.10, 2018 in FAS, Featured, Government Secrecy, Intelligence, Israel, Russia, Secrecy by

Widespread Blurring of Satellite Images Reveals Secret Facilities

Want to know how to make a satellite imagery analyst instantly curious about something?

Blur it out.

Google Earth occasionally does this at the request of governments that want to keep prying eyes away from some of their more sensitive military or political sites. France, for example, has asked Google to obscure all imagery of its prisons after a French gangster successfully conducted a Hollywood-inspired jailbreak involving drones, smoke bombs, and a stolen helicopter(!)—and Google has agreed to comply by the end of 2018. In similar fashion, an old Dutch law requires Dutch companies to blur their satellite images of military and royal facilities—even to the point where a satellite imagery provider once doctored an image of Volkel Air Base after it was purchased by FAS’ very own Hans Kristensen.

Yandex Maps—Russia’s foremost mapping service—has also agreed to selectively blur out specific sites beyond recognition; however, it has done so for just two countries: Israel and Turkey. The areas of these blurred sites range from large complexes—such as airfields or munitions storage bunkers—to small, nondescript buildings within city blocks.

 

 

Although blurring out specific sites is certainly unusual, it is not uncommon for satellite imagery companies to downgrade the resolution of certain sets of imagery before releasing them to viewing platforms like Yandex or Google Earth; in fact, if you trawl around the globe using these platforms, you’ll notice that different locations will be rendered in a variety of resolutions. Downtown Toronto, for example, is always visible at an extremely high resolution; looking closely, you can spot my bike parked outside my old apartment. By contrast, imagery of downtown Jerusalem is always significantly blurrier; you can just barely make out cars parked on the side of the road.

 

 

As I explained in my previous piece about geolocating Israeli Patriot batteries, a 1997 US law known as the Kyl-Bingaman Amendment (KBA) prohibits US companies from publishing satellite imagery of Israel at a Ground Sampling Distance lower than what is commercially available. This generally means that US-based satellite companies like DigitalGlobe and viewing platforms like Google Earth won’t publish any images of Israel that are better than 2m resolution.

Foreign mapping services like Russia’s Yandex are legally not subject to the KBA, but they tend to stick to the 2m resolution rule regardless, likely for two reasons. Firstly, after 20 years the KBA standard has become somewhat institutionalized within the satellite imagery industry. And secondly, Russian companies (and the Russian state) are surely wary of doing anything to sour Russia’s critical relationship with Israel.

However, Yandex has taken a step well beyond simply downgrading its Israeli imagery, as is typical for most mapping services. Yandex itself—or perhaps its imagery provider ScanEx—has blurred out specific military installations in their entirety. Interestingly, it has done the same to Turkey, a country that benefits from no special standards and is therefore almost always shown in very high resolution.

 

 

This blurring is almost certainly the result of requests from both Israel and Turkey; it seems highly unlikely that a Russian company would undertake such a time-consuming task of its own volition. Fortunately (from an OSINT perspective), this has had the unintended effect of revealing the location and exact perimeter of every significant military facility within both countries, if one is obsessive curious enough to sift through the entire map looking for blurry patches. Matching the blurred sites to un-blurred (albeit downgraded) imagery available through Google Earth is a method of “tipping and cueing,” in which one dataset is used to inform a more detailed analysis of a second dataset.

My complete list of blurred sites in both Israel and Turkey totals over 300 distinct buildings, airfields, ports, bunkers, storage sites, bases, barracks, nuclear facilities, and random buildings—prompting several intriguing points of consideration:

  • Included in the list of Yandex’s blurred sites are at least two NATO facilities: Allied Land Command (LANDCOM) in Izmir, and Incirlik Air Base, which hosts the largest contingent of US B61 nuclear gravity bombs at any single NATO base. 


 

  • Strangely, no Russian facilities have been blurred—including its nuclear facilities, submarine bases, air bases, launch sites, or numerous foreign military bases in Eastern Europe, Central Asia, or the Middle East.
  • Although none of Russia’s permanent military installations in Syria have been blurred, almost the entirety of Syria is depicted in extremely low resolution, making it nearly impossible to utilize Yandex for analyses of Syrian imagery. By contrast, both Crimea and the entire Donbass region are visible at very high resolutions, so this blurring standard applies only selectively to Russia’s foreign adventures.
  • All four Israeli Patriot batteries that I identified using radar interference in my previous post have been blurred out, confirming that these sites do indeed have a military function.

 

 

Putting aside the geopolitical intrigue of Russia’s relations with both Israel and Turkey, Yandex’s actions are a prime example of what is known as the Streisand Effect. In 2003, Barbra Streisand attempted to sue a photographer who posted photos of her Malibu mansion online, claiming $10 million in damages and demanding that the innocuous photo be taken down. Her actions completely backfired: not only did Streisand lose the case and have to cover the defendant’s legal fees, but the attention raised by her lawsuit directed significant traffic to the photo in question. Before the lawsuit, the photo had only been viewed six times (including twice by Streisand’s lawyers); a month later, the photo had accumulated over 420,000 views—a prime example of how attempting to obscure something is actually likely to result in unwanted attention.

So too with Yandex. By complying with requests to selectively obscure military facilities, the mapping service has actually revealed their precise locations, perimeters, and potential function to anyone curious enough to find them all.

Posted on Nov.13, 2018 in Intelligence, International, Israel, Missile Defense, Nuclear, Nuclear Weapons, Space by

An X reveals a Diamond: locating Israeli Patriot batteries using radar interference

Amid a busy few weeks of nuclear-related news, an Israeli researcher made a very surprising OSINT discovery that flew somewhat under the radar. As explained in a Medium article, Israeli GIS analyst Harel Dan noticed that when he accidentally adjusted the noise levels of the imagery produced from the SENTINEL-1 satellite constellation, a bunch of colored Xs suddenly appeared all over the globe.

SENTINEL-1’s C-band Synthetic Aperture Radar (SAR) operates at a centre frequency of 5.405 GHz, which conveniently sits within the range of the military frequency used for land, airborne, and naval radar systems (5.250-5.850 GHz)—including the AN/MPQ-53/65 phased array radars that form the backbone of a Patriot battery’s command and control system. Therefore, Harel correctly hypothesized that some of the Xs that appeared in the SENTINEL-1 images could be triggered by interference from Patriot radar systems.

Using this logic, he was able to use the Xs to pinpoint the locations of Patriot batteries in several Middle Eastern countries, including Qatar, Bahrain, Jordan, Kuwait, and Saudi Arabia.

 

 

Harel’s blog post also noted that several Xs appeared within Israeli territory; however, the corresponding image was redacted (I’ll leave you to guess why), leaving a gap in his survey of Patriot batteries stationed in the Middle East.

This blog post partially fills that gap, while acknowledging that there are some known Patriot sites—both in Israel and elsewhere around the globe—that interestingly don’t produce an X via the SAR imagery.

All of these sites were already known to Israel-watchers and many have appeared in news articles, making Harel’s redaction somewhat unnecessary—especially since the images reveal nothing about operational status or system capabilities.

 

 

Looking at the map of Israel through the SENTINEL-1 SAR images, four Xs are clearly visible: one in the Upper Galilee, one in Haifa, one near Tel Aviv, and one in the Negev. All of these Xs correspond to likely Patriot battery sites, which are known in Israel as “Yahalom” (יהלום, meaning “Diamond”) batteries. Let’s go from north to south.

The northernmost site is home to the 138th Battalion’s Yahalom battery at Birya, which made news in July 2018 for successfully intercepting a Syrian Su-24 jet which had reportedly infiltrated two kilometers into Israeli airspace before being shot down. Earlier that month, the Birya battery also successfully intercepted a Syrian UAV which had flown 10 kilometers into Israeli airspace.

 

 

The Yahalom battery in the northwest is based on one of the ridges of Mount Carmel, near Haifa’s Stella Maris Monastery. It is located only 50 meters from a residential neighborhood, which has understandably triggered some resentment from nearby residents who have complained that too much ammunition is stored there and that the air sirens are too loud.

 

 

The X in the west indicates the location of a Yahalom site at Palmachim air base, south of Tel Aviv, where Israel conducts its missile and satellite launches. In March 2016, the Israeli Air Force launched interceptors as part of a pre-planned missile defense drill, and while the government refused to divulge the location of the battery, an Israeli TV channel reported that the drill was conducted using Patriot missiles fired from Palmachim air base.

 

 

Finally, the X in the southeast sits right on top of the Negev Nuclear Research Centre, more commonly known as Dimona. This is the primary facility relating to Israel’s nuclear weapons program and is responsible for plutonium and tritium production. The site is known to be heavily fortified; during the Six Day War, an Israeli fighter jet that had accidentally flown into Dimona’s airspace was shot down by Israeli air defenses and the pilot was killed.

 

 

The proximity of the Negev air defense battery to an Israeli nuclear facility is not unique. In fact, the 2002 SIPRI Yearbook suggests that several of the Yahalom batteries identified through SENTINEL-1 SAR imagery are either co-located with or located close to facilities related to Israel’s nuclear weapons program. The Palmachim site is near the Soreq Centre, which is responsible for nuclear weapons research and design, and the Mount Carmel site is near the Yodefat Rafael facility in Haifa—which is associated with the production of Jericho missiles and the assembly of nuclear weapons—and near the base for Israel’s Dolphin-class submarines, which are rumored to be nuclear-capable.

Google Earth’s images of Israel have been intentionally blurred since 1997, due to a US law known as the Kyl-Bingaman Amendment which prohibits US satellite imagery companies from selling pictures that are “no more detailed or precise than satellite imagery of Israel that is available from commercial sources.” As a result, it is not easy to locate the exact position of the Yahalom batteries; for example, given the number of facilities and the quality of the imagery, the site at Palmachim is particularly challenging to spot.

However, this law is actually being revisited this year and could soon be overturned, which would be a massive boon for Israel-watchers. Until that happens though, Israel will remain blurry and difficult to analyze, making creative OSINT techniques like Harel’s all the more useful.

—–

Sentinel-1 data from 2014 onwards is free to access via Google Earth Engine here, and Harel’s dataset is available here.

Posted on Oct.11, 2018 in FOIA, Intelligence by

Aircraft Interdiction Nets Colombian Cocaine

With the support of U.S. intelligence, the Colombian Air Force last year engaged dozens of aircraft suspected of illicit drug trafficking, leading to the seizure of 4.4 metric tons of cocaine.

In 2017, “Colombia, with the assistance of the United States, responded to 80 unknown assumed suspect (UAS) air tracks throughout Colombia and the central/western Caribbean,” according to the latest annual report on the program. The report does not say how many of the aircraft were actually interdicted or fired upon. There were also 139 aircraft that were grounded by Colombian law enforcement agencies.

See Annual Report of Interdiction of Aircraft Engaged in Illicit Drug Trafficking (2017), State Department report to Congress, January 2018 (released under FOIA, October 2018).

The joint US-Colombia effort dates back at least to a 2003 Air Bridge Denial program involving detection, monitoring, interception, and interdiction of suspect aircraft.

The basic procedures for intercepting, warning, and attacking a suspect aircraft were more fully described in a 2010 version of the annual report. At that time, Brazil was also part of the Air Bridge Denial program.

US support for the Colombia aircraft interdiction program — which includes providing intelligence and radar information, as well as personnel training — was renewed by the President in a July 20, 2018 determination.

Posted on Sep.25, 2018 in Intelligence by

Intelligence Support to Diplomatic Facilities Abroad

The role of U.S. intelligence agencies in helping to protect U.S. diplomatic facilities and personnel abroad is highlighted in a recently revised Intelligence Community Directive.

The directive does not specifically cite the reported sonic attacks on the U.S. Embassy in Havana, but those mysterious events seem to fall within its scope, which include implementing Technical Surveillance Countermeasures (TSCM) and TEMPEST programs (shielding electromagnetic emissions and preventing penetrations).

See Counterintelligence and Security Support to U.S. Diplomatic Facilities Abroad, Intelligence Community Directive 707, amended August 21, 2018.

Posted on Sep.06, 2018 in Intelligence, Military Doctrine by

Army Needs Intelligence to Face “Peer Threats”

U.S. Army operations increasingly depend on intelligence to help confront adversaries who are themselves highly competent, the Army said this week in a newly updated publication on military intelligence.

Future operations “will occur in complex operational environments against capable peer threats, who most likely will start from positions of relative advantage. U.S. forces will require effective intelligence to prevail during these operations.” See Intelligence, Army Doctrine Publication 2-0, September 4, 2018.

The quality of U.S. military intelligence is not something that can be taken for granted, the Army document said.

“Despite a thorough understanding of intelligence fundamentals and a proficient staff, an effective intelligence effort is not assured. Large-scale combat operations are characterized by complexity, chaos, fear, violence, fatigue, and uncertainty. The fluid and chaotic nature of large-scale combat operations causes the greatest degree of fog, friction, and stress on the intelligence warfighting function,” the documentsaid.

“Intelligence is never perfect, information collection is never easy, and a single collection capability is never persistent and accurate enough to provide all of the answers.”

The Army document provides a conceptual framework for integrating intelligence into Army operations. It updates a prior version from 2012 which did not admit the existence of “peer” adversaries and did not mention the word “cyberspace.”

Some other recent U.S. military doctrine publications include the following.

Department of Defense Dictionary of Military and Associated Terms, updated August 2018

Foreign Internal Defense, Joint Publication 3-22, August 17, 2018

Integrated DoD Intelligence Priorities, Directive-Type Memorandum (DTM) 15-004, September 3, 2015, Incorporating Change 2, Effective September 4, 2018

Aircraft and ICBM Nuclear Operations, Air Force Instruction 13-520, 22 August 2018

Implementation of, and Compliance with, Arms Control Agreements, SecNav Instruction 5710.23D, August 28, 2018

Posted on Jul.26, 2018 in budget, classification, Intelligence by

Bid to Rectify the “Black Budget” Fails

The so-called “black” budget — which refers to classified government spending on military procurement, operations, and intelligence — is not merely secret. It is actually deceptive and misleading, since it produces a distortion in the amount and the presentation of the published budget.

The amount of money that is purportedly appropriated for the US Air Force, for example, does not all go to the Air Force, the Senate Armed Services Committee recently observed.

“Each year, a significant portion of the Air Force budget contains funds that are passed on to, and managed by, other organizations within the Department of Defense. This portion of the budget, called ‘pass-through,’ cannot be altered or managed by the Air Force. It resides within the Air Force budget for the purposes of the President’s budget request and apportionment, but is then transferred out of the Service’s control,” according to a Senate report on the 2019 defense bill (S.Rept. 115-262).

Although the report does not say so, the Air Force budget may also include pass-through funding for the Central Intelligence Agency, which of course is not even part of the Department of Defense, as well as for other non-Air Force intelligence functions.

“In fiscal year 2018, the Air Force pass-through budget amounted to approximately $22.0 billion, or just less than half of the total Air Force procurement budget. The committee believes that the current Air Force pass-through budgeting process provides a misleading picture of the Air Force’s actual investment budget.”

The Senate therefore recommended that such “pass-through” funds be removed from the Air Force budget and included in Defense-wide appropriations.

But in the House-Senate conference on the FY2019 defense bill, this move was blocked and so the deceptive status quo will continue to prevail.

Earlier this month, the Director of National Intelligence and the Pentagon Comptroller wrote to Congress to present their views on the Senate provision. A copy of their letter, which presumably objected to the proposed move, has been requested but not yet released.

The logic of the Senate proposal was explained by Mackenzie Eaglen of the American Enterprise Institute in “Time to Get the Black Out of the Blue,” Real Clear Defense, June 13.

Posted on Jul.17, 2018 in Congress, Intelligence, Oversight by

SSCI Requires Strategy for Countering Russia

In its new report on the FY 18-19 Intelligence Authorization bill, published today, the Senate Select Committee on Intelligence would require the Director of National Intelligence “to develop a whole-of-government strategy for countering Russian cyber threats against United States electoral systems and processes.”

As if to underscore the gulf in the perception of the Russian threat that separates President Trump and the US intelligence community, the Senate Intelligence Committee comes down firmly on the side of the latter, taking “Russian efforts to interfere with the 2016 United States presidential election” as a given and an established fact.

The Senate report describes numerous other provisions of interest on election security, classification policy, cybersecurity, and more.

The House Intelligence Committee published its report on the pending FY18-19 intelligence authorization bill earlier this month.