CIA _ IT
Shared by: jobhesk
DALLAS BAPTIST UNIVERSITY MANAGEMENT INFORMATION SYSTEMS RESEARCH PAPER SUBMITTED TO DR. KAVLI IN PARTIAL FULFILLMENT OF THE REQUIREMENTS OF THE COURSE MISM 3301 BY TRAVIS DIXON APRIL 19, 2007 Since September 11, the government’s defense agencies have really increased their use of information technology systems to track terrorists. The CIA in particular has incorporated much of the IT capabilities into their endless search for information regarding terrorist, and ultimately preventing terrorism in the United States. Even though the CIA strives to improve their use of IT to hunt terror, they have come across many obstacles in the way of privacy issues, litigation, competing to stay ahead of the rapidly evolving commercial IT advancements, and the barriers to information flow between the different departments of defense. The good news is that they have many new IT advances that ensure a safer America, and an earlier detection of terrorist plots. Although they face a difficult path, they have made many strides that will become milestones if they can convince America that they are not encroaching upon our privacy, or that it must be done for national security. For a brief history, the Central Intelligence Agency (CIA) officially began after World War II, even though there has been intelligence gathering for the government since the beginning of the presidency. President Truman was finally responsible for giving the CIA some authority and sanctifying them as a government agency. CIA has undergone many threats from the Cold War scares to today’s present war on terrorism. Recently the CIA has undergone changes from the Bush administration in 2004 involving the Intelligence Reform and the Terrorism Prevention Act. Currently, they are dealing with the new litigation involving privacy issues concerning the new information technology that they are utilizing. The purpose of this agency, stated directly from their website, is that they are “responsible for providing national security intelligence to senior US policymakers” (What is the CIA?, 1). It is easy to see that the CIA has much use for information systems in their line of work. After the attack on 9/11, the CIA was pointed to as one of the major failures that led to a successful attack by the terrorists. “The failure of federal agencies, and especially the nation’s intelligence services to share information – according to the Sep. 11 Commission – one of the key problems hampering the nation’s fight against terrorism” (Farber, 1). Not only this, but they were ridiculed for having inadequate IT systems in place to seek out such a plot. “If we had had advanced IT tools in place prior to September 11, it is almost certain that some of the terrorists would have been detained, and some of the plots would have been foiled” (Ham, 1). For a while, the CIA was scrutinized, criticized, and eventually reevaluated until the agency got its act together and began to beef up their war on terror, and their methods, namely information technology and the sharing of information across national defense borders. The fact was that the CIA wasn’t completely out of touch with the new age IT capacities, they simply had joined the race too late and were playing catch-up when 9/11 caught them ill prepared. In 1998, senior officials had begun to realize that they were behind in the technologies of the time, namely the exploding IT world. It was clear that commercial enterprises had surpassed the CIA, which is the exact opposite position the CIA should have in reference to current standards of technology. The CIA should be ahead of the current level of technology at all times, giving them a competitive advantage in the field of information. They experienced this side of the cutting edge technology in the Cold War era and were greatly successful as a result. The CIA decided that they needed some sort of “vehicle to tap into the flow of the private sector advances”, sort through this multitude of new cutting-edge technology, and to extract the most progressive systems that were capable of completely new ways to track terrorists (Molzahn, 1). The CIA’s plan was to broaden their IT capabilities on many different levels, with different strategies for sniffing out terrorism. The senior officials decided that “[b]eginning with the critical field of IT, we will pursue this new approach through the creation of an external nonprofit enterprise designed to electronically connected to leading research throughout the country” (Molzahn, 1). Not only was this organization to select from the vast majority of technology available, but also were designed as a research and development facility for the CIA. After about a year, planning became a reality when Norman Augustine, former CEO of Lockheed-Martin, founded In-Q-Tel in February 1999 as a private sector corporation. In-Q-Tel is currently located in Delaware, and remains a nonprofit, non-stock corporation that is tax exempt through special requirements that they meet with the Internal Revenue Service (IRS). The company has three main stated purposes: “Perform and promote research and related scientific endeavors in the field of IT; foster collaborative arrangements that make private sector IT expertise more readily accessible to agencies of the United States; and foster the development of IT that will benefit the public, private, and academic sectors of the United States” (Molzahn, 1). The greatest part about this new corporation is the flexibility that they had in communicating with the IT community, academia, and the government agencies. As a result of this flexibility from government restraint, In-Q-Tel was able to rapidly explore the options of the IT community and find solutions that would become tools for hunting terror in the intelligence agencies. They continue to find new options everyday with their research and development programs aimed at finding the right technology to thwart another terror attack on American soil. So far they have been experienced great success with their flexible infrastructure. There are many new IT tools that were options for the CIA, but only the most cuttingedge programs would be chosen to carry out their siege on terrorism. Some of the first upgrades were pages out of the FBI’s playbook. The FBI began to use a program called Carnivore that captures suspect’s e-mails and only needs a minimal approval from a judge. The CIA has used similar technology to intercept e-mail and trace it to suspected terrorists. Another high-tech idea that they borrowed from the FBI is called a “key logger device”. This device is implanted inside a computer after permission is obtained from the courts, and records every keystroke that is made. This device is cutting down on the time it takes to crack codes, trace trails, and analyze information. However, the CIA came out with some of their own high-tech tools that were developed and approved by In-Q-Tel. The CIA came up with a program called Fluent to track foreign Web sites. This “custom-written software scours foreign Web sites and displays information in English back to analysts”, says a technician from In-Q-Tel (Tech Reviews, 2). However, as a result of this productive program, the CIA is rushing to find and train people in the Arabic language so that they can use this program efficiently. The program is already able to understand 9 different languages and is constantly being updated with new languages. Hopefully this program will help the CIA to locate web sites where terrorists are able to keep in contact with coded messages or through seemingly unrelated message boards or blogs. Because the terrorists are so spread out, and are forced to stay in small numbers rather than assemble in a large group setting, the loss of this coordination tool will be critical in dispersing terrorist activity in the future. Another of the CIA’s own IT accomplishments is a program called Oasis. This new breakthrough technology “listens to worldwide television and radio broadcasts and transcribes detailed reports for analysis” (Tech Reviews, 2). With Oasis, the CIA is able to keep in touch with what is happening in the areas that they believe terrorist activity to be located in and perhaps pick up messages sent over these radio waves. Another technique that terrorists use is messages encoded in cartoons and other such programs that no one will understand if they do not have knowledge of terrorist jargon such as code words and other commands phrases. The program is not perfect though, currently misinterpreting about one in every five words in Arabic due to colloquial language. Technicians will continue to try and improve these language barriers in Oasis to ensure its effectiveness. Another very recent project the CIA has kept fairly low-key is their relations with the popular search engine Google. Reports have confirmed that Google has an arrangement with the Central Intelligence Agency and other intelligence departments to help in the search for terrorists. The intelligence agency is interested in a fairly recent technique called data mining. In data mining, vast amounts of information is scoured, or sliced through, in order to uncover patterns or relationships in the history of the data. However, in order to engage in data mining, one must have access to large amounts of data, or data warehouses, where the information may be accessed and then mined with special programming. This is where Google comes into play. “Google collects data on each users search queries, which web sites users visited after making a query, and through its Google Analytics service, can also track users on cooperating web sites” (Hampton, 1). With this vast amount of information, Google is able to build profiles on each person based on what he searches for and looks at on the Internet via their search engine. With such an arrangement, the CIA is able to access these profiles and vaults of information in order to search for patterns that might lead to terrorist activity. The truth is that if this had been used prior to 9/11 where many of the terrorists searched via Google, and then we might have been able to apprehend some of them. The only problem with this arrangement is that the public is not certain as to how much, or what level of, information is accessible to the CIA. Many feel that their rights are compromised in data mining in the issue of privacy. Advocates of privacy say that the CIA needs barriers in place to protect them from unrestricted viewing of private citizens. Google has continued to downplay their relations with the CIA due to bad publicity, but are receiving additional funds from In-Q-Tel through the CIA for their cooperation. One of the most recent IT programs that the CIA has unleashed is a program that tracks bank transactions back to terrorist funding and related activities. This program was created in 2006 and is in conjunction with the Treasury Department’s efforts to help fight terrorism. John Snow, the Secretary of Treasury, ensures that the program that was once top secret is “entirely consistent with democratic values [and] with our best legal traditions” (Aversa, 1). Snow said that by following the money trail, the CIA has been able to locate operatives, track them to financiers, and trace the terrorist’s networks better than ever before. The operation has already led to captures of al-Qa’ida and is proven to be more than effective in charting terrorist networks. This now known IT project is raising much debate with the Democrats of Congress who claim it to be an invasion of privacy and a violation of the Fourth Amendment. Snow argues that “very significant safeguards and protocols have been put in place”, and that “access to data which has been collected was limited to people with specific security clearances” (Aversa, 1). Although the Democrats continue to complain about Bush and his aggressive expansion of the executive branch, the program has been one of the most productive yet. Snow claims, “shutting of the financial spigot seems to be working” (Aversa, 1). The intelligence community faces two major dilemmas in their advancement of IT in their pursuit of terrorism. The first of these problems is with the horizontal sharing of information across the three intelligence agencies, the Federal Bureau of Investigation (FBI), the National Security Administration (NSA), and the CIA. This lack of unity was one of the key problems outlined in the failure to realize the 9/11 plots in time. The problem lies in the fact that each of these three agencies has its own information database that is separate from the others, and at the time of 9/11 restricted from access by any other agency. “The reasons why (different government computer systems and databases) are not connected has nothing to do with technology”, a white house official in charge of e-government and information technology said, “it is policies and business processes” that impede the flow of information (Farber, 1). The intelligence agencies, including the CIA, have turned to knowledge management technology to hunt the complex criminals of terrorism. Knowledge management technology is “a group of tools and methodologies designed to help gather, organize, share, and analyze information” (Schwartz, 1). The key to this management technology is an endless flow of information. Unfortunately without the coordination of intelligence agencies, horizontally, and other of state, court, and county, vertically, then the knowledge management technology will never reach its full potential. Barak Pridor, the CEO of a knowledge prominent management company in New York, says it best; “there is gold buried in an organization’s assets, but in most cases you don’t see gold being turned into jewelry, which has utility to an end user” (Schwartz, 1). One of the main tools of the knowledge management systems is a program that is able to link to unseemingly related bits of information in a process called link analysis. Because link analysis can connect bits of information from different mediums, it is the perfect terrorist hunting tool. Once again, if the information is confined, to say the CIA’s personal database, then link analysis becomes quite ineffective. The first step of this process of sharing between intelligence agencies involves reforming rigid, individual protocol into flexible, secured sharing that will enable programs like link analysis to soar in unbounded information. “[T]he biggest problem, experts say, is how to share data effectively and securely among agencies” (Schwartz, 1). Although the intelligence community has come up with many secure ways of sharing, they have still not pinned down one way to securely share information. The second major dilemma that the intelligence community faces is how to balance the fine line between necessity to search private records and locate terrorists, and the privacy guaranteed by the government to public citizens. Although a sure solution is not set, some very viable options are beginning to present themselves. An entrepreneur by the name of Jeff Jonas believes that he may have found a way to protect personal privacy and engage data mining programs at the same time. Jonas began in this career path in Las Vegas. After noticing that casinos were having trouble identifying criminals and professional card sharks who were claiming alternate identities to enter the casinos, Jonas decided to start a company called Systems Research and Development (SRD). With this company, Jonas developed information systems software that was able to identify if a person was who they claimed to be. Next Jonas created a program called NORA (Non-Obvious Relationship Awareness) in which a person can be traced to see if they are connected with any unsavory characters. Best yet is that these programs work in seconds. It is safe to say that the casinos were more than pleased with this software. In-Q-Tel quickly harvested this man’s talent and is using some of his software to track criminals and terrorists. After becoming involved in the intelligence community, Jonas became aware of the privacy issues that arose do to his software and decided to create another program in response. “His response was to invent ANNA (“NORA’s little sister”, he explains), a system that “anonymizes” data by an encryption technique called hashing” (Levy, 1). When hashing occurs, the data is scrambled, and as a result, private records can be shared with government agencies, and secret watch lists can be distributed to private entities without fear because they won’t be able to read them. However, when a there’s a match between a coded watch list and hotel reservation, the program sends a message to the intelligence agency which then must obtain court permission to retrieve the actual record from the private entity. ANNA seems to be one of many new approaches for a mixture of data mining and privacy regards. Jonas explains in his own opinion that “technology like ours are just band-aids…the real problem is hundreds of thousands of people who are brought up to hate us” (Levy, 1). Even though Jonas points out the root of such a problem, intelligence agencies turn to the difficulties that they can conquer – defense. Although the intelligence communities have not yet conquered these problems completely, they are coming closer to the unified, secure, flexible system that are the current answer to stamping out terrorism. Not only this, but personal privacy seems to be a foreseeable goal in the midst of the vast information systems that intelligence agencies like the CIA, are using as they primary weapon against foreign threats. Bibliography Aversa, Jeannine. (2006). CIA has tracked bank transactions in terror hunt. Retrieved April 14, 2007, from The Independent. Web site: http://news.independent.co.uk/world/americas/ article1096044.ece. Farber, David. (2004). ‘Policy, not technology’ creates barriers to info sharing. Retrieved: April 14, 2007, from Interesting-People Message. Web site: http://www.interesting-people.org/ archives/interesting-people/200409/msg00199.html. Ham, Shane and Atkinson, Robert D. (2002). Using Technology to Detect and Prevent Terrorism. Retrieved April 14, 2007, from Progressive Policy Institute. Web site: http://www.ppionline.org/documents/IT_terrorism.pdf. Hampton, Michael. (2006). Google in bed with U.S. Intelligence. Retrieved April 14, 2007, from Homeland Stupidity. Web site: http://www.homelandstupidity.us/2006/02/22/google-inbed-with-us-intelligence/. Levy, Steven. Greek War on Terror. Retrieved: April, 14, 2007, from Newsweek. Web site: http://www.msnbc.msn.com/id/4486823/. Molzahn, Wendy. (2003). The CIA’s In-Q-Tel Model it Applicability – Opinion. Retrieved April 14, 2007, from Find Articles.com. Web site: http://findarticles.com/p/articles/mi_m0JZX /is_1_10/ai_99753430. Schwartz, Karen D. (2003). Countering Terrorism with Technology. Retrieved April 14, 2007, from GOVEXEC.com. Web site: http://www.govexec.com/features/1003/1003manage tech.htm. Tech Reviews: High-tech arsenal deployed in terrorist hunt. (2001). Retrieved April 14, 2007, from USA Today. Web site: http://www.oceansystems.com/dtective/usa_today_10.29. 2001.pdf. What is the CIA?. (2007). Retrieved April 14, 2007, from CIA Today. Web site: https://www.cia. gov/cia/publications/cia_today/index.shtml.