Report finds "waste" in Iraqi police training

By Jamie Crawford

A U.S. government watchdog says more than $200 million was wasted on a program to train the Iraqi police force, with security concerns and a lack of interest by the Iraqi government the main culprits for the program's shortcomings.
In an audit released Monday by the office of the Special Inspector General for Iraq Reconstruction, or SIGIR, auditors also said the Police Development Program faced challenges at the outset due to the lack of an assessment of Iraqi police force capabilities, and of a written commitment from the Iraqi government for the program to move forward.
Stuart W. Bowen Jr., who as inspector general leads the SIGIR office, signed the report that was sent to Secretary of State Hillary Clinton and the U.S. Embassy in Iraq.
The purpose of the program is to help Iraqi police services develop the capabilities needed to lead, manage and sustain internal security and the rule of law. The State Department is hoping to reach those goals by 2016.

A major cornerstone of the program was to be frequent and regular contact between U.S. advisers and Iraqi government officials. But the withdrawal of U.S. forces removed a "security blanket" allowing advisers to travel freely around Iraq, the report says. It remains unsafe for Police Development Program advisers to travel to training facilities on a regular basis.
The program was transferred to Pentagon oversight from the State Department in 2004 due to the deteriorating security conditions in the country at the time. The State Department's Bureau of International Narcotics and Law Enforcement Affairs resumed oversight in October of last year, just before all U.S. forces pulled out of the country in December.
Analysts who have read the report say it blames some of the program's shortcomings on the dangerous security situation between 2004 and 2008 in Iraq.
"Security was the buzz word, security is what got programs funded, and security was going to be what let us leave Iraq" with a fully functioning Iraqi police force left behind, Stephanie Sanok with the Center for Strategic and International Studies told CNN.
The United States has spent about $8 billion to train, staff and equip police forces since 2003, the report says
The United States was forced to close a training and housing facility in Baghdad just months after the police training program began because of security concerns and program revisions. The cost for the facility was estimated at $108 million. The report refers to the expenditure as "de facto waste." In addition, it says a separate training facility in the southern city of Basra, costing an additional $98 million in State Department funds, will not be used. The Iraqi government decided to terminate training at the facility.
"An overarching question is why expensive construction was initiated at both of these facilities without a formal programmatic agreement in place at the time construction began," auditors wrote in the report
The report also highlights a "lukewarm" reception to the program by the Iraqi government.
"In May 2012, the deputy minister of the interior told SIGIR that the (Police Development Program) was 'useless' and that the (Iraqi government) did not need the large numbers of PDP advisors currently in-country," the auditors wrote. "He also indicated that Iraqi police officers had expressed their opinion that the training received to date was not beneficial."
"It really was misstep after misstep, (the United States) didn't actively engage the Iraqis then," said Sanock, who worked in the embassy in 2008 and 2009. "When governments changed, when players changed, they didn't get the buy-in of the new folks, and it was really an imposition of the U.S. mindset on the Iraqi government that just was never going to work."
Among the other findings in the report, auditors said the program has been significantly downsized from the ambitious size once envisioned.
Initially the program called for 350 advisers who would be able to fly throughout the country, but the number was quickly reduced to 190 advisers who would be based in Baghdad, Basra, and Erbil. Further program changes and funding uncertainties have reduced the number of advisers for the program to 36. Eighteen are stationed in Baghdad and 18 in Erbil.
Safety and security requirements for the program are also eating significantly into its operating costs. As of March 31, the Bureau of International Narcotics and Law Enforcement Affairs said, about 94 percent of funds obligated for Police Development Program operations had been for security and life and mission support costs.
With the downsizing of the program, SIGIR said, available funding exceeds current costs. The audit estimates that $118.2 million in unused funds for 2010 and 2011 are available to the program. That figure may be sufficient to meet remaining program costs for the current fiscal year budget, which SIGIR estimates to be less than $100 million.
But it is unclear how much will be needed to fund program activities in 2013, the report said.
The report recommends the State Department obtain a written agreement with the Iraqi government on the specific type and number of training classes to be provided, along with mutually acceptable locations for conducting the training. It also suggests Congress consider requiring the State Department to provide written certification of Iraqi government "buy-in" for new classes before any additional U.S. money is committed.
The United States will turn over control of the main police training center in Baghdad to the Iraqi government in December. The State Department says that will eliminate static security costs for the site and reduce other personnel costs due to staff reductions. As of March, 954 of the 1,458 Police Development Program personnel in Iraq were housed at the facility, the report said.
Sanok said the report serves as a wake-up call for the State Department.
"My fear is that we may repeat that error with Afghanistan," she said. "I would love for the State Department to have learned from this experience, fix it, but also to not go down this road again in other countries."


http://edition.cnn.com/

The five biggest stories at Black Hat

The annual Black Hat Briefings conference, held last week in Las Vegas, is the world’s biggest, and arguably the most important, gathering of security researchers; here are the five biggest stories to take away from last week’s Black Hat meeting in Las Vegas
The annual Black Hat Briefings conference, held last week in Las Vegas, is the world’s biggest, and arguably the most important, gathering of security researchers.
SearchSecurity.com’s Black Hat 2012 special coverage page covered the week’s discussions in depth. The editors also chose the five biggest stories from the event.

• Black Hat panelists: Humans, not code, are the targets: Despite new technologies and better software security, a panel including Bruce Schneier and Marcus Ranum say cybercriminals are instead focusing on targeted social engineering attacks.
• Indexing flaws change game for Oracle database security: Longtime Oracle thorn David Litchfield presented working exploits targeting Oracle database indexing vulnerabilities, calling the database giant’s reactive security strategy into question.
• Apple tech talk a missed opportunity, researchers say: Thursday’s Apple session marked the iPhone and iPad maker’s first public discussion about iOS security, but only covered what security researchers already knew, disappointing many in attendance.
• On-stage Near Field Communication hack shows NFC security issues: Using actual exploits, researcher Charlie Miller demonstrated how Near Field Communication security issues open a huge attack surface on smartphones.
• Limited release for tool allowing smart meter hacks: Don Weber of InGuardians did not demo how he is able to compromise virtually every smart meter on the market today, but is releasing his hacking tool to utilities, vendors and vendor-vetted researchers.

 http://www.homelandsecuritynewswire.com/

Cisco and Thales Target Global Defense and Security Market

Cisco (CSCO) and Thales, a global technology leader with a unique capability to provide equipment, systems solutions and services that meet the most complex security requirements for defense and security, aerospace and transportation markets, today announced a new partnership to address the global defense and security market.
The new agreement will combine Thales’ global industry expertise with Cisco networking and communications innovations, expand the collaboration globally and accelerate joint go-to-market activities and solution development. The expanded collaboration is built on a long-standing relationship between the two companies in the European market.
The Cisco-Thales collaboration will encompass a number of strategic initiatives, including:

• Development of Thales solutions based on a range of Cisco technologies
• Jointly addressing key defense and security market opportunities such as mobile routing or broadband evolution of radio networks
• Joint go-to-market activities, closely coordinated at both global and country level

Highlights:

• Cisco will provide Thales with an extensive range of standard networking equipment and infrastructure, complemented by industry leading networking design and engineering expertise from Cisco Services.
• Cisco will also utilize its rigorous sales and technology training programs, such as Cisco Sales Expert and Cisco Vertical Solutions Architect, to enable Thales global sales and engineering teams.
• Thales will become a Cisco Global Specialty Integrator, allowing Thales to embed Cisco technologies into its own systems and solutions in all geographies, where a strong resilience and high quality of networking services is required.
• The designation will also enable Thales to partner directly with Cisco globally and resell select networking technology and collaborate in the development of new solutions.

Jean-Michel Lagarde, senior vice president in charge of Systems Activities, Thales Communications & Security, commented:
“This will be a hugely valuable long-term collaboration for both businesses. Combining Thales’ specialist industry expertise and advance integration capabilities with Cisco’s world-leading networking knowledge and technology will allow us to develop and deliver genuinely innovative security solutions to our customers worldwide.”
Chris Dedicoat, president, Europe, Middle East, Africa and Russia, Cisco, commented:
“Cisco and Thales share a common belief in the importance of the network in driving innovation and delivering business value within the defense sector. By working closely together, both companies will be better placed to address existing opportunities within the industry and create the new solutions that will help deliver competitive advantage and drive new market opportunities across the defense, security and aerospace industries.”
Thales is a global technology leader for the Defence & Security and the Aerospace & Transport markets. In 2011, the company generated revenues of EUR 13 billion with 67,000 employees in 56 countries.
Cisco (CSCO) is the worldwide leader in networking that transforms how people connect, communicate and collaborate.

http://www.defencetalk.com/

Harris Atlas Systems to Establish Geospatial Data Sharing System for a Mid-Eastern Government

Harris Atlas Systems LLC has been awarded an $8 million dollar contract to provide a Middle Eastern government agency with a system that will ensure that critical military and public safety information can be shared quickly, easily and securely even under the most demanding circumstances.
The advanced geospatial intelligence solution consists of enterprise and mobile versions of Harris Corporation’s Active Catalog™ system, which enables users to manage, share, and retrieve large volumes of geospatial data — information that identifies the geographic location and characteristics of natural or constructed objects — that reside throughout an enterprise. It also provides access to live data feeds, and can generate and publish documents and map products of urban environments.

Active Catalog integrates with a variety of Open Geospatial Consortium-compliant and standard geographic information systems software, such as ESRI and Bentley, which many customers are already using for military, intelligence and public safety operations. With sophisticated techniques to extract metadata, it supports a wide range of data formats, including overhead and aerial imagery, maps, intelligence reports, sensor data and other derived products. Data and metadata are securely shared between enterprise and remote versions of the system, enabling remote users to access enterprise-based geospatial intelligence data and also send field-collected information back to the enterprise.
Leveraging 130 patents and more than 30 years of experience developing systems for the largest geospatial customers, Active Catalog goes beyond traditional catalog capabilities to one that incorporates a variety of data sources, and effectively support remote users in the most limiting environments — such as in a disaster or emergency — and delivers the highest level of security possible, Leon Shivamber, managing director, Harris Atlas Systems explains.

 http://defense-update.com/

Raytheon to develop cyber maneuver technology for US Army

Raytheon has received a $3.1 million contract to develop technology for Morphing Network Assets to Restrict Adversarial Reconnaissance (MORPHINATOR), a program that uses cyber maneuvering techniques to thwart potential attackers in high-threat environments.
Cyber maneuver is the technique of dynamically modifying aspects and configurations of networks, hosts and applications in a manner that is undetectable and unpredictable by an adversary but still manageable for network administrators.
“The intent of cyber maneuver is to place computer network defense technology into a proactive state, thereby shifting the advantage away from the attacker,” said Jack Donnelly, director of Trusted Network Systems for Raytheon’s Network Centric Systems business.
“By constantly changing the characteristics of the networks it resides on, MOPRHINATOR provides a more robust and trusted networking solution.”
MORPHINATOR is designed to be used in conjunction with other existing security devices to provide an active defense approach to information assurance.
Raytheon received the contract from the U.S. Army’s Communications, Electronics, Research, Development and Engineering Center (CERDEC), Space and Terrestrial Communications Directorate. Work will be done in Largo, Fla., and Aberdeen, Md.

 http://www.defencetalk.com

Finmeccanica Completes First Tests for NATO Cyber Security System

The Finmeccanica Cyber Solutions team selected in February 2012 to fulfil the NATO Computer Incident Response Capability (NCIRC) – Full Operating Capability (FOC) requirement, has completed the testing phase of the programme’s Proof of Concept in line with the challenging timescale set by NATO. NCIRC FOC will provide a highly adaptive and responsive system to help protect NATO from cyber-attacks against both its mobile and static Communication and Information Systems.
This world-class team led by Finmeccanica (FNC IM, SIFI.MI), comprising its companies SELEX Elsag, SELEX Systems Integration and VEGA, together with its partner Northrop Grumman, is leveraging its wealth of experience in addressing complex cyber-defence requirements.
The completion of the testing phase of the Proof of Concept, confirms that the programme continues to meet its objectives and demonstrates the value of the team’s multi-national capability, leadership in the development and delivery of cyber defence solutions, and unrivalled experience of multi-domain cyber programmes for government and defence customers in the US, UK, Italy and other countries around the world.
Once delivered, NCIRC FOC will provide an agile, flexible and interoperable solution featuring advanced cyber defence systems to protect NATO static commands, crisis operations, NATO signal battalions, Article V Operations and the NATO Reaction Force.
“With the completion of the testing of the Proof of Concept, we have achieved an important stage in delivering the NCIRC FOC. This reflects the growing partnership between NATO, Finmeccanica and our Northrop Grumman partner,” said Giuseppe Orsi, Chairman and CEO of Finmeccanica.
“Through our chosen solution, NATO will be able to improve their capability to counter the ever increasing and sophisticated threat from cyber-attack.
“The successful achievement of this important milestone is a further step towards full implementation of NATO’s CIRC capability and demonstrates the growing strength of the partnership we have established on this programme”, said Mike Papay, Vice President Cyber Initiatives of Northrop Grumman Information Systems.
“We look forward to continuing to apply the full range of our resources and decades-long cyber security experience both in the U.S and U.K., to ensure the successful delivery of this programme.”

 http://www.defencetalk.com

Will rising temperatures lead to rising crime rates?

General Strain Theory has become one of the leading explanations for crime, and Emory University’s Professor Robert Agnew, has become its chief architect; he argues that rising temperatures will lead to more strains — increased temperatures, heat waves, natural disasters, serious threats to livelihood (farming, herding, fishing), forced migrations on a massive scale, and social conflicts arising as nations and groups compete for increasingly scarce food, fresh water, and fuel – and more strains invariably lead to rising crime rates
When most people think about climate change, they envision rising temperatures and sea levels. Robert Agnew, a professor of sociology at Emory, thinks about rising crime rates.
It was in the early 1990s, while focusing on the causes of crime and delinquency, that he began to see that certain strains, or stressors, increase the likelihood of crime — including economic deprivation, discrimination, criminal victimization, harsh or erratic discipline, child abuse, and neglect. These strains can foster a range of negative emotions such as anger, frustration, and depression that put people under pressure to take corrective action. Some of those actions are criminal.
An Emory University release reports that during the last few decades, Agnew’s research on general strain theory has become one of the leading explanations for crime, and he has become its chief architect. He is among the most frequently cited criminologists in the world, and was recently elected president of the American Society of Criminologists.
Agnew believes the pressures caused by climate change will become “one of the major forces — if not the major force — driving change as the century progresses.” He lists strains such as increased temperatures, heat waves, natural disasters, serious threats to livelihood (thinking farming, herding, fishing), forced migrations on a massive scale, and social conflicts arising as nations and groups compete for increasingly scarce food, fresh water, and fuel. Especially in the developing world, he believes crime will become a critical issue, making it more difficult to keep the peace in megacities heavily populated by immigrants.
The release notes that Agnew’s background in criminology is not purely academic. He grew up in the Atlantic City of the 1950s and 1960s, before casinos brought tourist dollars and jobs. “There was a lot of race and ethnic conflict a lot of crime and delinquency in high school, and I drew very much on those experiences when I came to criminology.”

 http://www.homelandsecuritynewswire.com/

Cyber chief warns of rising danger from cyber attacks

By Suzanne Kelly

In a rare public appearance Monday, the head of the country's Cyber Command warned that the nature of cyberattacks is changing and becoming more dangerous.
Gen. Keith Alexander also talked about the economic toll that cyberintrusions are taking on American business, saying that for every intrusion detected by the FBI, there are 100 others that remain undetected.
"The probability for crisis is mounting," said Alexander, who also heads the National Security Agency. He told an audience at the American Enterprise Institute in Washington that he was concerned about the changing nature of the threat from disruptive to destructive attacks and that the numbers of cyber attacks against business and critical infrastructure are on the rise.
Alexander used the public opportunity to urge Congress to quickly pass legislation that would give the government additional authorities to communicate what it knows with the private sector to enable a closer public-private partnership when it comes to cybersecurity. Critics argue that giving the government too much power will come at a cost when it comes to civil liberties.
"We can protect civil liberties and protect cyberspace," said Alexander, who added that the government is not interested in reading private e-mail, but is interested in identifying the IP addresses from which malicious computer programs are being launched.
Alexander said there are still concerns that terrorist groups like al Qaeda may launch a cyberattack. He added that al Qaeda "is not viable in that realm right now," but said that could change quickly and that concerns him.

Warfare by Remote

http://edition.cnn.com/

Cyber chief warns of rising danger from cyber attacks

By Suzanne Kelly

In a rare public appearance Monday, the head of the country's Cyber Command warned that the nature of cyberattacks is changing and becoming more dangerous.
Gen. Keith Alexander also talked about the economic toll that cyberintrusions are taking on American business, saying that for every intrusion detected by the FBI, there are 100 others that remain undetected.
"The probability for crisis is mounting," said Alexander, who also heads the National Security Agency. He told an audience at the American Enterprise Institute in Washington that he was concerned about the changing nature of the threat from disruptive to destructive attacks and that the numbers of cyber attacks against business and critical infrastructure are on the rise.
Alexander used the public opportunity to urge Congress to quickly pass legislation that would give the government additional authorities to communicate what it knows with the private sector to enable a closer public-private partnership when it comes to cybersecurity. Critics argue that giving the government too much power will come at a cost when it comes to civil liberties.
"We can protect civil liberties and protect cyberspace," said Alexander, who added that the government is not interested in reading private e-mail, but is interested in identifying the IP addresses from which malicious computer programs are being launched.
Alexander said there are still concerns that terrorist groups like al Qaeda may launch a cyberattack. He added that al Qaeda "is not viable in that realm right now," but said that could change quickly and that concerns him.

 http://edition.cnn.com/?refresh=1