China: The monolith myth

Diversity that is China China is always seen by the West as a big, monolithic country. That nothing could be further from the truth does not shake that popular wisdom, which is typical of cultural biases and heuristics. After all, our brain is mostly wired to deal with small communities of similar people - it is nigh impossible to consider the country with the population size of China. This is Part 2 of the four part series: Chinese intelligence structures The Chinese way of collecting data This post Cyber espionage - the Chinese way China has

The Chinese way of collecting data

Just like the Russian intelligence services make a great deal of using traditional tradecraft and Western agencies prefer clear-cut approach which leaves no doubt in the asset’s mind who they are working for so the Chinese approach has a typical modus operandi… This is Part 2 of the four part series: Chinese intelligence structures This post China: The Monolith Myth Cyber espionage - the Chinese way The Chinese agents cultivate their assets for a long period of time, building friendly relations and discussing mutual benefits.

Intelligence Chinese style (part 1)

Too often we hear about the “Chinese threat” which generally makes Chinese army and polity seem like a monolithic structure: to the (uninformed) outsiders, the journalists covering the issue, and too often to the cyber security experts China is a well-organised single entity - a hivemind if there ever was one in the human history. That this kind of thinking beggars belief on even slightly closer examination just goes to show how well the sceptre of “Chinese Threat” was been sold to the general populace.

FISC and DoJ lift some of the gag order on providers

“IC On The Record” Tumblr blog, or “I Con The Record”, depending on how you want to read it, posted this fine example of bureaucrateese: As indicated in the Justice Department’s filing with the Foreign Intelligence Surveillance Court, the administration is acting to allow more detailed disclosures about the number of national security orders and requests issued to communications providers, the number of customer accounts targeted under those orders and requests, and the underlying legal authorities. Through these new reporting methods, communications providers will be permitted to disclose more information than ever before to their customers.

What's an intelligence service to do? (If I were FSB)

The narrative that Snowden was an FSB asset is gaining traction in the mainstream media ready for new soundbites and more importantly for a different narrative that the audience isn’t getting bored with. Cue in omnipotent, yet still second fiddle to the good guys (this is Hollywood story, folks), supervillain, the FSB. According to the new narrative Snowden never worked alone, never talked a number of other NSA analysts and staff into giving him their username and password. Oh, no. He wasn’t just another disgruntled government employee that got emboldened by the leaks by Manning to WikiLeaks.

Of unsubstantiated losses and other fun things

Repeat a lie three times and someone is bound to use it and reference you as a source of truth. Especially if the author of the unsubstantiated claim is from any intelligence agency. For some reason they are beyond fact-checking by news agencies. The quote that got my attention this time? Cyber attacks can be expensive: one unidentified London-listed company incurred losses of 800 million pounds ($1.29 billion) in a cyber attack several years ago, according to the British security services.

It's the utility, stupid!

"Managers who are isolated from the intelligence customer tend to monitor the quantity of reports produced and level of polish in intelligence products, but not the utility of the intelligence itself."[1] This sounds equally true if you replace “intelligence” with risk. [1] Jack Davis, The Challenge of Opportunity Analysis

Intelligence values - also for risk management

I’m reading up on contemporary intelligence as part of my grad course and came across these six intelligence values. So far all I’ve read on intelligence reads very true to information risk management and often risk management as a whole. Have a read, see if the values for intelligence don’t marry neatly with risk management values: Accuracy: All sources and data must be evaluated for the possibility of technical error, misperception, and hostile efforts to mislead. Objectivity: All judgments must be evaluated for the possibility of deliberate distortions and manipulations due to self-interest.

What makes good intelligence product

[T]he differences between what qualifies a high-quality finished intelligence product within the intelligence community compared amongst their policymaking consumers. PP noted that internally, features such as the intellectual cogency and elegance of an assessment are deemed important. Alternatively, consumers may care more about the usefulness of the assessment, and wonder why it could not have been produced sooner, or if anything could have been done to resolve outstanding uncertainties and gaps in information. Interview with Paul Pillar from Georgetown University | Agents, Evolution and International Relations

Intelligence: It's not about being pure or correct knowledge

The same can be said of intelligence. It is not about pure knowledge or correct knowledge (whatever that means), it’s about ‘best truth’ (a relative and structurally conditioned term) and ‘truth to power’ (an endstate that conditions all that goes before it). For those who continually find the decision of governments to go to war on ‘intelligence grounds’ a grave miscarriage of all that is right, they need to remember that it is not about having ‘pure and correct information’ (in the philosophical sense), it is about having information that can be used for policy action and which sticks up as being sound, in the procedural sense: assessments and analysis are fluid and temporally determined The Place of Intelligence in Political Narratives | Kings of War