Analysis Brief's

 More Information

The World of Industrial Espionage

More Information

 

North Korea Activities in Asia and Russia 

Reports indicate that the North Korean government has become one of the largest criminal syndicates in the world and there are concerns that their increased ties to Islamic terrorist groups could pose an even bigger threat.  Through its infamous Bureau 39 and Daesong industries, the North Koreans are allegedly involved in drug trafficking, counterfeit commercial products and cigarettes, as well as counterfeit US currency.  

Using a shipping fleet trained to insert covert operatives, and abusing diplomatic immunity, many allege the North Koreans are expanding their illegal operations by carrying drugs, counterfeit currency and explosives in their diplomatic pouches and using their covert operational ships to move drugs, firearms and counterfeit cigarettes in volume . 

North Korean ships have been sighted transhipping drugs, counterfeit cigarettes in Japan, Korea and the Philippines.  They have even been blamed for selling weapons to radical Islamic terrorists in the Philippines and Indonesia.  North Korean criminal activities in Asia are focused in a former Portuguese colony, now a Special Administrative Region of the People's Republic of China...the gambling mecca of Macau.  Macau has been a center for North Korean criminal and intelligence activities for at least 30 years.  Macau is their gateway to the rest of the world and Chinese Triads and Russian mafia elements are also well represented in Macau. 

The North Korean pharmaceutical companies and state farms supposedly produce the illegal drugs. The government uses the profits to finance health programs in North Korea.  Japanese authorities have intercepted more than 3300 pounds of crystal meth on North Korean vessels just in the past year and defectors have claimed they helped cultivate and refine heroin from poppies, using state owned land, personnel and vehicles.   

According to our sources, which specialize in intellectual property protection, Taiwan and the Philippines, especially the free trade zone in the former US navy base of Subic Bay, are major transhipment points for up to 41 billion contraband cigarettes produced each year in North Korea.  These cigarettes are sold throughout Asia under popular brand names such as Marlboro and Benson & Hedges.  In Japan, North Korean cigarettes often carry the Mild Seven brand name.  

Finally, the US State Department says that North Korea has been producing counterfeit US currence since at least the early 1990's and in 2006 sources estimated the North Koreans had put more than US$48 million of counterfeit currency into circulation.  Often this was done by diplomats working with organized criminal gangs in Macau, elsehwere in China, and with Russian mafia groups that spread the drugs and counterfeit currency throughout Europe. 

A big concern is the fear that the North Koreans could use their knowledge of nuclear weapons, their covert shipping methodologies and criminal connections to smuggle weapons of mass destruction into the US, Japan or Europe. 

One way or another, it is clear that there are many indications that North Korea poses a broad potential threat to the world and the North Korean government is abusing every privilege and right that it receives from the rest of the world. 

During the Cold War, the North Koreans were viewed as some of the most extreme and radical opponents we faced in the intelligence business.  Now, it appears that threat has expanded into the private sector, banking sector and international trade.  BSSG has the expertise to help companies understand this threat and how to protect themselves.

HOME GROWN UK BOMBERS USE THE RADICAL ISLAMIC TERRORIST TARGET LIST 

By now everyone is keenly aware that more so-called "home grown terrorists" attempted to use two vehicle borne improvised explosive devices (VBIED's) to bomb at least one night club, perhaps more, in Central London a week ago but the explosive devices apparently malfunctioned and, as a result, many lives were saved.  These two VBIED's were followed by an attempted car bombing of the airport in Glasgow, Scotland where, once again, malfunctions and on this occasion, vehicle barriers, thwarted the attack. 

These attacks should have demonstrated the flaws in some people's thinking (and we use the term lightly) about terrorists motivated by radical Islamic Salafi-Jihadism.  We suspect some will continue to express their "feelings" on the subject but it is time to focus on facts.  The theory of some, who commented on the background of "home grown terrorism," in the wake of the 7/7 subway/bus bombings in London, other bombings in Europe, or even those who were involved in alleged terrorist plots in the U.S., is that all of this took place because the young radicals involved were discriminated against and could not find opportunities in a racist Europe/America.  Faced with this situation, terrorism was, they say, a natural outcome. 

These most recent attacks should shatter that simplistic view.  Certainly their isolation in society could be one of the many collateral issues, but in this latest series of attacks the perpetrators of these acts were well thought of, well paid medical doctors.  Some may point out these individuals were not pure "home grown" terrorists because they were not long-time residents.  But these individuals qualify as home grown in the sense that they were not visitors but were employed residents of the UK who had even been outspoken radicals at Cambridge University and local mosques. 

The question is how we can best deal with this problem and protect ourselves. 

We commend the Los Angeles Police Department (LAPD) for a step in the right direction through their pro-active efforts in the wake of these most recent incidents in the United Kingdom.  A recent Los Angeles Times article noted that the LAPD was conducting antiterrorism assessments of nightclubs in Los Angeles.   

There were, however, some disconcerting issues that the article highlighted.  First, the Times noted that "nightclubs" had not appeared on any government lists of possible terrorist targets.  They noted that a 2003 list of leading targets, produced by the California attorney general's office, included the Los Angeles International Airport, Disneyland, the Golden Gate Bridge and the ports of Long Beach, Los Angeles, San Diego and Oakland.  Where were the nightclubs? 

What our government agencies focus on is worth noting but we tend to believe that an even better approach is for businesses to do some research on their own.  They should examine what the radical Islamic terrorists say about what they will target using the terrorist's own internal communications.  Obviously the terrorists do not openly list specific targets by name but they do give some categories of potential targets. The following is a general compilation of multiple radical Islamic documents that address what the terrorists say warrants targeting for "blasting and destroying" (their words, not ours).   That list includes: 

In view of this list should anyone have been surprised that the recent attacks included the Glasgow airport? Should it be any surprise that previous terrorist attacks, or plots, have focused on a school in Breslan, Russia; U.S. embassies in Lebanon, Kenya and  Tanzania; the World Trade Center; the Pentagon; the Federal Center in Miami; Ft. Dix in New Jersey? After all, they are all on the target list. 

The Times article had an interview with the owner of a nightclub in Hollywood.  This individual said he "doubted" that Hollywood clubs posed as much of a risk as other targets.  He cited the small window of time (only three or four hours) when there were a lot of people present at the clubs.  Therefore, he apparently concluded that no terrorist would target nightclubs in Hollywood. In years of analyzing terrorists, I have never seen a terrorist group deterred because there was only a three or four hour window of opportunity to attack each night. 

The Times also interviewed a former doorman who was supposedly opening a new club in Hollywood and who was, according to the newspaper, "skeptical" the neighborhood would be targeted. As near as can be determined from the article, his skepticism was based on the fact that clubs in the area were relatively small with no more than 600 people.  The former doorman was more concerned that enhanced security might cause congestion and adversely impact on business. 

Instead of focusing on club owners, with no expertise in terrorism,  it might be more relevant to look at the terrorist target lists and examine the terrorist's past practices.  This is the dilemma:  Using the rationalization of these nightclub owners, none of the nightclubs in London, Madrid and Bali should have been attacked. Yet, they were.  The attacks took place within the same time window of opportunity and all were all in clubs with less than 600 customers.   

Given the target list, a more relevant question might be:  Would radical Muslim extremists view a nightclub in Hollywood as a place that might be "immoral" and/or a "center of sin"?  Or would it just be an amusement center?  Oops.  That would still make it a target, but in two separate target categories. 

What about the belief that since many nightclubs only have a few hundred clients no one would bother.  If the only terrorists carrying out attacks were the major cells of al Qaeda then that might mean their priority would be elsewhere, for a bigger, more spectacular target.  But experience shows that these places are considered "free targets" and the "home grown" terrorists, which are emerging as a major threat, are encouraged to strike such targets at any time.  I personally have been in one of the nightclubs in Bali that was bombed, and had a former colleague injured in the terrorist attack there.  There were only a few hundred people in the club at the time of the attack.  Having a clientele of less than 600 is not a criteria that will cause all terrorist groups to take a nightclub off their target list. 

So, the 2003 attorney general's list, albeit dated, is not totally out-of-line but it is hardly a complete list of potential targets for home grown terrorists in California in 2007.  Nightclub owners in Hollywood, elsewhere in the United States, and around the world should be considering security measures that can enhance the protection of their clientele. 

As society, most people want to feel safe in places we most often frequent.  But if we are inconvenienced or delayed in anyway, we seem ready to foreget security and safety.  The ex-doorman was right on that count.  When the Transportation Security Administration was created, and airport security protocols were created, there was an uproar.  It resurfaces from time-to-time, but the truth is that most people have now come to accept airline screening as the way it has to be in order to try and protect themselves from terrorists.  That same formula might have to be applied for some other potential targets. 
 

Rather than rely on doormen who worry only about congestion and blow off the terrorist threat, a better approach might be to realistically deal with this potential threat.  There are a number of actions that nightclubs, shopping centers and malls, amusement parks, zoos and other businesses should be taking.   This might include enhanced physical security measures.  It might also include barriers.  It most certainly would include education on the threats.  The better employees and the public understand the threat, the more likely they will be alert, overcome stereotypes and report truly valid suspicious activities.  They will also come to better appreciate why certain security measures are necessary. 

BSSG can help businesses to build an effective, efficient but reasonably priced program that truly fit the threats and risks.  Regardless, whatever is done should be a management decision based on a credible knowledge of the risk rather than guesses and speculation. 

Gas Pipeline Security Gets Attention in New York - Is Anyone Else Listening? 

In the wake of an alleged plot by four men with radical Islamic terrorist ties to blow-up a fuel pipeline linked to John F Kennedy Airport, some New York lawmakers are pushing for increased security for all pipelines and storage facilities. 

The airport incident highlighted some major vulnerabilities.  In New York, for example, the Public Service Commission, the state utilities regulator, has only a brief mention about security in its regulations.  That comment simply requires that exposed pipelines "be reasonably protected."  As a result, security has not been something that garnered much attention.  The recent JFK incident has spurred a new look by some in New York. 

Lawmakers and some residents of Queens, for example, have been complaining that an exposed natural gas pipeline that KeySpan is constructing over the Grand Central Parkway is vulnerable.  It runs across a transit rail bridge above the parkway.  After complaints and expressed concerns, KeySpan said the pipeline is safe but, nonetheless, they subsequently announced they are constructing a 10-foot high fence, topped with barbed wire, around the pipeline to "secure the site and prevent intrusion."    

Some just proposed legislation calls for regular assessments by the state, and fees and penalties if security improvements are not implemented. Lawmakers have also called for security review of the pipelines owned by Buckeye Partners, the company that ran the pipeline at JFK airport.  Buckeye has said that it has reviewed safeguards for more than 5000 miles of pipeline in 18 states and the company spokesmen said that, historically, most of the problems were caused by contractors who accidently dug up the pipeline.  Buckeye's concern was that increased security would cost the company more and Buckeye insisted it would pass those costs on to the consumer!  

It is the same old, tired pattern.  Companies do not want so spend money on security and state regulations are outdated.  Legislators and regulators wait until there is an incident in their locale and then they react by proposing what should have been done to prevent the incident in the first place.  New York got a wake-up call, fortunately before anyone was killed or injured, and some legislators and residents are trying to push it into a secure posture for pipelines.

New York seems to be alone in trying to be more pro-active on pipeline security but they are, admittedly, reacting to a clearly illustrated threat.  Other states could be even more forward thinking and could learn these lessons without waiting for an incident to occur within their borders but so far that is not happening.  Hopefully legislators and regulators in more states, the Department of Homeland Security, Environmental Protection Agency and citizens will join to put pressure on companies to enhance security.  Hopefully, too, there are a few pro-active companies out there that can see the value of a third-party assessment and will take the initiative to demonstrate a concern for security and safety, and a desire to help shape security guidelines before they are compelled to comply with something that is imposed from without in a knee-jerk reaction to an incident. 

BSSG has the expertise necessary to conduct a quality third party risk assessment that includes recommendations on reasonable and effective security measures, if needed. 

• Requests for specific specialty training, including odd inquiries that are inconsistent with recreational diving.
• Requests to learn advanced skills that can be associated with swimmer attack training, including training with re-breathers, deep diving, conducting "kick counts" or receiving navigation training.
• Rapid progression of diver training and certifications, particularly if the training is routinely attended by the same students.
• Training routinely conducted between the same two or three individuals.
• Training sponsored by groups or agencies not normally associated with diving.
• Training given by instructors who do not advertise and appear to have little means of visible support, especially those with a history of extremist views.
• Training conducted in remote or atypical locations or restricted areas.
• Threats, coercion or attempts to bribe trainers for certification. 

Strange, unusual or suspicious attempts to purchase specialized marine equipment may provide indication of pre-operational activity.  Other equipment related indicators may include:

• Individual purchases of common gear in excessive quantities.
• Attempts to rent advanced gear without required certifications or attempts to rent gear that is inconsistent with the stated purpose of the diving report.
• Volume purchasing inquiries related to Swimmer Delivery Vehicles (SDV's) and Diver Propulsion Vehicles (DPV's).
• Exclusive purchases of darkened gear or after market painting.
• Attempts to purchase large magnets, large diameter PVC pipe or empty compressed gas cylinders or theft of same.
• Attempts to purchase advanced gear such as re-breathers or other equipment used in mixed gas diving by individuals who appear to lack expertise in the use of the equipment.

Logistical planning for swimmer related terrorist attacks might include:

• Groups of individuals, especially those with no visible means of support, sharing a common address near the water.
• Attempts to take diving equipment, particularly advanced gear, without the required certifications on commercial flights.
• Cash purchases of small boats or personal watercraft from private individuals.
• Invalid or unusual explanations of visitor, employment or student status.
• Employment attempts at diving equipment dealers or rental shops.

Unlike the local diving instructors, BSSG has expertise in international terrorism and in radical Islamic fundamentalist terrorism and we believe the FBI was completely correct in trying to to get diving schools to be alert and report suspicious activities.  Perhaps what was lacking is the education and awareness training to put the threat in perspective.  If we could thwart a terrorist attack before it occurred, it would all be worthwhile.  Our government agencies, news media and citizenry will all have to do a better job before that is likely to occur. 

In 2003, the State of Colorado Resource Mobilization Working Group began developing state standards for individual resources and, specifically, Type 3 Incident Management Teams. The Type 3 Incident Management Team Subcommittee of the Working Group agreed to use the National Park Service task books and guidelines as a template, but made some necessary modifications for the state program. The documents created from this process provide guidance for the establishment of minimum standards for incident personnel using these "All-Risk" task books and standards.

Personnel, who are certified in a National Wildlife Coordinating Group (NWCG) position prior to the implementation of this guideline, may retain that certification and carry it over into the Colorado system. To qualify in any other state positions, the individual must meet the standards identified in the new document. New NWCG position certifications can be used for most Colorado positions with the exception of Command and Operational positions outside of a wild land fire incident. 
 
This initiative is designed to:

• Strategically locate trained teams throughout the state.
• Provide for the interim management of an incident until arrival of Type 1 or Type 2 team.
• Prepare team personnel for all-hazard incidents.
• Deploy management personnel when local jurisdictions are overwhelmed, or when an incident goes on for a prolonged operational period.
• Allow requests for single team resources but not necessarily the entire team.

With the publication of these guidelines, the standards established in this guide are to be met by all participating agencies and organizations that choose to certify individuals and teams within the Colorado system. Individuals who have begun the process of qualifying for a position under NWCG guidelines may continue to use those standards and they will be accepted by the Colorado system. Additionally, any individual who has begun the evaluation process need not take any newly required course(s) for that position. No local agency is required to use these standards or qualifications to manage their own incidents.

For more information on this program please contact Matt Coldwell at the Colorado Division of Fire Safety.  Hi email address is:  matt.coldwell@cdps.state.co.us 

 More Information

The World of Industrial Espionage

Motorcycles Increasingly Used in Crimes in Metro Manila 

Crime in Metro Manila remains high despite assertions by the Philippine National Police (PNP) that they have been able to lower crime in the city and have the crime statistics to prove that.  According to the PNP, homicides/murder, kidnapping, carjacking, armed robbery and drug abuse, have all waned thus far in 2007. The citizens and victims of crime are not so sure. 

However, there is one area where everyone agrees the criminal problem seems to be on the increase.  In the past couple of years, the motorcycle  has become more and more affordable in the Philippines.  More people have motorcycles and, as a result, the motorcycle has become a increasing part of the crime scene in Metro Manila.  It is, of course, especially useful to criminals who want to elude the police and is the most effective vehicle used to escape the scene of a crime and get through the heavy traffic that usually clogs the city. 

Some recent uses of the motorcycle include the assassination of the Abra province congressman.  His assassins used the motorcycle to arrive, shoot him and escape after the assassination.  The same thing happened when a German national was shot and killed during a dispute in Manila last month, and a Japanese national who was killed this month after a payment dispute in a nightclub. 

When a PNP Colonel was kidnapped and tortured last past week, his supposed assassins blocked his vehicle in Quezon City, using a motorcycle.  Fortunately he was able to escape before his assailants could kill him. 

Armed robberies and simple " mobile phone snatching" or "bag snatching" are also rampant and thieves like to use a tactic where the motorcycle has a passenger riding on the back and veers up on the sidewalk to make the snatch.  The motorcycle is then driven back into the street and provides a fast means of escape.    Last year, the relative of Philippine President Gloria Arroyo, a college student in one of the famous schools in Manila, was killed after he tried to resist when his mobile phone was snatched.  The killer/thief was riding the motorbike and escaped. 

During the recent local and legislative elections, there were multiple grenade throwing incidents in Metro Manila, and in other parts of the country especially in Mindanao.  Most of the incidents involved suspects who were riding on a motorcycle and easily escaped. 

Because of the increasing and alarming number of crimes related to motorcyclists riding tandem, the Metro Manila Development Authority (MMDA) has proposed that all motorcycle riders should have their helmets that reflect the motorcycle plate number they are riding on so they can more easily be identified when traveling.  Naturally, this is opposed by the Motorcycle Riders Association/Club in the Philippines because they maintain as this approach will only be abused by the police and will lead to more corruption on the part of  law enforcers. 

Air Conditioned Buses Face Increased Robberies 

During the months of May and June of 2007, armed robberies increased on public transportation, especially the air conditioned buses, vans and even jeepneys in the Metro Manila area, especially in Makati City. 

Just a few weeks ago, a bus from Makati City was held up by five armed men and their armament included hand grenades.  After seizing all the passengers valuables, they got off in Quezon City.  A few days later, a Deputy Chief of the PNP was driving a passenger van in Makati, to make some extra money, and he was shot and killed by robbers. 

Because of the increase in such incidents, the Makati Mayor has encouraged bus operators that are bound for Makati City to install a mobile security alarm that can signal the PNP when there is a robbery inside the bus and many Filipinos are foregoing air conditioned buses to avoid being a target.  One of BSSG's staff in the Philippines was recently on an air conditioned bus where the passengers were robbed and now refuses to take an airconditioned bus. 
 

Extortion and Revolutionary Taxes 

Meanwhile, the militant arm of the Communist Party of the Philippines, the New People's Army (NPA) as well as other criminal and terrorist groups, continue to attempt to extort money from businesses throughout the Philippines.   

In Mindanao, several Weena Company buses have been bombed this past month and several people killed and injured because the owner has refused to pay protection money.  A group affiliated with the Moro Islamic Liberation Front is suspected of carrying out the attacks. 

In Manila, Globe Telecom said it continues to suffer from bombings of their various remote cell stations.  A Globe Telecom spokesperson said the NPA was behind the bombings and destruction. Several weeks ago, the NPA bombed and destroyed the Globe Telecom Cell Station in Masbate, which was only the latest in a score of attacks.  Other cell phone companies, hotels, movie stars, politicians, doctors and dermatologists have all reported the NPA had been demanding a "revolutionary tax" from them to avoid being attacked.  

The security situation in the Philippines remains a major concern.  BSSG has the expertise and capability to assist you in protecting your resources and personnel in the Philippines.  If you want to get regular updates on the security situation in the Philippines, contact BSSG to be added to our special alert list. 

THE IMPORTANCE OF CONDUCTING COUNTERSURVEILLANCES 

The terrorist incident at JFK Airport highlighted some of the vulnerabilities and short-comings of security at JFK, and, for that matter, many airports in the United States and internationally.  It is now evident that the terrorists began their plot in a very traditional manner:  trying to gather intelligence, to include taking pictures and conducting surveillances of, key potential targets on the airport, such as the fuel pipeline and storage tanks. 

It is disturbing that terrorist plotters can conduct these surveillances and take photographs without anyone ever spotting and reporting them.  The first deficiency that flows from this lack of detection is that airport employees were are not properly trained on how to detect suspicious behavior and on the means for reporting that behavior (education and awareness training and anonymous reporting).  The second deficiency that emerges is the fact that airport security is not conducting effective countersurveillances that focus on detecting anyone that appears to be casing or surveilling airport infrastructure (what we call Red Team countersurveillances). 

One thing we know from terrorist training manuals and our experience from real incidents is that terrorists conductsurveillances as a part of intelligence gathering to support planning their attacks.  We know the 9/11 terrorists conducted surveillances and dry runs.  We know that the terrorists who were casing Citigroup, the New York Stock Exchange, Prudential headquarters and the World Bank took more than 500 pictures and conducted hours of surveillance as they wrote up their targeting reports.  The terrorist surveillance teams, for example, sat for hours at a Starbucks, adjacent to the Prudential headquarters, and took pictures and made maps and drawings.  They also took pictures of security posts and security cameras.  No one ever reported someone taking suspicious pictures and, obviously, there were no Red Team countersurveillance teams specifically looking for such behaviors. 

Recently, the author talked with individuals who had walked the perimeter fence of the Tampa International Airport, right up to where the fuel line runs near the fence line, and were never approached by police or security elements.  The same occurred at the edge of the runway in the Denver International Airport.   

We can learn something of how terrorists think from the terrorist's own notes recovered when authorities carried out raids of the terrorist's safe house.  Cases the author is personally familiar with include the November 17 Group in Greece, the Red Army Faction in Germany, and al Qaida affiliates looking at the World Bank headquarters in Washington, D.C.  From the terrorists own words, and notes, we learn that terrorists usually conduct surveillances.  Their notes revealed that when they saw heightened, unpredictable, quality security measures during their surveillance and intelligence gathering, they were inclined to change their targets (that is what we call target deflection).  We also know, from their own notes, that they fear a professional counter surveillances will detect them during their intelligence gathering and pre-empt their plans. They are always alert to the surveillance and countersurveillance of counter terrorism elements. That tells us that countersurveillances can cause terrorists problems. The lesson is that terrorirsts and criminals can often be deterred by effective, comprehensive counterterrorism measures. It is worth noting that the al Qaeda training manual specifically recommends postponing a terrorist attack if a pre-attack surveillance determines security measures have substantially changed or have been improved since the initial intelligence was gathered and on which the planning was based. The manual goes on to note that operational success is very important and that it may be wise to postpone the operation and re-plan it rather than risk its failure.

A compressive approach to protecting a resource can produce results and a professional Red Team countersurveillance is one of those important components in a comprehensive, pro-active asset protection/anti-terrorism approach. 

BOMBING FUEL PIPELINES AT JFK AIRPORT 

The early planning for this latest terrorist targeting of fuel lines and fuel tanks at JFK airport may not have been entirely sound, but we must remember this was at the early stages of a proposed operation.  We should not gain any special comfort by knowing that igniting fuel is not necessarily as easy as it sounds.  The lesson learned is that it should be very apparent that terrorist targeting of these key infrastructures is going to occur and that the terrorists are looking for targets which have the lowest levels of effective security protection. This is an important lesson for the United States to learn if it is to effectively protect itself from terrorism or even other threats. 

The military targeting community has known, for a long time, the principles that al Qaida and affiliates are using.  In fact, their approach is very similar to the U.S. military targeting approach except that the U.S. military actually tries to avoid targeting innocent civilians and collateral damage.  When conducting targeting for the U.S. Department of  Defense, the author learned that assets connected to Petroleum, Oil and Lubricants - or 'POL' as it is known to targeters - were a high priority.  The rule was to identify and promptly target POL assets in order to assist in disrupting enemy operations.  Fuel is an essential item in any military operation or any Homeland Security approach.  Fuel is necessary for our Air Force aircraft, our Army tanks and Humvees, and for our naval ships to be able to operate in home waters and the Persian Gulf.  It was the need for refueling that put the USS Cole in the terrorist crosshairs in Yemen.  Even hurricane prompted emergency evacuations depend on a supply of fuel for the vehicles carrying the evacuees which is why the state of Florida requires gas stations along emergency evacuation routes to have back-up generators so they can continue to operate in a crisis and help get people out of the danger area. 

This means that fuel depots, refineries, pipelines and storage tanks are all potential targets of our enemies, to include the radical Islamic terrorist.  You can bet that the fuel assets at JFK Airport are not the only POL related assets that terrorists are targeting.  Since the United States imports so much of its oil and fuel, it is also important to add port security concerns to fuel and pipeline security concerns. 

BSSG, with offices in Florida and the Philippines, is especially aware of the vulnerability of our ports.  The United States intelligence/law enforcement community missed picking up on the pseudo pilots who were training in the United States so they could fly airliners into targets.  We pose a question:  Are we missing the Middle Eastern males who are now training in scuba diving and who may be undergoing the training so they can target our ports including Liquid Propane Gas tank ships, pipelines and storage tanks in the ports?  We hope the intelligence community and law enforcement are better prepared these days and are taking pro-active measures to identify potential problems ahead of time. 

Right after 9/11, sources in Nebraska contacted the director of BSSG to say that some Middle Eastern looking individuals had come into the local gas company office to try and obtain the plans for the location of the natural gas pipelines in the region.  In the past, of course, the major threat to gas lines was an accidental rupture when someone dug in the wrong place.  For that issue, it was smart to let people know where the lines were buried.  It should be apparent, that threat has changed and we have to think differently.  Hopefully the response by the gas company employees and law enforcement would be better and faster now after the JFK plot but POL related products will be targeted.   

Institutionalization of ICS in Colorado

With a little over 20 months under the belt with regard to the new all hazard curriculum of the Incident Command System (ICS), it is apparent that many of the woes experienced by the wildfire community 30 years ago are starting all over again. The transition from compliance standards to performance standards is always a difficult one.  Colorado has become a leader in the National Incident Management Systems (NIMS), in many ways, and the pressure is greater in Colorado to make this transition to performance.

The announcement that the Democratic National Convention coming to Denver in 2008 has created an interesting dynamic. By 2008, unlike in 2004, the state will have had about five years of doing NIMS/ICS training. And, unlike some of the other "National Security Special Event" (NSSE) locations, (Washington D.C. and the inauguration of the President or the Super Bowl that is handled by a couple of NFL cities on a fairly regular basis) Denver's last experience with the DNC was more than a century ago, in 1888. It's safe to say that the security plan for that event will not be of much help. Sure Denver has hosted the Pope, it has hosted the Summit of the Eight Conference and a National Basketball Association All Star game, but this time we are talking about an official, full-scale NSSE controlled by a Federal level agency, as directed by the Department of Homeland Security. There is an implied expectation that all those Homeland Security dollars invested on backfill and overtime to instruct ICS and other Weapons of Mass Destruction (WMD) related courses will now pay off. The return on investment test will be in the late summer of 2008. 

Will Denver be ready?  Only if there is a true and complete institutionalization of the Incident Command System, across jurisdictions and disciplines. It is understandable that highly traditional first responder organizations have the most difficulty coping with the change. Dealing with change is always difficult.  However, the only barometer that really counts in the ICS game is, how many of your citizens or responders were hurt or killed after leadership begins to a make Incident Management decisions. That is always a difficult issue to deal with. An equally difficult and seldom posed question is- What is the acceptable number of citizens that can be hurt or killed just so a traditional first responder organization can be maintained in an era of change? Is it 10, or 50, or no more than 100? I'm sure fire and police chiefs, mayors and city council members all over the country would say the acceptable number is zero. Yet, there is a reluctance to change to a proven, mandated and paid for system (thank you DHS) like the Incident Command System because there are a lot of egos out there and everyone seems to think their turf is the most important thing to protect.   

For the Mile High City the clock is ticking to the big event and every day that goes by without real and true institutionalization of ICS brings the first responder community in and around Denver, Colorado a day closer to the world spot light, the microscope of DHS and the scrutiny of the national media.

The World of Industrial Espionage

Time to Re-Institute the Tempest Program? 
 

During the Cold War, the United States was very concerned about the ability of its adversaries to gather intelligence by reading what was being typed on computers.  It was determined that computers emitted a signal that could be captured and used to reconstruct key strokes.  There were other emanations as well. 

The counter this technical interception, the United States and its allies adopted a Tempest program to shield and otherwise protect computer systems that were processing the most sensitive classified information.  Business and industry also had to consider how to protect themselves.  But, in the wake of the Cold War, interest in protecting computer systems from reading key strokes has diminished. 

In the 21st Century, Industrial Espionage is a major threat to businesses.  Estimates are that Industrial Espionage costs businesses between US$150-300 billion as companies and nations spy on businesses and steal their trade secrets to gain competitive advantages. 

Today's computer systems are very different from those used during the Cold War but old spies never die, they just change their game. 

Industrial Espionage practitioners in Israel and Germany are now offering a relatively low-cost device that can once again capture the key strokes by reading the emanations.  The difference is that now the emanations come from wireless keyboards and from the cable between a computer and a flat screen monitor.  Sitting a hundred or two hundred meters away, business spies can read everything being typed on a company's computers.   

It may be time for a new Tempest program for business. 

This latest development is just one more indication that Industrial Espionage continues to pose a major threat to businesses and it is important for businesses to have a comprehensive Counter Industrial Espionage program that matches their risks.  For large or small businesses, domestic or foreign locations, BSSG has experience in helping you develop an appropriate Counter Industrial Espionage program.  If you have questions about your industry and want to know how Industrial Espionage can affect you, get in touch with us. 

MENG was released on a $500,000 bond and was the target of a two-year investigation involving the U.S. Attorney's Office, the Federal Bureau of Investigation (FBI) and the Department of Homeland Security.

This is just one more example of the substantial threat companies face from individuals who may have legitimate access to trade secrets but are willing to conduct espionage for or on behalf of others.  BSSG has considerable expertise in developing a comprehensive Counter Industrial Espionage program that includes a risk assessment, policies and procedures, education and awareness, a reporting and analysis approach, enhanced physical security measures and special technologies, including IT security measures.

Philippines Continues to be a Kidnap/Ransom Center 

More and more kidnapping for ransom incidents have emerged during the past month in the Philippines. Here are just a few examples: 

On May 31, 2007, two individuals of the "Laguna Clan," July Peneverde and Rolando Alarma , were arrested in Barangay Liabac, Real town, Quezon City.  The two were among the seven members of the so-called "Lagalag  or Laguna Gang" who managed to flee after a kidnap victim, Gina Brosas, was rescued during a botched payoff in Nagcarlan town earlier in the day. The suspected gang leader, Jacinto Peneverde and  an associate, Rolando Lubi, were killed during a shootout with Philippine National Police (PNP). The Lagalag or Laguna Gang were a kidnap for ransom gang that operated in the Metro Manila area and had become a high priority for police. 

On June 1, 2007, several Indian-Filipino businessmen complained that they had faced kidnapping and extortion from a variety of law enforcement personnel, including those from the Criminal Investigations Command.  The business-men wanted to remain anonymous out of fear but said they could not find anyone in the law enforcement community or local government that could be trusted and were not involved in the kidnapping business in some way or another. 

On June 3, 2007, a joint team made up of members of the PNP, Armed Forces of the Philippines, local government officials and members of the Moro Islamic Liberation Front  (MILF) managed to rescue a German businessman, his Filipino American wife and two Filipino friends.  They were all abducted by armed men in Pikit, North Cotabato on May 31. According to authorities, in spite of travel warnings, the German National went to the Pikit area to buy raw materials for a business he runs in Parang, Shariff Kabunsuan.  The group initially went to Davao City, then they went to Kabacan, North Cotabato where they were supposed to meet a local guide identified only as "Ed."  Near the Pikit area, a band of armed men blocked their vehicle and took the German National, his wife and the two others into a near by forest area.  The kidnappers later abandoned the victim's van in Barangay Batolawan in Pikit. A military team recovered the vehicle.  The victims said they were not harmed and no ransom was paid to the kidnappers. The gunmen, however, took their cellular phones.  PNP officers said the guide, known only as "Ed" was a prime suspect and probably set the group up. 

On June 3, 2007, a Chinese-Filipino family alleged that members of the Philippine National Police (PNP), who initially tried to claim they were immigration agents, supposedly kidnapped three members of the family in Sta. Cruz, Laguna.  The family members say they were released after they agreed to pay P100,000 ransom to the PNP officers.   

These examples highlight the kidnap-for-ransom/extortion (KRE) issues frequently faced in the Philippines.  Kidnapping/ransom/extortion activities appear to be on the increase again in the Philippines and have expanded beyond just the Chinese element of the Filipino-Asian community.  It now includes the Koreans, Japanese and Indian business people and even some Americans. Part of this is because the Asian community has made itself the ideal victim. They do not file any complaints and they pay the ransom. No small wonder that kidnapping for ransom within the Asian community in the Philippines is on the rise. The lesson here is if you adopt the Ostrich's head-in-the-sand approach, you will pay the price.

It is important for businesses operating in the Philippines to understand the KRE threat and prepare their personnel for how they want them to deal with the issues.  Personnel should also know that some aspects of the threat involve the police/local authorities (e.g. the local mayor) and it is important to have honest, credible security personnel who know the truly honest police officers and can properly liaise with police without raising the risks.  Additionally, when you go out and hire a local contact or guide, or meet a female suitor who invited the individual out to meet her family in the provinces, those individuals might be conspiring with police and local authorities to extort money.  Your security measures should take that into account. 

Finally, security providers should be trained in escape and evasive driving (at least two of the incidents described above could have been prevented with a security driver) and with security consulting skills that mean you are exceptionally careful when going to scheduled appointments or activities or establish a travel pattern.  It is important to continue to monitor the threat situation in the Philippines and coordinate travel with security experts.  If you want that kind of high quality and effective support in the Philippines, contact BSSG. 

CAMEO- A great tool for the Planning Section in ICS

Incidents involving hazardous materials are often extremely dangerous.  The incident can produce vapor clouds that are toxic, they can create violent explosions and fires, or they can spawn other hazards to people or our environment.

One of the dangerous parts of a firefighters' job is to respond to an accidental or intentional release of a hazardous material. To safely mitigate a hazardous materials release, firefighters must be able to access accurate information quickly. The chemical must be identified.  As soon as that is accomplished, the responders need to know the resulting health hazards and the appropriate protective clothing they need to wear.  Firefighters and responding personnel need to identify all the equipment needed. If the material released is involved with fire, the following questions must be answered:  Can water be applied and if water is applied what type of reaction will occur? How large an area will be affected or how many people will be affected? These are just a few of the critical questions that must be quickly answered in the event of a hazardous materials incident. There are thousands of chemicals manufactured, stored and transported in the United States so the amount of information needed is voluminous.

To help firefighters respond to hazardous material releases safely and plan for hazardous material releases, a program titled "Computer - Aided Management of Emergency Operations (CAMEO)" first became available nearly 20 years ago. CAMEO is a system of software applications used to plan for and respond to hazardous chemical releases. The system integrates a chemical database of more than 6,000 chemicals and an air dispersion model, and a mapping capability. Information can be obtained quickly when an accidental or intentional chemical release occurs using this program. Firefighters also have the ability to use this program to track the location of manufactured, stored chemicals, and those being used.  They also have a listing of all sensitive locations such as schools, nursing homes, day care centers, hospitals and facilities considered a part of the community's infrastructure that are in the vicinity of the release site. The program has now been expanded to include weapons of mass destruction -- chemical, biological, radiological, nuclear and some conventional explosives.

As an operational tool in the situation unit and in the planning section in Interagency Command System (ICS), the CAMEO suite can be applied with a Geographic Information System (GIS) program.  GIS is a program that can be used to assist in developing alternate strategies and can also help technical specialists in their analysis and discussions with incident commanders. CAMEO can also easily create reports dealing with the reactivity of chemicals and population estimates that can be shared with the documentation unit in the planning component of the ICS structure.  It can also provide important information that can be used to create Incident Action Plans.

The bottom line is that the latest versions of CAMEO can be an invaluable tool for dealing with an all hazards incident.  In the right hands, such as those of a trained individual in the planning section, CAMEO can streamline the flow of information necessary to effectively deal with the all hazard implications of an incident.

The World of Industrial Espionage

China is Overwhelming U.S.

According to U.S. counterintelligence/

counterespionage experts, the People's Republic of China is the source of the most substantial industrial espionage threat and is conducting industrial espionage with so many resources that it is overwhelming the U.S. government's counterespionage capabilities.

Joel Brenner, the top counterintelligence official in the office of United States Director of National Intelligence Michael McConnell, says ``the Chinese are really making a run at us.''   His office said that some 140 foreign intelligence services are trying to spy in the United States.  But it noted China was the most aggressive. He described China's activities as most "troublesome" and noted the Chinese spying efforts were "intensifying."

According to Thomas Donohue, president of the U.S. Chamber of Commerce, the U.S.'s largest business organization, U.S. companies -- in fact, companies from any country -- face an "uphill" battle protect sensitive business information, especially if they took any business secrets to China.  When talking about taking trade secrets to China, Donohue said: "If you're going to make a huge move towards innovation, well, get ready, in this system, to lose it because somebody's going to steal it."

While agencies such as the FBI and CIA are occupied with radical Islamic terrorism, wars in Iraq and Afghanistan, and preventing U.S. government secrets from falling into the wrong hands, companies doing business in China are especially vulnerable to losing their trade secrets.

U.S. businesses are paying particular attention to the first industrial espionage civil law suit brought in a Chinese court.  The suit was filed by Intel Corp., the world's biggest semiconductor maker.  In the lawsuit, Intel alleges that Shenzhen Dongjin Communication Tech Co. Ltd. illegally used Intel's software, which Dongjin had obtained through a third party, for network communication cards in its own products. Shenzhen Dongjin has countersued, accusing Intel of being an illegal monopoly.

But while companies are most vulnerable inside China, industrial espionage is also occurring within the United States. Here are several of the most recent cases involving a Chinese-based  industrial espionage:

Between August and December of 2005, a DuPont Company chemist, Gary Min, admitted obtaining information on company products, including materials used in airplane construction, which is supposedly valued at nearly $400 million. The charges say that Min downloaded nearly 22,000 confidential abstracts from DuPont's ectronic library. The documents included information on all DuPont's major product lines as well as emerging technologies. Some of the searches focused on Vespel, a synthetic resin used to coat car, airplane and oil pump parts, and Declar, a plastic material used in the automotive and energy industries and in airplane interiors.  Authorities report that when they searched Min's Grove City, Ohio, home, they found computers containing confidential files, garbage bags filled with shredded company documents and the remains of DuPont papers that had been burned in the fireplace.

In  Santa Ana, California, engineer Chi Mak, employed by L-3 Communications Holdings Inc.,  was accused of industrial espionage and stealing national defense information since 1983.  Authorities say that Mak, his wife, brother, sister-in-law and nephew were all involved in the spy ring.  Court papers say that Mak copied submarine related data from L-3's Power Paragon unit onto compact discs and enlisted other family members to encrypt the data and smuggle it to China.  Mak admitted sending information to Chinese intelligence on technology, including the radar systems of Aegis cruisers.

It is important to understand that Industrial Espionage is not just James Bond stuff.  It is real and it is costing companies billions of dollars every year.  Every company that has trade secrets should have a plan for countering industrial espionage and competitive intelligence.  BSSG has assisted some of the smallest and some of the largest companies in the world in developing or enhancing their counter industrial espionage program.  Contact us to learn how we can help you to protect your business secrets in China, in the United States or around the world.

Philippine Election Violence Continues

Colorado Springs Makes Major Commitment to ICS

Since the beginning of this year,  the City of Colorado Springs and several other nearby entities have undertaken a true "get serious approach" to using the Incident Command System (ICS).  Colorado Springs is using ICS both  within the city and within the region.

During the month of March alone, Colorado Springs, and neighboring jurisdictions, have sent more than 100 participants to a new advanced course on ICS Forms, Plans and Position Checklists. This workshop is not a mandated course with either grant penalties or overtime incentives from the Federal government, yet Colorado Springs saw the value of the training and made a commitment to get its people trained.

 Participants have come from the Fire Department, Police Department, City Utilities, Code Enforcement, Dispatch and the Office of Emergency Management. The course, which has been approved by Colorado Peace Officers Standards and Training, is an all hazards approach to making the plans section function and produce a written Incident Action Plan. This is one of the most important features of ICS during large, expanding incidents. The workshop, created by Homeland Security Analysis and Consulting, has been extremely well received in southern Colorado and has also been put on for The U.S. Army's Fort Carson Colorado's Garrison Command, which is also located in Colorado Springs..

During April, the Colorado Springs Office of Emergency Management is hosting the two-day Command and General Type 3 workshop which was developed by Type 1 Incident Commander Marc Mullenix.   Mr. Mullenix teams have been deployed to numerous wildfires and have an impressive all hazards track record that includes responding to 9/11,  Hurricane Katrina, the shuttle crash recovery and, most recently, was called in to assist the State of Colorado during this winter's snow emergencies in the southeast corner of the State of Colorado.

A study by the IT Policy Compliance Group came up with some interesting statistics.  According to their study, which involved surveying a number of businesses of varying sizes and types, 68 percent of all companies lose valuable and sensitive data at least six times a year.  No company avoided losses entirely and the 12 percent with the least losses still had  lost sensitive data at least twice a year.

Depending on what that sensitive data was, its loss could have had a major impact on a, company's financial bottom line.  One company this author has tried to help protect its sensitive information,  had a court rule that the loss suffered in just one industrial espionage incident was valued at more than US$1 billion. 

One medium-sized U.S. company said they had measured the value of their most sensitive trade secrets based on their competitive advantage and they determined their trade secerets were worth at least US$500 million a year to their bottom line. What that means is that even one or two losses could mean huge financial blow to a company.  Six or more losses almost certainly translates into serious damage.

Clearly many companies have a ways to go in protecting their trade secrets and sensitive intellectual property.  BSSG has considerable expertise in countering industrial espionage and protecting trade secrets.  You can learn more about industrial espionage and other threats to business by attending the 2007 Business Continuity, Security & Crisis Management Seminars on May 22-23, 2007 at the InterContinental The Barclay in New York.  Bruce Wimmer, of BSSG, will be the speaker on Countering Industrial Espionage & Cybercrime.

Upcoming Elections in the Philippines

Last month, the Analysis Brief covered the higher risk during the period leading up to the May 14 elections in the Philippines.  In that article we talked about some things that have regularly occurred during the history of elections in the Philippines.

During the past month, a number of those predictions have come to pass.

The Philippine National Police (PNP) have asked the Commission on Elections to declare Masbate province (in Visayas region) as election "hot-spot" and one that warrants special security measures.  Late last month a local mayoral candidate was ambushed in a convey with some of his supporters.  The mayor was wounded but survived.  Two of his supporters were killed in an attack.   A PNP- Special Action Force was deployed in the area and the unit was attacked by members of the New People's Army (NPA).  One PNP officer was killed and five others were wounded in the clash.  The PNP have said that some of the politicians in Masbate province have agreed to pay the NPA to assassinate some of their political rivals.

The New People's Army is categorized as a terrorist group by the U.S. and Philippine governments.  It is the militant arm of the Communist Party of the Philippines and has regularly smuggled and sold drugs, kidnapped for ransom and hired out its hit teams to corrupt politicians and business people to kill their rivals.  The attack on the Masbate provincial candidate for mayor is typical of these attacks and warranted a stepped up response by the PNP but the PNP is frequently out-gunned by the well-armed NPA units.  Masbate province is located off the Visayas sea, about 300 miles southeast of Manila.

Earlier, an armed assailant shot dead a congressional candidate as he drove in his car in Quezon City, in northern Metro Manila.  An investigation by the PNP is underway but police believe the individual may well have been shot and killed by NPA members who were being paid by the congressional candidate's opponents.

As the election draws closer, there is good reason for the administration of President Gloria Arroyo to be concerned about the May 14 election results, especially in the Philippine Senate where Arroyo has barely managed to stave off impeachment actions last year.  There are 12 senate seats open for this upcoming election.  The most recent poll, just released, listed 13 top candidates for the 12 seats.  There were 13 names because there was a virtual tie between the bottom two candidates.  Of that total, seven candidates were from the Genuine Opposition Party/Estrada (GO-Erap) camp and are strongly opposed to the Arroyo administration and probably pro-impeachment; three more of the top candidates were affiliated with the Independent Party (IP) but also oppose Arroyo and favor her impeachment.   There were only three from the pro-Arroyo Team Unit (TU) party, but even most of these TU candidates have been past opponents of the Arroyo administration.  

The top 12 candidates during the just released poll were:

1.  Loren Legarda  - GO - opposed to the Arroyo administration

2.  Manny Villar - GO - opposed to the Arroyo administration

3.  Francisco Pangilinan - technically a GO candidate who has said he wants to run as an IP member but strongly favors impeachment

4.  Pampilo Lacson - GO - opposed to the Arroyo administration

5.  Chiz Escodero - GO - opposed to the Arroyo administration

6.  Allan Cayetano - GO, a major opponent of Arroyo and strongly favors impeachment

7.  Ralph Recto- TU, but was previously listed as an independent

8.  Ed Angara - TU, running under the Arroyo ticket but someone who has opposed the Arroyo administration in the past

9.  Gringo Honasan - IP - strongly against Arroyo administration and in jail for allegedly supporting a coup attempt

10. Joker Arroyo (no relation to the president) - IP - strongly opposed to the Arroyo administration

11.  Benigno Aquino Jr.  - GO - son of a previous president and opposed to Arroyo

12.  (tie) Sergio Osmena - GO - opposed to the Arroyo administration

12. (tie) Tito Sotto -TU, running under the Arroyo ticket but someone who has opposed the Arroyo administration in the past

This poll demonstrates that the upcoming elections could be a problem for the Arroyo administration and it remains to be seen how the government will react.  One thing is clear, now is the time for companies with staff in the Philippines or traveling to the Philippines to review their crisis management and emergency evacuation plans.  It also is a further indication of the political instability that exists and makes the entire period up to the actual elections a higher risk for demonstrations, terrorism and increased criminal acts that are traditionally associated with politics and elections in the Philippines.

BSSG has experience and expertise in monitoring the threat and developing crisis management/emergency evacuation plans.  If you have staff residing in, or traveling to the Philippines or other hot spots, contact BSSG to help you protect them.

Risk Assessment

DHS Will Use Risk-Based Assessment of Chemical Facilities

The Department of Homeland Security has released what is termed an "interim final rule" for a new security program for high risk chemical facilities.  Under the proposed rules, nearly half (up to 7000) of the 15,000 chemical plants in the United States would be required to complete an online questionnaire.  The 400 plants deemed most vulnerable to terrorism would be required to enhance their security plans. 

The new proposed rules do not require chemical plants to use chemicals that are less volatile or inherently safer, as some in Congress has asked. Nor do the rules set a deadline for changes, however, the plants will ultimately be inspected and audited.  If the plants have not improved their security they could be fined up to $25,000 a day. The new rules also will not supercede states which want to impose more stringent security and safety regulations.  The chemical industry had been hoping for standarized national requirements that would supercede some states which have imposed special security requirements on plants using hazardous chemicals.  While standardized rules would be better, if not all chemical plants will be inspected and held to the standard you cannot blame states that want to protect their citizens when Homeland Security and the EPA will not.

Homeland Security Secretary Michael Chertoff  said it was important the have a comprehensive and full idea of what the chemical-based risks were.  He said that the new guidelines would use a risk-based approach and would place the most emphasis on facilities that had the highest potential consequences.

 

The Government Accounting Office (GAO) has recently conducted and study and concluded that there is a huge risk to dozens of U.S. cities from Liquified Natural Gas (LNG), especially if the LNG is being on carried on the giant mega tankers that put into many U.S. ports.

According to the GAO study, a terrorist attack on one of the larger LNG ships could produce an inferno so large that people living within a mile of the tanker would be burned.  The level of destruction, of course, will vary depending on the size of the load, the amount of gas released, the manner of release and weather/wind conditions.  But regardless of the exact size of the fireball/explosion, a currently configured LNG tanker ship poses a major potential risk when it is in or near a port.  Trucks and trains carrying LNG potentially pose a lower risk by virtue of lower potential adverse consequences but still could cause a serious explosion.

The GAO report recommended the Energy Department do its own risk assessment and determine if some additional protective guideliness are warranted.  American citizens, who are at risk, should be demanding that.

BSSG has specialized expertise in conducting chemical risk assessments and a risk-based assessment is the best way to determine which enhancements will do the most to reduce the risk to the public.

Homeland Security Analysis and Consulting Opens Arapahoe County Based Training Room

The Democratic National Convention is scheduled to be held in Denver, Colorado in the fall of 2008. Homeland Security Analysis and Consulting (HSAC), based in the Denver suburb of Aurora, Colorado has entered into an agreement with JDS Tactical , Inc. to utilize their high tech training and simulation room to help companies and government entities to prepare for dealing with emergencies that can go with such a high profile event. The capabilities of this training room allow workshop participants to function in small teams and work through a number of scenarios based on 15 national planning scenarios as well as other tailored inputs. The training room allows interactive participation that is electronically controlled and incident management outcomes are driven by the decisions made by the teams. All of this data is run through a computer program and prompts are done through a Microsoft PowerPoint display that allows the entire class to see what is transpiring by projecting it on a giant.

HSAC will incorporate a number of factors into the training sessions that will be conducted at the facility. This includes: Consequence Management, the usage and understanding of Incident Command System (ICS), understanding the ICS forms and producing Incident Action Plans, Threat and Vulnerability Assessment modeling, the relationship between ICS and the Emergency Operations Center as well as how to use the various Incident Management Programs such as CAMEO and I-Suite.

All training conducted at the facility is 100 percent National Incident Management System (NIMS) and HSEEP compliant.

The first course - Incident Command System Forms, Plans and Position Checklists - will be conducted on April 13, 2007. This custom designed course is based on, and builds on, the concepts of NIMS and the new all-hazard curriculum. The instructors will be Colorado's most active group of Lead ICS / 449 qualified instructors during calendar year 2006.

Additionally, this first course has been approved by Colorado Peace Officers Standards and Training pursuant to P.O.S.T. course number HS0010 and is pending POST approval in 10 other states. For more information on the upcoming training opportunities contact Homeland Security Analysis and Consulting at 303-680-3274.

INDUSTRIAL ESPIONAGE IN INDIA

The following information was recently published in India and, as a result, some extremely interesting insights emerged about industrial espionage in India:

The article noted the arrest of a Videsh Sanchar Nigam Limited employee for allegedly leaking information to a competing company is one of the few cases of industrial espionage that have come to light within India.

"Only 20 per cent of corporate espionage cases are detected. Of this, a mere 20 per cent get reported and only 10 per cent can be solved," says Raghu Raman, CEO, Mahindra Special Services Group, in India.

To date there have been very few convictions in India for industrial espionage or data theft, and not a single case has been registered under Section 66 of the IT Act 2000 -- a recent online ticket booking fraud case, where airlines were duped, is  a case in point.

"In data theft cases, proving the crime is difficult. Besides, it could span across countries, under different jurisdictions, making it more difficult for law enforcement agencies," explains Vijay Mukhi, president, Foundation of Information Security and Technology in India. "Every company I meet knows they are victim of some or the other form of data theft, but are not aware of how to deal with it," he adds.

"Any corporate leveraging intellectual property rights, offering cost-effective solutions or innovative or ingenuous solutions and not taking structured measures to protect its IPR, loses 5-10 per cent of their revenues to data theft," corroborates Raman.

In India, industrial espionage (online or offline) is defined as any activity that a company carries out to obtain information about its current, potential or future competitors through illegal, unethical or immoral means. The problem is that even in the most digitalized of companies, over 70 per cent of information is still in non-digital forms.

Companies that invest heavily in firewalls and other protection measures forget that over 15 per cent of their employees are talking to headhunters and prospective new employers at that very moment, according to experts.

"We get at least one or two cases every month, besides many inquiries; our clients ask us for specific information from their competitors or send dummy interviewees to find out salary packages," says Sunil Sharma, CEO, Authentic Investigation, in New Delhi.

Ajay Jugran, Partner of Indian law firm, Lawcombine, says, "This malady is deep-rooted. It's prevalent when Public Sector Undertakings call for bids. Trading in bidding information is rampant."

"Companies are even using annual maintenance contractors to plant surveillance software in rival firms. The software gives a daily log of the data via e-mail. Corporations have not awoken to this fact despite the fact that the law (unless for national security purposes) does not permit this," explains cyber law expert and Indian Supreme Court lawyer Pavan Duggal.

Companies the world over are known to hire teams to both plant and detect eavesdropping devices. Sachit Kumar, Director of New Delhi-based Globe Detective Agency, says: "We help clients by sending undercover agents (into competitor companies). The rate of success is 95 per cent in most cases." The charges for these moles could range anywhere between Rs 30,000-75,000 per month.

Companies that have sensitive information (trade secrets, personal information, etc.) should understand the risks in India. It is worth reiterating that there has not been a conviction in India for industrial espionage. While there has been a big "hoopla" in the U.S. about the use of pretexting (note last month's Brief article on the Hewlett-Packard incident) private investigations companies in India regularly use the technique to gather information.

What was perhaps even more interesting than the facts and figures presented in the article was the feedback on the article that came from within India. Reader after reader noted the techniques described as "spying" were regularly practiced in India. Readers noted this was just business as usual in India and that such techniques were sanctioned by top management in Indian businesses.

If you are doing business in India, it is important to understand the industrial espionage threat there. BSSG specializes in tailored, risk-based programs to counter industrial espionage in a global business environment. Contact us to learn how we can help you deal with this threat.

The Philippines will hold elections for national legislators, provincial offices such as governors, and local offices such as mayors, on May 14, 2007.

There have already been at least half a dozen attacks on politicians running for office. Recently several politicians who are in opposition to the ruling administration of President Gloria Arroyo have revealed they were aware of plans to conduct bombing attacks during political campaign speeches and rallies.

The Philippines has a history of using violence and assassinations to shape elections. Criminal groups and terrorists use the elections to extort money from politicians. The Philippine National Police has stepped up protective measures but the breadth of elections means the task is daunting.  Additionally, the police have put so many resources into protecting the election process that criminals are finding more freedom to conduct robberies, hold-ups and other crimes.  Companies with personnel stationed in the Philippines, or visiting the Philippines, should encourage them to be extra vigilant during the election period.

Note that BSSG has an office in the Philippines and carefully tracks threats and trends there. One thing is clear. Travelers and visitors should be aware of the upcoming elections and should avoid rallies, demonstrations and political activities through mid-May.

Risk Assessment

CHEMICAL CORNER

During the past several weeks terrorist groups in Iraq have begun employing chlorine gas in their attacks. They have used two techniques.

One involved hijacking a chlorine tank truck and placing explosives on the trailer and then detonating them near the target, resulting in the release of a cloud of deadly chlorine gas from the damaged tanker.

Another technique involved the theft of chlorine gas stored in cylinders used for things such as water purification. These cylinders can fit into smaller vehicles and, once again, the technique was to drive a vehicle containing the cylinders near the target, detonate a vehicular borne improvised explosive device to release the deadly chlorine chemical.

At least a dozen Iraqis were reportedly killed in the two incidents and dozens more were sickened by inhaling the gas released by these attacks. The psychological effects may have been even more devastating than conventional explosives.

Homeland Security experts have long worried about the potential for using chemicals, such as chlorine, that would be dispersed after a conventional explosion. Documents and interactive DVDs found in safe houses in Iraq make it clear that terrorists have transitioned from theory to practice and it makes security of potentially dangerous chemicals, such as chlorine gas, an even more urgent priority.

BSSG has specialized expertise in conducting chemical risk assessments and providing truly effective countermeasures to protect chemicals from a variety of threats.

Today there are dozens, if not hundreds, of security related products available on the market. This month we are going to analyze some of the methods used to protect hard assets such as personal property, tools, vehicles, and other various types of equipment. 

Did you know that in the entire U.S. only two percent of stolen property is returned? The reason is that, all too often, police have no way of proving the property they have recovered is actually stolen and who it might really belong to.

So, how can we improve the recovery rates for stolen property?

One of the most obvious ways is to mark property and equipment. Some businesses do that with some sort of property control program that includes recording serial numbers and nomenclature and often includes a property control label. However, marking is not as simple as it sounds. Not any marking will do.  If the marking method uses something that can easily be spotted -- like a property control label -- the thieves will remove or obliterate the marking or serial number and thus render it worthless. If the marking is covert, so the thieves cannot easily remove or obliterate it, then you have to wonder if the police will spot it...and if they do, the issue then becomes how they will link that marking back to the owner. Normally this means and education and awareness program for police departments. Since thieves do not just operate within a single police jurisdiction and stolen property often does not remain in the area where it was stolen for long, this education program has to be nationwide. It also means an appropriate and properly maintained database and probably a good web site and/or toll free number.

The key is to mark parts and elements so the police, if they recover anything, can identify it as: (a) stolen (that requires identifying the legal owner) -- so the thieves can be prosecuted, and (b) the police can then return it to the legal owner (recovery).

According to Florida Department of Law Enforcement (FDLE) yearly crime reports, in the past two years, state-wide motor vehicle theft losses totaled $965,413,556. The total recovered was $569,421,566. That means there is $395,991,990 of unrecovered, stolen vehicle related property out there in Florida alone.

What are the methods used to try and protect business or personal assets?

Alarm

An alarm system provides a detection method that notifies there has been an unauthorized entry. But the effectiveness of an alarm system is limited by need for a response (if no one hears the alarm, no signal is received or no one pays attention to it...there is no response) and there must be enough delay time to allow someone to respond and get to the vehicle or premises before the thief leaves.

Transponder

Limited by the need for detection; if the owner/police do not know the items have been stolen, there may not be time to activate the transponder before the transponder can be separated from other items or from components.

Branding

It can be obliterated also it needs to be done in multiple locations in order for it to be effective, and then the questions is: are police nation-wide trained to identify the brand and trace it.

Micro Chips

Police are usually not trained to scan for them. The methodology and cost can be an issue for both police and the user and limit the number of microchips that are needed for effective and complete coverage of all components.

Locks

Locks can slow down a thief. But locks are only a delay mechanism. Given enough time a thief can break through most locks or bypass them. You also need detection and response. Delay alone is ineffective. Detection could be provided by an alarm system but you still need a response capability. The benefit of the lock is that it may delay a thief long enough and they might give up. But, if it becomes apparent there is no response, a lock alone will not prevent a determined thief.

Stamping or Labeling

Stamps and labels can be obliterated or covered and police are not trained to look for them.

The trick to marking is that it needs to be done in multiple locations and done in a way that it can not be spotted by a thief but can be found and understood by police nation-wide. It is also important to understand the limitations of relying on a single approach and use a multi-layered approach to protect your assets. Having a alarm alone may not be enough. Having a transponder alone may not be enough. Having both is better but it still may not be enough. There is no single magic bullet to prevent theft, but there are several things you can do to enhance protection for your assets.

The only way to protect your self and your assets is having a holistic approach, understand current systems and their limitations, and use multiple, overlapping systems to fill the gaps identified in a comprehensive risk assessment. Don't assume that your current systems are adequate. Technology changes and as soon as a new system enters the market, the bad guys/gals are already trying to figure out how to defeat it.

Some businesses and people say accepting loss as the "price for doing business." That is not true and eventually that attitude will cost you big. If you are lucky enough to have small losses, over time they become "real money" too. Losses can be prevented most of the time and when prevention fails, you still have a chance to recover the stolen property. But, that is only the case if you have planned accordingly. BSSG can help you evaluate systems and design a protection approach that is reasonably priced and truly effective.