Raytheon + Social Networks = Data Mining Riot

“Users may be posting information that they believe will be viewed only by their friends, but instead, it is being viewed by government officials or pulled in by data collection services like the Riot search.”

By RYAN GALLAGHER | SMH | FEBRUARY 12, 2013

A multinational security firm has secretly developed software capable of tracking people’s movements and predicting future behaviour by mining data from social networking websites.

A video obtained by the Guardian reveals how an “extreme-scale analytics” system created by Raytheon, the world’s fifth largest defence contractor, can gather vast amounts of information about people from websites including Facebook, Twitter and Foursquare.

Raytheon says it has not sold the software – named Riot, or Rapid Information Overlay Technology – to any clients. But the Massachusetts-based company has acknowledged the technology was shared with US government and industry as part of a joint research and development effort, in 2010, to help build a national security system capable of analysing “trillions of entities” from cyberspace.

The power of Riot to harness websites for surveillance offers a rare insight into techniques that have attracted interest from intelligence and national security agencies, at the same time prompting civil liberties and online privacy concerns.

Using Riot it is possible to gain a picture of a person’s life – their friends, the places they visit charted on a map – in little more than a few clicks of a button.

In the video obtained by the Guardian, Raytheon’s “principal investigator” Brian Urch explains that photographs which users post on social networks sometimes contain latitude and longitude details – automatically embedded by smartphones within so-called “exif header data”. Riot pulls out this information, showing the location at which the pictures were taken. Riot can display online associations and relationships using Twitter and Facebook and sift GPS location information from Foursquare, a mobile phone app used by more than 25 million people to alert friends of their whereabouts. The Foursquare data can be used to display, in graph form, the top 10 places visited and the times at which they visited them.

Mining from public websites for law enforcement is considered legal in most countries. But, Ginger McCall, a lawyer at the Washington-based Electronic Privacy Information Centre, said the Raytheon technology raised concerns about how user data could be covertly collected without oversight or regulation.

“Users may be posting information that they believe will be viewed only by their friends, but instead, it is being viewed by government officials or pulled in by data collection services like the Riot search.”

Raytheon, which made sales worth an estimated US$25 billion in 2012, did not want its Riot demonstration video to be revealed on the grounds that it says it shows a “proof of concept” product that has not been sold to any clients.

Jared Adams, a spokesman for Raytheon’s intelligence and information systems department, said in an email: “Riot is a big data analytics system design we are working on with industry, national labs and commercial partners to help turn massive amounts of data into useable information to help meet our nation’s rapidly changing security needs. Its innovative privacy features are the most robust that we’re aware of, enabling the sharing and analysis of data without personally identifiable information being disclosed.”

In December, Riot was featured in a new patent Raytheon is pursuing for a system to gather data on people from social networks, blogs and other sources to identify whether they might be a security risk.

In April, Riot was scheduled to be showcased at a US government and industry national security conference for secretive, classified innovations, where it was listed under the category “big data – analytics, algorithms”.

U.S. Intelligence Weakening Internet for Takeover

As in other occasions, exercises are being conducted before full a takeover.  Will the next false-flag attack come to fruition on the net? The Cybersecurity Bill gives Obama the power to shut down companies and the World Wide Web as a whole.

1500 AM

In places like Arlington, Va.; Washington, D.C.; across the U.S. and around the world, a global cybersecurity exercise is underway designed to test the limits not only of the “network of networks,” but the ingenuity of the people charged with protecting it.

Welcome to Cyber Storm III.

This is the third time that the Department of Homeland Security, in conjunction with other federal agencies, is holding this global cybersecurity exercise. Previous Cyber Storm exercises were conducted in 2006, and again in 2008. For the first time, DHS will manage its response to Cyber Storm III from its new National Cybersecurity and Communications and Integration Center.

Normally, this facility, located in a nondescript office building in Arlington is classified and closed to the public. But the NCCIC recently opened its doors for an inside look to let DHS officials brief the media on Cyber Storm III, a worldwide cybersecurity response exercise that has been underway since late Monday.

Brett Lambo, the director of the Cybersecurity Exercise Program with DHS’s National Cybersecurity Division, is the architect, or game master for this global cybersecurity exercise.

“The overarching philosophy,” he told reporters in a recent briefing at the NCCIC, “is that we want to come up with something that’s a core scenario, something that’s foundational to the operation of the Internet.”

Cyber Storm III includes many players in places across the U.S. and around the world:

  • Seven federal departments: Homeland Security, Defense, Commerce, Energy, Justice, Treasury and Transportation.
  • Eleven states: California, Delaware, Illinois, Iowa, Michigan, Minnesota, North Carolina, New York, Pennsylvania, Texas, Washington, plus the Multi-State Information Sharing and Analysis Center (ISAC). This compares with nine states that participated in Cyberstorm II.
  • Twelve international partners: Australia, Canada, France, Germany, Hungary, Japan, Italy, the Netherlands, New Zealand, Sweden, Switzerland, and the United Kingdom (up from four countries that participated in Cyber Storm II).

DHS officials also say 60 private sector companies will participate in Cyber Storm III, up from 40 who participated in Cyber Storm II. Firms include banking and finance, chemical, communications, defense industrial, information technology, nuclear, transportation and water.

Lambo said to preserve the exercise’s value as a vigorous test of cybersecurity preparedness, exact details of the scenario which participants will deal with over the next three days are secret. However, he did share some of the broad parameters of the scenario he helped write, and which he will administer.

“In other exercises, you do have specific attack vectors; you have a denial of service attack, you have a website defacement, or you have somebody dropping a rootkit,” he said. “But we wanted to take that up a level to say, ‘All of those things can still happen, and based on what you do, if you’re concerned about the availability of infrastructure, we can look at what happens when the infrastructure is unavailable.'”

Lambo said another way to look at the scenario is that it builds upon what they learned from previous exercises.

“In Cyber Storm I, we attacked the Internet, in Cyber Storm II, we used the Internet as the weapon, in Cyber Storm III, we’re using the Internet to attack itself,” he said.

Lambo added under normal circumstances, the Internet operates based on trust that a file, or a graphic, or a computer script is what it says it is, and comes from a trusted source. But what if that source was not what it said it was, or the source has a malicious intent?

“What we’re trying to do is compromise that chain of trust,” he said, in further explaining in broad strokes of the Cyber Storm III exercise scenario.

Lambo and his colleagues at the Cyber Storm control center also will introduce new, and hopefully unexpected conditions to the scenario to further test participants.

“We have the ability to do what we call dynamic play,” he said. “If we get a player action coming back into the exercise that is either different from what we expected it to be, if it’s something we’d like to chase down further, or if it’s something we’d like to pursue, we have the ability to write injects on the fly.”

He said those injects could include new attacks.

The Cyber Storm exercise will be conducted primarily using secure messaging systems like e-mail or text messages to relay intersects to participants and that the simulated attacks are not being conducted over a live or a virtual network now in operation on the Internet, he said.

For the U.S. government, Cyber Storm III also offers the opportunity to test the DHS’ National Cyber Incident Response Plan.

“We want to focus on information sharing issues,:” he said. “We want to know how all of the different organizations are compiling, acting on, aggregating information that they’re sharing, especially when you’re thinking about classified lines coming into the unclassified domain. There’s a concept called tearlining, in which we take classified information, and get it below the tearline, so that those without security clearances and get it, and act on it.”

The Cyber Storm III exercise is expected to conclude by Oct. 1.

Space Based Laser Weapons

fas.org

The potential to intercept and destroy a missile over enemy territory soon after launch, rather than over friendly territory, makes the development of a boost phase intercept (BPI) capability very desirable. In concert with ground based theater missile defense (TMD) systems already under development, the U.S. continues to investigate BPI concepts for BMD systems.

The SBL program could develop the technology to provide the U.S. with an advanced BMD system for both theater and national missile defense. BMDO believes that an SBL system has the potential to make other contributions to U.S. security and world security as a whole, such as inducing potential aggressors to abandon ballistic missile programs by rendering them useless. Failing that, BMDO believes that the creation of such a universal defense system would provide the impetus for other nations to expand their security agreements with the United States, bringing them under a U. S. sponsored missile defense umbrella.

An SBL platform would achieve missile interception by focusing and maintaining a high powered laser on a target until it achieves catastrophic destruction. Energy for the sustained laser burst is generated by the chemical reaction of the hydrogen fluoride (HF) molecule. The HF molecules are created in an excited state from which the subsequent optical energy is drawn by an optical resonator surrounding the gain generator.

Lasers have been studied for their usefulness in air defense since 1973, when the Mid Infrared Advanced Chemical Laser (MIRACL) was first tested against tactical missiles and drone aircraft. Work on such systems continued through the 1980s, with the Airborne Laser Laboratory, which completed the first test laser intercepts above the earth. Initial work on laser based defense systems was overseen by the Defense Advanced Research Projects Agency (DARPA), but transferred to the newly created Strategic Defense Initiative Organization (SDIO) in 1984. Work continues today under the auspices of the BMDO, the successor to the SDIO.

The SBL program builds on a broad variety of technologies developed by the SDIO in the 1980s. The work on the Large Optics Demonstration Experiment (LODE), completed in 1987, provided the means to control the beams of large, high powered lasers. The Large Advanced Mirror Program (LAMP) designed and built a 4 meter diameter space designed mirror with the required optical figure and surface quality. In 1991, the Alpha laser (2.8 mm) developed by the SDIO achieved megawatt power at the requisite operating level in a low pressure environment similar to space. Numerous Acquisition, Tracking, and Pointing/ Fire Control (ATP/ FC) experiments both completed and currently underway will provide the SBL platform with stable aimpoints. Successes in the field of ATP include advances in inertial reference, vibration isolation, and rapid retargeting/ precision pointing (R2P2). In 1995 the Space Pointing Integrated Controls Experiment offered near weapons level results during testing.

Most recently, the Alpha LAMP Integration (ALI) program has performed integrated high energy ground testing of the laser and beam expander to demonstrate the critical system elements. The next step is an integrated space vehicle ground test with a space demonstration to conclusively prove the feasibility of deploying an operational SBL system.

Future plans include orbiting the SBL Readiness Demonstrator (SBLRD) in order to test all of the systems together in their intended working environment. Designs for the SBLRD satellite call for four major subsystems: the ATP system; providing acquisition, tracking, targeting, stabilization, and assessment capabilities; the laser device, providing the optical power, and beam quality, as well as maintains nozzle efficiency; the optics and beam control systems, enhancing and focus the beam, augmenting the capabilities of the laser device; and the space systems, providing a stable platform, storage of the reactants, and furnish electrical power (but do not power the laser).

The SBLRD is intended to demonstrate the capability to perform boost phase Theater Missile Defense from space. The objectives of the space demonstration include gaining performance information critical to the development of an operational SBL system, as well as gain a general understanding of operating such a system.

BMDO and the Air Force agreed to transfer the execution of the SBLRD project and the related SBL technology developments to the Air Force. BMDO retained overarching SBL architecture responsibilities.

Alpha High Energy Laser (HEL)

Megawatt class power levels were first achieved by the Mid-Infrared Advanced Chemical Laser (MIRACL) originally sponsored by the Navy, later by DARPA, and then by BMDO. Because the design was intended for sea level operation, the MIRACL laser does not achieve the optimum efficiency necessary for space-based operation. DARPA launched the Alpha laser program, with the goal of developing a megawatt level SBL that was scaleable to more powerful weapon levels and optimized for space operation. In this design, stacked cylindrical rings of nozzles are used for reactant mixing. The gain generation assembly achieves higher power by simply stacking more rings. In 1991, the Alpha laser demonstrated megawatt class power levels similar to MIRACL, but in a low pressure, space operation environment. Alpha demonstrates that multi-megawatt, space-compatible lasers can be built and operated.

Large Advanced Mirror Program (LAMP)

To demonstrate the ability to fabricate the large mirror required by an SBL, the Large Advanced Mirror Program (LAMP) built a lightweight, segmented 4 m diameter mirror on which testing was completed in 1989. Tests verified that the surface optical figure and quality desired were achieved, and that the mirror was controlled to the required tolerances by adaptive optics adjustments. This mirror consists of a 17 mm thick facesheet bonded to fine figure actuators that are mounted on a graphite epoxy supported reaction structure. To this day, this is the largest mirror completed for use in space. This LAMP segmented design is applicable to 10 m class mirrors, and the Large Optical Segment (LOS) program has since produced a mirror segment sized for an 11 m mirror. The large dimension of this LOS mirror segment approximates the diameter of the LAMP mirror.

Beam Control- Large Optics Demonstration Experiment (LODE) and ALI

The ability to control a beam was demonstrated at low power under the Large Optics Demonstration Experiment (LODE) in 1987. The current high power beam control technology is now being integrated with the Alpha laser and the LAMP mirror in a high power ground demonstration of the entire high energy laser weapon element. This is known as the Alpha-LAMP Integration (ALI) program.

Acquisition, Tracking, Pointing (ATP)

The ATP technologies required (sensors, optics, processors, etc.) have been validated through a series of component and integrated testing programs over the last decade. In 1985, the Talon Gold brassboard operated sub-scale versions of all the elements needed in the operational ATP system including separate pointing and tracking apertures, an illuminator, an inertial reference gyro system, fire control mode logic, sensors and trackers. Talon Gold achieved performance levels equivalent to that needed for the SBL. In 1991, the space-borne Relay Mirror Experiment (RME), relayed a low-power laser beam from a ground site to low-earth orbit and back down to a scoring target board at another location with greater pointing accuracy and beam stability than needed by SBL. The technology to point and control the large space structures of the SBL was validated in 1993 by the Rapid Retargeting and Precision Pointing (R2P2) program that used a hardware test bed to develop and test the large and small angle spacecraft slewing control laws and algorithms. The Space Pointing Integrated Controls Experiment (SPICE) demonstrated in 1995 near weapon scale disturbance isolation of 60-80 db and a pointing jitter reduction of 75:1. In 1998, the Phillips-Laboratory-executed High Altitude Balloon Experiment, (HABE) will demonstrate autonomous end-to-end operation of the key ATP-Fire Control (FC) functions in a realistic timeline against actual thrusting ballistic missiles. HABE will use a visible low-power marker beam as a surrogate to the megawatt HF beam and measure beam pointing accuracy, jitter and drift against a fixed aimpoint on the target.

SBLRD Characteristics
Weight: 17,500 kg Length: 20.12 m
Diameter: 4.57 m Mirror Diameter: 4.0 m

  • Hydrogen fluoride chemical energy powered laser.
  • On board surveillance capabilities.
  • Super reflective mirror coatings allowing for uncooled optics.
  • Concurrent NMD / TMD capability.

Resources

Star Wars High Power Invisible Energy Weapons Technology

Journalists Maurizio Torrealta and Sigfrido Ranucci along with Retired Colonel John Alexander, former Pentagon Analyst and Washington Post Reporter William Arkin and Human Rights Watch’s Marc Garlasco explain how modern warfare went from kinetic to high power energy weapons.  The United States spends at least five hundred million (500,000,000) dollars a year in Research and Development of these technology.  Among the companies that receive contracts for the development of high energy weapons are Raytheon and Zeus.

Secret Raytheon Military Contract Rolls out Internet Clamp Down

It would rely on a set of sensors deployed in computer networks to spy on the Internet for “attacks” on infrastructure.  The irony is that the only people who have the power and technology to cause a massive attack of the scale it is being promoted, are the very same people who are clamping down on the Internet to establish censorship and control.  The program’s name (Perfect Citizen) could not be more deceiving.

WSJ

The federal government is launching an expansive program dubbed “Perfect Citizen” to detect cyber assaults on private companies and government agencies running such critical infrastructure as the electricity grid and nuclear-power plants, according to people familiar with the program.

The surveillance by the National Security Agency, the government’s chief eavesdropping agency, would rely on a set of sensors deployed in computer networks for critical infrastructure that would be triggered by unusual activity suggesting an impending cyber attack, though it wouldn’t persistently monitor the whole system, these people said.

Defense contractor Raytheon Corp. recently won a classified contract for the initial phase of the surveillance effort valued at up to $100 million, said a person familiar with the project.

An NSA spokeswoman said the agency had no information to provide on the program. A Raytheon spokesman declined to comment.

Some industry and government officials familiar with the program see Perfect Citizen as an intrusion by the NSA into domestic affairs, while others say it is an important program to combat an emerging security threat that only the NSA is equipped to provide.

“The overall purpose of the [program] is our Government…feel[s] that they need to insure the Public Sector is doing all they can to secure Infrastructure critical to our National Security,” said one internal Raytheon email, the text of which was seen by The Wall Street Journal. “Perfect Citizen is Big Brother.”

Raytheon declined to comment on this email.

A U.S. military official called the program long overdue and said any intrusion into privacy is no greater than what the public already endures from traffic cameras. It’s a logical extension of the work federal agencies have done in the past to protect physical attacks on critical infrastructure that could sabotage the government or key parts of the country, the official said.

U.S. intelligence officials have grown increasingly alarmed about what they believe to be Chinese and Russian surveillance of computer systems that control the electric grid and other U.S. infrastructure. Officials are unable to describe the full scope of the problem, however, because they have had limited ability to pull together all the private data.

Perfect Citizen will look at large, typically older computer control systems that were often designed without Internet connectivity or security in mind. Many of those systems—which run everything from subway systems to air-traffic control networks—have since been linked to the Internet, making them more efficient but also exposing them to cyber attack.

The goal is to close the “big, glaring holes” in the U.S.’s understanding of the nature of the cyber threat against its infrastructure, said one industry specialist familiar with the program. “We don’t have a dedicated way to understand the problem.”

The information gathered by Perfect Citizen could also have applications beyond the critical infrastructure sector, officials said, serving as a data bank that would also help companies and agencies who call upon NSA for help with investigations of cyber attacks, as Google did when it sustained a major attack late last year.

The U.S. government has for more than a decade claimed a national-security interest in privately owned critical infrastructure that, if attacked, could cause significant damage to the government or the economy. Initially, it established relationships with utility companies so it could, for instance, request that a power company seal a manhole that provides access to a key power line for a government agency.

With the growth in concern about cyber attacks, these relationships began to extend into the electronic arena, and the only U.S. agency equipped to manage electronic assessments of critical-infrastructure vulnerabilities is the NSA, government and industry officials said.

The NSA years ago began a small-scale effort to address this problem code-named April Strawberry, the military official said. The program researched vulnerabilities in computer networks running critical infrastructure and sought ways to close security holes.

That led to initial work on Perfect Citizen, which was a piecemeal effort to forge relationships with some companies, particularly energy companies, whose infrastructure is widely used across the country.

The classified program is now being expanded with funding from the multibillion-dollar Comprehensive National Cybersecurity Initiative, which started at the end of the Bush administration and has been continued by the Obama administration, officials said. With that infusion of money, the NSA is now seeking to map out intrusions into critical infrastructure across the country.

Because the program is still in the early stages, much remains to be worked out, such as which computer control systems will be monitored and how the data will be collected. NSA would likely start with the systems that have the most important security implications if attacked, such as electric, nuclear, and air-traffic-control systems, they said.

Intelligence officials have met with utilities’ CEOs and those discussions convinced them of the gravity of the threat against U.S. infrastructure, an industry specialist said, but the CEOs concluded they needed better threat information and guidance on what to do in the event of a major cyber attack.

Some companies may agree to have the NSA put its own sensors on and others may ask for direction on what sensors to buy and come to an agreement about what data they will then share with the government, industry and government officials said.

While the government can’t force companies to work with it, it can provide incentives to urge them to cooperate, particularly if the government already buys services from that company, officials said.

Raytheon, which has built up a large cyber-security practice through acquisitions in recent years, is expected to subcontract out some of the work to smaller specialty companies, according to a person familiar with the project.