The White House report on the failed bombing attempt of a U.S airliner on Christmas Day highlights the challenges U.S intelligence agencies face in correlating terrorism-related information gathered from multiple databases and sources.
The review, released yesterday, identified an overall failure by intelligence agencies to "connect the dots," despite having enough information at their disposal to have potentially disrupted the botched attack.
The problem, according to the report, was not a lack of information sharing between government agencies but a failure by the intelligence community to "identity, correlate and fuse into a coherent story all of the discrete pieces of intelligence held by the U.S. government."
In listing the various causes for this failure, the report noted that information technology within the counter-terrorism community "did not sufficiently enable the correlation of data that would have enabled analysts to highlight the relevant threat information."
Nigerian citizen Umar Farouk Abdulmutallab attempted to detonate an explosive device while onboard an international flight from Amsterdam to Detroit on Dec. 25. Though the plane landed safely, the incident sparked widespread concern over the intelligence lapses that led to his being allowed on the flight in the first place.
Prior to his having boarded the flight, Abdulmutallab's father had expressed concerns about his son's radicalization to U.S. embassy officials in Nigeria. Various other agencies had gathered information about Abdulmuttalab's visiting Yemen and meeting with operatives from an Al Qaida-affiliated terror group.
The report called on the director of national intelligence to "accelerate information technology enhancements" in areas such as knowledge discovery, database integration and cross-database searches. It also called for improved capabilities for linking biographic information with terrorism-related intelligence.
Computers that don't talk to each other
The report identifies what's been a challenge for some time within the intelligence community, said James Lewis, director and senior fellow at the Center for Strategic and International Studies (CSIS). The office of the Director of National Intelligence, one of the agencies responsible for analyzing and integrating terrorism-related intelligence gathered by the U.S. government, has been struggling for years to accomplish its mission, Lewis said.
"In the past, the director of the National Counter Terrorism Center had 11 different computers because none of the computers could talk with each other," said Lewis, who led a CSIS-led group that submitted a set of cybersecurity recommendations to President Obama last January.
The DNI has been trying to address the issue by standardizing its technology acquisition, but the task still remains a work in progress, Lewis said. in this particular case, "the dots were in several different places and we haven't brought them to a single place."
The incident also highlights an intelligence culture that emphasizes secrecy over information sharing, said John Pescatore, a former analyst at the National Security Agency who is now an analyst at research firm Gartner Inc.
The State Department and intelligence agencies, including the NSA, the FBI and the CIA, all have their own processes for handing raw intelligence data that they gather, Pescatore said. Often this raw information is filtered before being passed or shared with other agencies, which results in an incomplete picture of an unfolding scenario, such as the attempted Christmas Day bombing, he said.
"The first issue isn't tools, it is what you would do with the information the tool might discover," Pescatore said. The intelligence community was developed to gather information about opponents that was to be used in attacking the opponent, he said. "Defending against kamikaze pilots, suicide bombers or airplane terrorists is not the same thing by a long shot."
Handling terrrorist threats will require intelligence agencies to be more proactive in sharing information, he said. And rather than relying on threat information, the Transportation Security Administration and other consumers of intelligence information need to have a more direct role in analyzing intelligence data, he said,
Fix the culture first
More than eight years after the terrorist attacks of Sept 11, 2001, the biggest challenge for U.S. counter-terrorism efforts continues to be cultural issues rather than technology issues, said Bruce Schneier, a noted security expert and chief security technology officer at BT Group PLC.
"The intelligence community has been optimized to fight the cold war where secrecy was paramount," Schneier said. "That kind of secrecy doesn't make sense any more. You need more openness and collaboration and sharing," Schneier said. While it is conceivable that IT enhancements could boost data correlation abilities, the fundamental issue that needs to be overcome is cultural, he said.
Unlike Cold War foes such as the Soviet Union, Al Qaida and other adversaries are decentralized and poorly funded. "Our intelligence organizations need to trade techniques and expertise with industry, and they need to share information among the different parts of themselves," Schneier said.
"Today's terrorist plots are loosely organized ad hoc affairs, and the dots that are so important for us to connect beforehand might be on different desks, in different buildings, owned by different organizations," he said. "What we need is an intelligence community that shares ideas and hunches and facts on Facebook, Twitter, and wiki. I'm not advocating that the CIA and NSA open its networks to everyone, but they need to bring Web 2.0 tools into their own classified networks," he said.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan, send e-mail to firstname.lastname@example.org or subscribe to Jaikumar's RSS feed .