COVID-19 an Intelligence assessment

COVID-19 an Intelligence assessment

COVID-19 an Intelligence assessment

by Philip Ingram MBE

One of the worst things a Prime Minister has to admit to his country is that, “many more families are going to lose loved ones before their time,” as Boris Johnson was forced to say in his press conference about what the UK was going to do about the COVID-19 pandemic.  He, with the country’s chief scientist and the Chief Medical Officer for England and Wales, who had consulted got agreement with the Chief Medical Officers of Scotland and Northern Ireland, explained the current position with the COVID-19 pandemic and what the government’s response would be.

The general feeling after the briefing was it was considered, informative, measured and frightening all at the same time.  However, this hasn’t stopped the armchair scientific and medical experts such as Nigel Farage and Piers Morgan from berating the response because it doesn’t match or go further than the responses of some other countries. Comments from influencers like Morgan, such as “The government seems to be avoiding draconian ‘shutdown’ action now because we will all get too bored with it,” display a shocking naivety that, from a journalist, is at the least unhelpful and is certainly unprofessional.  Maybe now is the time to do a proper intelligence assessment of what we know.

The thing to realise about intelligence assessments, as intelligence is very often blamed after the fact for not seeing things that were not there at the time of writing. It is an assessment at a snapshot of time and as the situation develops and more information, or ‘unknowns’ be come known, then it is likely to change. No enemy on the battlefield follows your plan because it is in your intelligence assessment, no terrorist gets caught because you have assessed how small the threat is, no virus will do exactly what you predict.

What is a virus?

The microbiological society describes a virus as the smallest of all microbes. With some, they are so small that 500 million could fit on to the head of a pin. They are unique because they are only alive and able to multiply inside the cells of other living things. The cell they multiply in is called the host cell. 

A virus is made up of a core of genetic material, either DNA or RNA, surrounded by a protective coat called a capsid which is made up of protein. Sometimes the capsid is surrounded by an additional spikey coat called the envelope.

Under a process called Lysis, virus particles burst out of the host cell into the extracellular space resulting in the death of the host cell. It is this that causes the damage to the host organism, and the symptoms experienced, when many cells are killed. Once the virus has escaped from the host cell it is ready to enter a new cell and multiply.

An organism, if exposed to the virus or a similar version may have a degree of immunity as it has the genetic pattern to develop antibodies to fight the viruses and restrict their spread. The danger is when a novel virus is discovered, as organisms will have no pre prepared defences to these.

The next question has to be, what is CoronaVirus and what is COVID-19? 

According to the Centre for Disease Control and Prevention in the US (CDC), coronavirus is the name for a family of viruses that were first identified in the 1960’s.  They are named for the crown-like spikes on their surface (envelope) and there are four main sub-groupings known as alpha, beta, gamma, and delta.

People around the world commonly get infected with some human coronaviruses and in recent years it has been identified that coronaviruses that infect animals can evolve and jump the species gap to humans. Three recent examples of this are; severe acute respiratory syndrome, or SARS (SARS-CoV-1), Middle East Respiratory Syndrome, or MERS which were both identified as beta viruses and now we have coronavirus disease 19 or COVID-19 which has been designated as a novel corona virus, i.e. it doesn’t fit into any already known category and therefore any immunity to other types of coronavirus that is present in a species can be bypassed by this strain. The name of the virus that causes COVID-19, the disease, is Severe Acute Respiratory Syndrome Coronavirus-2 (SARS-CoV-2).

Comment: Much is already known about coronaviruses, about their protein makeup, their genetic coding, their transmission, their strengths and their weaknesses, there has been over 50 years research into them already and SARS and MERS have given recent impetus to the scientific community.  SARS-COV-2 is closely related to SARS-COV-1 which emerged in 2002. Therefore, the scientific fight against COVID-19 disease is not from a standing start, it is from a position of many years research. Comment Ends. 

Where did COVID-19 come from?

Here conspiracy theories abound, as the reality is the origin of SARS-CoV-2 is only a scientific assessment. However, based on over 50 years research into coronaviruses and that the international scientific community is quick at checking and commenting on all of the relevant works and studies in the scientific community, their current assessment is probably accurate; it is certainly extensively peer reviewed.

The World Health Organisation (WHO) situation report of 21st January 2020 said that on 31st December 2019, the World Health Organisation’s (WHO) China office heard the first reports of a previously unknown virus behind a number of pneumonia cases in Wuhan, a city in Eastern China.

On 11 and 12 January 2020, WHO received further detailed information from the National Health Commission China that the outbreak is associated with exposures in one seafood market in Wuhan City.

In February nature magazine reported that, “Chinese scientists suggested, on the basis of genetic analyses the prime suspect was the scaly ant eating pangolin.  However, it then went on to say that scientists have now examined that data and say that although the animal is still a contender, the mystery is far from solved.

Other animals that are known as host of various coronavirus strains are Bats and they, like the Pangolin, were sold live in the Wuhan market.  MERS and SARS were originally corona viruses hosted on bats, so it is now thought that they are the most likely contender.

Apportionment of its source is made slightly more conspiratorial by the fact that Wuhan is the site of China’s only facility designated at Biosafety Level 4 (BSL-4) and is known as the Wuhan Centre for Disease Control (WHCDC).  It was constructed in 2004 following the SARS emergency to conduct research into countering such viruses.  Level 4 facilities are designed to stop the escape of even the smallest particles, so accidental escape is highly unlikely. Despite sensational speculation in some press circles, there is no evidence in the scientific community that the COVID-19 disease is a result of WHCDC activity.

Comment: Coronavirus species jumps have been identified in the past, bats were identified as the source of the SARS corona virus and given the initial reporting in the city of Wuhan, the focus around the seafood market, it is highly likely that the ground zero for the COVID-19 disease is Wuhan and the seafood market.  However, it is possible that the exact source will never be identified and therefore likely that sensationalised speculation will continue. Comment Ends.

How dangerous is COVID-19?

COVID-19 is a new illness and as such no one will have any inherent immunity to the virus that causes it and an understanding of how the disease develops in humans is just being observed. This lack of inherent immunity means that the herd immunity principals that restrict the spread of known viruses and the peak of their impact in numbers, does not exist.

The main symptoms of COVID-19 are a cough, a high temperature and, in severe cases, shortness of breath.

According to NHS England, because COVID-19 is a new illness, exactly how it is spread from person to person is not fully understood.  However, the WHO says, “The disease can spread from person to person through small droplets from the nose or mouth which are spread when a person with COVID-19 coughs or exhales. These droplets land on objects and surfaces around the person. Other people then catch COVID-19 by touching these objects or surfaces, then touching their eyes, nose or mouth. People can also catch COVID-19 if they breathe in droplets from a person with COVID-19 who coughs out or exhales droplets.”

It goes on to say, “Illness due to COVID-19 infection is generally mild, especially for children and young adults. However, it can cause serious illness: about 1 in every 5 people who catch it need hospital care. While we are still learning about how COVID-19 affects people, older persons and persons with pre-existing medical conditions (such as high blood pressure, heart disease, lung disease, cancer or diabetes) appear to develop serious illness more often than others.”

The UK Government says, “a minority of people who get COVID-19 will develop complications severe enough to require hospital care, most often pneumonia. In a small proportion of these, the illness may be severe enough to lead to death. The Prime Minister, Boris Johnson, confirmed this in his statement of 12th March 2020.

On 30 January 2020, the WHO declared the outbreak of COVID-19 a “Public Health Emergency of International Concern” (PHEIC). On 11 March 2020 the WHO formally declared COVID-19 as a pandemic and a pandemic is simply a new disease for which people do not have immunity that spreads around the world beyond expectations.

Exact death rates expressed as a percentage of infections is impossible to accurately state at this time as many who contract the disease will have very mild symptoms, are unlikely to be tested so formally diagnosed and recorded as having it but could still transmit it to others.

Comment: COVID-19 is extremely dangerous to certain parts of the community but will have little impact on most sufferers.  However, as there is no herd immunity there is very real potential for the most vulnerable to require hospitalisation all at the same time, overwhelming medical facilities. Anyone with the disease, even with very mild symptoms, can transmit it.

Much has yet to be learned about this disease and its impact but the “So What?” is that it is critical that measures to reduce the number of severe cases and spread them over as long a time period as possible, to ensure medical facilities and staff are not overwhelmed, are taken. Those measure must be taken by all potential sufferers to have the best outcome.

People should take statistics in the press with an understanding of the reality that they are likely wrong and an over exaggeration of the risk if taken in isolation. Comment Ends.

What can and is being done about it?

Every county seems to be taking a slightly different approach to dealing with the COVID-19 pandemic, which is fuelling political opportunism, sensational headlines playing on the very real fears of the population, and in turn causing anxiety in the financial markets wiping billions of their value. One thing is clear, it will pass.

The UK has very robust, tried and tested processes and procedures for dealing with pandemics.  This is nothing new and the WHO has been talking about the threat form a disease X scenario for some years. Understanding of the spread, measures to deal with it for theoretical diseases have been modelled and exercised frequently and the government has a series of plans to deal with these incidents ready to go.

On 03 March 2020 the Government published its Coronavirus (COVID-19) action plan based on its experience in dealing with other infectious diseases and its influenza pandemic preparedness work. The UK government and devolved administrations, including the health and social care system, have planned extensively over the years for an event like this. The UK is therefore well prepared to respond in a way that offers substantial protection to the public.

The plan confirms that, “The majority of people with COVID-19 have recovered without the need for any specific treatment, and it is expected that the vast majority of cases will best be managed at home.

The planning principles for the UK and Devolved administrations used are:

  • Undertake dynamic risk assessments of potential health and other impacts, using the best available scientific advice and evidence to inform decision making.
  • Minimise the potential health impact by slowing spread in the UK and overseas, and reducing infection, illness and death.
  • Minimise the potential impact on society and the UK and global economy, including key public services.
  • Maintain trust and confidence amongst the organisations and people who provide key public services, and those who use them.
  • Ensure dignified treatment of all affected, including those who die.
  • Be active global players – working with the World Health Organization (WHO), the Global Health Security Initiative (GHSI), the European Centre for Disease Prevention and Control (ECDC), and neighbouring countries, in supporting international efforts to detect the emergence of a pandemic and early assessment of the virus by sharing scientific information.
  • Ensure that the agencies responsible for tackling the outbreak are properly resourced to do so, that they have the people, equipment and medicines they need, and that any necessary changes to legislation are taken forward as quickly as possible.
  • Be guided by the evidence, and regularly review research and development needs, in collaboration with research partners, to enhance our pandemic preparedness and response.

The key is that they are evidence based, balanced, well planned and frequently modelled and lead to four phases:

  • Contain: detect early cases, follow up close contacts, and prevent the disease taking hold in this country for as long as is reasonably possible
  • Delay: slow the spread in this country, if it does take hold, lowering the peak impact and pushing it away from the winter season
  • Research: better understand the virus and the actions that will lessen its effect on the UK population; innovate responses including diagnostics, drugs and vaccines; use the evidence to inform the development of the most effective models of care
  • Mitigate: provide the best care possible for people who become ill, support hospitals to maintain essential services and ensure ongoing support for people ill in the community to minimise the overall impact of the disease on society, public services and on the economy.

The aim across the board is to delay the onset of rapid cross infection throughout the population and spread the peak and most severe cases out over a longer time period enabling current and surge medical capabilities to deal with the effects of the COVID-19 disease on those most affected.

However, a plan is only as good as those who adhere to it and the government advice to the general public needs the general public to follow that advice if there is a hope of the plan succeeding.  Social distancing, seeking advice from the 111 website, handwashing are all examples of what the general public need to do to keep the government plan on track and to save as many of the most vulnerable and severe cases as possible.

Comment: The measures being outlined to deal with the COVID-19 epidemic are considered, modelled, progressive, well planned and thought through by every expert in the field. They are not made up ‘on the hoof’ and are designed to minimise the impact on sufferers, society, business and life in general. The measures do require a greater public understanding and cooperation, and this is one time when sensationalism and speculation is unhelpful at best, but more likely deadly. Comment Ends.

Why are other governments taking different actions?

Other governments may take different actions as they have different cultural norms, different scientists with differing opinions, they are likely to be at a different stage of the pandemic and all healthcare systems and social care system likely differ so strain and breaking points won’t be the same between countries. A final consideration is there is a possibility of different political considerations in decision making for example, France’s closing of schools and universities puts additional strain on adults, some of whom are key to the yellow vest processes, the banning of groups of 100 or more again could (and I emphasise could as I don’t believe this question has been asked), make it easier for President Macron to control anti Government sentiment such as the yellow vest protests which with greater pandemic spread could flare up more. In Ireland, the pressure from the closure will force the political parties to agree a new government more quickly. Unfortunately in this world one has to consider political actions as part of disaster consequence management.

The key is when you make drastic decisions such as closing schools, as you want to leave them as late as possible to reduce the social impact but take them as early as possible to reduce the spread – the Government is doing that and the scientists are watching for that point on a daily basis. Thank goodness it is an evidence based decision and not a politically expedient one or and emotionally based one.  Things could be very different if we had a minority government in power and politics, not evidence based science, drove decision making.

Assessment:  The current COVID-19 pandemic is a serious situation that will likely result in a number of deaths, that number will be a very small percentage of those who catch the disease as most people will recover, many without ever being formally diagnosed.

Critical to keeping the death toll to the lowest numbers possible is flattening out the peak number of severe cases at any one time in order to reduce the burden on medical facilities and personnel.

Current understanding of how pandemics spread is good, current planning for dealing with pandemics has been scrutinised by some of the best brains in the country and are generally well thought through. They rely on evidence-based assessments and have been modelled extensively.

COVID-19 will disrupt normal activities for a period of time and then society will recover. However, as ever, the success of any plan requires the support and cooperation of all involved, and in a pandemic scenario that means the general population. Recovery time for society will depend on cooperation and sticking to a well tested plan.

MERS, SARS, COVID-19 are just the latest in a series of viral infections, there will likely be more in the future and many will have a smaller impact but the potential remains for some with an even greater impact on society.  Assessment Ends.

The best advice remains that on the front cover of Douglas Adam famous book, “The Hitch Hikers Guide to the Galaxy,” it says: “Don’t Panic.”  The current continuously updated statistics for the pandemic can be followed here: https://www.worldometers.info/coronavirus/

 

 

This blog was written by Philip Ingram MBE a former senior Military Intelligence officer and specialist in CBRNE. He grew up in a family immersed in disease identification and control as his late father, Brian, ran a laboratory at the local hospital and his biomedical science journals were Philip’s youthful reading. He is always available for comment through the contact us page.  You can always listen to this blog through our PODCAST site by clicking here:

Is the change in Terror legislation enough?

Is the change in Terror legislation enough?

Is the change in Terror legislation enough?

By Philip Ingram MBE

Sudesh Amman, arrested and jailed for preparing acts of terrorism in May 2018 and under the then Terror Legislation was automatically released on license after having served half of his sentence. Ten days later, at the beginning of February 2020, attacked two people on Streatham High Street before being shot dead by a police undercover surveillance team who had been tailing him. That legislation was changed today with the introduction of the Terrorist Offenders (Restriction of Early Release) Bill.

This was the third attack in so many months after an attack at Fishmongers’ Hall on London Bridge in December by Usman Khan. He had been released half-way through a 16-year sentence for terror offences. Then in January there was attack on prison officers at Whitemoor Prison in which at least one prisoner found guilty of a terrorist offence is understood to have been involved

Another terror attack on the streets of our capital city but this one has raised so many additional questions. Why, if Amman was so dangerous, was he released from prison? With this being the second In London attack from a newly released terror convict, in 3 months, how many more are due for release? Can the police and security services cope? What else can be done to protect the general public? Is the Terrorist Offenders (Restriction of Early Release) Bill the answer?

The numbers are horrific, 20,000 people have over the years come to feature on a terror database, 3000 are current persons of interest and there are over 800 active investigations going on today.  In addition, as at February 2020 there are 224 convicted terrorists in jail in Great Britain and six are due for early release by March and up to another 50 at some stage in 2020.

As at the end of February, with the change in legislation those 50 must now serve at least two thirds of their prison term before being considered for release. The one individual who was due for release in the coming days, Mohammed Zahir Khan who was jailed in 2018 for four years for encouraging terrorism, stirring up religious hatred and disseminating a terror publication must serve another year.

Before Kahn and any of the other 50 prisoners impacted this year by the change in the Terrorist Offenders (Restriction of Early Release) Bill can be released, they will also need to pass a review by a panel of specialist judges and psychiatrists at the Parole Board.  However, if these individuals pass, they will be released and if they don’t, at the end of their sentences they will be released.

It takes over 30 highly trained specialist surveillance officers to monitor one person and the head of UK counter-terror policing Neil Basu  warned the threat from terrorism was not diminishing and that the number of subjects of interest and convicted terrorists due for release meant “we cannot watch all of them, all the time,” he said.  So, priorities have to be made and resources allocated appropriately.

There is a perception from films and TV series that the police and Security Services can sit in a big control room and track people remotely using the over 600,000 CCTV cameras in London alone, one for every 14 people, using facial recognition capabilities, seamlessly tracking suspects and keeping surveillance operators informed. Unfortunately, that capability isn’t available outside the TV or film set, and surveillance remains a manpower intensive job.

The Counter Terrorism and Border Security Act 2019 amongst many other measures was launched to ensure sentencing for certain terrorism offences can properly reflect the severity of the crimes, as well as preventing re-offending and disrupting terrorist activity more rapidly.

This new legislation builds on what had already been introduced for the most dangerous terrorists with a minimum sentence of 14 years but seems to be just pushing the real problem into the future with a little more oversight.  There is nothing obvious from additional deradicalization measures or even a realisation that potentially some convicted terrorists may never be deradicalized. It has and will continue to generate debate and it is unlikely to be long before human rights groups challenge this new legislation.

One thing is clear, the debate will continue, as Lord Carlile, a former reviewer of terror legislation from 2001 to 2011 suggested the plans might have gone too far and warned of a risk of legal challenge to their retrospective nature.

The clamour to find better ways of identifying potential terrorists, deradicalizing those already in the system if that is possible and monitoring those that remain a threat whilst in prison and when eventually released, will continue to increase. Maybe it is also time to recognise that current criminal law is not applicable for some terrorists who can never be deradicalized? However, that would have huge human rights implications in a free and democratic society built on the rule of law.

 

 

 

 

The Science behind the Intelligence – MASINT

The Science behind the Intelligence – MASINT

The Science behind the Intelligence – MASINT

Why have global leaders from the 5 eyes countries started to blame Iran for shooting down Ukrainian airline flight PS752, a Boeing 737-800 from Tehran on Thursday? How would they know not having access to the on the ground investigation? Philip Ingram MBE a former Colonel in British Military Intelligence explains the science behind the intelligence, MASINT.

Talking about the crash, Justin Trudeau, the Canadian Prime Minister, said in a news conference in Ottawa in Canada on Thursday “We have intelligence from multiple sources, including our allies and our own intelligence. The evidence indicates the plane was shot down by an Iranian surface-to-air missile.”

Before that, CBS News in the US said, “U.S. intelligence picked up signals of a radar being turned on, sources told CBS News.”

The UK’s Daily Mail said, “US intelligence says the Boeing 737 was tracked by satellite data which showed the plane airborne for two minutes before detecting the heat signatures of two surface-to-air missiles.

That was quickly followed by an explosion, officials say, before infrared emissions from the plane showed it burning as it crashed to the ground.”

US President Donald Trump said, ‘It was flying in a pretty rough neighbourhood. Somebody could have made a mistake,’ and went on to tell reporters at the White House on Thursday. ‘I have a feeling that something very terrible happened, very devastating.’

The official Iranian line remains the aircraft suffered mechanical failure, so what is the truth and how can we believe reports from unnamed ‘intelligence sources’ that to the nay-sayers will smack of what the Russians love to call – маскировка (maskirovka) or masking. This is “Fake News” in Donald Trump’s vocabulary, at a time when accurately apportioning blame is critical in the international powerplay and need to de-escalate an unfolding crisis.

It was fascinating that CBS first quoted the unnamed intelligence source describing what had been seen from satellites, most of the intelligence derived from satellites is classified at a level of above TOP SECRET simply because the US doesn’t want the world to know what it sees.

The quotes in the press allow me to introduce the little-known world of what is called MASINT, or Measurement and Signature Intelligence, again a discipline where little is released because of the sensitivities of capabilities.  However, the science around what has been mentioned is relatively straight forward and it is that science that gives a degree of certainty as to what has happened.

According to US intelligence publications, “Measurement and Signature Intelligence (MASINT) is technically derived intelligence (excluding traditional imagery (IMINT) and signal intelligence (SIGINT) which when collected, processed, and analysed, results in intelligence that detects, tracks, identifies, or describes the signatures (distinctive characteristics) of fixed or dynamic target sources.  MASINT includes the advanced processing and exploitation of data derived from IMINT and SIGINT collection sources.  MASINT sensors include, but are not limited to, radar, optical, infrared, acoustic, nuclear, radiation detection, spetroradiometric, and seismic systems as well as gas, liquid, and solid material sampling systems.”

From the reporting we have 2 signatures that have been analysed. The first is the “signals of a radar being turned on.” There is no one radar signature that does everything for everyone, different radars are designed to carry out different task, for example a long-range air traffic control radar will use a particular frequency to look out long distances, will rotate relatively slowly looking for objects a long way away and all around it.  Radar uses a radio wave frequency and then analyses how that bounces off a particular object as it moves, using what is called the doppler shift, to work out how that object is moving and where it is relative to the Radar.

There are 3 signatures that are examined with Radars to identify their purpose and unique signature, every type of radar has a unique fingerprint of signals. These are the frequency of the signal it transmits and the way that transmission is coded, what is called the PRF, or pulse repetition frequency, and the rotation (including speed of rotation, if any) of the radar transmitter, some Radars are fixed and some, like those you see at airports, rotate.  Putting all 3 together you can easily classify a radar as “Air Defence, fire control associated with TOR M-1 (SA15),” and rule in or out what the radar is usually used for, i.e. If it is a search radar or a fire control radar.

The second signature is more interesting.  The quote that, “satellite data which showed the plane airborne for two minutes before detecting the heat signatures of two surface-to-air missiles. That was quickly followed by an explosion, officials say, before infrared emissions from the plane showed it burning as it crashed to the ground.” This tells us a lot.

It mentions heat signatures and infra-red signatures, simplifying the science behind these terms they are effectively the same but hide the detail within those phrases.  It is widely reported in scientific journals how astronomers can tell the make-up of a star or the atmosphere around a planet by looking at the different light signatures received by the Hubble, other space or ground based optical or wide spectrum telescopes.  That is looking billions of miles into space and examining the minutest electro magnetic signatures received.  Infra-Red, is merely an electromagnetic signature.

When you burn coal on a home fire it gives off a different heat signature to burning wood or when the fire brigade is using their thermal cameras, through temperature differentials they can see the seat of a fire and in some cases if there are accelerants feeding it.

It is the same with a missile launch, compared to a rocket launch, compared with an explosion.  The spectrum of visible and infra-red radiation detected is different for a solid rocket motor, liquid propelled rocket or an explosive substance going off and these are vastly different to a fuel or oil fire in an engine. For the geeks amongst you the energy released with the breaking of molecular bonds in the fuel or explosive compounds is different depending on the way the molecule breaks down and the excitement of different elections in atoms as they move between different valence levels. Apologies, my degree was in Applied Science from the Royal Military College of Science, and apologies to my old professors for the inaccuracy caused by oversimplification.

If scientists can use these techniques to work out what is happening billions of miles away, it is reasonable to believe that satellites a few hundred miles into space can detect the same and the intelligence analysts make the same conclusions that scientists can. In addition, a rocket, propelling a warhead to a target will ‘burn’, give an Infra-Red signature for a lot longer than an explosive incident that lasts a fraction of a second and then burning debris will have yet another different Infra-Red signature. Again, this is all part of MASINT.  The Lockheed Martin Space Based Infra-Red Surveillance programme (SBIRS) provides the US with such a capability.

Putting all of this together is not a rapid task when it comes to properly identifying a system, putting it together in a way you can release information outside the classifications used with the systems deployed is a challenge. The science is in the public domain, the claims are in the public domain, putting both together is a naturally logical process and this is how I can be confident that the claims made by Justin Trudeau, reinforced by Boris Johnson, initially reported by CBS and now others, are probably true.

This can easily be reinforced by the suspicions raised when the pilots didn’t transmit a MAYDAY, they were probably incapacitated or killed in the missile explosion, the aircraft was new and had been inspected 2 days beforehand reducing the probability of mechanical failure, the crew were experienced and the Iranians have cleared the crash site before international inspectors could get there. Additional intelligence from SIGINT transmission around the time of the incident will probably tell more if, as is likely, Western intelligence can and has intercepted them. I am more certain than not by a large degree that this was a shoot down and almost certainly accidental. The only positive is that it could cause Iran to rethink the need a spectacular event as a revenge for the killing of Soleimani, at the very least in the short term.

 

Philip Ingram MBE is a former Colonel in British Military Intelligence and has studied the science behind many different systems at The Royal Military College of Science bot at degree and masters level. He remains available for comment.

 

 

 

Soleimani – the history and the revenge to come

Soleimani – the history and the revenge to come

Soleimani – the history and the revenge to come

by Philip Ingram MBE

The West’s relationship with General Soleimani and the Iranian Quds force has been chequered and been going on for many years.  There is no doubt he and his organisation, has been responsible for the death and injury of hundreds of British, American and other allied military personnel and civilians over the years.

The excellent BBC documentary released last year, Shadow Commander: Iran’s Military Mastermind, quotes General David Petraeus, the US commander in Iraq, as saying, “We saw Soleimani as a very capable, charismatic, skilled, professionally competent, diabolically evil human being.”   The programme describes how components for the devastatingly efficient killing devices used by the Iranian backed, Sadarist Militias in Iraq, that killed so many – the EFP IED (Explosively formed Projectile, Improvised Explosive Device, the roadside bomb that devastated so many convoys), came from or through Iran and through Quds force networks controlled by Soleimani.

Yet during the same time we read reports of US intelligence operations buying chemical weapons, according to Bush and Blair that eventually never existed, from an unnamed individual in the Amara region of Iraq (under British control) to ensure they didn’t fall into the wrong hands. The operation was called Operation Averice. The BBC documentary was very clear, nothing moved without Soleimani’s Quds force knowledge, none of the commentary has identified the ‘seller’ or where the US taxpayer’s money, used to buy these chemical weapons, went?  It is highly probable it found its way to Soleimani’s Quds force and additional investigations throw doubt on the numbers reported in the New York times. It is believed the actual number of chemical weapons purchased was significantly higher.

There has been little commentary or analysis of the second ‘commander’ killed in the US drone strike, Abu Mahdi al-Muhandis, an Iraqi who commanded the Iranian-backed Kataib Hezbollah group.  That group was hated by many across Iraq, was a designated terror organisation by the US and had been founded by Soleimani’s Quds and used to support the fight against ISIS in Iraq and support Bashar Al Assad’s fight against ISIS in Syria, but only in battles where US supported organisations were not engaged. Complex is an understatement. However, one has to ask over the years, what is the relationship the US and the West has had in any form with Soleimani and his Quds? We can safely assess US taxpayers’ dollars possibly went to them.

Soleimani’s influence, in keeping areas of the Middle East in a less than stable position with the proxy war in Yemen, where his proxy forces are the Houthi’s and are fighting a Saudi led coalition. Additionally, his proxy insurgency keeping Israel occupied with Hezbollah, a long-standing terror exporter and Hezbollah backed militias, is clear. What remains unclear is, charismatic that he was, ruthless and evil that he was, he was one man and will have groomed successors in his own image, to his own thinking, following his own doctrine. He is and was replaceable and has been replaced. We wait to see the cut of the cloth of his successor, but his first task will be planning revenge for the death of his old boss.

So, what will that revenge look like? There has been much speculation and increasing sabre rattling rhetoric with Iran’s supreme leader, Ayatollah Khamenei, warning of “severe revenge” for the attack and referring to Soleimani as having been “martyred;” Khamenei had a close personal relationship with Soleimani. The US Presidents response on twitter was that the US will strike 52 Iranian sites “very fast and very hard” if Tehran follows through with its vow of revenge.

The first thing to recognise about the revenge planning is timescales.  The Iranian culture is such that planning is looked at in multigenerational timescales, not the timescale a Fox News headline or Twitter post, lasts in people memories. That makes potential Iranian responses all the more concerning; they will carefully choose the time and the place, or times and places for their revenge.

The second thing to recognise is that this isn’t a diplomatic issue that can be talked away, this isn’t something that will be forgotten because it was one evil man in the Wests eyes, this isn’t something that a solution could be bought through easing of sanctions or the like.  This is a matter of honour, and national honour for Iran.  This is a matter of honour for the Shi’a people and the military and paramilitary forces of the Houthi’s and Hezbollah.  The conflicts and instability across the Middle East is as much a wider Sunni, Shi’a historical civil war as they are for power in different countries, hence the Quds force involvement supporting the Shi’a fight.  The role of the Quds force is the extension of Iranian influence outside Iran.

The hoisting of a red flag on Jamkaran Mosque, one of the one of the most significant mosques in the city of Qom in Iran, is a significant symbol of this. Red flags, to the Shiite population are traditionally used to symbolise both blood spilled unjustly and serve as a call to avenge a person who is slain. Tradition has it that they can only be lowered when that death has been avenged.

The third thing to recognise is that the Iranians will do very careful consequence management when it comes to revenge attacks.  It is highly unlikely that regular Iranian forces will attack US or UK interests at sea or in the air. It is highly likely that Iranian cyber capabilities will target the west, but that will not be seen as sufficient ‘revenge.’  It is highly likely that Iran will covertly encourage, enable, facilitate terror attacks across the globe using proxy organisations and often without them knowing who is ‘encouraging and enabling them.  None of this will point directly back to Iran but everyone will know who is behind it; I doubt it will cross the threshold for Trumps 52 targets.

The fourth thing to recognise is President Trump has a re-election campaign to run this year and that, with the impeachment trial going ahead, will split his thinking – Iran will be aware of that and will exploit it.

The final thing to recognise is that Iran has proxies with Hezbollah and the Houthis that it can use to carry out a spectacular or several spectacular revenge attacks and Hezbollah have a global reach! Houthi rebels claimed responsibility for the drone strikes on Saudi Aramco facilities, saying 10 drones had been deployed in the attack in September last year. Would similar or more spectacular attacks from them or Hezbollah cross Trumps 52 target threshold?

The Iranians will have noted the Wests response to the nerve agent attack on Sergei Skripal in Salisbury, the Russian ‘rebel’ downing of MH17 in 2014, the US response, or lack thereof in real terms, to the shooting down of a US RQ-4A Global Hawk in international airspace over the Gulf in June last year and more, and will carefully weave this into their revenge planning and who executes the inevitable spectacular ensuring sufficient plausible deniability to reduce the probability of crossing Trumps 52 target threshold.

Two things come out of this. The first is the revenge, when, not if, will have consequences for non-Americans and possibly civilians even though Americans will be targeted.  The second is, the increased chaos and instability, especially in Iraq, compounded by the Iraqi parliament asking for US forces to leave Iraq, is now being exploited by the rump of ISIS and they are regrouping and growing in influence again.

Has the killing of Soleimani in this way made the world safer in any way, evil that was, the answer is no. Could it have been done differently and the same message of ‘we can’t let you continue to destabilise the region’ be sent to Iran, definitely.

 

This blog was written by Philip Ingram MBE, who experienced 13 service personnel killed by Solemani’s IEDs and other weapons when he was in Iraq, a former Colonel in British Military Intelligence.  He is available for further analysis or comment.

 

 

 

Soleimani attack – an oh S**t moment for the world?

Soleimani attack – an oh S**t moment for the world?

Soleimani attack – an oh S**t moment for the world?

***Updated 03 1930Z Jan 20***

The US Secretary of Defense, Dr Mark T. Esper prepared a statement on 02 Jan 2020 outlining the concerns the US had for Iranian backed activities across the region in recent months. Citing concerns with actions in November and through December, the statement was released just after the US carried out an air attack on a convoy leaving Baghdad Airport in Iraq, killing General Qasem Soleimani, the commander of the Iranian Quds force and an Iraqi militia leader Abu Mahdi al-Muhandis, head of the Iranian backed Popular Mobilization Forces, amongst others.

The Iranian Quds force is part of the Iranian Revolutionary Guard Corps (IRGC), set up approximately 40 years ago, answering to the Supreme Leader, Ayatollah Ali Khamenei and separate from Iran’s conventional military who answer to the political government under Iran’s President, Hassan Rouhani. The Quds force themselves are a secretive organisation responsible for irregular and overseas operations and Soleimani will have reported directly to the Supreme Leader, without consultation with the President. In essence, Soleimani is more important than Iran’s President.

So, what do we know?  We know that the US and allied countries have been interested in Soleimani for some time and will have declared him as a ‘High Value Target’ and as such will have a constantly updated targeting pack against him, updated with new intelligence as it came in.  That targeting pack does not automatically mean it is there to kill or capture him, but is continuously refined so any action, could be expedited in a timely manner.

Mark Esper’s pre-prepared statement cites a number of what in military parlance are tactical incidents, puts them into an operational framework and used that to explain a grand strategic action. That is the equivalent of using a Trident D5 missile to crack a nut – the nut will be vapourised, Soleimani was, however, there will be fallout from the immediate blast and shock wave, immediate damage from the radiation and then longer-term implications from the radioactive fallout!

It has to be said at the outset, that the Quds force have been responsible for many atrocities across the region resulting in the deaths of many Americans and innocent people.  They are ruthless, capable and operate outside any legal or moral compass we would recognise in the West and have infiltrated many organisations across the Middle East and further.  They are the main element enabling a proxy conflict with the Saudis in Yemen.  Their wider destabilising influence has regional (operational) and global (strategic) implications that have been going on for too long.  The Quds force are seen by many as a state-owned terror organisation, but they are so much more. They are a mixture between the Russian GRU, the CIA of the 1970’s, Mossad and a global terror organisation and have an influence and autonomy far beyond their size an Iran’s political and military needs.

It seems that Soleimani was tracked on a flight from Damascus in Syria to Baghdad whilst Abu Mahdi al-Muhandis was tracked in a convoy going to meet his flight and pick him up.  It is probable that they both were being tracked using human intelligence (HUMINT) and signals intelligence (SIGINT) with a degree of fidelity that gave their exact movements and planned movements to the US intelligence machinery allowing the targeting pack to be updated.  Given the actions against the US embassy in Baghdad over the proceeding days, coordinated by Abu Mahdi al-Muhandis militias, that targeting pack, and any options, would have been discussed at least daily.

The US will not have reacted without thinking through the implications and briefing those to the executive decision maker.  The response to the downing of a US RQ-4A Global Hawk in international airspace by IRGC forces in June 2019 was measured and proportionate, designed to minimise any potential escalation. The response was a cyber-attack on Iranian air defence assets. The equivalent of a slap on the wrists.

However, given what was going on with the US Embassy, the deployment of troops from Kuwait to protect the Embassy, the deployment of additional troops from 82nd Airborne Division into the region to reconstitute a reserve the decision making process and review process will have been at the forefront of President Trumps mind.  It is widely reported that President Trump gave the order personally and given the profile of the target that is what would be expected.

However, that does not necessarily mean it was the preferred option of the US military of diplomatic corps. President Trump is known for having premade up his mind before he speaks to his advisors, he has stopped listening to regional specialists and has ensured his inner circle of advisors are what can only be described as sycophants.  He will have been running an emotional high from his concerns about the US embassy in Baghdad.

I am reminded of a UK General, just back from Afghanistan who I briefed weekly on Afghanistan intelligence matters. One brief indicated that the Taliban were changing their tactics from conventional military type attacks to more IED based attacks as they couldn’t sustain their casualty rate. The General ‘blew his top’ in public with me accusing me of inventing “defeatist intelligence reporting” and ordering me never to say such things again as he had been there, and he knew that would never happen.  I do hope he has the moral courage to look the families of all those who died to IEDs and admit he was wrong, he never said it to me, and I didn’t stop my assessments from my intelligence enabled perspective, bollockings or not.

At this stage we do not know if President Trump properly listened to and took heed of wider fall out, or if he shot from the hip!  A statement from the UK Foreign Secretary, Dominic Raab, said “We have always recognised the aggressive threat posed by the Iranian Quds force led by Qasem Soleimani. Following his death, we urge all parties to de-escalate. Further conflict is in none of our interests.”

This is a clear indication that the UK knew nothing of the attack beforehand, wants to show support to its ally the US and then run for the bunkers! Iran cannot and will not let this go.  In a statement appointing Soleimani’s successor the supreme leader describes his death as “martyrdom of the glorious general,” in a previous statement announcing three days of mourning he said “severe revenge awaits the criminals” behind the attack.

It is probable that there will be several layers of retaliation; the immediate, a decisive act and then long-term actions, just like the Trident analogy I mentioned. The immediate will be to show strength and will probably happen just after the 3 days of mourning. It will be decisive act will be to send a clear message to the US that Iran will not stand back and do nothing and is likely to be spectacular in nature. Then we will possibly see a massive increase in proxy terror using AQ, ISIS and other organisations, often without their direct knowledge, as plausibly deniable outlets targeting terror at the US and its allies across the globe.  Alongside we will likely see greater cooperation’s with the Russians and increasing activity in the proxy wars across the region including in Yemen.

A key question is, is the killing of this commander, evil that he is, going to make things safer for US troops, diplomats or other personnel within the Gulf region? To answer that it is worth asking if the threat comes from one man, and the answer clearly is no? The Quds force is approx 15,000 strong and as an organisation it is bigger than one personality. Soleimani has been replaced already, so the Quds Force activity will continue but now with greater murderous intent and a cause to seek revenge for. So, the killing of one man and his entourage in reality, has made the region and the world a more dangerous place for US interests and the interests of their allies. Mike Pompeo’s assertion that  the US airstrike that killed Qasem Soleimani was to disrupt an “imminent attack” could be true in the very short term however, his statement that Americans “are safer in the region” after the strike and demise of Soleimani is definitely not true.

Two things are certain, we don’t have the full picture and the world has suddenly become a less safe place.

 

This blog was written by Philip Ingram MBE, a former Colonel in British Military Intelligence who has served in and studied the Middle East from a wider intelligence perspective.  It will be updated as new information emerges.

 

 

 

 

 

Pokémon Go, a beta tested espionage project?

Pokémon Go, a beta tested espionage project?

Pokémon Go, a beta tested espionage project?

To begin to understand where I’m coming from, we have to look at a little of the history behind a game that came out of nowhere, took the world by storm before going quiet.  However, given the hype it has created a market and momentum it created all of its own, it seems to be coming back.  It is always worth starting with a little history.

In 2001, a company called Keyhole Inc. was founded by John Hanke whose first job out of college was in a foreign affairs position within the U.S. government before he moved into the technology industry. Keyhole was an interesting choice of names as the name “Keyhole” is a homage to the KH reconnaissance satellites, the original eye-in-the-sky military reconnaissance system now some 50 years old.

Keyhole Inc. was a pioneering software development company specialising in geospatial data visualisation applications, it was acquired by Google in 2004 for $35 million. It was initially launched as a spin-off from a company called Intrinsic Graphics with initial funding coming from a Sony venture capital fund and others, with additional capital coming from the US graphics giant NVIDIA bundling deal including a company called In-Q-Tel.

The name, Keyhole combined with In-Q-Tel involvement starts to make the history of Pokémon Go very interesting in deed. In-Q-Tel was widely billed as the venture capital arm of the CIA and the majority of the funds it used for its venture with Keyhole came from the National Geospatial-Intelligence Agency (NGIC). Other funding came from the angel investor Brian McClendon who later became a VP with Google, when they acquired Keyhole, before moving to Uber.

The link between Keyhole and In-Q-Tel wasn’t as sinister as it could first seem when you understand the project that Keyhole was working on.  It was called Earth Viewer which later became the widely used opensource mapping and imagery tool, Google Earth when Google acquired Keyhole in 2004.

In 2010, the company behind Pokémon Go was founded, initially inside Google, by Keyhole’s founder, John Henke.  As it launched the initial game allowed a lot of activity for players for free which meant it quickly went viral across the globe; there were news storied of people chasing high priced ‘monsters’ all over the place and a rush to see who could get them all first.  There was no obvious revenue stream that would pay for this ground-breaking, complex interactive game.

Working on the principal that you get nothing for free the only answer to the lack of obvious revenue is you paid in some other way, and that way had to be data. So, on launch, if we look at the data the game could access on any facility, (spook speak for a phone, tablet, laptop or computer associated with an individual), we get a list of what, when you click install and accept terms, you have just allowed the app to access on an android device:

Identity

  • Find accounts on the facility

Contacts

  • Find accounts on the facility

Location

  • Precise location (GPS and network-based)
  • Approximate location (network-based)

Photos/Media/Files

  • Modify or delete the contents of your USB storage
  • Read the contents of your USB storage

Storage

  • Modify or delete the contents of your USB storage
  • Read the contents of your USB storage

Camera

  • Take pictures and videos

Other

  • Receive data from the internet
  • Control vibration
  • Pair with Bluetooth devices
  • Access Bluetooth settings
  • Full network access
  • Use accounts on the device
  • View network connections
  • Prevent the device from sleeping

So, what the game app can do with no difficulty is identify:

  • Where you are
  • Where you were
  • What route you took between those locations
  • When you were at each location
  • How long it took you to get between them
  • What you are looking at right now
  • What you were looking at in the past
  • What you look like
  • What files you have on your device and the entire contents of those files
  • What other facilities you are connected to
  • Access the data via Bluetooth and network connections on those other facilities

My next step was to look at the terms and conditions to see what was being done with all of this data.  I have used extracts to illustrate certain points and those extracts have been italicised for clarity, there are the boring T’s and C’s but worth a scan!

 Information Collected Using Cookies and other Web Technologies:  Like many website owners and operators, we use automated data collection tools such as Cookies and Web Beacons to collect certain information on our Site.

We may use both session Cookies and persistent Cookies to identify that you (or your authorized child) have logged in to the Services and to tell us how and when you (or your authorized child) interact with our Services.

Some third-party services providers that we engage (including third party advertisers) may also place their own Cookies on your hard drive.

“Web Beacons” (also known as web bugs, pixel tags, or clear GIFs) are tiny graphics with a unique identifier that may be included on our Services.

In essence, you agree to data collection capabilities to be put on the facility with the app and give it access to almost everything.

Information Related to Use of the Services:  Our servers automatically record certain information about how a person uses our Services. This may include information such as a User’s Internet Protocol (IP) address, user agent, browser type, operating system, the web page that a User was visiting before accessing our Services, the pages or features of our Services to which a User browsed and the time spent on those pages or features, search terms, the links on our Services that a User clicked on, and other statistics.

Information Sent by Your Mobile Device:  We collect certain information that your (or your authorized child’s) mobile device sends when you (or your authorized child) use our Services, like a device identifier, user settings, and the operating system of your (or your authorized child’s) device, as well as information about your use of our Services while using the mobile device. We may use this information to provide the Services and to improve and personalize our Services for you (or your authorized child).

And the team are great, they tell you they are going to assess everything.

Location Information:  The App is a location-based game. We collect and store information about your (or your authorized child’s) location when you (or your authorized child) use our App and take game actions that use the location services made available through your (or your authorized child’s) device’s mobile operating system, which makes use of cell/mobile tower triangulation, wifi triangulation, and/or GPS. You understand and agree that by using our App you (or your authorized child) will be transmitting your (or your authorized child’s) device location to us and some of that location information, along with your (or your authorized child’s) username, may be shared through the App. For example, when you take certain actions during gameplay, your (or your authorized child’s) username and location may be shared through the App with other users who are playing the game. We may also use location information to improve and personalize our Services for you (or your authorized child).

They also tell you they will track you through your facility and the cell towers and wifi you use, gathering all of that data.  Think of the threat to your home router or the work routers?

International Transfer: Your (or your authorized child’s) PII may be transferred to, and maintained on, computers located outside of your state, province, country, or other governmental jurisdiction where the privacy laws may not be as protective as those in your jurisdiction. If you’re located outside the United States and choose to provide your (or your authorized child’s) PII to us, we may transfer your (or your authorized child’s) PII to the United States and process it there.

And the ‘coup de grâce’ is the data will be transferred to the US for processing (there is an opt out clause, but it is buried and goes on to say if you do, the game won’t work (I paraphrased it.)

So what?

The US Foreign Intelligence Surveillance Act describes procedures for physical searches and electronic surveillance of activities of foreign entities and individuals where a significant purpose of the search or surveillance and the collection of information is to obtain “foreign intelligence information.” The term “foreign intelligence information” is defined to include information that relates to actual or potential attacks or grave hostile acts of a foreign power or an agent of a foreign power, sabotage, international terrorism, weapons of mass destruction, clandestine intelligence activity by or on behalf of a foreign power, or similar issues.

The Patriot Act enlarged the scope of the existing law to apply when “a significant purpose” of the search or surveillance is the collection of foreign intelligence thereby bringing the sort of capability provided through Pokémon Go into the legal statute for intelligence collection.

The FISA was amended in 2008 through the FISA Amendment Act (FAA) to permit the U.S. Attorney General and the Director of National intelligence to jointly authorize the targeting of non-U.S. persons reasonably believed to be located outside the United States, in order to acquire foreign intelligence information.

In essence by signing up to Pokémon Go, developed through a linke to US intelligence agency money, designed to encourage taking pictures where high priced ‘monsters’ appear whilst giving access to your location data and all of the data on your facility, with lots of play before revenue streams appear to start asking for money, you are asked to believe it is just a game?

Hell, if as a spook I had thought of it, getting a 9-year-old to take a picture of a top-secret entrance to an intelligence facility without putting a special ops team on the ground, would I do it? Yup, I would.

Does this mean Pokémon Go is an intelligence gathering tool for the US Government, nope, but the T’s&C’s at release mean it could be and it is a great example of what apps on facilities can do and if you don’t know who has developed them what are you losing to the world?

We worry about Huawei hardware, given the proliferation of app technology, we don’t need to worry about the hardware at all as it is not the issue and this blog is merely an illustration of what could be happening; or is it…………  A Happy New Year to all.