Return-Path: <sentto-279987-2510-1001737347-fc=all.net@returns.onelist.com> Delivered-To: fc@all.net Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Fri, 28 Sep 2001 21:24:07 -0700 (PDT) Received: (qmail 884 invoked by uid 510); 29 Sep 2001 04:23:47 -0000 Received: from n11.groups.yahoo.com (216.115.96.61) by 204.181.12.215 with SMTP; 29 Sep 2001 04:23:47 -0000 X-eGroups-Return: sentto-279987-2510-1001737347-fc=all.net@returns.onelist.com Received: from [10.1.1.223] by n11.onelist.org with NNFMP; 29 Sep 2001 04:23:31 -0000 X-Sender: fc@big.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-7_4_1); 29 Sep 2001 04:22:26 -0000 Received: (qmail 50611 invoked from network); 29 Sep 2001 04:22:26 -0000 Received: from unknown (10.1.10.26) by 10.1.1.223 with QMQP; 29 Sep 2001 04:22:26 -0000 Received: from unknown (HELO big.all.net) (65.0.156.78) by mta1 with SMTP; 29 Sep 2001 04:23:30 -0000 Received: (from fc@localhost) by big.all.net (8.9.3/8.7.3) id VAA23816 for iwar@onelist.com; Fri, 28 Sep 2001 21:23:29 -0700 Message-Id: <200109290423.VAA23816@big.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL1] From: Fred Cohen <fc@all.net> Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Fri, 28 Sep 2001 21:23:29 -0700 (PDT) Reply-To: iwar@yahoogroups.com Subject: [iwar] [fc:How.Have.Events.Affected.Your.Analysis] Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit How Have Events Affected Your Analysis [FC - Anonymized for your protection] In the nearly three weeks that have passed since the terrible events of September 11th, I've wondered how the profession of criminal intelligence analysis has been altered, both in the US, and overseas. This list comprises, according to what I believe Ray Sanford last reported some days ago, over 1700 members internationally. Now of course we recognize that not everyone on this list is, or ever has been a member of the law enforcement community, either as a badge carrier or as an analyst. Yet, our daily message traffic since Sept 11th still focuses on issues relating to the daily routines of our jobs, ie, crime mapping, usage of software programs, training and the unfortunate, but constant bickering between certain list members who are disinclined to accept different points-of-view. What I would like to know, without going into intimate detail or without revealing sensitive law enforcement operations security, is how the attacks have altered and/or changed your way of doing business. I believe such a discussion on this list would make for an informative, professional exchange of views that would actually be helpful to others on the list. Our President has explained we are not fighting a conventional war but an unconventional core of international killers who cross borders with stealth and hide in the shadows. Should criminal intelligence analysis now become a bit more "unconventional" as well? By now, we all know that the killers of Sept 11th resided in our communities nationwide, (and in some cases, internationally), (several lived within 20 minutes of my home here in Northern Virginia); they integrated themselves within our communities and were invisible to law enforcement because of their consumate law abiding behavior. Nevertheless, in hindsight, we are learning numerous details, albeit disjointed in some cases and unrelated in others, that could have been collected and possibly documented had anyone taken the interest. Certain members of this list occasionally point out the value of analytic techniques taught in certain courses or derived through particular experiences. Processes such as automated or non-automated link analysis, certain data mining methodologies and other similar conventions are but a few of the subjects that have significant meaning to criminal intelligence analysts and could have been applied prior to the events of Sept 11th by anyone. Now I wonder whether such analytic conventions are being re-evaluated throughout law enforcement because of the post-Sept 11th disclosures that many of the hijackers were involved with counterfeit licenses for the trucking of hazardous materials as well as possible uses of crop dusters for the disbursement of chemicals throughout our nation. The list of potential threats to our nations and their infrastructures is infinite and clearly, this list is not the place to go into minute details regarding how we've enhanced our respective physical security requirements. But as we note now, many laws were violated by these bad guys in their acquisition of false credentials; their immigration violations; their transmittal of funds and probably thru numerous other areas. These transgressions now deserve not only federal attention but local attention and such a discussion among this list of analysts might be helpful not only individually but collectively to anyone currently overwhelmed with information overload. Among the professionals on this list, some discussion could reasonably take place regading how their intel analysis methods are changing to meet the new threat in our nations. This represents a far more valuable and informative discussion than the trivial arguments we still observe on a nearly daily basis. In my particular case, I've been collaborating with another individual in collecting what data I can regarding the events of Sept 11th as well as post-Sept 11 disclosures, with an ultimate objective of applying Visual Investigative Analysis and possibly Link Analysis to the events and potentially determining facts that may not already be clearly known. I have no visions of grandeur regarding this monumental task as all the national and interntional law enforcement and intelligence agencies that can be involved in this case, are involved and are probably doing much of the same thing. And with their access to far more detailed and classified information than I, they can easily derive far more extensive analytic products than I and my collaborator. Nevertheless, it won't hurt for me to do this and attempt to make my minor contribution. Whether it makes a difference or not is not my objective, for in this business, as many of us know and understand, the objective is sometimes a bit murky and ambiguous. What we do individually is not important. It is what we do to contribute to the big picture that IS important! In conclusion, these are my comments. Perhaps some of you out there, whether in the US or overseas, have your own views you wish to share with the list. I think these discussions could be very meaningful and helpful so long as we stay focused and no one takes a personal swipe at anyone for an opinion or comment. ------------------------ Yahoo! Groups Sponsor ---------------------~--> Pinpoint the right security solution for your company- Learn how to add 128- bit encryption and to authenticate your web site with VeriSign's FREE guide! http://us.click.yahoo.com/yQix2C/33_CAA/yigFAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-09-29 21:08:51 PDT