The Government’s New Three-Letter Agency Is Coming...
The FBI. The CIA. The NSA…
You’ve heard of these “three-letter” agencies. But I bet you haven’t heard of a brand-new three-letter agency that’s set to hit the government budget by the end of 2015…
To put it plainly, a plan is already in motion to create a brand-new three-letter agency focused solely on cyberwarfare and terrorism, and I’ve uncovered a company in my Military Technology Alert that’s likely to be a key contractor to the new organization. We’re talking about a huge contract, with plenty of upside, short term and long term.
I didn’t think this day would come anytime soon, but in the wake of China’s massive hack of the federal Office of Personnel Management (OPM) last month, both the White House and Congress appear to have woken up. They seem to get that this is the cyber equivalent of the USSCole attack in 2000, which should have alerted us to the danger of Islamic terrorism in time to act.
As one member of the House Intelligence Committee recently told TheWashington Examiner, “If you look back at 9/11, we had too many stovepipes — and now we’re in the exact same position with regard to cyber threats.”
In other words, an entire spectrum of government offices are doing cyberdefense, but they’re all using different models, and none of them are talking to each other — eerily like the intel community in the late ’90s–2001.
But this time, it’s going to be different. The government is starting to do what it ought to have done for terrorism in 2000 — the bosses are going to create a special group to deal with the exploding problem. There’s plenty of precedent here, but the right resources usually get to the right place only after halfway measures fail. Here are just a few examples:
- After the Secret Service and the U.S. Treasury proved unable to run a national investigative group,the FBI was founded in 1908
- After the government proved its foreign espionage skill set with Office of Strategic Services during WWII, the CIA was born in 1947
- After the Armed Forces Security Agency proved useful, the government decided to expand its role, and the NSA was created in 1952
- After 9/11, the government took duties from other agencies, with the mission of preventing another terrorist attack, andthe Department of Homeland Security was established in 2002.
This time, the government is moving to create a new agency for Fifth Domain of War operations — cyberattacks and cyberdefense — hopefully, before the “big one” hits (although one can argue that the above-noted OPM hack was pretty big). And in the past, each time government created a new agency, there was a need to fund it. As with all things Fifth Domain, government will require help from the private sector — that’s where your opportunity comes in.
I’ve vetted many leading contractors that might help this new agency fulfill its mission and found one standout company for you. As the government moves American cyberdefense into the 21st century, they could deliver gains of at least 33% in just three months to strategically positioned investors… with practically unlimited upside to come.
Let’s get started on this fast-moving story…
Last month, we learned that the Chinese stole personal data on upward of 21.5 million current and former federal employees, as well as applicants, including names, addresses, Social Security numbers — even past addresses, school transcripts, lists of friends and acquaintances, travel and medical history and more. It’s the kind of personal information that foreign intelligence organizations can use to blackmail officials or uncover U.S. operatives overseas.
It’s a mess, and this is not a one-off kind of event.
The fact is the amount of damage dished out against U.S. government and private-sector networks lately is unprecedented — up 15% year over year. Why is it getting worse now? And is anything being done about it?
For one, the rate and skill of attacks is accelerating because our adversaries are getting better. China and Russia are finally seeing their own “tech booms,” decades after the U.S. went through its own in the 1990s. Here in the U.S., a lot of super-smart techies migrate to Silicon Valley; in Russia and China, the smartest techies are “invited” to work for national intelligence services. Thus we see that the playing field is becoming more level among state actors.
Second, a lot of viruses are for sale on the black market these days. Gone are the days when a terrorist group had to recruit politically motivated programming geniuses in order to launch massive cyberattacks. Now they just need enough money.
Meanwhile, our countermeasures are improving at a slower pace, with broad failures in execution as well. What do I mean?
Long story short, U.S. cyberdefense is a hodgepodge affair. Practically every branch of the armed services and every major government agency has people devoted to detecting and defeating cyberthreats. But so far, they haven’t talked to each other much. Part of it is just old-fashioned compartmentalization and that characteristic “spook” mentality of not talking much.
Another angle is that seldom do disparate agencies or cells use the same systems and protocols to keep hackers and viruses out and sensitive data in. Everybody bought their particular systems — hardware and software — at different times, from different vendors, with different training and more.
Day to day, a mere 51% of government emails are encrypted, for example. Such uneven security is ripe to be compromised. Sensitive data only have to reach one unsecure computer or unsecure email account to get leaked.
Heck, I recently learned of a severe hack against a key government agency in which the “back door” was a temporary account set up to pay a vendor whose only role was to fix the heating and air conditioning system. Yet those clever foreign hackers managed to penetrate the main system via the purchase orders of the ventilation guy. Astonishing!
As I noted, drawbacks to this “grass-roots” cyber approach were brought harshly to light with the recent hacking of the federal Office of Personnel Management database. Chinese hackers got away with sensitive personal information — and, more importantly, information on security clearances — for every current and many former federal employees (including me).
Whoa, talk about a big score! Too bad we were the “whale.”
An even worse example of poor interdepartmental coordination occurred the month before, when hackers believed to be in Russia penetrated an unclassified White House computer network. The worst part? Members of Congress only found out by reading about it in The Washington Post!
The Associated Press gives the best summary of the situation (emphasis mine):
At a time when intelligence officials say cybersecurity now trumps terrorism as the No. 1 threat to the U.S., an AP review of the $10 billion-a-year federal effort to protect sensitive data shows that the government struggles to close holes without the knowledge, staff or systems to keep pace with increasing attacks by an ever-evolving and determined foe.
It’s not just more egg on the faces of our national leaders. It’s a real failure of national security and strategic thinking.
But it looks like things are about to change.
Until now, the federal government and Department of Defense have been reactive and haphazard in their approach to cyberdefense. But as I said, plans straight from the president’s desk are being set in motion that could finally put American cyberdefenses on the right track by finally creating an independent agency to manage the country’s cyberdefense.
For in-the-know investors, this is a huge opportunity. Behind the scenes, things are changing. U.S. leaders are finally waking up to Fifth Domain threats as embarrassing hacking stories hit the news cycle almost monthly.
Here’s my prediction: In 2015, the U.S. will move toward making a totally new three-letter agency focused solely on cyberwarfare and terrorism, one that will control all U.S. cyberdefenses under one roof. Maybe they’ll call it the CSA (Cyber Security Agency) or maybe they’ll call it CDA (Cyber Defense Agency). I’m not sure… but it’s coming.
The first word came on Feb. 10, 2015, when Lisa Monaco, homeland security and counterterrorism adviser to President Obama, announced the creation of a new federal task force to coordinate the defense of America’s cyber home front, the Cyber Threat Intelligence Integration Center (CTIIC). If the history of federal agencies we looked at above teaches us anything, it’s that this is probably the first step before a full-fledged agency is created.
“But,” according to The Hill, “some have questioned the government’s ability to staff the CTIIC, given the ongoing shortages of federal cyber employees. The White House said… it anticipated the CTIIC would consist of roughly 50 employees ‘drawn from relevant departments and agencies.’”
Fifty employees? Are you kidding? Compare that against the number employed by any one of the cyberdefense groups the new agency is supposed to coordinate and you’ll see that they’re leaving out a big part of the picture. If the new organization is ever expected to get anything accomplished, it’ll require more worker bees, at the very least a small army of private contractors. This center will have to grow to fulfill the new mission that Congress has in mind.
That is, last month, after revealing the extent of the hack on the federal employee OPM database, the White House and Congress began urgently discussing CTIIC again, rehashing the role of the new agency. The latest whispers on Capitol Hill only reinforce my belief that we’re seeing the foundation of a new central cyberdefense agency.
A new bill in the House would designate the new agency “the primary organization within the federal government for analyzing and integrating all intelligence possessed or acquired by the United States pertaining to cyberthreats.”
Get that? “Primary.” There’s no way the primary counter-cyber center in the U.S. will run with 50 employees — it probably won’t keep the CTIIC name either. Especially if in the near term it transforms into the full-fledged three-letter agency this country really needs to deal with cyberthreats. It will need more staff, more equipment, more experience — you name it.
The quickest and cheapest way to meet its new mission requirements would be hiring help from the private sector.
This is where the investment opportunities are. Again, I predict this trend could return 33% in three months. I’ve been outlining the individual play for my Military-Technology Alert readers. I’m going to keep the tickers under wraps out of respect for my paid-up readers, but I invite you to join us, right here.
P.S. Be sure to sign up for The Daily Reckoning — a free and entertaining look at the world of finance and politics. The articles you find here on our website are only a snippet of what you receive in The Daily Reckoning email edition. Click here now to sign up for FREE to see what you’re missing.