We’ll be hosting a webinar with security expert Jeffrey Carr where we’ll demonstrate how Recorded Future can be used to gather cyber intelligence from open source.

Date: Tuesday, January 31, 2012
Time: 11am Eastern; 8am Pacific
Duration: 1 Hour

Register online

Topics we’ll cover include:

• How Recorded Future offers the only solution which can immediately harvest, cluster, and surface predictive signals from unstructured text
• How Recorded Future makes available what the world knows about the future by aggregating forecasts and predictive signals from across the web
• How advanced data visualization tools support patterns of behavior research, forecasting, and identification of influential relationships between entities
• How temporal reasoning partnered with entity and event extraction can be used on the public web or in private, secure clouds
• A live demonstration of open source research on cyber threats including the evaluation of state and non-state threats, corporate security measures, and the sequence of events surrounding Iran’s capturing a RQ-170 drone

Pop over to Drew Conway’s blog Zero Intelligence Agents and check out his latest post “Who are the most central members of the China’s leadership as we enter 2012?” Drew is a PhD student in political science at New York University. Drew studies terrorism and armed conflict; using tools from mathematics and computer science to gain a deeper understanding of these phenomena. He analyzed a massive amount of Recorded Future data gathered from open source, did some math magic and came up with a pretty compelling analysis.

What is the regional significance of Hezbollah working with the drug cartels? Let’s consider Hezbollah’s cell activity in Latin America and examine its relationship with the cartels.

The issue has increased in momentum over the past few months

US websites dedicated to border issues and even one of the Republican presidential candidates mentioned the “significant and imminent threat of the Iran-Latin America nexus”. Others have indicated that Hezbollah functions as a sort of insurance policy for Iran in those regions. The state can fund the terrorist group and still exercise plausible deniability in the event of a major attack. Iran perceives its support of Hezbollah as a way to pressure the United States within its strategic sphere of influence in the Americas.

Some sources have said that the strengthening relationship between Iran and Venezuela has increased Hezbollah’s influence in the region. Both leaders are staunchly anti-American, and it is reasonable to think that they would pursue activities that would undermine US interests. Roger Noreiga, the same official that warned of an attack by Hezbollah, indicates that Venezuela, “has allowed Iran to mine uranium” and that Venezuela’s Margarita Island has eclipsed the infamous TBA as the principal safe haven and center of Hezbollah operations in the Americas”. This is particularly disturbing as Iran is suspected of pursuing a nuclear weapon while simultaneously funding Hezbollah close to the US border. Therefore, there major concerns that if Iran obtains a nuclear weapon it might share the weapon with Hezbollah.

There are two major Hezbollah networks operating in the Americas under the direction of the Iranian Quds Force. The first is the Nassereddine network, operated by a former Lebanese citizen that became a Venezuelan and is now the second-ranking diplomatic official to Syria. He currently resides on Margarita Island and runs money laundering operations for the group. The other network is purportedly run by Hojjat al-Eslam Mohsen Rabbani, a culutral attaché from Iran who is involved in various recruitment activities and frequently travels under false papers in Latin America. The two networks together make up the majority of Hezbollah’s activity in the Americas.

Now back to the cartels. Why is the link between Hezbollah and Los Zetas so important? The main concern is that if Hezbollah and Los Zetas are cooperating on drugs (which they are to the tune of hundreds of millions), then why would they not cooperate on weapons? Hezbollah and other extremists may be willing to export their knowledge of IEDs to the cartels. The relationship between Hezbollah and Los Zetas appears to have already expanded beyond drugs. In October 2011, the US authorities revealed that there was an attempt made by Iran to assassinate the Saudi ambassador on US soil.

It looks like Los Zetas was intricately involved with Iran in this and other related plots, “The alleged plot also included plans to pay the cartel, Los Zetas, to bomb the Israeli Embassy in Washington and the Saudi and Israeli Embassies in Argentina, according to a law enforcement official…The plotters also discussed a side deal between the Quds Force, part of Iran’s Islamic Revolutionary Guards Corps, and Los Zetas to funnel tons of opium from the Middle East to Mexico”. Other information that we have found would corroborate the existence of a relationship between Hezbollah and Los Zetas.

There are also some analysts that think that the entire relationship should be played down and that Hezbollah’s influence is overplayed. James Bowsworth of the Christian Science Monitor downplays the relationship saying,

“The case is notable for having all the key words that people get excited about: Hezbollah! Terrorist-financing! Cocaine! Zetas! Venezuela! And all of that appears to be true. At the same time, in spite of all the red flag key words, the details within these articles and the indictment show how the US government can deal with the issue of Hezbollah in the hemisphere without panic and over-reaction”

In the early morning of November 26^th, US military aircraft struck a (previously identified) Pakistani border outpost resulting in 42 Pakistani Military casualties. With a total of 28 dead and 14 seriously wounded, this incident qualifies as the single most deadly cross-bor

der attack on a Pakistani military position since the beginning of the US lead war in Afghanistan.  As a result, Pakistani officials have announced the permanent closure of NATO supply lines into Afghanistan. In addition, the Pakistani government promptly ordered the departure of US persons from the Shamsi air base; which, has reportedly been utilized for the launch and recovery of UAV’s (unmanned aerial vehicles).

The Data

I prefer to keep things simple so after a little keyword experimentation I searched “Islamic Republic of Pakistan” and “drone” and “strikes”. I felt that this combination would best identify past cross-border incursions; even when drones aren’t involved, they’re nearly always referenced.  To have a solid data set to work with I queried from January 1^st 2009 through December 31^st 2012.

What I end up with is the chart below, which has plenty of data and a wonderful view of the momentum and negative sentiment trend lines. To provide a better view of the trending, I’ve included a second chart with the events deselected.

A thorough review of all the events supports an increase in momentum, not surprising, after a drone strike in Pakistani territory. Interestingly, there’s no direct correlation between the large spikes in negative sentiment and civilian and/or Pakistani military casualties. Subsequent searches revealed these spikes typically occurred during times in which the Pakistani government was being criticized, for one reason or another, by the US government. That’s a completely different problem set, but the following analysis was derived from the information obtained via Recorded Future, which quickly permitted me to view similar past events, reactions and outcomes.

Analysis

It’s important to understand that the Pakistani version of an outpost is substantially different from the typical US outpost and often consists of nothing more than hastily dug positions and/or dirt berms. Now this particular border outpost is well within Pakistani territory, located approximately 2.5 kilometers from the Afghanistan border, in the FATA (Federally Administered Tribal Area). The FATA border area is extremely volatile and has long been a point of contention between Pakistani and US Forces, with regular exchanges of small arms fire and occasional strike missions involving US military aircraft. I want to be clear when I state that it’s very common for Pakistani border forces to initiate contact with US troops. Regardless, most of these instances occur during the hours of low visibility when it’s often difficult to distinguish friend from foe. Similarly, complex tribal affiliations and the often not-so-subtle support for and intermingling with militants can further complicate matters.

What if this wasn’t a matter of confusion? To further speculate, it’s possible that a high value target was identified as having been at that location. Due to political sensitivities such an operation would have to have direct approval from the office of the POTUS and would require an extremely high degree of confidence. It’s unlikely that such a sensitive operation would ever be publicized but in my experience, it’s entirely plausible. Given the scenario and increasing political tensions however, it’s equally likely that influential elements within the FATA and/or the Pakistani government intentionally provoked a military response and ensured its escalation. This may sound like a conspiracy theory but there are certainly people out there with much to gain from the growing tensions and political turmoil between the US and Pakistani governments.

The timing of this couldn’t have been better…errrr…worse rather. There’s been an extraordinary amount of political tension between the US and Pakistani governments. The tension was steadily building but the US special operations cross-border raid deep into Pakistan targeting Usama Bin Laden accelerated an already declining relationship. The Pakistani government has openly opposed cross border drone strikes that have always, publically, been a point of contention not to mention a sometimes-political diversion. In previous instances in which border incursions resulted in high civilian casualties, the Pakistani government was quick to publically condemn such strikes. Similarly, it’s common for supply lines to be temporarily closed as a show of strength.

So what happens this time? Well… very likely the same thing that’s happened every other time a similar situation has occurred. From the Pakistani governments perspective, the response needed to be fast, appear tough and demonstrate attacks against Pakistani forces will not be tolerated. The government needs to maintain its sovereignty in the eyes of the people. Similarly, they need to appease tribal leaders as well as the militant elements that could threaten the capitals stability. On the surface, at least from my perspective, this has been achieved. NATO supply routes will be closed and perhaps for a longer period than before, but they’ll inevitably reopen until the next blatant breach of sovereignty. The US was already scheduled to depart the Shamsi air base in June of 2012, so this is more of an inconvenient show of power that at most will reduce the dwell time of the drones and whatever other aircraft are being utilized. There’s no real comparison for this scenario but I suspect this deadline will be extended but not announced. Lastly, I suspect the video from the aircraft involved will be provided as proof that US forces did not initiate contact and were in fact responding to hostile actions.

If you’re interested to try Recorded Future, sign up for a free 14-day trial.

A recent report from the IAEA on Iran’s alleged efforts to develop nuclear weapons heightened speculation of over Israel making a preemptive strike on Iranian nuclear facilities (action that may seem even more real given speculation about a recent explosion at an Iranian missile site over the weekend).

However, the recency effect can sometimes be blinding in a conflict as perpetual as this one. The most current threat always seems riskier than the last one. And anyone that even casually follows this issue knows that Israel has threatened Iran before, and even allegedly sabotaged its rivals’ nuclear development through assassinations and cyber warfare.

So, in evaluating the prospects of any near term action, it’s at least worth putting the most recent media coverage of a preemptive Israeli attack in perspective. The image below shows a timeline of references from the last three years related to Israel striking Iran over nuclear weapons concerns.

Threats from the last two weeks are clearly not the first of their kind, but one of several flare ups in the ongoing security conflict for both countries. And while emotionally charged rhetoric drives media coverage today, it often fails to provide the supplemental information that similar threats from Israel took place almost exactly a year prior.

Outside of evaluating the density of media coverage during recent years, there are other ways to contextualize the significance of this most recent threat of military conflict between Israel and Iran. For example, who are the figures out there talking about this issue?

Using the same timeframe, 2009-2011, we can identify individuals discussing the combination of Iran, Israel and nuclear weapons capabilities.

Using the time slider under the network view, we can go back to May 2009 to find Israel’s ambassador to the US, Michael Oren, saying that his country would not allow a nuclear Iran while months later Israel’s Deputy Foreign Minister Danny Ayalon said “there was no guarentee Israel would not launch a strike on Iran’s nuclear facilities…” Separately, clear throughout are the retaliatory consequences that would accompany Israeli military action. In addition to the state military response from Iran, Hamas leader Khaled Mashaal made it clear that any attack would generate support for Iran from militant groups in Gaza.

It’s also clear from the network above that the Turkish government is active in the political maneuvering with Recep Erdogen saying that any preemptive attack would be “disastrous for the entire region”. Separately, the Russian government figures prominently as do connections to the country through alleged support from scientist Vyacheslav Danilenko.

Now we have a clear indication that the issue of Israel preemptively acting against Iran is one that’s been prominent in geopolitical discussion for years, let’s shift back to evolution of the recent news. When did this issue really heat up? Well, we can see from an analysis of sources that there was the typical, scattered discussion about Israeli concerns over a nuclear Iran, at least up until October 30.

However, on October 31, Israeli Prime Minister Benjamin Netanyahu gave a parliamentary speech warning that Iran continued to develop nuclear weapons, and suggested that “a military option should not be ruled out.” This spurred mainstream news (shown in pink) coverage on the potential for a preemptive strike even ahead of an IAEA report that came out days later suggesting Iran’s program may in fact be one designed for weaponization.

Now about two weeks past the hottest media coverage of the issue, we look out for any predictions about the days ahead. What we find is London’s Daily Mail reporting, by way of an unidentified source, that Israel would take action against Iran by the end of the year.

The Daily Mail report, so far, does no seem corroborated by other notable sources, and this issues is one of those that is notoriously difficult to dissect. How do we know what is political posturing versus concrete evidence of action? Without inside sources, we may not know, but the open source is useful in garnering perspective around inflammatory issues.

Without getting into conspiracy theory territory, what further angles would be interesting to view here? Maybe we want to examine US media sentiment about Iran leading up to Netanyahu’s speech at the end of October, or try to identify abnormalities (whether it’s unique individuals or sources) calling for a preemptive strike. We’ll return to the issue in a few weeks to see how the scenario changes.

–

Whatever your every day research interest, the open web provides an invaluable resource for better understanding geopolitical activity. We’d love for you to give these approaches and experiment with your own through free trial access to Recorded Future.

Now anyone can sign up for a free trial of Recorded Future Premium. You’ll get full use of premium research tools that allow you to analyze past trends and better understand the potential future of almost anything! No credit card and no commitment required. We’d love to hear your feedback.

Be sure to test out our newest tool, the Network view. Click the image below for an interactive view of  Mexican drug lord Joaquin “El Chapo” Guzman’s network.