Jim Kouri
Covert operations: Red Teams test security vulnerabilities in U.S.
FacebookTwitter
By Jim Kouri
December 3, 2010

Using counterfeit documents and posing as employees of a company with a Nuclear Regulatory Commission license, FSI investigators successfully crossed the U.S. northern and southern borders with the type of radioactive materials that could be used to make a dirty bomb.

The Government Accountability Office's Forensic Audits and Special Investigations team (FSI), which was created in 2005 as an interdisciplinary team consisting of investigators, auditors, and analysts, conducts covert tests at the request of the Congress to identify vulnerabilities and internal control weaknesses at executive branch agencies.

These vulnerabilities and internal control weaknesses include those that could compromise homeland security, affect public safety, or have a financial impact on taxpayer's dollars.

FSI conducts covert tests as "red team" operations, meaning that FSI does not notify agencies in advance about the testing. Recently, concerns have arisen as to whether top management at the U.S. Transportation Security Administration (TSA) were negatively impacting the results of red team operations by leaking information to security screeners at the nation's airports in advance of covert testing operations.

Consequently, GAO was asked by the U.S. Congress to briefly explain FSI's processes and procedures concerning covert testing and as well as provide examples of covert activities performed

FSI has strict internal procedures related to the planning, execution, and reporting of covert activities. First, FSI and senior GAO management decide on a case-by-case basis whether engagements requiring covert tests are within the scope of GAO's authority.

Next, FSI identifies the aspects of the security system or the government program that are particularly vulnerable to terrorist threats or fraudulent activities and relies on the experience of its investigators to develop a written investigative plan. This plan typically includes the creation of fictitious identities and counterfeit documentation.

All counterfeit documents that FSI uses are manufactured using hardware, software, and materials that are available to the general public — this allows FSI to demonstrate that any security vulnerabilities it finds could be exploited by a criminal or terrorist with moderate means and resources and would not require sophisticated insider knowledge.

FSI's investigators are the only GAO staff allowed to participate in the execution phase of testing, although audit and analyst staff are often involved in planning and operational support. Importantly, if investigators discover vulnerabilities that pose a significant and immediate threat to public safety, FSI immediately will discontinue its investigation and alert the appropriate government law enforcement agency.

Once the operation is complete, FSI conducts a "corrective action briefing" with officials at the tested entity to report that they have been the subject of a covert operation, share the results of the testing and, if necessary, suggest potential remedies for any identified control weaknesses or security vulnerabilities.

These operations provided the Congress with irrefutable evidence about the actual ability of federal agencies under "live" conditions to deal with security threats and to protect government assets from fraudsters.

* Using counterfeit documents and posing as employees of a company with a Nuclear Regulatory Commission license, FSI investigators successfully crossed the U.S. northern and southern borders with the type of radioactive materials that could be used to make a dirty bomb.

* Posing as private citizens, FSI investigators purchased sensitive military equipment — including ceramic body armor inserts, guided missile radar test sets, and microcircuits used in F-14 fighter aircraft — on the Internet from the Department of Defense's liquidation sales contractor.

* Using bogus driver's licenses, FSI investigators successfully gained entry to all 24 Department of Transportation regulated urine collection sites that FSI tested, which are responsible for providing drug testing of commercial truck drivers in safety sensitive transportation positions.

* Using false documents and an erroneous IRS taxpayer identification number, FSI pretended to be a charity and successfully applied to three of the Combined Financial Campaign's local 2006 campaigns.

© Jim Kouri

 

The views expressed by RenewAmerica columnists are their own and do not necessarily reflect the position of RenewAmerica or its affiliates.
(See RenewAmerica's publishing standards.)


Jim Kouri

Jim Kouri, CPP is currently fifth vice-president of the National Association of Chiefs of Police... (more)

Subscribe

Receive future articles by Jim Kouri: Click here

More by this author

September 10, 2017
Trump Justice: 'Dreamer' wanted for murder nabbed by feds in NJ and extradited


July 26, 2017
NJ 12-year-old's suicide a plea for cyber-bullying law: GOP candidate Heather Darling


June 12, 2017
Obama hampered law enforcement investigation of Iranian terrorism funding


June 2, 2017
Prez of Young Democrats and Mayor de Blasio staffer busted for kiddie porn; one victim 6-mos. old


May 29, 2017
The conservative approach to taxation and a healthy business climate


May 24, 2017
U.S. intelligence reports warn of cyber "Cold War"


March 3, 2017
Media attack Trump's terrorism expert Dr. Sebastian Gorka


December 23, 2016
Trump's border wall: The bill was passed and signed into law


December 22, 2016
Dem lawmakers demand commission to probe Trump-Russia conspiracy


December 14, 2016
Outraged Vets: VA hospital death touted as proof of Obama and Democrats indifference


More articles

 

Stephen Stone
HAPPY EASTER: A message to all who love our country and want to help save it

Stephen Stone
The most egregious lies Evan McMullin and the media have told about Sen. Mike Lee

Siena Hoefling
Protect the Children: Update with VIDEO

Stephen Stone
FLASHBACK to 2020: Dems' fake claim that Trump and Utah congressional hopeful Burgess Owens want 'renewed nuclear testing' blows up when examined

Cliff Kincaid
They want to kill Elon Musk

Jerry Newcombe
Four presidents on the wonder of Christmas

Pete Riehm
Biblical masculinity versus toxic masculinity

Tom DeWeese
American Policy Center promises support for anti-UN legislation

Joan Swirsky
Yep…still the smartest guy in the room

Michael Bresciani
How does Trump fit into last days prophecies?

Curtis Dahlgren
George Washington walks into a bar

Matt C. Abbott
Two pro-life stalwarts have passed on

Victor Sharpe
Any Israeli alliances should include the restoration of a just, moral, and enduring pact with the Kurdish people

Linda Kimball
Man as God: The primordial heresy and the evolutionary science of becoming God

Sylvia Thompson
Should the Village People be a part of Trump's Inauguration Ceremony? No—but I suspect they will be

Jerry Newcombe
Reflections on the Good Samaritan ethic
  More columns

Cartoons


Click for full cartoon
More cartoons

Columnists

Matt C. Abbott
Chris Adamo
Russ J. Alan
Bonnie Alba
Chuck Baldwin
Kevin J. Banet
J. Matt Barber
Fr. Tom Bartolomeo
. . .
[See more]

Sister sites