TOP-SECRET – Asymmetric Operations Working Group Ambiguous Threats and External Influences

Ambiguous Threats and External Influences in the Baltic States Phase 2: Assessing the Threat

Page Count: 68 pages
Date: November 2015
Restriction: None
Originating Organization: Asymmetric Operations Working Group, Asymmetric Warfare Group, Johns Hopkins Applied Physics Laboratory
File Type: pdf
File Size: 3,554,802 bytes
File Hash (SHA-256):89C66F94CEAEB07F31B2CB6A25556413763706FD02CDA06347D785CB7BCE3C9E

Download File

• Russia’s strategic objectives in the Baltic region do not focus on the Baltic States as final targets, but on using the Batlic States to discredit and dismantle the North Atlantic Treaty Organization (NATO) and undermining the European Union (EU) by using the Baltic States. Experts in Russia and European security from the United States and the Baltic region agree that Russia could use the Baltic States toward this end by employing any one of a spectrum of actions, to include direct invasion with conventional forces, an incursion and occupation using irregular forces like the one witnessed in Crimea in 2014, or longterm fostering of social, political, and economic instability. Disagreement existed among experts as to which approach was more likely.

• NATO’s Article 5 commitment to collective defense in the case of an armed attack makes a direct invasion with conventional forces highly unlikely, though not without its proponents. More likely, according to several experts, are longterm efforts to destabilize the Baltic States through social, economic, and political levers because the Kremlin does not wish to risk a conventional armed conflict with NATO.

• Russia stands to gain little by taking Baltic territory, with the exception of a land corridor to Kaliningrad through Lithuania. The prospect of a more unified and reinvigorated NATO in response to Russian annexation of Baltic territory deters Russian invasion and occupation.

• Internal unrest aimed at changing the government in Moscow continues to be one of the Putin administration’s chief concerns. This and other domestic concerns can prompt and drive Russian foreign policy. For instance, taking bold actions in its near abroad is used to support arguments for preserving the current regime.

• From an energy perspective, Lithuania stands in the most vulnerable position after losing its status as a net exporter of energy, but certain interdependencies between Russia and all three Baltic States decrease the potential efficacy of energy as a lever of influence. Russia has demonstrated, however, that it is willing to suffer economic losses for political gain.

• Regarding economic relations, Russia could leverage the actual economic marginalization of Russian compatriot populations, who earn less and have higher unemployment rates than ethnic Balts. However, the Baltic investment and export/import environments are increasingly insulated from Russian interference by greater ties with the Nordic countries and the rest of the EU, as well as the ability to find and tap into alternative markets when Russia has imposed embargoes in recent months. The logistics and transit sectors remain vulnerable because of heavy Russian involvement and ownership.

• Russian media dominate the information space with programming superior in quality, variety, and quantity in part because it receives extensive funding and support from the Kremlin. Russian compatriot populations typically choose to engage in this information space, and youth tend to eschew all TV and printed media in favor of Internet sources for news and entertainment. Russian media present a perspective that derides the Baltic States and its allies and exalts Russia and its predecessor, the Soviet Union. Laws and regulations have proven ineffective at tempering Russian messaging or holding Russian media companies accountable.

• Moscow supports and organizes non-government organizations (NGOs) in each Baltic State that enforce Russia’s compatriots policy, a program intended to foment social and political tension in countries where Russian compatriots reside by calling attention to alleged human rights violations and advocating interpretations of history that vilify that country and make the Soviet Union heroic. A popular position among Russian compatriot groups in the Baltic States continues to be that those countries support the rise of neo-fascism and neo-Nazism targeting Russian residents. Russian agents and provocateurs have attempted to organize protests and demonstrations against the Baltic governments but have been able to mobilize few people.

• Citizenship and language reforms in Estonia and Latvia remain contentious issues, but the percentages of stateless persons continues to decrease, and youth whose first language is Russian increasingly acquire Estonian and Latvian as a second language to gain better education and employment prospects.

• The Russian compatriot populations in the Baltic States are diverse and complex and do not represent unified segments of those national populations. The Polish minority in Lithuania is more organized and united in its support of Russian policies and deserves greater attention than it currently receives. Among the Russian compatriot populations, there appears to be a psychological crisis wherein many support Russia emotionally as their homeland, but struggle to rationally explain or reconcile Russia’s actions in eastern Ukraine with their idea of a benevolent Russia. Many reported a Crimea-like scenario could not occur in the Baltic States. A large contributor to that perception is that the standard of living in the EU incentivizes Russian compatriots not to repatriate and not to desire Russian interference, though they may desire certain policy changes by the Baltic governments.

• From a military perspective, the Baltic States depend on the NATO alliance to deter and, if necessary, answer military threats. Individually, the Baltic militaries remain too small to defend themselves against a full-scale Russian invasion, but the relatively high levels of professionalism and capability of their border guards and law enforcement provide protection from border incursions and internal disturbances growing out of control. Recent legislation in Latvia and Lithuania, as well as 2007/2008 legislation in Estonia, clarifies the circumstances in which national militaries can be mobilized internally and how they are to support law enforcement bodies.

• Overall, the Russian threat to the Baltic States resides much more in efforts to divide their societies than it does in efforts to annex their territory. A conventional invasion by Russian armed forces risks a revitalized NATO newly unified against it without acquiring significant gain, while Russian-sponsored NGOs and political parties could potentially sow sufficient discord in each country as to make them liabilities for NATO and the EU without incurring an Article 5 response.




Restricted U.S. Army Geospatial Intelligence Handbook – Revealed

The following, previously unpublished training circular was superseded by ATP 2-22.7 in 2015.

TC 2-22.7 Geospatial Intelligence Handbook

Page Count: 130 pages
Date: February 18, 2011
Restriction: Distribution authorized to U.S. Government agencies only because it requires protection in accordance with AR 380-5 or as specified by DCS G-3 Message DTG 091913Z Mar 04.
Originating Organization: Department of the Army
File Type: pdf
File Size: 32,687,748 bytes
File Hash (SHA-256):901B2E4FF2EB798C51BBC38BCF5961BA1C9E1E42B32FBCD48E9813174EFFAF0B

Download File

This training circular provides GEOINT guidance for commanders, staffs, trainers, engineers, and military intelligence personnel at all echelons. It forms the foundation for GEOINT doctrine development. It also serves as a reference for personnel who are developing doctrine; tactics, techniques, and procedures; materiel and force structure; and institutional and unit training for intelligence operations.

1-1. Geospatial intelligence is the exploitation and analysis of imagery and geospatial information to describe, assess, and visually depict physical features and geographically referenced activities on the Earth. Geospatial intelligence consists of imagery, imagery intelligence, and geospatial information (10 USC 467).

Note. TC 2-22.7 further implements that GEOINT consists of any one or any combination of the following components: imagery, IMINT, or GI&S.

1-2. Imagery is the likeness or presentation of any natural or manmade feature or related object or activity, and the positional data acquired at the same time the likeness or representation was acquired, including: products produced by space-based national intelligence reconnaissance systems; and likenesses and presentations produced by satellites, aircraft platforms, unmanned aircraft vehicles, or other similar means (except that such term does not include handheld or clandestine photography taken by or on behalf of human intelligence collection organizations) (10 USC 467).

1-3. Imagery intelligence is the technical, geographic, and intelligence information derived through the interpretation or analysis of imagery and collateral materials (10 USC 467).

1-4. Geospatial information and services refers to information that identifies the geographic location and characteristics of natural or constructed features and boundaries on the Earth, including: statistical data and information derived from, among other things, remote sensing, mapping, and surveying technologies; and mapping, charting, geodetic data, and related products (10 USC 467).



4-44. Feature data, also referred to as vector data, provides digital representations of natural or manmade objects as points, lines, or polygons (such as wells, roads, and forests). Each feature can include embedded information (attribution), such as bank heights for bodies of water, type of road surface, road width, and bridge load-bearing classification. Fully attributed feature data can be used to perform automated terrain analysis.


4-45. Dynamic terrain visualization, for example fly-throughs, is created by fusing imagery and elevation data, producing a dynamic, free flying environment to provide terrain visualization. It may also be used as tactical decision aids to support planning and execution of military operations. Dynamic terrain visualization can be displayed as urban environment overlays on high-resolution imagery or maps.


4-46. Video imagery systems collect and transmit, edit, store, archive, or disseminate digital video for realtime, near real-time, or for other end-user product distribution. The most common FMV encountered by an imagery analyst is the IMINT product of UAS platforms employed to support daily IMINT collection activities. In contrast, motion imagery—anything less than standard FMV (30 frames per second)—is associated with wide-area surveillance systems, typically collecting at two or six frames per second. Motion imagery is usually exploited in a forensic mode and helps develop pattern of life activities for a target.

4-47. UAS imagery analysis can be used to create IMINT products, or the actual UAS FMV may be disseminated to an end user for analysis or provided in combination with IMINT products. Strategic- and theater-level FMV and motion-imagery collection platform data are disseminated to the NSG architecture via the Community Airborne Library Architecture (CALA), a central repository for unexploited digital aircraft imagery. Aircraft, still, and motion imagery are currently accessible through CALA to the greater GEOINT community.


4-48. The process of developing a mathematical representation of any 3D object via specialized software is 3D modeling capability. Models may be created automatically or manually. Manual models are created similarly to fly-throughs or by extracting manmade features for display in a 3D environment. Imagery organizations are capable of creating 3D models or finished products can be ordered through commercial software products. These products are merged, high-resolution, satellite imagery and digital elevation models that provide the user a rich interactive 3D viewing capability.


The Mossad – Iran Intelligence – Would Iran Use the Bomb?

Mahmoud Ahmadinejad believes the most important task of the Iranian Revolution was to prepare the way for the return of the Twelfth Imam, who disappeared in 874, bringing an end to Muhammad’s lineage. This imam, the Mahdi or “divinely guided one,” Shiites believe, will return in an apocalyptic battle in which the forces of righteousness will defeat the forces of evil and bring about a new era in which Islam ultimately becomes the dominant religion throughout the world. The Shiites have been waiting patiently for the Twelfth Imam for more than a thousand years, but Ahmadinejad believes he can now hasten the return through a nuclear war. Ayatollah Hussein Nuri Hamdani explicitly said in 2005 that “the Jews should be fought against and forced to surrender to prepare the way for the coming of the Hidden Imam.” It is this apocalyptic world view, Middle East scholar Bernard Lewis notes, that distinguishes Iran from other governments with nuclear weapons.

Lewis quotes a passage from Ayatollah Khomeini cited in an 11th grade Iranian schoolbook, “I am decisively announcing to the whole world that if the world-devourers [the infidel powers] wish to stand against our religion, we will stand against the whole world and will not cease until the annihilation of all of them. Either we all become free, or we will go to the greater freedom, which is martyrdom. Either we shake one another’s hands in joy at the victory of Islam in the world, or all of us will turn to eternal life and martyrdom. In both cases, victory and success are ours.”

There are those who think that Muslims would never use such weapons against Israel because innocent Muslims would be killed as well, but Saddam Hussein did not hesitate to use poison gas on his own people. During the war in Lebanon in 2006, Hezbollah did not worry that rocketing cities with large Arab populations such as Haifa and Nazareth would kill non-Jews (and 24 of the 52 Israeli casualties were non-Jews). Muslims murder each other every day in Iraq. And Iran fought a ten-year war with Iraq in which as many as one million Muslims were killed.

Ayatollah Ali Akbar Hashemi-Rafsanjani explicitly said he wasn’t concerned about fallout from an attack on Israel. “If a day comes when the world of Islam is duly equipped with the arms Israel has in possession,” he said “the strategy of colonialism would face a stalemate because application of an atomic bomb would not leave anything in Israel but the same thing would just produce damages in the Muslim world.” As even one Iranian commentator noted, Rafsanjani apparently wasn’t concerned that “the destruction of the Jewish State would also means the mass killing of the Palestinian population as well.”

Iran would never launch a nuclear attack against Israel, some argue because, as the old Sting song used to say about the Russians, the Iranians “love their children too.” In the days of the Cold War, this idea was known as MAD or Mutually Assured Destruction. In the Iranian case, no Muslim leader would risk an Israeli counterstrike that might destroy them. MAD doesn’t work, however, if the Iranians believe there will be destruction anyway at the end of time. What matters, Bernard Lewis observed, is if the infidels go to hell and believers go to heaven. And if you believe that killing the nonbelievers will earn you a place in Paradise with 72 virgins, what difference does it make if you go out in a blaze of glory as a suicide bomber or in the shadow of a mushroom cloud?

Optimists also suggest the Iranians are driven more by rationality than theology and would not risk using nuclear weapons. Others believe they are irrational and therefore cannot be trusted to hold their fire. One does not have to believe the Iranians are irrational, however, to foresee the possibility of an attack on Israel with nuclear weapons. Rafsanjani, the President of Iran before Ahmadinejad, was just as adamant about destroying Israel as his successor. Contrary to the old aphorism that you can’t win a nuclear war, he argued that Iran could achieve victory. He said that “Israel is much smaller than Iran in land mass, and therefore far more vulnerable to nuclear attack.” Since Iran has 70 million people and Israel only has seven million, Rafsanjani believed Iran could survive an exchange of nuclear bombs while Israel would be annihilated. The rhetoric was bombastic, but he and other Iranian leaders might first consider the possibility that Israel could conceivably launch far more missiles and the outcome might be very different than he imagined.

Rafsanjani is correct about Israel’s vulnerability. Besides the population difference, the disparity in size of the countries is such that it does not take a whole arsenal of ICBMS like the old Soviet Union had to destroy Israel; Iran need only have three crude bombs to attack Israel’s three major population centers – Tel Aviv, Haifa and Jerusalem – and it’s goodbye Israel.

Iran will not have to use nuclear weapons to influence events in the region. Maj. Gen. Vladimir Dvorkin, head of the Moscow-based Center for Strategic Nuclear Forces, said the potential danger of an Iranian bomb is not the possibility of a nuclear strike against some countries, but the ability to assume a more bold approach in dealing with the international community after becoming a nuclear power. “The real threat is that Iran, which is already ignoring all resolutions and sanctions issued by the UN Security Council, will be practically ‘untouchable’ after acquiring nuclear-power status, and will be able to expand its support of terrorist organizations, including Hamas and Hezbollah” said Dvorkin (RIA Novosti, March 12, 2009).

Furthermore, by possessing a nuclear capability, the Iranians can deter Israel or any other nation from attacking Iran or its allies. When Hezbollah attacked Israel in 2006, for example, a nuclear Iran could have threatened retaliation against Tel Aviv if Israeli forces bombed Beirut. The mere threat of using nuclear weapons would be sufficient to drive Israelis into shelters and could cripple the economy. What foreign investors will want to risk their money going up in the smoke of a mushroom cloud? Will immigrants want to come to a country that lives in the shadow of annihilation? Will Israelis accept the risk? Israeli leaders will have to decide if they can risk calling the Iranians’ bluff.

Unveiled – U.S. Government Debated Secret Nuclear Deployments in Iceland

During the Cold War the United States never deployed nuclear weapons in Iceland but a recently declassified State Department record shows that U.S. government officials debated whether they should do so, including through secret deployments. A letter from a U.S. ambassador to Iceland in August 1960, published today by the National Security Archive, rejected such proposals, but the revelation of internal discussions on the subject ties in to the broader issue of the practice of U.S. nuclear deployments overseas during the Cold War.

The author of the recently released letter, U.S. Ambassador Tyler Thompson, was aware that Icelandic authorities wondered whether Washington had ever deployed nuclear weapons there. Recognizing that Iceland’s ties to NATO and the Western security system were fragile, he argued that if Reykjavik learned about a secret deployment, it could leave NATO. Furthermore, a “dramatic row” could “be expected to have an unfortunate effect on our friends and allies, to affect adversely our interests as far as neutrals are concerned, and to provide a propaganda field day for our enemies.”

U.S. Ambassador to Iceland Tyler Thompson, whose long letter to the State Department raised critical questions about the possibility of secret nuclear deployments in Iceland (National Archives, Still Pictures Branch, RG 59-SO, box 17).

All references to Iceland were deleted from the archival release of Thompson’s letter but his signature and other evidence confirms that the subject matter was Iceland. Further research indicated that nuclear weapons had been an issue in U.S. relations with Iceland since the Korean War when Icelandic officials asked whether the U.S. had deployment plans. Washington did not, but at the time Thompson wrote the letter U.S. officials were exploring nuclear storage options and secret deployments. Moreover, archival documents discovered by an Icelandic historian and published here today demonstrate that the United States had plans for at least one nuclear weapons storage site in the event World War III broke out.

Included in today’s posting are:

▪ A request for assurance in November 1951 by Foreign Minister Bjarni Benediktsson that the United States was not planning an “atomic base” in Iceland

▪ A State Department telegram from December 1951 authorizing the U.S. minister to assure Benediktsson that the United States “has no (rpt no) intention [of] going beyond letter or spirit of [the] defense agreement” which had been negotiated earlier in the year.

▪ A question posed by Foreign Minister Guðmundur Í. Guðmundsson to ambassador Thompson in June 1960: was the United States keeping atomic bombs at Keflavik air base or carrying them through the base in transit?

▪ A draft reply to Guðmundsson’s question indicating that nuclear weapons had not been deployed in Iceland but noting that CINCLANT [Commander-in-Chief, Atlantic Command] had a “requirement” for a nuclear weapons storage site.

That the United States never deployed nuclear weapons to Iceland is a settled issue. In 1998, Robert S. Norris, William Arkin, and this writer published an article in The Bulletin of Atomic Scientists in which they analyzed a recently declassified Defense Department history of U.S. nuclear deployments from 1945 to 1978. The study included several alphabetically arranged lists of nuclear weapons deployments in various parts of the world, including Western European members of NATO. Because many country and place names were excised the writers made educated guesses about some of them. One guess was Iceland. Certain details, such as Strategic Air Command activities during the 1950s, appeared to support the conclusion. The report in The Bulletin was widely publicized and when the news reached Iceland it created a political furor; the Icelandic government quickly denied the premise and the Clinton administration immediately supported the denial. In a significant departure from the usual “neither confirm nor deny” approach to nuclear weapons locations, the U.S. deputy chief of mission in Reykjavik declared that putting Iceland on the list of Cold War nuclear deployment sites was “incorrect.” Further research led to the identification of Iwo Jima as the deployment site.[1]

The fact that the U.S. government never deployed nuclear weapons in Iceland does not mean, however, that it had no nuclear plans for Iceland. Previous research by Valur Ingimundarson and William Arkin demonstrates that during the Cold War Iceland was considered a potential storage site. As Ingimundarson discovered, at the end of the 1950s the U.S. Navy ordered the construction of a facility for storing nuclear depth bombs, an Advanced Underseas Weapons (AUW) Shop at the outskirts of Keflavik airport. The AUW facility was built by local Icelandic workers who thought its purpose was to store torpedoes. Whether Ambassador Thompson knew about it remains to be learned. During the 1980s Arkin reported that a presidential directive from the Nixon period treated Iceland as one of several “Conditional Deployment” locations, where nuclear weapons could be stored in the event of war. An AUW storage facility would make sense in that context. Nevertheless, all such arrangements were kept deeply secret because of the political sensitivity of the U.S. military presence in Iceland.[2]

The heavily excised release of the Thompson letter suggests that the U.S. national security bureaucracy does not presently acknowledge that Iceland figured in American nuclear weapons planning during the Cold War. This is not surprising because the U.S. government has not acknowledged the names of a number of other countries which directly participated in the NATO nuclear weapons stockpile program during the Cold War (and later): Belgium, Greece, Italy, the Netherlands, and Turkey (only West Germany and the United Kingdom have been officially disclosed). As for Iceland’s status as a “conditional” deployment site, even though the horse left the barn years ago in terms of the previous archival releases, time will tell whether declassifiers take that into account when making future decisions on classified historical documents concerning Iceland and nuclear weapons.


Pictured here is a MK-101 “Lulu” nuclear depth bomb. which the U.S. Navy could have deployed to a storage site at Kefllavik airport, Iceland, in the event of World War III.  Weighing 1,200 pounds, with an explosive yield of between 10 and 15 kilotons, the Lulu was in service from the late 1950s to 1971.  An air-dropped weapon designed for use by all Navy aircraft, Lulu would have been available to British, Canadian, and Dutch naval forces under NATO nuclear sharing arrangements.  (Source: photograph by Mike Fazarckly at Nuclear Weapons: A Guide to British Nuclear Weapons. Thanks to Stephen Schwartz for pointing out these photos.)


Document 1: U.S. Legation Reykjavik telegram number 82 to State Department, 18 November 1951, Secret

Source: U.S. National Archives, Record Group 59, Department of State records [RG 59], Central Decimal Files 1950-1954 [CDF], 711.56340B/11-1851

On 5 May 1951, Iceland and the United States secretly signed a defense agreement which became public just two days later. Under the agreement, the United States took over the defense of Iceland, a decision which local elites believed was necessary in light of the Korean War and Iceland’s historically disarmed status. The arrangement was nonetheless contentious for many citizens and by some accounts bordered on illegal; the three major non-Communist parties therefore agreed to keep parliament in recess to minimize controversy (when Iceland joined NATO in 1949, riots had broken out). Two days later, on 7 May, 300 U.S. troops arrived, the first of a contingent which the Icelandic government limited to a tightly sequestered 3,900 troops out of fear of adverse public reaction (to the point that Reykjavik successfully insisted on the exclusion of African-American soldiers).

While the fine print of the defense agreement was still being negotiated, in November 1951 Foreign Minister Benediktsson showed U.S. Chargé d’Affaires Morris N. Hughes a London Times article quoting Senator Edwin Johnson (D-CO) that Iceland, North Africa, and Turkey were better deployment sites for atomic weapons than the United Kingdom. To assuage the foreign minister’s concern that Communist Party members and other critics would exploit Johnson’s statement, Hughes recommended “official reassurance” that the United States had no plans to deploy atomic weapons in Iceland.

Document 2: U.S. Legation Reykjavik telegram number 85 to State Department, 24 November 1951, Secret

Source: RG 59, CDF, 711.56340B/11-2451

A few days after the above exchange, Benediktsonn told Hughes that he had showed him the Times article so he could tell “critics and worried colleagues” that he had immediately sought U.S. reassurances about U.S. atomic plans. When the foreign minister wondered whether an “appropriate quarter” could provide “some reassurance,” Hughes agreed to inform the State Department “of his anxiety.” The reference to McGaw is to General Edward John McGaw, the first commander of the Iceland Defense Force, the U.S. unified command which provided for Iceland’s military security from 1951 to 2006.

Document 3: U.S. Legation Reykjavik Despatch 198 to State Department, ““First Icelandic Reaction to Senator Johnson’s Statement on Atomic Bases,” 27 November 1951, Secret

Source: RG 59, CDF, 711.56340B/11-2751

Chargé Hughes reported that the Communist newspaper, Thjodviljinn [Will of the Nation] had commented on Senator Johnson’s statement, noting that the “Americans feel that it does not matter if Iceland should be subjected to the attack and horrors such bases would bring

upon the nation.”

Document 4: U.S. Legation Reykjavik telegram number 97 to State Department, 20 December 1951, Secret

Source: RG 59, CDF, 711.56340B/12-1951

With no answer to his question about atomic bases, Benediktsonn asked Hughes again about the problem, noting that Communist opponents could “embarrass” him.

Document 5: State Department telegram 98 to U.S. Legation Reykjavik, 21 December 1951, Top Secret

Source: RG 59, CDF, box 3180, 711.56340B/11-2451

Benediktsonn’s second query was the charm. Responding to Hughes’ message, a State Department telegram sent under the name of Secretary of State Dean Acheson warned that any public statements would violate the policy to “not deny or affirm rumors” about the locations of atomic weapons. That was a military necessity to prevent the Soviet Union from determining the “pattern” of U.S. defenses. Nevertheless, the Department authorized Hughes to inform Benediktsonn confidentially that the United States would “make no move without [the] full consultation and agreement” of Iceland’s government.

Document 6: U.S. Legation Reykjavik Despatch 238 to State Department, “Further Reaction to Threatened Use of Iceland as Atomic Base,” 29 December 1951, Secret

Source: RG 59, CDF, box 3180, 711.56340B/12-2951

Hughes provided a fuller account of his meeting with Benediktsonn on 20 December and of his efforts during the holidays to pass on the gist of the State Department message to the permanent undersecretary and then to the foreign minister himself at a dinner. Whether there were any follow-up discussions remains unclear because the records covering the 1952-1954 period in the 711.56340B decimal file series are missing from box 3181.[3]

Document 7: U.S. Department of State Executive Secretariat, “Top Secret Daily Staff Summary,” 22 June 1960, top secret, excerpt

Source: RG 59, Executive Secretariat, Daily Staff Summary, 1944-1971, box 45, Daily Staff Summary, Top Secret, June 1960

According to the State Department summary of telegram 367 from the U.S. Embassy in Iceland, in light of the recent U-2 crisis, Foreign Minister Guðmundur Í. Guðmundsson asked Ambassador Thompson whether the United States had used Keflavik air base for U-2 flights, had stored nuclear weapons there or had moved them through Keflavik. While the Foreign Minister had not asked for assurances about advance agreement, according to the summary Thompson “feels that the storage of atomic warheads in Iceland without the latter’s prior agreement would be a mistake and suggests that, if we have no intention to do this, we so inform the Icelandic Government without awaiting its request to this effect.” This conversation is cited on the bottom of page 2 of the Tyler Thompson letter (Document 8) with the references to Iceland excised.

From the original Air Force caption: “A view of the famous Terminal Hotel at Keflavik Airport, Iceland, is pictured here. In the foreground are two MATS [Military Air Transport Service] aircraft parked out front of the hotel.” Ambassador Thompson’s letter captured the problems raised by the air base’s wide open status for proposals for secret nuclear weapons storage: the base’s “security problem” was “complicated by the small size of the secure areas, accessibility of the base to the public, the small community atmosphere there with everyone knowing to a large extent what is going on, and the speculation which new, and stricter security regulations might arouse.” (National Archives, Still Pictures Branch, RG 342-B, box 1458, Foreign Locations—Iceland)

Documents 8A-B: Answer to Gudmundsson’s Questions

A: Draft telegram to U.S. Embassy Iceland, 24 June 1960, Top Secret

B: Draft telegram to U.S. Embassy Iceland, circa 1 July 1960, Top Secret

Source: RG 59, Bureau of European Affairs, Office of Atlantic Political and Military Affairs, Subject Files, 1953-1962, box 11, Iceland Keflavick [sic] Air Base

In response to Guðmundsson’s questions about U-2 flights and nuclear weapons, State Department officials prepared a response; the finished, delivered version remains classified in State Department decimal files, but drafts of the response are available, of which the one dated 1 July 1960 is probably close to what was sent. The ambassador could assure the foreign minister that the U.S. had not stored nuclear weapons in Iceland or shipped them through Keflavik airbase. But this information was not for public consumption because of the U.S. government’s “neither confirm nor deny” policy. In response to Thompson’s suggestion that the U.S. pledge that it would consult the Icelandic government in advance about nuclear weapons deployments, the State Department believed this would “not [be] desirable.” Before any assurances could be given the subject would need careful study in Washington; if asked for such assurances, Thompson was to tell Guðmundsson that he needed to seek instructions. Thompson’s letter (below) does not indicate that a follow-up conversation with Guðmundsson had occurred, only the possibility that he might ask the question about nuclear deployments again.

The 24 June draft telegram mentions the CINCLANT requirement for a nuclear weapons storage site and its ongoing construction but that item was dropped from the 1 July draft, perhaps because of its sensitivity. The final version of the telegram remains classified but has been requested.

Document 9: Ambassador Tyler Thompson to Ivan White, 5 August 1960, top secret, excised copy

Source: RG 59, DF 1960-1963, 711.5611-8560

Probably to respond to the issues raised by Guðmundsson’s questions, Deputy Assistant Secretary of State for European Affairs Ivan White sent Thompson a letter on 21 July 1960. It was one of those “official informal” communications then used by State Department officials to communicate with its embassies on matters that were too complex and sensitive to handle by telegram. White’s letter has not surfaced and is not indexed in the State Department decimal files. But judging from the tenor of Thompson’s reply, White may have asserted that the U.S. government was free to deploy nuclear weapons in Iceland without securing the agreement of Reykjavik. If that was the case, the Eisenhower administration had departed from the Acheson policy of assuring “full consultation and agreement.” It is possible that the previous ambassador, John Muccio, was the individual whom Thompson described as “recommending against prior consultation” out of fear that information about the deployment would leak to the Soviets.

If war was imminent or had broken out, Thompson believed that a secret emergency deployment would be permissible, but under peacetime circumstances he recommended seeking Iceland’s consent. Given that the Soviets probably suspected that Iceland was already a storage site, Thompson believed that it would be worse if the government of Iceland discovered a secret deployment; that would produce a diplomatic crisis, including Iceland’s possible withdrawal from NATO under protest. Moreover, “from the point of view of respect for the rights and sovereignty of [Iceland], the fact that it might not agree to the storage of nuclear weapons here could be considered as making prior consultations all the more necessary.”

To make deployments technically possible, Thompson suggested the construction of storage areas, but consulting the government if Washington ever wanted to use them. If war was approaching it would be possible to deploy weapons under emergency conditions because the possibility of objections would be “minimized.” If, however, the United States wanted to use the storage areas for actual deployments it should consult the Icelandic government. Thompson may not have been aware of the SACLANT storage site mentioned in the draft telegram cited above.

Thompson’s letter met with some internal criticism, mainly on the first page: a handwritten “no” next to his observation that U.S. nuclear weapons storage in NATO countries depends on the agreement of the country concerned; a question mark next to the comment about Canadian consent for storage of nuclear weapons in Canada; a comment “No! Canada on record,” suggesting that Ottawa would accept clandestine U.S. storage; and another comment which is harder to decipher: “tech … doesn’t get UK OK.”

For the archival release of this letter the State Department and the Defense Department justified the excision on two grounds. The State Department cited Section 3.3 (b) (6) of Executive Order 13526 – that declassification would “reveal information, including foreign government information, that would cause serious harm to relations between the United States and a foreign government, or to ongoing diplomatic activities of the United States.” The Defense Department cited exemption (b) (6), ruling that declassification would “reveal formally named or numbered U.S. military war plans that remain in effect, or reveal operational or tactical elements of prior plans that are contained in such active plans.” Whether the declassification of a document which is well over half a century old could have such impacts on U.S. diplomacy or military planning appears highly doubtful.



[1]. William Arkin, Robert S. Norris, and William Burr, “They Were,” The Bulletin of the Atomic Scientists, November –December 1999, pp. 25-35; Arkin, Norris, and Burr, “How Much Did Japan Know,” The Bulletin of the Atomic Scientists, January-February 2000, pp. 11-13, 78-79.

[2] . Valur Ingimundarson, The Rebellious Ally: Iceland, the United States, and the Politics of Empire, 1945-2006(Dordrech, The Netherlands, 2011), 86; William Arkin, “Iceland Melts,” The Bulletin of the Atomic Scientists (50) January-February 2000, p. 80.

[3]. One relevant item that could show up in box 3181 was published in the Foreign Relations of the United States: a memorandum to the Deputy Under Secretary of State on “Additional Military Operating Requirements in Iceland,” dated 12 June 1952. It briefly recounts the discussions with the Icelandic foreign minister and mentions a NATO request to the U.S. and the Government of Iceland for a strategic air base in Iceland, but any further discussion of nuclear weapons was excised in the FRUS volume.

Englische Medien – Bankrott-Tourist von Holst & Familienangehörige wohl im Visier von SCOTLAND YARD – 61 “Firmen” geschlossen


‘Bankruptcy tourism’ crackdown shuts 61 companies
UPDATED: 21:06 GMT, 22 October 2011

Insolvent: It is thought German companies transferred to Britain and then used British law to go bust

Insolvency authorities have closed 61 companies set up in Britain to take advantage of the easygoing bankruptcy rules.

The firms were linked to Rainer Von Holst and Ann Von Holst, both German citizens and business advisers in that country. They recommend that companies adopt British status.

The Insolvency Service said the pair were offering British companies to German clients ‘when bankruptcy or commercial difficulties threaten’.

It is thought that this was a way of transferring the domicile of a troubled German company to Britain and then using British bankruptcy law to go bust.

The technique is known as ‘bankruptcy tourism’. Companies employ this technique to use British law to go bust in a pre-pack insolvency, which means they can shuffle off creditors and then be relaunched free of debt.

It is thought the 61 companies would have been used for similar bankruptcies.

They were all closed after the Insolvency Service sought a court order to wind them up for a series of offences, including filing false information at Companies House and failure to co-operate with its investigators.

At one time all 61, which were dormant businesses, gave their registered address as a small office in a residential street in Kenilworth, Warwickshire.

The Insolvency Service said the office was also given as the address of the company directors, the Von Holsts, but there was ‘no evidence they had any right to use the address and had no presence there’.

Geoff Hanna, investigations manager at the Insolvency Service, said there had been a ‘serious disregard for the laws that govern all limited liability companies.

We will not allow the reputation of the British corporate regime to be tarnished by allowing such abuses to continue with impunity.’ Neither of the Von Holsts was available for comment.

Bankruptcy tourism was thrown into the spotlight last year by the case of Wind Hellas, a Greek telecoms group that relocated to Britain in 2009 and went bankrupt three months later.

Read more:
Follow us: @MailOnline on Twitter | DailyMail on Facebook

Von Holst werden zahlreiche Verbrechen zur Last gelegt wie mutmasslicher Betrug, mutmasslicher Diebstahl, mutmassliche Gewaltverbrechen, mutmasslicher Identitätsdiebstahl. Sein angeblicher derzeitiger US-Aufenthalt ist wohl nur vorgetäuscht, um mutmasslich Scotland Yard zu entkommen…


Revealed – E-mails from inside the NSA bureaucracy

Earlier this month, the NSA declassified a huge set of internal e-mails, following FOIA-requests about the issue of whether Edward Snowden had raised concerns about the NSA’s surveillance programs through proper channels inside the agency.

> Download the declassified e-mails (very large pdf)

Here, we will take a look at the administrative details these internal NSA e-mails provide. Next time we will see what their content says about the concerns that Snowden claimed to have raised.

Internal e-mail from NSA director Michael Rogers. In the signature block we see his
NSANet and SIPRNet e-mail addresses and his non-secure phone number (all redacted)
(Click to enlarge – See also: NSA director Alexander’s phones)

E-mail addresses

Except from the classification markings, the NSA’s internal e-mails aren’t very different from those exchanged by most other people around the world. But they do show for example some details about the internal communications networks of the agency.

From the signature blocks underneath the e-mails we learn that, depending on their function and tasks, NSA employees have e-mail addresses for one or more of the following four computer networks:

NSANet for messages classified up to Top Secret/SCI (Five Eyes signals intelligence). On this network the address format for e-mail is jjdoe@nsa

JWICS for messages classified up to Top Secret/SCI (US intelligence). The address format is

SIPRNET for messages classified up to Secret (mainly US military). The address format is

UNCL for unclassified messages, likely through NIPRNet. The address format is

For e-mail, all NSA employees have display names in a standardized format: first comes their family name, given name and middle initial, sometimes followed by “Jr” or a high military rank. Then follows “NSA” and the proper organizational designator, then “USA” for their nationality and finally “CIV” for civilian employees, “CTR” for contractors, “USN” for Navy, “USA” for Army or “USAF” for Air Force members.

Thus, the display name of the current NSA director is “Rogers Michael S ADM NSA-D USA USN”, while that of the previous director was “Alexander Keith B GEN NSA-D USA USA”. In 2012, Snowden had the display name “Snowden Edward J NSA-FHX4 USA CTR”:

E-mail from Snowden as systems administrator in Hawaii, August 2012
The redacted part of the classification marking
seems to hide a dissemination marking *
(Click to enlarge)

The organizational designator FHX4 is interesting. FH stands for Field station Hawaii, but X4, being unit 4 of division X, is still a mystery. The field station divisions have the same designators as those at NSA headquarters, where there’s also a division X, but so far no document gave an indication what it does.

The signature block shows that Snowden worked as a systems administrator for Dell’s Advanced Solutions Group and that he was deployed at the Technology Department of NSA’s Cryptologic Center in Hawaii, more specifically at the Office of Information Sharing. The latter has the organizational designator (F)HT322 and is therefore different from that in Snowden’s display name.

In the declassified messages we only see display names, not the actual e-mail addresses behind them. Therefore, only the classification markings on the messages provide an indication on which network they were exchanged.

From an e-mail that was declassified earlier we know that in April 2013 Snowden used the address “”, which is the format for the JWICS network, but was apparently used on NSANet.*

From one of the declassified e-mails about NSA’s internal investigation it seems that Snowden had just two mail accounts: “we have his TS [Top Secret] NSANet email and his UNCLASSIFIED email”, but this is followed by some redacted lines.*

Finally, the signature blocks of some NSA employees also provide a link to their dropbox for sending them files that may be too large for e-mail. Such dropboxes have addresses like “…%5D”.

Example of an NSA message, with in the signature block e-mail addresses for JWICS and an
unclassified network, and phone numbers for the NSTS and the non-secure phone networks
OPS 2B is the wider and lower one of the two black NSA headquarters buildings
(Click to enlarge)

Telephone numbers

Besides e-mail addresses, many messages also have phone numbers in the signature blocks. They show numbers for one or more of the telephone systems used at NSA:

NSTS, which stands for National Secure Telephone System and is NSA’s internal telephone network for secure calls. Numbers for this network have the format 969-8765 and are often marked with “(s)” for “secure”

STE, which stands for Secure Terminal Equipment, being a telephone device capable of encrypting phone calls on its own. Telephone numbers can be written in the format (301) 234-5678 or as STE 9876.

BLACK, CMCL or Commercial, which are numbers for non-secure telephones that may also access the public telephone network. They have the regular format (301) 234-5678 and are often marked with “(b)” for “black” (as opposed to “red”) or with “(u)” for unclassified.

The NSA/CSS Threat Operations Center (NTOC) at NSA headquarters, with from left to right:
an STE secure phone, a probably non-secure telephone and a phone for the NSTS
(Photo: NSA, 2012 – Click to enlarge)


Finally, releasing such a huge set of documents in which many parts had to be redacted always bears the risk that something is overlooked. That also happened this time, as in one e-mail from an investigator from NSA’s Counterintelligence Investigations unit Q311 they forgot to redact the codeword TIKICUBE:

TIKICUBE appears to be a unit of the Investigations Division Q3. Whether this might be a special unit investigating the Snowden leak isn’t clear though.

The abbreviations behind the investigators name are: CFE for Certified Fraud Examiner and CISSP for Certified Information Systems Security Professional.

We also see that this investigation division is not located at the NSA headquarters complex at Fort Meade, but at FANX. This stands for Friendship Annex, a complex of NSA office buildings in Linthicum, near Baltimore, some 12 km. or 7.5 miles north-east of Fort Meade.

The famous blue-black glass headquarters buildings are OPS 2A and OPS 2B, while the SIGINT division is apparently in the flat 3-story building from the late 1950s, designated OPS 1.

NSA – Is the Shadow Brokers leak the latest in a series ?

Earlier this week, a group or an individual called the Shadow Brokers published a large set of files containing the computer code for hacking tools. They were said to be from the Equation Group, which is considered part of the NSA’s hacking division TAO.

The leak got quite some media attention, but so far it was not related to some earlier leaks of highly sensitive NSA documents. These show interesting similarities with the Shadow Brokers files, which were also not attributed to Edward Snowden, but seem to come from an unknown second source.

Screenshot of some computer code with instructions
from the Shadow Brokers archive

The Shadow Brokers files

Since August 13, the ShadowBrokers posted a manifesto and two large encrypted files on Pastebin, on GitHub, on Tumblr and on DropBox (the latter three closed or deleted meanwhile).

One of the encrypted files could be decrypted into a 301 MB archive containing a large number of computer codes for server side utility scripts and exploits for a variety of targets like firewalls from Cisco, Fortinet and Shaanxi. The files also include different versions of several implants and instructions on how to use them, so they’re not only the malware that could have been found on the internet, but also files that were only used internally.

A full list of the exploits in this Shadow Brokers archive can be found here.

Security experts as well as former NSA employees considered the files to be authentic, and earlier today the website The Intercept came with some unpublished Snowden documents that confirm the Shadow Brokers files are real.

Besides the accessible archive, Shadow Brokers also posted a file that is still encrypted, and for which the key would only be provided to the highest bidder in an auction. Would the auction raise 1 million bitcoins (more than 500 million US dollars), then Shadow Brokers said they would release more files to the public. This auction however is likely just meant to attract attention.

Screenshot of a file tree from the Shadow Brokers archive

From the Snowden documents?

According to security experts Bruce Schneier and Nicholas Weaver the new files aren’t from the Snowden trove. Like most people, they apparently assume that Snowden took mostly powerpoint presentations and internal reports and newsletters, but that’s not the whole picture. The Snowden documents also include various kinds of operational data, but this rarely became public.

Most notable was a large set of raw communications content collected by NSA under FISA and FAA authority, which also included incidentally collected data from Americans, as was reported by The Washington Post on July 5, 2014. The Snowden documents also include technical reports, which are often very difficult to understand and rarely provide a newsworthy story on their own.

Someone reminded me as well that in January 2015, the German magazine Der Spiegel published the full computer code of a keylogger implant codenamed QWERTY, which was a component of the NSA’s WARRIORPRIDE malware framework. So with the Snowden trove containing this one piece of computer code, there’s no reason why it should not contain more.

Contradicting the option that the Shadow Brokers files could come from Snowden is the fact that some of the files have timestamps as late as October 18, 2013, which is five months after Snowden left NSA. Timestamps are easy to modify, but if they are authentic, then these files have to be from another source.

A second source?

This brings us to a number of leaks that occured in recent years and which were also not attributed to Snowden. These leaks involved highly sensitive NSA files and were often more embarrassing than stuff from the Snowden documents – for example the catalog of hacking tools and techniques, the fact that chancellor Merkel was targeted and intelligence reports proving that NSA was actually successful at that.

> See Leaked documents that were not attributed to Snowden

It is assumed that these and some other documents came from at least one other leaker, a “second source” besides Snowden, which is something that still not many people are aware of. The files that can be attributed to this second source have some interesting similarities with the Shadow Brokers leak. Like the ANT catalog published in December 2013, they are about hacking tools and like the XKEYSCORE rules published in 2014 and 2015 they are internal NSA computer code.

This alone doesn’t say much, but it’s the choice of the kind of files that makes these leaks look very similar: no fancy presentations, but plain technical data sets that make it possible to identify specific operations and individual targets – the kind of documents many people are most eager to see, but which were rarely provided through the Snowden reporting.

As mainstream media became more cautious in publishing such files, it is possible that someone who also had access to the Snowden cache went rogue and started leaking documents just for harming NSA and the US – without attributing these leaks to Snowden because he would probably not approve them, and also to suggest that more people followed Snowden’s example.

Of course the Shadow Brokers leak can still be unrelated to the earlier ones. In that case it could have been that an NSA hacker mistakenly uploaded his whole toolkit to a server outside the NSA’s secure networks (also called a “staging server” or “redirector” to mask his true location) and that someone was able to grab the files from there – an option Snowden also seems to favor.

Diagram showing the various stages and networks involved
in botnet hacking operations by NSA’s TAO division

An insider?

Meanwhile, several former NSA employees have said that the current Shadow Brokers leak might not be the result of a hack from the outside, but that it’s more likely that the files come from an insider, who stole them like Snowden did earlier.

Of course it’s easier for an insider to grab these files than for a foreign intelligence agency, let alone an ordinary hacker, to steal them from the outside. But if that’s the case, it would mean that this insider would still be able to exfiltrate files from NSA premises (something that shouldn’t be possible anymore after Snowden), and that this insider has the intent to embarrass and harm the NSA (Snowden at least said he just wanted to expose serious wrongdoings).

Here we should keep in mind that such an insider is not necessarily just a frustrated individual, but can also be a mole from a hostile foreign intelligence agency.

Russian intelligence?

On Twitter, Edward Snowden said that “Circumstantial evidence and conventional wisdom indicates Russian responsibility”, but it’s not clear what that evidence should be. It seems he sees this leak as a kind of warning from the Russians not to take revenge for the hack of the Democratic National Committee (DNC) e-mails, which was attributed to Russian intelligence.

This was also what led Bruce Schneier to think it might be the Russians, because who other than a state actor would steal so much data and wait three years before publishing? Not mentioned by Schneier is that this also applies to the documents that can be attributed to the second source: they are also from before June 2013.

A related point of speculation is the text that accompanied the Shadow Brokers files, which is in bad English, as if it was written by a Russian or some other non-western individual. This is probably distraction, as it looks much more like a fluent American/English speaker who tried to imitate unexperienced English.

The text also holds accusations against “Elites”, in a style which very much resembles the language used by anarchist hacker groups, but that can also be faked to distract from the real source.

Screenshot of some file folders from the Shadow Brokers archive


With the authenticity of the Shadow Brokers files being confirmed, the biggest question is: who leaked them? There’s a small chance that it was a stupid accident in which an NSA hacker uploaded his whole toolkit to a non-secure server and someone (Russians?) found it there.

Somewhat more likely seems the option that they came from an insider, and in that case, this leak doesn’t stand alone, but fits into a series of leaks in which, since October 2013, highly sensitive NSA data sets were published.

So almost unnoticed by the mainstream media and the general public, someone was piggybacking on the Snowden-revelations with leaks that were often more embarrassing for NSA than many reportings based upon the documents from Snowden.

Again, obtaining such documents through hacking into highly secured NSA servers seems less likely than the chance that someone from inside the agency took them. If that person was Edward Snowden, then probably someone with access to his documents could have started his own crusade against NSA.

If that person wasn’t Snowden, then it’s either another NSA employee who was disgruntled and frustrated, or a mole for a hostile foreign intelligence agency. For an individual without the protection of the public opinion like Snowden, it must be much harder and riskier to conduct these leaks than for a foreign state actor.

Former NSA counterintelligence officer John Schindler also thinks there could have been a (Russian) mole, as the agency has a rather bad track record in finding such spies. If this scenario is true, then it would be almost an even bigger scandal than that of the Snowden-leaks.

On August 21, NSA expert James Bamford also confirmed that TAO’s ANT catalog wasn’t included in the Snowden documents (Snowden didn’t want to talk about it publicly though). Bamford favors the option of a second insider, who may have leaked the documents through Jacob Appelbaum and Julian Assange.