Case Study #101
October 2009
The MIT Center for Digital Business
Case Study #101
The U.S. Intelligence Community (A)
Andrew McAfee
MIT Center for Digital Business
Case Study 101: The US Intelligence Community (A)
A System Blinking Red
In the wake of the September 11, 2001 terrorist attacks on the United States, several groups examined
the performance of the country’s intelligence agencies, and they did not like much of what they saw.
Their conclusions can be summarized using two phrases that became popular during the
investigations: even though the system was blinking red before 9/11, no one could connect the dots.
In an interview with the National Commission on Terrorist Attacks Upon the United States, better known
as the 9/11 Commission, CIA director George Tenet maintained that “the system was blinking red” in
the months before the attacks. In other words, there was ample warning that Osama bin Laden and his
Al Qaeda operatives were planning large-scale attacks, perhaps within the United States. In some
cases these warnings were frighteningly accurate: CIA analysts, for example, prepared a section titled
“Bin Laden Determined to Strike in US” for the President’s Daily Brief of August 6, 2001.1
These warnings came from a diverse group of actors scattered throughout the sixteen agencies that
made up the U.S. intelligence community (IC). These people were convinced of the grave threat posed
by Al Qaeda, and dogged in their pursuit of this enemy. At the CIA, for example, a group called Alec
Station, headed by Michael Scheuer, was dedicated to neutralizing bin Laden.
At the FBI, counterterrorism chief Paul O’Neill and his team had gained firsthand experience with
Islamic terrorists during investigations of attacks in Saudi Arabia and Yemen, and they were determined
not to let them strike in the United States again (in 1993 the World Trade Center had been attacked
with a truck bomb). Richard Clarke, the chief counterterrorism adviser on the U.S. National Security
Council, was the highest-level champion of the fight against Al Qaeda, devoting great energy to
assessing and communicating the danger posed by bin Laden’s group.2
In the months preceding 9/11 troubling signs were apparent to many within the IC. Ken Williams of the
FBI’s Phoenix office wrote a memo in July 2001 to the bureau’s counterterrorism division highlighting
an “effort by Osama bin Laden to send students to the US to attend civil aviation universities and
colleges” and proposing a nationwide program of monitoring flight schools.3 On July 5th Clarke
assembled a meeting with representatives from many agencies—including the FBI, the Secret Service,
the Coast Guard, and the Federal Aviation Authority—and told them, “Something really spectacular is
going to happen here, and it’s going to happen soon.”4
Zacarias Moussaoui was taken into custody by agents from the FBI’s Minneapolis office in August 2001
and immediately recognized as a terrorist threat. The Minneapolis office requested a search warrant of
Moussaoui’s laptop and personal effects, citing the crime of “Destruction of aircraft or aircraft facilities.”5
Poor Information Sharing and its Consequences
No one, however, was able to “connect the dots” among all these pieces of evidence and perceive the
nature and timing of the coming attacks clearly enough to prevent them. Investigators concluded that a
1
Thomas H. Kean and Lee H. Hamilton, The 9/11 Commission Report: Final Report of the National Commission on Terrorist
Attacks Upon the United States (New York: W. W. Norton, 2004). Tenet’s quote appears on page 259; the title of the August
6, 2001 president’s daily brief is given on page 260.
2
In addition to the report of the 9/11 Commission itself, Lawrence Wright’s The Looming Tower(New York: Alfred A. Knopf,
2006) is an excellent source of information on bin Laden, those in America who perceived his threat, and information-sharing
failures within and among the agencies responsible for preventing terrorist attacks.
3
4
5
http://archives.cnn.com/2002/US/05/21/phoenix.memo/index.html.
Looming Tower, 389.
http://www.time.com/time/covers/1101020603/memo.html.
 2009 MIT Center for Digital Business
1
MIT Center for Digital Business
Case Study 101: The US Intelligence Community (A)
major reason for this failure was the lack of effective information sharing both within and across
intelligence agencies. Information flows were often “stovepiped,” that is, reports, cables, and other
intelligence products were sent up and down narrow channels within an agency, usually following
formal chains of command. If someone within a stovepipe decided that no more analysis or action was
appropriate, the issue and the information associated with it typically went no further. There were few
natural or easy ways for someone to take information, analysis, conclusions, or concerns outside the
stovepipe and share them more broadly throughout the community.
Failures to act on and share information before 9/11 proved devastating. The Moussaoui search
warrant request, for example, was not granted until after the attacks had taken place. Throughout 2001
agents at both the CIA and FBI were interested in the activities and whereabouts of several suspected
terrorists, including Khalid al-Mihdhar and Nawaf al-Hazmi. CIA investigations revealed that Mihdhar
held a U.S. visa, and that Hazmi had traveled to the United States in January 2000.
This information was not widely disseminated within the IC at the time that it was collected, however,
and was also not shared with FBI agents during a June 2001 meeting of representatives from the two
agencies during the investigation of the October 2000 bombing of the USS Cole in Yemen. At the time
of the meeting Mihdhar was not on the State Department’s TIPOFF watch list, which was intended to
prevent terrorists from entering the United States. He arrived in the United States in July 2001, and
both he and Hazmi participated in the September 11 attacks.6
The volume and gravity of these and other information-sharing failures led some to conclude that the
9/11 attacks could have been prevented. Because of what the 9/11 Commission called “good instinct”
among a small group of collaborators across the FBI and CIA, both Mihdhar and Hazmi were added to
the TIPOFF list on August 24. However, efforts then initiated to find them within the United States were
not successful. The Commission’s report concluded,
“We believe that if more resources had been applied and a significantly different approach
taken, Mihdhar and Hazmi might have been found. . . .
Both Hazmi and Mihdhar could have been held for immigration violations or as material
witnesses in the Cole bombing case. Investigation or interrogation of them, and investigation of
their travel and financial activities, could have yielded evidence of connections to other
participants in the 9/11 plot. The simple fact of their detention could have derailed the plan. In
any case, the opportunity did not arise.”7
Improvements, and How to Make them Stick
The 9/11 Commission made a number of recommendations for improving the IC. These included,
predictably, better information sharing:
“We have already stressed the importance of intelligence analysis that can draw on all relevant
sources of information. The biggest impediment to all-source analysis – to a greater likelihood of
connecting the dots – is the human or systemic resistance to sharing information. . ”
In the 9/11 story, for example, we sometimes see examples of information that could be
accessed—like the undistributed… information that would have helped identify Nawaf al Hazmi
in January 2000. But someone had to ask for it. In that case, no one did. Or . . . the information
is distributed, but in a compartmented channel. Or the information is available, and someone
does ask, but it cannot be shared. . . .
We propose that information be shared horizontally, across new networks that transcend
individual agencies. . . .
6
9/11 Commission Report, 268–272; also The Looming Tower.
7
9/11 Commission Report, 272.
 2009 MIT Center for Digital Business
2
MIT Center for Digital Business
Case Study 101: The US Intelligence Community (A)
The current system is structured on an old mainframe, or hub-and-spoke, concept. In this older
approach, each agency has its own database. Agency users send information to the database
and then can retrieve it from the database.
A decentralized network model, the concept behind much of the information revolution, shares
data horizontally too. . . .
No one agency can do it alone. Well-meaning agency officials are under tremendous pressure
to update their systems. Alone, they may only be able to modernize the stovepipes, not replace
them.”
The 9/11 Commission also recommended the creation of a director of national intelligence with some
level of authority over all sixteen federal agencies. This director, it was hoped, could encourage better
coordination and lessen the degree of stovepiping within the community. According to the commission’s
final report, “[With] a new National Intelligence Director empowered to set common standards for
information use throughout the community… a government-wide initiative can succeed.”
The Intelligence Reform and Terrorism Prevention Act of 2004 created the office of the Director of
National Intelligence (DNI). In an official statement to the U.S. Senate in 2007, J. Michael McConnell,
the second director, discussed the need for a deep shift in philosophy and policy within the IC: “Our
success in preventing future attacks depends upon our ability to gather, analyze, and share information
and intelligence regarding those who would do us more harm. . . . Most important, the long-standing
policy of only allowing officials access to intelligence on a “need to know” basis should be abandoned
for a mindset guided by a “responsibility to provide” intelligence to policymakers, warfighters, and
analysts, while still ensuring the protection of sources and methods.”8
Not all observers, however, felt that the DNI would be able to accomplish much, or to effect deep
change in the agencies’ strong and entrenched cultures. The federal commission established to
investigate the IC’s poor performance in determining whether Iraq possessed weapons of mass
destruction was particularly blunt. Its final report stated that “commission after commission has
identified some of the same fundamental failings we see in the Intelligence Community, usually to little
effect. The Intelligence Community is a closed world, and many insiders admitted to us that it has an
almost perfect record of resisting external recommendations.” (emphasis in original).9 The journalist
Fred Kaplan, writing in the online magazine Slate, was also pessimistic: “There will be a director of
national intelligence. But the post will likely be a figurehead, at best someone like the chairman of the
Council of Economic Advisers, at worst a thin new layer of bureaucracy. . . . ”10
Many wondered how a “thin new layer of bureaucracy” could possibly address the IC’s inability to
connect the dots, or start to change its deeply entrenched “need to know” culture. Could U.S.
intelligence analysts ever learn to share what they knew and collaborate more effectively? What might
encourage them to do so?
The IC decided to look within itself for answers to these questions. The DNI took over from the director
of central intelligence (the head of the CIA) a novel program, called the Galileo Awards, intended to
solicit innovative solutions to challenges facing the IC from community members themselves. The
Galileo Awards first call for papers went out in 2004.
Acknowledgement
The Center for Digital Business would like to thank Cisco Systems, Inc. and BT for their generous
support of this research.
8
9
http://www.docstoc.com/docs/886365/DNI-ANNUAL-REPORT-TO-CONGRESS.
http://www.basicint.org/pubs/Research/05WMD.pdf.
10
http://www.slate.com/id/2110767/.
 2009 MIT Center for Digital Business
3
MIT Center for Digital Business
Case Study 101: The US Intelligence Community (A)
ABOUT THE MIT CENTER FOR DIGITAL
BUSINESS
Founded in 1999, the Center for Digital
Business is the largest research center in the
history of the Sloan School. We are supported
entirely by corporate sponsors whom we work
with closely in directed research projects. The
Center has funded more than 45 Faculty and
performed more than 60 research projects. Our
mission is to join leading companies, visionary
educators, and some of the best students in the
world together in inventing and understanding
the business value made possible by digital
technologies. Our interactions are a dynamic
interchange of ideas, analysis, and reflection
intended to solve real problems.
Examples of Current Focused Research
Projects:
 Implications of e-Commerce for New
Services and Structure of Logistics Systems
 How Do Intangible Assets Affect the
Productivity of Computerization Efforts?
 Wireless
and
Mobile
Commerce
Opportunities for Payments Services
 Benchmarking Digital Organizations
 Security and the Extended Enterprise
 Pricing Products and Services in the HighTech Industry
The Center for Digital Business is completing its
Phase II, focusing more explicitly on business
value, while at the same time including
technologies beyond the Internet in its purview.
Our goal, in part, is to reduce that timeline
through
basic
and
applied
research,
engagement with industry sponsors, and the
sharing of best practice, and the MIT’s credo of
combining rigor with relevance is well served.
We are co-located with MIT Sloan’s Center for
Information Systems Research and the Center
for
Collective
Intelligence
to
facilitate
collaboration. Our cross-campus collaborations
include work with the Media Lab, AutoID
Center, Computer Science and AI Lab, and
Communications Futures Program.
We are organized into four areas of expertise –
or Special Interest Groups:
1.
2.
3.
4.
Digital Productivity
Digital Marketing
Digital Health
Digital Services
Founding Sponsors
Cisco Systems
CSK Corporation
General Motors
McKinsey
SAP
Suruga Bank
Research Sponsors
BT
France Telecom
Liberty Mutual
Member Sponsors
Google
HP
Oracle
SAS Institute
Solution Services
Contact Information
MIT Center for Digital Business
MIT Sloan School of Management
5 Cambridge Center, NE25-700
Cambridge, MA 02142
Telephone: (617) 253-7054
Facsimile: (617) 452-3231
http://digital.mit.edu/
David Verrill, Executive Director
Erik Brynjolfsson, Director
Glen L. Urban, Chairman
Andrew McAfee, Principal Research Scientist
Carlene Doucette, Executive Assistant
Joanne Batziotegos, Financial Assistant
Please visit our website for more information.
http://digital.mit.edu
 2009 MIT Center for Digital Business
4