Making Democracy Great Again

Originally posted in FPRI, Geopoliticus

It wasn’t the World Economic Forum in Davos, Switzerland, and it wasn’t meant to be. Bono wasn’t there, nor was Beyoncé, but former U.S. Vice President Joseph Biden and former British Prime Minister Tony Blair were. The event was the first Copenhagen Democracy Summit held on June 22, 2018. No glam, no glitz, just serious policy discussions from an array of former and current world leaders to discuss the precipitous slide in democracy and democratic values the world over. I had the privilege to attend as a board member of the Alliance of Democracies Foundation, which was supporting the conference. Here are my impressions.

The brainchild of former Danish Prime Minister and NATO General Secretary Anders Fogh Rasmussen, the Democracy Summit is dedicated to strengthening the resolve of the world’s democracies by providing a high-level forum exclusively focused on the cause of democracy. With democracy under threat from nationalist movements, autocracies, and terrorist organizations, the Summit seeks to meet the need to revitalize the world’s democracies by bringing together current and former heads of state as well as leading business executives, academics, and dissidents into open dialogue to support the maintenance of shared democratic values.

Sounding a somewhat familiar mantra, Summit Chairman Rasmussen opened the conference by declaring to the 350 participants from over 40 nations, “We are here to make democracy great again.” In a time when the world’s democracies are being challenged both from internal and external forces, this Summit did a deep dive why long-accepted democratic norms such as free speech, human rights and free trade are under assault from populist, nationalist and nativist forces at home as well as autocratic nations abroad.

Opening the conference was a sobering statistical study by Dalia, an international research organization. Using its Democracy Perception Index 2018 (DPI), the single largest study measuring citizens’ trust in government, Dalia found that democracies are facing a severe crisis in faith in the eyes of the public. The DPI 2018 found that a majority of people living today in democracies no longer believe that government works for them. Among the report’s findings, a surprising 51% of people living in democratic countries think their voice “rarely” or “never” matters in politics. Moreover, in democracies, a majority of the population, 64%, believes that their governments “rarely” or “never” act in the interest of the public compared with only 41% saying the same in non-democracies.

This tocsin of democracies in peril was addressed throughout the Summit, but most notably in an extraordinary panel discussion with the former heads and deputy heads of state of Canada, Spain, Estonia, Mexico, and the United Kingdom. The panelists agreed that for many, democracy is perceived as deaf, cut off from the needs and aspirations of immigrants, unresponsive to the fears of workers caught in rapidly re-tooling economies and sclerotic in its ability to respond quickly to disasters or update crumbling infrastructures. “People tell us they are unhappy, we must listen,” said former Canadian Prime Minister Stephen Harper. “We have to show that democracy can adapt and innovate to meet challenges of a changing society,” opined Nick Clegg, former Deputy Prime Minister of the United Kingdom.

Indeed, democracy did not get off lightly at the conference. Speaker after speaker bemoaned the back-sliding, seemingly epidemic in democratic nations today where their governments are perceived as inept, incompetent, or worse, indifferent. Joe Biden was most forceful in his assessment that “the threat to democracy isn’t just Russia. Authoritarianism is on the rise in every region.” Biden called for a re-dedication to the principles that form the bulwark of democracies: inclusive institutions, the rule of law, equal protection, and equality of opportunity for all. Concluding with a strong statement meant to throw down the gauntlet to the democracies of the world, Biden said, “Democracy demands diligence. Democracy demands engagement. And sometimes democracy demands sacrifice of its citizens. That’s how we keep it.” “Let’s not forget who the hell we are.”

Another panel delved into the current conundrum of “fake news” and how movements and forces use it to sow discord and fear in the electorate. Indeed, many fingers were pointed to the Russians as masters of these dark arts, while criticism was also subtly leveled against the current U.S. administration for labeling political opponents and news organizations as purveyors of the trade.

Running a close second to the “fake news” topic was cyber security and hacking and how democratic institutions are besieged by a blitz of hacking from Russia, China, Iran, and North Korea. Often, this activity goes beyond the simple stealing of data and intellectual property and seeks to undermine public confidence in the electoral system of many Western democracies.

Tony Blair closed the conference with a plea for a more “muscular” democracy as a statement that those who hold it dear will fight to keep it. He urged participants and governments alike to spread the gospel of democracy and to communicate that it does work and that it is worth fighting for. Pointedly, he said, “Democracy needs to revive its spirit.”

As is often the case, the real value of these conferences was not what was said at the podium by the speakers, but was whispered in the halls amongst the participants. Time and time again, we Americans were questioned by our European colleagues about the direction of our government regarding NATO, free trade, and immigration. While anger was never apparent, confusion and frustration were. The confusion was based upon a general befuddlement over current policies towards Europe and the frustration stemming from an inability to understand our seeming rejection of 73 years of collective security in favor of warmer relations with Russian autocrats. As one conferee noted at lunch, “The autocrats and the despots are on the march again. They think this is their time.”

Notwithstanding attendees’ confusion and frustration, it was clear that America does matter, America is the key, and America is indispensable to democracy and to global leadership. They just don’t know if America agrees.

The Future of Cybersecurity, a Conversation With Jack Thomas Tomarchio of Agoge Group, LLC - From Drexel University

Original Post, by Patricia Connolly, Found Here

 

Today’s boardrooms continue to sharpen their cybersecurity oversight in preparation for an inevitable cyber incident. Patricia Q. Connolly, Executive Director of the Raj & Kamla Gupta Governance Institute, sat down with cyber expert Jack Thomas Tomarchio, Principal at Agoge Group, for a conversation around growing cybersecurity concerns and the ways boards can ensure they are equipped to handle cyber-attacks.

The following is an edited transcript of the conversation.

Patricia Q. Connolly: In my work at the Raj & Kamla Gupta Governance Institute, I have had many boards raise questions around cyber preparedness. In your experience, do boards fully understand the scope and severity of cyber threats?

Jack Tomarchio: Some boards understand the scope of cyber threats, but many or most boards do not. Cybersecurity has become an agenda item, but directors and management don’t fully understand the severity of possible threats. And it’s hard to be prepared for a threat when you are unsure of what you are facing.

Security is always the last line item on a corporate budget, because it represents money out and no money in. There’s no profit in security; it’s not “sexy.” It’s like insurance—you don’t know you need it until you experience a disaster and are unprepared, but at that point it is too late to do anything about it.

Q. What should boards be doing differently now regarding cybersecurity?

It is incumbent upon boards to educate themselves on the risks of cyber-attacks and strategies to mitigate those risks. On April 24, 2018, Altaba (formerly known as Yahoo) settled with the SEC and agreed to pay $35 million for failing to adequately disclose a cyber breach—the first time a public company has been fined by the SEC for this. Headlines like that should get the board’s attention—this should be the impetus for everyone to act on cyber issues. When cyber-attacks occur, it’s a big headline. CEO’s are fired, along with other members of the C-Suite, and ultimately board members end up running the risk of personal liability outside of the insurance limitations.

But, for some reason, it’s often not enough to force companies to act on these risks. And that is an issue because most companies are currently unable to sufficiently handle a cyber-attack. Boards must develop useful responses to cyber-attacks. It’s not about “checking a box,” or simply having discussed cyber; there needs to be a real conversation around mitigating the risks. They tend to be reactive, but these are real assaults on companies for data, intellectual property, and money, and you cannot win a battle by being passive.

I’ve personally witnessed cyber warfare attacks through my work in the US Intelligence Community, and it is intense. You never want to end up saying, “now what do we do?” You always want to be prepared. There is help and partnership available, which many boards are unaware of or actively choose not to seek. The FBI offers outreach partnerships, but they don’t often get called. You only need to ask for help, and there’s an opportunity to have it.

“Boards have to be cognizant of the fact that cyber risks are now part of the business landscape and culture.”

Q. How have you seen governance practices evolve in response to major cyber-attacks?

We are seeing some boards attempting to recruit directors with cyber experience or skills. However, it’s not as common as it should be. All boards of directors need at least one individual with cyber expertise. The full board needs to be informed and responsible for cyber-oversight, but there needs to be one person with that background who can then educate others and measure the company’s preparedness regarding cyber planning.

I often hear from directors, “my Chief Technology Officer (CTO) or Chief Information Security Officer (CISO) is handling that.” This is a mistake. Boards cannot be relying solely upon the CTO or CISO for guidance on these issues, but should instead be reviewing their work and asking them to enforce board-directed strategies. It should be the role of the board to ask them the tough questions, and to do that, you need a board member who knows what questions to ask.

“Cyber warfare is an attack, and boards must treat it as such. If you don’t understand the threat or the ramifications, you won’t be able to withstand an attack.”

Q. In February 2018, the SEC issued an interpretive release to guide public companies when preparing disclosures about cybersecurity risks and incidents. How should a board be prepared to speak about their plans to confront cybersecurity risks and threats?

Boards shouldn’t show their entire hand—you don’t want to put the details of the company’s response plan out there for all the world to see. However, they should lay out two to three pages on the corporation’s cybersecurity plan in the annual report. There doesn’t need to be a great level of detail, as investors will gloss over that anyways, but the board should demonstrate the resiliency of the company in the cyber realm. Outlining what the company has done, steps that have been taken, tests that have been performed, can be helpful to show that they are taking cyber threats seriously and trying to be proactive.

Public company boards do need to disclose their cyber preparedness, and they should insist on a written information security policy and an incident response plan that gets to the point. You don’t want an 800-page plan—no one looks at that and it isn’t useful. And boards not only need to prepare these types of items, but they need to regularly and continuously evaluate their usefulness and update the materials based on the evolving threats in the cyber realm. Your plans are only useful if they are designed for the current landscape.

Q. How can a board take the extra step to assure itself that the company has the proper protocols in place to evaluate, and respond to an incident quickly and effectively?

Yes, some boards are taking some smart steps regarding their cybersecurity plans. Small things, like not using the same IT guy when you perform penetration tests, can make a big difference. And those are actions that the board can easily take. You want to think about cybersecurity like baseball. A pitcher on the mound faces many different batters. If that pitcher only has one pitch, every batter knows exactly what to expect, and they can prepare for it. So the pitcher must mix it up and surprise batters; in other words, don’t always throw a fastball. Boards can think about cyber-attacks in the same way. They want to catch their attackers off-guard and not make it easy for them to gain access.

Q. What other steps might a board take to protect itself from a cyber-attack, and how can they manage the results if such an attack should occur?

One of my favorite tools to train boards on the risks, management, and mitigation of a cyber-attack is the use of the tabletop exercise. Originally developed by the military as war games to plan strategy and tactics, the tabletop exercise is a perfect pedagogical tool to teach boards how to respond to a cyber event.

When I run a tabletop exercise, I put the entire C-Suite and board through a cascading cyber crisis that challenges company leaders to make hard decisions under extreme pressure. The results are often eye-opening. Executives uncover gaps in their incident response plan, realize that they have serious systemic failures in inter-company communications, or learn that their crisis response is confused and disorganized. The exercise is designed to shed light on these types of deficiencies. I conduct a post-mortum afterward to discuss what the weakness were and methods to address them. Often the C-Suite will leave a tabletop exercise with a laundry list of fixes to be undertaken.

Furthermore, tabletop exercises allow the board to understand their role in the cybersecurity process versus the role management should play. The exercise provides the board with a hands-on experience to better understand what a cyber-attack entails, and what it means to be properly prepared to combat one. Board members can utilize these interactive sessions to further their own knowledge and ensure management has the proper crisis management and disclosure protocols in place.

The Threat No One Cares About

One of the last meetings I had in office was with three scientists from the Commission to Assess the Threat to the United States from Electromagnetic Attack.  As they briefed me about the threat and impact of an electromagnetic pulse (“EMP”) attack upon our country, it was clear these were desperate men.  

Working under a 2001 Congressional mandate, these scientists were making the rounds at various three letter agencies sounding a tocsin of warning about the catastrophic consequences of the little known and poorly understood threat of an EMP attack against our nation.

An EMP is created by the detonation of a nuclear payload in the upper Earth atmosphere. That changes the atomic makeup of oxygen and nitrogen molecules.   The electrons released from these molecules as a result of a nuclear explosion can cause a magnetic pulse that produces voltage surges in electric devices that will disable them permanently. In essence, an EMP can, in a nanosecond, fry the insides of most electrical appliances and other electrically powered machines rendering them permanently useless. What that means to societies thousands of miles from ground zero is a total disruption of electric power from power plants to handheld devices.

EMP events can also occur naturally from changes in the sun’s thermal activity. Whether caused naturally by the sun or artificially by the detonation of a nuclear warhead on an intercontinental ballistic missile, the results can be a veritable game-changer for society.

My guests that day educated me on the threat, the impact of a successful EMP attack on our wired society, and what our government was doing to combat the problem. Their discussion of the former topic was detailed and insightful. Their discussion of the latter topic, US response planning for the threat, was brief and alarming. Indeed, what the US was doing to prepare for this threat could be summed up in two words: not much. From the time I had my introduction to the EMP threat in 2008 until today, the United States has remained practically and negligently unprepared to deal with the challenge.

These were desperate men.

For a time there was some talk that an enemy like North Korea could fire a crude nuclear warhead launched from a submarine in the South Pacific over the southwestern United States and detonate it in the upper atmosphere with the desired effect of eliminating a good portion of our power grid west of the Rockies. Since the North Koreans had yet to perfect a nuclear weapon that could survive re-entry, all they would need to do would be to send it high, detonate it, and let the so-called games begin.

Recent rumors of rapprochement with Kim Jung Un’s Democratic Republic of North Korea may make that scenario unlikely, but there are still other would be malefactors who could attempt an attack such as a re-embargoed and nuclear aspirant Iran. Even if the genesis of an EMP attack is not man-made, but purely a solar phenomenon, the fact remains that our nation is not prepared to address the ramifications of such an attack upon the homeland.

With our nation now inextricably wired every level, an EMP attack could bring our critical infrastructure to a crashing halt: disconnect us from our computers, cell phones, and handheld devices, disable our air traffic control system, cripple our banking and financial system, and paralyze our hospitals, schools, and emergency services. The result would be to shut down society as we know it, throwing the country into a pre-Industrial Age dystopian gloom.

Since the day I met with those desperate scientists in 2008, little has changed; they are still desperate. What can and must happen is for the country to become more aware of the threat and to take needed action that will address the problem. What can be done? First, the public needs to be made aware that the dreaded nuclear winter can come just as easily via a low tech EMP explosion or a solar hiccup as it can from a full-blown nuclear war. Indeed, public awareness of the threat is low with most Americans totally ignorant of it. Raising public awareness will also kick-start a discussion of palliative measures that can be followed to mitigate the impact of an EMP strike. One such measure overdue for discussion is to consider taking critical assets such as military bases and emergency services off the grid. Introducing solar power, wind and geothermal power sources where practical at military bases would ensure that these key facilities would remain up and running should an EMP attack occur.

Another action that needs to be taken now is to increase information sharing on the EMP threat with state and local governments and the private sector. Just as state and local government were “read into” counter-terrorism intelligence after the 9/11 attacks, so too should the federal government build up a series of information sharing protocols with the states, the cities and private industry on the EMP threat. This isn’t rocket science, as most of the work has already been trail-blazed by the US intelligence community, the state and locals and the private sector in response to the terrorist threat.

Of course, responders must be trained to deal with this threat.  A tabletop exercise built around an EMP hit on the Continental United States would not be hard to build and would allow participants from all levels of government to participate. Table top exercises often called “war games” are highly didactic and if conducted properly can function like a 3-Dimensional GAP analysis to show where our response to an EMP attack is weak and in need of immediate improvement. We do these every day in the counter-terrorism world, so again the fix is not that hard to do.

Lastly, we need to pay better attention to our missile defense capabilities. As Americans, we think little of the defense umbrella provided by NORTHCOM. But even this umbrella needs some upgrades. With our anti-missile missiles not yet achieving at least an 80% knockdown rate, we need to enhance our ability to detect and shoot down suspicious airborne threats that could be carrying an EMP triggering device. Recently Congress authorized $13.8 billion for missile defense. This is a good start, but it needs to be followed on in the out years by other appropriations to maintain our lethality in defending the air and the space above the United States.

It’s been ten years since I met with those desperate scientists in my Washington, D.C. office. We needed to address the EMP threat to the homeland in 2008 as we need to address it in 2018. Unfortunately, our government has remained pretty much quiet about the threat, yet those scientists are still desperate. Isn’t ten years too long to live life in quiet desperation?         

Departure of Bossert Reveals “Boltonization” of NSC

On April 10, 2018, Thomas P. Bossert, the President’s Homeland Security Advisor, abruptly
resigned from his post. It came as a surprise to homeland security observers and to Bossert
himself. Speaking at the Cipher Brief’s 2018 Threat Conference in Sea Island, Georgia, Bossert
gave no hint that his departure was mere hours away. What the Bossert exit represents is a rapid
move by Bolton to put his own imprimatur upon the National Security Council.

As a fellow member of the George W. Bush administration, I worked homeland security issues
with Bossert although we did not work closely together. He was a denizen of the West Wing in
those days, while I worked domestic intelligence matters on Nebraska Avenue at the Department
of Homeland Security. Lawyerly and thoughtful, Tom was respected for his work ethic and
notably his ability to master the chaos that was the Hurricane Katrina crisis of 2005.

Unlike many other veterans of Bush 43, Tom was able to shed those “scarlet numbers” and join
the Trump administration. By all accounts, he and President Trump got on well. Bossert’s
relations with H.R. McMaster, Trump’s second National Security Advisor, were a bit more
complicated. Beset by a Byzantine chain of command conundrum, McMaster and Bossert feuded
over NSC seniority and who reported to whom. Besides their “who’s on first arguments,” the
two sparred over other matters of national security policy as well as often engaging in shouting
matches that reverberated through the black and white marbled halls of the Eisenhower
Executive Office Building.

A number of NSC staffers also complained that Bossert was a bit of a foot dragger when it came
to execution on policies relating to counterterrorism and especially cybersecurity. The Trump
administration’s failure to, as yet, delineate a cogent national cybersecurity strategy has been a
criticism that has been laid at Bossert’s feet. In defense to Tom, counterterrorism and
cybersecurity are both extremely complex issues, involving many stakeholders in government,
the private sector, and with our allies abroad. Getting these issues right and crafting a workable
strategy should take time and be subject to a great deal of thought and discussion.

Of course, the more important story here is the alacrity with which National Security Advisor
John Bolton moved to replace Bossert. Bolton, assuredly not a shrinking violet in the hard-
elbowed politics of bureaucratic Washington, has in one scythe-like move begun the process
which will result in the “Boltonization” of the National Security Council. Firings did occur after
McMaster took over as NSA, the most high-profile example being Ezra Cohen Watnick, but not
at the scale currently occurring during Bolton's first week as NSA. Bolton represents the
geopolitical hard, hard line of the Republican party. Indeed, many would contend that he is not
of the GOP at all, holding a worldview that is so combative and reactionary that he remains an
outlier among more traditional Republican foreign policy thinkers.

Expect Bolton to bring in his own people who share his worldview in the coming weeks. Most of
the new recruits will come with street creds that will label them as hardline foreign policy
reactionaries who will dismiss globalism and unity of action among the Western allies in favor of
American “go it aloneism.”

Since the Trump administration came into office, the NSC has been roiled with the hirings and
firings of two National Security Advisors, the departures of now three Deputy National Security

Advisors and several senior departmental directors as well as a slew of rank and file staffers.
Morale among council employees is said not to be robust.

Another changeover at the NSC could not come at a more inconvenient time. If Bolton is going
to look for a new and tougher staff at NSC, one that reflects his own vision of U.S. national
security, the real test for them will be decidedly immediate with the U.S. now facing an instant
decision on whether to undertake military action to punish Syria’s Assad regime for yet again
dropping chemical weapons on its own citizens, more challenges from Russian President
Vladimir Putin, and the looming summit between President Trump and North Korea’s Kim Jong-
un.

With varsity level competition facing him, let’s see if John Bolton’s attempt to re-make his NSC
team in his own image will be successful or will result in just a bunch of ideologue scrubs taking
the field in possibly the biggest game of their untested careers.

While it is understandable that Bolton will seek to populate his NSC with like-minded thinkers, it
is also important to ensure that national security policy-making enjoys the rigorous give-and-take
that will be needed to examine all facets of a projected course of action. Indeed, within the
Intelligence Community where I served, contrarians are highly valued for the leavening they
provide to any intelligence policy decision. Without examining and valuing the opinions of “the
loyal opposition” in foreign policy decision-making, we run the risk of following policies
untested. When the stakes are as high as North Korean missiles or strikes against Syrian (and
Russian) targets, National Security Advisor Bolton would be well-served by a few dissenting
voices in the EOB.

Russian Military Embraces 21st Century Tactics

The familiar version of the Russian military is of the ponderous Cold War juggernaut that invaded Hungary in 1956 and Czechoslovakia in 1968, heavy on armor and artillery but light on agility, maneuverability and independent action when necessary. Not so much anymore. With Russian adventurism in Crimea, Ukraine, and Syria, its military is the recipient of an array of new technologies using artificial intelligence, high-resolution geo-spatial imagery, robotics and sophisticated drone technology. While Russia still lags significantly behind the United States in defense spending, $46 billion to the US’s $700 billion, what is important is that Russia is making strides to improve how its military fights and even more importantly where it fights. Russian submarine stealth technology is first rate with boats of the new Yasen and next-generation Husky classes quieter and stealthier than ever while Russian ground and sea-launched ballistic missiles allegedly packing more thrust and accuracy than ever before.

Russian military thinking is also undergoing a revolution. Historically Russia has always fought large defensive wars such as the Patriotic War of 1814 against Napoleon and the Great Patriotic War against Germany (World War 2). New Russian tactics, however, now call for taking the war to the adversary early and with stunning lethality. Chief of the Russian General Staff, General Valery Gerasimov in recent remarks to the Russian Military Academy stated, “The objects of the economy and the state administration of the enemy will be subject to immediate destruction, in addition to the traditional spheres of armed struggle, the information sphere and space will be actively involved.” With this shift in traditional tactics the Russians now seek to push conflict away from its borders and to the heart of its enemies. With Russia’s loss of its traditional “near abroad” (the 14 former socialist republics of the USSR) and “nearer abroad” (the Warsaw Pact allies) buffer states, Russian military thought now views it as a strategic imperative to take the fight to the adversary. Moreover, Gerasimov recognizes that in order to prevail in future conflict Russia must be prepared to fight a multi-dimensional war targeting a foe’s economic, information, energy and financial infrastructure, all critical instruments of national power. A future war with Russia will assuredly see attacks on all of these “fronts” as warfare enters an age of “inclusive lethality”, further blurring the old combatant/noncombatant targeting paradigms of the past.

This new Russian strategic mindset is itself a carryover of Russia’s traditional way it sees the world and its place in it. Obsessed with encirclement and invasion, Russia now seeks to control the tempo of world events by shifting away from its historic defensive posture to a new deep strike capability that will carry the war to the heartland of its enemies.

For NATO and especially the US, the challenge will be to ensure that Western capabilities in space, information warfare, submarine technology and other military modalities remain robust, technologically superior and nimble. Not to do so would be a mistake whose consequences will be paid for at a future time. The price may not be something we will be pleased to pay.

Austin Bombings Entering An Even More Challenging Phase

With the newest revelation today that a package believed bound for Austin, Texas exploded in a FedEx facility in Schertz, Texas, the investigation into the Texas serial bomber just got more complicated. If forensics link this bomb to the other four explosive devices in Austin, it casts a new light on the unknown bomber. Assuming the same person or persons are behind all five explosions, what does this us tell us about the so-called serial bomber?

1. The bomber(s) is a determined individual. He is moving rapidly to detonate as many of these devices as possible in as short an amount of time as possible. He has not been cowed by the attention of law enforcement and, in fact, may have been emboldened. In short, this guy is not running scared.

2. He is agile. The fact that he has now originated an attack from a location in Texas other than  Austin indicates that he is mobile and can move with ease. He probably has enough money and time to travel to other locales to launch these attacks.

3. He is still targeting Austin, Texas. For a reason unknown to us, Austin remains "ground zero" for his bombings. This points to a motive connected with Austin: he lives or has lived there, he exhibits some degree of possible animosity or frustration with the Austin area or he equates the city with a  past disappointment or resentment that is Austin-centric.

4. He has some degree of technical expertise which has allowed him to build multiple improvised explosive devices and to vary the types of bombs built. 

What law enforcement must do now it to exploit any forensic evidence that can be harvested from the bombing sites. While the explosive devices have been destroyed upon detonation, trace physical evidence may remain in the form of latent finger prints, DNA or other evidence that can give police some needed leads. Further technical exploitation is also needed to understand how the bombs were engineered and assembled. Lastly, understanding the chemical nature of the explosives will point to what materials were used in making the bombs which could lead to likely sources of supply such as hardware stores or chemical supply companies. The police have a fast moving, agile opponent in the Austin bomber, but its just a matter of time that the forensics will catch up with the perpetrator.