Think Tank Predicted Russian Cyberwar v. United States

Posted on May 3, 2017May 3, 2017 by Denise Simon

Washington, D.C., May 3, 2017 – A Rand Corporation 1967 paper predicted many of the cyber dilemmas faced by policy makers today, and a 2017 expanded analysis of the “GRIZZLY STEPPE” hacking by Russian cyber operators disclosed key findings about the techniques the hackers used and ways to mitigate them, according to the National Security Archive publication today of 40+ highlighted primary sources from the critically-praised “Cyber Vault” at http://nsarchive.gwu.edu/cybervault.

Compiled and edited by noted intelligence historian Dr. Jeffrey T. Richelson, the Cyber Vault collection of primary sources is growing by a dozen or more documents every week, and includes the declassified briefings provided by the National Security Agency to the George W. Bush and Barack Obama transition teams in 2000 and 2009, respectively. The collection also includes a 2016 order from the U.S. Cyber Command to set up a unit with the mission of debilitating and destroying computer and communications operations of the terrorist group ISIS.

The Cyber Vault team obtained the 2016 order under the Freedom of Information Act (FOIA). The project has filed scores of other FOIA and declassification requests as part of a multi-year documentation contribution to the growing field of cyber studies, with the support of the William and Flora Hewlett Foundation.

The 2000 transition briefing explicitly foreshadowed the Edward Snowden controversy, warning the new White House team that the 4th Amendment-protected communications of Americans were inextricably mixed with those of foreigners on the Internet. The 2016 U.S. Cyber Command order established a joint task force designed to bring the resources of the Defense Department, Intelligence Community, and Justice Department to bear against the terrorist group that the Trump administration has since designated its top foreign policy priority.

Cyber Vault Highlights

By Jeffrey T. Richelson

On March 30, 2016, the National Security Archive opened its Cyber Vault, a repository of documents on all aspects of cyber activity – including computer network defense (and other other aspects of cybersecurity), computer network attack, and computer network exploitation. The more than 750 documents currently in the vault have been drawn from a variety of sources – Freedom of Information Act releases, websites of both U.S. federal and state government organizations, courts, foreign government organizations, NATO, government contractors, think-tanks, advocacy groups, and media websites (including Wikileaks and those that posted documents provided by Edward Snowden).

In addition to relying on a multitude of sources to populate the Cyber Vault, the Archive has sought to accumulate a diverse set of documents – which has guided its collection strategy. As a result, the Cyber Vault includes significant documents from the 1960s and each subsequent decade, on cyber organization, on policy and strategy, on domestic and foreign cyber activities, on cybersecurity requirements, and on cyber crimes and the related investigations. Also included are intelligence assessments and theses. The documents also represent a spectrum of classifications, from unclassified, to formerly classified, and – in the cases of Wikileaks and Snowden documents – currently classified documents. Many of the documents cut across a number of categories.

Among the documents represented from the 1960s and 1970s are two seminal papers. One is Willis Ware’s 1967 effort, Secrecy and Privacy in Computer Systems (Document 1), written for the RAND Corporation, and one of the very first systematic approaches to information leakage, security, and privacy. The other (Document 2), produced by a staff member of Britain’s signals intelligence agency, the Government Communications Headquarters (GCHQ), represents the initial development of public key cryptography – although it was not declassified until years after the concept had been made public by American mathematicians.

That document is also one of several illustrating or concerning foreign government cyber efforts. A much more recent GCHQ product (Document 29) was one of the documents provided to Glenn Greenwald and Laura Poitras by Edward Snowden – a briefing on efforts to deanonymize users of The Onion Router (TOR) network, which had been developed by members of the U.S. Naval Research Laboratory (Document 32) as a means of protecting online communications. Chinese cyber organization, policy, and operations are covered, collectively, by two documents – an unclassified paper (Document 36) produced under the auspices of the NATO Cooperative Cyber Defence Centre of Excellence and a Top Secret codeword NSA briefing (Document 24) on the People Republic of China’s computer network exploitation activity. Current Russian cyber activities are discussed in an extract (Document 35) from the controversial “Trump Dossier,” written by a former British Secret Intelligence Service officer.

Other documents concern hostile cyber activities from an earlier era. One, from 1998 (Document 12) provides information to the then director of the FBI, Louis Freeh, concerning the SOLAR SUNRISE investigation concerning intrusions into at least 11 unclassified DoD Computer systems at various locations in the United States. Another FBI memo (Document 13), concerns a 1999 investigation into intrusions into computer systems in the United States, the United Kingdom, Canada, Brazil, and Germany – an investigation which took some of the investigators to Moscow. In a newly released portion, it discusses possible response to intrusions – including the creation of “honeypots” containing “beacon” files.

In addition to being the victim of intrusions, the U.S. has also debated and formulated policy, granted authority over, and conducted intrusions in pursuit of national security objectives. In March 1997, Secretary of Defense William Cohen assigned the responsibility for computer network attack and exploitation to the National Security Agency in a short memo (Document 10). During that Spring a senior NSA official addressed the issue of cyberwar in a Secret article (Document 11) in a NSA journal. Many years later, according to a number of accounts, U.S. and Israeli cyber personnel were able to penetrate industrial control systems associated with the Iranian nuclear program and damage centrifuges that could produce weapons-grade material. While there have been no publicly released executive branch documents concerning the “Stuxnet” operation, it has been the subject of reports by RAND and the Congressional Research Service. (Document 26).

Concern over possible Russian intrusion into U.S. computer systems related to elections became a significant subject of discussion in the 2016 presidential election. Apprehensions over the possibility of such intrusions go back at least a decade. A December 2007 report (Document 20) was commissioned by Ohio’s Secretary of State, and contained disturbing results about the vulnerability of Ohio’s electronic voting systems. In the wake of a poorly-received, brief analysis of alleged Russian cyber activity related to the 2016 election, the Department of Homeland Security’s National Cybersecurity and Communications Integration Center produced more detailed examination (Document 41) of the GRIZZLY STEPPE activity.

By the time the DHS report was issued, President Trump had been presented with a draft executive order on cybersecurity (Document 40 ), which would undoubtedly have been the first of a significant number of presidential actions on cybersecurity – just as President Obama had signed a number of cyber-related executive orders and presidential directives, including one (Document 34) that established a Cyber Threat Intelligence Integration Center. Ultimately, the Trump draft order became the first in a series of drafts, and no order has yet been signed.

Bayrock in Money Laundering Scheme

Posted on May 3, 2017May 3, 2017 by Denise Simon

Trump business partner accused of involvement in Dutch-based money laundering scheme

Dinsdag 2 mei 2017

Dutch letter box companies implicated in million-dollar fraud

The American real estate development company Bayrock, through which Donald Trump constructed hotels and apartment complexes, used Dutch letter box companies in a network suspected of being involved in money laundering. A ZEMBLA investigation suggests that Bayrock siphoned off $1.5 million dollars by setting up a corporate structure in the Netherlands in 2007. In New York, Bayrock also stands accused of large-scale tax fraud. This incriminating information could place Donald Trump in an extremely difficult position, claims attorney F. Oberlander, who is prosecuting Bayrock on behalf of the State of New York: “The maximum jail term would be 30 years. So you’re in really serious trouble.”

In 2005, Donald Trump became 18% owner of an hotel-condominium known as Trump SoHo. Bayrock, the other owner, is accused of perpetrating fraud on a grand scale through, among other things, Trump SoHo. According to US law, this means that Trump is jointly liable for Bayrock’s criminal activities. Oberlander concludes:
“Anybody running a business through a pattern of crime is guilty of racketeering. Anybody knowing what they’re doing and are helping is guilty of racketeering conspiracy. They go to jail.”

All Bayrock wants is to make clear to ZEMBLA that the Dutch corporate construction was established on the advice of an external legal counsel. ZEMBLA discovers that the firm in question is Bracewell & Giuliani. Rudy Giuliani, the former mayor of New York, and part owner of the law firm at the time, is also a Trump confidante. ZEMBLA has access to correspondence between the law firm and the Dutch director of a trust company in Amsterdam, which leaves no doubt as to the ultimate beneficiary owners of the Dutch business construction: the director of Bayrock and the Khrapunov family from Kazakhstan.

Viktor Khrapunov is a fugitive ex-mayor and governor from Kazakhstan. The Kazakhstan government accuses Khrapunov of embezzling hundreds of millions of state assets. In 2007, Bayrock and the Khrapunov family founded the Dutch joint venture KazBay B.V. ZEMBLA has copies of the act of incorporation, bank statements and internal communications showing how the suspected money laundering scheme was set up. “It was designed to get millions of dollars out of New York into Europe. Through KazBay. KazBay was just a conduit”, asserts attorney Oberlander.

The Dutch director of KazBay B.V. tells ZEMBLA that he has no knowledge of his clients’ dubious backgrounds. In 2007, the year that the Dutch letter box companies were established, Viktor Khrapunov’s alleged criminal dealings become public knowledge. Around the same time, it also becomes clear that Felix Sater, one of the Bayrock owners, has concealed his criminal past and mafia connections.

For years, the Dutch Central Bank has been concerned that Dutch trust companies are failing to comply with legislation. Over half of the companies investigated by the Dutch Central Bank are in breach of the regulations, such as subjecting their clients to rigorous screening. Investigations performed by the supervisory body reveal that hundreds of politicians from Russia and Kazakhstan make use of Dutch trust companies. Frank Elderson, director of the Dutch Central Bank: “There are no legal stipulations forcing you to do business with a former political hot-shot from Russia or any other high risk nation.”

Six months ago, the Financial Times reported that, in 2013, the Khrapunov family had bought three apartments in Trump SoHo to the tune of 3.1 million dollars. A sale from which Trump benefitted as joint owner. The White House, the Trump Organization and Viktor Khrapunov decline to answer ZEMBLA’s questions. In the episode ‘The Dubious Friends of Donald Trump: Part 1 – the Russians’, ZEMBLA explores the possible implications of these shady business dealings for the United States’ 45th president.

*** More on the letter box issue: Related reading/ EU to close ‘letterbox’ company tax loopholes

“Nearly one-third of all foreign profits reported by US corporations in 2003 came from just three small, low-tax countries: Bermuda, the Netherlands, and Ireland,” said a White House factsheet in 2009. Like the Queen in Shakespeare’s ‘Hamlet’ who protested that ‘The lady doth protest too much, methinks,’ the Dutch government hypocritically objected to the Netherlands being dubbed a tax haven and the White House deleted the line. The Dutch tax haven, has about 20,000 letter-box companies and in recent years, Facebook joined U2, the Irish rock group, to avail of the system. The Netherlands also hosts thousands of foreign financial vehicles. Bloomberg reports that a bookkeeper’s home office in Amsterdam, doubles as the headquarters for a Yahoo! Inc. offshore unit. It says as a deficit-strapped Europe raises retirement ages and taxes on the working class, the Netherlands’ role as a $13tn relay station on the global tax-avoiding network is prompting a backlash.

Bloomberg says that attracted by the Netherlands’ lenient policies and extensive network of tax treaties, companies such as Yahoo, Google, Merck & Co and Dell have moved profits through the country. Using techniques with nicknames such as the “Dutch Sandwich,” multinational companies routed €10.2tn in 2010 through 14,300 Dutch “special financial units,” according to the Dutch Central Bank. Such units often only exist on paper, as is allowed by law.

Google, IBM and Italian oil and gas group ENI head the list of companies using letter-box companies to cut their Dutch tax bills to between 0 and 5%, the Volkskrant daily said last week.

Covert Operations Training for N. Korea Nuclear Sites?

Posted on May 3, 2017May 3, 2017 by Denise Simon

As Iran attempted to launch a cruise missile from a submarine in the Strait of Hormuz on Tuesday, the test failed, two U.S. officials told Fox News.

An Iranian Yono-class “midget” submarine conducted the missile launch. North Korea and Iran are the only two countries in the world that operate this type of submarine.

In February, Iran claimed to have successfully tested a submarine-launched missile. It was not immediately clear if Tuesday’s test was the first time Iran had attempted to launch a missile underwater from a submarine.

CHINA has called for all of its citizens to return from North Korea immediately as a US citizen is detained for allegedly trying to overthrow the country’s regime.

The Korea Times reports that the Chinese embassy in North Korea began advising Korean-Chinese residents to return to China.

A Korean-Chinese citizen told Radio Free Asia he was advised to ‘stay a while’ in China, and stated: ‘The embassy has never given such a warning. I was worried and left the country in a hurry.’

But he said most Chinese citizens in North Korea had opted not to heed the warning. More here.

US Commandos Set to Counter North Korean Nuclear Sites

Neutralizing Pyongyang’s nuclear, chemical arms warfighting priority, SOCOM commander says

Gertz: U.S. special operations forces are set to conduct operations against North Korean nuclear, missile, and other weapons of mass destruction sites in any future conflict, the commander of Special Operations Command told Congress Tuesday.

Army Gen. Raymond A. Thomas stated in testimony to a House subcommittee that Army, Navy, and Air Force commandos are based both permanently and in rotations on the Korean peninsula in case conflict breaks out.

The special operations training and preparation is a warfighting priority, Thomas said in prepared testimony. There are currently around 8,000 special operations troops deployed in more than 80 countries.

“We are actively pursuing a training path to ensure readiness for the entire range of contingency operations in which [special operations forces], to include our exquisite [countering weapons of mass destruction] capabilities, may play a critical role,” he told the subcommittee on emerging threats.

“We are looking comprehensively at our force structure and capabilities on the peninsula and across the region to maximize our support to U.S. [Pacific Command] and [U.S. Forces Korea]. This is my warfighting priority for planning and support.”

Disclosure of the commander’s comments comes as tensions remain high on the peninsula. President Trump has vowed to deal harshly with North Korea should another underground nuclear test be carried out. Test preparations have been identified in recent weeks, U.S. officials have said.

Trump said on Sunday that China appears to be pressuring North Korea but that he would be upset if North Korea carries out another nuclear test.

“If he does a nuclear test, I will not be happy,” he said on CBS Face the Nation. Asked if his unhappiness would translate into a U.S. military response, Trump said: “I don’t know. I mean, we’ll see.”

Gen. Thomas’ testimony did not include details of what missions the commandos would carry out.

A spokesman for the Special Operations Command referred questions about potential operations in Korea to the Pacific Command.

Special forces troops would be responsible for locating and destroying North Korean nuclear weapons and missile delivery systems, such as mobile missiles. They also would seek to prevent the movement of the weapons out of the country during a conflict.

Additionally, special operations commandos could be used for operations to kill North Korean leaders, such as supreme leader Kim Jong Un and other senior regime figures.

Special operations missions are said by military experts to include intelligence gathering on the location of nuclear and chemical weapons sites for targeting by bombers. They also are likely to include direct action assaults on facilities to sabotage the weapons, or to prevent the weapons from being stolen, or set off at the sites by the North Koreans.

A defense official said U.S. commandos in the past have trained for covert operations against several types of nuclear facilities, including reactors and research centers. Scale models of some North Korean weapons facilities have been built in the United States for practice operations by commandos.

The most secret direct action operations would be carried out by special units, such as the Navy’s Seal Team Six or the Army’s Delta Force.

Thomas said the command in January took over the role of coordinating Pentagon efforts to counter weapons of mass destruction from the Strategic Command. The mission includes stopping the spread of weapons of mass destruction and dealing with the aftermath of such weapons’ use.

North Korea is believed to have around 20 nuclear devices and is developing nuclear warheads small enough to be carried on long-range missiles. It also has stockpiles of chemical weapons and biological warfare agents.

Many of North Korea’s nuclear facilities are believed to be located underground in fortified locations spread around the country.

The last rotation of special operations forces to South Korea took place in February when parts of the 1st Special Forces Group (Airborne) and the 75th Ranger Regiment joined South Korean troops for training.

The training took place in mountainous parts of South Korea in a bid to simulate the rough terrain commandos would experience during operations in North Korea. Other training took place on the seas.

Gen. Thomas, in his testimony, identified North Korea as one of five “current and enduring” military threats outlined in a new military strategy produced by Marine Corps Gen. Joseph Dunford, chairman of the Joint Chiefs of Staff.

The four other threats are terrorism, Russia, Iran, and China.

Asked about the new strategy, a Joint Chiefs of Staff spokesman said the latest national military strategy is secret. “A classified [National Military Strategy] will make it more difficult for adversaries to develop counter-strategies and also enables the chairman to give the best military advice to the president and secretary of defense,” Navy Capt. Greg Hicks said.

The command “has recently focused more intently on the emerging threat that is of growing concern to us as well as most of our DoD teammates—the nuclear threat of an increasingly rogue North Korea,” Thomas said.

“Although previously viewed as a regional threat, North Korea’s relentless pursuit of nuclear weapons and intercontinental ballistic missiles, facilitated by a trans-regional network of commercial, military, and political connections, make it a threat with global implications,” the four-star general added.

South Korea’s special operations forces are said to be highly trained but lack the advanced equipment used by American commandos, such as stealth helicopters and aircraft as well as other high technology and advanced weaponry.

A Pentagon report on North Korea’s military published in February 2016 states that North Korea continues to advance its nuclear program.

The North Koreans announced in September 2015 that the nuclear facilities at Yongbyon including a uranium enrichment plant and a reactor that were upgraded for the purpose of building nuclear forces, the report said.

Pacific Command commander Adm. Harry Harris said in congressional testimony last week that North Korea is an immediate threat to the security of the United States and the Asia Pacific region.

“With every test, Kim Jong Un moves closer to his stated goal of a preemptive nuclear strike capability against American cities, and he’s not afraid to fail in public,” Harris said.

Navy Restricted on FON, S. China Sea

Posted on May 3, 2017May 3, 2017 by Denise Simon

The United States Navy has yet to send a ship within 12 miles of any disputed islands in the South China Sea under President Donald Trump.

Although Trump said during his presidential campaign that former President Barack Obama had been weak defending international waters from China, he has yet to increase Navy patrols in the region to cut off the country’s access to the artificial islands.

BusinessInsider

In an interview with The New York Times in March of last year, Trump said those islands built by China were “a military fortress, the likes of which perhaps the world has not seen.”

“Amazing, actually,” he added. “They do that at will because they have no respect for our president and they have no respect for our country.”

Freedom of navigation operations, known as Fonops, have not increased under Trump despite “all of the language, combined with the fact that the Republican foreign policy establishment had been critical of Obama for not carrying out enough Fonops, means there was a wide expectation that Trump would put down a marker early,” Kissinger Institute director Robert Daly told the Times.

“And that hasn’t happened.”

Upon entering office, Secretary of State Rex Tillerson called China’s island-building “akin to Russia’s taking of Crimea,” and that Trump’s administration was “going to have to send China a clear signal that, first, the island-building stops” and, “second, your access to those islands also is not going to be allowed.”

Anonymous Defense Department officials told the Times that Pacific Command asked for a naval excursion inside 12 nautical miles of Scarborough Shoal to show Beijing that island-building is a red line.

The officials added that this appeared in-line with the Trump administration’s wishes, though they also said that Defense Secretary James Mattis and Pentagon officials are reviewing the effects of these excursions on national security policy.

*** Image result for china disputed islands Freedom of Navigation Fact Sheet found here.

China’s claim to nearly 90 percent of the South China Sea based on “historical discovery” — a claim largely invalidated by an international tribunal that China ignored last year — has led to boat ramming, arrests and other low-level clashes between China and neighboring nations.

International officials and analysts have voiced repeated concerns that overreaction by any one party could result in a conflict that threatens peace in the region and the global economy.

“We have rebuilt China, and yet they will go in the South China Sea and build a military fortress the likes of which perhaps the world has not seen,” Trump said during a campaign interview last year. “Amazing, actually. They do that, and they do that at will because they have no respect for our president and they have no respect for our country.”

The Navy routinely sends its ships, most often those based with the 7th Fleet in Japan, on regular patrols through the South China Sea’s international waters. However, the White House didn’t approve FON operations, which challenge violations of international norms, for nearly three years in the South China Sea.

In October 2015, the USS Lassen transited within 12 miles of Subi Reef amid Chinese objections. As of 2012, Subi Reef was naturally sea bottom and therefore does not generate territorial waters under international law, despite Chinese claims.

Subi Reef is now roughly the size of Pearl Harbor, according to satellite imagery posted by the Asia Maritime Transparency Initiative.

The Navy conducted more FON operations in 2016, with the last coming in October.

Secretary of State Rex Tillerson signaled a policy tougher than the Obama administration’s was on the way during his January confirmation hearing.

Lawmakers asked Tillerson what should be done about China’s artificial islands, which include runways long enough for its military aircraft, radar, deep harbors and self-propelled artillery. More here.

Trump, Peace Deal with Palestinians, Easy

Posted on May 3, 2017May 3, 2017 by Denise Simon

So far there has been no read out if Trump asked or rather demanded that the Palestinian authority to stop paying families of terrorists.

The PA, which receives millions in funding from U.S. taxpayers, spends roughly 8 percent of its annual budget, some $300 million a year, on salaries for terrorists who are imprisoned in Israel as well as the families of terrorists who attacked the Jewish state.

Mahmood Abbas, the head of the Palestinian Authority met with President Trump at the White House. Abbas brought the following people with him:

So who are these people?

Well Usama Qawasmeh in April of last year said that the West sponsors Islamic extremism and that 9/11 was no coincidence.

Saeb Erikat was one of the negotiators of the Oslo Accords and said there will never be peace if Trump moves the embassy to Jerusalem.

Ziad Abu Amr is an author, negotiator and foreign minister in charge of economics for Gaza. By the way, he was educated at Georgetown.

Hosso Zomlot is the Palestinian ambassador to the United States and continues to broadcast Israel as an occupier while declaring a two state solution is an international responsibility.

Ahmad Assaf, in 2011 said: ‘if armed resistance can accomplish the goals of the Palestinian people, we will not hesitate even for a second.’

***

So there was a working lunch at the Trump White House.

Working lunch with discussions of economic and trade opportunities?

“I’m committed to working with Israel and the Palestinians to reach an agreement,” Trump said. “I will do whatever is necessary to facilitate the agreement.”

Acknowledging an Israeli-Palestinian accord is seen as the “toughest deal to make,” Trump told Abbas, “Perhaps we can prove them wrong” – before heading into a meeting with the Palestinian Authority president.

Abbas told Trump moments earlier, “Mr. President, with you we have hope.”

The peace process has been stalled since 2014 when former Secretary of State John Kerry’s effort to lead the sides into peace talks collapsed. Since then, there have been no serious attempts to get negotiations restarted. The Obama administration spent its last months in office attempting to preserve conditions for an eventual resumption.

“We hope this will be a new beginning,” Abbas told Palestinians at a meeting in Washington on the eve of the talks.

During remarks alongside Trump at the White House, Abbas – through a translator – stressed that his people want a Palestinian state with the capital of East Jerusalem and borders along the pre-1967 lines.

Israel rejects the 1967 lines as a possible border, saying it would impose grave security risks.

Trump stressed that there can be no lasting peace unless Palestinian leaders speak in a unified voice against “incitement … to violence and hate.”

He also was expected to press Abbas to end payments to families of Palestinians killed or held in Israeli jails, which critics decry as payments for terrorism. Republicans lawmakers have urged a halt to such payments.

While Abbas will be challenged on the payments, officials said Trump will reiterate his belief that Israeli settlement construction on land claimed by the Palestinians does not advance peace prospects.

In his Wednesday comments, Abbas also criticized ideas for a “one state” peace agreement, saying it could mean “racial discrimination” or an apartheid-like system.

In a February news conference with Israeli Prime Minister Benjamin Netanyahu, Trump broke with longtime U.S. policy by raising the one-state idea and withholding clear support for an independent Palestine, though officials quickly stressed he would support any arrangement agreed by the two sides.

Another contentious issue: Trump’s campaign promise to move the U.S. Embassy in Israel from Tel Aviv to Jerusalem. The symbolic relocation would essentially recognize Jerusalem as Israel’s capital. Abbas and other Arab leaders have said doing so would inflame already simmering tensions.

Since taking office, Trump has backed away from the pledge while saying he’s still discussing it. On Tuesday, Vice President Mike Pence said the White House was giving “serious consideration” to the idea. More here.