Category Archives: Gangs and Crimes

Facts on TWO Lists, Watch List and Terror List

Posted on by

   

Most Wanted Terrorists

Select the images of suspected terrorists to display more information.

JABER A. ELBANEH

 

How Does the FBI Watch List Work? And Could It Have Prevented Orlando?

Wired:  OF ALL THE details investigators have uncovered about Orlando terrorist Omar Mateen, perhaps the most infuriating is the fact that he spent 10 months on a government watch list, yet had no trouble buying an assault rifle and a handgun.

Authorities placed Mateen on a watch list in May 2013 after coworkers at the Florida courthouse where he was a security guard told authorities he boasted of connections to al Qaeda and other terrorists organizations. He remained on the list for 10 months, and FBI Director James Comey told reporters this week that during that time the agency placed Mateen under surveillance and had confidential sources meet with him.

But the feds removed Mateen from the list in March 2014, after concluding that he had no significant links to terrorism beyond attending the same mosque as an American suicide bomber who died in Syria. “We don’t keep people under investigation indefinitely,” Comey said, adding that he doesn’t see anything that his agents should have done differently.

Comey didn’t identify the list Mateen was on, but an unnamed official told the Daily Beast that he was in two databases, the Terrorist Identities Datamart Environment database and the Terrorist Screening Database, more commonly called the terrorist watch list.

Here’s a look at what the lists are and how someone gets their name on one.

What is the Terrorist Watch List?
The Terrorist Screening Database was created in 2003 by order of a Homeland Security Presidential Directive. The database includes the names and aliases of anyone known to be, or reasonably suspected of being, involved in terrorism or assisting terrorists through financial aid or other ways. The federal Terrorist Screening Center maintains the database, and an array of government agencies nominate people to it through the National Counter Terrorism Center.

Some of the information in the database originates with the Terrorist Identities Datamart Environment, also called TIDE. That list contains classified data collected by intelligence agencies and militaries worldwide, but anything passed on to the terrorist watch list is first scrubbed of classified info. In 2013, TIDE had 1.1 million names in it.

The State Department checks all visa applicants against the watch list. The TSA’s No-Fly list and Selectee List, which identifies people who warrant additional screening and scrutiny at airports and border crossings, are also derived from the watch list. But it is most often used by law enforcement agencies at all levels to check the identity of anyone arrested, detained for questioning, or stopped for a traffic violation. The FBI calls it “one of the most effective counterterrorism tools for the US government.”

Entries in the database are coded according to threat level to provide law enforcement with instructions on what to do when they encounter a suspected terrorist who is on the list. According to a 2005 inspector general report (.pdf), of some 110,000 records in the database that the IG reviewed, 75 percent of them were given handling code 4, considered the lowest level, and 22 percent were given handling code 3. Only 318 records had handling codes 1 or 2. A description of what each level means is redacted in the publicly released version of the document, but a note indicates that people are usually given code 4 when they are either just an associate of a suspected terrorist and therefore may not pose a threat or if there is too little information known about the individual to categorize them at a higher level.

Appearing in the database doesn’t mean you’ll be arrested, denied a visa, or barred from entering the country. But it does mean your whereabouts and any other information gleaned from, say, a traffic stop, will be added to the file and scrutinized by authorities.

What’s the Criteria for Getting on the Watch List?
According to a 2013 watch list guideline produced by the Terrorist Screening Center and obtained by The Intercept, engaging in terrorism or having a direct connection to a terrorist organization is not necessary for inclusion on the list. Parents, spouses, siblings, children and “associates” of a suspected terrorist can appear on the list without any suspicion of terrorist involvement. “Irrefutable evidence” of terrorist activity and connections is also not necessary, the document states. Reasonable suspicion is sufficient, though this isn’t clearly defined.

“These lists are horribly imprecise,” a former federal prosecutor, who asked to remain anonymous, told WIRED. “They are based on rumor and innuendo, and it’s incredibly easy to get on the list and incredibly difficult to get off the list. There’s no due process for getting off the list.”

The guidelines also reveal that the Assistant to the President for Homeland Security and Counterterrorism can temporarily authorize placing entire “categories” of people on to the No-Fly and Selectee lists based on “credible intelligence” that indicates a certain category of individuals may be used to conduct an act of terrorism.

“Instead of a watch list limited to actual, known terrorists, the government has built a vast system based on the unproven and flawed premise that it can predict if a person will commit a terrorist act in the future,” Hina Shamsi, head of the ACLU’s National Security Project, told The Intercept. “On that dangerous theory, the government is secretly blacklisting people as suspected terrorists and giving them the impossible task of proving themselves innocent of a threat they haven’t carried out.”

What Is the No-Fly List?
This narrower list, derived from the terrorist watch list, includes people who haven’t done anything to warrant being arrested, yet the government deems too dangerous to allow onto commercial aircraft. Mateen reportedly did not appear on this list. The list included 2,500 individuals when Homeland Security chief Michael Chertoff released the tally for the first time in 2008. Six years later, Christopher Piehota, director of the Terrorist Screening Center, told a House subcommittee it had 64,000 names on it. That sounds like a lot, but the list includes dead people and multiple versions of names.

The No-Fly list is also notorious for ensnaring the innocent whose names resemble those of suspected terrorists. Senator Ted Kennedy, for example, was repeatedly prevented from boarding planes because his name matched that of someone on the list.

What Kind of ‘Terrorist Activity’ Gets You on the Terrorist Watch List?
Obvious things like using or possessing weapons of mass destruction will land you on the terrorist watch list. So will committing violence at an international airport, or engaging in arson or other types of destruction of government property if it’s done to intimidate, coerce, or influence people or government policy. But computer hacking can also get you included if it damages a computer used for interstate or foreign commerce or ones that are used by a financial institution or the government, if the hack was intended to influence people or policy.

Just as there are those on the list who shouldn’t be, so too are there people who don’t make it onto the list who should. Umar Farouk Abdul Mutallab, the so-called “underwear bomber” who attempted to detonate explosives aboard a flight from Europe in 2009, wasn’t on the terrorist or No-Fly lists, even though his father alerted the US embassy in Nigeria to his radicalization. He did appear in the TIDE database, but because that information is classified, it didn’t make it to the No-Fly list or the Amsterdam airport where he boarded his flight.

A 2007 inspector general’s audit of the terrorist watch list found that in 15 percent of terrorism cases the inspector’s office reviewed, the FBI failed to add suspects in the cases to the list.

Can Someone on the List Buy a Gun from a Federally Licensed Seller?
Appearing on the terrorist watch list wouldn’t necessarily prevent someone from purchasing a gun; it simply means law enforcement is alerted if you apply to purchase a weapon. So even if he’d been included on the list at the time he bought his weapons, Mateen would still have had no trouble purchasing his Sig Sauer MCX rifle and Glock 17 handgun.

There are ten criteria, however, that do prevent people, whether they’re on the terrorist watch list or not, from buying firearms from a licensed seller. They include a felony conviction, being an undocumented immigrant and being deemed mentally unstable by a court.

Government Accountability Office data recently released to California Democratic Senator Dianne Feinstein indicate that 2,477 people on the watch list attempted to buy a firearm between February 2004 (when authorities started checking gun sale purchases against the list) and the end of 2015. Of those, 2,265 of the transactions were allowed.

Feinstein proposed legislation last year to prevent known or suspected terrorists on the watch list from obtaining a gun license or buying a weapon from a licensed seller. The Senate rejected the proposal one day after the San Bernadino attack, but Feinstein said she hopes the Orlando massacre will give the bill new life. This week, Senate Democrats filibustered until Republicans agreed to consider such legislation.

But barring anyone on the list from buying a gun can create a different problem. “If you prevent people on the list from buying a weapon, then an attempt to buy the weapon can alert the person that they’re on the list,” the former prosecutor told WIRED. “So you’re aiding the terrorist [with that information].”

 

How Many People Are on the Terrorist Watch List?
The exact number is unclear because the list includes many aliases and variations of names, and officials often confuse the number of names that are on the list and the number of unique individuals that are on it. In 2011, for example, more than 1 million names appeared on the list, but just 400,000 of these represented unique individuals. In 2014, the Terrorist Screening Center’s Piehota told lawmakers the list included 800,000 names.

About 99 percent of names nominated to the list each year are accepted, and the number of nominations grows annually. In 2009, authorities nominated 227,932 known or suspected terrorists. In 2013, the number reached nearly 469,000.

Most of the people on the watch list are not US citizens; placing a citizen or permanent US resident on the list is supposed to require a higher standard, such information “from sources of known reliability or where there exists additional corroboration or context supporting reasonable suspicion,” according to the guidelines The Intercept obtained.

How Do You Get Off the Terrorist Watch List or No-Fly List?
This remains a source of great controversy. People on these lists rarely know how or why they landed there, and the process of removal can be convoluted. In 2007, the Department of Homeland Security created a redress program through which people can challenge their inclusion on the No-Fly list. It works well enough for anyone mistakenly added to the list, but provides little help to those whom the government says are on the list for legitimate reasons but won’t disclose the reasons.

The FBI will remove people from the terrorist watch list after closing an investigation that failed to uncover terrorist activity or connections. This is exactly what happened to Mateen, which has angered some officials. “The only way you should get off the list is if they no longer believe you’re a threat,” Senator Lindsey Graham said during a Capitol Hill briefing after the Orlando shooting. “It should have nothing to do with not being able to prove a crime.”

But the FBI was simply following procedure when it dropped Mateen from the watch list, after being criticized in the past for not promptly removing people when cases get closed. An inspector general’s report in 2007 found that the FBI failed to remove names in a timely manner in 72 percent of the cases the Bureau closed for lack of evidence. A 2009 audit found that the situation had not improved, prompting lawmakers like Vermont Democratic Senator Patrick Leahy to criticize the Bureau.

 

The bigger question then, is not why was Mateen removed from the list, but why did the FBI close its investigation of him prematurely? “To me, there was enough here to keep it in some sort of a status,” New York Republican Representative Peter King said during the Capitol Hill briefing this week.

But with so many suspects on the watch list, authorities must be judicious in choosing which ones to pursue. “Our work is very challenging,” Comey said this week. “We are looking for needles in a nationwide haystack. But we’re also called upon to figure out which pieces of hay might someday become needles.”

There is no specific criteria guiding when to close a case related to the terrorist watch list. “It’s a judgment call,” says the former prosecutor. “It depends on the seriousness of the allegations and the result of the investigation. It’s [a matter of whether an] investigator is convinced, more than anything else, that ‘We better keep looking at this guy.’”

In the case of Mateen, investigators surveilled him, looked into his background, and performed a “dangle,” the former prosecutor says. That’s when a confidential informant meets with a suspect. “They feel the guy out to try to figure out if he’s real or if he’s just all talk,” he says. They may do this by asking if he’s interested in purchasing weapons or materials to make a bomb. “They may try the dangle operation two or three times, and if he shows no genuine interest in activity, if he doesn’t take the bait, then they say after a period of time, we’ve got no reason to believe this person is something other than an angry young man … and they close the investigation.”

Still, a case is never truly closed. Authorities can re-open it if something piques their interest—like say, a suspect buying weapons. That would have been sufficient to get Mateen back on the FBI’s radar. But because he wasn’t on the watch list, the FBI didn’t know what he was up to. And that’s what lawmakers are saying they want to fix.

 

 

 

States Complying with DOJ/FBI Facial Recognition Database

Posted on by

 

 

GAO: The Department of Justice’s (DOJ) Federal Bureau of Investigation (FBI) operates the Next Generation Identification-Interstate Photo System (NGI-IPS)— a face recognition service that allows law enforcement agencies to search a database of over 30 million photos to support criminal investigations. NGI-IPS users include the FBI and selected state and local law enforcement agencies, which can submit search requests to help identify an unknown person using, for example, a photo from a surveillance camera. When a state or local agency submits such a photo, NGI-IPS uses an automated process to return a list of 2 to 50 possible candidate photos from the database, depending on the user’s specification. As of December 2015, the FBI has agreements with 7 states to search NGI-IPS, and is working with more states to grant access. In addition to the NGI-IPS, the FBI has an internal unit called Facial Analysis, Comparison and Evaluation (FACE) Services that provides face recognition capabilities, among other things, to support active FBI investigations. FACE Services not only has access to NGI-IPS, but can search or request to search databases owned by the Departments of State and Defense and 16 states, which use their own face recognition systems. Biometric analysts manually review photos before returning at most the top 1 or 2 photos as investigative leads to FBI agents.

DOJ developed a privacy impact assessment (PIA) of NGI-IPS in 2008, as required under the E-Government Act whenever agencies develop technologies that collect personal information. However, the FBI did not update the NGI-IPS PIA in a timely manner when the system underwent significant changes or publish a PIA for FACE Services before that unit began supporting FBI agents. DOJ ultimately approved PIAs for NGI-IPS and FACE Services in September and May 2015, respectively. The timely publishing of PIAs would provide the public with greater assurance that the FBI is evaluating risks to privacy when implementing systems. Similarly, NGI-IPS has been in place since 2011, but DOJ did not publish a System of Records Notice (SORN) that addresses the FBI’s use of face recognition capabilities, as required by law, until May 5, 2016, after completion of GAO’s review. The timely publishing of a SORN would improve the public’s understanding of how NGI uses and protects personal information.

Prior to deploying NGI-IPS, the FBI conducted limited testing to evaluate whether face recognition searches returned matches to persons in the database (the detection rate) within a candidate list of 50, but has not assessed how often errors occur. FBI officials stated that they do not know, and have not tested, the detection rate for candidate list sizes smaller than 50, which users sometimes request from the FBI. By conducting tests to verify that NGI-IPS is accurate for all allowable candidate list sizes, the FBI would have more reasonable assurance that NGI-IPS provides leads that help enhance, rather than hinder, criminal investigations. Additionally, the FBI has not taken steps to determine whether the face recognition systems used by external partners, such as states and federal agencies, are sufficiently accurate for use by FACE Services to support FBI investigations. By taking such steps, the FBI could better ensure the data received from external partners is sufficiently accurate and do not unnecessarily include photos of innocent people as investigative leads.

*** The Privacy Act of 1974 places limitations on agencies’ collection, disclosure, and use of personal information maintained in systems of records.3 The Privacy Act requires agencies to publish a notice—known as a System of Records Notice (SORN)—in the Federal Register identifying, among other things, the categories of individuals whose information is in the system of records, and the type of data collected.4 Also, the E-Government Act of 2002 requires agencies to conduct Privacy Impact Assessments (PIA) that analyze how personal information is collected, stored, shared, and managed in a federal system.5 Agencies are required to make their PIAs publicly available if practicable.  See the entire report here from the General Accounting Office.

 

A Refugee Hub, Why no Terror Attacks in Greece?

Posted on by

   

The Greek Gateway to Jihad

June 16, 2016

Author(s): Ioannis Mantzikos

CTC: Abstract: Greece has become a crossroads for extremists trying to reach Syria and Iraq from Europe and for fighters returning home. The fact that several members of the Paris and Brussels attack cell transited through the Greek island of Leros illustrates the Islamic State’s ability to exploit refugee flows in order to move fighters into Europe. Although Greece’s migrant crisis has eased recently, a persistent economic crisis has left the Greek government with limited resources and capability for border security and counterterrorism efforts. At a time of growing radicalization and Islamist extremist activity within Greece’s own borders, this has led to concern that the Islamic State may take advantage by launching attacks against Western or Russian tourists or interests on Greek soil. 

On October 3, 2015, a boat originating from nearby Turkey carrying almost 200 refugees landed on the Greek Cycladic island of Leros.[1] Among them were two Iraqi Islamic State recruits carrying Syrian passports with fake names.[2] They were among the 400-500 migrants arriving on the island by sea every day last fall[3] and among about one million irregular migrants[4] who have come to Europe via the Aegean sea, many on rickety boats that trawl the Turkish coast seeking out the desperate.[a] Local officials processed the duo as refugees, and then the two men booked themselves on a ferry to Athens before transiting through the Balkans on a route trodden by tens of thousands of other refugees. Just over one month later they blew themselves up at the French national soccer stadium in the worst terrorist attack in France’s modern history.

They were not the only suspected terrorists who landed in Leros that day. Two others posing as refugees in the very same boat were arrested in Austria in the wake of the Paris attacks under suspicion of having ties to the plotters.[5] In addition, Leros was the arrival point in September for Swedish Islamic State operative Osama Krayem who was traveling with an alleged co-conspirator in the Paris and Brussels terror cell.[6] There were also eyewitness sightings of Paris attack ringleader Abdelhamid Abaaoud in Leros in the late summer. He subsequently claimed to have exploited refugee flows to enter Europe,[7] but it is not clear if Leros was his entry point.[8]

The Islamic State’s successful infiltration of operatives into Europe through Greece cemented concerns that the country had become the soft underbelly of Europe. An unannounced, on-site evaluation by E.U. inspectors of six Greek sea and land border sites between November 10 and November 13, 2015, (ironically, the day of the Paris attacks) revealed “serious deficiencies in the carrying out of external border control by Greece, in particular due to the lack of appropriate identification and registration of irregular migrants at the islands, of sufficient staff, and of sufficient equipment for verifying identity documents.”[9][b]

After reaching a crisis point, the migrant pressures on Greece eased dramatically[c] after March 2016 due to an agreement between the European Union and Turkey to deport irregular migrants back to Turkey[10] and the move by several countries in the Balkans along the so-called northern refugee corridor to restrict severely the admission of refugees trying to transit northward.[11] But there is concern that the numbers coming through Greece may surge again if the deal with Turkey collapses.

Transit Route 
An early example of a terrorist crossing through Greece was Ibrahim Boudina, a French Islamic State operative who was detained on January 3, 2014, after Greek police pulled over a taxi in which he was traveling in the town of Orestiada, four miles from the Turkish border. Greek police discovered a USB drive with instructions for how to make homemade bombs “in the name of Allah,” but let him go because, just as with Fabien Clain, there was no warrant for his arrest, despite French intelligence services being aware of his travel to Syria. One month later French police arrested him near Cannes, thwarting his alleged plans to carry out a bomb attack with three soda cans filled with the explosive TATP.[12]

Another case was Fabien Clain, one of the alleged masterminds of the Paris attacks, who reportedly transited through Greece on his way to Syria in the early months of 2015. Clain drove his family from the northwestern port of Igoumenitsa to the Turkish border in the northeast of the country, making stops in both Thessaloniki and Kavala. French authorities tipped off their Greek counterparts of his presence in the country, but there was no warrant for his arrest so he was not detained.[13][d]

A significant number have transited from Balkan countries such as Kosovo and Albania and then used Greece as a gateway to jihad.[e] A case in point was Mirsad Bektasevic, a Bosnian-Swede who was arrested along with another man in Evros, Greece, on January 28, 2016.[14] Bektasevic was previously implicated in a plot to attack the British Embassy in Sarajevo.[f] A file collected by Greek authorities showed that both suspects came to Athens via Sweden on January 22, 2016, for two days before continuing on their journey to exit European territory by the end January 2016.[15] Authorities were alerted of their arrival at Athens airport by a tipoff from a European intelligence service. From there, both men took a KTEL bus to Thessaloniki and arrived at Alexandroupolis on a second bus. The ‘green light’ for their arrest came when they booked a ticket for Tychero, a town near the Turkish border.[16]

Some have used Greece as a way station to transport weapons into Syria. In February 2016 Greek police arrested three alleged British jihadis of Kurdish descent in Evros in northeastern Greece who may have been seeking to cross into Turkey.[17] Police discovered a significant number of weapons in their possession and over 200,000 rounds of ammunition.[18]

In order to facilitate travel flows, militants have set up logistical, recruitment, and financial cells in Greece, and some members of Greece’s large immigrant community, particularly in Athens, have provided housing to the transiting jihadis and helped them evade security services.[19]

Islamic State operatives have used Greece to coordinate attack plots in Europe. The Paris attacks ringleader Abdelhamid Abaaoud communicated by a cell phone from an Athens apartment with several members of an Islamic State cell in Belgium, plotting a major gun and bomb attack. Plans for how to attack airports were reportedly discovered on a computer in his residence on Asteropolis Road in the heart of the capital.[20]The plot was thwarted in a gun battle in Verviers, Belgium, in January 2015. An Algerian associate of Abaaoud in Athens was extradited to Belgium and charged with being part of the conspiracy.[21]

The Threat to Greece 
Greece does not have as significant a problem with radicalization as some other European countries, which means the threat from homegrown Islamist terrorism is significantly lower than in France or the United Kingdom. Greece hosts a Muslim minority, which is a vestige of the Ottoman Empire, but also an expanding Islamic population from Arab countries and South Asia who have arrived in significant numbers as illegal immigrants. Estimates of the centuries-old[g] Muslim minority[h]—which is mostly located in western Thrace, a region bordering Bulgaria and Turkey—range from 98,000 to 140,000 (between 0.9 percent and 1.2 percent of Greece’s 11 million population but as much as a quarter of the population of western Thrace). Estimates for immigrant Muslim community numbers between 200,000 and 300,000 (between 1.9 percent and 2.7 percent) with the majority living in the Athens region. Most Albanian immigrants to Greece are Muslims, though most are secular-leaning.[22] While there are low rates of radicalization among the very longstanding Muslim minority in western Thrace, most of whom are secular-leaning,[i] there is concern about radicalization among immigrant communities.

One concern is the lack of registered mosques in areas where there are large immigrant Muslim populations like Athens, creating a potential informational black hole for authorities. Data from the Muslim Association of Greece shows that there are currently three officially registered mosques in Athens and about 20-25 unofficial mosques serving the city’s estimated 130,000-200,000 Muslims.[23]The presence of informal, unregistered mosques has complicated the task of law enforcement officials in investigating suspected foreign fighter cases.[24]

Some Greek Muslims have tried to travel to Syria via Komotini, a western Thrace town near the border with Bulgaria and Turkey. One example was a 40-year-old seller of ecclesiastical paraphernalia in Komotini[25] who, according to police sources, operated a pro-jihadist Facebook profile.[26]

In another example of extremist activity within Greece, an investigation into Rawti Shax, an Islamic State linked-organization headed by an Iraqi Kurdish cleric based in Norway, revealed the group was trying to recruit from Greece. In November 2015 European authorities arrested 15 people in four European countries, breaking up what officials called a terrorist network that sought to overthrow the Kurdish government in northern Iraq and recruit militants to fight in Iraq and Syria.[27] According to Greek police, an Algerian national and a Pakistani who were residents of Norway and involved in the network spent time in Greece for recruitment purposes.[28] An analysis of internet chatroom activity also indicated the group had supporters in Greece.[29]

With thousands of Syrian refugees stranded in Greece after Balkan countries took measures to shut off transit routes for irregular migrants in March, there is concern refugee camps could become a breeding ground for extremism.[30] Before it was shut down last month, the Idomeni camp in northern Greece had swelled to over 10,000 migrants. Greek police have since moved the refugees to other facilities in Greece.[31]

There is concern that because of the jihadist transit through the country, the Islamic State may try to set up sleeper cells in Greece and that these cells might take advantage of limited Greek counterterrorism capabilities to launch attacks against Western or Russian visitors or interests inside the country. As many as 27.5 million tourists are expected to visit Greece in 2016, almost triple the country’s population.[32] As a member of NATO Greece itself is also in the Islamic State’s crosshairs, even if the country is not likely a priority target. In the wake of the Paris attacks the Islamic State released a video threatening reprisals in 60 countries that it considered allied against it, including Greece.[33]

Limited Counterterrorism Capabilities 
The rise of Islamist radicalization and the transit of European foreign fighters through Greece has been in danger of overwhelming security services such as the Greek National Security Agency (EYP), which was established to confront left-wing terrorist groups like the Revolutionary Organization 17 November. Most of its staff comes from various bodies such as the police (drug enforcement), coast guard, and military intelligence.[34] Greek ministers have criticized EYP’s leadership,[j] and a lack of funding and training has made it extremely reliant on help from other Western intelligence services.[35] Greek police also lack capabilities to track jihadis. When Belgian authorities requested Greek authorities arrest Abaaoud in Athens in early 2015, Belgian officials accused Greek police of failing to move quickly enough.[36]

There have been some positive developments, including a recent, dramatic reduction in the number of migrants entering Greece, and E.U. officials have proposed creating a European border security force and coast guard to help Greece.[37] In addition, the newly established European Migrant Smuggling Center (EMSC) has stationed officers on the islands of Chios, Samos, Lesvos, and Leros where refugee registration centers are in operation, as well as in Piraeus Port, bolstering Greece’s current border-security capabilities. EMSC agents are checking suspicious individuals against Europol’s databases in the Netherlands.[38]

Conclusion
Although the migrant crisis has eased, a sustained economic crisis has left the Greek government with limited resources and capacity for border security and counterterrorism efforts at a time of growing radicalization and militant activity within Greece’s own borders. If thousands of migrant seekers remained trapped in military camps in Greece for a lengthy period there is a possibility some will be radicalized.[39] Rising anti-immigrant activism by militants from Greece’s far-right Golden Dawn party risks adding fuel to the fire.

There is concern that the Islamic State may take advantage by launching attacks against Western or Russian interests on Greek soil. Moreover, there is a sense of complacency that Greece will not be struck because it is not playing any role in the coalition against the Islamic State, which is partly due to its financial restraints but also due to the fact that the governing Syriza party hails from an anti-war rhetoric movement.[40] It may only be an attack in Greece itself that leads to a wake-up call.

Ioannis Mantzikos is a security analyst based in Athens, Greece. He is a Ph.D. candidate at the Free State University in South Africa and a senior analyst at the Research Institute for European and American Studies. His recent book with Dr. Denise Baken is entitled The Transformation of Al-Qaeda in the Middle East and North Africa. Follow @YMantzikos

Substantive Notes
[a] Since the start of 2014, the International Organization for Migration (IOM) calculates that almost 1.4 million migrants and refugees have crossed the Mediterranean and entered Europe via one of five E.U. coastal borders: Italy, Greece, Spain, Cyprus, and Malta. Through March 16 of this year, IOM counted over 997,000 seaborne arrivals to Greece alone. According to the Greek authorities, 47 percent of newly arrived migrants are from Syria, 27 percent from Afghanistan, 17 percent from Iraq, and 3 percent each from Iran and Pakistan. See “Mediterranean Migrant Arrivals in 2016 Approach 150,000; Deaths Reach 455,” IOM, March 11, 2016.

[b] E.U. Migration and Home Affairs Commissioner Dimitris Avramopoulos stated in January, “we know that in the meantime Greece has started undertaking efforts towards rectifying and complying with the Schengen rules. Substantial improvements are needed to ensure the proper reception, registration, relocation or return of migrants in order to bring Schengen functioning back to normal, without internal border controls. This is our ultimate common goal.” “Commission discusses draft Schengen Evaluation Report on Greece,” European Commission Press Release, Brussels, January 27, 2016.

[c] According to the IOM, 3,360 migrants and refugees landed on the Greek islands in April 2016 as compared to 26,971 the previous month—an 88 percent drop. The figures for May were lower still with just 1,465 migrants and refugees arriving on Greek shores by sea, fewer than were arriving daily in January and February. See “‘Dramatic’ drop in migrant arrivals to Greece: officials,” Deutsche Welle, May 13, 2016; “IOM: Noted drop of maritime migrants reaching Greece,” Xinhua, June 4, 2016.

[d] Fabien Clain had previously served jail time for recruiting for al-Qa`ida in Iraq. As well as claiming the Paris attacks on behalf of the Islamic State, he was also suspected of encouraging a plot by a Parisian student to attack a church in the city, which was thwarted in April 2015. Paul Cruickshank and Tim Lister, “Immense challenges remain despite arrests of terror suspects,” CNN, April 8, 2016.

[e] The Islamic State has produced several propaganda videos featuring Kosovars appealing to their countrymen to join them, and the Kosovo authorities believe some 200 individuals have left to wage jihad in Iraq and Syria. See Tim Lister and Ioannis Mantzikos, “Add this to Greece’s list of problems: It’s an emerging hub for terrorists,” CNN, January 26, 2015.

[f] On October 19, 2005, Bektasevic had been arrested after a police raid on his aunt’s home in Sarajevo, Bosnia. In the house, police had found a belt with explosives, 18 kilograms of explosives, and a videotape with directions as to how to create a makeshift bomb. See Rodolfo Toe, “Sarajevo Embassy Attack Plotter Held in Greece,” Balkan Insight, February 2, 2016, and Maja Zuvela, “Three jailed in Bosnia for planning suicide attack,” Reuters, January 10, 2007.

[g] The first Muslims settled in this region after arriving from Anatolia in 1363 during an attempted conquest of Europe by the Ottoman Turks. In 1923 Greece and Turkey agreed to a mass exchange of populations and consequently Greeks resettled from Asia Minor to mainland Greece and vice versa. The Muslim minority in Thrace is mirrored by a Greek-Orthodox minority in Istanbul. See, for example, Ioannis Michaletos, “Islam in Greece: Country Outlook,” Radical Islam Monitor in Southeast Europe, August 5, 2011.

[h] It is estimated that 45 percent of Muslims in Western Thrace are of Turkish descent, 40 percent of Slavic descent, and 15 percent of “Pomak” descent. Ioannis Michaletos, “Islam in Greece: Country Outlook,” Radical Islam Monitor in Southeast Europe, August 5, 2011.

[i] Muslim preachers in the area of Komotini in the Evros region of northern Greece have repeatedly denounced radical extremism and have been supportive of all counterterrorism measures. “Thraki Muftis denounce ISIS,” To Vima, October 1, 2014.

[j] Former Minister of Interior Yiannis Panousis said he was aware that jihadis were traveling via Greece and questioned EYP’s ability. Minister of Defence Panos Kammenos called for EYP Head Mr. Yiannis Roubatis to resign. See Constantinos Zoulas and Yiannis Souliotis, Panousis claims SYRIZA officials told him to free detained suspects, Kathimerini, November 15, 2015; “Kammenos: Roubatis should have resigned,” Huffington Post Greece, November 22, 2015.

Citations
[1] Christopher Harress, “Paris Shootings 2015: Greek Officials Claim Bataclan Attack Terrorist Passed Through Country In October,” International Business Times, November 14, 2015.

[2] Paul Cruickshank, “The inside story of the Paris and Brussels attacks,” CNN, March 30, 2016.

[3] “Attaque du Stade de France: le terroriste kamikaze passé par la Grèce n’était pas seul, “ France TV-Info, November 20, 2015.

[4] “Council Implementing Decision setting out a Recommendation on addressing the serious deficiencies identified in the 2015 evaluation of the application of the Schengen acquis in the field of management of the external borders by Greece,” General Secretariat of the Council of the European Union, February 18, 2016; “Mediterranean Migrant Arrivals in 2016 Approach 150,000; Deaths Reach 455,” International Organization for Migration, March 11, 2016.

[5] Éric Pelletier and Thibault Raisse, “Attentats de Paris: révélations sur l’autre commando de Daech,” Le Parisien, February 13, 2016.

[6] Paul Cruickshank and Tim Lister, “Immense challenges remain despite arrests of terror suspects,” CNN, April 8, 2016.

[7] “Document RMC: Le témoignage de Sonia, celle qui a dénoncé Abaaoud,” BFMTV, February 4, 2016.

[8] Paul Cruickshank, “Paris ringleader came through Greek island Leros,” CNN, December 17, 2015.

[9] “Council Implementing Decision,” p. 4.

[10] “European Commission – Fact Sheet European Agenda on Migration: Securing Europe’s External Borders,” December 15, 2015.

[11] Patrick Kingsley, “Balkan countries shut borders as attention turns to new refugee routes,” Guardian, March 9, 2015.

[12] Paul Cruickshank, “Raid on ISIS suspect in the French Riviera,” CNN, August 28, 2014; Rukmini Callimachi, “How ISIS Built the Machinery of Terror Under Europe’s Gaze,” New York Times, March 29, 2016.

[13] Yiannis Souliotis, “Fabien Clain’s Greek Journey,” Kathimerini, April 3, 2016.

[14] “Suspected jihadist terrorists arrested in Alexandroupoli,” To Vima Online, February 1, 2016.

[15] Panagiotis Spyropoulos, “What has been found in Jihadists cellphones,” The TOC, February 1, 2016.

[16] Ibid.

[17] Lia Nesfige, “Evros: getaway of jihadists and arms smugglers,” Ta Nea online, February 15, 2016.

[18] Ibid.

[19] “120 Kosovar jihadists returned from Syria,” Tribune, November 30, 2015; Arianna Ferentinou, “Jihadists giving headaches to Greeks too,” Hurriyet Daily News, October 12, 2014.

[20] Éric Pelletier and Stéphane Sellami, “Attentats de Bruxelles : cinq questions sur un carnage,” Le Parisien, March 23, 2016.

[21] Paul Cruickshank, “Inside the ISIS plot to attack the heart of Europe,” CNN, February 13, 2015.

[22] Ioannis Michaletos, “Islam in Greece: Country Outlook,” Radical Islam Monitor in Southeast Europe, August 5, 2011.

[23] “Unlicensed mosques in spotlight after Paris attacks,” Kathimerini, November 26, 2015; Tasos Telloglou, “Three mosques registered in Athens,” Kathimerini, November 22, 2015.

[24] Telloglou.

[25] “Turkey extradites Greek Muslim with suspected jihadi ties,” Kathimerini, November 19, 2015.

[26] Alexandros Kalafatis, “Who is the 40 year old man arrested for alleged ties with ISIS?” Huffington Post Greece, November 20, 2015; “Turkey extradites Greek Muslim with suspected jihadi ties,” Kathimerini, November 19, 2015.

[27] Gaia Pianigiani, “Coordinated European Raids Target Ring Supporting Terrorist Groups,” New York Times, November 12, 2015.

[28] Vasilis Labropoulos, “Terrorist Recruitment network in Greece,” To Vima, April 10, 2016.

[29] Ibid.

[30] “Migrant Crisis: Macedonia Shuts Balkan Route,” BBC, March 9, 2016.

[31] Costas Kantouris, “Greek police evacuate hundreds from Idomeni refugee camp,” Associated Press, May 24, 2016.

[32] For example, see Oliver Guitta, “Greece: ISIS’s Gateway to Europe?” National Interest, December 15, 2015; Helena Smith, “Miracle in Athens as Greek tourism numbers keep growing,” Observer, May 28, 2016.

[33] Philip Chrysopoulos, “ISIS Threatens 60 Countries Including Greece,” Greek Reporter, November 25, 2015.

[34] John M. Nomikos, “Does Greece needs a department of Homeland Security?” Research Institute of European and American Studies, November 1, 2013.

[35] “Kammenos: Roubatis should have resigned.”

[36] Cruickshank, “Inside the ISIS plot to attack the heart of Europe.”

[37] “European Commission – Fact Sheet.”

[38] Philip Chrysopoulos, “Europol Undercover Agents at Greek Hotspots to Locate Jihadists, Traffickers,” Greek Reporter, April 11, 2016.

[39] Ioannis Michaletos, “Current Greek Counter-Terrorism Threat Assessment: Terrorism, Radicalization and Migration,” BalkanAnalysis.com, May 3, 2016.

[40] Sarantis Michalopoulos, “Greece will abstain from military action against ISIS,” Euractiv, November 16, 2015.

How Terrorists use Encryption

Posted on by

 

How Terrorists Use Encryption

June 16, 2016

Author(s): Robert Graham

CTC: Abstract: As powerful encryption increasingly becomes embedded in electronic devices and online messaging apps, Islamist terrorists are exploiting the technology to communicate securely and store information. Legislative efforts to help law enforcement agencies wrestle with the phenomenon of “going dark” will never lead to a return to the status quo ante, however. With the code underlying end-to-end encryption now widely available, unbreakable encryption is here to stay. However, the picture is not wholly bleak. While end-to-end encryption itself often cannot be broken, intelligence agencies have been able to hack the software on the ends and take advantage of users’ mistakes.

Counterterrorism officials have grown increasingly concerned about terrorist groups using encryption in order to communicate securely. As encryption increasingly becomes a part of electronic devices and online messaging apps, a range of criminal actors including Islamist terrorists are exploiting the technology to communicate and store information, thus avoiding detection and incrimination, a phenomenon law enforcement officials refer to as “going dark.”

Despite a vociferous public debate on both sides of the Atlantic that has pitted government agencies against tech companies, civil liberties advocates, and even senior figures in the national security establishment who have argued that creation of “backdoors”[1] for law enforcement agencies to retrieve communications would do more harm than good, there remains widespread confusion about how encryption actually works.[a]

Technologists have long understood that regulatory measures stand little chance of rolling back the tide. Besides software being written in other countries (and beyond local laws), what has not been fully understood in the public debate is that the “source code” itself behind end-to-end encryption is now widely available online, which means that short of shutting down the internet, there is nothing that can be done to stop individuals, including terrorists, from creating and customizing their own encryption software.

The first part of this article provides a primer on the various forms of encryption, including end-to-end encryption, full device encryption, anonymization, and various secure communication (operational security or opsec) methods that are used on top of or instead of encryption. Part two then looks at some examples of how terrorist actors are using these methods.

Part 1: Encryption 101 

End-to-End Encryption
A cell phone already uses encryption to talk to the nearest cell tower. This is because hackers could otherwise eavesdrop on radio waves to listen in on phone calls. However, after the cell tower, phone calls are not encrypted as they traverse copper wires and fiber optic cables. It is considered too hard for nefarious actors to dig up these cables and tap into them.

In a similar manner, older chat apps only encrypted messages as far as the servers, using what is known as SSL.[b] That was to defeat hackers who would be able to eavesdrop on internet traffic to the servers going over the Wi-Fi at public places. But once the messages reached the servers, they were stored in an unencrypted format because at that point they were considered “safe” from hackers. Law enforcement could still obtain the messages with a court order.

Newer chat apps, instead of encrypting the messages only as far as the server, encrypt the message all the way to the other end, to the recipient’s phone. Only the recipients, with a private key, are able to decrypt the message. Service providers can still provide the “metadata” to police (who sent messages to whom), but they no longer have access to the content of the messages.

The online messaging app Telegram was one of the earliest systems to support end-to-end encryption, and terrorists groups such as the Islamic State took advantage.[2] These days, the feature has been added to most messaging apps, such as Signal, Wickr, and even Apple’s own iMessage. Recently, Facebook’s WhatsApp[3] and Google[4] announced they will be supporting Signal’s end-to-end encryption protocol.

On personal computers, the software known as PGP,[c] first created in the mid-1990s, reigns supreme for end-to-end encryption. It converts a message (or even entire files) into encrypted text that can be copy/pasted anywhere, such as email messages, Facebook posts, or forum posts. There is no difference between “military grade encryption” and the “consumer encryption” that is seen in PGP. That means individuals can post these encrypted messages publicly and even the NSA is unable to access them. There is a misconception that intelligence agencies like the NSA are able to crack any encryption. This is not true. Most encryption that is done correctly cannot be overcome unless the user makes a mistake.

Such end-to-end encryption relies upon something called public-key cryptography. Two mathematically related keys are created, such that a message encrypted by one key can only be decrypted by the other. This allows one key to be made public so that one’s interlocutor can use it to encrypt messages that the intended recipient can decrypt through the private-key.[d] Al-Qa`ida’s Inspire magazine, for example, publishes its public-key[5] so that anyone using PGP can use it to encrypt a message that only the publishers of the magazine can read.

Full Device Encryption
If an individual loses his iPhone, for example, his data should be safe from criminals.[e] Only governments are likely to have the resources to crack the phone by finding some strange vulnerability. The FBI reportedly paid a private contractor close to $1 million to unlock the iPhone of San Bernardino terrorist Syed Rizwan Farook.[6]

The reason an iPhone is secure from criminals is because of full device encryption, also full disk encryption. Not only is all of the data encrypted, it is done in a way that is combined or entangled[7] with the hardware. Thus, the police cannot clone the encrypted data, then crack it offline using supercomputers to “brute-force” guess all possible combinations of the passcode. Instead, they effectively have to ask the phone to decrypt itself, which it will do but slowly, defeating cracking.[f]

Android phones work in much the same manner. However, most manufacturers put less effort into securing their phones than Apple. Exceptions are companies like Blackphone, which explicitly took extra care to secure their devices.

Full disk encryption is also a feature of personal computers. Microsoft Windows comes with BitLocker, Macintosh comes with FileVault, and Linux comes with LUKS. The well-known disk encryption software TrueCrypt works with all three operating systems as does a variation of PGP called PGPdisk. Some computers come with a chip called a TPM[g] that can protect the password from cracking, but most owners do not use a TPM. This means that unless they use long/complex passwords, adversaries will be able to crack their passwords.

Hillary, Emails, Russia, Foundation, Crisis, ALERT

Posted on by

Russia Is Reportedly Set To Release Clinton’s Intercepted Emails

Reliable intelligence sources in the West have indicated that warnings had been received that the Russian Government could in the near future release the text of email messages intercepted from U.S. Presidential candidate Hillary Clinton’s private e-mail server from the time she was U.S. Secretary of State. The release would, the messaging indicated, prove that Secretary Clinton had, in fact, laid open U.S. secrets to foreign interception by putting highly-classified Government reports onto a private server in violation of U.S. law, and that, as suspected, the server had been targeted and hacked by foreign intelligence services.

The reports indicated that the decision as to whether to reveal the intercepts would be made by Russian Federation President Vladimir Putin, and it was possible that the release would, if made, be through a third party, such as Wikileaks. The apparent message from Moscow, through the intelligence community, seemed to indicate frustration with the pace of the official U.S. Department of Justice investigation into the so-called server scandal, which seemed to offer prima facie evidence that U.S. law had been violated by Mrs Clinton’s decision to use a private server through which to conduct official and often highly-secret communications during her time as Secretary of State. U.S. sources indicated that the extensive Deptartment of Justice probe was more focused on the possibility that the private server was used to protect messaging in which Secretary Clinton allegedly discussed quid pro quo transactions with private donors to the Clinton Foundation in exchange for influence on U.S. policy.

The Russian possession of the intercepts, however, was designed also to show that, apart from violating U.S. law in the fundamental handling of classified documents (which Sec. Clinton had alleged was no worse than the mishandling of a few documents by CIA Director David Petraeus or Clinton’s National Security Advisor Sandy Berger), the traffic included highly-classified materials which had their classification headers stripped. Russian (and other) sources had indicated frustration with the pace of the Justice Dept. probe, and its avoidance of the national security aspects of intelligence handling. This meant that the topic would be suppressed by the U.S. Barack Obama Administration so that it would not be a factor in the current U.S. Presidential election campaign, in which President Obama had endorsed Mrs Clinton.

Moscow’s discreet messaging about a possible leak of the traffic, in time to impact the U.S. elections, was designed to pressure faster U.S. legal action on the matter, but was largely due to Russian concerns about possible U.S. strategic policy in the event of a Hillary Clinton presidency.

Apart from the breach of U.S. Federal law in the handling of classified material, the Clinton private server was, according to GIS/Defense & Foreign Affairs analysts, always likely to have been a primary target for foreign cyber warfare interception operations, particularly those of the People’s Republic of China (PRC), Russia, and North Korea (DPRK), but probably also by others, including Iran.

 

EXCLUSIVE: Cryptic NY Filing Reveals Clinton Foundation’s Millions In Foreign Donations

DCCallerNewsFoundation: Clinton Foundation officials used an obscure New York state charity board filing amendment to disclose that the non-profit received $17.7 million in donations from foreign governments while Hillary Clinton was Secretary of State, the Daily Caller News Foundation has learned.

The specific foreign governments involved and the particular amounts they each gave were not disclosed on the document, entitled “Exhibit A” and filed to the public charity division operated by New York Attorney General Eric Schneidermann, a Democrat. The money was given between 2010 and 2013 when Clinton was America’s chief diplomat.

The amended document included a line that was present in November 2015 when the foundation announced revised federal tax filings for the four years. The line added in January 2016 said: “All other government grants came from foreign governments” with a total figure for each of the four years that equalled $17.7 million.

The foreign donations are still not listed on the financial portion of the foundation’s web site despite a claim in November by the non-profit’s president, Donna Shalala, that “there is nothing to suggest that the foundation intended to conceal the receipt of government grants, which we report on our website.”

Criticism of the the latest revelation concerning Clinton Foundation tax returns came from across the ideological spectrum.

Leslie Lenkowski, an expert on philanthropy who was appointed by former President Bill Clinton in 1993 as a founding director of the Corporation for National and Community Service, a government-operated volunteer organization, told TheDCNF that the Clinton Foundation was “an appearance of a conflict of interest waiting to happen.”

President George W. Bush later appointed Lenkowski to also serve as CEO of the corporation in 2001.

Similarly Sandra Miniutti, vice president of Charity Navigator, which grades and ranks the financial disclosures of charities, said her group expects more transparency, not less from non-profits.

“I think more transparency is better than less and this is an issue that the public is questioning.  Yeah, they should make it a point to be more transparent about it and share that information,” she told TheDCNF.

Former U.S. Attorney Joseph DiGenova told TheDCNF that the foundation’s failure to break out foreign government donations specifically was part of an effort to “protect” Clinton while she headed the Department of State.

“There is no doubt that the foundation purposely refused to make public certain things as a way of protecting the Secretary of State during her tenure,” DiGenova charged. “The entire process to hide information from the public is completely inconsistent with a public charity.”

DiGenova predicted that “the new revelations will up the ante for the FBI.  This will just add fodder to the ongoing investigation.” The former federal prosecutor also doubted that the $18 million figure was accurate.

“There is no reason to believe that the $18 million figure is complete,” he said, citing the “unreliability” of past foundation accountings. “It may very well be much, much more.”

Cleta Mitchell, a partner in the Washington, D.C. law office of Foley & Lardner LLP who frequently represents conservative nonprofits, slammed the Clintons for “their determination to disguise what they are doing.”

The New York filings also were unusual in that the latest foundation submission constituted a third “official” revised version of the Clinton Foundation’s financial statements for those years.

Clinton officials last November publicly issued a second revision to their Internal Revenue Service form 990 filings that covered the same four years.

At the time, foundation officials revealed at least 29 separate “amendments,” including new revenue numbers and income from Clinton speaking engagements.  But foundation officials did not list dollar amounts from foreign government donations.

During Clinton’s tenure at State, the foundation operated in at least 29 countries, including places that contained rampant corruption such as Nigeria, Uganda, Ukraine, Haiti, Mozambique, China and South Africa.

The amended Exhibit A also revealed how foreign government gifts vastly overshadowed domestic government contributions during her State Department tenure.

In the foundation’s revised 2010 filing, $7.8 million of $8.8 million in all government grants originated from foreign governments, according to the exhibit. In 2011, $2 million of the $3 million were foreign donations.

In 2012, $3.5 million came from foreign governments while only $300,000 came from domestic government sources.  And in 2013, nearly 100 percent of the $4.4 million of the government donations came from overseas governments. Only $23,000 came from U.S. government entities, according to the exhibit.

The disclosures likely will fuel charges by presumptive Republican presidential candidate Donald Trump, who claims Clinton turned her secretaryship into a huge “hedge fund” where “the Russians, the Saudis and the Chinese all gave money to Bill and Hillary and got favorable treatment in return.” Trump demanded that the foundation return $25 million from the Saudis.

Clinton defended the foundation but admitted last week in a Politico interview that in “one or two instances” some foreign donations aiming to influence her office may have “slipped through the cracks.”

A 2008 Memorandum of Understanding between the Clinton Foundation and Valerie Jarrett, then-vice-chairwoman of President-elect Barack Obama’s transition team attempted to limit and in some instances to ban foreign government to the Clinton Foundation and its many projects.

The FBI currently has two criminal investigations involving Clinton and the foundation, with one focused on her use of a private email server located in her New York home to conduct official diplomatic business instead of a secure government communication channel.

The second investigation is focused on allegations of “pay-to-play” efforts in which Clinton traded policy or other official actions in return for contributions by foreign donors to the foundation.

DiGenova and Mitchell were also critical of Schneidermann for his inaction on the foundation’s filing.

“One has to wonder what the New York State Attorney General is doing,” DiGenova said. “He’s a very partisan Democrat.  And it is readily apparent that he intends to do nothing about the Clinton Foundation.”

Mitchell agreed, saying “the Attorney General of New York has a statutory and fiduciary responsibility to conduct an investigation into the Clinton Foundation to determine whether this entity is engaged in fulfilling its charitable mission.”

Neither the Clinton Foundation nor Schneidermann responded to TheDCNF’s request for comment.