Daily Archives: February 6, 2017

Russian Information Troops, Others Helping the West

Posted on by

Going back a few years, it is important to understand how the cyber war began and where the Russians are today. While many in the United States laugh about the Russians hacked the Super Bowl and other ridiculous comments, there is a real seriousness that must be considered. So, for those who consider the Russian hacking thing to be ‘fake-news’, consider what the experts in the UK published in 2011.

Primer: Norway accuses group linked to Russia of carrying out cyber-attack, Norwegian intelligence service PST among targets of malicious emails believed to have been sent by APT 29.

***

Not too sure any agency or those collaborative countries know the depth of Russian cyber/espionage activity, except to offer very educated guesses and estimates based on other confirmed facts.

In part:

The narrative of “information war” is developing within Russia, but mostly under

the influence of initiatives taken overseas. The approach to CNO by the USA and

to a lesser extent by its allies is followed closely. The most recent senior comment

on the subject at the time of writing came from influential long-term Duma deputy,

and former Secretary of the Security Council and Deputy Minister of Defence,

Andrey Kokoshin – a long-term proponent of the vital importance of information

superiority for Russian security [71], with, intriguingly, a first qualification in

radio-electronics from the then Bauman Higher Technical College [72].

Speaking at the launch of a report entitled “’Cyber Wars’ and International

Security” published in late January 2011 jointly by the Institute of International

Security Issues of the Russian Academy of Sciences and the Faculty of World

Politics of Moscow State University, Kokoshin said that “the development of

issues of information warfare and ‘cyber wars’ must take place on an

interdisciplinary level… the experience of many states shows that information

warfare is not just a function of the Armed Forces: other state institutions including

the secret services take part in it [73]”. This makes an interesting counterpoint to

the FSB statement cited earlier in this paper which appeared to be suggesting that it

was not the business of the Armed Forces at all. The “’Cyber Wars’ and

International Security” report, according to the Russian Ministry of Defence

newspaper Krasnaya Zvezda, “examines primarily US and Chinese policy in this

area… The study examines issues such as operations in cyberspace as an integral

part of information operations [74].” At the time of writing, the report itself

appeared to be unavailable in open sources.

Meanwhile, Russian security concerns will continue to be prompted by the fact that

“influencing the transfer and storage of data means that the physical destruction of

your opponent’s facilities is no longer required [75]” – potentially negating all the

benefits of Russia’s hard-won military reforms. Efforts will continue to be

“directed at introducing international legal mechanisms that would make it possible

to contain potential aggressors from uncontrolled and surreptitious use of

cyberweapons against the Russian Federation and its geopolitical allies [76].”

So, Russian statements and initiatives on cyber operations have to be placed in this

context of observing rapidly-developing capabilities overseas, and listening to

public announcements in the USA and elsewhere of ever-greater potential and

willingness to inflict damage on adversaries by means of cyber attack. At present,

the urgent arguments for the creation of “Information Troops” within the Armed

Forces have not yet given rise to any visible change in tasking or designation of

military structures, and visions of Russia’s potential organised cyber warriors

range from the heroic and omnipotent [77] to the realms of surreal parody [78]; but

there is no doubt that the preoccupation with a perceived lack of capacity to

prosecute or defend against CNO within the military will continue to provoke calls

for action. Read the full summary here.

**** This is important due to the declarations made by U.S. domestic intelligence agencies, as they cannot be dismissed. This site recently published some items on three Russians arrested and are moved to treason cases.

Related reading: Russian Hacking, We knew Because we had an Inside Operative(s)

Related reading: $500 million for new Russian cyber army, 2014

Related reading: Russian cyber group seen preparing to attack banks, 2015

Some of these operatives were aiding the United States for as long as 7 years.

****

Russian officers ‘passed secrets to US for 7 years’

TheTimesUK: Two senior officers from Russia’s FSB spy agency passed state secrets to the United States for at least seven years in an espionage coup for Washington, it was alleged yesterday.

Ruslan Stoyanov is accused of handing over data supplied by two FSB officers

Sergei Mikhailov and Dmitri Dokuchayev have been charged with treason alongside Ruslan Stoyanov, a manager from the cybersecurity and anti-virus company Kaspersky Lab, who is accused of being an intermediary.

They are said to have helped the US pinpoint Russian hacking during the presidential election. The news of the arrests in December emerged late last month and details of the charges have not been officially released.

Yesterday a source familiar with the investigation said that the two FSB officers received payments to pass secret data to Mr Stoyanov and a representative of another cybersecurity company. The information was then transferred to “acquaintances abroad who worked closely with foreign special services”.

“This is not a one-off story, this activity was carried out for a minimum of seven years and caused substantial harm to the interests of the Russian Federation,” the source told the Rosbalt news agency.

 

Mr Mikhailov, a department head at the FSB’s Centre for Information Security, was arrested dramatically during a conference in Moscow. A sack was pulled over his head and he was marched out of the room. Mr Dokuchayev, one of Mr Mikhailov’s subordinates, is said to be a former hacker known as “Forb” who was recruited to the FSB under threat of prosecution.

Security and law-enforcement sources have told Russian media that the men passed information indirectly to the CIA or an organisation close to it.

Ivan Pavlov, a lawyer, is acting for one of the three accused men although he has refused to say which one. He said all three had been charged with state treason, which carries a potential 20-year prison sentence. The case files “refer to America but not the CIA”, he claimed.

Novaya Gazeta, the independent newspaper, said that Mr Mikhailov was suspected of handing the US information on Vladimir Fomenko, the owner of King Servers. Hackers used servers provided by the company to breach election databases in Illinois and Arizona last summer, according to ThreatConnect, a US cybersecurity company.

Mr Pavlov said yesterday that Mr Mikhailov had retracted an initial confession to the treason charge.

There has been a flurry of leaks about the highly secret treason investigation in Russian media, suggesting a clash of interests inside the FSB.

Two sources told the RBK news agency that the centre where the two accused officers worked was in conflict with the Centre for Information Defence and Special Communications, a rival FSB body with overlapping responsibilities. Andrei Ivashko, the head of that rival centre, is said to be friends with Konstantin Malofeev, founder of Tsargrad, a small television channel that first revealed the FSB arrests.

The scandal has been spiced further by reports that it may be linked to the arrest of three men from the Shaltai-Boltai (Humpty Dumpty) hacking group. Vladimir Anikeyev, known as “Lewis”, and two associates nicknamed March Hare and The Hatter were taken into custody in November but the arrests only emerged recently. They are charged with gaining “illegal access to computer information”.

Some media claimed that Mr Mikhailov had infiltrated the group and was using it for his own purposes, but a lawyer acting for Mr Anikeyev said yesterday that the treason case and the arrest of his client were not connected.

 

Govt Workers Gone Rogue under Trump Admin

Posted on by

So, we have rogue Federal employees participating in spying, theft, fraud and encryption…. Just a few examples….

Oh, has the FBI been called in? What about hearings scheduled? Err…Ethics complaints?

Related reading: Foreign Service Personnel Dissent Letter to Pres. Trump

Federal workers turn to secret messaging to oppose Trump policies, nominees

FNC: Some federal employees are gearing up for a cyber-battle against President Trump, and they are creating a hidden messaging system to elude detection.

According to POLITICO, employees of agencies that seem on the chopping block of the new administration are setting up new email addresses and turning to encrypted messaging apps to hold group conversations with other anti-Trump staffers, and to communicate with the press.

They’re also using these cloak-and-dagger methods to work on letters that take exception to Trump policies, POLITICO reported.

Career employees at the State Department have amassed some 1,000 signatures on a memo that expresses condemnation of Trump’s executive order that imposes a travel ban on immigrants and that puts a hold on refugee admissions from seven Muslim-majority countries deemed hotbeds of terrorist activity.

Employees of other agencies, such as the Labor Department and Environmental Protection Agency, also have turned to off-the-grid messaging to urge U.S. senators to oppose Trump Cabinet nominees and warning against the president’s plans to make cuts in some agencies.

Such off-grid communication can work, and stay within legal boundaries, say experts, so long as it is done during personal time and on personal equipment.

“It could work, but it depends on whether they are using their office computers or networks,” said Jim Lewis, director of the Strategic Technologies Program at the Center for Strategic and International Studies, to Fox News. “If they are, they’ll be detected, even if they use encryption. If they are using private accounts or devices, it would require a warrant to find them and they aren’t violating any law if they stick to opinion.”

Lewis served as a Foreign Service officer with both the State and Commerce departments.

“Illegal surveillance would lead to a lawsuit against the [agency] that conducted it [and] the workers would win,” Lewis added. “Encryption is a problem in that it can hide communications between two people but can be a handicap if you want to share material widely.”

Some State Department employees see it as their civil duty to flag any policies or proposals that they believe will be detrimental to their agency’s role, POLITICO said.

“I think we all have to look within ourselves and say ‘Where is that line that I will not cross?’” one Foreign Service officer said about opposition toTrump’s ban, according to POLITICO.

One of the most high-profile acts of dissent occurred when Acting Attorney General Sally Yates ordered the Department of Justice’s lawyers not to defend the ban order in court.

Trump abruptly fired her.

Recently, news surfaced about a Secret Service agent who last year said in a Facebook post that she would not sacrifice her life for Donald Trump if he became president.

Employees of the National Parks Service raised eyebrows when the agency’s Twitter account had a retweet of photos showing crowds at Trump’s and Barack Obama’s inaugurations.

The agency removed the retweet and described it as an error.

But so-called “unofficial resistance teams” at the park service, EPA and NASA have been apparently using alternative accounts to take jabs at Trump and his policies.

One tweet, cited by POLITICO, said: “Can’t wait for President Trump to call us FAKE NEWS. You can take our official twitter, but you’ll never take our free time!”

Many of the federal workers turning to under-the-radar means of communicating are using Signal, a smartphone app that can be used to send encrypted messages.

“It seems Trump is going after people who oppose things that he’s doing, so it makes sense that federal workers would be concerned about making their political ideas known,” said Jonathan Katz, director of the Maryland Cybersecurity Center at the University of Maryland.

“The [Signal] app is well-designed, it’s secure, it would be difficult to collect widespread information from it,” Katz said to Fox News. “But if [the government] wants to target a specific individual, it could do that.”

****

What about Congress? What the heck is going on there?

EXCLUSIVE: House Intelligence, Foreign Affairs Committee Members Compromised By Rogue IT Staff

DailyCaller: Three brothers who managed office information technology for members of the House Permanent Select Committee on Intelligence and other lawmakers were abruptly relieved of their duties on suspicion that they accessed congressional computers without permission.

Brothers Abid, Imran, and Jamal Awan were barred from computer networks at the House of Representatives Thursday, The Daily Caller News Foundation Investigative Group has learned.

Three members of the intelligence panel and five members of the House Committee on Foreign Affairs were among the dozens of members who employed the suspects on a shared basis. The two committees deal with many of the nation’s most sensitive issues and documents, including those related to the war on terrorism.

Also among those whose computer systems may have been compromised is Rep. Debbie Wasserman Schultz, the Florida Democrat who was previously the target of a disastrous email hack when she served as chairman of the Democratic National Committee during the 2016 campaign.

The brothers are suspected of serious violations, including accessing members’ computer networks without their knowledge and stealing equipment from Congress.

Jamal handled IT for Rep. Joaquin Castro, a Texas Democrat who serves on both the intelligence and foreign affairs panels.

“As of 2/2, his employment with our office has been terminated,” Castro spokeswoman Erin Hatch told TheDCNF Friday.

Jamal also worked for Louisiana Democrat Rep. Cedric Richmond, who is on the Committee on Homeland Security.

 

Imran worked for Reps. Andre Carson, an Indiana Democrat, and Jackie Speier, a California Democrat. Both are members of the intelligence committee, and their spokesmen did not respond to TheDCNF’s requests for comment. Imran also worked for the House office of Wasserman Schultz.

Then-Rep. Tammy Duckworth, an Illinois Democrat, employed Abid for IT work in 2016. She was a member of House committees dealing with the armed services, oversight, and Benghazi. Duckworth was elected to the Senate in November, 2016. Abid has a prior criminal record and a bankruptcy.

Abid also worked for Rep. Lois Frankel, a Florida Democrat who is member of the foreign affairs committee.

The three men are “shared employees,” meaning they are hired by multiple offices, which split their salaries and use them as needed for IT services. It is up to each member to fire them.

A criminal investigation into five unnamed people began late last year related to serious and potentially illegal violations of House IT policies, Politico reported Thursday. Chiefs of staff for the members were briefed Thursday by the Sergeant-at-Arms.

Capitol Police spokeswoman Eva Malecki said the investigation was still ongoing, and arrests have not been made but staff were “asked to update their security settings.”

Buzzfeed reported that the Sergeant-at-Arms told staff that the subjects were four men who were brothers and one woman. It did not name them. It quoted one of the affected members as saying “they said it was some sort of procurement scam, but now I’m concerned that they may have stolen data from us, emails, who knows.”

Jamal did not return a request for comment from TheDCNF at a personal email address, while emails to House addresses in the three men’s names bounced back Friday.

Abid, Imran and Jamal have all shared a house in Lorton, Virginia, that is owned by Hina R. Alvi. Alvi is a female House IT employee who works for many of the same members as the three brothers, as well as the House Democratic Caucus.

Signs of trouble have long been visible in public records. The Congressional Credit Union repossessed Abid’s car in 2009, and he declared bankruptcy in 2012, facing multiple lawsuits.

Alvi, who did not respond to TheDCNF’s request for comment, has taken multiple second mortgages.

Security-sensitive jobs typically require background checks for credit and legal problems that can create pressures to cash in on access to secret information and documents.

Jamal, who public records suggest is only 22 years old and first began working in the House when he was 20, was paid nearly $160,000 a year, or three times the average House IT staff salary, according to InsideGov, which tracks congressional salaries. Abid was paid $161,000 and Imran $165,000.

Jack Langer, spokesman for the intelligence committee, said the committee office has its own IT staff and security measures and classified information from the panel is not allowed to be sent to members’ personal offices.

 

 

 

 

 

 

20 Step Refugee Vetting Process, Nuts…

Posted on by

So, that is the process, allegedly done with extreme scrutiny…ahem. But what about those that come into the United States by other nefarious methods such as sneaking across our borders? They get a pass?

It is the exact time in our country to have this debate and the arguments must include the safety and financial consequences, both of which never are part of the wider discussion.

California is working to become a sanctuary state, putting all other CONUS states at extreme risk as people can travel freely. (CONUS = Continental United States).

Related reading: FBI: 7,700 Terrorist Encounters in USA in 2015

Related reading: Corruption, Shell Companies, Cartels and the Mexican President

San Francisco is at the hub of the issue, how so? The mayor via the police force refuse any collaboration as noted below:

SFPD Cuts Ties With FBI’s Joint Terrorism Task Force

San Francisco Police Department officials announced Wednesday that they have suspended participation with the FBI’s controversial Joint Terrorism Task Force.

According to San Francisco Police Commission protocol, all contracts require approval by the Board of Supervisors after 10 years.

The JTTF Memoranda of Understanding was signed in 2007, so that time has come, according to department officials.

The department will update its guideline for First Amendment activities and will “seek clarification” from the Police Commission as to this guideline’s application to JTTF investigations.

Once that new guideline is adopted, the department may consider renegotiating the JTTF memoranda with the FBI with guidance from the police commission.

Last month, the Asian Law Caucus, the Council on American-Islamic Relations’ San Francisco Bay Area office and the American Civil Liberties Union of Northern California sent a letter to San Francisco Police commissioners urging them to cease the department’s participation in the JTTF.

In the Jan. 5 letter, the groups speculate that, following President Donald Trump’s inauguration, the JTTF would likely increase surveillance of Muslim communities like the New York City police did after Sept. 11, 2001.

According to the FBI, 71 JTTF field offices have been established since 2001. The first was established in New York City in 1980.

“The SFPD is committed to public safety and will continue to work diligently to keep San Francisco safe for everyone,” San Francisco police Sgt. Michael Andraychak said in a statement.

(That last statement gets a BIG REALLY DUDE?)

*** Back in 2008:

Refugee Program Halted As DNA Tests Show Fraud

Thousands in Africa Lied about Families To Gain U.S. Entry

The State Department has suspended a humanitarian program to reunite thousands of African refugees with relatives in the U.S. after unprecedented DNA testing by the government revealed widespread fraud.

The freeze affects refugees in Kenya, Ethiopia, Uganda, Guinea and Ghana, many of whom have been waiting years to emigrate. More here from the WSJ. Lying and making up ghost people to get other permits? Hah….

*** Back in 2004, as a result of the 9/11 Commission Report on the issue of immigration, many robust recommendations were made of which all members of Congress at the time signed off on. They need to be reminded of that, as does the California legislature at a minimum. But going deeper in factual history, others need to be reminded of the following: (In part from Migration Policy dot org.)

Kerry Outlines Ideas on Immigration Reform

Democratic presidential candidate John Kerry on June 30 announced his platform on immigration reform. In a speech to the National Council of La Raza’s national conference, Kerry said that within 100 days of taking office, he would propose a four-part plan that would give “good people who are undocumented but living here, working here, paying taxes, [and] staying out of trouble . . . a path to equal citizenship.” In addition, he said that immigrants would be required to take civics and English classes. Kerry also promised to sign two bills currently pending in Congress: the AgJobs agricultural worker program, and the DREAM Act, which would allow young, out-of-status immigrants to pay in-state tuition rates while attending college. Both bills create a path for immigrants to eventually receive legal resident status.

In an interview with the Spanish-language network Telemundo on June 29, Kerry took stances on other immigration-related issues. He stated that granting driver’s licenses to undocumented immigrants violated the spirit of the law, and that immigration authorities had the right to perform raids to capture unauthorized immigrants who had broken other laws. Some analysts believe that Kerry’s comments regarding driver’s licenses could hurt his standing with Latino voters in the election. Nevertheless, the Washington Post reported on July 22 that Kerry currently has a 2 to 1 advantage over his opponent, President George W. Bush, among registered Latino voters.

Hmong Refugees Resettled to the United States

Around 15,000 Hmong refugees are expected to arrive in the United States this year. The first members of the group have already reached the U.S., and up to 3,000 more are expected by the end of August, with the remainder arriving by the end of 2004. The new arrivals fled their native country because of persecution they suffered due to their alliance with the U.S. during the Vietnam War. One third of the refugees will be resettled to Minnesota, a third will be sent to California, and the rest will be distributed among more than a dozen other states. Many of the refugees have been living illegally in a makeshift camp in Thailand, having passed up the opportunity for resettlement to the United States in the 1980s and 1990s as they clung to the hope of returning to Laos. Because the Thai military plans to close the camp by the end of 2004, most residents plan to accept the resettlement opportunity offered by the U.S. Department of State.

The refugees will receive initial assistance from U.S. resettlement agencies, which will help meet basic needs such as housing, school, language, employment, and health services. To fund these services, the U.S. Department of Health and Human Services on June 24 announced an additional $3.3 million allocation for Hmong resettlement costs. After one year of living in the U.S., refugees can apply to adjust their status to permanent residency and acquire a “green card.” They eventually become eligible for citizenship. In addition, unlike other immigrants, refugees are not barred from receiving welfare benefits in their first seven years of residence in the United States. The next group of Hmong refugees, approximately 2,000 individuals, is expected to arrive by the end of August.

U.S and Mexico Sign Pact on Social Security

The United States and Mexico on June 29 signed a pact enabling Mexican workers in the U.S. and American workers in Mexico to transfer social security benefits across national borders. The pact is similar to international Social Security agreements the U.S. has with Britain and Canada, and allows workers to contribute to only one benefits system at a time. According to estimates by U.S. Social Security officials, only 7,500 U.S. citizens working in Mexico will qualify for retirement benefits, as compared to 41,000 Mexican employees likely to qualify for Social Security in the United States. Even so, the plan will have an initially limited effect because it excludes, unless or until they are legalized, an estimated six to eight million undocumented Mexican workers currently employed in the United States. While the pact will not become law without legislative approval, the United States Congress and the Mexican Senate are expected to pass the measure; U.S. lawmakers have routinely approved similar agreements with 20 other nations. (For more information on International Agreements of the Social Security Administration, see this January 2004 Migration Policy Institute Immigration Fact Sheet)

State Department Halts Mail Renewal of Visas

The Department of State on July 16 stopped accepting applications for mail renewals of visas. Under the new policy, announced on June 23, foreigners who work in the United States must return to U.S. embassies abroad to be interviewed and fingerprinted for visa renewal. The policy, which does not apply to foreign diplomats or employees of international organizations, is part of the U.S. effort to improve border controls after the September 11, 2001 attacks. State Department spokesman Richard Boucher stated that the switch was made to overseas processing because of the better capacity of U.S. embassies abroad to interview and fingerprint visa applicants. More than 50,000 people from more than 60 countries were processed in 2003.

 

 

Tech Companies Filed Amicus Brief, Supports Foreign Workers

Posted on by

Amicus Brief Tech companies This is an employment epidemic across the nation where companies sponsor foreign national for domestic jobs, leaving thousands to train their replacements. We have not addresses how many could be purposely placed for industrial espionage.

Related reading: China’s Best Method of Industrial Espionage

***

Apple, Google, Microsoft pile in: 97 US tech firms file brief against Trump’s travel ban

In part from ZDNet: Immigrants or their children founded 200 US companies that generate $4.2 trillion in annual revenues, the brief highlights, among them Apple, AT&T, and Google, as well as Ford, General Electric, McDonald’s, Boeing, and Disney.

“Businesses and employees have little incentive to go through the laborious process of sponsoring or obtaining a visa, and relocating to the United States, if an employee may be unexpectedly halted at the border.

“Skilled individuals will not wish to immigrate to the country if they may be cut off without warning from their spouses, grandparents, relatives, and friends. They will not pull up roots, incur significant economic risk, and subject their family to considerable uncertainty to immigrate to the United States in the face of this instability.” Full article here.

***

The H1-B visa program has a cap to the number allowed to be issued. It is a visa program that needs more scrutiny by Congress for the sake of American employees. There have been abuses to the program and further companies like Disney hire foreign nationals to replaced domestic employees driving down the salary costs.

Janet Napolitano, the former Secretary of the Department of Homeland security and now the president of the University of California system knows it all so well and how to work the system.

In part from the LATimes: Using a visa loophole to fire well-paid U.S. information technology workers and replace them with low-paid immigrants from India is despicable enough when it’s done by profit-making companies such as Southern California Edison and Walt Disney Co.

But the latest employer to try this stunt sets a new mark in what might be termed “job laundering.” It’s the University of California. Experts in the abuse of so-called H-1B visas say UC is the first public university to send the jobs of American IT staff offshore. That’s not a distinction UC should wear proudly. Full op-ed here.

*** One of 5 huge examples beyond California is:

Pfizer Connecticut R&D

In 2008, workers at pharmaceutical giant Pfizer’s New London and Groton (Connecticut) research and development campus raised the alarm: They were being replaced by Indian workers on H-1B visas and forced to train their replacements. Those outsourced workers were scheduled to return to India, where they will run the same systems as their U.S. counterparts, albeit at a cheaper rate and with diminished benefits. The move was part of an outsourcing agreement signed in 2005 between Pfizer, Infosys Technologies and Satyam Computer Services. More here.

***

A 100 page Joint Venture report for tech companies includes the following text:

Foreign-Born Residents

Silicon Valley has an extraordinarily large share of residents who are foreign born (37.4%, compared to California, 27.1%, or the United States, 13.3%). This population share increases to 50% for the employed, core working age population (ages 25-44), and even higher for certain occupational groups. For instance, nearly 74% of all Silicon Valley employed Computer and Mathematical workers ages 25-44 in 2014 were foreign-born. Correspondingly, the region also has an incredibly large share of foreign-language speakers, with 51% of Silicon Valley’s population over age five speaking a language other than exclusively English at home (compared to 43% in San Francisco, 44% in California, and 21% in the United States as a whole). This majority share in 2014 was up from 49% in 2011.

*** The Senate held a hearing in 2015 with a few former employees that were forced to train their foreign replacements. Many of these employees are paid a severance package but it also includes a major stipulation to remain mute on the topic as noted below:

My former company, a large utility company, replaced 220 American IT workers with H-1Bs…we would have to train them in order to receive our severance packages. This was one of the most humiliating situations that I have ever been in as an IT professional.

The whole IT department was going through the same fate as myself. Those were the longest and hardest five months of my life. Not only did I lose a work family, but I lost my job and my self-esteem. We had constant emails sent by HR that we could not talk about this situation to anyone or make posts to social media. If we did, we would be fired immediately and not get our severance. Read the full article here.