Approval Process for Cyberwarfare Challenged

Cyber is a real battlefield and yet it gets almost zero ink in the media. The reason is due in part to exposing vulnerabilities, forced ransoms and stolen data.

NotPetya could be the beginnings of a new kind of ... photo

Just a couple of years ago: Chet Nagle, a former CIA agent and current vice president of M-CAM, penned an article in the Daily Caller, stating, “At FBI headquarters in July, the head of FBI counterintelligence, Randall Coleman, said there has been a 53% increase in the theft of American trade secrets, thefts that have cost hundreds of billions of dollars in the past year. In an FBI survey of 165 private companies, half of them said they were victims of economic espionage or theft of trade secrets — 95% of those cases involved individuals associated with the Chinese government.”

The threats all appear to have a foreign genesis and the United States does not have a real cyber policy due in part to debates over whether cyber attacks are acts of war. Can the United States fight back with her own cyber weapons? Not really, kinda, maybe.

Tracking the theft is left to the FBI, while responding is left to the U.S. Cyber Command. Army Lt. Gen. Paul Nakasone is the head of Cyber Command facing strategic threats from Russia, China, North Korea and Iran. During his confirmation hearings, Nakasone was grilled on how he would position the agencies to confront mounting Russian aggression in cyberspace, whether through attempted interference in U.S. elections or targeting the electric grid and other critical industrial systems.

Members of the White House’s National Security Council are pushing to rescind Presidential Policy Directive 20, an important policy memorandum that currently guides the approval process for government-backed cyberattacks, three current U.S. officials familiar with the matter tell CyberScoop.

The effort is driven in part by a desire from some NSC staff to create a more streamlined channel for military leaders to get their offensive cyber operations greenlit, insiders familiar with the matter said. The sources spoke under the condition of anonymity to freely discuss sensitive national security matters.

The move comes as lawmakers openly question whether U.S. Cyber Command, the nation’s premier cyber warfare unit, is hamstrung from responding to Russian meddling due to bureaucratic red tape. CyberScoop previously reported that multiple congressional committees are considering policies that could empower the military’s cyber mission.

But the push for change faces resistance from the intelligence community and several other federal agencies involved in cybersecurity.

Senior U.S. intelligence officials have expressed concerns over what rescinding the directive will mean for their own active computer spying missions. These covert operations, which are typically pursued by intelligence agencies like the CIA or NSA, could be exposed by the launch of “louder” disruptive-style attacks from the military. The presence of multiple hacking teams simultaneously targeting a single network often makes it easier for them all to be discovered by the victim.

Prior reporting by CyberScoop has shown that a long-running turf war exists between different federal agencies regarding the proper use of hacking tools in order to protect the homeland.

Even before Trump came to office though, the framework in question was considered a source of frustration inside the Pentagon.

Signed by President Barack Obama in 2012, the directive’s critics say that it was written in a confusing manner that leaves open-ended questions. In addition, critics tell CyberScoop that too many federal agencies are allowed to weigh in on proposed cyber operations, causing “even reasonable” plans to be delayed or outright rejected.

Insiders who are resistant to eliminating the directive admit that PPD-20 is flawed, but fear change because they’ve not seen a replacement plan.

“Better the devil you know, or something like that,” a former U.S. official said. “This is such a crucial decision because whatever comes next will dictate how arguments are settled inside government … you have the military on one side and the IC on the other.”

The NSC, CIA and Office of the Director of National Intelligence declined to comment. The NSA referred CyberScoop to U.S. Cyber Command, who in turn did not respond to a request for comment.

Currently, PPD-20 requires U.S. government agencies to run approvals for offensive operations through a chain of command that stretches across the federal government. The process is largely focused on controlling those operations that go beyond the confines of everyday digital espionage, or computer exploitation, to simply collect information.

According to PPD-20, if an operation is considered “of significant consequence,” it requires the direct blessing of the president in addition to the interagency group. Hacking operations that, for example, shut down a power grid or cause equipment to explode would fit into such a description. But experts say it also includes less flashy tactics like deleting data or corrupting software in a destructive manner.

“This directive pertains to cyber operations, including those that support or enable kinetic, information, or other types of operations,” PPD-20 reads. “The United States has an abiding interest in developing and maintaining use of cyberspace as an integral part of U.S. national capabilities to collect intelligence and to deter, deny, or defeat any adversary.”

After coming under scrutiny last month, outgoing NSA Director Adm. Michael Rogers told lawmakers that there’s an “ongoing policy discussion” about redrawing the regulations looming over military cyber operations. Unlike conventional military activities, the internet makes it difficult for policymakers to draw clear cut boundaries. This challenges also runs up against longstanding laws that underpin, and therefore divide, the work of soldiers and spies.

Historically, intelligence agencies — empowered by Title 50 of the U.S. Code — have led the way on U.S.-backed hacking that occur in countries like Iran or China; where armed conflict is absent. Military operations fall under the purview of Title 10 of the U.S. Code.

It’s not clear whether giving military leaders more leeway to conduct hacking operations will ultimately make those units more effective at their missions. The details surrounding these activities are always classified, which inhibits the public from having a substantive policy debate.

Ultimately, the decision to eliminate PPD-20 falls solely to the executive branch. Sources tell CyberScoop no final decision has been made.

What makes PPD-20 difficult to analyze is the fact that it remains a classified document, despite it being leaked by NSA whistleblower Edward Snowden. The classification means current officials are barred from publicly commenting on it.

Thomas Rid, a professor of strategic studies at Johns Hopkins University, said that Snowden’s PPD-20 leak was notable because it revealed the U.S. government’s thought process behind “the rise of unwanted norms caused by escalatory cyberattacks.”

“Reading between the lines, the framework acknowledges the negative effect on global cyber norms that events like Stuxnet can cause because of escalation,” said Rid.

Rid also believes the directive was “naïvely constructed,” relying too much on the idea that cyberattacks only impact other machines, and not people.

“When you look at what’s happened in 2016, and really since then, it makes the people who wrote PPD-20 seem like they don’t understand the current threat environment where Russia, and to some degree Iran, are combining active measures with cyber to change public perception,” he told CyberScoop. “Russia is basically kicking the U.S.’ ass.”

7 States Suing Over DACA, Know the Details

There are countless lawsuits already and here comes another. Several DACA cases have been ruled against by liberal judges. Now Texas has joined other states.

 

TX v USA Re DACA Complaint 050118 by Kaitlyn on Scribd

Perhaps those judges have not read all the real details of DACA.

Renewal deadline approaching for DACA applicants photo

DACA is a request for consideration, it is NOT an automatic approval and it is temporary. See the stipulations here.

DACA banner with forms

Guidelines

You may request DACA if you:

  1. Were under the age of 31 as of June 15, 2012;
  2. Came to the United States before reaching your 16th birthday;
  3. Have continuously resided in the United States since June 15, 2007, up to the present time;
  4. Were physically present in the United States on June 15, 2012, and at the time of making your request for consideration of deferred action with USCIS;
  5. Had no lawful status on June 15, 2012;
  6. Are currently in school, have graduated or obtained a certificate of completion from high school, have obtained a general education development (GED) certificate, or are an honorably discharged veteran of the Coast Guard or Armed Forces of the United States; and
  7. Have not been convicted of a felony, significant misdemeanor,or three or more other misdemeanors, and do not otherwise pose a threat to national security or public safety.

***

The Obama administration chose to deploy DACA by Executive Branch memorandum—despite the fact that Congress affirmatively rejected such a program in the normal legislative process on multiple occasions. The constitutionality of this action has been widely questioned since its inception.

DACA’s criteria were overly broad, and not intended to apply only to children. Under the categorical criteria established in the June 15, 2012 memorandum, individuals could apply for deferred action if they had come to the U.S. before their 16th birthday; were under age 31; had continuously resided in the United States since June 15, 2007; and were in school, graduated or had obtained a certificate of completion from high school, obtained a General Educational Development (GED) certificate, or were an honorably discharged veteran of the Coast Guard or Armed Forces of the United States. Significantly, individuals were ineligible if they had been convicted of a felony or a significant misdemeanor, but were considered eligible even if they had been convicted of up to two other misdemeanors.

The Attorney General sent a letter to the Department on September 4, 2017, articulating his legal determination that DACA “was effectuated by the previous administration through executive action, without proper statutory authority and with no established end-date, after Congress’ repeated rejection of proposed legislation that would have accomplished a similar result. Such an open-ended circumvention of immigration laws was an unconstitutional exercise of authority by the Executive Branch.” The letter further stated that because DACA “has the same legal and constitutional defects that the courts recognized as to DAPA, it is likely that potentially imminent litigation would yield similar results with respect to DACA.”

Based on this analysis, the President was faced with a stark choice: do nothing and allow for the probability that the entire DACA program could be immediately enjoined by a court in a disruptive manner, or instead phase out the program in an orderly fashion. Today, Acting Secretary of Homeland Security Duke issued a memorandum (1) rescinding the June 2012 memo that established DACA, and (2) setting forward a plan for phasing out DACA. The result of this phased approach is that the Department of Homeland Security will provide a limited window in which it will adjudicate certain requests for DACA and associated applications for Employment Authorization Documents meeting parameters specified below.

  • Please see the USCIS website for the latest information about DACA.

 

FBI: C’mon Director Wray Explain This

  1. Findings of Misconduct by an FBI Special Agent for Contacting Witnesses for an Improper
    Purpose, Divulging Law Enforcement Sensitive Information to Unauthorized Individuals,
    Providing Misleading Testimony, Providing False Information to the OIG, Mishandling
    Classified Information, and Misusing Government Devices and his Position, all sounds like a common condition within the FBI, right?
  2. A former Minneapolis FBI agent who sought to expose what he called “systemic biases” within the bureau has been charged after allegedly leaking secret documents to a national news reporter, according to federal criminal charges filed in Minnesota this week.

    The charges, filed by prosecutors for the Justice Department’s National Security Division, are the first to come in Minnesota since Attorney General Jeff Sessions announced a broad crackdown on government leaks last year.

    A two-page felony information, a charging document that typically signals an imminent guilty plea, outlines two counts filed against Terry James Albury of unlawfully disclosing and retaining national defense information.

    Albury is accused of sharing a document on assessing confidential human sources — otherwise referred to as informants — and a document “relating to threats posed by certain individuals from a particular Middle Eastern country” with a reporter for a national media organization.

    The second count charged against Albury alleged that he failed to turn over a document “relating to the use of an online platform for recruitment by a specific terrorist group” last year.

    The charges do not name the reporter or news organization but allege that Albury possessed and shared the information between February 2016 and Jan. 31, 2017 — the same date that the Intercept published an entry to its “FBI’s Secret Rules” series on how the bureau assesses potential informants.

    The report drew upon a secret document obtained by the Intercept that has the same publication date described in the charges against Albury. More here.

    FBI director meets with black caucus over criticized ... Director Wray

  3. But we still have the whole Andrew McCabe affair that dovetails with the Peter Strzok and Lisa Page. McCabe lost a large portion of his retirement due to many of the same charges as Albury. Yet, Peter and Lisa are still on the payroll. So?
  4. We have yet this other SA, Special Agent, whose name has not been released caught up in a case very much like that of Albury. Yet, there will be NO criminal charges. Why? Calling Director Wray for an explanation.
    An FBI agent found to have leaked sensitive information to witnesses, mishandled classified information and lied to investigators will not face criminal charges and appears to have retired while an inquiry into his conduct was underway, according to the Justice Department Office of Inspector General.

    An investigative summary posted online by the department’s internal watchdog unit on Monday is short on details, but says investigators opened an investigation after receiving allegations that the unidentified special agent “contacted witnesses in a criminal investigation for an improper purpose.”

    “The OIG found that the SA contacted individuals who he either knew were, or had reasonable belief would be witnesses in the criminal investigation and that the SA’s contacts with several individuals appeared to be designed to improperly influence their prospective testimony,” the statement said. “Accordingly, the OIG concluded that the SA’s contacts with the witnesses were improper and constituted misconduct.”

    Investigators also uncovered other instances of serious misconduct by the agent, saying he “divulged law enforcement sensitive information to unauthorized individuals; misused his government issued electronic devices; provided misleading testimony during a related civil deposition; mishandled classified information; misused his position during contacts with local law enforcement officers; and provided false information to the OIG.”

    All rather a funky way to apply the law, policy and maintain integrity eh?

How Israel Obtained the Iran Nuclear Documents

Note, Israel was told about the documents and the warehouse, likely by the MEK. The MEK and the Mossad often perform joint operations. For context on the MEK operations:

The MEK’s Role Was Critical in Preventing Iran From Obtaining a Nuclear Bomb

The MEK has been instrumental in exposing Iran’s nuclear weapons program. Relying on a vast network inside Iran, MEK revelations of the weapons program significantly contributed to the world peace and the national security of the United States.

These revelations triggered the International Atomic Energy Agency (IAEA) inspections of the uranium enrichment facility in Natanz and Heavy Water Facility in Arak in 2002 for the first time, and since then, the majority of the visits by the IAEA inspection teams have been to the sites first exposed by the MEK.

Senior U.S. officials including President Bush, Vice President Dick Cheney, and Secretary of State Condoleezza Rice have repeatedly pointed to the role the MEK had played in getting the world attention on Iran’s nuclear weapons program.

In March 2005, President, George W. Bush, emphasized that the MEK’s revelation of Natanz prompted an international
campaign to stop the nuclear weapons program of Iran. “Iran has concealed its — a nuclear program. That became discovered, not because of their compliance with the IAEA or NPT, but because a dissident group pointed it out to the world.”

Many of the key front companies exposed by the MEK such as Mesbah Energy, Novin Energy, Kalaye Electric, Kavoshyar Company, and Farayand Technique were eventually sanctioned by the Treasury Department. In July 2011, the MEK exposed a new nuclear organization overseeing the entire nuclear program and run by the military, known as SPND. The U.S. Government designated that entity in 2014. In addition, many companies, key nuclear experts, and military institutions exposed by the MEK have been sanctioned by the United Nations Security Council resolutions 1737, 1747, and 1803.

If it were not for the MEK nuclear revelations, Tehran would have had the bomb by now. Congressman Brad Sherman (D-CA) told a House Foreign Affairs Committee Hearing “We all owe a debt of gratitude to the MEK for bringing this information to the world, and causing the United States and the world to focus on the problem.” More here.

Trump to Make Historic Visit to Western Wall in Jerusalem - NBC News photo

Israeli Prime minister Benjamin Netanyahu briefed President Trump two months ago on the capture of the Iranian “nuclear archive,” and decided to publicly expose the documents yesterday due to Trump’s May 12th deadline on possible U.S. withdrawal from the Iran nuclear deal.

Between the lines: An Israeli official tells me Israel wanted to publicly release the new intelligence after White House visits from French President Macron and German Chancellor Merkel, both of whom tried to convince Trump not to withdraw. “We are facing a major decision by President Trump regarding the nuclear deal. Last week was for the Europeans, and this week is our week,” the official said.

  • During a meeting at White House on March 5th, Netanyahu presented Trump and his senior cabinet members — Vice President Pence, Secretary of Defense Mattis, then-Secretary of State Tillerson and then-National Security Adviser McMaster — with an initial analysis of the “Nuclear archive,” a senior Israeli official tells me.
  • Netanyahu spoke to Trump over the phone last Saturday and told him he would publish the intelligence later in the week.
  • A day later he met in Tel-Aviv with Secretary of State Pompeo and gave him a similar update. An Israeli official said the timing of the publication was coordinated with the White House.

How the documents were seized

The Israeli Mossad discovered the existence of an Iranian “Nuclear archive” in February 2016, a short time after the nuclear deal started being implemented.

  • Israeli officials say the Mossad received intelligence that showed the Iranians were trying to hide all documents concerning the military dimensions of their nuclear program.
  • The official said that in a highly secret operation known to a handful of Iranian officials, the Iranians transferred tens of thousands of documents and CD’s from several different sites around the country to a civilian warehouse in Tehran. The Israeli official said the Iranians did all that because they were afraid IAEA inspectors would find the documents.
  • The Mossad put the warehouse under surveillance and started preparing for a possible operation to seize the documents. According to Israeli officials, more than 100 Mossad spies worked on this operation and, in January 2018, it was implemented.
  • A senior Israeli intelligence official said the Mossad managed to put its hands on most of the documents in the warehouse. “We didn’t take everything because it was too heavy”, he said.

Coordination with the U.S.

  • An Israeli official said the CIA and the White House knew about the Israeli efforts to capture the “Iranian nuclear archive,” and Israel briefed the U.S. immediately after the successful operation.
  • At the same time Netanyahu was briefing Trump and his top officials, the Mossad gave the CIA copies of all the 100,000 documents it obtained.
  • At the beginning of February, the Mossad started translating and analyzing the documents, most of were written in Persian. A special team with 50 analysts was formed in the Mossad and, according to an Israeli official, a separate team is working in the CIA. Both intelligence agencies still haven’t finished analyzing the documents.

The Israeli official said: “The documents will a very strong proof that there was a military nuclear program in Iran. Such proof that the Iranians will not be able to deny.”

Meet Kevin Thurm and Here Comes the Clinton Foundation, Again

The last we heard from Hillary, she was whining that no one liked her. Before that, she was still finding excuses for her loss in the quest for the White House. All through that we continued to hear about corruption and fraud in all things Clinton including the foundation(s).

Sidebar: Read about the Foundation ah weirdness in Columbia.

The Clinton Foundation left a toxic legacy in Colombia ... photo

Well….she is back…and Kevin is leading the charge. But bring money for cocktails and photos.

So, who is Kevin?

Kevin Thurm, A83, A17P, is dedicated to finding solutions that last to transform lives and communities. As the CEO of the Clinton Foundation, he leads its efforts to build partnerships of great purpose between businesses, governments, NGOs, and individuals.

Prior to working at the Clinton Foundation, Thurm held various leadership positions in government and the corporate sector. As a senior counselor at the U.S. Department of Health and Human Services (HHS), he partnered with Secretary Sylvia Burwell and HHS senior leadership on cross-cutting strategic initiatives, including continuing implementation of the Affordable Care Act. At Citigroup, he held senior positions including chief compliance officer and deputy general counsel. Before joining Citigroup, Thurm served as the deputy secretary and chief of staff for the Department of Health and Human Services under Secretary Donna E. Shalala.

Thurm received a bachelor’s from Tufts University in 1983; a bachelor’s/master’s from Oxford University in 1986, where he was a Rhodes Scholar; and a J.D. from Harvard Law School in 1989.

***

The Clinton Foundation, after seeing a drop in donations amid increased scrutiny and “pay-to-play” allegations, is revving back up with a glitzy fundraising gala that coincides with a broader push by the Clinton machine to stay in the political spotlight.

Axios reported Monday that longtime Clinton supporters received an invitation offering access — a word that dogged Hillary Clinton throughout her failed 2016 presidential campaign — to the family at a May 24 benefit for the Clinton Foundation.

Hillary Announcement Is Great News for Trump and Republicans

The cheapest tickets for the event will be $2,500 for cocktails and dinner. Deep-pocketed donors can lay out $100,000 for a package including “leadership reception for two, a premium table of 10, program recognition as Gala Chair and invitations to the Clinton Foundation Annual Briefing.”

The invite features photos of Bill, Hillary and Chelsea Clinton, implying they’ll all be attending.

The foundation scaled back its activities in 2016, downsizing the Clinton Global Initiative and placing restrictions on fundraising amid claims of “pay-to-play” by donors seeking access when Clinton was secretary of state. The Clintons denied any such arrangements.

The biggest such controversy related to the sale of Uranium One — a Canadian-based energy firm and holder of 20 percent of U.S. uranium stocks — to Russian energy company Rosatom during Clinton’s time as secretary of state. The connections between the sale of Uranium One and donations to the foundation were first reported by author Peter Schweizer in his 2015 book “Clinton Cash.”

The New York Times reported that the Clinton Foundation received millions of dollars from donors connected to Uranium One as the deal was in the process of being approved by representatives of government agencies, including Clinton’s State Department.

Since the election, questions about that deal have not gone away. In October, The Hill reported that the FBI received an account that Russian nuclear officials had routed millions of dollars to the U.S. designed to benefit the Clinton Foundation amid a broader pattern of bribery and kickbacks designed to extend Russia’s footprint to the U.S.

Amid the controversies in 2015 and 2016, the foundation saw a plunge in donations. While data from 2017 are not available, 2016 numbers showed that donations fell by 42 percent, from $108 million in 2015 to $63 million in 2016. Then-acting CEO Kevin Thurm told The New York Post, which first reported on the numbers, that that was due in part to restrictions on fundraising the foundation placed on itself as Clinton ran for president.

But while numbers for 2017 aren’t available, IB Times reported last year that a number of big companies have distanced themselves from the foundation and were choosing not to give. Companies that told the outlet in November they have not donated since the 2016 election included Boeing, Chevron, Dell, General Electric, and Lockheed Martin.

“Last year was a tough year,” Donna Shalala, then-president of the foundation, told The Times in 2017, “because people were beating on us with nonsense.”

Clinton Foundation dealings have continued to stay in the headlines. Former FBI Deputy Director Andrew McCabe was fired by Attorney General Jeff Sessions in March after an inspector general report said he leaked the existence of a probe into the foundation during the presidential campaign and later lied about it.

Meanwhile, conservative watchdog Judicial Watch has continued to publish emails sent by Clinton when she served as secretary of state — emails that touch on foundation activity.

The May fundraiser is the latest sign from the Clintons that they do not intend to retreat from the spotlight. After losing in 2016, Hillary Clinton has set up the political action organization Onward Together and released a lengthy campaign post-mortem titled, “What Happened.” She went on a speaking tour coinciding with the book’s release and has made numerous additional appearances discussing her 2016 loss.

Axios reported Monday that Hillary Clinton was to lead the first meeting of Onward Together on New York’s Upper East Side for a session on “harnessing the energy and activism post-election.” Bill, meanwhile, will publish his novel “The President is Missing,” co-authored with James Patterson on June 4.

An April Wall Street Journal/NBC News poll found that only 27 percent of those polled had a very or somewhat positive view of the former secretary of state. That makes her less popular than President Trump, whose popularity registered at 35 percent. It marked a new low for her in the poll, which clocked her popularity at 30 percent in August 2017.