Russia Arrests Kaspersky ‘Treason Probe’

Posted on by

Russian President-elect Dmitry Medvedev, right, speaks with Yevgeny Kaspersky, head of the Kaspersky Lab company, at the 2008 Internet Forum outside Moscow, Thursday, April 3, 2008. (AP Photo/RIA-Novosti, Mikhail Klimentyev, Pool)

Forbes: One of Russia’s most successful cybercrime investigators and hacker hunter at one of the world’s biggest security companies, Kaspersky Lab, has been arrested by Russian law enforcement as part of a probe into possible treason, according to reports. Kaspersky has confirmed that its incident response chief Ruslan Stoyanov was at the center of an investigation, but could not offer more details.

“This case is not related to Kaspersky Lab. Ruslan Stoyanov is under investigation for a period predating his employment at Kaspersky Lab,” a Kaspersky spokesperson said in an emailed statement. “We do not possess details of the investigation. The work of Kaspersky Lab’s Computer Incidents Investigation Team is unaffected by these developments.”

Reports of the arrest landed today from national paper Kommersant, which said Stoyanov’s arrest may be tied to an investigation into Sergei Mikhailov, deputy head of the information security department of the FSB, Russia’s national security service. Both men were said to have been arrested in December. Kommersant cited sources who claimed the investigation was exploring the receipt of money from foreign companies by Stoyanov and his links to Mikhailov.

The FBI consistently investigates Russian cybercrime operations, the best-known case being the alleged 2016 hacks of the U.S. election, following a breach at the Democratic National Committee.

Major player in fighting Russian cybercrime

In his role at Kaspersky, Stoyanov was in charge of incident response, the group that helped organizations investigate and recover from breaches or other security events. According to his LinkedIn profile, prior to his 2012 move to Kaspersky, he spent six years as a major in the Ministry of Interior’s cybercrime unit between 2000 and 2006 before moving into the private sector.

A source familiar with Stoyanov’s past work told FORBES that during his time chasing cybercriminals for the Russian government, he was the lead investigator into a hacker crew that was launching denial of service attacks on U.K. betting shops, extorting them for a total of $4 million. Three individuals were arrested and each sentenced in 2006 to eight years in prison.

In recent years, Stoyanov has assisted Russian authorities in some major investigations into cybercrime, including one that led to arrests of 50 individuals involved in the Lurk gang, which stole as much as $45 million from local banks.

“Stoyanov was involved in every big arrest of cybercriminals in Russia in past years,” the source added.

Kaspersky has repeatedly aroused suspicion in the U.S. for its ties to the Kremlin, thanks to articles alleging CEO Eugene Kaspersky’s ties with the state. The firm has denied any collusion with the government, however. The charismatic chief wrote in FORBES in 2015 that he had never worked for the FSB and his companies had no ties to Russia or any other government. He wrote: “A few reporters who seem to be openly hostile to Kaspersky Lab will no doubt be planning their next fictional installment.”

**** Was this because Kaspersky blew the whistle on the hack of the NSA which maybe had Russian fingerprints? Let’s see…

In part from Motherboard: A mysterious hacker or hackers going by the name “The Shadow Brokers” claims to have hacked a group linked to the NSA and dumped a bunch of its hacking tools. In a bizarre twist, the hackers are also asking for 1 million bitcoin (around $568 million) in an auction to release more files.

“Attention government sponsors of cyber warfare and those who profit from it!!!!” the hackers wrote in a manifesto posted on Pastebin, on GitHub, and on a dedicated Tumblr. “How much you pay for enemies cyber weapons? […] We find cyber weapons made by creators of stuxnet, duqu, flame.”

The hackers referred to their victims as the Equation Group, a codename for a government hacking group widely believed to be the NSA.

”We find cyber weapons made by creators of stuxnet, duqu, flame.”

The security firm Kaspersky Lab unmasked Equation Group in 2015, billing it as the most advanced hacking group Kaspersky researchers had ever seen. While Kaspersky Lab stopped short of saying it’s the NSA, its researchers laid out extensive evidence pointing to the American spy agency, including a long series of codenames used by the Equation Group and found in top secret NSA documents released by Edward Snowden. The Equation Group, according to Kaspersky Lab, targeted the same victims as the group behind Stuxnet, which is widely believed to have been a joint US-Israeli operation targeting Iran’s nuclear program, and also used two of the same zero-day exploits.

The Shadow Brokers claimed to have hacked the Equation Group and stolen some of its hacking tools. They publicized the dump on Saturday, tweeting a link to the manifesto to a series of media companies.

The dumped files mostly contain installation scripts, configurations for command and control servers, and exploits targeted to specific routers and firewalls. The names of some of the tools correspond with names used in Snowden documents, such as “BANANAGLEE” or “EPICBANANA.” Read more here from Motherboard.

Top Policy People, Mass Exodus at State Dept.

Posted on by

 Rex Tillerson was there at Foggy Bottom getting a lay of the landscape, when the resignations turned in last week became effective today as there was a walk out. And YES, the most corrupt official at the State Department remaining after John Kerry left is Patrick Kennedy, and he is gone too…YIPPEE.

 

It is real awesome that Victoria Nuland has left too.

CBS: State Department posts occupied by other career diplomats have also been left vacant. Victoria Nuland is one of the people leaving. Nuland was the Assistant Secretary of State responsible for Russia and Eurasia Policy at the State Department, and is known for her hardline view on Russia. Linda Etim, a political appointee handling USAID and African affairs, has also left the State Department.

The State Department’s entire senior management team just resigned

WaPo: Secretary of State Rex Tillerson’s job running the State Department just got considerably more difficult. The entire senior level of management officials resigned Wednesday, part of an ongoing mass exodus of senior foreign service officers who don’t want to stick around for the Trump era.

Tillerson was actually inside the State Department’s headquarters in Foggy Bottom on Wednesday, taking meetings and getting the lay of the land. I reported Wednesday morning that the Trump team was narrowing its search for his No. 2, and that it was looking to replace the State Department’s long-serving undersecretary for management, Patrick Kennedy. Kennedy, who has been in that job for nine years, was actively involved in the transition and was angling to keep that job under Tillerson, three State Department officials told me.

Then suddenly on Wednesday afternoon, Kennedy and three of his top officials resigned unexpectedly, four State Department officials confirmed. Assistant Secretary of State for Administration Joyce Anne Barr, Assistant Secretary of State for Consular Affairs Michele Bond and Ambassador Gentry O. Smith, director of the Office of Foreign Missions, followed him out the door. All are career foreign service officers who have served under both Republican and Democratic administrations.

Kennedy will retire from the foreign service at the end of the month, officials said. The other officials could be given assignments elsewhere in the foreign service.

In addition, Assistant Secretary of State for Diplomatic Security Gregory Starr retired Jan. 20, and the director of the Bureau of Overseas Building Operations, Lydia Muniz, departed the same day. That amounts to a near-complete housecleaning of all the senior officials that deal with managing the State Department, its overseas posts and its people.

“It’s the single biggest simultaneous departure of institutional memory that anyone can remember, and that’s incredibly difficult to replicate,” said David Wade, who served as State Department chief of staff under Secretary of State John Kerry. “Department expertise in security, management, administrative and consular positions in particular are very difficult to replicate and particularly difficult to find in the private sector.”

Several senior foreign service officers in the State Department’s regional bureaus have also left their posts or resigned since the election. But the emptying of leadership in the management bureaus is more disruptive because those offices need to be led by people who know the department and have experience running its complicated bureaucracies. There’s no easy way to replace that via the private sector, said Wade.

“Diplomatic security, consular affairs, there’s just not a corollary that exists outside the department, and you can least afford a learning curve in these areas where issues can quickly become matters of life and death,” he said. “The muscle memory is critical. These retirements are a big loss. They leave a void. These are very difficult people to replace.”

Whether Kennedy left on his own volition or was pushed out by the incoming Trump team is a matter of dispute inside the department. Just days before he resigned, Kennedy was taking on more responsibility inside the department and working closely with the transition. His departure was a surprise to other State Department officials who were working with him.

One senior State Department official who responded to my requests for comment said that all the officials had previously submitted their letters of resignation, as was required for all positions that are appointed by the president and that require confirmation by the Senate, known as PAS positions.

“No officer accepts a PAS position with the expectation that it is unlimited. And all officers understand that the President may choose to replace them at any time,” this official said. “These officers have served admirably and well. Their departure offers a moment to consider their accomplishments and thank them for their service. These are the patterns and rhythms of the career service.”

Ambassador Richard Boucher, who served as State Department spokesman for Colin Powell and Condoleezza Rice, said that while there’s always a lot of turnover around the time a new administration takes office, traditionally senior officials work with the new team to see who should stay on in their roles and what other jobs might be available. But that’s not what happened this time.

The officials who manage the building and thousands of overseas diplomatic posts are charged with taking care of Americans overseas and protecting U.S. diplomats risking their lives abroad. The career foreign service officers are crucial to those functions as well as to implementing the new president’s agenda, whatever it may be, Boucher said.

“You don’t run foreign policy by making statements, you run it with thousands of people working to implement programs every day,” Boucher said. “To undercut that is to undercut the institution.”

By itself, the sudden departure of the State Department’s entire senior management team is disruptive enough. But in the context of a president who railed against the U.S. foreign policy establishment during his campaign and secretary of state with no government experience, the vacancies are much more concerning.

Tillerson’s job No. 1 must be to find qualified and experienced career officials to manage the State Department’s vital offices. His second job should be to reach out to and reassure a State Department workforce that is panicked about what the Trump administration means for them.

Trump Review to Re-launch CIA Black Sites?

Posted on by

A Black Site is one thing, Interrogations another, but applications of enhanced interrogation methods, yet a third…

The Washington Post reports they are in possession of an early draft copy of an executive order to review the black site(s) program for captured terrorists. Under Barack Obama, terrorists were rarely if ever sought for detention and interrogated but rather, Obama ordered escalated use of drone strikes.

Trump Review CIA Black Sites (full document here)

***

Reuters/WaPo: U.S. President Donald Trump is expected to order a review that could lead to bringing back a CIA program for holding terrorism suspects in secret overseas “black site” prisons where interrogation techniques often condemned as torture were used, two U.S. officials said on Wednesday.

The black sites were used to detain suspects captured in President George W. Bush’s “war on terrorism” after the Sept. 11, 2001 attacks and were formally closed by former President Barack Obama.

Any return to the Bush administration’s initial anti-terrorism tactics – including secret prisons and interrogation methods considered torture under international law – would likely alienate key U.S. allies in the fight against militant groups like al Qaeda and Islamic State.

Aides to Obama said during his tenure that his prohibition against torture and efforts to close the Guantanamo prison in Cuba helped increase counterterrorism cooperation from U.S. allies in the Arab world.

The now-defunct program’s practices dubbed enhanced interrogation techniques, which included simulated drowning known as waterboarding, were criticized around the world and denounced by Obama and other senior U.S. officials as torture.

 

The officials said Trump is expected to sign an executive order in the next few days. It would call for a high-level review into “whether to reinitiate a program of interrogation of high-value alien terrorists to be operated outside the United States” and whether the CIA should run the facilities,” according to a copy of the draft published by the Washington Post.

The document ignited a bipartisan outcry in Congress. Many people in U.S. intelligence agencies and within the military are opposed to reopening the harsh interrogation program, according to multiple serving officers.

“The President can sign whatever executive orders he likes. But the law is the law. We are not bringing back torture in the United States of America,” Senator John McCain, a Republican who underwent torture as a prisoner of war in Vietnam, said in a statement.

Trump administration spokesman Sean Spicer said the draft was not a White House document. The draft published by the Washington Post appeared to have sections missing, suggesting that it may not have been a full version ready for Trump to sign.

The CIA black sites were located in Poland, Lithuania, Romania, Thailand and Afghanistan.

In 2006, Bush ended the use of harsh interrogation techniques and closed all the black sites except for one in Kabul.

Asked whether he wants waterboarding as president, Trump answered in an interview with ABC News:

“I will rely on (CIA director Mike) Pompeo and (Defense Secretary James) Mattis and my group. And if they don’t want to do it, that’s fine. If they do want to do it, then I will work toward that end,” Trump said.

“I want to do everything within the bounds of what we’re allowed to do if it’s legal. If they don’t want to do it, that’s fine. Do I feel it works? Absolutely I feel it works.”

Mattis and Pompeo had not been aware such plans were in the works, according to a congressional source.

KEEP GUANTANAMO OPEN

Trump’s draft order would authorize a review of interrogation techniques that U.S. officials could use on terrorism suspects, keep open the detention center at the U.S. naval base in Guantanamo Bay, Cuba and send new prisoners there.

Trump’s draft also revokes directives by Obama to grant the International Committee of the Red Cross access to all detainees in U.S. custody and restrict interrogation methods to those in a U.S. Army field manual.

Trump vowed during the 2016 election campaign to resume waterboarding and a “hell of a lot worse” because even if torture does not work, “they deserve it anyway.”

He has also said that he wanted to keep Guantanamo open and “load it up with some bad dudes.”

Of the 41 prisoners left at Guantanamo, 10 face charges in war-crimes proceedings known as military commissions, including Khalid Sheikh Mohammed, accused mastermind of the Sept. 11, 2001, attacks, and his alleged co-conspirators. Bush established the military commissions, which Obama later changed.

The draft order said that, “No person in the custody of the United States shall at any time be subjected to torture, or cruel, inhuman or degrading treatment or punishment, as proscribed by U.S. law.” It does not mention international laws to which the United States is a signatory that prohibit torture.

Congress passed the National Defense Authorization Act in 2015, which reaffirmed a prohibition on torture and required U.S. interrogators to adhere to techniques in the Army field manual.

However, the Justice Department under Trump could issue an interpretation of U.S. law that allows for the use of harsh interrogation techniques as occurred in the so-called “torture memos” drafted under the Bush administration in 2002 and subsequently withdrawn.

Despite the killing of al Qaeda leader Osama bin Laden during Obama’s presidency, the dramatic spread of groups like Islamic State has exacerbated the threat from violent Islamist organizations.

In a statement accompanying the draft order, the administration criticizes Obama’s policies, saying, “The United States has refrained from exercising certain authorities critical to its defense.” But it acknowledges that the National Defense Authorization Act “provides a significant statutory barrier to the resumption of the CIA interrogation program”.

“WORRISOME”

Human rights groups decried any attempt to bring back the black sites.

“This is an extremely disturbing and outrageous attempt to open the door again to systematic torture and secret detention. This is the Trump administration making good on its most worrisome comments during the campaign,” said Naureen Shah, Amnesty International USA’s director of national security and human rights.

Critics say a return to harsh interrogations would enflame tensions in Muslim countries and be counterproductive.

In the draft document, references to the “global war on terrorism” were edited and replaced with the phrase “fight against radical Islamism,” reflecting language Trump often uses.

A former senior U.S. intelligence official, who requested anonymity, said many CIA officers would oppose reinstatement of “black site” interrogations, in part because they were forced to obtain lawyers after the withdrawal of the Justice Department memos that legalized the harsh techniques.

“People felt they were hung out to dry,” the former official said. “There is a lack of trust there.”

Moreover, he said, it would be extremely difficult to persuade other governments to allow the CIA to establish secret prisons on their soil.

“Where are you going to do this?” he asked. “How many countries are going to jump back into the U.S. lap?

Trump’s order, if enacted, could put new CIA Director Pompeo in a tight spot given that his workforce, according to multiple serving officers, largely opposes reinstating the “black sites” program. It could also complicate the confirmation of Trump’s nominee for the job of director of national intelligence, former U.S. senator Dan Coats.

As a conservative Republican congressman from Kansas, Pompeo defended the CIA’s use of harsh interrogation techniques, arguing that they produced useful intelligence.

During his confirmation hearing for CIA director, he pledged he would “absolutely not” reinstate those methods. Yet in written responses to questions from Senate Intelligence Committee members, he appeared to leave the door open to restoring them.

“If experts believed the current law was an impediment to gathering vital intelligence to protect the country, I would want to understand such impediments and whether any recommendations were appropriate for changing current law,” Pompeo wrote.

(Writing by Yara Bayoumy; Additional reporting by Warren Strobel, Matt Spetalnick and Patricia Zengerle; Editing by Alistair Bell and Jonathan Oatis)

 

Mattis Encountering Russian Aggression Already?

Posted on by

Secretary of Defense James Mattis will embark on his first trip as secretary Feb. 1-4 to meet with his counterparts from two critical allies, Japan and the Republic of Korea. The four day trip will include stops in Seoul and Tokyo.   Departing on Feb. 1, Secretary Mattis will begin his trip in the Republic of Korea, where he will meet Minister of National Defense Han Min Koo and other senior Korean officials.  On Feb. 3, Secretary Mattis will travel to Tokyo for meetings with Minister of Defense Tomomi Inada and other senior Japanese officials.   The trip will underscore the commitment of the United States to our enduring alliances with Japan and the Republic of Korea, and further strengthen U.S.-Japan-Republic of Korea security cooperation.

***

NORAD responds after Russian bombers zoom around Japan

A pair of Russian Tu-95 Bear nuclear-capable bombers flew around Japan on Tuesday, prompting the Japanese military to scramble fighter jets as the North American Aerospace Defense Command (NORAD) increased its threat posture, two U.S. defense officials revealed to Fox News.

The Russian bombers stayed in international airspace, the officials said. News of this latest Russian provocation came shortly after the Pentagon announced that new Defense Secretary James Mattis would make his first visit overseas to Japan and South Korea early next month.

A third Russian Tu-95 bomber took off from a base in eastern Russia near the Pacific Ocean but it did not fly around Japan. Instead, it acted as a “communications relay” to pass radio traffic between the bombers flying around Japan, the officials said.

NORAD did not immediately respond for comment when reached by Fox News.

All three Russian strategic bombers took off outside the Pacific coastal city of Anadyr in eastern Russia. They returned to the eastern Russian airbase Ukrainka, roughly 1,000 miles from Japan.

 

Three Russian refueling tankers (IL-78) were also part of the flight. Two airborne radar and communications planes known as Beriev A-50 AWACs were also part of the Russian flying armada.

Only two Russian bombers made the flight around Japan’s major islands, according to officials.

The increase in threat posture from 5 to 4 meant the U.S. Air Force would place an extra tanker crew on standby ready to refuel the Japanese jets if necessary, according to officials.

It was the first time Russian bombers had circumnavigated Japan’s major islands in a year, the officials said.

***

The last time JASDF had to scramble fighter jets in response to Russian bomber incursions occurred a year ago, in January 2016, when two Russian Tu-95 bombers circled Japan’s major islands on a similar flight path to yesterday’s patrol. In March 2015, Russian strategic bombers also patrolled the skies in close vicinity to the Ryukyu Islands.

Russia stopped conducting regular bomber patrols in the 1990s and early 2000s, but has increased its patrol activities in the Pacific Ocean following the Ukraine crisis in 2014 amid the resulting isolation from the West. As I reported in October 2016 (See: “Russia to Set up Heavy Bomber Division to Patrol Japan, Hawaii, and Guam”), the Russian Aerospace Forces are in the process of setting up a new long-range heavy bomber division in Russia’s Far East to patrol the Pacific Ocean inside the Japan-Hawaii-Guam triangle.

The new unit will eventually consist of several dozen Tu-95MS strategic missile bombers and Tu-22M3 long-range bombers. “The Tupolev Tu-95MS, an improved variant of the older Tu-95, is a four-engine, long-range, turboprop, strategic bomber that can be armed with a wide range of weapons including stand-off cruise missiles. Russia intends to operate 20 Tu-95MS by the end of 2016,” I explained. The new division is based on the 6953rd Guards’ Red Banner, Pacific Air Group, which conducted patrols within the Japan-Hawaii-Guam triangle during the Cold War. More here.

Cruz and Poe Introduce Legislation for States to Reject Refugees

Posted on by

There is some additional help coming from the Trump administration as President Trump is likely to issue and sign executive order on immigration that will impact visa holders from Iraq, Iran, Libya, Somalia, Sudan, Syria and Yemen. These are worn torn countries where hostilities continue with terror organizations. An issue that still remains however that Trump has not addressed is the asylum seekers.

S. 2363 (114th): State Refugee Security Act of 2015

A bill to amend the Immigration and Nationality Act to permit the Governor of a State to reject the resettlement of a refugee in that State unless there is adequate assurance that the alien does not present a security risk and for other purposes. The 2 page text is here.

New bill from Cruz, Poe would let states reject refugees

WT: Republicans in the House and Senate have introduced legislation that would give governors the power to reject federal efforts to resettle refugees in their states.

The bill from Sen. Ted Cruz and Rep. Ted Poe, both of Texas, is a reaction to years of growing GOP frustration with the Obama administration’s aggressive effort to take in refugees and resettle them across the country. Republicans continue to have doubts that refugees can be vetted to ensure they aren’t Islamic State terrorists.

The State Refugee Security Act would require the federal government to notify states at least 21 days before they seek to settle a refugee. Under the bill, if a state governor certifies that the federal government hasn’t offered enough assurances that the refugee does not pose a security risk, the state can block the resettlement effort.

Poe said the Obama administration’s “open door policy” has forced states to take on refugees without these guarantees, and said states need a way to opt out.

“Until the federal government can conduct thorough security screenings and confirm that there are no security risks, Congress should empower states to be able to protect their citizens by refusing to participate in this program,” he said.

Cruz said the first obligation of the president is to keep Americans safe, and said the bill would be a step in that direction.

“I am encouraged that, unlike the previous administration, one of President Trump‘s top priorities is to defeat radical Islamic terrorism,” he said. “To augment the efforts of the new administration, this legislation I have introduced will reinforce the authority of the states and governors to keep their citizens safe.”

****

The Trump White House also has not addressed the issue of criminal deportation of foreign nationals. Each foreign inmate is known to cost the taxpayer an estimated $21,000 per year. Enforcement and removal operations of those illegal foreign nationals now falls to the newly confirmed DHS Secretary Kelly.

FY 2015 ICE Immigration Removals

In addition to its criminal investigative responsibilities, ICE shares responsibility for enforcing the nation’s civil immigration laws with U.S. Customs and Border Protection (CBP) and U.S. Citizenship and Immigration Services (USCIS). ICE’s role in the immigration enforcement system is focused on two primary missions: (1) the identification and apprehension of criminal aliens and other removable individuals located in the United States; and (2) the detention and removal of those individuals apprehended in the interior of the U.S., as well as those apprehended by CBP officers and agents patrolling our nation’s borders.

In executing these responsibilities, ICE has prioritized its limited resources on the identification and removal of criminal aliens and those apprehended at the border while attempting to unlawfully enter the United States. This report provides an overview of ICE Fiscal Year (FY) 2015 civil immigration enforcement and removal operations. See FY 2015 ICE Immigration Removals Statistics

Expectations of a quick solution and immediate movement to address the immigration matter are misplaced as this will be a long slog of an operation and will take the coordination of several agencies including the U.S. State Department which is presently operating without a Secretary until Rex Tillerson is confirmed and sworn in. The fallout will include a diplomatic challenge which is many cases does need to occur, however other nations such as China and Russia will step in to intrude on the process including those at the United Nations level, falling into the lap of the newly confirmed U.S. Ambassador to the United Nations, Nikki Haley.