Category Archives: China

Nuclear Weapons Testing in Nevada, It is Getting Real

Posted on by

VIENNA—Tensions in the nuclear talks between Iran and six powers have boiled over in recent days, producing heated exchanges among foreign ministers as Washington and Tehran struggled to overcome remaining hurdles to a final agreement, according to people involved in the talks.

The German and British foreign ministers returned to the Austrian capital Wednesday evening as Western diplomats insisted a deal was still possible in coming days. However, time was running out for the agreement to be sealed before a deadline this week which would give the U.S. Congress an extra month to review a deadline.

People close to the talks have warned that the longer Congress and opponents of the diplomacy get to pick over an agreement and galvanize opposition, the greater the political risks for supporters of the process, which aims to block Iran’s path to nuclear weapons in exchange for lifting tight international sanctions.

U.S. officials have insisted this week they don’t feel under pressure to get a deal by the congressional deadline, which arrives at midnight Thursday (6 a.m. Friday in Vienna.)

Over the past day, Western officials and Iranian media have outlined tense exchanges between the negotiating teams that took place Monday evening, at a point where the talks appeared close to stalling. At the time, negotiators were working toward a Tuesday deadline for a deal.

Today, Barack Obama had a teleconference with John Kerry on the progress of the Iran nuclear weapons talks and even provided guidance as noted below. Israel has been kept completely in the dark on the talks.

Embedded image permalink

Later today, the U.S. Air Force Secretary had this to say:

 

Russia is the biggest threat to US national security and America must boost its military presence throughout Europe even as NATO allies face budget challenges and scale back spending, US Air Force Secretary Deborah James said on Wednesday.

“I do consider Russia to be the biggest threat,” James told Reuters in an interview after a series of visits and meetings with US allies across Europe, including Poland.

James said Washington was responding to Russia’s recent “worrisome” actions by boosting its presence across Europe, and would continue rotational assignments of F-16 fighter squadrons.  Deeper details are here.

There is an oil and real estate coupd’etat.

 

China is conducting Arctic research in an area considered the extended undersea shelf of the United States, while Russia is able to move across the frozen regions in 27 icebreakers.

Meanwhile, Adm. Paul F. Zukunft, commandant of the U.S. Coast Guard, said the United States is practically a bystander in the region.

“We sit here on the sidelines as the only nation that has not ratified the Law of the Sea Convention,” Zukunft told a gathering Tuesday at the Navy League’s annual Sea Air Space exposition and conference at National Harbor, Maryland. “Our nation has two ocean-going icebreakers … We’re the most prosperous nation on Earth. Our GDP is eight times that of Russia. Russia has 27 ocean-going icebreakers.”
The U.S. has only two, he said, practically conceding the Arctic to foreign nations, Zukunft said.

“What happened when Sputnik went up? Did we say ‘good for you but we’re not playing in that game?’” he asked. “Well, we’re not playing in this game at all.”

Beneath the Arctic is about 13 percent of the world’s oil and nearly 30 percent of its natural gas. And on the seabed is about a trillion dollars’ worth of minerals, Zukunft said. Coast Guard mapping indicates that an area about twice the size of California would be considered America’s extended continental under the U.N. sea convention not signed by the U.S.

Meanwhile, it is getting real in Nevada….

Air force drops nuclear bomb in Nevada in first controversial test to update cold war arsenal

Impact! The tests are the first time the missile has been tested in the air

‘This test marks a major milestone for the B61-12 Life Extension Program, demonstrating end-to-end system performance under representative delivery conditions,’ said NNSA Deputy Administrator for Defense Programs Dr. Don Cook.
‘Achieving the first complete B61-12 flight test provides clear evidence of the nation’s continued commitment to maintain the B61 and provides assurance to our allies.’
The B61, known before 1968 as the TX-61, was designed in 1963 by the Los Alamos National Laboratory in New Mexico.

The B61-12 nuclear bomb undergoing earlier tests

The B61-12 LEP entered Development Engineering in February 2012 after approval from the Nuclear Weapons Council, a joint Department of Defense and Department of Energy/NNSA organization established to facilitate cooperation and coordination between the two departments as they fulfill their complementary agency responsibilities for U.S. nuclear weapons stockpile management. More details here.

The Words in General Dempsey’s Swan Song

Posted on by

Si Vis pacem, para bellum

GW Bush said it was going to be a long war when the top enemy was al Qaeda. Defeat was realized until the rules of engagement and strategy were altered dynamically month by month beginning in 2009.

There is Russia and Ukraine as noted by the Institute for the Study of War.

Then there is the Baltic Balance as summarized by the Rand Corporation.

There is Islamic State throughout the Middle East region where the caliphate is beyond incubation.

An outcome of the Iran P5+1 talk on the nuclear program is eminent and that could spell an armed conflict that includes Saudi Arabia and or Israel.

The forgotten region is the South China Sea.

Dempsey’s Final Instruction to the Pentagon, Prepare for a Long War

By: Marcus Weisgerber

Non-state actors, like ISIS, are among the Pentagon’s top concerns, but so are hybrid wars in which nations like Russia support militia forces fighting on their behalf in Eastern Ukraine threaten national security interests, Dempsey writes.

“Hybrid conflicts also may be comprised of state and non-state actors working together toward shared objectives, employing a wide range of weapons such as we have witnessed in eastern Ukraine,” Dempsey writes. “Hybrid conflicts serve to increase ambiguity, complicate decision-making, and slow the coordination of effective responses. Due to these advantages to the aggressor, it is likely that this form of conflict will persist well into the future.”

Dempsey also warns that the “probability of U.S. involvement in interstate war with a major power is … low but growing.”

“We must be able to rapidly adapt to new threats while maintaining comparative advantage over traditional ones. Success will increasingly depend on how well our military instrument can support the other instruments of power and enable our network of allies and partners,” Dempsey writes.

The strategy also calls for greater agility, innovation and integration among military forces.

“[T]he 2015 strategy recognizes that success will increasingly depend on how well our military instrument supports the other instruments of national power and how it enables our network of allies and partners,” Dempsey said Wednesday.

The military will continue its pivot to the Pacific, Dempsey writes, but its presence in Europe, the Middle East, Latin America and Africa will evolve. The military must remain “globally engaged to shape the security environment,” he said Wednesday.

The Russian campaign in Ukraine has military strategists questioning if traditional U.S. military force as it is deployed globally is still — or enough of — a deterrence to hybrid and non-state threats like today’s terrorism. “If deterrence fails, at any given time, our military will be capable of defeating a regional adversary in a large-scale, multi-phased campaign while denying the objectives of – or imposing unacceptable costs on – another aggressor in a different region,” Dempsey writes.

The chairman also criticizes Beijing’s “aggressive land reclamation efforts” in the South China Sea where it is building military bases in on disputed islands. In the same region, on North Korea, “In time, they will threaten the U.S. homeland,” Dempsey writes, and mentions Pyongyang’s alleged hack of Sony’s computer network.

Dempsey scolds Iran, which is in the midst of negotiating a deal with Washington to limit its nuclear program, for being a “state-sponsor of terrorism that has undermined stability in many nations, including Israel, Lebanon, Iraq, Syria, and Yemen.”

Russia, Iran, North Korea and China, Dempsey writes, are not “believed to be seeking direct military conflict with the United States or our allies,” but the U.S. military needs to be prepared.

“Nonetheless, they each pose serious security concerns which the international community is working to collectively address by way of common policies, shared messages, and coordinated action,” Dempsey said.

Prepare for a long war. General Dempsey is retiring as Chairman of the Joint Chiefs and will likely move on to academia. Meanwhile, on July 9, the Senate Armed Services will hold a confirmation hearing for General Joseph Dunford.

As General Dempsey is making his farewell rounds, his words speak to some liberation in saying what needs to be said in his swan song.

In a new National Military Strategy, the chairman of the Joint Chiefs of Staff warns the Pentagon to reorganize its global footprint to combat prolonged battles of terrorism and proxy wars.

The U.S. military needs to reorganize itself and prepare for war that has no end in sight with militant groups like the Islamic State and nations that use proxies to fight on their behalf, America’s top general warned Wednesday.

In what is likely his last significant strategy direction before retiring this summer, Gen. Martin Dempsey, chairman of the Joint Chiefs of Staff, said at the Pentagon that “global disorder has trended upward while some of our comparative advantages have begun to erode,” since 2011, the last update to the National Military Strategy.

“We are more likely to face prolonged campaigns than conflicts that are resolved quickly… that control of escalation is becoming more difficult and more important… and that as a hedge against unpredictability with reduced resources, we may have to adjust our global posture,” Dempsey writes in the new military strategy.

Dempsey, the president’s senior military advisor, criticizes Russia, Iran, North Korea and China for aggressive military actions and warns that the rapidly changing global security environment might force the U.S. military to reorganize as it prepares for a busy future.

The military has been shrinking since 2012, when the Obama administration announced plans to pivot forces to the Asia-Pacific region as troops withdrew from Afghanistan and Iraq. But since then, Obama slowed the Afghanistan withdrawal as fighting continues there, and thousands of American military forces have found themselves back in the Middle East and North Africa conducting airstrikes, gathering intelligence and training and advising Iraqi soldiers that are battling ISIS. Since U.S. forces are not deployed to Iraq in a combat role, significantly fewer numbers are needed compared to the hundreds of thousands troops that were sent to Iraq and Afghanistan over the past decade. Still, U.S. commanders have repeatedly said it will take decades  to defeat ISIS, and a stronger nonmilitary effort to defeat the ideology that fuels Islamic extremist groups.

Non-state actors, like ISIS, are among the Pentagon’s top concerns, but so are hybrid wars in which nations like Russia support militia forces fighting on their behalf in Eastern Ukraine threaten national security interests, Dempsey writes.

“Hybrid conflicts also may be comprised of state and non-state actors working together toward shared objectives, employing a wide range of weapons such as we have witnessed in eastern Ukraine,” Dempsey writes. “Hybrid conflicts serve to increase ambiguity, complicate decision-making, and slow the coordination of effective responses. Due to these advantages to the aggressor, it is likely that this form of conflict will persist well into the future.”

Dempsey also warns that the “probability of U.S. involvement in interstate war with a major power is … low but growing.”

“We must be able to rapidly adapt to new threats while maintaining comparative advantage over traditional ones. Success will increasingly depend on how well our military instrument can support the other instruments of power and enable our network of allies and partners,” Dempsey writes.

The strategy also calls for greater agility, innovation and integration among military forces.

“[T]he 2015 strategy recognizes that success will increasingly depend on how well our military instrument supports the other instruments of national power and how it enables our network of allies and partners,” Dempsey said Wednesday.

The military will continue its pivot to the Pacific, Dempsey writes, but its presence in Europe, the Middle East, Latin America and Africa will evolve. The military must remain “globally engaged to shape the security environment,” he said Wednesday.

The Russian campaign in Ukraine has military strategists questioning if traditional U.S. military force as it is deployed globally is still — or enough of — a deterrence to hybrid and non-state threats like today’s terrorism. “If deterrence fails, at any given time, our military will be capable of defeating a regional adversary in a large-scale, multi-phased campaign while denying the objectives of – or imposing unacceptable costs on – another aggressor in a different region,” Dempsey writes.

The chairman also criticizes Beijing’s “aggressive land reclamation efforts” in the South China Sea where it is building military bases in on disputed islands. In the same region, on North Korea, “In time, they will threaten the U.S. homeland,” Dempsey writes, and mentions Pyongyang’s alleged hack of Sony’s computer network.

Dempsey scolds Iran, which is in the midst of negotiating a deal with Washington to limit its nuclear program, for being a “state-sponsor of terrorism that has undermined stability in many nations, including Israel, Lebanon, Iraq, Syria, and Yemen.”

Russia, Iran, North Korea and China, Dempsey writes, are not “believed to be seeking direct military conflict with the United States or our allies,” but the U.S. military needs to be prepared.

“Nonetheless, they each pose serious security concerns which the international community is working to collectively address by way of common policies, shared messages, and coordinated action,” Dempsey said.

Cyber Security on the Skids, Blinking RED

Posted on by

Recorded Future is a real time open source intelligence collection company that determines trends and predictions of emerging threats.

Recorded Future identified the possible exposures of login credentials for 47 United States government agencies across 89 unique domains.

As of early 2015, 12 of these agencies, including the Departments of State and Energy, allowed some of their users access to computer networks with no form of two-factor authentication. The presence of these credentials on the open Web leaves these agencies vulnerable to espionage, socially engineered attacks, and tailored spear-phishing attacks against their workforce.

The damage has yet to be fully realized and cannot be overstated. Where is the White House? Where are the protections? Where is a policy? Major alarm bells as you read on.

From Associated Press:

Tech company finds stolen government log-ins all over Web

WASHINGTON (AP) — A CIA-backed technology company has found logins and passwords for 47 government agencies strewn across the Web – available for hackers, spies and thieves.

Recorded Future, a social media data mining firm backed by the CIA’s venture capital arm, says in a report that login credentials for nearly every federal agency have been posted on open Internet sites for those who know where to look.

According to the company, at least 12 agencies don’t require authentication beyond passwords to access their networks, so those agencies are vulnerable to espionage and cyberattacks.

The company says logins and passwords were found connected with the departments of Defense, Justice, Treasury and Energy, as well as the CIA and the Director of National Intelligence.

From the WSJ: Obama’s Cyber Meltdown

“While Russia and Islamic State are advancing abroad, the Obama Administration may have allowed a cyber 9/11 at home.”

If you thought Edward Snowden damaged U.S. security, evidence is building that the hack of federal Office of Personnel Management (OPM) files may be even worse.

When the Administration disclosed the OPM hack in early June, they said Chinese hackers had stolen the personal information of up to four million current and former federal employees. The suspicion was that this was another case of hackers (presumably sanctioned by China’s government) stealing data to use in identity theft and financial fraud. Which is bad enough.

Yet in recent days Obama officials have quietly acknowledged to Congress that the hack was far bigger, and far more devastating. It appears OPM was subject to two breaches of its system in mid-to-late 2014, and the hackers appear to have made off with millions of security-clearance background check files.

These include reports on Americans who work for, did work for, or attempted to work for the Administration, the military and intelligence agencies. They even include Congressional staffers who left government—since their files are also sent to OPM.

This means the Chinese now possess sensitive information on everyone from current cabinet officials to U.S. spies. Background checks are specifically done to report personal histories that might put federal employees at risk for blackmail. The Chinese now hold a blackmail instruction manual for millions of targets.

These background checks are also a treasure trove of names, containing sensitive information on an applicant’s spouse, children, extended family, friends, neighbors, employers, landlords. Each of those people is also now a target, and in ways they may not contemplate. In many instances the files contain reports on applicants compiled by federal investigators, and thus may contain information that the applicant isn’t aware of.

Of particular concern are federal contractors and subcontractors, who rarely get the same security training as federal employees, and in some scenarios don’t even know for what agency they are working. These employees are particularly ripe targets for highly sophisticated phishing emails that attempt to elicit sensitive corporate or government information.

The volume of data also allows the Chinese to do what the intell pros call “exclusionary analysis.” We’re told, for instance, that some highly sensitive agencies don’t send their background checks to OPM. So imagine a scenario in which the Chinese look through the names of 30 State Department employees in a U.S. embassy. Thanks to their hack, they’ve got information on 27 of them. The other three they can now assume are working, undercover, for a sensitive agency. Say, the CIA.

Or imagine a scenario in which the Chinese cross-match databases, running the names of hacked U.S. officials against, say, hotel logs. They discover that four Americans on whom they have background data all met at a hotel on a certain day in Cairo, along with a fifth American for whom they don’t have data. The point here is that China now has more than enough information to harass U.S. agents around the world.

And not only Americans. Background checks require Americans to list their contacts with foreign nationals. So the Chinese may now have the names of thousands of dissidents and foreigners who have interacted with the U.S. government. China’s rogue allies would no doubt also like this list.

This is a failure of extraordinary proportions, yet even Congress doesn’t know its extent. The Administration is still refusing to say, even in classified briefings, which systems were compromised, which files were taken, or how much data was at risk.

***
While little noticed, the IRS admitted this spring it was also the subject of a Russian hack, in which thieves grabbed 100,000 tax returns and requested 15,000 fraudulent refunds. Officials have figured out that the hackers used names and Social Security data to pretend to be the taxpayers and break through weak IRS cyber-barriers. As Wisconsin Senator Ron Johnson has noted, the Health and Human Services Department and Social Security Administration use the same weak security wall to guard ObamaCare files and retirement information. Yet the Administration is hardly rushing to fix the problem.

Way back in March 2014, OPM knew that Chinese hackers had accessed its system without having downloaded files. So the agency was on notice as a target. It nonetheless failed to stop the two subsequent successful breaches. If this were a private federal contractor that had lost sensitive data, the Justice Department might be contemplating indictments.

Yet OPM director Katherine Archuleta and chief information officer Donna Seymour are still on the job. Mr. Obama has defended Ms. Archuleta, and the Administration is trying to change the subject by faulting Congress for not passing a cybersecurity bill. But that legislation concerns information sharing between business and government. It has nothing to do with OPM and the Administration’s failure to protect itself from cyber attack.

Ms. Archuleta appears before Congress this week, and she ought to remain seated until she explains the extent of this breach. While Russia and Islamic State are advancing abroad, the Obama Administration may have allowed a cyber 9/11 at home.

Obama has Synchronized Iran’s Nuclear Program

Posted on by

Consider the stated position of the Supreme leader of Iran:

Reuters and AFP – Iran’s Supreme Leader Ayatollah Ali Khamenei has stated his country’s red lines for a nuclear deal with six world powers.

“Freezing Iran’s research and development for a long time like 10 or 12 years is not acceptable,” Khamenei said in a speech broadcast live on June 23.

Khamenei, who has the final say for Iran on any deal, added that all financial and economic sanctions “should be lifted immediately” if an agreement is signed.

Britain, France, Germany, China, Russia, and the United States want Tehran to commit to a verifiable halt of at least 10 years on sensitive nuclear development work as part of a deal they aim to reach by a June 30 deadline. In exchange, they are offering relief from economic sanctions.

Khamenei reiterated that Iran would not give international inspectors access to its military sites and accused the United States of wanting to destroy Iran’s nuclear industry.

The six powers want limits on Tehran’s programs that could have a military use.

Tehran denies it is pursuing nuclear weapons.

***

When the NYT finally prints an explosive fantasy piece on what the White House and John Kerry at the State Department are doing with Iran, one needs to take notice. The New York Times calls this Iran agreement a ‘fatal flaw’.

The Iran Deal’s Fatal Flaw

PRESIDENT OBAMA’S main pitch for the pending nuclear deal with Iran is that it would extend the “breakout time” necessary for Iran to produce enough enriched uranium for a nuclear weapon. In a recent interview with NPR, he said that the current breakout time is “about two to three months by our intelligence estimates.” By contrast, he claimed, the pending deal would shrink Iran’s nuclear program, so that if Iran later “decided to break the deal, kick out all the inspectors, break the seals and go for a bomb, we’d have over a year to respond.”

Unfortunately, that claim is false, as can be demonstrated with basic science and math.  Most important, in the event of an overt attempt by Iran to build a bomb, Mr. Obama’s argument assumes that Iran would employ only the 5,060 centrifuges that the deal would allow for uranium enrichment, not the roughly 14,000 additional centrifuges that Iran would be permitted to keep mainly for spare parts. Such an assumption is laughable. In a real-world breakout, Iran would race, not crawl, to the bomb.  Iran stands to gain enormously. The deal would lift nuclear-related sanctions, thereby infusing Iran’s economy with billions of dollars annually. In addition, the deal could release frozen Iranian assets, reportedly giving Tehran a $30 billion to $50 billion “signing bonus.”

Showering Iran with rewards for making illusory concessions poses grave risks. It would entrench the ruling mullahs, who could claim credit for Iran’s economic resurgence. The extra resources would also enable Iran to amplify the havoc it is fostering in neighboring countries like Iraq, Syria, Lebanon and Yemen.

Worst of all, lifting sanctions would facilitate a huge expansion of Iran’s nuclear program. Ayatollah Ali Khamenei, Iran’s supreme leader, says that he wants 190,000 centrifuges eventually, or 10 times the current amount, as would appear to be permissible under the deal after just 10 years. Such enormous enrichment capacity would shrink the breakout time to mere days, so that Iran could produce enough weapons-grade uranium for a bomb before we even knew it was trying — thus eliminating any hope of our taking preventive action.

Nothing in the pending deal is worth such risks. Read the full article in context here.

*** But is getting worse as new documents demonstrate.

Reported by Fox News via Associated Press:

The United States and its allies are willing to offer Iran state-of-the-art nuclear equipment if Tehran agrees to pare down its atomic weapons program as part of a final nuclear agreement, a draft document has revealed.

The confidential paper, obtained by the Associated Press, has dozens of bracketed text where disagreements remain. Technical cooperation is the least controversial issue at the talks, and the number of brackets suggest the sides have a ways to go, not only on that topic but also more contentious disputes, with less than a week until the June 30 deadline for a deal.

However, the scope of the help now being offered in the draft may displease U.S. congressional critics who already argue that Washington has offered too many concessions at the negotiations.

The draft, titled “Civil Nuclear Cooperation,” promises to supply Iran with light-water nuclear reactors instead of its nearly completed heavy-water facility at Arak, which would produce enough plutonium for several bombs a year if completed as planned. The full details are here.

Civil Nuclear Cooperation platform is not new.

Chilling are the following facts:

Russia and Saudi Arabia have signed a nuclear cooperation agreement. The U.S. has done the same with Korea. Then comes Pakistan learning from U.S. and India where pacts could lead to even more proliferation globally.

For a more detailed summary of the Nuclear Cooperation agreements, take a look at a surface review on equipment, supply and banks in the matter of Korea.

 

Cyber Conflict, Chaos and Calamity

Posted on by

There have been several Congressional hearings on cyber-terrorism, yet with such an emergency and threat, no solution is forthcoming.

From AEI: “America’s intelligence leaders have made clear the biggest threat today is cyber and counterintelligence. Who are the largest perpetrators of these types of attacks? The intelligence report singles out Russia and China as first examples. These nations have “highly sophisticated cyber programs” and are regularly conducting “politically motivated” attacks. What are they up to exactly? Countries such as China are “reconnoitering and developing access to US critical infrastructure systems, which might be quickly exploited for disruption if an adversary’s intent became hostile.” Back in 2013, Verizon released a report detailing Chinese hackers lurking around inside American industrial control systems—the cyber equivalent to casing a robbery target. In 2014 alone, the FBI investigated a likely Russian hacking campaign against American banking backbone JP Morgan, while two cybersecurity firms blamed Iran for a major campaign against US critical infrastructure like major airliners, medical universities, and energy companies. As the year ended, the US government publicly accused North Korea of a devastating cyberattack against Sony.”

When of Office of National Intelligence produced a report, the first chapter is on cyber threats.

“Risk. Despite ever-improving network defenses, the diverse possibilities for remote hacking intrusions, supply chain operations to insert compromised hardware or software, and malevolent activities by human insiders will hold nearly all ICT systems at risk for years to come. In short, the cyber threat cannot be eliminated; rather, cyber risk must be managed. Moreover, the risk calculus employed by some private sector entities does not adequately account for foreign cyber threats or the systemic interdependencies between different critical infrastructure sectors.

Costs. During 2014, we saw an increase in the scale and scope of reporting on malevolent cyber activity that can be measured by the amount of corporate data stolen or deleted, personally identifiable information (PII) compromised, or remediation costs incurred by US victims. “

The stakes are higher than anyone will admit, most of all the White House. The Office of Personnel Management hack of personnel files now appears to exceed 18 million individuals. “FBI Director James Comey gave the 18 million estimate in a closed-door briefing to Senators in recent weeks, using the OPM’s own internal data, according to U.S. officials briefed on the matter. Those affected could include people who applied for government jobs, but never actually ended up working for the government.”

Just announced as a possible additional agency falling victim to hacking is the National Archives and Records Administration (NARA). What is chilling about this probability is all government reports, records and communications are by law to be maintained by NARA., even classified material.

EXCLUSIVE: Signs of OPM Hack Turn Up at Another Federal Agency

The National Archives and Records Administration recently detected unauthorized activity on three desktops indicative of the same hack that extracted sensitive details on millions of current and former federal employees, government officials said Monday. The revelation suggests the breadth of one of the most damaging cyber assaults known is wider than officials have disclosed.

The National Archives’ own intrusion-prevention technology successfully spotted the so-called indicators of compromise during a scan this spring, said a source involved in the investigation, who was not authorized to speak publicly about the incident. The discovery was made soon after the Department of Homeland Security’s U.S. Computer Emergency Readiness Team published signs of the wider attack — which targeted the Office of Personnel Management — to look for at agencies, according to NARA.

It is unclear when NARA computers were breached. Suspected Chinese-sponsored cyberspies reportedly had been inside OPM’s networks for a year before the agency discovered what happened in April. Subsequently, the government uncovered a related attack against OPM that mined biographical information on individuals who have filed background investigation forms to access classified secrets.

The National Archives has found no evidence intruders obtained “administrative access,” or took control, of systems, but files were found in places they did not belong, the investigator said.

NARA “systems” and “applications” were not compromised, National Archives spokeswoman Laura Diachenko emphasized to Nextgov,  “but we detected IOCs,” indicators of compromise, “on three workstations, which were cleaned and re-imaged,” or reinstalled.

“Other files found seemed to be legitimate,” such as those from a Microsoft website, she said. “We have requested further guidance from US-CERT on how to deal with these” and are still awaiting guidance on how to proceed.

It will take additional forensics assessments to determine whether attackers ever “owned” the National Archives computers, the investigator said.

Diachenko said, “Continued analysis with our monitoring and forensic tools has not detected any activity associated with a hack,” including alerts from the latest version of a governmentwide network-monitoring tool called EINSTEIN 3A.

EINSTEIN, like NARA’s own intrusion-prevention tool, is now configured to detect the tell-tale signs of the OPM attack.

“OPM isn’t the only agency getting probed by this group,” said John Prisco, president of security provider Triumphant, the company that developed the National Archives’ tool. “It could be happening in lots of other agencies.”

Prisco said he learned of the incident at a security industry conference June 9, from an agency official the company has worked with for years.

“They told us that they were really happy because we stopped the OPM attack in their agency,” Prisco said.

The malicious operation tries to open up ports to the Internet, so it can excise information, Prisco said.

“It’s doing exploration work laterally throughout the network and then it’s looking for a way to communicate what it finds back to its server,” he added.

Homeland Security officials on Monday would not confirm or deny the situation at the National Archives. DHS spokesman S.Y. Lee referred to the department’s earlier statement about the OPM hack: “DHS has shared information regarding the potential incident with all federal chief information officers to ensure that all agencies have the knowledge they need to defend against this cybersecurity incident.”

The assault on OPM represents the seventh raid on national security-sensitive or federal personnel information over the past year.

Well-funded hackers penetrated systems at the State Department, the White House, U.S. Postal Service and, previously in March 2014, OPM. Intruders also broke into networks twice at KeyPoint Government Solutions, an OPM background check provider, and once at USIS, which conducted most of OPM’s employee investigations until last summer.

On Wednesday, the House Oversight and Government Reform Committee is scheduled to hold a hearing on the OPM incident that, among other things, will examine the possibility that hackers got into the agency’s systems by using details taken from the contractors.