Category Archives: Cyber War

General Milley on our Enemies with Emphasis on Russia

Posted on by

   

Primer: For all you pro Russian and pro Putin types out there:

What you Need to Know About the Gerasimov Doctrine’

and

Russian Hybrid Warfare: How to Confront a New Challenge to the West

***

Military: The U.S. Army‘s chief of staff on Tuesday issued a stern warning to potential threats such as Russia and vowed the service will defeat any foe in ground combat.

“The strategic resolve of our nation, the United States, is being challenged and our alliances tested in ways that we haven’t faced in many, many decades,” Army Chief of Staff Gen. Mark Milley told an audience at the Association of the United States Army’s annual meeting in Washington, D.C.

“I want to be clear to those who wish to do us harm … the United States military — despite all of our challenges, despite our [operational] tempo, despite everything we have been doing — we will stop you and we will beat you harder than you have ever been beaten before. Make no mistake about that.”

Milley’s comments come during an election year in which voters will decide a new president and commander in chief — and a period of increased military activity of near-peer competitors, including Russia and China.

The Army has struggled to rebuild its readiness after more than a decade of extended combat operations in Iraq and Afghanistan. The service has significantly cut the size of its force since the Cold War and decreased its modernization budget in the last decade, Milley said.

“While we focused on the counter-terrorist fight, other countries — Russia, Iran, China, North Korea — went to school on us,” he said. “They studied our doctrine, our tactics, our equipment, our organization, our training, our leadership. And, in turn, they revised their own doctrines, and they are rapidly modernizing their military today to avoid our strengths in hopes of defeating us at some point in the future.”

Milley also quoted a senior Russian official as saying publicly, “The established world order is undergoing a foundational shake-up” and that “Russia can now fight a conventional war in Europe and win.”

The general warned that future warfare with a near-peer adversary will “be highly lethal, unlike anything our Army has experienced at least since World War II.”

“Our formations will likely have to be small; we will have to move constantly,” he said. “On the future battlefield, if you stay in one place for longer than two or three hours, you will be dead.”

Despite the challenges, Milley said the Army will adapt to survive such a dangerous battlefield.

“It’s a tall order for sure — to project power into contested theaters, fight in highly populated urban areas, to survive and win on intensely lethal and distributed battlefields and to create leaders and soldiers who can prevail. Tough? Yes. But impossible? Absolutely not,” Milley said.

“Make no mistake about it, we can now and we will … retain the capability to rapidly deploy,” he said, “and we will destroy any enemy anywhere, any time.”

**** So what is percolating globally and against the United States that has the Pentagon concerned?

Using the same provocations that Iran has used against the United States, Russia is doing the same thing.

Nato jets scrambled as Russian bombers fly south

Two Russian Blackjack bombers were intercepted by fighter jets from four European countries as they flew from the direction of Norway to northern Spain and back, it has emerged. Norway, the UK, France and Spain all scrambled jets as the TU-160 planes skirted the airspace of each country. It comes at a time of heightened tension between the West and Russia. Correspondents say the frequency of Russian bombers being intercepted by Nato planes has increased markedly. Spanish media say it is the furthest south such an operation has had to take place. More here from the BBC.

Map locator

Given the failed truce or cease fire agreement regarding Syria, it was announced by John Kerry and approved by the White House and National Security Council to walk away fully from Russia and seek other avenues with regard to the deadly civil war in Syria. As noted, last week before the Senate, it was admitted there was no Plan B.

In recent months, Russia has been quite aggressive and militant towards Americans in Moscow and other cities in Russia. Some diplomats have been beaten up, robbed and their homes broken into. The most recent incident involved some Americans being drugged.

“We are outraged,” Russian Deputy Foreign Minister Sergey Ryabkov said in a statement posted on the Russian Foreign Ministry website, adding the claim may have been the work of the US State Department seeking “revenge” for the collapse of talks between the two counties to address the situation in Syria.
 
Russia’s denial came after a report two days ago by Radio Free Europe/Radio Liberty that the diplomats — a man and a woman who were not senior officials — allegedly had their drinks spiked with a date-rape drug while attending a United Nations convention on corruption last November. The report, attributed to anonymous sources, said the State Department quietly protested the incident to Russian officials.
The story also said one of the diplomats had been treated at a “Western medical clinic” – which Russia said was not true. More here from CNN.
American personnel and diplomats are being evacuated from talks and some ground operations in Syria where and when the bloodshed continues in Aleppo.

Russia had agreed to a cease-fire last month, but that fell apart quickly. Russia argues that the United States has failed in its commitment to separate the moderate rebel groups it supports from more radical factions such as the Syrian branch of Al Qaeda.

Kirby said the United States will withdraw a team that had been dispatched to open a so-called joint implementation center, in which Russian and American armed forces were going to join efforts to fight Islamic State and other jihadi groups.

Also Monday, Russian President Vladimir Putin signed a decree suspending his country’s participation in a treaty with the U.S. designed to eliminate nuclear weapons.

Putin cited “a threat to strategic stability as a result of USA’s unfriendly acts toward Russia.” This was a reference to a deepening diplomatic spat between the Kremlin and the White House over Syria, as well as tensions and sanctions that followed Russia’s 2014 takeover of Crimea and its support to separatists in eastern Ukraine.

It is the latest action by Russia that serves to unwind the nuclear-cooperation and weapons treaties that have governed the relationship between the U.S. and Russia in the years after the Soviet dissolution.

The U.S. said it would continue to participate in multilateral talks over Syria, aimed at achieving a cessation of hostilities and the delivery of aid, and would communicate with Russia regarding airstrikes to avoid collisions.

Last week, when it first threatened to suspend Syria talks with Russia, Washington said it would consider other options, including additional financial sanctions or even military operations. More here from the LATimes.

Then it appears the National Security Council and the State Department pinged the United Nations for some action….well kinda sorta.

The United States virtually blocked the United Nations Security Council’s statement that condemned the mortaring of Russia’s embassy in Damascus, Russia’s Permanent Mission to the global organization said.

“It was actually blocked by the U.S. delegation, which tried to bring outside elements into a standard text. Brits and Ukrainians clumsily helped Americans,” the mission said.

It said that the behavior of the three countries “testifies to their blatant disrespect for the Vienna Convention on Diplomatic Relations”, which demands to protect diplomatic and consular facilities and personnel.

The Russian mission said that “when such crimes were committed earlier, including against the diplomatic missions of Western countries, Russia has always unconditionally supported their condemnation by the Security Council.”

“We have to state that the moral principles of some of our colleagues in the Security Council have seriously teetered,” it said. More here from TASS.

Russia is taking all precautions forecasting future aggressions in Syria as they installed the S-300 anti-aircraft missile defense system at the Russia base of Tartus which is near Latakia, Syria on the Mediterranean Sea.

Further there is the matter of the Baltics and Ukraine. Control and management of the Mediterranean and the Black Sea is at risk.

NATO members must increase the alliance’s military capabilities, position additional forces in the Baltics and Eastern Europe, establish a maritime force in the Black Sea and bolster its presence in the Arctic, all to counter Russia’s growing military strength and increasingly belligerent behavior toward its neighbors, the Atlantic Council said in a new report.

The report, “Restoring the Power and Purpose of the NATO Alliance,” also urges America’s leaders to strengthen U.S. leadership of NATO, work to restore public support for the trans-Atlantic alliance and “counter those who threaten to withdraw U.S. support for NATO.” And it calls on alliance members to maintain their commitment to securing Afghanistan and to increase military assistance and intelligence-sharing with “its Arab partners” in response to the spreading terrorist threat.

The policy paper was crafted by a team led by former veteran diplomatic Nicholas Burns, who was the U.S. ambassador to NATO, and retired Gen. James Jones, a former Marine Corps commandant and Supreme Allied Commander in Europe. The report was prepared ahead of next month’s NATO summit in Warsaw. More here.

What about the Arctic?

Russia: Militarizing the Arctic

While the Arctic region remains peaceful, Russia’s recent steps to militarize the Arctic, coupled with its bellicose behavior toward its neighbors, makes the Arctic a security concern. Russia’s Maritime Doctrine of Russian Federation 2020, adopted in July 2015, lists the Arctic as one of two focal points, the other being the Atlantic.[1]

Russia’s Northern Fleet, which is based in the Arctic, now counts for two-thirds of the Russian Navy. A new Arctic command was established in 2015 to coordinate all Russian military activities in the Arctic region.[2] Underwater, Russian submarines are operating at a rate not seen since the end of the Cold War. Indeed, Admiral Viktor Chirkov, commander-in-chief of the Russian navy, stated in 2015 that the navy had ramped up submarine patrols by 50 percent from just 2013.[3]

Over the next few years, two new so-called Arctic brigades will be permanently based in the Arctic region, and Russian special forces have been training in the region. Soviet-era facilities have been re-opened; Russia is expected to have nine operative airfields in the Arctic by 2018.[4] Russia has reportedly also placed radar and S-300 missiles on the Arctic bases at Franz Joseph Land, New Siberian Islands, Novaya Zemlya, and Severnaya Zemlya.[5] Russia’s ultimate goal is to deploy a combined arms force in the Arctic by 2020, and this plan appears to be on track.[6] In early June, the Russian Navy showed off its first new icebreaker in 45 years.[7]

As an Arctic power, Russia’s military presence in the region is to be expected. However, it should be viewed with some caution in light of recent Russian aggression in its neighborhood. The former Supreme Allied Commander of Europe, General Philip Breedlove, described Russian activity in the Arctic as “increasingly troubling,” stating: “Their increase in stationing military forces, building and reopening bases, and creating an Arctic military district—all to counter an imagined threat to their internationally undisputed territories—stands in stark contrast to the conduct of the seven other Arctic nations.”[8]. More here from Heritage.

****

ABC: The Russians are already there in force. Last year, they staged a military exercise in the Arctic as seen in this Russian Ministry of Defense footage.

It involved about 40,000 troops, 15 submarines, 41 warships and multiple aircraft.  No one disputes their right to do that on their own territory.  It’s just that it wasn’t announced.

Philip Breedlove: We pre-announce ours.  No one is surprised by them whereas the exercise that Russia did was a snap exercise which is a bit destabilizing.

Until May of this year, retired four-star General Philip Breedlove was the supreme Allied commander of NATO with responsibility for the Arctic.

What else is destabilizing, he says, is Russia’s military build up along something called the Northern Sea Route skirting the Russian Arctic coastline. The route could become an alternative to the Suez Canal, saving huge amounts of time and money for the commercial shipping industry.

Philip Breedlove: I have heard as much as 28 days decrease in some of the transit from the northern European markets to the Asian markets. That is an incredible economic opportunity. And it could be a very boon— big boon to business around the world.

Lesley Stahl: What would it mean if the Russians did gain control over the Northern Sea route?

Philip Breedlove: If the Russians had the ability to militarily hold that at ransom, that is a big lever over the world economy.

Related reading: Russia’s Military Sophistication in the Arctic Sends Echoes of the Cold War

DHS Officially Issues Alert on Election Hacking

Posted on by

Related reading: Hacking an election is about influence and disruption, not voting machines

DHS Issues Alert on U.S. Election Hacking

The United States Department of Homeland Security has issued an Intelligence Assessment on the Cyber Threats and Vulnerabilities to U.S. Election Infrastructure. The report, which primarily downplays the risk of hacking election systems appears to conflict with recent FBI Director testimony stating that at least 20 states have been electronically probed with four suffering hacking related intrusions. The report does note that “multiple elements of US election infrastructure are potentially vulnerable to cyber intrusions. The risk to US computer-enabled election systems varies from county to county, between types of devices used, and among processes used by polling stations.”

The key judgments also include:

  • DHS has no indication that adversaries or criminals are planning cyber operations against US election infrastructure that would change the outcome of the coming US election. Multiple checks and redundancies in US election infrastructure—including diversity of systems, non-Internet connected voting machines, pre-election testing, and processes for media, campaign, and election officials to check, audit, and validate results—make it likely that cyber manipulation of US election systems intended to change the outcome of a national election would be detected.
  • We judge cybercriminals and criminal hackers are likely to continue to target personally identifiable information (PII), such as that available in voter registration databases. We have no indication, however, that criminals are planning theft of voter information to disrupt or alter US computer-enabled election infrastructure.

Other elements of the report, note the resiliency of the voting infrastructure, but also the potential for nation-state disruption.

No Indication of Cyber Operations to Change Vote Outcome

  • DHS has no indication that adversaries or criminals are planning cyber operations against US election infrastructure that would change the outcome of the coming US election. Multiple checks and redundancies in US election infrastructure—including diversity of systems, non-Internet connected voting machines, pre-election testing, and processes for media, campaigns and election officials to check, audit, and validate results—make it likely that cyber manipulation of US election systems intended to change the outcome of a national election would be detected.
  • We assess that successfully mounting widespread cyber operations against US voting machines, enough to affect a national election, would require a multiyear effort with significant human and information technology resources available only to a nation-state. The level of effort and scale required to change the outcome of a national election, however, would make it nearly impossible to avoid detection. This assessment is based on the diversity of systems, the need for physical access to compromise voting machines, and the security and pre-election testing employed by state and local officials.* In addition, the vast majority of localities engage in logic and accuracy testing, which work to ensure voting machines operate and tabulate as expected—before, during, and after the election.
  • We judge, as a whole, voter registration databases are resilient to systemic, nationwide cyber manipulation because of the diverse systems and security measures surrounding them. Targeted intrusions against individual voter registration databases, however, are possible. Additionally, with illicit access, manipulation of voter data, or disruptions to their availability, may impact a voter’s ability to vote on Election Day. Most jurisdictions, however, still rely on paper voter rolls or electronic poll books that are not connected in real-time to voter registration databases, limiting the possible impacts in 2016.
  • Voting precincts in more than 3,100 counties across the United States use nearly 50 different types of voting machines produced by 14 different manufacturers. The diversity in voting systems and versions of voting software provides significant security by complicating attack planning. Most voting machines do not have active connections to the Internet.
  • We assess the impact of an intrusion into vote tabulation systems would likely be contained to the manipulation of unofficial Election Night reporting results, which would not impact the certified outcome of an election, but could undermine public confidence in the results. In addition, local election officials, media organizations, and political campaigns carefully monitor local voting patterns, particularly in electorally significant jurisdictions, and are likely to detect and begin investigating potential anomalies quickly.

Non-State Actors Likely To Continue Targeting PII, Potentially Attempt Disruption

  • We judge cybercriminals and criminal hackers are likely to continue to target voter PII. We have no indication, however, that cybercriminals are planning theft of voter information to disrupt or alter computer-enabled US election infrastructure voting. Politically-motivated criminal hackers could attempt temporary disruptive cyber attacks, such as denial-of-service (DoS) attacks or web defacements against election-related websites, in the lead-up to or during the election process. Disruptive attacks could target public-facing state and local government websites, potentially including election infrastructure used to report election results to the general public and media; however, we judge this activity would likely have little impact on the voting process itself.
  • Unknown cyber actors in mid-July used an open-source scanning tool to identify and exploit a structured query language (SQL) injection vulnerability and exfiltrate PII from a Midwestern state board of elections website, according to FBI sources with excellent access and information provided by a cybersecurity organization supporting states. In at least three other states, voting and non-voting related websites during the same period observed unsuccessful SQL injection attacks from unknown actors, according to the same reporting.
  • Cybercriminals routinely attempt exploitation of misconfigured and vulnerable websites and webservers via SQL injection, brute force login attempts, cross-site scripting, and other publicly known vulnerabilities, according to DHS reporting from sources with direct access.
  • Criminal hackers routinely engage in disruptive attacks such as website defacement and DoS attacks, through exploiting publicly known vulnerabilities and for-hire DoS tools, according to DHS reporting from reliable sources with direct access.

Vulnerability of Computer-Enabled Election Systems

  • We assess multiple elements of US election infrastructure are potentially vulnerable to cyber intrusions. The risk to computer-enabled election systems, however, varies from county to county, between types of devices used and among processes used by polling stations.
  • Electronic Voting Systems: Security researchers have repeatedly demonstrated in laboratory testing environments that voting machines are vulnerable to compromise, usually with physical access, and such compromises could result in the manipulation of vote totals. Election outcomes would only be impacted if the compromise happened on a large scale across multiple machines or jurisdictions—which we judge to be beyond the capability of any adversary—or in cases of smaller local elections where the margin of victory is at a smaller scale.
  • Voter Registration Databases: Online voter registration systems provide a potential point of vulnerability to enable cyber actors to gain illicit access to voter registration databases. Cyber actors have exploited these portals in the past to gain illicit access to voter information. Compromises of voter registration databases have resulted in the potential release of PII, but not the modification of records—with the exception of one unconfirmed incident of voter registration manipulation reported by US media. The exposure of voters’ information would have limited impact on the integrity of the election process; however, it could undermine confidence in the system and provide the ability to conduct further cyber operations.
  • Public Dissemination of Voting Results: State government information technology solutions generally include a public-facing Internet-connected portion that is used to report election results to the general public and media, which some states have begun migrating to the cloud due to Election Day demand. Vulnerabilities in the public-facing Internet portion could be used to display inaccurate vote results to the public and media. Election Day results are not the official results of the state or local jurisdiction.

election-hacking

NSA Hacker Secretly Arrested

Posted on by

N.S.A. Contractor Arrested in Possible New Theft of Secrets

NYT’s/ WASHINGTON— The F.B.I. secretly arrested a National Security Agency contractor in recent weeks and is investigating whether he stole and disclosed highly classified computer codes developed to hack into the networks of foreign governments, according to several senior law enforcement and intelligence officials.

The theft raises the embarrassing prospect that for the second time in three years an insider has managed to steal highly damaging secret information from the N.S.A. In 2013, Edward J. Snowden, who was also a contractor for the agency, took a vast trove of documents that were later passed to journalists, exposing N.S.A. surveillance programs in the United States and abroad.

The information believed stolen by this contractor — who like Mr. Snowden worked for the consulting firm Booz Allen Hamilton, which is responsible for building and operating many of the agency’s most sensitive cyberoperations — appears to be different in nature from Mr. Snowden’s theft.

The contractor arrested in recent weeks is suspected of taking the highly classified “source code” developed by the agency to break into computer systems of adversaries like Russia, China, Iran and North Korea. Two officials said that some of the information the contractor is suspected of taking was dated.

TheJusticeDept says it has filed charges against a govt contractor with top secret clearance, accuses him of taking classified documents

**** In the biggest hack of the NSA since the Snowden scandal in 2013, in mid-August we reported that a mysterious group calling itself the “Shadow Brokers” had managed to hack the NSA’s Equation Group –  a government cyberattack hacking group associated with the NSA, and released a bunch of the organization’s hacking tools. The “group” also notably said that if it received 1,000,000 Bitcoins, worth roughly $560 million at the time, it would release all the hacked files. As the NYT reported moments ago, an NSA contractor, Harold Thomas Martin III, age 51, from Glen Burnie, MD was arrested on August 29th, with the FBI investigating whether he is the party responsible for stealing and disclosing highly classified computer codes developed to hack into the networks of foreign governments. More here.

****

Harold Thomas Martin III of Glen Burnie, Maryland, was charged in a criminal complaint. Among the classified documents found with Martin, the government says, were six that contain sensitive intelligence – meaning they were produced through sensitive government sources or methods that are critical to national security issues – and date back to 2014. All the documents were clearly marked as classified information, according to the criminal complaint.

Investigators also found stolen property valued at more than $1,000 at Martin’s residence or vehicle. He voluntarily agreed to an interview, officials said.

“Martin at first denied, and later when confronted with specific documents, admitted he took documents and digital files from his work assignment to his residence and vehicle that he knew were classified,” according to the complaint, despite not having the authorization to do so.

The Justice Department’s top national security official, John Carlin, said in Boston that the arrest pointed to the threat posed by insiders.

Martin has been in custody since a court appearance in August.  Associated Press

Ah, Yahoo has Been Secretly Sweeping Your Emails

Posted on by

Primer: Report: Yahoo hack may have compromised up to 3B accounts

Exclusive: Yahoo secretly scanned customer emails for U.S. intelligence

SAN FRANCISCO (Reuters) – Yahoo Inc last year secretly built a custom software program to search all of its customers’ incoming emails for specific information provided by U.S. intelligence officials, according to people familiar with the matter.

The company complied with a classified U.S. government directive, scanning hundreds of millions of Yahoo Mail accounts at the behest of the National Security Agency or FBI, said two former employees and a third person apprised of the events.

Some surveillance experts said this represents the first case to surface of a U.S. Internet company agreeing to a spy agency’s demand by searching all arriving messages, as opposed to examining stored messages or scanning a small number of accounts in real time.

It is not known what information intelligence officials were looking for, only that they wanted Yahoo to search for a set of characters. That could mean a phrase in an email or an attachment, said the sources, who did not want to be identified.

Reuters was unable to determine what data Yahoo may have handed over, if any, and if intelligence officials had approached other email providers besides Yahoo with this kind of request.

Related reading: Verizon is buying Yahoo for $4.8 billion

According to the two former employees, Yahoo Chief Executive Marissa Mayer’s decision to obey the directive roiled some senior executives and led to the June 2015 departure of Chief Information Security Officer Alex Stamos, who now holds the top security job at Facebook Inc.”Yahoo is a law abiding company, and complies with the laws of the United States,” the company said in a brief statement in response to Reuters questions about the demand. Yahoo declined any further comment.

Through a Facebook spokesman, Stamos declined a request for an interview.

The NSA referred questions to the Office of the Director of National Intelligence, which declined to comment.

The demand to search Yahoo Mail accounts came in the form of a classified directive sent to the company’s legal team, according to the three people familiar with the matter.

U.S. phone and Internet companies are known to have handed over bulk customer data to intelligence agencies. But some former government officials and private surveillance experts said they had not previously seen either such a broad directive for real-time Web collection or one that required the creation of a new computer program.

“I’ve never seen that, a wiretap in real time on a ‘selector,'” said Albert Gidari, a lawyer who represented phone and Internet companies on surveillance issues for 20 years before moving to Stanford University this year. A selector refers to a type of search term used to zero in on specific information.

“It would be really difficult for a provider to do that,” he added.

Experts said it was likely that the NSA or FBI had approached other Internet companies with the same demand, since they evidently did not know what email accounts were being used by the target. The NSA usually makes requests for domestic surveillance through the FBI, so it is hard to know which agency is seeking the information.

Reuters was unable to confirm whether the 2015 demand went to other companies, or if any complied.

Alphabet Inc’s Google and Microsoft Corp, two major U.S. email service providers, did not respond to requests for comment.

CHALLENGING THE NSA

Under laws including the 2008 amendments to the Foreign Intelligence Surveillance Act, intelligence agencies can ask U.S. phone and Internet companies to provide customer data to aid foreign intelligence-gathering efforts for a variety of reasons, including prevention of terrorist attacks.

Disclosures by former NSA contractor Edward Snowden and others have exposed the extent of electronic surveillance and led U.S. authorities to modestly scale back some of the programs, in part to protect privacy rights.

Companies including Yahoo have challenged some classified surveillance before the Foreign Intelligence Surveillance Court, a secret tribunal.

Some FISA experts said Yahoo could have tried to fight last year’s directive on at least two grounds: the breadth of the demand and the necessity of writing a special program to search all customers’ emails in transit.

Apple Inc made a similar argument earlier this year when it refused to create a special program to break into an encrypted iPhone used in the 2015 San Bernardino massacre. The FBI dropped the case after it unlocked the phone with the help of a third party, so no precedent was set.

Other FISA experts defended Yahoo’s decision to comply, saying nothing prohibited the surveillance court from ordering a search for a specific term instead of a specific account. So-called “upstream” bulk collection from phone carriers based on content was found to be legal, they said, and the same logic could apply to Web companies’ mail.

As tech companies become better at encrypting data, they are likely to face more such requests from spy agencies.

Former NSA General Counsel Stewart Baker said email providers “have the power to encrypt it all, and with that comes added responsibility to do some of the work that had been done by the intelligence agencies.”

SECRET SIPHONING PROGRAM

Mayer and other executives ultimately decided to comply with the directive last year rather than fight it, in part because they thought they would lose, said the people familiar with the matter.

Yahoo in 2007 had fought a FISA demand that it conduct searches on specific email accounts without a court-approved warrant. Details of the case remain sealed, but a partially redacted published opinion showed Yahoo’s challenge was unsuccessful.

Some Yahoo employees were upset about the decision not to contest the more recent directive and thought the company could have prevailed, the sources said.

They were also upset that Mayer and Yahoo General Counsel Ron Bell did not involve the company’s security team in the process, instead asking Yahoo’s email engineers to write a program to siphon off messages containing the character string the spies sought and store them for remote retrieval, according to the sources.

The sources said the program was discovered by Yahoo’s security team in May 2015, within weeks of its installation. The security team initially thought hackers had broken in.

When Stamos found out that Mayer had authorized the program, he resigned as chief information security officer and told his subordinates that he had been left out of a decision that hurt users’ security, the sources said. Due to a programming flaw, he told them hackers could have accessed the stored emails.

Stamos’s announcement in June 2015 that he had joined Facebook did not mention any problems with Yahoo. (http://bit.ly/2dL003k)

In a separate incident, Yahoo last month said “state-sponsored” hackers had gained access to 500 million customer accounts in 2014. The revelations have brought new scrutiny to Yahoo’s security practices as the company tries to complete a deal to sell its core business to Verizon Communications Inc for $4.8 billion.

(Reporting by Joseph Menn; Editing by Jonathan Weber and Tiffany Wu)

 

JASTA Sees its First Lawsuit, this one Against Iran

Posted on by

Post reporter Jason Rezaian and his family file federal lawsuit against Iranian government

Washington Post reporter Jason Rezaian and his family filed a federal lawsuit Monday against the Iranian government, claiming he was taken hostage and psychologically tortured during his 18 months in prison in an effort by Tehran to influence negotiations for a nuclear agreement with Iran.

Related reading: JASTA, Saudi Arabia

The suit, filed in U.S. District Court in the District of Columbia, says Rezaian was targeted for arrest to gain advantage in a prisoner exchange and to “extort” concessions from the U.S. government in the multinational talks over lifting sanctions if Iran agreed to limits on its nuclear program.

[Read the full lawsuit filed by the Rezaian family]

Iranian officials repeatedly told Rezaian and his wife, Yeganeh Salehi, who also was detained for more than two months, that Rezaian had “value” as a bargaining chip for a prisoner swap, the suit says. The filing also links key moments in the nuclear negotiations to Rezaian’s treatment in the judicial system, from arrest to conviction to sentencing, and ultimately his release on the day the deal was implemented. “For nearly eighteen months, Iran held and terrorized Jason for the purpose of gaining negotiating leverage and ultimately exchanging him with the United States for something of value to Iran,” the suit states.

Rezaian, his brother, Ali Rezaian, and their mother, Mary Rezaian, are asking for an unspecified sum for damages under the “terrorism exception” to the Foreign Sovereign Immunities Act. That law generally bars U.S. citizens from suing foreign governments in domestic courts, but exceptions are made for terrorist acts, torture or hostage-taking by countries — including Iran — that the State Department has designated as state sponsors of terrorism. The suit accuses Iran of all three.

[Plane leaves Iran with Post reporter, other Americans, in prisoner swap]

Rezaian and Salehi, who was born in Iran and married Rezaian there, were arrested on July 22, 2014, by Iranian agents wearing surgical masks who forced their way into their apartment and took them for questioning at Evin Prison, a notorious site for political prisoners. Salehi was freed 71 days later on a $32,000 bail provided by her brother-in-law, Ali.

Rezaian was eventually tried and convicted of espionage and related charges, according to Iranian state media accounts. But the Iranian government has never officially disclosed the specifics of his conviction in a closed-door trial, or the sentence imposed by a judge known for meting out harsh punishments.

The lawsuit provides details of Rezaian’s incarceration that have never been publicly revealed before.

Both Rezaian and Salehi were repeatedly subjected to psychological and physical abuse during lengthy interrogations, the suit says. Their captors at turns threatened to dismember or execute them. Interrogated in isolation and often deprived of sleep, each also was warned that the other might be maimed or executed, and the same fate could befall other family members in Iran, according to the filing.

[Detention takes ‘devastating toll’ on Post reporter locked up in Iran]

The ordeal was so intense that Rezaian, Salehi and Rezaian’s brother, Ali, all contemplated suicide, the suit says. Now — almost nine months after Rezaian and four other U.S. citizens were released on the day the nuclear deal was implemented—Salehi, the Rezaian brothers and their mother are still afflicted with trauma and guilt, according to the suit.

“For 544 days, Jason suffered such physical mistreatment and severe psychological abuse in Evin Prison that he will never be the same,” the suit states. “He will require specialized medical and other treatment for the rest of his life.”

Salehi is not a plaintiff in the suit. Nor is The Washington Post. Rezaian is currently on leave from The Post for a year as a Nieman fellow at Harvard University.

“Iran’s unconscionable actions have inflicted deep and lasting wounds on The Washington Post’s Jason Rezaian and his family,” said Executive Editor Martin Baron, who during the reporter’s imprisonment often criticized what he called Iran’s “system of injustice.”

“This legal filing is a stark telling of Iran’s brutal and heartless treatment of an innocent journalist and his wife, and the impact on those who love him. While this legal action is being taken solely by Jason and his family, The Post continues to support the Rezaians through their long and painful recovery.’’

The Rezaian lawsuit is the latest attempt by Americans to have the U.S. justice system provide compensation for harms inflicted by the Iranian government — in particular, by the powerful and hard-line Islamic Revolutionary Guard Corps that fiercely opposed the nuclear deal and has tried to thwart many initiatives of President Hassan Rouhani, a relative pragmatist. The IRGC is named as a co-defendant in the suit.

“This was really one of the few ways they felt they could try to hold Iran publicly accountable,” said David Bowker, Rezaian’s attorney. “Ideally, it will deter this kind of behavior toward other innocent people.”

Rezaian and his family declined to discuss the case, deferring questions to their lawyer.

In a number of suits brought against it over the years, Iran has not responded, resulting in default judgments.

Congress and U.S. courts have provided a legal framework for Americans to sue Iran and be compensated. The State Department has labeled Iran the top state sponsor of terrorism in the world. Also on the list are Sudan and Syria.

In April, the U.S. Supreme Court upheld a law allowing American victims of terrorism and their families to collect almost $2 billion in seized Iranian assets. The case involved relatives of people killed or injured in the 1983 bombing of the U.S. Marine Corps barracks in Beirut. Iran labeled the decision “confiscation” and “theft.”

The closest precedent to Rezaian’s case involves Nik Moradi, an Iranian American who was seized during a family visit in 2007 and accused of spying for the United States. More than six months before his release on bail, he said he was subjected to physical and mental torture during interrogations. In 2013, Moradi and his wife sued Iran in U.S. federal court under the Foreign Sovereign Immunities Act. The couple was awarded $20 million in a default judgment after Iran failed to respond.

One possible venue for securing payment on a judgment is the Victims of State Sponsors of Terrorism Fund, created last year by Congress to compensate the Americans held hostage in Iran during the takeover of the U.S. Embassy in Tehran after the 1979 revolution. It also set aside money for victims with court judgments against state sponsors of terrorism, funded by money from a civil penalty paid by BNP Paribas bank for violating sanctions against Iran, Cuba and Sudan.

The lawsuit provides dark glimpses of Rezaian’s 50 days in solitary in a small, dank, cockroach-infested cell. Anxiety and depression made him hallucinate, as he perceived the walls moving and talking. The cell was constantly lit, and a noisy fan prevented sleep. He slept on the floor, and prison officials eventually gave him tranquilizers to induce sleep. His food sometimes had concrete, rocks, dirt and other inedible objects mixed in.

“During his time in solitary confinement, Jason believed he was losing his mind,” the suit says.

In the initial months of his imprisonment, Rezaian was taken blindfolded several times a day to an underground room for interrogations that lasted hours. He was forced to write down his answers, which prison officials translated into Farsi before trying to coerce him to sign without explaining the translations.

In an effort to get him to confess to espionage, the suit says, one interrogator threatened him with beheading. Another held out the carrot of a video confession as his only chance for freedom.

“They threatened Jason with physical mutilation, such as cutting off his limbs, and repeatedly told Jason that he would never see Yeganeh alive again,” the suit says.

Though Salehi is not a plaintiff, her agony is clear in the dry legalese.

During her detention, Salehi was blindfolded while interrogators hit the table, broke glass and kicked her chair, startling her. One interrogator threatened to cut off her left leg and right hand or arm. They told her they would throw her husband off a cliff if she did not incriminate him.

By the time she was released, her legs would go numb and she sometimes fainted when sitting down. She had to shear off her hair because it was so matted. She had skin lesions. On her infrequent prison visits to see her husband, she sometimes was made to don a prison uniform and told she might be detained again, the suit says. Convinced her husband would die in Evin Prison, she considered killing herself to draw attention to his plight.

Ali Rezaian, who quit his job to work full-time campaigning for his brother’s release, also grew despondent, according to the suit. Iranian agents tailed him when he went to Geneva to appeal for help from the U.N. Human Rights Council and his mother was held against her will in Iran.

[Jason Rezaian works to reclaim his life after return to the U.S.]

“He contemplated suicide in the fall of 2015, having lost faith that his brother would ever be released,” the suit states. “At the time, Ali believed that only by ending his own life could he prompt action by defendants or others, to free Jason.”

Jason Rezaian now experiences depression, sleeplessness, short-term memory loss and other symptoms associated with post-traumatic stress disorder, the suit says. He grows anxious in large crowds, fears for his family’s safety and has grown more “detached” from them. He sees a psychologist.

“Plaintiffs live in constant fear that Iranian agents are spying on them, plotting additional acts of terrorism and planning ways to hurt them and their family members again,” the suit says.

Ann E. Marimow contributed to this report.

Read more:

Rezaian’s wife and mother recall tortuous final hours in Iran

A triumphant return for Jason Rezaian