Category Archives: Cyber War

Hey Yahoo Users…..a Big Problem was Finally Admitted, HACKED

Posted on by

Yahoo confirms 500 million accounts compromised in huge data breach

FNC: Yahoo has confirmed that hackers stole information from at least 500 million user accounts in what it describes as a “state-sponsored” attack.

In a statement released Thursday, Yahoo’s Chief Information Security Officer Bob Lord said that the information was stolen from the company’s network in late 2014. “The account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers,” he said.

However, an ongoing investigation into the hack suggests that stolen information did not include unprotected passwords, payment card data, or bank account information, according to Lord. Payment card data and bank account information are not stored in the affected system, he added.

The investigation has found that the attacker is no longer in Yahoo’s network. The internet giant said that it is working with law enforcement.

Yahoo is notifying potentially affected users and asking them to promptly change their passwords.

Early on Friday Recode reported that Yahoo was set to confirm a major data breach of its systems in 2012 that compromised the personal data of 200 million accounts.

**** 

PYMNTS: Yahoo did announce over the summer that is was investigating a possible data breach wherein hackers claimed to have accessed 200 million Yahoo user accounts that they were selling online.

“It’s as bad as that,” one source told re/code. “Worse, really.”

And a hack that is “bad” on its best description and “worse” than 200 million accounts going up for sale on the dark web may only be the beginning of Yahoo’s troubles this week, since the firm is also in the midst of trying to close a $4.8 billion sale of its core business — which is at the center this hack — to Verizon.

If the scale of liability is large enough, it could be a costly problem for Yahoo’s new owners — and the firm’s shareholders are likely to worry that it could lead to an adjustment in the price of the transaction. As of now the deal is moving forward as it goes through a variety of regulatory clearances. The deal must also pass final muster with Yahoo’s shareholders. Representatives of both firms have recently began meeting to review the Yahoo business and to make sure the transition runs smoothly. We’re sure those meeting will be delightfully fun this week.

If this is the same hack that was reported over the summer, the actor behind the mayhem is an infamous cybercriminal named “Peace.” Peace was, by his own admission, selling credentials of 200 million Yahoo users from 2012 on the dark web for just over $1,800. The data allegedly included user names, easily decrypted passwords, personal information like birth dates and other email addresses. At the time (in August 2016) Yahoo noted being “aware of the claim,” but did not confirm or deny it. However, at the time Yahoo did not issue a password reset recommendation.

If this hack is what it seems to be, it will be a depressing coda on CEO Marissa Mayer’s run at the head of Yahoo. Though brought in to turn the firm around, Mayer was unable to find traction for a reset, refocused Yahoo — which eventually precipitated the sale.

How Obama Admin Hid the Cash Transfers to Iran

Posted on by

 

The U.S. government wired about $848,000 to Iran in July 2015 in order to settle a dispute over fossils and architectural drawings that are now in Iranian possession, a spokesman from the Treasury Department said. This April, the U.S. also wired roughly $9 million to Iran in exchange for 32 tons of its excess heavy water, which could be used to make a plutonium bomb. Brig. Gen. Mohammad Reza Naqdi, commander of Iran’s Basij militia, said in January that the $400 million payment “was returned for the freedom of the US spy and it was not related to the [nuclear] negotiations.” More here in further detail.

(The heavy water was delivered to Oak Ridge Laboratories in August for domestic use and for sale to other customers including Spellation Neutron Source which is an accelerator operation. The total published cost to purchase Iran’s extra heavy water from the Iranian Arak facility is $8.6 million. It is unclear out of what agency budget this money was paid, including the Department of Defense or the Department of Energy.

Obama Admin ‘Laundered’ U.S. Cash to Iran Via N.Y. Fed, Euro Banks

Congressman: ‘Administration laundered this money in order to circumvent U.S. law’

FreeBeacon: A member of the House Intelligence Committee is accusing the Obama administration of laundering some $1.7 billion in U.S. taxpayer dollars to Iran through a complicated network that included the New York Federal Reserve and several European banks, according to conversations with sources and new information obtained by the lawmaker and viewed by the Washington Free Beacon.

New disclosures made by the Treasury Department to Rep. Mike Pompeo (R., Kan.), a House Intelligence Committee member, show that an initial $400 million cash payment to Iran was wired to the Federal Reserve Bank of New York (FRBNY) and then converted from U.S. dollars into Swiss francs and moved to an account at the Swiss National Bank, according to a copy of communication obtained exclusively by the Free Beacon.

Once the money was transferred to the Swiss Bank, the “FRBNY withdrew the funds from its account as Swiss franc banknotes and the U.S. Government physically transported them to Geneva” before personally overseeing the handover to an agent of Iran’s central bank, according to the documents.

These disclosures shine new light on how the Obama administration moved millions of dollars from U.S. accounts to European banks in order to facilitate three separate cash payments to Iran totaling $1.7 billion.

The latest information is adding fuel to accusations the Obama administration arranged the payment in this fashion to skirt U.S. sanctions laws and give Iran the money for the release of U.S. hostages, in what many have called a ransom.

Congress has been investigating the circumstances surrounding the payment for months and said the administration is blocking certain requests for more detailed information about the cash transaction with Iran.

“By withholding critical details and stonewalling congressional inquiries, President Obama seems to be hiding whether or not he and others broke U.S. law by sending $1.7 billion in cash to Iran,” Pompeo told the Free Beacon. “But Americans can plainly see that the Obama administration laundered this money in order to circumvent U.S. law and appease the Islamic Republic of Iran.”

As new details emerge, congressional critics such as Pompeo and Sen. Ted Cruz (R., Texas) are beginning to suspect the U.S. government laundered the money in order to provide Tehran with immediate access.

“Think about this timeline: the U.S. withdraws $400 million in cash from the Swiss National Bank and then physically transports it to another city to hand-off to Iranian officials—three days before Iran releases four American hostages,” Pompeo said. “But it gets worse: less than a week after this, the U.S. again sends hordes of cash to Iran.  As we speak, Iran is still holding three more Americans hostage and I fear what precedent this administration has set.”

The initial $400 million payment to Iran was initiated on Jan. 14, 2016, according to information sent by the Treasury Department to Pompeo.

“For the first settlement payment in January, Treasury assisted the Defense Finance and Accounting Services (DFAS) in crafting a wire instruction to transfer the $400 million in principal from the Iran FMS [Foreign Military Sales program] account on January 14, 2016,” the document states.

“Treasury worked with DFAS and the Federal Reserve Bank of New York (FRBNY), which was acting as Treasury’s financial agent, so that the funds were converted from dollars to Swiss francs and credited to a FRBNY account at the Swiss National Bank (SNB), which is the central bank of the Switzerland [sic],” it adds.

The U.S. hostages were released shortly after Iran received this initial cash payment.

The additional $1.3 billion cash payment was facilitated by the Dutch Central Bank, which helped the United States transfer the money to an account before it was converted into euros.

The Dutch Bank “then disbursed the funds as euro banknotes in the Netherlands to an official from the Central Bank of Iran.”

The payment was broken down into two separate transactions that occurred on Jan. 22 and Feb. 5.

Senior administration officials maintain that the transaction was completely legal and not paid out as part of a ransom to Iran. These officials have said that cash was the “most reliable” method to ensure Iran received immediate access to the funds, as its banking system is still under sanctions.

Officials from the Treasury and Justice Departments would not respond to Free Beacon requests for comment about the exact type of legal approval given prior to the cash payment.

One congressional adviser who works closely on the Iran issue told the Free Beacon that the Obama administration appears to have involved multiple branches of the government in order to help conceal the cash payment to Iran.

“It looks as if the White House made just about every corner of the executive branch complicit in covering up the extent of its payments to Iran,” the source said. “Congress was already aggressively looking into payments involving the State, Treasury, and Energy Departments. Now it’s the Justice Department, too. We already know that top officials from Justice objected strongly to the ransom deal, but were overruled. Congress wants to know what happened and why.”

A senior congressional aide familiar with investigations regarding the matter told the Free Beacon that the administration continues to hide information from lawmakers about the cash payment.

“The American public and Members of Congress understand psychology—if the administration is hiding something, there is a reason.  President Obama, Secretary Kerry and others would like to pretend that their months of evasiveness and stonewalling regarding Iran are normal, but their behavior indicates otherwise” the source said. “Refusing to answer basic questions about millions of U.S. taxpayer dollars paid to the world’s largest state sponsor of terrorism only invites more questions.”

Recent reports have raised questions about how much of this money may be spent to fund Iran’s international terror operations and the Iranian Revolutionary Guard Corps.

Lawmakers examining who in Iran assumed control of the money have told the Free Beacon that at least part of the cash was likely spent to fund the IRGC’s operations.

House Office Report on Edward Snowden

Posted on by

Edward Snowden, Defending His Patriotism, Says Disclosures Helped Privacy

In this file photo, American whistleblower Edward Snowden delivers remarks via video link from Moscow to attendees at a discussion regarding an International Treaty on the Right to Privacy, Protection Against Improper Surveillance and Protection of Whistleblowers in New York City on Sept. 24, 2015. © REUTERS/Andrew Kelly

In this file photo, American whistleblower Edward Snowden delivers remarks via video link from Moscow to attendees at a discussion regarding an International Treaty on the Right to Privacy, Protection Against Improper Surveillance and Protection of Whistleblowers in New York City on Sept. 24, 2015.  More here.

Executive Summary of Review of the Unauthorized Disclosures of Former National Security Agency Contractor Edward Snowden

UNCLASSIFIED

In June 2013, former National Security Agency (NSA) contractor Edward Snowden

perpetrated the largest and most damaging Public release of classified information in U.S.

intelligence history. In August 2014, the Chairman and Ranking Member of the House

Permanent Select Committee on Intelligence (HPSCI) directed Committee staff to carry out a

comprehensive review of the unauthorized disclosures. The aim of the review was to allow the

Committee to explain to other Members of Congress-and, where possible, the American

people-how this breach occurred, what the U.S. Government knows about the man who

committed it, and whether the security shortfalls it highlighted had been remedied.

Over the next two years, Committee staffrequested hundreds ofdocuments from the

Intelligence Community (IC), participated in dozens ofbriefings and meetings with IC

personnel, conducted several interviews with key individuals with knowledge of Snowden’s

background and actions, and traveled to NSA Hawaii to visit Snowden’s last two work locations.

The review focused on Snowden’s background, how he was able to remove more than 1.5

million classifled documents from secure NSA networks, what the 1.5 million documents

contained, and the damage their removal caused to national security.

The Committee’s review was careful not to disturb any criminal investigation or future

prosecution of Snowden, who has remained in Russia since he fled there on June 23, 2013.

Accordingly, the Committee did not interview individuals whom the Depatment of Justice

identified as possible witnesses at Snowden’s trial, including Snowden himself, nor did the

Committee request any matters that may have occurred before a grand jury. Instead, the IC

provided the Committee with access to other individuals who possessed substantively similar

knowledge as the possible witnesses. Similarly, rather than interview Snowden’s NSA

coworkers and supervisors directly, Committee staffinterviewed IC personnel who had reviewed

reports o finterviews with Snowden’s co-workers and supervisors. The Committee remains

hopeful that Snowden will retum to the United States to face justice.

The bulk of the Committee’s 36-page review, which includes 230 footnotes, must remain

classified to avoid causing further harm to national security; however, the Committee has made

a number of unclassified findings. These findings demonstrate that the public narrative

popularized by Snowden and his allies is rife with falsehoods, exaggerations, and crucial

omissions, a pattem that began befiore he stole 1.5 million sensitive documents.

First, Snowden caused tremendous damage to national security, and the vast

majority of the documents he stole have nothing to do with programs impacting individual

privacy interests-they instead pertain to military, defense? and intelligence programs of

great interest to America,s adversaries. A review ofthe materials Snowden compromised

makes clear that he handed over secrets that protect American troops overseas and secrets that

provide vital defienses against terrorists and nation-states. Some of Snowden’s disclosures

exacerbated and accelerated existing trends that diminished the IC’s capabilities to collect

against legitimate foreign intelligence targets, while others resulted in the loss of intelligence

streams that had saved American lives. Snowden insists he has not shared the full cache of 1.5

million classified documents with anyone; however, in June 2016, the deputy chairman of the

Russian parliaments defense and security committee publicly conceded that “Snowden did

share intelligence” with his govemment. Additionally, although Snowden’s professed objective

may have been to inform the general public, the infiormation he released is also available to

Russian, Chinese, Iranian, and North Korean govemment intelligence services; any terrorist

with Internet access; and many others who wish to do harm to the United States.

The full scope ofthe damage inflicted by Snowden remains unknown. Over the past

three years, the IC and the Department ofDefiense (DOD) have carried out separate

reviews with differing methodologies-fthe damage Snowden caused. Out of an abundance of

caution, DOD reviewed all 1.5 million documents Snowden removed. The IC, by contrast, has

carried out a damage assessment fior only a small subset ofthe documents. The Committee is

concerned that the IC does not plan to assess the damage ofthe vast majority of documents

Snowden removed. Nevertheless, even by a conservative estimate, the U.S. Govemment has

spent hundreds of millions of dollars, and will eventually spend billions, to attempt to mitigate

the damage Snowden caused. These dollars would have been better spent on combating

America’s adversaries in an increasingly dangerous world.

Second, Snowden was not a whistleblower. Under the law, publicly revealing

classifled information does not qualify someone as a whistleblower. However, disclosing

classified information that Shows fraud, Waste, Abuse, Or Other illegal activity to the

appropriate law enforcement or oversight personnel-including to Congressuloes make someone

a whistleblower and affords them with critical protections. Contrary to his public claims that he

notified numerous NSA officials about what he believed to be illegal intelligence collection, the

Committee found no evidence that Snowden took any official effort to express concems about

U.S. intelligence activities-legal, moral, or otherwise-to any oversight officials Within the

U.S. Govemment, despite numerous avenues for him to do so. Snowden was aware of these

avenues. His only attempt to contact an NSA attomey revolved around a question about the

legal precedence ofexecutive orders, and his only contact to the Central Intelligence Agency

(CIA) Inspector General (IG) revolved around his disagreements with his managers about

training and retention ofinfiormation technology specialists.

Despite Snowden’s later public claim that he would have faced retribution for voicing

concems about intelligence activities, the Committee found that laws and regulations in effect at

the time of Snowden’s actions afforded him protection. The Committee routinely receives

disclosures from IC contractors pursuant to the Intelligence Community Whistleblower

Protection Act of 1998 (IC WPA). If Snowden had been worried about possible retaliation for

voicing concerns about NSA activities, he could have made a disclosure to the Committee. He

did not. Nor did Snowden remain in the United States to flee the legal consequences of his

actions, contrary to the tradition of civil disobedience he professes to embrace. Instead, he fled

to China and Russia, two countries whose governments place scant value on their citizens’

privacy or civil liberties-and whose intelligence services aggressively collect information on

both the United States and their own citizens.

To gather the files he took with him when he left the country for Hong Kong, Snowden

infringed on the privacy of thousands of govemment employees and contractors. He obtained

his colleagues, security credentials through misleading means, abused his access as a systems

administrator to search his co-workers, personal drives, and removed the personally

identifiable information of thousands of IC employees and contractors. From Hong Kong he

went to Russia, where he remains a guest of the Kremlin to this day.

It is also not clear Snowden understood the numerous privacy protections that govern the

activities of the IC. He failed basic annual training for NSA employees on Section 702 of the

Foreign Intelligence Surveillance Act (FISA) and complained the training was rigged to be

overly difficult. This training included explanations of the privacy protections related to the

PRISM program that Snowden would later disclose.

Third, two weeks before Snowden began mass downloads of classified documents,

he was reprimanded after engaging in a workplace spat with NSA managers. Snowden was

repeatedly counseled by his managers regarding his behavior at work. For example, in June

2012, Snowden became involved in a fiery e-mail argument With a Supervisor about how

computer updates should be managed. Snowden added an NSA senior executive several levels

above the supervisor to the e-mail thread, an action that earned him a swift reprimand from his

contracting officer for failing to follow the proper protocol for raising grievances through the

chain of command. Two weeks later, Snowden began his mass downloads of classified

information from NSA networks. Despite Snowden’s later claim that the March 2013

congressional testimony of Director of National Intelligence James Clapper was a “breaking

point” for him, these mass downloads predated Director Clapper’s testimony by eight months.

Fourth, Snowden was, and remains) a serial exaggerator and fabricator. A close

review of Snowden’s official employment records and submissions reveals a pattern of

intentional lying. He claimed to have left Army basic training because of broken legs when in

fact he washed out because of shin splints. He claimed to have obtained a high school degree

equivalent when in fact he never did. He claimed to have worked for the CIA as a “senior

advisor,” which was a gross exaggeration of his entry-level duties as a computer technician. He

also doctored his performance evaluations and obtained new positions at NSA by exaggerating

his resume and stealing the answers to an employment test. In May 2013, Snowden informed

his supervisor that he would be out of the office receive treatment for worsening epilepsy. In

reality, he was on his way to Hong Kong with stolen secrets.

Finally, the Committee remains concerned that more than three years after the start

of the unauthorized disclosures, NSA, and the IC as a whole, have not done enough to

minimize the risk of another massive unauthorized disclosure. Although it is impossible to

reduce the chance of another Snowden to zero, more work can and should be done to improve

the security of the people and computer networks that keep America’s most closely held secrets.

For instance, a recent DOD Inspector General report directed by the Committee found that NSA

has yet to effectively implement its post-Snowden security improvements. The Committee has

taken actions to improve IC information security in the Intelligence Authorization Acts for

Fiscal Years 2014, 2015, 2016, and 2017, and looks forward to working with the IC to continue

to improve security.

For my Military Friends: General Mattis -‘Everyone Fills Sand Bags’

Posted on by

 

Art of War Papers

Hat-tip to Michael L. ValentiMajor, USMC

Mattis believed in delegating responsibility to the lowest capable level. He stated, “Most Marine units and most Marines can do more than they are asked to do. It’s how you unleash that, delegate the decision making to the lowest capable level so that units can maneuver swiftly and aggressively based on exercising initiative. A sense of co-equal ownership of the mission between generals and 18 year olds.”

Mattis asserted that “by reading, you learn through others’ experiences—generally a better way to do business—especially in our line of work where the consequences of incompetence are so final for young men.”36 This alluded to a responsibility that is inherent to commanders and leaders: honest and detailed preparation for the task. It went far beyond just concentrating study on tactics, techniques, and procedures, for that will never be enough for “those who must adapt to overcoming an independent enemy’s will are not allowed the luxury of ignorance of their profession.”37

Mattis gave guidance on the construction of his staff. He wanted “a small staff comprised of aggressive officers who were able to act with initiative, make rapid decisions and recommendations, and exercise good judgment.”14 Due to the small size of the staff and few enlisted Marines to support it, General Mattis made it clear that everyone had to “fill sandbags.”15 The initial tempo of planning was intense and as new members arrived to fill positions, they had to be caught up to speed quickly and start working quickly. In order to expedite this process the creation of a “Brain Book” was implemented. The book consisted of various references and orders that were needed to get new members ready to operate quickly. The Brain Book by itself would not be enough. Instead, professionalism, willingness, and doctrinal foundation of the new members of the staff would carry them the rest of the way.16

General Mattis’s personal feelings:

War is a human endeavor and as such, warriors must be comfortable operating on and within the scopes of human terrain.38 An object in war is to impose our will upon the enemy.39 It is critical in professional study to include the study of the human dimension that is the study of decision-making, group interaction, leadership, etc. When the enemy votes, a study of these topics will enable the warrior to beat him to the polls.

warrior

A Marine from the 15th Marine Expeditionary Unit moves to a security position at Forward Operating Base Rhino, Afghanistan, 25 November 2001. Photo by Sgt. Joseph R. Chenelly. (DVIC DM-SD-06-03033).

Mattis asserts that a commander must “be ready to embrace allied elements without necessarily having TACON/OPCON over them—use HANDCON.”54 Bringing allied elements into the planning process early with an emphasis on information sharing a commander can gain battlefield harmony through trust building.55 His bottom line is that “you will have little formal authority yet expectations for tactical achievements will not be diminished just because you lack formal command authority.”56

The greatest attribute a field grade officer can have according to Mattis is anticipation.57 General Mattis anticipated his lack of resources, capabilities, and authorities and actively sought measures to correct them by forming relationships and exchanging liaison officers.

For a full read and inspiring summary, go here.

Image result for task force 58 afghanistan 2001

Related reading: Task Force 58: A Higher Level of Naval Operation

Best Foreign Hack Job: Library of Congress…Done

Posted on by

The Library of Congress Was Hacked Because It Hasn’t Joined the Digital Age

Motherboard: With the presidential election taking all the air out of the room, July’s IT attack on the Library of Congress barely made the news. But for good governance advocates and policymakers, this denial of service attack, which caused a three day service outage, validated decades of complaints about the Library of Congress’ failure to join the digital age.

Americans are familiar with the Library’s mission to archive the world’s literature and research. But Congress, librarians, and specialized policy wonks are more familiar with the Library’s many other functions, including the intelligence gatherer, legislative tracker, governance think tank, and intellectual property bureaucracy. The library’s dysfunction is bad news for Congressional staff, and the researchers and scholars who defend on the archives of American history and information on the world’s most unstable regions.

Surprisingly, the Library of Congress was among the first in government to embrace the power of the Internet. Pushed on the Library by Newt Gingrich and thrown together with a quick and dirty build, THOMAS.gov (the predecessor to Congress.gov) debuted in January of 1995. Despite the fast execution and concern over who could even access this site when comparatively few people had internet access, THOMAS.gov handled almost a million queries within the first 38 days of operation.

So what happened? Government investigations as far back as 2002 have highlighted the mismanagement of contractors, budget, overall management, and IT services. Many government watchdogs and library scholars also point to the former librarian, Dr. James Billington. Serving 28 years in the position, Billington had a reputation for both being difficult manager and an infamous luddite, even reportedly requesting at times that staff fax him at home and refusing to use email.

staff fax him at home and refusing to use email.

Library of Congress Great Hall. Image: Ed Schipul/Flickr

Appointed by Ronald Reagan in 1987, Billington has had some positive moments in his legacy. His review of the DMCA in 2010 (which the library holds jurisdiction over and is tasked with reviewing every three years) massively changed the future of copyright. Around Washington, Billington gained a reputation as a dynamic private fundraiser, using these funds to supplement library budgets for collections and programming. However, much like his overall management, Billington’s fundraising style has also come under fire, both over the exclusivity and possible use of donated funds for donors-only swank dinners and performances.

The library does have a Chief Information Officer, but in recent years, it struggled to fill the position, cycling through five temporary CIOs before being forced to find a permanent CIO by recommendations in a scathing 2015 Government Accountability Office report on the Library’s IT systems.

In this report, the GAO again confirmed what scholars, lawmakers, and their staff have been struggling with for years: the Library of Congress is simply not equipped to join the 21st century. The GAO estimates that the LOC spends roughly $120 million dollars on IT functions, but the library’s accounting records leave much to be desired, particularly when recording acquisitions of new IT assets.

These overseas offices have even become an important tool in the fight against ISIS.

When asked to account for the number of systems within the library, the number of systems was first recorded to be 30, then 46, and eventually 70. Most notably, overseas office systems were left off the list. Since 1962, these offices have been tasked with collecting materials in underdeveloped and politically volatile areas, including (infamously) the acquisition of a copy of Osama Bin Laden’s autobiography.

These overseas offices have even become an important tool in the fight against ISIS. With the wanton destruction of cultural artifacts and archives by ISIS and general civil unrest, experts at the library’s Middle Eastern offices have been at the forefront of providing support in the salvaging of damaged books and other materials. The collection of materials (in 2014, the overseas offices collected over 800,000 items) has been invaluable for researchers in the United States. However as the associate librarian for library services, Mark Sweeney, noted in a March 2015 testimony before the Senate Legislative Appropriations Subcommittee, security is a continuing concern for these offices.

With overseas offices in cities such as Islamabad, Cairo, and Jakarta, accurately managing cybersecurity risks to the Library’s overseas collections and personnel is difficult, particularly when, as admitted by Chief of the Library Services Automation and Planning Office, these systems haven’t been accredited or credentialed.

The library has also been unable to keep an accurate inventory of key resources and assets. It reported having fewer than 6,500 computers in use, while the actual number is somewhere around 18,000. While the library does have oversight of initial technology investments, it lacks any effective way to oversee continued funding. For example, the library reported in 2013 “missing” the review of the $2.2 million dollar project, the National Library Catalog.

An .xml database and public facing web service intended to replace Online Public Access Catalog, the library’s current publically accessible database, the National Library Catalog was intended to finally allow a smooth search experience of the Library’s many different archives and websites after a 2009 report by the Office of the Inspector General that highlighted the difficulty the public had accessing the library’s resources.

Library of Congress. Image: Monica Volper/Pixabay

In March 2012, the project was dumped after being denied release when it was discovered that a recommended switch to Solr-based platform had been ignored. Due to a lack of communication, the entire project was scrapped, including the usable .xml database which had cost 1.25 million dollars and 33 months to develop.

Even offices with separate functions operating under the Library’s jurisdiction haven’t been free from massive mismanagement. The copyright office still runs on a largely paper based system (some records kept are still kept in card catalogues) and is forced to share the library’s aging IT systems. Large digital projects have even failed to materialize, such as the promise of an archive of everything that has been tweeted since 2010. Digitization projects are so far behind that only a fraction of the Library’s 24 million titles have been made available online.

While Congress has been reluctant to criticize Billington, a bill to term limit the Librarian of Congress to 10 years seems very conveniently timed to Billington’s retirement. Congress also took a step in the right direction with the confirmation of Carla Hayden, former president of the American Library Association. Despite opposition from some conservative advocacy groups and Republican Senators on her stances on the Patriot Act, censorship, and frankly ridiculous assertions that she didn’t have the appropriate scholarly background to helm the library, Hayden was confirmed late this summer to become the first female and African American librarian.

Read more: The Twitter Archive at the Library of Congress Won’t Actually Be Very Useful

Hayden’s reputation as a technologically savvy reformer is well deserved, having modernized Baltimore’s flailing Enoch Pratt Free Library and ushered in a period of unprecedented expansion for Baltimore’s library system in an otherwise bleak time for the city. Hayden even became a beacon of stability and normalcy after the Freddie Gray riots with her decision to keep the library open despite the unrest.

With Hayden in the top job, policy advocates and scholars might have a glimmer of hope that the former crown jewel of American libraries can be pulled out of mothballs and dragged into the 21st century.