Category Archives: Cyber War

Facts on TWO Lists, Watch List and Terror List

Posted on by

   

Most Wanted Terrorists

Select the images of suspected terrorists to display more information.

JABER A. ELBANEH

 

How Does the FBI Watch List Work? And Could It Have Prevented Orlando?

Wired:  OF ALL THE details investigators have uncovered about Orlando terrorist Omar Mateen, perhaps the most infuriating is the fact that he spent 10 months on a government watch list, yet had no trouble buying an assault rifle and a handgun.

Authorities placed Mateen on a watch list in May 2013 after coworkers at the Florida courthouse where he was a security guard told authorities he boasted of connections to al Qaeda and other terrorists organizations. He remained on the list for 10 months, and FBI Director James Comey told reporters this week that during that time the agency placed Mateen under surveillance and had confidential sources meet with him.

But the feds removed Mateen from the list in March 2014, after concluding that he had no significant links to terrorism beyond attending the same mosque as an American suicide bomber who died in Syria. “We don’t keep people under investigation indefinitely,” Comey said, adding that he doesn’t see anything that his agents should have done differently.

Comey didn’t identify the list Mateen was on, but an unnamed official told the Daily Beast that he was in two databases, the Terrorist Identities Datamart Environment database and the Terrorist Screening Database, more commonly called the terrorist watch list.

Here’s a look at what the lists are and how someone gets their name on one.

What is the Terrorist Watch List?
The Terrorist Screening Database was created in 2003 by order of a Homeland Security Presidential Directive. The database includes the names and aliases of anyone known to be, or reasonably suspected of being, involved in terrorism or assisting terrorists through financial aid or other ways. The federal Terrorist Screening Center maintains the database, and an array of government agencies nominate people to it through the National Counter Terrorism Center.

Some of the information in the database originates with the Terrorist Identities Datamart Environment, also called TIDE. That list contains classified data collected by intelligence agencies and militaries worldwide, but anything passed on to the terrorist watch list is first scrubbed of classified info. In 2013, TIDE had 1.1 million names in it.

The State Department checks all visa applicants against the watch list. The TSA’s No-Fly list and Selectee List, which identifies people who warrant additional screening and scrutiny at airports and border crossings, are also derived from the watch list. But it is most often used by law enforcement agencies at all levels to check the identity of anyone arrested, detained for questioning, or stopped for a traffic violation. The FBI calls it “one of the most effective counterterrorism tools for the US government.”

Entries in the database are coded according to threat level to provide law enforcement with instructions on what to do when they encounter a suspected terrorist who is on the list. According to a 2005 inspector general report (.pdf), of some 110,000 records in the database that the IG reviewed, 75 percent of them were given handling code 4, considered the lowest level, and 22 percent were given handling code 3. Only 318 records had handling codes 1 or 2. A description of what each level means is redacted in the publicly released version of the document, but a note indicates that people are usually given code 4 when they are either just an associate of a suspected terrorist and therefore may not pose a threat or if there is too little information known about the individual to categorize them at a higher level.

Appearing in the database doesn’t mean you’ll be arrested, denied a visa, or barred from entering the country. But it does mean your whereabouts and any other information gleaned from, say, a traffic stop, will be added to the file and scrutinized by authorities.

What’s the Criteria for Getting on the Watch List?
According to a 2013 watch list guideline produced by the Terrorist Screening Center and obtained by The Intercept, engaging in terrorism or having a direct connection to a terrorist organization is not necessary for inclusion on the list. Parents, spouses, siblings, children and “associates” of a suspected terrorist can appear on the list without any suspicion of terrorist involvement. “Irrefutable evidence” of terrorist activity and connections is also not necessary, the document states. Reasonable suspicion is sufficient, though this isn’t clearly defined.

“These lists are horribly imprecise,” a former federal prosecutor, who asked to remain anonymous, told WIRED. “They are based on rumor and innuendo, and it’s incredibly easy to get on the list and incredibly difficult to get off the list. There’s no due process for getting off the list.”

The guidelines also reveal that the Assistant to the President for Homeland Security and Counterterrorism can temporarily authorize placing entire “categories” of people on to the No-Fly and Selectee lists based on “credible intelligence” that indicates a certain category of individuals may be used to conduct an act of terrorism.

“Instead of a watch list limited to actual, known terrorists, the government has built a vast system based on the unproven and flawed premise that it can predict if a person will commit a terrorist act in the future,” Hina Shamsi, head of the ACLU’s National Security Project, told The Intercept. “On that dangerous theory, the government is secretly blacklisting people as suspected terrorists and giving them the impossible task of proving themselves innocent of a threat they haven’t carried out.”

What Is the No-Fly List?
This narrower list, derived from the terrorist watch list, includes people who haven’t done anything to warrant being arrested, yet the government deems too dangerous to allow onto commercial aircraft. Mateen reportedly did not appear on this list. The list included 2,500 individuals when Homeland Security chief Michael Chertoff released the tally for the first time in 2008. Six years later, Christopher Piehota, director of the Terrorist Screening Center, told a House subcommittee it had 64,000 names on it. That sounds like a lot, but the list includes dead people and multiple versions of names.

The No-Fly list is also notorious for ensnaring the innocent whose names resemble those of suspected terrorists. Senator Ted Kennedy, for example, was repeatedly prevented from boarding planes because his name matched that of someone on the list.

What Kind of ‘Terrorist Activity’ Gets You on the Terrorist Watch List?
Obvious things like using or possessing weapons of mass destruction will land you on the terrorist watch list. So will committing violence at an international airport, or engaging in arson or other types of destruction of government property if it’s done to intimidate, coerce, or influence people or government policy. But computer hacking can also get you included if it damages a computer used for interstate or foreign commerce or ones that are used by a financial institution or the government, if the hack was intended to influence people or policy.

Just as there are those on the list who shouldn’t be, so too are there people who don’t make it onto the list who should. Umar Farouk Abdul Mutallab, the so-called “underwear bomber” who attempted to detonate explosives aboard a flight from Europe in 2009, wasn’t on the terrorist or No-Fly lists, even though his father alerted the US embassy in Nigeria to his radicalization. He did appear in the TIDE database, but because that information is classified, it didn’t make it to the No-Fly list or the Amsterdam airport where he boarded his flight.

A 2007 inspector general’s audit of the terrorist watch list found that in 15 percent of terrorism cases the inspector’s office reviewed, the FBI failed to add suspects in the cases to the list.

Can Someone on the List Buy a Gun from a Federally Licensed Seller?
Appearing on the terrorist watch list wouldn’t necessarily prevent someone from purchasing a gun; it simply means law enforcement is alerted if you apply to purchase a weapon. So even if he’d been included on the list at the time he bought his weapons, Mateen would still have had no trouble purchasing his Sig Sauer MCX rifle and Glock 17 handgun.

There are ten criteria, however, that do prevent people, whether they’re on the terrorist watch list or not, from buying firearms from a licensed seller. They include a felony conviction, being an undocumented immigrant and being deemed mentally unstable by a court.

Government Accountability Office data recently released to California Democratic Senator Dianne Feinstein indicate that 2,477 people on the watch list attempted to buy a firearm between February 2004 (when authorities started checking gun sale purchases against the list) and the end of 2015. Of those, 2,265 of the transactions were allowed.

Feinstein proposed legislation last year to prevent known or suspected terrorists on the watch list from obtaining a gun license or buying a weapon from a licensed seller. The Senate rejected the proposal one day after the San Bernadino attack, but Feinstein said she hopes the Orlando massacre will give the bill new life. This week, Senate Democrats filibustered until Republicans agreed to consider such legislation.

But barring anyone on the list from buying a gun can create a different problem. “If you prevent people on the list from buying a weapon, then an attempt to buy the weapon can alert the person that they’re on the list,” the former prosecutor told WIRED. “So you’re aiding the terrorist [with that information].”

 

How Many People Are on the Terrorist Watch List?
The exact number is unclear because the list includes many aliases and variations of names, and officials often confuse the number of names that are on the list and the number of unique individuals that are on it. In 2011, for example, more than 1 million names appeared on the list, but just 400,000 of these represented unique individuals. In 2014, the Terrorist Screening Center’s Piehota told lawmakers the list included 800,000 names.

About 99 percent of names nominated to the list each year are accepted, and the number of nominations grows annually. In 2009, authorities nominated 227,932 known or suspected terrorists. In 2013, the number reached nearly 469,000.

Most of the people on the watch list are not US citizens; placing a citizen or permanent US resident on the list is supposed to require a higher standard, such information “from sources of known reliability or where there exists additional corroboration or context supporting reasonable suspicion,” according to the guidelines The Intercept obtained.

How Do You Get Off the Terrorist Watch List or No-Fly List?
This remains a source of great controversy. People on these lists rarely know how or why they landed there, and the process of removal can be convoluted. In 2007, the Department of Homeland Security created a redress program through which people can challenge their inclusion on the No-Fly list. It works well enough for anyone mistakenly added to the list, but provides little help to those whom the government says are on the list for legitimate reasons but won’t disclose the reasons.

The FBI will remove people from the terrorist watch list after closing an investigation that failed to uncover terrorist activity or connections. This is exactly what happened to Mateen, which has angered some officials. “The only way you should get off the list is if they no longer believe you’re a threat,” Senator Lindsey Graham said during a Capitol Hill briefing after the Orlando shooting. “It should have nothing to do with not being able to prove a crime.”

But the FBI was simply following procedure when it dropped Mateen from the watch list, after being criticized in the past for not promptly removing people when cases get closed. An inspector general’s report in 2007 found that the FBI failed to remove names in a timely manner in 72 percent of the cases the Bureau closed for lack of evidence. A 2009 audit found that the situation had not improved, prompting lawmakers like Vermont Democratic Senator Patrick Leahy to criticize the Bureau.

 

The bigger question then, is not why was Mateen removed from the list, but why did the FBI close its investigation of him prematurely? “To me, there was enough here to keep it in some sort of a status,” New York Republican Representative Peter King said during the Capitol Hill briefing this week.

But with so many suspects on the watch list, authorities must be judicious in choosing which ones to pursue. “Our work is very challenging,” Comey said this week. “We are looking for needles in a nationwide haystack. But we’re also called upon to figure out which pieces of hay might someday become needles.”

There is no specific criteria guiding when to close a case related to the terrorist watch list. “It’s a judgment call,” says the former prosecutor. “It depends on the seriousness of the allegations and the result of the investigation. It’s [a matter of whether an] investigator is convinced, more than anything else, that ‘We better keep looking at this guy.’”

In the case of Mateen, investigators surveilled him, looked into his background, and performed a “dangle,” the former prosecutor says. That’s when a confidential informant meets with a suspect. “They feel the guy out to try to figure out if he’s real or if he’s just all talk,” he says. They may do this by asking if he’s interested in purchasing weapons or materials to make a bomb. “They may try the dangle operation two or three times, and if he shows no genuine interest in activity, if he doesn’t take the bait, then they say after a period of time, we’ve got no reason to believe this person is something other than an angry young man … and they close the investigation.”

Still, a case is never truly closed. Authorities can re-open it if something piques their interest—like say, a suspect buying weapons. That would have been sufficient to get Mateen back on the FBI’s radar. But because he wasn’t on the watch list, the FBI didn’t know what he was up to. And that’s what lawmakers are saying they want to fix.

 

 

 

States Complying with DOJ/FBI Facial Recognition Database

Posted on by

 

 

GAO: The Department of Justice’s (DOJ) Federal Bureau of Investigation (FBI) operates the Next Generation Identification-Interstate Photo System (NGI-IPS)— a face recognition service that allows law enforcement agencies to search a database of over 30 million photos to support criminal investigations. NGI-IPS users include the FBI and selected state and local law enforcement agencies, which can submit search requests to help identify an unknown person using, for example, a photo from a surveillance camera. When a state or local agency submits such a photo, NGI-IPS uses an automated process to return a list of 2 to 50 possible candidate photos from the database, depending on the user’s specification. As of December 2015, the FBI has agreements with 7 states to search NGI-IPS, and is working with more states to grant access. In addition to the NGI-IPS, the FBI has an internal unit called Facial Analysis, Comparison and Evaluation (FACE) Services that provides face recognition capabilities, among other things, to support active FBI investigations. FACE Services not only has access to NGI-IPS, but can search or request to search databases owned by the Departments of State and Defense and 16 states, which use their own face recognition systems. Biometric analysts manually review photos before returning at most the top 1 or 2 photos as investigative leads to FBI agents.

DOJ developed a privacy impact assessment (PIA) of NGI-IPS in 2008, as required under the E-Government Act whenever agencies develop technologies that collect personal information. However, the FBI did not update the NGI-IPS PIA in a timely manner when the system underwent significant changes or publish a PIA for FACE Services before that unit began supporting FBI agents. DOJ ultimately approved PIAs for NGI-IPS and FACE Services in September and May 2015, respectively. The timely publishing of PIAs would provide the public with greater assurance that the FBI is evaluating risks to privacy when implementing systems. Similarly, NGI-IPS has been in place since 2011, but DOJ did not publish a System of Records Notice (SORN) that addresses the FBI’s use of face recognition capabilities, as required by law, until May 5, 2016, after completion of GAO’s review. The timely publishing of a SORN would improve the public’s understanding of how NGI uses and protects personal information.

Prior to deploying NGI-IPS, the FBI conducted limited testing to evaluate whether face recognition searches returned matches to persons in the database (the detection rate) within a candidate list of 50, but has not assessed how often errors occur. FBI officials stated that they do not know, and have not tested, the detection rate for candidate list sizes smaller than 50, which users sometimes request from the FBI. By conducting tests to verify that NGI-IPS is accurate for all allowable candidate list sizes, the FBI would have more reasonable assurance that NGI-IPS provides leads that help enhance, rather than hinder, criminal investigations. Additionally, the FBI has not taken steps to determine whether the face recognition systems used by external partners, such as states and federal agencies, are sufficiently accurate for use by FACE Services to support FBI investigations. By taking such steps, the FBI could better ensure the data received from external partners is sufficiently accurate and do not unnecessarily include photos of innocent people as investigative leads.

*** The Privacy Act of 1974 places limitations on agencies’ collection, disclosure, and use of personal information maintained in systems of records.3 The Privacy Act requires agencies to publish a notice—known as a System of Records Notice (SORN)—in the Federal Register identifying, among other things, the categories of individuals whose information is in the system of records, and the type of data collected.4 Also, the E-Government Act of 2002 requires agencies to conduct Privacy Impact Assessments (PIA) that analyze how personal information is collected, stored, shared, and managed in a federal system.5 Agencies are required to make their PIAs publicly available if practicable.  See the entire report here from the General Accounting Office.

 

How Terrorists use Encryption

Posted on by

 

How Terrorists Use Encryption

June 16, 2016

Author(s): Robert Graham

CTC: Abstract: As powerful encryption increasingly becomes embedded in electronic devices and online messaging apps, Islamist terrorists are exploiting the technology to communicate securely and store information. Legislative efforts to help law enforcement agencies wrestle with the phenomenon of “going dark” will never lead to a return to the status quo ante, however. With the code underlying end-to-end encryption now widely available, unbreakable encryption is here to stay. However, the picture is not wholly bleak. While end-to-end encryption itself often cannot be broken, intelligence agencies have been able to hack the software on the ends and take advantage of users’ mistakes.

Counterterrorism officials have grown increasingly concerned about terrorist groups using encryption in order to communicate securely. As encryption increasingly becomes a part of electronic devices and online messaging apps, a range of criminal actors including Islamist terrorists are exploiting the technology to communicate and store information, thus avoiding detection and incrimination, a phenomenon law enforcement officials refer to as “going dark.”

Despite a vociferous public debate on both sides of the Atlantic that has pitted government agencies against tech companies, civil liberties advocates, and even senior figures in the national security establishment who have argued that creation of “backdoors”[1] for law enforcement agencies to retrieve communications would do more harm than good, there remains widespread confusion about how encryption actually works.[a]

Technologists have long understood that regulatory measures stand little chance of rolling back the tide. Besides software being written in other countries (and beyond local laws), what has not been fully understood in the public debate is that the “source code” itself behind end-to-end encryption is now widely available online, which means that short of shutting down the internet, there is nothing that can be done to stop individuals, including terrorists, from creating and customizing their own encryption software.

The first part of this article provides a primer on the various forms of encryption, including end-to-end encryption, full device encryption, anonymization, and various secure communication (operational security or opsec) methods that are used on top of or instead of encryption. Part two then looks at some examples of how terrorist actors are using these methods.

Part 1: Encryption 101 

End-to-End Encryption
A cell phone already uses encryption to talk to the nearest cell tower. This is because hackers could otherwise eavesdrop on radio waves to listen in on phone calls. However, after the cell tower, phone calls are not encrypted as they traverse copper wires and fiber optic cables. It is considered too hard for nefarious actors to dig up these cables and tap into them.

In a similar manner, older chat apps only encrypted messages as far as the servers, using what is known as SSL.[b] That was to defeat hackers who would be able to eavesdrop on internet traffic to the servers going over the Wi-Fi at public places. But once the messages reached the servers, they were stored in an unencrypted format because at that point they were considered “safe” from hackers. Law enforcement could still obtain the messages with a court order.

Newer chat apps, instead of encrypting the messages only as far as the server, encrypt the message all the way to the other end, to the recipient’s phone. Only the recipients, with a private key, are able to decrypt the message. Service providers can still provide the “metadata” to police (who sent messages to whom), but they no longer have access to the content of the messages.

The online messaging app Telegram was one of the earliest systems to support end-to-end encryption, and terrorists groups such as the Islamic State took advantage.[2] These days, the feature has been added to most messaging apps, such as Signal, Wickr, and even Apple’s own iMessage. Recently, Facebook’s WhatsApp[3] and Google[4] announced they will be supporting Signal’s end-to-end encryption protocol.

On personal computers, the software known as PGP,[c] first created in the mid-1990s, reigns supreme for end-to-end encryption. It converts a message (or even entire files) into encrypted text that can be copy/pasted anywhere, such as email messages, Facebook posts, or forum posts. There is no difference between “military grade encryption” and the “consumer encryption” that is seen in PGP. That means individuals can post these encrypted messages publicly and even the NSA is unable to access them. There is a misconception that intelligence agencies like the NSA are able to crack any encryption. This is not true. Most encryption that is done correctly cannot be overcome unless the user makes a mistake.

Such end-to-end encryption relies upon something called public-key cryptography. Two mathematically related keys are created, such that a message encrypted by one key can only be decrypted by the other. This allows one key to be made public so that one’s interlocutor can use it to encrypt messages that the intended recipient can decrypt through the private-key.[d] Al-Qa`ida’s Inspire magazine, for example, publishes its public-key[5] so that anyone using PGP can use it to encrypt a message that only the publishers of the magazine can read.

Full Device Encryption
If an individual loses his iPhone, for example, his data should be safe from criminals.[e] Only governments are likely to have the resources to crack the phone by finding some strange vulnerability. The FBI reportedly paid a private contractor close to $1 million to unlock the iPhone of San Bernardino terrorist Syed Rizwan Farook.[6]

The reason an iPhone is secure from criminals is because of full device encryption, also full disk encryption. Not only is all of the data encrypted, it is done in a way that is combined or entangled[7] with the hardware. Thus, the police cannot clone the encrypted data, then crack it offline using supercomputers to “brute-force” guess all possible combinations of the passcode. Instead, they effectively have to ask the phone to decrypt itself, which it will do but slowly, defeating cracking.[f]

Android phones work in much the same manner. However, most manufacturers put less effort into securing their phones than Apple. Exceptions are companies like Blackphone, which explicitly took extra care to secure their devices.

Full disk encryption is also a feature of personal computers. Microsoft Windows comes with BitLocker, Macintosh comes with FileVault, and Linux comes with LUKS. The well-known disk encryption software TrueCrypt works with all three operating systems as does a variation of PGP called PGPdisk. Some computers come with a chip called a TPM[g] that can protect the password from cracking, but most owners do not use a TPM. This means that unless they use long/complex passwords, adversaries will be able to crack their passwords.

Guccifer 2.0, the Hacked Trump Files from the DNC

Posted on by

The intrusions at the DNC are noteworthy for the sophistication of the groups behind it. One of the intrusions, by a well-known cyberespionage group called Cozy Bear, appears to have happened in the summer of 2015, according to Crowdstrike‘s CTO and co-founder Dmitri Alperovitch. The second breach, involving another Russian group, Fancy Bear, happened in April this year.

Cozy Bear has been previously associated with attacks on the White House and the US. State Department. The group has also been tied to numerous attacks on US defense contractors, government agencies, financial services companies, technology firms and think tanks, Alperovich said.  Fancy Bear, or Sofacy, as the group is also known, is similarly believed responsible for targeted attacks on various government and private sector organizations in multiple countries including the US, Canada, China and Japan, he said.

The two groups did not appear to be collaborating with each other or communicating in any fashion on the DNC attacks. But both targeted the same systems and the same data, employing a variety of sophisticated techniques in the process Crowdstrike’s CTO and co-founder Dmitri Alperovitch said in a blog post.

The Cozy Bear team used a Python-based malware tool dubbed SeaDaddy and another backdoor in Powershell to gain persistence on comprised DNC systems and to remain undetected on them for more than a year. According to Alperovitch, the Powershell backdoor was noteworthy for its use of a one-line command to establish an encrypted connection with command and control servers and for downloading additional modules.

The Fancy Bear group meanwhile used a different malware sample to remotely execute malicious commands on compromised DNC systems, to transmit files and to enable keylogging. The group deployed tactics like periodically clearing event logs and resetting the timestamps in files in an attempt to conceal their activities. More details here from DarkReading.

Gawker: A 200+ page document that appears to be a Democratic anti-Trump playbook compiled by the Democratic National Committee has leaked online following this week’s report that the DNC was breached by Russian hackers. In it, Trump is pilloried as a “bad businessman” and “misogynist in chief.”

The document—which according to embedded metadata was created by a Democratic strategist named Warren Flood—was created on December 19th, 2015, and forwarded to us by an individual calling himself “Guccifer 2.0,” a reference to the notorious, now-imprisoned Romanian hacker who hacked various American political figures in 2013.

The package forwarded to us also contained a variety of donor registries and other strategy files, “just a few docs from many thousands I extracted when hacking into DNC’s network,” the purported hacker claimed over email, adding that he’s in possession of “about 100 Gb of data including financial reports, donors’ lists, election programs, action plans against Republicans, personal mails, etc.”

Advertisement

His stated motive is to be “a fighter against all those illuminati that captured our world.”

The enormous opposition document, titled simply “Donald Trump Report,” appears to be a summary of the Democratic Party’s strategy for delegitimizing and undermining Trump’s presidential aspirations—at least as they existed at the end of last year, well before he unseated a field of establishment Republicans and clinched the nomination. A section titled “Top Narratives” describes a seven-pronged attack on Trump’s character and record.

Sponsored

The first is the argument that “Trump has no core”:

One thing is clear about Donald Trump, there is only one person he has ever looked out for and that’s himself. Whether it’s American workers, the Republican Party, or his wives, Trump’s only fidelity has been to himself and with that he has shown that he has no problem lying to the American people. Trump will say anything and do anything to get what he wants without regard for those he harms.

Second, that Trump is running a “divisive and offensive campaign”:

There’s no nice way of saying it – Donald Trump is running a campaign built on fear-mongering, divisiveness, and racism. His major policy announcements have included banning all Muslims from entering the U.S., and calling Mexican immigrants “rapists” and “drug dealers” while proposing a U.S.-Mexico border wall. And Trump’s campaign rallies have become a reflection of the hateful tone of his campaign, with protestors being roughed up and audience members loudly calling for violence.

Third, Trump is a “bad businessman”:

Despite Trump’s continual boasting about his business success, he has repeatedly run into serious financial crises in his career and his record raises serious questions about whether he is qualified to manage the fiscal challenges facing this country. Trump’s business resume includes a long list of troubling issues, including his company’s record of forcing people from their homes to make room for developments and outsourcing the manufacturing of his clothing line to take advantage of lower-wage countries like China and Mexico. His insight about the marketplace has proven wrong many times, including in the run-up to the Great Recession. And Trump’s record of irresponsible and reckless borrowing to build his empire – behavior that sent his companies into bankruptcy four times – is just one indication of how out-of-touch he is with the way regular Americans behave and make a living, and it casts doubt on whether he has the right mindset to tackle the country’s budget problems.

Fourth, Trump espouses “dangerous & irresponsible policies”:

Advertisement

Trump’s policies – if you can call them that – are marked by the same extreme and irresponsible thinking that shape his campaign speeches. There is no question that Donald Trump’s rhetoric is dangerous – but his actual agenda could be a catastrophe.

Fifth, in classically corny Democratic Party style, Donald Trump is the “misogynist in chief”:

Through both his words and actions, Trump has made clear he thinks women’s primary role is to please men. Trump’s derogatory and degrading comments to and about women, as well as his tumultuous marriages, have been well publicized. And as a presidential candidate, Trump has adopted many of the backwards GOP policies that we’ve come to expect from his party.

Sixth, Donald Trump is an “out of touch” member of the elite:

Trump’s policies clearly reflect his life as a 1-percenter. His plans would slash taxes for the rich and corporations while shifting more of the burden to the shoulders of working families. He stands with Republicans in opposing Wall Street reform and opposing the minimum wage. Trump clearly has no conception of the everyday lives of middle class Americans. His description of the “small” $1 million loan that his father gave him to launch his career is proof enough that his worldview is not grounded in reality.

The seventh strategy prong is to focus on Trump’s “personal life,” including that “Trump’s Ex-Wife Accused Him Of Rape,” which is true.

What follows is roughly two hundred pages of dossier-style background information, instances of Trump dramatically changing his stance on a litany of issues, and a round-up of the candidate’s most inflammatory and false statements (as of December ‘15, at least).

It appears that virtually all of the claims are derived from published sources, as opposed to independent investigations or mere rumor. It’s also very light on anything that could be considered “dirt,” although Trump’s colorful marital history is covered extensively:

The DNC hack was first revealed Tuesday, when the cybersecurity firm CrowdStrike announced it had discovered two hacking collectives, linked to Russian intelligence, inside the DNC network after the DNC reported a suspected breach. In a blog post, the company identified the groups as “COZY BEAR” and “FANCY BEAR”—two “sophisticated adversaries” that “engage in extensive political and economic espionage for the benefit of the government of the Russian Federation.”

The hackers were able to access opposition files and may have been able to read email and chat traffic, but did not touch any financial, donor, or personal information, the DNC said Tuesday. However, the user who sent the files to Gawker refuted that claim, writing, “DNC chairwoman Debbie Wasserman Schultz said no financial documents were compromised. Nonsense! Just look through the Democratic Party lists of donors! They say there were no secret docs! Lies again! Also I have some secret documents from Hillary’s PC she worked with as the Secretary of State.”

Among the files sent to Gawker are what appear to be several lists of donors, including email addresses and donation amounts, grouped by wealth and specific fundraising events. Gawker has not yet been able to verify that the Trump file was produced by the DNC, but we have been able to independently verify that the financial documents were produced by people or groups affiliated with the Democratic Party.

Also included are memos marked “confidential” and “secret” that appear to date back to 2008, and pertain to Obama’s transition into the White House, and a file marked “confidential” containing Hillary’s early talking points, at least some of which ended up being repeated verbatim in her April, 2015 candidacy announcement.

Finally, there is a May, 2015 memo outlining a proposed strategy against the field of potential GOP candidates. Donald Trump, who had not yet officially announced his candidacy, does not appear in the document.

The purported hacker writes “it was easy, very easy” to hack and extract thousands of files from the DNC network, “the main part” of which he or she claims are in the custody of Wikileaks. He or she also appears to have sent the documents to The Smoking Gun, which posted about the dossier earlier today.

Warren Flood did not immediately return a request for comment. DNC Press Secretary Mark Paustenbach was not able to immediately confirm the authenticity of the documents, but the party is aware that they’re circulating.

NATO Launches CyberSpace Mission

Posted on by

NATO to Recognize Cyberspace as New Frontier in Defense

 

Nasdaq: BRUSSELS—Allied defense ministers formally recognized cyberspace as a domain of warfare on Tuesday, an acknowledgment that modern battles are waged not only in air, sea and land, but also on computer networks.

The move comes the same day as the Democratic National Committee announced its computers had been hacked by the Russian government. DNC officials said the hackers made off with its opposition research related to Donald Trump, the presumptive Republican nominee for President.

The effort is designed to bolster allies’ cyberdefenses, but also will begin a debate over whether NATO should eventually use cyberweapons that can shut down enemy missiles and air defenses or destroy adversaries’ computer networks.

“This is important to all possible conflicts we can foresee,” he said.

Mr. Stoltenberg declined to address the suspected cyberhack on the Democratic National Committee by the Russian government, and wouldn’t name any potential cyber adversaries, noting that NATO’s cyberdefenses weren’t aimed at any one country. U.S. and allied officials have previously said Russia remains the greatest cyberthreat to the alliance.

Developing capabilities to more quickly attribute responsibility for cyberintrusions and cyberattacks is a priority for the alliance, Mr. Stoltenberg said.

“One of the challenge when it comes to cyber is it is not easy to tell who is attacking you,” he said.

The decision by the ministers will allow the alliance to better coordinate its cyberspace efforts and defenses, Mr. Stoltenberg said.

“This is about developing our abilities and capabilities to protect NATO cyber networks but also to help and assist nations in defending their cyber networks,” he said.

For now, the alliance is focused on defending its own secure networks and helping allies build their cyberdefenses.

Tuesday’s announcement to recognize cyberspace as new sphere of conflict or battleground constitutes a bit of catch- up by the alliance. The U.S. military, for example, has expanded its cyber command, improved its training and developed weaponry and defenses to deploy in cyberspace.

The change comes as the number of cyberattacks against the alliance and member states has been increasing, a senior NATO official said.

By making cyber a warfare domain, NATO will open the door to stepped up military planning, dedicate more officers to cyber operations and better integrate electronic warfare into its military exercises.

Two years ago, at the previous summit in Wales, NATO leaders announced a cyberattack on one ally could trigger the alliance’s collective defense provisions.

Under NATO’s founding treaty, each ally primarily has responsibility for its own defense. But NATO officials acknowledge that the alliance is only as strong as its weakest link, which makes helping nations improve their cyber capabilities a priority.

As part of efforts to counter so-called hybrid warfare threats, the use of covert forces to stir unrest or make military gains, NATO has been pushing member countries to improve their cyberdefenses.

Russia has made cyber and electronic warfare a key part of its military operations. U.S. and allied officials said that Russia has demonstrated its willingness to use such techniques to interfere with the military capabilities of its opponents in Ukraine. Russia denies it is involved militarily in Ukraine.

U.S. officials have said countering Russia’s improving militarily capabilities—such as its advanced missiles and air defenses in the Kaliningrad exclave on the border of Poland and Lithuania—could require cyber capabilities.

“Russia has sophisticated cyber capabilities,” said Vaidotas Urbelis, the defense policy director for the Lithuania ministry of defense. “But, come on, NATO nations have invested a lot in cyber and we have the capacity to defend ourselves.”

On Monday, Douglas Lute, the U.S. ambassador to NATO said cyber operations could be a key part of the alliance’s defense against stepped up Russian advances in anti-access weaponry.

“A networked air defense system can be jammed. It can be disrupted by way of cyber techniques,” Mr. Lute said.

A discussion of additional NATO cyber capabilities—or offensive capabilities—is likely to wait until after the conclusion of the alliance summit in Warsaw next month.

The alliance lags well behind its most militarily advanced members, including the U.S. and Britain, in developing its cyber capabilities. In any potential conflict, the alliance would need to rely on the U.S. and its use of cyber weaponry.

“We welcome the decision to recognize cyber as a domain,” said British Defense Secretary Michael Fallon, adding the U.K. has committed some $2 billion for its own cyberdefenses and capabilities.

The U.S. Army has been increasing its cyberdefense training at its training centers in the U.S. and Europe. A pilot program begun last year has aimed embedding “cyber elements” with tactical units.

“We know a variety of countries have increasing cyber capabilities that can interfere with your communications, your global position and navigating systems, your targeting systems,” said a U.S. defense official.
*****

Defense Secretary Ash Carter, left, talks with NATO Secretary General Jens Stoltenberg, right, at NATO headquarters in Brussels, June 14, 2016, during a meeting of NATO defense minister. The two leaders met to discuss matters of mutual importance. DoD photo by Air Force Senior Master Sgt. Adrian Cadiz

Last year saw was a small uptick in defense spending across Europe and Canada, Stoltenberg said. “Our estimates for 2016 show a further increase across NATO’s European allies and Canada,” said he added. “These are only estimates. But they are encouraging.”

The annual real change in NATO defense spending, he said, currently stands at around 1.5 percent, which represents an increase of more than $3 billion.

Plans to Boost Defense Spending

Some 20 NATO allies plan to spend more in real terms on defense this year, Stoltenberg said.

“So, this is real progress,” he said. “After many years of going in the wrong direction, we are starting to go into the right direction.”

With more money comes increased capabilities, Stoltenberg said, noting that NATO has agreed to place four battalions in the eastern nations of the alliance.

“Based on the advice of our military planners, we will agree to deploy by rotation four robust multinational battalions in the Baltic states and in Poland,” he said. “This will send a clear signal that NATO stands ready to defend any ally. More from the Department of Defense.