Category Archives: Cyber War

WikiLeaks Posts the Hacked Emails of CIA Director

Posted on by

Yet another Obama administration placeholder that was using a private email for sensitive material.

Of particular note is the partially written summary on Iran from 2009, which appear to be the genesis and words the White House used to justify normalizing relations with the rogue nation. John Brennan was applying to obtain high security clearance to enter the Obama White House before 2009 and later assuming the role of the chief of the CIA.

*** “The United States has no choice but to find ways to coexist — and to come to terms — with whatever government holds power in Tehran,” Brennan said in the three-page memo. He added that Iran would have to “come to terms” with the U.S. and that “Tehran’s ability to advance its political and economic interests rests on a non-hostile relationship with the United States and the West.”

In the memo, Brennan advised Obama to “tone down” rhetoric with Iran, and swiped at former President George W. Bush for his “gratuitous” labeling of Iran as part of a worldwide “axis of evil.” Brennan also said the U.S. should establish a direct dialogue with Tehran and “seek realistic, measurable steps.” Although he didn’t specifically call for the regime of financial sanctions that the Obama administration, along with Europe, Russia and China, pushed against Iran, Brennan told the president-elect to “hold out meaningful carrots as well as sticks.” ***

In part, a deeper look at the text is as follows:

The Conundrum of Iran

Iran will be a major player on the world stage in the decades ahead, and its actions and
behavior will have a major and enduring impact on near- and long-term U.S. interests on
a wide variety of regional and global issues. With a population of over 70 million, xx
percent of the world’s proven oil reserves, a geostrategic location of tremendous
(enviable?) significance, and a demonstrated potential to develop a nuclear-weapons
program, the United States has no choice but to find a way to coexist—and to come to
terms—with whatever government holds power in Tehran. At the same time, the Iranian
Government also must come to terms with Washington, as Tehran’s ability to advance its
political and economic interests rests on a non-hostile relationship with the United States
and the West.
There are numerous hurdles that stand in the way of improved U.S.-Iranian relations, but
none is more daunting than the theocratic regime’s nearly 30-year track record of
engaging in transnational terrorism, both directly and indirectly, to advance its
revolutionary agenda. Tehran’s proclivity to promote its interests by playing the terrorist
card undermines its standing as a responsible sovereign state and calls into question
virtually all of its actions, even when pursuing legitimate political, economic, and
strategic interests. While the use of terrorism(*footnote on definition) is reprehensible
and of serious concern irrespective of the source, the wielding of the terrorism club by a
nation state such as Iran is particularly alarming and insidious because of the ability of a
government to use its instruments of national power to support, conceal, facilitate, and
employ terrorist violence. Specifically, a sovereign government has the ready ability to
provide all of the logistical requirements—e.g. the fabrication of official documentation,
explosives, and weapons; the protected use of diplomatic facilities, staff, and pouches;
and the provision of expertise, funding, and targeting intelligence—that can be used to
great effect to plan and carry out successful terrorist attacks. Too often, and for too long,
Iran has excelled at such activities.

An anonymous teen hacker claimed to have stolen a handful of files from CIA Director John Brennan’s private email account, U.S. officials reported on Monday.

CIA Director John Brennan emails

Today, 21 October 2015 and over the coming days WikiLeaks is releasing documents from one of CIA chief John Brennan’s non-government email accounts. Brennan used the account occasionally for several intelligence related projects.

John Brennan became the Director of the Central Intelligence Agency in March 2013, replacing General David Petraeus who was forced to step down after becoming embroiled in a classified information mishandling scandal. Brennan was made Assistant to the President for Homeland Security and Counterterrorism on the commencement of the Obama presidency in 2009–a position he held until taking up his role as CIA chief.

According to the CIA Brennan previously worked for the agency for a 25 year stretch, from 1980 to 2005.

Brennan went private in 2005-2008, founding an intelligence and analysis firm The Analysis Corp (TAC). In 2008 Brennan became a donor to Obama. The same year TAC, led by Brennan, became a security advisor to the Obama campaign and later that year to the Obama-Biden Transition Project. It is during this period many of the Obama administration’s key strategic policies to China, Iran and “Af-Pak” were formulated. When Obama and Biden entered into power, Brennan was lifted up on high, resulting in his subsequent high-level national security appointments.

If you have similar official documents that have not been published yet, send them to WikiLeaks.

John Brennan Draft SF86

“National Security Position” form for John Brennan. This form, filled out by Brennan himself before he assumed his current position, reveals a quite comprehensive social graph of the current Director of the CIA with a lot of additional non-govermental and professional/military career details. (17 November 2008, Author: John Brennan)

Download PDF or view HTML version.

The Analysis Corporation

FAX from the General Counsel of the CIA to the Goverment Accountability Office about a legal quarrel between the CIA and “The Analysis Corporation”. TAC seems to have lost a tender for a US watchlist-related software project to a competitor. Issues seem to revolve around “growth of historical data” and “real-time responsiveness” of the system. (15 February 2008, Sender: CIA, Office of General Counsel, Larry Passar)

Download PDF or view HTML version.

Draft: Intel Position Paper

Challenges for the US Intelligence Community in a post cold-war and post-9/11 world; a calling for inter-agency cooperation, a ten-year term for the Director of the CIA and the Director of National Intelligence. It also demands the autonomy of the Intelligence Community, that it “… must never be subject to political manipulation and interference.” An unfinished paragraph is titled “Damaging Leaks of Classified Information”. (15 July 2007, Author: John Brennan)

Download PDF or view HTML version.

The Conundrum of Iran

Recommendations to the next President (assuming office in Jan. 2009) on how to play the figures on the U.S.-Iranian Chessboard (18 November 2007, Author: John Brennan)

Download PDF or view HTML version.

Torture

Letter from Vice Chairman Bond, Senate Select Committee on Intelligence, to his fellow board members with a proposal on how to make future interrogation methods “compliant” and “legal”. Instead of listing all allowed methods, every kind of interrogation should be considered compliant, as long as it is not explicitly forbidden by the “Army Field Manual” (AFM). (May 2008)

Download PDF or view HTML version.

Torture Ways

A bill from July 2008 called “Limitations on Interrogation Techniques Act of 2008” explicitly list the forbidden interrogation techniques mentioned in the previous document and can be considered a direct implementation of the recommendations of Christopher Bond. (31 July 2008)

Download PDF or view HTML version.

Server-Gate or Deep Throat Part 2?

Posted on by

Hillary says often that the State Department gave her permission to use a private server and email. Think about that, who at State did that? She was HEAD of the State Dept, so did she give herself permission? C’mon….

Then there is the excuse that everyone does it so it must be okay right?

State Department’s Cybersecurity Weakened Under Hillary Clinton

From 2011 to 2014, the State Department’s poor cybersecurity was identified by the inspector general as a “significant deficiency.”

WASHINGTON (AP) — The State Department was among the worst agencies in the federal government at protecting its computer networks while Hillary Rodham Clinton was secretary from 2009 to 2013, a situation that continued to deteriorate as John Kerry took office and Russian hackers breached the department’s email system, according to independent audits and interviews.

The State Department’s compliance with federal cybersecurity standards was below average when Clinton took over but grew worse in each year of her tenure, according to an annual report card compiled by the White House based on audits by agency watchdogs. Network security continued to slip after Kerry replaced Clinton in February 2013, and remains substandard, according to the State Department inspector general.

In each year from 2011 to 2014, the State Department’s poor cybersecurity was identified by the inspector general as a “significant deficiency” that put the department’s information at risk. The latest assessment is due to be published in a few weeks.

Clinton, the front-runner for the Democratic presidential nomination, has been criticized for her use of a private email server for official business while she was secretary of state. Her private email address also was the recipient of malware linked to Russia, and her server was hit with malware from China, South Korea and Germany. The FBI is investigating whether her home server was breached.

State Department officials don’t dispute the compliance shortcomings identified in years of internal audits, but argue that the audits paint a distorted picture of their cybersecurity, which they depict as solid and improving. They strongly disagree with the White House ranking that puts them behind most other government agencies. Senior department officials in charge of cybersecurity would speak only on condition of anonymity. More here.

With Jake Tapper, Hillary laughed at this scandal…a weird moment in that interview.

Observer: Hillary Clinton emerged from Tuesday night’s inaugural Democratic debate in Las Vegas the clear leader in her party’s field. As Democrats attempt to hold onto the White House in 2016, polling demonstrated a revitalized Hillary campaign, which had been in the doldrums for months due to the ongoing scandal about her misuse of email as Secretary of State.

Mounting talk of Vice President Joe Biden entering the race–to take the place of an ailing Hillary–has dissipated in the wake of the debate, where Ms. Clinton dismissed the email issues as Republican-driven political theater. That Senator Bernie Sanders vigorously backed Ms. Clinton on the point helped her cause, as did her brusque dismissal of Lincoln Chafee’s efforts to raise the issue again, which got raucous applause from the crowd.

It’s evident the Democratic base agrees with Ms. Clinton that her emails are just GOP theatrics. President Obama reflected the sentiment in an interview with 60 Minutes airing two days before the debate, during which he allowed that Secretary Clinton had “made a mistake” with her email but it “is not a situation in which America’s national security was endangered.”

Though the White House soon walked back on some of the president’s statements, which seemed to many to be inappropriate West Wing commentary regarding an ongoing FBI investigation, it’s apparent that the Clinton campaign and the Obama team have united around a message: this issue is fundamentally contrived by Republicans, and is certainly not a threat of any kind to national security.

Democrats unsurprisingly find this take congenial, but it’s less clear if other Americans consider it persuasive. Naturally, Republicans view Ms. Clinton’s email activities with a great deal of suspicion, but recent polls show even independents have concerns regarding EmailGate and Ms. Clinton’s honesty. While the Clinton camp is now confident the email problems will likely not bar her party’s nomination next summer, the issue may loom larger in the race for the White House next fall.

There’s also the matter of exactly what the FBI is investigating. Recent revelations hint that the compromising of classified information on Ms. Clinton’s “private” email and server was more serious than originally believed. While earlier reports indicated only a small percentage of the sensitive information that “spilled over” onto Ms. Clinton’s personal email was highly classified at the Top Secret level, that may be only a small portion of what was potentially compromised.

Particularly disturbing is the report that one of the “personal” emails Ms. Clinton forwarded included the name of a top CIA asset in Libya, who was identified as such. The source of this information was Tyler Drumheller, a retired senior CIA operations officer, who served as a sort of one-man private spy agency for Sid Blumenthal, the Clintons’ close family friend and factotum whose sometimes long-winded emails, particularly regarding Libya, have generated much of the controversy behind EmailGate.

Mr. Drumheller became a fleeting hero to liberals with his resistance to George W. Bush’s White House over skewed intelligence behind the 2003 invasion of Iraq, but he was never particularly popular at CIA and he left Langley under something of a cloud. His emails to Mr. Blumenthal, which were forwarded to Ms. Clinton, were filled with espionage-flavored information about events in Libya. In many cases, Mr. Drumheller’s reports were formatted to look exactly like actual CIA reports, including attribution to named foreign intelligence agencies. How much of this was factual versus Mr. Drumheller embellishing his connections is unclear.

What is abundantly clear is that the true name of an identified CIA asset is a highly classified fact and intentionally revealing it is a Federal crime, which Mr. Drumheller, a career spy, had to know. Why he compromised this person who was secretly helping the United States – possibly endangering his life in the process — may never be known because Mr. Drumheller conveniently died of cancer in early August.

Libya may have a great deal to worry about since new information continues to show just how slipshod Ms. Clinton’s security measures were for her “private” server. That Ms. Clinton’s server experienced multiple cyber-attacks from abroad, including by Russians, does not inspire confidence that any classified information stored in her emails remained in American hands.

To make matters worse, a recent investigation by the Associated Press demonstrates that even relatively low-skill hackers could have hacked Hillary’s unencrypted server, which was left vulnerable to exposure on the open Internet to a degree that cyber-warriors find difficult to believe. “Were they drunk?” a senior NSA official asked me after reading the AP report. “Anybody could have been inside that server – anybody,” he added.

Since the communications of any Secretary of State are highly sought after by dozens of intelligence agencies worldwide – a reality expressed by Secretary John Kerry recently when he said it’s “very likely” the Russians and Chinese are reading his email, a view that any veteran spy would endorse – Ms. Clinton putting her emails at such risk means they have to be assumed to be compromised. If the more skilled state-connected hackers in Russia can fool even NSA these days, they could have gotten into Hillary’s unprotected server without breaking a sweat.

This makes Mr. Obama’s quip that EmailGate represents no threat to American national security all the more puzzling in its dishonesty. Unsurprisingly, some at the FBI are not pleased the president made this pronouncement before the Bureau completed its investigation. “We got the message,” an FBI agent at the Washington Field Office, which is spearheading the EmailGate case, explained: “Obama’s not subtle sometimes.”

In 2012, while the FBI was investigating CIA director David Petraeus for mishandling classified information, Mr. Obama similarly dismissed the national security implications of the case at a press conference. Although FBI director James Comey pressed for serious charges against Mr. Petraeus, the White House demurred and the Department of Justice allowed him to plead guilty to a misdemeanor, sentenced to probation with no jail time.

Some at the FBI were displeased by this leniency and felt Mr. Obama showed his hand to the public early, compromising the Bureau’s investigation. Is the same happening with Ms. Clinton? It’s too soon to say, though the anger of some at the FBI has seeped into the media already. Comments to tabloids reflect the widespread frustration and fear among federal law enforcement and intelligence circles that Mr. Obama will let Ms. Clinton skate free from EmailGate.

For now, the FBI is pursuing its investigation with diligence, bringing other intelligence agencies into the case, and recent reports indicate that specific provisions of the Espionage Act are being re-read carefully, particularly regarding “gross negligence” – which may be the most appropriate charge that Ms. Clinton or members of her inner circle could face.

It will be weeks, even months, before the FBI’s investigation concludes and the Department of Justice has to decide whether any of the events surrounding EmailGate reach the threshold of prosecution. Many in the FBI and the Intelligence Community suspect the fix is already inside the West Wing to prevent that from happening, but it’s still early in this investigation.

It can be expected that if the White House blocks Hillary’s prosecution during the election campaign, leaks will commence with a vengeance. “Is there another Mark Felt out there, waiting?” asked a retired senior FBI official. “There usually is,” he added with a wry smile, citing the top Bureau official who, frustrated by the antics of the Nixon White House, became the notorious “Deep Throat”who leaked the dirty backstory to Watergate to the Washington, DC, media.

Mr. Obama and the Clinton camp should be advised to be careful about who they throw under the bus in this town.

U.S. Defense-Less During Iran Missile Testing

Posted on by

Navy won’t have aircraft carrier in Persian Gulf as Iran deal takes effect

TheHill: The Navy does not have an aircraft carrier in the Middle East region as the Iran deal takes effect and just days after Tehran conducted a controversial ballistic missile test, raising concerns.

The USS Theodore Roosevelt pulled out of the Middle East region on Tuesday, and the next carrier, the USS Harry Truman, won’t arrive to the Persian Gulf area until winter, leaving a months-long gap without a carrier. The Navy’s moves were planned well in advance, but Iran’s recent missile test, which the Obama administration said violated international sanctions, is sparking worries about Tehran’s actions without a visible symbol of American deterrence in the region. The missile test came just one day after the Roosevelt pulled out of the Persian Gulf. It leaves the Gulf area without a continuous U.S. aircraft carrier presence for the first time since 2008.

The test also comes just before the Iran nuclear deal’s “adoption day” on Sunday — when it is Iran’s turn to take actions to implement its side of the deal.

On adoption day, sanctions waivers will be issued but won’t be effective until the deal is implemented in the spring.

U.S. Ambassador to the United Nations Samantha Power said on Friday that the test violated United Nations Security Council resolutions to curb Iran’s ballistic missile activities, and the U.S. would file a report with the UNSC on the matter.

“The Security Council prohibition on Iran’s ballistic missile activities, as well as the arms embargo, remain in place and we will continue to press the Security Council for an appropriate response to Iran’s disregard for its international obligations,” she said.

Administration officials have insisted the launch does not violate the terms of the nuclear deal, which places limits on Iran’s nuclear program in exchange for relief from crippling economic sanctions.

And the administration has sought to assure allies in the region that it would keep a close watch on Iran after the deal was signed and counter its support for terrorism throughout the region.

President Obama just last week cited having an aircraft carrier as a projection of strength in the Middle East, in response to a question about whether U.S. adversaries and allies perceive the U.S. as retreating from the region.

“We have enormous presence in the Middle East. We have bases and we have aircraft carriers, and our pilots are flying through those skies,” Obama said during his interview on CBS “60 Minutes” last Sunday.

While officials say there are plenty of other assets in the region, some argue that an aircraft carrier is critical and its absence is being noticed.

“The most important thing you need a carrier for is for what you don’t know is going to happen next,” Peter Daly, a retired Navy vice admiral and CEO of the U.S. Naval Institute told NBC News.

“The biggest value to those carriers is that they are huge, and you have the capability to go from one stop to another, and we don’t need a permission slip from another nation when we want to fly planes,” he said.

Earlier this year, the Navy’s top officer said he was concerned about the lack of an aircraft carrier’s presence in the Middle East at a time the U.S. is conducting an airstrike campaign in Iraq and Syria.

“Without that carrier, there will be a detriment to our capability there,” the Navy’s Chief of Naval Operations Adm. John Richardson told the Senate Armed Services Committee during his July 30 confirmation hearing.

From 2010 through 2013, the U.S. maintained two aircraft carriers in the Persian Gulf, known as a “2.0 carrier presence,” although it sometimes temporarily dipped below that level.

The heightened presence was to support U.S. operations in Iraq and Afghanistan and also to deter Iran from bad behavior in the region and keep the Strait of Hormuz open.

However, the U.S. stepped away from that in 2013, after steep budget cuts hit the Pentagon, forcing the Defense Department to curtail deployments, defer maintenance, and delay major purchases.

A U.S. official told The Hill in August that the Navy could have an even more reduced presence in the Persian Gulf in coming years, due to budget cuts, but also a prioritization of the Asia-Pacific.

“All I can say is that in the short-term, we need a continuous presence. The demand is out there, the [combatant commander] is asking for it, and the [Pacific Command] commander is asking for it. They’re asking for it. There’s just not enough peanut butter to spread around,” the official said.

“So what are you going to do? You’re going to give what you can. You’re going to prioritize based on what the president wants us to do, what the [Defense] secretary wants us to do and allocate those forces to meet those needs,” the official said.

“Iran last Sunday successfully test-fired the country’s new precision-guided long-range ballistic missile that can be controlled until the moment of impact. Emad carries a conventional warhead.”

Let’s be clear about this: does anyone really think that a long-range ballistic missile carrying a warhead of a few hundred kilograms with an accuracy of half a kilometer is being built for the purposes of carrying conventional explosives? Aim it at a target – an airport, a port, a chemical plant, Israel’s IDF headquarters in Tel Aviv – you name it – and what are the odds that a conventional explosion is actually going to damage the target? ]

Top Security Official Dismisses US Ballyhoos over Iran’s Missile Test as Irrelevant Sun Oct 18, 2015 3:9

http://english.farsnews.com/newstext.aspx?nn=13940726000483

TEHRAN (FNA)- Secretary of Iran’s Supreme National Security Council (SNSC) Ali Shamkhani rejected the US officials’ hues and cries over Tehran’s recent missile test as pointless, stressing that no threat can ever stop the country’s military progress.

“We have never accepted (UN Security Council) Resolution 1929 and I should say that Iran’s missile test was not a violation of Resolution 2231 either,”

Shamkhani told reporters on the sidelines of the preliminary meeting of the Munich Security Conference in Tehran on Saturday.

“Such remarks are a propaganda hype and Iran doesn’t stop (enhancement of) its defensive and deterrent capability under any threat,” he added.

Shamkhani also underscored that Iran’s missile tests shouldn’t affect the implementation of the Joint Comprehensive Plan of Action (JCPOA) agreed by Iran and the world powers on July 14.

In relevant remarks on Saturday, Iranian Foreign Minister Mohammad Javad Zarif underscored that Tehran has not violated the UN Security Council resolution 2231 by testing missiles, reiterating that Tehran would never accept to let the nuclear agreement leave an impact on its defensive measures.

“No reference has been made to the missile issue in the Joint Comprehensive Plan of Action (JCPOA) and I seriously believe that our missile tests are no way related to Resolution 2231,” Zarif said in a joint press conference with his German counterpart Frank-Walter Steinmeier in Tehran.

“Resolution 2231 speaks of missiles which have been designed for nuclear capabilities while none of our missiles have been designed for nuclear capabilities and our missile program is aimed at defending our territorial integrity,” he added.

Noting that all involved parties, including the Americans, have admitted that Iran’s missile tests haven’t violated the nuclear agreement between Tehran and the world powers, Zarif said, “The Islamic Republic of Iran has proved and shows again that the nuclear weapons didn’t and don’t have any place in its defensive doctrine and our missiles have not been designed for carrying nuclear warheads since we didn’t and don’t have any plan to have nuclear warheads.”

Some western media outlets have cast doubt about Iran’s recent missile test, saying that it could have violated the nuclear agreement between Tehran and the world powers.

Iran last Sunday successfully test-fired the country’s new precision-guided long-range ballistic missile that can be controlled until the moment of impact. Emad carries a conventional warhead.

“This missile (Emad) which has been fully designed and made by Iranian Defense Ministry’s scientists and experts is the country’ first long-range missile with navigation and strike controlling capability; it is capable of hitting and destroying the targets with high-precision,” Iranian Defense Minister Brigadier General Hossein Dehqan told reporters after the successful test of Emad missile.

The Iranian Defense Minister reiterated that the manufacture and successful testing of Emad missile is a technological and operational jump in a strategic field, and said, “We don’t ask for anyone’s permission for boosting our defense and missile power; we resolutely continue our defense programs, specially in the missile field, and Emad missile is a conspicuous example.”

General Dehqan felicitated Supreme Leader of the Islamic Revolution Ayatollah Seyed Ali Khamenei, Iranian Armed Forces and the Iranian nation on the successful testing, and appreciated the scientists and experts of the Aerospace Industries Organization of the Defense Ministry.

The Iranian Defense Minister reiterated that the mass production and delivery of Emad missile to the country’s Armed Forces will considerably increase their power and tactical capabilities.

The Iranian Armed Forces have recently test-fired different types of newly-developed missiles and torpedoes and tested a large number of home-made weapons, tools and equipment, including submarines, military ships, artillery, choppers, aircrafts, UAVs and air defense and electronic systems, during massive military drills.

Defense analysts and military observers say that Iran’s wargames and its advancements in weapons production have proved as a deterrent factor.

The Iranian officials have always underscored that the country’s defense program cannot be affected by the nuclear deal clinched between Iran and the world powers on July 14.

Telegram, New Platform for Terrorists to Communicate

Posted on by

Sitting on the knife’s edge when it comes to protecting people’s communication from investigative agencies like the FBI and the NSA is a slippery and inexact argument. The Director of the FBI, James Comey has begged Congress for some legislation such that some encryption can be broken for terror and other criminal cases to be investigated yet nothing is forthcoming and not likely in the future.

FBI Director James Comey spoke to legal professionals and scholars this week about cyber threats and the FBI’s abilities to counter and investigate those evolving threats.

In remarks at the American Law Institute on Tuesday and at a cyber security summit on Wednesday at Georgetown University Law Center, Comey said the group calling itself the Islamic State, or ISIL, represents the FBI’s most urgent threat. He described the organization’s use of social media to motivate troubled people in the United States to engage in acts of violence—either by traveling to the so-called caliphate or killing where they are. Comey said ISIL reaches out to individuals on Twitter and elsewhere, then moves their more sensitive communications to encrypted platforms.

“The threat we face has morphed,” Comey said on Wednesday. “It’s a chaotic spider web through social media—increasingly invisible to us because the operational communications are happening in an encrypted channel.”

Comey later elaborated on the issue of encryption, which is a process of encoding messages—on mobile phones for example—that only authorized parties can access. While it can be effective at thwarting digital thieves, strong encryption also limits the amount of information—or evidence—that law enforcement can effectively gather from a device.

“Increasingly we’re finding ourselves unable to read what we find, or unable to open a device,” Comey said, “and that is a serious concern.”

The issue of “going dark,” as the Bureau calls it, is worthy of a larger public conversation about the balance between privacy and public safety, Comey said. Momentum toward universal encryption, he explained, may have unintended consequences.

“As all of our lives become digital, the logic of encryption is all of our lives will be covered by strong encryption, and therefore all of our lives—including the lives of criminals and terrorists and spies—will be in a place that is utterly unavailable to court-ordered process,” he said. “And that, I think, to a democracy should be very, very concerning.”

The Director also pointed to provisions of the Patriot Act of 2001 that, if allowed to expire on June 1, could hobble the FBI’s investigative abilities. One of the provisions is Section 215, which authorized the National Security Agency’s database of telephony records and metadata.

Comey said the FBI relies on that provision fewer than 200 times a year—in particular cases to get particular records. “If we lose that authority,” Comey said, “we can’t get information that I think everybody wants us to attain.”

Two other provisions include:

  • Roving wiretaps. The FBI has had authority since the 1980s to use legally authorized roving wiretaps in criminal cases—allowing authorities to follow surveillance targets rather than their phones, which can be easily trashed and replaced. The Patriot Act extended that authority to terrorism and counterintelligence cases.
  • The Lone Wolf provision. In 2004, Congress amended the Foreign Intelligence Surveillance Act to authorize intelligence gathering on individuals not affiliated with any known terrorist organization.

“These three are going to go away June 1,” Comey said, “and I don’t want them to get lost in the conversation about metadata.”

It was not but a few months ago, the leadership of Islamic State (ISIS) published an edict for the top terror commanders to use an app called ‘Telegram’ and they are.

Now what? How is the conflict of civil liberties resolved?

Director Comey Speaks at Georgetown University Law Center

  

Why Telegram has become the hottest messaging app in the world

Secret messages and advanced cryptography pose a challenge to WhatsApp

When WhatsApp went down for four hours this weekend, nearly 5 million people signed up for messaging service Telegram. The app skyrocketed to the top of the App Store charts, and is now the top free app in 46 countries from Germany to Ecuador. In the US and several other countries, the app is no. 1 in the social networking category, ahead of Facebook, WhatsApp, Kik, and others.

Screen568x568 4.1393343382

It’s not immediately clear why Telegram emerged as the alternative of choice following WhatsApp’s downtime. Users could have switched to Kik, or Facebook Messenger, or LINE — all of which have hundreds of millions of users. There’s seemingly something different about Telegram. Its rise isn’t only due to WhatsApp’s acquisition and subsequent downtime. “We have been the no. 1 app in Spanish, Arabic, and several Latin American app stores for several weeks before the Facebook deal happened,” says Telegram’s Markus Ra. “The growth was there — so the WhatsApp acquisition and problems merely multiplied the effect across all affected countries.” According to app analytics site App Annie, Telegram started truly gaining steam on February 17th, days before the WhatsApp news even hit.

Built by the pioneering Durov brothers behind Russia’s largest social network, VKontakte (also known as VK), Telegram is a messaging service combining the speed of WhatsApp with Snapchat’s ephemerality and advanced new security measures. WhatsApp might have heralded the first time we heard of Telegram, but it certainly won’t be the last.

Telegram feels in many ways like a straight-up clone of WhatsApp, from its green double-checkmark read receipts to its cartoonish wallpapers. There’s also the usual gamut of messaging app features including the ability to see a friend’s online status and attach photos, videos, your location, contacts, and documents to messages. But where it lacks originality, Telegram makes up for it in speed and security features. “Telegram is the fastest and most secure mass market messaging system in the world,” the company claims, which it attributes in part to Nikolai Durov’s open-sourced MTProto protocol. Telegram was in fact built as a testing bed for MTProto, Reuters reported when the app launched back in August. The company is so confident in the security of MTProto that it’s offering $200,000 to anyone who can crack it. It’s not unusual for companies to offer bug bounties, but bounties of this size are generally only reserved for critical bugs in widely used apps like Windows.

“The no. 1 reason for me to support and help launch Telegram was to build a means of communication that can’t be accessed by the Russian security agencies,” Durov told TechCrunch. Durov built in a feature that lets you start a “Secret Chat” with any of your friends. According to Telegram, Secret Chats offer end-to-end encryption, leave no trace on the company’s servers, and let you set Snapchat-esque self-destruct timers on messages that range from two seconds to one week. There’s also the ability to check the security of your Secret Chats using an image that serves as an encryption key. By comparing your encryption key to a friend’s, you can effectively verify that your conversation is secure and less vulnerable to man-in-the-middle attacks, the company says. But despite Telegram’s alleged sophistication, no cryptographic method is infallible. The company has, in fact, already doled out $100,000 to one developer for finding a critical bug, TechCrunch reports.

“The no. 1 reason for me to [help launch] Telegram was to build a means of communication that can’t be accessed by the Russian security agencies.”

Telegram is interesting not just because of its stringent security standards, but also because it allows any developer to build a Telegram client of their own, and even for desktop computers. Most new messaging services today, including WhatsApp, build one-size-fits-all messaging apps and lock out third-party developers. It’s hard to blame them, since maintaining one federated language and security paradigm across dozens of apps is difficult. Also, making money off of a platform takes more thought than making money off a simple paid app. Yet, the Durovs’ VKontakte found a lot of success letting developers build alternate versions of its site. More importantly, Telegram operates as a non-profit organization, and doesn’t plan to charge for its services.

“Telegram is not intended to bring revenue, it will never sell ads or accept outside investment. It also cannot be sold,” the company writes in its FAQ. “We’re not building a ‘user base,’ we are building a messenger for the people.” If Telegram ever “runs out” of the money supplied by the Durov brothers, the company says, it will ask for donations from its users. Telegram’s noble goals echo the sentiments of many bright-eyed startup founders, but with the Durovs’ pocketbook in hand and the service’s open API available to third-party developers, it may actually have a chance at fulfilling its goals. Telegram isn’t a CryptoCat for the masses, considering it uses your phone number, of all things, as an identifier — but it’s an important step towards finding a highly encrypted messaging platform that’s accessible to anyone.

“Telegram is not intended to bring revenue, it will never sell ads.”

Championing an ostensibly noble goal, free services, and the experience of VKontakte’s creators, Telegram would seem like a great alternative to any of the leading messages apps out there. After WhatsApp’s acquisition news and downtime, the app is spiking at the right time. The company incentivized several million new users into switching over, but keeping those users will be a continuous challenge. “The switching cost for users on a phone number-based messaging services is at or near zero,” argues Union Square Ventures partner Albert Wenger in a blog post, but that’s only half the story. A network is only as strong as the number of friends you have using it, and convincing all of your friends to switch is no easy task. If Facebook thought that WhatsApp users were liable to switch at a moment’s notice, it wouldn’t have paid $19 billion for the company.

Facebook paid for WhatsApp’s user base, but also for its brand — a brand that spent years solving a very important problem: that it costs a fortune to text across borders. Perhaps the next messaging problem to solve is personal security, considering WhatsApp’s alleged cryptographic weaknesses and the NSA’s data collection policies. WhatsApp became synonymous with texting. Perhaps for Telegram to succeed, it will need to become synonymous with security.

Arms Race, Cyber Defenses Fail

Posted on by
By: Damian Paletta, Danny Yadron and Jennifer Valentino-DeVries
Countries toiled for years and spent billions of dollars to build elaborate facilities that would allow them to join the exclusive club of nations that possessed nuclear weapons.
Getting into the cyberweapon club is easier, cheaper and available to almost anyone with cash and a computer.
A series of successful computer attacks carried out by the U.S. and others has kicked off a frantic and destabilizing digital arms race, with dozens of countries amassing stockpiles of malicious code. The programs range from the most elementary, such as typo-ridden emails asking for a password, to software that takes orders from a rotating list of Twitter handles.
The proliferation of these weapons has spread so widely that the U.S. and China-longtime cyber adversaries-brokered a limited agreement last month not to conduct certain types of cyberattacks against each other, such as intrusions that steal corporate information and then pass it along to domestic companies. Cyberattacks that steal government secrets, however, remain fair game.
This comes after other countries have begun to amass cyberweaponry on an unprecedented scale. Pakistan and India, two nuclear-armed rivals, regularly hack each other’s companies and governments, security researchers said. Estonia and Belarus are racing to build defensive shields to counter Russia. Denmark and the Netherlands have begun programs to develop offensive computer weapons, as have Argentina and France.
In total, at least 29 countries have formal military or intelligence units dedicated to offensive hacking efforts, according to a Wall Street Journal compilation of government records and interviews with U.S. and foreign officials. Some 50 countries have bought off-the-shelf hacking software that can be used for domestic and international surveillance. The U.S. has among the most-advanced operations.
In the nuclear arms race, “the acronym was MAD-mutually assured destruction-which kept everything nice and tidy,” said Matthijs Veenendaal, a researcher at the NATO Cooperative Cyber Defence Centre of Excellence, a research group in Estonia. “Here you have the same acronym, but it’s ‘mutually assured doubt,’ because you can never be sure what the attack will be.”
Governments have used computer attacks to mine and steal information, erase computers, disable bank networks and-in one extreme case-destroy nuclear centrifuges.
Nation states have also looked into using cyberweapons to knock out electrical grids, disable domestic airline networks, jam Internet connectivity, erase money from bank accounts and confuse radar systems, experts believe.
Large conventional militaries and nuclear forces are ill-suited to this new kind of warfare, which evens the playing field between big and small countries. Cyberattacks are hard to stop and sometimes impossible to trace. The West, as a result, has been forced to start reconfiguring its militaries to better meet the threat.
 
Access to cyberweapons, according to U.S. and foreign officials and security researchers, is far more widespread than access to nuclear weapons was at the height of the nuclear arms race, a result of inexpensive technology and the power of distributed computing.
More than two dozen countries have accumulated advanced cyberweapons in the past decade. Some Defense Department officials compare the current moment to the lull between the World Wars when militaries realized the potential of armed planes.
“It’s not like developing an air force,” in terms of cost and expertise, said Michael Schmitt, a professor at the U.S. Naval War College and part of an international group studying how international law relates to cyberwarfare. “You don’t need to have your own cyberforce to have a very robust and very scary offensive capability.”
For example, hackers aligned with the Syrian government have spied into the computers of rebel militias, stolen tactical information and then used the stolen intelligence in the ongoing and bloody battle, according to several researchers, including FireEye Inc.
Most cyberattacks linked to the U.S. and foreign governments in recent years involve cyberspying-breaking into a computer network and stealing data. More-aggressive covert weapons go further, either erasing computer records or destroying physical property.
“With some countries, we’re comfortable with knowing what their capabilities are, but with other countries we’re still lost,” said Andre McGregor, a former cyber special agent at the Federal Bureau of Investigation and now the director of security at Tanium Inc., a Silicon Valley cybersecurity startup. “We don’t have the visibility into their toolset.”
The Military Balance, a widely read annual assessment of global military powers published by the International Institute for Strategic Studies in London, tallies tanks, battalions and aircraft carriers. When it comes to national cyberforces it says “capabilities are not assessed quantitatively.”
In the U.S., the National Security Agency, Central Intelligence Agency, FBI and others all play roles in combing through intelligence.
U.S. officials say their biggest concerns are the cyberweapons held by the Chinese, Russians, Iranians and North Koreans, countries that have deployed advanced attacks that either dug inside U.S. government networks or targeted top U.S. companies. Even Israel, a U.S. ally, was linked to hacking tools found on the computers of European hotels used for America’s diplomatic talks with Iran, according to the analysis of the spyware by a top cybersecurity firm. Israeli officials have denied spying on the U.S.
Cyberarmies tend to be integrated with a country’s military, its intelligence services, or both, as is the case in China and the U.S.
In China, hackers are famous for the relatively low-tech tactic of “phishing”-sending a flood of disguised emails to trick corporate employees and government bureaucrats to letting them into their networks.
The U.S. suspects that is how they penetrated the Office of Personnel Management, using a phishing email to breach an OPM contractor and then crack the agency’s network. The records of more than 21 million people were exposed in the 2014 and 2015 data breach, disclosed this summer. China has said it wasn’t involved.
China’s army has divisions devoted to cyberattacks, and recent evidence shows links between the country’s military and hackers who appear to be pressing the country’s interests abroad.
“They used to be snap and grab-get in and dump everything they can,” said Tommy Stiansen, co-founder and chief technology officer at Norse Corp., a California cybersecurity firm that tracks nation-state activity. “Now they trickle out the information, stay hidden in the system. We’ve even seen Chinese actors patch and repair networks once they’ve broken in.”
China opposes the militarization of cyberspace or a cyberarms race, said Zhu Haiquan, a spokesman for the Chinese Embassy in Washington, adding China “firmly opposes and combats all forms of cyberattacks in accordance with law.”
Choosy in targets
 
Russian hackers have targeted diplomatic and political data, burrowing inside unclassified networks at the Pentagon, State Department and White House, also using emails laced with malware, according to security researchers and U.S. officials.
They have stolen President Barack Obama‘s daily schedule and diplomatic correspondence sent across the State Department’s unclassified network, according to people briefed on the investigation. A Russian government spokesman in April denied Russia’s involvement.
“Russia has never waged cyberwarfare against anyone,” Andrey Akulchev, a spokesman for the Russian Embassy in Washington, said in a written statement Friday. “Russia believes that the cybersphere should be used exclusively for peaceful purposes.”
Russia’s top hackers tend to be choosier in their targets, tailoring email attacks to those they believe might unwittingly open links or attachments.
“They are sitting there trying to think through ‘how do I really want to compromise this target?’ ” said Laura Galante, director of threat intelligence at FireEye, a Silicon Valley cybersecurity company that works closely with Washington. “The Chinese just want a foothold into the target. Russian theft is very personal.”
U.S. spies and security researchers say Russia is particularly skilled at developing hacking tools. Some malicious software linked to Russia by security researchers has a feature meant to help it target computers on classified government networks usually not connected to the Internet.
The virus does this by jumping onto USB thumb drives connected to targeted computers, in the hopes that the user-such as U.S. military personnel-will then plug that USB drive into a computer on the classified network.
Russian hackers also make efforts to hide stolen data in normal network traffic. In one example, a piece of malware hides its communications in consumer Web services to fool cybersecurity defenses. The code downloads its instructions from a set of Twitter accounts. It then exports data to commercial storage services. This tactic is effective because corporate cybersecurity systems often don’t block traffic to and from these sites.
Government investigators believe Iranian hackers implanted the Shamoon virus on computers at Saudi Arabia’s Saudi Aramco, the world’s largest energy firm, in 2012. The Aramco attack erased 75% of the company’s computers and replaced screen images with burning American flags. The attack didn’t affect oil production, but it rattled the company, and security officials, as it revealed the extent of Iran’s cybercapabilities. A spokesman for Aramco didn’t respond to a request for comment.
The move was at least partly in retaliation for the alleged U.S.-Israeli attack on Iran discovered in 2010 that deployed the Stuxnet computer worm to destroy Iranian nuclear centrifuges-considered to be the most successful and advanced cyberattack ever. The U.S. and Israel haven’t confirmed or denied involvement with Stuxnet.
Director of National Intelligence James R. Clapper has said that Iran used malware to destroy computers last year at Las Vegas Sands Corp., a casino company run by Sheldon Adelson, a major critic of the Iranian government. A Sands spokesman declined to comment.
Adm. Michael Rogers, center, director of the National Security Agency and commander of the U.S. Cyber Command, confers with Deputy Defense Secretary Robert Work ahead of testifying before the Senate Armed Services Committee in September. Photo: Win McNamee/Getty Images
Defense officials have also said Iranian hackers have temporarily overwhelmed the websites of numerous U.S. banks, in an annoying but relatively pedestrian technique known as a “denial of service” attack. The attack was allegedly in response to a YouTube video depicting the Prophet Muhammad. Some U.S. officials suspected it was retaliation for sanctions and the Stuxnet attack.
In 2012, Iran’s Supreme Leader Ayatollah Ali Khamenei publicly announced the creation of the Supreme Council of Cyberspace charged to oversee the defense of Iran’s computer networks and develop “new ways of infiltrating or attacking the computer networks of its enemies.”
National Security Agency Director Adm. Michael Rogers said Iranian cyberattacks have slowed since nuclear talks intensified last year, but that Tehran appears “fully committed” to using cyberattacks as part of its national strategy.
A spokesman for the Iranian government didn’t respond to request for comment.
Sony hack
 
U.S. officials accused North Korea of destroying computer files and records at Sony Corp.’s Hollywood film unit in 2014, allegedly in retaliation for “The Interview,” a satirical movie about assassins of North Korean leader Kim Jong Un. The breach was considered one of the most successful nation-state attacks. North Korea successfully implanted malware on Sony computers, which allowed them to both steal and destroy company records, the FBI alleged.
South Korea has also accused North Korea of trying to hack a nuclear reactor, television networks and at least one bank.
“Cybercapability, especially offensive cybercapability, is a relatively inexpensive method that a country can exploit to ‘hit above its weight class,’ which North Korea is fully aware of and is attempting to leverage,” said Steve Sin, a former U.S. Army counterintelligence officer who now researches unconventional weapons and technology.
Defense contractor Northrop Grumman Corp., meanwhile, has advertised for a “cyber operations planner” to “facilitate” offensive computer attacks with the South Korean and U.S. governments, according to a job posting it listed online.
A Northrop spokesman said the customer determines the scope of work performed.
A spokesman for North Korea couldn’t be reached for comment. The country hasn’t commented publicly on cyberprograms.
Many cybersecurity experts, however, consider the U.S. government to have the most advanced operations. When Kaspersky Lab ZAO, a Russian cybersecurity company, this year released a report on a group it called the Equation Group-which U.S. officials confirmed was a thinly veiled reference to the NSA-it referred to the operatives as the “crown creator of cyberespionage.”
Former National Security Agency contractor Edward Snowden leaked documents that showed the NSA had implanted malware on tens of thousands of foreign computers. That allowed the U.S. government secret access to data and, potentially, the industrial control systems behind power plants and pipelines. The Pentagon’s U.S. Cyber Command didn’t respond to a request for comment.
In some instances, Kaspersky found, the NSA was able to burrow so deeply into computers that it infected the code that controls how a hard drive spins. So-called firmware isn’t scanned by computer defenses.
“We, too, practice cyberespionage, and, in a public forum, I’m not going to say how successful we are, but we’re not bad,” Mr. Clapper, the Director of National Intelligence, told a Senate panel in September.
U.S. Cyber Command now has nine “National Mission Teams” with plans to build four more. These each comprise 60 military personnel that will “conduct full-spectrum cyberspace operations to provide cyber options to senior policy makers in response to attacks against our nation,” a Pentagon spokesperson said.
The Navy, Army, and Air Force will each build four teams, with the Marines building a single unit. Each will have a “separate mission with a specific focus area,” though these have so far remained secret.
Air Force Chief of Staff Gen. Mark A. Welsh III told a group of reporters in April that he wanted to see the military develop “blunt force trauma” powers with their cyberweapons. He gave examples of computer codes that could “make an enemy air defense system go completely blank” or have an enemy’s “radar show a thousand false targets that all look real.” He didn’t say the military had finished designing such powers.
Defense Secretary Ash Carter has made the development of new cyberweapons a priority, although the policy seems in flux after questions were raised by the Pentagon’s inspector general.
This activity has prompted other countries to join the digital buildup.
In 2014, the Netherlands announced it would begin training its own Internet troops through a domestic cybersecurity company, called Fox-IT. The head of the Dutch armed forces, Major Gen. Tom Middendorp, said in a symposium the group should be prepared to carry out attacks, not just block them, according to a Dutch media report. The Netherlands’ military strategy, laid out in various documents, refers to hacking as a “force multiplier.” A Dutch military spokesman confirmed the efforts but declined to make Gen. Middendorp available for an interview.
In 2013, Denmark’s Defense Ministry began allocating about $10 million a year for “computer network operations,” which include “defensive and offensive military operations,” according to government budget documents. That amount is just 0.24% of the Danish defense budget, reflecting the tiny barrier of entry.
Countries unable to develop their own weapons can buy off-the-shelf systems from private parties. Earlier this year, an attack and document leak on the Italian firm Hacking Team revealed the company had sold its surveillance tools to dozens of countries, including Sudan, Egypt, Ethiopia and Azerbaijan.
Hacking Team touted its product as “the hacking suite for governmental interception,” and computer security researchers who studied its program said it took advantage of holes in popular software to get onto opponents’ computers and mobile devices. The FBI is among the groups listed as clients of Hacking Team. An FBI spokesman said it didn’t comment on specific tools or techniques.
Most of these countries use surveillance software on domestic enemies or insurgent groups, according to officials with numerous countries and researchers.
States aren’t the only players. About 30 Arabic-fluent hackers in the Palestinian territories, Egypt and Turkey are building their own tools to hit targets in Egypt, Israel and the U.S., according to researchers at Kaspersky Lab.
And in August, the U.S. used a drone to kill Islamic State hacker Junaid Hussain in Raqqa, Syria, showing the extent to which digital warfare has upset the balance of power on the modern battlefield.
The British citizen had used inexpensive tools to hack more than 1,000 U.S. military personnel and published personal and financial details online for others to exploit. He helped sharpen the terror group’s defense against Western surveillance and built hacking tools to penetrate computer systems, according to people familiar with the matter.
National-security and cyberweapon experts are watching the growing digital arms stockpile nervously, worried that one-off attacks could eventually turn messier, particularly given how little is known about what each country is capable of doing.
“What we can do, we can expect done back to us,” said Howard Schmidt, who was the White House’s cybersecurity coordinator until 2012. The U.S. is thinking, “Yeah, I don’t want to pull that trigger because it’s going to be more than a single shot that goes off.”