Congress Seeking Secret Obama Letters on Iran

Posted on August 19, 2015August 19, 2015 by Denise Simon

Shameful that members of Congress have come to know the cunning and covert actions of the Obama White House, while the silver lining is that they DO know and are forced to take pro-active measures. It also appears that some in government are on the right side and are helping expose the nefarious actions on the parts of the White House and the State Department.

Senators: Obama Admin Hiding Secret Iran Deal Letters

White House promising to be soft on sanctions if Iran violates nuclear deal

Two leading U.S. senators are calling on the Obama administration to release secret letters to foreign governments assuring them that they will not be legally penalized for doing business with the Iranian government, according to a copy of a letter sent Wednesday to the State Department and obtained by the Washington Free Beacon.

Sens. Mark Kirk (R., Ill.) and Marco Rubio (R., Fla.) disclosed in the letter to the State Department that U.S. lawmakers have been shown copies of several letters sent by the Obama administration to the Chinese, German, French, and British governments assuring them that companies doing business with Iran will not come under penalty.

The Obama administration is purportedly promising the foreign governments that if Iran violates the parameters of a recently inked nuclear accord, European companies will not be penalized, according to the secret letters.

Congress became aware of these promises during closed-door briefings with the Obama administration and through documents filed by the administration under a law requiring full disclosure of all information pertaining to the accord.

The issue of sanctions on Iran has become a major issue on Capitol Hill in the weeks since the Obama administration agreed to a deal that permits Iran to enter the international community in exchange for temporarily constraining its nuclear program.

Iran will receive more than $150 billion in sanctions relief as part of the deal and many of its military branches will be removed from international sanctions designations.

“The documents submitted by the Administration to Congress include non-public letters that you sent to the French, British, German, and Chinese governments on the consequences of sanctions snap-back,” Kirk and Rubio wrote to Secretary of State John Kerry.

“These letters appear to reassure these foreign governments that their companies may not be impacted if sanctions are re-imposed in response to Iranian violations of the agreement,” they claim. “While Administration officials have claimed that this is not the case, we think it is important for the American public to be able to read your assurances to foreign governments for themselves as their elected representatives review this deal in the coming weeks.”

Kirk and Rubio are demanding that the Obama administration release these letters to the public so that the full nature of the White House’s backroom dealings are made known.

“We therefore request the Administration to publicly release these letters, which are not classified, so that the full extent of the Administration’s non-public assurances to European and Chinese governments can be discussed openly by Congress and analyzed by impartial outside experts,” they write.

“Given the conflicting interpretations hinted at by the deal’s various stakeholders, it would also ease congressional review of the deal if you were to receive assurances from the other members of the P5+1 about the guidance they will provide to companies about the inherent risks of investing in Iran due to Iran’s ongoing support for terrorism and use of its financial system for illicit activities and the potential for sanctions to snap back if Iran violates the nuclear agreement,” the letter states.

As Iranian companies and government entities are removed from sanctions lists, they will be permitted to do business on the open market. A number of governments, including the Russia and Italy, have already expressed interest in partnering with Iran.

U.S. lawmakers remain concerned that if Iran violates the nuclear accord, sanctions will not be reimposed in a meaningful way.

“The conditions under which foreign investment in Iran would proceed under the nuclear agreement remain unclear,” Kirk and Rubio wrote. “On July 23, 2015, Secretary of the Treasury Jack Lew told the Senate Foreign Relations Committee that companies that have invested in Iran would ‘not be able to continue doing things that are in violation of the sanctions’ if sanctions snap back.”

“Foreign investment in Iran will involve long-term contracts in many cases, however, and some interpretations of the Iran agreement indicate these contracts might be protected from the snap-back of sanctions by a so-called ‘grandfather clause,’” they write.

Under the terms of the agreement, sanctions on Iran’s Revolutionary Guard Corps (IRGC), a paramilitary force known to commit acts of terrorism across the globe, will be lifted.

A multi-billion dollars financial empire belonging to Iranian Supreme Leader Ali Khamenei also will be removed from sanctions lists, according to the parameters of the deal.

*** On the matter of Iran, the story goes on. Iran has job openings…

AP Exclusive: UN to let Iran inspect alleged nuke work site

VIENNA (AP) — Iran, in an unusual arrangement, will be allowed to use its own experts to inspect a site it allegedly used to develop nuclear arms under a secret agreement with the U.N. agency that normally carries out such work, according to a document seen by The Associated Press.

The revelation is sure to roil American and Israeli critics of the main Iran deal signed by the U.S., Iran and five world powers in July. Those critics have complained that the deal is built on trust of the Iranians, a claim the U.S. has denied.

The investigation of the Parchin nuclear site by the International Atomic Energy Agency is linked to a broader probe of allegations that Iran has worked on atomic weapons. That investigation is part of the overarching nuclear deal.

The Parchin deal is a separate, side agreement worked out between the IAEA and Iran. The United States and the five other world powers that signed the Iran nuclear deal were not party to this agreement but were briefed on it by the IAEA and endorsed it as part of the larger package.

Without divulging its contents, the Obama administration has described the document as nothing more than a routine technical arrangement between Iran and the U.N.’s International Atomic Energy Agency on the particulars of inspecting the site.

Any IAEA member country must give the agency some insight into its nuclear program. Some countries are required to do no more than give a yearly accounting of the nuclear material they possess. But nations— like Iran — suspected of possible proliferation are under greater scrutiny that can include stringent inspections.

But the agreement diverges from normal inspection procedures between the IAEA and a member country by essentially ceding the agency’s investigative authority to Iran. It allows Tehran to employ its own experts and equipment in the search for evidence for activities that it has consistently denied — trying to develop nuclear weapons.

Evidence of that concession, as outlined in the document, is sure to increase pressure from U.S. congressional opponents as they review the July 14 Iran nuclear deal and vote on a resolution of disapproval in early September. If the resolution passed and President Barack Obama vetoed it, opponents would need a two-thirds majority to override it. Even Senate Majority Leader Mitch McConnell, a Republican, has suggested opponents will likely lose.

The White House has denied claims by critics that a secret “side deal” favorable to Tehran exists. U.S. Secretary of State John Kerry has said the Parchin document is like other routine arrangements between the agency and individual IAEA member nations, while IAEA chief Yukiya Amano told Republican senators last week that he is obligated to keep the document confidential.

But Republican critics are bound to harshly criticize any document that cedes to Iran the right to look for the very nuclear wrongdoing that it has denied committing. Olli Heinonen, who was in charge of the Iran probe as deputy IAEA director general from 2005 to 2010 ,said he can think of no instance where a country being probed was allowed to do its own investigation.

Iran has refused access to Parchin for years and has denied any interest in — or work on — nuclear weapons. Based on U.S., Israeli and other intelligence and its own research, the IAEA suspects that the Islamic Republic may have experimented with high-explosive detonators for nuclear arms at that military facility and other weapons-related work elsewhere.

The IAEA has repeatedly cited evidence, based on satellite images, of possible attempts to sanitize the site since the alleged work stopped more than a decade ago.

The document seen by the AP is a draft that one official familiar with its contents said doesn’t differ substantially from the final version. He demanded anonymity because he isn’t authorized to discuss the issue.

It is labeled “separate arrangement II,” indicating there is another confidential agreement between Iran and the IAEA governing the agency’s probe of the nuclear weapons allegations.

The document suggests that instead of carrying out their own probe, IAEA staff will be reduced to monitoring Iranian personnel as these inspect the Parchin site.

Iran will provide agency experts with photos and videos of locations the IAEA says are linked to the alleged weapons work, “taking into account military concerns.”

That wording suggests that — beyond being barred from physically visiting the site — the agency won’t even get photo or video information from areas Iran says are off-limits because they have military significance.

IAEA experts would normally take environmental samples for evidence of any weapons development work, but the agreement stipulates that Iranian technicians will do the sampling.

The sampling is also limited to only seven samples inside the building where the experiments allegedly took place. Additional ones will be allowed only outside of the Parchin site, in an area still to be determined.

“Activities will be carried out using Iran’s authenticated equipment consistent with technical specifications provided by the agency,” the agreement says. While the document says that the IAEA “will ensure the technical authenticity” of Iran’s inspection, it does not say how.

The draft is unsigned but the signatory for Iran is listed as Ali Hoseini Tash, deputy secretary of the Supreme National Security Council for Strategic Affairs instead of an official of Iran’s nuclear agency. That reflects the significance Tehran attaches to the agreement.

Iranian diplomats in Vienna were unavailable for comment, while IAEA spokesman Serge Gas said the agency had no immediate comment.

The main focus of the July 14 deal between Iran and six world powers is curbing Iran’s present nuclear program that could be used to make weapons. But a subsidiary element obligates Tehran to cooperate with the IAEA in its probe of the allegations.

The investigation has been essentially deadlocked for years, with Tehran asserting the allegations are based on false intelligence from the U.S., Israel and other adversaries. But Iran and the U.N. agency agreed last month to wrap up the investigation by December, when the IAEA plans to issue a final assessment on the allegations.

Both Iran and the IAEA were upbeat when announcing the agreement last month. But Western diplomats from IAEA member nations who are familiar with the probe are doubtful that Tehran will diverge from claiming that all its nuclear activities are — and were — peaceful, despite what they say is evidence to the contrary.

They say the agency will be able to report in December. But that assessment is unlikely to be unequivocal because chances are slim that Iran will present all the evidence the agency wants or give it the total freedom of movement it needs to follow up the allegations.

Still, the report is expected to be approved by the IAEA’s board, which includes the United States and other powerful nations that negotiated the July 14 agreement. They do not want to upend their July 14 deal, and will see the December report as closing the books on the issue.

Senate Appropriations Committee subcommittee chairman Lindsay Graham, a Republican presidential hopeful, last week asked for “any and all copies of side agreements between Iran and the IAEA associated with the Iran nuclear deal.” He threatened to cut off U.S. funding for the U.N. agency otherwise.

*** Last but never least, the Iran deal has triggered George Soros and his group MoveOn.org. Soros soldiers have been deployed.

WT: The effort to win congressional approval of the Iran nuclear agreement has brought a new intensity to peace advocates that hasn’t been seen since the Iraq War, including MoveOn.org, a group that helped President Obama win the White House but has seen its power wane in the last few years.

“We’ve been campaigning in support of diplomacy with Iran and against another war in the Middle East for years,” said Nick Berning, a spokesman for MoveOn.org.

When the 60-day clock for congressional review of the deal between six world powers and Tehran started ticking just ahead of lawmakers’ annual August recess, MoveOn.org launched a targeted campaign to deploy staff and grassroots activists to key states and districts to show up at town halls and demonstrate to their Democratic members of Congress that they support implementing the agreement. More details here.

Obama’s White House Shouting ‘Oh Ashley!’ After the Hack of Database

Posted on August 19, 2015August 19, 2015 by Denise Simon

In part from Wired: Hackers who stole sensitive customer information from the cheating site AshleyMadison.com appear to have made good on their threat to post the data online.

A data dump, 9.7 gigabytes in size, was posted on Tuesday to the dark web using an Onion address accessible only through the Tor browser. The files appear to include account details and log-ins for some 32 million users of the social networking site, touted as the premier site for married individuals seeking partners for affairs. Seven years worth of credit card and other payment transaction details are also part of the dump, going back to 2007. The data, which amounts to millions of payment transactions, includes names, street address, email address and amount paid, but not credit card numbers; instead it includes four digits for each transaction that may be the last four digits of the credit card or simply a transaction ID unique to each charge. AshleyMadison.com claimed to have nearly 40 million users at the time of the breach about a month ago, all apparently in the market for clandestine hookups.

“Ashley Madison is the most famous name in infidelity and married dating,” the site asserts on its homepage. “Have an Affair today on Ashley Madison. Thousands of cheating wives and cheating husbands signup everyday looking for an affair…. With Our affair guarantee package we guarantee you will find the perfect affair partner.”

The data released by the hackers includes names, addresses and phone numbers submitted by users of the site, though it’s unclear if members provided legitimate details. A sampling of the data indicates that users likely provided random numbers and addresses, but files containing credit card transactions will yield real names and addresses, unless members of the site used anonymous pre-paid cards. One analysis of email addresses found in the data dump also shows that some 15,000 are .mil. or .gov addresses. Read more here.

Between being unable to respond to terror attacks (Benghazi) and being unable to kill terrorists massing on the Iraq border (ISIS) to being dumb enough to register for an infidelity hook-up site with their White House email accounts.

From Twitter: I’ve come to the conclusion that the Obama administration IS the JV team they warned us to look out for.

Embedded image permalink

For access to the database, go here.

Terrorism Works, U.S. Chart Proves Vulnerability

Posted on August 19, 2015August 19, 2015 by Denise Simon

Chart Lists Terrorists in U.S. Due to Lax Immigration Policies

The Obama administration’s lax immigration policies have allowed a large number of terrorists with documented ties to ISIS and other radical Islamic groups into the United States, including individuals from Yemen, Saudi Arabia, Somalia and Uzbekistan who have been criminally charged in recent years.

Examples include a naturalized U.S. citizen from Somalia (Hinda Osman Dhirane) charged with conspiracy to provide material support to a foreign terrorist organization, a lawful permanent resident (Akhror Saidakhmetov) from Kazakhstan charged with conspiracy to provide material support to Al Qaeda in Iraq, a Yemeni national named Mufid A. Elfgeeh who also supported a foreign terrorist organization, possessed illegal firearms and attempted to kill U.S. government officers and a Syrian national named Mohamad Saeed Kodaimati who knowingly made false, fraudulently and fictitious statements to the FBI.

That’s just a snippet of a long list of foreigners with terrorist ties who have been granted U.S. entry by the Obama administration. The document was provided this month by a pair of federal lawmakers attempting to pinpoint the tragic consequences of Obama’s negligent immigration policies. The legislators, both U.S. senators, are asking Attorney General Loretta Lynch and Secretary of State John Kerry to provide details on the immigration history of the individuals—as well as their family—that appear on the chart. The list features 72 people involved with or sentenced for terrorist activity in the last year alone.

They include individuals who have engaged in or attempted to engage in acts of terrorism; conspired or attempted to conspire to provide material support to a terrorist organization; engaged in criminal conduct inspired by terrorist ideology; or who have been sentenced for any of the foregoing, the senators, Jeff Sessions of Alabama and Ted Cruz of Texas, reveal. “We would like to understand more about these individuals, and others similarly situated in recent history, and the nexus between terrorism and our immigration system,” they write in a letter to Lynch and Kerry. Sessions chairs the Senate Judiciary Committee’s Subcommittee on Immigration and Cruz chairs the Subcommittee on Oversight, Agency Action, Federal Rights and Federal Courts.

They ask that the State Department and Department of Justice (DOJ) coordinate with other relevant agencies to provide answers to their questions by early next month. Among the senators’ inquires is an unredacted copy of each non-citizen or naturalized citizen’s alien file and a breakdown by immigration status of those who at any time after entering the U.S. got flagged as a member of a terrorist organization or political/social group that endorses or espouses terrorist activity. The lawmakers seek other information as well, including the identification of subjects with terrorist ties who have been deported from the U.S. and those who have been placed in removal proceedings but were allowed to remain inside the country.

As if it weren’t bad enough that terrorists are entering the U.S. legally thanks to our weak immigration policies, the Obama administration also has a terrorist “hands off” list that permits individuals with extremist ties to enter the country. The disturbing details of this secret list come from internal Department of Homeland Security (DHS) documents exposed last year by a U.S. senator. Specifically, an electronic email exchange between U.S. Immigration and Customs Enforcement (ICE) and U.S. Customs and Border Protection (CBP) asks whether to admit an individual with ties to various terrorist groups. The individual had scheduled an upcoming flight into the U.S. and was believed to be a member of the Muslim Brotherhood and a close associate and supporter of Hamas, Hezbollah and the Palestinian Islamic Jihad.

Islamic terrorists are also sneaking into the U.S. through the porous southern border. Judicial Watch has reported this for years and, more recently, published a series of stories documenting how Mexican drug cartels are smuggling foreigners with terrorist links into the El Paso, Texas region. The foreigners are classified as Special Interest Aliens (SIA) by the government and they are being transported to stash areas in Acala, a rural crossroads located around 54 miles from El Paso on a state road – Highway 20. Once in the U.S., the SIAs wait for pick-up in the area’s sand hills just across Highway 20. JW has also reported that Mexican smugglers are moving ISIS operatives through the desert and across the U.S.-Mexico border with tremendous ease.

The First Lie About the IRS Hack Gets Some Truth?

Posted on August 18, 2015August 18, 2015 by Denise Simon

Social security numbers are the basis and entry point to hack when it comes to the cyber intrusion into the IRS. Given the software platform the IRS uses, which is outdated completely, there are warnings there could be more intrusions.

IRS Hack Far Worse Than First Thought

USAToday:

SAN FRANCISCO — A hack of the Internal Revenue service first reported in May was nearly three times as large as previously stated, the agency said Monday.

Thieves have accessed as many as 334,000 taxpayer accounts, the IRS said.

In May, the IRS reported that identity thieves were able to use the agency’s Get Transcript program to get personal information about as many as 114,000 taxpayers.

On Monday, the IRS said an additional 220,000 accounts had also been hacked. In all, 334,000 accounts were accessed, though whether information was stolen from every one of them is not known.

The hackers made use of an IRS application called Get Transcript, which allows users to view their tax account transactions, line-by-line tax return information or wage and income reported to the IRS for a specific tax year.

To enter the Get Transcript system, the user must correctly answer multiple identity verification question.

The hackers took information about taxpayers acquired from other sources and used it to correctly answer the questions, allowing them to gain access to a plethora of data about individual taxpayers.

The Get Transcript service was shut down in May.

Hackers love authentication-based systems because it’s very difficult to distinguish between “the good guys and the bad guys” when someone is trying to get in, said Jeff Hill of STEALTHbits Technologies, a cyber security company.

“Here we have a case where a successful authentication-based attack was discovered in May, and yet the IRS is still unclear of the extent of the breach’s damage months later. Even now, how confident is the IRS they fully understand the extent of the attack completely, or should we expect yet another shoe to drop in the coming weeks?” Hill said.

Notification of the increased number of hacked accounts came Monday.

In a statement the agency said, “as part of the IRS’s continued efforts to protect taxpayer data, the IRS conducted a deeper analysis over a wider time period covering the 2015 filing season, analyzing more than 23 million uses of the Get Transcript system.”

That analysis revealed an additional 220,000 accounts had also potentially been accessed.

In addition to accounts the hackers were successfully able to access, the IRS disclosed hack attempts that didn’t succeed. There were 111,000 attempts on accounts disclosed in May and 170,000 disclosed on Monday, for a total of 281,000 of accounts where the hackers “failed to clear the authentication processes,” the agency said.

Taxpayers whose information was potentially breached will get letters in the mail from the IRS in the coming days.

They will also get access to free credit protection and Identity Protection PINs, the IRS said in a statement.

Taxpayers Fleeced

1/2 TRILLION spent on IT upgrades, but IRS, Feds still use DOS, old Windows

Examiner: President Obama’s team has spent more than a half trillion dollars on information technology but some departments, notably the IRS, still run on DOS and old Windows, which isn’t serviced anymore, according to House chairman.

“Since President Obama has taken office, the federal government has spent in excess of $525 billion dollars on IT. And it doesn’t work,” said Rep. Jason Chaffetz, chairman of the House Oversight and Government Reform Committee.

In an address to the centrist Ripon Society, Chaffetz suggested that the slow change of the federal government’s IT led to the recent and historic hack of personal data of millions of current and former federal workers, including CIA and other clandestine employees.

“The IRS still uses the DOS operating system. You have a Patent office that just got Windows 97. They don’t even service Windows 97 anymore. And yet they just got it. So the procurement process is really, really broken in this regard,” he added.

Chaffetz also offered to praise for Obama’s pick to head the Office of Personnel Management, home to the massive computer hack.

Refugee, Spy, Hacker, Thief Problems with China?

Posted on August 16, 2015August 16, 2015 by Denise Simon

Not just in the United States, but add Canada as well. Seems there could be many moving parts to this and many questions. Apparently this is a big enough issue that Barack Obama dispatched one of his pesky sternly worded letters to China.

Operation Fox Hunt

Obama Administration Warns Beijing About Covert Agents Operating in U.S.

NYT: WASHINGTON — The Obama administration has delivered a warning to Beijing about the presence of Chinese government agents operating secretly in the United States to pressure prominent expatriates — some wanted in China on charges of corruption — to return home immediately, according to American officials.

The American officials said that Chinese law enforcement agents covertly in this country are part of Beijing’s global campaign to hunt down and repatriate Chinese fugitives living abroad and, in some cases, recover allegedly ill-gotten gains. The Chinese government has officially named the effort Operation Fox Hunt.

The American warning, which was delivered to Chinese officials in recent weeks and demanded a halt to the activities, reflects escalating anger in Washington about intimidation tactics used by the agents. And it comes at a time of growing tension between Washington and Beijing on a number of issues: from the computer theft of millions of government personnel files that American officials suspect was directed by China, to China’s crackdown on civil liberties, to the devaluation of its currency.

Those tensions are expected to complicate the state visit to Washington next month by Xi Jinping, the Chinese president.

The work of the agents is a departure from the routine practice of secret government intelligence gathering that the United States and China have carried out on each other’s soil for decades. The Central Intelligence Agency has a cadre of spies in China, just as China has long deployed its own intelligence operatives into the United States to steal American political, economic, military and industrial secrets.

In this case, American officials said, the Chinese agents are undercover operatives with the Ministry of Public Security, China’s law enforcement branch charged with carrying out Operation Fox Hunt.

The campaign, a central element of Mr. Xi’s wider battle against corruption, has proved popular with the Chinese public. Since 2014, according to the Ministry of Public Security, more than 930 suspects have been repatriated, including more than 70 who have returned this year voluntarily, the ministry’s website reported in June. According to Chinese media accounts, teams of agents have been dispatched around the globe.

American officials said they had solid evidence that the Chinese agents — who are not in the United States on acknowledged government business, and most likely are entering on tourist or trade visas — use various strong-arm tactics to get fugitives to return. The harassment, which has included threats against family members in China, has intensified in recent months, officials said.

The United States has its own history of sending operatives undercover to other nations — sometimes under orders to kidnap or kill. In the years after the Sept. 11 terrorist attacks, the C.I.A. dispatched teams abroad to snatch Qaeda suspects and spirit them either to secret C.I.A prisons or hand them over to other governments for interrogation.

Both China’s Ministry of Public Security and the Ministry of Foreign Affairs did not respond to faxes requesting comment. But Chinese officials have often boasted about their global efforts to hunt economic fugitives, and the state media has featured reports detailing the aims and successes of Operation Fox Hunt. Many more details here.

Add in Canada

Chinese police run secret operations in B.C. to hunt allegedly corrupt officials and laundered money

Chinese police agents have been conducting secret operations in Canada — a top destination for allegedly corrupt officials — seeking to “repatriate” suspects and money laundered in real estate.

Vancouver city officials will not comment on co-operation with Chinese agents in “Operation Fox Hunt,” or on suspects pointed to by Chinese news services.

Xinhua news agency reported that while China does not have extradition treaties with Canada, the United States and Australia — the three top destinations for corruption suspects — in 2013 Canada and China signed an agreement to share assets connected to corruption.

Starting in 2014, Chinese agents came to Canada and other countries, Xinhua reported.

The Province found indications in various data sources of large wealth allegedly misappropriated in China and invested in condo and commercial developments and private residences in and around Vancouver.

Also, according to The Province’s review of data posted by the International Consortium of Investigative Journalists, there are a number of offshore shell companies linked to addresses in Vancouver, West Vancouver and Richmond, with connections to Mainland China.

City Manager Penny Ballem was asked if Vancouver officials are taking any actions against money laundering.

“In terms of corruption and money laundering, I can tell you in my conversations with (Vancouver Police Chief) Jim Chu, and the provincial solicitor general, these things are always a challenge for all levels of government,“ Ballem said. “If you want any hard information, you need to talk to Jim Chu.” Many more details of course are here.

France is helping as well?

France offers to help China catch fugitives in Operation Fox Hunt

China to send French authorities a list of suspects wanted for economic crimes

***

Why could they also be hackers?

In part: Aliya Sternstein, writing in the August 13, 2015 edition of NextGov.com, notes that the “malicious code the Russians reportedly used to jimmy open a White House network, was also reportedly used by Chinese hackers to rupture Anthem’s network, — and, the malware was free.” Ms. Sternstein adds that “the [malicious ] worms were delivered the same way, via phishing emails that looked legitimate; but, actually baited recipients into opening a malicious file.”

“The hackers’ success in each case — underscores how conventional hacking techniques still work against skilled professionals at high-security organizations,” said Patrick Belcher, a Director at the cyber security firm, Invincea. Mr. Belcher co-wrote a paper detailing the initial penetrations at the White House and Anthem,” Ms. Sternstein noted. “These aren’t just any dumb users,” Belcher said. “The top-notch security professionals failed in their jobs not to open suspicious email links.”

“At Anthem, a bogus message in December 2014, tricked the recipient to install what appeared to be an authentic Citrix software update that was really an infected file,” according to past research, Ms. Sternstein wrote. And, last fall, “at the White House, a video of a 2007 Super Bowl ad for CareerBuilder.com ad floated around that showed chimpanzees running a corporation and tormenting their human employee,” according to F-Secure. A State Department email account reportedly was the source of the phishing email that landed at the White House,” NextGov.com noted.

Why could they be spies?

Newly discovered Chinese hacking group hacked 100+ websites to use as “watering holes”

Emissary Panda group penetrated the networks of industrial espionage targets.

In part from Arstechnica LAS VEGAS—Today at the Black Hat information security conference, Dell SecureWorks researchers unveiled a report on a newly detected hacking group that has targeted companies around the world while stealing massive amounts of industrial data. The majority of the targets of the hacking group were in the automotive, electronic, aerospace, energy, and pharmaceutical industries. The group, believed to be based in China, has also targeted defense contractors, colleges and universities, law firms, and political organizations—including organizations related to Chinese minority ethnic groups.

Designated as Threat Group 3390 and nicknamed “Emissary Panda” by researchers, the hacking group has compromised victims’ networks largely through “watering hole” attacks launched from over 100 compromised legitimate websites, sites picked because they were known to be frequented by those targeted in the attack.

At least 50 organizations in those industries in the US and the United Kingdom had data stolen by members of Emissary Panda. Sites targeted included the website of the Embassy of the Russian Federation in the US (as well as those of other embassies and non-governmental organizations); government agency websites around the world; manufacturing companies, many of whom were suppliers to defense contractors; and the Spanish defense manufacturer Amper. A cultural site for the Chinese Uyghur ethnic group was also used, apparently to target members of the Muslim minority for surveillance.

No zero-day vulnerabilities were used to breach targeted networks, instead “the group relied on old vulnerabilities such as CVE-2011-3544“—a near-year-old Java security hole—”and CVE-2010-0738 to compromise their targets,” Dell SecureWorks’ researchers reported. The group used a number of tools common to other Chinese hacking groups, but they had a few unique tools of their own with interfaces developed for Standard (Simplified) Chinese. One of these is the PlugX remote access tool, “a notorious piece of malware linked to a number of attacks and to another Threat Group, which researchers believe is also likely based out of China,” according to Dell SecureWorks researchers. It also appears the group used China’s Baidu search engine to perform reconnaissance on targets.