Category Archives: Cyber War

Obama and DHS Fully Compromised our Security

Posted on by

Getting into America just got easier….

Easier? Yes and while no one is talking about it but I got a tip from an insider. Did you hear the announcement by Jeh Johnson? This program already exists.

It might be a lot easier – and faster – for international travelers to fly into the United States soon.

The U.S. Department of Homeland Security said Friday it will seek approval to put pre-clearance centers at 10 airports in nine foreign countries.

If negotiations are successful, those centers will allow travelers to go through U.S. Customs and Border Protection clearance before they get on their airplane headed to the United States. Once landed, they would not have to be rescreened.

Here’s what Homeland Security Secretary Jeh Johnson said in the DHS announcement:

“A significant homeland security priority of mine is building more preclearance capacity at airports overseas. We have this now in 15 airports. I am pleased that we are seeking negotiations with 10 new airports in nine countries.

“I want to take every opportunity we have to push our homeland security out beyond our borders so that we are not defending the homeland from the one-yard line. Preclearance is a win-win for the traveling public. It provides aviation and homeland security, and it reduces wait times upon arrival at the busiest U.S. airports.”

The U.S. will enter talks with officials in Belgium, the Netherlands, Norway, Spain, Sweden, Turkey and the United Kingdom in Europe, as well as Japan and the Dominican Republic.

The 10 airports would be Brussels Airport, Belgium; Punta Cana Airport, Dominican Republic; Narita International Airport, Japan; Amsterdam Airport Schipol, Netherlands; Oslo Airport, Norway; Madrid-Barajas Airport, Spain; Stockholm Arlanda Airport, Sweden; Istanbul Ataturk Airport, Turkey; and London Heathrow Airport and Manchester Airport in the United Kingdom.

“These countries represent some of the busiest last points of departure to the United States – in 2014, nearly 20 million passengers traveled from these ten airports to the U.S.,” DHS said.

For travelers to Dallas/Fort Worth International Airport, the pre-clearance would be available on flights from London Heathrow (American Airlines and British Airways); Amsterdam (KLM Royal Dutch Airlines); Tokyo Narita (American); Madrid-Barajas (American); and Punta Cana (Sun Country Airlines).

Officials from trade group Airlines for American and from American and JetBlue Airways quickly praised the DHS effort.

“U.S. airlines drive $1.5 trillion in economic activity, and by improving the passenger experience for visitors or those returning to the United States, while improving security, we can build on that,” A4A President and chief executive Nick Calio said. “The addition of these pre-clearance airports will help increase safety and security while improving the passenger experience with shorter wait times and quicker connections on arrival in the U.S.”

“Expanding air preclearance is a tremendous step forward for improving the overall travel experience for our customers and welcoming more visitors to the United States,” AA chief operating officer Robert Isom said. “Preclearance eases the congestion at our U.S. gateway airports and ensures our customers get to their destinations faster.”

In addition to the three airports served by American from its D/FW hub, the pre-clearance centers would go to four other airports served by American out of other U.S. airports – Manchester, Amsterdam, Punta Cana and Brussels.

JetBlue passengers would benefit from the Punta Cana pre-clearance center.

“We believe that in addition to the need for an increase in CBP staffing at key U.S. gateway airports, more preclearance facilities like the ones being proposed around the globe are an important tool to enhance our nation’s security and reduce the number of travelers clearing Customs stateside — and that ultimately reduces wait times for travelers on all airlines,” JetBlue president and CEO Robin Hayes said.

United also thanked DHS for the proposal.

“We have worked closely with U.S. Customs and Border Protection and support developments that provide more convenience for our customers,” the carrier said in a statement. “We thank Secretary Johnson and his team at the Department of Homeland Security and CBP for their engagement with United and the airline industry, and we look forward to partnering with them on this initiative to facilitate travel and reduce wait times.”

U.S. Travel Association president Roger Dow issued this statement:

“When the experience for the international traveler improves, the U.S. economy improves, and again this administration deserves praise for pressing ahead with innovative policies that simultaneously bolster national security and streamline the customs entry process.

“Customs preclearance is a program that has proven itself effective, and extending it to these key travel markets will undoubtedly boost visitation. As a bonus, adding preclearance facilities will further relieve pressure on the customs entry process here on our shores, improving the system generally.

“Evolving policies such as these are a big reason why we surpassed a record 74 million international visitors to the U.S. last year, and are well on pace to reach 100 million visitors annually by 2021. With overseas visitors spending an average of $4,300 per person, per trip, that’s just good economic sense.”

Customs and Border Protection currently staffs 15 centers in six countries: Dublin and Shannon in Ireland; Aruba; Freeport and Nassau in the Bahamas; Bermuda; Calgary, Toronto, Edmonton, Halifax, Montreal, Ottawa, Vancouver and Winnipeg in Canada; and Abu Dhabi in the United Arab Emirates.

This is a ‘preclearance system’.  Please read the full description here.

In 2013, there was a Customs and Border Patrol hearing on this matter in the House of Representatives. Essentially, we cant control security within our borders now we are extending them globally and relying on foreign governments and security services? That did not work out at all in Benghazi. Here is the testimony and it is a must read.

 

 

Listen and Read How Wrong Obama is on Iran

Posted on by

Even the Russians did not lie as badly as the Iranians have and Kerry at the behest of the White House is ignoring the historical lies.

Sen. Bob Corker (R-Tenn.) has sent a blistering letter to President Obama denouncing reported Iran concessions. It reads:

Dear Mr. President:

It is breathtaking to see how far from your original goals and statements the P5+1 have come during negotiations with Iran. Under your leadership, six of the world’s most important nations have allowed an isolated country with roguish policies to move from having its nuclear program dismantled to having its nuclear proliferation managed. Negotiators have moved from a 20-year agreement to what is in essence a 10-year agreement that allows Iran to simultaneously continue development of an advanced ballistic missile program and research and development of advanced centrifuges. This also will allow Iran’s economy to be restored with billions of dollars returned to its coffers, a development that administration officials concede will be used at some level to export terrorism in the region.

I am alarmed by recent reports that your team may be considering allowing the deal to erode even further. Only you and those at the table know whether there is any truth to these allegations, and I hope reports indicating potential concessions on inspections and on the full disclosure of Iran’s possible military dimensions (PMDs) are inaccurate.

Regarding inspections, surely your administration and those involved in the negotiations will adhere to an “anytime, anywhere” standard. No bureaucratic committees. No moving the ball. No sites off limits.

You have publicly acknowledged Iran’s long history of covert nuclear activity.  We all are aware of the importance of having a full understanding of Iran’s nuclear program, including PMDs of those activities as part of any agreement. Yet, recently I have heard of a potential cumbersome process where the International Atomic Energy Agency (IAEA), with no confirmation from Iran, will make PMD determinations about Iran’s nuclear program in order to protect Iran’s national pride, meaning Iran will not have to publicly admit to these activities. Today, the IAEA cannot get access to information Iran agreed to share pursuant to a 2013 agreement. By not requiring Iran to explicitly disclose their previous weaponization efforts on the front end of any final agreement, we will likely never know, in a timely fashion, the full extent of Iranian capabilities.

I understand the dynamics that can develop when a group believes they are close to a deal and how your aides may view this as a major legacy accomplishment. However, as you know, the stakes here are incredibly high and the security implications of these negotiations are difficult to overstate. As your team continues their work, if Iran tries to cross these few remaining red lines, I would urge you to please pause and consider rethinking the entire approach. Walking away from a bad deal at this point would take courage, but it would be the best thing for the United States, the region and the world.

One hopes that Corker’s colleagues are paying attention and that they are ready to prevent a catastrophic deal.

Obama Favoring Mullahs with Cash Infusions

Posted on by

The Mullahs of Iran have a new standard of confidence on the West lifting financial sanctions after the final deal on the nuclear program is completed. That date is slated for June 30, yet there are signs that date could slide. Who has given the Mullahs this concept of lifted sanctions? The White House.

TEHRAN — With a little more than two weeks before the deadline for a nuclear deal, Iran’s president, Hassan Rouhani, said Saturday that he expected relief from economic sanctions within a “couple of months” after an agreement with six world powers was signed.

Mr. Rouhani echoed statements by other Iranian leaders hinting that the deadline might not be met. “We will not waste time, but we should also not restrict ourselves to a specific deadline,” he said.

The pace of sanctions relief is a sticking point. The Iranian supreme leader, Ayatollah Ali Khamenei, who has the final word on any nuclear deal, has demanded that all sanctions be lifted on the day the agreement is signed. Mr. Rouhani’s timetable would allow the United States, the European Union and the United Nations to wait to lift their sanctions until the day the deal takes effect. The United States and its negotiating partners want the sanctions lifted piecemeal, as Iran meets its obligations under the deal.

Mr. Rouhani also said Iran wanted the deal to be approved by the United Nations Security Council, as a hedge against a nullification move by a future leader of a negotiating country.

Mullahs see Obama’s favors for their benefit:

The U.S. makes more concessions to Iran in a prelude to a nuclear deal.

The Obama Administration has long insisted that any nuclear deal will have no effect on U.S. determination to stop Iran’s regional ambitions or support for terrorism. As the political desire for a deal grows more urgent, however, this claim is proving to be hollow. Consider Hayya Bina, or “Let’s Go,” a Lebanese civil-society initiative founded in 2005 by publisher and producer Lokman Slim. Hayya Bina works largely with Lebanon’s Shiites on a variety of health, environmental and citizenship issues, largely as a way to offer a moderate alternative to Hezbollah’s efforts to dominate that community.

The group has received modest funding from the State Department and groups like the International Republican Institute. But as the Journal’s Jay Solomon reported last week, the State Department sent Hayya Bina a letter, dated April 10, which “requests that all activities intended [to] foster an independent moderate Shiite voice be ceased immediately and indefinitely.” To underscore the point, the letter added that Hayya Bina “must eliminate funding for any of the above referenced activity.” Why cut funding? The State Department said the programs weren’t meeting expectations. But it hardly went unnoticed in Lebanon that the cuts came barely a week after the U.S. and Iran struck their framework nuclear agreement in Switzerland April 2. Hezbollah is Iran’s Lebanese subsidiary and has made a practice of going after its domestic opponents, including Mr. Slim.

The withdrawal of U.S. funding “is another desperate PR attempt by the Obama Administration to appease the Iranian regime in order to reach a nuclear deal,” says Ahmad El Assaad, a prominent Lebanese Shiite opponent of Hezbollah. Then there is the curious case of Buhary Seyed Abu Tahir, a Dubai-based Sri Lankan businessman who in 2004 was cited personally by President George W. Bush as the “chief financial officer and money launderer” for the nuclear-proliferation network of Pakistani scientist A.Q. Khan. According to a 2004 investigation by Malaysian authorities, in 1994 or 1995 Mr. Khan asked Mr. Tahir to ship uranium centrifuges to Iran. “BSA Tahir organized the transshipment of the two containers from DUBAI to IRAN using a merchant ship owned by a company in Iran,” according to a Malaysian report. “BSA Tahir said the payment for the two containers of centrifuge units, amounting to about USD $3 million was paid in UAE Dirham currency by the Iranian. The cash was brought in two briefcases.” The Bush Administration put Mr. Tahir on the U.S. Office of Foreign Assets Control (OFAC) list of sanctioned persons. But the Treasury Department removed his name from that list on April 3, exactly one day after the framework agreement was announced. We asked a Treasury spokesperson why Mr. Tahir’s name was removed and if there was any connection to the Iran deal, and she said the “delisting was based on a determinaton by OFAC that circumstances no longer warrant the blocking of Tahir pursuant to Executive Order 13382.” That order, signed by President Bush in 2005, is “aimed at freezing the assets of proliferators of weapons of mass destruction.” Mr. Tahir’s delisting strikes us as the equivalent of a backdated check intended to whitewash Iran’s illicit acquisition of centrifuges as having anything to do with a nuclear-weapons program. If the Administration wants to deny this, we suggest it explain the timing publicly. Then there is Iran’s ballistic missile program. Ballistic missiles have long been considered an integral part of Iran’s nuclear program as the most effective way to deliver a weapon, and the Administration pushed for U.N. sanctions on Iran’s missiles in 2010.

When it came time to negotiate, however, the Administration gave in to Tehran’s insistence that it would accept no missile limitations, thus separating the missile and nuclear programs. But now that a deal is near, the Administration is reversing itself again, claiming that for the purposes of sanctions Iran’s missile program is “nuclear-related,” meaning the U.S. is prepared to lift the missile sanctions. And there’s more. “Of the 24 Iranian banks currently under U.S. sanctions,” noted the Associated Press in a story last week, “only one—Bank Saderat, cited for terrorism links—is subject to clear non-nuclear sanctions.” In other words, once the “nuclear-related” sanctions go, so go all the rest, notwithstanding Administration promises. It may be too late to prevent President Obama from striking this deal. But as its contours become clearer, it looks increasingly like a betrayal of our friends, a whitewash of history—and a gift to a dictatorship.

WH Ignoring Iran’s $6Billion for Syria Iraq Terror

Posted on by

John Kerry, Hillary Clinton, Susan Rice, Tony Blinken, Tom Donilon, Samantha Power, Valerie Jarrett and Barack Obama are but part of the team that knew and ignored the billions for years that Iran used to support Bashir al Assad’s terror in Syria and later Iraq. The Obama regime has been gifting Iran money by lifting sanctions for the sake of humanitarian purposes in Iran when the money was not used for that but rather to support the Assad tyrannical power in Syria. Sanction waivers under the Obama regime regarding Iran have been common since the Iranian nuclear talks began.

Now the question is will this White House and State Department come clean and walk away from the P5+1 Iranian nuclear talks? This betrayal is historic.

Iran Spends Billions to Prop Up Assad

By Eli Lake
Iran is spending billions of dollars a year to prop up the Syrian dictator Bashar al-Assad, according to the U.N.’s envoy to Syria and other outside experts. These estimates are far higher than what the Barack Obama administration, busy negotiating a nuclear deal with the Tehran government, has implied Iran spends on its policy to destabilize the Middle East.

On Monday, a spokeswoman for the U.N. special envoy for Syria, Staffan de Mistura, told me that the envoy estimates Iran spends $6 billion annually on Assad’s government. Other experts I spoke to put the number even higher. Nadim Shehadi, the director of the Fares Center for Eastern Mediterranean Studies at Tufts University, said his research shows that Iran spent between $14 and $15 billion in military and economic aid to the Damascus regime in 2012 and 2013, even though Iran’s banks and businesses were cut off from the international financial system.

Such figures undermine recent claims from Obama and his top officials suggesting that Iran spends a relative pittance to challenge U.S. interests and allies in the region. While the administration has never disclosed its own estimates on how much Iran spends to back Syria and other allies in the Middle East, Obama himself has played down the financial dimension of the regime’s support.

“The great danger that the region has faced from Iran is not because they have so much money. Their budget — their military budget is $15 billion compared to $150 billion for the Gulf States,” he said in an interview last week with Israel’s Channel 2.

But experts see it another way. The Christian Science Monitor last month reported that de Mistura told a think tank in Washington that Iran was spending three times its official military budget–$35 billion annually–to support Assad in Syria. When asked about that earlier event, Jessy Chahine, the spokeswoman for de Mistura, e-mailed me: “The Special Envoy has estimated Iran spends $6 billion annually on supporting the Assad regime in Syria. So it’s $6 billion not $35 billion.”

Either way, that figure is significant. Many members of Congress and close U.S. regional allies have raised concerns that Iran will see a windfall of cash as a condition of any nuclear deal it signs this summer. Obama himself has said there is at least $150 billion worth of Iranian money being held in overseas banks as part of the crippling sanctions. If Iran spends billions of its limited resources today to support its proxies in the Middle East, it would follow that it will spend even more once sanctions are lifted.

The Obama administration disagrees. It says the amount Iran spends on mischief in the region is so low that any future sanctions relief will not make a difference in its behavior. Speaking at a conference this weekend sponsored by the Jerusalem Post, Treasury Secretary Jack Lew said that even as Iran’s economy has suffered from sanctions in recent years, it has been able to maintain its “small” level of assistance to terrorists and other proxies. “The unfortunate truth remains that the cost of this support is sufficiently small, that we will need to remain vigilant with or without a nuclear deal to use our other tools to deter the funding of terror and regional destabilization,” he said.

Shehadi and other experts acknowledged that their figures were estimates, because the Tehran regime does not publicize budgets for its Revolutionary Guard Corps or the full subsidies it provides to allies. Nonetheless, Shehadi says, Iranian support to Syria today is substantial, especially when factoring in the line of credit, oil subsidies and other kinds of economic assistance Iran provides the Syrian regime.

Steven Heydemann, who was the vice president for applied research on conflict at the U.S. Institute of Peace until last month, told me earlier this year that the value of Iranian oil transfers, lines of credit, military personnel costs and subsidies for weapons for the Syrian government was likely between $3.5 and $4 billion annually. He said that did not factor in how much Iran spent on supporting Hezbollah and other militias fighting Assad’s opponents in Syria. Heydamann said he estimated the total support from Iran for Assad would be between $15 and $20 billion annually.

A Pentagon report released last week was quite clear about what Iran hopes to achieve with its spending: “Iran has not substantively changed its national security and military strategies over the past year. However, Tehran has adjusted its approach to achieve its enduring objectives, by increasing its diplomatic outreach and decreasing its bellicose rhetoric.” The report says Iran’s strategy is intended to preserve its Islamic system of governance, protect it from outside threats, attain economic prosperity and “establish Iran as the dominant regional power.”

If Iran ends up accepting a deal on its nuclear program, it will see an infusion of cash to pursue that regional agenda. Shehadi said this fits a pattern for dictatorships in the Middle East: they preoccupy the international community with proliferation issues while, behind the scene, they continue to commit atrocities.

“In the early 1990s, Saddam Hussein was massacring his people and we were worried about the weapons inspectors,” Shehadi said. “Bashar al-Assad did that too. He kept us busy with chemical weapons when he massacred his people. Iran is keeping us busy with a nuclear deal and we are giving them carte blanche in Syria and the region.”

 

Deep Panda, the Hacker of OPM Employee Files

Posted on by

Personnel records held at the Office of Personnel Management going back 35 years on people who worked for government as employees or contractors are for sale on the Darknet.

Government records stolen in a sweeping data breach that was reported last week are popping up for sale on the so-called “darknet,” according to a tech firm that monitors the private online network used by criminals and creeps throughout the world.

Credentials to log into the Office of Personnel Management are being offered just days after the announcement the agency’s records, including extremely personal information of 4.1 million federal government employees dating back to the 1980s, had been compromised, said Chris Roberts, founder and CTO of the Colorado-based OneWorldLabs (OWL), a search engine that checks the darknet daily for data that could compromise security for its corporate and government clients, including government IDs and passwords.

The FBI has identified the operation. The hackers likely used Chinese associates already inside government for access. In classified briefings to members of Congress in recent days, intelligence officials have described what appears to be a systematic Chinese effort to build databases that explain the inner workings of the United States government. The information includes friends and relatives, around the world, of diplomats, of White House officials and of officials from government agencies, like nuclear experts and trade negotiators. Read more here.

FBI Alert Reveals ‘Groups’ Behind OPM Hack

President says cyber attack threat ‘accelerating’

The FBI has disclosed that multiple hacker groups carried out the cyber attack that compromised the records of 4 million government workers in the networks of the Office of Personnel Management.

“The FBI has obtained information regarding cyber actors who have compromised and stolen sensitive business information and personally identifiable information (PII),” states a Flash alert dated June 5. “Information obtained from victims indicates that PII was a priority target.”

Security analysts familiar with the OPM breach, disclosed in a notice last week, said two groups of Chinese state-sponsored hackers appear to be behind the cyber attacks, including one linked to the Chinese military that has been dubbed “Deep Panda.”

Deep Panda is a highly sophisticated Chinese military hacker unit that has been gathering data on millions of Americans. The group was linked in the past to the hacking of the health care provider Anthem that compromised the personal data of some 80 million customers.

The FBI did not directly link its warning to the OPM hacking. But it said cyber investigators have “high confidence” about the threat posed by the cyber attackers based on its investigation into the data breach.

According to the alert, the stolen personal data “has been used in other instances to target or otherwise facilitate various malicious activities such as financial fraud though the FBI is not aware of such activity by these groups.”

The groups were not identified by name or by country.

However, the alert revealed that the software used by the hackers is called Sakula, which security analysts say was the Root Access Tool, or RAT, that was used by the Chinese in both the OPM and Anthem hacks.

Sakula software employs stolen, signed security certificates to gain unauthorized network access and analysts said the use of that technique requires cyber sophistication that is not known to be used outside of nation-state cyber forces.

The software allows remote users to gain computer network administrator access, which permits the theft of large amounts of data.

The FBI warned in the notice that any entity that discovers the Sakula malware and other signatures should seek cyber security assistance and notify the FBI.

“Any activity related to these groups detected on a network should be considered an indication of a compromise requiring extensive mitigation and contact with law enforcement,” the notice said.

The groups involved were observed “across a variety of intrusions leveraging a diverse selection of tools and techniques to attempt to gain initial access to a victim including using credentials acquired during previous intrusions.”

President Obama was asked after the G-7 summit in Germany on Tuesday about the Chinese role in the OPM cyber attacks and declined to name Beijing as the perpetrator.

“We haven’t publicly unveiled who we think may have engaged in these cyber attacks,” Obama said. “But I can tell you that we have known for a long time that there are significant vulnerabilities and that these vulnerabilities are going to accelerate as time goes by, both in systems within government and within the private sector.”

Obama said part of the problem is “very old systems” used in government computer networks.

“And we discovered this new breach in OPM precisely because we’ve initiated this process of inventorying and upgrading these old systems to address existing vulnerabilities,” he said.

“[W]e’re going to have to keep on doing it, because both state and non-state actors are sending everything they’ve got at trying to breach these systems,” the president said.

“In some cases, it’s non-state actors who are engaging in criminal activity and potential theft,” Obama said. “In the case of state actors, they’re probing for intelligence or, in some cases, trying to bring down systems in pursuit of their various foreign policy objectives. In either case, we’re going to have to be much more aggressive, much more attentive than we have been.”

The problem of cyber attacks is “going to accelerate,” he said. “And that means that we have to be as nimble, as aggressive, and as well-resourced as those who are trying to break into these systems.”

The administration has rejected calls by senior U.S. security officials to engage in more aggressive, offensive cyber retaliation against states such as China as a way to develop cyber deterrence.

The president and his advisers are said to fear that offensive cyber attacks will lead to a major conflict. Supporters of taking more aggressive responses to hacking have said demonstrations of U.S. cyber retaliatory strikes will deter future attacks.

The administration has favored using law enforcement and diplomatic policies to deal with the problem.

One private sector cyber security specialist familiar with the OPM hack said that in addition to the government’s personnel database, other major cyber attacks believed to be carried out by Chinese hackers include clandestine intrusions into the networks of a major telecommunications company and a major aviation industry firm.

The hackers’ use of several domain names in the OPM hacking also are similar to domains used by Chinese cyber attackers in the past. The domains were identified as OPMsecurity.org and opm-learning.org.

Another signature linking the OPM hack to China was the hackers’ use of a program called Mimikatz that is used to gain high-level remote access to networks.

“Mimikatz is a classic of Deep Panda” in terms of tactics, techniques, and procedures, said a security analyst familiar with details of the attack. “This allows the actors to dump password hashes, perform pass the hash and ‘golden ticket’ attacks in the victim environment.”

The private security company CrowdStrike first identified Deep Panda and has called the group among the most sophisticated state-sponsored hackers.

China’s main military intelligence service that has been linked to cyber attacks is the Third Department of the General Staff, or 3PLA, which conducts cyber warfare.