Category Archives: Cyber War

FBI v. Presidents; Presidents v. FBI

Posted on by

Today, we have a breakdown in trust not only with media but with any and all White House personnel. There is no presidential administration that is exempt since Nixon for sure.

The American people must keep an unemotional and clinical posture with what is being told to us to maintain a clearer capacity for critical thinking.

It all came to a head during the Nixon administration regarding taping conversations inside the White House and the Oval Office. These operations and equipment are managed, maintained, stored and investigated by the U.S. Secret Service.

An unknown factoid is the White House has microphones all over it and several taping units, while Camp David is not excluded.

For a fascinating read on the Nixon White House taping facts, check this document. The Secret Service coordinates and collaborates with the FBI on such investigations.

Image result for nixon watergate tapes  NYTimes

Secret_Service_Nixon_taping

Technology has advanced by leaps and bounds since the Nixon days, adding even more curious questions as to what subsequent presidents have used with taping equipment. In fact technology has taken us to the advanced digital realm. Ever wonder what we really don’t know?

Much has been said about tapes in the Trump White House, to which Trump denied having tapes of Former FBI Director Comey and Trump conversations. Okay, but is that really true? There are legacy FBI agents that well remember countless cases and heated interactions with presidents. We then hear this new term of ‘deep state’, where anonymous sources and leaks are causing scandals and headaches for the Trump White House. Can we know who those are alleged to be part of the ‘deep state’? Much of the blame is being pointed to Comey as the leaker. Well, maybe, or it could be the Secret Service. Remember Kerry O’Grady who refused to protect President Trump? Are there others? Conversely, there were Secret Service agents that had big issues with previous presidents and their wives, one notable scandal throughout the agency was due to Hillary Clinton.

We also cannot overlook all the Secret Service scandals under the Obama administration as some cases involved the USSS erasing tapes. Other cases included USSS and hookers in Cartegena, car accidents and drunk agents that had to be flown home in disgrace.

Image result for secret service white house video tapes CNN

Beyond the Secret Service, how about Obama loyalists that remain behind? This site published a piece in January of 2017 regarding Obama’s appointments of key loyalists that have ‘forever’ government positions, known as burrowing in.

Did Barack Obama tape conversations? According to Jim Acosta at CNN, the answer is no, but in the same article, the answer is yes and there was also a stenographer.

The White House press office had a stenographer in meetings with journalists in order to have an independent transcript of the interviews, a common practice, the former official said.   
“None of that was hidden,” the former official said. “The stenographer sat in interviews with a tape recorder and sometimes even a boom mic — the same stenographers would tape and transcribe press briefings and gaggles. Journalists who interviewed President Obama would have been familiar with that.”
Below is a long but fascinating read. You can be sure that agents within the Secret Service, the FBI and the investigative wing at Department of Homeland Security have many stories to tell. To have some perspective, this gem if historical summary allows the reader to see facts and settings through the eyes of assigned agents.
Enjoy:
John Mindermann is part of an unusual fraternity. A former agent with the Federal Bureau of Investigation, now 80 and retired in his hometown, San Francisco, he is among the relative handful of law-enforcement officials who have investigated a sitting president of the United States. In June, when it was reported that the former F.B.I. director Robert Mueller would investigate whether President Trump had obstructed the federal inquiry into Russia’s meddling in the 2016 presidential election, I called Mindermann, who told me he was feeling a strong sense of déjà vu.

Mindermann joined the F.B.I. 50 years ago, after a stint with the San Francisco police force, whose corruption he was happy to leave behind. He was soon transferred to the bureau’s Washington field office, housed in the Old Post Office building on Pennsylvania Avenue — the same 19th-century edifice that is now a Trump hotel. On the afternoon of Saturday, June 17, 1972, he was in the shower at home when the phone rang.

An F.B.I. clerk told him that there had been a break-in overnight at the Democratic Party headquarters in the Watergate complex. He was to go to the Metropolitan Police Department headquarters and see the detective on duty. Then, lowering his voice, the clerk confided that the bureau had run a name check on one of the burglars, James McCord. It revealed that McCord had worked at both the F.B.I. and the C.I.A. He would later be identified as the chief of security at the Committee to Re-elect the President, the Nixon campaign operation known as Creep.

Mindermann met the detective, who was wearing a loud sports jacket and smiling widely. The detective strode into the walk-in evidence vault and, wearing latex gloves, produced nearly three dozen crisp new $100 bills, each in a glassine envelope. He fanned them out on a desk, like a magician performing a card trick. They had been seized from one of the burglars. Mindermann noticed the consecutive serial numbers. ‘‘That alone told me that they came from a bank through a person with economic power,’’ Mindermann told me. ‘‘I got this instant cold chill. I thought: This is not an ordinary burglary.’’

McCord had been carrying wiretapping gear at the Watergate. This was evidence of a federal crime — the illegal interception of communications — which meant the break-in was a case for the F.B.I. Wiretapping was standard practice at the F.B.I. under J. Edgar Hoover, who had ruled the bureau since 1924. But Hoover died six weeks before the Watergate break-in, and L. Patrick Gray, a lawyer at the Justice Department and a staunch Nixon loyalist, was named acting director. ‘‘I don’t believe he could bring himself to suspect his superiors in the White House — a suspicion which was well within the Watergate investigating agents’ world by about the third or fourth week,’’ Mindermann said.

A month after the break-in, Mindermann and a colleague named Paul Magallanes found their way to Judy Hoback, a Creep accountant. The interview at her home in suburban Maryland went on past 3 a.m. By the time Mindermann and Magallanes stepped out into the cool night air, they had learned from Hoback that $3 million or more in unaccountable cash was sloshing around at Creep, to finance crimes like the Watergate break-in. Both men sensed instinctively that ‘‘people in the White House itself were involved,’’ Magallanes, who is now 79 and runs an international security firm near Los Angeles, told me. Mindermann said he felt ‘‘a dark dread that this is happening in our democracy.’’ By 10:45 that morning, the agents had typed up a 19-page statement that laid out Creep’s direct connections to Nixon’s inner circle.Mindermann, the young ex-cop with five $27 department-store suits to his name, remembers the president’s men who stonewalled the investigation throughout 1972 and early 1973 as ‘‘Ivy Leaguers in their custom-fitted finery — these privileged boys born to be federal judges and Wall Street barons. They were gutless and completely self-serving. They lacked the ability to do the right thing.’’ By late April 1973, however, the stonewalls were crumbling. On Friday, April 27, as Nixon flew off to Camp David for the weekend, mulling his dark future, the F.B.I. moved to secure White House records relevant to Watergate.

At 5:15 p.m., 15 agents arose from their dented metal desks in the Old Post Office building and marched in tight formation, fully armed, up Pennsylvania Avenue. On Monday, a highly agitated Nixon returned to the White House to find a skinny F.B.I. accountant standing watch outside a West Wing office. The president pushed him up against a wall and demanded to know how he had the authority to invade the White House. Mindermann laughed at the memory: ‘‘What do you do,’’ he said, ‘‘when you’re mugged by the president of the United States?’’

‘‘I take the president at his word — that I was fired because of the Russia investigation,’’ James Comey, the former F.B.I. director, said in June, testifying before the Senate Intelligence Committee a month after his abrupt dismissal from his post by the president. Comey was referring to the account Trump gave in an NBC interview on May 11 — and Comey fought back on the rest of the story as Trump told it. Trump, he said, ‘‘chose to defame me and, more importantly, the F.B.I. by saying that the organization was in disarray, that it was poorly led, that the work force had lost confidence in its leader. Those were lies, plain and simple.’’

Trump, Comey said, had asked his F.B.I. director for his loyalty — and that seemed to shock Comey the most. The F.B.I.’s stated mission is ‘‘to protect the American people and uphold the Constitution of the United States’’ — not to protect the president. Trump seemed to believe Comey was dutybound to do his bidding and stop investigating the recently fired national security adviser, Lt. Gen. Michael Flynn. ‘‘The statue of Justice has a blindfold on because you’re not supposed to be peeking out to see whether your patron is pleased or not with what you’re doing,’’ Comey said. ‘‘It should be about the facts and the law.’’

Trump might have been less confused about how Comey saw his job if he had ever visited the F.B.I. director in his office. On his desk, under glass, Comey famously kept a copy of a 1963 order authorizing Hoover to conduct round-the-clock F.B.I. surveillance of the Rev. Dr. Martin Luther King Jr. It was signed by the young attorney general, Robert F. Kennedy, after Hoover convinced John F. Kennedy and his brother that King had Communists in his organization — a reminder of the abuses of power that had emanated from the desk where Comey sat.

One of history’s great what-ifs is whether the Watergate investigation would have gone forward if Hoover hadn’t died six weeks before the break-in. When Hoover died, Nixon called him ‘‘my closest personal friend in all of political life.’’ Along with Senator Joseph McCarthy, they were the avatars of anti-Communism in America. Hoover’s F.B.I. was not unlike what Trump seems to have imagined the agency still to be: a law-enforcement apparatus whose flexible loyalties were bent to fit the whims of its director. In his half-century at the helm of the F.B.I., Hoover rarely approved cases against politicians. In the 1960s, he much preferred going after the civil rights and antiwar movements and their leaders, and his agents routinely broke the law in the name of the law.

In 1975, however, Congress, emboldened by Watergate and newly attuned to its watchdog responsibilities, began its first full-scale investigation of this legacy, and of similar abuses at the C.I.A. Edward Levi, Gerald Ford’s attorney general, gave the F.B.I. an unprecedented assignment: investigating itself. Fifty-three agents were soon targets of investigations by their own agency, implicated in crimes committed in the name of national security. Mark Felt, the agency’s second-in-command (who 30 years later revealed himself to have been Bob Woodward’s source ‘‘Deep Throat’’), and Ed Miller, the F.B.I.’s intelligence director, were convicted of conspiring to violate the civil rights of Americans. (President Ronald Reagan later pardoned them.) The F.B.I.’s rank and file felt it was under attack. ‘‘Every jot of wrongdoing — whether real, imagined or grossly exaggerated — now commands an extraordinary amount of attention,’’ Clarence Kelley, the F.B.I. director under Presidents Nixon, Ford and Jimmy Carter, said in 1976. The American people, he argued, could not long endure ‘‘a crippled and beleaguered F.B.I.’’

The Iran-contra scandal provided the bureau with its first great post-Watergate test. On Oct. 5, 1986, Sandinistas in Nicaragua shot down a cargo plane, which bore an unassuming transport-company name but was found to contain 60 Kalashnikov rifles, tens of thousands of cartridges and other gear. One crew member was captured and revealed the first inklings of what turned out to be an extraordinary plot. Reagan’s national-security team had conspired to sell American weapons to the Iranian Revolutionary Guard and, after marking up the price fivefold, skimmed the proceeds and slipped them to the anti-Communist contra rebels in Nicaragua. This was a direct violation of federal law, as Congress had passed a bill cutting off aid to the rebels, which made Iran-contra a case for the F.B.I.

In a major feat of forensics, F.B.I. agents recovered 5,000 deleted emails from National Security Council office computers, which laid out the scheme from start to finish. They opened a burn bag of top-secret documents belonging to the N.S.C. aide Oliver North and found a copy of elaborately falsified secret testimony to Congress. They dusted it for fingerprints and found ones belonging to Clair George, chief of the clandestine service of the C.I.A. In short order, an F.B.I. squad was inside C.I.A. headquarters, rifling through double-locked file cabinets. Almost all the major evidence that led to the indictments of 12 top national-security officials was uncovered by the F.B.I.

George H. W. Bush pardoned many of the key defendants at the end of his presidency, on Christmas Eve 1992 — just as Reagan pardoned Mark Felt and Ford pardoned Nixon. This was the limit of the agency’s influence, the one presidential power that the F.B.I. could not fight. But over the course of two decades and five presidents, the post-Hoover relationship between the F.B.I. and the White House had settled into a delicate balance between the rule of law and the chief of state. Presidents could use secrecy, and sometimes outright deception, to push their executive powers to the limit. But the F.B.I., through its investigative brief, retained a powerful unofficial check on these privileges: the ability to amass, and unveil, deep secrets of state. The agency might not have been able to stop presidents like Nixon and Reagan from overreaching, but when it did intervene, there was little presidents could do to keep the F.B.I. from making their lives very difficult — as Bill Clinton discovered in 1993, when he appointed Louis J. Freeh as his F.B.I. director.

Freeh was an F.B.I. agent early in his career but had been gone from the agency for some time when he was named to run it — so he was alarmed to discover, shortly after he started his new job, that the F.B.I. was in the midst of investigating real estate deals involving the Clintons in Arkansas. Freeh quickly turned in his White House pass. He saw Clinton as a criminal suspect in the Whitewater affair, in which the F.B.I. and a special prosecutor bushwhacked through the brambles of Arkansas politics and business for four years — and, through a most circuitous route, wound up grilling a 24-year-old former White House intern named Monica Lewinsky in a five-star hotel. The bureau, through the White House physician, had blood drawn from the president to match the DNA on Lewinsky’s blue dress — evidence that the president perjured himself under oath about sex, opening the door to his impeachment by the House of Representatives.

‘‘He came to believe that I was trying to undo his presidency,’’ Freeh wrote of Clinton in his memoir. Clinton’s allies complained after the fact that Freeh’s serial investigations of the president were not just a headache but also a fatal distraction. From 1996 to 2001, when Al Qaeda and Osama bin Laden bombed two American Embassies in Africa and plotted the Sept. 11 attacks, the F.B.I. spent less time and money on any counterterrorism investigation than it did investigating claims that Chinese money bought influence over President Clinton though illegal 1996 campaign contributions — an immense project that eventually became a fiasco on its own terms. One of the F.B.I.’s informants in the investigation was a socially promi­nent and politically connected Californian named Katrina Leung. At the time, Leung was in a sexual relationship with her F.B.I. handler, James J. Smith, chief of the bureau’s Los Angeles branch’s China squad. Smith had reason to suspect that Leung might be a double agent working for Chinese intelligence, but he protected her anyway.

The F.B.I. buried the scandal until after Clinton left the White House in 2001. By the time it came to light, Freeh was out the door, and President George W. Bush had chosen Robert Mueller as the sixth director of the F.B.I.

Born into a wealthy family, Mueller exemplified ‘‘the tradition of the ‘muscular Christian’ that came out of the English public-school world of the 19th century,’’ Maxwell King, Mueller’s classmate at St. Paul’s, the elite New England prep school, told me. Mueller arrived at F.B.I. headquarters with a distinguished military record — he earned a bronze star as a Marine in Vietnam — and years of service as a United States attorney and Justice Department official. It was a week before the Sept. 11 attacks, and he was inheriting an agency ill suited for the mission that would soon loom enormously before it. Richard A. Clarke, the White House counterterrorism czar under Clinton and Bush, later wrote that Freeh’s F.B.I. had not done enough to seek out foreign terrorists. Clarke also wrote that Freeh’s counterterror chief, Dale Watson, had told him: ‘‘We have to smash the F.B.I. into bits and rebuild it.’’

Mueller had already earned the respect of the F.B.I. rank and file during his tenure as chief of the criminal division of the Justice Department. When he started work at the Justice Department in 1990, the F.B.I. had been trying and failing for two years to solve the bombing of Pan Am Flight 103 over Lockerbie, Scotland. ‘‘The F.B.I. was not set up to deal with a major investigation like this,’’ Richard Marquise, an F.B.I. intelligence analyst who became the leader of the Lockerbie investigation under Mueller, said in an F.B.I. oral history. ‘‘I blame the institution.’’

Mueller used his power under law to obliterate the F.B.I.’s byzantine flow charts of authority in the case. ‘‘We literally cut out the chains of command,’’ Marquise said. ‘‘We brought in the C.I.A. We brought the Scots. We brought MI5 to Washington. And we sat down and we said: ‘We need to change the way we’re doing business. . . . We need to start sharing information.’ ’’ It was a tip from the Scots that put Marquise on the trail of the eventual suspect: one of Col. Muammar el-Qaddafi’s intelligence officers, whose cover was security chief for the Libyan state airlines. Qaddafi’s spy, Abdel Basset Ali al-Megrahi, was indicted in 1991. It took until the turn of the 21st century, but he was convicted.

It meant a great deal to Mueller, in the Lockerbie case, that the evidence the F.B.I. produced be deployed as evidence in court, not justification for war. In a speech he gave at Stanford University in 2002, concerning the nation’s newest threat, he spoke of ‘‘the balance we must strike to protect our national security and our civil liberties as we address the threat of terrorism.’’ He concluded: ‘‘We will be judged by history, not just on how we disrupt and deter terrorism, but also on how we protect the civil liberties and the constitutional rights of all Americans, including those Americans who wish us ill. We must do both of these things, and we must do them exceptionally well.’’

These views made Mueller something of an outlier in the Bush administration; five days after the Sept. 11 attacks, Vice President Dick Cheney was warning that the White House needed to go over to ‘‘the dark side’’ to fight Al Qaeda. Among the darkest places was a top-secret program code-named Stellar Wind, under which the N.S.A. eavesdropped freely in the United States without search warrants.

By the end of 2003, Mueller had a new boss: James Comey, who was named deputy attorney general. Comey was read into the Stellar Wind program and deemed it unconstitutional. He briefed Mueller, who concurred. They saw no evidence that the surveillance had saved a single life, stopped an imminent attack or uncovered an Al Qaeda member in the United States. In the first week of March, the two men agreed that the F.B.I. could not continue to go along with the surveillance programs. They also thought Attorney General John Ashcroft should not re-endorse Stellar Wind. Comey made the case to Ashcroft.

In remarkable congressional testimony in 2007, Comey would describe what happened next: Hours later, Ashcroft keeled over with gallstone pancreatitis. He was sedated and scheduled for surgery. Comey was now the acting attorney general. He and the president were required to reauthorize Stellar Wind on March 11 for the program to continue. When Comey learned the White House counsel and chief of staff were heading to the hospital of the night of March 10 to get the signature of the barely conscious Ashcroft, Comey raced to Ashcroft’s hospital room to head them off. When they arrived, Ashcroft lifted his head off the pillow and told the president’s men that he wouldn’t sign. Pointing at Comey, he said: ‘‘There is the attorney general.’’

Bush signed the authorization alone anyway, asserting that he had constitutional power to do so. Mueller took meticulous notes of these events; they were partly declassified years later. On March 11, he wrote that the president was ‘‘trying to do an end run around’’ Comey, at the time the nation’s chief law-enforcement officer. At 1:30 a.m. on March 12, Mueller drafted a letter of resignation. ‘‘I am forced to withdraw the F.B.I. from participation in the program,’’ he wrote. If the president did not back down, ‘‘I would be constrained to resign as director of the F.B.I.’’ And Comey and Ashcroft would go with him.

Seven hours later, with the letter in the breast pocket of his suit, Mueller sat alone with Bush in the Oval Office. Once again, the F.B.I. had joined a battle against a president. Mueller’s notes show that he told Bush in no uncertain terms that ‘‘a presidential order alone’’ could not legalize Stellar Wind. Unless the N.S.A. brought Stellar Wind within the constraints of the law, he would lose his F.B.I. director, the attorney general and the acting attorney general. In the end, Bush relented — it took years, but the programs were put on what Mueller considered a defensible legal footing.

Trump’s showdown with Comey and its aftermath is the fifth confrontation between the F.B.I. and a sitting president since the death of J. Edgar Hoover, and the first in which the president’s principal antagonists, Mueller and Comey, have been there before. When Bush faced the same two men, he was acutely aware of the history that attended their confrontation. He wrote later that he realized their resignations could be the second coming of the Saturday Night Massacre, the penultimate disaster of Nixon’s presidency, when the embattled president keelhauled the special prosecutor pursuing the secret White House tapes and lost his attorney general and deputy attorney general in the process. The question is whether Trump cares enough about the consequences of history to avoid repeating it.

For the Watergate veterans John Mindermann and Paul Magallanes, the news of recent weeks has come with a certain amount of professional gratification. When I spoke with them on June 14, both agents said they wanted the bureau’s role as a check on the president to be in the public eye. For years, they felt that their own work had gone unacknowledged. ‘‘We never got an ‘attaboy’ letter from our superiors,’’ Mindermann said. ‘‘But we changed history, and we knew it.’’ Magallanes had always been bothered by how, in the collective American memory, Nixon’s downfall was attributed to so many other authors: Woodward and Bernstein, crusading congressional committees, hard-nosed special prosecutors. To the agents who were present at the time, it was first and foremost an F.B.I. story. ‘‘We were the people who did the work,’’ Magallanes told me. ‘‘It was we, the F.B.I., who brought Richard Nixon down. We showed that our government can investigate itself.’’

Peter Smith and Hillary’s 30,000 Missing Emails

Posted on by

Peter Smith and Michael Flynn knew each other and communicated often. Peter Smith was 81 years old when he died, but what does Flynn have when it comes to 30,000 emails that Hillary deleted? Once Smith was able to located Russian hackers that admitted hacking Hillary’s emails, the question is where are they and why were they never published?

Performing attribution, ensuring they are real, confirming they have not been doctored is the challenge, after all Russians are in the equation. However, cyber experts performing the review have an above 90% certainty. Peter Smith was not associated at all with any part of the Trump camp but did support his race for the White House.

Meanwhile, special council Robert Mueller and his team are likely passing out subpoenas to get all the pieces of the electronic trail on this.

Image result for peter smith hackers Peter Smith/NYDailyNews

Humm…let’s go deeper for background and context. Once you read below, you will have thousands of questions and some are answered here in the follow up podcast with the WSJ journalist that broke the story.

***

A new report raises some big questions about Michael Flynn and Russian hackers

The Wall Street Journal describes how one Trump supporter reached out to hackers — and dropped Flynn’s name.

A tantalizing new report from Shane Harris of the Wall Street Journal gives the strongest indication yet that collusion may have occurred — or was at least attempted — between supporters of Donald Trump’s 2016 presidential campaign and Russian hackers who targeted Democrats’ emails.

And it raises serious questions about whether fired National Security Adviser Michael Flynn was involved in these efforts to contact hackers.

Harris describes an effort by Peter Smith, a Trump-supporting GOP operative and private equity executive, to track down Hillary Clinton’s infamous 30,000 or so deleted emails during the fall of 2016.

The effort, described on the record to Harris by Smith (the 81-year old man died a week and a half after their interview), entailed outreach to several hacker groups, including at least two that Smith believed to be Russian-tied, to see if they had hacked the emails and could release them.

The emails — which Clinton said she deleted because they were personal and unrelated to her work as secretary of state — never surfaced. And Smith didn’t work for the Trump campaign.

But this new report could be especially significant because of one name that keeps coming up: Michael Flynn, who at the time was advising the Trump campaign.

Smith repeatedly claimed that he was in contact with Flynn about the effort to find Clinton’s emails, per Harris’s sources.

“He said, ‘I’m talking to Michael Flynn about this — if you find anything, can you let me know?’” said Eric York, a computer-security expert from Atlanta who searched hacker forums on Mr. Smith’s behalf for people who might have access to the emails. …

… In phone conversations, Mr. Smith told a computer expert he was in direct contact with Mr. Flynn and his son, according to this expert. … The expert said that based on his conversations with Mr. Smith, he understood the elder Mr. Flynn to be coordinating with Mr. Smith’s group in his capacity as a Trump campaign adviser.

Furthermore, Harris describes, apparently for the first time, US intelligence reports claiming Russian hackers discussed how to get hacked emails to Flynn through a third party.

Investigators have examined reports from intelligence agencies that describe Russian hackers discussing how to obtain emails from Mrs. Clinton’s server and then transmit them to Mr. Flynn via an intermediary, according to U.S. officials with knowledge of the intelligence.

If accurate, all this is enough to raise serious questions about just what Flynn knew about this or any other attempted outreach to Russian hackers.

How this story fits into the timeline of the hackings

It’s no secret that Trump wanted someone to find Clinton’s deleted emails — he said as much publicly.

To recap: When word got out that Clinton had used a personal email account for all her work at the State Department, she agreed to hand over the work-related emails on that account to government investigators. But it turned out that she had previously deemed about 32,000 emails (about half of the total) to be “personal” rather than work-related, and deleted them.

Many conservatives didn’t take Clinton’s explanation for why she deleted the emails at face value, and questioned whether the deleted emails could have included some incriminating information that might reveal scandalous behavior of some kind. One of those Republicans was Trump, who repeatedly referenced the deleted emails on the campaign trail.

In July 2016, hacked emails from the Democratic National Committee were publicly released, and the hacks were thought to be the work of Russia. And at the time, Trump said in public that he hoped there would be email releases to come — including Clinton’s deleted ones.

“Russia, if you’re listening, I hope you’re about to find the 30,000 [Hillary Clinton] emails that are missing,” he said at a press conference. “I think you will probably be rewarded mightily by our press. Let’s see if that happens. That will be next.”

A few months after this, in fall 2016, Peter Smith launched the effort reported by the Journal to try to get the emails from hacking groups that he thought might have them — including hacking groups he understood to be tied to the Russian government.

Again, though, it seems that no one did have Clinton’s deleted emails. The biggest Russia-linked email hacks and dumps involved the DNC accounts (released in July 2016) and Clinton campaign chair John Podesta’s emails (released in October 2016), but no emails from Clinton’s own server.

Michael Flynn’s potential involvement could be highly significant

Still, one major question has always been whether any Trump associates were involved in these or other hacking efforts.

There’s been a whole lot of evidence that several Trump associates (including Flynn) had ties to Russian officials, and of course it was clear that Trump’s public policies were far more pro-Russia than the Republican norm.

But there really hasn’t been very much evidence tying anyone in Trumpworld to any hacking — making it plausible that the hacking operations were carried out without any coordination or contacts with anyone in Trump’s camp.

Harris’s story changes that somewhat. Now we know of Smith’s outreach to Russian hackers — and, more importantly, his claims that Flynn (who was close to Trump) may have known too. And there’s that other claim that US intelligence suggests Russian hackers were discussing giving hacked emails to Flynn. Where would they get that idea?

Any involvement from Flynn could be quite significant. He’s known to have had many contacts with Russian officials, and he advised Trump on foreign policy matters during the presidential campaign.

Afterward, Trump named him national security adviser. But he didn’t last long in the post, resigning in February due to controversy over whether he falsely described his contacts with Russian Ambassador Sergey Kislyak during the transition.

By then, the White House had been told that Flynn was under federal investigation. And then-FBI Director James Comey has since testified that the day after Flynn’s firing, President Trump took him aside and told him, “I hope you can see your way clear to letting this go, to letting Flynn go. He is a good guy. I hope you can let this go.”

So Trump has already been trying to shield Flynn from investigators — making the question of just what Flynn might know ever more interesting, and one that will certainly be on special counsel Robert Mueller’s mind.

Iran and N. Korea’s Joint Missile and Nuclear Programs

Posted on by

Iranian opposition group says North Korea helps Iran grow ballistic missile program.

Iran hosts long term living quarters for North Korean missile engineers and likewise, North Korea does the same with Iranian nuclear scientists.

There are 42 above and below ground locations in Iran.

Drawing a “Broader Conclusion” on Iran’s Nuclear Program 

Download the full memo here.

Under the terms of the nuclear deal with Iran, formally known as the Joint Comprehensive Plan of Action (JCPOA), key restrictions would expire if  the IAEA formally reaches a “broader conclusion” that Tehran’s nuclear program is entirely peaceful. Such a conclusion would result in the lifting of the UN’s remaining non-nuclear sanctions, including the ban on ballistic missile testing and the conventional arms embargo.  Furthermore, the U.S. and EU would delist additional entities from their sanctions lists.  Notably, the EU would delist all entities affiliated with Iran’s Islamic Revolutionary Guard Corps, the organization responsible for both terrorist activities abroad as well as key aspects of the nuclear program.

Spurring the IAEA to reach a broader conclusion as quickly as possible appears to be Iran’s goal. In a televised speech in the middle of May, Iran’s President Hassan Rouhani expressed his intention to engage in “lifting all the non-nuclear sanctions during the coming four years” – at least two years earlier than the JCPOA would otherwise allow.  Unless additional steps are taken to redress the International Atomic Energy Agency’s (IAEA) closing of Iran’s possible military dimension (PMD) file in December 2015,  it is technically possible for the IAEA to reach a broader conclusion within four years.

What is Required for the IAEA to Reach a Broader Conclusion?

To reach a broader conclusion, the IAEA needs to be able to conclude – based on extensive verification and analysis of all information available to it – that all nuclear material has remained in peaceful activities, which means that there are no indications of diversion of nuclear material from peaceful activities and no indications of undeclared nuclear material or activities in Iran as a whole.

Despite the IAEA’s previous conclusion that Iran had, in fact, carried out a wide range of activities ‘relevant to the development of a nuclear explosive device,’ the IAEA Board of Governors reached a political decision in December 2015 to “close” the investigation into the possible military dimensions (PMD) of Iran’s nuclear program, a decision necessary to ensure the implementation of the Joint Comprehensive Plan of Action (JCPOA). This decision has amplified the IAEA’s shortcoming in its ability to form a composite picture of, and thereby fully monitor, proscribed nuclear weapons development activities in Iran.  Such monitoring and verification is essential to determine the nature of Iran’s nuclear program.

Image result for iran above and below missile sites More from thewire.com

*** Further, is Saudi Arabia, Israel, the United States or other countries prepared? Was this a threat?

NCRI – Cleric Alamal-Hoda, Khamenei’s representative and Friday prayer leader in Northeastern city of Mashhad, while confessing to low participation of people in Qods Day march, threatened to launch rocket attack into Riyadh, Saudi Arabia. He said: “Those who did not really participate in the ceremony without excuse, they are those, who were not present at the battlefield against infidels”.

This Mullah added: “Today, after 38 years, our ballistic missile are shaking the world and makes the world upside down.” We have reached to such power. This precise pointing of missile deployment to Deiralzor is not much more difficult, than, the pointing of the Saudi Arabian palace in Riyadh, that is, if the missile flowing from the Gulf to the heart of Al-Saud’s palace, it will have the same targeting spot, and will remove this unclean descent spot,  Al-Ain from the page of Islam”.

Khamenei’s representative in Mashhad called on rival factions in the government and parliament to stop compromising with the enemy and accept the failure of JCPOA. At the same time, he argued that JCPOA pursuit was under Khamenei’s control. Almal-Hoda stated: Our policy makers in the executive branch, in the legislature and the parliament are not so eager to compromise with the enemy. You wanted it, your policy was implemented, you saw it failed. We brought the core of nuclear activities to brink of none, as sanctions were not lifted (Astan Qods Razavi TV, March 24, 2017).

 

Brute Force Attack on UK Parliament User Emails

Posted on by

Inside and outside cyber experts are making attributions to Russia.

The Russian government is suspected of being behind a cyber-attack on parliament that breached dozens of email accounts belonging to MPs and peers.

Although the investigation is at an early stage and the identity of those responsible may prove impossible to establish with absolute certainty, Moscow is deemed the most likely culprit.

The British security services believe that responsibility for the attack is more likely to lie with another state rather than a small group of individual hackers.

The number of states who might mount such an attack on the UK is limited, and, in addition to Russia, includes North Korea, China and Iran.

A security source said: “It was a brute force attack. It appears to have been state-sponsored.”

“The nature of cyber-attacks means it is notoriously difficult to attribute an incident to a specific actor.”

MPs contacted by the Guardian said the immediate suspicion had fallen upon foreign governments such as Russia and North Korea, both of which have been accused of being behind hacking attempts in the UK before. More from the Guardian.

BBC: Up to 90 email accounts were compromised during the cyber-attack on Parliament on Friday.

Fewer than 1% of the 9,000 users of the IT system were impacted by the hacking, said a parliamentary spokesman.

The hack prompted officials to disable remote access to the emails of MPs, peers and their staff as a safeguard.

The spokesman said the attack was a result of “weak passwords” and an investigation is under way to determine whether any data has been lost.

Both Houses of Parliament will meet as planned on Monday and plans are being put in place to allow it to resume its wider IT services, said officials.

A number of MPs confirmed to the BBC they were unable to access their parliamentary email accounts outside of the Westminster estate following the hacking.

‘Passwords for sale’

The spokesman said the parliamentary network was compromised due to “weak passwords” which did not conform to guidance from the Parliamentary Digital Service.

They added: “As they are identified, the individuals whose accounts have been compromised have been contacted and investigations to determine whether any data has been lost are under way.”

The incident comes just over a month after 48 of England’s NHS trusts were hit by a cyber-attack.

International Trade Secretary Liam Fox said: “We have seen reports in the last few days of even cabinet ministers’ passwords being for sale online.

“We know that our public services are attacked so it is not at all surprising that there should be an attempt to hack into parliamentary emails.

“And it’s a warning to everybody, whether they are in Parliament or elsewhere, that they need to do everything possible to maintain their own cyber-security.”

The latest attack was publicly revealed by Liberal Democrat peer Lord Rennard on Twitter as he asked his followers to send any “urgent messages” to him by text.

The National Cyber Security Centre and National Crime Agency are investigating the incident.

WannaCry Hacking Bad, but This is Terrifying

Posted on by

WASHINGTON — CIA Director Mike Pompeo says he thinks disclosure of America’s secret intelligence is on the rise, fueled partly by the “worship” of leakers like Edward Snowden.

“In some ways, I do think it’s accelerated,” Pompeo told MSNBC in an interview that aired Saturday. “I think there is a phenomenon, the worship of Edward Snowden, and those who steal American secrets for the purpose of self-aggrandizement or money or for whatever their motivation may be, does seem to be on the increase.”

Pompeo said the United States needs to redouble its efforts to stem leaks of classified information. More here.

***

A Cyberattack ‘the World Isn’t Ready For’

Golan Ben-Oni, of the IDT Corporation, which was attacked in April with two cyberweapons stolen from the National Security Agency.  Justin T. Gellerson for The New York Times

NEWARK — There have been times over the last two months when Golan Ben-Oni has felt like a voice in the wilderness.

On April 29, someone hit his employer, IDT Corporation, with two cyberweapons that had been stolen from the National Security Agency. Mr. Ben-Oni, the global chief information officer at IDT, was able to fend them off, but the attack left him distraught.

In 22 years of dealing with hackers of every sort, he had never seen anything like it. Who was behind it? How did they evade all of his defenses? How many others had been attacked but did not know it?

Since then, Mr. Ben-Oni has been sounding alarm bells, calling anyone who will listen at the White House, the Federal Bureau of Investigation, the New Jersey attorney general’s office and the top cybersecurity companies in the country to warn them about an attack that may still be invisibly striking victims undetected around the world.

And he is determined to track down whoever did it.

“I don’t pursue every attacker, just the ones that piss me off,” Mr. Ben-Oni told me recently over lentils in his office, which was strewn with empty Red Bull cans. “This pissed me off and, more importantly, it pissed my wife off, which is the real litmus test.”

Two weeks after IDT was hit, the cyberattack known as WannaCry ravaged computers at hospitals in England, universities in China, rail systems in Germany, even auto plants in Japan. No doubt it was destructive. But what Mr. Ben-Oni had witnessed was much worse, and with all eyes on the WannaCry destruction, few seemed to be paying attention to the attack on IDT’s systems — and most likely others around the world.

The strike on IDT, a conglomerate with headquarters in a nondescript gray building here with views of the Manhattan skyline 15 miles away, was similar to WannaCry in one way: Hackers locked up IDT data and demanded a ransom to unlock it.

But the ransom demand was just a smoke screen for a far more invasive attack that stole employee credentials. With those credentials in hand, hackers could have run free through the company’s computer network, taking confidential information or destroying machines.

Worse, the assault, which has never been reported before, was not spotted by some of the nation’s leading cybersecurity products, the top security engineers at its biggest tech companies, government intelligence analysts or the F.B.I., which remains consumed with the WannaCry attack.

Were it not for a digital black box that recorded everything on IDT’s network, along with Mr. Ben-Oni’s tenacity, the attack might have gone unnoticed.

Scans for the two hacking tools used against IDT indicate that the company is not alone. In fact, tens of thousands of computer systems all over the world have been “backdoored” by the same N.S.A. weapons. Mr. Ben-Oni and other security researchers worry that many of those other infected computers are connected to transportation networks, hospitals, water treatment plants and other utilities.

An attack on those systems, they warn, could put lives at risk. And Mr. Ben-Oni, fortified with adrenaline, Red Bull and the house beats of Deadmau5, the Canadian record producer, said he would not stop until the attacks had been shut down and those responsible were behind bars.

“The world is burning about WannaCry, but this is a nuclear bomb compared to WannaCry,” Mr. Ben-Oni said. “This is different. It’s a lot worse. It steals credentials. You can’t catch it, and it’s happening right under our noses.”

And, he added, “The world isn’t ready for this.”

Targeting the Nerve Center

Mr. Ben-Oni, 43, a Hasidic Jew, is a slight man with smiling eyes, a thick beard and a hacker’s penchant for mischief. He grew up in the hills of Berkeley, Calif., the son of Israeli immigrants.

Even as a toddler, Mr. Ben-Oni’s mother said, he was not interested in toys. She had to take him to the local junkyard to scour for typewriters that he would eventually dismantle on the living room floor. As a teenager, he aspired to become a rabbi but spent most of his free time hacking computers at the University of California, Berkeley, where his exploits once accidentally took down Belgium’s entire phone system for 15 minutes.

To his parents’ horror, he dropped out of college to pursue his love of hacking full time, starting a security company to help the city of Berkeley and two nearby communities, Alameda and Novato, set up secure computer networks.

He had a knack for the technical work, but not the marketing, and found it difficult to get new clients. So at age 19, he crossed the country and took a job at IDT, back when the company was a low-profile long-distance service provider.

As IDT started acquiring and spinning off an eclectic list of ventures, Mr. Ben-Oni found himself responsible for securing shale oil projects in Mongolia and the Golan Heights, a “Star Trek” comic books company, a project to cure cancer, a yeshiva university that trains underprivileged students in cybersecurity, and a small mobile company that Verizon recently acquired for $3.1 billion.

Which is to say he has encountered hundreds of thousands of hackers of every stripe, motivation and skill level. He eventually started a security business, IOSecurity, under IDT, to share some of the technical tools he had developed to keep IDT’s many businesses secure. By Mr. Ben-Oni’s estimate, IDT experiences hundreds of attacks a day on its businesses, but perhaps only four each year give him pause.

Nothing compared to the attack that struck in April. Like the WannaCry attack in May, the assault on IDT relied on cyberweapons developed by the N.S.A. that were leaked online in April by a mysterious group of hackers calling themselves the Shadow Brokers — alternately believed to be Russia-backed cybercriminals, an N.S.A. mole, or both.

The WannaCry attack — which the N.S.A. and security researchers have tied to North Korea — employed one N.S.A. cyberweapon; the IDT assault used two.

Both WannaCry and the IDT attack used a hacking tool the agency had code-named EternalBlue. The tool took advantage of unpatched Microsoft servers to automatically spread malware from one server to another, so that within 24 hours North Korea’s hackers had spread their ransomware to more than 200,000 servers around the globe.

The attack on IDT went a step further with another stolen N.S.A. cyberweapon, called DoublePulsar. The N.S.A. used DoublePulsar to penetrate computer systems without tripping security alarms. It allowed N.S.A. spies to inject their tools into the nerve center of a target’s computer system, called the kernel, which manages communications between a computer’s hardware and its software.

In the pecking order of a computer system, the kernel is at the very top, allowing anyone with secret access to it to take full control of a machine. It is also a dangerous blind spot for most security software, allowing attackers to do what they want and go unnoticed. In IDT’s case, attackers used DoublePulsar to steal an IDT contractor’s credentials. Then they deployed ransomware in what appears to be a cover for their real motive: broader access to IDT’s businesses.

Mr. Ben-Oni learned of the attack only when a contractor, working from home, switched on her computer to find that all her data had been encrypted and that attackers were demanding a ransom to unlock it. He might have assumed that this was a simple case of ransomware.

But the attack struck Mr. Ben-Oni as unique. For one thing, it was timed perfectly to the Sabbath. Attackers entered IDT’s network at 6 p.m. on Saturday on the dot, two and a half hours before the Sabbath would end and when most of IDT’s employees — 40 percent of whom identify as Orthodox Jews — would be off the clock. For another, the attackers compromised the contractor’s computer through her home modem — strange.

The black box of sorts, a network recording device made by the Israeli security company Secdo, shows that the ransomware was installed after the attackers had made off with the contractor’s credentials. And they managed to bypass every major security detection mechanism along the way. Finally, before they left, they encrypted her computer with ransomware, demanding $130 to unlock it, to cover up the more invasive attack on her computer.

Mr. Ben-Oni estimates that he has spoken to 107 security experts and researchers about the attack, including the chief executives of nearly every major security company and the heads of threat intelligence at Google, Microsoft and Amazon.

With the exception of Amazon, which found that some of its customers’ computers had been scanned by the same computer that hit IDT, no one had seen any trace of the attack before Mr. Ben-Oni notified them. The New York Times confirmed Mr. Ben-Oni’s account via written summaries provided by Palo Alto Networks, Intel’s McAfee and other security firms he used and asked to investigate the attack.

“I started to get the sense that we were the canary,” he said. “But we recorded it.”

Since IDT was hit, Mr. Ben-Oni has contacted everyone in his Rolodex to warn them of an attack that could still be worming its way, undetected, through victims’ systems.

“Time is burning,” Mr. Ben-Oni said. “Understand, this is really a war — with offense on one side, and institutions, organizations and schools on the other, defending against an unknown adversary.”

‘No One Is Running Point’

Since the Shadow Brokers leaked dozens of coveted attack tools in April, hospitals, schools, cities, police departments and companies around the world have largely been left to fend for themselves against weapons developed by the world’s most sophisticated attacker: the N.S.A.

A month earlier, Microsoft had issued a software patch to defend against the N.S.A. hacking tools — suggesting that the agency tipped the company off to what was coming. Microsoft regularly credits those who point out vulnerabilities in its products, but in this case the company made no mention of the tipster. Later, when the WannaCry attack hit hundreds of thousands of Microsoft customers, Microsoft’s president, Brad Smith, slammed the government in a blog post for hoarding and stockpiling security vulnerabilities.

For his part, Mr. Ben-Oni said he had rolled out Microsoft’s patches as soon as they became available, but attackers still managed to get in through the IDT contractor’s home modem.

Six years ago, Mr. Ben-Oni had a chance meeting with an N.S.A. employee at a conference and asked him how to defend against modern-day cyberthreats. The N.S.A. employee advised him to “run three of everything”: three firewalls, three antivirus solutions, three intrusion detection systems. And so he did.

But in this case, modern-day detection systems created by Cylance, McAfee and Microsoft and patching systems by Tanium did not catch the attack on IDT. Nor did any of the 128 publicly available threat intelligence feeds that IDT subscribes to. Even the 10 threat intelligence feeds that his organization spends a half-million dollars on annually for urgent information failed to report it. He has since threatened to return their products.

“Our industry likes to work on known problems,” Mr. Ben-Oni said. “This is an unknown problem. We’re not ready for this.”

No one he has spoken to knows whether they have been hit, but just this month, restaurants across the United States reported being hit with similar attacks that were undetected by antivirus systems. There are now YouTube videos showing criminals how to attack systems using the very same N.S.A. tools used against IDT, and Metasploit, an automated hacking tool, now allows anyone to carry out these attacks with the click of a button.

Worse still, Mr. Ben-Oni said, “No one is running point on this.”

Last month, he personally briefed the F.B.I. analyst in charge of investigating the WannaCry attack. He was told that the agency had been specifically tasked with WannaCry, and that even though the attack on his company was more invasive and sophisticated, it was still technically something else, and therefore the F.B.I. could not take on his case.

The F.B.I. did not respond to requests for comment.

So Mr. Ben-Oni has largely pursued the case himself. His team at IDT was able to trace part of the attack to a personal Android phone in Russia and has been feeding its findings to Europol, the European law enforcement agency based in The Hague.

The chances that IDT was the only victim of this attack are slim. Sean Dillon, a senior analyst at RiskSense, a New Mexico security company, was among the first security researchers to scan the internet for the N.S.A.’s DoublePulsar tool. He found tens of thousands of host computers are infected with the tool, which attackers can use at will.

“Once DoublePulsar is on the machine, there’s nothing stopping anyone else from coming along and using the back door,” Mr. Dillon said.

More distressing, Mr. Dillon tested all the major antivirus products against the DoublePulsar infection and a demoralizing 99 percent failed to detect it.

“We’ve seen the same computers infected with DoublePulsar for two months and there is no telling how much malware is on those systems,” Mr. Dillon said. “Right now we have no idea what’s gotten into these organizations.”

In the worst case, Mr. Dillon said, attackers could use those back doors to unleash destructive malware into critical infrastructure, tying up rail systems, shutting down hospitals or even paralyzing electrical utilities.

Could that attack be coming? The Shadow Brokers resurfaced last month, promising a fresh load of N.S.A. attack tools, even offering to supply them for monthly paying subscribers — like a wine-of-the-month club for cyberweapon enthusiasts.

In a hint that the industry is taking the group’s threats seriously, Microsoft issued a new set of patches to defend against such attacks. The company noted in an ominously worded message that the patches were critical, citing an “elevated risk for destructive cyberattacks.”

Mr. Ben-Oni is convinced that IDT is not the only victim, and that these tools can and will be used to do far worse.

“I look at this as a life-or-death situation,” he said. “Today it’s us, but tomorrow it might be someone else.”