Category Archives: Department of Defense

Govt Report on Prevention of Nationwide Cyber Catastrophe

Posted on by

A good first step for sure, however there needs to be a government-wide decision on cyber attacks being an act of war and how to respond.

***

The Cyberspace Solarium Commission’s proposes a strategy of layered cyber deterrence. Our report consists of over 80 recommendations to implement the strategy. These recommendations are organized into 6 pillars:
  1. Reform the U.S. Government’s Structure and Organization for Cyberspace.
  2. Strengthen Norms and Non-Military Tools.
  3. Promote National Resilience.
  4. Reshape the Cyber Ecosystem.
  5. Operationalize Cybersecurity Collaboration with the Private Sector.
  6. Preserve and Employ the Military Instrument of National Power.

Click here to download the full report.

A much-anticipated government report aimed at defending the nation against cyber threats in the years to come opens with a bleak preview of what could happen if critical systems were brought down.

“The water in the Potomac still has that red tint from where the treatment plants upstream were hacked, their automated systems tricked into flushing out the wrong mix of chemicals,” the Cyberspace Solarium Commission wrote in the opening lines of its report.

“By comparison, the water in the Lincoln Memorial Reflecting Pool has a purple glint to it. They’ve pumped out the floodwaters that covered Washington’s low-lying areas after the region’s reservoirs were hit in a cascade of sensor hacks,” it continues.

So begins the report two years in the making from a congressionally mandated commission made up of lawmakers and top Trump administration officials, pointing to the vulnerabilities involved with critical systems being hooked up to the internet.

The report, which includes more than 75 recommendations for how to prevent the cyber doomsday it spells out, and the commission that made it were both mandated by the 2019 National Defense Authorization Act (NDAA).

The commissioners, who include co-chairmen Sen. Angus King (I-Maine) and Rep. Mike Gallagher (R-Wis.), highlight a range of issues to address, but zero in on election security as “priority.”

“The American people still do not have the assurance that our election systems are secure from foreign manipulation,” King and Gallagher wrote in the report. “If we don’t get election security right, deterrence will fail and future generations will look back with longing and regret on the once powerful American Republic and wonder how we screwed the whole thing up.”

The focus on shoring up election security, and the agreed-upon recommendations for how to do this, sets the report apart from the approach to the subject on Capitol Hill, where it has been a major issue of contention between Republicans and Democrats since Russian interference in the 2016 presidential election.

Beyond election security, the commissioners call for overarching government reform to address cyber vulnerabilities. Chief among these is calling on the White House to issue an updated national strategy to address cyber threats and to establish a national cybersecurity director position to coordinate efforts.

In terms of congressional action, commissioners recommend that Congress create cybersecurity committees in both the House and Senate, establish a Bureau of Cybersecurity Statistics, and establish an assistant secretary position at the State Department to lead international efforts around cybersecurity.

“While cyberspace has transformed the American economy and society, the government has not kept up,” commissioners wrote in calling for reforms.

The commission also zeroed in on “imposing costs” to adversaries who attempt to attack the U.S. online. In order to do so, it recommended that the Department of Defense conduct vulnerability assessments of its weapons systems, including nuclear control systems, and that it make cybersecurity preparedness a necessity.

The Cybersecurity and Infrastructure Security Agency, the Department of Homeland Security’s cyber agency, would be empowered as the “lead agency” at the federal level.

The report’s recommendations were debated on and pinpointed by a group of high-ranking commissioners who also included FBI Director Christopher Wray, Deputy Secretary of Defense David Norquist, Transportation Security Administration Administrator David Pekoske, Sen. Ben Sasse (R-Neb.), and Rep. James Langevin (D-R.I.).

Langevin said in a statement on Wednesday that the report is intended to shore up the nation’s cyber “resiliency for years to come.”

“Our charge in drafting this report was to prevent a cyber event of significant national consequence, and we know that the short- and long-term recommendations we crafted will better position us to realize the promise of the Internet, while avoiding its perils,” Langevin said. “The sooner our recommendations are implemented, the better positioned the country will be to prevent and respond to incidents that can disrupt the American way of life.”

The report’s recommendations may soon have real-world consequences on Capitol Hill.

Rep. John Katko (R-N.Y.), the ranking member on the House Homeland Security Committee’s cyber panel, told The Hill this week that there “definitely will be some legislation” stemming from the report’s recommendations, and that hearings would likely be held.

Katko noted that he had talked with Senate Homeland Security Committee Chairman Ron Johnson (R-Wis.) about the Senate also taking action around the report.

“This report screams of the need for bipartisan action on this, and I hope that we can leave the politics out of it, and I hope we can attack these problems quickly and effectively,” Katko said.

Rep. Cedric Richmond (D-La.), the cyber subcommittee’s chairman, opened a hearing on Wednesday by praising the report’s recommendations and saying he looked forward to working to “codifying” the ideas alongside House Homeland Security Committee Chairman Bennie Thompson (D-Miss.).

Industry groups also reacted positively to the report’s recommendations. Tom Gann, the chief public policy officer of cybersecurity firm McAfee, told The Hill in a statement that he agreed with most of the report’s findings and hoped that they are “acted upon with speed.”

Protect Our Power, a nonprofit with the goal of protecting the electric grid, also praised the report.

“These are compelling recommendations, echoing issues we have highlighted for several years now, and action is long overdue,” Jim Cunningham, executive director of the group, said in a statement. “Without a reliable supply of electricity before, during and following a disabling cyberattack, none of our critical infrastructure can function.”

While there may be legislative action soon – and praise from industry groups – both Gallagher and King emphasized in the report that their main aim was for it to open the eyes of Americans to the dangers posed by cyberattacks on critical systems.

“The status quo is inviting attacks on America every second of every day,” the co-chairmen wrote. “We all want that to stop. So please do us, and your fellow Americans, a favor. Read this report and then demand that your government and the private sector act with speed and agility to secure our cyber future.”

DOD Contractor at Pentagon Charged with Espionage

Posted on by

(WASHINGTON) — A linguist working for the U.S. military who kept a list of secret informants hidden under her mattress was charged with sharing the names with a romantic interest linked to the Lebanese militant group Hezbollah, the Justice Department said Wednesday.

Mariam Taha Thompson, 61, appeared in Washington’s federal court on Wednesday to face charges in an espionage case that investigators said put at risk the lives of American military members and confidential sources and represented a significant breach of classified information.

Traductora del Departamento de Defensa de EE. UU. es ...

The criminal case accuses Thompson, a contract translator, of giving to the unidentified Lebanese man the names of U.S. government sources and the information they provided. That effort, according to the government, accelerated during a six-week period from the end of December, when U.S. airstrikes targeted Iranian-backed forces in Iraq and exacerbated relations between the two countries, through the middle of last month.

Assistant Attorney General John Demers, the Justice Department’s top national security official, called the alleged conduct “a disgrace, especially for someone serving as a contractor with the United States military. This betrayal of country and colleagues will be punished.”

Thompson’s court appearance, on charges that could carry life in prison, was brief and ended with her being detained until a hearing next Wednesday. Her attorney did not return a phone message afterward.

Thompson was arrested last week at the military facility in Erbil, Iraq, where prosecutors say she worked as a contract linguist. The Defense Department said it was aware of the arrest and was cooperating with the investigation.

After the arrest, prosecutors say, Thompson acknowledged that she passed secret information to a man she was romantically interested in, but said she did not know that he had any affiliation with Hezbollah. She instead said she thought he might have been tied to the Amal political party in Lebanon, though she later said she considered the groups to be the same.

“No, I don’t know about Hizbollah. I hate Hizbollah,” Thompson told an agent, according to an affidavit unsealed Wednesday. She described members of the group, which the U.S. has designated as a foreign terrorist organization, as “terrorists” and “like the octopus. They can reach anybody.”

Thompson also told the agent that she passed along classified information by memorizing it, writing it down and transmitting it via the video feature of a secure messaging application on her cellphone. One screenshot of a video chat the FBI says it obtained showed Thompson displaying to the Lebanese man an Arabic note describing the technique an informant had used to collect information, according to the affidavit.

 

 

 

 

 

 

 

 

 

The 12 page affidavit is found here.

Justice Dept Brands Huawei as a Criminal Enterprise

Posted on by

Gotta hope that Europe takes note, especially Britain. Europe so far has approved Huawei as the vendor platform for 5G. Check your use of apps at the Google store and take a second look at your smart devices.

Image result for huawei source

FDD: The U.S. Department of Justice (DOJ) indicted Chinese telecommunications firm Huawei Technologies and its subsidiaries last week for alleged racketeering, theft of intellectual property, and conspiracy to commit bank fraud, among other charges. The indictment portrays Huawei not merely as a company that has broken the law, but as a fundamentally criminal enterprise.

The new charges target Huawei, four of Huawei’s subsidiaries (Huawei Device Co. Ltd., Huawei Device USA Inc., Futurewei Technologies Inc., and Skycom Tech Co. Ltd.), and Huawei’s chief financial officer, Meng Wanzhou, for violating the Racketeer Influenced and Corrupt Organizations (RICO) Act, which Congress passed in 1970 to combat organized crime.

According to the DOJ, the Huawei business model entailed “the deliberate and repeated misappropriation of intellectual property of companies headquartered or with offices in the United States.” DOJ also highlighted other violations, including Huawei’s role in sanctions evasion and fraudulent activities.

Last week’s indictment marks the first time DOJ charged a company with suspect connections to a foreign government as a criminal enterprise. Although Huawei asserts it is not state-owned, the company has indirect ties to the Chinese government and has yet to publically disclose who exactly owns and controls the company. Huawei’s majority shareholder is the company’s labor union, which keeps the details of its membership and governance structure out of the public eye. Last year, Jiang Xisheng, a top executive, explained during a press conference that the labor union’s ownership is simply a matter of legal convenience; this only further obfuscated who is really in charge. Additionally, Huawei’s founder, Ren Zhangfei, served in the Chinese military and is a member of the Chinese Communist Party.

While the indictment does not say that Beijing directed Huawei to operate as a criminal enterprise, China’s National Intelligence Law of 2017 requires Huawei and other private companies to provide the government with their data to “support, assist, and cooperate with state intelligence according to the law.” In short, the law empowers Beijing to exploit Huawei as an intelligence asset whenever it sees fit.

In other high-profile cases, the Chinese government has stolen sensitive U.S. data to achieve a strategic advantage. U.S. officials have even deemed China’s espionage and intelligence activities as a “long-term existential threat to the security of our nation.” In 2012, the head of the U.S. National Security Agency estimated that China’s economic espionage cost U.S. companies $250 billion in annual losses. Additionally, the targeting of strategic industries has allowed Beijing to enhance its own military capabilities at America’s expense.

The exploitation of Huawei could clearly enhance Beijing’s intelligence collecting capabilities. Just last week, the U.S. government reported that for over ten years Huawei secretly maintained “back doors” on its mobile networks that allowed the company – and potentially the Chinese government – to have direct access to their users’ most sensitive data.

The indictment of Huawei as a criminal enterprise shows that the Trump administration was mistaken when it placated Beijing by softening previous penalties for Huawei’s misconduct. If the court finds Huawei guilty under RICO, the administration should ensure the full application of all penalties necessary to end its criminal pursuits.

 

US Unable to Trace $716 Million of Military Gear

Posted on by

It was and still is a nasty conflict in Syria, Iraq and even in Turkey. Islamic State lost their control of land mass but the terror group(s) still operate in various locations.
The Pentagon’s Office of the Inspector General, which was released to the public on Tuesday, shows that most of the CTEF weaponry’s whereabouts cannot be verified. The reason, according to the audit, is that officials with the Special Operations Joint Task Force – Operation Inherent Resolve, failed to maintain detailed lists of all military equipment given to Washington’s allies in Syria between 2017 and 2018. Officials did not have a centralized depository facility for dispensing the equipment, and no documentation was kept during the operation, according to the audit. Consequently, thousands of weapons, weapons parts and other military hardware were exposed to “loss and theft”, says the Pentagon report.

US pulled multiple ways in Syria as Islamic State recedes ... source

In December 2018, the DoD began planning for the safe, professional withdrawal of U.S. personnel from Syria while maintaining its efforts to defeat ISIS. For FY 2020, the DoD budget requested $300 million, including $173.2 million for weapons, ammunitions, vehicles, and other CTEF-S equipment, to ensure the enduring defeat of ISIS. The FY 2020 DoD budget request states that equipping, sustaining, and enabling the VSO is critical to the DoD’s approach. The relationship between U.S. forces and the VSO relies heavily on the DoD’s ability to provide weapons, ammunitions, and equipment. Furthermore, the FY 2020 DoD budget request states that the VSO’s combat effectiveness, movement, and operational tempo are directly linked to U.S. support, including the provision of weapons, ammunition, and equipment.

The CTEF-S program provides equipment designated for Syria to support the VSO. From FY 2017 through FY 2018, Congress authorized a total of $930 million for the CTEF-S program to support the VSO. Of the $930 million, the DoD budget requested $715.8 million for weapons, ammunition, vehicles, or equipment for FYs 2017 and 2018.

Special Operations Joint Task Force–Operation Inherent Resolve (SOJTF-OIR), under Combined Joint Task Force–OIR (CJTF-OIR), is the primary accompany force in Syria that advises and assists the VSO. According to SOJTF-OIR personnel, SOJTF-OIR also manages the day-to-day operations of the CTEF-S program. Specifically, SOJTF-OIR personnel identify program requirements—including the VSO’s needs for CTEF-S equipment and weapons— coordinate with acquisition agencies, manage equipment distribution, and monitor divestment tracking and reporting for CTEF-S equipment, such as weapons, ammunition, or vehicles.

Personnel from 1st Theater Sustainment Command (1st TSC), under U.S. Army Central, told us that 1st TSC personnel account for and store CTEF-S equipment in Kuwait, accept the equipment once it arrives in Kuwait, then transport the equipment to the Building Partners Capacity (BPC) Kuwait warehouse. According to 1st TSC personnel, 1st TSC maintain a detailed inventory of all CTEF-S equipment at the BPC Kuwait warehouse and coordinate the movement of all CTEF-S equipment from the BPC Kuwait warehouse to storage sites closer to Syria. Personnel from 1st TSC indicated that CTEF-S equipment remains in U.S. Government possession while stored at the BPC Kuwait warehouse and storage sites closer to Syria. According to SOJTF-OIR personnel, Coalition units located throughout Syria work closely with the VSO to identify their current and future operational needs, such as weapons and vehicles. The VSO consists of DoD-approved Syrian opposition personnel who are dedicated to fighting ISIS throughout Syria. SOJTF-OIR personnel stated that Coalition units select, investigate, train, and equip these local Syrian forces to defeat ISIS. In addition, SOJTF-OIR personnel stated that Coalition units receive the CTEF-S equipment from the BPC Kuwait warehouse and divest CTEF-S equipment to the VSO. Once divested, ownership and accountability of CTEF-S equipment is transferred from the DoD to the VSO.

Finding

SOJTF-OIR personnel did not account for the budgeted $715.8 million of CTEF-S equipment for FYs 2017 and 2018 from procurement through divestment in accordance with DoD Instruction 5000.64 and Army Regulation 735-5. For example, SOJTF-OIR personnel did not maintain comprehensive lists of all equipment purchased and received. This occurred because SOJTF-OIR personnel allowed multiple entities involved with CTEF-S equipment to store records in numerous locations instead of designating a central repository for all supporting accountability documentation.

1st TSC personnel did not properly store or secure CTEF-S equipment at the BPC Kuwait warehouse in accordance with DoD guidance, Army regulations, or SOJTF-OIR standard operating procedures. For example, 1st TSC personnel stored weapons outside in metal shipping containers, exposing the equipment to harsh environmental elements, such as heat and humidity. This occurred because SOJTF-OIR personnel did not divest or dispose of CTEF-S equipment, which led to overcrowding at the BPC Kuwait warehouse. In addition, according to 1st TSC’s inventory records, 1st TSC personnel stored 4,144 Category II weapons (sensitive weapons), such as machine guns and grenade launchers, outside in metal shipping containers and not in a facility that met the requirement for storing Category II weapons.

For FY 2020, the DoD budget requested $173.2 million for weapons, ammunitions, vehicles, and other CTEF-S equipment. Without accurate accountability records, such as inventory records and hand receipts, SOJTF-OIR personnel could order equipment that SOJTF-OIR already has in stock, risking unnecessary spending of CTEF-S funds and further overcrowding the BPC Kuwait warehouse resulting in equipment being stored outside.

Furthermore, SOJTF-OIR and 1st TSC personnel left thousands of CTEF-S weapons and sensitive equipment items vulnerable to loss or theft. Without conducting consistent inventories and ensuring proper security for CTEF-S equipment, 1st TSC could not determine whether items were lost or stolen which could delay the initiation of an investigation.

Recommendations

We recommend that the Commander of SOJTF-OIR develop a central repository system for all documentation required to support CTEF-S equipment requested on the memorandum of requirement through the entire divestment process.

We recommend that the Commander of SOJTF-OIR develop guidance for the proper disposal of CTEF-S equipment stored at the BPC Kuwait warehouse that has been declared unserviceable.

Additionally, we recommend that the Commander of 1st TSC complete a physical security inspection periodically, but no less than every 18 months, and ensure corrective action is taken to fix new and existing security issues identified.

Management Comments and Our Response

During the audit, we advised SOJTF-OIR and 1st TSC of the deficiencies within the CTEF-S program for the accountability and security of CTEF-S equipment. SOJTF-OIR and 1st TSC personnel agreed with our findings and immediately initiated corrective actions. SOJTF-OIR personnel stated that SOJTF-OIR created a shared drive portal for all documentation for CTEF-S equipment from procurement through divestment, including memorandums of requirement, purchase orders, equipment received, inventories completed, hand receipts, transfers, and divestment packages. 1st TSC has already started providing its hand receipts and completed inventory documents to SOJTF-OIR for inclusion in the shared drive. As of January 2020, SOJTF-OIR is using this shared drive portal to store documentation for CTEF-S equipment, such as inventories, lateral transfers, and hand receipts. The actions taken addressed the specifics of Recommendation 1 to establish a central repository for all documentation required to support CTEF-S equipment requested on the memorandum of requirement through the entire divestment process; therefore, Recommendation 1 is closed.

On May 31, 2019, U.S. Central Command developed and began implementing a disposal plan for unserviceable equipment purchased for the VSO, including items stored at the BPC Kuwait warehouse. CJTF-OIR personnel stated that this plan will reduce the amount of CTEF-S equipment currently stored at the BPC Kuwait warehouse, and equipment will no longer need to be stored outside the warehouse exposed to the harsh elements. Furthermore, in November 2019, CJTF-OIR personnel confirmed that disposition guidance for unserviceable CTEF-S equipment was received from U.S. Central Command and that unserviceable CTEF-S equipment will be provided to the Defense Logistics Agency or disposed. The actions taken addressed the specifics of Recommendation 2 to develop guidance for the disposal of unserviceable equipment; therefore, Recommendation 2 is closed.

During our February 2019 followup site visit, the audit team verified that 1st TSC personnel had started taking corrective actions to address the security deficiencies on the issues the audit team identified during the initial site visit. The actions taken addressed the specifics of Recommendation 3 to complete a security inspection and address security issues; therefore, Recommendation 3 is closed.

This report is a result of Project No. D2019-D000RJ-0031.000

The World/Media Ignores Frozen to Death Syrian Children

Posted on by

Anyone remember the war in Syria? Anyone? Does anyone report the humanitarian crisis in Aleppo and Idlib where bombing continues on schools and hospitals by Russia?
Anyone?
Turkey hold several Syrian refugee camps and since December yet another 1.0 Syrians have fled on foot or by riding on the back of flatbed trucks towards the Turkey/Syria border which is essentially closed.
Remember the refugee crisis a few years ago of millions flowing into Europe? It is about to happen again, Turkey and Jordan cant handle the current refugees much less another million. Are they just to die? This atrocity all belongs to Putin and Assad and Iranian militias.

Since Dec. 1, some 900,000 people have been uprooted by violence in Syria, according to the United Nations. Now, new satellite images give a sense of scale to that crisis.

Syrian troops and the Russian air force are attempting to retake the northwest province of Idlib, the last rebel-held province in Syria’s ongoing civil war. NPR’s Deb Amos reports the offensive has killed over a thousand civilians. Many others have sought shelter near the Turkish border, the U.N. says.

Photos collected by a commercial satellite company show the refugee camps that have popped up in and around three Syrian towns near the border.

The U.N. says the majority of those who have been displaced are women and children.

“They are traumatized and forced to sleep outside in freezing temperatures because camps are full,” U.N. Under-Secretary-General for Humanitarian Affairs Mark Lowcock said Monday. “Mothers burn plastic to keep children warm. Babies and small children are dying because of the cold.”

Turkey has taken in about 3.5 million refugees. But the country says it’s at its limits.

The U.N.’s Lowcock is urging a cease-fire, saying it would be the only way to avert “the biggest humanitarian horror story of the 21st Century.” Satellite images found here.

***

A father clutching his sick daughter says they’ve been on the road for two days trying to reach safety. Where is that? He points ahead. “The camp,” he says, before rushing off.
Once independent from each other, the camps along the border with Turkey have sprawled into a massive city of semi-permanent structures. More than one million people, displaced from nine years of fighting, already live in the ever-expanding camps, which provide some semblance of security even as the freezing temperatures take their toll.
Sitting in the corner of the family’s tent, Samiya recalls the night when temperatures dipped below freezing as the last of their fuel ran out. Her seven-month-old baby, Abdulwahab, was warm when she changed his diaper and fed him that evening before putting him to sleep for the night.
Just after dawn, she woke up to the screams of her older kids. Abdulwahab’s little body was as cold and gray as the cement their tent sits on.
“I touched him and he was icy,” Samiya said. The family doesn’t own a phone, so there are no photos of Abdulwahab alive. They rushed the boy to the closest doctor, who told them he died of the cold, according to Samiya.
“It’s a hard thing, for a mother to wake up and find her son dead … I wouldn’t wish it on anyone,” she said. “I thought the children would be safe here.”

Conflict rumbles on

A short drive away, in a muddy makeshift camp near Sarmada, the conditions are miserable but a cheer goes up as people point to the sky and yell: “Regime aircraft down!”
In the distance there is an orange ball of fire falling through the sky, leaving a trail of black smoke as people look on, mesmerized.
It’s one Syrian government helicopter out of five that were in the air, and it’s been shot down by opposition fighters, according to activists from the area.
But it’s a small victory. Syrian government forces have captured most of the M5 highway that runs through the opposition-held area, which has shrunk to nearly half the size it was in 2018, when Turkey brokered a deal to set up military outposts to observe a ceasefire.
Back then it was called a de-escalation zone, but now schools and mosques have been converted into shelters, and families cram into tents as more relatives arrive. The physical claustrophobia is palpable, but it’s also psychological. More.
Once independent from each other, the camps along the border with Turkey have sprawled into a massive city of semi-permanent structures.