Category Archives: Department of Homeland Security

U.S. 133 Cyber Teams Under Construction

Posted on by

Is this a change and an approval by Obama from 2012? (Note this is only a defensive strategy)

Presidential Cyberwar Authority

 

In October 2012, President Obama signed the top-secret Presidential Policy Directive 20, which enabled the military to aggressively initiate and thwart cyber­attacks related our nation’s security. While most of the cyber attack targets are network systems or infrastructure-based, an elite Psychological Operations (PsyOps) team has focused its efforts on secretly defacing the public websites of our adversaries. Due to the high visibility and sensitive nature of this activity, only President Obama has the authority to target and launch these types of attacks.

The President authorizes these attacks using the global Cyber Warfare Command and Control System (CWCCS), which is accessible from this web page only from the President’s authorized computer.

****

 

WASHINGTON (AP) — Not long after Defense Secretary Ash Carter prodded his cyber commanders to be more aggressive in the fight against Islamic State, the U.S. ramped up its offensive cyberattacks on the militant group.

According to several U.S. officials, the attacks are targeting the group’s abilities to use social media and the Internet to recruit fighters and inspire followers, U.S. officials told The Associated Press.

U.S. officials confirmed that operations launched out of Fort Meade, Maryland, where the U.S. Cyber Command is based, have focused on disrupting the group’s online activities. The officials said the effort is getting underway as operators try a range of attacks to see what works and what doesn’t. They declined to discuss details, other than to say that the attacks include efforts to prevent the group from distributing propaganda, videos or other types of recruiting and messaging on social media sites such as Twitter, and across the Internet in general.

Other attacks could include attempts to stop insurgents from conducting financial or logistical transactions online.

The surge of computer-based military operations by U.S. Cyber Command began shortly after Carter met with commanders at Fort Meade last month.

Several U.S. officials spoke about the cyber campaign on condition of anonymity because they were not authorized to discuss it publicly. Much of the effort is classified.

Carter mentioned the operations briefly Thursday, telling a House Appropriations subcommittee only that Cyber Command is beginning to conduct operations against the Islamic State group. He declined to say more in a public setting.

The more aggressive attacks come after months of pressure from Carter, who has been frustrated with the belief that the Pentagon — and particularly Cyber Command — was losing the war in the cyber domain.

Late last year Carter told cyber commanders they had 30 days to bring him options for how the military could use its cyberwarfare capabilities against the group’s deadly insurgency across Iraq and Syria, and spreading to Libya and Afghanistan. Officials said he told commanders that beefing up cyberwarfare against the Islamic State group was a test for them, and that they should have both the capability and the will to wage the online war.

 

But the military cyber fight is limited by concerns within the intelligence agencies that blocking the group’s Internet access could hurt intelligence gathering.

Officials said Carter told commanders that he the U.S. to be able to impact Islamic State operations without diminishing the indications or warnings U.S. intelligence officers can glean about what the group is doing. On Jan. 27, Carter and Marine Gen. Joseph Dunford, chairman of the Joint Chiefs of Staff, went to Fort Meade for an update.

Officials familiar with Carter’s meetings said the secretary was frustrated that as Cyber Command has grown and developed over the past several years, it was still focused on the cyberthreats from nations, such as Iran, Russia and China, rather than building a force to block the communications and propaganda campaigns of Internet-savvy insurgents.

 

“He was right to say they could be more forward leaning about what they could possibly do against ISIS,” said James Lewis, a cybersecurity expert at the Center for Strategic and International Studies. “You could disrupt their support networks, their business networks, their propaganda and recruitment networks.” However, Lewis added, the U.S. needs to be careful about disrupting the Internet to insure that attacks don’t also affect civilian networks or systems needed for critical infrastructure and other public necessities. U.S. officials have long been stymied by militants’ ability to use the Internet as a vehicle for inspiring so-called lone wolf attackers in Western nations, radicalized after reading propaganda easily available online.

“Why should they be able to communicate? Why should they be using the Internet?” Carter said during testimony before the defense appropriations subcommittee. “The Internet shouldn’t be used for that purpose.” He added that the U.S. can conduct cyber operations under the legal authorities associated with the ongoing war against the Islamic State group. The U.S. has also struggled to defeat high-tech encryption techniques used by Islamic State and other groups to communicate. Experts have been working to find ways to defeat those programs.

Cyber Command is relatively new. Created in 2009, it did not begin operating until October 2010.

Early on, its key focus was on defending military networks, which are probed and attacked millions of times a day. But defense leaders also argued at length over the emerging issues surrounding cyberwarfare and how it should be incorporated.

 

The Pentagon is building 133 cyber teams by 2018, including 27 that are designed for combat and will work with regional commands to support warfighting operations. There will be 68 teams assigned to defend Defense Department networks and systems, 13 that would respond to major cyberattacks against the U.S. and 25 support teams.

Undocumented Teachers in Your Child’s Classroom

Posted on by

So, no U.S. citizens with teaching certificates? Perhaps the mission is to lower payroll costs and meet quotas? Or join unions and teach selected history…

Is there a state left that can define what citizenship is? Is there a state that is protecting ‘the pursuit of happiness’? Apparently teaching, a noble profession, or at least used to be is no longer noble.

For reference, Tashfeen Malik, the female San Bernardino killer could have been a teacher in your child’s classroom, she came into the United States under false documents…no documents? What is the difference?

NY to let undocumented workers become teachers

ALBANY — Undocumented immigrants in New York will be able to apply for teacher certifications and professional licenses, according to the state Board of Regents.

The board that oversees education policies in New York voted Wednesday to allow people who can’t get legal residency because of their parents’ immigration status to seek teacher certifications. They also will be able to apply for a license from among the 53 professions overseen by the state Education Department, including a variety of medical professions.

“These are young people who came to the U.S. as children,” state Education Commissioner MaryEllen Elia said in a statement. “They are American in every way but immigration status. They’ve done everything right.  They’ve worked hard in school, some have even served in the military, but when it’s time to apply for a license, they’re told ‘Stop. That’s far enough.’ We shouldn’t close the door on their dreams.”

The Board of Regents pointed to a June 2012 policy by the Obama administration called the Deferred Action for Childhood Arrivals that allows individuals who came to the U.S. as children and meet certain guidelines to request consideration of “deferred immigration action” for two years that can be renewed.

The federal policy, the board said, applies to young people who usually get their immigration status from their parents, many of whom are undocumented.

“As a result, most of these individuals have no current mechanism to obtain legal residency, even if they have lived most of their lives in the U.S.” the Board of Regents said in a statement.

But people in the system are prohibited from obtaining teaching certification and licenses in certain professions, the board said, including pharmacy, dentistry and engineering.

The regulation by the Board of Regents will be finalized after a public-comment period.

Sen. Terrence Murphy, R-Yorktown, Westchester County, ripped the policy.

“Allowing lawbreakers to teach, or practice medicine, says a lot about how backwards our priorities truly are in New York,” Murphy said in a statement. “This is another example of why rule-making by unelected bureaucrats is what is ruining New York state. Will they next unilaterally enact free college tuition for illegal immigrants?”

He said New York doesn’t allow a military spouse with an equivalent license in another state to teach in New York, so “Elia should be focusing on reciprocity and interstate licensure for those who have earned it, instead of doing further harm to our already broken immigration system and rewarding lawbreakers.”

Gov. Andrew Cuomo said he has yet to review the new education policy to determine its legality.

“It depends on how they write the policy, as to whether or not it’s legal and constitutional, and I haven’t seen anything,” Cuomo said when asked about the policy by reporters Thursday in Albany.

Democratic lawmakers praised the action. Democrats have been pushing for the Dream Act in New York, which would allow immigrants in the country illegally to access state financial aid for college. Republicans have opposed the measure.

“This is a tremendous win for New York’s students,” Assembly Speaker Carl Heastie, D-Bronx, said in a statement. “The Assembly majority has always led the charge to expand opportunities for every student, and we have championed issues like the DREAM Act and greater investment in higher education to show our commitment to all of the families who have made New York their home.”

 

216heppcd1

DHS: 12 Years, $180 Million, Not Close to Complete

Posted on by

Same personnel as those that did the Obamacare website? Is there a single agency that works?

DHS excoriated for mismanaged HR IT system

An ambitious program begun by the Department of Homeland Security in 2003 to consolidate all of its component agencies’ HR systems, from payroll to timesheets and beyond, isn’t near completion after more than 12 years of work. Many in Congress are not pleased.

A Government Accountability Office study on the DHS HRIT investment released for a Feb. 25 House Homeland Security Oversight and Management Efficiency subcommittee hearing said 400 of the agency’s human capital systems that were to have been consolidated under the program are unaccounted for.  The program has cost millions, GAO found, but DHS did not keep track of exact costs.

Carol Cha, GAO’s director of IT acquisition management issues, testified at the hearing that the HRIT has been on her agency’s list of high-risk IT projects for some time.

“That’s breathtaking,” said subcommittee Chairman Scott Perry (R-Pa.). More than a dozen years and $180 million later, he said, DHS is “no closer” to completing the project than it was in 2003.  The exact cost to date, said Perry,  because of the inadequate record-keeping.

“This is a poster child of inept management,” he said, declaring the lack of cost tracking “reprehensible, unacceptable.”

DHS, Rep. Bonnie Watson Coleman (D-N.J) said, “has shown a tremendous lack of commitment” to the project.

Later in the hearing, Perry’s irritation with DHS’ handling of the sprawling project flared again and again. “For the love of God Mr. Fulghum, [the money] has been pissed away,” he snarled at Chip Fulghum, DHS’ deputy undersecretary for management.

Fulghum was in the hot seat to defend the agency’s work on the project. “We don’t care if it’s hard to do,” Perry said, later adding, “you’re the heavies, get it done.”

 

Although Fulghum said DHS agreed with the GAO’s 14 recommendations to address HRIT’s poor progress and ineffective management, he pointed to the agency’s work on the consolidated performance management and learning system called PALMS as evidence that DHS can execute on enterprise-wide IT consolidation. He said the agency’s component agencies are close to signing off on PALMS’ use.

Fulghum also said DHS is working aggressively to strengthen the program’s oversight and direction. He said the agency had also appointed Angela Bailey as chief human capital officer a few months ago to coordinate the project.

Bailey, who also testified at the hearing, assured the panel that her agency has stepped up oversight meetings with an executive review councils and boards to spur progress. “Clearly we have work to do,” she said.

Amid the admonitions from the congressional panel, Rep. Cedric Richmond (D-La.) threw something of a life preserver to Fulghum in the middle of the hearing, asking the DHS executive if the agency has considered shared services to handle some of the HR functions that HRIT would do.

Richmond noted that the Agriculture Department’s National Finance Center provides payroll and other financial management services, as well as human resources management services. “At the end of the day, we just want things to work,” said Richmond, whose Louisiana district is home to the NFC. “You should talk to the director of the National Finance Center. They say they can solve the problem.”

Fulghum said he supported shared services and that “we’re absolutely interested” in exploring such opportunities.

At the end of the hearing, Flughum pledged to spur progress on the program in the coming months. He said the oversight panel would receive a concrete plan by early May that contains hard deadlines and a blueprint for moving ahead.

CENTCOM Probe Includes Deleted Files

Posted on by

House chairman: Military files, emails deleted amid probe

WASHINGTON (AP)— Personnel at U.S. Central Command have deleted files and emails amid allegations that intelligence assessments were altered to exaggerate progress against Islamic State militants, the chairman of the House Intelligence Committee said Thursday.

“We have been made aware that both files and emails have been deleted by personnel at CENTCOM and we expect that the Department of Defense will provide these and all other relevant documents to the committee,” Rep. Devin Nunes said at a hearing on worldwide threats facing the United States. Central Command oversees U.S. military activities in the Middle East.

A whistleblower whose position was not disclosed told the committee that material was deleted, according to a committee staff member who spoke on condition of anonymity because he was not authorized to publicly disclose the information.

Navy Cmdr. Kyle Raines, a spokesman for CENTCOM, said the combatant command was fully cooperating with the Defense Department inspector general’s probe into the allegations.

“While it would be inappropriate to discuss the details of that investigation, I can tell you that as a matter of CENTCOM policy, all senior leader emails are kept in storage for record-keeping purposes, so such records cannot be deleted,” Raines said. It’s unclear if emails written by lower-level staff were also maintained.

Nunes, R-Calif., also said the Office of the Director of National Intelligence briefed the committee on a survey indicating that more than 40 percent of Central Command analysts believe there are problems with the integrity of the intelligence analyses and process.

“To me, it seems like 40 percent of analysts who are concerned at CENTCOM — that’s just something that can’t be ignored,” Nunes said.

A senior intelligence official said that each year the DNI conducts a survey at all 17 U.S. intelligence agencies to gain feedback on the integrity, standards and objectivity of the process used to analyze intelligence. In the most recent survey, conducted between August and October of last year, approximately 120 employees from CENTCOM responded to the survey. The official spoke on condition of anonymity to disclose details of the internal survey.

A report on the survey issued in December 2015 indicated that 40 percent of those who responded at CENTCOM answered “yes” to the question: “During the past year, do you believe that anyone attempted to distort or suppress analysis on which you were working in the face of persuasive evidence?”

Asked whether he considered 40 percent an unusually high number, Lt. Gen. Vincent Stewart, director of the Defense Intelligence Agency, told the committee that he did.

Stewart said that while it would be favorable for all to “get closure on exactly the extent of this allegation,” he cannot control the pace of the watchdog’s investigation. He said that while the investigation proceeds, intelligence officials continue to look into ways to improve the process of producing the assessments, and he noted that the DIA’s ombudsman had looked into a particular incident.

The New York Times, which first disclosed the investigation, reported that the probe began after at least one civilian DIA analyst told authorities he had evidence that officials at Central Command were improperly reworking conclusions of assessments prepared for President Barack Obama and other top policymakers.

*** So this begs the question, what is the truth today on Islamic State, on Russia, Syria, North Korea, China, Iran or the thousands of terror groups? What is the final product including today with briefings? What does the media receive other than filtered reports? Who really DID order this suppression of intelligence data? Who is going to be the fall person? What was shared with foreign intelligence through normal daily collaboration?

The Wilful Reckless Handling of Classified Docs in DHS too?

Posted on by

Okay, so we have had the issue at the U.S. State Department and now the Department of Homeland Security, so it begs the question, what other agencies? Further, Iran, Russia, China and North Korea are likely loving this.

Security? Heh….

Homeland Security Is Spilling a Lot of Secrets

By

Bloomberg: The Department of Homeland Security suffered over 100 “spills” of classified information last year, 40 percent of which came from one office, according to a leaked internal document I obtained. Officials and lawmakers told me that until the Department imposes stricter policies and sounder practices to better protect sensitive intelligence, the vulnerabilities there could be exploited. Not only does this raise the threat that hostile actors could get their hands on classified information, but may lead to other U.S. agencies keeping DHS out of the loop on major security issues.

A spill is not the same as an unauthorized disclosure of classified information. A Homeland Security official explained that spills often include “the accidental, inadvertent, or intentional introduction of classified information into an unclassified information technology system, or higher-level classified information into a lower-level classified information technology system, to include non-government systems.”

Examples include: using a copier not approved for the level of classified information copied; failing to properly mark a classified product; transmitting classified information on an unclassified system like Gmail; or sending classified information to someone who, while having the proper level of clearance, is not authorized to read a section of information sent to them, the official said.

There were 119 of these classified spills reported throughout the Homeland Security Department in fiscal year 2015, according to the internal document, which itself is unclassified. The section with the most spills by far was the Office of Intelligence and Analysis, headquartered at building 19 of the Nebraska Avenue Complex in Washington, led by retired General Francis Taylor. This office is composed mostly of intelligence analysts assigned to produce and review classified reports that are often the work of other intelligence agencies, including the Central Intelligence Agency and the Office of the Director of National Intelligence.

One senior Homeland Security official told me that the intelligence and analysis office at DHS suffers from lax enforcement of the established policies and practices to protect classified information. This official said the numbers of classified spills in the internal report only represents those incidents that were officially reported, and the actual number is much higher.

S.Y. Lee, a department spokesman, told me that DHS does not comment on reports of leaked information, but that the department is currently having mandatory employee training sessions on the handling of classified and sensitive information.

“We take any report of mishandling of information very seriously, and when violations are discovered, the Department takes immediate, appropriate actions to address the situation,” he said. “DHS takes the protection of all our assets very seriously, and will continue to evolve our training and remediation efforts to address security needs and accountability to the American public.”

Experts on government secrecy and classified information handling told me that the number of spills alone does not directly prove that there is a larger cultural or policy problem at DHS. But there is a history of carelessness with e-mail at the department, and this new finding combined with anecdotal reports of bad practices indicate that there should be more investigation the intelligence and analysis division in particular.

“At a minimum, this raises a question about what’s going on at this corner of the agency,” said Steven Aftergood, director of the program on government secretary at the Federation of American Scientists. “If it is happening disproportionally in one part of the agency, that may mean that remedial measures are needed there, including security training, better oversight and similar steps.”

Spillages are a normal part of the classification system at the DHS and elsewhere, and there are formal procedures for addressing them because it’s understood that you cannot eliminate human error, he said. But if one intelligence shop is mishandling information from another part of the government, that could cause real problems in the interagency cooperation and intelligence-sharing.

“If they have a reputation as a shop with unreliable security, other agencies are going to think twice about sharing their most valuable information with Homeland Security,” Aftergood said. “It can hurt other agencies and it can rebound on them. It’s bad all around and should be corrected.”

Johannes B. Ullrich, dean of research for the SANS Technology Institute, said that it’s probable most of the classified spills were unintentional and the result of sloppiness more than anything else. But lax enforcement of policies meant to protect sensitive information also presents an opportunity for exploitation by malicious actors.

“If it’s accepted practice that you print documents and scan them in, for example, then it’s much easier for an insider to take advantage of that,” he said. “By reducing the unintentional spillage you make it easier to find the intentional ones.”

The House Homeland Security Committee is currently pushing DHS to implement new systems for monitoring employees who handle classified information. Last November, the House passed the DHS Insider Threat and Mitigation Act, which was sponsored by Representative Peter King, chairman of the Homeland Security Committee’s subcommittee on counterterrorism and intelligence. The bill would require Taylor, among other things, to develop a timeline for deploying workplace monitoring technologies, employee awareness campaigns, and education and training programs related to potential insider threats to the department’s critical assets. The Senate Homeland Security Committee marked up a companion bill earlier this month.

“In recent years, the department has made progress installing limited monitoring technology, but much more needs to be done,” King said in a statement. “Results from the existing systems demonstrate the need for more auditing and education for DHS employees.”

Classified spills are a government-wide problem and there’s no way to know if the incidents at the DHS intelligence shop have been exploited. But unless that office and the government as a whole does a better job of protecting classified information, it’s just a matter of time before real damage is done to U.S. national security