Russian Cyber Attacks on America

Russian cybersecurity intelligence targets critical U.S. infrastructure

By Bill Gertz

U.S. intelligence agencies recently identified a Russian cybersecurity firm, which has expertise in testing the network vulnerabilities of the electrical grid, financial markets and other critical infrastructure, as having close ties to Moscow’s Federal Security Service, the civilian intelligence service.

The relationship between the company and the FSB, as the spy agency is known, has heightened fears among U.S. cyberintelligence officials that Moscow is stepping up covert efforts to infiltrate computer networks that control critical U.S. infrastructure such as oil and gas pipelines and transportation.

The effort appears to be part of FSB and Russian military cyberwarfare reconnaissance targeting, something the Pentagon calls preparation of the battlefield for future cyberattacks. The Russian company is taking steps to open a U.S. branch office as part of the intelligence-gathering, said officials familiar with reports of the effort who spoke on background.

Officials familiar with reports about the company did not identify it by name. However, security officials are quietly alerting government security officials and industry cybersecurity chiefs about the Russian firm and its covert plans for operations in the United States.

The Russian firm is said to have extensive technical experience in security vulnerabilities of supervisory control and data acquisition systems that are used to remotely control critical infrastructure.

These systems are employed by both government and private-sector system controllers for equipment running water treatment and distribution, wastewater collection and treatment, oil and gas pipelines, electrical power grids, wind farms and large communication systems.
In September, Director of National Intelligence James R. Clapper told Congress that Russian hackers have penetrated U.S. industrial control networks operating critical infrastructure. The objective of the hackers is to develop the capability to remotely access the control systems that “might be quickly exploited for disruption if an adversary’s intent became hostile,” Mr. Clapper said.

“Unknown Russian actors successfully compromised the product-supply chains of at least three [industrial control system] vendors so that customers downloaded malicious software designed to facilitate exploitation directly from the vendors’ websites along with legitimate software updates,” Mr. Clapper stated in Sept. 10 testimony to the House Permanent Select Committee on Intelligence.

Russian hackers also were linked to cyberpenetrations of U.S. industrial control networks used for water and energy systems in 2014.

The Russian connection was identified through the use of malware called BlackEnergy that has been linked to Russian government cyberoperations dubbed Sandworm by security researchers.

Mr. Clapper also testified that the Russian Defense Ministry has created a military cybercommand for offensive attacks. Additionally, the Russian military is setting up a specialized branch for computer network attacks.
RUSSIAN GENERAL ISSUES THREAT

Gen. Valery Gerasimov, chief of the General Staff of the Armed Forces of Russia, told foreign military attaches in Moscow on Monday that increased military activities by NATO and the development of global missile defenses were “creating a threat of new conflicts and escalation of existent conflicts,” the official Interfax news agency reported.

“The NATO military policy unfriendly towards Russia is a source of concern,” Gen. Gerasimov said. “The alliance continues to expand its military presence and is stepping up the activity of the bloc’s armed forces along the perimeter of borders of the Russian Federation.”

Because of the deployment of a global missile defense network and the development of new means of armed struggle, including hypersonic weapons, “the problem of upsetting the existent strategic balance of force has been growing,” said the general, referring to high-speed strike weapons.
The Pentagon is developing a conventional rapid-attack capability called “prompt global strike,” which can target any spot on Earth in 30 minutes.

Russia has stepped up nuclear threats against the United States and NATO in response to deployment of missile defenses in Europe.

In recent months, Russian President Vladimir Putin has issued an unprecedented number of threats to use nuclear weapons, most notably after the Russian military annexation of Ukraine’s Crimea last year. On Dec. 11, Mr. Putin said he hoped nuclear weapons would not be needed during operations in Syria.

“Particular attention must be paid to the consolidation of the combat potential of the strategic nuclear forces and the execution of space-based defense programs,” Mr. Putin was quoted as saying at the meeting with his defense chiefs. “We need, as our plans specify, to equip all components of the nuclear triad with new arms.”

Lt. Gen. Ben Hodges, commander of U.S. Army forces in Europe, told reporters last week that Russian nuclear threats are troubling in the current security environment.

“The way that senior Russian officials have talked about Denmark as a nuclear target, Sweden as a nuclear target, Romania as a nuclear target, sort of an irresponsible use of the nuclear word, if you will, you can understand why our allies on the eastern flank of NATO — particularly in the Baltic region — are nervous, are uneasy,” Gen. Hodges said.

Additionally, the Russian military has conducted “large snap exercises without announcement,” which also has increased fears of a Moscow threat, he said.

***

Since the FSB (KGB) company is un-named could it be: (RecordedFuture)

What is SORM?

Russia’s SORM (Система Оперативно-Розыскных Мероприятий, literally “System for Operative Investigative Activities”) is a lawful intercept system operated by the Federal Security Service (or FSB – the Russian successor to the KGB).

Russia SORM Timeline

SORM came to light recently during the Sochi Olympic Games where reports claimed that “all communications” were monitored. SORM differs from the US lawful intercept system, as once the FSB receives approval for access to a target’s communications they are able to unilaterally tap into the system without provider awareness.

Further, SORM is also lawfully used to target opposition parties within Russia. According to the World Policy Institute, on November 12, 2012, Russia’s Supreme Court upheld the right of authorities to eavesdrop on the opposition.

  • SORM-1 intercepts telephone traffic (including both landline (analog) and mobile networks).
  • SORM-2 targets internet traffic (including VoIP calls).
  • SORM-3 has the ability to target all forms of communication providing long-term storage of all information and data on subscribers, including actual recordings and locations.

Former Soviet States (Kazakhstan, Belarus, Uzbekistan and Ukraine) have installed SORM-standard equipment. According to research by Wired Magazine, Ukraine’s SORM is more advanced as the SBU (Ukraine’s Security Service) has the ability to interrupt a target’s communications.

In April 2011, Iskratel – which provides Ukraine’s sole telephone company Ukrtelekom with broadband equipment – announced its SORM device was tested successfully under the new requirements and had been approved by the SBU.

Analyzing SORM manufacturers within Recorded Future identified equipment suppliers including Juniper Networks (US), Cisco Systems (US), Huawei (China) and Alcatel-Lucent (France).

 

102,000 Syrian Refugees on Elm Street, USA

ISIS seeks many small attacks, crowdsources terrorism – FBI director

Addressing the NYPD Shield conference in New York City on Wednesday, Comey compared the Islamic State (IS, formerly ISIS/ISIL) to a hydra, a mythic monster that grew two new heads for every one that was cut off.

.@FBI Director Comey at the NYPD Shield Conference now thanking the NYPD for being good partners.pic.twitter.com/Jkpo2MpTkD

— NYPD NEWS (@NYPDnews)

Unlike Al-Qaeda, which was more centralized and focused on major acts of terrorism, IS has “has become the leader in global jihad by this crowdsourcing of terrorism” through social media platforms, the FBI chief said.

Comey also used the speech as an opportunity to push his anti-encryption agenda, telling the audience that encrypted messaging makes terrorist “go dark” to law enforcement.

Encryption is “at the center of terrorist tradecraft,” he said, urging for more surveillance capability in the name of fighting terrorism.

Echoing his remarks in the wake of the San Bernardino attack, Comey said that Americans should not live in a “disabling state of fear” but should channel their anxiety into a “healthy awareness” of their surroundings.

Asked about the San Bernardino attackers, Comey said the FBI was still trying to understand where they were in the four hours between the holiday party shooting and the shootout with police, if there was anything else they were planning to do, and if anyone else was helping them.

“We still have not seen evidence… that they were part of an organized cell of some sort, or that there were other parts to this plan,” the FBI chief said.

As lawmakers clash over refugees, Syrian immigration quietly tops 100,000 since 2012

FNC: A proposal to admit 10,000 Syrian refugees to the United States has ignited a bitter debate in Washington, but more than 10 times that number of people from the embattled country have quietly come to America since 2012, according to figures obtained by FoxNews.com.

Some 102,313 Syrians were granted admission to the U.S. as legal permanent residents or through programs including work, study and tourist visas from 2012 through August of this year, a period which roughly coincides with the devastating civil war that still engulfs the Middle Eastern country. Experts say any fears that terrorists might infiltrate the proposed wave of refugees from United Nations-run camps should be dwarfed by the potential danger already here.

“The sheer number of people arriving on all kinds of visas and with green cards, and possibly U.S. citizenship, makes it impossible for our counterterrorism authorities to keep track of them all, much less prevent them from carrying out attacks or belatedly try to deport them,” said Jessica Vaughan of the Center for Immigration Studies.

“I think it’s reasonable to assume that the U.S. Government ran the minimum intelligence traces required at the time of entry.”

– Fred Burton, Stratfor

Numbers obtained from the U.S. Customs and Border Protection show 60,010 Syrian visa holders have entered the U.S. since 2012, including 16,245 this year through August. Additional numbers provided by a Congressional source showed another 42,303 Syrians were granted citizenship or green cards during the same period.

“It is highly unlikely that the 102,313 Syrians who were admitted over the past three years were effectively vetted,” said spokesman Ira Mehlman, of the Federation for American Immigration Reform. “Even in countries where we have a strong diplomatic presence, the sheer volume of background checks being carried out precludes the kind of thorough vetting that is necessary.”

The Syrians being admitted are coming directly from their homeland, usually through the U.S. visa program, as opposed to the refugees President Obama is seeking to take in through U.N.-run refugee camps. Most have secured legal entry before they arrive.

“Refugees are part of the admitted category,” said Jaime Ruiz, spokesman for the U.S. Customs and Border Protection. “Their cases are approved prior to arriving into the U.S.”

Those who escaped Syria’s grinding civil war, which has killed an estimated 300,000, and made it to the U.S. are more likely to be those with the money and means to access the U.S. immigration bureaucracy, say experts. But even that system is susceptible to fraud.

President Obama’s proposal raised immediate concerns that ISIS, which vowed to infiltrate refugee camps, could use forged documents to enter the U.S. White House assurances that refugees would be carefully screened met with renewed skepticism after it was revealed that terrorist Tashfeen Malik obtained a fiancée visa despite notable red flags. Malik, who together with her husband killed 14 and wounded 21 in a terror attack in San Bernardino, Calif., Dec. 2, listed a phony Pakistani address and reportedly had a history of posting jihadist messages on social media platforms.

Malik’s entry into the U.S., combined with so many Syrians already here, is even more concerning than the proposed refugees, according to Fred Burton, of the global intelligence firm Stratfor.

“I’m more fearful of those currently inside the U.S. predisposed to strike locally as with the San Bernardino model,” Burton said. “I think it’s reasonable to assume that the U.S. government ran the minimum intelligence traces required at the time of entry.”

Mehlman said the same concerns raised in regard to the refugees – mainly that no reliable documents can be issued in a country in complete meltdown – apply to the Syrians already here.

“All civil order has collapsed, and meaningful background checks are impossible,” Mehlman said. “Instead, we rely on cross-checking databases. However, many people with ties to terrorist groups are not in any databases, which means there is no way we can identify them before they arrive here.”

A government official who expressed astonishment at such large immigration numbers from a relatively small country, said approximately half are legal permanent residents and the remainder came here on visas, the latter of which remains a point of contentious concern.

Screening of all immigrants and refugees must be tightened, said Rep. Mike McCaul, chairman of the House Homeland Security Committee.

“This administration has forbid our front line security professionals from more broadly incorporating social media information into the visa application process, something that might have kept this attacker out of our country,” said McCaul, R-Texas. “We need more robust vetting and screening of all visa applicants.”

Additional data obtained from CBP found that while five Syrians have been apprehended in 2014 and another five in 2015 attempting to cross over the southern border from Mexico, the northern border escapes public and political scrutiny. In 2014 eight Syrians were apprehended by Border Patrol attempting to cross into the U.S. from Canada. Given the visa waiver agreement with Canada, there is no reason to sneak across the border. Since 2011, 1,229 Syrians have been granted entry from Canada.

The Terror of Hackers

U.S. arrests three men over hacking scheme targeting 60 million people

Cybersecurity researcher Billy Rios points to a computer line reading ''Gods Password,'' a password he was able to uncover by analyzing the software in a Pyxis medical supply dispenser that he says he purchased on Ebay for a few hundred dollars, in Redwood City, California October 10, 2014. REUTERS/Robert Galbraith

Reuters: Three men were arrested on Monday for engaging in a wide-ranging hacking and spamming scheme that targeted personal information of 60 million people including Comcast customers, U.S. prosecutors announced Tuesday.

Timothy Livingston, 30, Tomasz Chmielarz, 32, and Devin McArthur, 27, were named in an indictment filed in federal court in Newark, New Jersey that charged them with conspiracy to commit fraud and related activity among other offenses.

Prosecutors said Livingston, a Boca Raton, Florida, resident, was the leader of a series of computer hacking and illegal spamming schemes that targeted multiple companies and generated illegal profits exceeding $2 million.

The three men were arrested at their respective residences on Tuesday morning, a spokesman for U.S. Attorney Paul Fishman in New Jersey said.

Michael Koribanics, Chmielarz’s lawyer, said his client would plead not guilty at a court hearing on Tuesday. A lawyer for Livingston did not immediately respond to a request for comment, and an attorney for McArthur could not be identified.

Prosecutors said Livingston, who owned a spam company called “A Whole Lot of Nothing LLC,” hired Chmielarz of Rutherford, New Jersey to author hacking tools and other programs that facilitated the hacking and spamming schemes.

Among the companies they targeted was a Pennsylvania-based telecommunications company that employed McArthur, a resident of Ellicott City, Maryland, who installed hacking tools in company networks to gain access to records for 50 million people, prosecutors said.

The company was not identified by name in court papers. But McArthur’s LinkedIn page says he worked at Comcast Corp during the period in question. A Comcast spokeswoman had no immediate comment.

Livingston and Chmielarz also compromised tens of thousands of peoples’ email accounts, including customers of a New York telecommunications company, which they then used to send spam, the indictment said.

Other companies targeted in the schemes included a New York-based technology and consulting company whose website was compromised and a Texas-based credit monitoring firm that was hacked, the indictment said.

In the case of the unnamed credit monitoring firm, the indictment said Livingston paid Chmielarz to write a program to steal a database containing 10 million records.

When law enforcement seized Livingston’s computer in July, they discovered a database with 7 million of that company’s records, the indictment said.

New OPM Cyber Chief Is Bracing for an ISIS Hack

The new cybersecurity adviser hired by the Office of Personnel Management after a Chinese-originated hack says he expects ISIS may ultimately pierce the agency’s systems, too.

The historic data breach exposed the professional and private lives of 21.5 million individuals applying for clearances to handle classified information, plus their families. That kind of information, drawn from background investigations, would be perfect for blackmail attempts.

But Clifton Triplett—named OPM’s first-ever senior cyber and information technology adviser last month—says forthcoming access controls will blunt the severity of any future hack.

I think what I have to do is … assume that, at some point in time, they may be successful,” Triplett said when asked about the ISIS cyber threat during a webcast hosted by Bloomberg Government on Monday.

Going forward, OPM will “make it more of a need-to-know kind of access control,” he said, “so if we do have a compromise, it is far more contained than, for example, our last incident.”

The agency, he explained, will institute the equivalent of tear lines on network data to grant as little information as possible to authorized personnel.

Right now, I think, in some of our situations, the access control is broader than perhaps needs to be,” Triplett said, because OPM computer programs were developed before data security became a governmentwide priority.

So far, ISIS sympathizers have been hacking more for show, than for spying.

In early 2015, the self-described Cyber Caliphate group reportedly took control of the social network accounts of U.S. Central Command.

Then, global television network TV5Monde was disabled for hours in April, when the hacktivists apparently replaced the company’s channels, websites and social media accounts with pro-ISIS messaging.

ISIS’ online propaganda often directs followers to kill U.S. and allied troops and supplies the necessary contact information. But much of the data released has turned out to have already been in the public domain.

Still, America viewed at least one ISIS hacker as enough of a threat to kill him in a targeted attack.

The Justice Department claims Ardit Ferizi breached a server to retrieve identifying details on about 1,350 military and other government personnel. He then allegedly passed the data on to Islamic State member and Cyber Caliphate ringleader Junaid Hussain, a British citizen. Hussain is accused of beckoning adherents to target U.S. personnel, posting links on Twitter to their names, email addresses, passwords, locations and phone numbers. Hussain was reportedly killed in a U.S. drone strike this summer.

But what really frightens Triplett is that OPM’s records sit beside smart toasters and air conditioners in the Internet of Things, he said.

We’re too interconnected. Not enough air gaps in our systems” that physically decouple networks from the Internet, he said. “We are trying to automate and connect one more thing to one more thing.”

Today, background check records are one of those things.

Eventually, Triplett said he fears, “I’ll have a reasonably minor event that will turn into a catastrophic event, and I won’t be able to find out where the root cause was because of the ripple potential.”

Currently, “there’s no way” to cut off the systems from the Internet, OPM’s IT security officer, Jeff Wagner, told Nextgov in October.

Wagner said, “even clearance data” must be online, because the only other option is to exchange paper folders with agency partners like the Social Security Administration.

Adversaries, however, would have to circumvent multiple identity checks and firewalled systems to peer at the personnel records, Wagner said.

 

 

Ollie North with the Peshmerga vs. Islamic State

By the way, the Peshmerga are Muslims.

Obama’s non-war and the consequence on humanity versus Islamic State:

TheHill: A U.S. aircraft carrier passed through the Suez Canal on Tuesday, creating a presence that will allow the U.S. to ramp up airstrikes against the Islamic State in Iraq and Syria (ISIS). The USS Harry S. Truman is due to arrive in the Persian Gulf right around Christmas, where it will begin striking the terrorist group, a Navy official told The Hill.

The Truman and its accompanying carrier strike group will join the French aircraft carrier Charles De Gaulle in the Gulf, which reportedly arrived earlier this month.

The U.S. has steadily increased airstrikes against ISIS, with November hitting a high of 3,271 bombs, according to U.S. Central Command statistics.

Twisted logic designed by the Obama White House and the new ISIS Czar:

    President Obama’s new ISIS czar said yesterday that resolving the Israel Palestine conflict is necessary to defeating Islamist extremists. Rob Malley, senior advisor to Obama “for the Counter-ISIL Campaign in Iraq and Syria” and White House Coordinator for the Middle East and North Africa, said at a New York conference that the conflict enables ISIS in two ways. Extremists “refer constantly” to the situation of Palestinians. So they would lose a recruiting tool if the matter were resolved. And the failure to resolve the conflict makes it “very difficult” to get “the kind of open cooperation that we really need to get changes on the ground”– because Saudi Arabia and other states can’t work openly with Israel as matters stand. Malley said that resolving the conflict was not a “magic wand” to ending problems in the Middle East, but asked if ISIS’s next stop was going to be Gaza or the West Bank, he went on: I don’t know where the next stop will be but I think there’s a more basic point, which is that the absence of a resolution is fueling extremism. If you want to go to Gaza that’s self-evident. Whether ISIS is going to have a foothold there.. that’s a separate question. But I think it stands to reason that resolving this conflict would at least help, it wouldn’t resolve– but it would be a major contribution to stemming the rise of extremism, and to allow the kind of cooperation that is needed [to take on] what should be a common challenge, which is the challenge of ISIS, and of other extremist organizations.

As Oliver North described in the video above, the Baghdad government is directed by Iran, a rogue nation sponsor of terror of which Obama and John Kerry have normalized relations forcing the world to accept the whole Tehran regime.

But what about our own hemisphere?

Iran Taking Over Latin America

  • “This is a matter of life or death. I need you to be an intermediary with Argentina to get help for my country’s nuclear program. We need Argentina to share its nuclear technology with us. It will be impossible to advance with our program without Argentina’s cooperation.” – Iran’s former President Mahmoud Ahmadinejad to the late Venezuelan President Hugo Chávez.
  • According to Venezuelan informants, whitewashing Iran’s accused from the AMIA attack was only a secondary objective in its outreach to Argentina. The primary objective was to gain access to Argentina’s nuclear technology and materials — a goal Iran has for more than three decades.
  • During the last 32 years, Iran has achieved a resounding success in promoting an anti-US and anti-Israel message in Latin America. Its state-owned television network, HispanTV, broadcasts in Spanish 24 hours a day, seven days a week in at least 16 countries throughout the region.
  • The lifting of sanctions and influx of billions of dollars as a result of Iran’s nuclear deal will undoubtedly help Iran in Latin America, where many countries face economic turmoil and can use an Iranian “stimulus.”
  • While Latin America is often regarded as a foreign policy backwater for the United States, it is the geopolitical prize for the Islamic Republic of Iran.

During the last couple months, Iran and Saudi Arabia have been playing a political tug of war over Latin America. On November 10, 2015, Iran’s deputy foreign minister held a private meeting with ambassadors from nine Latin American countries to reaffirm the Islamic Republic’s desire to “enhance and deepen ties” with the region. This was followed by similar statements from Iranian President Hassan Rouhani and Supreme Leader Ayatollah Ali Khamenei at the Gas Exporting Countries Forum (GECF) in Tehran later that month.

The same day, the Saudi Foreign Minister, Adel al-Jubeir, presided over a South American-Arab world summit in Riyadh. FM al-Jubeir, while Ambassador to the United States in 2011, had himself been the target of an Iranian-Latin American assassination plot. Read the full summary complete with citations here.

Released During Republican Debate, the Spending Bill

Sheesh, pardon me but the government funds issues that are beyond the purview of what the Feds are accountable for. What is worse, we continue to robustly keep foreign government afloat. What the heck…when you see some of these items, but poor Vice President Joe Biden, he got stiffed…..hee hee but Biden will be very happy about the potatoes perhaps.

What’s in the spending bill? We skim it so you don’t have to

This item has been updated and revised.

WaPo: The $1.01 trillion spending bill unveiled late Tuesday will keep most of the federal government funded through next September — and it’s packed with hundreds of policy instructions, known on Capitol Hill as “riders,” that will upset or excite Democrats, Republicans and various special interest groups.

So, what’s in the bill? We’ve sifted through the legislation, consulted supporting documents from Democratic and Republican aides, and called out some of the more notable and controversial elements below. (If you want to review detailed reports on all 12 parts of the spending bill, click here.)

ABORTION:

The bill once again bans using federal funding to perform most abortions; blocks the use of local and federal funding for abortions in the District of Columbia; and blocks the use of federal dollars for abortions for federal prisoners. Republicans say that there’s also new language directing the secretary of health and human services to ensure that consumers shopping for health-care coverage on the federal exchange can tell whether a plan covers abortion services.

AFFORDABLE CARE ACT:

The law is still funded, but there’s no new money for it. There’s also no new ACA-related funding for the Internal Revenue Service and the Centers for Medicare and Medicaid Services, the two agencies most responsible for implementing the law. The bill also would cut the budget of the Independent Payment Advisory Board — what Republicans have called “the death panel” — by $10 million.

AFGHANISTAN:

Congress withholds funding for the Afghan government “until certain conditions are met,” including implementing the bilateral security agreement reached with the United States.

AMTRAK:

The nation’s rail passenger service earns $1.39 billion, the same amount it currently receives. The rail service carries passengers through 46 states and hit an all-time high of 31.6 million passengers during the last fiscal year, according to Democratic aides.

CAMPAIGN FINANCE:

The bill would dramatically expand the amount of money that wealthy political donors could inject into the national parties, drastically undercutting the 2002 landmark McCain-Feingold campaign finance overhaul. Bottom line: A donor who gave the maximum $32,400 this year to the Democratic National Committee or Republican National Committee would be able to donate another $291,600 on top of that to the party’s additional arms — a total of $324,000, ten times the current limit. Read more on this here.

CENTERS FOR DISEASE CONTROL:

The agency would get more than $6.9 billion, an increase of about $42.7 million. The nation’s leading disease-fighters also get $30 million to help fight Ebola (see below).

CLEAN WATER ACT:

In a win for Republicans, the spending bill blocks the Environmental Protection Agency from applying the law to certain farm ponds and irrigation ditches — a move that GOP aides said would benefit farmers.

DODD-FRANK:

Democrats agreed to make some of the biggest changes yet to the 2010 financial regulatory reforms. In a deal sought by Republicans, the bill would reverse Dodd-Frank requirements that banks “push out” some of derivatives trading into separate entities not backed by the Federal Deposit Insurance Corporations. Ever since being enacted, banks have been pushing to reverse the change. Now, the rules would go back to the way they used to be. But in exchange, Democrats say they secured more money for the enforcement budgets at the Commodity Futures Trading Commission and the Securities and Exchange Commission.

EBOLA:

Roughly $5.4 billion is provided across several agencies to combat the spread of the disease in the United States and around the world. The amount is less than the $6 billion Obama requested.

EGYPT:

The beleaguered country gets $1.3 billion in military aid and $150 million in economic aid — but the money is subject to “democracy and human rights conditions,” while the secretary of state can make exceptions for counterterrorism and border security operations.

EMBASSIES:

There’s $5.4 billion for security at U.S. embassies worldwide, $46 million more than Obama requested. The total includes new money to implement recommendations from the Benghazi Accountability Review Board. The bill also once again bans any embassy construction money to be spent on the lavish new U.S. embassy in London.

ENVIRONMENTAL PROTECTION AGENCY:

The agency gets $8.1 billion, down $60 million from the last fiscal year. The agency’s budget has been slashed by $2.2 billion, or 21 percent, since fiscal 2010, according to GOP aides. The cuts mean that EPA will have to reduce its staffing to the lowest levels since 1989.

ERIC CANTOR:

Well, kind of. The former House majority leader stunned the political world by losing in a GOP primary last summer. But Congress agreed to provide $12.6 million for his signature legislative achievement — the Gabriella Miller Kids First Act, which authorizes new federally-funded pediatric research. The bill was paid for by slashing federal funding for political conventions.

FEDERAL WORKER PAY (AND CONFERENCES):

The bill allows a 1 percent pay raise ordered by Obama to take effect in January. And the legacy of embarrassing spending scandals at federal agencies persist as Congress once again banned or put limits on certain conferences, official travel and some employee awards.

FOOD SAFETY (AND THE FDA)

There’s $2.589 billion for the Food and Drug Administration, a $37 million increase from last year. There’s $27 million in new funding for the Food Safety Modernization Act. The Food Safety and Inspection Service would receive $1.016 billion, a $5 million increase.

GUANTANAMO BAY:

Once again the Obama administration is banned from transferring terrorism detainees to the United States from the U.S. military facility in Cuba. There’s also a ban on building or buying any facility in the U.S. to house detainees. But the bill allows for the ongoing transfer of detainees to other countries.

HEROIN:

In a modest attempt to address a growing crisis with the illicit drug, lawmakers are adding $7 million for a new anti-heroin task force run out of the Justice Department’s COPS Office. The money will be used as part of a competitive grant program for drug enforcement, including investigations and operations to stop the distribution or sale of the drug, according to Democrats.

IMMIGRATION:

The bill only funds the Department of Homeland Security, which oversees most immigration policy, until February. But negotiators gave new money for immigration programs at other federal agencies. There’s $948 million for the Department of Health and Human Service’s unaccompanied children program — an $80 million increase. The program provides health and education services to the young migrants. The department also gets $14 million to help school districts absorbing new immigrant students. And the State Department would get $260 million to assist Central American countries from where of the immigrant children are coming.

INTERNAL REVENUE SERVICE:

One of the GOP’s favorite targets will see its budget slashed by $345.6 million. The nation’s tax agency also would be banned from targeting organizations seeking tax-exempt status based on their ideological beliefs.

ISRAEL:

There’s $3.1 billion in total aid for the country plus $619.8 million in defense aid.

JOE BIDEN:

The legislation once again enacts a pay freeze for the vice president “and senior political appointees.”

LIBYA:

The troubled country cannot receive any U.S. aid until the secretary of state confirms the country is cooperating with ongoing investigations into the September 2012 attack at the U.S. consulate in Benghazi, Libya.

JORDAN:

The Arab kingdom would receive $1 billion in economic and military aid, in addition to U.S. humanitarian aid for millions of Syrian refugees.

LIGHT BULBS:

The bill once again prohibits new standards that would ban the use of cheaper, less energy efficient incandescent bulbs. The proposal was first introduced and set in motion by the Bush administration, but the Obama White House allowed the change to continue, despite sustained consumer demand for older bulbs.

MARIJUANA:

The District of Columbia will be prohibited from legalizing marijuana for the much of the coming year. The development — upending a voter-approved initiative — shocked elected D.C. leaders, advocates for marijuana legalization and civil liberties groups. The bill also would block the Justice Department from interfering with state-level medical marijuana measures and prohibits the Drug Enforcement Agency from interfering with industrial hemp production.

METRORAIL:

The D.C. region’s subway and bus system would earn $150 million in federal dollars for continued improvements. That’s part of $10.9 billion set to be doled out for transit programs nationwide, including the construction of new rail and rapid bus projects in California, Colorado, Florida, Maryland, North Carolina and Texas. But Republicans stress that the bill has no new federal funding for high-speed rail projects, especially the ambitious Los Angeles-to-San Francisco routes envisioned by California Democrats.

MILITARY PAY AND PERKS:

Military service members will receive a 1 percent pay increase next year. But there’s a pay freeze for generals and flag officers. The bill also ends a five percent discount on tobacco and tobacco-related products sold at military exchanges.

NATIONAL MUSEUM OF AFRICAN AMERICAN HISTORY:

The agreement includes $24 million to complete the federal government’s contribution to the new museum being built on the Mall. The rest of the money will be raised through private donations.

NATIONAL INSTITUTES OF HEALTH:

The nation’s premier medical research agency would receive $30.3 billion, a $150 million overall increase. Democrats noted that the new funding helps especially for ongoing Alzheimer’s and brain research programs.

OFFICIAL PORTRAITS:

You’re a government official and want an official portrait? You’ll have to pay for it (or raise the funds). The bill bans taxpayer funding for official portraits of any Executive Branch employees, lawmakers and heads of legislative agencies.

OVERSEAS MILITARY OPERATIONS:

There’s $1.3 billion for a new Counterterrorism Partnership Fund; $5 billion for military operations to combat the Islamic State, including $1.6 billion to train Iraqi and Kurdish forces; $500 million for a Pentagon-led program to train and equip vetted Syrian opposition fighters; $810 million for ongoing military operations in Europe, including requirements that at least $175 million is spent in support of Ukraine and Baltic nations.

PALESTINIAN AUTHORITY:

The bill stops assistance to the Palestinian Authority if it becomes a member of the United Nations or UN agencies without an agreement  with Israel. It also prohibits funds for Hamas.

PENSIONS:

For the first time, the benefits of current retirees could be severely cut, part of an effort to save some of the nation’s most distressed pension plans. The change would alter 40 years of federal law and could affect millions of workers, many of them part of a shrinking corps of middle-income employees in businesses such as trucking, construction and supermarkets. Read more on this here.

U.S. POSTAL SERVICE:

You like your mail on Saturdays? You’ll keep your mail on Saturdays. The bill requires the mail service to continue six-day deliveries, despite a years-long attempt to cut back on service to save money.

POTATOES:

White potatoes, to be exact. The Women, Infants and Children program that provides food aid to low-income families would receive $6.6 billion, a $93 million cut from the last fiscal year. But the program will be required to ensure that “all varieties of fresh vegetables, including white potatoes, are eligible for purchase” through the program, said Republicans. The change is a big victory for the potato lobby, which has long fought to be part of the food assistance program.

RACE TO THE TOP:

The bill cuts funding for Obama’s signature education initiative — a big blow to his education legacy, according to The Post’s Valerie Strauss. Overall, the Education Department would take a slight hit in funding; at $70.5 billion, down $133 million below the fiscal year 2014, but special education grants to states would get $25 million more than last year, up to $11.5 billion. There is also no funding for the controversial Common Core State Standards in this legislation.

RAILROADS:

Among other things, there’s $3 million to expand inspections along the roughly 14,000 miles of track used by trains hauling oil tankers.

SAGE-GROUSE:

In a victory for the GOP, the bill would ban the Fish and Wildlife Service from adding the rare bird found in several Western states to the Endangered Species List. Republicans argue that adding the bird to the list “would have severe economic consequences on Western states and the nation’s efforts to become energy independent.” But there’s also $15 million for the Bureau of Land Management to conserve sage-grouse habitats.

SCHOOL LUNCH PROGRAM:

The school lunch nutritional changes sought by First Lady Michelle Obama take a hit. The bill allows more flexibility to school districts to implement new whole grain nutrition standards “if the school can demonstrate a hardship” when buying whole grain products, according to Republicans. The bill also relaxes new sodium standards until they are “supported by additional scientific studies.”

SEXUAL ASSAULT IN THE MILITARY:

There’s $257 million for the Pentagon’s Sexual Assault Prevention and Response programs, including $25 million more to expand the Sexual Assault Victims’ Counsel program. But Democrats, led by Sen. Kirsten Gillibrand (D-N.Y.), are expected to make a final push to expand the program this week.

TRUCKING:

In a victory for the trucking industry, the bill blocks new Transportation Department regulations requiring truckers to get two nights of sleep before starting a new work week. The regulation slashed a typical trucker’s work week to 70 hours, down from 82 hours.

UNITED NATIONS:

The perennial ban on providing money for the ongoing renovation of U.N. Headquarters in New York remains intact.

U.S. CAPITOL (AND RELATED AGENCIES):

There’s $21 million to continue restoring the cast-iron Capitol Dome. And $348 million for the U.S. Capitol Police (a force with 1,775 officers). Lawmakers also plan to save $10,000 by allowing the congressional Office of Compliance to email congressional staffers about their employment rights. Old rules required the office to send such notices by snail mail. Finally, for the first time the agency formerly known as the Government Printing Office is now officially known as the Government Publishing Office.

VETERANS:

After a year of embarrassing scandals at the sprawling Department of Veterans Affairs, lawmakers are making good on promises to provide more money and oversight. There’s a total of $159.1 billion in discretionary and mandatory spending. Of that, $209 million was added to address new costs related to the bipartisan veterans’ reform bill passed last summer. The legislation calls for adding medical staff and expanding dozens of facilities. In order to specifically addressing the “wait list” scandal, the VA’s inspector general is getting a $5 million budget increase to continue investigating lapses in patient care.

WHISTLEBLOWERS:

The bill includes language ensuring that government contractors are not barred from reporting allegations of waste, fraud or abuse if they sign a confidentiality agreement. And the Occupational Safety and Health Administration would receive a $500,000 increase for its enforcement of existing whistleblower laws.

WHITE HOUSE BUDGET:

There’s $222 million for executive mansion operations, a $10 million increase. The money pays for the National Security and Homeland Security councils, the Council of Economic Advisers, the vice president’s office and the executive residence. The bill doesn’t provide any new funding “to address security weaknesses at the White House complex,” according to Democrats. But the U.S. Secret Service would be allowed to use some of its funding “to prepare and train for the next presidential election campaign,” Democrats said.

WOLVES:

Well, only if you’re attacked. There’s $1 million in the bill “to compensate ranchers for livestock killed by wolves.”

YUCCA MOUNTAIN:

There’s no new money for the site, but current money for it must be spent pursuant to a recent court decision. Republicans say that the bill continues to leave open the possibility that the site could be used someday to store nuclear waste — but that won’t happen as long as Senate Majority Leader Harry M. Reid (D-Nev.) is around.