Category Archives: Department of Homeland Security

New Sources and Newest Release, U.S. Drone Operations

Posted on by

Being a whistleblower is not enough, but stealing documents and releasing them is over the top. Raise your hand if you think Snowden and those working in cooperation with him are covert Russian operatives and is aiding the enemy.

Perhaps it is time to question those who are aiding Snowden as well when it comes to violating the Espionage Act and a handful of other Federal laws.

A Second Snowden has Leaked a Mother Lode of Drone Documents

by Andy Greenberg:

It’s been just over two years since Edward Snowden leaked a massive trove of NSA documents, and more than five since Chelsea Manning gave WikiLeaks a megacache of military and diplomatic secrets. Now there appears to be a new source on that scale of classified leaks—this time with a focus on drones.

On Thursday the Intercept published a groundbreaking new collection of documents related to America’s use of unmanned aerial vehicles to kill foreign targets in countries ranging from Afghanistan to Yemen. The revelations about the CIA and Joint Special Operations Command actions include primary source evidence that as many as 90 percent of US drone killings in one five month period weren’t the intended target, that a former British citizen was killed in a drone strike despite repeated opportunities to capture him instead, and details of the grisly process by which the American government chooses who will die, down to the “baseball cards” of profile information created for individual targets, and the chain of authorization that goes up directly to the president.1

All of this new information, according to the Intercept, appears to have come from a single anonymous whistleblower. A spokesperson for the investigative news site declined to comment on that source. But unlike the leaks of Snowden or Manning, the spilled classified materials are accompanied by statements about the whistleblower’s motivation in his or her own words.

“This outrageous explosion of watchlisting—of monitoring people and racking and stacking them on lists, assigning them numbers, assigning them ‘baseball cards,’ assigning them death sentences without notice, on a worldwide battlefield—it was, from the very first instance, wrong,” the source tells the Intercept. “We’re allowing this to happen. And by ‘we,’ I mean every American citizen who has access to this information now, but continues to do nothing about it.”

Reports first surfaced in the fall of last year that the Intercept, a news site created in part to analyze and publish the remaining cache of Snowden NSA documents, had found a second source of highly classified information. The final scene of the film “Citizenfour,” directed by Intercept co-founder Laura Poitras, shows fellow Intercept co-founder Glenn Greenwald meeting with Snowden in Moscow to tell him about a new source with information about the U.S. drone program, whom he says has been communicating with the Intercept‘s Jeremy Scahill. At one point, Greenwald draws Snowden a diagram of the authorization chain for drone strikes that ends with the president, one that looks very similar to the one included in Thursday’s publication.

“It’s really risky,” Snowden tells Greenwald in the scene. “That person is incredibly bold.”

“The boldness of it is shocking,” Greenwald responds, “But it was obviously motivated by what you did.”

In the scene, Greenwald also tells Snowden the security tools the Intercept is using to communicate with the source, writing the names of the software on a piece of paper in what may have been an attempt to avoid eavesdroppers. Those security tools, along with the Intercept‘s reputation for combative, unapologetic investigation of the U.S. government, may help explain how the site seems to have found another Snowden-like source of national security secrets. The Intercept and its parent company First Look Media employ world-class security staff like former Googler Morgan Marquis-Boire, Tor developer Erinn Clark, and former EFF technologist Micah Lee. Far more than most news sites, its reporters use tools like the encryption software PGP and the anonymous upload system SecureDrop to protect the identities of its sources.

Whether those measures can actually protect this particular source—or whether the source Greenwald told Snowden about is even the same one who leaked the Intercept‘s Drone Papers—remains to be seen. Yahoo News reported last year that the FBI had identified a “second leaker” to the Intercept and searched his or her home as part of a criminal investigation.

If that reported search of the leaker’s home did happen, however, it doesn’t seem to have slowed down the Intercept or its whistleblower. A year later, no arrests or charges have been made public, and the site has now published what appear to be the biggest revelations yet from its new source.

In the Citizenfour scene, Snowden tells Greenwald he hopes that the new leaks could help change the perception of whistleblowers in general. “This could raise the political situation with whistleblowing to a whole new level, he says.

“Exactly,” Greenwald responds. “People are going to see what’s being hidden by a totally different part of the government.”

Read the Intercept‘s full Drone Papers release here.

1 Correction 10/15/2015 12:45pm: An earlier version of this story stated that a former US citizen, Bilal el-Berjawi, was killed by a drone. In fact, el-Berjawi was a former British citizen.

2 Updated 10/15/2015 2:15pm to include Erinn Clark in the list of First Look Media security engineers.

 

Oh, More Counterterrorism Bureaucracy/SPLC

Posted on by

As you read through this, understand that pesky Southern Poverty Law Center is part of the bureaucracy:

From the Justice Department website:

Wednesday, October 14, 2015
Remarks as prepared for delivery

Thank you, Lorenzo [Vidino], for that kind introduction.

It is an honor to be at this event, co-hosted by the George Washington University’s new Program on Extremism and the Southern Poverty Law Center.

The partnership between SPLC and GW serves as a reminder that violent extremism is neither a new phenomenon, nor one that is limited to any single population, region or ideology.

Since its creation in 1971, SPLC has been an important voice on the wide range of extremist groups throughout this country.  And over the past four decades, the existence of hate, violence and extremism has remained unfortunately all too constant.  Earlier this year, we honored and remembered the victims of the horrific Oklahoma City bombing on the 20th anniversary of that devastating attack.  Less than two months after the anniversary, we again saw unimaginable violence motivated by hate.  A young man killed nine African-American men and women attending a bible class in Charleston, South Carolina.  A senseless, racist act.  The list goes on, past and present.

But as we gather today, new and disturbing trends loom over the horizon – trends we must understand to defeat.

New initiatives, like GW’s program, which focus on empirical research and analysis, are critical to policymakers and the interested public alike.

So although the problem set is by no means new, it is changing, and we must take lessons learned in the past and couple them with trend analysis to understand these shifts.

Today’s event is a good start to that conversation.  We are here to talk about combating domestic terrorism, which the FBI has explained as “Americans attacking Americans based on U.S.-based extremist ideologies.”

Much attention has focused on those inspired by Al Qaeda and the Islamic State of Iraq and the Levant’s (ISIL) message of hate and violence spreading worldwide and reaching homes here in America through the group’s unprecedented social media recruitment efforts.  And rightly so.

But today is a good opportunity to focus the conversation broadly on violent extremism here in America.  The threat ranges from individuals motivated by anti-government animus, to eco-radicalism, to racism, as it has for decades. Many more details here.

DOJ announces new position to focus on domestic terror threat

FNC:

A new national security position is being created to help combat homegrown terror threats, the Department of Justice announced Wednesday.

John Carlin, head of the department’s national security division, announced the new Domestic Terrorism Counsel at a speech Wednesday at George Washington University, to work with DOJ assets on domestic threats.

“…in order to ensure that we are gaining the benefits of the information and input from those eyes on the ground from around the country, and in recognition of a growing number of potential domestic terrorism matters around the United Sates, we have created a new position to assist with our important work in combating domestic terrorism,” Carlin said, according to his prepared remarks.

Carlin emphasized what he called the growing risk from homegrown  terrorism and specifically white supremacy.

“We recognize that, over the past few years, more people have died in this country in attacks by domestic extremists than in attacks associated with international terrorist groups,” Carlin said

“Among domestic extremist movements active in the United States, white supremacists are the most violent. The Charleston shooter, who had a manifesto laying out a racist world-view, is just one example,” Carlin said, before also noting killings by white supremacists in Kansas and Wisconsin.

While he spoke about the threat posed by the Islamic State terror group, he emphasized that law enforcement is focused on racist and anti-government ideologies, and that such ideologies may pose a more serious threat than ISIS.

“More broadly, law enforcement agencies nationwide are concerned about the growth of the “sovereign citizen” movement.  According to one 2014 study, state, local and tribal law enforcement officials considered sovereign citizens to be the top concern of law enforcement, ranking above ISIL and Al Qaeda-inspired extremists,” he said.

Carlin said the new Domestic Terrorism Counsel will serve as the main point of contact for U.S. Attorney offices nationwide. The new official will work to identify trends that can be used to help shape a national strategy.

The Associated Press contributed to this report.

 

Strong Cities Network or Global Police?

Posted on by

What’s the Goal of DOJ’s Strong Cities Network?

by Johanna Markind
American Thinker
October 8, 2015

On September 29, 2015, with the endorsement of Attorney General Loretta Lynch, a group called the Strong Cities Network was launched at the United Nations.

According to its website, Strong Cities “aims to connect cities and other local authorities on an international basis, to enhance local level approaches to prevent violent extremism; including facilitating information sharing, mutual learning and creation of new and innovative local practices.”

Reportedly, the “network will conduct workshops and training, will offer online documents of best practices, and will offer grants for innovative initiatives. The US State Department will provide funds through 2016, at which time charities are expected to take over funding.” A summit is scheduled to take place next spring in Paris.

The group includes 23 cities, including four from the US: Minneapolis, New York, Denver, and Atlanta. Minneapolis is also one of three US cities – the other two being Boston and Los Angeles – the Obama Administration selected to participate in its Countering Violent Extremism pilot program.

The Strong Cities Program has been criticized by the New York Civil Liberties Union and by American Muslim activists fearful it will target Muslims. Similar criticisms have been leveled against the Department of Justice Countering Violent Extremism program, notably by the Islamist-posing-as-civil-rights group Council on American-Islamic Relations. New York groups like the NYCLU, Association of Muslim American Lawyers and the Justice League NYC expressed concern New York would eventually become active with the Justice Department’s “Countering Violent Extremism,” or CVE, programs, which they say “overwhelmingly” target Muslim communities.

Given this sort of challenge, and the Obama Administration‘s own predilections, it is unsurprising that the program avoids connecting its target to radical Islam. Its stated goals include addressing “violent extremism in all of its forms” without associating violent extremism “with any particular religion, nationality or ethnic group.” It emphasizes inclusiveness, collaboration, and non-discrimination “in compliance with international human rights standards.”

The Attorney General’s remarks likewise avoided referring to any specific religion. The closest she came was to refer vaguely to “groups like ISIL,” and ecumenically to “fanatics motivated by hatred against religious or ethnic factions,” and explained, “all are antithetical to the shared vision and common cause that joins us.”

Similarly, in his remarks at the International Institute for Justice and the Rule of Law’s “More Effective Responses to the Foreign Terrorist Fighter Threat” event the day before the Strong Cities launch, Assistant Attorney General John Carlin managed to avoid all references to Islam, and all reference to Muslims save to describe ISIL as “a group that beheads and kills Muslims and non-Muslims with the same impunity,” and to focus on the need to broadcast “the damage they [ISIL] are doing to Muslim communities.”

The refusal to identify radical Islam as the focus of the Strong Cities Network – indeed, Mayor DeBlasio‘s insistence that it would not focus on any one type of extremism and references to the shooting of African-American churchgoers in Charleston and the past attacks on Planned Parenthood clinics – has in turn stoked fears that it will target conservative groups and criticism of its close cooperation with the United Nations. (Regarding the latter, it is difficult to take seriously an organization that puts Saudi Arabia in charge of its Human Rights Commission; the UN’s High Commissioner for Human Rights, Saudi Prince Zeid Ra’ad Hussein, was scheduled to be present at the launch.)

Are Lynch’s remarks, and the Strong Cities Network’s self-description, necessary diplomatic niceties for a program designed to deal with violent Islamism? Or will the program blunt its utility by taking on too many tasks? For example, how many resources will it devote to combating right-wing extremism?

The refusal of the program, and of Lynch and Carlin, to speak plainly about violent Islamism and the need to defeat it, does not bode well for its chances of success at that task. To quote former US Defense Intelligence Agency Director Lt. Gen. Michael Flynn, “You can’t defeat an enemy that you don’t admit exists.”

*** Deeper layer peeled back:

From John Whitehead, founder of the Rutherford Institute
Now, with Strong Cities Network, U.S. cities will be cooperating and “sharing resources” with foreign governments around the world. Local police are already training with FBI, DHS and even the military. Obama’s new program lays the groundwork for them to train with foreign police units under the banner of the U.N.

“With the Strong Cities program we see the goal is to have global police, so it’s going to be very hard to rein in global cops,” Whitehead said. “Cops who were trained locally are going by the wayside, dealing solely with local cops is going to be a thing of the past. It’s sort of in your face, it’s saying the U.N. is going to be a global police force, working in this country one way or the other. New York City, L.A., Chicago are going to lead the way. Americans better get ready for this because what it means is, our Constitution is being replaced, and the constitutional protections we have eventually will be gone.”

Among the first steps taken will involve merging some of the law-enforcement capacities within regions, with U.S. cops cooperating more closely with those of Mexico and Canada, Whitehead said. Click here for Whitehead’s summary and warning from 2010.

They Are Coming

Posted on by

Per the FBI website: Good afternoon Chairman Johnson, Ranking Member Carper, and members of the committee. Thank you for the opportunity to appear before you today to discuss the current threats to the homeland and our efforts to address new challenges, including terrorists’ use of technology to communicate—both to inspire and recruit. The widespread use of technology propagates the persistent terrorist message to attack U.S. interests whether in the homeland or abroad. As the threat to harm Western interests evolves, we must adapt and confront the challenges, relying heavily on the strength of our federal, state, local, and international partnerships. Our successes depend on interagency cooperation. We work closely with our partners within the Department of Homeland Security and the National Counterterrorism Center to address current and emerging threats.

Counterterrorism

Counterterrorism remains the FBI’s top priority, however, the threat has changed in two significant ways. First, the core al Qaeda tumor has been reduced, but the cancer has metastasized. The progeny of al Qaeda—including AQAP, al Qaeda in the Islamic Maghreb, and the Islamic State of Iraq and the Levant (ISIL)—have become our focus.

Secondly, we are confronting the explosion of terrorist propaganda and training on the Internet. It is no longer necessary to get a terrorist operative into the United States to recruit. Terrorists, in ungoverned spaces, disseminate poisonous propaganda and training materials to attract troubled souls around the world to their cause. They encourage these individuals to travel, but if they can’t travel, they motivate them to act at home. This is a significant change from a decade ago.

We continue to identify individuals who seek to join the ranks of foreign fighters traveling in support of ISIL, and also homegrown violent extremists who may aspire to attack the United States from within. These threats remain among the highest priorities for the FBI and the Intelligence Community as a whole.

Conflicts in Syria and Iraq continue to serve as the most attractive overseas theaters for Western-based extremists who want to engage in violence. We estimate approximately 250 Americans have traveled or attempted to travel to Syria to participate in the conflict. While this number is lower in comparison to many of our international partners, we closely analyze and assess the influence groups like ISIL have on individuals located in the United States who are inspired to commit acts of violence. Whether or not the individuals are affiliated with a foreign terrorist organization and are willing to travel abroad to fight or are inspired by the call to arms to act in their communities, they potentially pose a significant threat to the safety of the United States and U.S. persons.

ISIL has proven relentless in its violent campaign to rule and has aggressively promoted its hateful message, attracting like-minded extremists to include Westerners. To an even greater degree than al Qaeda or other foreign terrorist organizations, ISIL has persistently used the Internet to communicate. From a homeland perspective, it is ISIL’s widespread reach through the Internet and social media which is most concerning as ISIL has aggressively employed this technology for its nefarious strategy. ISIL blends traditional media platforms, glossy photos, in-depth articles, and social media campaigns that can go viral in a matter of seconds. No matter the format, the message of radicalization spreads faster than we imagined just a few years ago.

Unlike other groups, ISIL has constructed a narrative that touches on all facets of life—from career opportunities to family life to a sense of community. The message isn’t tailored solely to those who are overtly expressing symptoms of radicalization. It is seen by many who click through the Internet every day, receive social media push notifications, and participate in social networks. Ultimately, many of these individuals are seeking a sense of belonging.

As a communication medium, social media is a critical tool for terror groups to exploit. One recent example occurred when an individual was arrested for providing material support to ISIL by facilitating an associate’s travel to Syria to join ISIL. The arrested individual had multiple connections, via a social media networking site, with other like-minded individuals.

There is no set profile for the susceptible consumer of this propaganda. However, one trend continues to rise—the inspired youth. We’ve seen certain children and young adults drawing deeper into the ISIL narrative. These individuals are often comfortable with virtual communication platforms, specifically social media networks.

ISIL continues to disseminate their terrorist message to all social media users—regardless of age. Following other groups, ISIL has advocated for lone offender attacks. In recent months ISIL released a video, via social media, reiterating the group’s encouragement of lone offender attacks in Western countries, specifically advocating for attacks against soldiers and law enforcement, intelligence community members, and government personnel. Several incidents have occurred in the United States and Europe over the last few months that indicate this “call to arms” has resonated among ISIL supporters and sympathizers.

In one case, a New York-based male was arrested in September after he systematically attempted to travel to the Middle East to join ISIL. The individual, who was inspired by ISIL propaganda, expressed his support for ISIL online and took steps to carry out acts encouraged in the ISIL call to arms.

The targeting of U.S. military personnel is also evident with the release of names of individuals serving in the U.S. military by ISIL supporters. The names continue to be posted to the Internet and quickly spread through social media, depicting ISIL’s capability to produce viral messaging. Threats to U.S. military and coalition forces continue today.

Social media has allowed groups, such as ISIL, to use the Internet to spot and assess potential recruits. With the widespread horizontal distribution of social media, terrorists can identify vulnerable individuals of all ages in the United States—spot, assess, recruit, and radicalize—either to travel or to conduct a homeland attack. The foreign terrorist now has direct access into the United States like never before.

In other examples of arrests, a group of individuals was contacted by a known ISIL supporter who had already successfully traveled to Syria and encouraged them to do the same. Some of these conversations occur in publicly accessed social networking sites, but others take place via private messaging platforms. As a result, it is imperative the FBI and all law enforcement organizations understand the latest communication tools and are positioned to identify and prevent terror attacks in the homeland.

We live in a technologically driven society and just as private industry has adapted to modern forms of communication so too have terrorists. Unfortunately, changing forms of Internet communication and the use of encryption are posing real challenges to the FBI’s ability to fulfill its public safety and national security missions. This real and growing gap, to which the FBI refers as “Going Dark,” is an area of continuing focus for the FBI; we believe it must be addressed given the resulting risks are grave both in both traditional criminal matters as well as in national security matters. The United States government is actively engaged with private companies to ensure they understand the public safety and national security risks that result from malicious actors’ use of their encrypted products and services. However, the administration is not seeking legislation at this time.

The FBI is utilizing all lawful investigative techniques and methods to combat the threat these individuals may pose to the United States. In conjunction with our domestic and foreign partners, we are rigorously collecting and analyzing intelligence information as it pertains to the ongoing threat posed by foreign terrorist organizations and homegrown violent extremists. We continue to encourage robust information sharing; in partnership with our many federal, state, and local agencies assigned to Joint Terrorism Task Forces around the country, we remain vigilant to ensure the safety of the American public. Be assured, the FBI continues to pursue increased efficiencies and information sharing processes as well as pursue technological and other methods to help stay ahead of threats to the homeland.

Intelligence

Integrating intelligence and operations is part of the broader intelligence transformation the FBI has undertaken in the last decade. We are making progress, but have more work to do. We have taken two steps to improve this integration. First, we have established an Intelligence Branch within the FBI headed by an executive assistant director (EAD). The EAD looks across the entire enterprise and drives integration. Second, we now have special agents and new intelligence analysts at the FBI Academy engaged in practical training exercises and taking core courses together. As a result, they are better prepared to work well together in the field. Our goal every day is to get better at using, collecting and sharing intelligence to better understand and defeat our adversaries.

The FBI cannot be content to just work what is directly in front of us. We must also be able to understand the threats we face at home and abroad and how those threats may be connected. Towards that end, intelligence is gathered, consistent with our authorities, to help us understand and prioritize identified threats and to determine where there are gaps in what we know about these threats. We then seek to fill those gaps and learn as much as we can about the threats we are addressing and others on the threat landscape. We do this for national security and criminal threats, on both a national and local field office level. We then compare the national and local perspectives to organize threats into priority for each of the FBI’s 56 field offices. By categorizing threats in this way, we strive to place the greatest focus on the gravest threats we face. This gives us a better assessment of what the dangers are, what’s being done about them, and where we should prioritize our resources.

Cyber

An element of virtually every national security threat and crime problem the FBI faces is cyber-based or facilitated. We face sophisticated cyber threats from state-sponsored hackers, hackers for hire, organized cyber syndicates, and terrorists. On a daily basis, cyber-based actors seek our state secrets, our trade secrets, our technology, and our ideas—things of incredible value to all of us and of great importance to the conduct of our government business and our national security. They seek to strike our critical infrastructure and to harm our economy.

We continue to see an increase in the scale and scope of reporting on malicious cyber activity that can be measured by the amount of corporate data stolen or deleted, personally identifiable information compromised, or remediation costs incurred by U.S. victims. For example, as the committee is aware, the Office of Personnel Management (OPM) discovered earlier this year that a number of its systems were compromised. These systems included those that contain information related to the background investigations of current, former, and prospective Federal government employees, as well as other individuals for whom a federal background investigation was conducted. The FBI is working with our interagency partners to investigate this matter.

FBI agents, analysts, and computer scientists are using technical capabilities and traditional investigative techniques—such as sources, court-authorized electronic surveillance, physical surveillance, and forensics—to fight cyber threats. We are working side-by-side with our federal, state, and local partners on Cyber Task Forces in each of our 56 field offices and through the National Cyber Investigative Joint Task Force (NCIJTF), which serves as a coordination, integration, and information sharing center for 19 U.S. agencies and several key international allies for cyber threat investigations. Through CyWatch, our 24-hour cyber command center, we combine the resources of the FBI and NCIJTF, allowing us to provide connectivity to federal cyber centers, government agencies, FBI field offices and legal attachés, and the private sector in the event of a cyber intrusion.

We take all potential threats to public and private sector systems seriously and will continue to investigate and hold accountable those who pose a threat in cyberspace.

* * *

Finally, the strength of any organization is its people. The threats we face as a nation have never been greater or more diverse and the expectations placed on the Bureau have never been higher. Our fellow citizens look to us to protect the United States from all of those threats and the men and women of the Bureau continue to meet—and exceed—those expectations, every day. I want to thank them for their dedication and their service.

Chairman Johnson, Ranking Member Carper, and committee members, I thank you for the opportunity to testify concerning the threats to the homeland and terrorists’ use of the Internet and social media as a platform for spreading ISIL propaganda and inspiring individuals to target the homeland, and the impact of the Going Dark problem on mitigating their efforts. I am happy to answer any questions you might have.
Recent Testimonies
10.08.15

Threats to the Homeland James B. Comey, Director, Federal Bureau of Investigation, Statement Before the Senate Committee on Homeland Security and Governmental Affairs, Washington, D.C.
08.05.15

Inspector General Access Kevin L. Perkins, Associate Deputy Director, Federal Bureau of Investigation, Joint Statement with Department of Justice Associate Deputy Attorney General Carlos Uriarte Before the Senate Judiciary Committee , Washington, D.C.
07.08.15

Counterterrorism, Counterintelligence, and the Challenges of Going Dark James B. Comey, Director, Federal Bureau of Investigation, Statement Before the Senate Select Committee on Intelligence, Washington, D.C.
07.08.15

Going Dark: Encryption, Technology, and the Balances Between Public Safety … James B. Comey, Director, Federal Bureau of Investigation, Joint Statement with Deputy Attorney General Sally Quillian Yates Before the Senate Judiciary Committee, Washington, D.C.
06.18.15

FBI’s Plans for the Use of Rapid DNA Technology in CODIS Amy S. Hess, Executive Assistant Director, Science and Technology Branch, Federal Bureau of Investigation, Statement Before the House Judiciary Committee, Subcommittee on Crime, Terrorism, Homeland Security, and Investigations, Washington, D.C.
06.03.15

Terrorism Gone Viral: The Attack in Garland, Texas and Beyond Michael B. Steinbach, Assistant Director, Counterterrorism Division, Federal Bureau of Investigation, Statement Before the House Homeland Security Committee, Washington, D.C.
04.29.15

Encryption and Cyber Security for Mobile Electronic Communication Devices Amy Hess, Executive Assistant Director, Science and Technology Branch, Federal Bureau of Investigation, Statement Before the House Oversight and Government Reform Committee, Subcommittee on Information Technology, Washington, D.C.
04.14.15

FBI’s Handling of Sexual Harassment and Misconduct Allegations Kevin L. Perkins, Associate Deputy Director, Federal Bureau of Investigation, Statement Before the House Committee on Oversight and Government Reform, Washington, D.C.
03.25.15

FBI Budget Request for Fiscal Year 2016 James B. Comey, Director, Federal Bureau of Investigation, Statement Before the House Appropriations Committee, Subcommittee on Commerce, Justice, Science, and Related Agencies, Washington, D.C.
03.12.15

FBI Budget Request for Fiscal Year 2016 James B. Comey, Director, Federal Bureau of Investigation, Statement Before the Senate Appropriations Committee, Subcommittee on Commerce, Justice, Science, and Related Agencies, Washington, D.C.
More

LinkedIn Infiltrated by Iranian Hackers

Posted on by

Going back to 2012, Congress held hearings on how the United States is losing the cyber espionage war. To date, there has been no ground gained outside of the scope of creating more task forces and adding cyber personnel. To stop the intrusions by China, Russia and Iran has been a failure.

For a report on the major hacks in 2014, go here. This is by no means a complete list of corporations but it does give a view into the depth of the cyber threat.

WASHINGTON: The United States is “losing the cyber espionage war” against China, Russia and other countries, but even in the face of such a grave threat the country cannot agree on how to protect its precious intellectual seed capital from these predations, the chairman of the House Intelligence Committee says.

“We are running out of time on this,” Rep. Mike Rogers, respected for working closely with his ranking member, said in a speech at today’s Intelligence and National Security Alliance‘s (INSA) cyber conference here.

China is stealing intellectual property on a massive scale, as Gen. Keith Alexander, head of both the National Security Agency and Cyber Command, has made clear with his estimates of such thefts topping $1 trillion. While China is not alone, U.S government officials have made clear that no country engages in cyber espionage as systematically, as thoroughly or as broadly as does the People’s Republic of China.

“China is investing hugely in this technology,” Rogers notes. And the impact of that investment is felt not only in the economic sphere, important as that is. Cyber is now an integral of military planning and operations, as the Russians have demonstrated several times.

To help stem those thefts and to protect critical infrastructure such as power grids, Rogers and Rep. Dutch Ruppersberger, his Democratic colleague on the HPSCI, met with hundreds of business leaders, civil rights and privacy groups over several months as they began to craft what became their 13-page bill. It would have offered businesses liabliity insurance in return for their agreeing to share threat information with the government. The government also would have shared threat information with the businesses.

But there was a catch. Because of how sensitive sources and methods are in the cyber world, the businesses would have to get top secret clearance for senior officials, build and maintain a Sensitive Compartmented Information Facility (SCIF), and maintain the physical and bureaucratic complex required of anyone dealing with classified information.

As Rogers put it, his committee had offered industry a “carrot and a stick.” But his colleagues in the Senate wanted to chart a different path, so the Rogers-Ruppersberger bill is on life support. I asked him today what he planned to do with his “dead” bill. “All is not lost. I am reaching out to members of the Senate just to see what our options are,” as is Ruppersberger. “We are not giving up.”

LinkedIn profiles said to be part of Iranian cyber-espionage campaign


WashingtonTimes: Iranian hackers are suspected of operating a network of bogus LinkedIn accounts that security researchers believe is part of a campaign targeting employees of corporations in the Middle East.

By creating phony profiles containing fabricated job histories and endorsements from other concocted accounts, researchers at Dell said this week that a group of hackers, likely acting on behalf of Iran, attempted to collect intelligence from legitimate LinkedIn users employed in the Arabian and African telecommunications and defense industries.  Twenty-five fake LinkedIn accounts have been identified by researchers working for the company’s SecureWorks Counter Threat Unit, including those of supposed recruitment consultants with hundreds of connections apiece, Dell said on Wednesday.

“CTU researchers assess with high confidence the purpose of this network is to target potential victims through social engineering,” Dell said in the latest report, referring to a tactic in which sensitive data becomes compromised when an individual reveals information to an attacker, often under false pretenses.

Dell has named the actors “Threat Group-2889” and said it’s likely the same organization dubbed “Operation Cleaver” in a report released last year by Cylance, a security firm that linked the group to Iran and claimed it was working to undermine the security of over 50 companies across 15 industries in the region, possibly as retaliation for the U.S.-led Stuxnet campaign.

“Creating a network of seemingly genuine and established LinkedIn personas helps TG-2889 identify and research potential victims. The threat actors can establish a relationship with targets by contacting them directly, or by contacting one of the target’s connections. It may be easier to establish a direct relationship if one of the fake personas is already in the target’s LinkedIn network,” Dell said.

“The level of detail in the profiles suggests that the threat actors invested substantial time and effort into creating and maintaining these personas.”

According to the findings published by Cylance in December, the “Operation Cleaver” hackers used social engineering to trick targets into installing malware that would allow data to then be stolen from infected computers.

Cylance’s report had linked the group to attacks across the world, but Dell’s CTU team said the LinkedIn campaign seems to largely target account holders in the Middle East and northern Africa, a quarter of which work in telecommunications.

“Updates to profile content such as employment history suggest that TG-2889 regularly maintains these fake profiles. The persona changes and job alterations could suggest preparations for a new campaign, and the decision to reference Northrup Grumman and Airbus Group may indicate that the threat actors plan to target the aerospace vertical,” Dell said.

Last month, Director of National Intelligence James Clapper told a congressional committee that Iran uses its cyber program to carry out “asymmetric but proportional retaliation against political foes, as well as a sophisticated means of collecting intelligence.” He went on to blame Iranian hackers for cyberattacks against American banks in 2012 and 2013, as well as an assault last year on the Las Vegas Sands casino company.