Category Archives: DOJ, DC and inside the Beltway

Has Jeh Johnson of DHS Stood in Line at TSA?

Posted on by

the TSA also cannot publicly point to many significant attacks thwarted at airport gates, leading experts to insist that its protocols should be considered largely ineffective.

Rafi Sela, president of international transportation security consultancy AR Challenges, said the agency’s nearly $8 billion budget is largely being misspent on a misguided model. Politico 

TheVerge: Security lines at airports around the US are growing longer and longer. And that’s infuriating airlines, airports, passengers, and our elected officials alike. The long lines at the TSA-staffed security checkpoints are delaying fights and causing people to miss their planes. But ironically, passengers and airlines — the two groups most affected — are the ones who can do the least about it.

“Logistically, we don’t have the opportunity to hold flights for hours,” Ross Feinstein, a spokesperson for American Airlines, said in an interview with The Verge. Passengers “get to the gate too late and they can’t get rebooked for days or a week. That’s our concern, the impact it’s having on our customers.” Naturally, frustrated customers take their anger out on airline employees or, increasingly, airline Twitter accounts. “We see it every day on social media. They’re very upset, and our employees are very concerned.”

 Related: Statement By Secretary Jeh C. Johnson On Inspector General Findings On TSA

But the airlines can’t fix the problem. Security lines are handled by the TSA and individual airports. The Port Authority of New York and New Jersey, which is in charge of JFK, LaGuardia, and Newark airports — three of the busiest in the country — recently sent a letter to the TSA urging it to fix the problems and threatening to use private security contractors to handle security screening.

hiring private contractors to handle screening isn’t a crazy idea

Hiring private security isn’t some crazy idea. Though most airport security checkpoints are manned by TSA agents, there are a handful of airports enrolled in the Screening Partnership Program (SPP), a TSA effort that allows private security contractors to screen passengers under federal supervision. It’s a program championed by Congressman John Mica (R-FL), a longtime TSA foe. There are nearly two dozen airports enrolled in SPP, including SFO in San Francisco, and Mica says it’s the way of the future.

“The TSA is destined to fail in its current structure,” Mica told The Verge. “It’s a huge bureaucracy.” The TSA is currently funded for 45,000 screeners, up from 16,000 when the Administration was formed in 2002. “We have 13,000 more administrative personnel, of which 4,000 are located within a few miles of the US Capital making an average of $104,000 per year. Incompetence highly paid, screeners not well paid.”

Mica says that TSA is staffed with government bureaucrats who have no incentive to execute well and are focused on “hassling innocent passengers.” He says the agency knows how many passengers will be passing through an airport checkpoint weeks in advance and that it still fails to “staff to traffic” — scheduling enough screeners to properly handle the number of passengers.

 Related: TSA, an ‘abominable failure’

His solution is to have TSA set protocols, requirements, and guidelines, and have private contractors handle the day-to-day passenger screenings. Both the Department of Defense and the Department of Energy use private security contractors at military bases and nuclear installations. If it’s good enough for nuclear plants, Mica asks, why isn’t it good enough for our airports?

getty tsaPhoto by John Moore/Getty Images

Unsurprisingly, not everyone in Congress agrees. One of them is Rep. Donald M. Payne, Jr. (D-NJ), who is on the House Homeland Security Subcommittee on Transportation Security and whose district includes Newark airport. “I think TSA is more than capable, if it has the manpower to do the job,” Payne told The Verge. “TSA, when given the manpower and proper utilization, has done an outstanding job and there has not been another attack on an American airport since TSA has been on the job.”

And that’s true. But luck may be playing a role. A leaked report showed that TSA failed to detect weapons and explosives 95 percent of the time in an internal Homeland Security test. A Homeland Security Inspector General’s report called an $878 million screening program, meant to detect suspicious behaviors at checkpoints, “expensive and ineffective.” That program reportedly failed to detect a single terrorist.

morale is a big problem at the TSA

It’s not easy to be on the front lines for the TSA agents either. “Morale is a big problem with the TSA. It’s a thankless job,” says Payne. “All you’re dealing with are people who arrive at the airport late, that want to move through the line expeditiously, and weren’t necessarily there when they should have been. But now they want the whole process to be expedited for their benefit. Sometimes it just doesn’t work that way.”

TSA, for its part, puts most of the blame on the increased number of passengers and on the fact that travelers use more carry-ons because of airline baggage fees. The airlines disagree. “There has not been a huge surge,” says Feinstein. “There are more people traveling, yes, but it’s around a 4 percent increase [over last year]. I don’t think anyone saw two-and-a-half hour wait times last summer. It’s not proportional. It doesn’t equate to a 500 percent increase in wait times.”

“Encouraging passengers to check more bags will not help and would actually exacerbate current checked baggage screening issues that are resulting in passengers missing their connections and having their bags delayed,” said Melanie Hinton, a spokesperson for Airlines for America, an industry trade group. “Even at Midway [Airport in Chicago], served predominantly by an airline that doesn’t charge bag fees, wait times are in excess of 90 minutes, further demonstrating that this problem is not a result of bag fees,” she said. (Southwest Airlines, the largest carrier at Midway, doesn’t charge fees for checked baggage.)

TSA refused our requests for an interview.

the entire industry is frustrated

Some airlines are trying to ease the dire situation by deploying their own forces. American Airlines, for example, has assigned employees to help manage non-screening functions at security checkpoints in an attempt to free up more TSA employees for screening. They’re handling things like telling flyers to remove their shoes or throw out water bottles, as well as moving plastic trays from one end of the security line to the other. But that’s only a short-term solution, and something of a last-ditch attempt at that.

“The entire industry is frustrated,” says Feinstein. “We have issues at DFW, LAX, Denver, Newark. It’s not isolated to a hub, it’s across the board.”

The situation isn’t likely to improve any time soon. Peak travel season begins around Memorial Day and really gets going in mid-June. “This isn’t even peak summer and we can’t rebook passengers on these flights,” Feinstein says. What we’re seeing with the long lines “really does concern us.”

Hey State Dept. What’s the Hurry?

Posted on by
Office of the Spokesperson
Washington, DC
May 19, 2016

Terrorist Designations of ISIL-Yemen, ISIL-Saudi Arabia, and ISIL-Libya

U.S. State Department: The Department of State has announced the designation of the Islamic State of Iraq and the Levant’s (ISIL’s) branch in Libya (ISIL-Libya) as a Foreign Terrorist Organization under section 219 of the Immigration and Nationality Act (INA). Today, the Department is also simultaneously designating ISIL-Libya, along with the ISIL branches in Yemen and Saudi Arabia, as Specially Designated Global Terrorists under Section 1(b) of Executive Order (E.O.) 13224, which imposes sanctions and penalties on foreign persons that have committed, or pose a serious risk of committing, acts of terrorism that threaten the security of U.S. nationals or the national security, foreign policy, or economy of the United States.

The consequences of the FTO and E.O. 13224 designations include a prohibition against knowingly providing, or attempting or conspiring to provide, material support or resources to, or engaging in transactions with, these organizations, and the freezing of all property and interests in property of these organizations that is in the United States, or come within the United States or the control of U.S. persons. The Department of State took these actions in consultation with the Departments of Justice and the Treasury.

ISIL-Yemen, ISIL-Saudi Arabia, and ISIL-Libya all emerged as official ISIL branches in November 2014 when U.S. Department of State-designated Specially Designated Global Terrorist and ISIL leader Abu Bakr al-Baghdadi announced that he had accepted the oaths of allegiance from fighters in Yemen, Saudi Arabia, and Libya, and was thereby creating ISIL “branches” in those countries.

While ISIL’s presence is limited to specific geographic locations in each country, all three ISIL branches have carried out numerous deadly attacks since their formation. Among ISIL-Yemen’s attacks, the group claimed responsibility for a pair of March 2015 suicide bombings targeting two separate mosques in Sana’a, Yemen, that killed more than 120 and wounded over 300. Separately, ISIL-Saudi Arabia has carried out numerous attacks targeting Shia mosques in both Saudi Arabia and Kuwait, leaving over 50 people dead. Finally, ISIL-Libya’s attacks have included the kidnapping and execution of 21 Egyptian Coptic Christians, as well as numerous attacks targeting both government and civilian targets that have killed scores of people.

After today’s action, the U.S. Department of State has now sanctioned eight ISIL branches, having previously designated ISIL-Khorasan, ISIL-Sinai, Jund al-Khilafah in Algeria, Boko Haram, and ISIL-North Caucasus. Terrorism designations are one of the ways the United States can expose and isolate organizations and individuals engaged in terrorism, impose serious sanctions on them, and enable coordinated action across the U.S. Government and with our international partners to disrupt the activities of terrorists. This includes denying them access to the U.S. financial system and enabling U.S. law enforcement actions.

Healthcare Provider Lawsuits v. Feds Begin

Posted on by

Blue Cross insurer sues U.S. for funds owed under health care law

BusinessInsurance: Highmark Inc. and its subsidiaries have sued the federal government for failing to pay funds the insurers say they are owed through one of the Affordable Care Act’s public health insurance exchange safety net programs.

Pittsburgh-based Highmark, the fourth-largest Blue Cross and Blue Shield insurer, is demanding $222.9 million, which it argues it is owed through the ACA risk corridor program for 2014 losses, according to the lawsuit filed Tuesday in the U.S. Court of Federal Claims in Washington.

Highmark said the government has paid only $27.3 million of the total owed for 2014. In early April, Highmark President and CEO David Holmberg said during an analyst call that the insurer was owed more than $500 million from the risk corridor program for 2014 and 2015.

The risk corridor program is intended to help stabilize premiums by offsetting insurers’ losses during the first three years of the public health exchanges.

But the U.S. Centers for Medicare and Medicaid Services last year said it would pay only 12.6% of the money insurers requested for 2014 losses. CMS said the rest of the tab would be paid in 2015 and 2016 if necessary.

The suit accuses the government of breach of good faith and fair dealing among other allegations.

CMS could not be immediately reached for comment.

“The United States has specifically admitted in writing its statutory and regulatory obligations to pay the plaintiff insurers the full amount of risk corridor payments owed to them for calendar year 2014, but it has failed to pay the full amount due,” the lawsuit states.

“Instead, the government arbitrarily has paid the plaintiff insurers only a pro-rata share — less than 12.6% — of the total amount due, asserting that full payment to the plaintiff insurers is limited by available appropriations, even though no such limits appear anywhere in the ACA or its implementing regulations or in the plaintiff insurers’ contracts with the government.”

In a statement Monday, Mr. Holmberg said the Highmark has a “fiduciary responsibility to our 5.2 million health plan members to seek payment.”

Still, Mr. Holmberg said the insurer “remains committed” to the public health exchanges.

Highmark said it tried to negotiate with CMS, which the insurer said refused requests for full payment. It also said CMS has taken the position that “none of the risk corridor payments” for 2014, 2015 and 2016 are due until fall 2017 after the program has concluded.

The insurers involved in the lawsuit, First Priority Life Insurance Co. Inc. et al v. USA, include First Priority Life Insurance Co., Highmark BCBSD Inc., Highmark Inc., Highmark Select Resources Inc., Highmark West Virginia Inc., and HM Health Insurance Co.

In February, Lake Oswego, Oregon-based insurer Health Republic Insurance Co. of Oregon, which now is out of business, filed a $5 billion class action against the federal government for failing to make the risk corridor payments.

**** Good news?

Sessions, Cassidy to introduce ‘The World’s Greatest Health Care Bill. Ever’

FNC: House Rules Committee Chairman Pete Sessions, R-Texas, and Sen. Bill Cassidy, R-La., plan to introduce what they are terming an “alternative” health care bill Thursday which will not repeal ObamaCare, but work alongside the existing Affordable Care Act and modify various parts of the system.

 

The legislation is technically called the HELP Act, short for “Health Empowerment Liberty Plan.”  Sessions however prefers a less clinical moniker with a title infused with a dose of Donald Trump-esque hubris. Instead, the Texas Republican calls the legislation “The World’s Greatest Health Care Bill. Ever.”

Sessions notes that the legislation allows people to keep ObamaCare if they so desire, noting that his measure does not entail a full repeal of ObamaCare.

“Someone who repeals (ObamaCare) is left with nothing,” he said.

That’s why his bill works in tandem with the existing law.

Meanwhile, it does get worse.

UnitedHealth Quits 27th Obamacare State as Insurer to Exit N.J.

Bloomberg: UnitedHealth Group Inc. is exiting New Jersey’s Obamacare exchange, marking the 27th state market the insurer is quitting.

UnitedHealth’s Oxford Health Plans unit won’t participate in New Jersey’s individual market in 2017, on the Affordable Care Act exchange or elsewhere, according to a letter obtained by Bloomberg through an open-records request. Another unit will continue selling plans outside of Obamacare, and the company will keep offering coverage to small businesses, according to Marshall McKnight, a spokesman for New Jersey’s Department of Banking & Insurance.

Chief Executive Officer Stephen Hemsley said last month that UnitedHealth would only offer ACA plans in a “handful of states” for 2017, though the company hasn’t listed them. The company is retreating from the markets created by the ACA amid mounting losses on the policies. Bloomberg has confirmed that the insurer is exiting at least 27 of the 34 states where it sold 2016 coverage.

The company will still probably sell ACA plans in at least three states next year: New York and Nevada have confirmed UnitedHealth’s participation and the company has filed plans to participate in Virginia.

In addition to UnitedHealth, several other insurers offered plans in New Jersey last year, according to the Kaiser Family Foundation. They include Oscar Insurance Corp., AmeriHealth, Health Republic Insurance of New Jersey and Horizon Blue Cross Blue Shield of New Jersey.

Russia’s Other War, Cyber

Posted on by

 

Finding weakness and exploiting it in the cyber realm is hidden warfare, few speak about. For the West, Russia tops the list. China, Iran and North Korea are also on the short list. For Russia’s other targets, the Baltic States are in the Russian target list.

CBS: The U.S. has elevated its appraisal of the cyber threat from Russia, the U.S. intelligence chief said Thursday, as he delivered the annual assessment by intelligence agencies of the top dangers facing the country.

“While I can’t go into detail here, the Russian cyber threat is more severe than we had previously assessed,” James Clapper, the director of national intelligence, told the Senate Armed Services Committee, as he presented the annual worldwide threats assessment.

As they have in recent years, U.S. intelligence agencies once again listed cyber attacks as the top danger to U.S. national security, ahead of terrorism. Saboteurs, spies and thieves are expanding their computer attacks against a vulnerable American internet infrastructure, chipping away at U.S. wealth and security over time, Clapper said.

Russia ‘was behind German parliament hack’

BBC: Germany’s domestic intelligence agency has accused Russia of being behind a series of cyber attacks on German state computer systems.

The BfV said a hacker group thought to work for the Russian state had attacked Germany’s parliament in 2015.

This week it emerged that hackers linked to the same group had also targeted the Christian Democratic Union party of Chancellor Angela Merkel.

Russia has yet to respond publicly to the accusations made by the BfV.

Sabotage threat

BfV head Hans-Georg Maassen said Germany was a perennial target of a hacker gang known as Sofacy/APT 28 that some other experts also believe has close links with the Russian state. This group is believed by security experts to be affiliated with the Pawn Storm group that has been accused of targeting the CDU party.

The Russian Cyber Threat: Views from Estonia

Tensions between Russia and its adversaries in the West are escalating. In recent years, Russia has undermined the security of its neighbors by violating their land borders, crossing into their airspace unannounced and harassing them above and below sea level. Less noticed or understood, however, are Moscow’s aggressive actions in cyberspace. The small Baltic country of Estonia—a global leader in digital affairs—is well-placed to shed light on the tactical and strategic aspects of Russia’s offensive computer network operations.

In fact, three civilian and intelligence agencies responsible for cyber security—the Estonian Information System Authority, Internal Security Service and Information Board—recently issued reports that help put together different pieces of the puzzle. The conclusion is that “in cyberspace, Russia is the source of the greatest threat to Estonia, the European Union and NATO.” Now policymakers on both sides of the Atlantic must decide what to do about it.

Russia has been developing and employing offensive cyber capabilities for years. Russian cyber threat groups consist of professional, highly skilled practitioners whose daily jobs are to prepare and carry out attacks. And they don’t go after low-hanging fruit; instead, they receive specific orders on which institutions to target and what kind of information is needed. Criminals, hacktivists, spies and others linked to Russian strategic interests are usually well-financed, persistent and technologically advanced. They have a wide range of tools and resources, including the ability to carry out denial-of-service attacks, develop sophisticated malware and exploit previously unknown software vulnerabilities. Russian threat actors cloak their identities by using remote servers and anonymizing services. They target everything from the mobile devices of individuals to the IT infrastructure of entire government agencies.

Often, Russian threat actors map target networks for vulnerabilities and conduct test attacks on those systems. After carrying out reconnaissance, they conduct denial-of-service attacks or try to gain user access. Common techniques include sending emails with malicious attachments, modifying websites to infect visitors with malware and spreading malware via removable media devices like USB drives. Once inside, they continue to remotely map networks, attempt to gain administrator-level access to the entire network and extract as much sensitive data as possible. Such access also lets them change or delete data if that’s what the mission requires. They’ll often go after the same targets for years to get what they need. They have the confidence that comes from perceived anonymity and impunity; if they make a mistake or fail, they’ll simply try again.

These tactical activities are carried out in pursuit of strategic objectives. In the long term, this includes undermining and, if possible, helping to dissolve the EU and NATO. Moscow also aims to foster politically divided, strategically vulnerable and economically weak societies on its periphery in order to boost its own ability to project power and influence on those countries’ decisions. Russian cyber threat actors help by stealing military, political or economic data that gives Russia advantages in what it sees as the zero-sum game of foreign relations. The exfiltrated data can be used to recruit intelligence agents or provide economic benefits to its companies. Cyber capabilities can also be used to carry out influence operations that undermine trust between the citizens and the state. Telling examples of that strategy include its multi-week distributed-denial-of-service (DDoS) attacks against Estonia in 2007, its coordinated attacks against Ukraine’s 2014 presidential elections and the false-flag operation against a French telecommunication provider in 2015.

Most worryingly, today’s intelligence operations can enable tomorrow’s military actions. Influence operations, including the use of propaganda and social media, can create confusion and dissatisfaction among the population. Denial-of-service attacks can inhibit domestic and international communication. Coordinated, plausibly deniable attacks on multiple critical national infrastructure sectors can disrupt the provision of vital services such as energy, water, or transportation. This can provide a context for the emergence of “little green men”. Malicious code can be weaponized to hinder military and law enforcement responses. Clearly, cyber capabilities have the potential to be a powerful new tool in the Kremlin’s not-so-new “hybrid warfare” toolbox. With enough resources and preparation, they can be used in attempts to cause physical destruction, loss of life and even to destabilize entire countries and alliances. Such operations could be but a decision or two away in terms of planning, and perhaps several months or years before implementation. What can be done about it?

Preventive and countermeasures exist at the personal, organizational, national and international levels. Individuals should take “cyber hygiene” seriously, since Russian threat actors target both personal and work devices. This includes employing basic security technologies, backing up data, not visiting dubious websites and not opening suspicious emails. Organizations that handle sensitive information should adopt stricter security policies, including for handling of work-related data on personal devices. Information systems managers must be especially vigilant since they are primary targets, and weak personal security on their part may compromise national security. For their part, governments must enact the basics: computer security laws, national cyber strategies, a police focus on cybercrime, national CERTs, public-private partnerships and capable intelligence agencies. They also need continuous training and exercises to keep relevant agencies prepared for their missions. Finally, global cooperation and expeditious exchange of information among cyber security firms, national computer security incident response teams (CSIRTs) and security services are key to identifying Russian attack campaigns and taking defensive countermeasures.

All such countermeasures comprise elements of a deterrence-by-denial strategy that aims to raise the cost of carrying out malicious operations. States have also undertaken diplomatic initiatives to manage the potential instability that could result from the use of weaponized code—namely confidence-building measures, norms of responsible state behavior and attempts to agree on international law. While laudable, none of these have curbed Russian cyber aggression in the short term. For example, Russia’s coordinated December 2015 attack on the Ukrainian electrical grid—highlighted in all three agencies’ reports—was clearly an attack on critical national infrastructure that violated tentative international norms signed by Russia, possibly even while the campaign was being prepared. Defensive and diplomatic countermeasures must be complemented by a cohesive strategy of deterrence-by-punishment by individual countries as well as like-minded allies.

Cyber threat actors with links to Russia (APT28/Sofacy/Pawn Storm, the Dukes/APT29, Red October/Cloud Atlas, Snake/Turla/Uroburos, Energetic Bear/DragonFly, Sandworm Team and others) target NATO members on a daily basis—mainly for espionage and influence operations. But a recent SCMagazineUK article claims that the FSB plans to spend up to $250 million per year on offensive cyber capabilities. “Particular attention is to be paid to the development and delivery of malicious programs which have the ability to destroy the command and control systems of enemy armed forces, as well as elements of critical infrastructure, including the banking system, power supply and airports of an opponent.” Clearly, we had better be prepared.