Oh, Another Incident of Chinese Industrial Espionage

There is no denying Russia is using cyber warfare against the West. Little is ever mentioned about China’s industrial espionage, something this site attempts to publish as often as possible. Further, the owner of this site participated in two key hearings today in Congress, one with former CIA Director John Brennan and the other included ODNI Dan Coats and DIA Director General Stewart.

Clearly both hearings revealed just how pervasive and common cyber warfare is at the hands of China and Russia. Here is just another example.

China’s theft of IBM’s intellectual property

A former employee of IBM pleaded guilty to theft of source code on behalf of China

Image result for Xu Jiaqiang ibm  And you think the FBI has easy work? Further, we are trusting China to deal with North Korea’s nuclear program and missile systems aimed against Western interests.

CSO: China continues to view the theft of intellectual property as a viable means of technology transfer. Global private sector entities are finding their insiders are being used by China to purloin the proprietary information for use by Chinese state-owned-enterprises or national entities with ever increasing regularity.

On 19 May 2017, Xu Jiaqiang, a PRC national, pleaded guilty to economic espionage and trade secret theft. Xu stole source code from his employer, IBM, and attempted to share it with the National Health and Family Planning Commission in the PRC.  According to the Department of Justice, Xu pleaded guilty to all six of the counts included in his indictment.

A review of Xu’s Linked-In profile shows only his employment with IBM from November 2010 through July 2014 (date is different from that which is contained in the indictment) as a “General Parallel File System Developer at IBM”

Xu was a trusted insider within IBM. According to the DOJ advisory, which contained content from both the criminal complaint and superseding indictment, Xu worked for IBM from 2010-14, with unencumbered access to the “proprietary source code.” DOJ advises, Xu voluntarily resigned from IBM in May 2014.

In late 2014, the Federal Bureau of Investigation (FBI) was informed (source unidentified) that Xu claimed to have access (unauthorized) to the source code and was using the source code in various business ventures. Undercover law enforcement officers subsequently contacted Xu to affirm Xu’s possession of the source code

The criminal complaint describes undercover officers posing as investors engaged in a multi-month email exchanges with Xu which culminated in his sharing portions of the source code as bonafides of his knowledge of “operating systems and parallel file systems.”  At that time, the victim company, IBM, identified the shared code as identical to their proprietary source code.

In late-2015, Xu had a face-to-face meeting with undercover law enforcement officers. At the meeting, Xu noted the code was his former employer’ s(IBM) code. Xu also confirmed to his interlocutors how he had purloined the code prior to his May 2014 employment separation and had made modification so as to obscure the point of origin, IBM.

In June 2016, Xu was indicted and charged with three counts of economic espionage, one count each of theft of trade secrets, possession of trade secrets, and distribution of trade secrets. He will be sentenced in October 2017.

Though IBM has declined comment to media regarding this theft of their intellectual property, reading between the lines, it would appear IBM had deduced (correctly) that Xu absconded with a copy of their GPFS proprietary source code, and was attempting to use it commercially. They then brought the theft to the attention of the FBI.

Illicit technology transfer

China has not slowed down in their acquisition of technology utilizing the access afforded to trusted insiders. The US Director of National Intelligence made it clear in his May 2017 presentation to the Senate Select Committee on Intelligence on the worldwide threat to the United States as to the threat posed by China.

In April 2017, we saw the arrest of a Dutch employee of Siemens, working within the energy arm of Siemens, charged with stealing the intellectual property of his employer and attempting to share it with China.

From the FBI perspective, this was the perfect economic espionage case. Theft of proprietary information for provision to a foreign government. The theft was from a company with an insider threat program in place and who was cooperative (providing technical expertise during the investigation), and of sufficient size to withstand any blow-back from China which may occur.

There is no need to be xenophobic. Multinational companies employee individuals from a great variety of nationalities. The reality is, few employees break trust with their employer.

That said, having your paper trail on agreements which safeguard intellectual property is mandatory. As is a review of all activities of all departing employees for break from pattern, be it a voluntary separation or for cause. If a deeper dive into the employees activities is warranted, make sure to look for any sudden increase in 403 errors – or similar (caused by attempts to access unauthorized data). Verify the complete inventory of all storage devices which the employee may have accessed, and have each returned and or data on the devices destroyed, and review email and uploads for any inappropriate usage.

Remember, though it is the FBI and DOJ success which brought Xu to our collective attention, it was not the FBI who initially discovered Xu’s intellectual property theft. The FBI pursued the lead brought to them by an unidentified third party (presumably IBM).

You are your company’s first line of defense in the protection of intellectual property, not the FBI.

U.S. is Doing ‘That’ Extreme Vetting in Australia

Remember on the campaign trail when President Trump said it was stupid to take the Syria refugees Australia was holding on a remote island that was under agreement by Barack Obama? Remember when there was a discussion between President Trump and the Prime Minister of Australia where apparently Trump hung up the phone, terminating the conversation. The Prime Minister visited the Trump White House and now all is allegedly fine between the two countries.Remember when VP Pence finally agreed to honor the deal and accept those refugees? The reason? The US. is accepting a number of those refugees.

Exclusive: U.S. starts ‘extreme vetting’ at Australia’s offshore detention centers

Reuters: U.S. Homeland Security officials have begun “extreme vetting” interviews at Australia’s offshore detention centers, two sources at the camps told Reuters on Tuesday, as Washington honors a refugee swap that U.S. President Donald Trump had called “a dumb deal”.

The Trump administration said last month the agreement to offer refuge to up to 1,250 asylum seekers in the centers would progress on condition that refugees satisfied strict checks.

In exchange, Australia has pledged to take Central American refugees from a center in Costa Rica, where the United States has expanded intake in recent years, under the deal struck with former President Barack Obama.

Image result for Papua New Guinea's Manus Island detention center DailyMail

The first security interviews finished last week at Papua New Guinea’s Manus Island detention center, two refugees who went through the process told Reuters.

The refugees told Reuters that interviews began with an oath to God to tell the truth and then proceeded for as long as six hours, with in-depth questions on associates, family, friends and any interactions with the Islamic State militant group.

Image result for Papua New Guinea's Manus Island detention center  VOANews

“They asked about why I fled my home, why I sought asylum in Australia,” said one refugee who declined to be named, fearing it could jeopardize his application for U.S. resettlement.

The security interviews are the last stage of U.S. consideration of applicants.

Manus Island is one of two Australian-operated detention centers, which hold nearly 1,300 people who were intercepted trying to reach Australia by boat.

Human rights groups have condemned the intercept policy and the harsh conditions of the camps. Australia says offshore processing is needed as a deterrent after thousands of people drowned at sea before the policy was introduced in 2013.

A decision on the fate of the first 70 people interviewed is expected to be reached within the next month, a different source who works with refugees said.

A spokesman for Australia’s immigration minister refused to comment on the resettlement process.

A U.S. State Department spokeswoman said that refugees from the Australian-run facilities will be subject to the same stringent vetting applied to all refugees who are being considered for entry to the United States.

“The United States remains deeply committed to safeguarding the American public, just as we are committed to providing refuge to some of the world’s most vulnerable people. These goals are not mutually exclusive,” she said.

The White House did not immediately respond to questions.

U.S. President Donald Trump’s plans for extreme vetting have extended to those traveling to the United States from Muslim countries.

Australia’s relationship with the new administration in Washington got off to a rocky start when Trump lambasted Australian Prime Minister Malcolm Turnbull over the resettlement arrangement, which Trump labeled a “dumb deal”.

Details of an acrimonious phone call between the pair soon after Trump took office made headlines around the world. Australia is one of Washington’s staunchest allies and has sent troops to fight alongside the U.S. military in conflicts in Iraq and Afghanistan.

The relocation of asylum seekers to the United States is designed to help Papua New Guinea and Australia proceed with the planned closure of the Manus detention center on Oct. 31.

But the fate of approximately 200 men deemed non-refugees is uncertain.

Those not offered resettlement in the United States will be offered the chance to settle in Papua New Guinea or return home.

Australia has already offered detainees up to $25,000 to voluntarily return home; an offer very few have taken up.

United Healthcare and the Billion Dollar Fraud

Image result for medicare

Primer:

The FBI is the primary agency for exposing and investigating health care fraud, with jurisdiction over both federal and private insurance programs. Health care fraud investigations are considered a high priority within the Complex Financial Crime Program, and each of the FBI’s 56 field offices has personnel assigned specifically to investigate health care fraud matters. Our field offices proactively target fraud through coordinated initiatives, task forces and strike teams, and undercover operations.

The Bureau seeks to identify and pursue investigations against the most egregious offenders involved in health care fraud through investigative partnerships with other federal agencies, such as Health and Human Services-Office of Inspector General (HHS-OIG), Food and Drug Administration (FDA), Drug Enforcement Administration (DEA), Defense Criminal Investigative Service (DCIS), Office of Personnel Management-Office of Inspector General (OPM-OIG), and Internal Revenue Service-Criminal Investigation (IRS-CI), along with various state Medicaid Fraud Control Units and other state and local agencies. On the private side, the FBI is actively involved in the Healthcare Fraud Prevention Partnership, an effort to exchange facts and information between the public and private sectors in order to reduce the prevalence of health care fraud. The Bureau also maintains significant liaison with private insurance national groups, such as the National Health Care Anti-Fraud Association, the National Insurance Crime Bureau, and private insurance investigative units.

UnitedHealth fudged Medicare claims, overbilled by $1 billion, feds say

Company denies wrongdoing, claims Justice Department ‘fundamentally misunderstands’ how Medicare Advantage program works

This story is a collaboration between Kaiser Health News and the Center for Public Integrity.

The Justice Department has accused insurance giant  UnitedHealth Group of overcharging the federal government by more than $1 billion through its Medicare Advantage plans.

In a 79-page lawsuit filed late Tuesday in Los Angeles, the Justice Department alleged that the insurer made patients appear sicker than they actually were in order to collect higher Medicare payments than the company deserved. The government said it had “conservatively estimated” that the company “knowingly and improperly avoided repaying Medicare” for more than a billion dollars over the course of the alleged decade-long scheme.

“To ensure that the program remains viable for all beneficiaries, the Justice Department remains tireless in its pursuit of Medicare fraud perpetrated by health care providers and insurers,” said acting U.S. Attorney Sandra R. Brown for the Central District of California, in a statement announcing the suit. “The primary goal of publicly funded healthcare programs like Medicare is to provide high-quality medical services to those in need — not to line the pockets of participants willing to abuse the system.”

UnitedHealth denied the allegations.

Tuesday’s filing marks the second time that the Justice Department has intervened to support a whistleblower suing UnitedHealth under the federal False Claims Act. Earlier this month, the government joined a similar case brought by California whistleblower James Swoben in 2009. Swoben, a medical data consultant, also alleges that UnitedHealth overbilled Medicare.

The case that the feds effectively joined on Tuesday was first filed in 2011 by Benjamin Poehling, a former finance director for the UnitedHealth division that oversees Medicare Advantage Plans. Under the False Claims Act, private parties can sue on behalf of the federal government and receive a share of any money recovered.

UnitedHealth is the nation’s biggest operator of Medicare Advantage plans, covering about 3.6 million patients in 2016, when Medicare paid the company $56 billion, according to the complaint.

Medicare Advantage plans are private insurance plans offered as an alternative to Medicare’s traditional fee-for-service option.

Medicare pays the private health plans using a complex formula called a risk score, which is supposed to pay higher rates for sicker patients than for those in good health. But waste and overspending tied to inflated risk scores has repeatedly been cited by government auditors, including the Government Accountability Office. A series of articles published in 2014 by the Center for Public Integrity concluded that improper payments linked to jacked-up risk scores have cost taxpayers tens of billions of dollars.

Tuesday’s court filing argues that UnitedHealth repeatedly ignored findings from its own auditors that risk scores were often inflated, as well as warnings by officials from the Centers for Medicare & Medicaid Services (CMS) that the firm was responsible for ensuring the billings it submitted were accurate.

UnitedHealth argued that it had done nothing wrong, and said it would aggressively contest the case.

“We are confident our company and our employees complied with the government’s Medicare Advantage program rules, and we have been transparent with CMS about our approach under its unclear policies,” UnitedHealth spokesman Matt Burns said in a statement.

Burns went on to say that the Justice Department “fundamentally misunderstands or is deliberately ignoring how the Medicare Advantage program works. We reject these claims and will contest them vigorously.”

A spokesman for CMS, which has recently faced congressional criticism for lax oversight of the program, declined comment.

Central to the government’s case is UnitedHealth’s aggressive effort, starting in 2005, to review millions of patient records to search for missed revenue. These reviews often uncovered payment errors, sometimes too much and sometimes too little. The Justice Department contends that UnitedHealth typically notified Medicare only when it was owed money.

UnitedHealth “turned a blind eye to the negative results of those reviews showing hundreds of thousands of unsupported diagnoses that it had previously submitted to Medicare,” according to the suit.

Justice lawyers also argue that UnitedHealth executives knew as far back as 2007 that they could not produce medical records to validate about one in three medical conditions Medicare paid UnitedHealth’s California plans to cover. In 2009, federal auditors found about half the diagnoses were invalid at one of its plans.

The lawsuit cites more than a dozen examples of undocumented medical conditions, from chronic hepatitis to spinal cord injuries. At one medical group, auditors reviewed records of 126 patients diagnosed with spinal injuries. Only two were verified, according to the complaint.

The Justice Department contends that invalid diagnoses can cause huge losses to Medicare. For instance, UnitedHealth allegedly failed to notify the government of at least 100,000 diagnoses it knew were unsupported based on reviews in 2011 and 2012. Those cases alone generated $190 million in overpayments, according to the suit.

While Medicare Advantage has grown in popularity and now treats nearly 1 in 3 elderly and disabled Medicare patients, its inner workings have remained largely opaque.

CMS officials for years have refused to make public financial audits of Medicare Advantage insurers, even as they have released similar reviews of payments made to doctors, hospitals and other medical suppliers participating in traditional Medicare.

But Medicare Advantage audits obtained by the Center for Public Integrity through a court order in a Freedom of Information Act lawsuit show that payment errors — typically overpayments — are common.

All but two of 37 Medicare Advantage plans examined in a 2007 audit were overpaid — often by thousands of dollars per patient. Overall, just 60 percent of the medical conditions health plans were paid to cover could be verified. The 2007 audits are the only ones that have been made public.

CMS officials are conducting more of these audits, called Risk Adjustment Data Validation, or RADV. But results are years overdue.

Moscow’s Igor Sergun: Cong. Rohrabacher to your ‘Like Button’

One part of this Moscow mess began in 2012, when the FBI held a private session with Congressman Dana Rohrahacher, (CA), Mike Rogers, Michigan, and according to one former official, Representative C. A. Dutch Ruppersberger, telling them they were the targets of Russian influence and possible targets of recruiting.

Of note, Igor Sergun died in January of 2016, but his operations were already underway.

Image result for igor sergun

Sergun is credited as an important figure in the renaissance of the GRU, which had suffered deep staff and budget cuts prior to his arrival. Under Sergun, the agency regained political power within the Russian government as well as control over the Spetsnaz special forces, making it “crucial in the seizure of Crimea and operations in the Donbas,” as well as “as the lead agency for dealing with violent non-state actors.”

Perhaps the United States should take a hard look at the actions Ukraine has taken regarding Russian intrusion.

Poroshenko this week ordered Ukrainian Internet providers to block Vkontakte and Odnoclassniki. The sites are similar to Facebook and are two of the most popular social networking sites in the former Soviet space.

More than 25 million Ukrainians, in a country of about 43 million people, use the Russian sites to connect with friends, join groups and use the online messaging systems.

Poroshenko said the new restrictions were necessary to further protect Ukraine from Kremlin hybrid warfare, including disinformation campaigns, propaganda and military attacks. The two neighbors and former Soviet republics have been embroiled in a brutal, three-year war that has killed more than 10,000 people and displaced about 1.7 million eastern Ukrainians.

Supporters of the ban said it would also protect Ukrainians from the Russian security services’ ability to monitor and gather metadata from the sites’ users. Ukrainian government officials said the sites are closely monitored by Russia’s FSB, the successor agency to the KGB. More here from LATimes.

One must take the time to see the evidence the domestic intelligence agencies and private cyber companies along with data analysis experts are uncovering and studying. Further, since we citizens cannot attend meetings, some in classified settings that are held in Congress and we don’t get any information from the investigations, there are some interviews with professionals that are sounding the alarm bells.

Are you sick of Russia and hearing about Putin? Sure you are, but so is our government and other global leaders, rightly so. You are going to have to understand some facts and buckle in….there is more to come. Until the United States crafts a policy, decides on responses and pass legislation, Russia has nothing to stop their actions. What actions?

In part from Time: On March 2, a disturbing report hit the desks of U.S. counterintelligence officials in Washington. For months, American spy hunters had scrambled to uncover details of Russia’s influence operation against the 2016 presidential election. In offices in both D.C. and suburban Virginia, they had created massive wall charts to track the different players in Russia’s multipronged scheme. But the report in early March was something new.

It described how Russia had already moved on from the rudimentary email hacks against politicians it had used in 2016. Now the Russians were running a more sophisticated hack on Twitter. The report said the Russians had sent expertly tailored messages carrying malware to more than 10,000 Twitter users in the Defense Department. Depending on the interests of the targets, the messages offered links to stories on recent sporting events or the Oscars, which had taken place the previous weekend. When clicked, the links took users to a Russian-controlled server that downloaded a program allowing Moscow’s hackers to take control of the victim’s phone or computer–and Twitter account.

As they scrambled to contain the damage from the hack and regain control of any compromised devices, the spy hunters realized they faced a new kind of threat. In 2016, Russia had used thousands of covert human agents and robot computer programs to spread disinformation referencing the stolen campaign emails of Hillary Clinton, amplifying their effect. Now counterintelligence officials wondered: What chaos could Moscow unleash with thousands of Twitter handles that spoke in real time with the authority of the armed forces of the United States? At any given moment, perhaps during a natural disaster or a terrorist attack, Pentagon Twitter accounts might send out false information. As each tweet corroborated another, and covert Russian agents amplified the messages even further afield, the result could be panic and confusion.

***

Americans generate a vast trove of data on what they think and how they respond to ideas and arguments–literally thousands of expressions of belief every second on Twitter, Facebook, Reddit and Google. All of those digitized convictions are collected and stored, and much of that data is available commercially to anyone with sufficient computing power to take advantage of it.

That’s where the algorithms come in. American researchers have found they can use mathematical formulas to segment huge populations into thousands of subgroups according to defining characteristics like religion and political beliefs or taste in TV shows and music. Other algorithms can determine those groups’ hot-button issues and identify “followers” among them, pinpointing those most susceptible to suggestion. Propagandists can then manually craft messages to influence them, deploying covert provocateurs, either humans or automated computer programs known as bots, in hopes of altering their behavior.

That is what Moscow is doing, more than a dozen senior intelligence officials and others investigating Russia’s influence operations tell TIME. The Russians “target you and see what you like, what you click on, and see if you’re sympathetic or not sympathetic,” says a senior intelligence official. Whether and how much they have actually been able to change Americans’ behavior is hard to say. But as they have investigated the Russian 2016 operation, intelligence and other officials have found that Moscow has developed sophisticated tactics.

In May 2016, a Russian military intelligence officer bragged to a colleague that his organization, known as the GRU, was getting ready to pay Clinton back for what President Vladimir Putin believed was an influence operation she had run against him five years earlier as Secretary of State. The GRU, he said, was going to cause chaos in the upcoming U.S. election.

What the officer didn’t know, senior intelligence officials tell TIME, was that U.S. spies were listening. They wrote up the conversation and sent it back to analysts at headquarters, who turned it from raw intelligence into an official report and circulated it. But if the officer’s boast seems like a red flag now, at the time U.S. officials didn’t know what to make of it. “We didn’t really understand the context of it until much later,” says the senior intelligence official. Investigators now realize that the officer’s boast was the first indication U.S. spies had from their sources that Russia wasn’t just hacking email accounts to collect intelligence but was also considering interfering in the vote. Like much of America, many in the U.S. government hadn’t imagined the kind of influence operation that Russia was preparing to unleash on the 2016 election. Fewer still realized it had been five years in the making.

Putin publicly accused then Secretary of State Clinton of running a massive influence operation against his country, saying she had sent “a signal” to protesters and that the State Department had actively worked to fuel the protests. The State Department said it had just funded pro-democracy organizations. Former officials say any such operations–in Russia or elsewhere–would require a special intelligence finding by the President and that Barack Obama was not likely to have issued one.

After his re-election the following year, Putin dispatched his newly installed head of military intelligence, Igor Sergun, to begin repurposing cyberweapons previously used for psychological operations in war zones for use in electioneering. Russian intelligence agencies funded “troll farms,” botnet spamming operations and fake news outlets as part of an expanding focus on psychological operations in cyberspace.

One particularly talented Russian programmer who had worked with social media researchers in the U.S. for 10 years had returned to Moscow and brought with him a trove of algorithms that could be used in influence operations. He was promptly hired by those working for Russian intelligence services, senior intelligence officials tell TIME. “The engineer who built them the algorithms is U.S.-trained,” says the senior intelligence official.

Soon, Putin was aiming his new weapons at the U.S. Following Moscow’s April 2014 invasion of Ukraine, the U.S. considered sanctions that would block the export of drilling and fracking technologies to Russia, putting out of reach some $8.2 trillion in oil reserves that could not be tapped without U.S. technology. As they watched Moscow’s intelligence operations in the U.S., American spy hunters saw Russian agents applying their new social media tactics on key aides to members of Congress. Moscow’s agents broadcast material on social media and watched how targets responded in an attempt to find those who might support their cause, the senior intelligence official tells TIME. “The Russians started using it on the Hill with staffers,” the official says, “to see who is more susceptible to continue this program [and] to see who would be more favorable to what they want to do.”

Finish reading this remarkable report here. There is much more detail, including cyber operations, candidates, analysis and concocted political scandals. If one wonders why there is yet no evidence presented yet by the FBI and what the members of Congress are told, you now have a clue. This investigative process is a very long one and attributions as well as analysis is cumbersome and heavy on expert resources.

 

 

 

Anthony Weiner Pled Guilty, Wont Appeal Sentence

It could be Anthony Weiner, the now estranged husband of Huma Abedin, Hillary’s long time aid, will serve at least 21 months. He will likely have to register as a sex offender.

Weiner stood in a suit in federal court in Manhattan, sobbing as he described how he met a stranger online he “knew to be 15 years old.” Weiner is set to be sentenced Sept. 8. Weiner’s lawyers negotiated with federal prosecutors to avoid child pornography charges.

The charge file is here.

Image result for anthony weiner in court DailyBeast

Anthony Weiner Pleads Guilty In Manhattan Federal Court To Transferring Obscene Material To A Minor

Joon H. Kim, the Acting United States Attorney for the Southern District of New York and William F. Sweeney Jr., the Assistant Director-in-Charge of the New York Office of the Federal Bureau of Investigation (“FBI”) announced that ANTHONY WEINER was charged with, and pled guilty to, transferring obscene material to a minor.  WEINER surrendered to the FBI in New York this morning, pled guilty before United States District Judge Loretta A. Preska, and was released on bail pending sentencing.  Sentencing has been scheduled for September 8, 2017, at 11 a.m.

Acting Manhattan U.S. Attorney Joon H. Kim said: “Today, former Congressman Anthony Weiner admitted and pled guilty to sending sexually explicit images and directions to engage in sexual conduct to a girl he knew to be 15 years old. Weiner’s conduct was not only reprehensible, but a federal crime, one for which he is now convicted and will be sentenced. We thank the FBI and the NYPD for their work in this investigation.”

FBI Assistant Director in Charge William F. Sweeney Jr. said: “We work every day in the FBI and law enforcement to stop adults from preying on vulnerable children. Our partnership with the NYPD cannot be stressed enough in this case, and we would like to thank the Special Victims Unit for all the work and effort they put into this investigation.”

According to the Information filed in Manhattan federal court today and statements made in Court during today’s plea proceeding, between in or about January and March 2016, WEINER used online messaging and video chat applications to communicate with a minor girl he knew to be 15 years old (the “Minor Victim”).  In the course of those communications, WEINER transferred obscene material to the Minor Victim, including directions to engage in sexual conduct and sexually explicit images.

*                *                *

WEINER, 52, of New York, New York, has pled guilty to one count of transferring obscenity to a minor, which carries a maximum sentence of 10 years in prison.  The maximum potential sentence is prescribed by Congress and is provided here for informational purposes only, as any sentencing of the defendant will be determined by the Judge.

Mr. Kim praised the investigative work of the Federal Bureau of Investigation and the Special Victims Division of the New York City Police Department.

The case is being handled by the Office’s General Crimes unit.  Assistant United States Attorneys Amanda Kramer and Stephanie Lake are in charge of the prosecution.