Category Archives: FBI

Tech Companies Filed Amicus Brief, Supports Foreign Workers

Posted on by

Amicus Brief Tech companies This is an employment epidemic across the nation where companies sponsor foreign national for domestic jobs, leaving thousands to train their replacements. We have not addresses how many could be purposely placed for industrial espionage.

Related reading: China’s Best Method of Industrial Espionage

***

Apple, Google, Microsoft pile in: 97 US tech firms file brief against Trump’s travel ban

In part from ZDNet: Immigrants or their children founded 200 US companies that generate $4.2 trillion in annual revenues, the brief highlights, among them Apple, AT&T, and Google, as well as Ford, General Electric, McDonald’s, Boeing, and Disney.

“Businesses and employees have little incentive to go through the laborious process of sponsoring or obtaining a visa, and relocating to the United States, if an employee may be unexpectedly halted at the border.

“Skilled individuals will not wish to immigrate to the country if they may be cut off without warning from their spouses, grandparents, relatives, and friends. They will not pull up roots, incur significant economic risk, and subject their family to considerable uncertainty to immigrate to the United States in the face of this instability.” Full article here.

***

The H1-B visa program has a cap to the number allowed to be issued. It is a visa program that needs more scrutiny by Congress for the sake of American employees. There have been abuses to the program and further companies like Disney hire foreign nationals to replaced domestic employees driving down the salary costs.

Janet Napolitano, the former Secretary of the Department of Homeland security and now the president of the University of California system knows it all so well and how to work the system.

In part from the LATimes: Using a visa loophole to fire well-paid U.S. information technology workers and replace them with low-paid immigrants from India is despicable enough when it’s done by profit-making companies such as Southern California Edison and Walt Disney Co.

But the latest employer to try this stunt sets a new mark in what might be termed “job laundering.” It’s the University of California. Experts in the abuse of so-called H-1B visas say UC is the first public university to send the jobs of American IT staff offshore. That’s not a distinction UC should wear proudly. Full op-ed here.

*** One of 5 huge examples beyond California is:

Pfizer Connecticut R&D

In 2008, workers at pharmaceutical giant Pfizer’s New London and Groton (Connecticut) research and development campus raised the alarm: They were being replaced by Indian workers on H-1B visas and forced to train their replacements. Those outsourced workers were scheduled to return to India, where they will run the same systems as their U.S. counterparts, albeit at a cheaper rate and with diminished benefits. The move was part of an outsourcing agreement signed in 2005 between Pfizer, Infosys Technologies and Satyam Computer Services. More here.

***

A 100 page Joint Venture report for tech companies includes the following text:

Foreign-Born Residents

Silicon Valley has an extraordinarily large share of residents who are foreign born (37.4%, compared to California, 27.1%, or the United States, 13.3%). This population share increases to 50% for the employed, core working age population (ages 25-44), and even higher for certain occupational groups. For instance, nearly 74% of all Silicon Valley employed Computer and Mathematical workers ages 25-44 in 2014 were foreign-born. Correspondingly, the region also has an incredibly large share of foreign-language speakers, with 51% of Silicon Valley’s population over age five speaking a language other than exclusively English at home (compared to 43% in San Francisco, 44% in California, and 21% in the United States as a whole). This majority share in 2014 was up from 49% in 2011.

*** The Senate held a hearing in 2015 with a few former employees that were forced to train their foreign replacements. Many of these employees are paid a severance package but it also includes a major stipulation to remain mute on the topic as noted below:

My former company, a large utility company, replaced 220 American IT workers with H-1Bs…we would have to train them in order to receive our severance packages. This was one of the most humiliating situations that I have ever been in as an IT professional.

The whole IT department was going through the same fate as myself. Those were the longest and hardest five months of my life. Not only did I lose a work family, but I lost my job and my self-esteem. We had constant emails sent by HR that we could not talk about this situation to anyone or make posts to social media. If we did, we would be fired immediately and not get our severance. Read the full article here.

 

FY SCAAP 2016: Criminal Aliens $189,008,372.00

Posted on by

A faithful reader of this website, reached out to me and asked for an update on a previous post. Hat tip for this great reminder. Grrr….when looking at the dollars, it has hard not to jump and down in frustration.

With a little effort in research, the last time the Government Accountability Office did any estimate to the cost of the U.S. economy for all things illegal/immigration related was 2011.

Image result for criminal aliene detention

The cost at the State level fluctuates based on deportations and beds available. The Federal government out of the Justice Department helps pay respective states for the costs of alien incarceration. It must be understood that aliens come from hundreds of countries and since there are some countries that allegedly refuse to take back their citizens by deportation, at least the Justice Department should work all the diplomatic channels that the home countries of the criminals should pay up for all expenses and associated future costs.

Three groups of criminal aliens can be distinguished.

All criminal aliens include both unauthorized aliens, most of whom are potentially removable, and legal aliens10 who may or may not be removable depending on specific crimes committed. This population contains the set of criminal aliens who are removable on the basis of specific crimes committed.

Criminal aliens who have been convicted of removable criminal offenses are subject to removal under the Immigration and Nationality Act (INA) even if they are otherwise legally present.11 For example, a legal permanent resident (LPR) convicted of cocaine possession is subject to removal,12 but an LPR convicted of public intoxication is not. This population also includes aggravated felons.

Criminal aliens who have been convicted of aggravated felonies13 are ineligible for most forms of relief from removal14 and are ineligible to be readmitted to the United States.15

As noted above, all three of these subpopulations—criminal aliens, removable criminal aliens, and aggravated felons—comprise an unknown mix of legally present noncitizens and unauthorized aliens.

State by state and listed by country, click here for what the Bureau of Justice released for FY 2016.

SCAAP Overview

The Bureau of Justice Assistance (BJA), Office of Justice Programs, U.S. Department of Justice, administers SCAAP, in conjunction with the U.S. Department of Homeland Security (DHS). SCAAP provides federal payments to states and localities that incurred correctional officer salary costs for incarcerating undocumented criminal aliens who have at least one felony or two misdemeanor convictions for violations of state or local law, and who are incarcerated for at least 4 consecutive days during the reporting period.

SCAAP Legislative Authority

SCAAP is governed by Section 241(i) of the Immigration and Nationality Act, 8 U.S.C. § 1231(i), as amended, and Title II, Subtitle C, Section 20301, Violent Crime Control and Law Enforcement Act of 1994, Pub. L. 103-322. In general terms, if a chief executive officer of a state or a political subdivision exercises authority over the incarceration of undocumented criminal aliens and submits a written request to the U.S. Attorney General, the Attorney General may provide compensation to that jurisdiction for those incarceration costs. SCAAP is subject to additional terms and conditions of yearly congressional appropriations.

***

Related reading: OFFICE OF JUSTICE PROGRAMS

ADDITIONAL GUIDANCE REGARDING COMPLIANCE WITH 8 U.S.C. § 1373

****

Just a view from the State of Texas for aliens that are not being detained or incarcerated as noted in a report from 2013:

In part from FAIRUS.org: In 2013, illegal immigration cost Texas taxpayers about $12.1 billion annually. That amounts to more than $1,197 for every Texas household headed by a native-born or naturalized U.S. citizen. The taxes paid by illegal aliens — estimated at $1.27 billion per year — do not come close to paying for those outlays, but we include an estimate of revenue from sales taxes, property taxes, alcohol taxes, and cigarette taxes.

Examining Texas’s fiscal outlays from the perspective of the current debate over adopting an amnesty for illegal aliens, we find that the fiscal burden to taxpayers would not be significantly lessened even if an amnesty like that proposed in the Senate’s S.744 were enacted. In fact, it becomes clear that the only way to significantly reduce the fiscal burden is to reduce the size of the population that illegally entered the country. State and local policymakers have options available to accomplish that objective. In Arizona, efforts to discourage the arrival of additional illegal residents and to hold employers accountable for knowingly hiring illegal workers have been effective in reducing the illegal alien population and, thereby, the fiscal costs associated with that population.

 

Trump Signs New Sanctions on Iran

Posted on by

For more information on Iran sanctions, go here.

Image result for iran sanctions

U.S. Treasury Department Announces New Sanctions On Iran

 

NPR: The U.S. Treasury Department announced additional sanctions on Iran on Friday, less than a week after a ballistic missile test prompted the Trump administration to accuse Iran of violating an international a weapons agreement.

The newly announced sanctions target people and businesses the U.S. government says support Iran’s ballistic missile program and its Islamic Revolutionary Guard Corps-Quds Force, according to a Treasury Department statement. They are in line with previous sanctions, implemented over what then-President Barack Obama called Iran’s “violations of human rights, for its support of terrorism and for its ballistic missile program.”

The acting director of the Treasury unit in charge of sanctions, John Smith, said the latest sanctions do not violate the international nuclear deal reached with Iran in 2015, which required Iran to scale back its nuclear program in exchange for the lifting of some economic sanctions.

A top Treasury Department official tells NPR’s Michele Kelemen that the actions are part of the U.S. efforts to counter Iranian “malign activity abroad.”

The public text of the sanctions lists 12 companies and 13 individuals, blocking assets and prohibiting U.S. citizens from dealing with them. Among the individuals, four are listed as Iranian citizens, two are Lebanese, one is Chinese, and one holds a passport from the island nation of St. Kitts and Nevis. It also announced changes to previous, unrelated sanctions on a 14th individual.

The businesses are based both inside and outside Iran.

According to the Treasury Department, the sanctions target:

“several networks and supporters of Iran’s ballistic missile procurement, including a critical Iranian procurement agent and eight individuals and entities in his Iran- and China-based network, an Iranian procurement company and its Gulf-based network, and five individuals and entities that are part of an Iran-based procurement network.”

Hours before the sanctions were announced, President Trump addressed Iran in a tweet, writing, “Iran is playing with fire — they don’t appreciate how ‘kind’ President Obama was to them. Not me!”

Iran’s foreign minister, Mohammad Javad Zarif, tweeted an hour later that “we will never use our weapons against anyone, except in self-defense.”

***

We will never use our weapons against anyone, except in self-defense. Let us see if any of those who complain can make the same statement.

Both U.S. and Iranian officials weighed in on whether Sunday’s missile test broke the terms of the nuclear deal.

Acting State Department spokesman Mark Toner told The Associated Press on Monday that the U.S. was looking into whether the test violated a 2015 side agreement to the nuclear accord, and that the U.S. would “hold Iran accountable” if it did.

Zarif said Tuesday, that “the missile issue is not part of the nuclear deal.”

National Security Adviser Mike Flynn said a day later that former President Barack Obama had gone too easy on Iran, but that “as of today, we are officially putting Iran on notice.”

Flynn also listed the administration’s grievances with Tehran, including its test of a ballistic missile and what he said were attacks by proxy forces in Yemen on U.S. and Middle Eastern ships, as we reported.

One of the incidents he appeared to be referring to occurred in October 2016, when U.S. Navy ships off Yemen’s southwestern coast came under missile attacks twice in four days.

According to the Pentagon, the missiles came from an area controlled by Houthi forces, who are fighting against the government of Yemen and who the U.S. government says are backed by the Iranian government, which is supplying weapons to the rebel group.

But it was unclear who ordered October’s missile launches, as NPR’s Philip Ewing reported. Houthi leaders denied the attacks, and Tehran has denied U.S. accusations that Iran is supporting Houthi forces. Nonetheless, the U.S. carried out airstrikes against what the Pentagon said were radar installations in Houthi-controlled areas.

In December, Congress extended U.S. sanctions against Iran originally imposed in 1996 until 2026.

Homeland Security Protection Measures on the Move

Posted on by

These legislative actions have long been sitting on desk tops waiting for the right moment to introduce and pass, now over to the Senate. When fully passed, it will be a great launch of additional security for the new DHS Secretary, John Kelly.

House Passes 17 Sweeping Bipartisan Bills to Enhance Homeland Security

Assuring that the “House Committee on Homeland Security continues its efforts to shield the homeland and protect Americans right out of the gate in the 115th Congress,” committee chairman Michael McCaul’s (R-TX) office said Tuesday “the House passed 17 Committee bills that touch on a wide array of homeland security issues—from the security of our border, transportation and cyber networks, to counterterrorism, first responder capabilities and ensuring the Department of Homeland Security [DHS] runs efficiently.

“The 17 bills that passed the House today are all unified in their purpose to better protect our homeland and our people,” McCaul said in a statement, noting, “These bills improve our border security, transportation security and cybersecurity defenses, enhance first responder capabilities and streamline the management efficiency of [DHS]. My committee is working to get common sense legislation signed into law as soon as possible and make our country safer by doing so.”

Six of the bills passed Tuesday were sponsored by Democrats, Rep. Bennie G. Thompson (D-MS), ranking member of the House Committee on Homeland Security, pointed out.

Thompson said his legislation, the “Department of Homeland Security Clearance Management and Administration Act … which previously passed the House in 2015, makes specific reforms in how DHS identifies positions that warrant clearances, how it investigates and homeland security manages its security clearance processes. Specifically, it addresses dates for clearances, and how it administers its adjudications, denials, suspensions, revocations and appeals processes.”

“This legislation … seeks to improve how DHS manages its clearance process at all stages—from decisions on whether to designate positions as requiring clearances to ensuring uniformity in how clearances are adjudicated, suspended, denied and revoked. My bill will make DHS a leader among federal agencies with respect to security clearance and position designations practices. It is critical we put DHS on a path to right-sizing the number of classified positions in its workforce. I thank my colleagues for supporting it and urge the Senate to recognize the necessity to pass this legislation.”

The 17 passed by the full House include:

The DHS Acquisition Documentation Integrity Act of 2017, introduced by Rep. Bonnie Watson Coleman (D-NJ). It would require the DHS Secretary to request component heads to maintain specific types of acquisition documentation.

The DHS Stop Asset and Vehicle Excess (SAVE) Act, introduced by Rep. Scott Perry (R-PA), would direct the Under Secretary for Management of the Department of Homeland Security to make certain improvements in managing DHS’s vehicle fleet.

The Medical Preparedness Allowable Use Act, introduced by Rep. Gus Bilirakis (R-FL), would amend the Homeland Security Act of 2002 to codify authority under existing grant guidance authorizing the use of Urban Area Security Initiative and State Homeland Security Grant Program funding for enhancing medical preparedness, medical surge capacity and mass prophylaxis capabilities.

The Border Security Technology Accountability Act of 2017, introduced by Rep. Martha McSally (R-AZ), would strengthen accountability for deployment of border security technology at DHS and for other purposes.

The Counterterrorism Advisory Board Act of 2017, introduced by Rep. John Katko (R-NY), would establish a board in the Department of Homeland Security to coordinate and integrate departmental intelligence, activities, and policy related to counterterrorism.

The Transit Security Grant Program Flexibility Act, introduced by Rep. Dan Donovan (R-NY), would clarify certain allowable uses of funds for public transportation security assistance grants and establish periods of performance for such grants, and for other purposes.

The Cyber Preparedness Act of 2017, introduced by Rep. Dan Donovan (R-NY), would enhance preparedness and response capabilities for cyberattacks and bolsters the sharing of information related to cyber threats.

The United States-Israel Cybersecurity Cooperation Enhancement Act of 2017, introduced by Rep. James Langevin (D-RI), would establish a grant program at DHS to promote cooperative research and development between the United States and Israel on cybersecurity.

The Fusion Center Enhancement Act of 2017, introduced by Rep. Lou Barletta (R-PA), would enhance the partnership between DHS and the National Network of Fusion Centers.

The Securing the Cities Act of 2017, introduced by Rep. Dan Donovan (R-NY) would establish the Securing the Cities program, which will enhance the ability of the United States to detect and prevent terrorist attacks and other high consequence events utilizing nuclear or other radiological materials that pose a high risk to homeland security in high-risk urban areas.

The Airport Perimeter and Access Control Security Act, introduced by Rep. William Keating (D-MA), would require the Transportation Security Administration to update risk assessments at airports—specifically along airport perimeters and points of access to secure areas—and report to Congress strategic plans to increase security measures.

The Department of Homeland Security Insider Threat and Mitigation Act of 2017, introduced by Rep. Peter King (R-NY), would require the DHS Secretary to establish an insider threat program within the department.

The CBRN Intelligence and Information Sharing Act of 2017, introduced by Rep. Martha McSally (R-AZ), would amend the Homeland Security Act of 2002 to establish chemical, biological, radiological and nuclear intelligence and information sharing functions of DHS’s Office of Intelligence and Analysis and to require dissemination of information analyzed by the department to entities with responsibilities relating to homeland security.

The Department of Homeland Security Support to Fusion Centers Act of 2017, introduced by Rep. Martha McSally (R-AZ), would require an assessment of fusion center personnel needs.

The First Responder Access to Innovative Technologies Act, introduced by Rep. Donald Payne Jr. (D-NJ), reported this week by Homeland Security Today, would direct FEMA to develop a uniform process for reviewing grant applications seeking to purchase equipment or systems that do not meet or exceed applicable national voluntary consensus standards using funds from the Urban Area Security Initiative or the State Homeland Security Grant Program.

The Gains in Global Nuclear Detection Architecture Act, introduced by Rep. Cedric Richmond (D-LA), would direct DHS’s Domestic Nuclear Detection Office (DNDO) to develop and maintain documentation that provides information on how the Office’s research investments align with gaps in the Global Nuclear Detection Architecture and the research challenges identified by the DNDO Director.

The Department of Homeland Security Clearance Management and Administration Act, introduced by Rep. Bennie Thompson (D-MS), would improve the management and administration of the security clearance processes throughout DHS.

The House also passed the First Responder Identification of Emergency Needs in Disaster Situations Act sponsored by Rep. Sheila Jackson Lee (D-TX).

*** When it comes to cyber and cyber protections, things are not so rosy.

The extent to which the Department of Homeland Security’s (DHS) National Cybersecurity and Communications Integration Center (NCCIC) has taken steps to perform each of its 11 statutorily required cybersecurity functions — such as being a federal civilian interface for sharing cybersecurity-related information with federal and nonfederal entities — the degree to which the center has adhered to the 9 principles required by the National Cybersecurity Protection Act of 2014 to perform its cybersecurity functions “is unclear because the center has not yet determined the applicability of the principles to all 11 functions, or established metrics and methods by which to evaluate its performance against the principles,” according to new Government Accountability Office (GAO) audit report.

NCCIC manages programs that provide data used in developing 43 products and services in support of its functions, including monitoring network traffic entering and exiting federal agency networks, and analyzing computer network vulnerabilities and threats. NCCIC products and services also are provided to its customers in the private sector; federal, state, local, tribal and territorial government entities; and other partner organizations. For example, NCCIC issues indicator bulletins, which can contain information related to cyber threat indicators, defensive measures and cybersecurity risks and incidents, and help to fulfill its function to coordinate the sharing of such information across the government.

GAO reported it “identified instances where NCCIC had implemented its functions in accordance with one or more of the principles. For example, consistent with the principle that it seek and receive appropriate consideration from industry sector-specific, academic, and national laboratory expertise, NCCIC coordinated with contacts from industry, academia and the national laboratories to develop and disseminate vulnerability alerts.”

But, “On the other hand,” GAO said it “also identified instances where the cybersecurity functions were not performed in accordance with the principles. For example, NCCIC is to provide timely technical assistance, risk management support and incident response capabilities to federal and nonfederal entities; however, it had not established measures or other procedures for ensuring the timeliness of these assessments. Until NCCIC determines the applicability of the principles to its functions and develops metrics and methods to evaluate its performance against the principles, the center cannot ensure that it is effectively meeting its statutory requirements.”

GAO said it further “identified factors that impede NCCIC’s ability to more efficiently perform several of its cybersecurity functions. For example, NCCIC officials were unable to completely track and consolidate cyber incidents reported to the center, thereby inhibiting its ability to coordinate the sharing of information across the government. Similarly, NCCIC may not have ready access to the current contact information for all owners and operators of the most critical cyber-dependent infrastructure assets. This lack could impede timely communication with them in the event of a cyber incident.”

GAO warned that, “Until NCCIC takes steps to overcome these impediments, it may not be able to efficiently perform its cybersecurity functions and assist federal and nonfederal entities in identifying cyber-based threats, mitigating vulnerabilities and managing cyber risks.”

In its written comments on a draft of GAO’s audit, DHS concurred with all nine recommendations.

DHS “also provided details about steps that it plans to take to address each of the recommendations, including estimated time frames for completion. If effectively implemented, these actions should enhance the effectiveness and efficiency of NCCIC in performing its statutory requirements,” GAO reported.

To more fully address the requirements identified in the National Cybersecurity Protection Act of 2014 and the Cybersecurity Act of 2015, GAO recommended that the DHS Secretary take the following nine actions:

  1. Determine the extent to which the statutorily required implementing principles apply to NCCIC’s cybersecurity functions.
  2. Develop metrics for assessing adherence to applicable principles in carrying out statutorily required functions.
  3. Establish methods for monitoring the implementation of cybersecurity functions against the principles on an ongoing basis.
  4. Integrate information related to security incidents to provide management with more complete information about NCCIC operations.
  5. Determine the necessity of reducing, consolidating, or modifying the points of entry used to communicate with NCCIC to better ensure that all incident tickets are logged appropriately.
  6. Develop and implement procedures to perform regular reviews of customer information to ensure that it is current and reliable.
  7. Take steps to ensure the full representation of the owners and operators of the nation’s most critical cyber-dependent infrastructure assets.
  8. Establish plans and time frames for consolidating or integrating the legacy networks used by NCCIC analysts to reduce the need for manual data entry.
  9. Identify alternative methods to collaborate with international partners, while ensuring the security requirements of high-impact systems.

 

Russian Hacking, We knew Because we had an Inside Operative(s)

Posted on by

This Executive Order is in draft form and does not include Russia, which is quite curious. The question of ‘why’ must be asked based on information noted below.

The Trump administration’s draft of the executive order on cybersecurity obtained by the Washington Post by April Glaser on Scribd

Those people involved in internet forensics and that track hackers, malicious code, malware, ransomware and intrusions are all dedicated to finding the cracks in code and even more finding the hackers while further understanding their code and patterns. I get emails about this topic every day that include a variety of global companies operating in this realm.

Back in December of 2015, ODNI James Clapper announced Russian intrusions into several American infrastructure locations. This was before the announcement of Russian intrusions into the U.S. political apparatus. In can be presumed the United States has long had the help of operatives inside adversarial countries, most of all Russia. Spies are out there and further, it is estimated there are 100,000 foreign spies inside the United States as of this moment. Heh, before Barack Obama left his presidency, he did expelled many Russians and closed two Russian compounds.

IN 2014, U.S. Cyber operations quietly penetrated Russian systems without declaring in specific language the exact operations.

In 2014, National Security Agency chief Adm. Mike Rogers told Congress that U.S. adversaries are performing electronic “reconnaissance” on a regular basis so that they can be in a position to disrupt the industrial control systems that run everything from chemical facilities to water treatment plants.

“All of that leads me to believe it is only a matter of when, not if, we are going to see something dramatic,” he said at the time.

Rogers didn’t discuss the U.S.’s own penetration of adversary networks. But the hacking undertaken by the NSA, which regularly penetrates foreign networks to gather intelligence, is very similar to the hacking needed to plant precursors for cyber weapons, said Gary Brown, a retired colonel and former legal adviser to U.S. Cyber Command, the military’s digital war fighting arm. More here.

It is unclear if we have recruited people inside Russia to work on the behalf of the United States, but clues tell us we did, with success.

In part from RFEL: At the simplest level, two FSB officers working in cyberdefense, Sergei Mikhailov and Dmitry Dokuchayev, as well as Ruslan Stoyanov, a former Interior Ministry official who works for the cyber security company Kaspersky Lab, are reportedly being charged with espionage.

According to Russian media reports, Mikhailov is suspected of alerting U.S. intelligence to the FSB’s connection to a Russian server-rental company called King Servers.

Last year, the U.S.-based cybersecurity firm ThreatConnect had identified King Servers as the nexus for hacking attacks against the United States.

If U.S. intelligence did indeed have a highly placed source like Mikhailov, it would explain why it was able to conclude with such a high degree of confidence that Russia was behind the cyberattacks during the election campaign.

The timing of the arrests and the timing of the decision by former U.S. President Barack Obama to declassify and make public parts of the U.S. intelligence report on the alleged Russian hacking also makes sense.

Mikhailov was arrested in December. And the U.S. released the intelligence report a month later, in January.

If Mikhailov was indeed a source, then Washington would have been reluctant to declassify its intelligence for fear of compromising him.

After he was arrested, this, of course, would no longer be an issue.

So far, so straightforward. Until it isn’t.

Leaks to the Russian media have also connected Mikhailov and his subordinate Dokuchayev to a hacker group known as Shaltai-Boltai, or Humpty Dumpty, which in the past has released embarrassing material about top Russian officials.

Vladimir Anikeyev, the founder of Shaltai-Boltai, has also been arrested, but is not being charged with espionage.

Moreover, Russian media reports claim that Dokuchayev is actually a former hacker known as Forb, who was serving a prison sentence for credit-card theft when he was recruited by the FSB, where he held the rank of major.

As Leonid Bershidsky notes in his column for Bloomberg, “parallel to their official duties, officers often run private security operations involving blackmail and protection. If Mikhailov ran such a business out of the FSB’s Information Security Center, he wouldn’t stand out among his colleagues.”

And it’s also not unusual for the FSB to recruit former hackers. In fact, it’s pretty much standard practice.

This is where the story diverts into the murky world of FSB officers and their civilian collaborators monetizing their positions and forming protection rackets.

“An FSB officer, recruited from the hacking community, can use his rank and position to obtain compromising material and sell it to wealthy clients. A team profiting from these opportunities can include both officers and civilians,” Bershidsky writes.

“The Russian government can hire such a team through intermediaries if it needs something sensitive done — but so can foreign intelligence services. It’s a murky world in which actors are both predator and prey. The Kremlin enjoys access to brilliant and unscrupulous people; the downside, of course, is that they may be hard to control.”

If you follow this line of logic, then it’s easy to imagine that Mikhailov and Dokuchayev inadvertently or unwittingly sold information exposing King Server’s FSB connections to a front for U.S. intelligence.

But the fact of the matter is we simply don’t know.

And if things aren’t confusing enough yet, there is also the matter of the bitter personal and clan rivalries in the shadow world of the Russian security services.

In a recent post on his blog KrebsOnSecurity, Brian Krebs, author of the book Spam Nation: The Inside Story Of Organized Cybercrime, suggested the whole affair might be traced to a personal rivalry between Mikhailov and Pavel Vrublevsky, an Internet businessman whose partner owns King Servers.

Mark Galeotti, an expert on Russia’s security services and a senior research fellow at the Institute of International Relations in Prague, notes that the FSB’s Information Security Center, which Mikhailov headed and where Dokuchayev was his subordinate, has emerged as “a pivotal agency” and “a source of power.”

And this makes it a prime arena for fierce rivalries and power plays.

“This is probably an intelligence leak that is being cleared up. But the question is: why now? And I wonder if domestic politics explains the leaking of the information now. It could be a rebuke to the FSB for having messed up,” Galeotti said on last week’s Power Vertical Podcast.