Category Archives: FBI

Former NSA Contractor Stole 50,000 Gigabytes of Data

Posted on by

NYT’s/WASHINGTON — Investigators pursuing what they believe to be the largest case of mishandling classified documents in United States history have found that the huge trove of stolen documents in the possession of a National Security Agency contractor included top-secret N.S.A. hacking tools that two months ago were offered for sale on the internet.

The criminal complaint filed September 13, 2016 is here.

They have been hunting for electronic clues that could link those cybertools — computer code posted online for auction by an anonymous group calling itself the Shadow Brokers — to the home computers of the contractor, Harold T. Martin III, who was arrested in late August on charges of theft of government property and mishandling of classified information.

Harold T. Martin III and his wife Deborah Shaw in an undated photo. Deborah Shaw

But so far, the investigators have been frustrated in their attempt to prove that Mr. Martin deliberately leaked or sold the hacking tools to the Shadow Brokers or, alternatively, that someone hacked into his computer or otherwise took them without his knowledge. While they have found some forensic clues that he might be the source, the evidence is not conclusive, according to a dozen officials who have been involved in or have been briefed on the investigation.

All spoke on condition of anonymity because they were not authorized to discuss it publicly.

An anonymous hacker group, calling itself the Shadow Brokers, announced in August a sale of computer codes stolen from the National Security Agency.

Mr. Martin, an enigmatic loner who according to acquaintances frequently expressed his excitement about his role in the growing realm of cyberwarfare, has insisted that he got in the habit of taking material home so he could improve his skills and be better at his job, according to these officials. He has explained how he took the classified material but denied having knowingly passed it to anyone else.

 

“As a contractor, he gets to see a slice of the overall picture,” said one person familiar with the exchanges, summarizing Mr. Martin’s explanation. “He wanted to see the overall picture so that he could be more effective.”

Mr. Martin’s home in Glen Burnie, Md., with car parked outside. Nate Pesce for The New York Times

The material the F.B.I. found in his possession added up to “many terabytes” of information, according to court papers, which would make it by far the largest unauthorized leak of classified material from the classified sector. That volume dwarfs the hundreds of thousands of N.S.A. documents taken by Edward J. Snowden in 2013 and exceeds even the more voluminous Panama Papers, leaked records of offshore companies obtained by a German newspaper in 2015, which totaled 2.6 terabytes. One terabyte of data is equal to the contents of about one million books.

Image result for harold t martin nsa  NBCNews

F.B.I. agents on the case, advised by N.S.A. technical experts, do not believe Mr. Martin is fully cooperating, the officials say. He has spoken mainly through his lawyers, James Wyda and Deborah Boardman of the federal public defender’s office in Baltimore. They declined to comment before a detention hearing set for Friday in federal court.

Investigators discovered the hacking tools, consisting of computer code and instructions on how to use it, in the thousands of pages and dozens of computers and data storage devices that the F.B.I. seized during an Aug. 27 raid on Mr. Martin’s modest house in suburban Glen Burnie, Md. More secret material was found in a shed in his yard and in his car, officials said.

The search came after the Shadow Brokers leak set off a panicked hunt at the N.S.A. Mr. Martin attracted the F.B.I.’s attention by posting something on the internet that was brought to the attention of the N.S.A. Whatever it was — officials are not saying exactly what — it finally set off an alarm.

The release of the N.S.A.’s hacking tools, even though they dated to 2013, is extraordinarily damaging, said Dave Aitel, a former agency employee who now runs Immunity Inc., an information security company.

“The damage from this release is huge, both to our ability to protect ourselves on the internet and our ability to provide intelligence to policy makers and the military,” Mr. Aitel said.

The N.S.A.’s hacking into other countries’ networks can be for defensive purposes: By identifying rivals’ own hacking methods, the agency can recognize and defend against them, he said. And other countries, with some of the N.S.A.’s tools now in hand, can study past hacks and identify the attacker as the N.S.A., learn how to block similar intrusions, or even decide to retaliate, Mr. Aitel said.

Mr. Martin, 51, a Navy veteran who was completing a Ph.D. in information systems at the University of Maryland, Baltimore County, has worked for several of the contracting companies that help staff the nation’s security establishment. After stints at the Computer Sciences Corporation and Tenacity Solutions, where he was assigned to the Office of the Director of National Intelligence, he joined Booz Allen Hamilton in 2009. He worked on that firm’s N.S.A. contract until 2015, when he was moved to a different Pentagon contract in the area of offensive cyberwarfare.

He has long held a high-level clearance and for a time worked with the N.S.A.’s premier hacking unit, called Tailored Access Operations, which breaks into the computer networks of foreign countries and which developed the hacking tools later obtained by the Shadow Brokers. According to one person briefed on the investigation, Mr. Martin was able to obtain some of the hacking tools by accessing a digital library of such material at the N.S.A.

theshadowbrokers @shadowbrokerss

@cyberwar@guardian@VICE@mashable@wired@kaspersky@symantec Equation Group – Cyber Weapon Auction http://pastebin.com/NDTU5kJQ 

****

One possibility investigators are considering is that Mr. Martin did not knowingly share the Shadow Brokers material but that it was physically stolen from him — conceivable given the descriptions of the chaos of his house, shed and car — or more likely, grabbed by hackers. But the forensic examination of Mr. Martin’s computers has so far turned up no evidence that he was hacked, officials say.

The F.B.I. is considering whether he might have sold the hacking tools or other materials for money. His annual salary in recent years has exceeded $100,000 and he owns his house without a mortgage. But he has long bought expensive suits and Rolex watches, according to an old acquaintance, and a person familiar with his finances says he has struggled with debt. Court records show one past lien, an $8,997 state tax bill imposed in 2000 and not paid off until 2014.

Some people who know Mr. Martin favor a psychological motive for taking the documents home — one that echoes what he is himself telling investigators: a drive to distinguish himself and prove that his computer knowledge was equal to that of the N.S.A.’s top operators.

“He always thought of himself like a James Bond-type person, wanting to save the world from computer evil,” said a person who knows him well but would not speak about him on the record for fear of being pulled into the criminal case.

Last year, commenting online on an article on the future of computer warfare, Mr. Martin struck a martial and patriotic tone.

“The battles ahead will require a special breed of warrior,” he wrote. “It’s really a calling, and something the individual has to want to do as a profession, due to the sacrifices required to be top flight in this new, electronic, version of the great game.”

Mr. Martin’s tone of confidence reflected his comfort in the world of computer experts. Mr. Aitel, who runs a popular email list on computer security called Daily Dave, said Mr. Martin regularly emailed the list and him privately, usually expressing his enthusiasm for a technical achievement: “Outstanding! You rock!” he wrote about one exploit, Mr. Aitel said.

For years, Mr. Martin struggled with obesity, and then had gastric bypass surgery and lost a lot of weight, according to acquaintances who did not want to be named because they also did not want to drawn into the investigation. But within a decade, he had gained most of it back, they said.

Not long before his arrest, Mr. Martin exchanged emails with Mr. Aitel about attending Mr. Aitel’s annual security conference, called Infiltrate, scheduled for April in Miami.

“He sounded completely normal,” Mr. Aitel said. “Making plans for the future.”

Dirty Production of NHS Drugs Helps Create Superbugs

Posted on by

Drug resistance

Revealed: How dirty production of NHS drugs helps create superbugs

by Andrew Wasley and Madlen Davies

TheBureau: The NHS is buying drugs from pharmaceutical companies in India whose dirty production methods are fuelling the rise of superbugs, and there are no checks or regulations in place to stop this happening.

The busy intensive care unit at Gandhi Hospital in Hyderabad, a state-run hospital with 1,200 beds

The emergency room at a hospital in Hyderabad, India, where antibiotic resistance is a public health crisis.     Photo by Jagan. S

The growth in superbugs – infections which are resistant to antibiotics – is one of the biggest public health crises facing the world today, and pollution in drug companies’ supply chains is one of its causes. Yet the Bureau of Investigative Journalism has established that firms with a history of bad practice and pollution are supplying the NHS, and environmental standards do not feature in NHS procurement protocols.

New tests on water samples taken outside pharmaceutical factories in India which sell to the NHS found they contained bacteria which were resistant to the antibiotics made inside the plants.

This suggests industrial waste containing active antibiotic ingredients is being leaked into the surrounding environment. Studies have shown how this causes nearby bacteria to develop immunity to the drugs – creating “superbugs” – and that those resistant bacteria then spread around the world.

Responding to the Bureau’s findings, the Department of Health (DoH) said it would consider bringing in new rules for antibiotic factories which export drugs to Britain.

The Bureau’s investigation also established that at least three companies licensed to supply the NHS have not signed up to a new roadmap put in place following a recent United Nations antibiotic resistance summit, in which 13 global pharmaceutical firms pledged to review manufacturing and supply chains to make sure the release of antibiotics into the environment was being properly controlled.

Economist Lord Jim O’Neill, who conducted a major review into global antibiotic resistance, also known as antimicrobial resistance (AMR), told the Bureau the results of the tests were “deeply troubling”. His government-commissioned study found superbugs would kill more people than cancer by 2050 if no action is taken, and cited pollution in pharmaceutical supply chains as a major problem.

The Medicines and Healthcare Regulatory Authority (MHRA) – which licenses companies to make drugs for the UK market and carries out audits of factories – told us it currently has no regulations around waste, and neither does the European Medicines Agency.

Both agencies require manufacturers to meet Good Manufacturing Practices (GMP), a set of rules companies must meet to show their drugs are safe to be sold in the European Union (EU) or the UK. But GMP standards do not cover environmental emissions.

The influential purchasing power of national health services and authorities means they have the ability to bring about significant change in the way drugs are sourced and produced, said Natasha Hurley from the pressure group Changing Markets, which commissioned the water sample testing.

“Purchasers of antibiotics such as the NHS must immediately blacklist pharmaceutical companies with manufacturing practices that contribute to the spread of AMR, and to implement procurement policies that include environmental criteria,” she said.

Changing Markets tested water samples collected at 36 locations across India – including sites adjacent to drug manufacturing plants as well as rivers and wastewater treatment plants – and found 16 contained antibiotic resistant E.coli bacteria.

The highest level of drug resistant bacteria was found in water samples originating from a factory in India run by multinational drug company Aurobindo Pharma.

Freedom of Information requests reveal Aurobindo, through its UK subsidiary Milpharm Ltd, has supplied antibiotics to  NHS trusts across England during the past three years – including the UK’s biggest, Barts Health NHS Trust in East London. Aurobindo also has a £450,000-a-year contract supplying every NHS health region in Scotland with antibiotics including flucloxacillin, metronidazole and meropenem.

The company exports to more than 150 countries around the globe and 87% of its profits – which last year totalled about £200 million – are made from international operations, according to its most recent annual report.

Analysis of water originating inside the perimeter of the company’s plant near the Indian city of Hyderabad found that 70% of E.coli bacteria present were resistant to fluoroquinolones – a class of antibiotics classified by the World Health Organisation (WHO) as being critically important to human medicine.

Fluoroquinolones are manufactured at the plant and despatched all over the world – though the Bureau does not know if drugs made at this particular factory are exported to Britain. However the factory was inspected and certified as meeting the EU’s GMP standards in 2013 – meaning it is authorised to supply the UK.

This graph shows the percentage of resistant bacteria found in or near these sites in India in tests supervised by Dr Mark Holmes at the University of Cambridge. The samples taken from outside Aurobindo’s pharmaceutical factory in Hyderabad are on the far left. They show the highest levels of resistance for all the classes of antibiotics tested in all of the sites visited. This included cefepime, cefpodoxime, ceftazidime and cefotaxime – which are all cephalosporin antibiotics, a class used to treat a wide range of infections. It also included ciprofloxacin, a fluoroquinolone antibiotic and ertapenem, a carbapenem antibiotic. Fluoroquinolones are made at the plant and penicillin-type antibiotics are despatched from them. The tests cannot confirm the resistant E.coli are present as a result of antibiotic manufacturing. Mylan says it operates a zero discharge policy, so antibiotic-related material found in the lake near its Unit 1 cannot have come from there. The Bureau also contacted Hetero and Orchid Pharma, who are licensed to supply the US and UK markets, about the results, who did not respond or declined to comment.

Various studies have found “high levels of hazardous waste” and “large volumes of effluent waste” being dumped into the environment surrounding factories in India and China, where most of the world’s antibiotics are produced. Active ingredients used in antibiotics get into the local soil and water systems, leading to bacteria in the environment becoming resistant to the drugs.

Once established in the environment, the bacteria can exchange genetic material with nearby germs. They can then spread around the world through air and water, and by travellers visiting countries where the bacteria are prevalent.

Aurobindo was caught breaking pollution laws in 2012. The Andhra Pradesh Pollution Control Board ordered closure of two Aurobindo facilities (along with ten other pharmaceutical plants in Hyderabad) “in the interest of protecting public health and the environment”.

The company did not respond to the Bureau’s request for comment.

Changing Markets’ findings follow stark warnings in O’Neill’s review that a failure to tackle pollution from antibiotic production would exacerbate the spread of global superbugs.

The release of untreated waste products from substandard antibiotic factories “acts as a driver for the development of drug resistance, creating environmental ‘reservoirs’ of antibiotic-resistant bacteria,” said the report.

One major 2007 study found “shocking” levels of active antibiotic ingredients being discharged into a river in India, and concentration of the commonly-used antibiotic ciprofloxacin in the water exceeded levels toxic to some bacteria by 1000-fold.

Responding to the new findings, O’Neill told the Bureau: “Reports of this type of untreated antibiotic waste being released into the environment are deeply troubling, and it is the responsibility of all manufacturers – and their suppliers – to ensure that negligent or irresponsible practices do not add fuel to the fire of rising drug resistance”.

O’Neill backed a recent initiative by 13 global pharmaceutical companies to produce an industry “roadmap” to combat antibiotic resistance, pledging to reduce environmental impact of antibiotic production.

The pledge, signed ahead of a high-level UN meeting on AMR last month, included promises to review manufacturing and supply chains to make sure they adhered to good practices and were not releasing antibiotics into the environment. Aurobindo and Milpharm were not among the list of signatories to the document.

Aurobindo also sells antibiotics from the Hyderabad plant in the USA and supplies drugs for the American pharmaceutical company McKesson.

The DoH told the Bureau that emissions from antibiotic factories were a growing concern and one where strong international action was needed.

A spokesperson said: “Although manufacturing practices of companies that supply the NHS are closely monitored by the MHRA, there are no current rules around antibiotic supply. This is something we will consider carefully as our world-leading work on antimicrobial resistance continues.”

O’Neill’s review stressed that it was local populations whose health was most harmed by pharmaceutical pollution. India has become the epicentre of the global antibiotic resistance crisis, due to rampant overuse and misuse of the drugs in human medicine and livestock farming, as well as bad practice by factories.

A study published in the Lancet medical journal last year estimated the deaths of 58,000 newborn Indian babies a year were attributable to blood poisoning from infections resistance to antibiotics.

Dr J.V. Reddy, the chief doctor at Gandhi Hospital in Hyderabad, a state-run hospital with 1,200 beds, told the Bureau that half of all samples sent for testing, including blood and urine samples taken from patients seeking treatment, contained drug-resistant bacteria.

This included Methicillin-resistant Staphylococcus aureus (MRSA) bacteria and E.coli, Klebsiella and Pseudomonas bacteria – most of which contained enzymes which can break down penicillin and cephalosporin antibiotics.

Some E.coli and Klebsiella found were also resistant to carbapenems, last resort antibiotics given when bacteria have become resistant to other types. “Every three days a patient at the hospital dies of sepsis, with antibiotic resistance contributing to these deaths,” Dr Reddy said.

Overuse of antibiotics, the drugs being given for the wrong illnesses, and multiple types being given in one go exacerbates the problem, as well as patients using them irregularly.

By the time they arrive at Gandhi hospital, most people have already been prescribed several antibiotics, he said.

Resistance spreads from India back into the rest of the world. An enzyme called NDM-1, which makes bacteria resistant to carbapenems, was first detected in 2008 in a patient who had been treated in a New Delhi hospital. It has now spread to countries across the world, including the UK.

dsc_0103

‘I was blinded in one eye by an infection resistant to antibiotics’

Anji Reddy, a former farmer, was one of 13 people to lose vision in one of their eyes after an outbreak of a resistant infection. The 70-year-old, from a village near Hyderabad, went to the city’s Sarojini Devi Eye Hospital on June 30 for a cataract operation on his right eye.

A few days after the surgery, doctors removed his bandages and found his eye red, swollen and seeping with pus. Tests revealed it was infected with Klebsiella and E.coli bacteria that was resistant to antibiotics.

It is believed the solution used to irrigate his eyes during the surgery was contaminated. Three months later, Mr Reddy is still in constant pain and can no longer work to provide for his family.

‘I cannot do anything,’ he told the Bureau. ‘Earlier I used to tend to farm animals, clean the litter. I used do some digging. But now I cannot even see the path to walk”.

Thousands like Mr Reddy fall ill with drug resistant infections every year in India.

Czech Police Arrest Russian Hacker of U.S.

Posted on by

Czech police arrest Russian with alleged connections to hacking in U.S.

 

WashingtonPost: A Russian man thought to have connections to hacking in the United States has been arrested in the Czech Republic, authorities there said Tuesday.

Czech police worked with the FBI to detain the man at a hotel in Prague, according to a statement published online Tuesday evening.

The arrest is not related to the Russian hacks of the Democratic National Committee and other political organizations or the ongoing probe of Russian interference in the U.S. election, federal law enforcement officials said.

“As cyber crime can originate anywhere in the world, international cooperation is crucial to successfully defeat cyber adversaries,” the FBI said in a press statement Wednesday. The arrest, the bureau noted, was made pursuant to an INTERPOL red notice, highlighting the collaboration between U.S. law enforcement and international partners.

Immediately after his arrest, authorities said, the man collapsed. He was provided first aid and was later hospitalized.

Czech courts will decide whether to extradite the man to the United States.

It was unclear what hacking attacks the man was suspected of participating in. A police spokesman declined to provide Reuters with additional information about the arrest. In Moscow, a Russian Foreign Ministry official said the Kremlin opposed the extradition.

Konstantin Dolgov, whose group monitors legal and rights issues at the Foreign Ministry, called the plans to move the suspect to the United States an “unacceptability,” according to the Interfax news agency.

Dolgov said Russian officials were monitoring the case and ready to provide the suspect with assistance, including legal help. “We expect that his procedural rights won’t be violated,” Dolgov was quoted as saying.

Although there are no apparent links between the arrest and hacking of U.S. political groups, the case is certain to draw closer attention to data infiltration tactics with suspected Russian fingerprints.
Nearly two weeks ago, the Obama administration officially accused Russia of attempting to interfere with the 2016 U.S. election, a claim that had been reported widely for months but not formally alleged by the federal government.

The alleged hacks have included digital intrusions into systems at the Democratic National Committee this summer that was followed by a major leak of emails that, in turn, led to the resignation of the committee’s chairwoman, Rep. Debbie Wasserman Schultz (Fla.). Russia has also been blamed for hacking and, later, leaking emails of the Democratic Congressional Campaign Committee. In the October statement officially accusing Russia of the hacking attacks, the federal government said an online persona calling himself Guccifer 2.0 had claimed responsibility for the intrusions and said that it thinks only top Russian officials could have authorized them.

“This is some sort of nonsense,” Dmitry Peskov, press secretary for Russian President
Vladimir Putin, told The Washington Post earlier this month. “Every day, Putin’s site gets attacked by tens of thousands of hackers. Many of these attacks can be traced to U.S. territory. It’s not as though we accuse the White House or Langley of doing it each time it happens.”

****

FOR IMMEDIATE RELEASE, Department of Justice
Tuesday, February 17, 2015

Russian National Charged in Largest Known Data Breach Prosecution Extradited to United States

Defendant Brought From Netherlands

After Fighting Extradition for Over Two Years

****

Russian Hackers of DNC Said to Nab Secrets From NATO, Soros

Bloomberg: Weeks before the Democratic convention was upended by 20,000 leaked e-mails released through WikiLeaks, another little-known website began posting the secrets of a top NATO general, billionaire George Soros’ philanthropy and a Chicago-based Clinton campaign volunteer.

Security experts now say that site, DCLeaks.com, with its spiffy capitol-dome logo, shows the marks of the same Russian intelligence outfit that targeted the Democratic political organizations.

The e-mails and documents posted to the DCLeaks site in early June suggest that the hackers may have a broader agenda than influencing the U.S. presidential election, one that ranges from the Obama administration’s policy toward Russia to disclosures about the hidden levers of political power in Washington.

It also means the hackers may have much left in their grab bag to distribute at will. The subjects of the DCLeaks site include a former ranking intelligence official who now works for a major defense contractor and a retired Army officer whose wife serves on the USS Nimitz, the nuclear-powered aircraft carrier. Some of the e-mails go back years.

Open Society Foundations, the Soros group, reported the breach to the Federal Bureau of Investigation in June, said spokeswoman Laura Silber, who added that an investigation by a security firm found the intrusion was limited to an intranet system used by board members, staff and foundation partners.

NATO Commander

The biggest revelation on DCLeaks involves U.S. Gen. Philip Breedlove, who retired in May and was formerly the top military commander of the North Atlantic Treaty Organization. E-mails from Breedlove’s personal account show him complaining that the Obama administration wasn’t paying enough attention to European security. (“I do not see this WH really ’engaged’,” he writes at one point, later wondering “how to work this personally with the POTUS.”) The Intercept subsequently wrote a story about the e-mails, picked up by some cable news channels, inflaming tensions between the U.S. and its European allies.

Breedlove told CNN in July that the e-mails were stolen as part of a state-sponsored intelligence operation and didn’t respond to a request for comment this week.

The leaks highlight the effectiveness of some of the hackers’ tricks, including the targeting of private e-mail accounts to gather sensitive military and political intelligence. DCLeaks also offers some insight for investigators on what appears to be the hackers’ early missteps and ad hoc approach.

Harried Schedule

A cache of hacked Google e-mails from a Clinton volunteer, for example, doesn’t add up to much: They purport to be from the account of Sarah Hamilton, who works for a public relations firm in Chicago and volunteers for Hillary for America, and show little but the harried schedule of the campaign staff. Hamilton didn’t respond to a request for comment.

Similarly, a trove of “redacted” documents from the William J. Clinton Library were declassified and have been publicly available on the library’s website for several years, a spokeswoman for the library said.

“It really looks like the hackers tried a couple of things that just weren’t really working before they hit on using WikiLeaks,” said John Hultquist, the manager of cyberespionage intelligence at FireEye Inc. “With this earlier stuff, it looks like they were experimenting.”

Describing itself as the work of American hacktivists, DCLeaks.com was registered in April, and many of the documents were posted in early June. A DCLeaks administrator, who identified himself by e-mail as Steve Wanders, didn’t respond to written questions, including why much of the material focuses on Russia or Russian foreign-policy interests.

Voracious Appetites

The site seems designed to cater to the U.S. media’s voracious appetites for leaks. It has related Twitter and Facebook accounts that push out nuggets from purloined documents and that suggest angles journalists might pursue.

The Russian government has dismissed the idea that it was involved in the hack of the Democratic National Committee, and WikiLeaks founder Julian Assange said there’s “no proof whatsoever” that Moscow was involved.

Security experts see links to a larger Russian information operation. That’s in part, according to two people familiar with the probe, because the e-mail addresses of Breedlove and Hamilton were among thousands targeted in a several-month campaign that began last fall by a Russian hacking group that cybersecurity firms have referred to by monikers including Fancy Bear, APT28 and the Sofacy Group.

Cyberintelligence firms have linked that hacking group to the GRU, Russia’s military intelligence service, whose Moscow headquarters is nicknamed the Aquarium. Three private security groups have linked the DNC incursion to that group and another Russian hacking group associated with the FSB, the country’s civilian intelligence agency. U.S. intelligence agencies have told officials they believe the DNC hack was orchestrated by the Russian government.

Guccifer 2.0

A hacker calling himself Guccifer 2.0 and purporting to be Romanian initially took credit for the DNC hack. That claim was viewed skeptically, in part because the hacker didn’t appear to speak Romanian. Guccifer 2.0 provided the Smoking Gun with leaked e-mails from Sarah Hamilton’s account, according to a story posted on that site on June 28. FireEye believes Guccifer 2.0 is a cover identity for APT28, Hultquist said.

In the case of Soros’s Open Society, hackers stole a trove of documents after accessing the foundation’s internal intranet, a system called Karl, according to a person familiar with its internal investigation. On August 3, the DCLeaks.com Twitter account tweeted “Check George Soros’s OSF plans to counter Russian policy and traditional values,” attaching a screenshot of a $500,000 budget request for an Open Society program designed to counter Russian influence among European democracies.

The hackers may have had access the foundations’ network for nearly a year, according to another person familiar with the investigation. Although Open Society has about 800 full-time staff, as many as 7,000 people have access to Karl, which is used to circulate draft program proposals, budgets and other internal documents.

DCLeaks.com provides a possible outline of the successful tactics used by the suspected Russian hackers, like targeting personal e-mail accounts to scoop up sensitive information.

The hackers were apparently reading Breedlove’s personal e-mails that went back to at least 2012, a period when he was among the highest-ranking U.S. military officers and was commander of the U.S. European Command and NATO Allied Command Operations.

Among Breedlove’s correspondents, according to DCLeaks.com, were former Secretary of the Air Force James Roche, former presidential candidate Wesley Clark and former Secretary of State Colin Powell. Efforts to contact Clark and Powell weren’t immediately successful.

Roche, in an e-mail, said Breedlove is a thoughtful officer who has worked hard for the betterment of the Air Force and his country. Of the Russians, Roche added: “I hope they learned that there are many dedicated officers who are thinking of the best ways to ensure that our country’s leaders can’t be bullied by Mr. Putin and his associates.”

Mastermind of Europe’s Terror Attacks Identified

Posted on by

U.S. Identifies Key Player in ISIS Attacks on Europe

Frontline: Almost a year after Islamic State terrorists killed 130 people in Paris, U.S. intelligence agencies have identified one of the suspected masterminds of that plot and a follow-up attack in Brussels.

U.S. counter-terror officials said the man, who goes by the name Abu Sulaiyman al Fransi (Abu Sulaiyman, the Frenchman) is a 26-year old Moroccan who once served in Afghanistan as a soldier in the French Foreign Legion. He did prison time for drug running before going to Syria in 2014 and joining ISIS, according to U.S. officials and French court documents. His real name is Abdelilah Himich, according to U.S. counter-terror officials.

Despite his relative youth, Himich’s military experience and knowledge of France have made him a key figure in the Islamic State’s external operations unit, which has led a terror campaign against Europe, officials said. He is thought to be in Syria.

“We believe he is one of the top guys involved in spearheading the Paris attack and the Brussels attacks,” a U.S. counter-terror official said. “He was involved in creating that infrastructure” of the external operations unit.

U.S. and European counter-terror officials were interviewed for this story as part of a report by ProPublica and FRONTLINE about terrorism in Europe.

Officials acknowledged that they have struggled to pin down details about the identities and activities of the ISIS planners. U.S. and European counter-terror officials note that several Islamic State fighters have used the nom de guerre Abu Sulaiyman al Fransi. (The nickname is spelled in a number of ways, U.S. officials say.) In the past, he has variously been described by European officials and media reports as a blond convert and a former physical education teacher.

But U.S. officials said there was strong evidence indicating that the senior French fighter in question is Himich. They said French intelligence has been informed of that assessment and agrees with it.

Click here to see the full documentary.

European counter-terror officials interviewed by ProPublica earlier this year said they also suspect that a militant known as Abu Sulaiyman the Frenchman helped to plan the Paris and Brussels attacks. But they did not disclose his full identity.

Officials said that months of investigations and intelligence work in Europe and the Middle East have begun to shed light on the command structure of what the Islamic State calls external operations. The predominantly Arab leaders of ISIS have given senior and mid-level European fighters considerable autonomy to select targets and decide details of plots in their home turf, according to Western counter-terror officials.

Nonetheless, the ISIS unit that plots attacks overseas is also quite bureaucratized, according to U.S. intelligence officials. The unit exerted increasingly direct control over plots in Europe starting in 2015, according to Western counter-terror officials, and is part of an ISIS intelligence structure known as the Enmi.

“ISIS-directed plots in Europe have usually involved several planners and organizers who might change for each project,” said Jean-Charles Brisard, the chairman of the Center for the Analysis of Terrorism in Paris, who has been studying the unit. “It’s more a team process than a single mastermind’s plan.”

Abu Mohamed al-Adnani, a Syrian who served as a spokesman for the Islamic State, was a top figure overseeing external operations, counter-terror officials say. A U.S. drone strike killed Adnani in August.

There is hard evidence that another ISIS militant in Syria, a man known as Abu Ahmad, played a hands-on role in the Paris and Brussels cases, according to European counter-terror officials. A laptop computer recovered by Belgian police after the Brussels bombings in March contained encrypted communications detailing Abu Ahmad’s direct role in the plot.

During the four months after the Paris attacks, Abu Ahmad discussed targets, strategy and bomb-making techniques from Syria via encrypted channels with survivors of the terrorist cell who were hiding in Brussels. The fugitive suspects referred to Abu Ahmad as their “emir,” or leader, according to Belgian counter-terror officials.

The communications in the laptop indicate that the original plan was to hit France again, European officials say. When Belgian police closed in, however, Abu Ahmad told the fugitives to strike in Brussels instead, officials said. The suicide bombings killed 32 people at the airport and a subway station on March 22.

Abu Ahmad was described by two captured ISIS fighters as a lead planner of the Paris massacre as well. The suspects, an Algerian and a Pakistani, told interrogators that Abu Ahmad chose and prepared them for the plot last fall, and sent them to Europe posing as Syrian refugees, according to European counter-terror officials.

When the two landed in Greece in October, however, Greek border guards discovered they were not Syrian, and held them for a few weeks, according to European and U.S. counter-terror officials. After being released, the duo communicated with Abu Ahmad, who sent them money and instructions not to join the rest of the attackers, according to officials. The two suspects were arrested in Austria in December.

The men described Abu Ahmad as a Syrian, according to European counter-terror officials. But the recovered clandestine communications with the plotters in Europe indicate clearly that he speaks French, raising questions about his true nationality, the officials said.

“He has to be French, or speak French well,” a European counter-terror official said. “They use French slang.”

The investigation shows that Abu Ahmad worked with the senior fighter known as Abu Sulaiyman al Fransi, according to European and U.S. counter-terror officials. During the massacre at the Bataclan concert hall in Paris, witnesses overheard gunmen talk to each other about calling a person named Abu Sulaiyman, according to European and U.S. officials.

Himich, the man identified by U.S. intelligence as Abu Sulaiyman, has an unusual story. He was born in Rabat, Morocco, in 1989, according to U.S. counter-terror officials and French court documents. His family emigrated when he was an adolescent to Lunel, a southern French town about 20 miles from Montpellier, officials say.

Lunel has a population of about 25,000 and a rich history as a Jewish cultural center in medieval times. The town has a large population of Muslim descent as the result of immigration from North Africa beginning in the 1960s.

In 2006, Himich’s name appeared in a Lunel high school newspaper as the author of an article about teenage drinking. Although he went to school in France, he remains a Moroccan citizen, according to officials and court documents. In 2008, he joined the French Foreign Legion, a legendary and hard-nosed force whose soldiers come from all over the world.

Himich “distinguished himself during various missions in Afghanistan,” according to the court documents. In 2010, however, he deserted, according to the officials and documents.

“Wanting to attend the burial of his father, he left his post without authorization,” the documents say. “After his return to France, he did vocational training to work in the security field and also considered becoming a nurse.”

A year later, he got in trouble with the law. French customs police intercepted him arriving on a train from Amsterdam at the Gare du Nord station in Paris on Dec. 13, 2011, according to court documents. Police discovered he was carrying a backpack containing 2.6 pounds of cocaine with a street value of about $55,000. He also tested positive for cocaine and marijuana.

Himich testified that he had met a Senegalese man at a hookah bar in Paris, and told him he needed money because he had left the Foreign Legion. Himich said the man hired him to bring a package from Rotterdam, offering to pay $1,600. Himich, whom the documents describe as “adopting an arrogant attitude” during a court hearing, denied knowing that the package contained drugs.

Himich spent five months in jail. He was convicted in April 2013, and sentenced to three years in prison with a year suspended, according to the documents, though it appears he did not spend much more time behind bars. It was his first criminal conviction. He appears to have followed a classic trajectory from crime into radicalization.

Despite its picturesque setting, Lunel has made headlines as a hub of extremism. By 2015, at least two dozen young people — of North African descent as well as Muslim converts — had left Lunel to fight in Syria, where at least six of them died.

Himich joined that exodus in early 2014, according to U.S. counter-terror officials. He rented a car and drove via Italy, Greece and Turkey to Syria, according to Brisard. That route is popular with Syria-bound jihadis who travel with their families, according to Italian police. Himich has a wife and two children, officials said.

In Syria, Himich first fought in an Al Qaeda-linked group, officials say. Then, like many extremists in Syria, he moved to the increasingly powerful Islamic State. He soon became a battlefield commander, according to U.S. officials and Brisard, the French counter-terror expert.

“He was quickly promoted by ISIS to lead one of its fighting brigades in the first half of 2014,” Brisard said. “His rapid rise within ISIS could be explained by his military service in the French Foreign Legion.”

France and Interpol have issued warrants for Himich’s arrest on suspicion of terrorist activity, according to U.S. officials.

Investigators believe Himich is among a group of ISIS militants in their 20s and 30s, predominantly Francophones, who plot against Europe. The group also includes two Muslim convert brothers from Toulouse, Fabien and Jean-Michel Clain, according to counter-terror officials. Fabien Clain is believed to be the Frenchman who read the official statement in which the Islamic State claimed responsibility for the Paris attacks, officials say.

The Clain brothers surfaced in an investigation in 2009 of a French-Belgian extremist network. Suspects in that case had been investigated for a bombing in Cairo and, according to investigators, told Egyptian interrogators they had discussed a potential attack on the Bataclan, the nightclub that was hit in 2015. The suspects allegedly saw the Paris concert hall as a Jewish target because the owners were Jewish and the venue had hosted pro-Israel events.

Given his military experience, Himich’s stature is likely to grow after the recent deaths of Islamic State leaders in U.S. air strikes, officials said.

“He’s probably one of the most important Frenchmen in ISIS, especially after the death of Adnani,” the U.S. counter-terror official said.

10/18/2016: Lawsuit Filed Against Hillary Clinton

Posted on by

WikiLeaks has in fact been of great assistance and will continue to be. WikiLeaks also tells us Hillary wants Obamacare to fail in order to implement a single payer system.

.pdf of Formal Complaint is here.

October 18, 2016

Office of the General Counsel

Federal Election Commission

999 E Street, NW

Washington, D.C. 20463

Re: Complaint Against Hillary for America, the Democratic National

Committee, Democracy Partners, Americans United for Change, and other

known and unknown individuals and groups.

To Whom It May Concern:

Complainant

The Public Interest Legal Foundation (“PILF”) is a non-profit educational and legal foundation

dedicated to protect the right to vote, preserve the Constitutional framework of American

elections, and educate the public on the issue of election integrity. As part of its mission, PILF

gathers and analyzes information regarding potential violations of federal and state election laws

and informs the public about these violations and concerns.

This complaint is filed on behalf of the Public Interest Legal Foundation by Joseph A.

Vanderhulst, Legal Counsel with PILF at 209 West Main Street, Plainfield, Indiana 46168,

pursuant to 52 U.S.C. § 30109(a)(1).

Respondents

Hillary for America

(Committee ID C00575795)

P.O. Box 5256

New York, NY 10185-5256

Jose H. Villarreal

Treasurer, Hillary for America

P.O. Box 5256

New York, NY 10185-5256

Democratic National Committee

430 South Capitol Street Southeast

Washington, DC 20003

Democracy Partners

1250 Eye Street, NW, Ste. 250

Washington, DC 20005

Bob Creamer

Strategist, Democracy Partners

1250 Eye Street, NW, Ste. 250

Washington, DC 20005

Americans United for Change

P.O. Box 34606

Washington, D.C. 20043

202-470-6954

Scott Foval

National Field Director, Americans United for Change

P.O. Box 34606

Washington, D.C. 20043

202-470-6954

Voces de la Frontera Action

1027 S. 5th Street

Milwaukee, WI 53204

Tel. 414-643-1620

Unknown Groups and Individuals Associated with Respondents

Summary

This complaint is based on information and belief that respondents have engaged in public

communications, campaign activity, targeted voter registration drives, and other targeted GOTV

activity under 11 C.F.R. 100.26 and 11 C.F.R. 114.4 at the request, direction, and approval of the

Hillary for America campaign committee and the Democratic National Committee in violation of

11 C.F.R. 109.20 and 11 C.F.R. 114.4(d)(2) and (3).

Complainant’s information and belief is based on findings from an investigation conducted by

Project Veritas Action and their published reports regarding the same, as well as on news

sources.

“If the Commission, upon receiving a complaint . . . has reason to believe that a person has

committed, or is about to commit, a violation of [the FECA] . . . [t]he Commission shall make an

investigation of such alleged violation . . . .” 52 U.S.C. § 30109(a)(2); see also 11 C.F.R. §

111.4(a).

Facts and Violations

Alien Registration Drives

On information and belief based on published reports and findings from an investigation by

Project Veritas Action, several groups including Americans United for Change and Voces de la

Frontera Action and other unknown groups have engaged in voter registration drives and other

GOTV activity during the 2016 election cycle. These activities potentially registered persons

who were not citizens. This activity is regulated under 11 C.F.R. 114.4.

On the same information and belief, these voter registration drives and other GOTV activity

were coordinated with DNC and HFA by express communication through agents of Democracy

Partners and The Foval Group. These communications resulted in coordination of voter

registration activity in violation of 11 C.F.R. 114.4(c)(2) and (d)(2)-(4) by all parties involved.

Also, because they were coordinated with a political party or campaign, there voter registration

activities deliberated targeted demographic groups because they were statistically more likely to

support a particular party or candidate in violation of 11 C.F.R. 114.4(c)(2) and (d)(2)-(4) by all

parties involved.

Paid Protesters

As reported in several news sources, disruptions, including incidents of violence, have occurred

at rallies held by the Trump for President campaign. Based on published reports, these

disruptions were instigated by paid professional protestors arranged by third party groups at the

coordination and direction of agents of Democracy Partners and The Foval Group at the request

and approval of agents of DNC and HFA.

On information and belief based on published reports and findings from an investigation by

Project Veritas Action, these disruptions include the payment of protesters “wherever Trump and

Pence are going to be.” Based on these reports, it appears that all violent disruptions at Trump

for President campaign rallies have been executed by paid protesters trained and instructed in

their speech and conduct to advocate against Trump and in support of Clinton.

On information and belief based on the same source, agents of DNC and HFA communicated

with the third party groups and individuals engaging in the activity and content through agents of

Democracy Partners and The Foval Group in order to request and approve the communications.

Through a direct chain of communication, this constituted coordination under 11 C.F.R.

109.21(d)(1)-(5).

Other Public Communications and Campaign Activities

On information and belief based on published reports, all public communications as defined in

11 C.F.R. 109.21(c) done by Americans United for Change, including the activities described in

Exhibit A, were done at or with the direction, approval, suggestion, or after material discussion

regarding the timing, content, and audience of the communications, of the DNC and Hillary for

America campaign.

Conclusion

Upon information and belief, and based upon the facts set forth above, Respondents Hillary for

America, the Democratic National Committee, Democracy Partners, Americans United for

Change, and their agents, named and unnamed above, have, each of them, individually and

collectively, violated the Federal Election Campaign Act of 1971, as amended, and must be held

accountable and liable for their unlawful actions.

On behalf of PILF, I hereby request an investigation into whether the respondents identified

above, or any other related parties, have violated federal campaign finance laws. The information

uncovered by this investigation, including this initial complaint, will be used by PILF to educate

the American people about the laws governing our elections and current and potential threats to

election integrity.

Thank you for your prompt attention to this matter. Please contact me if you have further

questions.

Respectfully submitted,

PUBLIC INTEREST LEGAL FOUNDATION

Joseph A. Vanderhulst

Legal Counsel

I hereby affirm and state under penalty of perjury that the foregoing statements are true and

correct to the best of my knowledge and belief.

Joseph A. Vanderhulst

Subscribed and sworn to me on this day of , 2016, by Joseph A.

Vanderhulst, President and General Counsel of Public Interest Legal Foundation.

Notary Public

**** Additionally, here is yet an additional Federal Statue where Hillary Clinton is in violation and a lawsuit may be pending in this regard.

 

18 U.S.C. § 208, the basic criminal conflict of interest statute, prohibits an executive branch employee from participating personally and substantially in a particular Government matter that will affect his own financial interests, as well as the financial interests of:

  • His spouse or minor child;
  • His general partner;
  • An organization in which he serves as an officer, director, trustee, general partner or employee; and
  • A person with whom he is negotiating for or has an arrangement concerning prospective employment.

Financial Interests in a Particular Matter

An employee has a disqualifying financial interest in a particular matter only if there is a close causal link between a particular Government matter in which the employee participates and any effect on the asset or other interest (direct effect) and if there is a real possibility of gain or loss as a result of development in or resolution of that matter (predictable effect). Gain or loss need not be probable. The possibility of a benefit or detriment must be real, not speculative. One common point of confusion is distinguishing between an asset or other interest and a financial interest in a particular matter under 18 U.S.C. § 208. The financial interest is the possibility of gain or loss (of the value of an asset or other interest) resulting from a particular matter, not the asset or interest itself. Thus, a person could have a large holding but only a relatively small financial interest in the particular matter, because the potential for gain or loss is small.

Exemptions

The criminal prohibition has no de minimis level. That is, it applies where any financial interest exists, no matter how small. Under 18 U.S.C. § 208(b)(2), however, OGE has the authority to establish blanket exemptions for financial interests considered too remote or too inconsequential to affect the integrity of the employee’s services. OGE has established several exemptions. The exemptions can be found in the implementing regulation for the statute, 5 C.F.R. part 2640. An employee who qualifies for an exemption can participate in official matters without violating 18 U.S.C. § 208, even though he has what would otherwise be a disqualifying financial interest in the matters. In addition to the exemptions established by OGE, there is an exception in the statute itself at 18 U.S.C. § 208(b)(4) for employees that have certain Native American or Alaska Native birthrights. If the financial interest that would be affected by the particular matter is that resulting solely from the interest of employee or the spouse or minor children in certain Native American or Alaska Native birthrights, the employee may participate in the particular matter without violating 18 U.S.C. § 208.

Waivers

The criminal financial conflict of interest statute has two separate waiver provisions. An employee who has been granted a waiver can participate in official matters without violating 18 U.S.C. § 208, even though he has what would otherwise be a disqualifying financial interest in the matters. Ethics officials often use waivers for broad particular matters, such as general policy matters, in conjunction with a recusal from particular matters involving specific parties for a specific financial interest. The two types of waivers are:

  • 208(b)(1): A waiver issued by the employee’s agency that covers certain financial interests that are not so substantial as to affect the integrity of the employee’s services.
  • 208(b)(3): A waiver for special government employees on Federal Advisory Committee Act committees when the need for services outweighs the potential for conflicts.