DHS Officially Issues Alert on Election Hacking

Related reading: Hacking an election is about influence and disruption, not voting machines

DHS Issues Alert on U.S. Election Hacking

The United States Department of Homeland Security has issued an Intelligence Assessment on the Cyber Threats and Vulnerabilities to U.S. Election Infrastructure. The report, which primarily downplays the risk of hacking election systems appears to conflict with recent FBI Director testimony stating that at least 20 states have been electronically probed with four suffering hacking related intrusions. The report does note that “multiple elements of US election infrastructure are potentially vulnerable to cyber intrusions. The risk to US computer-enabled election systems varies from county to county, between types of devices used, and among processes used by polling stations.”

The key judgments also include:

  • DHS has no indication that adversaries or criminals are planning cyber operations against US election infrastructure that would change the outcome of the coming US election. Multiple checks and redundancies in US election infrastructure—including diversity of systems, non-Internet connected voting machines, pre-election testing, and processes for media, campaign, and election officials to check, audit, and validate results—make it likely that cyber manipulation of US election systems intended to change the outcome of a national election would be detected.
  • We judge cybercriminals and criminal hackers are likely to continue to target personally identifiable information (PII), such as that available in voter registration databases. We have no indication, however, that criminals are planning theft of voter information to disrupt or alter US computer-enabled election infrastructure.

Other elements of the report, note the resiliency of the voting infrastructure, but also the potential for nation-state disruption.

No Indication of Cyber Operations to Change Vote Outcome

  • DHS has no indication that adversaries or criminals are planning cyber operations against US election infrastructure that would change the outcome of the coming US election. Multiple checks and redundancies in US election infrastructure—including diversity of systems, non-Internet connected voting machines, pre-election testing, and processes for media, campaigns and election officials to check, audit, and validate results—make it likely that cyber manipulation of US election systems intended to change the outcome of a national election would be detected.
  • We assess that successfully mounting widespread cyber operations against US voting machines, enough to affect a national election, would require a multiyear effort with significant human and information technology resources available only to a nation-state. The level of effort and scale required to change the outcome of a national election, however, would make it nearly impossible to avoid detection. This assessment is based on the diversity of systems, the need for physical access to compromise voting machines, and the security and pre-election testing employed by state and local officials.* In addition, the vast majority of localities engage in logic and accuracy testing, which work to ensure voting machines operate and tabulate as expected—before, during, and after the election.
  • We judge, as a whole, voter registration databases are resilient to systemic, nationwide cyber manipulation because of the diverse systems and security measures surrounding them. Targeted intrusions against individual voter registration databases, however, are possible. Additionally, with illicit access, manipulation of voter data, or disruptions to their availability, may impact a voter’s ability to vote on Election Day. Most jurisdictions, however, still rely on paper voter rolls or electronic poll books that are not connected in real-time to voter registration databases, limiting the possible impacts in 2016.
  • Voting precincts in more than 3,100 counties across the United States use nearly 50 different types of voting machines produced by 14 different manufacturers. The diversity in voting systems and versions of voting software provides significant security by complicating attack planning. Most voting machines do not have active connections to the Internet.
  • We assess the impact of an intrusion into vote tabulation systems would likely be contained to the manipulation of unofficial Election Night reporting results, which would not impact the certified outcome of an election, but could undermine public confidence in the results. In addition, local election officials, media organizations, and political campaigns carefully monitor local voting patterns, particularly in electorally significant jurisdictions, and are likely to detect and begin investigating potential anomalies quickly.

Non-State Actors Likely To Continue Targeting PII, Potentially Attempt Disruption

  • We judge cybercriminals and criminal hackers are likely to continue to target voter PII. We have no indication, however, that cybercriminals are planning theft of voter information to disrupt or alter computer-enabled US election infrastructure voting. Politically-motivated criminal hackers could attempt temporary disruptive cyber attacks, such as denial-of-service (DoS) attacks or web defacements against election-related websites, in the lead-up to or during the election process. Disruptive attacks could target public-facing state and local government websites, potentially including election infrastructure used to report election results to the general public and media; however, we judge this activity would likely have little impact on the voting process itself.
  • Unknown cyber actors in mid-July used an open-source scanning tool to identify and exploit a structured query language (SQL) injection vulnerability and exfiltrate PII from a Midwestern state board of elections website, according to FBI sources with excellent access and information provided by a cybersecurity organization supporting states. In at least three other states, voting and non-voting related websites during the same period observed unsuccessful SQL injection attacks from unknown actors, according to the same reporting.
  • Cybercriminals routinely attempt exploitation of misconfigured and vulnerable websites and webservers via SQL injection, brute force login attempts, cross-site scripting, and other publicly known vulnerabilities, according to DHS reporting from sources with direct access.
  • Criminal hackers routinely engage in disruptive attacks such as website defacement and DoS attacks, through exploiting publicly known vulnerabilities and for-hire DoS tools, according to DHS reporting from reliable sources with direct access.

Vulnerability of Computer-Enabled Election Systems

  • We assess multiple elements of US election infrastructure are potentially vulnerable to cyber intrusions. The risk to computer-enabled election systems, however, varies from county to county, between types of devices used and among processes used by polling stations.
  • Electronic Voting Systems: Security researchers have repeatedly demonstrated in laboratory testing environments that voting machines are vulnerable to compromise, usually with physical access, and such compromises could result in the manipulation of vote totals. Election outcomes would only be impacted if the compromise happened on a large scale across multiple machines or jurisdictions—which we judge to be beyond the capability of any adversary—or in cases of smaller local elections where the margin of victory is at a smaller scale.
  • Voter Registration Databases: Online voter registration systems provide a potential point of vulnerability to enable cyber actors to gain illicit access to voter registration databases. Cyber actors have exploited these portals in the past to gain illicit access to voter information. Compromises of voter registration databases have resulted in the potential release of PII, but not the modification of records—with the exception of one unconfirmed incident of voter registration manipulation reported by US media. The exposure of voters’ information would have limited impact on the integrity of the election process; however, it could undermine confidence in the system and provide the ability to conduct further cyber operations.
  • Public Dissemination of Voting Results: State government information technology solutions generally include a public-facing Internet-connected portion that is used to report election results to the general public and media, which some states have begun migrating to the cloud due to Election Day demand. Vulnerabilities in the public-facing Internet portion could be used to display inaccurate vote results to the public and media. Election Day results are not the official results of the state or local jurisdiction.

election-hacking

NSA Hacker Secretly Arrested

N.S.A. Contractor Arrested in Possible New Theft of Secrets

NYT’s/ WASHINGTON— The F.B.I. secretly arrested a National Security Agency contractor in recent weeks and is investigating whether he stole and disclosed highly classified computer codes developed to hack into the networks of foreign governments, according to several senior law enforcement and intelligence officials.

The theft raises the embarrassing prospect that for the second time in three years an insider has managed to steal highly damaging secret information from the N.S.A. In 2013, Edward J. Snowden, who was also a contractor for the agency, took a vast trove of documents that were later passed to journalists, exposing N.S.A. surveillance programs in the United States and abroad.

The information believed stolen by this contractor — who like Mr. Snowden worked for the consulting firm Booz Allen Hamilton, which is responsible for building and operating many of the agency’s most sensitive cyberoperations — appears to be different in nature from Mr. Snowden’s theft.

The contractor arrested in recent weeks is suspected of taking the highly classified “source code” developed by the agency to break into computer systems of adversaries like Russia, China, Iran and North Korea. Two officials said that some of the information the contractor is suspected of taking was dated.

TheJusticeDept says it has filed charges against a govt contractor with top secret clearance, accuses him of taking classified documents

**** In the biggest hack of the NSA since the Snowden scandal in 2013, in mid-August we reported that a mysterious group calling itself the “Shadow Brokers” had managed to hack the NSA’s Equation Group –  a government cyberattack hacking group associated with the NSA, and released a bunch of the organization’s hacking tools. The “group” also notably said that if it received 1,000,000 Bitcoins, worth roughly $560 million at the time, it would release all the hacked files. As the NYT reported moments ago, an NSA contractor, Harold Thomas Martin III, age 51, from Glen Burnie, MD was arrested on August 29th, with the FBI investigating whether he is the party responsible for stealing and disclosing highly classified computer codes developed to hack into the networks of foreign governments. More here.

****

Harold Thomas Martin III of Glen Burnie, Maryland, was charged in a criminal complaint. Among the classified documents found with Martin, the government says, were six that contain sensitive intelligence – meaning they were produced through sensitive government sources or methods that are critical to national security issues – and date back to 2014. All the documents were clearly marked as classified information, according to the criminal complaint.

Investigators also found stolen property valued at more than $1,000 at Martin’s residence or vehicle. He voluntarily agreed to an interview, officials said.

“Martin at first denied, and later when confronted with specific documents, admitted he took documents and digital files from his work assignment to his residence and vehicle that he knew were classified,” according to the complaint, despite not having the authorization to do so.

The Justice Department’s top national security official, John Carlin, said in Boston that the arrest pointed to the threat posed by insiders.

Martin has been in custody since a court appearance in August.  Associated Press

When Documents and Facts Prove the DOJ and FBI are Corrupt, Libya

Obama DOJ drops charges against alleged provider of Libyan weapons

Arms dealer had threatened to expose Hillary Clinton’s talks about arming anti-Qadhafi rebels.

Politico: The Obama administration is moving to dismiss charges against an arms dealer it had accused of selling weapons that were destined for Libyan rebels.

Lawyers for the Justice Department on Monday filed a motion in federal court in Phoenix to drop the case against the arms dealer, an American named Marc Turi, whose lawyers also signed the motion.

The deal averts a trial that threatened to cast additional scrutiny on Hillary Clinton’s private emails as Secretary of State, and to expose reported Central Intelligence Agency attempts to arm rebels fighting Libyan leader Moammar Qadhafi.

Government lawyers were facing a Wednesday deadline to produce documents to Turi’s legal team, and the trial was officially set to begin on Election Day, although it likely would have been delayed by protracted disputes about classified information in the case.

A Turi associate asserted that the government dropped the case because the proceedings could have embarrassed Clinton and President Barack Obama by calling attention to the reported role of their administration in supplying weapons that fell into the hands of Islamic extremist militants.

“They don’t want this stuff to come out because it will look really bad for Obama and Clinton just before the election,” said the associate.

In the dismissal motion, prosecutors say “discovery rulings” from U.S. District Court Judge David Campbell contributed to the decision to drop the case. The joint motion asks the judge to accept a confidential agreement to resolve the case through a civil settlement between the State Department and the arms broker.

“Our position from the outset has been that this case never should have been brought and we’re glad it’s over,” said Jean-Jacques Cabou, a Perkins Coie partner serving as court-appointed defense counsel in the case. “Mr Turi didn’t break the law….We’re very glad the charges are being dismissed.”

Under the deal, Turi admits no guilt in the transactions he participated in, but he agreed to refrain from U.S.-regulated arms dealing for four years. A $200,000 civil penalty will be waived if Turi abides by the agreement.

A State Department official confirmed the outlines of the agreement.

“Mr. Turi cooperated with the Department’s Directorate of Defense Trade Controls in its review and proposed administrative settlement of the alleged violations,” said the official, who asked not be named. “Based on a compliance review, DDTC alleged that Mr. Turi…engaged in brokering activities for the proposed transfer of defense articles to Libya, a proscribed destination under [arms trade regulations,] despite the Department’s denial of…requests for the required prior approval of such activities.”

Turi adviser Robert Stryk of the government relations and consulting firm SPG accused the government of trying to scapegoat Turi to cover up Clinton’s mishandling of Libya.

“The U.S. government spent millions of dollars, went all over the world to bankrupt him, and destroyed his life — all to protect Hillary Clinton’s crimes,” he said, alluding to the deadly Sept. 11, 2012 terrorist attack on the U.S. Consulate in Benghazi, Libya.

Republicans hold Clinton responsible for mishandling the circumstances around that attack. And Stryk said that Turi was now weighing book and movie deals to tell his story, and to weigh in on the Benghazi attack.

Representatives of the Justice Department, the White House and Clinton’s presidential campaign either declined to comment or did not respond to requests for comment on the case or the settlement.

Turi was indicted in 2014 on four felony counts: two of arms dealing in violation of the Arms Export Control Act and two of lying to the State Department in official applications. The charges accused Turi of claiming that the weapons involved were destined for Qatar and the United Arab Emirates, when the arms were actually intended to reach Libya.

Turi’s lawyers argued that the shipments were part of a U.S. government-authorized effort to arm Libyan rebels.

It’s unclear if any of the weapons made it to Libya, and there’s no evidence linking weapons provided by the U.S. government to the Benghazi attacks.

“The proposal did not result in an actual transfer of defense articles to Libya,” the State Department official told POLITICO on Tuesday.

But questions about U.S. efforts to arm Libyan rebels have been mounting, since weapons have reportedly made their way from Libya to Syria, where a civil war is raging between the Syrian Government and ISIL-aligned fighters.

During 2013 Senate hearings on the 2012 Benghazi attack, Clinton, under questioning from Sen. Rand Paul (R-Kentucky), said she had no knowledge of weapons moving from Libya into Turkey.

Wikileaks head Julian Assange in July suggested that he had emails proving that Clinton “pushed” the “flows” of weapons “going over to Syria.”

Additionally, Turi’s case had delved into emails sent to and from the controversial private account that Clinton used as Secretary of State, which the defense planned to harness at any trial.

At a court hearing in 2015, Cabou said emails between Clinton and her top aides indicated that efforts to arm the rebels were — at a minimum — under discussion at the highest levels of the government.

“We’re entitled to tell the jury, ladies and gentlemen of the jury, the Secretary of State and her highest staff members were actively contemplating providing exactly the type of military assistance that Mr. Turi is here to answer for,” the defense attorney said, according to a transcript.

Turi’s defense was pressing for more documents about the alleged rebel-arming effort and for testimony from officials who worked on the issue the State Department and the CIA. The defense said it planned to argue that Turi believed he had official permission to work on arms transfers to Libya

“If we armed the rebels, as publicly reported in many, many sources and as we strongly believe happened and as we believe at least one witness told the grand jury, then documents about that process relate to that effort,” Cabou told Campbell at the same hearing last year.

*****  

McCarthy: The ‘side deals’ are further evidence of a highly politicized Obama Department of Justice. Just when you think it can’t get any worse . . . According to House Judiciary Committee chairman Bob Goodlatte (R., Va.), the immunity agreements struck by the Justice Department with Cheryl Mills and Heather Samuelson, two top subjects of the FBI’s Clinton e-mail investigation, included “side agreements.” Pursuant to these side agreements, it was stipulated that (a) the FBI would not scrutinize any documents dated after January 31, 2015 (i.e., about five weeks before the most disturbing actions suggestive of obstruction of justice occurred); and (b) the FBI — in an investigation critically involving destruction of documents — would destroy the computers after conducting its search.
These revelations are outlined in a letter Chairman Goodlatte penned yesterday to Attorney General Loretta Lynch. Goodlatte says his committee learned of the side deals upon reviewing the immunity agreements, which have not been made public. That review naturally prompted a demand by the committee to see the side deals, which — for reasons unexplained — the Justice Department elected not to provide when it gave the committee access to the immunity agreements. The side deals have also not been made public. For anyone who worked in the Justice Department for any length of time, the striking of side deals with a defense lawyer (in this instance, Beth Wilkinson, who represents both Ms. Mills and Ms. Samuelson) is bracing. Written agreements with the Justice Department (regarding, for example, guilty pleas and cooperation) customarily include a clause explaining that the four corners of the document contain the entirety of the understandings between the parties. This is done precisely because defendants often claim they were enticed into signing the agreement because of this or that side deal purportedly agreed to by the government.
The Justice Department likes to be able to say, “We don’t engage in those sorts of shenanigans. The agreement is the single agreement as written.” Why did the Justice Department make side deals in this case (which we’ve been told was treated like any other case . . . except, alas, when it wasn’t)? More fundamentally, as I’ve been arguing since we learned of the immunity agreements, why did the government grant immunity in the first place? Unfortunately, the question, at this point, is rhetorical. Immunity was granted because the Justice Department would not use the grand jury against Mrs. Clinton.
As I’ve explained, the computers were physical evidence. The law empowers the government to compel production of physical evidence by subpoena (or by search warrant if there is suspicion that the evidence will be tampered with or destroyed). Importantly, however, the power to compel production of evidence derives from the grand jury. In the Clinton e-mails case, unlike virtually every other criminal case, the Justice Department apparently declined to convert the FBI’s investigation into a grand-jury investigation. This meant grand-jury subpoenas would not be issued. Why? Patently, the highly politicized Obama Justice Department did this because commencing a grand-jury investigation suggests that a matter is very serious and an indictment (which only the grand jury can issue) is likely. In this case, the Justice Department was determined to maintain the illusion that Clinton and her underlings hadn’t committed crimes, so the grand jury was avoided. That is how you end up with such inanities as the Justice Department’s leaking to the Washington Post that Cheryl Mills was regarded as nothing more than a very cooperative witness, not a suspect, even though we now know that (a) Mills falsely denied that, while serving as then-secretary of state Clinton’s chief of staff, she knew about the homebrew server system; (b) the evidence indicates that Mills is the one who directed Platte River Networks (PRN) to destroy the e-mails stored on Clinton’s server (although there are salient questions about when this happened); (c) the private laptop Mills used to vet Clinton’s e-mails contained mounds of classified information; and (d) Mills was sufficiently worried that her lawyer sought — and obtained — immunity from prosecution before Mills surrendered her computer to the FBI.
In his House testimony last week, FBI director James Comey tried to deflect the government’s failure to use the grand jury by rationalizing that the FBI was very anxious to examine the Mills and Samuelson computers, and that it is often more efficient in a criminal investigation to make informal agreements with the subjects’ lawyers than to rely on grand-jury compulsion. As I countered in this past weekend’s column, this claim is unconvincing. Use of the grand jury and negotiations with defense lawyers are not mutually exclusive. They happen concurrently all the time. Indeed, it is fear that the government might resort to compulsion that induces defense lawyers to negotiate reasonably. Take the grand jury off the table and investigators are apt to get taken to the cleaners. That is what happened here. With no resort to the grand jury, the FBI was reduced to relying on the Justice Department, which was working closely with Team Clinton’s defense lawyers, to cut immunity deals. These deals gave away the store in exchange for physical evidence the government actually had the power to demand without making concessions, much less extraordinary concessions like immunizing Mills and Samuelson from any prosecution based on the contents of the computers. According to Goodlatte, those concessions were even more astonishing than they seemed at first blush because of the newly revealed side deals.
First, there is the time-restriction. As noted above, Goodlatte says the Justice Department agreed that the FBI’s investigative team would not inspect any documents on the laptops dated later than January 31, 2015. What conceivable justification is there for this limitation? It is quite easy to conjure relevant evidence post-dating January 31, 2015, that could have been on the computer. Let’s just consider the crucial events of March 2015: In early March 2015, the New York Times broke the story about Mrs. Clinton’s homebrew server. The House Benghazi committee quickly issued a subpoena for Clinton’s e-mails. Between the Times report and March 25, Mills (and perhaps other Clinton-related lawyers and staffers) had a number of communications with Paul Combetta, the PRN technician who ultimately destroyed the e-mails. According to a March 25 e-mail, there was a call that day between Combetta and unidentified Clinton personnel as to which Combetta told the FBI “he could not recall the content of the call or the reference to backups in the e-mail.” (Scroll to Combetta FBI interview, May 3, 2016, p.5.) Nevertheless, sometime on or after March 25, Combetta had his “‘oh shit’ moment” and deleted the files containing Clinton’s e-mails from the server. (Same Combetta interview, pp.5-6.) On March 27, Clinton’s principal lawyer David Kendall informed Benghazi Committee chairman Trey Gowdy (R., S.C.) by letter: “I have confirmed with the Secretary’s IT support that no emails from [Clinton’s private e-mail address] for the time period [of Clinton’s 2009-2013 tenure as secretary of state] reside on the server or on any back-up systems associated with the server.” Kendall made no mention of when the “IT support” (Combetta) may have removed the e-mails.
A PRN work ticket dated March 31, 2015, references a conference call between Combetta, Kendall, and Mills, but when the FBI asked about it, Combetta refused to answer, citing his Fifth Amendment privilege against self-incrimination. (Scroll to Combetta FBI interview, February 18, 2016, p.5.) On March 31, Combetta used the BleachBit program to “shred” any copies of Clinton e-mails remaining on the server. (May 3, 2016, Combetta interview, p.6). Combetta was obviously in contact with Mills and other Clinton team members from early February through the end of March 2015 — the period the FBI was barred from examining under the computer side deal. Combetta tells the highly unlikely story that, during this time frame, he destroyed Clinton’s e-mails on his own initiative, without any encouragement from Mills or others in the Clinton camp.
When asked during last week’s House hearing how he could believe Combetta, FBI director Comey pointedly replied that it was not a matter of believing Combetta; the problem was not having evidence that disproved Combetta’s story. So if the FBI was interested in finding such evidence, why would it agree (or at least abide the Justice Department’s agreement) to an arrangement under which it was denied the ability to review documents on Mills’s computer from March 2015, when Combetta, while in frequent communication with Mills, destroyed the e-mails? Finally (at least until the next shoe drops), why would the FBI agree to destroy the computers after conducting the (apparently highly limited) examination that was agreed to?
The Federal Rules of Criminal Procedure explicitly provide (in Rule 41) that, when the government has taken custody of property for investigative purposes, a person who is somehow aggrieved by this deprivation may petition the court for the return of that property. The rule empowers the court to order the return of the property if it is not relevant to an ongoing investigation; and, if the court grants such relief, it “may impose reasonable conditions to protect access to the property and its use in later proceedings.” That is, the law encourages the preservation of materials that may have future investigative relevance. By simply following the law, the FBI and Justice Department can ensure that, if evidence is improperly destroyed, the government will not be at fault.
If Cheryl Mills and Heather Samuelson were bent on destroying potential evidence, that is a highly disturbing risk they should have been made to run on their own. No good could come from the FBI’s participating in the destruction. We are not talking here about illegal narcotics or explosives — items that could be dangerous to the public if needlessly preserved after their investigative relevance has been exhausted. We’re talking about laptop computers. Even if the FBI and Justice Department truly were convinced (against what appears to be the weight of the evidence) that there is no prosecutable case against anyone in the Clinton e-mail scandal, it is always possible that new information could emerge that would revive the case. Under such circumstances, the computers could have had renewed relevance and their destruction would have been highly problematic. How would it help the FBI to have had a hand in that?
Moreover, as the FBI and the Justice Department well knew, Clinton’s private e-mails are the subject of congressional oversight inquiries and Freedom of Information Act claims against the government that are being litigated in federal court. Again, why under those circumstances would the Justice Department and FBI agree not only that the evidence should be destroyed but, reportedly, that the FBI itself would do the destroying? We are repeatedly told that Mrs. Clinton and her underlings were not given special treatment, that this investigation was handled like any other. Are there other cases in which the Justice Department and FBI make such agreements?

 

 

1999: Clinton Admin Knew/Facilitated China Military Theft

 Wen Ho Lee

Related reading: 2015, FBI Arrests Chinese Millionaire Once Tied to Clinton $$ Scandal

Related reading: The Russia-China relationship could lead to some interesting changes on the global stage.

And the biggest changes are occurring far away from Washington’s orbit.

obama xi putinUS President Barack Obama (L-R), China’s President Xi Jinping, and Russia’s President Vladimir Putin during a photo shoot at the International Convention Center at Yanqi Lake in Beijing, November 11, 2014. REUTERS/Kim Kyung-Hoon

Although the Sino-Russo relationship predates the Ukraine conflict, there’s no question that the crisis has shifted Moscow even more toward Beijing.

Over the last year, we saw the two countries sign highly publicized energy deals, conduct joint military exercises, and even generally support each others’ foreign policy adventures. More here from BusinessInsider.

Here are a few questions for investigators in both houses of Congress to pose:

NYT’s: To Samuel Berger, the Hogan & Hartson trade lobbyist turned national security adviser: Why can’t Congress see your memo to President Clinton summarizing the devastating Cox report on espionage when it was submitted for security clearance in January? With the report now public, no claim of secrecy can properly be made.

Clinton pretended two months ago to have been uninformed of wholesale espionage. Did Berger’s January cover memo truly reflect the Cox report’s revelations, or did it lull the President into a false sense of national security?

To Bill Richardson, Energy Secretary since September 1998: You were briefed on espionage suspicions in November, and received the Cox report in January. Did you never have occasion to mention its serious implications on China policy to the President? You knew Secretary of State Albright was going to China in February; why did you withhold it from her? Did the White House suggest she be kept ignorant, or was it your own idea?

To F.B.I. Director Louis Freeh: Attorney General Janet Reno says ”I was not apprised of the details of the case at the time the decision was made” to reject wiretap surveillance of Wen Ho Lee at Los Alamos. Didn’t you think this was important enough to take to the top? She also says your 1997 request ”did not contain a request to search any computer.” If that is true, why not?

To the Senate Democratic leader, Tom Daschle: The bipartisan Cox report charges the White House with failing to inform Congress, but you say ”Republican chairs of the Congress were warned about this as early as 1996 and also chose to do nothing.” Did you read those ”warnings” before accusing Senator Arlen Specter and Representative Porter Goss of failing in their intelligence oversight duties? Can the public now see if those staff briefings were complete?

To Dan Burton, chairman of the House Government Reform and Oversight Committee: With Reno Justice allowing all Clinton’s illegal Asian fund-raisers to cop a plea and walk, you’ve subpoenaed Charlie Trie for June 10 and John Huang for June 17. Will you allow the ranking Democrat, Henry Waxman, to turn hearings into a partisan circus, or will you depose Trie and Huang extensively beforehand to discover links to Bruce Lindsey, the D.N.C.’s Don Fowler and Hillary’s Harold Ickes?

To George Tenet, Director of Central Intelligence: You reported to Cox that information on China’s theft of our W-88 nuclear warhead design came from a ”walk-in” planted by Chinese intelligence. That’s counterintuitive counterintelligence; does nobody in C.I.A. dispute the ”dangle” theory? Where is he now, and is he (or she) singing?

To Richard Shelby and Bob Kerrey of Senate Intelligence: The Cox report ran 900 pages, but nearly 400 pages were cut out by the Clinton sanitizers. Was all of this really for security reasons, or do many redactions cover C.I.A., F.B.I. and White House embarrassments?

To Senator Robert Torricelli, Democrat of New Jersey: You told CBS’s Bob Schieffer that Clinton should talk to Reno about ”her ability to perform her duties.” Are you worrying about her judgment under a physical affliction, or making a nonpartisan judgment on sustained misfeasance at Justice — or helping the White House toss her off the sled to save Sandy Berger?

The biggest question is this: Will we fall for the usual ”it’s old news” and ”everybody did it” defenses? Or will we connect the dots from the (a) corrupt Asian and satellite-producer contributions to the (b) refusal to stop the theft of nuclear codes lest it offend Beijing to the (c) change of policy to sell China powerful computers capable of using those codes to simulate tests?

The House is being serious. What about the Senate?

****What is this all about you ask?

*The People’s Republic of China (PRC) has stolen design information on the United States’ most advanced

thermonuclear weapons.

* The Select Committee judges that the PRC’s next generation of thermonuclear weapons, currently under development, will exploit elements of stolen U.S. design information.

* PRC penetration of our national weapons laboratories spans at least the past several decades and almost

certainly continues today.

****

• The stolen information includes classified information on seven U.S. thermonuclear warheads, including every currently deployed thermonuclear warhead in the U.S. ballistic missile arsenal.

• The stolen information also includes classified design information for an enhanced radiation weapon (commonly known as the “neutron bomb”), which neither the United States, nor any other nation, has yet deployed.

• The PRC has obtained classified information on the following U.S. thermonuclear warheads, as well as a number of associated reentry vehicles (the hardened shell that protects the thermonuclear warhead during reentry).

****

In addition, in the mid-1990s the PRC stole, possibly from a U.S. national

weapons laboratory, classified thermonuclear weapons information that cannot be

identified in this unclassified Report. Because this recent espionage case is currently

under investigation and involves sensitive intelligence sources and methods, the

Clinton administration has determined that further information cannot be made public

without affecting national security or ongoing criminal investigations.

The W-88, a miniaturized, tapered warhead, is the most sophisticated nuclear

weapon the United States has ever built. In the U.S. arsenal, it is mated to the D-5 submarine-

launched ballistic missile carried aboard the Trident nuclear submarine. The

United States learned about the theft of the W-88 Trident D-5 warhead information, as

well as about the theft of information regarding several other nuclear weapons, in 1995.

The PRC has stolen U.S. design information and other classified information

for neutron bomb warheads. The PRC stole classified U.S. information about

the neutron bomb from a U.S. national weapons laboratory. The U.S. learned of the

theft of this classified information on the neutron bomb in 1996.

In the late 1970s, the PRC stole design information on the U.S. W-70 warhead

from the Lawrence Livermore Laboratory. The U.S. government first learned of this

theft several months after it took place. The W-70 warhead contains elements that

may be used either as a strategic thermonuclear weapon, or as an enhanced radiation

weapon (“neutron bomb”). The PRC tested the neutron bomb in 1988.

The Select Committee is aware of other PRC thefts of U.S. thermonuclear

weapons-related secrets. The Clinton administration has determined that further

information about PRC thefts of U.S. thermonuclear weapons-related secrets cannot

be publicly disclosed without affecting national security.

The PRC acquired this and other classified U.S. nuclear weapons information as

the result of a 20-year intelligence collection program to develop modern thermonuclear

weapons, continuing to this very day, that includes espionage, review of unclassified

publications, and extensive interactions with scientists from the Department of

Energy’s national weapons laboratories.

**** The full Cox Report is 700 pages but this link is the summary.  So, those questions the New York Times asked in 1999 need to be asked again today of both Hillary and Bill. What say you?

Ah, Yahoo has Been Secretly Sweeping Your Emails

Primer: Report: Yahoo hack may have compromised up to 3B accounts

Exclusive: Yahoo secretly scanned customer emails for U.S. intelligence

SAN FRANCISCO (Reuters) – Yahoo Inc last year secretly built a custom software program to search all of its customers’ incoming emails for specific information provided by U.S. intelligence officials, according to people familiar with the matter.

The company complied with a classified U.S. government directive, scanning hundreds of millions of Yahoo Mail accounts at the behest of the National Security Agency or FBI, said two former employees and a third person apprised of the events.

Some surveillance experts said this represents the first case to surface of a U.S. Internet company agreeing to a spy agency’s demand by searching all arriving messages, as opposed to examining stored messages or scanning a small number of accounts in real time.

It is not known what information intelligence officials were looking for, only that they wanted Yahoo to search for a set of characters. That could mean a phrase in an email or an attachment, said the sources, who did not want to be identified.

Reuters was unable to determine what data Yahoo may have handed over, if any, and if intelligence officials had approached other email providers besides Yahoo with this kind of request.

Related reading: Verizon is buying Yahoo for $4.8 billion

According to the two former employees, Yahoo Chief Executive Marissa Mayer’s decision to obey the directive roiled some senior executives and led to the June 2015 departure of Chief Information Security Officer Alex Stamos, who now holds the top security job at Facebook Inc.”Yahoo is a law abiding company, and complies with the laws of the United States,” the company said in a brief statement in response to Reuters questions about the demand. Yahoo declined any further comment.

Through a Facebook spokesman, Stamos declined a request for an interview.

The NSA referred questions to the Office of the Director of National Intelligence, which declined to comment.

The demand to search Yahoo Mail accounts came in the form of a classified directive sent to the company’s legal team, according to the three people familiar with the matter.

U.S. phone and Internet companies are known to have handed over bulk customer data to intelligence agencies. But some former government officials and private surveillance experts said they had not previously seen either such a broad directive for real-time Web collection or one that required the creation of a new computer program.

“I’ve never seen that, a wiretap in real time on a ‘selector,'” said Albert Gidari, a lawyer who represented phone and Internet companies on surveillance issues for 20 years before moving to Stanford University this year. A selector refers to a type of search term used to zero in on specific information.

“It would be really difficult for a provider to do that,” he added.

Experts said it was likely that the NSA or FBI had approached other Internet companies with the same demand, since they evidently did not know what email accounts were being used by the target. The NSA usually makes requests for domestic surveillance through the FBI, so it is hard to know which agency is seeking the information.

Reuters was unable to confirm whether the 2015 demand went to other companies, or if any complied.

Alphabet Inc’s Google and Microsoft Corp, two major U.S. email service providers, did not respond to requests for comment.

CHALLENGING THE NSA

Under laws including the 2008 amendments to the Foreign Intelligence Surveillance Act, intelligence agencies can ask U.S. phone and Internet companies to provide customer data to aid foreign intelligence-gathering efforts for a variety of reasons, including prevention of terrorist attacks.

Disclosures by former NSA contractor Edward Snowden and others have exposed the extent of electronic surveillance and led U.S. authorities to modestly scale back some of the programs, in part to protect privacy rights.

Companies including Yahoo have challenged some classified surveillance before the Foreign Intelligence Surveillance Court, a secret tribunal.

Some FISA experts said Yahoo could have tried to fight last year’s directive on at least two grounds: the breadth of the demand and the necessity of writing a special program to search all customers’ emails in transit.

Apple Inc made a similar argument earlier this year when it refused to create a special program to break into an encrypted iPhone used in the 2015 San Bernardino massacre. The FBI dropped the case after it unlocked the phone with the help of a third party, so no precedent was set.

Other FISA experts defended Yahoo’s decision to comply, saying nothing prohibited the surveillance court from ordering a search for a specific term instead of a specific account. So-called “upstream” bulk collection from phone carriers based on content was found to be legal, they said, and the same logic could apply to Web companies’ mail.

As tech companies become better at encrypting data, they are likely to face more such requests from spy agencies.

Former NSA General Counsel Stewart Baker said email providers “have the power to encrypt it all, and with that comes added responsibility to do some of the work that had been done by the intelligence agencies.”

SECRET SIPHONING PROGRAM

Mayer and other executives ultimately decided to comply with the directive last year rather than fight it, in part because they thought they would lose, said the people familiar with the matter.

Yahoo in 2007 had fought a FISA demand that it conduct searches on specific email accounts without a court-approved warrant. Details of the case remain sealed, but a partially redacted published opinion showed Yahoo’s challenge was unsuccessful.

Some Yahoo employees were upset about the decision not to contest the more recent directive and thought the company could have prevailed, the sources said.

They were also upset that Mayer and Yahoo General Counsel Ron Bell did not involve the company’s security team in the process, instead asking Yahoo’s email engineers to write a program to siphon off messages containing the character string the spies sought and store them for remote retrieval, according to the sources.

The sources said the program was discovered by Yahoo’s security team in May 2015, within weeks of its installation. The security team initially thought hackers had broken in.

When Stamos found out that Mayer had authorized the program, he resigned as chief information security officer and told his subordinates that he had been left out of a decision that hurt users’ security, the sources said. Due to a programming flaw, he told them hackers could have accessed the stored emails.

Stamos’s announcement in June 2015 that he had joined Facebook did not mention any problems with Yahoo. (http://bit.ly/2dL003k)

In a separate incident, Yahoo last month said “state-sponsored” hackers had gained access to 500 million customer accounts in 2014. The revelations have brought new scrutiny to Yahoo’s security practices as the company tries to complete a deal to sell its core business to Verizon Communications Inc for $4.8 billion.

(Reporting by Joseph Menn; Editing by Jonathan Weber and Tiffany Wu)