Category Archives: FBI

The Wilful Reckless Handling of Classified Docs in DHS too?

Posted on by

Okay, so we have had the issue at the U.S. State Department and now the Department of Homeland Security, so it begs the question, what other agencies? Further, Iran, Russia, China and North Korea are likely loving this.

Security? Heh….

Homeland Security Is Spilling a Lot of Secrets

By

Bloomberg: The Department of Homeland Security suffered over 100 “spills” of classified information last year, 40 percent of which came from one office, according to a leaked internal document I obtained. Officials and lawmakers told me that until the Department imposes stricter policies and sounder practices to better protect sensitive intelligence, the vulnerabilities there could be exploited. Not only does this raise the threat that hostile actors could get their hands on classified information, but may lead to other U.S. agencies keeping DHS out of the loop on major security issues.

A spill is not the same as an unauthorized disclosure of classified information. A Homeland Security official explained that spills often include “the accidental, inadvertent, or intentional introduction of classified information into an unclassified information technology system, or higher-level classified information into a lower-level classified information technology system, to include non-government systems.”

Examples include: using a copier not approved for the level of classified information copied; failing to properly mark a classified product; transmitting classified information on an unclassified system like Gmail; or sending classified information to someone who, while having the proper level of clearance, is not authorized to read a section of information sent to them, the official said.

There were 119 of these classified spills reported throughout the Homeland Security Department in fiscal year 2015, according to the internal document, which itself is unclassified. The section with the most spills by far was the Office of Intelligence and Analysis, headquartered at building 19 of the Nebraska Avenue Complex in Washington, led by retired General Francis Taylor. This office is composed mostly of intelligence analysts assigned to produce and review classified reports that are often the work of other intelligence agencies, including the Central Intelligence Agency and the Office of the Director of National Intelligence.

One senior Homeland Security official told me that the intelligence and analysis office at DHS suffers from lax enforcement of the established policies and practices to protect classified information. This official said the numbers of classified spills in the internal report only represents those incidents that were officially reported, and the actual number is much higher.

S.Y. Lee, a department spokesman, told me that DHS does not comment on reports of leaked information, but that the department is currently having mandatory employee training sessions on the handling of classified and sensitive information.

“We take any report of mishandling of information very seriously, and when violations are discovered, the Department takes immediate, appropriate actions to address the situation,” he said. “DHS takes the protection of all our assets very seriously, and will continue to evolve our training and remediation efforts to address security needs and accountability to the American public.”

Experts on government secrecy and classified information handling told me that the number of spills alone does not directly prove that there is a larger cultural or policy problem at DHS. But there is a history of carelessness with e-mail at the department, and this new finding combined with anecdotal reports of bad practices indicate that there should be more investigation the intelligence and analysis division in particular.

“At a minimum, this raises a question about what’s going on at this corner of the agency,” said Steven Aftergood, director of the program on government secretary at the Federation of American Scientists. “If it is happening disproportionally in one part of the agency, that may mean that remedial measures are needed there, including security training, better oversight and similar steps.”

Spillages are a normal part of the classification system at the DHS and elsewhere, and there are formal procedures for addressing them because it’s understood that you cannot eliminate human error, he said. But if one intelligence shop is mishandling information from another part of the government, that could cause real problems in the interagency cooperation and intelligence-sharing.

“If they have a reputation as a shop with unreliable security, other agencies are going to think twice about sharing their most valuable information with Homeland Security,” Aftergood said. “It can hurt other agencies and it can rebound on them. It’s bad all around and should be corrected.”

Johannes B. Ullrich, dean of research for the SANS Technology Institute, said that it’s probable most of the classified spills were unintentional and the result of sloppiness more than anything else. But lax enforcement of policies meant to protect sensitive information also presents an opportunity for exploitation by malicious actors.

“If it’s accepted practice that you print documents and scan them in, for example, then it’s much easier for an insider to take advantage of that,” he said. “By reducing the unintentional spillage you make it easier to find the intentional ones.”

The House Homeland Security Committee is currently pushing DHS to implement new systems for monitoring employees who handle classified information. Last November, the House passed the DHS Insider Threat and Mitigation Act, which was sponsored by Representative Peter King, chairman of the Homeland Security Committee’s subcommittee on counterterrorism and intelligence. The bill would require Taylor, among other things, to develop a timeline for deploying workplace monitoring technologies, employee awareness campaigns, and education and training programs related to potential insider threats to the department’s critical assets. The Senate Homeland Security Committee marked up a companion bill earlier this month.

“In recent years, the department has made progress installing limited monitoring technology, but much more needs to be done,” King said in a statement. “Results from the existing systems demonstrate the need for more auditing and education for DHS employees.”

Classified spills are a government-wide problem and there’s no way to know if the incidents at the DHS intelligence shop have been exploited. But unless that office and the government as a whole does a better job of protecting classified information, it’s just a matter of time before real damage is done to U.S. national security

Lew Alcindor aka Eric Holder….But Its Okay?

Posted on by

While US Attorney General, Eric Holder Used Kareem Abdul-Jabbar’s Birth Name as His Official Email Address

Leopold/Vice:

Former US Attorney General Eric Holder is a huge fan of NBA hall of famer Kareem Abdul-Jabbar.

So much so that Holder used Abdul-Jabbar’s birth name, Lew Alcindor, as an alias for his official Department of Justice (DOJ) email account, raising more questions about the email practices of top Obama administration officials, and about the ability of US government agencies to track down correspondence in response to Freedom of Information Act (FOIA) requests.

The Lew Alcindor revelation was made in a February 16 letter that DOJ sent to VICE News and Ryan Shapiro, a historian and doctoral candidate at the Massachusetts Institute of Technology who specializes in national security research.

“For your information,” the letter said, “e-mails in the enclosed documents which use the account name ‘Lew Alcindor’ denote e-mails to or from former Attorney General Holder.”

The letter was part of about 500 pages of heavily redacted emails and other documents given to VICE News and Shapiro in response to a FOIA lawsuit filed in late 2014. The documents show that Justice Department officials sent emails to Lew Alcindor regarding calls from lawmakers for a federal investigation into claims that CIA personnel spied on Senate staffers while the Senate was drafting a report about the CIA’s torture program. Holder’s name does not appear anywhere in his Lew Alcindor email account.

The responses from Lew Alcindor, notably one about Senator Ron Wyden’s demand that the DOJ “reopen” an investigation into the CIA after the agency’s own internal watchdog upheld the spying allegations, are virtually all redacted. DOJ declined to launch a criminal probe into the matter, claiming there was insufficient evidence. (Earlier this month, Wyden confronted CIA Director John Brennan about the spying incident and tried to get him to acknowledge it was improper and would not happen again.)

Other documents center around messages sent to the DOJ by David Grannis, the former staff director of the Senate Intelligence Committee, about authorizing Senate staffers to return to a secure facility leased by the CIA so they could finish fact-checking and writing the torture report. Grannis brings up the DOJ’s subsequent “odd” request, communicated to Grannis through the CIA, that Senate staffers “receive a security refresher beforehand, highlighting especially the computer system’s audit feature.”

“Can you cast any light on what DOJ personnel meant by this, or why they said it? Seems odd for DOJ to get involved in the security procedures between the Agency and the Committee, so I wanted to make sure we understood DOJ’s recommendation,” Grannis wrote, suggesting that the DOJ gave credence to CIA claims that Senate staffers inappropriately gained access to a coveted internal CIA document that sparked CIA spying.

There are vast swaths of redacting black ink throughout the emails — including DOJ’s response to Grannis.

Last March, a week after the New York Times revealed that Democratic presidential candidate Hillary Clinton exclusively used a private email account to conduct official business while she was Secretary of State, Holder’s chief spokesman, Brian Fallon, disclosed that his boss had used three different aliases — all of which had a usdoj.gov domain — during his tenure as the nation’s top law enforcement official.

‘Will members of the public reviewing the records of Eric Holder’s tenure as attorney general understand emails purporting to be from Lew Alcindor are actually from him?’

Fallon made the disclosure less than a week before he announced that he would serve as lead press secretary for Clinton’s presidential campaign. Fallon identified two of the email accounts Holder previously used, but they weren’t the names of any known living person. Fallon declined to identify Holder’s third email alias other than to say that it was “based” on an athlete. (Before leaving the DOJ in April 2015, Holder had still been using the Lew Alcindor email address.)

Fallon, who exchanged many of the emails in the cache with Lew Alcindor, explained the rationale for the practice: to combat spam and to avoid being inundated with correspondence from the public.

A Justice Department spokesman told VICE News there was nothing improper or legally questionable about Holder using the identity of a living person for his email account. Nor was it in any way an attempt, he said, to thwart FOIA or the Federal Records Act, which requires government agencies to preserve federal records. DOJ officials who handle FOIA requests and congressional inquiries, the spokesman said, knew of Holder’s email aliases.

Yet DOJ and many other federal agencies, the State Department and FBI in particular, have been harshly criticized (including by VICE News) for poorly performing searches meant to capture emails from officials who use their true identities. Experts in FOIA law said Holder’s Lew Alcindor identity calls into question the ability of FOIA staff to locate all emails from an official who uses an alias.

Laura Sheehan, a spokeswoman for the National Archives and Records Administration (NARA), said the email alias practice appears to be fairly common among agency heads in large government departments.

“There is no prohibition against it, so long as they can be linked to the actual name,” Sheehan said.

A few years ago, the former head of the Environmental Protection Agency (EPA), Lisa Jackson, came under fire from conservative lawmakers and open government advocates — and was accused of attempting to thwart open records requests and federal records retention laws — after it was revealed that she used the email alias Richard Windsor when conducting official business. An inspector general review into the practice concluded that EPA lacks “internal controls to ensure the identification and preservation of records when using private and alias email accounts for conducting government business.” The disclosure lead NARA to issue policy guidance to the heads of federal agencies on email management, which say:

Agencies must ensure that the name of an individual employee is linked with each account in order to comply with FOIA, discovery, and the requirement to transfer permanent email records… to NARA. In most cases, this requires the full name or readily identifiable nickname that is maintained on a distribution list.

In a Q&A with the Washington Post shortly thereafter, NARA’s chief records officer, Paul Wester Jr., said that while there is no prohibition against using email aliases, the practice makes it difficult to locate and turn over records in response to FOIA requests, and NARA does not condone it.

“We’ve been pretty clear with agencies it is not a good practice to follow, and we don’t recommend that they authorize the use of personal e-mail accounts or alias accounts to conduct their business,” Wester said. “There’s a higher probability the emails wouldn’t be documented properly with their broader record keeping systems.”

Anne Weismann, the executive director of good government group Campaign for Accountability, and an expert on FOIA, told VICE News that even though the DOJ has acknowledged that Holder used an email alias, and that DOJ’s FOIA staff is aware, “it still raises a question about whether the agency is properly documenting its work and preserving records under the Federal Records Act.”

“Will members of the public reviewing the records of Eric Holder’s tenure as [attorney general] understand emails purporting to be from ‘Lew Alcindor’ are actually from him?” Weismann said. “An investigation clearly is warranted.”

Several years ago, Weismann inquired with the DOJ about the number of email accounts associated with Holder and his deputies. The DOJ responded to her inquiry by saying Holder’s email address does not use his name.

“This protects his privacy and security and allows him to conduct official business efficiently via e-mail,” DOJ attorney Vanessa Brinkman wrote in a September 30, 2013 letter addressed to Weismann. (Brinkmann also signed the February 16 letter turned over to VICE News and Shapiro.)

Holder, who returned to his old law firm Covington after he left the DOJ, did not return a call for comment.

A DOJ spokesman said Attorney General Loretta Lynch uses an official DOJ email address to conduct government business, but “to help guard against security risks, the Attorney General does not use her given name in the handle of her email address.”

Douglas Cox, a law professor with the City University of New York School of Law whose research focuses on the intersection of information policy and national security, said he believes there is a “legitimate problem” with alias emails, “especially in the way agencies appear to be administering them.”

“Agencies are unnecessarily creating risks of undermining FOIA responses, subpoena responses, and discovery disclosures,” Cox said. “I also think alias emails are inconsistent with the letter and spirit of the federal record keeping laws.”

Cox said he understands why Holder would want to avoid being spammed and receiving unsolicited emails from the public, “but I don’t see what the justification would be for not configuring [[email protected]] so [Holder’s] actual name appears in internal emails.”

“Is there some reason why the identity of the sender has to be masked internally? And if so, then they must be tightly controlling who knows the alias, which in turn invites, if not guarantees, FOIA and record keeping problems,” Cox said. “When you consider the possibility, if not likelihood based on what we know, that alias emails are common practice among high-ranking officials across dozens of agencies, the risk of undermining FOIA searches and discovery requests within the various agencies approaches certainty.”

Meanwhile, Abdul-Jabbar, who legally changed his name in 1971, was unaware that Holder used his birth name for his official government email account. A spokeswoman for the former Los Angeles Lakers great declined to comment about the issue. Last year, Abdul-Jabbar interviewed Holder for a documentary he is producing on race. And in an interview with Politico around the same time, Holder said he idolized Abdul-Jabbar growing up and that the basketball legend had become a friend.

 

Lew

The Core of the Hillary Server Controversy, Revealed

Posted on by

Once a year, those who handle classified information must attend a refresher class on dealing with classified material and the consequences of violating the rules governing classified material. My guess is Hillary and her circle of aides and protectors waived themselves from attending. Obama approved?

I guess there is a good reason it is called ‘Foggy Bottom’.

Spy agencies say Clinton emails closely matched top secret documents: sources

WASHINGTON (Reuters) – U.S. spy agencies have told Congress that Hillary Clinton’s home computer server contained some emails that should have been treated as “top secret” because their wording matched sections of some of the government’s most highly classified documents, four sources familiar with the agency reports said.

    The two reports are the first formal declarations by U.S. spy agencies detailing how they believe Clinton violated government rules when highly classified information in at least 22 email messages passed through her unsecured home server.

    The State Department has already acknowledged that the emails contained top secret intelligence, though it says they were not marked that way. It has not previously been clear if the emails contained full classified documents or only some information from them.

    The agencies did not find any top secret documents that passed through Clinton’s server in their full version, the sources from Congress and the government’s executive branch said.

    However, the agency reports found some emails included passages that closely tracked or mirrored communications marked “top secret,” according to the sources, who all requested anonymity. In some cases, additional classification markings meant access was supposed to be limited to small groups of specially cleared officials.

Under the law and government rules, U.S. officials and contractors may not transmit any classified information – not only documents – outside secure, government-controlled channels. Such information should not be sent even through the government’s .gov email network.

The front-runner for the Democratic nomination for president and former secretary of state has insisted she broke no rules. Clinton’s lawyer, David Kendall, did not respond to a request for comment. Clinton campaign spokespeople did not respond to multiple requests for comment.

Two sources said some of the top secret material was related to the CIA’s campaign of drone strikes against Islamist militants in the Middle East and South Asia.

That campaign has been widely reported by Reuters and other media outlets, but it officially is classified as a “Top Secret/Special Access Program” (SAP), meaning only a limited number of people whose names are on a special list are allowed to learn details about it.

One source said the reports identified some information in messages on Clinton’s server that came from human sources, such as confidential CIA informants, and some from technical systems, such as spy satellites or electronic eavesdropping.

The Clinton campaign criticized the State Department’s decision last month to withhold the 22 emails containing top secret information from the public, blaming it on “bureaucratic infighting” and “over-classification run amok.”

“As we have previously made clear, we are not going to speak to the content of the emails,” a State Department official said on Wednesday when asked about the intelligence agency reports.

Clinton’s use of a private server in her New York home for her government work is being investigated by the Federal Bureau of Investigation, the State Department’s and spy community’s internal watchdogs and several Republican-controlled congressional committees.

Two of the sources told Reuters that one of the reports on the emails came from the CIA. Three sources said the other report came from the National Geospatial Intelligence Agency (NGA), which analyzes U.S. spy satellite intelligence.

A spokesman for NGA did not immediately respond to requests for comment. CIA spokespeople declined to comment.

The two spy agencies’ reports were sent to Congress in the past few weeks by the intelligence community inspector general, an official government watchdog for multiple spy agencies.

The inspector general’s office has confirmed that it requested the reports from two intelligence agencies, but didn’t identify them.

    It was unclear what the congressional committees that received the classified reports, the House and Senate intelligence and foreign relations panels, will do with them. The contents cannot be discussed publicly. The committees requested intelligence reports in connection with their efforts to ensure that government secrets are appropriately protected.

Sidebar:

Everyone who handles Classified Material signs the SF-312 that outlines handling according to EO 13526 that requires an annual refresher course for originators of Classified Materials. Section 1 outlines handling. Section 4 is agreement to punishment if violation is discovered. Text of SF-312 below:

1. Intending to be legally bound, I hereby accept the obligations contained in this Agreement in consideration of my being granted access to classified information. As used in this Agreement, classified information is marked or unmarked classified information, including oral communications, that is classified under the standards of Executive Order 13526, or under any other Executive order or statute that prohibits the unauthorized disclosure of information in the interest of national security; and unclassified information that meets the standards for classification and is in the process of a classification determination as provided in sections 1.1, 1.2, 1.3 and 1.4(e) of Executive Order 13526, or under any other Executive order or statute that requires protection for such information in the interest of national security. I understand and accept that by being granted access to classified information, special confidence and trust shall be placed in me by the United States Government.

4. I have been advised that any breach of this Agreement may result in the termination of any security clearances I hold; removal from any position of special confidence and trust requiring such clearances; or termination of my employment or other relationships with the Departments or Agencies that granted my security clearance or clearances. In addition, I have been advised that any unauthorized disclosure of classified information by me may constitute a violation, or violations, of United States criminal laws, including the provisions of sections 641, 793, 794, 798, *952 and 1924, title 18, United States Code; *the provisions of section 783(b}, title 50, United States Code; and the provisions of the Intelligence Identities Protection Act of 1982. I recognize that nothing in this Agreement constitutes a waiver by the United States of the right to prosecute me for any statutory violation.

Judiciary Cmte; Muslim Brotherhood, Terror Organization

Posted on by

Yes!!!

Feb 24 2016

Judiciary Committee Calls on Administration to List Muslim Brotherhood as a Terrorist Organization

Washington, D.C.  – The House Judiciary Committee today approved by a vote of 17-10 the Muslim Brotherhood Terrorist Designation Act of 2015 (H.R. 3892), which calls on the State Department to recognize the Muslim Brotherhood as a foreign terrorist organization in order to better protect national security.

The Muslim Brotherhood, which was founded in Egypt in 1928 by Hassan al-Banna, remains headquartered in Egypt but operates throughout the world. The Muslim Brotherhood’s strategic goal “in America is a kind of grand Jihad in eliminating and destroying the Western civilization from within and ‘sabotaging’ its miserable house by their hands and the hands of the believers so that it is eliminated and God’s religion is made victorious over all other religions.” It has supported Islamist terrorism directly through fundraising and extortion, and has been designated as a terrorist organization by several U.S. allies in the Middle East.

H.R. 3892 would have a threefold effect: the Administration would actually have to deny admittance to aliens tied to the Muslim Brotherhood; persons who provide material support to the Muslim Brotherhood would be subject to federal criminal penalties; and the Treasury Department would be able to require U.S. financial institutions possessing or controlling any assets of the Muslim Brotherhood to block all financial transactions involving those assets.

Below is a statement from House Judiciary Committee Chairman Bob Goodlatte (R-Va.) and Representative Mario Diaz-Balart (R-Fla.), the author of this legislation, on today’s Committee vote.

Chairman Goodlatte: “The Muslim Brotherhood’s embrace of terrorism and the very real threat it poses to American lives and the national security of the United States make it long overdue for designation.  The bill passed by the House Judiciary Committee today calls the State Department to do the right thing and designate the Muslim Brotherhood as a foreign terrorist organization. This will make it less likely that members of the Muslim Brotherhood will be able to enter the United States. I thank Congressman Diaz-Balart for introducing this bill and urge the House of Representatives to consider it immediately.”

Rep. Diaz-Balart: “The Muslim Brotherhood continues to pose a global threat. The jihadist movement actively supports and finances terrorist networks around the world, including al-Qaeda and Hamas. The United States must recognize and sanction the Muslim Brotherhood as a terrorist organization as part of our national security strategy. I thank Chairman Goodlatte for his leadership and assistance in getting this bill through committee, and I look forward to working with him when it is brought to the floor.”

brotherhood

*** In part from JPost: Just a few years ago, the conventional wisdom in Washington, DC, was that the Muslim Brotherhood would be a moderating force in the Middle East and bring democracy to the region. But not three years after the beginning of the “Arab Spring,” the people of countries like Egypt and Tunisia removed their Muslim Brotherhood- led governments. Other Middle Eastern nations have taken measures to designate the organization as a terrorist group and banned their activity entirely. Even our British allies have opened an official investigation into the group’s activities and connection to violent extremism. More here.

*** Gatestone:

  • “[T]he organization of the Muslim Brotherhood is a terrorist organization, and anyone who asks either to reconcile with them, to join them or to ally with them is himself a terrorist.” — Refaat Saïd, leader of Egypt’s Socialist party, al-Tagammu’, and previously close friend of former Muslim Brotherhood Supreme Guide, Mahdi Akef.
  • It should come as no surprise, then, that the motto of Ansar Bayt al-Maqdis is also the verse singled out by Hassan al Banna: “Fight them until there is no fitnah [discord], and [until] the religion, all of it, is for Allah.” [Qur’an, Sura VIII, verse 39]
  • The link between the Muslim Brotherhood and Hamas is clear, and confirmed by Article 2 of the Charter of Hamas, which reads: “The Islamic Resistance movement is one of the wings of the Muslim Brothers in Palestine”.  Complete details here.

     

     

Nightmare for Taxpayers According to an IRS Bulletin

Posted on by

IRS is warning taxpayers of a new surge in tax-related incidents

It is a nightmare for taxpayers according to an IRS bulletin there is a 400 percent surge in tax-related phishing and malware incidents.

This year the IRS already reported 1,026 malware and phishing incidents, compared to 254 this time last year.

SecurityAffairs: The IRS is warning taxpayers of newer forms of attacks aiming victims into disclosing credentials to third-party tax preparation service accounts.

“The Internal Revenue Service renewed a consumer alert for e-mail schemes after seeing an approximate 400 percent surge in phishing and malware incidents so far this tax season.” states the bulletin. “The emails are designed to trick taxpayers into thinking these are official communications from the IRS or others in the tax industry, including tax software companies. The phishing schemes can ask taxpayers about a wide range of topics. E-mails can seek information related to refunds, filing status, confirming personal information, ordering transcripts and verifying PIN information.”

The IRS Commissioner John Koskinen used the adjective “dramatic” to describe this surge in tax-related incidents inviting taxpayers to watch out for scammers.

“This dramatic jump in these scams comes at the busiest time of tax season,” said Koskinen. “Watch out for fraudsters slipping these official-looking emails into inboxes, trying to confuse people at the very time they work on their taxes. We urge people not to click on these emails.”

Threat actors are very interested in using the tax season as a lure, in a common attack scenario victims receive an email containing links to the domain used to serve malware. In other cases, the attackers used emails with attachments that include documents embedding malicious macros. Once the victims open the document, the macro drops a malware on the victim’s machine, including dreaded ransomware like CryptoLockerTeslaCrypt and Locky.

These are the alarming statistics provided by the IRS:

  • There were 1,026 incidents reported in January, up from 254 from a year earlier.
  • The trend continued in February, nearly doubling the reported number of incidents compared to a year ago. In all, 363 incidents were reported from Feb. 1-16, compared to the 201 incidents reported for the entire month of February 2015.
  • This year’s 1,389 incidents have already topped the 2014 yearly total of 1,361, and they are halfway to matching the 2015 total of 2,748.

Recently IRS services were abused by crooks to target taxpayers, in May 2015 the Internal Revenue Service was breached by hackers that “used an online service provided by the agency” to access data for more than 100,000 taxpayers. The IRS issued an official statement on the incident and specified that the compromised system was “Get Transcript.” The Transcript service could be used by taxpayers to get a transcript online or by mail to view their tax account transactions.

In August 2015, the Internal Revenue Service disclosed a new review of its system, revealing that 334,000 taxpayers (more than three times it initially estimated) may be affected by the hack it announced in May.

A couple of weeks ago the IRS detected roughly unauthorized attempts using 464,000 unique SSNs, and 101,000 attempts allowed crooks in generating PINs.

The U.S. Internal Revenue Service confirmed that cyber criminals abused the Electronic Filing PIN application running on irs.gov that allows taxpayers to generate a PIN that they can use to file tax returns online.

Pierluigi Paganini