Category Archives: FBI

About this Security Clearance Mess

Posted on by
  1. There are many levels to having security clearance.
  2. Having clearance does not automatically grant access to classified information as a result of position, rank or title.
  3. Having any level of security clearance also includes a required signature to a non-disclosure agreement.
  4. Based on information, job duty or other stipulations, clearance has limitation including a ‘need to know’ basis.
  5. Clearance can be and is in many cases a temporary condition for people in and outside of government.
  6. Former DNI, James Clapper made the last and most recent modifications to security clearance access in January of 2017 at the behest of former President Obama. It is 27 pages and can be read here.
  7. All people with any type or level of security clearance includes ‘public trust’.
  8. There is an outside/contracted agency that performs the investigation of personnel applying for clearance.

Security Clearance Process Infographic - ClearanceJobs

Eligibility for access to classified information, commonly known as a security clearance, is granted only to those for whom an appropriate personnel security background investigation has been completed. It must be determined that the individual’s personal and professional history indicates loyalty to the United States, strength of character, trustworthiness, honesty, reliability, discretion, and sound judgment, as well as freedom from conflicting allegiances and potential for coercion, and a willingness and ability to abide by regulations governing the use, handling, and protection of classified information. A determination of eligibility for access to such information is a discretionary security decision based on judgments by appropriately trained adjudicative personnel. Eligibility will be granted only where facts and circumstances indicate access to classified information is clearly consistent with the national security interests of the United States. Access to classified information will be terminated when an individual no longer has need for access.

Security clearances are subject to periodic re-investigation every 5 years. The individual will submit an updated security package and another background investigation will be conducted. The investigation will again cover key aspects of the individual’s life, but will start from one’s previous background investigation.

***

Meanwhile, there are now an estimated 177 signatures on the list rebuking President Trump’s removal of former CIA Director John Brennan.

Was Admiral McRaven a hack with his response? Yuppers.   Watch the interview here.

Trump Admin Seeking Global Cyber Dominance

Posted on by

Finally!

https://archive.org/services/img/2007NSAProceduresUsedToTargetNonUSPersons Archivo:Presidential-policy-directive 20.pdf - Wikipedia ...

President Trump signed an order that reverses the classified rules and cyber processes from the Obama administration, known as IVE PPD 20. It was signed in October 2012, and this directive supersedes National Security Presidential Directive NSPD-38. Integrating cyber tools with those of national security, the directive complements NSPD-54/Homeland Security Presidential Directive HSPD-23.

Per WikiPedia:

After the U.S. Senate failed to pass the Cybersecurity Act of 2012 that August,[12] Presidential Policy Directive 20 (PPD-20) was signed in secret. The Electronic Privacy Information Center (EPIC) filed a Freedom of Information Request to see it, but the NSA would not comply.[13] Some details were reported in November 2012.[14] The Washington Post wrote that PPD-20, “is the most extensive White House effort to date to wrestle with what constitutes an ‘offensive’ and a ‘defensive’ action in the rapidly evolving world of cyberwar and cyberterrorism.”[14] The following January,[15] the Obama administration released a ten-point factsheet.[16]

On June 7, 2013, PPD-20 became public.[15] Released by Edward Snowden and posted by The Guardian,[15] it is part of the 2013 Mass Surveillance Disclosures. While the U.S. factsheet claims PPD-20 acts within the law and is, “consistent with the values that we promote domestically and internationally as we have previously articulated in the International Strategy for Cyberspace”,[16] it doesn’t reveal cyber operations in the directive.[15]

Snowden’s disclosure called attention to passages noting cyberwarfare policy and its possible consequences.[15][17] The directive calls both defensive and offensive measures as Defensive Cyber Effects Operations (DCEO) and Offensive Cyber Effects Operations (OCEO), respectively.

President Trump has taken this action to aid not only the military, but it would work to deter foreign actors, impede election influence and apply new penalties for violations. There have been high worries by officials due to electric utilities and the brute cyber attacks.

***

Some lawmakers have raised questions in recent months about whether U.S. Cyber Command, the chief agency responsible for conducting offensive cyber missions, has been limited in its ability to respond to alleged Russian efforts to interfere in U.S. elections due to layers of bureaucratic hurdles.

The policy applies to the Defense Department as well as other federal agencies, the administration official said, while declining to specify which specific agencies would be affected. John Bolton, Mr. Trump’s national security adviser, began an effort to remove the Obama directive when he arrived at the White House in April, the official said.

As designed, the Obama policy required U.S. agencies to gain approval for offensive operations from an array of stakeholders across the federal government, in part to avoid interfering with existing operations such as digital espionage.

Critics for years have seen Presidential Policy Directive 20 as a particular source of inertia, arguing that it handicaps or prevents important operations by involving too many federal agencies in potential attack plans. But some current and former U.S. officials have expressed concern that removing or replacing the order could sow further uncertainty about what offensive cyber operations are allowed.

One former senior U.S. official who worked on cybersecurity issues said there were also concerns that Mr. Trump’s decision will grant the military new authority “which may allow them to have a domestic mission.”

The Obama directive, which replaced an earlier framework adopted during the George W. Bush administration, was “designed to ensure that all the appropriate equities got considered when you thought about doing an offensive cyber operation,” said Michael Daniel, who served as the White House cybersecurity coordinator during the Obama administration. “The idea that this is a simple problem is a naive one.”  More here from the WSJ.

Bomb Threat Ground Planes in Chile, Peru, Greece and Argentina

Posted on by

Defense Secretary Mattis just happened to be in Chile.

Defense Secretary James N. Mattis highlights a joint agreement he signed on cooperation between the United States and Chile in cyber operations and protection of Chile’s cyber domain during a visit to Santiago, Chile, Aug. 16, 2018.

***

Reported on the 9th: Mattis embarks Sunday, Aug. 12 on his first trip to South America while leading the Department of Defense.

The White House declared 2018 the “Year of the Americas,” and the Secretary’s trip underscores the Department’s strong defense ties with Brazil, Argentina, Chile and Colombia. These relationships are critical to a collaborative, prosperous and secure Western hemisphere.

Secretary Mattis will begin his trip in Brazil, where he will meet with senior officials and defense leaders. He will also speak at the Escola Superior de Guerra, the country’s war college, and visit the national monument to Brazilian service members killed in World War II.

Secretary Mattis will then visit Argentina, where he will meet with senior defense officials to discuss defense issues of mutual interest.

His third stop is Chile to exchange strategic perspectives with senior officials.

Secretary Mattis concludes his trip in Colombia, where he will meet members of the newly elected administration.

***

LIMA (Reuters) – A LATAM Airlines passenger plane that departed Lima for Santiago, Chile, on Thursday was forced to land at an airport in southern Peru due to a bomb threat received by Chilean authorities, Peru’s Transportation Ministry said.

No one was injured on LATAM flight 2369 and a team for deactivating explosives has been notified, the ministry said. “Right now the situation is under control,” it added in a statement on Twitter.

***

On the island of Crete in Greece, a German Condor Airways passenger plane made an emergency landing at Chania airport over an alleged bomb threat on board, local media reported.

The aircraft with more than 270 passengers was en route from Egypt’s Hurghada to Duesseldorf, according to Skai broadcaster.

All passengers and 11 crew members safely left the plane after the landing. The reports of the bomb threat are being checked by the police.

Local military officials say the Boeing 757 jet was escorted to Chania airport by two Greek air force F-16 fighters scrambled after the pilot reported the threat, and landed without incident late Thursday.

The airport had been placed on a state of alert but that has since been lifted.

K2/Spice Overdoses, Sadly Very Common

Posted on by

It is sold at convenience stores and costs $20-$50 per 3 grams. It is legal and is undetectable in drug tests.

It has a few names other than laced marijuana, such as K2, Spice, Genie, Mojo or Zohai. Head shops sell it as for the most part it is not regulated in the United States but is banned in most of Europe.

One K2 sample tests negative for Fentanyl as New Haven ...

Synthetic cannabinoid users report some effects similar to those produced by marijuana:

elevated mood
relaxation
altered perception—awareness of surrounding objects and conditions
symptoms of psychosis—delusional or disordered thinking detached from reality

Psychotic effects include:

extreme anxiety
confusion
paranoia—extreme and unreasonable distrust of others
hallucinations—sensations and images that seem real though they are not

People who have used synthetic cannabinoids and have been taken to emergency rooms have shown severe effects including:

rapid heart rate
vomiting
violent behavior
suicidal thoughts

More here

"Poison in candy wrap" "Veneno en envoltura de caramelo ...

***

Chinese manufacturers are shipping thousands of pounds synthetic chemicals into the U.S. to make dangerous recreational drugs – and it’s all legal.

The Drug Enforcement Agency and U.S. lawmakers are struggling to keep up with the influx of new, completely untested, compounds that Chinese chemists offer up online.

Websites for Chinese manufacturers advertise of host of chemical substances that can be bought legally by American citizens and shipped to the U.S. 

The drugs go by street names like Spice, Bath Salts, Molly, Smiles and N-bomb. They are meant to mimic the effects of marijuana, cocaine, LSD and other banned substances. Many forms of these drugs were legal until only very recently. More here.

***

More than 70 people overdosed in or around a historic Connecticut park near the Yale University campus on Wednesday after receiving what authorities believe was synthetic marijuana laced with the powerful opioid fentanyl. Although there have been no deaths, at least two people suffered life-threatening symptoms, according to authorities.

Connecticut Public Radio‘s Diane Orson reports that at least one person has been arrested in connection with the case.

“After 8:00 [a.m. Wednesday], we ended up with 12 victims in a 40-minute period. That caused us to respond with a multi-casualty incident,” New Haven Fire Chief John Alston said. “It brought out Yale New Haven Hospital, New Haven Police Department, Fire Department, [American Medical Response]. We also have representatives with the DEA here.”

Rick Fontana, the director of emergency operations for New Haven, told Connecticut Public Radio’s Tucker Ives that 72 people were transported to local hospitals while four patients refused treatment on scene, for a total of 76 cases.

“Only a few required admittance to the hospital, and most were discharged or left before any treatment,” Fontana told Ives.

Most of the overdoses occurred on the New Haven Green, a downtown park adjacent to Yale.

“We literally had people running around the Green providing treatment,” Fontana said Wednesday, according to The Associated Press.

“Do not come down to the Green and purchase this K2,” New Haven Police Chief Anthony Campbell told WVIT-TV. “It is taking people out very quickly, people having respiratory failure. Don’t put your life in harm.”

The AP reports, “Paramedics and police officers remained at the park all day as more people fell ill. Some became unconscious and others vomited, authorities said. Emergency responders rushed to one victim as officials were giving a news conference nearby late Wednesday morning.”

Connecticut Public Radio reports:

“[Fire Chief] Alston says the substance appears to be some type of synthetic cannabis, but authorities are not sure. Some of the victims were unconscious and in respiratory distress.

At first, the drug [naloxone] — used to treat narcotic overdoses — appeared not to work. ‘Narcan was not effective here at the scene,’ said Alston. ‘However higher concentrations of it in the emergency room proved effective.’

He says one of the victims still had some of the drug, which has been sent off to a lab for testing.”

The Hartford Courant said authorities had determined that patients had smoked the synthetic cannabinoid K-2 laced with fentanyl.

Officer David Hartman was quoted by the newspaper as saying the patients were being treated for overdose-related respiratory illnesses.

WVIT reports that the man arrested “is believed connected to at least some of the overdoses” and “had drugs on him at the time of his arrest, [but] has yet to be charged in any of the overdose cases.”

Gov. Dannel Malloy said Wednesday that the state Department of Public Health and the Department of Mental Health and Addiction Services were assisting New Haven with the rash of overdoses.

“Today’s emergency is deeply troubling and illustrative of the very real and serious threat that illicit street drugs pose to health of individuals,” Malloy said, according to the Hartford Courant. “The substance behind these overdoses is highly dangerous and must be avoided.”

The AP notes, “New Haven first responders were called to a similar overdose outbreak on the Green on July 4, when more than a dozen people were sick from synthetic marijuana. The city also saw more than a dozen synthetic marijuana overdoses in late January. No deaths were reported in either outbreak.”

The latest incident in Connecticut comes as new preliminary estimates on 2017 overdose deaths were released by the Centers for Disease Control and Prevention.

The CDC said a record 72,000 Americans died last year because of drug overdose — about 10 percent higher than previous figures. It said major causes of the increase in deaths are the growing number of people using opioids and the increased potency of the drugs themselves.

Boy, 11, Hacks into Replica U.S. Vote Website in Minutes

Posted on by

(Reuters) – An 11-year-old boy managed to hack into a replica of Florida’s election results website in 10 minutes and change names and tallies during a hackers convention, organizers said, stoking concerns about security ahead of nationwide votes.

** 11-Year Old Emmett Brewer Hacks Into Replica US Vote ... photo

The boy was the quickest of 35 children, ages 6 to 17, who all eventually hacked into copies of the websites of six swing states during the three-day Def Con security convention over the weekend, the event said on Twitter on Tuesday.

The event was meant to test the strength of U.S. election infrastructure and details of the vulnerabilities would be passed onto the states, it added.

The National Association of Secretaries of State – who are responsible for tallying votes – said it welcomed the convention’s efforts. But it said the actual systems used by states would have additional protections.

“It would be extremely difficult to replicate these systems since many states utilize unique networks and custom-built databases with new and updated security protocols,” the association said.

The hacking demonstration came as concerns swirl about election system vulnerabilities before mid-term state and federal elections.

U.S President Donald Trump’s national security team warned two weeks ago that Russia had launched “pervasive” efforts to interfere in the November polls.

Participants at the convention changed party names and added as many as 12 billion votes to candidates, the event said.

“Candidate names were changed to ‘Bob Da Builder’ and ‘Richard Nixon’s head’,” the convention tweeted.

The convention linked to what it said was the Twitter account of the winning boy – named there as Emmett Brewer from Austin, Texas.

A screenshot posted on the account showed he had managed to change the name of the winning candidate on the replica Florida website to his own and gave himself billions of votes.

The convention’s “Voting Village” also aimed to expose security issues in other systems such as digital poll books and memory-card readers.

***

Mark Earley, the elections supervisor in Leon County who is a cybersecurity liaison between state and local officials, questioned how outsiders could obtain the security protocols used by Florida if they weren’t already behind the system’s firewalls. He said that all this “hacking noise” and “misinformation plays into the hands of the folks who are trying to undermine democracy.”

Jeff Kosseff, a lawyer and assistant professor at the United States Naval Academy Cyber Studies Department, said states are struggling with election security threats. He said they should work with outsiders in order to see if there are flaws in their systems.

“All states should look at this as a wake-up call,” Kosseff said. “What were the shortcomings identified and how they can fix it. I don’t think it should be an adversarial.”