Category Archives: Military

US Seeks Forfeiture of the Oil from IRGC Tanker

Posted on by

A civil forfeiture complaint is merely an allegation. The United States bears the burden of proving that the oil in question is subject to forfeiture in a civil forfeiture proceeding. Funds successfully forfeited with a connection to a state sponsor of terrorism may in whole or in part be directed to the United States Victims of State Sponsored Terrorism Fund (http://www.usvsst.com/) after the conclusion of the case.

NEW YORK – The United States filed a forfeiture complaint in the U.S. District Court for the District of Columbia alleging that all oil aboard a Liberian-flagged vessel, the M/T Achilleas (Achilleas), is subject to forfeiture based on U.S. terrorism forfeiture laws. This investigation was led by Homeland Security Investigations (HSI) New York and the FBI’s Minneapolis office.

U.S. Looks to Courts to Seize 2 Million Barrels of Alleged ...

The complaint alleges a scheme involving multiple entities affiliated with Iran’s Islamic Revolutionary Guard Corps (IRGC) and the IRGC-Qods Force (IRGC-QF) to covertly ship Iranian oil to a customer abroad. Participants in the scheme attempted to disguise the origin of the oil using ship-to-ship transfers, falsified documents and other means, and provided a fraudulent bill of lading to deceive the owners of the Achilleas into loading the oil in question.

The complaint alleges in part that the oil constitutes the property of, or a “source of influence” over, the IRGC and the IRGC-QF, both of which have been designated by the United States as foreign terrorist organizations. The documents allege that profits from oil sales support the IRGC’s full range of nefarious activities, including the proliferation of weapons of mass destruction and their means of delivery, support for terrorism, and a variety of human rights abuses, at home and abroad.

“This latest civil forfeiture action exemplifies the remarkable work of this multi-agency task force that works tirelessly toward furthering our shared goal of protecting the homeland from regimes that threaten our national security,” said Special Agent in Charge Peter C. Fitzhugh for HSI New York. “This investigation sends a message that the attempted circumvention of U.S. sanctions by the IRGC-QF will not be tolerated. HSI will continue to work with our partners and utilize the full scope of our authorities to disrupt the attempts of hostile countries and regimes to generate profits from oil sales used to support terrorism and the proliferation and delivery of weapons of mass destruction.”

“Iran uses profits from its petroleum sector to fund the malign activities of the IRGC-QF, a designated terrorist group,” said Special Agent in Charge Michael F. Paul of the FBI’s Minneapolis Field Office. “The FBI will continue to prioritize the enforcement of sanctions, and we applaud the efforts of our agents and partners on this investigation.”

“The U.S. Attorney’s Office for the District of Columbia will continue working with our law enforcement partners to stem the flow of illicit oil from Iran’s Islamic Revolutionary Guard Corps and Qods Force,” said Acting U.S. Attorney Michael R. Sherwin. “We will use all available tools, including our jurisdiction to seize and forfeit assets located abroad, to combat funding for terrorists and those who would do harm to the United States.”

“The forfeiture complaint filed today serves as a reminder that the IRGC and IRGC-QF continue to exert significant control over the sale of Iranian oil,” said Assistant Attorney General John C. Demers for the National Security Division. “As we have demonstrated in the past, the department will deploy all tools at its disposal to ensure that the IRGC and IRGC-QF cannot use profits from the sale of Iranian oil to fund terrorism and other activities that threaten the safety and security of all Americans.”

A civil forfeiture complaint is merely an allegation. The United States bears the burden of proving that the oil in question is subject to forfeiture in a civil forfeiture proceeding. Funds successfully forfeited with a connection to a state sponsor of terrorism may in whole or in part be directed to the United States Victims of State Sponsored Terrorism Fund after the conclusion of the case.

HSI New York and the FBI’s Minneapolis Field Office are leading the investigation of Iranian petroleum shipments. Assistant U.S. Attorneys Michael P. Grady and Brian P. Hudak of the U.S. Attorney’s Office for the District of Columbia and Trial Attorney David Lim of the Counterintelligence and Export Control Section of the National Security Division are prosecuting the case, with support from Paralegal Specialist Brian Rickers and Legal Assistant Jessica McCormick of the U.S. Attorney’s Office for the District of Columbia. The Money Laundering and Asset Recovery Section’s Program Operations Staff of the Justice Department’s Criminal Division has provided extensive assistance throughout the investigation.

SecDef Austin Fires all Advisory Board(s) Members

Posted on by

Dismissed were hundreds of members of 42 Pentagon advisory boards. 42 separate advisory boards? Really?

Current members being told to step down are only those appointed by the Pentagon and not those appointed by the White House or Congress. For example four people appointed by the Pentagon to a congressionally mandated commission on stripping the names of Confederate generals from military bases will be removed but others on that panel appointed by Congress will remain.
A review of all the boards, and whether they are still needed, will now be the focus before new members are named.

The 42 advisory boards cost taxpayers millions of dollars each year and some of their work is believed to be potentially redundant, which added to the need for the review.
The action effectively removes, for now, several hundred people serving on boards who advise on everything from defense policy, science, innovation, health issues, coastal engineering, sexual misconduct and diversity and inclusion.

WASHINGTON—Defense Secretary Lloyd Austin dismissed every member of the Pentagon’s policy advisory boards Monday, ousting last-minute Trump administration nominees as well as officials appointed by previous administrations.

Lloyd Austin Confirmed As 1st Black Pentagon Chief In U.S. History : President Biden Takes Office : NPR

By removing every member, Mr. Austin avoided selectively firing those appointed by the Trump administration. The defense chief will name new members to each of the least a dozen boards in the coming weeks.

The move was foreshadowed last week when Mr. Austin suspended the onboarding process for Trump administration nominees to Pentagon advisory boards, effectively preventing them from being seated.

Mr. Austin’s directive last week applied to Trump nominees who were still in the security clearance process. Among those who were affected then were Corey Lewandowski, former President Donald Trump’s 2016 presidential campaign manager, and David Bossie, a former Trump deputy campaign manager, both of whom had been named to the Defense Business Board, an unpaid group that advises the defense secretary and other leaders on business practices.

Because of their potential access to classified information, it can take months for someone to get through the security clearance process and formally join a board. Mr. Austin’s directive last week suspended that process.

In the last weeks of the Trump administration, then acting Defense Secretary Chris Miller named at least a dozen supporters of President Trump to various Pentagon advisory boards.

Those included retired Brig. Gen. Anthony Tata, who weeks earlier had been rejected by the Senate for consideration as the Pentagon’s top policy official, even as he served in that position since June in an acting capacity. Senators and some retired generals expressed concern over inflammatory tweets he made years ago on Islam, President Barack Obama and Democratic lawmakers.

The advisory boards, some of which date back to at least the 1950s, were intended to be bipartisan and offer a diversity of opinion to Pentagon leaders on potential policies.

Among those removed from policy boards by Mr. Miller were former Secretaries of State Madeleine Albright and Henry Kissinger, former House Majority Leader Eric Cantor (R., Va.) and former Rep. Jane Harman (D., Calif.), a onetime senior Democrat on the House Intelligence committee.

 

Biden Leaving Troops in Afghanistan Past the May Deadline

Posted on by

For many many months, the Trump administration was negotiating a peace deal with the Taliban. Frankly, all that the Taliban has agreed to, they have violated. Trump also issued a schedule to lower troop levels in Afghanistan to only a small tight residual number in May of 2021 along with contractors. With the new possible threat(s) of the Taliban and their growing connection to al Qaeda, Biden has decided to leave troop levels in the region at the present level with an increase in Syria and possibly Iraq. All the while, Iran just hosted a Taliban leader for talks where the topic(s) are unknown. Further, Taliban officials have been meeting in Moscow with Russian officials. Those details are found here. 

President Biden also has another immediate issue before him and that is the release of a U.S. contractor that went missing in Afghanistan about a year ago. Mark Frerichs, a navy veteran went missing about a year ago while he was working as a contractor on an engineering project. It is thought he is in the custody of the Haqqani network. The U.S. State Department is offering a $5 million reward that leads to Frerichs’ return. 

So, it is rather fitting that just this week, a very old FOIA request for former Defense Secretary Donald Rumsfeld documents have been released. Frankly, the questions which were referred to at the Pentagon as ‘snowflakes’ reflects his frustration of the layers of bureaucracy  within the Department of Defense and his anger at getting real answers and challenging the quality of intelligence reports. Sound familiar? It is clearly a problem that after 20+ years has not found a quality solution. Just read a few of his snowflakes and judge for your self.

***Donald H. Rumsfeld - U.S. PRESIDENTIAL HISTORY

35 of the most notable items from the new collection is below from the National Archives. 

A follow-on DNSA publication covering the rest of Rumsfeld’s tenure as secretary will appear through ProQuest later in 2021.

One such snowflake was written on March 3, 2003. At 8:16 AM, Rumsfeld wrote to Senior Military Assistant LTG Bantz J. Craddock and Department of Defense General Counsel William Haynes with the subject “KSM”. He wanted to know, “Do we know where the information to find Khalid Sheikh Mohammed came from? Was it from GTMO detainees?” There is no response from either Craddock or Haynes in the DOD release to the Archive, though Rumsfeld’s question is likely a push back to the false claims made by CIA Director George Tenet that the Agency’s resort to torture of Abu Zubaydah led to the capture of Khalid Sheikh Mohammed.

The Senate Select Committee on Intelligence torture report would later reveal that key intelligence on KSM as the mastermind of the 9/11 attacks came from the FBI’s non-coercive, rapport-building interrogation of Abu Zubaydah.[1] This success was prior to the CIA’s contract psychologists, James Mitchell and Bruce Jessen, taking over the interrogation at the CIA “Detention Site Green” in Thailand, which was created to house Zubaydah in 2002.  Their approach to Zubaydah would include 83 water board sessions yet fail to produce any valuable intelligence.  CIA clandestine services chief Jose Rodriguez (and perhaps Gina Haspel, who would later become DCI, though CIA redactions of documents continue to obscure her role) ordered the destruction of the torture videotapes, commenting that “the heat from destoying [sic] is nothing compared to what it would be if the tapes ever got into public domain.”

Later on March 3, under the subject “Contingencies”, Rumsfeld wrote to Under Secretary of Defense for Policy Doug Feith, stating, “We need to plan what we will do if Saddam Hussein is captured. We need to plan what we will do if we catch an imposter.” There is no record of Feith’s answer in the DOD release to the Archive.

Throughout Rumsfeld’s tenure, his snowflakes circulated daily through the highest levels of the Pentagon. With scant limitations on their subject matter, the all-encompassing documents are sometimes an hourly paper trail inside the Office of the Secretary of Defense during six years of tremendous consequence for U.S. foreign policy. The declassified documents also provide an account that at times contradicts DOD public statements.  For example, The Washington Post published a selection of the memos in the six part series “The Afghanistan Papers” in September 2019 revealing that officials misled the American public about the war in Afghanistan.

The entire corpus of snowflakes also details many aspects of the day-to-day operations of the Pentagon, the modernization of the U.S. armed forces, and Rumsfeld’s personal agenda against bureaucracy. “Bureaucracy is driving people nuts,” he wrote in an April 8, 2002, memo at 7:41AM. “If we can take two or three layers out of this place, we will be a lot better off.” In a separate April 8 letter, the secretary suggested cutting all major Pentagon programs by at least 20 percent. (The DOD budget increased by 37.54 percent between FY2001 and FY2006.) On March 11, 2002, Rumsfeld wrote to colleagues, “I am getting tired of seeing the word ‘joint’ everywhere.”

Rumsfeld, Snowflake by Snowflake - Open Source with ...

Other topics in the collection include:

  • the military budgeting process and efforts to rein in defense spending;
  • military planning, procurement, and expenditures;
  • nuclear issues – weapons, proliferation, safety;
  • decision making on military wages, benefits, tours of duty, and veterans issues;
  • military intelligence;
  • Defense Department relations with the CIA and Homeland Security;
  • Rumsfeld’s relations with the State Department and National Security Council;
  • U.S. relations with NATO;
  • U.S. military relations with Russia, former Soviet republics, and other countries;
  • Rumsfeld’s interactions with the news media, Congress, and the public;
  • Guantanamo detainees, interrogation, and torture;
  • concerns about the International Criminal Court and U.S. liability for war crimes;
  • the hunt for Osama bin Laden and other terrorists;
  • the Joint Strike Fighter program; and
  • the emergency landing of a U.S. EP-3 at Hainan Island in 2001

Donald Rumsfeld’s Snowflakes, Part 1: The Pentagon and U.S. Foreign Policy, 2001-2003 will be a critical research tool for historians and will be available through many college and research libraries. Part II, which covers the last three years of Rumsfeld’s tenure as secretary of defense from 2004 to 2006, will be published in 2021. Learn more about accessing the Digital National Security Archive through your library online and how to request a free trial here.

 

March 11, 2002
April 8, 2002
September 12, 2003
October 23, 2003

A few more:

October 10, 2001
Rumsfeld requests a daily report on the location of Osama bin Laden.

 

November 8, 2001
Rumsfeld inquires: “Why doesn’t Pakistan sever its relationship with [sic] Taliban?”

 

November 29, 2001
Rumsfeld accuses career employees in the OSD of undermining his decisions and working too slowly.

 

January 5, 2002
Rumsfeld complains to George Tenet about the CIA.

 

February 15, 2002
Rumsfeld directs his staff to develop a white paper on detainees and the Geneva Conventions.

 

March 11, 2002
Rumsfeld suggests further classification review of the already pre-reviewed Annual Report to the President and the Congress.

 

March 11, 2002
Rumsfeld says the DOD annual report is not conclusive or upbeat enough.

 

March 12, 2002
Rumsfeld recounts his conversation with Russian MoD Sergei Ivanov at a Washington Wizards basketball game.

 

March 14, 2002
Rumsfeld asks how to fix the requirements process.

 

March 16, 2002
Rumsfeld inquiries into U.S. nuclear policy.

 

March 26, 2002
Under the subject “Business As Usual”, Rumsfeld questions whether the Department should cut educational programs while at war.

 

March 28, 2002
Rumsfeld pushes to lift restrictions on contractors providing force protection.

 

March 28, 2002
Rumsfeld proposes a weekly meeting on Afghanistan, stating that it is “drifting”.

April 3, 2002
Rumsfeld’s thoughts on the Middle East.

 

April 8, 2002
Rumsfeld instructs his staff to create a list of all the major “processes” at the Pentagon and shorten them by atleast 20 percent.

 

April 9, 2002
Rumsfeld expresses concern about a “zero defect mentality” in promotion process.

 

 

April 12, 2002
Rumsfeld ruminates on the creation of a new Homeland Security Department.

 

April 15, 2002
Rumsfeld details a conversation with Henry Kissinger about the ICC.

 

April 15, 2002
Rumsfeld contacts Tenet about the ICC.

 

April 23, 2002
Rumsfeld considers possibly renegotiating a Russia-NATO arrangement.

 

April 23, 2002
Rumsfeld proposes using contractors to train the Afghan army.

 

April 23, 2002
Rumsfeld asks if a DOD chart of the PPB system is a joke, or whether it should be.

 

May 5, 2002
Rumsfeld tells Hank Crumpton to “speak up”.

 

May 22, 2002
Rumsfeld circulates a letter comparing interrogation techniques in Afghanistan to Guantanamo.

 

August 8, 2002
Rumsfeld questions whether it is right for pilots to use amphetamines.

 

August 17, 2002
Rumsfeld ruminates on the U.S. and Western Europe “stopping proliferation, reducing weapons of mass destruction and contrubitng to peace and stability” around the world.

 

August 19, 2002
Rumsfeld addresses the President, Vice President, CIA Director, and National Security Advisor on U.S. policy towards Iran and North Korea.

 

October 1, 2002
Rumsfeld sends handwritten notes from an interview with a detainee to Fieth.

 

March 3, 2003
Rumsfeld requests a contingency plan for the possibility of capturing an imposter of Saddam Hussein.

 

March 3, 2003
Rumsfeld contacts Tenet about the intelligence that led to capturing KSM.

 

March 26, 2003
Rumsfeld requests material to brief the President privately on a post-Saddam Iraq.

 

Cuba Re-designated as State Sponsor of Terror

Posted on by

President Obama removed Cuba from the designation and it is expected early into the Biden administration, this action will again be reversed.

The United States has once again designated Cuba as a State Sponsor of Terrorism, accusing it of granting safe haven to terrorists and also providing support for acts of “international terrorism”. The move by the Trump administration comes days before President-elect Joe Biden’s inauguration, who would have liked to start where he and Obama left the US-Cuba relations in 2016. Former President Barack Obama had delisted Cuba as a State Sponsor of Terrorism in 2015, seeking normalisation of ties with the Communist State.

State Department officials say the decision is not politically motivated and argue Cuba has not met the standards to remain off the list during the Trump administration.

American Enterprise Institute research fellow Ryan Berg affirmed the basis of the Trump administration’s decision.Cuba sees Obama terror promise as healing of historic wound

“Cuba has provided unequivocal support to terrorist and insurgent groups throughout Latin America for many decades, such as Colombia’s ELN and the FARC, to name just a few,” Berg told the Washington Free Beacon. “Today, it also continues to support the consolidated dictatorship of Nicolás Maduro in Venezuela, aiding and abetting what the Office of the United Nations High Commissioner for Human Rights has declared to be ‘crimes against humanity.'”

Havana has also played a role in helping China expand its influence in the Caribbean. In November, Cuba followed the lead of China in echoing far-left talking points regarding race relations in America at the United Nations, and China covered for Cuba on its record of harboring terrorism. China, meanwhile, has reportedly expanded its surveillance capabilities in the Caribbean, using telecommunications networks to spy on American mobile phones in the region.

The move could affect President-elect Joe Biden’s approach to reengaging with the communist country, a policy out of the Obama administration’s playbook. Biden’s transition team for the Department of Defense included Frank Mora, an Obama administration holdover who advocated lifting sanctions on Havana.

Berg said the Cuba policy favored by Mora and Biden would probably require a reversal of the decision to return Cuba to the list of state sponsors of terrorism.

“A diplomatic opening with a country designated as a ‘state sponsor of terror’ is a difficult lift,” Berg said. “Therefore, one of the first steps to any Cuba opening would likely require a reversal of this decision.” source

FBI is Investigating a Mysterious Postcard

Posted on by

SolarWinds hackers also breached the US NNSA nuclear ... source

(Reuters) – The FBI is investigating a mysterious postcard sent to the home of cybersecurity firm FireEye’s chief executive days after it found initial evidence of a suspected Russian hacking operation on dozens of U.S. government agencies and private American companies.

U.S. officials familiar with the postcard are investigating whether it was sent by people associated with a Russian intelligence service due its timing and content, which suggests internal knowledge of last year’s hack well before it was publicly disclosed in December.

Moscow has denied involvement in the hack, which U.S. intelligence agencies publicly attributed here to Russian state actors.

The postcard carries FireEye’s logo, is addressed to CEO Kevin Mandia, and calls into question the ability of the Milpitas, California-based firm to accurately attribute cyber operations to the Russian government.

People familiar with Mandia’s postcard summarized its content to Reuters. It shows a cartoon with the text: “Hey look Russians” and “Putin did it!”

The opaque message itself did not help FireEye find the breach, but rather arrived in the early stages of its investigation. This has led people familiar with the matter to believe the sender was attempting to “troll” or push the company off the trail by intimidating a senior executive.

Reuters could not determine who sent the postcard. U.S. law enforcement and intelligence agencies are spearheading the probe into its origin, the sources familiar said.

The FBI did not provide comment. A FireEye representative declined to discuss the postcard.

A disinformation researcher from the Rand Corporation, Todd Helmus, received a similar postcard in 2019, based on an image of it Helmus posted to Twitter. Helmus, who studies digital propaganda, said he received the postcard after testifying to Congress about Russian disinformation tactics.

FireEye discovered the Russian hacking campaign – now known as “Solorigate” for how it leveraged supply chain vulnerabilities in network management firm Solarwinds – because of an anomalous device login from within FireEye’s network. The odd login triggered a security alert and subsequent investigation, which led to the discovery of the operation.

FireEye worked closely with Microsoft to determine that the infiltration at FireEye in fact represented a hacking campaign that struck at least eight federal agencies including the Treasury, State and Commerce Departments.

When the postcard was sent, FireEye had not yet determined who was behind the cyberattack. A person familiar with the postcard investigation said “this is not typically the Russian SVR’s playbook” but “times are rapidly changing.” SVR is an acronym for the Foreign Intelligence Service of Russia.

A former U.S. intelligence official said the postcard reminded him of a now public mission by U.S. Cyber Command where they sent private messages to Russian hackers ahead of the 2018 congressional elections in the United States.

“The message then from the U.S. was ‘watch your back, we see you’ similar to here,” the former official said.

The extent of the damages tied to the U.S. government hack remains unclear. Emails belonging to senior officials were stolen from an unclassified network at the Treasury and Commerce Departments.FBI says 'ongoing' SolarWinds hack was probably the work ...

Related reading: Third malware strain discovered in SolarWinds supply chain attack

Now known in the cyber world, the heck of Solarwinds continues to rock the nation.

Kaspersky reports finding code similarities between the Sunburst backdoor in SolarWinds’ Orion platform and a known backdoor, Kazuar, which Palo Alto Networks in 2017 associated with the Turla threat group. Kaspersky is cautious about attribution, and notes that there are several possibilities:

  • Sunburst and Kazuar are the work of the same threat group.
  • Sunburst’s developers borrowed from Kazuar.
  • Both backdoors derived from a common source.
  • Kazuar’s developers jumped ship to another threat group that produced Kazuar.
  • Whoever developed Sunburst deliberately introduced subtle false flag clues into their code.

Reuters points out that Estonian intelligence services have long attributed Turla activity to Russia’s FSB (which was unavailable to Reuters for comment).

In an updated Solorigate advisory, CISA released detection and mitigation advice for post-compromise activity in the Microsoft 365 (M365) and Azure environment.

The US District Court for the Southern District of Ohio has responded to Solorigate by requiring that court documents be filed on paper, the Columbus Dispatch reports.

***

Related reading: The SolarWinds Hackers Shared Tricks With a Notorious Russian Spy Group

Reuters: Investigators at Moscow-based cybersecurity firm Kaspersky said the “backdoor” used to compromise up to 18,000 customers of U.S. software maker SolarWinds closely resembled malware tied to a hacking group known as “Turla,” which Estonian authorities have said operates on behalf of Russia’s FSB security service.

The findings are the first publicly-available evidence to support assertions by the United States that Russia orchestrated the hack, which compromised a raft of sensitive federal agencies and is among the most ambitious cyber operations ever disclosed.

Moscow has repeatedly denied the allegations. The FSB did not respond to a request for comment.

Costin Raiu, head of global research and analysis at Kaspersky, said there were three distinct similarities between the SolarWinds backdoor and a hacking tool called “Kazuar” which is used by Turla.

The similarities included the way both pieces of malware attempted to obscure their functions from security analysts, how the hackers identified their victims, and the formula used to calculate periods when the viruses lay dormant in an effort to avoid detection.

“One such finding could be dismissed,” Raiu said. “Two things definitely make me raise an eyebrow. Three is more than a coincidence.”

Confidently attributing cyberattacks is extremely difficult and strewn with possible pitfalls. When Russian hackers disrupted the Winter Olympics opening ceremony in 2018, for example, they deliberately imitated a North Korean group to try and deflect the blame.

Raiu said the digital clues uncovered by his team did not directly implicate Turla in the SolarWinds compromise, but did show there was a yet-to-be determined connection between the two hacking tools.

It’s possible they were deployed by the same group, he said, but also that Kazuar inspired the SolarWinds hackers, both tools were purchased from the same spyware developer, or even that the attackers planted “false flags” to mislead investigators.

Security teams in the United States and other countries are still working to determine the full scope of the SolarWinds hack. Investigators have said it could take months to understand the extent of the compromise and even longer to evict the hackers from victim networks.

U.S. intelligence agencies have said the hackers were “likely Russian in origin” and targeted a small number of high-profile victims as part of an intelligence-gathering operation.