Category Archives: Military

After Ukraine, DHS Warns Domestic Utility Companies

Posted on by

Feds advise utilities to pull plug on Internet after Ukraine attack

WashingtonExaminer: The Department of Homeland Security advised electric utilities Thursday that they may need to stop using the Internet altogether, after the agency found that a cyberattack that brought down Ukraine’s power grid in December could have been far more devastating than reported.

The Dec. 23 cyberattack forced U.S. regulators to place utilities on alert after unknown attackers caused thousands of Ukrainian residents to lose power for hours by installing malicious software, or malware, on utility computers. But the Department of Homeland Security said Thursday that the attack may have been directed at more than just the country’s electricity sector, suggesting the attackers were looking to cause more harm than was reported.

In response, federal investigators are recommending that U.S. utilities and other industries “take defensive measures.” To start with, they need to best practices “to minimize the risk from similar malicious cyber activity,” according to an investigative report issued Thursday by Homeland Security’s Industrial Control Systems Cyber Emergency Response Team.

But the team is also recommending more drastic action, such as keep control-system computers away from the Internet.

“Organizations should isolate [industrial control system] networks from any untrusted networks, especially the Internet,” the report says. “All unused ports should be locked down and all unused services turned off. If a defined business requirement or control function exists, only allow real-time connectivity to external networks. If one-way communication can accomplish a task, use optical separation.”

The findings show that the power outages were caused by three attacks using cyberintrusion software to attack electric power distribution companies, affecting about 225,000 customers. It also reveals that once power was restored, the utilities continued “to run under constrained operations,” implying that the damage to grid control systems was profound.

The team also learned that “three other organizations, some from other critical infrastructure sectors, were also intruded upon but did not experience operational impacts.” That suggests the attackers were going after more than just the power grid, and may have been planning a much more economy-wide attack. The team does not disclose what other sectors of the country were targeted.

The team said the attack was well-planned, “probably following extensive reconnaissance of the victim networks,” the report says. “According to company personnel, the cyberattacks at each company occurred within 30 minutes of each other and impacted multiple central and regional facilities.”

The attackers were attempting to make the damage permanent. The report says the attackers installed “KillDisk” malware onto company computers that would erase data necessary to reboot operations after a cyberattack.

There is also a mystery to the attackers’ actions.

“Each company also reported that they had been infected with BlackEnergy malware; however, we do not know whether the malware played a role in the cyberattacks,” the report says. The malware was delivered using an email embedded hacking technique known as “spear phishing” that contained a number of malicious Microsoft Office attachments.

“It is suspected that BlackEnergy may have been used as an initial access vector to acquire legitimate credentials; however, this information is still being evaluated,” the team says.

The investigation was done with Ukraine authorities and involved the FBI, Department of Energy and the North American Electric Reliability Corporation.

*** 

New research is shining a light on the ongoing evolution of the BlackEnergy malware, which has been spotted recently targeting government institutions in the Ukraine.

Security researchers at ESET and F-Secure each have dived into the malware’s evolution. BlackEnergy was first identified several years ago. Originally a DDoS Trojan, it has since morphed into “a sophisticated piece of malware with a modular architecture, making it a suitable tool for sending spam and for online bank fraud,” blogged ESET’s Robert Lipovsky.

“The targeted attacks recently discovered are proof that the Trojan is still alive and kicking in 2014,” wrote Lipovsky, a malware researcher at ESET.

ESET has nicknamed the BlackEnergy modifications first spotted at the beginning of the year ‘BlackEnergyLite’ due to the lack of a kernel-mode driver component. It also featured less support for plug-ins and a lighter overall footprint.

“The omission of the kernel mode driver may appear as a step back in terms of malware complexity: however it is a growing trend in the malware landscape nowadays,” he blogged. “The threats that were among the highest-ranked malware in terms of technical sophistication (e.g., rootkits and bootkits, such as Rustock, Olmarik/TDL4, Rovnix, and others) a few years back are no longer as common.”

The malware variants ESET has tracked in 2014 – both of BlackEnergy and of BlackEnergy Lite – have been used in targeted attacks. This was underscored by the presence of plugins meant for network discovery, remote code execution and data collection, Lipovsky noted.

“We have observed over a hundred individual victims of these campaigns during our monitoring of the botnets,” he blogged. “Approximately half of these victims are situated in Ukraine and half in Poland, and include a number of state organizations, various businesses, as well as targets which we were unable to identify. The spreading campaigns that we have observed have used either technical infection methods through exploitation of software vulnerabilities, social engineering through spear-phishing emails and decoy documents, or a combination of both.”

In a whitepaper, researchers at F-Secure noted that in the summer of 2014, the firm saw samples of BlackEnergy targeting Ukrainian government organizations for the purposes of stealing information. These samples were nicknamed BlackEnergy 3 by F-Secure and identified as the work of a group the company refers to as “Quedagh.” According to F-Secure, the group is suspected to have been involved in cyber-attacks launched against Georgia during that country’s conflict with Russia in 2008.

“The Quedagh-related customizations to the BlackEnergy malware include support for proxy servers and use of techniques to bypass User Account Control and driver signing features in 64-bit Windows systems,” according to the F-Secure whitepaper. “While monitoring BlackEnergy samples, we also uncovered a new variant used by this group. We named this new variant BlackEnergy 3.”

Only Quedagh is believed to be using BlackEnergy 3, and it is not available for sale on the open market, noted Sean Sullivan, security advisor at F-Secure.

“The name [of the group] is based on a ship taken by Captain Kidd, an infamous privateer,” he said. “It is our working theory that the group has previous crimeware experience. Its goals appear to be political but they operate like a crimeware gang. There have been several cases this year of which BlackEnergy is the latest. The trend is one of off-the-shelf malware being used in an APT [advanced persistent threat] kind of way. The tech isn’t currently worthy of being called APT, but its evolving and scaling in that direction.”

Within a month of Windows 8.1’s release, the group added support for 64-bit systems. They also used a technique to bypass the driver-signing requirement on 64-bit Windows systems.

In the case of BlackEnergy 3, the malware will only attempt to infect a system if the current user is a member of the local administration group. If not, it will re-launch itself as Administrator on Vista. This will trigger a User Account Control (UAC) prompt. However, on Windows 7 and later, the malware will look to bypass the default UAC settings.  

“The use of BlackEnergy for a politically-oriented attack is an intriguing convergence of criminal activity and espionage,” F-Secure notes in the paper. “As the kit is being used by multiple groups, it provides a greater measure of plausible deniability than is afforded by a custom-made piece of code.”

In 2014 from the Department of Interior and DHS:

Summary: Investigation of NPS-GCNP SCADA SYSTEM

Report Date: August 7, 2014

OIG investigated allegations that the Supervisory Control and Data Acquisition (SCADA) system at Grand Canyon National Park (Park) may be obsolete and prone to failure. In addition, it was alleged only one Park employee controlled the system, increasing the potential for the system to fail or become unusable.

The SCADA system is a private utilities network that monitors and controls critical infrastructure elements at the Park. Failure of the system could pose a health and safety risk to millions of Park visitors. Due to potential risks that system failure posed, we consulted with the U.S. Department of Homeland Security Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) and asked that they assess the overall architecture and cybersecurity of the Park’s SCADA system.

ICS-CERT conducted an onsite review and issued a report outlining the weaknesses it found at the Park’s SCADA system, including obsolete hardware and software, inadequate system documentation and policies, insufficient logging and data retention. We provided a copy of ICS-CERT’s assessment report to the National Park Service for review and action.

 

 

U.S. 133 Cyber Teams Under Construction

Posted on by

Is this a change and an approval by Obama from 2012? (Note this is only a defensive strategy)

Presidential Cyberwar Authority

 

In October 2012, President Obama signed the top-secret Presidential Policy Directive 20, which enabled the military to aggressively initiate and thwart cyber­attacks related our nation’s security. While most of the cyber attack targets are network systems or infrastructure-based, an elite Psychological Operations (PsyOps) team has focused its efforts on secretly defacing the public websites of our adversaries. Due to the high visibility and sensitive nature of this activity, only President Obama has the authority to target and launch these types of attacks.

The President authorizes these attacks using the global Cyber Warfare Command and Control System (CWCCS), which is accessible from this web page only from the President’s authorized computer.

****

 

WASHINGTON (AP) — Not long after Defense Secretary Ash Carter prodded his cyber commanders to be more aggressive in the fight against Islamic State, the U.S. ramped up its offensive cyberattacks on the militant group.

According to several U.S. officials, the attacks are targeting the group’s abilities to use social media and the Internet to recruit fighters and inspire followers, U.S. officials told The Associated Press.

U.S. officials confirmed that operations launched out of Fort Meade, Maryland, where the U.S. Cyber Command is based, have focused on disrupting the group’s online activities. The officials said the effort is getting underway as operators try a range of attacks to see what works and what doesn’t. They declined to discuss details, other than to say that the attacks include efforts to prevent the group from distributing propaganda, videos or other types of recruiting and messaging on social media sites such as Twitter, and across the Internet in general.

Other attacks could include attempts to stop insurgents from conducting financial or logistical transactions online.

The surge of computer-based military operations by U.S. Cyber Command began shortly after Carter met with commanders at Fort Meade last month.

Several U.S. officials spoke about the cyber campaign on condition of anonymity because they were not authorized to discuss it publicly. Much of the effort is classified.

Carter mentioned the operations briefly Thursday, telling a House Appropriations subcommittee only that Cyber Command is beginning to conduct operations against the Islamic State group. He declined to say more in a public setting.

The more aggressive attacks come after months of pressure from Carter, who has been frustrated with the belief that the Pentagon — and particularly Cyber Command — was losing the war in the cyber domain.

Late last year Carter told cyber commanders they had 30 days to bring him options for how the military could use its cyberwarfare capabilities against the group’s deadly insurgency across Iraq and Syria, and spreading to Libya and Afghanistan. Officials said he told commanders that beefing up cyberwarfare against the Islamic State group was a test for them, and that they should have both the capability and the will to wage the online war.

 

But the military cyber fight is limited by concerns within the intelligence agencies that blocking the group’s Internet access could hurt intelligence gathering.

Officials said Carter told commanders that he the U.S. to be able to impact Islamic State operations without diminishing the indications or warnings U.S. intelligence officers can glean about what the group is doing. On Jan. 27, Carter and Marine Gen. Joseph Dunford, chairman of the Joint Chiefs of Staff, went to Fort Meade for an update.

Officials familiar with Carter’s meetings said the secretary was frustrated that as Cyber Command has grown and developed over the past several years, it was still focused on the cyberthreats from nations, such as Iran, Russia and China, rather than building a force to block the communications and propaganda campaigns of Internet-savvy insurgents.

 

“He was right to say they could be more forward leaning about what they could possibly do against ISIS,” said James Lewis, a cybersecurity expert at the Center for Strategic and International Studies. “You could disrupt their support networks, their business networks, their propaganda and recruitment networks.” However, Lewis added, the U.S. needs to be careful about disrupting the Internet to insure that attacks don’t also affect civilian networks or systems needed for critical infrastructure and other public necessities. U.S. officials have long been stymied by militants’ ability to use the Internet as a vehicle for inspiring so-called lone wolf attackers in Western nations, radicalized after reading propaganda easily available online.

“Why should they be able to communicate? Why should they be using the Internet?” Carter said during testimony before the defense appropriations subcommittee. “The Internet shouldn’t be used for that purpose.” He added that the U.S. can conduct cyber operations under the legal authorities associated with the ongoing war against the Islamic State group. The U.S. has also struggled to defeat high-tech encryption techniques used by Islamic State and other groups to communicate. Experts have been working to find ways to defeat those programs.

Cyber Command is relatively new. Created in 2009, it did not begin operating until October 2010.

Early on, its key focus was on defending military networks, which are probed and attacked millions of times a day. But defense leaders also argued at length over the emerging issues surrounding cyberwarfare and how it should be incorporated.

 

The Pentagon is building 133 cyber teams by 2018, including 27 that are designed for combat and will work with regional commands to support warfighting operations. There will be 68 teams assigned to defend Defense Department networks and systems, 13 that would respond to major cyberattacks against the U.S. and 25 support teams.

FBI/NSA Versus Encryption, Investigating Plotting Attacks

Posted on by

Perspective only: Paris Attack and operating in a realm before any attack

NSA chief: ‘Paris would not have happened’ without encrypted apps

Michael Isikoff

Chief Investigative Correspondent

National Security Agency Director Adm. Michael Rogers warns that encryption is making it “much more difficult” for the agency to intercept the communications of terrorist groups like the Islamic State, citing November’s Paris attacks as a case where his agency was left in the dark because the perpetrators used new technologies to disguise their communications.

In an exclusive interview with Yahoo News, Rogers confirmed speculation that began right after the attack: that “some of the communications” of the Paris terrorists “were encrypted,” and, as a result, “we did not generate the insights ahead of time. Clearly, had we known, Paris would not have happened.”

Rogers’ comments were made on Friday, just days before the FBI obtained a court order requiring Apple to provide a “backdoor” into the data on the iPhone of one of the shooters in the San Bernardino, Calif., terror attack in December — an order the company is resisting. But his remarks are likely to fuel the debate over encryption that has sorely divided the U.S. intelligence and law enforcement community, on one side, and privacy advocates and U.S. technology companies. (A spokesman for the NSA had no comment today on the court order or on Apple’s response.)

Rogers has at times sought to steer a middle ground in this debate, acknowledging that encryption is “foundational to our future” and even saying recently that arguing about it “is a waste of time.” In the Yahoo News interview, he frankly acknowledged, “I don’t know the answer” to unencrypting devices and applications without addressing the concerns over privacy and competitiveness, calling for a national collaboration among industry and government officials to solve the problem.

But he left little doubt about the impact encryption is having on his agency’s mission.

“Is it harder for us to generate the kind of knowledge that I would like against some of these targets? Yes,” Rogers said. “Is that directly tied in part to changes they are making in their communications? Yes. Does encryption make it much more difficult for us to execute our mission. Yes.”

Rogers also provided new details about his agency’s efforts to implement the USA Freedom Act, a law passed in the wake of the Edward Snowden disclosures, which he said has made it “more expensive” for his agency to access the phone records of terror suspects inside the United States and has resulted in a “slightly slower” retrieval of data from U.S. phone companies.

But Rogers said the delay in retrieving phone records is measured “in hours, not days or weeks,” and he has not yet seen any “significant” problems that have “led to concerns … this is not going to work.”

“When I say more difficult to do the job, it’s certainly a little slower,” he said. “There is no doubt about that. It is not as fast.”

The new law — which has become a contentious issue in the presidential campaign — requires the NSA to get a secret court order to retrieve individual domestic phone records rather than collecting them in bulk and storing them in agency computers, as it had been doing before the Snowden disclosures. Critics, such as Sen. Marco Rubio, charge that the act has weakened the country’s defenses in the face of the mounting threats from the Islamic State and other terror groups.

But Rogers confirmed for the first time that the law was used successfully by the NSA after the San Bernardino terror attack to retrieve the phone records of the two perpetrators, and the agency “didn’t find any direct overseas connections.” Those records provided “metadata” — the time and duration of phone calls — but not the content of emails and text messages that the FBI is seeking by requiring Apple to unlock one of the iPhones. The FBI is continuing its efforts to track down who the two shooters “may have communicated with to plan and carry out” the attack, according to a court filing Tuesday.

Rogers’ comments came during a rare and wide-ranging interview inside the “Battle Bridge,” a special NSA situation room at its headquarters in Fort Meade, Md., equipped with teleconference screens to the White House and secure facilities around the world. It was built after the Osama bin Laden raid for use during international crises.

The former Navy cryptographer described a far-reaching reorganization of the electronic spying agency — dubbed NSA21 — that he is implementing this month to cope with evolving new national security threats. Chief among them: persistent cyberattacks from “nation state actors,” who he said are repeatedly hacking into — and Rogers believes laying the groundwork for manipulation of — the nation’s critical infrastructure systems, such as the electrical grid, the banking system and the energy sector.

Those foreign powers — widely acknowledged to be Russia, China, Iran and North Korea, although he wouldn’t name them — are “penetrating systems, what we think is for the purpose of reconnaissance. To get a sense of how they are structured. Where are their vulnerabilities? What are the control points that someone would want to access?”

While Rogers said he was “not going to get into specifics,” U.S. officials have confirmed that those attacks included an Iranian hack into the computer system of a New York dam that alarmed White House officials in 2013 and a highly sophisticated Russian infiltration of an unclassified Pentagon Joint Staff computer network that prompted the NSA director to shut down the entire network for two weeks last summer.

“This is not episodic or short-term focused,” said Rogers, who also serves as commander of the U.S. Cyber Command. “My sense is you are watching these actors make a long-term commitment. How do we ensure we have the capability to potentially impair [their] ability to actually operate?”

Yahoo News asked Rogers what motivated the attacks.

“I believe they want to have the capability, should they come to a political decision, that they in some way want to interfere with the United States or send a message to us,” he said.

One question Rogers pointedly declined to address is whether any overseas intelligence services had penetrated Hillary Clinton’s unsecured private email server — a scenario that former Defense Secretary Robert Gates recently said was “highly likely.”

“It’s something I’m not going to get into right now,” he said when pressed by Yahoo News as to whether such a penetration had taken place.

Rogers’ answer to the threat of foreign cyberattacks, incorporated into NSA21, is to create a new Directorate of Operations by merging the agency’s Signals Intelligence directorate — its electronic spying arm, which intercepts hundreds of millions of telephone calls, emails and text messages around the globe — with its smaller Information Assurance arm, which works with private industry to defend U.S. computer networks.

The proposal has prompted criticism that it will heighten suspicions of the NSA, making private companies even less willing to cooperate with the agency for fear of being seen as part of its massive global surveillance mission.

“I have to admit, it was something I spent a lot of time, as did the team, thinking about,” Rogers said when asked about the criticism. He added later, “I certainly acknowledge that there are some who would argue, ‘Hey, but you have this perception battle.’ My statement to that would be, ‘We have that perception battle every single day of the year, given the fact that the NSA, we acknowledge, works in both the offensive [signals interception] and defensive [cybersecurity] structures.’”

Dealing with the “perception” of the NSA as an unchecked surveillance colossus has been Rogers’ principal challenge since he took over the agency nearly two years ago during the biggest crisis in its history — the aftermath of the Snowden leaks, described by his predecessor, Gen. Keith Alexander, at the time as “the greatest damage to our combined nation’s intelligence systems that we have ever suffered.”

A congenial career Navy cryptologist who previously was commander of the Navy’s Fleet Cyber Command, Rogers has sought to repair the agency’s image and mend fences with Capitol Hill, striking a noticeably more measured and less combative tone in his public statements than Alexander did.

But when pressed about the lingering impact of the Snowden disclosures and persistent questions among privacy advocates and members of Congress about the NSA’s continued “incidental” collection of U.S. citizens’ communications, Rogers was unyielding and unapologetic.

He twice refused, for example, to shed any light on how many Americans’ emails and phone calls are “incidentally” collected by the NSA in the course of intercepting the communications of foreign targets. “We don’t talk about the specifics of the classified mission we do,” he said. He declined to explain why such information would be classified but insisted that access to those communications by the FBI is governed by legal processes.

Rogers warned that terrorist groups such as the Islamic State are moving to encrypted apps and networks, the so-called dark Web — a trend he asserted was “accelerated” by the Snowden disclosures.

“The trend has happened much faster than we thought,” he said. “And the part that is particularly discouraging to me is when we get groups, actors, specifically discussing the [Snowden] disclosures saying, ‘Hey, you need to make sure you don’t do X, Y or Z, or you don’t use this, because remember we know the Americans are into this.

“You’ve seen al-Qaida expressly, for example, reference the [Snowden] disclosures. You’ve seen groups — ISIL does the same — talk about how they need to change their discipline, need to change their security as a result of their increased knowledge of what we do and how we do it.”

But while many experts have argued that the movement toward encryption is the inevitable result of evolving new technologies, Rogers pointed to Snowden.

“No one should doubt for one minute there has been an impact here,” Rogers said. “I will leave it to others to decide right, wrong, good or bad. But there shouldn’t be any doubt in anybody’s mind that there has been an impact as a result of these disclosures.”

Rogers has strong feelings about what should happen to Snowden, who remains in Moscow, hailed around the world by many civil liberties groups, receiving accolades and awards (and financial compensation for speeches he delivers via Skype) — all while remaining a fugitive from U.S. justice. Rogers has not seen “Citizenfour,” the Oscar-winning documentary by Laura Poitras that presents the former NSA contractor as a courageous whistleblower, and he says he will “probably” not see the upcoming film “Snowden,” due in theaters this May, by Oliver Stone.

Asked about proposals that Snowden should receive some sort of leniency as part of a deal that would bring him home, Rogers talked about the concept of “accountability.” He recalled a conversation he had with his father about the My Lai Massacre when he joined the Naval ROTC in the post-Vietnam era in 1981.

“Dad, what do you do when you get an order that you think is immoral, unethical or illegal?” he said. “And my father, something I’ll always remember, said to me, ‘Michael, you must be willing to stand up and say, “This I will not do.” But Michael, you must also be willing to be held accountable for the decision you have made. And don’t ever forget, son, responsibility and accountability are intertwined. And it ain’t one or the other. It’s about both.’ And that seems to have been forgotten in all of this.”

Genocide Label for ISIS? Kerry Unsure

Posted on by

What happened to Bashir al Assad and the genocide happening to Syrians?

Kerry weighs ‘genocide’ label for Islamic State

Secretary of State John Kerry signaled today that he plans to decide soon whether to formally accuse the Islamic State of genocide amid what sources describe as an intense debate within the Obama administration about how such a declaration should be worded and what it might mean for U.S. strategy against the terrorist group.

“None of us have ever seen anything like it in our lifetimes,” Kerry said during a House subcommittee hearing Wednesday about beheadings and atrocities committed by the Islamic State.

But in response to questioning by Rep. Jeff Fortenberry, a Nebraska Republican who has been spearheading a resolution in Congress demanding the administration invoke an international treaty against genocide, Kerry was careful not to tip his hand on what has turned into a thorny internal legal debate with political and potentially military consequences.

Saying the department was reviewing “very carefully the legal standards and precedents” for a declaration of genocide against the Islamic State, Kerry added that he had received “initial recommendations” on the issue but had then asked for “further evaluations.”

In his first public comments on the issue, Kerry said he “will make a decision on this” as soon as he receives those evaluations. He didn’t elaborate on when that might occur.

The administration’s plans to invoke the powerfully evocative genocide label — an extremely rare move — was first reported by Yahoo News last November. But at the time, the State Department was focused on restricting the designation to the Islamic State’s mass killings, beheadings and enslavement of the Yazidis — a relatively small minority group of about 500,000 in northern Iraq that the terrorist group has vowed to wipe out on the grounds they are “devil worshipers.”

The disclosure set off a strong backlash among members of Congress and Christian groups who argued that Islamic State atrocities against Iraqi and Syrian Christians and other smaller minority groups also deserved the genocide label. Some conservatives even chastised the administration for displaying a “politically correct bias that views Christians … never as victims but always as Inquisition-style oppressors.”

The issue has since made its way into the presidential campaign; Sen. Marco Rubio has signed a Senate version of a House resolution, co-sponsored by Fortenberry and Rep. Anna Eshoo, for a broader genocide designation that incorporates Christians, Turkmen, Kurds and other groups. Hillary Clinton has also endorsed such as move. In response to a question from a voter at a New Hampshire town hall last December about whether she believes Christians as well as Yazidis should be declared victims of genocide, she said, “I will, because we now have enough evidence.”

A Iraqi Yazidi woman and her children took refuge at the Bajid Kandala camp in Dohuk, Iraq, after fleeing Islamic State jihadists. (Photo: Ahmad Al-Rubaye/AFP)

But administration sources and others intimately familiar with the internal debate say the issue has proven more complicated. While ISIS has openly declared its intention of destroying the Yazidis, they argue, the terrorist group’s leaders have not made equally explicit statements about Christians even while committing killings, kidnappings, forced removals and the confiscation and destruction of churches aimed at Christian groups. As a result, administration officials and State Department lawyers have weighed labeling those acts “crimes against humanity” — a step that critics have said doesn’t go far enough. “We’ve been trying to tell them, crimes against humanity are not a bronze medal,” said one administration official, contending that it should not be viewed as a less serious designation.

Kerry seemed to hint as much in his responses to Fortenberry at Wednesday’s hearing, noting that Christians in Syria “and other places” have been forcibly removed from their homes. “There have been increased, forced evacuations,” he said. “No, its not — they are killing them in that case — but it’s a removal and a cleansing, ethnically and religiously, that is equally disturbing.”

At the same time, two sources familiar with the debate said, Pentagon officials have expressed concerns that a genocide designation would morally obligate the U.S. military to take steps — such as protecting endangered populations or using drones to identify enslaved women — that could divert resources from the campaign to defeat the Islamic State. (An administration official told Yahoo News Wednesday that any such concerns have not been raised in “interagency” discussions over the genocide issue. “There is no resource issue,” the official said.)

In fact, many legal scholars say, there is considerable debate about just what practical impact a genocide designation would have. It would be made under a loosely worded 1948 international treaty that compels signatory nations, including the United States, “to prevent and to punish” the “odious scourge” of genocide defined as acts “committed with intent to destroy, in whole or in part, a national, ethnical (sic), racial or religious group.” As documented by Samantha Power, now the U.S. ambassador to the United Nations, in her 2002 book, “A Problem from Hell,” President Clinton’s Secretary of State Warren Christopher, resisted labeling the mass murder of the Tutsis in Rwanda in 1994 as genocide for fear, as one State Department memo put it at the time, “it could commit [the U.S. government] to actually do something.”

But 10 years later, Secretary of State Colin Powell declared the killings of non-Arab people in Darfur to be genocide — the first time the U.S. invoked such a declaration during an ongoing conflict. But he did so only after receiving a secret State Department memo concluding the designation “has no immediate legal — as opposed to moral, political or policy consequences for the United States.”

Administration officials have argued they are already taking extraordinary steps to protect threatened minorities in Iraq, pointing to, for example, the 2014 evacuation of Yazidis from Mount Sinjar — and that a genocide designation wouldn’t change that. White House press secretary Josh Earnest said as much when he was pressed on the issue during a recent White House briefing during which he said a genocide designation is “an open question that continues to be considered by administration lawyers.”

“The decision to apply this term to this situation is an important one,” Earnest said during a Feb. 4 briefing. “It has significant consequences, and it matters for a whole variety of reasons, both legal and moral. But it doesn’t change our response. And the fact is that this administration has been aggressive, even though that term has not been applied, in trying to protect religious minorities who are victims or potential victims of violence.”

ISIS with WMD, Overstated Threat? Peshmerga Today

Posted on by
Authorities in the Kurdistan said on Friday, according to Reuters, that they are investigating another suspected gas attack by Islamic State (ISIS) against the Kurdish Peshmerga.

Civilians and Peshmerga alike in the Sinjar area are being treated for nausea and vomiting after ISIS rockets containing a chemical substance were fired at them on Thursday the Kurdistan Region Security Council (KRSC) said on its Twitter page.

“If confirmed this will be the eight ISIL weaponized chemical attack against Peshmerga. ISIL tactics continue to become more sophisticated,” warned the council.

The KRSC said the American-led anti-ISIS coalition is helping them with the investigation.

This attack comes the same week that a source within the Organization for the Prohibition of Chemical Weapons (OPCW) said that mustard gas was used against the Peshmerga in August of last year, making 35 of them ill.

This latest attack however appears to have used chlorine gas, a type of gas that is often used in the Syrian conflict. Chlorine gas is a choking agent and nausea and vomiting are telltale signs one has been exposed to it.

Rogan/NR: Chemical agents, by disrupting a military adversary and sowing terror among its civilian population, make for powerful psychological weapons. And, as attested by Bashar al-Assad’s ongoing suffocation of innocent Syrians, chemical weapons are also tools of torture. The National Institutes of Health describes how concentrated chlorine gas affects a human body: “respiratory failure, pulmonary edema, likely acute pulmonary hypertension, cardiomegaly, pulmonary vascular congestion, acute burns of the upper and especially the proximal lower airways, and death.”

For ISIS, weaponized chlorine is a perfect instrument. And ISIS is using it. Reports suggest that ISIS has employed mustard- and chlorine-gas–based weapons in Iraq and Syria. Unfortunately, far worse is likely to come. After all, it’s increasingly obvious that ISIS regards its chemical-weapons programs as a key strategic priority. Last October, for example, the Associated Press described how European organized-crime groups are offering radioactive material to ISIS. And just last week, the Independent reported on the disruption of a ten-person ISIS cell in Morocco — a cell masterminded by ISIS leaders in Libya. The connecting threads are clear: Morocco, a favored destination of Western tourists, offered ISIS an opportunity to follow up in 2016 on its 2015 massacre of 38 people — including 30 Britons — in Sousse, Tunisia. ISIS wants to scare Western tourist investment away from moderate-Muslim nations and implode those nations into chaos. ISIS chemical weapons also threaten U.S. personnel. As ISIS confronts higher stakes — as it does in the battle for its Iraqi capital, Mosul — U.S. personnel will face a growing threat of chemical attack.
This threat demands the strengthening of the U.S. deterrent posture against chemical, biological, radiological, and nuclear threats. At present, that posture stands eviscerated because of the failure to punish Assad’s breach of President Obama’s “red line” on chemical weapons. But that’s only half the story. Consider, too, that an AP report from October highlighted how senior figures in WMD conspiracies are escaping consequences for their actions. That must end. In future, those who enable ISIS WMD programs should face one of two simple repercussions: detention by Jordan’s GID intelligence service, or death. The special urgency of this threat is unique. From Morocco and France to Turkey and Indonesia, ISIS has proven its ability to launch attacks from separate bases in Iraq, Syria, and Libya — and to do so while evading detection by Western intelligence. ISIS chemical-weapons plots must not be underestimated. Of course, as Wilfred Owen reminds us, the use of chemical weapons in pursuit of human misery is nothing new. My British great-grandfather — a veteran of World War I– described German chemical attacks this way: “We could smell the gas coming. Every horse that we had was blind due to gas.” President Obama must recognize this new, old reality. In February 2016, “acute burns of the upper and especially the proximal lower airways, and death” are no longer peripheral concerns suffered by forgotten Syrians at the hands of Assad. Today, ISIS has the means and intent to drown Western civilians — and American credibility — in a green and yellow sea.