Category Archives: NSA Spying

It WAS the Russians that Hacked the DNC and More

Posted on by

This website reported several weeks ago along with evidence it was the Russians that hacked the Democrat Nation Committee, and these hacks are reported to be wider and deeper than previously reported. This site also reported that the FBI went to the Hillary campaign headquarters with evidence of a hack and asked only for the sign in activity logs to further the investigation, but the Hillary camp refused to cooperate or collaborate.

Well, turnabout is fair play. It is all about favors right? Yuppers….

Cyberattack on Democrats bigger than originally believed: report
TheHill: The cyberattack targeting Democratic politicians was more widespread than originally believed, The New York Times reported Wednesday.
The likely Russian cyberattack breached the private email accounts of more than 100 party officials and groups, sources told the Times.
Email accounts of Democratic nominee Hillary Clinton’s campaign officials, party operatives and Democratic Party organizations seem to have been the focus of the attack.

The FBI is now widening its investigation, and officials have started to tell Democrats that Russians may have gained access to their email accounts.

It had been previously reported that Russian hackers accessed the networks of the Democratic National Committee and the Democratic Congressional Campaign Committee, and the Clinton campaign’s network was also believed to have been breached.

But the hack may also have extended to other organizations such as the Democratic Governors’ Association, according to the Times.

Ahead of the Democratic National Convention last month, a trove of emails was released by WikiLeaks that appeared to show officials at the DNC planning how to undermine Bernie Sanders’s presidential campaign.

The emails resulted in the resignation of former DNC chairwoman Debbie Wasserman Schultz and other top officials.

Last week, FBI officials briefed staff members of House and Senate Intelligence Committees on its investigation into the issue and are expected to brief other congressional committees in the coming days.

******

Impeach Loretta Lynch! Why? She is not serving justice under a RICO or public corruption.

Report: Loretta Lynch’s Justice Dept. Declined FBI Request To Investigate Clinton Foundation

DailyCaller: The Department of Justice declined a FBI request to open up a public integrity investigation into the Clinton Foundation, CNN reported on Wednesday.

According to the news network, the FBI made the request earlier this year, but the DOJ said it did not have enough evidence to open a formal probe. CNN reported:

The Clinton Foundation was not part of the recent investigation into her private server; it was separate. The FBI went to Justice Department earlier this year asking for it to open a case into the foundation, but the public integrity unit declined. The Justice Department had looked into whether it should open a case on the foundation a year prior and found it didn’t have sufficient evidence to do so.

Opposition to the FBI’s request — if the report is accurate — is likely to raise even more questions about whether the DOJ is acting impartially. Attorney General Loretta Lynch came under fire last month after it was revealed that she met in secret on her government airplane with Bill Clinton in late June.The meeting occurred days before the FBI and DOJ were set to interview Hillary Clinton as part of its investigation into whether Clinton or her aides mishandled classified information by using a private email system.

Lynch has insisted that she did not discuss the investigation with the former president. It has also been reported that the Clinton campaign has considered asking Lynch to remain as attorney general if Hillary Clinton is elected president.

The CNN report helps settle a question that government officials have largely avoided addressing.

FBI Director James Comey declined last month to say whether an investigation into the Clinton Foundation was underway.

Clinton’s campaign spokesman Brian Fallon recently said that there is “no evidence” that the Clinton Foundation is or was under investigation.

Though the DOJ decided not to pursue a public integrity investigation, new questions about the Clinton Foundation were raised on Tuesday after the watchdog group Judicial Watch released a new set of emails showing that a top adviser for the non-profit asked Clinton’s State Department aides to help out several individuals — including a major Clinton Foundation and a close associate. (RELATED: Clinton Foundation Official Asked Hillary’s State Dept. For Favors For Donor, Associate)

The Clinton Foundation official was Doug Band. He has worked for Bill Clinton for years and now runs the consulting firm Teneo Strategies.

In an April 25, 2009 email, Band asked Clinton aides Huma Abedin and Cheryl Mills to help put Lebanese-Nigerian billionaire Gilbert Chagoury in touch with the State Department’s “substance person” on issues related to Lebanon.

Chagoury, a longtime Clinton donor who was once a close associate of Nigerian dictator Sani Abache, has given between $1 million and $5 million to the Clinton Foundation. In 2009 he pledged $1 billion to help with a project undertaken by the Clinton Global Initiative, a Clinton Foundation offshoot which Band helped advise.

“This is very important,” Band said in his request to Mills and Abedin. “He’s key guy there and to us.”

In another April 2009 email, Band forwarded an email to Mills, Abedin and another Clinton aide, Nora Toiv, entitled “A favor.”

The individual seemingly asked for a job with the State Department.

“Important to take care of [redacted],” Band wrote.

On April 29, 2009, Band emailed the same trio of advisers asking: “Can someone pls call [redacted]? He calls me every day and we owe him some attention.”

It is unclear who the individual was, but Abedin told Band that she would place the call. Band’s remark that “we owe him some attention” suggests that the functions of the Clinton Foundation overlapped with the State Department.

Abedin and Toiv later landed a job at Band’s firm, Teneo.

The Clinton campaign denied to CNN that the Band emails were evidence of collusion between the Clinton Foundation and Hillary Clinton’s State Department.

“Neither of these emails involve the secretary or relate to the Foundation’s work,” Clinton campaign spokesman Josh Schwerin told the network. “They are communications between her aides and the President’s personal aide, and indeed the recommendation was for one of the Secretary’s former staffers who was not employed by the Foundation.”

Notably, Schwerin’s comment does not address Band’s request on behalf of Chagoury, the major Clinton Foundation donor.

 

 

What you Need to Know About IDI and Why

Posted on by

This Company Has Built a Profile on Every American Adult

Every move you make. Every click you take. Every game you play. Every place you stay. They’ll be watching you.

Bloomberg: Forget telephoto lenses and fake mustaches: The most important tools for America’s 35,000 private investigators are database subscription services. For more than a decade, professional snoops have been able to search troves of public and nonpublic records—known addresses, DMV records, photographs of a person’s car—and condense them into comprehensive reports costing as little as $10. Now they can combine that information with the kinds of things marketers know about you, such as which politicians you donate to, what you spend on groceries, and whether it’s weird that you ate in last night, to create a portrait of your life and predict your behavior.

IDI, a year-old company in the so-called data-fusion business, is the first to centralize and weaponize all that information for its customers. The Boca Raton, Fla., company’s database service, idiCORE, combines public records with purchasing, demographic, and behavioral data. Chief Executive Officer Derek Dubner says the system isn’t waiting for requests from clients—it’s already built a profile on every American adult, including young people who wouldn’t be swept up in conventional databases, which only index transactions. “We have data on that 21-year-old who’s living at home with mom and dad,” he says.

Dubner declined to provide a demo of idiCORE or furnish the company’s report on me. But he says these personal profiles include all known addresses, phone numbers, and e-mail addresses; every piece of property ever bought or sold, plus related mortgages; past and present vehicles owned; criminal citations, from speeding tickets on up; voter registration; hunting permits; and names and phone numbers of neighbors. The reports also include photos of cars taken by private companies using automated license plate readers—billions of snapshots tagged with GPS coordinates and time stamps to help PIs surveil people or bust alibis.

IDI also runs two coupon websites, allamericansavings.com and samplesandsavings.com, that collect purchasing and behavioral data. When I signed up for the latter, I was asked for my e-mail address, birthday, and home address, information that could easily link me with my idiCORE profile. The site also asked if I suffered from arthritis, asthma, diabetes, or depression, ostensibly to help tailor its discounts.

Users and industry analysts say the addition of purchasing and behavioral data to conventional data fusion outmatches rival systems in terms of capabilities—and creepiness. “The cloud never forgets, and imperfect pictures of you composed from your data profile are carefully filled in over time,” says Roger Kay, president of Endpoint Technologies Associates, a consulting firm. “We’re like bugs in amber, completely trapped in the web of our own data.”

When logging in to IDI and similar databases, a PI must select a permissible use for a search under U.S. privacy laws. The Federal Trade Commission oversees the industry, but PI companies are largely expected to police themselves, because a midsize outfit may run thousands of searches a month.

Dubner says most Americans have little to fear. As examples, he cites idiCORE uses such as locating a missing person and nabbing a fraud or terrorism suspect.

IDI, like much of the data-fusion industry, traces its lineage to Hank Asher, a former cocaine smuggler and self-taught programmer who began fusing sets of public data from state and federal governments in the early 1990s. After Sept. 11, law enforcement’s interest in commercial databases grew, and more money and data began raining down, says Julia Angwin, a reporter who wrote about the industry in her 2014 book, Dragnet Nation.

Asher died suddenly in 2013, leaving behind his company, the Last One (TLO), which credit bureau TransUnion bought in bankruptcy for $154 million. Asher’s disciples, including Dubner, left TLO and eventually teamed up with Michael Brauser, a former business partner of Asher’s, and billionaire health-care investor Phillip Frost. In May 2015, after a flurry of purchases and mergers, the group rebranded its database venture as IDI.

Besides pitching its databases to big-name PIs (Kroll, Control Risks), law firms, debt collectors, and government agencies, IDI says it’s also targeting consumer marketers. The 200-employee company had revenue of about $40 million in its most recent quarter and says 2,800 users signed up for idiCORE in the first month after its May release. It declined to provide more recent figures. The company’s data sets are growing, too. In December, Frost helped underwrite IDI’s $100 million acquisition of marketing profiler Fluent, which says it has 120 million profiles of U.S. consumers. In June, IDI bought ad platform Q Interactive for a reported $21 million in stock.

IDI may need Frost’s deep pockets for a while. The PI industry’s three favorite databases are owned by TransUnion and media giants Reed Elsevier and Thomson Reuters. “There’s no shortage,” says Chuck McLaughlin, chairman of the board of the World Association of Detectives, which has about 1,000 members. “The longer you’re in business, the more data you have, the better results.” He uses TLO and Tracers Information Specialists.

Steve Rambam, a PI who hosts Nowhere to Hide on the Investigation Discovery channel, says marketing data remains a niche monitoring tool compared with social media, but its power can be unparalleled. “You may not know what you do on a regular basis, but I know,” Rambam says. “I know it’s Thursday, you haven’t eaten Chinese food in two weeks, and I know you’re due.”

Wait…there is another problem you don’t know about.

Comcast Lobbies To Charge Customers More To Protect Their Online Privacy
Internet providers are still hashing out issues with the FCC. In particular, Comcast is currently defend its “pay-for-privacy” model to the FCC [PDF]. Comcast has even contended that  “the FCC has no authority to prohibit or limit these types of programs.”

So what exactly is the “pay-for-privacy” system? Essentially, companies like Comcast offers discounts to customers in exchange for allowing ISP’s to use their data. Comcast then floods these customers with various behaviorally-targeted ads. Customers who prefer privacy over pricing are charged a premium.

image: http://hothardware.com/ContentImages/NewsItem/38236/content/small_comcast_office.jpg

comcast office

Several weeks ago a number of lawmakers urged the FCC to ban the “pay-for-privacy” system. They argued that this pricing pyramid is particularly harmful to elderly customers who do not necessarily understand how ISP’s work and low-income customers who cannot afford to pay the privacy premium. Members of Congress noted that Comcast’s policies are “counter to our nation’s core principle that all Americans have a fundamental right to privacy.”

Comcast argued that the “pay-for-privacy” model actually benefits elderly and low-income customers. They insisted that its “prohibition would harm consumers by, among other things, depriving them of lower-priced offerings.” They noted that this system is commonly used throughout the United States economy.

image: http://hothardware.com/ContentImages/NewsItem/38236/content/small_fcc.jpg

fcc

Comcast also argued that its ensures “through contractual provisions that vendors who handle customer-related data have strong measures in place to protect that customer-related data, and that the vendors are prohibited from using that data for any purposes other than as directed by Comcast.”

The company concurs that opt-in agreements should be required when dealing with sensitive information. This kind of information would include financial, health, and children’s information, Social Security numbers, and precise geo-location information. All other information, however, would be subject to opt-out or, in most instances, “implied” consent.  The FCC is currently considering privacy rules that would require broadband providers to obtain consumers’ opt-in consent regardless of whether the information was sensitive or not. Hat tip to HotHardware

New Color-coded Cyber Threats

Posted on by

Remember when the Democrats and lobby groups ridiculed George W. Bush for using a color coded threat matrix? Carry on….

The White House now has a color-coded scale for cyber-security threat

TheVerge:  As the Obama administration nears its final months, the White House has released a framework for handling cyberattacks. The Presidential Policy Directive on United States Cyber Incident Coordination builds on the action plan that Obama laid out earlier this year, and it’s intended to create a clear standard of when and how government agencies will handle incidents. It also comes with a new threat level scale, assigning specific colors and response levels to the danger of a hack.

The cyberattack severity scale is somewhat vague, but it’s supposed to make sure that the agencies involved in cybersecurity — the Department of Justice, Department of Homeland Security, and Office of the Director of National Intelligence — respond to threats with the same level of urgency and investment. A Level One incident is “unlikely to impact public health or safety, national security, economic security, foreign relations, civil liberties, or public confidence,” while a red Level Four one is “likely to result in a significant impact to public health or safety, national security, economic security, foreign relations, or civil liberties.” One final designation — Level Five, or black — covers anything that “poses an imminent threat to the provision of wide-scale critical infrastructure services, national government stability, or to the lives of US persons.”

The upshot of this is that anything at Level Three or above will trigger a coordination effort to address the threat. In addition to the groups above, this effort will include the company, organization, or agency that was attacked.

Cybersecurity is a growing concern, and both Congress and the White House have spent the past several years pushing various frameworks for shoring it up. This includes a series of hotly debated bills that culminated in the Cyber Information Sharing Act, which has raised privacy questions as it’s been put into practice. At the same time, high-profile hacks have led to serious consequences for companies like Sony Pictures, Target, and Ashley Madison. Most recently, an unknown hacker or hackers — potentially linked to Russia — breached the Democratic National Committee’s servers, releasing large numbers of embarrassing documents and emails. This announcement doesn’t tell us exactly how the federal government will handle future cyberattacks, but along with everything else, it does signal that they’re becoming a more and more standard part of the security equation.

*****

From the White House FACT SHEET: Presidential Policy Directive

The PPD builds on these lessons and institutionalizes our cyber incident coordination efforts in numerous respects, including:

  • Establishing clear principles that will govern the Federal government’s activities in cyber incident response;
  • Differentiating between significant cyber incidents and steady-state incidents and applying the PPD’s guidance primarily to significant incidents;
  • Categorizing the government’s activities into specific lines of effort and designating a lead agency for each line of effort in the event of a significant cyber incident;
  • Creating mechanisms to coordinate the Federal government’s response to significant cyber incidents, including a Cyber Unified Coordination Group similar in concept to what is used for incidents with physical effects, and enhanced coordination procedures within individual agencies;
  • Applying these policies and procedures to incidents where a Federal department or agency is the victim; and,
  • Ensuring that our cyber response activities are consistent and integrated with broader national preparedness and incident response policies, such as those implemented through Presidential Policy Directive 8-National Preparedness, so that our response to a cyber incident can seamlessly integrate with actions taken to address physical consequences caused by malicious cyber activity.

We also are releasing today a cyber incident severity schema that establishes a common framework within the Federal government for evaluating and assessing the severity of cyber incidents and will help identify significant cyber incidents to which the PPD’s coordination procedures would apply.

Incident Response Principles

The PPD outlines five principles that will guide the Federal government during any cyber incident response:

  • Shared Responsibility – Individuals, the private sector, and government agencies have a shared vital interest and complementary roles and responsibilities in protecting the Nation from malicious cyber activity and managing cyber incidents and their consequences.
  • Risk-Based Response – The Federal government will determine its response actions and  resource needs based on an assessment of the risks posed to an entity, national security interests, foreign relations, or economy of the United States or to the public confidence, civil liberties, or public health and safety of the American people.
  • Respecting Affected Entities – Federal government responders will safeguard details of the incident, as well as privacy and civil liberties, and sensitive private sector information.
  • Unity of Effort – Whichever Federal agency first becomes aware of a cyber incident will rapidly notify other relevant Federal agencies in order to facilitate a unified Federal response and ensure that the right combination of agencies responds to a particular incident.
  • Enabling Restoration and Recovery – Federal response activities will be conducted in a manner to facilitate restoration and recovery of an entity that has experienced a cyber incident, balancing investigative and national security requirements with the need to return to normal operations as quickly as possible.

Significant Cyber Incidents

While the Federal government will adhere to the five principles in responding to any cyber incident, the PPD’s policies and procedures are aimed at a particular class of cyber incident: significant cyber incidents.  A significant cyber incident is one that either singularly or as part of a group of related incidents is likely to result in demonstrable harm to the national security interests, foreign relations, or economy of the United States or to the public confidence, civil liberties, or public health and safety of the American people.

When a cyber incident occurs, determining its potential severity is critical to ensuring the incident receives the appropriate level of attention.  No two incidents are the same and, particularly at the initial stages, important information, including the nature of the perpetrator, may be unknown.

Therefore, as part of the process of developing the incident response policy, the Administration also developed a common schema for describing the severity of cyber incidents, which can include credible reporting of a cyber threat, observed malicious cyber activity, or both.  The schema establishes a common framework for evaluating and assessing cyber incidents to ensure that all Federal departments and agencies have a common view of the severity of a given incident, the consequent urgency of response efforts, and the need for escalation to senior levels.

The schema describes a cyber incident’s severity from a national perspective, defining six levels, zero through five, in ascending order of severity.  Each level describes the incident’s potential to affect public health or safety, national security, economic security, foreign relations, civil liberties, or public confidence.  An incident that ranks at a level 3 or above on this schema is considered “significant” and will trigger application of the PPD’s coordination mechanisms.

Lines of Effort and Lead Agencies

To establish accountability and enhance clarity, the PPD organizes Federal response activities into three lines of effort and establishes a Federal lead agency for each:

  • Threat response activities include the law enforcement and national security investigation of a cyber incident, including collecting evidence, linking related incidents, gathering intelligence, identifying opportunities for threat pursuit and disruption, and providing attribution.   The Department of Justice, acting through the Federal Bureau of Investigation (FBI) and the National Cyber Investigative Joint Task Force (NCIJTF), will be the Federal lead agency for threat response activities.
  • Asset response activities include providing technical assets and assistance to mitigate vulnerabilities and reducing the impact of the incident, identifying and assessing the risk posed to other entities and mitigating those risks, and providing guidance on how to leverage Federal resources and capabilities.   The Department of Homeland Security (DHS), acting through the National Cybersecurity and Communications Integration Center (NCCIC), will be the Federal lead agency for asset response activities.  The PPD directs DHS to coordinate closely with the relevant Sector-Specific Agency, which will depend on what kind of organization is affected by the incident.
  • Intelligence Support and related activities include intelligence collection in support of investigative activities, and integrated analysis of threat trends and events to build situational awareness and to identify knowledge gaps, as well as the ability to degrade or mitigate adversary threat capabilities.  The Office of the Director of National Intelligence, through the Cyber Threat Intelligence Integration Center, will be the Federal lead agency for intelligence support and related activities.

In addition to these lines of effort, a victim will undertake a wide variety of response activities in order to maintain business or operational continuity in the event of a cyber incident.  We recognize that for the victim, these activities may well be the most important.  Such efforts can include communications with customers and the workforce; engagement with stakeholders, regulators, or oversight bodies; and recovery and reconstitution efforts.   When a Federal agency is a victim of a significant cyber incident, that agency will be the lead for this fourth line of effort.  In the case of a private victim, the Federal government typically will not play a role in this line of effort, but will remain cognizant of the victim’s response activities consistent with these principles and coordinate with the victim.

Coordination Architecture

In order to facilitate the more coordinated, integrated response demanded by significant cyber incidents, the PPD establishes a three-tiered coordination architecture for handling those incidents:

National Policy Level:  The PPD institutionalizes the National Security Council-chaired interagency Cyber Response Group (CRG).  The CRG will coordinate the development and implementation of United States Government policy and strategy with respect to significant cyber incidents affecting the United States or its interests abroad.

National Operational Level:  The PPD directs agencies to take two actions at the national operational level in the event of a significant cyber incident.

  • Activate enhanced internal coordination procedures.  The PPD instructs agencies that regularly participate in the Cyber Response Group to develop these procedures to ensure that they can surge effectively when confronted with an incident that exceeds their day-to-day operational capacity.
  • Create a Unified Coordination Group.  In the event of a significant cyber incident, the PPD provides that the lead agencies for each line of effort, along with relevant Sector-Specific Agencies (SSAs), state, local, tribal and territorial governments, international counterparts, and private sector entities, will form a Cyber Unified Coordination Group (UCG) to coordinate response activities.  The Cyber UCG shall coordinate the development, prioritization, and execution of cyber response efforts, facilitate rapid information sharing among UCG members, and coordinate communications with stakeholders, including the victim entity.

Field Level:  The PPD directs the lead agencies for each line of effort to coordinate their interaction with each other and with the affected entity.

Integration with Existing Response Policy

The PPD also integrates U.S. cyber incident coordination policy with key aspects of existing Federal preparedness policy to ensure that the Nation will be ready to manage incidents that include both cyber and physical effects, such as a significant power outage resulting from malicious cyber activity.  The PPD will be implemented by the Federal government consistent with existing preparedness and response efforts.

Implementation tasks

The PPD also directs several follow-on tasks in order to ensure its full implementation.  In particular, it requires that the Administration develop and finalize the National Cyber Incident Response Plan – in coordination with State, Local, Territorial, and Tribal governments, the private sector, and the public – to further detail how the government will manage cyber incidents affecting critical infrastructure.  It also directs DHS and DOJ to develop a concept of operations for how a Cyber UCG will operate and for the NSC to update the charter for the CRG.

Passionatepolka, TreasureMap and FLATLIQUID?

Posted on by

I read one of his books several years ago….

The summary below is not classified material. The Intelligence Community  including the NSA has declassified a lot of material such as:

Chinese Cyber Espionage in the U.S.

August 10, 2015

China Read Emails of Top U.S. Officials – NBC News

NSA slide showing China hacking units

Commentary: The world’s best cyber army doesn’t belong to Russia

by: Bamford

Reuters: National attention is focused on Russian eavesdroppers’ possible targeting of U.S. presidential candidates and the Democratic Congressional Campaign Committee. Yet, leaked top-secret National Security Agency documents show that the Obama administration has long been involved in major bugging operations against the election campaigns — and the presidents — of even its closest allies.

The United States is, by far, the world’s most aggressive nation when it comes to cyberspying and cyberwarfare. The National Security Agency has been eavesdropping on foreign cities, politicians, elections and entire countries since it first turned on its receivers in 1952. Just as other countries, including Russia, attempt to do to the United States. What is new is a country leaking the intercepts back to the public of the target nation through a middleperson.

There is a strange irony in this. Russia, if it is actually involved in the hacking of the computers of the Democratic National Committee, could be attempting to influence a U.S. election by leaking to the American public the falsehoods of its leaders. This is a tactic Washington used against the Soviet Union and other countries during the Cold War.

In the 1950s, for example, President Harry S Truman created the Campaign of Truth to reveal to the Russian people the “Big Lies” of their government. Washington had often discovered these lies through eavesdropping and other espionage.

Today, the United States has morphed from a Cold War, and in some cases a hot war, into a cyberwar, with computer coding replacing bullets and bombs. Yet the American public manages to be “shocked, shocked” that a foreign country would attempt to conduct cyberespionage on the United States.

NSA operations have, for example, recently delved into elections in Mexico,  targeting its last presidential campaign. According to a top-secret PowerPoint presentation leaked by former NSA contract employee Edward Snowden, the operation involved a “surge effort against one of Mexico’s leading presidential candidates, Enrique Peña Nieto, and nine of his close associates.” Peña won that election and is now Mexico’s president.

The NSA identified Peña’s cellphone and those of his associates using advanced software that can filter out specific phones from the swarm around the candidate. These lines were then targeted. The technology, one NSA analyst noted, “might find a needle in a haystack.” The analyst described it as “a repeatable and efficient” process.

The eavesdroppers also succeeded in intercepting 85,489 text messages, a Der Spiegel article noted.

Another NSA operation, begun in May 2010 and codenamed FLATLIQUID, targeted Pena’s predecessor, President Felipe Calderon. The NSA, the documents revealed, was able “to gain first-ever access to President Felipe Calderon’s public email account.”

At the same time, members of a highly secret joint NSA/CIA organization, called the Special Collection Service, are based in the U.S. embassy in Mexico City and other U.S. embassies around the world. It targets local government communications, as well as foreign embassies nearby. For Mexico, additional eavesdropping, and much of the analysis, is conducted by NSA Texas, a large listening post in San Antonio that focuses on the Caribbean, Central America and South America.

Unlike the Defense Department’s Pentagon, the headquarters of the cyberspies fills an entire secret city. Located in Fort Meade, Maryland, halfway between Washington and Baltimore, Maryland, NSA’s headquarters consists of scores of heavily guarded buildings. The site even boasts its own police force and post office.

And it is about to grow considerably bigger, now that the NSA cyberspies have merged with the cyberwarriors of U.S. Cyber Command, which controls its own Cyber Army, Cyber Navy, Cyber Air Force and Cyber Marine Corps, all armed with state-of-the-art cyberweapons. In charge of it all is a four-star admiral, Michael S. Rogers.

Now under construction inside NSA’s secret city, Cyber Command’s new $3.2- billion headquarters is to include 14 buildings, 11 parking garages and an enormous cyberbrain — a 600,000-square-foot, $896.5-million supercomputer facility that will eat up an enormous amount of power, about 60 megawatts. This is enough electricity to power a city of more than 40,000 homes.

In 2014, for a cover story in Wired and a PBS documentary, I spent three days in Moscow with Snowden, whose last NSA job was as a contract cyberwarrior. I was also granted rare access to his archive of documents. “Cyber Command itself has always been branded in a sort of misleading way from its very inception,” Snowden told me. “It’s an attack agency. … It’s all about computer-network attack and computer-network exploitation at Cyber Command.”

The idea is to turn the Internet from a worldwide web of information into a global battlefield for war. “The next major conflict will start in cyberspace,” says one of the secret NSA documents. One key phrase within Cyber Command documents is “Information Dominance.”

The Cyber Navy, for example, calls itself the Information Dominance Corps. The Cyber Army is providing frontline troops with the option of requesting “cyberfire support” from Cyber Command, in much the same way it requests air and artillery support. And the Cyber Air Force is pledged to “dominate cyberspace” just as “today we dominate air and space.”

Among the tools at their disposal is one called Passionatepolka, designed to “remotely brick network cards.” “Bricking” a computer means destroying it – turning it into a brick.

One such situation took place in war-torn Syria in 2012, according to Snowden, when the NSA attempted to remotely and secretly install an “exploit,” or bug, into the computer system of a major Internet provider. This was expected to provide access to email and other Internet traffic across much of Syria. But something went wrong. Instead, the computers were bricked. It took down the Internet across the country for a period of time.

While Cyber Command executes attacks, the National Security Agency seems more interested in tracking virtually everyone connected to the Internet, according to the documents.

One top-secret operation, code-named TreasureMap, is designed to have a “capability for building a near real-time interactive map of the global Internet. … Any device, anywhere, all the time.” Another operation, codenamed Turbine, involves secretly placing “millions of implants” — malware — in computer systems worldwide for either spying or cyberattacks.

Yet, even as the U.S. government continues building robust eavesdropping and attack systems, it looks like there has been far less focus on security at home. One benefit of the cyber-theft of the Democratic National Committee emails might be that it helps open a public dialogue about the dangerous potential of cyberwarfare. This is long overdue. The possible security problems for the U.S. presidential election in November are already being discussed.

Yet there can never be a useful discussion on the topic if the Obama administration continues to point fingers at other countries without admitting that Washington is engaged heavily in cyberspying and cyberwarfare.

In fact, the United States is the only country ever to launch an actual cyberwar — when the Obama administration used a cyberattack to destroy thousands of centrifuges, used for nuclear enrichment, in Iran. This was an illegal act of war, according to the Defense Department’s own definition.

Given the news reports that many more DNC emails are waiting to be leaked as the presidential election draws closer, there will likely be many more reminders of the need for a public dialogue on cybersecurity and cyberwarfare before November.

 

(James Bamford is the author of The Shadow Factory: The Ultra-Secret NSA From 9/11 to the Eavesdropping on America. He is a columnist for Foreign Policy magazine.)

Refugees Have Temporary Status in U.S. but not under DHS

Posted on by

The United States has been taking in refugees, migrants and asylees from Latin America and several dozen countries for decades. This is supposed to be a temporary condition but the truth is it has never been temporary.

Image result for manbij

Now with 45 million people from just 2015 displaced from their home countries around the world, there is a crisis that is hard to define much less solve. The United Nations is the lead organization that is under pressure to find solutions and world leaders are not in any kind of collective agreement. Meanwhile, there are people, mostly innocent that are suffering. This is a historical time, one that was in fact not only predictable but solvable if civil war, conflicts and terrorism was addressed long before it manifested.

At issue is the total cost of war where there is no end in sight but more, the cost of creating a viable and living long term solution for migrants to include education, healthcare, law enforcement, jobs, entitlements to list a few. No country is monetarily prepared for the future costs many yet to be known, studied or funded.

Related reading: Bodies found off coast of Libya as migrant toll climbs

The United States had every opportunity in 2011 to launch humanitarian action missions to offset refugee conditions especially as Islamic State was born, and predicted to become a global terror operation directly after Abu Musab al-Zarqawi was killed. He is the original father of Islamic State…al Qaeda in Iraq.

Image result for zarqawi

As a result of the long war in Iraq, Syria and Afghanistan, the complete damage to cities and towns where normal infrastructure has been destroyed, there is no viable location to go back to. There are no schools, hospitals, roads, buildings and commerce has stopped except for black markets and smuggling. Further, no countries are stepping up with funds to help rebuild or as many call it, nation building.

In summary, refugees are in fact a new permanent status for wherever they are located, including the United States.

Consequently, the United Nations is chartered with drafting a global solution with world leaders.

The first cut a the draft is found here.

In part from the NewYorkTimes: Refugees and migrants will be the biggest issue at the gathering of world leaders at the United Nations next month. President Obama plans to lead a meeting at the General Assembly in an effort to nudge countries to take in more refugees and contribute to countries that have taken them in for years.

The United Nations secretary general, Ban Ki-moon, also plans to hold a meeting on the plight of refugees and migrants. The document under negotiation will be the centerpiece of his meeting.

While the draft text has no force of international law, every sentence has been argued and negotiated. The resulting language is sometimes so vague that it is likely to bring little comfort to the millions of men, women and children who are seeking safety and opportunity abroad.

Eritrea, for instance, recently complained that the many references to human rights in the document were “redundant.” (A United Nations committee earlier this year accused Eritrea of atrocities against its own citizens.)

Russia resisted a sentence that called for countries to share in the “burden” of taking in refugees. (Russia takes in very few, except lately, from parts of Ukraine.)

The United States suggested a phrase asserting that detention is “seldom” good for children. Activists for immigrants and refugees found that suggestion so appalling that they fired off a letter on Friday to President Obama. They argued that any international agreement should make clear that detention is “never in the best interests of children” and should commit to ending the practice. (The United States detains children who arrive from Mexico without legal papers.)

Amnesty International said in a statement over the weekend that “with some states trying to dilute the agreement to suit their own political agendas, we may end up with tentative half-measures that merely reinforce the status quo or even weaken existing protection.”

This draft agreement sets out a long list of principles, most already enshrined in existing laws. It says refugees deserve protection and should not be sent back to places where they could face war or persecution. It urges countries to allow refugees to work and to let their children attend school, though it stops short of saying refugees have a right to either jobs or schools.

It asserts that migration can be good for the world, which is wording that migrant-sending countries wanted. It also calls for countries to take back their citizens if they travel illegally and fail to get asylum, which is what migrant-receiving countries, especially in Europe, wanted.

An early draft had proposed a global compact to allocate where refugees could be permanently resettled, but that proposal failed. African and Latin American countries wanted to know why the compact was on refugees alone, according to diplomats involved in the negotiations. Why not also have a compact on the rights of migrants, they asked.

The latest draft sets a 2018 deadline for two compacts — one for refugees, a second for migrants.

The draft text also says nothing about the rights of the 40 million people who are displaced in their own countries, or about those who are leaving their homes because of climate change.