Category Archives: NSA Spying

Spoofing the GPS, Navy Sailors Arrested

Posted on by

My first conclusion was Iran hacked the GPS and described this with evidence on January 14th.

Story You Aren’t Being Told About Iran Capturing Two American Vessels

Submitted by Tyler Durden on 01/20/2016

Zerohedge The airwaves in the United States were filled with images of sailors on their knees while a US Navy vessel was searched. Unjustified outrage swept the nation. The US Secretary of Defense blamed the incident on a simple navigation error, however a chain of events leading back to 2009 demonstrates the facts are a little more complicated than first appear. The chain of events leads defense analysts to one unmistakable conclusion: Iran has the ability to disrupt US GPS systems. For western military analysts, the thought is terrifying. The West uses GPS for much more than replacing a compass and a map.

In 2009, Lockheed Martin’s RQ-170 Sentinel showed up on a runway in Kandahar, Afghanistan. The aircraft entered service two years earlier, but the public was unaware. The bat wing styled drone is reminiscent of the Stealth Bomber. The similarities extend beyond the cosmetic, and the RQ-170 is the premier spy drone in the US fleet. This was the drone used to map out Bin Laden’s compound. It was tasked with keeping an eye on Iran’s nuclear program. That’s when things got interesting.

On December 4, 2011 a RQ-170 Sentinel crashed into the Iranian countryside. Iran claimed its electronic warfare unit brought the plane down. The US Department of Defense stated the aircraft was flying over western Afghanistan and crashed near or in Iran. The aircraft was 140 miles inside Iran’s borders. The west laughed at the idea of Iran’s military obtaining the capability to down one the most sophisticated drones in the world. One military official remarked it was like:

“dropping a Ferrari into an ox-cart technology culture.”

They probably shouldn’t have been so quick to laugh. It appears the Iranians didn’t just down the aircraft, they took control of it mid-flight. Dailytech.com explained:

“Using its knowledge of the frequency, the engineer claims, Iran intiated its ‘electronic ambush’ by jamming the bird’s communications frequencies, forcing it into auto-pilot.  States the source, ‘By putting noise [jamming] on the communications, you force the bird into autopilot. This is where the bird loses its brain.’

 

“The team then use a technique known as ‘spoofing’ — sending a false signal for the purposes of obfuscation or other gain.  In this case the signal in questions was the GPS feed, which the drone commonly acquires from several satellites.  By spoofing the GPS feed, Iranian officials were able to convince it that it was in Afghanistan, close to its home base.  At that point the drone’s autopilot functionality kicked in and triggered the landing.  But rather than landing at a U.S. military base, the drone victim instead found itself captured at an Iranian military landing zone.

 

“Spoofing the GPS is a clever method, as it allows hackers to ‘land on its own where we wanted it to, without having to crack the [encrypted] remote-control signals and communications.’

 

“While the technique did not require sophistication from a cryptography perspective, it was not entirely trivial, either, as it required precise calculations to be made to give the drone the proper forged distance and find and fine an appropriate altitude landing strip to make sure the drone landed as it did in Afghanistan.

 

The Iranian engineers knew the details of the landing site, because the drone had been confirmed in grainy photos to be landing at a base in Khandar, Afghanistan.

 

“Despite the careful calculations, the drone still sustained a dent in its wing and underbody (though it did not have the usual signs of a high-speed collision).  During its press conferences, the Iranian military covered this damage with anti-American banners.

 

“The engineer explained this damage commenting, ‘If you look at the location where we made it land and the bird’s home base, they both have [almost] the same altitude.  There was a problem [of a few meters] with the exact altitude so the bird’s underbelly was damaged in landing; that’s why it was covered in the broadcast footage.’The approach echoes an October security conference presentation [PDF] in Chicago, in which ETH Zurich researchers laid out how to use interference and GPS spoofing to more gently down a drone.”

The Aviationist agreed and suggested the US “reconsider their drones’ equipment, countermeasures and combat operation procedures as well as Iran’s electronic and cyberwarfare capabilities.” It should be noted the “ox-cart technology culture” has since reverse engineered the drone.

The gross underestimation of the Iranian military led to the recent incident in the Persian Gulf. The story being repeated in the western press is one of ten sailors getting lost and ending up in Iranian territorial waters (if the outlet mentions that part). According to Secretary of Defense Carter, “All the contributing factors to that we don’t know yet, and we’re still talking to those folks, and we’ll find out more … but they were clearly out of the position that they intended to be in.”

Two boats lost their GPS abilities at the same time, and the Secretary of Defense isn’t sure what happened? A few US outlets, such as the L.A. Times, reported on the other malfunctions during the incident. Both boats lost radio communication and all other communication during the incident. A single vehicle losing its GPS abilities can happen. It’s rare, but it can happen. Two vehicles losing the systems at the same time borders on implausible, but there is still a possibility of it occurring through Murphy’s Law. The loss of all communication equipment and GPS systems on two boats at the same time means one thing: electronic warfare.

The unwillingness to admit the US military has spent billions on a system that has apparently been defeated by Iran is the most likely culprit behind the western media’s attempt to focus on the “ill treatment” of US sailors. Even the L.A. Times, which was willing to report on the communications failures, placed the following quote in a bold offset in the same article:

“The way those sailors were treated was entirely inappropriate. … The U.S. Navy would never demand Iranian sailors hold their hands on their heads and coerce a confession.– James Stavridis, retired U.S. admiral”

The U.S. Navy’s installation at Guantanamo Bay has been the scene of the worst treatment of detainees by the US government in decades. The sailors captured by Iran were not waterboarded, deprived of sleep or food, sexually abused, or otherwise tortured. The United States does not have the moral authority to object to how another nation treats detainees.

The burning question now relates to whether or not Iran’s actions constitute an attack on the U.S. It’s not a simple question. Electronic warfare and cyber warfare have become common place. It is also worth noting the two US vessels were within just a few miles of Farsi Island. Farsi Island is the home of the Revolutionary Guards’ Navy (RGN). The RGN is Iran’s maritime unconventional warfare force. For comparison, imagine a scenario in which a nation that has attacked a US civilian airliner and whose political leaders have constantly threatened war sent two boats to  pass extraordinarily close to the home base of a U.S. Seal Team. The reader can decide if Iran’s actions were appropriate.

The most important takeaway from this incident is to remember the high-tech military of the United States has an exposed vulnerability. It’s a vulnerability that was exploited by Iran. Iran is not a nation many in military circles would see as technologically advanced. The drone warfare system has a fatal flaw. If Iran can exploit it, China and Russia certainly can. Even North Korea has been able to successfully disrupt the GPS system. Beyond simple navigation, the U.S. employs the GPS system to guide missiles. If the Iranians can jam and spoof their way into controlling a drone, it isn’t a huge leap to believe have the ability, or will soon have the ability, to do the same thing with guided missiles.

It should be noted that GPS jammers are available on the civilian market and have been detected in use inside the United Kingdom. This revelation may also be the reasoning behind the U.S. decision to require drone operators to register their aircraft.

 

Perspective: The Real Violation of Hillary with SAP on Her Server

Posted on by

Humm, was Hillary ever in a SCIF?

(Sensitive Compartmented Information Facility)

The smoking gun?  

By Anthony DeChristopher

TheHill: Special Access Programs (SAP) is a game changer.  It is now undeniably clear that the results of the FBI investigation will be the end of one of two things:  Hillary’s bid for the White House or the legitimacy of the FBI—at least when it comes to prosecuting cases on the mishandling of classified material.

In 2006, a Special Forces Operational Detachment Alpha (ODA) from my company was deployed to Afghanistan.  Theirs was a particular mission that differed from the combat missions the typical ODAs were conducting at that time.  Everyone on that team maintained a Top Secret Sensitive and Compartmented Information (TS/SCI) clearance and was “read-on” to their special program.  A few months into their deployment, their Intelligence Sergeant lost a thumb-drive that possessed classified information.  A week later the thumb drive was found for sale at a local bazaar.

In response to the events, Col. Ken Allard (ret.) stated, “You’ve got a situation in which the U.S. is going to be forced to change an awful lot of its operational techniques.”

Beyond the compromise of classified information, a lot did change.  New protocols for the handling of classified material were established, and the transportation of classified material on thumb drives was strictly forbidden.  The knee jerk reaction even went as far as to disable USB ports on our work computers—in case we forgot.

Since then I’ve deployed to several locations where, at times, we operated in small teams with only non-secure cellphones with which to communicate.  We often found ourselves with a lot of information that needed to be sent up in reports, but due to the nature of our mission we were forced to sit on it for a few days until we were able to type it up and send it through a secure medium.  I’d be lying if I said we didn’t concoct elaborate plans with “foolproof” ways to communicate the information over non-secure channels, but in the end, no one was willing to take the risk of our “fail-safes” failing.

As more information from Hillary Clinton’s server has been made available, it is clear that the contents of the server contained Imagery Intelligence (IMINT), Human Intelligence (HUMINT), and Signal Intelligence (SIGINT).  Understanding that much of the information has been retroactively classified, there are a few facts that are tough to grasp—at least from the perspective of an intelligence practitioner.

First, when imagery that is classified SECRET//NOFORN (no foreign national) is viewed, regardless of the absence of classification markings, it is distinctly evident. Second, any documents that contain or reference HUMINT is always classified SECRET, and if specific names of sources or handlers are mentioned, they are at a minimum SECRET//NOFORN.  Third, SIGINT is always classified at the TS level.  It’s not uncommon for some SI to be downgraded and shared over SECRET mediums, however, it is highly unlikely that a Secretary of State would receive downgraded intelligence.  Finally, SAP intelligence has been discovered on Clinton’s private server, and many are now calling this the smoking gun.  SAP is a specialized management system of additional security controls designed to protect SAR or Special Access Required.  SAR has to do with extremely perishable operational methods and capabilities, and only selected individuals who are “read on” or “indoctrinated” are permitted access to these programs.  The mishandling of SAP can cause catastrophic damage to current collection methods, techniques and personnel.

In other words, if you have worked with classified material for more than a day, it seems highly implausible that someone could receive any of the aforementioned over an un-secure medium without alarm bells sounding.  However, reading about a Special Access Program on an unclassified device would make anyone even remotely familiar with intelligence mess their pantsuit.

With more damming information being released almost weekly now, it’s interesting that during last Sunday’s Democratic debate, Clinton resoundingly stated: “No one is too big for jail.”Although the context was referencing bank CEOs and Hedge fund managers, the obvious correlation left many scratching their heads and wondering—did Hillary Clinton just say, “I dare you” to the FBI?”

DeChristopher is a 9-year veteran of the United States Army Special Forces.  He holds an M.A. in Strategic Security Studies from National Defense University’s College of International Security Affairs with a concentration in Irregular Warfare.  He currently works as an Independent Intelligence Consultant.

***

The State Department Inspector General who investigated the Hillary server, had security clearance but to complete the assignment to investigate deeper the issues and data on the server, he had to go through and additional process to get the highest security clearance. It must also be mentioned that some top intelligence community professionals are now part of the investigation and they are in fact stationed to do nothing but investigate the actual communications and determine what was, should have been classified even though ‘some’ communications had designations removed.

****

FNC: Some of Hillary Clinton’s emails on her private server contained information so secret that senior lawmakers who oversee the State Department cannot read them without fulfilling additional security requirements, Fox News has learned.

The emails in question, as Fox News first reported earlier this week, contained intelligence classified at a level beyond “top secret.” Because of this designation, not all the lawmakers on key committees reviewing the case have high enough clearances.

A source with knowledge of the intelligence review told Fox News that senior members of the Senate Foreign Relations Committee, despite having high-level clearances, are among those not authorized to read the intelligence from so-called “special access programs” without taking additional security steps — like signing new non-disclosure agreements.

These programs are highly restricted to protect intelligence community sources and methods.

As Fox News previously reported, a Jan. 14 letter from Intelligence Community Inspector General I. Charles McCullough III to senior lawmakers said an intelligence review identified “several dozen” additional classified emails — including specific intelligence from “special access programs” (SAP).

That indicates a level of classification beyond even “top secret,” the label previously given to two emails found on her server, and brings even more scrutiny to the Democratic presidential candidate’s handling of the government’s closely held secrets.

Fox News is told that the reviewers who handled the SAP intelligence identified in Clinton’s emails had to sign additional non-disclosure agreements even though they already have the highest level of clearance — known as TS/SCI or Top Secret/Sensitive Compartmented information. This detail was first reported by NBC News.

This alone seems to undercut the former secretary of state’s and other officials’ claims that the material is “innocuous.”

In an interview with NPR, Clinton claimed the latest IG finding doesn’t change anything and suggested it was politically motivated.

“This seems to me to be, you know, another effort to inject this into the campaign, it’s another leak,” she said. “I’m just going to leave it up to the professionals at the Justice Department because nothing that this says changes the fact that I never sent or received material marked classified.”

Despite Clinton’s claims, it is the content that is classified; the markings on the documents do not affect that.

A former Justice Department official said there is another problem — warnings from State Department IT employees and others that she should be using a government account.

“If you have a situation where someone was knowingly violating the law and that they knew that what they were doing was prohibited by federal law because other people were saying, you’re violating the law, knock it off, and they disregarded that advice and they went ahead, that’s a very difficult case to defend,” Thomas Dupree said.

Inspector General’s Report on Hillary’s Email, TROUBLE Ahead

Posted on by

Hillary signed the exact same document General Petraeus did. Since Hillary who does not get along at all with the Obama’s, and since Hillary has been in full lockstep with Obama, this can only mean she went to him to get his signature on ‘executive protection’. But, perhaps Congress can move some legislation to have her security clearance stripped, meaning she then cannot be eligible to be president. Just a thought.

Inspector General: Clinton emails had intel from most secretive, classified programs

Herridge/Brown

EXCLUSIVE: Hillary Clinton’s emails on her unsecured, homebrew server contained intelligence from the U.S. government’s most secretive and highly classified programs, according to an unclassified letter from a top inspector general to senior lawmakers.

Fox News exclusively obtained the text of the unclassified letter, sent Jan. 14 from Intelligence Community Inspector General I. Charles McCullough III. It laid out the findings of a recent comprehensive review by intelligence agencies that identified “several dozen” additional classified emails — including specific intelligence known as “special access programs” (SAP).

That indicates a level of classification beyond even “top secret,” the label previously given to two emails found on her server, and brings even more scrutiny to the presidential candidate’s handling of the government’s closely held secrets.

“To date, I have received two sworn declarations from one [intelligence community] element. These declarations cover several dozen emails containing classified information determined by the IC element to be at the confidential, secret, and top secret/sap levels,” said the IG letter to lawmakers with oversight of the intelligence community and State Department. “According to the declarant, these documents contain information derived from classified IC element sources.”

Intelligence from a “special access program,” or SAP, is even more sensitive than that designated as “top secret” – as were two emails identified last summer in a random sample pulled from Clinton’s private server she used as secretary of state. Access to a SAP is restricted to those with a “need-to-know” because exposure of the intelligence would likely reveal the source, putting a method of intelligence collection — or a human asset — at risk. Currently, some 1,340 emails designated “classified” have been found on Clinton’s server, though the Democratic presidential candidate insists the information was not classified at the time.

“There is absolutely no way that one could not recognize SAP material,” a former senior law enforcement with decades of experience investigating violations of SAP procedures told Fox News. “It is the most sensitive of the sensitive.”

Executive Order 13526 — called “Classified National Security Information” and signed Dec. 29, 2009 — sets out the legal framework for establishing special access programs. The order says the programs can only be authorized by the president, “the Secretaries of State, Defense, Energy, and Homeland Security, the Attorney General, and the Director of National Intelligence, or the principal deputy of each.”

The programs are created when “the vulnerability of, or threat to, specific information is exceptional,” and “the number of persons who ordinarily will have access will be reasonably small and commensurate with the objective of providing enhanced protection for the information involved,” it states.

According to court documents, former CIA Director David Petraeus was prosecuted for sharing intelligence from special access programs with his biographer and mistress Paula Broadwell. At the heart of his prosecution was a non-disclosure agreement where Petraeus agreed to protect these closely held government programs, with the understanding “unauthorized disclosure, unauthorized retention or negligent handling … could cause irreparable injury to the United States or be used to advantage by a foreign nation.” Clinton signed an identical non-disclosure agreement Jan. 22, 2009.

Fox News is told that the recent IG letter was sent to the leadership of the House and Senate intelligence committees and leaders of the Senate Foreign Relations Committee, as well as the Office of the Director of National Intelligence (ODNI) and State Department inspector general.

Fox News has asked the committees to make the letter public because its findings are unclassified.

Representatives for the ODNI and intelligence community inspector general had no comment, but did not dispute the findings.

The intelligence community IG was responding in his message to a November letter from the Republican chairmen of the Senate intelligence and foreign relations committees that questioned the State Department email review process after it was wrongly reported the intelligence community was retreating from the “top secret” designation.

As Fox News first reported, those two emails were “top secret” when they hit the server, and it is now considered a settled matter.

The intelligence agencies now have their own reviewers embedded at the State Department as part of the Freedom of Information Act (FOIA) process. The reviewers are identifying intelligence of a potentially classified nature, and referring it to the relevant intelligence agency for further review.

There is no formal appeals process for classification, and the agency that generates the intelligence has final say. The State Department only has control over the fraction of emails that pertain to their own intelligence.

While the State Department and Clinton campaign have said the emails in questions were “retroactively classified” or “upgraded” – to justify the more than 1,300 classified emails on her server – those terms are meaningless under federal law.

The former federal law enforcement official said the finding in the January IG letter represents a potential violation of USC 18 Section 793, “gross negligence” in the handling of secure information under the Espionage Act.

Demoting Petraeus to a 3 Star, Spells Trouble for Hillary?

Posted on by

General Petraeus is still not out of the realm of more disciplinary action when it comes to his troubles. The ‘all-in’ for Obama, Defense Secretary Ash Carter is considering additional punishment for Petraeus and if this demotion happens, it could set a standard for how Hillary should/could be punished as her crimes were much worse.

Exclusive: Pentagon May Demote David Petraeus

The Defense Secretary is looking to put the clamp down on misbehaving generals. Pentagon insiders say Petraeus could be the next general to face the consequences.

TheDailyBeast: The Pentagon is considering retroactively demoting retired Gen. David Petraeus after he admitted to giving classified information to his biographer and mistress while he was still in uniform, three people with knowledge of the matter told The Daily Beast.

The decision now rests with Secretary of Defense Ash Carter who is said to be willing to consider overruling an earlier recommendation by the Army that Petraeus not have his rank reduced. Such a demotion could cost the storied general hundreds of thousands of dollars—and deal an additional blow to his once-pristine reputation.

“The secretary is considering going in a different direction” from the Army, a defense official told the Daily Beast, because he wants to be consistent in his treatment of senior officers who engage in misconduct and to send a message that even men of Petraeus’ fame and esteemed reputation are not immune to punishment.

Pentagon spokesperson Peter Cook told The Daily Beast that Carter had requested more information on the matter before reaching a final decision.

“The Department of the Army is still in the process of providing the Secretary with information

relevant to former‎ Secretary McHugh’s recommendation,” Cook told The Daily Beast, referring to ex-Army Secretary John McHugh, who had recommended taking no action against Petraeus. “Once the Secretary‎ has an opportunity to consider this information, he will make his decision about next steps, if any, in this matter.”

Carter could also recommend other actions that don’t result in Petraeus losing his fourth star. Or the Defense Secretary could simply allow the Army’s previous recommendations to stand.

Petraeus, arguably the most well-known and revered military officer of his generation, retired from the Army in 2011 with the rank of a four-star general, the highest rank an Army officer can achieve. If Carter decides to strip Petraeus of his fourth star, he could be demoted to the last rank at which he “satisfactorily” served, according to military regulations.

Reducing Petraeus’ rank, most likely to lieutenant general, could mean he’d have to pay back the difference in pension payments and other benefits that he received as a retired four-star general. That would amount to hundreds of thousands of dollars over his retirement. According to Pentagon figures, a four-star general with roughly the same years of experience as Petraeus was entitled to receive a yearly pension of nearly $220,000. A three-star officer would receive about $170,000.

Petraeus didn’t respond to a request for comment.

But the financial pain to Petraeus isn’t likely to be severe. He has confided to friends and acquaintances that he’s making a hefty sum from his job at a private equity firm and through speaking fees.

The demotion in rank would be a bigger, lasting blow, and take from Petraeus the rare achievement he’d set his eyes on many years ago.

At any given time, there are only 12 four-star generals in the Army, the largest of the services. By the time he was a colonel, in the mid-1990s, many thought Petraeus was destined to be one of them.

The U.S military has, on several occasions, demoted generals, increasingly for improper personal contact and not for poor battlefield decisions. But rarely does it demote four-star generals, in part because there are so few of them. It’s also more common to reduce the rank of more junior officers than of top generals.

If Petraeus were demoted, it would mark another spectacular fall. Petraeus stepped down as director of the Central Intelligence Agency in 2012 after his affair with Paula Broadwell, a writer and current Army reservist, was revealed. At the time, Petraeus had been frequently mentioned as a possible Republican presidential candidate in 2016.

Petraeus pleaded guilty last year to giving Broadwell eight notebooks that he compiled while serving as commander of U.S. forces in Afghanistan and that he knew contained classified information. The notebooks held some of the most sensitive kinds of military and intelligence secrets, including the identities of covert officers, intelligence capabilities, quotes from high-level meetings of the National Security Council, and notes about Petraeus’ discussions with President Obama.

After leaving Afghanistan, Petraeus brought the books back to his home in Virginia and gave them to Broadwell just three days before he retired from the Army. She later returned them. No classified information appeared in her biography, All In: The Education of General David Petraeus, officials have said.

Petraeus could have faced felony charges, including for lying to FBI investigators, but was allowed to plead guilty last year to a misdemeanor count of unauthorized handling classified information. He avoided and avoid a prison sentence and received two years probation and a $100,000 fine.

But that was not the end of the matter. Last year, the FBI gave Army investigators information that the bureau had come across as it was closing up its own investigation of Petraeus, the defense official and one former U.S. official told The Daily Beast.

The information, the FBI believed, might be of interest to the Army, the defense official said. The Army investigated and decided “there was nothing new here that should change his retirement” and “recommended that there be no change” to his four-star rank, the official said. Last month, it went to the Secretary of Defense for final approval.

Army personnel regulations say that an officer doesn’t automatically retire with the highest rank he or she achieved while in uniform. And even though Petraeus had already been officially retired, through a process known as grade determination the Army can retroactively reopen his case and consider whether to demote him “[i]f substantial new evidence discovered contemporaneously with or within a short time following separation could result in a lower grade determination.”

The regulations also state that if “an officer’s misconduct while still on active duty is documented,” including by “conviction after retirement,” a new grade determination may be completed. Petraeus hadn’t yet retired when he gave Broadwell the classified information.

The Army received the information from the FBI that prompted this new review more than four years after Petraeus had retired. The Defense Department was also running its own investigation into Petraeus’ relationship with Broadwell and what classified information he gave her at the same time the FBI and federal prosecutors were pursuing their case. That may explain why the Army decided it had seen nothing new in the information it received last year from the FBI and decided not to recommend a demotion.

But Carter is said to be concerned that because he has recommended other generals be reduced in rank for actions not becoming an officer, he’ll be seen as inconsistent if he doesn’t do the same for Petraeus. The decision is as much about timing and politics as it is Petraeus’ own transgressions.

“This is about Ash Carter, not David Petraeus,” the defense official said.

Last November, Carter removed his senior military aide, Lt. Gen. Ron Lewis, for personal misconduct, and referred the matter to the Pentagon’s inspector general for investigation. Lewis was demoted a rank, to a major general.

Lewis was a long-time and influential aide to the secretary, and his removal and punishment signaled Carter’s commitment to maintaining upstanding behavior among of the military’s generals. The exact nature of Lewis’ misconduct has not been announced, but military officials have suggested he was involved in an improper personal relationship.

While few are familiar with Petraeus’ potential demotion, those who are aware of it said they were surprised that he could be punished years years after the scaNdal was presumably put behind him and after Petraeus pleaded guilty to mishandling classified information. No general in recent history has been demoted years after scandal swirled around him or her.

Those who know and have worked with Petraeus describe him as a man of extraordinary capabilities and ambition. He received his fourth star in 2007 and then served in several prestigious and demanding assignments, including commander of U.S. Central Command, the commanding general of all ground forces in Iraq, and later as commander of ground forces in Afghanistan.

Petraeus’ unorthodox thinking and willingness to buck conventional strategy was seen as key to the U.S. victory over insurgents and jihadists in Iraq during the so-called troop surge of 2007 and 2008. His reputation was so esteemed that there was talk of giving him a fifth star–a largely symbolic gesture that was highly unlikely–or renaming the road to Petraeus’ alma mater, the U.S. Military Academy, after him.

Should Carter choose to knock Petraeus down to the rank of a three-star general, he will have a chance to appeal his case to the secretary, but Congress doesn’t have to be informed of the decision, the official said.

There is no deadline on Carter to make a decision.

The last commander to lose rank for professional misconduct was Brig. Gen. Janis Karpinski, who was demoted to colonel in 2005 for the Abu Ghraib prison scandal in Iraq. The last four-star general to be demoted was Gen. William Ward who retired as a three-star in 2012 amid allegations he misspent government money on himself and his family.

Soviet Loyalists, Patriotic Hackers

Posted on by

IN 2014: Russian Hackers Amass Over a Billion Internet Passwords

NYT: A Russian crime ring has amassed the largest known collection of stolen Internet credentials, including 1.2 billion user name and password combinations and more than 500 million email addresses, security researchers say.

The records, discovered by Hold Security, a firm in Milwaukee, include confidential material gathered from 420,000 websites, including household names, and small Internet sites. Hold Security has a history of uncovering significant hacks, including the theft last year of tens of millions of records from Adobe Systems.

“Hackers did not just target U.S. companies, they targeted any website they could get, ranging from Fortune 500 companies to very small websites,” said Alex Holden, the founder and chief information security officer of Hold Security. “And most of these sites are still vulnerable.” Full story here.

In 2015: Russian Hackers Read Obama’s Unclassified Emails, Officials Say

‘Patriotic hackers’ attacking on behalf of Mother Russia

FNC: A proxy war is underway in cyberspace, according to I.T. security analysts, and it is pitting numerous foreign institutions against Russian-speaking cyber militias beholden to President Vladimir Putin.

As has been evidenced by a steady wave of sophisticated cyberattacks targeting nation states and private sector organizations whose policies run counter to that of Moscow, Fox News is told groups of patriotic Eastern European hackers are using cyberattacks as a means to achieve Russia’s geopolitical goals.

Intelligence sources with knowledge of these cyberattacks tell Fox News the cyber militias are acting on behalf of the Putin regime. Furthermore, Fox is told security analysts have found evidence that Russian government-linked individuals have distributed cyberattack tools to these groups via underground web forums.

Over the last two years, analysts have researched web-based attacks leveraged against NATO, France’s TV5Monde, segments of the Polish financial sector, and the Dutch Safety Board – which concluded that doomed Malaysia Airlines flight 17 was actually brought down by a Russian-made missile. Researchers found evidence that each of those cyberattacks was carried out by different Russian-speaking cyber militias.

“We see this confluence of motive, where what looks like some recycled criminal malware has been upgraded in a sophisticated way,” said Keith Smith, vice president of threat intelligence for Colorado-based cybersecurity firm root9B. “A lot of people suspect that that’s Russia’s attempt to force us as analysts to ascribe to a criminal organization what is in fact the actions of a nation state – Russia.”

The United States is in these hackers’ crosshairs as well. As economic sanctions were leveled against Russia after its incursion into Crimea and Eastern Ukraine, the cyber militias began widespread attacks aimed at U.S. government officials and segments of the financial and defense sectors. The hack attacks were in furtherance of a campaign dubbed “Operation Pawn Storm” by cybersecurity firm Trend Micro.

The Office of the Director of National Intelligence declined to comment on this activity, but in congressional testimony last year, DNI James Clapper publicly acknowledged the pervasiveness of Russian cyber activity aimed at the United States.

“The Silicon Valley of talent that exists in the world on a cyberattack and cybercrime perspective exists in Eastern Europe,” according to Trend Micro chief cybersecurity officer Tom Kellermann. “Most of those actors – who are the best hackers in the world, period – are beholden and pay homage to the legacy and the power of the former Russian and Soviet regime. They do so by acting out patriotically.”

Perhaps the most dramatic show of patriotic Russian cyber aggression came on December 23 when some 800,000 Ukrainians were left in the dark following a widespread power outage.

Soon after the incident, researchers at U.S. cyber intelligence firm iSight Partners found evidence that the blackout was the result of a cyber intrusion by one such patriotic hacking militia. The culprit, as determined by iSight’s analysis, was likely a Russian-speaking group dubbed “Sandworm Team,” whose name comes from its references to the science fiction series “Dune.”

ISight drew its conclusion after a piece of malicious computer code was found on the Ukrainian Power Authority’s system. That destructive malware, known as BlackEnergy3, is unique to that particular hacking group, according to iSight.

Sandworm has been implicated by the company for having carried out numerous cyberattacks with Russian interests in mind; most notably, attacks carried out against the Ukrainian government and NATO in 2014. And according to iSight officials, the group is one of many.

“We are actively monitoring seven different cyber espionage groups right now that we believe are of Russian origin,” said Steve Ward, iSight Partners senior director.

Researchers have found that the attackers utilized wiper malware to disable Ukrainian Power Authority computer systems, which is similar in nature to the destructive malware used in the 2014 cyberattack on Sony Pictures. But what makes the December hack on the Ukrainian grid a watershed moment, according to researchers, is the combination of the destructive component and the actual target of the attack.

According to Trend Micro’s Tom Kellermann, the December 23 incident is the first instance in which a specifically directed cyberattack was used to take down the energy sector in a given nation state.

And while experts argue that achieving a similar result against the U.S. power grid would be a far more complex task, nonetheless, this recent cyber-induced blackout has added fuel to already loud concerns over hackers’ mounting abilities to cause physical harm and destruction.

“You’re seeing this cyber manifestation of attacks that can change, alter and diminish your physical reality,” said Kellermann. “What you have in cyberspace right now is a free fire zone.”