Smoking Gun in Hillary/Benghazi Hearing Was Chelsea

The first attack happened and Hillary left the State Department and went home. While at home she had people telling her people were missing and dying. If one of your diplomatic posts was attacked would you leave the office and go home? When questioned about being alone at home during the attack, Hillary laughed.

But, Chelsea knew first the Benghazi attackers were Ansar al Sharia…..then Hillary told the same to the Libyan and Egyptian government…..oh then those pesky talking points about the video was the other track at the same time where the White House was calling YouTube while brave and fighting Americans were still on the roof and 2 at the mission post had already died.

Attkisson: Within hours of the Sept. 11, 2012 terrorist attacks in Benghazi, Clinton emailed her daughter, Chelsea, that Americans had died at the hands of an al-Qaeda like group. Al-Qaeda is the Islamic extremist terrorist group that was led by Osama bin Laden. Clinton also informed Egypt’s prime minister and Libya’s president that the attacks were “preplanned” and “had nothing to do with” an anti-Islamic video posted on YouTube.

That is perspective and real when the Democrats whined all day about how much money has been spent on the Gowdy Benghazi Commission. Isn’t live priceless? Not so much with those Democrats.

All the Democrats are claiming victory today as is Hillary’s team as she never had a meltdown. But real details and facts don’t matter except to those seeking and finding the truth in verified evidence.

  1. Post Qaddafi, Hillary took a play it by ear posture in Libya, hence the lack of email traffic on the topic as noted with visual stacks of emails today in the hearing.
  2. The people in Libya and especially Ambassador Chris Stevens did not have Hillary’s email address and actually never spoke to her by phone after he was sworn in as Ambassador, replacing Ambassador Cretz who was removed from the country due to WikiLeaks cables. Perhaps Ambassador Stevens should have just coordinated more security by asking Blumenthal, as he was forced to responded to forwarded emails by Hillary, that originate by Sidney Blumenthal.
  3. Oh, Hillary NEVER had a computer at the State Department.
  4. While the attack was going on, Hillary issued an official written statement that it WAS an attack, but what about that video thing that went on for weeks including Susan Rice on all the Sunday talk shows?
  5. One of the security contractors was operating in Libya without a contract and license.
  6. There were more than 600 requests for more security, none got to Hillary? No country summary went to Hillary discussing Libya as a failing country?
  7. Benghazi was originally a temporary mission, soon to be a permanent facility, so she never signed a waiver exempting Benghazi from meeting security standards mandated by law.
  8. Congressman Pompeo of Kansas asked Hillary about Marc Turi and the weapons bound for the Transnational Council. Her response was she knew nothing about Turi or the weapons, but that discussion and the list of weapons were in her emails.
  9. No one was disciplined or fired over Benghazi failures.
  10. Chris Stevens was my friend but he never asked me for an increase in security, he couldn’t as he had no way to contact me other than go through my people at the State Department.

In closing, Hillary’s entire legal team handled the email sorting and the servers, she said she had no role. Did those lawyers all have security clearance to do that? Nah….and so it goes.

The Assignment of the CIA Annex in Benghazi

We keep asking what the CIA annex was actually tasked with doing in Benghazi. It was nothing nefarious but more to control what Hillary and her team were doing. Remember, the CIA is subservient to the White House and State Department. The Hillary-Benghazi testimony on Thursday is not about emails or the server. That track has already been established. The thrust of the questions will center on exactly what Hillary’s State Department intended to do about Libya after Qaddafi. Questions will be about mission pieces coming into play and being installed for deposing Qaddafi with regard to buying back weapons and buying others that were NOT bound for Syria but for the Transnational Council to take over the Qaddafi regime with particular emphasis on Tripoli and Benghazi. As noted from Politico below, this is the posture taken by Gowdy as his team.

Politico: The seven GOP members of the panel aim to strike the right balance during Thursday’s hearing with the former secretary of state. They’re hoping a professional approach, coupled with tough questions about security in Libya, U.S. foreign policy under Clinton and her email practices will help put to rest accusations that they’re ideologues bent on hurting the Democratic front-runner in the polls — or that the panel is a waste of taxpayer money. The hearing, which could last, sources say, until 8 p.m. or 9 p.m., will delve into U.S. policy toward Libya under Clinton, who encouraged U.S. support of the rebels fighting Qadhafi. Republicans want to know what the goal of that policy was and whether she was trying to make Libya a centerpiece of her foreign policy.

Gowdy said he’s particularly interested in asking Clinton about “the increase in violence juxtaposed with the decrease in security” at the mission that was attacked, because “it’s counterintuitive.”

A 1999 report after the East African embassy bombings recommended that the secretary of state take a “personal and active role” in security issues, Republicans — including Gowdy — have noted. Clinton, however, has testified previously that she was not aware of Stevens’ requests for more protection. And while it’s unclear whether the panel has any evidence suggesting that she was, Gowdy says there’s still the issue of “why” those pleas for help didn’t reach her.

When it comes to the machinery that Hillary’s team, it does involve weapons and the contracts and routes they took to reach the destination of Libya, all while doing so against rules and sanctions. Hillary may be actually guilty of much more than we can begin to define.

*** The facts begin to surface:

Washington Times – Tuesday, October 20, 2015
The State Department initially approved a weapons shipment from a California company to Libyans seeking to oust Moammar Gadhafi in 2011 even though a United Nations arms ban was in place, according to memos recovered from the burned-out compound in Benghazi.

The documents, obtained by The Washington Times, show U.S. diplomats at the Benghazi compound were keeping track of several potential U.S.-sanctioned shipments to allies, one or more of which were destined for the Transitional National Council, the Libyan movement that was seeking to oust Gadhafi and form a new government. At least one of those shipments, kept in a file marked “arms deal,” was supposed to come from Dolarian Capital Inc. of Fresno, California, according to an end use certificate from the State Department’s office of defense trade controls licensing that was contained in the file.
The shipment was to include rocket launchers, grenade launchers, 7,000 machine guns and 8 million rounds of ammunition, much of it new and inexpensive hardware originally produced in the former Soviet bloc of Eastern Europe, according to an itemized list included in the end use certificate.

Dolarian Capital, part of a small network of U.S. arms merchants that has worked with U.S. intelligence, confirmed one of its licensing requests to ship weapons via Kuwait to Libya was approved by the State Department in spring 2011 and then inexplicably revoked before the armaments were sent. “Dolarian Capital submitted the end user certificate in question to the U.S. Department of State for review and issuance of a license to transfer the arms and ammunition to Libya. The U.S. Department of State responded with a approval, which was revoked shortly thereafter,” one of its attorneys said in a statement issued to The Washington Times. “As a result no arms or ammunition was shipped or delivered to Libya under the end user certificate.”

Nonetheless, the existence of the documents and the temporary approval of at least one U.S. arms shipment provides the most direct evidence that Hillary Rodham Clinton’s State Department was aware of efforts to get weapons into the hands of rebels seeking to oust Gadhafi.

Mrs. Clinton is set to testify Thursday during a highly anticipated appearance before the House Select Committee on Benghazi.

The Obama administration has been ambiguous about the exact role the United States played in arming the rebels who overthrew Gadhafi, even as arms merchants and former CIA officials have stated publicly that a covert program facilitated such weapons transfers through a network of friendly weapons brokers and third-party countries.

The issue is sensitive because a U.N. ban on weapons shipments to Libya was in place at the time, although the State Department had the authority to deem a specific shipment in the United States interest and permit its transference, officials said.

State Department spokesman Alec Gerlach declined to comment Tuesday, as did the CIA public affairs office.

To date, the public evidence of U.S. involvement in weapons trafficking to Libya has been episodic.

Reuters reported in 2011 that President Obama signed a special presidential directive that authorized covert U.S. action to destabilize Gadhafi and stand up a new regime, up to and including facilitating weapons transfers if it was deemed in the U.S. interest.

The New York Times, quoting anonymous officials, reported a year later that the Obama administration gave its secret blessing to some weapons shipments to Libyan rebels routed through Qatar during the height of the country’s revolution.

Fox News this summer quoted a former CIA official as providing testimony in a court case that the U.S. almost certainly ran a covert weapons operation to help arm the Libyan rebels.
But to date, no evidence has emerged publicly that the State Department had direct knowledge or involvement in reviewing potential shipments.

The Benghazi documents, however, show that U.S. diplomats in the consulate were monitoring a series of potential exports in spring and summer 2011 to third-party countries and that one or more were likely to land in Libya.

For instance, a June 28, 2011, email chain contained in a file titled “arms deal” documents an exchange among State Department employees about eight export licensing application numbers, indicating one or more of the shipments involved Libya’s Transitional National Council.

“DRL recommends BA L181-11 T6-F RWA — need decision from higher level on TNC,” reads one of the notations in the email.

DRL stands for the State Department’s Bureau of Democracy, Human Rights and Labor, and TNC is the interchangeable acronym for the Transitional National Council, the NATO-supported Libyan rebel government.

The email also references the office of defense trade controls licensing, the State directorate in charge of registering arms exports.

The Dolarian Capital papers, dated May 18, 2011, include an end-user certificate that outlines a long list of heavy former Eastern-bloc weaponry and artillery to be shipped from the California-based arms dealer first to Kuwait, and then to Libya.

“This is to certify the following items are to be delivered by Dolarian Capital, Inc. [of] Fresno, California, United States and secured by M/s Specter Consultancy Services G.T.C. [of] Kuwait City, Kuwait to the Ministry of Interior of the Translational [sic] Government of Libya. The Ministry of Interior has agreed the items are for the exclusive disposition of the Ministry of Interior of the Translational [sic] Government of Libya and will not be re-exported or transferred to any third countries,” the certificate reads.

Just one month earlier, Mrs. Clinton privately endorsed inside the State Department the idea of using arms merchants to help the Libyans. “Fyi. The idea of using private security experts to arm the opposition should be considered,” Mrs. Clinton wrote in an email to her most senior aides.

Dolarian Capital and other U.S. arms merchants — all legally registered with the State Department — have worked with U.S. intelligence over the years to move covert shipments into hot spots around the globe such as Iraq, Afghanistan and Nigeria.

It applied for several State Department licenses to ship weapons to Libya, but only one got approved and then only temporarily before being revoked. The one export listed in the certificate was among the smaller shipments the company proposed for Libya, according to people familiar with the applications. In each instance, State and other U.S. agencies were directly aware the end destinations for the weapons were in Libya.

Dolarian Capital also is listed in court records as the source of weapons for another U.S. arms dealer, Marc Turi, who sought permission to ship weapons to Libya during the same time frame. Mr. Turi since has been charged criminally with making false statements in his application for those shipments, and has publicly asserted that Mrs. Clinton’s State Department and other U.S. officials sanctioned his involvement.

His attorney, J. Cabou, told The Times on Tuesday his client intends to show the United States facilitated the possible weapons shipments to Libya, which never occurred.

Mr. Turi strongly believes he had the permission of the U.S. government to engage in the actions for which he is now charged with and he is vigorously trying to prove that fact,” Mr. Cabou said in a phone interview.

Supporting Mr. Turi’s case is a former CIA officer named David Manners, who has told a federal judge in the case that “It was then, and remains now, my opinion that the United States did participate, directly or indirectly, in the supply of weapons to the Libyan Transitional National Council (TNC).”
The end-user certificate for the one Dolarian transfer, obtained by The Times, details an itemized list of Soviet developed weapons including 10 Konkrus missile launchers, 6,900 RPK, AKM, SPG-9 machine guns and 100 grenade launchers. It also included two Soviet SVD sniper rifles and nearly 8 million rounds of ammunition.

An authorization letter signed by TNC Defense Minister Omar Hareery accompanied the certificate “call[ing] upon” TNC Interior Minister Esam M.T. Shibani and representatives from Specter Consultancy GTC to “supply all military surplus and hardware to the Transitional National Council of Libya [and] provide military and security consultancy for both civilian and government elements within Libya.”

The sensitivity of U.S. involvement in arming the Libya rebels stems from a U.N. embargo.

On March 17, 2011, the U.N. passed Resolution 1973, which imposed a no-fly zone over Libya and also established a panel of experts to monitor the arms embargo.

However, on March 27, 2011, only days after the intervention began, Mrs. Clinton argued that the arms embargo could be disregarded if shipping weapons to rebels would help protect civilians, a claim that came under immediate fire from British defense officials who disagreed with her interpretation of international law.

“We’re not arming the rebels. We’re not planning to arm the rebels,” British Defense Secretary Liam Fox told the BBC the same day Mrs. Clinton hinted otherwise.

In February, The Times published as part of a series on the 2011 NATO intervention classified Libyan intelligence reports including a 16-page weapons list corroborated by Gadhafi aide and U.S. intelligence asset, Mohammed Ismael.

The weapons list revealed where and when arms were brought to both terror and jihadi groups in Libyan cities including the rebel fortress of Benghazi by the country of Qatar. It did not detail the weapons’ point of origin, but in February 2012 Qatari officials sent a letter to the U.N. “categorically” denying they had “supplied the revolutionaries with arms and ammunitions.”

Tape recordings obtained and released by The Times earlier this year depicting secret calls between a U.S. intelligence asset and members of the Gadhafi family revealed the then Libyan regime believed NATO was helping Qatar and other countries illegally smuggle arms across their country’s borders to aide rebel forces in an attempt to destabilize Libya.

In a May 2011 telephone call between U.S. Rep. Dennis Kucinich and heir apparent Seif Gadhafi, Mr. Gadhafi alleged illegal arms shipments were coming into his country.

Mr. Kucinich, an outspoken critic against the Libyan intervention who has since retired from the Congress, told the Times he would not be surprised to learn the U.S. violated the arms embargo.

“Violating the arms embargo to send heavy weapons to Libyan rebels was a phase in engineering a crisis to establish a pretext for U.S. intervention and overthrow of the Libyan government, a very dirty business indeed,” Mr. Kucinich said.

The U.N. Security Council unanimously reinforced the embargo in May when the 15-member panel declined a request from the TNC for fighter jets, attack helicopters and munitions, fearing the weapons could get into the wrong hands.

This blogger has written about the operations in Benghazi, 3 days directly after the attack:

https://founderscode.com/look-who-hillary-hired-for-benghazi-help/admin/

https://founderscode.com/13-hours-of-benghazi-hat-tip-to-the-heroes-rip-to-the-heroes/admin/

https://founderscode.com/wall-street-and-5th-avenue-planned-for-benghazi/admin/

https://founderscode.com/tanto-explains-13-hours-of-benghazi/admin/

https://founderscode.com/the-chase-in-benghazi/admin/

 

 

Telegram, New Platform for Terrorists to Communicate

Sitting on the knife’s edge when it comes to protecting people’s communication from investigative agencies like the FBI and the NSA is a slippery and inexact argument. The Director of the FBI, James Comey has begged Congress for some legislation such that some encryption can be broken for terror and other criminal cases to be investigated yet nothing is forthcoming and not likely in the future.

FBI Director James Comey spoke to legal professionals and scholars this week about cyber threats and the FBI’s abilities to counter and investigate those evolving threats.

In remarks at the American Law Institute on Tuesday and at a cyber security summit on Wednesday at Georgetown University Law Center, Comey said the group calling itself the Islamic State, or ISIL, represents the FBI’s most urgent threat. He described the organization’s use of social media to motivate troubled people in the United States to engage in acts of violence—either by traveling to the so-called caliphate or killing where they are. Comey said ISIL reaches out to individuals on Twitter and elsewhere, then moves their more sensitive communications to encrypted platforms.

“The threat we face has morphed,” Comey said on Wednesday. “It’s a chaotic spider web through social media—increasingly invisible to us because the operational communications are happening in an encrypted channel.”

Comey later elaborated on the issue of encryption, which is a process of encoding messages—on mobile phones for example—that only authorized parties can access. While it can be effective at thwarting digital thieves, strong encryption also limits the amount of information—or evidence—that law enforcement can effectively gather from a device.

“Increasingly we’re finding ourselves unable to read what we find, or unable to open a device,” Comey said, “and that is a serious concern.”

The issue of “going dark,” as the Bureau calls it, is worthy of a larger public conversation about the balance between privacy and public safety, Comey said. Momentum toward universal encryption, he explained, may have unintended consequences.

“As all of our lives become digital, the logic of encryption is all of our lives will be covered by strong encryption, and therefore all of our lives—including the lives of criminals and terrorists and spies—will be in a place that is utterly unavailable to court-ordered process,” he said. “And that, I think, to a democracy should be very, very concerning.”

The Director also pointed to provisions of the Patriot Act of 2001 that, if allowed to expire on June 1, could hobble the FBI’s investigative abilities. One of the provisions is Section 215, which authorized the National Security Agency’s database of telephony records and metadata.

Comey said the FBI relies on that provision fewer than 200 times a year—in particular cases to get particular records. “If we lose that authority,” Comey said, “we can’t get information that I think everybody wants us to attain.”

Two other provisions include:

  • Roving wiretaps. The FBI has had authority since the 1980s to use legally authorized roving wiretaps in criminal cases—allowing authorities to follow surveillance targets rather than their phones, which can be easily trashed and replaced. The Patriot Act extended that authority to terrorism and counterintelligence cases.
  • The Lone Wolf provision. In 2004, Congress amended the Foreign Intelligence Surveillance Act to authorize intelligence gathering on individuals not affiliated with any known terrorist organization.

“These three are going to go away June 1,” Comey said, “and I don’t want them to get lost in the conversation about metadata.”

It was not but a few months ago, the leadership of Islamic State (ISIS) published an edict for the top terror commanders to use an app called ‘Telegram’ and they are.

Now what? How is the conflict of civil liberties resolved?

Director Comey Speaks at Georgetown University Law Center

  

Why Telegram has become the hottest messaging app in the world

Secret messages and advanced cryptography pose a challenge to WhatsApp

When WhatsApp went down for four hours this weekend, nearly 5 million people signed up for messaging service Telegram. The app skyrocketed to the top of the App Store charts, and is now the top free app in 46 countries from Germany to Ecuador. In the US and several other countries, the app is no. 1 in the social networking category, ahead of Facebook, WhatsApp, Kik, and others.

Screen568x568 4.1393343382

It’s not immediately clear why Telegram emerged as the alternative of choice following WhatsApp’s downtime. Users could have switched to Kik, or Facebook Messenger, or LINE — all of which have hundreds of millions of users. There’s seemingly something different about Telegram. Its rise isn’t only due to WhatsApp’s acquisition and subsequent downtime. “We have been the no. 1 app in Spanish, Arabic, and several Latin American app stores for several weeks before the Facebook deal happened,” says Telegram’s Markus Ra. “The growth was there — so the WhatsApp acquisition and problems merely multiplied the effect across all affected countries.” According to app analytics site App Annie, Telegram started truly gaining steam on February 17th, days before the WhatsApp news even hit.

Built by the pioneering Durov brothers behind Russia’s largest social network, VKontakte (also known as VK), Telegram is a messaging service combining the speed of WhatsApp with Snapchat’s ephemerality and advanced new security measures. WhatsApp might have heralded the first time we heard of Telegram, but it certainly won’t be the last.

Telegram feels in many ways like a straight-up clone of WhatsApp, from its green double-checkmark read receipts to its cartoonish wallpapers. There’s also the usual gamut of messaging app features including the ability to see a friend’s online status and attach photos, videos, your location, contacts, and documents to messages. But where it lacks originality, Telegram makes up for it in speed and security features. “Telegram is the fastest and most secure mass market messaging system in the world,” the company claims, which it attributes in part to Nikolai Durov’s open-sourced MTProto protocol. Telegram was in fact built as a testing bed for MTProto, Reuters reported when the app launched back in August. The company is so confident in the security of MTProto that it’s offering $200,000 to anyone who can crack it. It’s not unusual for companies to offer bug bounties, but bounties of this size are generally only reserved for critical bugs in widely used apps like Windows.

“The no. 1 reason for me to support and help launch Telegram was to build a means of communication that can’t be accessed by the Russian security agencies,” Durov told TechCrunch. Durov built in a feature that lets you start a “Secret Chat” with any of your friends. According to Telegram, Secret Chats offer end-to-end encryption, leave no trace on the company’s servers, and let you set Snapchat-esque self-destruct timers on messages that range from two seconds to one week. There’s also the ability to check the security of your Secret Chats using an image that serves as an encryption key. By comparing your encryption key to a friend’s, you can effectively verify that your conversation is secure and less vulnerable to man-in-the-middle attacks, the company says. But despite Telegram’s alleged sophistication, no cryptographic method is infallible. The company has, in fact, already doled out $100,000 to one developer for finding a critical bug, TechCrunch reports.

“The no. 1 reason for me to [help launch] Telegram was to build a means of communication that can’t be accessed by the Russian security agencies.”

Telegram is interesting not just because of its stringent security standards, but also because it allows any developer to build a Telegram client of their own, and even for desktop computers. Most new messaging services today, including WhatsApp, build one-size-fits-all messaging apps and lock out third-party developers. It’s hard to blame them, since maintaining one federated language and security paradigm across dozens of apps is difficult. Also, making money off of a platform takes more thought than making money off a simple paid app. Yet, the Durovs’ VKontakte found a lot of success letting developers build alternate versions of its site. More importantly, Telegram operates as a non-profit organization, and doesn’t plan to charge for its services.

“Telegram is not intended to bring revenue, it will never sell ads or accept outside investment. It also cannot be sold,” the company writes in its FAQ. “We’re not building a ‘user base,’ we are building a messenger for the people.” If Telegram ever “runs out” of the money supplied by the Durov brothers, the company says, it will ask for donations from its users. Telegram’s noble goals echo the sentiments of many bright-eyed startup founders, but with the Durovs’ pocketbook in hand and the service’s open API available to third-party developers, it may actually have a chance at fulfilling its goals. Telegram isn’t a CryptoCat for the masses, considering it uses your phone number, of all things, as an identifier — but it’s an important step towards finding a highly encrypted messaging platform that’s accessible to anyone.

“Telegram is not intended to bring revenue, it will never sell ads.”

Championing an ostensibly noble goal, free services, and the experience of VKontakte’s creators, Telegram would seem like a great alternative to any of the leading messages apps out there. After WhatsApp’s acquisition news and downtime, the app is spiking at the right time. The company incentivized several million new users into switching over, but keeping those users will be a continuous challenge. “The switching cost for users on a phone number-based messaging services is at or near zero,” argues Union Square Ventures partner Albert Wenger in a blog post, but that’s only half the story. A network is only as strong as the number of friends you have using it, and convincing all of your friends to switch is no easy task. If Facebook thought that WhatsApp users were liable to switch at a moment’s notice, it wouldn’t have paid $19 billion for the company.

Facebook paid for WhatsApp’s user base, but also for its brand — a brand that spent years solving a very important problem: that it costs a fortune to text across borders. Perhaps the next messaging problem to solve is personal security, considering WhatsApp’s alleged cryptographic weaknesses and the NSA’s data collection policies. WhatsApp became synonymous with texting. Perhaps for Telegram to succeed, it will need to become synonymous with security.

New Sources and Newest Release, U.S. Drone Operations

Being a whistleblower is not enough, but stealing documents and releasing them is over the top. Raise your hand if you think Snowden and those working in cooperation with him are covert Russian operatives and is aiding the enemy.

Perhaps it is time to question those who are aiding Snowden as well when it comes to violating the Espionage Act and a handful of other Federal laws.

A Second Snowden has Leaked a Mother Lode of Drone Documents

by Andy Greenberg:

It’s been just over two years since Edward Snowden leaked a massive trove of NSA documents, and more than five since Chelsea Manning gave WikiLeaks a megacache of military and diplomatic secrets. Now there appears to be a new source on that scale of classified leaks—this time with a focus on drones.

On Thursday the Intercept published a groundbreaking new collection of documents related to America’s use of unmanned aerial vehicles to kill foreign targets in countries ranging from Afghanistan to Yemen. The revelations about the CIA and Joint Special Operations Command actions include primary source evidence that as many as 90 percent of US drone killings in one five month period weren’t the intended target, that a former British citizen was killed in a drone strike despite repeated opportunities to capture him instead, and details of the grisly process by which the American government chooses who will die, down to the “baseball cards” of profile information created for individual targets, and the chain of authorization that goes up directly to the president.1

All of this new information, according to the Intercept, appears to have come from a single anonymous whistleblower. A spokesperson for the investigative news site declined to comment on that source. But unlike the leaks of Snowden or Manning, the spilled classified materials are accompanied by statements about the whistleblower’s motivation in his or her own words.

“This outrageous explosion of watchlisting—of monitoring people and racking and stacking them on lists, assigning them numbers, assigning them ‘baseball cards,’ assigning them death sentences without notice, on a worldwide battlefield—it was, from the very first instance, wrong,” the source tells the Intercept. “We’re allowing this to happen. And by ‘we,’ I mean every American citizen who has access to this information now, but continues to do nothing about it.”

Reports first surfaced in the fall of last year that the Intercept, a news site created in part to analyze and publish the remaining cache of Snowden NSA documents, had found a second source of highly classified information. The final scene of the film “Citizenfour,” directed by Intercept co-founder Laura Poitras, shows fellow Intercept co-founder Glenn Greenwald meeting with Snowden in Moscow to tell him about a new source with information about the U.S. drone program, whom he says has been communicating with the Intercept‘s Jeremy Scahill. At one point, Greenwald draws Snowden a diagram of the authorization chain for drone strikes that ends with the president, one that looks very similar to the one included in Thursday’s publication.

“It’s really risky,” Snowden tells Greenwald in the scene. “That person is incredibly bold.”

“The boldness of it is shocking,” Greenwald responds, “But it was obviously motivated by what you did.”

In the scene, Greenwald also tells Snowden the security tools the Intercept is using to communicate with the source, writing the names of the software on a piece of paper in what may have been an attempt to avoid eavesdroppers. Those security tools, along with the Intercept‘s reputation for combative, unapologetic investigation of the U.S. government, may help explain how the site seems to have found another Snowden-like source of national security secrets. The Intercept and its parent company First Look Media employ world-class security staff like former Googler Morgan Marquis-Boire, Tor developer Erinn Clark, and former EFF technologist Micah Lee. Far more than most news sites, its reporters use tools like the encryption software PGP and the anonymous upload system SecureDrop to protect the identities of its sources.

Whether those measures can actually protect this particular source—or whether the source Greenwald told Snowden about is even the same one who leaked the Intercept‘s Drone Papers—remains to be seen. Yahoo News reported last year that the FBI had identified a “second leaker” to the Intercept and searched his or her home as part of a criminal investigation.

If that reported search of the leaker’s home did happen, however, it doesn’t seem to have slowed down the Intercept or its whistleblower. A year later, no arrests or charges have been made public, and the site has now published what appear to be the biggest revelations yet from its new source.

In the Citizenfour scene, Snowden tells Greenwald he hopes that the new leaks could help change the perception of whistleblowers in general. “This could raise the political situation with whistleblowing to a whole new level, he says.

“Exactly,” Greenwald responds. “People are going to see what’s being hidden by a totally different part of the government.”

Read the Intercept‘s full Drone Papers release here.

1 Correction 10/15/2015 12:45pm: An earlier version of this story stated that a former US citizen, Bilal el-Berjawi, was killed by a drone. In fact, el-Berjawi was a former British citizen.

2 Updated 10/15/2015 2:15pm to include Erinn Clark in the list of First Look Media security engineers.

 

Arms Race, Cyber Defenses Fail

By: Damian Paletta, Danny Yadron and Jennifer Valentino-DeVries
Countries toiled for years and spent billions of dollars to build elaborate facilities that would allow them to join the exclusive club of nations that possessed nuclear weapons.
Getting into the cyberweapon club is easier, cheaper and available to almost anyone with cash and a computer.
A series of successful computer attacks carried out by the U.S. and others has kicked off a frantic and destabilizing digital arms race, with dozens of countries amassing stockpiles of malicious code. The programs range from the most elementary, such as typo-ridden emails asking for a password, to software that takes orders from a rotating list of Twitter handles.
The proliferation of these weapons has spread so widely that the U.S. and China-longtime cyber adversaries-brokered a limited agreement last month not to conduct certain types of cyberattacks against each other, such as intrusions that steal corporate information and then pass it along to domestic companies. Cyberattacks that steal government secrets, however, remain fair game.
This comes after other countries have begun to amass cyberweaponry on an unprecedented scale. Pakistan and India, two nuclear-armed rivals, regularly hack each other’s companies and governments, security researchers said. Estonia and Belarus are racing to build defensive shields to counter Russia. Denmark and the Netherlands have begun programs to develop offensive computer weapons, as have Argentina and France.
In total, at least 29 countries have formal military or intelligence units dedicated to offensive hacking efforts, according to a Wall Street Journal compilation of government records and interviews with U.S. and foreign officials. Some 50 countries have bought off-the-shelf hacking software that can be used for domestic and international surveillance. The U.S. has among the most-advanced operations.
In the nuclear arms race, “the acronym was MAD-mutually assured destruction-which kept everything nice and tidy,” said Matthijs Veenendaal, a researcher at the NATO Cooperative Cyber Defence Centre of Excellence, a research group in Estonia. “Here you have the same acronym, but it’s ‘mutually assured doubt,’ because you can never be sure what the attack will be.”
Governments have used computer attacks to mine and steal information, erase computers, disable bank networks and-in one extreme case-destroy nuclear centrifuges.
Nation states have also looked into using cyberweapons to knock out electrical grids, disable domestic airline networks, jam Internet connectivity, erase money from bank accounts and confuse radar systems, experts believe.
Large conventional militaries and nuclear forces are ill-suited to this new kind of warfare, which evens the playing field between big and small countries. Cyberattacks are hard to stop and sometimes impossible to trace. The West, as a result, has been forced to start reconfiguring its militaries to better meet the threat.
 
Access to cyberweapons, according to U.S. and foreign officials and security researchers, is far more widespread than access to nuclear weapons was at the height of the nuclear arms race, a result of inexpensive technology and the power of distributed computing.
More than two dozen countries have accumulated advanced cyberweapons in the past decade. Some Defense Department officials compare the current moment to the lull between the World Wars when militaries realized the potential of armed planes.
“It’s not like developing an air force,” in terms of cost and expertise, said Michael Schmitt, a professor at the U.S. Naval War College and part of an international group studying how international law relates to cyberwarfare. “You don’t need to have your own cyberforce to have a very robust and very scary offensive capability.”
For example, hackers aligned with the Syrian government have spied into the computers of rebel militias, stolen tactical information and then used the stolen intelligence in the ongoing and bloody battle, according to several researchers, including FireEye Inc.
Most cyberattacks linked to the U.S. and foreign governments in recent years involve cyberspying-breaking into a computer network and stealing data. More-aggressive covert weapons go further, either erasing computer records or destroying physical property.
“With some countries, we’re comfortable with knowing what their capabilities are, but with other countries we’re still lost,” said Andre McGregor, a former cyber special agent at the Federal Bureau of Investigation and now the director of security at Tanium Inc., a Silicon Valley cybersecurity startup. “We don’t have the visibility into their toolset.”
The Military Balance, a widely read annual assessment of global military powers published by the International Institute for Strategic Studies in London, tallies tanks, battalions and aircraft carriers. When it comes to national cyberforces it says “capabilities are not assessed quantitatively.”
In the U.S., the National Security Agency, Central Intelligence Agency, FBI and others all play roles in combing through intelligence.
U.S. officials say their biggest concerns are the cyberweapons held by the Chinese, Russians, Iranians and North Koreans, countries that have deployed advanced attacks that either dug inside U.S. government networks or targeted top U.S. companies. Even Israel, a U.S. ally, was linked to hacking tools found on the computers of European hotels used for America’s diplomatic talks with Iran, according to the analysis of the spyware by a top cybersecurity firm. Israeli officials have denied spying on the U.S.
Cyberarmies tend to be integrated with a country’s military, its intelligence services, or both, as is the case in China and the U.S.
In China, hackers are famous for the relatively low-tech tactic of “phishing”-sending a flood of disguised emails to trick corporate employees and government bureaucrats to letting them into their networks.
The U.S. suspects that is how they penetrated the Office of Personnel Management, using a phishing email to breach an OPM contractor and then crack the agency’s network. The records of more than 21 million people were exposed in the 2014 and 2015 data breach, disclosed this summer. China has said it wasn’t involved.
China’s army has divisions devoted to cyberattacks, and recent evidence shows links between the country’s military and hackers who appear to be pressing the country’s interests abroad.
“They used to be snap and grab-get in and dump everything they can,” said Tommy Stiansen, co-founder and chief technology officer at Norse Corp., a California cybersecurity firm that tracks nation-state activity. “Now they trickle out the information, stay hidden in the system. We’ve even seen Chinese actors patch and repair networks once they’ve broken in.”
China opposes the militarization of cyberspace or a cyberarms race, said Zhu Haiquan, a spokesman for the Chinese Embassy in Washington, adding China “firmly opposes and combats all forms of cyberattacks in accordance with law.”
Choosy in targets
 
Russian hackers have targeted diplomatic and political data, burrowing inside unclassified networks at the Pentagon, State Department and White House, also using emails laced with malware, according to security researchers and U.S. officials.
They have stolen President Barack Obama‘s daily schedule and diplomatic correspondence sent across the State Department’s unclassified network, according to people briefed on the investigation. A Russian government spokesman in April denied Russia’s involvement.
“Russia has never waged cyberwarfare against anyone,” Andrey Akulchev, a spokesman for the Russian Embassy in Washington, said in a written statement Friday. “Russia believes that the cybersphere should be used exclusively for peaceful purposes.”
Russia’s top hackers tend to be choosier in their targets, tailoring email attacks to those they believe might unwittingly open links or attachments.
“They are sitting there trying to think through ‘how do I really want to compromise this target?’ ” said Laura Galante, director of threat intelligence at FireEye, a Silicon Valley cybersecurity company that works closely with Washington. “The Chinese just want a foothold into the target. Russian theft is very personal.”
U.S. spies and security researchers say Russia is particularly skilled at developing hacking tools. Some malicious software linked to Russia by security researchers has a feature meant to help it target computers on classified government networks usually not connected to the Internet.
The virus does this by jumping onto USB thumb drives connected to targeted computers, in the hopes that the user-such as U.S. military personnel-will then plug that USB drive into a computer on the classified network.
Russian hackers also make efforts to hide stolen data in normal network traffic. In one example, a piece of malware hides its communications in consumer Web services to fool cybersecurity defenses. The code downloads its instructions from a set of Twitter accounts. It then exports data to commercial storage services. This tactic is effective because corporate cybersecurity systems often don’t block traffic to and from these sites.
Government investigators believe Iranian hackers implanted the Shamoon virus on computers at Saudi Arabia’s Saudi Aramco, the world’s largest energy firm, in 2012. The Aramco attack erased 75% of the company’s computers and replaced screen images with burning American flags. The attack didn’t affect oil production, but it rattled the company, and security officials, as it revealed the extent of Iran’s cybercapabilities. A spokesman for Aramco didn’t respond to a request for comment.
The move was at least partly in retaliation for the alleged U.S.-Israeli attack on Iran discovered in 2010 that deployed the Stuxnet computer worm to destroy Iranian nuclear centrifuges-considered to be the most successful and advanced cyberattack ever. The U.S. and Israel haven’t confirmed or denied involvement with Stuxnet.
Director of National Intelligence James R. Clapper has said that Iran used malware to destroy computers last year at Las Vegas Sands Corp., a casino company run by Sheldon Adelson, a major critic of the Iranian government. A Sands spokesman declined to comment.
Adm. Michael Rogers, center, director of the National Security Agency and commander of the U.S. Cyber Command, confers with Deputy Defense Secretary Robert Work ahead of testifying before the Senate Armed Services Committee in September. Photo: Win McNamee/Getty Images
Defense officials have also said Iranian hackers have temporarily overwhelmed the websites of numerous U.S. banks, in an annoying but relatively pedestrian technique known as a “denial of service” attack. The attack was allegedly in response to a YouTube video depicting the Prophet Muhammad. Some U.S. officials suspected it was retaliation for sanctions and the Stuxnet attack.
In 2012, Iran’s Supreme Leader Ayatollah Ali Khamenei publicly announced the creation of the Supreme Council of Cyberspace charged to oversee the defense of Iran’s computer networks and develop “new ways of infiltrating or attacking the computer networks of its enemies.”
National Security Agency Director Adm. Michael Rogers said Iranian cyberattacks have slowed since nuclear talks intensified last year, but that Tehran appears “fully committed” to using cyberattacks as part of its national strategy.
A spokesman for the Iranian government didn’t respond to request for comment.
Sony hack
 
U.S. officials accused North Korea of destroying computer files and records at Sony Corp.’s Hollywood film unit in 2014, allegedly in retaliation for “The Interview,” a satirical movie about assassins of North Korean leader Kim Jong Un. The breach was considered one of the most successful nation-state attacks. North Korea successfully implanted malware on Sony computers, which allowed them to both steal and destroy company records, the FBI alleged.
South Korea has also accused North Korea of trying to hack a nuclear reactor, television networks and at least one bank.
“Cybercapability, especially offensive cybercapability, is a relatively inexpensive method that a country can exploit to ‘hit above its weight class,’ which North Korea is fully aware of and is attempting to leverage,” said Steve Sin, a former U.S. Army counterintelligence officer who now researches unconventional weapons and technology.
Defense contractor Northrop Grumman Corp., meanwhile, has advertised for a “cyber operations planner” to “facilitate” offensive computer attacks with the South Korean and U.S. governments, according to a job posting it listed online.
A Northrop spokesman said the customer determines the scope of work performed.
A spokesman for North Korea couldn’t be reached for comment. The country hasn’t commented publicly on cyberprograms.
Many cybersecurity experts, however, consider the U.S. government to have the most advanced operations. When Kaspersky Lab ZAO, a Russian cybersecurity company, this year released a report on a group it called the Equation Group-which U.S. officials confirmed was a thinly veiled reference to the NSA-it referred to the operatives as the “crown creator of cyberespionage.”
Former National Security Agency contractor Edward Snowden leaked documents that showed the NSA had implanted malware on tens of thousands of foreign computers. That allowed the U.S. government secret access to data and, potentially, the industrial control systems behind power plants and pipelines. The Pentagon’s U.S. Cyber Command didn’t respond to a request for comment.
In some instances, Kaspersky found, the NSA was able to burrow so deeply into computers that it infected the code that controls how a hard drive spins. So-called firmware isn’t scanned by computer defenses.
“We, too, practice cyberespionage, and, in a public forum, I’m not going to say how successful we are, but we’re not bad,” Mr. Clapper, the Director of National Intelligence, told a Senate panel in September.
U.S. Cyber Command now has nine “National Mission Teams” with plans to build four more. These each comprise 60 military personnel that will “conduct full-spectrum cyberspace operations to provide cyber options to senior policy makers in response to attacks against our nation,” a Pentagon spokesperson said.
The Navy, Army, and Air Force will each build four teams, with the Marines building a single unit. Each will have a “separate mission with a specific focus area,” though these have so far remained secret.
Air Force Chief of Staff Gen. Mark A. Welsh III told a group of reporters in April that he wanted to see the military develop “blunt force trauma” powers with their cyberweapons. He gave examples of computer codes that could “make an enemy air defense system go completely blank” or have an enemy’s “radar show a thousand false targets that all look real.” He didn’t say the military had finished designing such powers.
Defense Secretary Ash Carter has made the development of new cyberweapons a priority, although the policy seems in flux after questions were raised by the Pentagon’s inspector general.
This activity has prompted other countries to join the digital buildup.
In 2014, the Netherlands announced it would begin training its own Internet troops through a domestic cybersecurity company, called Fox-IT. The head of the Dutch armed forces, Major Gen. Tom Middendorp, said in a symposium the group should be prepared to carry out attacks, not just block them, according to a Dutch media report. The Netherlands’ military strategy, laid out in various documents, refers to hacking as a “force multiplier.” A Dutch military spokesman confirmed the efforts but declined to make Gen. Middendorp available for an interview.
In 2013, Denmark’s Defense Ministry began allocating about $10 million a year for “computer network operations,” which include “defensive and offensive military operations,” according to government budget documents. That amount is just 0.24% of the Danish defense budget, reflecting the tiny barrier of entry.
Countries unable to develop their own weapons can buy off-the-shelf systems from private parties. Earlier this year, an attack and document leak on the Italian firm Hacking Team revealed the company had sold its surveillance tools to dozens of countries, including Sudan, Egypt, Ethiopia and Azerbaijan.
Hacking Team touted its product as “the hacking suite for governmental interception,” and computer security researchers who studied its program said it took advantage of holes in popular software to get onto opponents’ computers and mobile devices. The FBI is among the groups listed as clients of Hacking Team. An FBI spokesman said it didn’t comment on specific tools or techniques.
Most of these countries use surveillance software on domestic enemies or insurgent groups, according to officials with numerous countries and researchers.
States aren’t the only players. About 30 Arabic-fluent hackers in the Palestinian territories, Egypt and Turkey are building their own tools to hit targets in Egypt, Israel and the U.S., according to researchers at Kaspersky Lab.
And in August, the U.S. used a drone to kill Islamic State hacker Junaid Hussain in Raqqa, Syria, showing the extent to which digital warfare has upset the balance of power on the modern battlefield.
The British citizen had used inexpensive tools to hack more than 1,000 U.S. military personnel and published personal and financial details online for others to exploit. He helped sharpen the terror group’s defense against Western surveillance and built hacking tools to penetrate computer systems, according to people familiar with the matter.
National-security and cyberweapon experts are watching the growing digital arms stockpile nervously, worried that one-off attacks could eventually turn messier, particularly given how little is known about what each country is capable of doing.
“What we can do, we can expect done back to us,” said Howard Schmidt, who was the White House’s cybersecurity coordinator until 2012. The U.S. is thinking, “Yeah, I don’t want to pull that trigger because it’s going to be more than a single shot that goes off.”