Category Archives: Russia

U.S. Treasury Employee Arrested Charged with Leaking to Media

Posted on by

The official 18 page indictment is here.

US Treasury employee arrested, accused of leaking media secret information about suspicious financial transactions related to Paul Manafort, Russians

  • A U.S. Treasury employee has been arrested and charged with leaking to a BuzzFeed News reporter multiple secret reports about suspicious financial transactions.
  • The documents relate to former Trump campaign chief Paul Manafort, Trump campaign official Richard Gates, accused Russian agent Maria Butina, the Russian Embassy and suspected Russian money launderer Prevezon Alexander.
  • The accused employee, Natalie Mayflower Sours Edwards will face criminal charges in New York.

A U.S. Treasury employee has been arrested on charges that she leaked to BuzzFeed News multiple reports about suspicious financial transactions involving ex-Trump campaign chief Paul Manafort, law-enforcement officials said.

The highly confidential documents allegedly leaked by the employee also were related to former Trump campaign official Richard Gates, accused Russian agent Maria Butina, a suspected Russian money launderering entity and the Russian Embassy in Washington, according to a criminal complaint.

Natalie Mayflower Sours Edwards

Natalie Mayflower Sours Edwards, a 40-year-old senior advisor in Treasury’s financial crimes enforcement network who was arrested Tuesday, will face federal criminal charges in New York, officials said.

She is charged with unlawfully disclosing so-called suspicious activity reports, or SARS, and conspiracy to do the same. Both felony counts carry a maxmium potential sentence of five years in prison.

A Quinton, Virginia, resident, Edwards was released on a $100,000 personal recognizance bond after her presentment Wednesday afternoon in U.S. District Court for the Eastern District of Virginia. Under the conditions of her release, Edwards is barred from contacting reporters or handling documents belonging to her Treasury division without approval.

A lawyer for Edwards did not immediately respond to a request for comment.

SARS are used to alert Treasury officials and other authorities about financial transactions that may be related to criminal conduct, such as money laundering. Treasury’s FinCEN division, for which Edwards works, manages the collection of SARS. It is illegal for a government employee to disclose a SAR or its contents outside of the scope of their work.

The complaint against Edwards says that she started leaking “numerous SARS in October 2017” to an unidentified reporter, and continued doing so until this month.

She had “hundreds of electronic communications” with the reporter, “many via an encrypted application,” the complaint said.

After Edwards began leaking SARS, the journalist wrote about a dozen articles which mentioned the details of those reports, according to the complaint.

Articles cited in the complaint carry the bylines of Jason Leopold and Anthony Cormier, two BuzzFeed reporters, as well as other journalists at that media outlet.

The articles cited documents transactions pertaining to Manafort and Gates, both of whom have since pleaded guilty to financial crimes related to their consulting work for a pro-Russia political party in Ukraine.

They also related to Butina, who is currently being held without bond on charges of being a Russian agent, the accused money launderering real-estate entity Prevezon Alexander, and the Russian Embassy in Washington.

At the time of Edwards’ arrest, according to federal prosecutors in Manhattan, she “was in possession of a flash drive” that appeared to be the same device “on which she saved the unlawfully disclosed” SARS.

Also in her possession was “a cellphone containing numerous communications over an encrypted application in which she transmitted [SARS] and other sensitive government information” illegally, prosecutors said.

“When questioned by law enforcement officials [Tuesday], Edwards confessed she has provided [SARS] to [the reporter] via an encrypted application, through falsely denied knowing that [the reporter] intended to or did publish that information” through a news organization, the complaint said.

BuzzFeed News declined to comment. Leopold and Cormier did not immediately return requests for comment.

 

Afghanistan Then and Now

Posted on by

Primer:In September of 1963, the King and Queen of Afghanistan visited Washington DC as guests of President Kennedy.

55 years later, this month, the United States and allies have entered the 17th year of military conflict in Afghanistan. The target is the Taliban. Under the Obama regime, several attempts were made to normalize relationship with the Taliban leadership including swapping one treasonous soldier for 5 senior Taliban leaders from Guantanamo. At the same time, the United States coordinated with Qatar to pay for a Taliban consulate operation in Qatar. It remains today.

Under the Trump administration, the same kind of talks are taking place with Zalmay Khalilzad leading the U.S. envoy.

Zalmay Khalilzad, the Afghan-born U.S. adviser and former U.S. ambassador to Afghanistan, briefed Ghani and Abdullah on October 13 about his meetings with senior ministers and top diplomats in four countries as part of a diplomatic mission aimed at bringing the Taliban to the negotiating table.

Since Khalilzad last visited Kabul on October 4, his tour has taken him to Pakistan, the United Arab Emirates, Saudi Arabia, and Qatar.

A statement sent to journalists on October 13 by Taliban spokesman Zabihullah Mujahid said Khalilzad met Taliban representatives on October 12 in Qatar’s capital, Doha, to discuss ending the Afghan conflict.

Mujahid said the Taliban representatives told Khalilzad that the presence of foreign forces in Afghanistan was a “big obstacle” to peace and that both sides “agreed to continue such meetings.”

Another senior Taliban member said the U.S. envoy had asked the Taliban leadership to declare a cease-fire in Afghanistan for six months, in time for the planned October 20 parliamentary elections.

“Both sides discussed prospects for peace and the U.S presence in Afghanistan,” another Taliban official said.

The Taliban in exchange are seeking the release of their fighters from Afghan jails and the removal of foreign troops currently aiding Afghan security forces.

“Neither side agreed to accept the other’s demands immediately, but they agreed to meet again and find a solution to the conflict,” said a Taliban official who asked not to be identified.

A statement about Khalilzad’s diplomatic tour released by the U.S. Embassy in Kabul did not confirm his meeting with the Taliban. More here.

After 17 years, there are still more Taliban fighters? How is that possible?

Let’s go back many years shall we?

BEFORE THE AMERICAN invasion, before the Russian war, and before the Marxist revolution, Afghanistan used to be a pretty nice place.

An astonishing collection of photos from the 1960s was recently featured by the Denver Post.

To see the full photo essay, go here.

GAO Report on Weapons Systems Hacking Vulnerabilities

Posted on by

Cant make this up and further there is a huge element of deniability that such vulnerabilities exists.

GAO report reveals new Pentagon weapon systems vulnerable ...

GAO: In recent cybersecurity tests of major weapon systems DOD is developing, testers playing the role of adversary were able to take control of systems relatively easily and operate largely undetected.

DOD’s weapons are more computerized and networked than ever before, so it’s no surprise that there are more opportunities for attacks. Yet until relatively recently, DOD did not make weapon cybersecurity a priority. Over the past few years, DOD has taken steps towards improvement, like updating policies and increasing testing.

Federal information security—another term for cybersecurity—has been on our list of High Risk issues since 1997.

Today’s weapon systems are heavily computerized, which opens more attack opportunities for adversaries (represented below in a fictitious weapon system for classification reasons). The full report here.

APKWS on target | Jane's 360

*** From Wired in part:

In other cases, the report states that automated systems did detect the testers, but that the humans responsible for monitoring those systems didn’t understand what the intrusion technology was trying to tell them.

Like most unclassified reports about classified subjects, the GAO report is rich in scope but poor in specifics, mentioning various officials and systems without identifying them. The report also cautions that “cybersecurity assessment findings are as of a specific date so vulnerabilities identified during system development may no longer exist when the system is fielded.” Even so, it paints a picture of a Defense Department playing catch-up to the realities of cyberwarfare, even in 2018.

Edelman says the report reminded him of the opening scene of Battlestar Galactica, in which a cybernetic enemy called the Cylons wipes out humanity’s entire fleet of advanced fighter jets by infecting their computers. (The titular ship is spared, thanks to its outdated systems.) “A trillion dollars of hardware is worthless if you can’t get the first shot off,” Edelman says. That kind of asymmetrical cyberattack has long worried cybersecurity experts, and has been an operational doctrine of some of the United States’ biggest adversaries, including, Edelman says, China, Russia, and North Korea. Yet the report underscores a troubling disconnect between how vulnerable DOD weapons systems are, and how secure DOD officials believe them to be.

“In operational testing, DOD routinely found mission-critical cyber vulnerabilities in systems that were under development, yet program officials GAO met with believed their systems were secure and discounted some test results as unrealistic,” the report reads. DOD officials noted, for instance, that testers had access that real-world hackers might not. But the GAO also interviewed NSA officials who dismissed those concerns, saying in the report that “adversaries are not subject to the types of limitations imposed on test teams, such as time constraints and limited funding—and this information and access are granted to testers to more closely simulate moderate to advanced threats.”

It’s important to be clear that when the DOD dismisses these results, they are dismissing the testing from their own department. The GAO didn’t conduct any tests itself; rather, it audited the assessments of Defense Department testing teams. But arguments over what constitutes a realistic testing condition are a staple of the defense community, says Caolionn O’Connell, a military acquisition and technology expert at Rand Corporation, which has contracts with the DOD.

 

Syrian FM Calls for Volunteer Return of Refugees

Posted on by

Syria’s Foreign Minister, Walid al-Moualem, told the United Nations General Assembly on Saturday that the country was ready for the voluntary return of refugees who fled during the conflict.

“We welcome any assistance with reconstruction from those countries that were not part of the aggression on Syria,” said al-Moualem, who is also the Deputy Prime Minister.

“The countries that offer only conditional assistance or continue to support terrorism, they are neither invited nor welcome to help.”

He said the conditions were fine for them to return, and he blamed “some western countries” for “spreading irrational fears” that prompted refugees to stay away.

“We have called upon the international community and humanitarian organizations to facilitate these returns,” he said. “They are politicizing what should be a purely humanitarian issue.”

The United States and the European Union have warned that there will be no reconstruction aid for Syria until there is a political agreement between Assad and the opposition to end the war.

UN diplomats say a recent agreement between Russia and Turkey to set up a buffer zone in the last major rebel stronghold of Idlib has created an opportunity to press ahead with political talks.

The Russian-Turkish deal averted a large-scale assault by Russian-backed Syrian forces on the province, where three million people live.

Moualem however stressed that the agreement had “clear deadlines” and expressed hope that military action will target jihadists including fighters from the Al-Qaeda-linked Nusra Front, who “will be eradicated.”

UN envoy Staffan de Mistura is hoping to soon convene the first meetings of a new committee comprised of government and opposition members to draft a post-war constitution for Syria and pave the way to elections.

Moualem laid out conditions for the Syrian government’s participation in the committee, saying the panel’s work should be restricted “to reviewing the articles of the current constitution,” and warned against interference.

Syria calls on US, French, Turkish forces to withdraw immediately

Syria’s foreign minister also denounced US, French and Turkish forces operating in his country as “occupying forces” and demanded that they leave immediately.

Moualem said the foreign forces were on Syrian soil illegally, under the pretext of fighting terrorism, and “will be dealt with accordingly.”

“They must withdraw immediately and without any conditions,” he told the assembly.

Meanwhile, as we don’t know the real number of Syrian refugees in the United States, it is estimated to be in the 20-30,000 range. But then there is the matter of Iran…. the fear of return remains. What is there to go to after 7 years of civil war?

Resettled refugee: 'I want to go back to Syria' - CNN Video

Iran’s Islamic Revolutionary Guard Corps fired six ballistic missiles into eastern Syria on Monday. The strike — whose efficacy is debatable — was in response to a Sept. 22 terrorist attack on a military parade in the city of Ahvaz in southwestern Iran. Both the Islamic State, or ISIS, and a local Arab resistance group took responsibility for the attack.

Why it matters: The missile strike — allegedly coupled with bombardments from unmanned aerial vehicles — targeted the town of Hajin, near the Iraqi border. Likely because of the proximity of the strike to U.S. and coalition forces in the region fighting ISIS, a U.S. military official reportedly called the strikes, “reckless, unsafe and escalatory.” According to the spokesperson for the U.S.-led coalition against ISIS, Iran also did not issue advance warning.

The background: This is the second time Iran has fired ballistic missiles at ISIS positions in Syria. In June 2017, Iran fired six short-range ballistic missiles — the same types, in fact — in response to terror attacks in Tehran. In the past year and a half, Iran has used ballistic missiles on at least three occasions to project force abroad, with Iranian Kurdish dissidents in Iraq serving as the target last month. Prior to this recent uptick, the last time Iran fired ballistic missiles outside of its territory was in 2001.

Counting all reported flight tests and military operations, Iran has launched as many as 39 ballistic missiles since agreeing to the nuclear deal in July 2015.

What’s next: A high-ranking Iranian military official claimed the missile strikes were only the “first phase” of Tehran’s broader response to the attacks. Despite pointing a finger at the U.S. and its regional partners, Iran has thus far chosen to target only ISIS.

The bottom line: In addition to displaying Iran’s missile capabilities and confidence in its missile force, these strikes indicate that Iran’s threshold for the use of ballistic missiles in military operations against foreign targets is decreasing. This means ballistic missiles will likely play a greater role in Iran’s engagements in the Middle East, making it harder to contain and deter Tehran in the region. Hat tip.

Trump Admin Trying to Get a Cyber Doctrine

Posted on by

October is national cyber awareness month, frankly every month and every day should be an awareness day.

octo | Office of the Chief Technology Officer

So, back in late 2017, the House passed by a voice vote H.R. 3559 – Cybersecurity and Infrastructure Security Agency Act of 2017. As you may guess, it is stalled in the Senate.

Meanwhile, in an effort to mobilize and consolidate cyber operations for the United States, there is no consensus within Congress. Should every government agency has a cyber division? Should the United States be able to perform counter cyber attacks? What kind of a cyber attack on the United States constitutes an act of war?

Just last month, Politico published a piece stating in part:

Recent reports that Russia has been attempting to install malware in our electrical grid and that its hackers have infiltrated utility-control rooms across America should constitute a significant wakeup call. Our most critical infrastructure systems are vulnerable to malicious foreign cyberactivity and, despite considerable effort, the collective response has been inadequate. As Director of National Intelligence Dan Coats ominously warned, “The warning lights are blinking red.”

A successful attack on our critical infrastructure — power grids, water supplies, communications systems, transportation and financial networks — could be devastating. Each of these is vital to our economy, health and security. One recent study found that a single coordinated attack on the East Coast power grid could leave parts of the region without power for months, cause thousands of deaths due to the failure of health and safety systems, and cost the U.S. economy almost $250 billion. Cyberattacks could also undermine our elections, either by altering our voter registration rolls or by tampering with the voting systems or results themselves.

The op-ed was written by retired General and former CIA Director David Petraeus who is arguing: “Our grab-bag approach isn’t working. Gen. David Petraeus says it’s time to go big.”

Actually, I agree with General Petraeus on his position. Last month also, John Bolton on the White House National Security Council declared that the U.S. is going on the offensive. Yet in an interesting article, Forbes offers a point and counter-point to that argument.

Last week, President Trump spoke to world leaders about how China is interfering in U.S. elections via the cyber realm. While no evidence has been offered, that is not to say there is no evidence, it is a common tactic of China. Additionally, the United States is offering robust assistance to NATO allies.

Acting to counter Russia’s aggressive use of cyberattacks across Europe and around the world, the U.S. is expected to announce that, if asked, it will use its formidable cyberwarfare capabilities on NATO’s behalf, according to a senior U.S. official.

The announcement is expected in the coming days as U.S. Defense Secretary Jim Mattis attends a meeting of NATO defense ministers on Wednesday and Thursday.

Katie Wheelbarger, the principal deputy assistant defense secretary for international security affairs, said the U.S. is committing to use offensive and defensive cyber operations for NATO allies, but America will maintain control over its own personnel and capabilities.

The decision comes on the heels of the NATO summit in July, when members agreed to allow the alliance to use cyber capabilities that are provided voluntarily by allies to protect networks and respond to cyberattacks. It reflects growing concerns by the U.S. and its allies over Moscow’s use of cyber operations to influence elections in America and elsewhere.

“Russia is constantly pushing its cyber and information operations,” said Wheelbarger, adding that this is a way for the U.S. to show its continued commitment to NATO.

Wheelbarger told reporters traveling to NATO with Mattis that the move is a signal to other nations that NATO is prepared to counter cyberattacks waged against the alliance or its members.

Much like America’s nuclear capabilities, the formal declaration of cyber support can help serve as a military deterrent to other nations and adversaries.

The U.S. has, for some time, considered cyber as a warfighting domain, much like air, sea, space and ground operations. In recent weeks the Pentagon released a new cybersecurity strategy that maps out a more aggressive use of military cyber capabilities. And it specifically calls out Russia and China for their use of cyberattacks.

China, it said, has been “persistently” stealing data from the public and private sector to gain an economic advantage. And it said Russia has use cyber information operations to “influence our population and challenge our diplomatic processes.” U.S. officials have repeatedly accused Moscow of interfering in the 2016 elections, including through online social media.

“We will conduct cyberspace operations to collect intelligence and prepare military cyber capabilities to be used in the event of a crisis or conflict,” the new strategy states, adding that the U.S. is prepared to use cyberwarfare along with other military weapons against its enemies when needed, including to counter malicious cyber activities targeting the country. Read more here.

Not to be left out is North Korea.

The Department of Homeland Security, the Department of the Treasury, and the Federal Bureau of Investigation have identified malware and other indicators of compromise used by the North Korean government in an ATM cash-out scheme—referred to by the U.S. Government as “FASTCash.” The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA.

For more information, see:

Yup, in closing…..we agree with General Petraeus….it is long overdue to go big and go NOW.