Cyberwar: The new Forever Battle, Indicators of Compromise

The United States is in the midst of the most resounding policy shift on cyber conflict, one with profound implications for national security and the future of the internet. The just-released U.S. Cyber Command “vision” accurately diagnoses the current state of cyber conflict and outlines an appropriate new operational model for the command: since cyber forces are in “persistent engagement” with one another, U.S. Cyber Command must dive into the fight, actively contesting adversaries farther forward and with more agility and operational partnerships.

The vision, however, ignores many of the risks and how to best address them. Most importantly, the vision does not even recognize the risk that more active defense – in systems and networks in other, potentially friendly nations – persistently, year after year, might not work and significantly increases the chances and consequences of miscalculations and mistakes. Even if they are stabilizing, such actions may be incompatible with the larger U.S. goals of an open and free Internet. More here including the critique of the report.

US Cyber Command gets unified military command status ...

*** Meanwhile we know all too well about Russia and China’s cyber espionage, yet when proof surfaces by hacking into their documents for evidence….both countries begin another denial session. And Trump invited Putin to a bi-lateral meeting at the White House? Any bi-lateral meeting should take place outside the United States in a neutral location like Vanuatu or the Canary Islands….

TheTimes: Russian attempts to fuel dissent and spread disinformation have been exposed by a cache of leaked documents that show what the Kremlin is prepared to pay for hacking, propaganda and rent-a-mob rallies.

Hacked emails sent by Moscow-linked figures outline a dirty-tricks campaign in Ukraine, which was invaded on the orders of President Putin in 2014. Experts said that they exposed the dangers faced by Britain and its allies because Russia used the same weapons of disinformation, bribery and distortion to attack the West.

Bob Seely, a Tory MP and expert on Russian warfare, said his analysis of the leaks, which comprise thousands of emails and a password-protected document related to the conflict in Ukraine, revealed a “shopping list of subversion”.

“There is overwhelming evidence that the tools and techniques of Russian covert conflict are being used in and against the UK, the US and the EU,” he added. “In the wake of the Skripal poisoning it’s more important than ever that we understand these methods.”

The cost and extent of tactics were disclosed in a third tranche of the so-called Surkov leaks, named after Vladislav Surkov, a Kremlin spin-master said by some to be Mr Putin’s Rasputin.

Two previous tranches, published online by Ukrainian Cyber Alliance, a hacker activist collective, were said to include emails from an account linked to Mr Surkov. He has been closely involved with the management of Donetsk and Luhansk People’s Republics, two Russian-controlled “statelets” in Ukraine established by pro-Moscow separatists.

The latest publication appears to contain emails found in accounts linked to Inal Ardzinba, Mr Surkov’s first deputy, and to a Ukrainian Communist party leader. They suggest that the Kremlin paid local groups and individuals in Ukraine that were willing to advance its aim to fracture the country.

One set of correspondence from October 2014, which appears to have been sent by a Russian politician to Mr Ardzinba, contained proposals to fund cyberoperations, including hacking email accounts for between $100 and $300. A wider plan to “troll opponents”, “demotivate enemies” on social media, and amass the personal data of targeted individuals in Ukraine’s second largest city, Kharkiv, was priced at $130,500.

The Russian foreign ministry has denied in the past that Mr Ardzinba has had anything to do with propaganda in Ukraine. According to Mr Seely, the leaks appear to reveal plans to plant new historical and philosophical ideas. The emails also include an event and two books that would claim that an area of Ukraine had Russian heritage.

Other proposals included the orchestration of anti-Ukraine, pro-Russia rallies. These involved the transport of “sportsmen” trained in martial arts to agitate at the rallies, bribes to local media to feature the protests and bribes to police to turn a blind eye. A month of rallies in Kharkiv was priced at $19,200. It included 100 participants, three organisers and two lawyers. It is unclear if the rallies took place, though others orchestrated by the Kremlin did happen, the research said. Moves to get 30 ex-communist figures elected to local government were floated in June 2015, at $120,460, the leaks said.

The Kremlin has claimed in the past that the Surkov leaks are fabricated and in the information war between Ukraine and Russia falsehoods may have been planted. However, the authors of correspondence in the first two tranches confirmed their authenticity. They were supported by the Atlantic Council, an international affairs think tank, after an analysis of metadata.

In their analysis of the third tranche, Mr Seely and his co-researcher Alya Shandra, managing editor of an English-language Ukrainian news website, say the leaks are “very likely to be authentic”. Ms Shandra and Mr Seely plan to publish their report with the Royal United Services Institute.

Peter Quentin, a research fellow at the Royal United Services Institute, said: “There is no reason to believe these leaks are any less credible than the previous tranches. This third tranche certainly seems to fit with the trend of well-documented subversion by Russian activists in the region.”

China and Russia Military Collaboration Against the West

Imagine the conversations in meetings between respective military officers of these two countries. As the United States has very little in the way of remote espionage in China and due to the expulsion of U.S. diplomatic personnel from Russia, the U.S. has even less intelligence officers in and around Russia….so, what could be coming that we may soon miss?
CHINA’S EVOLVING OVERSEAS ACCESS
China is expanding its access to foreign ports to pre-position the necessary logistics support to regularize and sustain deployments in the “far seas,” waters as distant as the Indian Ocean, Mediterranean Sea, and Atlantic Ocean. In late November, China publicly confirmed its intention to build military supporting facilities in Djibouti “to help the navy and army further participate in United Nations peacekeeping operations (PKO), carry out escort missions in the waters near Somalia and the Gulf of Aden, and provide humanitarian assistance.” This Chinese initiative both reflects and amplifies China’s growing geopolitical clout, extending the reach of its influence and armed forces.
China’s expanding international economic interests are increasing demands for the PLAN to operate
in more distant seas to protect Chinese citizens, investments, and critical sea lines of communication
(SLOC).
China most likely will seek to establish additional naval logistics hubs in countries with which it has a
longstanding friendly relationship and similar strategic interests, such as Pakistan, and a precedent for hosting foreign militaries. China’s overseas naval logistics aspiration may be constrained
by the willingness of countries to support a PLAN presence in one of their ports.
So far, China has not constructed U.S. – style overseas military bases in the Indian Ocean. China’s leaders may judge instead that a mixture of preferred access to overseas commercial ports and a limited number of exclusive PLAN logistic facilities—probably collocated with commercial ports—
most closely aligns with China’s future overseas logistics needs to support its evolving naval requirements.
Preferred access would give the PLAN favored status in using a commercial port for resupply,
replenishment, and maintenance purposes. A logistics facility would represent an arrangement in
which China leases out portions of a commercial port solely for PLAN logistics operations.
Such a logistics presence may support both civilian and military operations. China’s current naval logistics footprint in the Indian Ocean is unable to support major combat operations in South Asia. A greater overseas naval logistics footprint would better position the PLAN to expand its participation in non-war military missions, such as non-combatant evacuation operations (NEO), search-and-rescue (SAR), humanitarian assistance/disaster relief (HA/DR), and sea lines of communication (SLOC) security. To some extent, a more robust overseas logistics presence may also enable China to expand its support to PKO, force protection missions, and counterterrorism initiatives.
For example, in 2015, the PLAN’s naval escort task forces performing counterpiracy escort duties in the Gulf of Aden were able to utilize Djibouti and Oman for basic resupply and replenishment. The 156 page report is here.
*** http://www.combataircraft.net/wp-content/uploads/sites/5/2016/03/CA-Mar-12-Pic-12-1.jpgElectronic attack J-16
A dedicated electronic warfare (EW) version of the Shenyang J-16 fighter completed its maiden flight on December 18 last year. The first images of the aircraft — sometimes described as the J-16D or even J-16G — reveal several changes compared to the standard J-16 fighter-bomber: most obviously, two large EW pods on the wingtips that are very similar in appearance to the AN/ALQ-218 tactical jamming receivers used by the Boeing EA-18G Growler. The aircraft also features a new, shorter radome and the standard 30mm cannon and the optical sensor in front of the starboard side of the windshield have been removed. In addition, several conformal dielectric EW arrays can be seen around the fuselage, front section (behind the radome), and intakes. Photo
In the wake of Russia’s demonstrations of advanced electromagnetic spectrum and communications jamming capabilities, most recently displayed in their incursion into Ukraine, China also is upping its game in this space, demonstrating similar capabilities in the Pacific.

The U.S. Department of Defense, in an annual report to Congress on China’s military and security developments, assessed that the country is placing greater importance upon EW, on par with traditional domains of warfare such as air, ground and maritime.

“The [People’s Liberation Army] sees EW as an important force multiplier, and would likely employ it in support of all combat arms and services during a conflict,” the 2016 report asserts. “The PLA’s EW units have conducted jamming and anti-jamming operations, testing the military’s understanding of EW weapons, equipment, and performance. This helped improve the military’s confidence in conducting force-on-force, real-equipment confrontation operations in simulated EW environments.”

According to the report, China’s EW weapons include “jamming equipment against multiple communication and radar systems and GPS satellite systems. EW systems are also being deployed with other sea- and air-based platforms intended for both offensive and defensive operations.”More here.

***
Collaboration on Satellites
….uh huh…. Joint military operation locations:
Before Russia and China began their recent series of bilateral exercises, the key tie between Moscow and Beijing was arms sales and military technology cooperation — totaling about $26 billion from 1992 to 2006 — according to estimates cited in the report.

Moscow sold Beijing, “export versions of the Su-27 and Su-30 fighter, the S-300 SAM defense system, Sovermennyy-class guided missile destroyer, and Kilo-class diesel-electric submarine,” the report said, citing data from the Stockholm International Peace Research Institute.
Fears of China copying Russian systems led to a drop off in arms sales between the two countries – especially higher end weapon systems. Chinese arms manufactures are notorious for taking, modifying and reproducing weapon designsMore here.

Russia and China are planning to merge their satellite tracking systems, RT.com is reporting.

The giant system will be able to cover most of an area including China, Kazakhstan, Kyrgyzstan, Russia, Tajikistan, Uzbekistan, India and Pakistan. according to RT, the Russian-funded news outlet.

The two nations will reportedly negotiate terms of the merger in May during a conference in China.

Russia and China will be able to share data on positions of navigation satellite groups and to improve efficiency in a real-time environment, RT reported.

The merger was initiated by Chinese officials.

“If the project is implemented, it will allow for an improvement in accuracy for both systems,” a spokesman for the Russian Federal Space Agency, Roscosmos was quoted.

Japan and India are getting set for their own regional navigation satellite systems, RT reported. The system is expected to be operational by the end of the year.

 

9 Iranians Charged in Hacking 176 Universities, Intellectual Property

Nine Iranians Charged With Conducting Massive Cyber Theft Campaign On Behalf Of The Islamic Revolutionary Guard Corps

Mabna Institute Hackers Penetrated Systems Belonging to Hundreds of Universities, Companies, and Other Victims to Steal Research, Academic Data, Proprietary Data, and Intellectual Property

Rod J. Rosenstein, the Deputy Attorney General of the United States, Geoffrey S. Berman, the United States Attorney for the Southern District of New York, William F. Sweeney Jr., the Assistant Director-in-Charge of the New York Field Division of the Federal Bureau of Investigation (“FBI”), and John C. Demers, Assistant Attorney General for National Security, announced today the unsealing of an indictment charging GHOLAMREZA RAFATNEJAD, EHSAN MOHAMMADI, ABDOLLAH KARIMA, a/k/a “Vahid Karima,” MOSTAFA SADEGHI, SEYED ALI MIRKARIMI, MOHAMMED REZA SABAHI, ROOZBEH SABAHI, ABUZAR GOHARI MOQADAM, and SAJJAD TAHMASEBI.  The defendants were each leaders, contractors, associates, hackers-for-hire, and affiliates of the Mabna Institute, an Iran-based company that was responsible for a coordinated campaign of cyber intrusions that began in at least 2013 into computer systems belonging to 144 U.S.-based universities, 176 universities across 21 foreign countries, 47 domestic and foreign private sector companies, the United States Department of Labor, the Federal Energy Regulatory Commission, the State of Hawaii, the State of Indiana, the United Nations, and the United Nations Children’s Fund.  Through the activities of the defendants, the Mabna Institute conducted these intrusions to steal over 30 terabytes of academic data and intellectual property from universities, and email inboxes from employees of victim private sector companies, government victims, and non-governmental organizations.  The defendants conducted many of these intrusions on behalf of the Islamic Republic of Iran’s (“Iran”) Islamic Revolutionary Guard Corps (“IRGC”), one of several entities within the government of Iran responsible for gathering intelligence, as well as other Iranian government clients.  In addition to these criminal charges, today the Department of Treasury’s Office of Foreign Assets Control (OFAC) designated the Mabna Institute and the nine defendants for sanctions for the malicious cyber-enabled activity outlined in the Indictment.

Deputy Attorney General Rod J. Rosenstein said:  “These nine Iranian nationals allegedly stole more than 31 terabytes of documents and data from more than 140 American universities, 30 American companies, five American government agencies, and also more than 176 universities in 21 foreign countries.  For many of these intrusions, the defendants acted at the behest of the Iranian government and, specifically, the Iranian Revolutionary Guard Corps.  The Department of Justice will aggressively investigate and prosecute hostile actors who attempt to profit from America’s ideas by infiltrating our computer systems and stealing intellectual property.  This case is important because it will disrupt the defendants’ hacking operations and deter similar crimes.”

Manhattan U.S. Attorney Geoffrey S. Berman said:  “Today, in one of the largest state-sponsored hacking campaigns ever prosecuted by the Department of Justice, we have unmasked criminals who normally hide behind the ones and zeros of computer code.  As alleged, this massive and brazen cyber-assault on the computer systems of hundreds of universities in 22 countries, including the United States, and dozens of private sector companies and governmental organizations was conducted on behalf of Iran’s Islamic Revolutionary Guard.  The hackers targeted innovations and intellectual property from our country’s greatest minds.  These defendants are now fugitives from American justice, no longer free to travel outside Iran without risk of arrest.  The only way they will see the outside world is through their computer screens, but stripped of their greatest asset – anonymity.”

FBI Assistant Director William F. Sweeney Jr. said:  “The numbers alone in this case are staggering, over 300 universities and 47 private sector companies both here in the United States and abroad were targeted to gain unauthorized access to online accounts and steal data.  An estimated 30 terabytes was removed from universities’ accounts since this attack began, which is roughly equivalent of 8 billion double-sided pages of text.  It is hard to quantify the value on the research and information that was taken from victims but it is estimated to be in the billions of dollars. The nine Iranians indicted today now find themselves wanted by the FBI and our partner law enforcement agencies around the globe – and like other cyber criminals they will soon learn their ability to freely move was just limited to the virtual world only.”

According to the allegations contained in the Indictment[1] unsealed today in Manhattan federal court:

Background on the Mabna Institute

GHOLAMREZA RAFATNEJAD and EHSAN MOHAMMADI, the defendants, founded the Mabna Institute in approximately 2013 to assist Iranian universities and scientific and research organizations in stealing access to non-Iranian scientific resources.  In furtherance of its mission, the Mabna Institute employed, contracted, and affiliated itself with hackers-for-hire and other contract personnel to conduct cyber intrusions to steal academic data, intellectual property, email inboxes and other proprietary data, including ABDOLLAH KARIMA, a/k/a “Vahid Karima,” MOSTAFA SADEGHI, SEYED ALI MIRKARIMI, MOHAMMED REZA SABAHI, ROOZBEH SABAHI, ABUZAR GOHARI MOQADAM, and SAJJAD TAHMASEBI.  The Mabna Institute contracted with both Iranian governmental and private entities to conduct hacking activities on their behalf, and specifically conducted the university spearphishing campaign on behalf of the IRGC.  The Mabna Institute is located at Tehran, Sheikh Bahaii Shomali, Koucheh Dawazdeh Metri Sevom, Plak 14, Vahed 2, Code Posti 1995873351.

University Hacking Campaign

The Mabna Institute, through the activities of the defendants, targeted over 100,000 accounts of professors around the world.  They successfully compromised approximately 8,000 professor email accounts across 144 U.S.-based universities, and 176 universities located in foreign countries, including Australia, Canada, China, Denmark, Finland, Germany, Ireland, Israel, Italy, Japan, Malaysia, Netherlands, Norway, Poland, Singapore, South Korea, Spain, Sweden, Switzerland, Turkey, and the United Kingdom.  The campaign started in approximately 2013, and has continued through at least December 2017, and broadly targeted all types of academic data and intellectual property from the systems of compromised universities, including, among other things, academic journals, theses, dissertations, and electronic books.  Through the course of the conspiracy, U.S.-based universities spent over approximately $3.4 billion to procure and access such data and intellectual property.

The hacking campaign against universities was conducted across multiple stages.  First, the defendants conducted online reconnaissance of university professors, including to determine these professors’ research interests and the academic articles they had published.  Second, using the information collected during the reconnaissance phase, the defendants created and sent spearphishing emails to targeted professors, which were personalized and created so as to appear to be sent from a professor at another university.  In general, those spearphishing emails indicated that the purported sender had read an article the victim professor had recently published, and expressed an interest in several other articles, with links to those additional articles included in the spearphishing email.  If the targeted professor clicked on certain links in the email, the professor would be directed to a malicious Internet domain named to appear confusingly similar to the authentic domain of the recipient professor’s university.  The malicious domain contained a webpage designed to appear to be the login webpage for the victim professor’s university.  It was the defendants’ intent that the victim professor would be led to believe that he or she had inadvertently been logged out of his or her university’s computer system, prompting the victim professor for his or her login credentials.  If a professor then entered his or her login credentials, those credentials were then logged and captured by the hackers.

Finally, the members of the conspiracy used stolen account credentials to obtain unauthorized access to victim professor accounts, through which they then exfiltrated intellectual property, research, and other academic data and documents from the systems of compromised universities, including, among other things, academic journals, theses, dissertations, and electronic books.  The defendants targeted data across all fields of research and academic disciplines, including science and technology, engineering, social sciences, medical, and other professional fields.  At least approximately 31.5 terabytes of academic data and intellectual property from compromised universities were stolen and exfiltrated to servers under the control of members of the conspiracy located in countries outside the United States.

In addition to stealing academic data and login credentials for university professors for the benefit of the Government of Iran, the defendants also sold the stolen data through two websites, Megapaper.ir (“Megapaper”) and Gigapaper.ir (“Gigapaper”).  Megapaper was operated by Falinoos Company (“Falinoos”), a company controlled by ABDOLLAH KARIMA, a/k/a “Vahid Karima,” the defendant, and Gigapaper was affiliated with KARIMA.  Megapaper sold stolen academic resources to customers within Iran, including Iran-based public universities and institutions, and Gigapaper sold a service to customers within Iran whereby purchasing customers could use compromised university professor accounts to directly access the online library systems of particular United States-based and foreign universities.

Prior to the unsealing of the Indictment, the FBI provided foreign law enforcement partners with detailed information regarding victims within their jurisdictions, so that victims in foreign countries could be notified and so that foreign partners could assist in remediation efforts.

Private Sector Hacking Victims

In addition to targeting and compromising universities, the Mabna Institute defendants targeted and compromised employee email accounts for at least approximately 36 United States-based private companies, and at least approximately 11 private companies based in Germany, Italy, Switzerland, Sweden, and the United Kingdom, and exfiltrated entire email mailboxes from compromised employees’ accounts.  Among the United States-based private sector victims were three academic publishers, two media and entertainment companies, one law firm, 11 technology companies, five consulting firms, four marketing firms, two banking and/or investment firms, two online car sales companies, one healthcare company, one employee benefits company, one industrial machinery company, one biotechnology company, one food and beverage company, and one stock images company.

In order to compromise accounts of private sector victims, members of the conspiracy used a technique known as “password spraying,” whereby they first collected lists of names and email accounts associated with the intended victim company through open source Internet searches.  Then, they attempted to gain access to those accounts with commonly-used passwords, such as frequently used default passwords, in order to attempt to obtain unauthorized access to as many accounts as possible.  Once they obtained access to the victim accounts, members of the conspiracy, among other things, exfiltrated entire email mailboxes from the victims.  In addition, in many cases, the defendants established automated forwarding rules for compromised accounts that would prospectively forward new outgoing and incoming email messages from the compromised accounts to email accounts controlled by the conspiracy.

In connection with the unsealing of the Indictment, today the FBI issued a FBI Liaison Alert System (FLASH) message, providing detailed information regarding the vulnerabilities targeted and the intrusion vectors used by the Mabna Institute in their campaign against private sector companies, to provide the public with information to assist in detecting and remediating the threat.

U.S. Government and NGO Hacking Victims

In the same time period as the university and private sector hacking campaigns described above, the Mabna Institute also conducted a computer hacking campaign against various governmental and non-governmental organizations within the United States.  During the course of that campaign, employee login credentials were stolen by members of the conspiracy through password spraying.  Among the victims were the following, all based in the United States:  the United States Department of Labor, the Federal Energy Regulatory Commission, the State of Hawaii, the State of Indiana, the State of Indiana Department of Education, the United Nations, and the United Nations Children’s Fund.  As with private sector victims, the defendants targeted for theft email inboxes of employees of these organizations.

*                *                *

GHOLAMREZA RAFATNEJAD, EHSAN MOHAMMADI, ABDOLLAH KARIMA, a/k/a “Vahid Karima,” MOSTAFA SADEGHI, SEYED ALI MIRKARIMI, MOHAMMED REZA SABAHI, ROOZBEH SABAHI, ABUZAR GOHARI MOQADAM, and SAJJAD TAHMASEBI, the defendants, are citizens and residents of Iran.  Each is charged with one count of conspiracy to commit computer intrusions, which carries a maximum sentence of five years in prison; one count of conspiracy to commit wire fraud, which carries a maximum sentence of 20 years in prison; two counts of unauthorized access of a computer, each of which carries a maximum sentence of five years in prison; two counts of wire fraud, each of which carries a maximum sentence of 20 years in prison; and one count of aggravated identity theft, which carries a mandatory sentence of two years in prison.  The maximum potential sentences in this case are prescribed by Congress and are provided here for informational purposes only, as any sentencings of the defendants will be determined by the assigned judge.

Mr. Berman praised the outstanding investigative work of the FBI, the assistance of the United Kingdom’s National Crime Agency (NCA), and the support of the OFAC.  The case is being handled by the Office’s Complex Frauds and Cybercrime Unit.  Assistant United States Attorneys Timothy T. Howard, Jonathan Cohen, and Richard Cooper are in charge of the prosecution, with assistance provided by Heather Alpino and Jason McCullough of the National Security Division’s Counterintelligence and Export Control Section.

The charges contained in the Indictment are merely accusations and the defendants are presumed innocent unless and until proven guilty.


[1] As the introductory phrase signifies, the entirety of the text of the Indictment, and the description of the Indictment set forth herein, constitute only allegations, and every fact described should be treated as an allegation.

Topic(s):
Cyber Crime
Press Release Number:
18-089

Why Did Trump Hire McMaster in the First Place?

Much has been written about Trump’s now former National Security Counsel advisor H.R. McMaster who at one time was General Petraeus’ ‘go-to’ tank operations expert in Iraq. The 3-star general from the outset never really gelled in a cohesive policy relationship with President Trump and the chatter for months in DC was that his time at the White House was going to be short.

McMaster Worked at Think Tank Backed by Soros-Funded Group ...

Question is who recommended McMaster to Trump in the first place and who did the background investigation such that Trump accepted and confirmed him to lead the National Security Council?

“After 34 years of service to our nation,” the lieutenant general said, “I am requesting retirement from the U.S. Army effective this summer, after which I will leave public service.” A White House official told VOA that the president and McMaster had mutually agreed upon McMaster’s resignation, after discussing it for some time. The official said the president asked McMaster to stay on until mid-April to ensure a smooth transition, and McMaster agreed. A graduate of the U.S. Military Academy, known as West Point, McMaster earned a Silver Star for leadership during the Persian Gulf War when, as a cavalry commander, he led a small contingent of U.S. tanks to destroy 80 Iraqi tanks and other vehicles. More here.

Well, the Daily Caller did some remarkable deeper work on McMaster spelling out how Trump never should have brought him on board in the first place. The other question remains on why the Pentagon did not advise McMaster on terminating his outside relationship especially with some rogue nations.

  • Outgoing National Security Advisor H.R. McMaster worked for a foreign-based think tank for 11 years before assuming his post
  • The think tank has ties to Russia, China, the Uranium One deal and Bahrain
  • Career armed forces officers spoke out against the arrangement

Outgoing National Security Advisor Lt. Gen. H.R. McMaster served for more than a decade as a consultant to the London-based International Institute for Strategic Studies, a foreign-based think-tank that has received funding from hostile foreign governments to include Russia and China, according to a Daily Caller News Foundation investigation.

The career soldier ended his employment at the International Institute for Strategic Studies (IISS) in February 2017 after President Donald Trump tapped him to serve as his national security adviser following the resignation of former National Security Adviser Michael Flynn.

McMaster is planning to leave the NSC in April, to be replaced by former U.N. Ambassador John Bolton, according to The Wall Street Journal.

The outgoing NSC official said in a statement, he was “requesting retirement from the U.S. Army effective this summer after which I will leave public service.”

The general, who did not leave the Army to assume his NSC post, was one of only two White House national security chiefs who retained active duty status while working at the White House. The other general was Gen. Colin Powell.

McMaster never publicized his decade-long outside consultant work with the foreign-based think tank that often supported a globalist agenda opposed by Trump. IISS often espoused foreign and military policies that served as the centerpiece of the Obama presidency, including support for the former president’s Iran nuclear deal.

While his 11 years at the institute were never part of his official military biography, former military officers who learned of it were harshly critical of his unusual moonlighting.

Veteran military officers expressed disbelief at McMaster’s consulting work at a foreign-based think tank that receives funding from hostile governments. They called the arrangement “unethical” and “unprecedented.”

IISS operates offices in the Bahrain, Singapore and Washington, D.C. It generally reflects a globalist “realist” Eurocentric view of foreign and military postures that’s at odds with Trump’s foreign policy. The think-tank was a major advocate of former President Barack Obama’s nuclear deal with Iran.

IISS receives funding from friendly Western sources such as aerospace firms and even the British army, but is also has received funding from the Russian Federation, China’s Ministry of Foreign Affairs, as well as the governments of Azerbaijan, Turkey, Qatar, Pakistan, Saudi Arabia and Bahrain, according to the IISS website.

During McMaster’s time at IISS, the think tank also received $700,000 from George Soros’s Open Society and $140,000 from Ploughshares, the pacifist organization that aggressively pushed for Obama’s Iran nuclear deal.

The organization’s council — its board of directors — also is filled with people who have ties to the Kremlin, to the Qatari emir who has been accused of supporting terrorists, to people associated with the Uranium One scandal, and with a Russian investment bank that paid former President Bill Clinton $500,000 for a single speech.

“This is bizarre,” retired Army Lt. Gen. William “Jerry” Boykin said in an interview with TheDCNF. “If that kind of information was available to The Trump administration before they selected him, the question is: Would they have selected him for this very job?”

The Army told TheDCNF that from 2006 when he first joined IISS as a “senior research associate” until he left in 2017, he did file annual financial disclosure forms notifying the Army of payments he received from the institute.

McMaster’s office did not respond to a DCNF request for his current financial disclosure form, which he was required to submit in 2017 as a White House employee.

Retired Rear Adm. James “Ace” Lyons, who served 35 years in the Navy, including a stint as commander of the Pacific Fleet, told TheDCNF McMaster’s consulting role at the think tank was “absurd.”

“It is really absurd that an active duty military officer, particularly one of flag rank, is a consultant to a foreign organization that is taking money and contributions from questionable countries that are known enemies of the United States,” Lyons told TheDCNF in an interview. “This to me seems to be outside the bounds of what we’re committed to. This is atrocious.”

“I’ve never seen this kind of thing before,” said Boykin, a 36-year veteran who served as under secretary for defense intelligence for President George W. Bush.

Boykin said he was convinced any commanding officer would have rejected McMaster’s proposed consulting work at IISS. “I cannot believe that the ethics people of the U.S. Army would approve of him doing that, and I can’t believe that any responsible person he worked for in the Army would have agreed to that.”

William J. Sharp, a public affairs civilian attached to U.S. Army Headquarters, told TheDCNF the Army accepted McMaster’s proposed consulting work at IISS without any prior approval because they regarded the think tank as not falling under the category of a “prohibited source.”

The term “prohibited source” relates to a company that seeks a business or other formal contractual relationship from the Department of Defense. Using that limited standard, the Army concluded IISS was not a prohibited source and McMaster did not need to obtain prior approval from military superiors.

“IISS is not a prohibited source for Army personnel,” Sharp told TheDCNF in an email. “Therefore, LTG McMaster was not required to obtain approval prior to consulting for IISS.”

“I’m surprised at this,” Boykin said. “I find this in my view and in my experience of 36 years to be unprecedented, and I would love to see an authorization. And if it’s an open-ended authorization — if there’s one at all — then I would be willing to bet you it was an error on the part of whoever provided that authorization. You just can’t do this on your own,” he told TheDCNF.

Retired Special Forces Col. James Williamson told TheDCNF he considered it “very unusual” for an active duty officer to serve for a decade at any educational institution. “It’s very unusual for a general officer on active duty to have that type of affiliation over that timespan,” he said. “I’ve had friends that have gone to Harvard or the Fletcher School at Tufts, but they’re U.S.-based.” He said most terms were for a short duration — usually six months to a year.

In fact, the military approves and even encourages active duty officers to seek temporary assignments with American educational institutions and think tanks. But those assignments are very short and rarely extend for more than a year.

Williamson said active duty military officers have plenty of private sector and think tank opportunities after they leave military service. “We have other people who served in London, but they’re not on active duty. They’re retired officers and there’s no problem with that,” he said.

Williamson, a counter terrorism specialist who served with NATO and U.S. Southern Command, said he regarded McMaster’s work as posing a basic “conflict of interest” in light of funding from hostile governments. That funding “would almost make it a de facto conflict of interest in my eyes.”

Retired U.S. Air Force Col. James Waurishuk, who also worked at the NSC, agreed. “I would be concerned about the work he’s doing and how it applies in relation to a think-tank that’s taking money from perhaps adversarial foreign governments. That would be of concern to me,” he said.

Williamson also shared the same view and added that even working at a London think tank poses problems. “Even our closest allies don’t have the same agendas and priorities that we do,” he said.

During his 11 years with IISS, the group promoted McMaster’s activities. A review of previous IISS websites by TheDCNF shows he was highlighted between six and 10 times each year.

IISS praised McMaster when he joined the Trump White House. Jonathan Stevenson, an Obama NSC official who also is a senior fellow at IISS, wrote a fawning opinion piece about McMaster in The New York Times. He called him a “compelling choice: a scholar-warrior” and “both a proven cavalry officer and a formidable defense intellectual.” Stevenson wrote McMaster could save Trump, and the general’s appointment, “should augur at least a fleeting period of stability at the dysfunctional National Security Council.”

Igor Yurgen has been on the IISS Council since 2010. He is chairman of Rennaissance Capital Group, which awarded Bill Clinton $500,00 in speaking fees.

Russia Today, a pro-Kremlin news organization, once described Yurgen as “one of Russia’s most influential experts close to [former] President Dmitry Medvedev.”

“He is remarkably skilled at combining public, business and political careers,” according to RT.

Another council member is Michael Rich, an executive vice president of the RAND Corp. But significantly, he is co-chair of the board of overseers of a project called the RAND Qatar Policy Institute.

The Qatar Policy Institute is also part of the Qatar Foundation, started by Qatar’s former emir, Sheikh Hamad Bin Khalifa Al Thani, and his wife, Sheikha Moza bint Nasser.

Saudi Arabia and the Persian Gulf states accuse Qatar of supporting Islamic terrorism. Al Thani has supported the Taliban in Afghanistan, Hamas in the Gaza Strip, militias in Libya, and the Muslim Brotherhood, The New York Times reported in 2014. The Emir personally traveled in 2012 to the Gaza Strip, where he received a hero’s welcome as he pledged to work with the terrorist group Hamas. Al Thani also founded Al Jazeera, the pro-Muslim Brotherhood television news channel.

Badr Jafar, another current council member, is the son of Hamid Jafar, who founded the biggest private equity firm in the Middle East, North Africa and South Asia. Badr is the CEO of Crescent Enterprises who, with his father Hamid Jafar, engineered an oil exploration partnership between their Emirates-based company, Crescent Petroleum with the Boris Kovalchuk, CEO of the Russian company of Inter Rao UES.

News agencies in the United Arab Emirates hailed the 2010 financial deal between Crescent and Moscow. “Russian state news agencies began their coverage of the recent high-level meeting in Moscow between Crescent officials, the Russian prime minister, Vladimir Putin, and the Iraqi former prime minister Dr Ayad Allawi by linking the names of Hamid Jafar and Mr Putin,” according to the National Business report.

Russian President Vladimir Putin decreed that all shares of Inter Rao UES be transferred to the Russian state-owned atomic energy agency called Rosatom. Kovalchuk is a Kremlin confidant who served as a vice president of Rosatom. Americans know about Rosatom because of its purchase of Uranium One, which was made possible by then Secretary of State Hillary Clinton’s support for the Russian acquisition.

While McMaster was a consultant at IISS the organization was a strong, unwavering supporter of President Obama’s nuclear deal with Iran.

Mark Fitzpatrick, its director for non-proliferation and disarmament was the most outspoken IISS director for the nuclear deal calling it in 2015 a “a potential game changer in many ways, opening a path to better relations with Iran that has been closed for more than 35 years.” Fitzpatrick said the deal “makes it demonstrably less likely Iran will become nuclear-armed now and in the future.”

IISS also entered domestic American politics by defending the Democratic Party during the 2016 presidential campaign. It flatly stated following the release of emails from the Democratic National Committee it “revealed no evidence of significant wrongdoing within the Democratic Party.”

IISS also has been criticized for the secrecy of its activities and its routine denial of visas for reporters seeking to attend its overseas events, particularly its annual event in Bahrain where human right groups accuse the government of silencing critics and keeping journalists away.

BahrainWatch, a human rights group published an investigation in December 2016 claiming that even well known American journalists have been barred from its Bahrain conferences called the “Manama Dialogue.”

“New York Times journalist Nicholas Kristof has openly called for an invitation since 2011, though his media visa was once again rejected last year. Wall Street Journal journalist Yaroslav Trofimov was also denied a visa.

Waurishuk concluded that McMaster’s relationship with IISS raises too many alarms.

“There’s too many red flags that kind of go up,” he said.

Neither IISS Washington nor IISS London returned repeated queries about McMaster.

With Increase in Pentagon Budget, Can U.S. Compete with Russia/China?

WASHINGTON — Hours after Russian President Vladimir Putin claimed his military has successfully tested a hypersonic cruise missile, the head of the Pentagon’s high-tech workshop says the U.S. is on track for a series of hypersonic prototype tests in the coming years, thanks to a big spending increase in the fiscal year 2019 budget request.

Even with that funding boost, Steven Walker, the director of the Pentagon’s DARPA, warned that it is time for America to come to grips with the fact that a national push is needed if the U.S. is to keep pace with competitors in the hypersonic realm.

Hypersonic flight going Mach 5, or five times the speed of sound — has been a dream of military planners for years, for obvious reasons. Any weapon system able to move that quickly would be able to avoid conventional missile and air defenses, and would have benefits both for manned or unmanned systems.

The X-51A Waverider, a U.S. Air Force test program, has successfully shown hypersonic flight is possible. But Russia may have passed the U.S. in this crucial technology. (U.S. Air Force graphic)

“We have lost our technical advantage in hypersonics,” Selva said Jan. 30 at an event hosted by the Defense Writers’ Group. “We haven’t lost the hypersonics fight.”

Whereas both those nations threw a ton of money at developing a specific capability, the U.S. has invested to “come up with a family of hypersonic systems that work without necessarily trying to close all the technology pieces at the front end,” Selva said. “We’re going to start flying these systems in 2019, you’ll see lots of flight tests, and we’re excited that these will be systems that will be very capable that we can use from standoff” range, Walker said. “These are not going to be just flying propulsion concepts through the air.” More here.

***

Michael D. Griffin, the undersecretary of defense for research and engineering, today spoke to more than 500 senior leaders from the U.S. government and defense industry to explore the impact of integrating directed energy capabilities into the national security enterprise at the 2018 Directed Energy Summit at the Ronald Reagan Building and International Trade Center here.

Directed energy weapon systems employ lasers, microwaves and particle beams against enemy targets.

Griffin has been in this arena since the 1980s and worked for the first three directors of the original missile defense agency.

“Directed energy was then in our view an important part of our future portfolio because only directed energy could offer the kind of extended magazine, if you will, the extended range, speed of light delivery of the kill,” Griffin said. “It was the only way that in the long run you could see yourself competing with the threat and coming out on top.”

Directed energy has gone through a lot of evolutions over the years, Griffin added.

Air Force has directed energy weapons; now comes the hard part photo

Superpower Competition

Griffin said there’s a recognition that superpower competition is again on the rise, and the United States must modernize its military if it wants to maintain its position of global preeminence.

“We will not win in a man-to-man fight,” Griffin said. “We have to have the technological leverage. That realization was responsible for the creation of my office, to elevate the role of technology maturation and deployment and I believe it is responsible for the renewed interest in directed energy weapons.”

And, directed energy is more than big lasers, the undersecretary said.

The undersecretary asked his audience to consider directed energy systems such as high-power microwaves, different laser designs and particle beam weapons.

“Each of these systems has its own advantages and each has its own disadvantages,” he said. “We should not lose our way as we come out of the slough of despondence in directed energy into an environment that is more welcoming of our contributions. We should not lose our way with some of the other technologies that were pioneered in the ’80s and early-’90s and now stand available for renewed effort.”

In his capacity as undersecretary for research and engineering, Griffin said he is going to be very welcoming of other approaches that may not have had a lot of focus in recent years or decades.

Directed Energy Venues

There are four venues, he said, in which directed energy can serve: land, air, sea and space.

He urged the audience to not forget that because the technologies are fundamental and can be applied across those domains, all of which are important to them.

The basing strategies, the warfighting tactics, techniques, procedures, the logistics support requirements, the manpower that is needed for support, all of these things are different and are required to be different because of the different venues in which they will have to operate, he added. More here.