New Color-coded Cyber Threats

Remember when the Democrats and lobby groups ridiculed George W. Bush for using a color coded threat matrix? Carry on….

The White House now has a color-coded scale for cyber-security threat

TheVerge:  As the Obama administration nears its final months, the White House has released a framework for handling cyberattacks. The Presidential Policy Directive on United States Cyber Incident Coordination builds on the action plan that Obama laid out earlier this year, and it’s intended to create a clear standard of when and how government agencies will handle incidents. It also comes with a new threat level scale, assigning specific colors and response levels to the danger of a hack.

The cyberattack severity scale is somewhat vague, but it’s supposed to make sure that the agencies involved in cybersecurity — the Department of Justice, Department of Homeland Security, and Office of the Director of National Intelligence — respond to threats with the same level of urgency and investment. A Level One incident is “unlikely to impact public health or safety, national security, economic security, foreign relations, civil liberties, or public confidence,” while a red Level Four one is “likely to result in a significant impact to public health or safety, national security, economic security, foreign relations, or civil liberties.” One final designation — Level Five, or black — covers anything that “poses an imminent threat to the provision of wide-scale critical infrastructure services, national government stability, or to the lives of US persons.”

The upshot of this is that anything at Level Three or above will trigger a coordination effort to address the threat. In addition to the groups above, this effort will include the company, organization, or agency that was attacked.

Cybersecurity is a growing concern, and both Congress and the White House have spent the past several years pushing various frameworks for shoring it up. This includes a series of hotly debated bills that culminated in the Cyber Information Sharing Act, which has raised privacy questions as it’s been put into practice. At the same time, high-profile hacks have led to serious consequences for companies like Sony Pictures, Target, and Ashley Madison. Most recently, an unknown hacker or hackers — potentially linked to Russia — breached the Democratic National Committee’s servers, releasing large numbers of embarrassing documents and emails. This announcement doesn’t tell us exactly how the federal government will handle future cyberattacks, but along with everything else, it does signal that they’re becoming a more and more standard part of the security equation.

*****

From the White House FACT SHEET: Presidential Policy Directive

The PPD builds on these lessons and institutionalizes our cyber incident coordination efforts in numerous respects, including:

  • Establishing clear principles that will govern the Federal government’s activities in cyber incident response;
  • Differentiating between significant cyber incidents and steady-state incidents and applying the PPD’s guidance primarily to significant incidents;
  • Categorizing the government’s activities into specific lines of effort and designating a lead agency for each line of effort in the event of a significant cyber incident;
  • Creating mechanisms to coordinate the Federal government’s response to significant cyber incidents, including a Cyber Unified Coordination Group similar in concept to what is used for incidents with physical effects, and enhanced coordination procedures within individual agencies;
  • Applying these policies and procedures to incidents where a Federal department or agency is the victim; and,
  • Ensuring that our cyber response activities are consistent and integrated with broader national preparedness and incident response policies, such as those implemented through Presidential Policy Directive 8-National Preparedness, so that our response to a cyber incident can seamlessly integrate with actions taken to address physical consequences caused by malicious cyber activity.

We also are releasing today a cyber incident severity schema that establishes a common framework within the Federal government for evaluating and assessing the severity of cyber incidents and will help identify significant cyber incidents to which the PPD’s coordination procedures would apply.

Incident Response Principles

The PPD outlines five principles that will guide the Federal government during any cyber incident response:

  • Shared Responsibility – Individuals, the private sector, and government agencies have a shared vital interest and complementary roles and responsibilities in protecting the Nation from malicious cyber activity and managing cyber incidents and their consequences.
  • Risk-Based Response – The Federal government will determine its response actions and  resource needs based on an assessment of the risks posed to an entity, national security interests, foreign relations, or economy of the United States or to the public confidence, civil liberties, or public health and safety of the American people.
  • Respecting Affected Entities – Federal government responders will safeguard details of the incident, as well as privacy and civil liberties, and sensitive private sector information.
  • Unity of Effort – Whichever Federal agency first becomes aware of a cyber incident will rapidly notify other relevant Federal agencies in order to facilitate a unified Federal response and ensure that the right combination of agencies responds to a particular incident.
  • Enabling Restoration and Recovery – Federal response activities will be conducted in a manner to facilitate restoration and recovery of an entity that has experienced a cyber incident, balancing investigative and national security requirements with the need to return to normal operations as quickly as possible.

Significant Cyber Incidents

While the Federal government will adhere to the five principles in responding to any cyber incident, the PPD’s policies and procedures are aimed at a particular class of cyber incident: significant cyber incidents.  A significant cyber incident is one that either singularly or as part of a group of related incidents is likely to result in demonstrable harm to the national security interests, foreign relations, or economy of the United States or to the public confidence, civil liberties, or public health and safety of the American people.

When a cyber incident occurs, determining its potential severity is critical to ensuring the incident receives the appropriate level of attention.  No two incidents are the same and, particularly at the initial stages, important information, including the nature of the perpetrator, may be unknown.

Therefore, as part of the process of developing the incident response policy, the Administration also developed a common schema for describing the severity of cyber incidents, which can include credible reporting of a cyber threat, observed malicious cyber activity, or both.  The schema establishes a common framework for evaluating and assessing cyber incidents to ensure that all Federal departments and agencies have a common view of the severity of a given incident, the consequent urgency of response efforts, and the need for escalation to senior levels.

The schema describes a cyber incident’s severity from a national perspective, defining six levels, zero through five, in ascending order of severity.  Each level describes the incident’s potential to affect public health or safety, national security, economic security, foreign relations, civil liberties, or public confidence.  An incident that ranks at a level 3 or above on this schema is considered “significant” and will trigger application of the PPD’s coordination mechanisms.

Lines of Effort and Lead Agencies

To establish accountability and enhance clarity, the PPD organizes Federal response activities into three lines of effort and establishes a Federal lead agency for each:

  • Threat response activities include the law enforcement and national security investigation of a cyber incident, including collecting evidence, linking related incidents, gathering intelligence, identifying opportunities for threat pursuit and disruption, and providing attribution.   The Department of Justice, acting through the Federal Bureau of Investigation (FBI) and the National Cyber Investigative Joint Task Force (NCIJTF), will be the Federal lead agency for threat response activities.
  • Asset response activities include providing technical assets and assistance to mitigate vulnerabilities and reducing the impact of the incident, identifying and assessing the risk posed to other entities and mitigating those risks, and providing guidance on how to leverage Federal resources and capabilities.   The Department of Homeland Security (DHS), acting through the National Cybersecurity and Communications Integration Center (NCCIC), will be the Federal lead agency for asset response activities.  The PPD directs DHS to coordinate closely with the relevant Sector-Specific Agency, which will depend on what kind of organization is affected by the incident.
  • Intelligence Support and related activities include intelligence collection in support of investigative activities, and integrated analysis of threat trends and events to build situational awareness and to identify knowledge gaps, as well as the ability to degrade or mitigate adversary threat capabilities.  The Office of the Director of National Intelligence, through the Cyber Threat Intelligence Integration Center, will be the Federal lead agency for intelligence support and related activities.

In addition to these lines of effort, a victim will undertake a wide variety of response activities in order to maintain business or operational continuity in the event of a cyber incident.  We recognize that for the victim, these activities may well be the most important.  Such efforts can include communications with customers and the workforce; engagement with stakeholders, regulators, or oversight bodies; and recovery and reconstitution efforts.   When a Federal agency is a victim of a significant cyber incident, that agency will be the lead for this fourth line of effort.  In the case of a private victim, the Federal government typically will not play a role in this line of effort, but will remain cognizant of the victim’s response activities consistent with these principles and coordinate with the victim.

Coordination Architecture

In order to facilitate the more coordinated, integrated response demanded by significant cyber incidents, the PPD establishes a three-tiered coordination architecture for handling those incidents:

National Policy Level:  The PPD institutionalizes the National Security Council-chaired interagency Cyber Response Group (CRG).  The CRG will coordinate the development and implementation of United States Government policy and strategy with respect to significant cyber incidents affecting the United States or its interests abroad.

National Operational Level:  The PPD directs agencies to take two actions at the national operational level in the event of a significant cyber incident.

  • Activate enhanced internal coordination procedures.  The PPD instructs agencies that regularly participate in the Cyber Response Group to develop these procedures to ensure that they can surge effectively when confronted with an incident that exceeds their day-to-day operational capacity.
  • Create a Unified Coordination Group.  In the event of a significant cyber incident, the PPD provides that the lead agencies for each line of effort, along with relevant Sector-Specific Agencies (SSAs), state, local, tribal and territorial governments, international counterparts, and private sector entities, will form a Cyber Unified Coordination Group (UCG) to coordinate response activities.  The Cyber UCG shall coordinate the development, prioritization, and execution of cyber response efforts, facilitate rapid information sharing among UCG members, and coordinate communications with stakeholders, including the victim entity.

Field Level:  The PPD directs the lead agencies for each line of effort to coordinate their interaction with each other and with the affected entity.

Integration with Existing Response Policy

The PPD also integrates U.S. cyber incident coordination policy with key aspects of existing Federal preparedness policy to ensure that the Nation will be ready to manage incidents that include both cyber and physical effects, such as a significant power outage resulting from malicious cyber activity.  The PPD will be implemented by the Federal government consistent with existing preparedness and response efforts.

Implementation tasks

The PPD also directs several follow-on tasks in order to ensure its full implementation.  In particular, it requires that the Administration develop and finalize the National Cyber Incident Response Plan – in coordination with State, Local, Territorial, and Tribal governments, the private sector, and the public – to further detail how the government will manage cyber incidents affecting critical infrastructure.  It also directs DHS and DOJ to develop a concept of operations for how a Cyber UCG will operate and for the NSC to update the charter for the CRG.

Refugee Resettlement Agency Courtesy of Clinton/Obama Appointees

Revolving Door Sends Millions to Refugee Resettlement Agency Run by Former Clinton and Obama Appointees

A revolving door in the Democratic administrations of Bill Clinton and Barack Obama has sent millions of dollars in federal funding to the U.S. Committee for Refugees and Immigrants [USCRI], which is led by two former directors of the Office of Refugee Resettlement [ORR], the federal office that selects the voluntary agencies [VOLAGs] who get lucrative federal contracts to resettle refugees.

Breitbart: President Bill Clinton appointed Lavinia Limon as director of ORR in 1993, a position she held until the end of his administration. After a brief interlude at the Center for New American Communities, a project of the left-leaning National Immigration Forum, Limon was named executive director of USCRI in August 2001, a position she still holds.

In 2009, President Barack Obama appointed Eskinder Negash, an Eritrean refugee on Limon’s USCRI staff, as director of ORR. When Negash resigned abruptly in December 2014, he went back to USCRI, where he now serves as Vice President of Global Development.

Revenues at USCRI, his once and future employer,  increased significantly while Negash served as director of the ORR. In FY 2006, USCRI revenues were $19 million. By 2015, they had grown to $50 million, more than 90 percent of which came from “government grants.”

ORR’s budget grew from $492 million in FY 2006 to $1.5 billion in 2014.

During his tenure at ORR, Negash’s performance was spotty at best, particularly with regards to his failure to provide Congress with the statutorily required annual reports in a timely manner. As Ann Corcoran wrote at Refugee Resettlement Watch back in 2012, three years after Negash’s arrival:

The Office of Refugee Resettlement (ORR), is in complete disarray as regards its legally mandated requirement to report to Congress every year on how refugees are doing and where the millions of tax dollars are going that run the program. The last (and most recent) annual report to be sent to Congress is the 2008 report—so they are out of compliance for fiscal years 2009, 2010 and 2011. . . (The lack of reports for recent years signals either bureaucratic incompetence and disregard for the law, or, causes one to wonder if there is something ORR is hiding.)

To replace Negash as director of ORR, Obama selected another VOLAG executive, Bob Carey, Vice President of Resettlement and Migration Policy at the International Rescue Committee and “chair of Refugee Council USA, a coalition of NGOs working on issues affecting refugees, asylum seekers, displaced persons, victims of trafficking and victims of torture,” the Resettlement Industry’s Lobbying Group.

The twenty members of Refugee Council USA include all of the top VOLAGs whose main source of revenue comes from ORR grants, including Church World Service/Immigration and Refugee Program, Episcopal Migration Ministries, Ethiopian Community Development Council, HIAS, International Catholic Migration Commission, International Rescue Committee, Lutheran Immigration and Refugee Service, U.S. Conference of Catholic Bishops/Migration & Refugee Services, U.S. Committee for Refugees and Immigrants, and World Relief.

Now the same lobbying group that Carey once chaired, Refugees Council USA, recently announced it wants to more than double the number of refugees allowed in to the United States in 2017—to 200,000, from approximately 70,000 in FY 2015 and an Obama administration “targeted level” of 85,000 in FY 2016, with much of the increase driven by the hasty push to admit 10,000 Syrian refugees this year.

The budget impact of such an increase would be enormous, possibly doubling ORR expenditures from $1.5 billion in FY 2014 to $3 billion or more in FY 2017.

The International Rescue Committee, whose CEO is the former United Kingdom Foreign Secretary David Miliband, had  worldwide revenues in 2015 of  $691 million, a $138 million increase from its $563 million revenues in 2014.

Most of that revenue (82 percent in 2015—or $572 million) came from “grants and contracts,” most from governments and related agencies around the world, including the federal government of the United States.

Related reading: Kerry: US to accept 85,000 refugees in 2016, 100,000 in 2017

In contrast to the Bill Clinton and Barack Obama administrations, George W. Bush’s two appointed directors of ORR, Nguyen Van Nah and Martha E. Newton, did not participate in the revolving door back to lucrative employment at the VOLAGs they oversaw after they left ORR.

Van Nah, director from 2001 to 2006, became a professor of economics at Sacramento State University in California when he left ORR.

Newton, who succeeded Van Nah, went from ORR to become a consultant at her own firm, Health Strategies LLC.

Democratic appointees Limon, Negash, and Carey have worked tirelessly to expand both the budget of ORR and the party’s far-left, pro-refugee agenda.

It was during Limon’s tenure that the “Wilson Fish alternative program”was used as justification, without the corresponding statutory authority, to hire VOLAGS to operate resettlement programs in states that withdrew from the federal program. The enabling legislation made no mention of such a provision, but Limon and her colleagues pushed it through the HHS regulatory process without much public fanfare.

Related reading: Clinton Says Taking in Refugees Is ‘Who We Are as Americans’

Currently, several USCRI operations–in Twin Falls, Idaho and Lowell, Massachusetts, for instance–are funded by ORR through this statutorily questionable Wilson Fish alternative program mechanism.

It was also during Limon’s tenure at ORR that the mix of nations of origin for refugees shifted dramatically.

In 1992, the year before Limon was named ORR director, the Near East Asia countries of Afghanistan, Iraq, and Iran, and the African countries of Angola, Burundi, Congo, Ethiopia,Liberia, Libya, Nigeria, Rwanda, Sierra Leone, Somalia, Sudan, and Uganda —many of them majority Muslim—accounted for only nine percent of all resettled refugees.

But by 2001, Limon’s last year at the helm of ORR, these African and and Near East Asia countries accounted for 46 percent of all resettled refugees.

Operationally, USCRI has had its share of problems under Limon’s leadership.

In 2008, before Negash was named ORR director, USCRI’s Waterbury, Connecticut field office had its resettlement contract there canceled:

The State Department has canceled its contract with the agency responsible for resettling 64 Burmese refugees to Waterbury. In response, Connecticut’s congressional delegation has sent a letter of protest to the state department, asking it to give the International Institute of Connecticut more time to settle its problems.

This follows months of reports of poor housing, fractious relationships with volunteers, missed immunizations for students and insufficient assistance with daily tasks. The State Department brought the refugees here to escape the tyranny in their native Myanmar.

“I’ve heard of agencies being under investigation and there being a threat of canceling a contract, but this is the first time I’ve known about a particular case being canceled,” said Stephanie J. Nawyn, a sociologist at Michigan State University who studies resettlement. “I do think this is unusual.”

In Lowell, Massachusetts last month, a 13-year-old girl was allegedly sexually harassed by a recently arrived Syrian refugee:

A 22-year-old Syrian refugee is behind bars after only two months in the United States after he was accused Thursday night of inappropriately touching a 13-year-old girl at a state-run swimming pool in Lowell.

In Twin Falls, Idaho, USCRI’s local subcontractor, the College of Southern Idaho, is dealing with a national controversy involving three refugees and the sexual assault of a five-year-old girl.

Chobani Yogurt, the company that owns and operates the largest yogurt manufacturing facility in the world in Twin Falls, thanks in part to $54 million in federal and state grants, relies heavily on refugees brought in by USCRI and the College of Southern Idaho as employees. In 2015, CNN reported that 600 of the company’s 2,000 employees are refugees.

Even the far-left Michelle Goldberg, reporting at Slate, concedes, “There had been an incident involving three boys, ages 7, 10, and 14, and a mentally disabled 5-year-old girl [in Twin Falls].”

[Twin Falls county prosecutor Grant] Loebs described it to me as a “very serious felony.” On June 2, an 89-year-old neighbor discovered the children in the laundry room at the Fawnbrook Apartments, a low-income housing complex. The youngest boy is from Iraq while the older ones, brothers, are from an Eritrean family that passed through Sudanese refugee camps. (Most news reports have identified the older boys as Sudanese.) Only the youngest boy, Loebs said, is alleged to have touched the girl, though investigators suspect the 10-year-old might have as well; the elder boys reportedly made a video.

Because everyone involved in the case is a minor, the records were sealed. Nevertheless, on the evening of June 20, Twin Falls Police Chief Craig Kingsbury appeared at the weekly City Council meeting to update the anxious public as best he could. He announced that police had arrested the two older boys the previous Friday and that they were being held in juvenile detention. (Loebs later told me that the 7-year-old was also charged with a felony but wasn’t taken into custody because of his age.)

Despite these operational problems, Limon’s hold on the reins of USCRI appears to be secure.

Her job security, as well as her status within the politically powerful refugee resettlement industry, is undoubtedly enhanced by her ties with the Clinton and Obama administrations, which run long and deep.

In 2015, Limon attended an event sponsored by the Clinton Global Initiative, where she served on the same panel as Hamdi Ulukaya, the founder and CEO of Chobani Yogurt.

Limon appears to have done well from her life time career advancing refugee rights.

A 1972 graduate of the University of California at Berkeley, with a degree in sociology, Limon served as director of the International Institute of Los Angeles prior to being picked by Bill Clinton to head up the ORR in 1993.

In 2012, the last year for which such data is readily available, Limon received over $289,000 in compensation for her job as executive director of USCRI.

Peter Limon, who appears to be Limon’s brother, is also employed by USCRI as director of Business Development.

Prison Uprising Planned for August/ BGF

Warning issued for prison guards, officers about possible attacks from ‘Black Guerilla Family’

A previous version of this story incorrectly identified Jerry Elster as a former member of BGF. We regret the error. He currently works as the Healing Justice Coordinator for American Friends, a Quaker organization devoted to service, development and peace programs throughout the world.

An urgent bulletin is going out to law enforcement Wednesday, warning of a new threat of attacks against officers on the street and in prisons.
It has to do with what’s called Black August.
I-Team Reporter Dan Noyes has a source in law enforcement that leaked the bulletin to him. He wants you to understand the potential dangers officers are facing. In his words, when it hits the fan, you’ll know the reason why.

The Federal Bureau of Prisons, Sacramento Intelligence Unit and the FBI’s National Gang Intelligence Center have issued a bulletin to law enforcement, warning of increased risk for violence during Black August.

The prison gang Black Guerilla Family or BGF started Black August in the 1970’s as a month to honor fallen members.

One of the biggest, Hugo Pinell served 46 years in solitary confinement after a San Francisco rape conviction, after killing a prison guard, and slashing the throats of two other guards who survived during an escape attempt in 1971.

Former San Quentin inmate Jerry Elster remembers Pinell as a freedom fighter. “When I went to prison at 20 years old, there was somebody there to remind me not to compromise my integrity,” Elster said.

Last summer, just 12 days after corrections finally released Pinell from solitary, he was stabbed to death in a riot at state prison Sacramento.

The bulletin says the Black Guerilla Family believes state prisons worked with the Aryan Brotherhood to Kill Pinell.

 Picture

At the very least, Elster believes the state had a duty to protect Pinell. “I mean, it’s only those who are charged with authority and protection, of protecting and housing of Hugo Pinell who have to bear that responsibility,” Elster said.

The bulletin warns an inmate source: “Claims the BGF has a 2-for-1 kill policy.” That the BGF is “going to kill correctional officers and Aryan Brotherhood gang members to send a firm message. And the attacks will occur across the country, not just in California, and will likely occur during the BGF’s memorial celebration of Black August.

The Bureau of Prisons and the FBI declined to comment for this report, so I showed the bulletin to retired FBI special agent Rick Smith. “I think it’s serious. They put that bulletin out, they don’t want to be caught with something happening with the information they have and not disseminating it,” he said.

Also included in the bulletin is the FBI’s Baltimore office reports, “BGF members reportedly discussed how they could ambush law enforcement officers who were parked in alleys or side streets.”

 Related reading: The Black Book in .pdf

It also mentions the San Francisco Bay View newspaper for publishing articles, “suggesting California Department of Corrections and Rehabilitation responsibility for Pinell’s murder, and promoting Black August celebrations as a platform for action.”

Bay View editor Mary Ratcliff is surprised her newspaper is named in the bulletin, but is worried about the message. “This statement from the department of justice puts black people in danger,” Ratcliff said. “Because it is promoting the idea that there is a war going on between black people and law enforcement.”

The bulletin also includes a drawing from the newspaper by a BGF member, showing the logo and a gorilla eating a pig.

Ratcliff downplays the reference to violence against police officers. “A depiction like that is a release, it’s yeah, go for it, that’s how I feel. Now, I don’t have to do it,” she said.

Smith from the FBI tells me this bulletin does not come as news to officers, in prison or on the streets. They know how dangerous their jobs have become. This is yet another heads up.

*****

Gang Profile

Picture

Symbols: Crossed sabers, machetes, rifles with the letters BGF, 276, a horned dragon wrapped around a prison tower
Ranking structure: Paramilitary
Territory: California and selected areas around the United States
Alliances: Nuestra Familia, Crips and Bloods
Members: 9,000
Racial make up: Black
Threat: High

The Black Guerrilla Family (BGF)  prison gang, founded in 1966 in the San Quieten State Prison in California. The BGF was founded by George Lester Jackson, W.L. Nolen, David Johnson, James Carr, and other black convicts in the state prison at the time. This gang has become not only active in California but Maryland as well. BGF members are very influential within the prison system and are known to recruit correction facility staff to aid them in their illegal activities.

Black Guerrilla Family Oath

If I should ever break my stride, or falter at my comrade’s side, this oath will kill me
If my word should ever prove untrue, should I betray the chosen few, this oath will kill me
If I submit to greed or lust or misuse the people’s trust, this oath will kill me
Should I be slow to take a stand or show fear of an man, this oath will kill me
If I grow lax in discipline, in time of strife refuse my hand, this oath will kill me
Long live the spirit of George Jackson, long live the spirit of the Black Guerrilla Family

Passionatepolka, TreasureMap and FLATLIQUID?

I read one of his books several years ago….

The summary below is not classified material. The Intelligence Community  including the NSA has declassified a lot of material such as:

Chinese Cyber Espionage in the U.S.

August 10, 2015

China Read Emails of Top U.S. Officials – NBC News

NSA slide showing China hacking units

Commentary: The world’s best cyber army doesn’t belong to Russia

by: Bamford

Reuters: National attention is focused on Russian eavesdroppers’ possible targeting of U.S. presidential candidates and the Democratic Congressional Campaign Committee. Yet, leaked top-secret National Security Agency documents show that the Obama administration has long been involved in major bugging operations against the election campaigns — and the presidents — of even its closest allies.

The United States is, by far, the world’s most aggressive nation when it comes to cyberspying and cyberwarfare. The National Security Agency has been eavesdropping on foreign cities, politicians, elections and entire countries since it first turned on its receivers in 1952. Just as other countries, including Russia, attempt to do to the United States. What is new is a country leaking the intercepts back to the public of the target nation through a middleperson.

There is a strange irony in this. Russia, if it is actually involved in the hacking of the computers of the Democratic National Committee, could be attempting to influence a U.S. election by leaking to the American public the falsehoods of its leaders. This is a tactic Washington used against the Soviet Union and other countries during the Cold War.

In the 1950s, for example, President Harry S Truman created the Campaign of Truth to reveal to the Russian people the “Big Lies” of their government. Washington had often discovered these lies through eavesdropping and other espionage.

Today, the United States has morphed from a Cold War, and in some cases a hot war, into a cyberwar, with computer coding replacing bullets and bombs. Yet the American public manages to be “shocked, shocked” that a foreign country would attempt to conduct cyberespionage on the United States.

NSA operations have, for example, recently delved into elections in Mexico,  targeting its last presidential campaign. According to a top-secret PowerPoint presentation leaked by former NSA contract employee Edward Snowden, the operation involved a “surge effort against one of Mexico’s leading presidential candidates, Enrique Peña Nieto, and nine of his close associates.” Peña won that election and is now Mexico’s president.

The NSA identified Peña’s cellphone and those of his associates using advanced software that can filter out specific phones from the swarm around the candidate. These lines were then targeted. The technology, one NSA analyst noted, “might find a needle in a haystack.” The analyst described it as “a repeatable and efficient” process.

The eavesdroppers also succeeded in intercepting 85,489 text messages, a Der Spiegel article noted.

Another NSA operation, begun in May 2010 and codenamed FLATLIQUID, targeted Pena’s predecessor, President Felipe Calderon. The NSA, the documents revealed, was able “to gain first-ever access to President Felipe Calderon’s public email account.”

At the same time, members of a highly secret joint NSA/CIA organization, called the Special Collection Service, are based in the U.S. embassy in Mexico City and other U.S. embassies around the world. It targets local government communications, as well as foreign embassies nearby. For Mexico, additional eavesdropping, and much of the analysis, is conducted by NSA Texas, a large listening post in San Antonio that focuses on the Caribbean, Central America and South America.

Unlike the Defense Department’s Pentagon, the headquarters of the cyberspies fills an entire secret city. Located in Fort Meade, Maryland, halfway between Washington and Baltimore, Maryland, NSA’s headquarters consists of scores of heavily guarded buildings. The site even boasts its own police force and post office.

And it is about to grow considerably bigger, now that the NSA cyberspies have merged with the cyberwarriors of U.S. Cyber Command, which controls its own Cyber Army, Cyber Navy, Cyber Air Force and Cyber Marine Corps, all armed with state-of-the-art cyberweapons. In charge of it all is a four-star admiral, Michael S. Rogers.

Now under construction inside NSA’s secret city, Cyber Command’s new $3.2- billion headquarters is to include 14 buildings, 11 parking garages and an enormous cyberbrain — a 600,000-square-foot, $896.5-million supercomputer facility that will eat up an enormous amount of power, about 60 megawatts. This is enough electricity to power a city of more than 40,000 homes.

In 2014, for a cover story in Wired and a PBS documentary, I spent three days in Moscow with Snowden, whose last NSA job was as a contract cyberwarrior. I was also granted rare access to his archive of documents. “Cyber Command itself has always been branded in a sort of misleading way from its very inception,” Snowden told me. “It’s an attack agency. … It’s all about computer-network attack and computer-network exploitation at Cyber Command.”

The idea is to turn the Internet from a worldwide web of information into a global battlefield for war. “The next major conflict will start in cyberspace,” says one of the secret NSA documents. One key phrase within Cyber Command documents is “Information Dominance.”

The Cyber Navy, for example, calls itself the Information Dominance Corps. The Cyber Army is providing frontline troops with the option of requesting “cyberfire support” from Cyber Command, in much the same way it requests air and artillery support. And the Cyber Air Force is pledged to “dominate cyberspace” just as “today we dominate air and space.”

Among the tools at their disposal is one called Passionatepolka, designed to “remotely brick network cards.” “Bricking” a computer means destroying it – turning it into a brick.

One such situation took place in war-torn Syria in 2012, according to Snowden, when the NSA attempted to remotely and secretly install an “exploit,” or bug, into the computer system of a major Internet provider. This was expected to provide access to email and other Internet traffic across much of Syria. But something went wrong. Instead, the computers were bricked. It took down the Internet across the country for a period of time.

While Cyber Command executes attacks, the National Security Agency seems more interested in tracking virtually everyone connected to the Internet, according to the documents.

One top-secret operation, code-named TreasureMap, is designed to have a “capability for building a near real-time interactive map of the global Internet. … Any device, anywhere, all the time.” Another operation, codenamed Turbine, involves secretly placing “millions of implants” — malware — in computer systems worldwide for either spying or cyberattacks.

Yet, even as the U.S. government continues building robust eavesdropping and attack systems, it looks like there has been far less focus on security at home. One benefit of the cyber-theft of the Democratic National Committee emails might be that it helps open a public dialogue about the dangerous potential of cyberwarfare. This is long overdue. The possible security problems for the U.S. presidential election in November are already being discussed.

Yet there can never be a useful discussion on the topic if the Obama administration continues to point fingers at other countries without admitting that Washington is engaged heavily in cyberspying and cyberwarfare.

In fact, the United States is the only country ever to launch an actual cyberwar — when the Obama administration used a cyberattack to destroy thousands of centrifuges, used for nuclear enrichment, in Iran. This was an illegal act of war, according to the Defense Department’s own definition.

Given the news reports that many more DNC emails are waiting to be leaked as the presidential election draws closer, there will likely be many more reminders of the need for a public dialogue on cybersecurity and cyberwarfare before November.

 

(James Bamford is the author of The Shadow Factory: The Ultra-Secret NSA From 9/11 to the Eavesdropping on America. He is a columnist for Foreign Policy magazine.)

Russia IS in Ukraine and Planning Another Offensive

Militants preparing offensive at Svitlodarsk bridgehead: Ukraine intelligence Militants are preparing for combat operations in the Donetsk and Slaviansk directions, the Main Directorate of Intelligence of Ukraine’s Defense Ministry wrote on Facebook.

Pro-Russian rebels in eastern Ukraine accuse government soldiers of launching a new offensive near a prized but obliterated airport in the separatists’ de facto capital of Donetsk.

“The intelligence service has detected signs of enemy preparations for combat operations in the Donetsk and Slaviansk directions (Svitlodarsk bridgehead). From August 4 to 8, there is threat of an intensified offensive or raid actions to expand controlled areas,” the report read.

Read also: Donbas militants keep tanks, Grad launchers near Makiyivka, Donetsk – intel

The militants also continue to conduct reconnaissance. In particular, the intelligence service spotted a reconnaissance group of the 9th separate Assault Marine Regiment (Novoazovsk) of the 1st Armed Corps (Donetsk) of the Russian Armed Forces. Sabotage and reconnaissance groups are also scheduled to make an appearance in the following settlements: Maiorsk, Zaitseve, Avdiyivka and Opytne, as well as Pisky, Krasnohorivka and Maryinka. In addition, the intelligence service has reported the arrival of railway cargo from the territory of the Russian Federation to Ilovaisk, comprising two railcars filled with anti-tank and anti-personnel mines, six railcars with ammunition, one railcar with medicines and another one with the uniforms. More here. 
******

Russia has been and is paying special attention to Ukraine. This was the case during tsarist and Soviet times. This is the case now. Consequently, Ukraine has been widely infiltrated by Russian agents, who help their “brotherly neighbors” direct the course of the Ukrainian state into the pro-Russian channel. These agents of influence are not only the Russian mass-media, like the Russian Vesti media conglomerate, the Opposition  Bloc Party, the Ukrainian Choice organization (pro-Russian group created by Putin’s crony Viktor Medvedchuk — Ed.), the numerous parishes of the Moscow Patriarchate, and the Russian business structures that continue to operate in Ukraine. Russian agents have even infiltrated the structures that display their pro-Ukrainian orientation.

Putin’s “Brusilov Offensive” is based on isolating Ukraine from the West on the one hand and destabilizing Ukraine on the other. He has already accomplished portions of the plan; he may yet accomplish others. But we alone will determine to what extent we will resist this “offensive” and if we have enough endurance and the ability to be guided by cold reason. Read more here.