Last week, the Immigration Reform Law Institute (IRLI) revealed massive identity fraud by illegal aliens in the United States, potentially affecting nearly 40 million Americans.
In April of this year, IRLI filed a Freedom of Information Act (FOIA) lawsuit against the Social Security Administration (SSA) seeking records related to the Obama-era decision to halt sending “no-match” letters to employers. According to the Justice Department’s website, a “no-match” letter is a “written notice issued by the SSA to an employer, usually in response to an employee wage report, advising that the name or Social Security number (SSN) reported by the employer for one or more employees does not “match” a name or SSN combination reflected in SSA’s records.” The long-held practice of sending the letters had been used to prevent fraud through the use of stolen SSN data by illegal aliens and other criminals.
Days after former President Obama implemented the Deferred Action for Childhood Arrivals (DACA) amnesty program, his administration announced the decision to stop sending “no-match” letters to employers. This decision led to a thriving SSN black market where illegal aliens are drawn to obtain an American’s information for employment. The SSN of children have proven to be especially valuable as they can be used undetected for years. However, when these children reach adulthood and begin to apply for college, car loans, credit cards, or other needs, many learn they have criminal records attached to their identities.
Specifically, IRLI’s investigation uncovered that from 2012 to 2016, there were a whopping 39 million instances where names and SSNs on W-2 tax forms did not match the legitimate Social Security records. Additionally, over $409 billion was added to the Earnings Suspense File (ESF), which holds any uncredited wages that cannot be correctly matched in the SSA’s database.
Previously, the SSA has estimated that seventy-five percent of illegal aliens possess a SSN— either one stolen from an American citizen, or legal resident, or one that has been made up entirely. Not only is this practice troublesome from an immigration law standpoint, but can actually be quite problematic for Americans, or legal residents, who have their SSNs stolen. In addition to receiving Internal Revenue Service (IRS) letters and audits accusing them of having income they are not claiming or having their benefits blocked, reconciling a compromised identifier is estimated to cost thousands of dollars and take years of effort.
The Trump administration did announce this summer that it would begin resuming notice letters to employers and third-part providers informing them of any mismatches. However, it is truly up to Congress to rectify this situation for all parties involved.
In July, House Judiciary Committee Chairman Bob Goodlatte (R-VA) introduced the bipartisan AG and Legal Workforce Act (H.R. 6417) – legislation that would mandate E-Verify, the effective web-based program that ensures a legal workforce. Furthermore, the legislation would protect against identity theft by requiring the Social Security Commissioner to notify individuals whose SSN demonstrates a pattern of unusual use; as well as assist Americans who believe their identity may have been stolen or used fraudulently.
Congress is required to protect American citizens and their interests above all else. It would be shrewd for them to remember that before the November midterms.
Meanwhile:
The Trump administration will admit no more than 30,000 refugees to the U.S. in the coming year, Secretary of State Mike Pompeo said, down from the current cap of 45,000.
Pompeo announced the lowered ceiling during a press conference Monday at the Department of State headquarters in Foggy Bottom.
Pompeo said the 30,000 cap “must be considered in the context of the many other forms of protection and assistance offered by the United States” and should not be “sole barometer” to measure the country’s humanitarian efforts.
The hawkish turn demonstrates President Donald Trump’s willingness to push hard-line immigration policies in the run-up to the November midterm elections — even after his controversial “zero tolerance” border enforcement policy led to thousands of family separations and a court order to reunify parents and children.
Category Archives: Treasury
N Korean, Park Jin hyok Charged with Global Cyber Attacks
U.S. CHARGES NORTH KOREAN HACKER
Federal prosecutors charged a North Korean man, Park Jin-hyok, with crimes in connection with a series of costly cyberattacks around the globe, including the WannaCry ransomware attack in 2018, the heist of Bangladesh’s central bank in 2017, and the hack of Sony Pictures in 2014. It is the first time the Justice Department has explicitly charged a North Korean hacker backed by the government. Park was allegedly working as a programmer for a North Korean front company in China called Chosun Expo, which had ties to North Korea’s military intelligence.
Legal analysts say the complaint is the most detailed public accounting yet of North Korea’s cyberattacks against foreign adversaries. The Justice Department has now brought hacking-related charges against North Korea, China, Iran, and Russia. (WSJ, NYT, Reuters, DOJ)
Park Jin Hyok, named by officials as a member of the so-called Lazarus Group hacking team behind last year’s WannaCry global ransomware attack and the 2014 digital attack on Sony, apparently used not only advanced technology, but elaborate reconnaissance work to digitally steal money and sensitive information.
First, Park would obtain a number of email addresses of people affiliated with target businesses from traders dealing in large amounts of personal information. Then he would use the emails to gain an understanding of company employees’ fields of interest and personal relationships.
That would let him craft emails that could pass as genuine messages from major companies in content and style, a tactic known as spear phishing. After spending some time building trust, he would send the malicious links to websites that would infect a target’s computer.
In one case, Park apparently masqueraded as a human resources official at a U.S. defense-linked company to exchange messages with workers at one of the company’s competitors.
Last week’s charges were said to be the first in years against a North Korean hacker related to high-profile attacks linked to the state. The attack on Sony came as the company was preparing to release a movie called “The Interview,” which depicted the assassination of a character resembling North Korean leader Kim Jong Un. The group also allegedly stole $81 million from the central bank of Bangladesh in 2016.
A North Korean suspect is wanted by U.S. authorities on suspicion of hacking. (Courtesy of the U.S. Federal Bureau of Investigation)
“We stand with our partners to name the North Korean government as the force behind this destructive global cyber campaign,” Christopher Wray, director of the Federal Bureau of Investigation, said in a statement on Sept. 6.
The U.S. Treasury also imposed sanctions on Park and a Chinese business he was affiliated with. “We will not allow North Korea to undermine global cybersecurity to advance its interests and generate illicit revenues in violation of our sanctions,” Treasury Secretary Steven Mnuchin said in his own statement.
Under Kim, the North has consolidated its cyber forces under its Reconnaissance General Bureau, which handles overseas spying. The state has a team of 6,800, according to the South Korean government, and is counted as one of the five cyber powers along with the U.S., Russia, China and Israel.
The core of cyber operations is a team known as “Bureau 121,” established in 1998 by Kim’s father, then-leader Kim Jong Il. Bureau 121 is known for its willingness to commit crimes for the sake of bringing in cash.
“The technology behind North Korea’s cybercrimes is some of the most advanced in the world,” said a source with the U.S. State Department.
Governments and businesses around the world are hurrying to guard themselves from the North’s attacks even as its methods grow more sophisticated. Further cooperation between countries’ cyberdefense authorities may be key to finding effective solutions.
British Airways: The airline said a “very sophisticated” hacker stole credit card details of hundreds of thousands of its customers in recent days. Anyone who lost out financially as a result of the breach would be compensated, BA officials said. (Reuters)
JPMorgan Hacker: A Russian man, Andrei Tyurin, has been extradited by Georgia to the United States on charges that he participated in the 2014 hack of JPMorgan Chase and other U.S. companies. (Reuters)
2 Iranians Indicted for Conducting Surveillance in Chicago
Two Individuals Charged for Acting as Illegal Agents of the Government of Iran
An indictment was returned today charging Ahmadreza Mohammadi-Doostdar, 38, a dual U.S.-Iranian citizen, and Majid Ghorbani, 59, an Iranian citizen and resident of California, with allegedly acting on behalf of the government of the Islamic Republic of Iran by conducting covert surveillance of Israeli and Jewish facilities in the United States, and collecting identifying information about American citizens and U.S. nationals who are members of the group Mujahedin-e Khalq (MEK).
The charges were announced by Assistant Attorney General for National Security John Demers, U.S. Attorney Jessie K. Liu for the District of Columbia, and Acting Executive Assistant Director Michael McGarrity of the FBI’s National Security Branch.
“The National Security Division is committed to protecting the United States from individuals within our country who unlawfully act on behalf of hostile foreign nations,” said Assistant Attorney General Demers. “Doostdar and Ghorbani are alleged to have acted on behalf of Iran, including by conducting surveillance of political opponents and engaging in other activities that could put Americans at risk. With their arrest and these charges, we are seeking to hold the defendants accountable.”
“This indictment demonstrates the commitment of the Department of Justice to hold accountable agents of foreign governments who act illegally within the United States, especially where those agents are conducting surveillance of individuals and Constitutionally-protected activities in this country,” said Jessie K. Liu, United States Attorney for the District of Columbia.
“This alleged activity demonstrates a continued interest in targeting the United States, as well as potential opposition groups located in the United States,” said Acting Executive Assistant Director McGarrity. “The FBI will continue to identify and disrupt those individuals who seek to engage in unlawful activity, on behalf of Iran, on US soil.”
The indictment charged Doostdar and Ghorbani with knowingly acting as agents of the government of Iran without prior notification to the Attorney General, providing services to Iran in violation of U.S. sanctions, and conspiracy. Both defendants were arrested on Aug. 9, pursuant to criminal complaints issued by the U.S. District Court for the District of Columbia. Those complaints were unsealed today.
According to the indictment, in or about July 2017, Doostdar traveled to the United States from Iran in order to collect intelligence information about entities and individuals considered by the government of Iran to be enemies of that regime, including Israeli and Jewish interests, and individuals associated with the MEK, a group that advocates the overthrow of the current Iranian government.
On or about July 21, 2017, Doostdar is alleged to have conducted surveillance of the Rohr Chabad House, a Jewish institution located in Chicago, including photographing the security features surrounding the facility.
On or about Sept. 20, 2017, Ghorbani is alleged to have attended a MEK rally in New York City, during which he photographed individuals participating in the protest against the current Iranian regime. In or about December 2017, Doostdar returned to the United States from Iran and made contact with Ghorbani in the Los Angeles area. During the meeting, Doostdar paid Ghorbani approximately $2,000 in cash and Ghorbani delivered to him 28 photographs taken at the September 2017 MEK rally, many of which contained hand-written annotations identifying the individuals who appeared in the photos. These photographs, along with a hand-written receipt for $2000, were found concealed in Doostdar’s luggage as he transited a U.S. airport on his return to Iran in December 2017.
The indictment also alleges that Ghorbani traveled to Iran in or about March 2018, after informing Doostdar that he would be going to Iran to conduct an “in-person briefing.” Thereafter, on or about May 4, Ghorbani attended the MEK-affiliated 2018 Iran Freedom Convention for Human Rights in Washington, D.C. During the course of the conference, Ghorbani appeared to photograph certain speakers and attendees, which included delegations from across the United States. On May 14, Doostdar called Ghorbani to discuss clandestine methods Ghorbani should use in order to provide this information to Iran.
Ghorbani is scheduled to appear for a detention hearing in the U.S. District Court for the District of Columbia at 9:30 a.m. on Tuesday, Aug. 21, before the Honorable G. Michael Harvey.
The charges in an indictment are merely allegations, and every defendant is presumed innocent unless and until proven guilty beyond a reasonable doubt. The maximum penalty for conspiracy is five years; the maximum penalty for acting as an agent of a foreign power is ten years; and the maximum penalty for a violation of the International Emergency Economic Powers Act is 20 years. The maximum statutory sentence is prescribed by Congress and is provided here for informational purposes. If convicted of any offense, a defendant’s sentence will be determined by the court based on the advisory Sentencing Guidelines and other statutory factors.
The investigation into this matter was conducted by the FBI’s Washington Field Office and Los Angeles Field Office. The case is being prosecuted by the National Security Section of the U.S. Attorney’s Office for the District of Columbia and the Counterintelligence and Export Control Section of the National Security Division of the Department of Justice.
Turkey is Holding Pastor Brunson Because of a Bank
Pastor Andrew Brunson faces life in prison in Turkey for fraudulent charges of supporting a terror organization and political espionage. Brunson has lived in Turkey for 23 years. He even filed an application to renew his visa application in October of 2016. More details here.
Meanwhile, as the Turkish currency tanked due to sanctions and trade issues, the lira value held for about a week until investors got in the game due to interest and enticements by the Turkish Finance Minister and President Erdogan.
So, what is the reason for detaining and the charges on the Pastor? Seems, Erdogan is using the Pastor as a tool for two reasons. One includes an anti-Erdogan activist that has lived in the United States 1999. He was/is a preacher himself and has an estimate 5 million followers. Erdogan included Gulen as one of the reasons for the attempted/alleged coup.
But the other reason is Iran. Seems Eli Lake an investigative journalist understands it better than all the rest. Why? During the Obama administration, nothing else mattered but to get an Iran nuclear deal. Those rogue governments, foreign leaders and financial institutions helping Iran evade sanctions were purposely ignored and overlooked by the Obama White House.
It was last week that the Erdogan government made an offer to the United States to release Pastor Brunson if the United States would drop charges and the investigation of the Halkbank.
President Trump gave Turkey an answer….NO.
The Trump administration rebuffed Turkey’s offer to release detained American pastor Andrew Brunson if the U.S. halts the investigation into Turkish bank Halkbank, The Wall Street Journal reported Sunday.
The Turkish government agreed to drop terrorism charges against the pastor in exchange of the U.S. government dropping fines totaling billions of dollars against the bank. A senior White House official said the offer was rejected.
Turkey has taken advantage of the United States for many years. They are now holding our wonderful Christian Pastor, who I must now ask to represent our Country as a great patriot hostage. We will pay nothing for the release of an innocent man, but we are cutting back on Turkey!
— Donald J. Trump (@realDonaldTrump) August 16, 2018
So, there is this bank and the gold. Happened earlier this year, stemming from a 2012-2013 case:
Mehmet Hakan Atilla, an executive at Turkey’s majority state-owned Halkbank (HALKB.IS), was convicted on five of six counts he faced, including bank fraud and conspiracy to violate U.S. sanctions law, in Manhattan federal court.
Atilla was also found not guilty on a money laundering charge.
Prosecutors had accused Atilla of conspiring with gold trader Reza Zarrab and others to help Iran escape sanctions using fraudulent gold and food transactions. Zarrab pleaded guilty and testified for the prosecutors.
In several days on the witness stand, Zarrab had described a sprawling scheme that he said included bribes to Turkish government officials and was carried out with the blessing of current President Tayyip Erdogan.
Halkbank had no immediate comment. Attempts to reach Erdogan’s spokesman for comment on the allegations at the trial have been unsuccessful. Erdogan has publicly dismissed the case as a politically motivated attack on his government.
U.S. prosecutors have criminally charged nine people, though only Zarrab, 34, and Atilla, 47, have been arrested by U.S. authorities.
BANKERS’ CHOICE
“Foreign banks and bankers have a choice: you can choose willfully to help Iran and other sanctioned nations evade U.S. law, or you can choose to be part of the international banking community transacting in U.S. dollars,” Joon Kim, the acting U.S. Attorney in Manhattan, said in a statement after the verdict was read. “But you can’t do both.”
In December of 2017, the Turkish Justice Minister Abdulhamit Gul demanded in a letter to U.S. Attorney General Jeff Sessions that Korkmaz be returned to Turkey, calling him “a fugitive, a terror suspect facing serious allegations.”
The Turkish government has said that followers of the U.S.-based cleric Fethullah Gulen were behind both the Turkish investigation and the U.S. case, as well as the 2016 failed coup in Turkey. Gulen has denied the accusations. More here.
Trump Admin Seeking Global Cyber Dominance
Finally!
President Trump signed an order that reverses the classified rules and cyber processes from the Obama administration, known as IVE PPD 20. It was signed in October 2012, and this directive supersedes National Security Presidential Directive NSPD-38. Integrating cyber tools with those of national security, the directive complements NSPD-54/Homeland Security Presidential Directive HSPD-23.
Per WikiPedia:
After the U.S. Senate failed to pass the Cybersecurity Act of 2012 that August,[12] Presidential Policy Directive 20 (PPD-20) was signed in secret. The Electronic Privacy Information Center (EPIC) filed a Freedom of Information Request to see it, but the NSA would not comply.[13] Some details were reported in November 2012.[14] The Washington Post wrote that PPD-20, “is the most extensive White House effort to date to wrestle with what constitutes an ‘offensive’ and a ‘defensive’ action in the rapidly evolving world of cyberwar and cyberterrorism.”[14] The following January,[15] the Obama administration released a ten-point factsheet.[16]
On June 7, 2013, PPD-20 became public.[15] Released by Edward Snowden and posted by The Guardian,[15] it is part of the 2013 Mass Surveillance Disclosures. While the U.S. factsheet claims PPD-20 acts within the law and is, “consistent with the values that we promote domestically and internationally as we have previously articulated in the International Strategy for Cyberspace”,[16] it doesn’t reveal cyber operations in the directive.[15]
Snowden’s disclosure called attention to passages noting cyberwarfare policy and its possible consequences.[15][17] The directive calls both defensive and offensive measures as Defensive Cyber Effects Operations (DCEO) and Offensive Cyber Effects Operations (OCEO), respectively.
President Trump has taken this action to aid not only the military, but it would work to deter foreign actors, impede election influence and apply new penalties for violations. There have been high worries by officials due to electric utilities and the brute cyber attacks.
***
Some lawmakers have raised questions in recent months about whether U.S. Cyber Command, the chief agency responsible for conducting offensive cyber missions, has been limited in its ability to respond to alleged Russian efforts to interfere in U.S. elections due to layers of bureaucratic hurdles.
The policy applies to the Defense Department as well as other federal agencies, the administration official said, while declining to specify which specific agencies would be affected. John Bolton, Mr. Trump’s national security adviser, began an effort to remove the Obama directive when he arrived at the White House in April, the official said.
As designed, the Obama policy required U.S. agencies to gain approval for offensive operations from an array of stakeholders across the federal government, in part to avoid interfering with existing operations such as digital espionage.
Critics for years have seen Presidential Policy Directive 20 as a particular source of inertia, arguing that it handicaps or prevents important operations by involving too many federal agencies in potential attack plans. But some current and former U.S. officials have expressed concern that removing or replacing the order could sow further uncertainty about what offensive cyber operations are allowed.
One former senior U.S. official who worked on cybersecurity issues said there were also concerns that Mr. Trump’s decision will grant the military new authority “which may allow them to have a domestic mission.”
The Obama directive, which replaced an earlier framework adopted during the George W. Bush administration, was “designed to ensure that all the appropriate equities got considered when you thought about doing an offensive cyber operation,” said Michael Daniel, who served as the White House cybersecurity coordinator during the Obama administration. “The idea that this is a simple problem is a naive one.” More here from the WSJ.