Category Archives: Treasury

Juniper Hacked, Several Govt Agencies at Risk

Posted on by

Backdoor Code Found in Firewall

Engadget: One of the reasons corporate users and the privacy-minded rely on VPNs is to control access to their networks and (hopefully) not expose secrets over insecure connections. Today Juniper Networks revealed that some of its products may not have been living up to that standard, after discovering “unauthorized code” in the software that runs on its NetScreen firewalls during a code review. Pointed out by security researcher “The Grugq,” the backdoor has been present since late 2012 and can only be fixed by upgrading to a new version of software just released today.

Telnet / ssh exposes a backdoor added by attackers to ScreenOS source code. This has been there since August 2012. Noted code here.

The pair of issues that created the backdoor would allow anyone who knows about it to remotely log in to the firewall as an administrator, decrypt and spy on supposedly secure traffic, and then remove any trace of their activity. Obviously this is a Very Bad Thing, although Juniper claims it has not heard of any exploitation in the wild (which would be difficult, since no one knew it existed and attackers could hide their traces) so far.

Beyond sending IT people sprinting to patch and test their setups, now we can all speculate about which friendly group of state-sponsored attackers is responsible. US government officials have recently been pushing for mandated backdoor access to secure networks and services, but the Edward Snowden saga made clear that even our own country’s personnel aren’t always going to ask permission before snooping on any information they want to check out. I contacted Juniper Networks regarding the issue, but have not received a response at this time.

Update: A Juniper Networks spokesperson told us:

During a recent internal code review, Juniper discovered unauthorized code in ScreenOS® that could allow a knowledgeable attacker to gain administrative access and if they could monitor VPN traffic to decrypt that traffic. Once we identified these vulnerabilities, we launched an investigation and worked to develop and issue patched releases for the impacted devices. We also reached out to affected customers, strongly recommending that they update their systems and apply the patched releases with the highest priority.

The patched releases also address an SSH bug in ScreenOS that could allow an attacker to conduct DoS attacks against ScreenOS devices. These two issues are independent of each other.

Newly discovered hack has U.S. fearing foreign infiltration

Washington (CNN) A major breach at computer network company Juniper Networks has U.S. officials worried that hackers working for a foreign government were able to spy on the encrypted communications of the U.S. government and private companies for the past three years.

The FBI is investigating the breach, which involved hackers installing a back door on computer equipment, U.S. officials told CNN. Juniper disclosed the issue Thursday along with an emergency security patch that it urged customers to use to update their systems “with the highest priority.”

The concern, U.S. officials said, is that sophisticated hackers who compromised the equipment could use their access to get into any company or government agency that used it.

One U.S. official described it as akin to “stealing a master key to get into any government building.”

The breach is believed to be the work of a foreign government, U.S. officials said, because of the sophistication involved. The U.S. officials said they are certain U.S. spy agencies themselves aren’t behind the back door. China and Russia are among the top suspected governments, though officials cautioned the investigation hasn’t reached conclusions.

It’s not yet clear what if any classified information could be affected, but U.S. officials said the Juniper Networks equipment is so widely used that it may take some time to determine what damage was done.

A senior administration official told CNN, “We are aware of the vulnerabilities recently announced by Juniper. The Department of Homeland Security has been and remains in close touch with the company. The administration remains committed to enhancing our national cybersecurity by raising our cyber defenses, disrupting adversary activity, and effectively responding to incidents when they occur.”

Juniper Networks’ security fix is intended to seal a back door that hackers created in order to remotely log into commonly used VPN networks to spy on communications that were supposed to be among the most secure. A free trial vpn has been helpful for those new to the VPN world to decide if it is right for them.

Juniper said that someone managed to get into its systems and write “unauthorized code” that “could allow a knowledgeable attacker to gain administrative access.”

Such access would allow the hacker to monitor encrypted traffic on the computer network and decrypt communications.

Juniper sells computer network equipment and routers to big companies and to U.S. government clients such as the Defense Department, Justice Department, FBI and Treasury Department. On its website, the company boasts of providing networks that “US intelligence agencies require.”

Its routers and network equipment are widely used by corporations, including for secure communications. Homeland Security officials are now trying to determine how many such systems are in use for U.S. government networks.

Juniper said in its security alert that it wasn’t aware of any “malicious exploitation of these vulnerabilities.” However, the alert also said that attackers would leave behind no trace of their activity by removing security logs that would show a breach.

“Note that a skilled attacker would likely remove these entries from the log file, thus effectively eliminating any reliable signature that the device had been compromised,” the Juniper security alert said. If encrypted communications were being monitored, “There is no way to detect that this vulnerability was exploited,” according to the Juniper security alert.

According to a Juniper Networks spokeswoman’s statement, “Once we identified these vulnerabilities, we launched an investigation and worked to develop and issue patched releases for the impacted devices. We also reached out to affected customers, strongly recommending that they update their systems.”

U.S. officials said it’s not clear how the Juniper source code was altered, whether from an outside attack or someone inside.

The work to alter millions of lines of source code is sophisticated. The system was compromised for three years before Juniper uncovered it in a routine review in recent weeks.

Juniper said it was also issuing a security fix for a separate bug that could allow a hacker to launch denial-of-service attacks on networks.

48 More Approved to Leave Gitmo

Posted on by

The White House itself admits that around 10 percent of those released from Guantanamo have resumed fighting for Islamic extremist organizations, but says it is more important to shutter a facility that has become a recruiting tool for militants.

Obama’s comments come as Sudanese militant Ibrahim al-Qosi — who was released in 2012 — seemingly appeared in a recent video by Al Qaeda in the Arabian Peninsula.

“The judgment that we’re continually making is, are there individuals who are significantly more dangerous than the people who are already out there who are fighting?” Obama said.

“What do they add? Do they have special skills? Do they have special knowledge that ends up making a significant threat to the United States?”

“And so the bottom line is that the strategic gains we make by closing Guantanamo will outweigh, you know, those low-level individuals who, you know, have been released so far.”

The Republican-controlled Congress has thwarted Obama’s repeated efforts to close Guantanamo.

Obama came to office in 2009 vowing to shutter the facility, which opened under his predecessor George W. Bush to hold terror suspects after the September 11, 2001 attacks and became known for harsh interrogation techniques that some have said were tantamount to torture.

Obama is soon expected to put forward a new plan that would speed the release of inmates and transfer the most dangerous ones to US soil.

The plan is likely to accelerate the release of low-level detainees to foreign countries and move the most dangerous prisoners to a specialized facility in the United States.

Because of a congressional ban on funding US transfers, Obama has suggested he may have to resort to an executive order to close the prison. This would ignite a political and legal firestorm.

Obama also told Yahoo News that he “very much” hopes to travel to Cuba before leaving office a little over a year from now.

The United States and Cuba restored diplomatic ties this summer, ending a half-century of enmity stemming from the Cold War era.

Obama reiterated previous White House comments that some progress would need to be seen on human rights before any presidential trip.

Obama said he would go when aides could determine “now would be a good time to shine a light on progress that’s been made, but also maybe (go) there to nudge the Cuban government in a new direction.”

The periodic review list of detainees is here.

Transfers Could Reduce Guantánamo Detainees to 90

NYT’s: WASHINGTON — The Obama administration appears to be on the cusp of the largest round of transfers of Guantánamo Bay detainees in a single month since 2007, a move that could reduce the detainee population there to as low as 90 by mid- to late January, according to officials familiar with internal deliberations.

Defense Secretary Ashton B. Carter has notified Congress in recent days that he has approved 17 proposed transfers of lower-level detainees, said the officials, who spoke on the condition of anonymity to discuss matters that have not yet been made public. Congress has required Mr. Carter to certify that security standards have been met at least 30 days before any transfers.

President Obama wants to close the Guantánamo prison in Cuba before he leaves office in a little over a year. His administration has stepped up efforts to find countries to take 48 detainees on a transfer list and moved to speed up the work of a parole-like board that might approve the release of others who are currently recommended for indefinite detention.

The Republican-led Congress, however, has shown little interest in lifting a ban on bringing any detainees to a prison inside the United States, which is Mr. Obama’s plan for those who are either facing trial or are deemed too dangerous to release.

But even as the administration seems to be trying to speed up its fitful effort to winnow down the Guantánamo population, the military is taking steps that will curtail journalists’ access to the wartime prison.

The commander who oversees the military base, Gen. John F. Kelly, has created new rules that will limit reporters to four “media day” trips a year in which large groups will come and depart the same day. Reporters will generally no longer be permitted to go inside the prison camp’s walls.

In a telephone interview, General Kelly connected his decision “to tighten things up a little bit, particularly on the scheduling” for news media visits, in part to what he described as a sharp rise in visits by delegations from foreign governments that are considering resettling detainees.

The operational strains of handling such visitors, he said, formed the backdrop to an episode in October that focused his attention on rules for visits. He said that a journalist, whom he would not identify, was “extremely impolite” during an interaction with a service member who worked at a detainee library.

All that, he said, prompted him to fix what he saw as a problem before his designated successor, Vice Adm. Kurt Tidd, who is awaiting a Senate confirmation vote, takes over.

Until now, the military has generally permitted small numbers of reporters to visit the prison throughout the year if no military commission hearing is going on. The reporters have flown to the base on a Monday and flown out the following Thursday.

Reporters have spent that time on a tour that included walking through the two camps that hold lower-level detainees. While reporters have never been permitted to speak to the detainees, they have seen them from afar, talked to the officers in charge of each camp, interviewed the senior medical officer in the detainee clinic and interviewed lower-ranking guards.

General Kelly said he decided it would be easier for everyone if groups of reporters came to the base only during quarterly “media days,” in which they could talk to a handful of officials like the joint task force commander and the military’s cultural adviser, and then leave that same day.

The general said he no longer wanted reporters to talk to lower-level guards because it was not their role to opine about detention operations, or to go inside the prison because that could cause disruptions. However, he said, depending on what else is going on, exceptions might be made to let first-time visitors inside.

“The camps have not changed since the last time you’ve been there,” he told a reporter for The New York Times who has visited the prison several times, most recently in August 2014. “We still do the same things.”

Several news media outlets, including The Times, have asked the military to reconsider. Dave Wilson, a senior editor at The Miami Herald who oversees its coverage of Guantánamo, said he had told the military that it was important for experienced beat reporters to keep going inside the prison.

“A first-timer doesn’t know what they are seeing because they are seeing it for the first time,” Mr. Wilson said. “They don’t know if something has changed. They don’t know if it’s better or worse.”

General Kelly previously decided in September 2013 to stop telling reporters how many detainees were participating in a hunger strike each day.

9500 Visas Revoke Due to Terror,Where are they? Don’t Know

Posted on by

FNC: The Obama administration cannot be sure of the whereabouts of thousands of foreigners in the U.S. who had their visas revoked over terror concerns and other reasons, a State Department official acknowledged Thursday.

The admission, made at a House oversight hearing examining immigrant vetting in the wake of major terror attacks, drew a sharp rebuke from the committee chairman.

“You don’t have a clue do you?” Rep. Jason Chaffetz, R-Utah, told Michele Thoren Bond, assistant secretary for the Bureau of Consular Affairs.

Bond initially said the U.S. has revoked more than 122,000 visas since 2001, including 9,500 because of the threat of terrorism.

But Chaffetz quickly pried at that stat, pressing the witness about the present location of those individuals.

“I don’t know,” she said.

The startling admission came as members of the committee pressed administration officials on what safeguards are in place to reduce the risk from would-be extremists.

At issue is how closely the U.S. government examines the background of people seeking entry to the country, including reviews of their social media postings.

Leon Rodriguez, director of U.S. Citizenship and Immigration Services, told committee members that such checks aren’t being done in an abundant manner, and he was not specific about when or how it would occur.

Lawmakers are trying to ascertain which safeguards are in place to ensure that extremists are not exploiting a variety of legal paths to travel to the United States.

One of the San Bernardino, Calif., shooters came to the U.S. on a K-1 fiancee visa last year despite the fact that the FBI believed she was already radicalized.

Tashfeen Malik came to the U.S. on a K-1 fiance visa in July 2014 and passed multiple background checks and at least two in-person interviews, one in Pakistan and another after she married Syed Farook. FBI Director James Comey has said Malik and Farook communicated privately online about jihad and martyrdom before they married.

Lawmakers at times angrily pressed officials on why even public social media wouldn’t routinely be looked at for vetting those trying to enter the country.

“If half the employers are doing it in the United States of America, if colleges are doing it for students, why wouldn’t Homeland Security do it?” said Rep. Stephen Lynch, D-Mass. “We don’t even look at their public stuff, that’s what kills me.”

DHS did launch three pilot programs specifically aimed at reviewing social media postings as part of the immigration vetting process.

“There is less there that is actually of screening value than you would expect, at least in small early samples, some things seem more ambiguous than clear,” Rodriguez told lawmakers Thursday. He said foreign alphabets frequently used in social media posts were a challenge to translate.

“We all continue to believe there’s a potential for there to be information of screening value … particularly in high risk environments,” he added.

Both DHS and the State Department are reviewing the process for vetting visa applications, including the K-1 program, and have been directed by the White House to create specific recommendations for improvements.

DHS is specifically reviewing policies on when authorities at U.S. Citizenship and Immigration Services can look at social media posts as part of the process for evaluating applications for certain visas.

“There are some legal limits to what we can do,” Homeland Security Secretary Jeh Johnson said Wednesday. He added that he thinks reviews of social media should be done more often, but did not provide specifics.

During his opening remarks Chaffetz, said: “It is unclear how someone who so openly discussed her hatred of our country and way of life could easily pass three background checks. We need to understand how the breakdown happened with Malik and what we are doing to make sure it doesn’t happen again.”

Lawmakers have also pressed for changes to the Visa Waiver Program, which allows many citizens from 38 countries to travel to the United States without being subjected to the in-person interview required to receive a visa. Many fear that foreign fighters who carry western passports will be able to exploit that system to travel freely to the United States.

Earlier this month the House voted overwhelmingly to tighten controls on that program and require visas for anyone who has been to Iraq or Syria in the last five years. Security changes to the program were also included in the Senate version of a massive spending bill expected to be approved later this week.

House Oversight and Government Reform Committee Hearing on Immigration and Visas December 17, 2015

PURPOSE:

• To review the screening process for foreign nationals entering the United States, including the ability to review social media as part of the vetting process.
• To assess the likelihood of foreign nationals exploiting the U.S. immigration system and examine vulnerabilities within that system.
• This hearing is a follow-up to an Oversight Subcommittee hearing last week, where a Department of Homeland Security (DHS) official was unable to answer basic questions on the Agency’s ability to vet, track, and screen individuals who arrive in the United States.

BACKGROUND:

• Foreign nationals seeking to enter the U.S. must ordinarily obtain either an immigrant visa or a nonimmigrant visa. A third category of foreign nationals seeking entry into the U.S. are refugees, who enter under refugee status.
• An exception to the rule is the Visa Waiver Program (VWP), where an individual who seeks entry to the U.S. must apply for, and receive, a visa before entering the country. Currently, nationals of 38 countries can enter the U.S. without first obtaining a visa under the VWP.
• Under current law, two departments—the Department of State and DHS—play roles in administering the law and policies on immigration visas.
• In light of the attacks in San Bernardino, CA, Committee Chairman Jason Chaffetz (R-UT) and Subcommittee Chairman Ron DeSantis (R-FL) sent a letter to DHS seeking information relating Tashfeen Malik’s entry into the U.S. on a fiancée visa.

 

Witnesses and testimonies

Name Title Organization Panel Document
The Honorable Anne C. Richards Assistant Secretary, Bureau of Population, Refugees, and Migration U.S. Department of State Document
The Honorable Michele Thoren Bond Assistant Secretary, Bureau of Consular Affairs U.S. Department of State Document
The Honorable Alan Bersin Assistant Secretary for International Affairs, Chief Officer for the Office of Policy U.S. Department of Homeland Security
The Honorable Leon Rodriguez Director, U.S. Citizenship and Immigration Services U.S. Department of Homeland Security

Related Documents

Name Document
Credible Fear Claims Document

POTUS a Shiite? Anti-Israel Evidence….

Posted on by

Congress Rejects Obama Move to Restore Funding for Anti-Israel U.N. Group

FreeBeacon: Congress has rejected a request by the Obama administration to restore U.S. funding for a United Nations organization long criticized for its anti-Israel bias, according to sources on Capitol Hill.

The Washington Free Beacon disclosed earlier this week that the Obama administration was pressuring lawmakers on Capitol Hill to restore around $80 million in annually funding to the U.N. Educational, Scientific, and Cultural Organization, otherwise known as UNESCO.

Taxpayer funding to the organization was slashed in 2011 after UNESCO accepted Palestine as a member state, a move that violated U.S. law barring the funding of any U.N. group that skirts the peace process by prematurely admitting Palestine as a full member nation.

However, the State Department petitioned Democratic lawmakers on the Senate’s appropriations committee to restore UNESCO’s funding and grant the administration authority to provide an additional $160 million to help erase accrued debts.

The administration argued that the lack of funding was harming the United States’ credibility at UNESCO and contributing to a rise in anti-Israel actions, such as a recent move to label Jerusalem’s Western Wall as a Muslim holy site.

The State Department requested that a waiver be added to the Senate’s version of a sprawling yearly spending bill set to be approved by Congress before year’s end. However, that request was killed off by lawmakers and did not make its way into the final text of the bill.

The administration’s effort to restore UNESCO funding, despite a law banning it, raised concerns among Republican leaders and prompted several to take a stand against it.

Sen. Mark Kirk (R., Ill.), who spearheaded efforts to block the funding waiver, told the Free Beacon that Republican leadership in the Senate took a bold stand by rejecting the administration’s request.

“I thank congressional Republican leadership for working with Senator [Marco] Rubio and me to uphold a 25-year-old law and stop the Administration from air-dropping back-door funding to UNESCO, the U.N. organization whose anti-Israel member states have granted membership to the non-state actor of ‘Palestine’ and provocatively tried to designated the Western Wall in Jerusalem as a Muslim holy site,” Kirk told the Free Beacon in a statement.

Ollie North with the Peshmerga vs. Islamic State

Posted on by

By the way, the Peshmerga are Muslims.

Obama’s non-war and the consequence on humanity versus Islamic State:

TheHill: A U.S. aircraft carrier passed through the Suez Canal on Tuesday, creating a presence that will allow the U.S. to ramp up airstrikes against the Islamic State in Iraq and Syria (ISIS). The USS Harry S. Truman is due to arrive in the Persian Gulf right around Christmas, where it will begin striking the terrorist group, a Navy official told The Hill.

The Truman and its accompanying carrier strike group will join the French aircraft carrier Charles De Gaulle in the Gulf, which reportedly arrived earlier this month.

The U.S. has steadily increased airstrikes against ISIS, with November hitting a high of 3,271 bombs, according to U.S. Central Command statistics.

Twisted logic designed by the Obama White House and the new ISIS Czar:

    President Obama’s new ISIS czar said yesterday that resolving the Israel Palestine conflict is necessary to defeating Islamist extremists. Rob Malley, senior advisor to Obama “for the Counter-ISIL Campaign in Iraq and Syria” and White House Coordinator for the Middle East and North Africa, said at a New York conference that the conflict enables ISIS in two ways. Extremists “refer constantly” to the situation of Palestinians. So they would lose a recruiting tool if the matter were resolved. And the failure to resolve the conflict makes it “very difficult” to get “the kind of open cooperation that we really need to get changes on the ground”– because Saudi Arabia and other states can’t work openly with Israel as matters stand. Malley said that resolving the conflict was not a “magic wand” to ending problems in the Middle East, but asked if ISIS’s next stop was going to be Gaza or the West Bank, he went on: I don’t know where the next stop will be but I think there’s a more basic point, which is that the absence of a resolution is fueling extremism. If you want to go to Gaza that’s self-evident. Whether ISIS is going to have a foothold there.. that’s a separate question. But I think it stands to reason that resolving this conflict would at least help, it wouldn’t resolve– but it would be a major contribution to stemming the rise of extremism, and to allow the kind of cooperation that is needed [to take on] what should be a common challenge, which is the challenge of ISIS, and of other extremist organizations.

As Oliver North described in the video above, the Baghdad government is directed by Iran, a rogue nation sponsor of terror of which Obama and John Kerry have normalized relations forcing the world to accept the whole Tehran regime.

But what about our own hemisphere?

Iran Taking Over Latin America

by Joseph Humire

  • “This is a matter of life or death. I need you to be an intermediary with Argentina to get help for my country’s nuclear program. We need Argentina to share its nuclear technology with us. It will be impossible to advance with our program without Argentina’s cooperation.” – Iran’s former President Mahmoud Ahmadinejad to the late Venezuelan President Hugo Chávez.
  • According to Venezuelan informants, whitewashing Iran’s accused from the AMIA attack was only a secondary objective in its outreach to Argentina. The primary objective was to gain access to Argentina’s nuclear technology and materials — a goal Iran has for more than three decades.
  • During the last 32 years, Iran has achieved a resounding success in promoting an anti-US and anti-Israel message in Latin America. Its state-owned television network, HispanTV, broadcasts in Spanish 24 hours a day, seven days a week in at least 16 countries throughout the region.
  • The lifting of sanctions and influx of billions of dollars as a result of Iran’s nuclear deal will undoubtedly help Iran in Latin America, where many countries face economic turmoil and can use an Iranian “stimulus.”
  • While Latin America is often regarded as a foreign policy backwater for the United States, it is the geopolitical prize for the Islamic Republic of Iran.

During the last couple months, Iran and Saudi Arabia have been playing a political tug of war over Latin America. On November 10, 2015, Iran’s deputy foreign minister held a private meeting with ambassadors from nine Latin American countries to reaffirm the Islamic Republic’s desire to “enhance and deepen ties” with the region. This was followed by similar statements from Iranian President Hassan Rouhani and Supreme Leader Ayatollah Ali Khamenei at the Gas Exporting Countries Forum (GECF) in Tehran later that month.

The same day, the Saudi Foreign Minister, Adel al-Jubeir, presided over a South American-Arab world summit in Riyadh. FM al-Jubeir, while Ambassador to the United States in 2011, had himself been the target of an Iranian-Latin American assassination plot. Read the full summary complete with citations here.