Category Archives: Treasury

Hey Secret Service, Check it out While in Singapore

Posted on by

10 Best Things to Do in Sentosa Island - Best Attractions ... photo

So, while the United States is finding a discreet way to pay for Kim Jung Un’s travel and hotel stay in Singapore on Sentosa Island as North Korea is cash strapped…ah yeah sure, there are some other things going on in Singapore and Malaysia.

Let’s begin a few years ago. Sit back with this article, it is long but perspective and context is required.

Malaysian authorities shutter two North Korean companies ... photo

(Note, it is allegedly closed, or Singapore denies it, but Secret Service check it all out)

(Reuters) – It is in Kuala Lumpur’s “Little India” neighborhood, behind an unmarked door on the second floor of a rundown building, where a military equipment company called Glocom says it has its office.

Glocom is a front company run by North Korean intelligence agents that sells battlefield radio equipment in violation of United Nations sanctions, according to a United Nations report submitted to the Security Council seen by Reuters.

Reuters found that Glocom advertises over 30 radio systems for “military and paramilitary” organizations on its Malaysian website, glocom.com.my.

Glocom’s Malaysian website, which was taken down late last year, listed the Little India address in its contacts section. No one answers the door there and the mailbox outside is stuffed with unopened letters.

In fact, no company by that name exists in Malaysia. But two Malaysian companies controlled by North Korean shareholders and directors(also known as a Nominee Director) registered Glocom’s website in 2009, according to website and company registration documents.

And it does have a business, the unreleased U.N. report says. Last July, an air shipment of North Korean military communications equipment, sent from China and bound for Eritrea, was intercepted in an unnamed country. The seized equipment included 45 boxes of battlefield radios and accessories labeled “Glocom”, short for Global Communications Co.

Glocom is controlled by the Reconnaissance General Bureau, the North Korean intelligence agency tasked with overseas operations and weapons procurement, the report says, citing undisclosed information it obtained.

A spokesman for North Korea’s mission at the U.N. told Reuters he had no information about Glocom.

U.N. resolution 1874, adopted in 2009, expanded the arms embargo against North Korea to include military equipment and all “related materiel”.

But implementation of the sanctions “remains insufficient and highly inconsistent” among member countries, the U.N. report says, and North Korea is using “evasion techniques that are increasing in scale, scope and sophistication.”

Malaysia is one of the few countries in the world which had strong ties with North Korea. Their citizens can travel to each other’s countries without visas. But those ties have begun to sour after North Korean leader Kim Jong Un’s estranged half-brother was murdered at Kuala Lumpur’s international airport on Feb 13.

PAN SYSTEMS

According to the “WHOIS” database, which discloses website ownership, Glocom.com.my was registered in 2009 by an entity called International Global System using the “Little India” address. A similarly named company, International Golden Services is listed as the contact point on Glocom’s website.

Glocom registered a new website, glocom-corp.com, in mid-December, this one showing no Malaysian contacts. Its most recent post is dated January, 2017 and advertises new products, including a remote control system for a precision-guided missile.

Glocom is operated by the Pyongyang branch of a Singapore-based company called Pan Systems, the U.N. report says, citing an invoice and other information it obtained.

Louis Low, managing director of Pan Systems in Singapore said his company used to have an office in Pyongyang from 1996 but officially ended relations with North Korea in 2010 and was no longer in control of any business there.

“They use (the) Pan Systems (name) and say it’s a foreign company, but they operate everything by themselves,” Low told Reuters referring to the North Koreans at the Pyongyang office.

Pan Systems Pyongyang utilized bank accounts, front companies and agents mostly based in China and Malaysia to buy components and sell completed radio systems, the U.N. report says. Pan Systems Pyongyang could not be reached for comment.

One of the directors of Pan Systems Pyongyang is Ryang Su Nyo. According to a source with direct knowledge of her background, Ryang reports to “Liaison Office 519”, a department in the Reconnaissance General Bureau. Ryang is also listed as a shareholder of International Global System, the company that registered Glocom’s website.

Reuters has not been able to contact Ryang.

SMUGGLING CASH

Ryang frequently traveled to Singapore and Malaysia to meet with Pan Systems representatives, the U.N. report says.

On one such trip in February 2014, she and two other North Koreans were detained in Malaysia for attempting to smuggle $450,000 through customs at Kuala Lumpur’s budget airport terminal, two sources with direct knowledge of the situation told Reuters.

The North Korean trio told Malaysian authorities they all worked for Pan Systems and the cash belonged to the North Korean embassy in Kuala Lumpur, according to the two sources.

The Malaysian Attorney General decided not to press charges because of insufficient evidence. A week later, the trio was allowed to travel, and the North Korean embassy claimed the cash, the sources said. All three had passports assigned to government officials, the sources said.

Malaysia’s Customs Department and the Attorney General’s office did not respond to requests for comment over the weekend.

The Pan Systems representative in Kuala Lumpur is a North Korean by the name of Kim Chang Hyok, the U.N. report says.

Kim, who also goes by James Kim, was a founding director of International Golden Services, the company listed in the contacts section of the Glocom website. Kim is director and shareholder of four other companies in Malaysia operating in the fields of IT and trade, according to the Malaysian company registry.

He did not respond to requests for comment by mail or email.

The United Nations panel, which prepared the draft report, asked the Malaysian government if it would expel Kim and freeze the assets of International Golden Services and International Global System to comply with U.N. sanctions. The U.N. did not say when it made the request.

“The panel has yet to receive an answer,” the report said.

Reuters has not received a response from the Malaysian government to repeated requests for comment about Glocom.

POLITICAL CONNECTION

One of Glocom’s early partners in Malaysia was Mustapha Ya’akub, a prominent member of Malaysia’s ruling United Malays National Organisation (UMNO). Since 2014, he has been listed as a director of International Golden Services

As secretary of the UMNO youth wing’s international affairs bureau, Mustapha fostered political connections in the 1990s with countries, such as Iran, Libya and North Korea. Glocom’s Little India address once housed a company owned by UMNO Youth.

Mustapha, 67, said he had been a Glocom business partner “many years back” and said it has been continuously controlled by several North Koreans, including Kim Chang Hyok, whom he said he knew. He did not divulge his role in the company, and denied any knowledge of Glocom’s current business.

“We thought at the time it might be a good idea to go into business together,” Mustapha told Reuters about his first meeting with his North Korean business contacts. He did not say who those contacts were or what they discussed. He denied any knowledge of Glocom’s current business.

Glocom advertises and exhibits its wares without disclosing its North Korean connections.

“Anywhere, Anytime in Battlefield,” reads the slogan on one of several 2017 Glocom catalogs obtained by Reuters.

An advertisement in the September 2012 edition of the Asian Military Review said Glocom develops radios and equipment for “military and paramilitary organizations”.

A spokesman for the magazine confirmed the ad had been bought by Glocom, but said the magazine was unaware of its alleged links to North Korea.

Glocom has exhibited at least three times since 2006 at Malaysia’s biennial arms show, Defence Services Asia (DSA), according to Glocom’s website.

At DSA 2016, Glocom paid 2,000 ringgit ($450) to share a table in the booth of Malaysia’s Integrated Securities Corporation, its director Hassan Masri told Reuters by email.

Hassan said he had nothing to do with Glocom’s equipment and was unaware of its alleged links to North Korea.

Aside from the North Koreans behind Glocom, clues on its website also point to its North Korean origins.

For instance, one undated photo shows a factory worker testing a Glocom radio system. A plaque nearby shows the machine he is using has won a uniquely North Korean award: The Model Machine No. 26 Prize,” named in honor of late leader Kim Jong Il, who is said to have efficiently operated “Lathe No. 26” at the Pyongyang Textile Factory when he was a student.

*** It gets worse.

Executive Summary

In April 2018, Recorded Future published research on the internet browsing behavior of North Korea’s most senior leaders and revealed stark changes in how North Korea’s ruling elite utilize the internet from our original analysis in July 2017. Utilizing a data set spanning from December to mid-April, we compiled a significant amount of information on North Korea’s technology architecture, including which types, manufacturers, and models of hardware and software North Korean leaders used to access the internet.

Our analysis reveals the overwhelming presence of American hardware and software on North Korean networks and in daily use by senior North Korean leaders. We also examined the broad legal regime that restricts U.S. trade with North Korea and discovered that it is insufficient to prevent U.S. electronics, hardware, and software from reaching North Korea.

Key Judgements

  • This failure to keep American technology from reaching North Korea has enabled North Korea’s destabilizing, disruptive, and destructive cyber operations as well as its internet-enabled circumvention of international sanctions.
  • International inconsistency in the definition of the term “luxury goods” has also facilitated the Kim regime’s acquisition of American technology.
  • For seven years, between 2002 and 2017, the United States allowed the exportation of “computer and electronic products” to North Korea, totaling more than $430,000. Our analysis demonstrates that many of the electronic devices North Korean elite utilize are older models or are running older software, and that at least some of those devices could have been legally acquired from the U.S. during these seven years.
  • All U.S. exporters are liable for any violation of the sanctions regime, but beyond the implementation of a robust compliance program, there’s relatively little that can be done to actually stop prohibited goods from reaching sanctioned countries. This is especially true for North Korea, as they have proven to be sophisticated at utilizing intermediaries or spoofing identities.

History of Export Controls Against North Korea

Since the split of North and South Korea following World War II, the United States has regarded the Democratic People’s Republic of Korea (DPRK or North Korea) as an adversary. Despite the lack of open hostilities for nearly 65 years, the U.S. has never normalized diplomatic relations with the “Hermit Kingdom.” From the 1950s to 1980s, North Korea’s status as a Communist government, and sponsorship of international terrorism, ensured that the two countries remained enemies. Then, in 1988, after the bombing of Korean Air Flight 858, North Korea was officially designated as a state sponsor of terrorism by the Reagan administration, inaugurating the modern export control regime against North Korea.

Separately, export control as a response to North Korea’s nuclear proliferation efforts dates back to 1992 when the U.S. imposed sanctions on two North Korean companies due to their missile proliferation activities. Between June 1992 and June 2000, some restrictions were lifted as a result of the U.S.-North Korea bilateral missile talks, but the respite was short lived and the U.S. ratcheted up sanctions from January 2001 through to 2006. This period included the notorious labeling of North Korea as part of the “Axis of Evil” in President Bush’s 2002 State of the Union Address.

In 2006, the first widespread international sanctions began after North Korea carried out its initial nuclear weapons test. This test prompted the UN Security Council (UNSC) to pass two resolutions imposing sanctions on North Korea — first Resolution 1695, and then Resolution 1718. These resolutions together banned a broad range of both imports and exports to North Korea by any UN member states.

While these resolutions initially focused on military materiel, they were supplemented by broader sanctions from the U.S., Australia, and Japan. After North Korea conducted its second underground nuclear test in May 2009, the UNSC adopted Resolution 1874, which further expanded the arms embargo and sought to target Pyongyang’s financial apparata. From 2009 to the present day, both the U.S. and UNSC have progressively strengthened and expanded earlier sanctions with Resolution 2087, 2094, 2270, 2371, 2375, and 2397, which covered everything from missile materiel to textiles and caps on oil trading.

Despite a perceived thaw in diplomatic relations beginning earlier this year, U.S. officials have re-emphasized numerous times that “all sanctions and maximum pressure must remain,” while denuclearization of the Korean peninsula is negotiated.

State of Current U.S. Sanctions Against North Korea

Current United States sanctions against North Korea can be split into two categories:

  1. Sanctions that specifically target North Korea.
  2. Sanctions related to “Weapons of Mass Destruction Proliferators.”

Until 2008, the bulk of U.S. sanctions specific to North Korea were implemented via the Trading With the Enemy Act (1917), which empowers the federal government to prohibit any and all trade with designated countries. On June 26, 2008, the Bush administration issued Executive Order (E.O.) 13466 under the authority of the International Emergency Economic Powers Act. That same year, the National Emergencies Act. E.O. 13466 was supplemented by Executive Orders 13551, 13570, 13687, 13722, and the North Korea Sanctions Regulations (31 C.F.R. part 510). These measures extended a variety of trade restrictions and blocking of interests belonging to various figures in North Korea.

Pre-dating these sanctions, E.O. 13382 was issued in 2005 targeting various entities engaged in WMD proliferation. Three North Korean entities and numerous North Korean persons were listed as blocked entities.

Today, these regulations have culminated in six prohibited categories of transactions involving North Korea:

  1. Blocked property belonging to the state of North Korea and certain North Korean nationals (E.O. 13466, 13551, 13687, 13722, and 13382).
  2. U.S. persons are prohibited from registering vessels in North Korea, flying the DPRK flag, or operating any vessel flagged by North Korea (E.O. 13466).
  3. Goods, services, and technology from North Korea may not be imported into the U.S. (E.O. 13570).
  4. No new investment in North Korea by U.S. persons is allowed (E.O. 13722).
  5. No financing by a U.S. person involving North Korea is allowed (E.O. 13722).
  6. And most importantly for our purposes, goods, services, and technology may not be exported to North Korea from the U.S., or by a U.S. person wherever located, without a license (E.O. 13722).

U.S. export enforcement responsibility falls under three executive branch agencies: the Office of Foreign Asset Control within the Department of Treasury, the Office of Export Enforcement within the Department of Commerce’s Bureau of Industry and Security, and Homeland Security Investigations within the Department of Homeland Security. These three agencies enforce the Executive Orders, U.S. sanctions, International Trafficking in Arms Regulation, Export Administration Regulation, and other laws which make up the body of export control laws in the United States. In 2010, Executive Order 13558 created the Export Enforcement Coordination Center to further strengthen the partnership between these independent agencies.

The United States is one of the only countries which enforces its export laws outside of its national boundaries. Federal agents located in foreign countries work in conjunction with local authorities to conduct end use license checks, knocking on doors to see whether the parties are still upholding their stated exporting intentions.

Currently, civil penalties of up to the greater of $284,582, or twice the amount of the transaction, can be imposed against any party that violates these sanctions. Similarly, upon conviction, criminal penalties of up to $1 million, imprisonment for up to 20 years, or both, may be imposed on any person that willfully violates the sanctions.

North Korea Leverages a Breadth of U.S. Technology Despite Export Controls

North Korea’s Technology Architecture

Numerous third-party data sources used for this analysis gave Recorded Future visibility into what types of devices North Korea’s most senior leadership use to access the global internet. As has been widely publicized over the past several years, Kim Jong Un has been photographed on several occasions with Apple devices, and North Korean-made mobile phones have been assessed as mimicking Apple technology.

While we cannot confirm the actual users behind the activity we see, our analysis indicates that numerous American and Western-manufactured devices are being used by North Korean elite to access the global internet. Several reports and accounts have documented how few North Koreans are granted access to the global internet. At most, only the inner circle of North Korea’s leadership, such as party, military, and intelligence leaders and their families, are allowed to own computers and independently utilize the global internet. This is one of the data points we use to determine with such certainty that North Korea’s ruling elite are the users of this hardware and software.

North Korea’s use of proxies and load balancers limited our ability to identify exactly how many of each device was present, but we can determine some models and versions:

  • Windows 7
  • Windows 8.1
  • Windows 2000
  • Windows XP
  • Windows 10
  • Microsoft Terminal Server
  • Samsung Galaxy S5
  • Samsung Galaxy J5
  • Samsung Galaxy S7
  • Samsung Galaxy S8 Plus
  • Huawei Mate 95c 6 v6
  • Apple iPhone 4S
  • Apple iPhone 5
  • Apple iPhone 5S
  • Apple iPhone 6
  • Apple iPhone 6S Plus
  • Apple iPhone 7 Plus
  • Apple iPhone 8 Plus
  • Apple iPhone X
  • Apple MacBook
  • IBM Tivoli Storage Manager server
  • Conexant Hasbani web servers
  • Ascend Communications1 switches
  • F5 BIG-IP load balancer

While the majority of North Korean cyber operations are likely conducted from abroad, a small minority historically have been conducted from territorial North Korea. These operations have been conducted utilizing this very same hardware and software. This means that minimally, U.S. technology has enabled North Korea’s destabilizing, disruptive, and destructive cyber operations as well as its internet-enabled circumvention of international sanctions.

Where Technology Export Control Fails

According to a Congressional Research Service study conducted in 2016, U.S. trade restrictions with North Korea are extensive, but do not amount to a comprehensive embargo.

The United States curtails trade with North Korea for reasons of regional stability, that country’s support for acts of international terrorism, lack of cooperation with U.S. antiterrorism efforts, proliferation, and its status as a Communist country and a nonmarket economy. The United States also prohibits transactions relating to trade with certain North Korean entities identified as those who procure luxury goods, launder money, smuggle bulk cash, engage in counterfeiting goods and currency, and traffic in illicit narcotics.

Further, ”a U.S. company may apply for a license to export to North Korea, but for nearly all items other than food and medicine, there is a presumption of denial.”

This is despite the fact that North Korea has been on and off the State Sponsors of Terrorism list twice in the last 10 years (President Bush rescinded the declaration in 2008 and President Trump re-applied it in November 2017). In terms of exportation of technology to North Korea, the State Sponsors of Terrorism designation has relatively little impact in and of itself because the sanctions resulting from that designation govern primarily U.S. foreign aid, defense exports, and dual-use items. There is a provision for sanctions on “miscellaneous financial and other restrictions,” however, it is not clear whether that provision goes above and beyond the existing prohibitions on technology exports to North Korea.

Most electronics, including laptop computers, digital music players, large flat-screen televisions, and “electronic entertainment software” are considered “luxury goods” and fall under the broad trade Export Administration Restrictions (EAR) for North Korea administered by the Department of Commerce.

While the United Nations (UN) clarified its definition of “luxury goods” in Resolution 2321 as not including electronics, each UN member state is allowed to interpret the “luxury goods” term as including different products, “creat[ing] a situation of uneven practice” in the application of export controls. For instance:

  • The European Union bans “electrical/electronic items and appliances for domestic use of a value exceeding EUR 50 each.”
  • Australia bans all “consumer electronics.”
  • Japan prohibits “portable computing devices consisting of at least a central processing unit (CPU), a keyboard, and a display.”
  • South Korea broadly restricts and governs trade with the North including “electronic goods” as a luxury item.
    China has not made a distinction on embargoed luxury goods and does not “honor the luxury goods lists of other countries when it exports to” North Korea.

The Saga of ZTE

In March 2016, Zhongxing Telecommunications Equipment (ZTE), a Chinese cellular device and hardware manufacturer, was added to the Export Administration Regulations (EAR) Entities List. The EAR “imposes additional licensing requirements on and limits the availability of most license exceptions for, exports, reexports, and transfers (in-country) to those listed” on the Entities List. ZTE was initially placed on the Entities List for violating U.S. sanctions by selling American-made goods to Iran and North Korea. Placement on the Entities List prohibited U.S. companies from selling goods to ZTE without a license, and because nearly all ZTE-manufactured products contained U.S. goods, essentially crippled the company.

For more than two years, ZTE and the U.S. government went back and forth attempting to reach an agreement over penalties and validate that ZTE was no longer violating U.S. sanctions. In April 2018, the Department of Commerce (DOC) ended the negotiations by imposing a denial order, prohibiting American companies from selling to ZTE for seven years.

The denial order was the end of a lengthy export control enforcement process which would have bankrupted ZTE. Instead, in late May, the DOC negotiated an agreement which lifted the denial order and re-opened ZTE to U.S. exports.

The case of ZTE, a company which was placed on the Entities List and under a denial order for violating U.S. sanctions against North Korea, is a useful example of how impactful successful export control can be — if allowed to be. Had ZTE been allowed to fail, it would have sent a powerful message to companies around the world indicating how seriously the U.S. considers these violations. Instead, the message is that a company can violate U.S export controls and sanctions if it is large enough and aligned with an economically powerful nation.

Technology Exports to North Korea Were Not Always Prohibited

The question of how U.S. technology gets to North Korea is not entirely a story of failed export control or inconsistent application. According to Department of Commerce data, the U.S. has actually exported over $176 million of goods to North Korea since 2002. While this number pales in comparison to export volume with nations such as China or Canada, it is important to note that the export of “computers and electronic products” to North Korea occurred until this year.

At its peak in 2014, the U.S. exported $215,862 worth of computers and electronic products to North Korea. We do not know exactly which products or how many were exported to North Korea that year. However, based on the Department of Commerce definition of “computers and electronic products,” we have an idea of what kind of electronics these exports might have included. This category includes “computers, computer peripherals (including items like printers, monitors, and storage devices), communications equipment (such as wired and wireless telephones), and similar electronic products (including audio and video equipment and semiconductors),” as well as components for these products.

Again, while we do not know exactly which computer and electronic products were exported to North Korea over the past 15 years, that data can be useful in an exercise to demonstrate exactly how much value North Korea could have derived from that amount of money.

For example, in 2014, a decent desktop could cost around $500, while a similarly specified laptop would cost $700. Hypothetically, if North Koreans were paying the average prices for computers, they could have purchased over 350 computers from U.S. suppliers in 2014 alone. In total, since 2002, the U.S. has legally exported $483,543 worth of computers and electronics to North Korea — a sum that could have legally supplied some of the ruling elites’ electronics needs.

Our analysis demonstrates that many of the electronic devices North Korean elite utilize are older models or are running older software. These legal exports certainly do not account for all of the devices we have observed on North Korean networks, nor is $483,543 sufficient to completely build a moderately sized and proxied network. However, it presents an interesting part of the answer to the question of exactly how North Korea could have acquired all of their Western hardware and software. At least some of the computers and software we observed being used in North Korean networks today was probably acquired during these past 15 years.

Outlook

It is the responsibility of any U.S. exporters to be familiar and compliant with federal export controls, as penalties can include fines, civil or criminal charges, imprisonment, negative publicity, revocation of exporting privileges, or debarment from U.S. government contracting. As explained by the Massachusetts Export Center, “[Even if the exporter is selling only] innocuous products or selling only to ‘friendly’ countries … the exporter is ultimately responsible to have a thorough understanding of export regulations and to establish operating procedures aimed at preventing violations.

For U.S. companies and persons to avoid the risk of being found guilty of violating sanctions, it is expected that an effective export compliance program is implemented. The U.S. Department of Commerce’s Bureau of Industry and Security suggest eight elements for an effective program:

  1. Statements and commitments from management
  2. Risk assessment of potential export violations
  3. Export authorization
  4. Effective record keeping
  5. Instituting training programs for employees
  6. Auditing records
  7. Detecting and correcting export violations
  8. Maintaining an export compliance manual

Generally, all U.S. business are not expected to perfect all eight elements, but any deviation from a robust compliance program poses a risk that an entity could be found in violation of the U.S. export regime. However, while a U.S. company may have a robust program, sanctioned states often use false flags or non-national facilitators to skirt even the most advanced programs. As a recent report from Arms Control Wonk and Reuters pointed out, the North Koreans are adept at falsifying addresses and names to circumvent sanctions programs. This flow of technology is not one way, either — recent reports point out that North Korea has used shell companies and various aliases to export various technologies, including facial recognition software to U.S. allies and encryption software in Asia.

One transaction involving the DPRK shell company Glocom that was widely reported last year demonstrates the ease with which North Korea is able to avoid technology control sanctions. Glocom used a network of Asian-based front companies to purchase components from electronic resellers, and the payment was even cleared through a U.S. bank account. Glocom, the company at the center of these transactions, was tied to Pan Systems Pyongyang via invoices uncovered by the UN and International Global System via WHOIS website registration data. Ryang Su Nyo is listed as a director of Pan Systems Pyongyang and a shareholder of International Global System, and Reuters has reported that Ryang reports to “Liaison Office 519,” a department within the North Korean Reconnaissance General Bureau.

Today, the varied interpretation of the term “luxury goods,” a sophisticated sanctions evasion operation, and lax enforcement of technology and electronics as a subcategory has created a situation where the Kim regime can acquire U.S. electronics, software, and hardware virtually at will. Technology resellers, North Koreans abroad, and the Kim regime’s extensive criminal networks all facilitate the transfer of American technology for daily use by one of the world’s most repressive governments. Unless there’s a globally unified effort to impose comprehensive sanctions on the DPRK, and multilateral cooperation to ensure that these sanctions cannot be thwarted by a web of shell companies, North Korea will be able to continue its cyberwarfare operations unabated with the aid of Western technology.

 

Rogue Meets Rogue, Obama and Iran

Posted on by

While the United States has terminated it’s role in the JCPOA, the Iranian nuclear deal, Europe appears to be dedicated to remain. Meanwhile, Israeli Prime Minister Benjamin Netanyahu is traveling in Europe meeting with leaders on the sole topic of Iran. As this item is published he is meeting with Theresa May of Britain.

***

On May 8, 2018, the President announced his decision to cease the United States’ participation in the Joint Comprehensive Plan of Action (JCPOA), and to begin re-imposing the U.S. nuclear-related sanctions that were lifted to effectuate the JCPOA sanctions relief, following a wind-down period.  In conjunction with this announcement, the President issued a National Security Presidential Memorandum (NSPM) directing the U.S. Department of the Treasury and other Departments and Agencies to take the actions necessary to implement his decision.
Consistent with the President’s guidance, Departments and Agencies will begin the process of  implementing 90-day and 180-day wind-down periods for activities involving Iran that were consistent with the U.S. sanctions relief specified in the JCPOA.  To effectuate the wind-down periods, today the State Department issued the necessary statutory sanctions waivers to provide for a wind-down period and plans to take appropriate action to keep such waivers in place for the duration of the relevant wind-down periods.  As soon as is administratively feasible, the Department of the Treasury’s Office of Foreign Assets Control (OFAC) expects to revoke, or amend, as appropriate, general and specific licenses issued in connection with the JCPOA.  At that time, OFAC will issue new authorizations to allow the wind down of transactions and activities that were authorized pursuant to the revoked or amended general and specific licenses.  At the end of the 90-day and 180-day wind-down periods, the applicable sanctions will come back into full effect.
OFAC posted today to its website additional frequently asked questions (FAQs) that provide guidance on the sanctions that are to be re-imposed and the relevant wind-down periods.
*** Iranian banks must comply with rules on money laundering ... photo

Why the big push on all of this? Iran has launched new uranium enrichment plans with meet the red line. But, could that enrichment exceed agreed limits? Yes and no one would know due in part to refused access by IAEA officials for inspection.

(Reuters) – Iran’s declaration that it could increase its uranium enrichment capacity if a nuclear deal with world powers falls apart risks sailing close to the “red line”, France’s foreign minister said on Wednesday. Supreme Leader Ayatollah Khamenei said on Monday he had ordered preparations to increase uranium enrichment capacity if the nuclear agreement collapsed after the United States withdrew from the deal last month.

It also informed the U.N. nuclear watchdog of “tentative” plans to produce the feedstock for centrifuges, which are the machines that enrich uranium.

“This initiative is unwelcome. It shows a sort of irritation,” Jean-Yves Le Drian told Europe 1 radio. “It is always dangerous to flirt with the red lines, but the initiative taken … remains totally within the framework of the Vienna (nuclear) deal.”

Tensions between Iran and the West have surged since President Donald Trump pulled the U.S. out of the 2015 nuclear deal with Tehran last month, calling it deeply flawed and reimposing unilateral sanctions.

European powers are scrambling to save the deal – under which Iran curbed its nuclear program in return for a lifting of international sanctions – as they regard it as the best chance to stop Tehran developing an atomic bomb.

However, they have warned Iran that if it were not to abide by the terms of the deal, then they would also be forced to pull out and reimpose sanctions as Washington has done.

“If they go to a higher level then yes the agreement would be violated, but they need to realize that if they do then they will expose themselves to new sanctions and the Europeans will not remain passive.”

Le Drian, who said Iran was for now still abiding by its commitments, was speaking a day after Israel’s leader urged France to turn its attention to tackling Iran’s “regional aggression”, saying he no longer needed to convince Paris to quit a 2015 nuclear deal between various world powers with Tehran as economic pressure would kill it anyway.

MSNBC Hires the Organizer of Obama's Iran Echo Chamber as ... photo

** There is yet another item that has bubbled to the surface. Enter Barack Obama.

(AP) — The Obama administration secretly sought to give Iran access — albeit briefly — to the U.S. financial system by sidestepping sanctions kept in place after the 2015 nuclear deal, despite repeatedly telling Congress and the public it had no plans to do so.

An investigation by Senate Republicans released Wednesday sheds light on the delicate balance the Obama administration sought to strike after the deal, as it worked to ensure Iran received its promised benefits without playing into the hands of the deal’s opponents. Amid a tense political climate, Iran hawks in the U.S., Israel and elsewhere argued that the United States was giving far too much to Tehran and that the windfall would be used to fund extremism and other troubling Iranian activity.

The report by the Senate Permanent Subcommittee on Investigations revealed that under President Barack Obama, the Treasury Department issued a license in February 2016, never previously disclosed, that would have allowed Iran to convert $5.7 billion it held at a bank in Oman from Omani rials into euros by exchanging them first into U.S. dollars. If the Omani bank had allowed the exchange without such a license, it would have violated sanctions that bar Iran from transactions that touch the U.S. financial system.

The effort was unsuccessful because American banks — themselves afraid of running afoul of U.S. sanctions — declined to participate. The Obama administration approached two U.S. banks to facilitate the conversion, the report said, but both refused, citing the reputational risk of doing business with or for Iran.

“The Obama administration misled the American people and Congress because they were desperate to get a deal with Iran,” said Sen. Rob Portman, R-Ohio, the subcommittee’s chairman.

Issuing the license was not illegal. Still, it went above and beyond what the Obama administration was required to do under the terms of the nuclear agreement. Under that deal, the U.S. and world powers gave Iran billions of dollars in sanctions relief in exchange for curbing its nuclear program. Last month, President Donald Trump declared the U.S. was pulling out of what he described as a “disastrous deal.”

The license issued to Bank Muscat stood in stark contrast to repeated public statements from the Obama White House, the Treasury and the State Department, all of which denied that the administration was contemplating allowing Iran access to the U.S. financial system.

Shortly after the nuclear deal was sealed in July 2015, then-Treasury Secretary Jack Lew testified that even with the sanctions relief, Iran “will continue to be denied access to the world’s largest financial and commercial market.” A month later, one of Lew’s top deputies, Adam Szubin, testified that despite the nuclear deal “Iran will be denied access to the world’s most important market and unable to deal in the world’s most important currency.”

Yet almost immediately after the sanctions relief took effect in January 2016, Iran began to complain that it wasn’t reaping the benefits it had envisioned. Iran argued that other sanctions — such as those linked to human rights, terrorism and missile development — were scaring off potential investors and banks who feared any business with Iran would lead to punishment. The global financial system is heavily intertwined with U.S. banks, making it nearly impossible to conduct many international transactions without touching New York in one way or another.

Former Obama administration officials declined to comment for the record.

However, they said the decision to grant the license had been made in line with the spirit of the deal, which included allowing Iran to regain access to foreign reserves that had been off-limits because of the sanctions. They said public comments made by the Obama administration at the time were intended to dispel incorrect reports about nonexistent proposals that would have gone much farther by letting Iran actually buy or sell things in dollars.

The former officials spoke on condition of anonymity because many are still involved in national security issues.

As the Obama administration pondered how to address Iran’s complaints in 2016, reports in The Associated Press and other media outlets revealed that the U.S. was considering additional sanctions relief, including issuing licenses that would allow Iran limited transactions in dollars. Democratic and Republican lawmakers argued against it throughout the late winter, spring and summer of 2016. They warned that unless Tehran was willing to give up more, the U.S. shouldn’t give Iran anything more than it already had.

At the time, the Obama administration downplayed those concerns while speaking in general terms about the need for the U.S. to live up to its part of the deal. Secretary of State John Kerry and other top aides fanned out across Europe, Asia and the Middle East trying to convince banks and businesses they could do business with Iran without violating sanctions and facing steep fines.

“Since Iran has kept its end of the deal, it is our responsibility to uphold ours, in both letter and spirit,” Lew said at the Carnegie Endowment for International Peace in March 2016, without offering details.

That same week, the AP reported that the Treasury had prepared a draft of a license that would have given Iran much broader permission to convert its assets from foreign currencies into easier-to-spend currencies like euros, yen or rupees, by first exchanging them for dollars at offshore financial institutions.

The draft involved a general license, a blanket go-ahead that allows all transactions of a certain type, rather than a specific license like the one given to Oman’s Bank Muscat, which only covers specific transactions and institutions. The proposal would have allowed dollars to be used in currency exchanges provided that no Iranian banks, no Iranian rials and no sanctioned Iranian individuals or businesses were involved, and that the transaction did not begin or end in U.S. dollars.

Obama administration officials at the time assured concerned lawmakers that a general license wouldn’t be coming. But the report from the Republican members of the Senate panel showed that a draft of the license was indeed prepared, though it was never published.

And when questioned by lawmakers about the possibility of granting Iran any kind of access to the U.S. financial system, Obama-era officials never volunteered that the specific license for Bank Muscat in Oman had been issued two months earlier.

According to the report, Iran is believed to have found other ways to access its money, possibly by exchanging it in smaller quantities through another currency.

The situation resulted from the fact that Iran had stored billions in Omani rials, a currency that’s notoriously hard to convert. The U.S. dollar is the world’s dominant currency, so allowing it to be used as a conversion instrument for Iranian assets was the easiest and most efficient way to speed up Iran’s access to its own funds.

For example: If the Iranians want to sell oil to India, they would likely want to be paid in euros instead of rupees, so they could more easily use the proceeds to purchase European goods. That process commonly starts with the rupees being converted into dollars, just for a moment, before being converted once again into euros.

U.S. sanctions block Iran from exchanging the money on its own. And Asian and European banks are wary because U.S. regulators have levied billions of dollars in fines in recent years and threatened transgressors with a cutoff from the far more lucrative American market.

Fed Gov Spent $76 Billion in 2017 for Cyber Security, Fail v Success

Posted on by

Go here for the Forum Part One

Go here for the Forum Part Two

Fascinating speakers from private industry, state government and the Federal government describe where we are, the history on cyber threats and how fast, meaning hour by hour the speed at which real hacks, intrusions or compromise happen.

David Hoge of NSA’s Threat Security Operations Center for non-classified hosts worldwide describes the global reach of NSA including the FBI, DHS and the Department of Defense.

NSA Built Own 'Google-Like' Search Engine To Share ... photo

When the Federal government spent $76 billion in 2017 and we are in much the same condition, Hoge stays awake at night.

With North Korea in the constant news, FireEye published a report in 2017 known as APT37 (Reaper): The Overlooked North Korea Actor. North Korea is hardly the worst actor. Others include Russia, China, Iran and proxies.

Targeting: With North Korea primarily South Korea – though also Japan, Vietnam and the Middle East – in various industry verticals, including chemicals, electronics, manufacturing, aerospace, automotive, and healthcare.
Initial Infection Tactics: Social engineering tactics tailored specifically to desired targets, strategic web compromises typical of targeted cyber espionage operations, and the use of torrent file-sharing sites to distribute malware more indiscriminately.
Exploited Vulnerabilities: Frequent exploitation of vulnerabilities in Hangul Word Processor (HWP), as well as Adobe Flash. The group has demonstrated access to zero-day vulnerabilities (CVE-2018-0802), and the ability to incorporate them into operations.
Command and Control Infrastructure: Compromised servers, messaging platforms, and cloud service providers to avoid detection. The group has shown increasing sophistication by improving their operational security over time.
Malware: A diverse suite of malware for initial intrusion and exfiltration. Along with custom malware used for espionage purposes, APT37 also has access to destructive malware.

More information on this threat actor is found in our report, APT37 (Reaper): The Overlooked North Korean Actor.

** NSA 'building quantum computer to crack security codes ...  photo

Beyond NSA, DHS as with other agencies have cyber divisions. The DHS cyber strategy is found here. The fact sheet has 5 pillars:

DHS CYBERSECURITY GOALS
Goal 1: Assess Evolving
Cybersecurity Risks.
We will understand the evolving
national cybersecurity risk posture
to inform and prioritize risk management activities.
Goal 2: Protect Federal Government
Information Systems.
We will reduce vulnerabilities of federal agencies to ensure they achieve
an adequate level of cybersecurity.
Goal 3: Protect Critical
Infrastructure.
We will partner with key stakeholders
to ensure that national cybersecurity
risks are adequately managed.
Goal 4: Prevent and Disrupt Criminal
Use of Cyberspace.
We will reduce cyber threats by
countering transnational criminal
organizations and sophisticated cyber
criminals.
Goal 5: Respond Effectively to Cyber
Incidents.
We will minimize consequences from
potentially significant cyber incidents
through coordinated community-wide
response efforts.
Goal 6: Strengthen the Security and
Reliability of the Cyber Ecosystem.
We will support policies and activities
that enable improved global cybersecurity risk management.
Goal 7: Improve Management of
DHS Cybersecurity Activities.
We will execute our departmental
cybersecurity efforts in an integrated
and prioritized way.

Related reading:National Protection and Programs Directorate

NPPD’s vision is a safe, secure, and resilient infrastructure where the American way of life can thrive.  NPPD leads the national effort to protect and enhance the resilience of the nation’s physical and cyber infrastructure.

*** Going forward as devices are invented and added to the internet and rogue nations along with criminal actors, the industry is forecasted to expand with experts and costs.

Research reveals in its new report that organizations are expected to increase spending on IT security by almost 9% by 2018 to safeguard their cyberspaces, leading to big growth rates in the global markets for cyber security.

The cyber security market comprises companies that provide products and services to improve security measures for IT assets, data and privacy across different domains such as IT, telecom and industrial sectors.

The global cyber security market should reach $85.3 billion and $187.1 billion in 2016 and 2021, respectively, reflecting a five-year compound annual growth rate (CAGR) of 17.0%. The American market, the largest segment, should grow from $39.5 billion in 2016 to $78.0 billion by 2021, demonstrating a five-year CAGR of 14.6%. The Asia-Pacific region is expected to grow the fastest among all major regions at a five-year CAGR of 21.4%, due to stringent government policies to mitigate cyber threats, and a booming IT industry.

Factors such as the growing complexity and frequency of threats, increasing severity of cyber security, stringent government regulations and compliance requirements, ubiquity of online communication, digital data and social media cumulatively should drive the market. Moreover, organizations are expected to increase IT spending on security solutions and services, as well. Rising adoption of technologies such as Internet of things, evolution of big data and cloud computing, increasing smartphone penetration and the developing market for mobile and web platforms should provide ample opportunities for vendors.

By solution type, the banking and financial segment generated the most revenue in 2015 at $22.2 billion. However, the defense and intelligence segment should generate revenues of $50.7 billion in 2021 to lead all segments. The healthcare sector should experience substantial growth with an anticipated 16.2% five-year CAGR.

Network security, which had the highest market revenue in 2015 based on solution type, should remain dominant through the analysis period. Substantial growth is anticipated in the cloud security market, as the segment is expected to have a 27.2% five-year CAGR, owing to increasing adoption of cloud-based services across different applications.

“IT security is a priority in the prevailing highly competitive environment,” says BCC Research analyst Basudeo Singh. “About $100 billion will be spent globally on information security in 2018, as compared with $76.7 billion in 2015.”

Trump Admin Imposes More Sanctions on Iran

Posted on by

I can think of a few that are missing, but this is a good start.

Primer: For context on Iranian activities/ Azadeh deplaned, exited customs and collected her bags. Suddenly, according to Azadeh, she was encircled by five agents of Iran’s Revolutionary Guard (IRGC), who informed her of her arrest on national security grounds. Her belongings were confiscated. She was handcuffed, blindfolded and pushed into the back seat of a car, where a female IRGC agent forced her to rest her head in the agent’s lap to avoid detection. “Where are we going?” Azadeh asked, as they sped through Tehran. “Evin Prison,” her captor replied. And here began Azadeh’s months-long nightmare in the fetid dungeons of the Islamic Republic. Read more here. (It is a must read)

Barbaric attack on Iran’s political prisoners draws ... photo

Washington – Today, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) designated two Iranian entities for committing serious human rights abuses on behalf of the Government of Iran, as well as three leaders of one of these entities, the Ansar-e Hizballah organization.  Additionally, OFAC designated an entity that has operated information or communications technology that facilitates monitoring or tracking that could assist or enable serious human rights abuses by or on behalf of the Government of Iran.  Finally, OFAC designated two individuals for engaging in censorship activities that prohibit, limit, or penalize the exercise of freedom of expression or assembly by citizens of Iran, and one individual for acting for or on behalf of an entity engaged in such censorship activities.  These designations come in the wake of recent protests by the Iranian people and the regime’s subsequent brutal crackdown.

“Iran not only exports terrorism and instability across the world, it routinely violates the rights of its own people.  The Iranian regime diverts national resources that should belong to the people to fund a massive and expensive censorship apparatus and suppress free speech,” said Treasury Secretary Steven T. Mnuchin.  “Those who speak out against the regime’s mismanagement and corruption are subject to abuse and mistreatment in Iran’s prisons.  America stands with the people of Iran, and Treasury is taking action to hold the Iranian regime accountable for ongoing human rights abuses, censorship, and other despicable acts it commits against its own citizens.”

Today’s actions target the Iranian regime’s repression of its own people and the suppression of their freedoms of speech, expression, and peaceful assembly.  As President Trump emphasized in his May 8, 2018 announcement of his decision to cease the United States’ participation in the Joint Comprehensive Plan of Action (JCPOA), the United States will not allow Iran’s malign behavior to go unchecked.  These actions show a desire to hold malicious actors accountable for their actions even as they try to hide from international scrutiny.

Ansar-e Hizballah and Associated Individuals

OFAC is designating Ansar-e Hizballah for its role in serious human rights abuses in Iran.  Additionally, OFAC designated three individuals for acting for or on behalf of the organization. Ansar-e Hizballah was designated pursuant to Executive Order (E.O.) 13553 for being an official of the Government of Iran or a person acting on behalf of the Government of Iran (including members of paramilitary organizations) who is responsible for or complicit in, or responsible for ordering, controlling, or otherwise directing, the commission of serious human rights abuses against persons in Iran or Iranian citizens or residents, or the family members of the foregoing.

Ansar-e Hizballah has been involved in the violent suppression of Iranian citizens and has collaborated with the Basij to violently attack Iranian students with knives, tear gas, and electric batons.  The Basij Resistance Force was designated pursuant to E.O. 13553 on June 9, 2011 for committing serious human rights abuses in Iran.

An organization supported by the Iranian regime that harasses and attacks the Iranian people, Ansar-e Hizballah has been linked to acid attacks against women in the city of Isfahan.  Multiple women who were not dressed in accordance with the regime’s standards had acid thrown at them, severely injuring them and creating a climate of fear.

Abdolhamid Mohtasham is being designated pursuant to E.O. 13553 for acting for or on behalf of Ansar-e Hizballah.  As a founding member and key leader of the group, Abdolhamid Mohtasham plays a significant role in overseeing the group’s actions.  He has threatened to use Ansar-e Hizballah to patrol Iranian streets and attack women whom he deems to be unvirtuous.

Hossein Allahkaram is being designated pursuant to E.O. 13553 for acting for or on behalf of Ansar-e Hizballah.  In 2011 the European Union sanctioned Hossein Allahkaram for co-founding and leading Ansar-e Hezbollah, noting that under his leadership the group used extreme violence during multiple crackdowns on student protestors.

Lastly, Hamid Ostad is being designated pursuant to E.O. 13553 for acting for or on behalf of Ansar-e Hizballah.  Hamid Ostad, who founded the Mashhad branch of Ansar-e Hizballah, was implicated in a mob attack against the Saudi Arabia Consulate in Mashhad.

Evin Prison

OFAC is designating Evin Prison pursuant to Executive Order (E.O.) 13553 for being a person acting on behalf of the Government of Iran (including members of paramilitary organizations) who is responsible for or complicit in, or responsible for ordering, controlling, or otherwise directing, the commission of serious human rights abuses against persons in Iran or Iranian citizens or residents, or the family members of the foregoing.

Prisoners held at Evin Prison are subject to brutal tactics inflicted by prison authorities, including sexual assaults, physical assaults, and electric shock.  Iran’s Ministry of Intelligence and Security (MOIS) and Islamic Revolutionary Guard Corps (IRGC) maintain permanent wards in Evin Prison where they hold political prisoners.  And while senior regime officials regularly downplay the torture and abuse that occurs in Evin Prison, the abuse of prisoners, including political prisoners, continues once sham inspections into the prison conditions end.

Iran’s MOIS was designated pursuant to E.O. 13553 on February 16, 2012 for committing serious human rights abuses in Iran.  The IRGC was designated pursuant to Executive Order 13553 on June 9, 2011 for committing serious human rights abuses in Iran.

Hanista Programming Group

OFAC is designating Iran-based Hanista Programing Group pursuant to E.O. 13606 for having operated, or having directed the operation of, information and communications technology that facilitates computer or network disruption, monitoring, or tracking that could assist in or enable serious human rights abuses by or on behalf of the Government of Iran.

Hanista Programing Group is responsible for creating and distributing alternative versions of the popular messaging and social media application Telegram that facilitate the Iranian regime’s monitoring and tracking of Iranian and international users.

Hanista Programing Group developed two social media applications called Mobogram and MoboPlus and embedded malicious content in them that facilitates the monitoring and tracking of Iranian citizens.  This monitoring and tracking functionality could assist or enable serious human rights abuses by the Government of Iran, including the IRGC and MOIS.

Designation of Two Iranian Regime Officials for Censorship Activities

OFAC is designating Abolhassan Firouzabadi and Abdolsamad Khoramabadi pursuant to E.O. 13628 for having engaged in censorship or other activities with respect to Iran that prohibit, limit, or penalize the exercise of freedom of expression or peaceful assembly by citizens of Iran, or that limit access to print or broadcast media.

Abolhassan Firouzabadi is responsible for the Iranian government’s efforts to block social media applications like Telegram and to force Iranians to use state-run applications that are monitored by the regime.  As the Secretary of Iran’s Supreme Council of Cyberspace, Abolhassan Firouzabadi heads the country’s top Internet policymaking body and oversees the regime’s attempts to censor speech and media.

The Supreme Council of Cyberspace was designated pursuant to E.O. 13628 on January 12, 2018.

As the Secretary of the Committee to Determine Instances of Criminal Content, Abdolsamad Khoramabadi has overseen the filtering and blocking of political content during elections.  In 2017, Abdolsamad Khoramabadi tasked the Basij to lead the regime’s crackdown on cyber activity, and claimed that the country had thousands of monitors to report violations of websites and social media networks.

The Committee to Determine Instances of Criminal Content was designated pursuant to E.O. 13628 on May 30, 2013.

Designation of the Director of Islamic Republic of Iran Broadcasting (IRIB)

Lastly, OFAC is designating Abdulali Ali-Asgari pursuant to E.O. 13628 for acting for or on behalf of IRIB.

Abdulali Ali-Asgari is the current Director General of IRIB and has acted on behalf of the organization, including representing the organization in international for a.

The IRIB was designated pursuant to E.O. 13628 on February 6, 2013 for restricting or denying the free flow of information to or from the Iranian people.  IRIB was implicated in censoring multiple media outlets and airing forced confessions from political detainees.

As a result of these actions, all property and interests in property of the persons designated today that are in the United States or in the possession or control of U.S. persons must be blocked and reported to OFAC, and U.S. persons are generally prohibited from engaging in transactions with such persons.  In addition, foreign financial institutions that knowingly facilitate significant transactions for, or persons that provide material or certain other support to, the individuals and entities designated today risk exposure to sanctions that could sever their access to the U.S. financial system or block their property and interests in property subject to U.S. jurisdiction.

Identifying information on the individuals and entities designated today.

####

Trumps’ 3 Executive Orders Take on Government Employees

Posted on by

Union Helps New Jobs In L.A. Go To 'Pot'

Primer: Why are there unions in the Federal government anyway? Anyone?

Highlights from the 2017 data:

–The union membership rate of public-sector workers (34.4 percent)
continued to be more than five times higher than that of private-
sector workers (6.5 percent). (See table 3.)

–Workers in protective service occupations and in education, training,
and library occupations had the highest unionization rates (34.7
percent and 33.5 percent, respectively). (See table 3.)

–Men continued to have a higher union membership rate (11.4 percent)
than women (10.0 percent). (See table 1.)

–Black workers remained more likely to be union members than White,
Asian, or Hispanic workers. (See table 1.)

–Nonunion workers had median weekly earnings that were 80 percent of
earnings for workers who were union members ($829 versus $1,041). (The
comparisons of earnings in this release are on a broad level and do not
control for many factors that can be important in explaining earnings
differences.) (See table 2.)

–Among states, New York continued to have the highest union membership
rate (23.8 percent), while South Carolina continued to have the lowest
(2.6 percent). (See table 5.)

Trump signs executive orders making it easier to fire feds, overhaul official time

President Donald Trump signed three executive orders Friday that aim to reduce the time it takes to fire poor-performing federal employees and overhaul federal employees union rights, including cuts to official time.

In a conference call with reporters on Friday, senior White House officials said the executive orders call back to a promise Trump made at his State of the Union address, in which he sought to empower every cabinet secretary with the authority to award good federal employees and to remove poor performers more quickly.

“Today, the president is fulfilling his promise to promote more efficient government by reforming our civil service rules,” said Andrew Bremberg, the assistant to the president and the director of the Domestic Policy Council. “These executive orders will make it easier to remove poor-performing employees and ensure that taxpayer dollars are more efficiently used.”

One of the executives orders aims to make it easier for agencies to fire poor-performing employees and makes it harder for those employees to hide adverse employment information when seeking re-employment at another agency.

The Government Accountability Office has found it takes between six months and a year, on average, to remove federal employees flagged for misconduct, plus an average of eight more months to resolve appeals.

“Every year, the Federal Employee Viewpoint Survey has consistently shown that less than one-third of federal employees believe the poor performers are adequately addressed by their agency,” Bremberg said.

Under this EO, agencies will be required to report disciplinary actions records and management of poor performers to the Office of Personnel Management.

Data from the Office of Personnel Management shows that federal employees are 44 times less likely to be fired than a private-sector worker.

The Trump administration first sought to make it easier to fire federal employees under the  VA Accountability and Whistleblower Protection Act.

Under that authority, the Veterans Affairs Department, under the first full year of the Trump administration, fired 2,537 people — about 500 more federal employees than the agency let go in 2016.

Cuts to official time

A second executive order would significantly reduce the amount of time that federal employees can be paid for union work while on-the-clock.

Under the executive order, federal employees would not be able to spend any more than 25 percent of their work hours on through official time.

The executive order calls on agencies to renegotiate contracts with labor unions and reduce official time by about two-thirds.

The White House claims more than 470 Veterans Affairs Department employees, including 47 full-time nurses, spend 100 percent of their work-hours on union-related business.

Renegotiated labor contracts

A third executive order would curtail the labor contract bargaining window between government and unions.

The terms of regotiated contracts would be overseen by a new Labor Relations Working Group, which the EO orders OPM to establish.

In addition, the executive order would require federal union contracts be posted to an online database, with the goal of promoting transparency.

Senior White House officials said a drawn-out bargaining benefits union negotiations. Federal agencies, they said, paid $16 million in salaries for union negotiators in 2016.

Elevating federal workforce? Or an ‘assault’ on feds?

OPM Director Jeff Pon said the executive orders will protect federal employees who are doing their jobs, while making it more efficient to remove those who are not.

“By holding poor performers accountable, reforming the use of taxpayer-funded union time, and focusing negotiations on issues that matter, we are advancing our efforts to elevate the federal workforce.  The vast majority of our employees are dedicated public servants who are dedicated to their missions and service to the American people.  It is essential that we honor their commitment, and these measures reflect just that,” Pon said in a statement.

J. David Cox, the president of the American Federation of Government Employees, said the president’s trio of executive orders would chip away at federal employees rights.

“This is President Trump taking retribution on an apolitical civil service workforce,” Cox said.

National Treasury Employees Union President Tony Reardon called the executives orders “an assault on federal employees.”

“Rather than promote efficiency in the federal sector, the administration is demanding federal workers lose their ability to challenge unfair, arbitrary and discriminatory firings and other actions. This would begin the process of dismantling the merit system that governs our civil service,” Reardon said in a statement.

Senate Homeland Security and Governmental Affairs Committee Chairman Ron Johnson (R-Wis.), signaled his support for the executive orders.

“These reforms will improve accountability and productivity in the federal workforce, and I applaud the Trump administration for taking action to restore the public interest as the top priority of government operations,” Johnson said.

Sen. James Lankford (R-Okla.), the chairman of the Regulatory Affairs and Federal Management Subcommittee, said the EOs would reign in employee unions’ influence over government operations.

“These executive orders strive to make the federal government more efficient, not only for the taxpayer, but for our great federal workers. We have thousands of federal employees who work very hard for the nation; it’s important that their work is not frustrated by the poor performance of a small few,” Lankford said.