POTUS Granted Refugee Status to Terror Connectors

Courtesy of Judicial Watch:

During Fiscal Year 2014, U.S. Citizenship and Immigration Services (USCIS) applied 1,519 exemptions to individual applicants under the Secretary of Homeland Security’s exercises of discretionary authority.1 Of those 1,519 exemptions:

 

 806 were processed for refugee applicants,

 19 were processed for asylum applicants,

 614 were processed for applicants for lawful permanent resident status,

 29 were processed for beneficiaries of petitions for derivative refugee or asylum status,

 34 were processed for applicants for Temporary Protected Status,

 9 were processed for applicants for Nicaraguan Adjustment and Central American Relief Act (NACARA); and

 7 were processed for applicants for relief before the U.S. Department of Justice Executive Office for Immigration Review (EOIR).

Regarding the reasons for the 1,519 exemptions:

 627 were processed for an applicant’s provision of material support, while under duress, to an undesignated terrorist organization as defined at INA section 212(a)(3)(B)(vi)(III), 8 U.S.C. § 1182(a)(3)(B)(vi)(III) (Tier III terrorist organization), under the Secretary of Homeland Security’s February 26, 2007 exercise of authority relating to Tier III organizations,

 189 were processed for an applicant’s provision of material support, while under duress, to a designated terrorist organization as defined under INA section 212(a)(3)(B)(vi)(I)-(II), 8 U.S.C. § 1182(a)(3)(B)(vi)(I)-(II) (Tier I or II terrorist organization), under the Secretary’s April 27, 2007 exercise of authority relating to Tier I and Tier II organizations,

 9 were processed for an applicant’s receipt of military-type training, while under duress, from a terrorist organization, under the Secretary’s January 7, 2011 exercise of authority relating to Tier I, Tier II and Tier III organizations,

 28 were processed for an applicant’s provision of voluntary medical care to members of a terrorist organization in the course of their professional responsibilities without assisting in the violent activities of an organization or individual, under the Secretary’s October 13, 2011 exercise of authority relating to Tier I, Tier II and Tier III organizations,

37 were processed for certain qualified aliens with existing immigration benefits under the Limited General Exemption2 who: provided material support to, solicited funds for, solicited individuals for membership in or received military-type training from certain qualified Tier III terrorist organizations, under the Secretary’s August 10, 2012 exercise of authority relating to certain Tier III organizations;3 and

 628 were processed for applicants who had certain activities or affiliations with specific groups which the Secretary of Homeland Security, in consultation with the Secretary of State and the Attorney General, has approved for consideration of an exemption.4

Exemptions allow certain refugees and other aliens the opportunity to receive a benefit or protection following the successful completion of a thorough vetting process. USCIS procedures require that all applicants’ names and fingerprints be checked against a broad array of records of individuals known to be security threats, including the terrorist watch list, and those of law enforcement concern. In addition to rigorous background vetting, including checks coordinated across several government agencies, the Secretary of Homeland Security’s discretionary authority is only applied on a case-by-case basis after careful review of all factors and all security checks have cleared.

Read the full DHS report here.

 

Obama vs. China President Xi, Hacking

A new unit of the People’s Liberation Army was identified last week by cyber security researchers as Unit 78020 based in Kunming, in Yunnan Province.
The unit’s operations have been tracked for five years and have included targeted attacks on states in the region that are challenging Beijing’s strategic program of seeking to control the sea through building up small islands and reefs and then deploying military forces on them.
“Unit 78020 conducts cyber espionage against Southeast Asian military, diplomatic, and economic targets,” according to a security report on the unit that included a satellite photo of the unit’s Kunming compound.
“The targets include government entities in Cambodia, Indonesia, Laos, Malaysia, Myanmar, Nepal, the Philippines, Singapore, Thailand, and Vietnam as well as international bodies such as United Nations Development Program (UNDP) and the Association of Southeast Asian Nations (ASEAN).” More details here.

Chinese president Xi Jinping is supposed to have dinner this evening with U.S. president Barack Obama. Wonder if the name Ge Xing will come up?Ge Xing is the subject of a joint report published this morning by ThreatConnect and Defense Group Inc., computer and national security service providers respectively. Ge is alleged to be a member of the People’s Liberation Army unit 78020, a state-sponsored hacking team whose mission is to collect intelligence from political and military sources to advance China’s interests in the South China Sea, a key strategic and economic region in Asia with plenty of ties to the U.S.

The report connects PLA 78020 to the Naikon advanced persistent threat group, a state-sponsored outfit that has followed the APT playbook to the letter to infiltrate and steal sensitive data and intellectual property from military, diplomatic and enterprise targets in a number of Asian countries, as well as the United Nations Development Programme and the Association of Southeast Asian Nations (ASEAN).

Control over the South China Sea is a focal point for China; through this region flows trillions of dollars of commerce and China has not been shy about claiming its share of the territory. The report states that China uses its offensive hacking capabilities to gather intelligence on adversaries’ military and diplomatic intentions in the regions, and has leveraged the information to strengthen its position.“The South China Sea is seen as a key geopolitical area for China,” said Dan Alderman, deputy director of DGI. “With Naikon, we see their activity as a big element of a larger emphasis on the region and the Technical Reconnaissance Bureau fitting into a multisector effort to influence that region.”The report is just the latest chess piece hovering over Jinping’s U.S. visit this week, which began in earnest yesterday with a visit to Seattle and meetings with giant technology firms such as Microsoft, Apple and Google, among others.

Those companies want to tap into the growing Chinese technology market and the government there is using its leverage to get them to support stringent Internet controls imposed by the Chinese government. A letter sent to American technology companies this summer, a New York Times report last week, said that China would ask American firms to store Chinese user data in China. China also reportedly asked U.S.-built software and devices sold in China to be “secure and controllable,” which likely means the Chinese would want backdoor access to these products, or access to private encryption keys.Jinping, meanwhile, tried to distance himself from the fray when he said in a Wall Street Journal interview: “Cyber theft of commercial secrets and hacking attacks against government networks are both illegal; such acts are criminal offences and should be punished according to law and relevant international conventions.”Journal reporter Josh Chin connected with Ge Xing over the phone and Ge confirmed a number of the dots connected in the report before hanging up on the reporter and threatening to report him to the police.

While that never happened, the infrastructure connected to Ge and this slice of the Naikon APT group, was quickly shut down and taken offline. In May, researchers at Kaspersky Lab published a report on Naikon and documented five years of activity attributed to the APT group. It describes a high volume of geo-politically motivated attacks with a high rate of success infiltrating influential organizations in the region. The group uses advanced hacking tools, most of which were developed externally and include a full-featured backdoor and exploit builder.Like most APT groups, they craft tailored spear phishing messages to infiltrate organizations, in this case a Word or Office document carrying an exploit for CVE-2012-0158, a favorite target for APT groups. The vulnerability is a buffer overflow in the ActiveX controls of a Windows library, MSCOMCTL.OCX. The exploit installs a remote administration tool, or RAT, on the compromised machine that opens a backdoor through which stolen data is moved out and additional malware and instructions can be moved in.Chin’s article describes a similar attack initiated by Ge, who is portrayed not only as a soldier, but as an academic.

The researchers determined through a variety of avenues that Ge is an active member of the military, having published research as a member of the military, in addition to numerous postings to social media as an officer and via his access to secure locations believed to be headquarters to the PLA unit’s technical reconnaissance bureau.“Doing this kind of biopsy, if you will, of this threat through direct analysis of the technical and non-technical evidence allows us to paint a picture of the rest of this group’s activity,” said Rich Barger, CIO and cofounder of ThreatConnect. “We’ve had hundreds of hashes, hundreds of domains, and thousands of IPs [related to PLA unit 78020].

Only looking at this from a technical lens only gives you so much. When you bring in a regional, cultural and even language aspect to it, you can derive more context that gets folded over and over into the technical findings and continues to refine additional meaning that we can apply to the broader group itself.”The report also highlights a number of operational security mistakes Ge made to inadvertently give himself away, such as using the same handle within the group’s infrastructure, even embedding certain names in families of malware attributed to them. All of this combined with similar mistakes made across the command and control infrastructure and evidence pulled from posts on social media proved to be enough to tie Ge to the Naikon group and elite PLA unit that is making gains in the region.“If you look at where China is and how assertive they are in region, it might be a reflection of some of the gains and wins this group has made,” Barger said. “You don’t influence what they’re influencing in the region if you don’t have the intel support capabilities fueling that operational machine.”

 

Democrats, the Planned Parenthood Lifeline, Hearing

Listening to the hearing today with the CEO of Planned Parenthood is chilling. She is flanked by a set of lawyers and her responses are either non-responses, twisted replies or she does not have statistics or facts at hand.

A question was asked by a Democrat if abortion was legal, the response was ‘yes’. The follow up question was, ‘is an abortion a Constitutional right?’, the response by Richards was :YES!  How can that be? Anyone?

Meanwhile, the Democrats on the House hearing panel continue to state the collection of videos are either fake or doctored. CEO, Cecile Richards of Planned Parenthood has too admitted she has not seen the videos but states she has read the transcripts. In order to protect or defend her organization, why no see the videos in their entirety?

Additionally, the videos have been sent to an independent organization to determine forensic alterations. The verdict is below.

Forensic Analysis: Planned Parenthood Videos Are ‘Authentic’

TheDailySignal:

A forensic analysis of undercover videos about Planned Parenthood’s abortion practices are “authentic and show no evidence of manipulation or editing,” according to a report released Tuesday by Alliance Defending Freedom.

The analysis was completed by Coalfire, a digital security and forensics firm that has worked on civil and criminal investigations. The firm had access to all audio and video investigative footage recorded by the Center for Medical Progress.

“The Coalfire forensic analysis removes any doubt that the full length undercover videos released by Center for Medical Progress are authentic and have not been manipulated,” said Casey Mattox, senior counsel at Alliance Defending Freedom. “Analysts scrutinized every second of video recorded during the investigation and released by CMP to date and found only bathroom breaks and other non-pertinent footage had been removed.”

According to the report, the videos only omit footage irrelevant to the allegations such as bathroom breaks.

“Planned Parenthood can no longer hide behind a smokescreen of false accusations,” Mattox said, “and should now answer for what appear to be the very real crimes revealed by the CMP investigation.”

“American taxpayer money should be redirected to fund local community health centers and not subsidize a scandal-ridden, billion-dollar abortion business,” Kerri Kupec, legal communications director for Alliance Defending Freedom said in a statement.

“Planned Parenthood is an organization that cares about one thing: making a profit at the expense of women’s health,” she added. “The investigative videos, whose authenticity was confirmed by the report, show that Planned Parenthood is an abortion-machine whose top executives and doctors haggle and joke about the harvesting and selling of baby body parts. Women deserve far better.”

Spokespersons for Planned Parenthood have denied illegal conduct. Last month, the organization commissioned their own analysis of the videos which claimed that the “edited” videos “have no evidentiary value in a legal context and cannot be relied upon for any official inquiries.”

The Daily Signal previously reported that the firm hired by Planned Parenthood, Fusion GPS, has ties to the Democratic Party, including an effort to expose a group of eight private citizens who donated to a super PAC supporting former Massachusetts Gov. Mitt Romney’s 2012 presidential campaign.

Planned Parenthood Forensic Analysis Report

 

How Does the Syrian War End?

For the United States, there is a ripple affect already and Congressma McCaul is but one legislator that has introduce a bill to stop the insurgency in the United States.

WASHINGTON, DC– Today, Congressman Michael McCaul, Chairman of the House Committee on Homeland Security, introduced the Refugee Resettlement Oversight and Security Act. If enacted into law, this legislation would give the American people’s representatives the chance to vote up or down on the President’s plan to resettle 10,000 Syrian refugees into the United States and improve the security vetting process.  Specifically, this bill will:

  • Require affirmative approval by both the House and Senate before any refugees are admitted to the U.S.
  • Allow Congress to block any inadequate refugee resettlement plan put forward by the President.
  • Require the Administration, when considering the admission of refugees from Iraq and Syria, to prioritize the resettlement of oppressed religious minorities.
  •  Ensure DHS, in coordination with DNI and FBI, provides new security assurances before admitting refugees into the country and for the Governmental Accountability Office to conduct a sweeping review of security gaps in the current refugee screening process.

McCaul: “Many Americans are understandably concerned about the threat posed by inadequate security screening procedures for refugee seeking entry into the United States.  ISIS themselves have stated their intention to take advantage of the crisis to infiltrate the west. We have to take this threat seriously.

This bill will rein in the Administration’s refugee resettlement plans and give Congress more control over the process by requiring the Administration to get affirmative approval from Congress through the enactment of a joint resolution before any refugees may be admitted into the United States.

These important security updates to the refugee process are necessary for not only the security of the United States, but for the safety of the refugees.”

Syria is a mess, Mr Obama. Tell me how this ends

“Tell me how this ends.” That was the remark David Petraeus, the US general who led the “surge” in Iraq, is said to have made on his first post-invasion visit to the country.

It proved an eerily prescient comment. The US soon found it was unable to end its war in Iraq on its own terms. For the Middle East, that war has not yet ended at all.

Tell me how this ends. The same charge might be levelled at Barack Obama over Syria. In the month in which Russia’s introduction of military hardware into the Syrian conflict has decisively changed its trajectory, America and its allies now look like the only group without a plan.

That’s the reality that lies behind the words of Barack Obama and Francois Hollande in New York. Despite their insistence that Bashar Al Assad must go – although perhaps not just yet – and that the regime cannot be pardoned, although it can perhaps be “worked with”, their actions send a much clearer message. No one in the West knows how this ends.

In Damascus, in Moscow, in Tehran and even in Raqqa, they know how this ends. Every one of those players in the Syrian civil war has a clear end in mind. They know their goal and they are seeking it, day after day.

The Assad regime knows exactly how this ends: with its survival. The regime, father and son, has been preparing for this moment for decades, preparing for a serious challenge to its authority.

In the years before Hafez Al Assad came to power in 1970, there were seven coups in Damascus. In the 45 years since, there have been none.

ISIL, too, have an end in mind, the carving out of a caliphate. They have not been preparing for it as long as the Assads, but they have been preparing: solidifying alliances through politics and marriage; gaining intelligence on their enemies; forging links with jihadis abroad and creating a vast online propaganda network that brings in men and money.

Both Russia and Iran also have an end in mind, and it is nothing less than the replacement of the US-Israel axis with one of their own. Already they are laying the groundwork.

Almost unremarked amid coverage of the theatrics at the United Nations in New York, was a small announcement by Iraq that it would now share intelligence with Syria, Iran and Russia.

Ostensibly, this communication is only about the fight against ISIL. But a Kremlin-backed network now runs from Tehran, through Baghdad and Damascus, and even, via Hizbollah, into Lebanon. A new axis is being formed, while America is distracted.

A turning point has been reached with the entry of Russia. And, once again, the western powers are divided, unable to agree among themselves what result they want and how best to achieve it.

This was exactly what happened the last time there was a turning point, just over two years ago, when the Assad regime used chemical weapons against civilians in Ghouta, a suburb of the capital.

Then, as now, the unwillingness of the United States to do anything – even in violation of its own “red lines” – had wide repercussions. Inaction carries consequences.

One of the reasons why the refugee crisis in Europe became acute over the summer was an intangible feeling among those inside Syria and in neighbouring countries that the war was not coming to an end soon, and so it would be better to restart their lives elsewhere, rather than remain in perpetual limbo. It is not far-fetched to imagine that the inaction of the West contributed to this feeling – and thus, in a roundabout way, European countries contributed to the migrant crisis becoming worse.

That, precisely, is what is wrong with the West’s analysis of the Syrian civil war. It is too complex. In particular, America’s strategy seeks to take into account too many factors: how will intervention play at home? Will they call this another Iraq? What about the nuclear deal with Iran? What about Russia’s role in Ukraine? What will Israel, Saudi Arabia and Turkey think?

There is much truth to the label of “philosopher-in-chief” often pinned on Mr Obama by his enemies. Seeking the perfect policy, with the fewest consequences, he has ended up enacting a policy of inaction – a policy which, of course, brings with it its own set of consequences.

America will come to deeply regret its mistakes in Syria, even more, perhaps, than its mistakes in Iraq. Allowing an old rival to re-enter the Middle East will make America’s ability to project power in Asia much harder. Vladimir Putin appears to understand the optics of power much better than Mr Obama. Weakness in one sphere makes it harder to project power in another.

All across Asia, America’s traditional allies will be warily eyeing Russia’s re-entry, looking hard at the consequences of their alliance with America and wondering: “Tell me how this ends.”

[email protected]

Hotel Chains Credit Cards Hacked

Not the first case for hotel chains not protecting guest records.

FromHotelManagement: A U.S. appeals court said the Federal Trade Commission has authority to regulate corporate cyber security, and may pursue a lawsuit accusing hotel operator Wyndham Worldwide Corp of failing to properly safeguard consumers’ information.

The 3-0 decision by the 3rd U.S. Circuit Court of Appeals in Philadelphia on Monday upheld an April 2014 lower court ruling allowing the case to go forward. The FTC wants to hold Wyndham accountable for three breaches in 2008 and 2009 in which hackers broke into its computer system and stole credit card and other details from more than 619,000 consumers, leading to over $10.6 million in fraudulent charges.

The FTC originally sued Wyndham in 2012 over the lack of security that led to its massive hack. But before the case proceeded, Wyndham appealed to a higher court to dismiss it, arguing that the FTC didn’t have the authority to punish the hotel chain for its breach. The third circuit court’s new decision spells out that Wyndham’s breach is exactly the sort of “unfair or deceptive business practice” the FTC is empowered to stop, reports Wired.

BusinessInsider: In August, Visa alerted numerous financial institutions of a breach. Five different banks determined the commonality between the cards included in that alert was that they were used at Hilton properties — including Embassy Suites, Doubletree, Hampton Inn and Suites, and the upscale Waldorf Astoria Hotels & Resorts, Krebs reports.

Hilton Hotels investigates customer credit card security hack

FNC: Hilton Hotels announced that it is looking into a possible security breach that occurred at gift shops, restaurants, bars, and other stores located on Hilton owned properties across the U.S.

According to cyber-security expert Brian Krebs, Visa sent confidential alerts to several financial institutions warning of a security breach at various retail locations earlier this year from April 21 to July 27. While the alerts named individual card numbers that had allegedly been compromised, per Visa’s policy, the notifications did not name the breached retail location. But sources at five different banks have now determined that the hacks all had one thing in common–they occurred at Hilton property point-of-sale registers.

Currently, the breach does not appear to have comprised the guest reservation systems at the associated properties. The company released the following statement regarding the incident:

“Hilton Worldwide is strongly committed to protecting our customers’ credit card information. We have many systems in place and work with some of the top experts in the field to address data security.  Unfortunately the possibility of fraudulent credit card activity is all too common for every company in today’s marketplace.  We take any potential issue very seriously, and we are looking into this matter.”

The breach includes other Hilton brand name properties including Embassy Suites, Doubletree, Hampton Inn and Suites, and Waldorf Astoria Hotels & Resorts. The hotel group is advising customers who may have made purchases at Hilton properties during the time indicated to carefully scan bank records for any unusual activity and contact their bank immediately.

According to USA Today, evidence from the investigation indicates that the hack may have affected credit card transactions as far back as Nov. 2014 and security breaches could possibly be ongoing.