Russia Funds and Manages Conflict in Ukraine, 11,000 Dead

Ukraine, the forgotten war:

The situation in the ATO area remains controlled by Ukraine’s Army. Russian occupation forces shelled Ukrainian positions 21 times during the past 24 hours.

The epicenter of confrontation was Prymorsky area. Militants shelled Shyrokyne from 122 mm light portable rocket system Partyzan and IFV weaponry. The enemy shelled Mariinka from IFV, grenade launchers of different systems and heavy machine guns. Krasnohorivka positions were shelled from anti-tank grenade launchers and Vodyane – from IFV and heavy machine guns. Hnutove was shelled from small arms. Snipers were shooting in Mariinka.

In Donetsk region militants shelled Avdivka and Verkhnyotoretske from 82 mm mortars, anti-tank grenade launchers and heavy machine guns. Ukrainian positions near Troitske and Pisky were hit from anti-tank grenade launchers and small arms. More here.

Russia Funds and Manages Conflict in Ukraine, Leaks Show

Hacked emails show that the Kremlin directs and funds the ostensibly independent republics in eastern Ukraine and runs military operations there. In late 2016, Ukrainian hacker groups released emails purportedly taken from the office of Kremlin official Vladislav Surkov, who oversees Ukraine policy for Russian President Vladimir Putin. The Surkov leaks confirm what many have long suspected: the Kremlin has orchestrated and funded the supposedly independent governments in the Donbas, and seeks to disrupt internal Ukrainian politics, making the task of rebuilding modern Ukraine impossible. Russia has consistently denied accusations from Kyiv and the West that it is providing the separatists with troops, weapons, and other material support or meddling in Ukrainian affairs. The emails from Surkov’s office betray the official Kremlin line, revealing the extent of Russian involvement in the seizure of Ukrainian territory, the creation of puppet “people’s republics,” and the funding to ensure their survival.

There have been three tranches of information from Surkov’s account: a PDF document detailing plans to destabilize Ukraine, a dump of 2,337 emails, and a final dump of 1,000 emails. While the plot to destabilize Ukraine with its detailed plan to use energy tariffs to foment revolution has garnered attention, its veracity is disputed. The trove of 2,337 emails, released by the group called “Ukrainian Cyber Alliance,” including the hacker group Cyber Hunta and research collective InformNapalm, covers the period from September 2013 to November 2014, when Russia illegally annexed Crimea and deployed separatist proxies in eastern Ukraine to start a war. The final dump dates from September 2014 to September 2016. We have analyzed the overlooked second and third troves. Here’s what we found.

On May 16, 2014, a little-known Russian “political consultant” named Aleksandr Borodai was elected prime minister of the self-proclaimed Donetsk People’s Republic. At the time, many noted that Borodai was a friend and former employee of Russian billionaire Konstantin Malofeyev, the founder of Marshall Capital and, according to a separate set of leaked documents, a funder to far-right political organizations in Europe. While Malofeyev denied all connections to Borodai (“You can find a link between me and almost any Orthodox activist. But that doesn’t mean I’m paying them a salary or that we’re in the same business.”), the Surkov leaks show otherwise. Three days before the announcement of the government of the Donetsk People’s Republic, an employee from Malofeyev’s Marshall Capital emailed Surkov’s office a list of candidates for the separatist republic’s government. Some of these “candidates” had an asterisk by their name, signifying that they “are people who we have checked, and are especially recommended.”

20170419 haring 1

A portion of the document sent from the office of Konstantin Malofeyev to Vladislav Surkov, aide to President Putin.

The Kremlin also had a hand in maintaining the puppet government. On June 16, 2014, one of the candidates with an asterisk by his name—the “elected” Chairman of the Supreme Soviet, Denis Pushilin—sent Surkov’s office a spreadsheet with expenses for a new press center in Donetsk. The budget included estimated salaries for an editor, journalist, and other monthly expenses, along with the cost of a router and other pieces of office equipment. The Kremlin not just manages their puppet republic in eastern Ukraine, it is micromanaging and propping it up.

20170419 haring 2

Part of the expense list sent by the Donetsk People’s Republic official Denis Pushilin to Surkov, including the cost of a laptop, router, camera, and other pieces of office equipment.

But that’s not all. The Kremlin actively works to disrupt and slow down the reform process in Ukraine by promoting pro-Russian candidates and proposals. For example, Surkov has met with and assisted pro-Russian activists and leaders who live in Crimea, Dnipro, Kharkiv, Kyiv, and Slovyansk. The emails show that Surkov keeps lists of pro-Russian activists across the country that he can deploy when he needs a favor.

The leaks also show that Surkov actively monitors Ukraine’s reforms and works with editors to push a pro-Russian agenda in Ukrainian and Russian outlets. Surkov has significant influence on the media narrative in eastern Ukraine. For example, on August 25, 2014, he received an email asking for edits to a letter that was supposedly from local citizens living in eastern Ukraine; in it, they told of the horrors resulting from the Ukrainian military’s “Anti-Terrorist Operation” and its effect on women, the elderly, and children, supposedly from the perspective of a suffering civilian. The letter was published by Russian Reporter and RT a few days later with minor wording changes.

20170419 haring 3

Comparison of the letter sent from the “public representatives of the Donbass” to the Ukrainian government, with the original version sent to Surkov (left) and the version that was later posted online (right), after suggested edits.

Predictably, Kremlin officials have refuted the authenticity of these emails. However, cyber experts have pronounced these leaked emails genuine based on the routing information and some individuals have confirmed the authenticity of individual documents. The hackers published a nearly one-gigabyte Outlook data file that included the inbox, outbox, drafts, deleted email, spam, and other folders from [email protected] ’s account. While it is easy to fake screenshots, PDF documents, and other files, faking email inboxes is difficult. Within the email files, every message in the second trove of emails contains the same header information — where it originated, which servers it moved through, and so on—which indicates the messages are likely genuine. Using basic digital forensics, which involves uncovering and examining electronic evidence located on digital storage, including computers, cell phones, and networks, we can verify specific details in the emails, suggesting that the leaks are authentic. A majority of the emails are copied and pasted information from news articles, brief summaries of current events in Abkhazia, Moldova, South Ossetia, and Ukraine, and emails related to business developments in Russia. This high ratio of “uninteresting to interesting” bolsters the authenticity of the leaks because nearly all genuine email account hacks have a similar profile. In other words, political officials’ inboxes look much like the average person’s work inbox: full of schedules and routine briefings, with only a handful of incriminating emails. Surkov’s inbox follows this pattern.

In his own words, the Surkov leaks show that the Kremlin directs and funds the ostensibly independent republics in eastern Ukraine and runs military operations there. Yet nearly all media in the West speak about the war in the Donbas as being run by Kremlin-backed separatists, but this isn’t a true characterization. Moscow is actively guiding and managing this breakaway state, down to paying invoices for office equipment. The leaks provides clear, irrefutable evidence that the Donetsk People’s Republic is not an independent actor; it is a creature of the Kremlin and should be treated as such. It’s time for the media and foreign governments to catch up and call it what it is: a Russian hybrid war.

China is Charged With Control of North Korea, Bad Idea?

President Trump has conferred to Asian leaders over the matter of North Korea’s missile tests and the threats of a nuclear strike. Many conversations have been filling the phone wires that put President Xi of China in charge of handling Kim Jung Un. Okay, but can or will China do all that is necessary and will it resolve the threat of an escalated war in the region? The answer is unknown.

In part from FNC: U.S. commercial satellite images indicated increased activity around North Korea’s nuclear test site, while Kim has said that the country’s preparation for an ICBM launch is in its “final stage.”

South Korea’s Defense Ministry has said the North appears ready to conduct such “strategic provocations” at any time. South Korean Acting Prime Minister Hwang Kyo-ahn has instructed his military to strengthen its “immediate response posture” in case North Korea does something significant on the April 25 anniversary of its military. North Korea often marks significant dates by displaying military capability.

In a statement released late Friday, North Korea’s Foreign Ministry accused Trump of driving the region into an “extremely dangerous phase” with his sending of the aircraft carrier and said the North was ready to stand up against any kind of threated posed by the United States.

With typical rhetorical flourish, the ministry said North Korea “will react to a total war with an all-out war, a nuclear war with nuclear strikes of its own style and surely win a victory in the death-defying struggle against the U.S. imperialists.”

*** So, China appears to have taken some steps to send North Korea a message like refusing a coal shipment. But was that just a one off tactic? Cutting off oil and gasoline shipments…was that too yet another gesture by China? How about access to banking and ATM machines?

PYONGYANG, North Korea (AP) — No modern airport terminal is complete without an ATM, and Pyongyang’s now has two. But they don’t work — because of new Chinese sanctions, according to bank employees — and it’s not clear when they will.

ATMs are an alien enough concept in North Korea that those in the capital’s shiny new Sunan International Airport have a video screen near the top showing how they work and how to set up an account to use them. The explanatory video is in Korean, but the machines, which are meant primarily for Chinese businesspeople and tourists, don’t give out cash in the North Korean currency.

Humm right? But can we really trust China to go the distance to stop North Korea? I offer this answer…NO.

China has been angry with the United States over deploying the THAAD missile defense system in S. Korea. China is one of the largest know hacking networks in the world…remember that? Alright, how about this lil gem?

***

Researchers claim China trying to hack South Korea missile defense efforts

Deployment of THAAD upsets China, seen as espionage tool.

Sean Gallagher: Chinese government officials have been very vocal in their opposition to the deployment of the Terminal High-Altitude Air Defense (THAAD) system in South Korea, raising concerns that the anti-ballistic missile system’s sensitive radar sensors could be used for espionage. And according to researchers at the information security firm FireEye, Chinese hackers have transformed objection to action by targeting South Korean military, government, and defense industry networks with an increasing number of cyberattacks. Those attacks included a denial of service attack against the website of South Korea’s Ministry of Foreign Affairs, which the South Korean government says originated from China.

FireEye’s director of cyber-espionage analysis John Hultquist told the Wall Street Journal that FireEye had detected a surge in attacks against South Korean targets from China since February, when South Korea announced it would deploy THAAD in response to North Korean missile tests. The espionage attempts have focused on organizations associated with the THAAD deployment. They have included “spear-phishing” e-mails carrying attachments loaded with malware along with “watering hole” attacks that put exploit code to download malware onto websites frequented by military, government, and defense industry officials.

FireEye claims to have found evidence that the attacks were staged by two groups connected to the Chinese military. One, dubbed Tonto Team by FireEye, operates from the same region of China as previous North Korean hacking operations. The other is known among threat researchers as APT10, or “Stone Panda”—the same group believed to be behind recent espionage efforts against US companies lobbying the Trump administration on global trade. These groups have also been joined in attacks by two “patriotic hacking” groups not directly tied to the Chinese government, Hultquist told the Journal—including one calling itself “Denounce Lotte Group” targeting the South Korean conglomerate Lotte. Lotte made the THAAD deployment possible through a land swap with the South Korean government.

APT = Advanced Persistent Threat 10 refers to China as noted here with this summary which was found as early as 2009.  In part it includes:

“Operation Cloud Hopper” uses internet addresses also used by the threat actor known in the cybersecurity community as “APT10.” Using a combination of unique hacking tools and open source software, it has attempted to gather information about diplomatic and political organizations, as well as intellectual property, according to the report.

APT10 was identified in a 2013 report by FireEye detailing its use of the Poison Ivy family of malware, which the new report says ceased after FireEye revealed its findings. Also in 2013, FireEye identified APT1, which appears to be Unit 61398 of China’s People’s Liberation Army. The PwC-BAE report notes that the “Operation Cloud Hopper” attacks tend to occur during business hours in China.

Since 2009, APT10 has been observed to target mostly government and U.S. defense organizations, but now “has almost certainly been undertaking a global operation of unprecedented size and scale targeting a number of MSPs,” the report says.

Tillerson is Telling us that Obama Gave Away Leverage on Iran

Tillerson called for a full review of the Iran nuclear deal and rightly so. Then the mission was to examine the years of proven history of Iran’s terror operations including making weapons that were used to kill and permanently injure U.S. military forces, something Senator Tom Cotton challenged General Dempsey on last year in a Senate hearing.

Finally, this is and could be one of the biggest whistleblowing operations yet of the collusion and lies told to the world about the nuclear deal negotiated by John Kerry and the P5+1. And, just where are those other countries on the matter of Iran anyway?

***

Obama’s hidden Iran deal giveaway

POLITICO_Iran_Nuclear_Deal_F.jpg Sean McCabe/Politico

By dropping charges against major arms targets, the administration infuriated Justice Department officials — and undermined its own counterproliferation task forces.

Politico: When President Barack Obama announced the “one-time gesture” of releasing Iranian-born prisoners who “were not charged with terrorism or any violent offenses” last year, his administration presented the move as a modest trade-off for the greater good of the Iran nuclear agreement and Tehran’s pledge to free five Americans.

“Iran had a significantly higher number of individuals, of course, at the beginning of this negotiation that they would have liked to have seen released,” one senior Obama administration official told reporters in a background briefing arranged by the White House, adding that “we were able to winnow that down to these seven individuals, six of whom are Iranian-Americans.”

But Obama, the senior official and other administration representatives weren’t telling the whole story on Jan. 17, 2016, in their highly choreographed rollout of the prisoner swap and simultaneous implementation of the six-party nuclear deal, according to a POLITICO investigation.

In his Sunday morning address to the American people, Obama portrayed the seven men he freed as “civilians.” The senior official described them as businessmen convicted of or awaiting trial for mere “sanctions-related offenses, violations of the trade embargo.”

In reality, some of them were accused by Obama’s own Justice Department of posing threats to national security. Three allegedly were part of an illegal procurement network supplying Iran with U.S.-made microelectronics with applications in surface-to-air and cruise missiles like the kind Tehran test-fired recently, prompting a still-escalating exchange of threats with the Trump administration. Another was serving an eight-year sentence for conspiring to supply Iran with satellite technology and hardware. As part of the deal, U.S. officials even dropped their demand for $10 million that a jury said the aerospace engineer illegally received from Tehran.

And in a series of unpublicized court filings, the Justice Department dropped charges and international arrest warrants against 14 other men, all of them fugitives. The administration didn’t disclose their names or what they were accused of doing, noting only in an unattributed, 152-word statement about the swap that the U.S. “also removed any Interpol red notices and dismissed any charges against 14 Iranians for whom it was assessed that extradition requests were unlikely to be successful.”

Three of the fugitives allegedly sought to lease Boeing aircraft for an Iranian airline that authorities say had supported Hezbollah, the U.S.-designated terrorist organization. A fourth, Behrouz Dolatzadeh, was charged with conspiring to buy thousands of U.S.-made assault rifles and illegally import them into Iran.

A fifth, Amin Ravan, was charged with smuggling U.S. military antennas to Hong Kong and Singapore for use in Iran. U.S. authorities also believe he was part of a procurement network providing Iran with high-tech components for an especially deadly type of IED used by Shiite militias to kill hundreds of American troops in Iraq.

The biggest fish, though, was Seyed Abolfazl Shahab Jamili, who had been charged with being part of a conspiracy that from 2005 to 2012 procured thousands of parts with nuclear applications for Iran via China. That included hundreds of U.S.-made sensors for the uranium enrichment centrifuges in Iran whose progress had prompted the nuclear deal talks in the first place.

When federal prosecutors and agents learned the true extent of the releases, many were shocked and angry. Some had spent years, if not decades, working to penetrate the global proliferation networks that allowed Iranian arms traders both to obtain crucial materials for Tehran’s illicit nuclear and ballistic missile programs and, in some cases, to provide dangerous materials to other countries.

“They didn’t just dismiss a bunch of innocent business guys,” said one former federal law enforcement supervisor centrally involved in the hunt for Iranian arms traffickers and nuclear smugglers. “And then they didn’t give a full story of it.”

In its determination to win support for the nuclear deal and prisoner swap from Tehran — and from Congress and the American people — the Obama administration did a lot more than just downplay the threats posed by the men it let off the hook, according to POLITICO’s findings.

Through action in some cases and inaction in others, the White House derailed its own much-touted National Counterproliferation Initiative at a time when it was making unprecedented headway in thwarting Iran’s proliferation networks. In addition, the POLITICO investigation found that Justice and State Department officials denied or delayed requests from prosecutors and agents to lure some key Iranian fugitives to friendly countries so they could be arrested. Similarly, Justice and State, at times in consultation with the White House, slowed down efforts to extradite some suspects already in custody overseas, according to current and former officials and others involved in the counterproliferation effort.

And as far back as the fall of 2014, Obama administration officials began slow-walking some significant investigations and prosecutions of Iranian procurement networks operating in the U.S. These previously undisclosed findings are based on interviews with key participants at all levels of government and an extensive review of court records and other documents.

“Clearly, there was an embargo on any Iranian cases,” according to the former federal supervisor.

“Of course it pissed people off, but it’s more significant that these guys were freed, and that people were killed because of the actions of one of them,” the supervisor added, in reference to Ravan and the IED network.

The supervisor noted that in agreeing to lift crippling sanctions against Tehran, the Obama administration had insisted on retaining the right to go after Iran for its efforts to develop ballistic missiles capable of delivering nuclear warheads and cruise missiles that could penetrate U.S. defenses, and to illegally procure components for its nuclear, military and weapons systems.

“Then why would you be dismissing the people that you know about who are involved in that?” the former official asked.

A SHREWD CALCULATION

The saga of how the Obama administration threw a monkey wrench into its own Justice Department-led counterproliferation effort continues to play out almost entirely out of public view, largely because of the highly secretive nature of the cases and the negotiations that affected them.

That may be about to change, as the Trump administration and both chambers of Congress have pledged to crack down on Tehran’s nuclear and ballistic missile programs. Last Wednesday, Secretary of State Rex Tillerson announced a government-wide review of U.S. policy toward Iran in the face of “alarming and ongoing provocations that export terror and violence, destabilizing more than one country at a time.”

On Thursday, President Donald Trump declared that even if Iran is meeting the terms of its deal with the Obama administration and other world powers, “they are not living up to the spirit of it, I can tell you that. And we’re analyzing it very, very carefully, and we’ll have something to say about that in the not-too-distant future.”

Such reviews are likely to train a spotlight on an aspect of the nuclear deal and prisoner swap that has infuriated the federal law enforcement community most — the hidden damage it has caused to investigations and prosecutions into a wide array of Iranian smuggling networks with U.S. connections.

Valerie Lincy, executive director of the nonpartisan Wisconsin Project on Nuclear Arms Control, said Obama administration officials made a shrewd political calculation in focusing public attention on just those seven men it was freeing in the United States, and portraying them as mere sanctions violators.

That way, she said, “They just didn’t think it was going to make too many waves. And I think they were right.”

But Lincy, who closely tracks the U.S. counterproliferation effort against Iran, said that by letting so many men off the hook, and for such a wide range of offenses, Washington has effectively given its blessing to Iran’s continuing defiance of international laws.

Former Obama administration officials deny that, saying the men could still be prosecuted if they continue their illegal activity. But with their cases dropped, international arrest warrants dismissed and investigative assets redirected, the men — especially the 14 fugitives — can now continue activities the U.S. considers to be serious threats to its national security, Lincy said.

“This is a scandal,” she said. “The cases bear all the hallmarks of exactly the kinds of national security threats we’re still going after. It’s stunning and hard to understand why we would do this.”

Even some initial supporters of negotiating with Iran said the disclosures are troubling.

“There was always a broader conceptual problem with the administration not wanting to upset the balance of the deal or the perceived rapprochement with the Iranian regime,” said former Bush administration deputy national security adviser Juan Zarate, who later turned against the accord. “The deal was sacrosanct, and the Iranians knew it from the start and took full advantage when we had — and continue to maintain — enormous leverage.”

Most, if not all, of the Justice Department lawyers and prosecutors involved in the Counterproliferation Initiative were kept in the dark about how their cases were being used as bargaining chips, according to interviews with more than a dozen current and former officials.

So were the federal agents from the FBI and departments of Homeland Security and Commerce who for years had been operating internationally, often undercover, on the front lines of the hunt for Iranian arms and weapons smugglers.

It wasn’t just that prosecutors and agents with years of detailed knowledge about the cases were left out of the consultations about the significance of the 21 men let go in the swap. The lack of input also meant that negotiators were making decisions without fully understanding how the releases would impact the broader and interconnected matrix of U.S. investigations.

At the time, those investigations were providing U.S. officials with a roadmap of how, exactly, Tehran was clandestinely building its nuclear and ballistic missile programs and maintaining its military with the unwitting assistance of so many U.S. weapons parts and technology companies. The cases were also providing key operational details of how the Iranian procurement networks operate, and who in Tehran was calling the shots.

“So when they downplayed it, it really infuriated people,” said Kenneth MacDonald, a former senior Homeland Security official who helped establish the multi-agency coordination center at the heart of the National Counterproliferation Initiative.

“They’d spent months or years on these cases and the decisions were made with no review of what the implications were,” said MacDonald, who retired in 2013 but keeps in contact with agents as co-principal investigator at the DHS-affiliated Institute for Security Policy at Northeastern University. “There was absolutely no consultation.”

A SYSTEM IN LIMBO

In a series of interviews, senior officials from the Obama White House and Justice and State Departments said the prisoner swap was a bargain for the U.S., given the release of Washington Post reporter Jason Rezaian, former Marine Amir Hekmati and three others. Iran also promised cooperation on the case of former FBI agent Robert Levinson, who had disappeared in Iran nearly a decade earlier and was believed to be either imprisoned or dead.

Those senior officials acknowledged that all but a handful of people were kept in the dark, but said top representatives of the Justice Department and FBI helped vet the 21 Iranian proliferators and that then-Attorney General Loretta Lynch herself participated in blocking some other individuals demanded by Tehran from inclusion in potential prisoner trades.

“The condition was that they not be engaged in anything remotely attached to violence or proliferation activities,” said one senior Obama administration official familiar with the swap negotiations. “And none of them were in any stage where they were providing assistance to the [Tehran] government.”

That may be true for the seven men granted clemency in the United States, but it certainly wasn’t the case for the 14 fugitives.

“These were people under active investigation, who we wanted very badly because they were operating at such a high level that they could help us begin to find out what was happening inside the black box of how Iran’s procurement networks really operate,” said Aaron Arnold, a former intelligence analyst at CPC2, the FBI’s special Counterproliferation Center unit dedicated to thwarting Iranian nuclear and weapons smuggling. “Without that kind of strategic insight, it leaves our analysts, but more importantly, our policy-makers just guessing at what Iran is up to and how to stop it.”

Fifteen months later, the fallout from the nuclear deal and prisoner swap — and questions about the events leading up to them — continue to reverberate through the Justice Department and the specialized units at the FBI, Department of Homeland Security and Commerce Department created to neutralize the threat posed by Iran’s nuclear and military ambitions.

The National Counterproliferation Initiative, created with much fanfare a decade ago, has suffered greatly, many participants said, even as they acknowledged that metrics are hard to come by. Much of the work is done in secret, and in long-range efforts that can’t be publicly disclosed, much less measured in annual arrest or conviction statistics.

But key enforcement efforts are in limbo as the result of stalled or stymied investigations and prosecutions, and the trail of some high-value targets has gone cold, numerous participants said.

At least six times in the run-up to the nuclear deal, federal investigators scrambled to get Justice and State Department approval to lure top Iranian targets into traveling internationally in order to arrest them, according to one top Obama administration Justice Department official and other participants. But the requests weren’t approved and the targets vanished, depriving the U.S. of some of its best opportunities to gain insight into the workings of Tehran’s nuclear, missile and military programs, the sources said.

“We would say, ‘We have this opportunity and if we don’t do it now, we’ll never have the opportunity ever again,” the recently departed Justice Department official recalls. But, he added, “There were periods of time where State Department cooperation was necessary but not forthcoming.”

Obama Secretary of State John Kerry declined to comment through a former senior State Department official, who said certain requests might have been delayed temporarily because they came at particularly sensitive times in the negotiations, but only with the concurrence of the White House and Justice Department.

But even now, many experienced agents and prosecutors say they are reluctant to pursue counterproliferation cases for fear that they won’t go anywhere. They say they have also received no helpful guidance on what they can — and cannot — investigate going forward given the complicated parameters of the Iran deal and lifting of nuclear sanctions. Some said they are biding their time to see how hard-liners in the new administration, including Trump himself, deal with Iran.

But others have grown so frustrated that they have moved on from the counterproliferation effort, taking with them decades of investigative experience and relationships cultivated with other government agencies and cooperating U.S. companies, a number of current and former officials said.

And critical momentum has been lost, many say, as the 10-year anniversary of the initiative in October approaches.

“This has erased literally years — many years — of hard work, and important cases that can be used to build toward other cases and even bigger players in Iran’s nuclear and conventional weapons programs,” said former Justice Department counterproliferation prosecutor David Locke Hall, adding that the swap demolished the deterrent effect that the arrests and convictions may have had. “Even though these men’s crimes posed a direct threat to U.S. national security, the [Obama] administration has essentially told them their efforts have produced nothing more than political capital that can be traded away when politically expedient.”

One senior Obama administration official who served at the White House and DHS disagreed, saying much of the intelligence about Iranian networks remains usable even though the 21 cases were vacated, and that counterproliferation agents are a resilient bunch who will continue to do their jobs.

When asked whether the counterproliferation effort has struggled, one current Justice Department spokesman said no and quipped, “We are still in the export violation prosecuting business.”

That may be the case, said David Albright of the Institute for Science and International Security, a physicist and former weapons inspector whose decades of scientific research into Iran’s secret nuclear weapons program brings him into regular close contact with federal authorities.

But like others involved in ongoing U.S. counterproliferation efforts, Albright said he witnessed many instances since late 2014 in which important investigations and prosecutions were hindered. Albright, who serves as an expert witness in Justice Department Iran trafficking prosecutions, added that federal agents have told him of numerous cases of “lure memos” and other requests never approved by the State Department.

“You can’t keep turning these down and expecting them to want to keep doing this,” said Albright, who added that efforts to lure suspects to countries where they can be arrested are essential in getting beyond the lower rungs of middlemen for Iran. He said he could not disclose specific details, but said, “The amount of rejections has risen to the level where people were worried that it would kill the counterproliferation effort.”

“They had wanted all of these things prosecuted, they were on a roll, they were freaking out the Iranians and then they were told, boom, stop,” Albright said of the Obama administration’s counterproliferation efforts. “And it’s hard to get them back again. We are shooting ourselves in the foot, destroying the infrastructure that we created to enforce the laws against the Iranians.”

The repercussions from the prisoner swap are especially strong in Boston, where authorities had worked for years to build the case against Jamili, the suspected Iranian nuclear procurement agent, and his China-based associate Sihai Cheng.

The two were secretly indicted in 2013 along with two Iranian companies, and Cheng pleaded guilty in mid-December 2015 to four criminal counts. He acknowledged conspiring with Jamili to knowingly provide more than 1,000 high-tech components known as pressure transducers to Iran, which authorities say advanced its nuclear weapons capabilities.

Less than a month later, though, as the prisoner swap unfolded, Boston prosecutors got orders from Washington to file court papers vacating the charges against Jamili and dropping the Interpol arrest warrant for him.

It wasn’t until later that the case agents and prosecutors learned that the Iranian negotiators had specifically demanded that Jamili be included in the swap, said Arnold, the former analyst at the FBI’s Counterproliferation Center Iran unit, where he headed a financial intelligence team tracking the money flows of the Iranian networks.

A GLOBAL CAT AND MOUSE GAME

By the time of the nuclear deal and prisoner swap, the U.S. government had spent 35 years in pursuit of Iran’s ever more sophisticated web of smugglers, traffickers, transport operatives and procurement agents.

In 1979, President Jimmy Carter declared that Iran constituted an unusual and extraordinary threat to U.S. security after Islamic revolutionaries overran the U.S. Embassy in Tehran and took hostage 52 Americans. Tehran began calling the United States “the Great Satan” and vowed its destruction, in part by using proxy forces like Hezbollah.

A raft of economic sanctions against Iran and Iranian entities were put in place, followed by other restrictions on U.S. parts and technology that Tehran needed for military or other restricted applications, including its squadrons of F-class fighter jets that Washington sold it during friendlier times. Its ambitious ballistic missile program became a grave concern over the years, especially when it became apparent that Tehran was using U.S. commodities to engineer inter-continental versions that could reach the United States, and to top them with nuclear, conventional or even chemical and biological weapons.

And as Iran’s suspected nuclear weapons program ramped up, so did the U.S. effort to stop it.

Overseas, U.S. intelligence operatives shadowed Iranian procurement agents, cultivated informants and used cyberweapons to sabotage Iran’s clandestine program. The U.S. military tried to interdict illicit shipments headed for Tehran. The Treasury Department issued endless rounds of targeted sanctions, but each time it restricted access to global markets for suspect individuals and companies, Tehran would simply create new ones. And successive administrations tried the diplomatic route to slow or stop Iranian proliferation, including Tehran’s efforts to share weapons and research with other enemies of the United States, without success.

In response, federal law enforcement agents and prosecutors were deployed to shut down the Iranian procurement networks and dam the rivers of U.S. parts and technology illicitly flowing to Iran in violation of export control laws.

That proved virtually impossible, given the hundreds of trading, shipping and transport companies Iran employed, and the complex payment schemes and often unwitting procurement agents it used to get the products via other countries with lax export controls.

Meanwhile, since at least 1982, the Government Accountability Office began issuing stinging reports about how the lack of coordination and information-sharing among U.S. agencies severely hampered efforts to bring criminal cases against traffickers.

After the 9/11 attacks, those turf battles intensified. The cases often took years to investigate, and federal agents from two or even three agencies would sometimes discover they were conducting international undercover operations against the same target, a top former Homeland Security official recalls.

Securing convictions from American juries was also a huge challenge given the complex nature of the cases, especially when the procurement networks were buying so-called dual-use components that also could be used for less nefarious purposes.

Two post-9/11 cases exposed gaping holes in the global counterproliferation safety net. In the United States, Israeli-born trafficker Asher Karni was arrested for illegally shipping suspected U.S. nuclear components to Pakistan for its atomic bomb arsenal. And in Pakistan, metallurgist Abdul Qadeer Khan was caught selling his country’s nuclear capability to Iran, Libya and North Korea.

Both cases ratcheted up Washington’s fears that the vast underground of WMD trafficking rings could sell their wares to Al Qaeda and other terrorist groups.

In 2007, the Bush administration responded by establishing the National Counterproliferation Initiative, charging the Justice Department with coordinating and expanding U.S. efforts to dismantle the procurement networks.

Task forces were established around the country, with special training for prosecutors and agents in how to collectively build cases that would not only put front-line traffickers in prison, but also map the illicit networks and target their leadership.

From the outset, Iran cases were front and center, especially in cities like San Diego, Houston and New York with large military, industrial or technology sectors. Boston, in particular, seemed a favorite of the Iranian networks.

Soon, the multi-agency teams were homing in on key players in Iran’s nuclear and missile programs and another network procuring the IED components that Tehran’s fearsome Revolutionary Guard used to assist Iraqi insurgents killing American troops in Iraq.

An early high-value target was Amin Ravan, who by 2008 was working with a Singapore firm on behalf of the Aerospace Industries Organization, described by a secret State Department cable that year as “the umbrella organization and key procurement center for all Iranian industries responsible for developing and manufacturing missiles.”

Another was Behrouz Dolatzadeh, the suspected assault weapons buyer for Tehran. Authorities say he had been active as far back as 1995 in illegal arms smuggling and other illegal activities in connection with a sprawling business empire linked to Iran’s hard-line leader, Ayatollah Ali Khamenei.

By 2011, the Justice-led task forces had developed so many promising leads that the FBI, Commerce and Homeland Security Department had created special units to better coordinate efforts. Together, they also improved liaisons with overseas law enforcement agencies instrumental in interdicting shipments headed for Iran.

And working with U.S. intelligence agencies and the State Department, the task forces successfully lured several key Iranian operatives out of Tehran and China for capture elsewhere, including two who would end up on Obama’s prisoner swap list.

Dolatzadeh was indicted under seal in Arizona in February 2012, lured to the Czech Republic to inspect weapons en route to Iran, and arrested. And Ravan, already linked to the IED network, was secretly indicted in Washington in November 2012 and captured soon after in Malaysia.

And after a three-year undercover investigation, U.S. authorities lured a major Iranian proliferator named Parviz Khaki to the Philippines in May 2012 and arrested him on charges of conspiring to smuggle nuclear-related U.S. equipment to Iran.

“By dismantling this complex conspiracy … we have disrupted a significant threat to national security,” John Morton, then-director of DHS Immigration and Customs Enforcement, said at the time.

All three investigations provided U.S. officials with unprecedented insight into Iran’s secret procurement efforts, current and former task force members said. But Dolatzadeh and Ravan were released by courts overseas, and Khaki died in custody, before the U.S. could extradite them.

The counterproliferation teams also enlisted the help of American companies, providing them with Iran’s massive shopping list of needed items and hotlines to call when they got a nibble.

“It took a long time to mature, but by 2013 to 2014, it became very evident that we were getting a lot of great leads,” recalls Randall Coleman, who as assistant FBI director oversaw the bureau’s fledgling Counterproliferation Center and special coordinators in all 56 field offices.

“We were very aggressive, and as a result of that, our caseload went up about 500 percent,” Coleman said. “It really exploded. We were rocking and rolling.”

One of the most promising cases was in Boston, where federal agents were deep into their investigation of the illicit flow of parts to Iran from a Massachusetts firm, MKS Instruments, and its Shanghai subsidiary.

With help from MKS, which was not suspected of wrongdoing, agents initially focused on Cheng and gathered evidence that he had been indirectly supplying Iran with components with nuclear applications for years. The trail led to Eyvaz Technic Manufacturing, an Iranian company designated by European authorities as an entity involved in developing and procuring parts for Iran’s nuclear weapons and ballistic missile programs.

“Time is important, not only for you, for me, for your end user, but also for your nation,” Cheng wrote in a 2010 instant message to a suspected Iranian accomplice. “I personally believe the war will break out in 2 years and that will be the start of World War Three.”

But the agents’ curiosity was also piqued by another message from back in 2007, in which the Iranian accomplice, Seyed Jamili, asked Cheng for thousands of pressure transducers, for “a very big project and secret one.”

The project, authorities determined, was Iran’s clandestine uranium nuclear enrichment facilities at Natanz and Fordow, where the transducers helped run thousands of gas centrifuge cascades to reach weapons-grade capability. There was even a photo of then-president Mahmoud Ahmadinejad touring Natanz, with the centrifuges — and MKS transducers clearly visible — in the background.

International U.S. arrest warrants were secretly issued for the two men, and authorities nabbed Cheng when he traveled to London to watch a soccer match in February 2014. After he was extradited and brought to Boston that December, authorities began to realize that Jamili was a far more important cog in Iran’s proliferation network than they had suspected.

It was Jamili who had recruited Cheng with the promise of big and easy money, they determined, and who had been using his Iranian import-export firm as cover for personally recruiting other procurement agents on trips to China and possibly other countries.

Around that same time, negotiations over a comprehensive nuclear deal with Iran were heating up, and so were the top-secret prisoner swap talks on the sidelines of them.

AN OPERATIONAL SLOWDOWN

By the winter of 2014, federal agents and prosecutors began to detect waning support at the higher rungs of the Obama administration for their counterproliferation efforts against Iran, according to numerous officials involved. Also, they said, Justice Department management — and an interagency Iran working group — suddenly were scrutinizing Iran cases more closely, asking a lot more questions and holding up requests and approvals that in the past had been routine.

No specific guidance or order was given, some said, but the message was clear.

“They didn’t want to have cases just popping up in the workup to the agreement or shortly after the agreement. The administration would not look good if there were [cases documenting] these acquisition attempts. And the Iranians kept doing it,” MacDonald, the former senior Homeland Security official, said of Tehran’s illegal procurement efforts.

“They were never told no, just to wait,” MacDonald said of the agents. “It was a common theme among the people working these cases. The official response was that nothing had changed, that if you brought the case forward, it would be worked. But unofficially, that was just not the case.”

Some of the cases involved significant investigations into nuclear and missile proliferation that required State Department approval, including visas to lure suspects to the U.S. for arrest, said MacDonald, who had also served on the White House Task Force on Export Control Reform. “I’ve been told that the highest levels of the State Department weren’t processing those, and the cases couldn’t move forward.”

A former senior State Department official said that in most cases, State Department and White House could only provide nonbinding guidance on how ongoing law enforcement operations might affect the sensitive negotiations. Ultimately, he said, the Justice Department was responsible for pushing back and protecting the integrity of its investigations and prosecutions.

And while it’s possible that federal law enforcement officials missed opportunities as a result of State Department delays, “I am not aware of a single case where they lost out on some key arrest or information, or some proliferation activity was allowed to continue,” the former senior State Department official said, adding that some lures and extraditions were approved “until the very end of our tenure.”

Richard Nephew, a former top Iran sanctions official at the State Department and National Security Council, said any delays were “much more a case of managing the diplomatic initiative than letting the bad guys get away with stuff. If we found out in the NSC that something involved active law enforcement activity, then we were advised to stay the hell away from it.”

A top Obama Justice Department official rejected the notion that the State Department didn’t undermine important cases. He said prosecutors and investigators sometimes acceded to requests for delays they believed to be reasonable. But they became infuriated at times, he said, especially when opportunities to lure and arrest key Iranian proliferators were lost due to delay or outright rejection by State.

“The impediment was not the leadership of DOJ but the other agencies that DOJ has to work with to bring these cases successfully,” the Obama Justice official said. “They can kibosh it, they can pocket veto it, they can tell us no, they can punt it down a couple of steps.”

Justice Department officials demanded “high-level conversations” with the State Department and White House, but “not a whole lot” changed, the Obama Justice official said. “Did it fix the issue? I don’t think it did. I remember people up and down at DOJ being frustrated with the inability to move things.”

A senior former federal law enforcement official involved in counterproliferation efforts agreed, saying the FBI was especially impacted. “Did some of these other agencies’ actions … undermine what we were trying to accomplish in terms of the Iran network in the U.S.? Yes. But you are treading into waters where people don’t like what you are doing because it affects other things they are trying to do, diplomatically and politically.”

Ultimately, the dysfunction created by the slowdown spread far beyond the enforcement agencies and damaged relationships with partners in private industry and foreign governments, former DHS official MacDonald and others said.

By early 2015, the Obama administration’s oft-publicized desire for securing an Iran deal “was politicizing all of the ongoing investigations,” Arnold said. He visited his former CPC Iran Unit colleagues that August while briefing Treasury and FBI officials on the Iran deal, reached a month earlier, as a counterproliferation expert at Harvard’s John F. Kennedy School of Government.

“There was a fear that as negotiations went on, the White House wouldn’t want to get caught in a flap” created by a high-profile arrest or criminal case, Arnold said.

For agents and prosecutors, the headlines such an incident would create would antagonize not only their superiors but also a White House intent on proving to Tehran that it was committed to reaching an accord. On the flip side, it could also provide ammunition to the proposed deal’s many critics in Congress and elsewhere, who were claiming that Iran was aggressively continuing its clandestine procurement efforts even as it pledged good behavior.

But agents and prosecutors had an even more powerful reason to throttle back on Iran proliferation cases, according to Arnold and others.

Despite repeated requests, many were not given guidance or reassurances that the nuclear deal being negotiated in secret wouldn’t render unprosecutable new and ongoing cases, especially high-priority ones against nuclear traffickers, Arnold said. So agents had no confidence that their work would bear fruit.

“It was absolutely insane,” Arnold said. “People didn’t know what to do.”

“From the summer of 2015 on, there was a serious slowdown” as many counterproliferation officials shut down prosecutions and investigations voluntarily, Arnold said. “During that time, CPC wasn’t as aggressive as it should have been.”

The senior Obama administration official acknowledged that the twin sets of negotiations influenced the overall U.S. counterproliferation effort against Iran, especially the timing of individual investigations, prosecutions and international efforts to bring suspects to justice.

Such competing equities are unavoidable when high-level matters of diplomacy and geopolitics are under consideration, the official said. At those times, the White House must be guided by broader policy objectives, in this case de-escalating conflict with Iran, curbing its nuclear weapons program and freeing at least four American prisoners.

“The White House wouldn’t be getting involved in saying yea or nay to particular arrests or cases or the like” that are the purview of the Justice Department, the administration official said. “It was not uncommon, though, that before we were going to undertake a law enforcement action that we thought would have foreign policy implications, we would alert folks at the White House so that there could be appropriate notice given to a foreign government. That happens.”

The former official also acknowledged the complaints by agents and prosecutors about cases being derailed but said they were unavoidable, and for the greater good.

“It’s entirely possible that during the pendency of the negotiations, that folks who were doing their jobs, doing the investigations and bringing cases, having no understanding of and insight into the other process, were frustrated because they don’t feel like their stuff is moving forward,” said the Obama official. “Or they were not getting answers, because there are these entirely appropriate discussions happening on the policy side.

“That doesn’t strike me as being, a, unusual or, b, wrong,” the official added. “But I completely understand why it’s frustrating.”

The Justice Department refused repeated requests to make available for interviews anyone related to the counterproliferation effort since the Iran deal, or to provide information about its role in the negotiations.

But in a statement to POLITICO, the Justice Department said the negotiations “did not affect the Department’s determination to investigate and charge worthy cases” and that it continued to “investigate, charge, and prosecute viable criminal cases … throughout negotiations of the JCPOA,” the formal term for the Iran deal. The Justice Department said it filed federal charges against 90 individuals and entities for violations of export controls and sanctions implicating Iran between 2014 and 2016, many under seal. It did not provide information about cases under seal for those or other years, making it impossible to place those numbers in the proper context.

Also, some of those cases involve the 21 Iranians let go in the swap. And because numerous individuals and entities often are charged in a single case, the statistics suggest a slowdown in counterproliferation efforts, according to current and former investigators and a POLITICO review of DOJ cases.

The timing of arrests, prosecutions and other investigative activities “may be informed by a variety of factors, including, especially in the national security context, collateral foreign policy consequences and impacts on American lives,” the Justice Department said. “Once an individual is charged, the Department works to ensure that the defendant, whether located in the U.S. or abroad, is held accountable. In seeking to apprehend defendants located abroad, however, we need assistance from other departments, agencies, and countries, and sometimes we cannot accomplish an arrest without it.”

Senior Obama administration officials also said the negotiations over the nuclear deal and, even more so the prisoner swap, required such extraordinary secrecy that only a tiny number of people were involved.

But as the nation’s top law enforcement official — and as a participant in the negotiations —Lynch failed in her responsibility as attorney general to protect the integrity of the Justice Department’s investigations and prosecutions from any political interference, some current and former officials believe.

Lynch, through an aide, declined to comment.

Trump’s attorney general, Jeff Sessions, raised the issue of Justice Department independence in 2015, when as a senator he asked incoming Deputy Attorney General Sally Yates about whether she knew that she had “the responsibility to say no to the president if he asks for something that’s improper?” Read much more here, it is a chilling investigation and summary. This was a fantastic effort and well done.

CIA WikiLeaks Mole a Russian or Defector?

The truth is often stranger than fiction and when it does finally come out, the twists and turns to the stories are shocking. So, it has been announced that the FBI and CIA are on a full blown mole search investigation to determine who within or as a contractor to the CIA is loyal or on the payroll of a foreign rogue nation such as Russia.

Schindler at the Observer wrote and explained that the last major Soviet penetration of NSA during the Cold War was Ron Pelton, a former agency analyst who started selling secrets to the KGB in 1980. Pelton betrayed highly sensitive signals intelligence programs to Moscow and was convicted of espionage in 1986 after Vitaly Yurchenko, a KGB officer who temporarily defected to the United States, tipped off the FBI about an NSA source selling secrets to the Kremlin.

Image result for ron pelton espionage Quazoo

So, could it be Bernie Sanders? After all, he honeymooned in Yaroslavl, Soviet Union…not modern day Russia. Anyone hear of Evgeny Buryakov who is alleged to have attempted to recruit Carter Page an early advisor to Donald Trump? Could it be John Kerry himself as part of a larger plot for Russian cooperation over Syria or Iran? It is thought that the mole is an insider or contractor, yet who could pass thumb drives or envelops via dead drops?

None of the above is real or proven, it is just suggested to think out of the box as we are only restrained by our own limits of imagination. We had never heard of Edward Snowden either right?

*** What about those ‘Shadow Brokers’? One must understand the world of espionage and how it has adjusted due to the internet and global communications with encryption.

A message from Vladimir Putin can take many forms.

It can be as heavy-handed as a pair of Russian bombers buzzing the Alaska coast, or as lethal as the public assassination of a defector on the streets of Kiev. Now Putin may be sending a message to the American government through a more subtle channel: an escalating series of U.S. intelligence leaks that last week exposed a National Security Agency operation in the Middle East and the identity of an agency official who participated.

The leaks by self-described hackers calling themselves “the Shadow Brokers” began in the final months of the Obama administration and increased in frequency and impact after the U.S. bombing of a Syrian airfield this month—a move that angered Russia. The group has not been tied to the Kremlin with anything close to the forensic certitude of last year’s election-related hacks, but security experts say the Shadow Brokers’ attacks fit the pattern established by Russia’s GRU during its election hacking. In that operation, according to U.S. intelligence findings, Russia created fictitious Internet personas to launder some of their stolen emails, including the fake whistleblowing site called DCLeaks and a notional Romanian hacker named “Guccifer 2.0.”

“I think there’s something going on between the U.S. and Russia that we’re just seeing pieces of,” said security technologist Bruce Schneier, chief technology officer at IBM Resilient. “What happens when the deep states go to war with each other and don’t tell the rest of us?”
The Shadow Brokers made their deubt in August, appearing out of nowhere to publish a set of secret hacking tools belonging to the “Equation Group”—the security industry’s name for the NSA’s elite Tailored Access Operations program, which penetrates foreign computers to gather intelligence. At that time, the Shadow Brokers claimed to be mercenary hackers trying to sell the NSA’s secrets to the highest bidder. But they went on to leak more files for free, seemingly timed with the public thrusts and parries between the Obama administration and the Russian government.

From the start, outside experts had little doubt that Russian intelligence was pulling the strings. “Circumstantial evidence and conventional wisdom indicates Russian responsibility,” exiled NSA whistleblower Edward Snowden tweeted last August. “Why did they do it? No one knows, but I suspect this is more diplomacy than intelligence, related to the escalation around the [Democratic National Committee] hack.”

The FBI started investigating, and in August agents arrested an NSA contractor named Hal Martin after discovering that Martin had been stockpiling agency secrets in his house for two decades. But even as Martin cooled his heels in federal custody, the Shadow Brokers continued to post messages and files.

Snowden and other experts speculated that the Russians obtained the code without the help of an insider. As a matter of tradecraft, intelligence agencies, including the NSA, secretly own, lease, or hack so-called staging servers on the public internet to launch attacks anonymously. By necessity, those machines are loaded up with at least some of the agency’s tools. Snowden theorized that the Russians penetrated one of those servers and collected an NSA jackpot. “NSA malware staging servers getting hacked by a rival is not new,” he wrote.
Whatever their origin, the leaks dried up on Jan. 12, when the Shadow Brokers announced their “retirement” 10 days before Donald Trump’s swearing-in. The group didn’t reemerge until this month, after the Syrian military’s deadly chemical-weapons attack in Ghouta. Reportedly moved by images of the Syrian children injured or killed in the attack, Trump responded by ordering the launch of 59 Tomahawk missiles at a Syrian government air base—departing drastically from the will of Putin, who considers Syrian President Bashar al-Assad a strategic ally.

The Russian government immediately condemned the U.S. response. Two days later, so did the Shadow Brokers. The group broke its months-long silence and released another tranche of NSA secrets along with a lengthy open letter to Trump protesting the Syrian missile strike. Abandoning any pretense of a profit motive, the Shadow Brokers claimed now to be disillusioned U.S. voters—“the peoples who getting you elected,” as they put in, using phrasing that holds dual meaning coming from a suspected Kremlin operation.

The Shadow Brokers have been playing hardball ever since. Their most recent release, on Friday, exposed the code for a sophisticated NSA toolkit targeting Windows machines, putting some of the agency’s capabilities, circa 2013, in the hands of every newbie hacker able to use a keyboard.

This time, the Shadow Brokers didn’t stop with code. For the first time in their short history, they also released internal NSA spreadsheets, documents, and slide decks, some bedecked with the insignia and “Top Secret” markings familiar to anyone who’s browsed the Snowden leaks.

The leak exposes in detail a 2013 NSA hacking operation called Jeep Flea Market that gained deep access to Dubai-based EastNets, a company that handles wire transfers for a number of Middle East banks, something of obvious interest to U.S. intelligence. (EastNets denies the breach.) But the Shadow Brokers exposed more than just an NSA operation. Metadata left in the files identified the full name of a 35-year-old NSA worker in San Antonio who was apparently involved in the hack. (The Daily Beast was unable to reach him for comment.)
NSA hackers don’t face the same danger as CIA officers working undercover in a foreign country, but the likelihood that Russia has begun exposing them by name, while linking them to specific operations, raises the stakes for the intelligence community. If nothing else, the San Antonio NSA worker could plausibly face criminal and civil charges in the United Arab Emirates, just as hackers working for Russian and Chinese intelligence have been indicted in the U.S.

It’s conceivable that the Shadow Brokers included the name by mistake. Groups like WikiLeaks and the journalists with the Snowden cache are accustomed to scrubbing identifying metadata from documents. But a less-experienced hand might overlook it. Schneier is doubtful. “If we’re assuming an intelligent and strategic actor, which I think we are, then you have to assume that they did that on purpose,” he said.

Nothing is certain; the Shadow Brokers are a puzzle with missing pieces. But Friday’s Shadow Brokers release obliterated one theory on the spot. The NSA would never have put classified spreadsheets and PowerPoint slides on a staging server. They could only have come from inside the NSA.

Which sets the stage for a revival of a storied Cold War intelligence ritual, with the declining agency morale that comes with it: the Russian mole hunt. “I think we’re most likely looking at someone who went rogue from within, or a contractor who had access to this information,” said Eric O’Neill, national-security strategist for Carbon Black. “Either way, we have someone in the intelligence community that’s a pretty high-placed spy.”

A former FBI surveillance specialist, in 2001 O’Neill helped bring down Robert Hannsen, a double agent in the bureau who’d been secretly spying for Russia. “The FBI must be scrambling right now,” he said. “There’s so many leaks going on: this leak, the CIA Vault7 leaks, and at the same time there’s the investigation into any administration ties to Russia, and the DNC intrusion, and all these leaks coming out of the White House. There’s only so much that the FBI’s national security agents can do.”

If Russia did have a mole inside the NSA in 2013, the most recent date of the documents, Schneier thinks it unlikely that it does now, or else the Shadow Brokers wouldn’t exist. “You only publish when it’s more useful as an embarrassment than as intelligence,” he said. “So if you have a human asset inside the NSA, you wouldn’t publish. That asset is too important.”

It’s also possible, though unprecedented in the public record, that Russia found a way into the NSA’s classified network. A competing theory focuses on the FBI’s early suspect, Hal Martin. He’s not the Shadow Brokers, but he reportedly worked in the NSA’s Tailored Access Operations program and had 50,000 gigabytes of classified material in his home. Might he himself have been hacked? Martin is charged in Maryland with 20 counts of willful retention of national defense information, but prosecutors have not made any accusation that his trove slipped into enemy hands.

As Snowden demonstrated when he walked out of the NSA with a thumb drive of secrets, it’s comparatively easy now to steal and smuggle classified information. But O’Neill says the FBI’s counterintelligence mission is easier too, because of the rampant audit trails and server logs in classified networks.

“It’s much easier getting the secrets out now, but on the flip side, it’s also easier for law enforcement and the FBI to track down who had access to the data,” he says. “I like to think this mole hunt is going to be a little easier than it was in the past.”

Until then, expect the Shadow Brokers to stick around. In their Friday dump, they hinted at more revelations this week: “Who knows what we having next time?”

*** WASHINGTON — Forget about spies. It’s rogue insiders that cause heartburn at U.S. intelligence agencies these days.

Few spy cases have broken in the past decade and a half. In contrast, a proliferation of U.S. intelligence and military insiders have gone rogue and spilled secrets to journalists or WikiLeaks, the anti-secrecy group.

The leaks are as damaging as any major spy case, perhaps more so. And they have underscored the ease of stealing secrets in the modern age, sometimes with a single stroke of a keyboard.

Since early March, WikiLeaks has published part of a trove of documents purportedly created by cyber units of the Central Intelligence Agency. WikiLeaks continues to upload the documents and hacking tools, dubbed Vault 7, to the internet for all to see.

For its part, a mysterious group that calls itself the Shadow Brokers has re-emerged and dumped a large catalog of stolen National Security Agency hacking tools on the internet, including evidence the agency had penetrated Middle Eastern banking networks.

“In the past, we’ve lost secrets to foreign adversaries,” retired Air Force Gen. Michael Hayden, a former director of both the CIA and the NSA, said in an interview. “Now we’ve got the self-motivated insider that is our most important counterintelligence challenge.”

Hayden cited the cases of Army Pfc. Chelsea Manning, convicted in 2013 for releasing three-quarters of a million classified or sensitive military and diplomatic documents to WikiLeaks. He also mentioned Edward Snowden, the former NSA contractor who shook public opinion with his disclosures to journalists in 2013 about U.S. surveillance practices. Hayden added the Vault 7 disclosures last month, which others presume were stolen by a contract employee at the CIA. Read more here.

 

 

 

EPA Possible Buyout, Why Not Education?

Personally, why do we have to buyout any government employee? Just begin to defund departments within agencies and non-mandatory employees are laid-off right? Remember that quasi government shutdown during the Obama administration where no one missed anything that government did or didn’t do?

Meanwhile, offering EPA employees an early buyout is an option for sure, but why not apply the same plan to the Department of Education?

The U.S. Department of Education promotes student achievement and preparation for global competitiveness by fostering educational excellence and ensuring equal access to educational opportunity. To support this mission, the Budget provides $70.7 billion in discretionary funding for the Department of Education in 2016, an increase of $3.6 billion, or 5.4 percent, over the 2015 level. The Budget also proposes $145 billion in new mandatory spending and reforms over the next decade to fund early learning, support teachers, and reform postsecondary education.

While investing in education in all domains, the Budget places particular emphasis in four areas: (1) increasing equity; (2) expanding access to high-quality early learning; (3) increasing support for teachers; and (4) expanding college opportunity and quality. In addition, the Budget makes a cross-cutting commitment to using and developing evidence in order to maximize results for taxpayers and students. In recent years, the Department has pioneered several evidence-based programs and introduced priorities for the use of evidence into existing initiatives. By investing in what works, learning more about what works, and sharing what we learn, we can help more students succeed. (blah blah blah, right)

Meanwhile, back to the EPA…. an agency that has declared a temporary rain puddle is the property of the Federal government….

EPA To Offer Employees Buyouts, Early Retirement This Year

The Environmental Protection Agency will begin offering employees financial incentives to leave the agency this year, according to an internal memorandum obtained by Government Executive.

As part of its efforts to meet the requirements of recently issued guidance from the Office of Management and Budget calling on all agencies to restructure themselves and reduce their workforces, EPA will continue a freeze on external hiring and begin offering early retirement and buyouts. Details of the plans were not made clear in the memo, which was sent by acting Deputy Administrator Mike Flynn. He noted only that EPA’s goal was to complete the separation incentive program by Sept. 30, the end of fiscal 2017.

Agencies can offer up to $25,000 to employees who have worked in the federal government at least three years through a Voluntary Separation Incentive Payment and allow employees not otherwise eligible for retirement benefits to receive them through Voluntary Early Retirement Authority. The Office of Personnel Management must approve all early out and buyout programs.

In its guidance, OMB said OPM would “provide expedited reviews for most [VERA and VSIP] requests within 30 days.” While OMB said it would not prescribe any specific strategy or set reduction targets for individual agencies, President Trump’s fiscal 2018 budget called on the EPA to cut 25 percent of its workforce, amounting to 3,200 employees. The proposal suggested slashing 31 percent of the agency’s budget.

EPA has endured significant spending cuts in recent years, with its spending level already reduced more than 20 percent since 2010 and its workforce at its smallest total since 1989. EPA last offered separation incentives to its employees in 2014, targeting mostly regional offices.

A recently released inspector general report found EPA paid $11.3 million to get 456 employees to leave the agency that year. Generally, the IG found the incentives “aided workforce restructuring goals,” though it was unclear if EPA had successfully reached its other goals of obtaining staff with new skillsets and increasing the number of staffers per supervisor. When accounting for the additional annual leave payments, EPA doled out a total of $16.2 million in 2014 to separate the employees. The IG noted the agency could not control how many or which employees would voluntarily leave, but that the various EPA offices adequately analyzed their workforce data to determine which positions to target.

Under OMB’s guidance, all agencies must come up with both short and long-term plans to reduce their staffing levels, with preliminary plans due June 30. Flynn said EPA has recently formed a workgroup to develop its agency reform plan. EPA is at least the third agency to continue its hiring freeze despite Trump ending it last week. Flynn said the agency will approve “very limited exceptions” to the moratorium and allow certain internal reassignments.

“I appreciate your patience as we work through the details of the guidance and will work with you as we move forward,” Flynn said.

Liz Bowman, an EPA spokeswoman, said the approach mirrored the one taken by the Obama administration and would ensure “payroll expenses do not overtake funds used for vital programs to protect the environment.”

“Streamlining and reorganizing is good government and important to maximizing taxpayer dollars,” she said.

John O’Grady, president of the American Federation of Government Employees council that represents many EPA workers, said reaching the administration’s desired cuts through incentive payments would prove prohibitively expensive. EPA, he added, is already “underfunded and understaffed.”

“Any further cuts will absolutely cripple the agency,” O’Grady said.

OPM did not immediately respond to requests for further details on the separation incentives.

Then….the progressives are fighting back on this proposed legislation regarding the EPA:

Honest and Open New EPA Science Treatment Act of 2017 or the HONEST Act

(Sec. 2) This bill amends the Environmental Research, Development, and Demonstration Authorization Act of 1978 to prohibit the Environmental Protection Agency from proposing, finalizing, or disseminating a covered action unless all scientific and technical information relied on to support such action is the best available science, specifically identified, and publicly available in a manner sufficient for independent analysis and substantial reproduction of research results. A covered action includes a risk, exposure, or hazard assessment, criteria document, standard, limitation, regulation, regulatory impact analysis, or guidance. Personally identifiable information, trade secrets, or commercial or financial information obtained from a person and privileged or confidential must be redacted prior to public availability. Read more about it here.