Category Archives: Whistleblower

Hey Hilary and Cheryl, it is a Felony

Posted on by

Hoorah for Senator Grassley and..today February 29, 2016, the last official court ordered email document dump by the State Department is expected.

It is important to remember that a chain of email discussions included drone strikes.

Senior Clinton aide maintained top secret clearance amid email probe, letters show

FNC:

EXCLUSIVE: A senior Hillary Clinton aide has maintained her top secret security clearance despite sending information now deemed classified to the Clinton Foundation and to then-Secretary of State Clinton’s private unsecured email account, according to congressional letters obtained by Fox News.

Pictured left, former Secretary of State Hillary Clinton. Pictured right, her former chief of staff Cheryl Mills.

Current and former intelligence officials say it is standard practice to suspend a clearance pending the outcome of an investigation. Yet in the case of Cheryl Mills, Clinton’s former chief of staff at the State Department, two letters indicate this practice is not being followed — even as the Clinton email system remains the subject of an FBI investigation.

In an Oct. 30, 2015, letter to Senate Judiciary Committee Chairman Charles Grassley, R-Iowa — who has been aggressively investigating the Clinton email case — Mills’ lawyer Beth A. Wilkinson confirmed that her client “has an active Top Secret clearance.” The letter said previous reporting from the State Department that the clearance was no longer active was wrong and due to “an administrative error.”

A second letter dated Feb. 18, 2016, from the State Department’s assistant secretary for legislative affairs, Julia Frifield, provided additional details to Grassley about the “administrative error.” It, too, confirmed Mills maintained the top secret clearance.

The letters come amid multiple congressional investigations, as well as an FBI probe focused on the possible gross mishandling of classified information and Clinton’s use of an unsecured personal account exclusively for government business. The State Department is conducting its own administrative review.

Under normal circumstances, Mills would have had her clearance terminated when she left the department. But in January 2014, according to the State Department letter, Clinton designated Mills “to assist in her research.” Mills was the one who reviewed Clinton’s emails before select documents were handed over to the State Department, and others were deleted.

Dan Maguire, a former strategic planner with Africom who has 46 years combined service, told Fox News his current and former colleagues are deeply concerned a double standard is at play.

A sample of the emails released from last week, lots of gossip.

“Had this happened to someone serving in the government, their clearance would have already been pulled, and certainly they would be under investigation. And depending on the level of disclosure, it’s entirely possible they would be under pretrial confinement for that matter,” Maguire explained. “There is a feeling the administration may want to sweep this under the rug.”

On Monday, the State Department was scheduled to release the final batch of Clinton emails as part of a federal court-mandated timetable.

So far, more than 1,800 have been deemed to contain classified information, and another 22 “top secret” emails have been considered too damaging to national security to release even with heavy redactions.

As Clinton’s chief of staff, Mills was a gatekeeper and routinely forwarded emails to Clinton’s personal account. As one example, a Jan. 23, ‎2011 email forwarded from Mills to Clinton, called “Update on DR meeting,” contained classified information, as well as foreign government information which is “born classified.”

The 2011 email can be declassified 15 years after it was sent — indicating it contained classified information when it was sent.

Fox News was first to report that sworn declarations from the CIA notified the intelligence community inspector general and Congress there were “several dozen emails” containing classified information up to the most closely guarded government programs known as “Special Access Programs.”

Clinton has maintained all along that she did not knowingly transmit information considered classified at the time.

The U.S. Department of State Foreign Affairs Manual lays out the penalties for taking classified information out of secure government channels – such as an unsecured email system. While the incidents are handled on a “case by case” basis, the manual suggests the suspension of a clearance is routine while “derogatory information” is reviewed.

The manual says the director of the Diplomatic Security Service, “based on a recommendation from the Senior Coordinator for Security Infrastructure (DS/SI), will determine whether, considering all facts available upon receipt of the initial information, it is in the interests of the national security to suspend the employee’s access to classified information on an interim basis. A suspension is an independent administrative procedure that does not represent a final determination …”

Fox News has asked the State Department to explain why Mills maintains her clearance while multiple federal and congressional investigations are ongoing. Fox News also asked whether the department was instructed by the FBI or another entity to keep the clearance in place. Fox News has not yet received a response.

Hillary’s Email Pals Included the WH and SCOTUS Judges

Posted on by

Sheesh…..now what about the 30,000 emails about ah yoga and wedding plans…yeah, yoga sure Hillary. What about the emails from the White House to Hillary…ah all this transparency is well infectious eh?

Ever wonder why a Secretary of State needed to email, confer and be email pals with selected Supreme Court justices?

Hillary’s email account an open secret in Washington long before scandal broke

WashingtonTimes: Hundreds of people — from White House officials and titans of the mainstream media to senators, Supreme Court justices and many of her top colleagues at the State Department — could have known about Hillary Clinton’s secret email account, if only they’d cared to look closely enough.

Listed on some of the more than 28,000 messages Mrs. Clinton released so far are several White House chiefs of staff and a former director of the Office of Management and Budget, much of the rest of official Washington, and a number of people who had oversight of the State Department’s key operations and open-records obligations. President Obama was also on a series of messages, though the government is withholding those.

But just how widely disseminated Mrs. Clinton’s address was became clear in a single 2011 message from Anne-Marie Slaughter, who appeared to include Mrs. Clinton on a message alongside Supreme Court Justices Stephen G. Breyer and Elena Kagan, reporters Jeffrey Toobin, David Brooks, Fred Hiatt and Evan Thomas, CIA Director David H. Petraeus, top Obama aide Benjamin Rhodes and former White House counsel Gregory Craig.

 
Computer specialists said they would have had to know what they were looking for to spot Mrs. Clinton’s address, but it was there for anyone who did look — raising questions about how her unique arrangement remained secret for so long. It came to the public’s attention when news broke in March 2015 in The New York Times — after it was uncovered by a congressional investigation into the 2012 Benghazi terrorist attack.

The State Department has since acknowledged that it did not search Mrs. Clinton’s messages in response to open-records requests filed under federal law, and federal District Judge Emmet G. Sullivan is prodding the department about how the situation got so out of hand.

“We’re talking about a Cabinet-level official who was accommodated by the government for reasons unknown to the public. And I think that’s a fair statement — for reasons unknown to the public,” the judge said at a hearing last week, where he decided to approve conservative legal group Judicial Watch’s request for discovery to pry loose more details about who approved the odd email setup and how it ducked the rules.
“All the public can do is speculate,” Judge Sullivan told the government lawyers who have been fighting to drag out the release of the messages Mrs. Clinton has turned over, and to prevent her from having to relinquish thousands of others. “You want me to say it’s done, but I can’t do that right now.”

The final batch of messages the State Department has in its custody — 2,000 of them — is due to be released Monday.

The facts have changed dramatically since the emails were first revealed and Mrs. Clinton insisted that she set up her unique arrangement out of “convenience” for herself and insisted no classified material was sent on the account.

Already, 1,782 messages have been deemed to contain classified material, and 22 of those messages contain “secret” information. Another 22 messages contain “top secret” material so sensitive that the government won’t even release any part of them, meaning they will remain completely hidden from the public.

Mrs. Clinton’s arrangement set off public policy and security debates. Analysts said her server was likely unprotected against any moderately sophisticated attack.

Although details remain sketchy as to what protection Mrs. Clinton used, analysts said having one person maintaining her server is no way to protect sensitive information from a hack. Christopher Soghoian, principal technologist at the American Civil Liberties Union, said there is no evidence that Mrs. Clinton was having her server tested by independent specialists — a major oversight.

“You cannot secure your server with one guy working part time,” Mr. Soghoian said.

That one person, Bryan Pagliano, who reportedly worked for Mrs. Clinton at the State Department and on the side as her server technician, asserted his Fifth Amendment right against incriminating himself in testimony to Congress last year.

Even if the server itself wasn’t compromised, Mr. Soghoian said, Mrs. Clinton was sending email over the broader Internet, where an enterprising opponent could have intercepted messages. If she had been using a State.gov account to email others within the government, that wouldn’t have been possible, he said.

There is no evidence that Mrs. Clinton was hacked, but analysts said that’s of little comfort. Even if the FBI doesn’t find evidence, it is not conclusive.

“Clinton’s use of unencrypted email left her vulnerable to nation states. There’s no amount of investigation the FBI can do to prove that didn’t happen,” Mr. Soghoian said.

Bob Gourley, co-founder of cybersecurity consultancy Cognitio, said the government has to assume Mrs. Clinton’s server was compromised, and he said it begs the question of why she declined to use a State.gov account and instead set up her own off-site server.

“All indications are this was not just a matter of convenience,” he said. “There’s no reason why she should have used her own server and go to all the trouble to do that unless she wanted to hide something.”

That something, Mr. Gourley believes, is the negotiating she did on behalf of the Clinton Foundation, founded by her husband, former President Bill Clinton. She helped lead the foundation as soon as she stepped down from the secretary’s job.

The security analyst said he suspects details of those negotiations are part of the 30,000 messages Mrs. Clinton indicated she sent during her time in office but that she declined to turn back to the State Department. The former secretary said those messages were personal business, such as scheduling yoga classes or arranging her daughter Chelsea’s wedding.

Judicial Watch is trying to get Mrs. Clinton to turn over those messages to the State Department, and that’s the case pending before Judge Sullivan.

“The big story on Monday is, wow, now we have reviewed about half of Mrs. Clinton’s reported records. Where’s the other half?” said Judicial Watch President Tom Fitton. “That’s what our discovery is about. Where’s the other half, and how can we find out so they can be retrieved and reviewed and released to the public?”

Mrs. Clinton says the Obama administration is overclassifying her messages. She says she would like all of the messages she returned to the government released, including presumably the 22 the government deems so “top secret” that they can’t be shared even in part.

She and her campaign have questioned the political motivations or conclusions of the inspectors general who have pushed for classification, to Judge Sullivan, whose order of discovery could force her aides to answer tough questions and could eventually lead to her having to return the rest of her emails.

Mr. Fitton said the questions Judicial Watch will ask during discovery include how the government supported her email server, why the folks who handled Freedom of Information Act open-records requests weren’t made aware of it, who else used it, what security precautions were taken and who approved it.

A Washington Times analysis of the more than 28,000 messages that have been released show dozens of State Department employees, from the lowest to the highest levels, were aware that Mrs. Clinton was using her unique arrangement to conduct government business.

The extensive awareness within the department struck Judge Sullivan.

“How on earth can the court conclude that there’s not, at a minimum, a reasonable suspicion of bad faith regarding the State Department’s response to this FOIA request?” he said at a hearing last week.

Mrs. Clinton’s successor, current Secretary of State John F. Kerry, was one of those who emailed with Mrs. Clinton on her secret account during his time in the Senate. He was one of a handful of senators The Times found who were pen pals with Mrs. Clinton.

Last week, Mr. Kerry tried to explain how he missed Mrs. Clinton’s behavior and told Congress he simply mailed the address he was given.

“I didn’t think about it. I didn’t know if she had an account, or what the department gave her at that point in time, or what she was operating with. I had no knowledge,” he told Rep. Darrell E. Issa, a California Republican who prodded him on the matter.

Stories about odd email practices have continued to dog Mr. Obama’s tenure. His former administrator at the Environmental Protection Agency, Lisa P. Jackson, used a secret agency email address to conduct government business, but the EPA says those messages were searched in open-records requests.

Defense Secretary Ashton Carter used a private address to conduct some government business in the first months after taking office. He said the practice was wrong and apologized for it.

Mr. Gourley, the cybersecurity specialist, said Mrs. Clinton’s practice went beyond that. He compared it to a phone, saying everyone has a home phone or personal cellphone, and even top government officials occasionally use it for official business. But in Mrs. Clinton’s case, she rejected an official government email account and used only her secret account.

“Those kinds of rules were just totally flouted by Clinton,” he said.

The Muslim Brotherhood, Then, Now and Hillary

Posted on by

Wonder if Hillary or Anne Patterson received and read the full Great Britain document on the investigation into the Muslim Brotherhood? The scrubbed UK investigation report is here.

Misguided diplomacy at the White House and the U.S. State department is mission objectives and investment over terror facts and names, of this there is no dispute.

 

Hillary Emails: State Discussed ‘Cooperating,’ ‘Increased Investment’ With Egypt’s Muslim Brotherhood Government

TEL AVIV – 1,500 pages of former Secretary of State Hillary Clinton’s emails provide insight into the level of support the U.S. was considering in 2012 for Egypt’s newly elected Muslim Brotherhood government.

Breitbart: On August 30, 2012, Robert D. Hormats, the under-secretary of state for economic affairs, wrote to Clinton’s then-Deputy Chief of Staff Jake Sullivan to update him on a meeting he held with .

Shater was later sentenced to life imprisonment and then to death for multiple alleged crimes, including inciting violence and financial improprieties.

The email reveals Hormats and other U.S. diplomats discussed  methods of cooperation with Shater, including an increase in American direct foreign investment.

Hormats wrote:

Anne Patterson, Bill Taylor, and I met with Muslim Brotherhood Deputy Supreme Guide Khairat al-Shater. He discussed broad principles of economic development based on 100 large infrastructure projects (over a billion dollars each) as part of Morsi’s Nadah (Renaissance Plan) Plan; ways of cooperating with the US to obtain support for these projects and for SMEs; and his hope for an IMF agreement and increased foreign direct investment from the US, the West, and the Arab world. He also noted that it was a priority for the GOE to build a true democratic system based on human rights and the rule of law.

Patterson, the U.S. Ambassador to Egypt at the time, was known for her repeated engagement with the Muslim Brotherhood. Taylor was the U.S. Special Coordinator for Middle East Transitions; that is, the U.S. envoy to the new leadership that emerged in the wake of the so-called Arab Spring.

Hormats’ meetings with the Muslim Brotherhood were not secret. But the emails reveal the scope of his discussions with the group about possible future investment.

In September 2012, the New York Timesreported that Hormats had led a delegation of businesses to Egypt to discuss possible private investment.

That same month, the State Department published a document that received little news media attention. It revealed that in August and September 2012, “Hormats visited Egypt to negotiate possible bilateral debt relief,”but the document did not provide further details.

After the toppling of Egypt’s longtime president Hosni Mubarak, the Muslim Brotherhood’s Muhammad Morsi served as president from June 30, 2012 to July 3, 2013, when he was removed from office amidst widespread protests and a military coup. After Mubarak was removed from office, the Obama administration pledged $1 billion in assistance to bolster Egypt’s transition to democracy.

Clinton and Secretary of Defense Leon Panetta each visited Cairo and met with Morsi during his tenure as president.

The meeting that Hormats describes in the email took place while the U.S. was negotiating an aid package to help relieve Egypt’s debt crisis amid concerns from U.S. lawmakers about funding the Muslim Brotherhood.

The email was sent a week and a half before protesters besieged the U.S. Embassy in Cairo on September 11, 2012, the same day the U.S. Special Mission in Benghazi came under attack.

Following the attacks, Obama stated of Morsi’s government, “I don’t think that we would consider them an ally, but we don’t consider them an enemy.”

***

Back in November of 2015, Senator Cruz was leading a charge in the Senate to list the Muslim Brotherhood as a terror organization. The Muslim Brotherhood is part of several proven terror organizations. Going back to 2014, Saudi Arabia joined the United Arab Emirates and Bahrain in withdrawing its ambassadors from Qatar, which it sees as an important supporter of the Muslim Brotherhood.

in 2014, Prime Minister David Cameron ordered an investigation into the Muslim Brotherhood as a terror organization and the results were conclusive they were, however due to internal pressure from Islamists all over Europe and especially the UK, Cameron pulled the report.

 

After Ukraine, DHS Warns Domestic Utility Companies

Posted on by

Feds advise utilities to pull plug on Internet after Ukraine attack

WashingtonExaminer: The Department of Homeland Security advised electric utilities Thursday that they may need to stop using the Internet altogether, after the agency found that a cyberattack that brought down Ukraine’s power grid in December could have been far more devastating than reported.

The Dec. 23 cyberattack forced U.S. regulators to place utilities on alert after unknown attackers caused thousands of Ukrainian residents to lose power for hours by installing malicious software, or malware, on utility computers. But the Department of Homeland Security said Thursday that the attack may have been directed at more than just the country’s electricity sector, suggesting the attackers were looking to cause more harm than was reported.

In response, federal investigators are recommending that U.S. utilities and other industries “take defensive measures.” To start with, they need to best practices “to minimize the risk from similar malicious cyber activity,” according to an investigative report issued Thursday by Homeland Security’s Industrial Control Systems Cyber Emergency Response Team.

But the team is also recommending more drastic action, such as keep control-system computers away from the Internet.

“Organizations should isolate [industrial control system] networks from any untrusted networks, especially the Internet,” the report says. “All unused ports should be locked down and all unused services turned off. If a defined business requirement or control function exists, only allow real-time connectivity to external networks. If one-way communication can accomplish a task, use optical separation.”

The findings show that the power outages were caused by three attacks using cyberintrusion software to attack electric power distribution companies, affecting about 225,000 customers. It also reveals that once power was restored, the utilities continued “to run under constrained operations,” implying that the damage to grid control systems was profound.

The team also learned that “three other organizations, some from other critical infrastructure sectors, were also intruded upon but did not experience operational impacts.” That suggests the attackers were going after more than just the power grid, and may have been planning a much more economy-wide attack. The team does not disclose what other sectors of the country were targeted.

The team said the attack was well-planned, “probably following extensive reconnaissance of the victim networks,” the report says. “According to company personnel, the cyberattacks at each company occurred within 30 minutes of each other and impacted multiple central and regional facilities.”

The attackers were attempting to make the damage permanent. The report says the attackers installed “KillDisk” malware onto company computers that would erase data necessary to reboot operations after a cyberattack.

There is also a mystery to the attackers’ actions.

“Each company also reported that they had been infected with BlackEnergy malware; however, we do not know whether the malware played a role in the cyberattacks,” the report says. The malware was delivered using an email embedded hacking technique known as “spear phishing” that contained a number of malicious Microsoft Office attachments.

“It is suspected that BlackEnergy may have been used as an initial access vector to acquire legitimate credentials; however, this information is still being evaluated,” the team says.

The investigation was done with Ukraine authorities and involved the FBI, Department of Energy and the North American Electric Reliability Corporation.

*** 

New research is shining a light on the ongoing evolution of the BlackEnergy malware, which has been spotted recently targeting government institutions in the Ukraine.

Security researchers at ESET and F-Secure each have dived into the malware’s evolution. BlackEnergy was first identified several years ago. Originally a DDoS Trojan, it has since morphed into “a sophisticated piece of malware with a modular architecture, making it a suitable tool for sending spam and for online bank fraud,” blogged ESET’s Robert Lipovsky.

“The targeted attacks recently discovered are proof that the Trojan is still alive and kicking in 2014,” wrote Lipovsky, a malware researcher at ESET.

ESET has nicknamed the BlackEnergy modifications first spotted at the beginning of the year ‘BlackEnergyLite’ due to the lack of a kernel-mode driver component. It also featured less support for plug-ins and a lighter overall footprint.

“The omission of the kernel mode driver may appear as a step back in terms of malware complexity: however it is a growing trend in the malware landscape nowadays,” he blogged. “The threats that were among the highest-ranked malware in terms of technical sophistication (e.g., rootkits and bootkits, such as Rustock, Olmarik/TDL4, Rovnix, and others) a few years back are no longer as common.”

The malware variants ESET has tracked in 2014 – both of BlackEnergy and of BlackEnergy Lite – have been used in targeted attacks. This was underscored by the presence of plugins meant for network discovery, remote code execution and data collection, Lipovsky noted.

“We have observed over a hundred individual victims of these campaigns during our monitoring of the botnets,” he blogged. “Approximately half of these victims are situated in Ukraine and half in Poland, and include a number of state organizations, various businesses, as well as targets which we were unable to identify. The spreading campaigns that we have observed have used either technical infection methods through exploitation of software vulnerabilities, social engineering through spear-phishing emails and decoy documents, or a combination of both.”

In a whitepaper, researchers at F-Secure noted that in the summer of 2014, the firm saw samples of BlackEnergy targeting Ukrainian government organizations for the purposes of stealing information. These samples were nicknamed BlackEnergy 3 by F-Secure and identified as the work of a group the company refers to as “Quedagh.” According to F-Secure, the group is suspected to have been involved in cyber-attacks launched against Georgia during that country’s conflict with Russia in 2008.

“The Quedagh-related customizations to the BlackEnergy malware include support for proxy servers and use of techniques to bypass User Account Control and driver signing features in 64-bit Windows systems,” according to the F-Secure whitepaper. “While monitoring BlackEnergy samples, we also uncovered a new variant used by this group. We named this new variant BlackEnergy 3.”

Only Quedagh is believed to be using BlackEnergy 3, and it is not available for sale on the open market, noted Sean Sullivan, security advisor at F-Secure.

“The name [of the group] is based on a ship taken by Captain Kidd, an infamous privateer,” he said. “It is our working theory that the group has previous crimeware experience. Its goals appear to be political but they operate like a crimeware gang. There have been several cases this year of which BlackEnergy is the latest. The trend is one of off-the-shelf malware being used in an APT [advanced persistent threat] kind of way. The tech isn’t currently worthy of being called APT, but its evolving and scaling in that direction.”

Within a month of Windows 8.1’s release, the group added support for 64-bit systems. They also used a technique to bypass the driver-signing requirement on 64-bit Windows systems.

In the case of BlackEnergy 3, the malware will only attempt to infect a system if the current user is a member of the local administration group. If not, it will re-launch itself as Administrator on Vista. This will trigger a User Account Control (UAC) prompt. However, on Windows 7 and later, the malware will look to bypass the default UAC settings.  

“The use of BlackEnergy for a politically-oriented attack is an intriguing convergence of criminal activity and espionage,” F-Secure notes in the paper. “As the kit is being used by multiple groups, it provides a greater measure of plausible deniability than is afforded by a custom-made piece of code.”

In 2014 from the Department of Interior and DHS:

Summary: Investigation of NPS-GCNP SCADA SYSTEM

Report Date: August 7, 2014

OIG investigated allegations that the Supervisory Control and Data Acquisition (SCADA) system at Grand Canyon National Park (Park) may be obsolete and prone to failure. In addition, it was alleged only one Park employee controlled the system, increasing the potential for the system to fail or become unusable.

The SCADA system is a private utilities network that monitors and controls critical infrastructure elements at the Park. Failure of the system could pose a health and safety risk to millions of Park visitors. Due to potential risks that system failure posed, we consulted with the U.S. Department of Homeland Security Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) and asked that they assess the overall architecture and cybersecurity of the Park’s SCADA system.

ICS-CERT conducted an onsite review and issued a report outlining the weaknesses it found at the Park’s SCADA system, including obsolete hardware and software, inadequate system documentation and policies, insufficient logging and data retention. We provided a copy of ICS-CERT’s assessment report to the National Park Service for review and action.

 

 

FBI/NSA Versus Encryption, Investigating Plotting Attacks

Posted on by

Perspective only: Paris Attack and operating in a realm before any attack

NSA chief: ‘Paris would not have happened’ without encrypted apps

Michael Isikoff

Chief Investigative Correspondent

National Security Agency Director Adm. Michael Rogers warns that encryption is making it “much more difficult” for the agency to intercept the communications of terrorist groups like the Islamic State, citing November’s Paris attacks as a case where his agency was left in the dark because the perpetrators used new technologies to disguise their communications.

In an exclusive interview with Yahoo News, Rogers confirmed speculation that began right after the attack: that “some of the communications” of the Paris terrorists “were encrypted,” and, as a result, “we did not generate the insights ahead of time. Clearly, had we known, Paris would not have happened.”

Rogers’ comments were made on Friday, just days before the FBI obtained a court order requiring Apple to provide a “backdoor” into the data on the iPhone of one of the shooters in the San Bernardino, Calif., terror attack in December — an order the company is resisting. But his remarks are likely to fuel the debate over encryption that has sorely divided the U.S. intelligence and law enforcement community, on one side, and privacy advocates and U.S. technology companies. (A spokesman for the NSA had no comment today on the court order or on Apple’s response.)

Rogers has at times sought to steer a middle ground in this debate, acknowledging that encryption is “foundational to our future” and even saying recently that arguing about it “is a waste of time.” In the Yahoo News interview, he frankly acknowledged, “I don’t know the answer” to unencrypting devices and applications without addressing the concerns over privacy and competitiveness, calling for a national collaboration among industry and government officials to solve the problem.

But he left little doubt about the impact encryption is having on his agency’s mission.

“Is it harder for us to generate the kind of knowledge that I would like against some of these targets? Yes,” Rogers said. “Is that directly tied in part to changes they are making in their communications? Yes. Does encryption make it much more difficult for us to execute our mission. Yes.”

Rogers also provided new details about his agency’s efforts to implement the USA Freedom Act, a law passed in the wake of the Edward Snowden disclosures, which he said has made it “more expensive” for his agency to access the phone records of terror suspects inside the United States and has resulted in a “slightly slower” retrieval of data from U.S. phone companies.

But Rogers said the delay in retrieving phone records is measured “in hours, not days or weeks,” and he has not yet seen any “significant” problems that have “led to concerns … this is not going to work.”

“When I say more difficult to do the job, it’s certainly a little slower,” he said. “There is no doubt about that. It is not as fast.”

The new law — which has become a contentious issue in the presidential campaign — requires the NSA to get a secret court order to retrieve individual domestic phone records rather than collecting them in bulk and storing them in agency computers, as it had been doing before the Snowden disclosures. Critics, such as Sen. Marco Rubio, charge that the act has weakened the country’s defenses in the face of the mounting threats from the Islamic State and other terror groups.

But Rogers confirmed for the first time that the law was used successfully by the NSA after the San Bernardino terror attack to retrieve the phone records of the two perpetrators, and the agency “didn’t find any direct overseas connections.” Those records provided “metadata” — the time and duration of phone calls — but not the content of emails and text messages that the FBI is seeking by requiring Apple to unlock one of the iPhones. The FBI is continuing its efforts to track down who the two shooters “may have communicated with to plan and carry out” the attack, according to a court filing Tuesday.

Rogers’ comments came during a rare and wide-ranging interview inside the “Battle Bridge,” a special NSA situation room at its headquarters in Fort Meade, Md., equipped with teleconference screens to the White House and secure facilities around the world. It was built after the Osama bin Laden raid for use during international crises.

The former Navy cryptographer described a far-reaching reorganization of the electronic spying agency — dubbed NSA21 — that he is implementing this month to cope with evolving new national security threats. Chief among them: persistent cyberattacks from “nation state actors,” who he said are repeatedly hacking into — and Rogers believes laying the groundwork for manipulation of — the nation’s critical infrastructure systems, such as the electrical grid, the banking system and the energy sector.

Those foreign powers — widely acknowledged to be Russia, China, Iran and North Korea, although he wouldn’t name them — are “penetrating systems, what we think is for the purpose of reconnaissance. To get a sense of how they are structured. Where are their vulnerabilities? What are the control points that someone would want to access?”

While Rogers said he was “not going to get into specifics,” U.S. officials have confirmed that those attacks included an Iranian hack into the computer system of a New York dam that alarmed White House officials in 2013 and a highly sophisticated Russian infiltration of an unclassified Pentagon Joint Staff computer network that prompted the NSA director to shut down the entire network for two weeks last summer.

“This is not episodic or short-term focused,” said Rogers, who also serves as commander of the U.S. Cyber Command. “My sense is you are watching these actors make a long-term commitment. How do we ensure we have the capability to potentially impair [their] ability to actually operate?”

Yahoo News asked Rogers what motivated the attacks.

“I believe they want to have the capability, should they come to a political decision, that they in some way want to interfere with the United States or send a message to us,” he said.

One question Rogers pointedly declined to address is whether any overseas intelligence services had penetrated Hillary Clinton’s unsecured private email server — a scenario that former Defense Secretary Robert Gates recently said was “highly likely.”

“It’s something I’m not going to get into right now,” he said when pressed by Yahoo News as to whether such a penetration had taken place.

Rogers’ answer to the threat of foreign cyberattacks, incorporated into NSA21, is to create a new Directorate of Operations by merging the agency’s Signals Intelligence directorate — its electronic spying arm, which intercepts hundreds of millions of telephone calls, emails and text messages around the globe — with its smaller Information Assurance arm, which works with private industry to defend U.S. computer networks.

The proposal has prompted criticism that it will heighten suspicions of the NSA, making private companies even less willing to cooperate with the agency for fear of being seen as part of its massive global surveillance mission.

“I have to admit, it was something I spent a lot of time, as did the team, thinking about,” Rogers said when asked about the criticism. He added later, “I certainly acknowledge that there are some who would argue, ‘Hey, but you have this perception battle.’ My statement to that would be, ‘We have that perception battle every single day of the year, given the fact that the NSA, we acknowledge, works in both the offensive [signals interception] and defensive [cybersecurity] structures.’”

Dealing with the “perception” of the NSA as an unchecked surveillance colossus has been Rogers’ principal challenge since he took over the agency nearly two years ago during the biggest crisis in its history — the aftermath of the Snowden leaks, described by his predecessor, Gen. Keith Alexander, at the time as “the greatest damage to our combined nation’s intelligence systems that we have ever suffered.”

A congenial career Navy cryptologist who previously was commander of the Navy’s Fleet Cyber Command, Rogers has sought to repair the agency’s image and mend fences with Capitol Hill, striking a noticeably more measured and less combative tone in his public statements than Alexander did.

But when pressed about the lingering impact of the Snowden disclosures and persistent questions among privacy advocates and members of Congress about the NSA’s continued “incidental” collection of U.S. citizens’ communications, Rogers was unyielding and unapologetic.

He twice refused, for example, to shed any light on how many Americans’ emails and phone calls are “incidentally” collected by the NSA in the course of intercepting the communications of foreign targets. “We don’t talk about the specifics of the classified mission we do,” he said. He declined to explain why such information would be classified but insisted that access to those communications by the FBI is governed by legal processes.

Rogers warned that terrorist groups such as the Islamic State are moving to encrypted apps and networks, the so-called dark Web — a trend he asserted was “accelerated” by the Snowden disclosures.

“The trend has happened much faster than we thought,” he said. “And the part that is particularly discouraging to me is when we get groups, actors, specifically discussing the [Snowden] disclosures saying, ‘Hey, you need to make sure you don’t do X, Y or Z, or you don’t use this, because remember we know the Americans are into this.

“You’ve seen al-Qaida expressly, for example, reference the [Snowden] disclosures. You’ve seen groups — ISIL does the same — talk about how they need to change their discipline, need to change their security as a result of their increased knowledge of what we do and how we do it.”

But while many experts have argued that the movement toward encryption is the inevitable result of evolving new technologies, Rogers pointed to Snowden.

“No one should doubt for one minute there has been an impact here,” Rogers said. “I will leave it to others to decide right, wrong, good or bad. But there shouldn’t be any doubt in anybody’s mind that there has been an impact as a result of these disclosures.”

Rogers has strong feelings about what should happen to Snowden, who remains in Moscow, hailed around the world by many civil liberties groups, receiving accolades and awards (and financial compensation for speeches he delivers via Skype) — all while remaining a fugitive from U.S. justice. Rogers has not seen “Citizenfour,” the Oscar-winning documentary by Laura Poitras that presents the former NSA contractor as a courageous whistleblower, and he says he will “probably” not see the upcoming film “Snowden,” due in theaters this May, by Oliver Stone.

Asked about proposals that Snowden should receive some sort of leniency as part of a deal that would bring him home, Rogers talked about the concept of “accountability.” He recalled a conversation he had with his father about the My Lai Massacre when he joined the Naval ROTC in the post-Vietnam era in 1981.

“Dad, what do you do when you get an order that you think is immoral, unethical or illegal?” he said. “And my father, something I’ll always remember, said to me, ‘Michael, you must be willing to stand up and say, “This I will not do.” But Michael, you must also be willing to be held accountable for the decision you have made. And don’t ever forget, son, responsibility and accountability are intertwined. And it ain’t one or the other. It’s about both.’ And that seems to have been forgotten in all of this.”