Group items tagged

according to an uncensored version of a court statement by Mr. Hammond, leaked online the day of his sentencing in November, the target list was extensive and included more than 2,000 Internet domains. The document said Mr. Monsegur had directed Mr. Hammond to hack government websites in Iran, Nigeria, Pakistan, Turkey and Brazil and other government sites, like those of the Polish Embassy in Britain and the Ministry of Electricity in Iraq.

The hacking campaign appears to offer further evidence that the American government has exploited major flaws in Internet security — so-called zero-day vulnerabilities like the recent Heartbleed bug — for intelligence purposes. Recently, the Obama administration decided it would be more forthcoming in revealing the flaws to industry, rather than stockpiling them until the day they are useful for surveillance or cyberattacks. But it carved a broad exception for national security and law enforcement operations.

The adjudication process had a broad scope, taking into account the SF86 questionnaire, reports from background investigations, interviews with the applicant's family members and associates, his or her employment history, and for people seeking high-level clearances, the results of polygraph investigations.Seymour said such records “span an employee’s career” and could stretch back as far as 30 years. Officials have said that as many as 18 million people may have been affected by the breach. Asked specifically what information the hackers had obtained, Seymour told lawmakers that she preferred to answer later in a “classified session.” Seymour didn’t specify how many people’s information was stolen. But the OPM oversees background investigations, which comprise a key part of the adjudication process, for more than 90 percent of security clearance applicants, according to the Congressional Research Service. An OPM spokesman didn’t respond to a request for comment in time for publication.

A former senior U.S. intelligence official, who asked to remain anonymous, said the OPM breach would cause more damage to national security operations and personnel than the leaks by Edward Snowden about classified surveillance by the National Security Agency.“This is worse than Snowden, because at least programs that were running before the leaks could be replaced or rebuilt,” the former official said. “But OPM, that’s the gift that keeps on giving. You can’t rebuild people.”Adjudicators are in a powerful position because in deciding whether to recommend granting a security clearance, they have access to the entire scope of an applicant’s file and are told to make a subjective analysis.“The adjudication process is the careful weighing of a number of variables known as the whole-person concept,” according to official guidelines. “Available, reliable information about the person, past and present, favorable and unfavorable, should be considered in reaching a determination.”

By design, adjudication is an invasive process, meant to unearth risk factors including drug and alcohol abuse, extramarital affairs, a history of violence, and other events that speak to a person’s “trustworthiness” and their susceptibility to blackmail or being recruited to spy for a foreign government.For instance, “compulsive gambling is a concern, as it may lead to financial crimes including espionage,” the guidelines say. Adjudicators are told to note “a pattern of compulsive, self-destructive, or high risk sexual behavior,” “relapse after diagnosis of alcohol abuse,” and “emotionally unstable, irresponsible, dysfunctional, violent, paranoid, or bizarre behavior,” among other warning signs in 13 categories. Some of the embarrassing personal details found in some adjudications have been made public. That’s what happens after an applicant who was denied a security clearance launched an appeal.

Armed with such intimate details of a person’s worst moments, foreign spies would have unprecedented advantage against their U.S. adversaries. And the news is especially bad for people who hold the highest levels of clearance, which require more rigorous background checks, noted Adams, the computer security expert. “The higher up you go in your sensitivity levels, the more data that’s in your adjudication file,” he said.

Regin has been used to spy on telecom providers, financial institutions, energy companies, airlines, research institutes and the hospitality industry, and on European Union officials. The 14 countries found to have been penetrated include Russia, Malaysia, Afghanistan, and Fiji. Even though the trail is hot now, security experts say that Regin is still out there committing wholesale espionage. That’s because parts of it like QWERTY help mask other components. Like any good spy, it’s constantly changing disguises.

Two executive branch review panels have found the dragnet phone program has had minimal value for catching terrorists, its stated purpose. After years of presiding over the collection and months of publicly defending it, President Barack Obama pivoted last year and asked Congress to pass legislation ending the program. A measure to do so failed last year.

More importantly however, is what kind of message an US statement like that sends to ISIS, as well as Al Nusra and other terrorist brigades inside Syria, which is basically, “we do not need to worry about US air strikes, only Syrian Army and Russian strikes.” This situation really sums up the utter fraud and contempt of the US deception in Syria, and it’s no surprise that the Russian Foreign Ministry are reticent to extend themselves any more where the US is concerned. Then, in March 2016, when ISIS fled Palmyra, back across the desert towards Deir ez-Zor and Raqqa – the great and powerful US ‘Coalition’ airforce actually helped ISIS in a number of ways, including allowing them free passage once more. In late August, we were told that the Turkish Army, alongside “allied Syrian rebels” (terrorist group Faylaq al-Sham) backed by the US air cover, invaded Syria in order to capture the “ISIS-held” town of Jarabulus, Syria, this supposedly to cut off ISIS’s last open route into Turkey. But what happened to ISIS? The NYT even admitted that, “… it appeared that most of the militants had fled without a fight.” Here, ISIS appears to have been given advanced warning – by either US or Turkish intelligence, as they left the contested town of Jarabulus quietly, but in droves. In reality, Turkey twisted this operation in order to attack and degrade Kurdish militias including the US-backed artificial construct called the Syrian Democratic Forces (SDF), and pro-Kurdish People’s Protection Units (YPG) and Kurdish Democratic Union Party (PYD), the Syrian affiliate of the militant Kurdistan Workers’ Party (PKK) in Iraq and Turkey – all of whom are meant to be fighting ISIS. Instead, they are now busy dodging Turkish artillery rounds. Confusing, yes, but true nonetheless.

It’s also common knowledge now, that top of the line US weaponry is being used by ISIS, both in Iraq, in Afghanistan and in Syria as well. In fact, if not for US weapons and supplies (along with US air intervention, or noninterventions), ISIS would have struggled to maintain many of the strategic positions it enjoys today. For the last 3 years, US officials have been dodging this issue, and when they do admit this is true, their patronizing party line is that, “this must be a mistake, if they do have US weapons, we didn’t mean it.” As if the world was born yesterday. Perhaps the most flagrant violation by the US-led forces in aiding and abetting ISIS took place on Sept 17, 2016, when the US-led Coalition bombed Syrian Army positions outside of Deir ez-Zor near al-Tharda Mountain, killing some 80 soldiers and injuring 100 more.  As if by design, an ISIS offensive began immediately following the US massacre of Syrian soldiers. Clearly, this bold move by the Pentagon paved the way for a major ISIS advance. To any normal observer, the US attack was a belligerent act of war that effective destroyed an already fragile bilateral ceasefire agreement, and yet the US response was to somehow blame Russia for calling an emergency UNSC meeting to discuss the incident. Judging by this response, it’s pretty clear that US wants to see the Syrian Conflict carry on for a while, and it will need groups like ISIS to make that happen.

The other problem with Washington’s hollow righteousness in the Middle East is that there are key members of the US-led “Coalition” who are financing ISIS, Al Nusra Front, Nour al Din Zinki, and Arar al Sham (all ‘moderate’ terrorists we’re told) militants in Syria, Iraq and beyond. This fact was recently admitted by former US Secretary of State and Democratic candidate Hillary Clinton, as revealed in this week’s batch of Wikileaks emails. Clinton writes: “While this military/para-military operation is moving forward, we need to use our diplomatic and more traditional intelligence assets to bring pressure on the governments of Qatar and Saudi Arabia, which are providing clandestine financial and logistic support to ISIL and other radical Sunni groups in the region.”  Add to that the multiple exposures over the last 3 years of the US CIA illegally trafficking lethal arms to Al Nusra and other terrorists through covert operations like Timber Sycamore. Still, US and NATO member state officials and their media gatekeepers continue to deny it and play dumb, rather than come clean that the United States and its ‘partners’ in the region are helping, not hindering ISIS terrorism. Some might ask: why would they do a thing like that? By now, the answer should be simple, but threefold:

ISIS is still one of Washington’s best hope for continuing instability, and “regime change” in Syria. The existence of ISIS in Syria and Iraq guarantees that Washington can invite itself to the party.  The ISIS brand has been a boon for the global military industrial complex and all of its bottom-feeder businesses and ‘security’ contract firms. What’s so comical yet even more tragic, is how prominent the topic of “ISIS” factors into all of the vapid ‘national security’ debates and media panels in this year’s US Presidential election, and in the dumbed-down ‘coverage’ of the delusional US mainstream media, led by Pentagon surrogate CNN, and hopeless FOX News. Judging by their prosaic ‘coverage’, neither the networks, nor Hillary Clinton or Donald Trump have the slightest clue of what the reality on the ground is. Instead we here, “My ISIS plan is better than yours!” The US political conversation has gone beyond ridiculousness. The corps of US military and CIA media spokesman aren’t much better. The sad part is some of them do know what is really happening, but would rather lie to the American public. With so much double dealing, who can you trust? Certainly not anyone in Washington. More on the White House’s latest dangerous proposition….

One of the president’s commission recommendations is that the NSA cease holding our phone records and demand that the private phone companies retain those records instead – for the NSA to access as it wishes. This is supposed to be reform?   The president will make a speech this Friday to tell the rest of us which of the suggestions made by his own commission he will decide to implement. Congress has no problem with that. Rep. Adam B. Schiff (D-Calif.) admitted last week that Congress has no intention of asserting itself in the process. “It’s my hope that [Obama will] do as much as he can through the executive process because the legislative process will be difficult, perilous and long.”

Senator Church famously said back in 1975: In the need to develop a capacity to know what potential enemies are doing, the United States government has perfected a technological capability that enables us to monitor the messages that go through the air… We must know, at the same time, that capability at any time could be turned around on the American people, and no American would have any privacy left... There would be no place to hide…. I know the capacity that is there to make tyranny total in America, and we must see to it that this agency and all agencies that possess this technology operate within the law and under proper supervision so that we never cross over that abyss. That is the abyss from which there is no return.” Have we reached that point? Let us hope not. Real reform begins with the repeal of the PATRIOT Act and of the 2001 Authorization for the use of military force. If we keep our eye on that goal and not allow ourselves to become distracted with the president’s phony commissions we might force Congress to listen.

The House of Representatives recently unanimously passed the bipartisan Freedom of Information Act Implementation Act (H.R. 1211), which includes a provision compelling agencies to update their FOIA regulations. The House bill — which now awaits Senate approval — would require each agency to update its FOIA regulations "not later than 180 days after the enactment of this Act." The White House is also addressing the problem of outdated FOIA regulations, albeit in a different manner. In its latest Open Government Partnership National Action Plan, the White House has committed (on paper, at least) to creating one "core FOIA regulation and common set of practices [that] would make it easier for requesters to understand and navigate the FOIA process and easier for the Government to keep regulations up to date." Transparency watchdogs went on alert this week after the Department of Justice's Director of Information Policy Melanie Pustay announced during her Senate testimony on March 11, 2014 that, "My office is leading that project" to create the White House-backed common regulation which, she estimated will be, "a one or two year project." Despite Pustay's pledge that she would accept input from OGIS and the requester community, her Department's history of crafting FOIA regulations has been anything but stellar.

As the Department of Justice and other agencies have demonstrated, new regulations do not necessarily make good regulations. As such, the National Security Archive has recommended that any updated FOIA regulations must: mandate that FOIA officers embrace direct communications with requesters; require agencies to receive requests by e-mail and post all responses and documents online; direct agencies to update their FOIA processing software so documents can be posted to any online repository, including the government-sponsored FOIAonline; encourage agencies to join FOIAonline to make their FOIA processing more cost-effective and efficient; stream-line inter and intra-agency "referral" black holes — and keep requesters abreast of where their requests are if the agency does have to refer them; include language encouraging use of the OGIS, which can help requesters and agencies mediate disputes to avoid animosity and costly litigation; end the practice of using fees to discourage FOIA requesters. The Office of Government Information Services — which reviews and comments on agency regulations as they are proposed — has also compiled a list of best practices for agencies to consider while crafting regulations. These include: "let the Freedom of Information Act itself" — and its presumption for disclosure — "be your guide;" bring attorneys, FOIA processors, records managers and IT pros to the table; include your plan for records management and preservation; and alert requesters of their option to contact OGIS for mediation and dispute resolution services.

A useful compilation of current agency FOIA regulation language — already on the books — put together by the Center of Effective Government also includes helpful guidelines on preventing the destruction of requested records; narrowly interpreting claims of confidential business information; and clarifying fee waivers and procedures. FOIA experts are currently working to craft model, pro-transparency, CFR-ready language that agencies — or the drafters of government-wide common regulations — can use to bring agencies' Freedom of Information Act regulations up to standard. Watch this space, and then watch the Code of Federal Regulations (CFR). "As the staffer who waded through every single federal agencies' FOIA website and CFR chapter to locate their — sometimes hidden — regulations, I learned FOIA officials often say they view their FOIA requesters as customers," said Archive researcher Lauren Harper, "I think easy to find, updated model FOIA regulations are the best way for agencies to demonstrate they truly value their customer service, and the spirit of the FOIA."

The National Security Archive has conducted thirteen FOIA audits since 2002. Modeled after the California Sunshine Survey and subsequent state "FOI Audits," the Archive's FOIA Audits use open-government laws to test whether or not agencies are obeying those same laws. Recommendations from previous Archive FOIA Audits have led directly to laws and executive orders which have: set explicit customer service guidelines, mandated FOIA backlog reduction, assigned individualized FOIA tracking numbers, forced agencies to report the average number of days needed to process requests, and revealed the (often embarrassing) ages of the oldest pending FOIA requests. The surveys include: