As you’ve likely read, NSA’s Chief Technology Officer has so little to keep him busy he’s also planning on working 20 hours a week for Keith Alexander’s new boondoggle.
Under the arrangement, which was confirmed by Alexander and current intelligence officials, NSA’s Chief Technical Officer, Patrick Dowd, is allowed to work up to 20 hours a week at IronNet Cybersecurity Inc, the private firm led by Alexander, a retired Army general and his former boss.
The arrangement was approved by top NSA managers, current and former officials said. It does not appear to break any laws and it could not be determined whether Dowd has actually begun working for Alexander, who retired from the NSA in March.
Dowd is the guy with whom Alexander filed 7 patents for work developed at NSA.
During his time at the NSA, Alexander said he filed seven patents, four of which are still pending, that relate to an “end-to-end cybersecurity solution.” Alexander said his co-inventor on the patents was Patrick Dowd, the chief technical officer and chief architect of the NSA. Alexander said the patented solution, which he wouldn’t describe in detail given the sensitive nature of the work, involved “a line of thought about how you’d systematically do cybersecurity in a network.”
That sounds hard to distinguish from Alexander’s new venture. But, he insisted, the behavior modeling and other key characteristics represent a fundamentally new approach that will “jump” ahead of the technology that’s now being used in government and in the private sector.
Presumably, bringing Dowd on board will both make Alexander look more technologically credible and let Dowd profit off all the new patents Alexander is filing for, which he claims don’t derive from work taxpayers paid for.
Capitalism, baby! Privatizing the profits paid for by the public!
All that said, I’m wondering whether this is about something else — and not just greed.
Yesterday, as part of a bankster cybersecurity shindig, one of Alexander’s big named clients, SIFMA, rolled out its “Cybersecurity Regulatory Guidance.” It’s about what you’d expect from a bankster organization: demands that the government give what it needs, use a uniform light hand while regulating, show some flexibility in case that light hand becomes onerous, and never ever hold the financial industry accountable for its own shortcomings.
Bullet point 2 (Bullet point 1 basically says the US government has a big role to play here which may be true but also sounds like a demand for a handout) lays out the kind of public-private partnership SIFMA expects.
Principle 2: Recognize the Value of Public–Private Collaboration in the Development of Agency Guidance
Each party brings knowledge and influence that is required to be successful, and each has a role in making protections effective. Firms can assist regulators in making agency guidance better and more effective as it is in everyone’s best interests to protect the financial industry and the customers it serves.
The NIST Cybersecurity Framework is a useful model of public-private cooperation that should guide the development of agency guidance. NIST has done a tremendous job reaching out to stakeholders and strengthening collaboration with financial critical infrastructure. It is through such collaboration that voluntary standards for cybersecurity can be developed. NIST has raised awareness about the standards, encouraged its use, assisted the financial sector in refining its application to financial critical infrastructure components, and incorporated feedback from members of the financial sector.
In this vein, we suggest that an agency working group be established that can facilitate coordination across the agencies, including independent agencies and SROs, and receive industry feedback on suggested approaches to cybersecurity. SIFMA views the improvement of cybersecurity regulatory guidance and industry improvement efforts as an ongoing process.
Effective collaboration between the private and public sectors is critical today and in the future as the threat and the sector’s capabilities continue to evolve.
Again, this public-private partnership may be necessary in the case of cybersecurity for critical infrastructure, but banks have a history of treating such partnership as lucrative handouts (and the principle document’s concern about privacy has more to do with hiding their own deeds, and only secondarily discusses the trust of their customers). Moreover, experience suggests that when “firms assist regulators in making agency guidance better,” it usually has to do with socializing risk.
In any case, given that the banks are, once again, demanding socialism to protect themselves, is it any wonder NSA’s top technology officer is spending half his days at a boondoggle serving these banks?
And given the last decade of impunity the banks have enjoyed, what better place to roll out an exotic counter-attacking cybersecurity approach (except for the risk that it’ll bring down the fragile house of finance cards by mistake)?
Alexander said that his new approach is different than anything that’s been done before because it uses “behavioral models” to help predict what a hacker is likely to do. Rather than relying on analysis of malicious software to try to catch a hacker in the act, Alexander aims to spot them early on in their plots.
One of the most recent stories on the JP Morgan hack (which actually appears to be the kind of Treasuremapping NSA does of other country’s critical infrastructure all the time) made it clear the banksters are already doing the kind of data sharing that Keith Alexander wailed he needed immunity to encourage.
The F.B.I., after being contacted by JPMorgan, took the I.P. addresses the hackers were believed to have used to breach JPMorgan’s system to other financial institutions, including Deutsche Bank and Bank of America, these people said. The purpose: to see whether the same intruders had tried to hack into their systems as well. The banks are also sharing information among themselves.
So clearly SIFMA’s call for sharing represents something more, probably akin to the kind of socialism it benefits from in its members’ core business models.
In the intelligence world, they use the term “sheep dip” to describe how they stick people subject to one authority — such as the SEALs who killed Osama bin Laden — under a more convenient authority — such as CIA’s covert status. Maybe that’s what’s really going on here: sheep dipping NSA’s top tech person into the private sector where his work will evade even the scant oversight given to NSA.
If SIFMA’s looking for the kind of socialistic sharing akin to free money, then why should we be surprised the boondoggle at the center of it plans to share actual tech personnel?
Update: Reuters reports the deal’s off. Apparently even Congress (beyond Alan Grayson, who has long had questions about Alexander’s boondoggle) had a problem with this.
Zacarias Moussaoui sent a letter to the judge presiding over a lawsuit against Jordanian Arab Bank, offering to testify against that bank and several Saudi banks that he says supported 9/11.
I want to testify against financial institutions such as Arab Bank, Saudi American Bank, the National Commercial Bank of Saudi Arabia for their support and financing of Usama bin Laden and Al Qaeda from the time of the Eastern Africa embassy bombing, U.S.S. Cole bombing and 9/11.
As Alison Frankel — who broke this story — noted, Moussaoui’s testimony would be inappropriate in the case in question, which found that Arab Bank funded Hamas.
But that’s not the most interesting part of her report (and Moussaoui’s letter). He claims the lawyers for the 9/11 victims have tried to meet with him in the SuperMax at Florence, CO, and also claims he sent a letter to the judge presiding over that case, where his testimony would be on point.
Moussaoui said that plaintiffs’ lawyers representing victims of the Sept. 11 attacks have requested permission to meet with him but that prison officials have denied the request. Moussaoui also claimed that he has previously offered to testify about al Qaeda financing in letters to the judge overseeing the Sept. 11 victims’ consolidated litigation, U.S. District Judge George Daniels of Manhattan, but that he does not know if the prison has mailed them. The docket in that case does not show any communications from Moussaoui, who was once named as a defendant by Sept. 11 victims.
The implication is that the Special Administrative Measures to which Moussaoui is subject may be preventing his letters from getting out or plaintiffs lawyers from being able to meet with him.
I’m not convinced Moussaoui would really have known about the financing of the 9/11 attack; from reports, al Qaeda kept the operation much better compartmented than that, and Khalid Sheikh Mohammed reportedly had real questions about the competence of Moussaoui (which is why he got others for the mission). Plus, Moussaoui’s been in solitary so long, it’s unclear how cogent he can be (though his letter sounds more cogent than some of what he sent during his own trial).
Still, I am curious whether the government has been using the SAMs imposed on Moussaoui as yet another way to bury larger Saudi complicity in the attacks.
In two posts concluding, ” the government might find a victory [in AIG's lawsuit] to be more costly than it anticipated,” Yves Smith digs out key details from AIG’s claims that in September 2008, the US illegally took it over.
I think Smith is intrigued by the additional evidence provided by the AIG complaint that the government took several actions that ensured it could use AIG as a bailout vehicle, including (in her second post), by not asking whether the counterparties would be willing to take a haircut.
Another stunning new allegation in the “Corrected Proposed Findings of Fact” document is that, in stark contrast with previous claims by the Fed, that only UBS was willing to take a haircut, it turns out the New York Fed only bothered talking to eight of the 16 counterparties (and then as we already know from the SIGTARP report on this issue, using a script that was delivered by junior staffers, as opposed to having Geithner or Paulson call and force them to take a haircut). Moreover, BlackRock, which was advising the Fed, believed that Bank of America and Goldman would be receptive to discounts.
But I’m particularly interested in what Treasury forestalled with its bailout: bailouts from sovereign wealth funds from Singapore, China, and some unnamed Middle Eastern funders. From the first post:
[The AIG complaint] argues that AIG was forced to take a bailout it didn’t need, that all that was required was a bridge loan until it could obtain private financing. That may sound like a howler. AIG was teetering on the verge of failure and needed to get a $14 billion bridge loan on September 16 (a Tuesday, the day after the Lehman bankruptcy) that in a few days rose to $37 billion simply to carry it through the weekend when the terms of the credit facility were finalized.
7.6 Defendant directly discouraged sovereign wealth funds from providing liquidity to AIG.
(a) Sovereign wealth funds, including the Government of Singapore Investment Corporation (GIC) and the Chinese Investment Corporation (CIC) expressed interest in investing in AIG (Studzinski Dep. 39:4-40:18, 133:11-19).
(b) Defendant discouraged the CIC and representatives of the Chinese Government from assisting AIG. At 12:25 p.m. on September 16, 2008, Taiya Smith, Paulson’s deputy chief of staff and executive secretary, informed Paulson’s chief of staff and Treasury Under Secretary for International Affairs David McCormick that the CIC was “prepared to make a big investment in AIG, but would need Hank to call [Chinese Vice Premier] Wang Qishan” (PTX 89 at 1; see also PTX 423 at 15-18). The Chinese “were actually willing to put up a little bit more than the total amount of money required for AIG” (PTX 423 at 16).
(c) On September 16, 2008, McCormick spoke to Paulson about the Chinese interest in investing AIG (PTX 423 at 16-17). McCormick then told Smith that Treasury “did not want the Chinese coming in at this point in time on AIG” (PTX 423 at 17).
(d) Later that day, Smith met with Chinese Government officials in California during Joint Commission on Commerce and Trade in Yorba Linda, California (PTX 423 at 16). During that meeting, “all [the Chinese officials] wanted to talk about was AIG” (PTX 423 at 17). Smith spent one or two hours explaining what was happening with AIG (PTX 423 at 18). She conveyed the message that Treasury did not want the Chinese to invest in AIG (PTX 423 at 17).
(e) On September 17, 2008, United States Senator Hillary Clinton called Paulson “on behalf of Mickey Kantor, who had served as Commerce secretary in the Clinton administration and now represented a group of Middle Eastern investors. These investors, Hillary said, wanted to buy AIG. ‘Maybe the government doesn’t have to do anything,’ she said” (PTX 706 at 279). Paulson told Senator Clinton, “this was impossible unless the investors had a big balance sheet and the wherewithal to guarantee all of AIG’s liabilities” (PTX 706 at 279). (numbered text page 17, PDF page 21)
The fact that the Singapore and Chinese sovereign wealth funds both were willing to invest in AIG, and that a separate group of Middle Eastern investors was also pressing to buy in, strongly undercuts the official story that the only way out for AIG was into the Fed’s arms. Yes, we don’t know exactly how much they were willing to put in and whether that would have been enough to make up the $85 billion size of the initial credit line.
But the Chinese statement was a clear general indication that “we’re willing and able to go big”.
In this telling, the US government bailed out AIG to prevent China (and Singapore and some of our “allies” in the Middle East) from bailing it out.
As Smith points out, there may well be good national security
Now one can argue there were reasons to turn down these offers. Having the Chinese, or consortium dominated by foreigners, could prove to be ugly. The US, after all, had just put Fannie and Freddie in conservatorship in large measure to reassure the Chinese and Japanese, who were large investors in Freddie and Fannie guaranteed paper, that they would not suffer losses. What if the Chinese government rescued AIG and the black hole turned out to be bigger than anyone though it was?
There is also the not-trivial issue that AIG is widely believed to provide legitimate-looking jobs to CIA assets all over the world. Would letting foreigners obtain control put that sort of information at risk?
While Smith believes these issues could have been addressed by having a consortium of foreigners take over AIG, I suspect Treasury would still regard it as having China take over our critical infrastructure. While I don’t get the finance bit like Smith does, it seems like having the monopoly insurer of excessive “capitalist” gambling in Chinese hands would have been the equivalent of letting them hold one of Wall Streets’ nuts for safe keeping.
Plus, I’ve long argued that the government had to bail out GM (though not Chrysler) for similar reasons. Had GM gone bankrupt, China would have bought up key parts of it, obtaining the key part of American’s manufacturing driver that China hasn’t already stolen by spying on DOD.
In both bailouts, I’d argue, the US had to intervene to prevent our biggest rival from basically taking large bites out of the critical heart to our economy, all operating under sound capitalist principles.
To stave that off, it appears — particularly if AIG’s claims have any basis in fact, which they appear to — the US embraced a command economy.
None of that’s a surprise. We’ve always forsworn capitalism when national interests dictated.
But given the ideology involved — given that this involved holding off a purported command economy threatening to gut our country using the tools of capitalism — it does seem worth noting.
This is one of the reasons I’m so intrigued by the apparent TREASUREMAPPING of JP Morgan Chase. Someone — it may be the Russians, but this kind of thing is easy to project — is treating JPMC as the ripe critical underbelly that it obviously is. The AIG bailout shows just how vulnerable we really are to such acts.
Former FBI Assistant Director apparently isn’t afraid to embarrass himself to fear monger for law enforcement.
That’s the only conclusion I can reach by his penning this op-ed, which still bears its original title in the URL.
In it, Ronald T. Hosko claimed shamelessly that if Apple had been employing its new encryption plans earlier this year, a kidnap victim the FBI rescued would be dead. The two nut paragraphs originally read,
It made no sense! As Hosko correctly explained, they solved this case with lawful intercepts of phone content.
Once we identified potential conspirators, we quickly requested and secured the legal authority to intercept phone calls and text messages on multiple devices.
Even if the kidnappers had a new iPhone, FBI would still go to precisely the same source they did go to — the telecom providers — to get the intercepts. The FBI never even had the actual phones of kidnappers in hand — except for the phone the gang leader used to direct the plot from prison, which he crushed before it could be investigated, a technology that has been available to thugs far longer than encryption has.
So it is quite clear that, had this technology been used by the conspirators in this case, the FBI would still have caught them, using precisely the same process they did use to catch them..
After Hosko got called on his false claims on Twitter, he made two corrections — first to this interim fallback. (h/t @empirical error for catching this)
That didn’t make any more sense, as they were tracing calls made from the kidnappers. Once they got close enough to examine their actual devices, they had the kidnappers. Now he has changed it to read:
Last week, Apple and Google announced that their new operating systemswill be encrypted by default. Encrypting a phone doesn’t make it any harder to tap, or “lawfully intercept” calls. But it does limit law enforcement’s access to a data, contacts, photos and email stored on the phone itself.
That kind information can help law enforcement officials solve big cases quickly. For example, criminals sometimes avoid phone interception by communicating plans via Snapchat or video. Their phones contain contacts, texts, and geo-tagged data that can help police track down accomplices. These new rules will make it impossible for us to access that information. They will create needless delays that could cost victims their lives.*
* Editors note: This story incorrectly stated that Apple and Google’s new encryption rules would have hindered law enforcement’s ability to rescue the kidnap victim in Wake Forest, N.C. This is not the case. The piece has been corrected.
Phew. Apparently all this surveillance technology is hard to keep straight, even for an experienced FBI guy. But the truly funny part of Hosko’s piece — now that he at least has some semblance of factual accuracy (though I think he’s still exaggerating about video and Snapchat) — is where he suggests that we should not avail ourselves of any technologies that make it easier on criminals.
If our cutting edge technologies are designed to keep important dots out of the hands of our government, we all might start thinking about how safe and secure we will be when the most tech-savvy, dedicated criminals exponentially increase their own success rates.
This would lead you to believe Hosko is unaware of the “cutting edge technology” that has probably kept more crime-solving information out of the hands of the government than any measly encryption: incorporation. Drug cartels, human traffickers, even dreaded banksters all use shell corporations as a favored technology to not only hide the evidence of their crime, but to dodge accountability if it ever is discovered. That snazzy technology, the corporation, has empowered criminals far more than cell phone encryption — with all the possible workarounds — will ever do.
Yet if you called for eliminating a beneficial technology like the corporation just because criminals also happen to find it useful, people would consider you batshit insane. It would be a totally disproportionate measure, trading away real benefits in the name of relative but not absolute safety.
But hey! Hosko has already embarrassed himself. So if he feels like doing so again, by all means, I implore him to call for the elimination of the corporation — or even just a few of the exotic financial tools that the most dangerous financial criminals use.
After all, it will make us safer!
The handling of the BALCO series of investigations, both by lead investigator Jeff Novitsky and the US Attorneys office, has been relentlessly aggressive and marked by dubious, at best, tactics. Considering that the DOJ, during the entire time period, could not find the resources to prosecute the banksters who brought down the entire economy, BALCO was one of the most hideous wastes of taxpayer money imaginable.
Remarkably, the questionable tactics by DOJ may well be raising their ugly head yet again. Bonds’ appeal in the 9th Circuit is a somewhat mundane legal issue that has been fully briefed on the en banc petition for the better part of a year. The en banc hearing, before KOZINSKI, Chief Judge; and REINHARDT, O’SCANNLAIN, GRABER, WARDLAW, W. FLETCHER, RAWLINSON, CALLAHAN, N.R. SMITH, NGUYEN and FRIEDLAND, Circuit Judges is set for 2:00 pm tomorrow, Thursday September 18, 2014
Yet, less than 48 hours before the en banc rehearing is scheduled to commence, the DOJ has suddenly, and mysteriously, lodged sealed filings at 8:00 pm last night. These are Docket Numbers 64 and 65 respectively:
Filed UNDER SEAL Appellee USA motion to file a letter to the court under seal (PANEL). Deficiencies: None. Served on 09/16/2014.  (JFF)
Filed UNDER SEAL Appellee USA letter dated 09/16/2014 re: constructive amendment argument. (PANEL) Paper filing deficiency: None.  (JFF)
Here is Bonds’ Petition for Rehearing En Banc. Here is the previous panel decision in the 9th Circuit. If you don’t want to bother with the full pleadings, this article from the Orange County Breeze gives a nice synopsis of the scope of the en banc proceeding for Bonds.
As can quickly be discerned, the appeal centers really on common statutory interpretation as applied to the facts in the public trial record. The issue is whether there was sufficient evidence to convict Bonds because his statement describing his life as a celebrity child — in response to a question asking whether his trainer ever gave him any self-injectable substrances — was evasive, misleading, and capable of influencing the grand jury to minimize the trainer’s role in the distribution of performance enhancing drugs, and whether, under the law, that can properly constitute obstruction. I wrote an extensive piece arguing the weakness and infirmities of the verdict at the time it was handed down by the jury. Which is when the jury also acquitted Bonds of all the substantive underlying perjury counts.
Yes, the appeal is really that simple. So why, pray tell, does the DOJ need to be interjecting last minute sealed documents? What possible need could there be for anything to be sealed for this mundane criminal appeal? There may be a valid explanation, but it is nearly impossible to fathom what it could be.
I am willing to bet Bonds’ attorneys, Allen Ruby and Dennis Riordan, must be apoplectic.
UPDATE: Well well, I am sitting in Alice Cooperstown having lunch, waiting for my preliminary hearing to reconvene, and Josh Gerstein just sent me the answer to the question of this post. YES! Indeed the sealed filings are a slimy last minute trick pulled by the DOJ. DOJ was trying to insert grand jury testimony from the aforementioned government BALCO investigator, Jeff Novitsky, into the appeal when it has never, at any point of the proceedings, whether in the trial court or 9th Circuit, been part of the record or indictment.
Here is the responsive pleading just filed by Bonds’ attorney Dennis Riordan. Here is the pertinent part:
The grand jury transcripts referred to in the government’s motion and letter are not part of the record on appeal. Had they been before the district court in any form, the proper method of adding them to the appellate record would have been by means of a timely motion to correct or modify the record under Rule 10(e) of the Federal Rules of Appellate Procedure. The transcripts which are the subject of the government’s motion, however, were never placed before the district court in either pretrial, trial, or post-trial proceedings. Notably, the declaration of AUSA Merry Jean Chan which accompanies the government’s motion makes no claim that the transcripts were filed with the district court. “Papers not filed with the district court or admitted into evidence by that court are not part of the clerk’s record and cannot be part of the record on appeal.” Kirshner v. Uniden Corp. of Am., 842 F.2d 1074, 1077 (9th Cir. 1988) (citing, inter alia, United States v. Walker, 601 F.2d 1051, 1054–55 (9th Cir.1979)).
Should the Court nonetheless wish to consider the transcripts in question, they fully support Mr. Bonds’s argument that the district court constructively amended the indictment by instructing on “Statement C” as a basis for conviction on the Count Five obstruction count, although that statement was not contained in the indictment. In his testimony, in discussing Statement C, then labeled “Statement F” before the grand jury, Novitsky admitted that Mr. Bonds had responded to the pending question—“Did Greg ever give you anything that required a syringe to inject yourself with?”—with a “denial” before veering off into a digression about “being a celebrity child.” (RT of February 3, 2011, at 110.) Novitsky’s admission that the prosecutor’s question was in fact answered by Mr. Bonds constituted a good reason why the grand jury would not have relied on Statement C in indicting on the obstruction charge. The only manner of accurately ascertaining whether a grand jury relied on an act in indicting is by the inclusion of that act in the indictment itself. Here, Statement C was expressly excised from the indictment by the use of asterisks. See Appellant Bonds’s Petition for Rehearing En Banc, at 16.
Hilarious. DOJ tries a patently inappropriate punk move and Dennis Riordan turns it around to bite them in the butt. Quite well deserved. You have to hand it to the DOJ in the BALCO cases, they are nothing if not consistently ethically dubious.
Greek shipping magnate Victor Restis is suing the group for defamation, claiming they falsely accused him of being an Iranian front.
The group said it had uncovered a letter proving there was a plan to do business in Iran. It also accused Mr. Restis of using his ships in support of Iran’s oil industry.
Mr. Restis said the letter was fraudulent, the illicit Iranian deal never existed, and his ships made only authorized humanitarian shipments. He accused the group of shaking down companies for donations; the group in turn accused him of being a “master criminal.”
The group said it based its accusations on “valid research, credible documents, distinguished relationships, and pre-eminent sourcing.” In court, Mr. Restis demanded that the group disclose those documents and its relationships.
Soon after that demand, Mr. Restis said he was approached by an Israeli businessman, Rami Ungar, with no direct connection to United Against Nuclear Iran.
According to court documents filed by Mr. Restis’s lawyers, Mr. Ungar knew details about the case and said he was “authorized to try to resolve the issues” on behalf of the group’s supporters.
It was not clear who those supporters were. Like many nonprofit groups, its donor list is secret. Mr. Restis’s lawyers said in a letter to the judge in April that they had uncovered information that United Against Nuclear Iran “is being funded by foreign interests.”
DOJ suggested they might claim a law enforcement exception to protect the files, though it has not yet formally claimed such a privilege. That might suggest the files are Treasury files that may soon be used to impose sanctions on Restis. Or perhaps it means they have files that don’t meet Treasury’s standards for imposing sanctions, and UANI exists to shame people where sanctions are unavailable. In any case, Restis wants to know how Ungar got them; I’d like to know precisely what UANI is getting from whom.
Apuzzo lists some of the characters who are behind the group: former Mideast Peace Envoy Dennis Ross, Fran Townsend, and Joe Lieberman. Otto Reich, whose role in Iran-Contra (as opposed to his role in trying to overthrow Hugo Chavez in the 2002 coup) involved illegally funneling taxpayer dollars for the purposes of lobbying, is of particular note. Restis is particularly interested in interviewing UANI advisor Meir Dagan, the long-time head of Mossad; Restis believes Dagan provided the documents to Ungar. In addition, Richard Dearlove, who was in charge of sexing up the British case for war in 2003 when he was MI6, also advises the group.
in other words, it’s a classic case of a quasi-governmental group, one that apparently plays an extra-legal purpose in the campaign to isolate Iran (to be fair, most, though not all, of its advisors have worked hard to stave off war). And Restis’ efforts to get some kind of justice against it may be stymied by US claims they’ve got privileged interests in the case.
The entire episode raises some very good questions about what goes into isolating our adversaries.
In a JustSecurity post reviewing the same speech that I observed ignored US failures to prevent violent extremism, NYU Professor Samuel Rascoff defends the US use of counterterrorism stings, even in spite of the details revealed by HRW’s report on all the problems related to them. David Cole has an excellent response, which deals with many of the problems with Rascoff’s argument.
I’d like to dispute a more narrow point Rascoff made when he suggested that, because we have so many fewer trained militants than the Europeans, we “can afford” the “luxury” of stings.
There are now approximately 3,000 European passport holders fighting in Syria and Iraq. In the time that it took Najibullah Zazi to drive from Denver to New York, a fighter could drive from Aleppo to Budapest. What that means is that European officials are relatively more consumed than American counterparts in keeping up with, and tabs on, trained militants. Orchestrating American-style sting operations is, in a sense, a luxury they cannot afford.
The claim is astonishing on its face, in that it suggests that, because we don’t have real militants like Europe does, we should engage in the “luxury” of entrapping confused young Muslim men and sending them to expensive decades-long prison terms.
Think a bit more about that notion of “luxury” and the financial choices we make on law enforcement. Here are some numbers taken from two sources: the HRW report (I basically searched on the dollar sign, though this doesn’t include every mention of dollars) and today’s Treasury settlement with Bank of America for helping 10 drug kingpins launder their money over a four year period, three years of which constituted “egregious” behavior.
First, HRW reports that FBI spends over $1.3 billion a year on counterterrorism, much of it stings, leaving less than $2 billion for all other investigations.
More than 40 percent of the FBI’s operating budget of $3.3 billion is now devoted to counterterrorism.
That allows the FBI to pay some of its informants and experts hefty sums.
Beginning in August 2006, the FBI paid Omar $1,500 per week during the investigation. Omar received a total of $240,000 from the FBI. This included: $183,500 in payment unrelated to expenses, and $54,000 for expenses incurred during the investigation including car repair and rent.
“Kohlmann is an expert in how to use the Internet, like my 12-year-old. He has found all the bad [stuff] about Islam, and testifies as if what he is reading on the Internet is fact. He was paid around $30,000 to look at websites, documents, and testify.”
These informants sometimes promise — but don’t deliver — similar hefty sums to the guys they’re trying to entrap.
Forty-five-year-old James Cromitie was struggling to make ends meet when, in 2009, FBI informant Hussain offered him as much as $250,000 to carry out a plot which Hussain—who also went by “Maqsood”—had constructed on his own.
The informant proposed to lend Hossain $50,000 in cash so long as he paid him back $2,000 monthly until he had paid back $45,000.
Which is particularly important because many of these guys are quite poor (and couldn’t even afford to commit the crimes they’re accused of).
At the time he was in contact with the informant and the undercover [agent] he was living at home with his parents in Ashland and he didn’t have a car, he didn’t have any money and he didn’t have a driver’s license because he owed $100 and he didn’t have $100 to pay off the fine. In various parts of the investigation he didn’t have a laptop and he didn’t have a cellphone. At one point the informant gave him a cell phone.
And some of these crimes (the very notable exceptions in the HRW report include two material support cases, both of which are close calls on charity designations, but which involved very large sums, $13 million a year in the case of Holy Land Foundation) involve relatively minscule sums.
According to the prosecution, Mirza was the ringleader in collecting around $1,000—provided by the FBI agents and co-defendant Williams—that he handed to a middleman with the intent that it go to families of Taliban fighters.
So one theme of the HRW report is we’re spending huge amounts entrapping what are often poor young men in miniscule crimes so taxpayers can pay $29,000 a year to keep them incarcerated for decades.
These are the stakes for what Rascoff calls a “luxury.” At a time of self-imposed austerity, these stings are, indeed, a luxury.
Compare that to what happens to Bank of America, which engaged in “egregious” violations of bank reporting requirements for three years (and non-egregious ones for a fourth), thereby helping 10 drug kingpins launder their money. No one will go to jail. Bank of America doesn’t even have to admit wrong-doing. Instead, it will have to pay a $16.5 million fine, or just 0.14% of its net income last year.
This settlement came out of a Treasury investigation, not an FBI one.
But when DOJ’s Inspector General investigated what FBI did when it was given $196 million between 2009 and 2011 to investigate (penny ante) mortgage fraud, FBI’s focus on the issue actually decreased (and DOJ lied about its results). When FBI decided to try to investigate mortgage fraud proactively by using undercover operations, like it does terrorism and drugs, its agents just couldn’t figure out how to do so (in many cases Agents were never told of the effort), so the effort was dropped.
Banks commits crimes on a far grander scale than most of these sting targets. But FBI throws the big money at its counterterrorism stings, and not the banks leaching our economy of its vitality.
Rascoff accuses HRW’s and similar interventions of being one-dimensional.
[F]or all the important questions about official practices that critics raise, they have tended to ignore some hard questions about the use of stings and the tradeoffs they entail.Instead, their interventions have an exaggerated, one-dimensional quality to them.
But he himself is guilty of his own crime. Because every kid the FBI entraps in a $240,000 sting may represent an actual completed bank crime that will never be investigated. It represents an opportunity cost. The choice is not just sting or no sting or (more accurately, as David Cole points out) sting or community outreach and cooperation.
Rather, the choice is also between manufacturing crimes to achieve counterterrorism numbers or investigating real financial crimes that are devastating communities.
So long as we fail to see that tradeoff, we fail to address one major source of the economic malaise that fuels other crimes.
Ignoring bank crimes is, truly, something we don’t have the luxury of doing. Nevertheless, we continue to choose to go on doing so, even while engaging in these “luxurious” counterterrorism stings that accomplish so little.
A group of privacy and security organizations have just sent President Obama a letter asking him to issue a veto threat over the Cybersecurity Information Sharing Act passed out of the Senate Intelligence Committee last week. It’s a great explanation of why this bill sucks and doesn’t do what it needs to to make us safer from cyberattacks. It argues that CISA’s exclusive focus on information sharing — and not on communications security more generally — isn’t going to keep us safe.
Which is why it really pays to look at the role of SIFMA — the Securities Industry and Financial Markets Association – in all this.
As I’ve noted, they’re the banksters whom Keith Alexander is charging big bucks to keep safe. As Bloomberg recently reported, Alexander has convinced SIFMA to demand a public-private cyber war council, involving all the stars of revolving door fearmongering for profit.
Wall Street’s biggest trade group has proposed a government-industry cyber war council to stave off terrorist attacks that could trigger financial panic by temporarily wiping out account balances, according to an internal document.
The proposal by the Securities Industry and Financial Markets Association, known as Sifma, calls for a committee of executives and deputy-level representatives from at least eight U.S. agencies including the Treasury Department, the National Security Agency and the Department of Homeland Security, all led by a senior White House official.
The trade association also reveals in the document that Sifma has retained former NSA director Keith Alexander to “facilitate” the joint effort with the government. Alexander, in turn, has brought in Michael Chertoff, the former U.S. Secretary of Homeland Security, and his firm, Chertoff Group.
Public reporting positions SIFMA as the opposition to the larger community of people who know better, embracing this public-private war council approach.
Kenneth Bentsen, chief executive at the Securities Industry and Financial Markets Association, said in a statement that leaders of the Senate Intelligence panel who wrote the bill have “taken a balanced and considered approach which will help the financial services industry to better protect our customers from cyber terrorists and criminals, as well as their privacy.”
According to the same banksters who crashed our economy 6 years ago, this bill is about protecting them at the expense of our privacy and rule of law.
Cyber attacks are increasingly a major threat to our financial system. As such, enhancing cyber security is a top priority for the financial services industry. SIFMA believes we have an obligation to do everything possible to protect the integrity of our markets and the millions of Americans who use financial services every day.
However, the threat increases every day. SIFMA and its members have undertaken additional efforts to develop cyber defense standards for the securities industry sector as a follow on to the recently published NIST standards. And we are developing enhanced recovery protocols for market participants and regulators in the event of an attack that results in closure of the equity and fixed income markets. We are undertaking this work in close collaboration with our regulators and recently held a meeting to brief them on our progress. And, we plan to increase our efforts even further as the risks are too great for current efforts alone.
We know that a strong partnership between the private sector and the government is the most efficient way to address this growing threat. Industry and investors benefit when the private sector and government agencies can work together to share relevant threat information. We would like to see more done in Congress to eliminate the barriers to legitimate information sharing, which will enable this partnership to grow stronger, while protecting the privacy of our customers.
This is not — contrary to what people like Dianne Feinstein are pretending — protecting the millions who had their credit card data stolen because Target was not using the cyberdefenses it put into place.
Rather, this is about doing the banksters’ bidding, setting up a public-private war council, without first requiring them to do basic things — like limiting High Frequency Trading — to make their industry more resilient to all kinds of attacks, from even themselves.
Meanwhile, if that’s not enough indication this is about the bankstsers, check out what Treasury Secretary Jack Lew is doing this afternoon.
In the afternoon, the Secretary will visit Verizon’s facilities in Ashburn, Virginia to discuss cybersecurity and highlight the important role of telecommunications companies in supporting the financial system.
Just what we need: our phone provider serving the interests of the financial system first.
DiFi wants to make it easier to spy on Americans domestically to help private companies that have already done untold damage to Main Street America. We ought to be protecting ourselves from them, not degrading privacy to subsidize their insecure practices.
I’ve been tracking Keith Alexander’s utterly predictable new gig, getting rich off of having drummed up cybersecurity concerns for the last several years, while at the same time shacking up with the most dubious of shadow bank regulators, Promontory Financial Group.
Apparently, I’m not the only one. Alan Grayson just sent some of the entities that Alexander has been drumming up business with — the Security Industries and Financial Markets Association, Consumer Bankers Association, and Financial Services Roundtable — a letter asking how the former NSA Director can be making a reported $600,000 a month. He cites Bruce Schneier wondering whether part of the deal is that Alexander will share classified information he learned while at NSA.
Security expert Bruce Schneier noted that this fee for Alexander’s services is on its face unreasonable. “Think of how much actual security they could buy with that $600K a month.Unless he’s giving them classified information.” Schneier also quoted Recode.net, which headlined this news as: “For another million, I’ll show you the back door we put in your router.”
Disclosing or misusing classified information for profit is, as Mr. Alexander well knows, a felony. I question how Mr. Alexander can provide any of the services he is offering unless he discloses or misuses classified information, including extremely sensitive sources and methods. Without the classified information that he acquired in his former position, he literally would have nothing to offer to you.
Please send me all information related to your negotiations with Mr. Alexander, so that Congress can verify whether or not he is selling military and cybersecurity secrets to the financial services industry for personal gain.
Alexander is just the latest of a long line of people who profit directly off driving up the cybersecurity threat. But — as Recode.net notes — he’s also got the kind of inside information that could be particularly valuable.
As the Intelligence Industrial Complex and the Banking industry hop into bed together, there ought to be some transparency about just what kind of deals are being made. There’s simply too much immunity handed out to this community to let boondoggles like Alexander’s slide.
The intelligence community is subjecting every low level clearance holder to intense scrutiny right now. But thus far, there has not been a peep from those quarters that the former DIRNSA could command these fees for the expertise gained while overseeing the nation’s secrets.
Bloomberg provides more details on how much: his asking price starts at $1M a month, from which he negotiates down to a mere $600,000.
Alexander, 62, said in the interview he was invited to give a talk to the Securities Industry and Financial Markets Association, known as Sifma, shortly after leaving the NSA and starting his firm, IronNet Cybersecurity Inc. He has met with other finance groups including the Consumer Bankers Association, the Financial Services Roundtable and The Clearing House.
At the sessions, Alexander discussed destructive computer programs such as Wiper, which the U.S. government said was notable because attacks using it appeared to originate from North Korea and Iran. “I told them I did think they could defend against that,” Alexander said.
Still, despite the banks’ growing investments in computer security, Alexander said, “many of them aren’t really confident they’re getting their money’s worth.”
Alexander offered to provide advice to Sifma for $1 million a month, according to two people briefed on the talks. The asking price later dropped to $600,000, the people said, speaking on condition of anonymity because the negotiation was private.
Alexander declined to comment on the details, except to say that his firm will have contracts “in the near future.”
The article talks in terms of the DDoS attacks launched against US bank websites last year, as well as Wiper, which is allegedly tied to the StuxNet family (and therefore is something with which ALexander ought to be intimately familiar).
What he doesn’t seem to be promising he can fix are things like the recent hack of a hedge fund’s High Frequency Trading algorithms (about which I am simply failing not to laugh hysterically at … sorry, hedgies).
No wonder the banks doubt they’re getting their money’s worth.
It’s hard to read this as anything but a scam. Not only has Alexander spent the last year talking up the risk of cyberattacks, not only has he had access to whatever bank secrets haven’t been encrypted for the last 8 years, plus the double dipping in SWIFT databases. But he also knows what holes NSA hasn’t fixed.
Ultimately, though, this all serves to obscure the fact that these banks are rickety all by themselves, with or without a hacker’s help (which is one reason I’m laughing at that HFT hack). There’s only so much you can do to harden that target, and the banks won’t do it.