Intelligence

1 2 3 88

JPMorgan’s Form 8-K to Investors: We’ve Been Hack-Mapped!

EW-blog_JPM-5DayChart_03OCT2014JPMorgan’s Form 8-K filed on Thursday with the Securities and Exchange Commission advises:

On October 2, 2014, JPMorgan Chase & Co. (“JPMorgan Chase” or the “Firm”) updated information for its customers, on its Chase.com and JPMorganOnline websites and on the Chase and J.P. Morgan mobile applications, about the previously disclosed cyberattack against the Firm. The Firm disclosed that:

• User contact information – name, address, phone number and email address – and internal JPMorgan Chase information relating to such users have been compromised.

• The compromised data impacts approximately 76 million households and 7 million small businesses.

• However, there is no evidence that account information for such affected customers – account numbers, passwords, user IDs, dates of birth or Social Security numbers – was compromised during this attack.

• As of such date, the Firm continues not to have seen any unusual customer fraud related to this incident.

• JPMorgan Chase customers are not liable for unauthorized transactions on their account that they promptly alert the Firm to.

The Firm continues to vigilantly monitor the situation and is continuing to investigate the matter. In addition, the Firm is fully cooperating with government agencies in connection with their investigations.

According to ZDNet, a forensic security firm suggests the bank’s users’ accounts are now at greater risk of compromise and that password changes and two-factor authentication should be implemented to address the risk.

However, the 8-K’s wording indicates a different security risk altogether as the users’ passwords and Social Security numbers are not compromised.

The disclosure of information compromised combined with earlier reporting about the breach more closely matches a description of that collected by National Security Agency’s TREASURE MAP intelligence collection program. TREASURE MAP gathered information about networks including nodes, but not data created by users at the end nodes of the network. The application delineated the path to the ends. and physical ends, not merely virtual ends of the network. Continue reading

Law Enforcement’s Apple Security Hysteria: About Border Searches?

Border Zone MapAs I noted the other day, Apple just rolled out – and Google plans to match with its next Android release — passcode protected encryption for its cell phone handsets.

Last night WSJ had a story quoting some fairly hysterical law enforcement types complaining mightily not just that Apple is offering its customers security, but that it is a marketing feature.

Last week’s announcements surprised senior federal law-enforcement officials, some of whom described it as the most alarming consequence to date of the frayed relationship between the federal government and the tech industry since the Snowden revelations prompted companies to address customers’ concerns that the firms were letting—or helping—the government snoop on their private information.

Senior U.S. law-enforcement officials are still weighing how forcefully to respond, according to several people involved in the discussions, and debating how directly they want to challenge Apple and Google.

One Justice Department official said that if the new systems work as advertised, they will make it harder, if not impossible, to solve some cases. Another said the companies have promised customers “the equivalent of a house that can’t be searched, or a car trunk that could never be opened.”

Andrew Weissmann, a former Federal Bureau of Investigation general counsel, called Apple’s announcement outrageous, because even a judge’s decision that there is probable cause to suspect a crime has been committed won’t get Apple to help retrieve potential evidence. Apple is “announcing to criminals, ‘use this,’ ” he said. “You could have people who are defrauded, threatened, or even at the extreme, terrorists using it.”

I think the outrage about the stated case — that law enforcement will not longer be able to have Apple unlock a phone with a warrant — is overblown. As Micah Lee points out, the same data will likely be available on Apple’s Cloud.

But despite these nods to privacy-conscious consumers, Apple still strongly encourages all its users to sign up for and use iCloud, the internet syncing and storage service where Apple has the capability to unlock key data like backups, documents, contacts, and calendar information in response to a government demand. iCloud is also used to sync photos, as a slew of celebrities learned in recent weeks when hackers reaped nude photos from the Apple service. (Celebrity iCloud accounts were compromised when hackers answered security questions correctly or tricked victims into giving up their credentials via “phishing” links, Cook has said.)

And the stuff that won’t be on Apple’s Cloud will largely be available from a user’s phone provider — AT&T and Verizon will have call records and texts, for example. So one effect of this will be to put warrant decisions into a review process more likely to be scrutinized (though not in the case of AT&T, which has consistently proven all to happy to share data with the Feds).

Which is why I think the hysteria is either overblown or is about something else.

It may be that this prevents NSA from getting into handsets via some means we don’t understand. Matthew Green lays out how this change will bring real security improvement to your phone from all matter of hackers.

But the most immediate impact of this, I suspect, will be seen at borders — or rather, the government’s expansive 100 mile “border zone,” which incorporates roughly two-thirds of the country’s population. At “borders” law enforcement works under a warrant exception that permits them to search devices — including cell phones — without a warrant, or even any articulable suspicion.

And while it is the case that really aggressive security wonks can and do encrypt their phones now, it is not the default. Which means most people who cross an international border — or get stopped by some authority in that border zone — have their phone contents readily available to those authorities to search. Authorities routinely use their expanded border authority to obtain precisely the kinds of things at issue here, without any suspicion. The terrorist watchlist guidelines (see page 68), for example, note that border encounters may provide evidence from “electronic media/devices observed or copied,” including cell phones.

In 2011, DHS whipped out similarly hysterical language about what horribles actually requiring suspicion before searching a device might bring about.

[A]dding a heightened [suspicion-based] threshold requirement could be operationally harmful without concomitant civil rights/civil liberties benefit. First, commonplace decisions to search electronic devices might be opened to litigation challenging the reasons for the search. In addition to interfering with a carefully constructed border security system, the litigation could directly undermine national security by requiring the government to produce sensitive investigative and national security information to justify some of the most critical searches. Even a policy change entirely unenforceable by courts might be problematic; we have been presented with some noteworthy CBP and ICE success stories based on hard-to-articulate intuitions or hunches based on officer experience and judgment. Under a reasonable suspicion requirement, officers might hesitate to search an individual’s device without the presence of articulable factors capable of being formally defended, despite having an intuition or hunch based on experience that justified a search.

That is, DHS thinks it should be able to continue to search your phone at the border, because if it had to provide a rationale — say, to get a warrant — it might have to disclose the dodgy watchlisting policies that it uses to pick whose devices to search without any cause.

In other words, I’m arguing that the most immediate impact of this will be to lessen the availability of data increasingly obtained without a warrant, and given that the alternate means — administrative orders and warrants — require actual legal process, may mean these things will not be available at all.

If I’m right, though, that’s not a technical impediment. It’s a legal one, one which probably should be in place.

Update: Argh! This is even worse fear-mongering. A former FBI guy says he used intercepted communications to find kidnappers.

Once we identified potential conspirators, we quickly requested and secured the legal authority to intercept phone calls and text messages on multiple devices.

Then claims losing an entirely unrelated ability to search — for data stored on, and only on, handsets — would have prevented them from finding that kidnap victim.

Last week, Apple and Android announced that their new operating systemswill be encrypted by default. That means the companies won’t be able to unlock phones and iPads to reveal the photos, e-mails and recordings stored within.

It also means law enforcement officials won’t be able to look at the range of data stored on the device, even with a court-approved warrant. Had this technology been used by the conspirators in our case, our victim would be dead.

Instead of proving this guy would be dead, the story instead proves that this is not the most pressing information.

Obama Starts Syrian Bombing using Cover of Khorasan Claims

Last night, President Obama said the word “imminent” and started bombing Syria.

It appears the legal logic behind the attack (besides the fact that Congress hurriedly approved funding for war through December so it could get back to the campaign trail) is that in addition to striking ISIS in Syria (an attack we don’t have any reasonable  legal justification for) we are also attacking a group that James “Too Cute by Half” Clapper just rolled out, “Khorasan,” which unlike ISIS has not been kicked out of Al Qaeda and therefore might be targetable under the 2001 AUMF.

In spite of the fact that DOD allegedly had these Khorasan plans already in place, sources apparently felt like it’d be a good idea to alert them by telling Ken Dilanian they were the hot new thing just 10 days ago.

While the Islamic State group is getting the most attention now, another band of extremists in Syria — a mix of hardened jihadis from Afghanistan, Yemen, Syria and Europe — poses a more direct and imminent threat to the United States, working with Yemeni bomb-makers to target U.S. aviation, American officials say.

At the center is a cell known as the Khorasan group, a cadre of veteran al-Qaida fighters from Afghanistan and Pakistan who traveled to Syria to link up with the al-Qaida affiliate there, the Nusra Front.

Today’s continuation of that narrative appears in CNN (and ABC, which I won’t link to because of their infernal auto-play ads), which doesn’t ask how the US hoped to surprise Khorasan if they had just rolled them out as the big new boogeymen.

Among the targets of U.S. strikes across Syria early Tuesday was a collection of buildings to the west of Aleppo, some distance from ISIS strongholds.

While the United States worked with Arab partners to attack ISIS targets, the U.S. military alone took aim at the Khorasan Group, an organization formed by senior al Qaeda members based in Pakistan who traveled to Syria, CNN national security analyst Peter Bergenhas reported.

“Khorasan” is an ancient term for an Islamic empire.

The sites the United States struck overnight included “training camps, an explosives and munitions production facility, a communication building and command and control facilities,” the military said in a statement.

The group was actively plotting against a U.S. homeland target and Western targets, a senior U.S. official told CNN on Tuesday. The United States hoped to surprise the group by mixing strikes against it with strikes against ISIS targets.

The official said the group posed an “imminent” threat. But another U.S. official later said the threat was not imminent in the sense that there were no known targets or attacks expected in the next few weeks.

The plots were believed to be in an advanced stage, the second U.S. official said. There were indications that the militants had obtained materials and were working on new improvised explosive devices that would be hard to detect, including common hand-held electronic devices and airplane carry-on items such as toiletries.

The threat of Ibrahim al-Asiri –who with one bomb that could not have worked and several more claimed attacks identified by double agents in Saudi employ not only created the excuse for millions of dollars in TSA scanner profits, but also the ability to label Yemen an “imminent” threat and therefore bomb it — has moved to Syria.

Label the country an “imminent” threat. Then bomb.

In Obama’s statement, he emphasized the Khorasan tie.

Some questions smart people have been asking:

Micah Zenko: If Khorasan group was truly an imminent threat, why would the US delay bombing them just so they could bomb ISIS simultaneously?

Gregory Johnsen: Are people asking why a group calling itself “khurasan” is basing itself in Syria? Or is this just a USG name for a cell?

Spencer Ackerman: Why did a senior official say, just yesterday, that Khorasan was not an imminent threat.

Also:  Why was Asiri claimed to be helping ISIS back in July?

The sources on which this latest justification relies seem to be people — James Clapper and Mike Rogers are two — who have a somewhat strained relationship with the truth and a very cozy relationship with disinformation. Moreover, Congress still hasn’t been briefed on the covert ops (which both Clapper and Rogers do know about) that the CIA has been working, with their Saudi partner, in Syria.

But we’ve got some claim to “imminent” now, so it’s all good.

Treasure Map: It’s About Location, Not Gold

Der Spiegel and The Intercept published collaborative reporting this weekend on another Snowden document — this one referring to a National Security Agency program named TREASURE MAP.

The most chilling part of this reporting is a network engineer’s reaction (see here on video) when he realizes he is marked or targeted as a subject of observation. He’s assured it’s not personal, it’s about the work he does – but his reaction still telegraphs stress. An intelligence agency can get to him, has gotten to him; he’s touchable.

The truth is that almost any of us who follow national security, cyber warfare, or information technology are potential subjects depending on our work or play.

The metadata we generate is only part of the observation process; it provides information about our individual patterns of behavior, but may not actually disclose where we are.

TREASURE MAP goes further, by providing the layout of the network on which any of us are generating metadata. But there is some other component either within TREASURE MAP, or within a complementary tool, that provides the physical address of any networked electronic device.

The NSA has the ability to track individuals not only by Internet Protocol addresses (IP addresses), but by media access control addresses (MAC addresses), according a recent interview with Snowden by James Bamford in Wired. This little nugget was a throwaway; perhaps readers already assumed this capability has existed, or didn’t understand the implications:

…But Snowden’s disenchantment would only grow. It was bad enough when spies were getting bankers drunk to recruit them; now he was learning about targeted killings and mass surveillance, all piped into monitors at the NSA facilities around the world. Snowden would watch as military and CIA drones silently turned people into body parts. And he would also begin to appreciate the enormous scope of the NSA’s surveillance capabilities, an ability to map the movement of everyone in a city by monitoring their MAC address, a unique identifier emitted by every cell phone, computer, and other electronic device.

[emphasis added]

In simple terms, IP addresses are like phone numbers — they are assigned. They can be static; a printer on a business network, for example, may be assigned a static address to assure it is always available to accept print orders at a stationary location. IP addresses may also be dynamic; if there’s an ongoing change in users on a network, allowing them to use a temporary address works best. Think of visits to your local coffee shop where customers use WiFi as an example. When they leave the premise, their IP address will soon revert to the pool available on the WiFi router. Continue reading

ISIS Fearmongering Now Features Undeclared Syrian Toxins Changing Hands

Today’s New York Times wants us to be very afraid because Samantha Power tells us that Syria may have failed to declare some of its chemical weapons (all declared category 1 materials have been destroyed) and those materials just might fall into the hands of the ISIS evil monsters.  This is a very interesting development because now with ISIS as the most evil operator out there, the Syrian WMD’s that we have been fearmongering about now are scarier in the hands of ISIS than they are in the hands of Bashar al-Assad, whom many believe was responsible for the deadly August, 2013 sarin attack in Ghouta.

The long journey of Syrian WMD’s and just who makes them scary is a case study in the process of intelligence and diplomatic sources feeding propaganda to a willing press. Recall that just after the Ghouta attack, Joby Warrick was used,  in a very Judy Miller fashion, to try to develop fear of a probably non-existent Syrian bioweapons capability. Less than a month after that feeble attempt to claim bioweapons in Syria’s arsenal, Warrick was dumbfounded that ricin (see below for a description of this toxin) appeared on the list of materials that Syria declared for destruction (ricin did not appear anywhere in Warrick’s “documentation” of Syria’s bioweapons capability just a month earlier):

The movement of chemicals and equipment in recent days — which initially spurred fears that Syrian officials were trying to hide parts of their stockpile — suggests instead that the weapons are being consolidated ahead of a first visit by inspection teams that arrived in the country last week, administration officials said.

The activity has contributed to a cautious optimism among U.S. officials over the prospects for quickly dismantling the chemical arsenal. Syrian officials a week ago turned over their first inventory of chemical weapons and storage sites, a list that U.S. analysts described as detailed, although incomplete.

The records have helped shed light on a sizable Syrian stockpile that U.S. officials say contains hundreds of tons of precursors for the nerve agents sarin and VX, as well as a surprise: ricin, a highly lethal poison derived from castor beans.

Yesterday, The Intercept finally (the document is marked as having been approved for release just before last Christmas!) liberated a cache of email conversations (pdf) taking place between a number of national security reporters and the CIA’s Office of Public Affairs.  The document is 574 pages long, but I want to focus on only one email to the office and the reply it generated, because it fits perfectly into this overall pattern of intelligence (and diplomatic) operatives catapulting propaganda with the eager cooperation of sychophantic reporters and because it mentions ricin. The email in question comes from Wall Street Journal reporter Siobhan Gorman and appears to be sent to at least two redacted recipients at CIA and mentions ricin in the context of Syria:

Gorman email

 

Okay. So this email takes place in July of 2012, just over a year before the Ghouta attack that used sarin.

Before we get to more of this story, a bit of background on ricin is in order. Continue reading

Laptop of Death, 2.0

The Greater US War to Remake the Middle East has been going on so long, it is already re-running its story lines.

Back in 2004, when Dick Cheney was trying to drum up a hot war against Iran, the CIA got dealt a laptop that provided a casus belli all wrapped up in a bow: all aspects of Iran’s nuke program, all conveniently collected on one laptop, somehow falling into intelligence hands. It later showed signs of being a forgery.

Now, as the warmakers are trying to gin up a hot war against ISIS (in seeming co-belligerence with Iran!), that’s whose laptop we find, courtesy of Foreign Policy: a Tunisian named Muhammed whose last name and picture Foreign Policy declined to provide. On the laptop, FP found a 19-page document that explains how to “weaponize” bubonic plague by throwing it on grenades close to air conditioning units.

“Use small grenades with the virus, and throw them in closed areas like metros, soccer stadiums, or entertainment centers,” the 19-page document on biological weapons advises. “Best to do it next to the air-conditioning. It also can be used during suicide operations.”

Because a college science student only needs 19 pages to accomplish the technical feat of weaponizing the plague.

Remarkably, a lot of people are taking this as a serious discovery, even though FP describes obtaining the laptop this way:

Abu Ali, a commander of a moderate Syrian rebel group in northern Syria, proudly shows a black laptop partly covered in dust. “We took it this year from an ISIS hideout,” he says.

Abu Ali says the fighters from the Islamic State of Iraq and al-Sham (ISIS), which have since rebranded themselves as the Islamic State, all fled before he and his men attacked the building. The attack occurred in January in a village in the Syrian province of Idlib, close to the border with Turkey, as part of a larger anti-ISIS offensive occurring at the time. “We found the laptop and the power cord in a room,” he continued, “I took it with me. But I have no clue if it still works or if it contains anything interesting.”

As we switched on the Dell laptop, it indeed still worked. Nor was it password-protected.

We are supposed to believe that 1) ISIS got routed back in January 2) left their laptop 3) don’t password protect their devices.

More amusingly, we’re supposed to believe that upon capturing devices from an adversary, the “moderate” beheaders in the FSA would not look for intelligence on those devices. Instead, they’d let a computer collect dust over the course of 8 months, never once attempting to so much as turn on a laptop, until such time as it became imperative to foster opposition to ISIS.

Because powering a laptop is apparently too hard for FSA commanders?

Either Abu Ali is lying, or he’s lying. Which means the provenance of this laptop and this story is so suspect it should not be treated seriously. There are plenty of other reasons to doubt the story. But if your source claims never to have turned on a laptop — never to have even tried! — seized from an adversary over the course of 8 months, your source is not telling the truth.

US Endangers Public Health Efforts with Spying, Again

Jim and I have both written a bunch about the dangers of using public health campaigns as cover for spying, as CIA did when it asked Dr. Shakeel Afridi to try to collect DNA from those on Osama bin Laden’s compound under cover of a hepatitis vaccination campaign. If those hostile to US interests suspect such campaigns — and even more pointedly, Polio vaccination campaigns — it can taint important efforts.

Today we learn that Afridi’s not the only case where US spooks have done this. As part of a campaign to have Latin American youths encourage oppositional culture in Cuba, USAID contractor Creative Associates had one contractor use an HIV prevention workshop as cover.

In one case, the workers formed an HIV-prevention workshop that memos called “the perfect excuse” for the program’s political goals — a gambit that could undermine America’s efforts to improve health globally.

[snip]

“USAID and the Obama administration are committed to supporting the Cuban people’s desire to freely determine their own future,” the agency said in response to written questions from the AP. “USAID works with independent youth groups in Cuba on community service projects, public health, the arts and other opportunities to engage publicly, consistent with democracy programs worldwide.”

In a statement late Sunday, USAID said the HIV workshop had a dual purpose: It “enabled support for Cuban civil society while providing a secondary benefit of addressing the desire Cubans expressed for information and training about HIV prevention.”

Page 3 of the included documents show the subcontractor describing the HIV training as the perfect excuse, as that was something authorities would permit.

I repeat what I said earlier: Cuba would open up far more quickly if the US ended its embargoes on Cuba, especially its ban on flights to Cuba.

But instead we have to scheme short-sighted plans to open up Cuba clandestinely.

Update: Here’s a more complete description of the HIV training from the extended story.

If the idea was to hold a series of seminars to recruit new “volunteers,” Murillo needed a theme that would both draw in potential recruits and still be sanctioned by the state.

An HIV-prevention workshop was just the thing.

Months later, in November 2010, the workshop drew 60 people. Pozo also participated — evidence, Murillo said, that his scheme was working.

The workshop was supposed to offer straightforward sex education for HIV prevention, such as the proper way to use a condom.

“Cubans expressed a desire for information and training about HIV prevention, and the workshop helped to address their needs,” USAID said in response to written questions.

But the ulterior motive, documents show, was to use the workshop as a recruiting ground for young people by showing them how to organize themselves.

[snip]

Reached in San Jose, Costa Rica, Murillo said he could not speak about the details of his Cuba trips because he had signed a nondisclosure agreement. He said he wasn’t trying to do anything beyond teach people how to use condoms properly.

“I never said to a Cuban that he had to do something against the government. If that was the mission of others, I don’t know,” Murillo said. “I never told a Cuban what he had to do.”

Nevertheless, Murillo’s six-page report back to Creative Associates mentioned HIV only once, to note that it was “the perfect excuse for the treatment of the underlying theme.” Elsewhere, the report revealed another objective: “to generate a network of volunteers for social transformation.”

Update: Jim (who’s prepping his daughter to go off to be-a-lawyer school) reminds me of how USAID fluffs the numbers on its health-related programs to make them look like successes.

Is CIA’s Admission of Spying an Effort to Undercut Whistleblowers?

The CIA spied on Congress! The headlines yesterday read.

By the end of the day, the CIA shared the unclassified summary of Inspector General David Buckley’s conclusions.

But the conclusions are a muddle:

Agency Access to Files on the SSCI RDINet:

Five Agency employees, two attorneys and three information technology (IT) staff members, improperly accessed or caused access to the SSCI Majority staff shared drives on the RDINet.

Agency Crimes Report on Alleged Misconduct by SSCI Staff:

The Agency filed a crimes report with the DOJ, as required by Executive Order 12333 and the 1995 Crimes Reporting Memorandum between the DOJ and the Intelligence Community, reporting that SSCI staff members may have improperly accessed Agency information on the RDINet. However, the factual basis for the referral was not supported, as the author of the referral had been provided inaccurate information on which the letter was based. After review, the DOJ declined to open a criminal investigation of the matter alleged in the crimes report.

Office of Security Review of SSCI Staff Activity:

Subsequent to directive by the D/CIA to halt the Agency review of SSCI staff access to the RDINet, and unaware of the D/CIA’s direction, the Office of Security conducted a limited investigation of SSCI activities on the RDINet. That effort included a keyword search of all and a review of some of the emails of SSCI Majority staff members on the RDINet system.

Lack of Candor:

The three IT staff members demonstrated a lack of candor about their activities during interviews by the OIG.

Compare the suggested chronology of these bullets with some of the details Dianne Feinstein provided in March.

[O]n January 15, 2014, CIA Director Brennan requested an emergency meeting to inform me and Vice Chairman Chambliss that without prior notification or approval, CIA personnel had conducted a “search”—that was John Brennan’s word—of the committee computers at the offsite facility. This search involved not only a search of documents provided to the committee by the CIA, but also a search of the ”stand alone” and “walled-off” committee network drive containing the committee’s own internal work product and communications.

According to Brennan, the computer search was conducted in response to indications that some members of the committee staff might already have had access to the Internal Panetta Review. The CIA did not ask the committee or its staff if the committee had access to the Internal Review, or how we obtained it.

Instead, the CIA just went and searched the committee’s computers.

[snip]

Days after the meeting with Director Brennan, the CIA inspector general, David Buckley, learned of the CIA search and began an investigation into CIA’s activities. I have been informed that Mr. Buckley has referred the matter to the Department of Justice given the possibility of a criminal violation by CIA personnel.

[snip]

Weeks later, I was also told that after the inspector general referred the CIA’s activities to the Department of Justice, the acting general counsel of the CIA filed a crimes report with the Department of Justice concerning the committee staff’s actions.

According to DiFi, CIA had already accessed the servers by January 15. Buckley says that at least some of the searches — the ones by the Office of Security — happened after that point, after Brennan ordered them to stop.

This limited hangout is not just an admission that CIA spied on SSCI, but that they spied and continued spying.

Buckley also appears to be saying that what DiFi described as his own referral (though he doesn’t refer to it as such) — made sometime before March — was based off erroneous information. The implication is DOJ didn’t pursue charges because they were told the original allegations — which Buckley passed on, according to DiFi — were incorrect.

That’s all very fishy, particularly when you recall this story, about the CIA spying on its own whistleblower in the matter.

The CIA obtained a confidential email to Congress about alleged whistleblower retaliation related to the Senate’s classified report on the agency’s harsh interrogation program, triggering fears that the CIA has been intercepting the communications of officials who handle whistleblower cases.

[snip]

Buckley obtained the email, which was written by Daniel Meyer, the intelligence community’s top official for whistleblower cases, to the office of Sen. Chuck Grassley, R-Iowa, a leading whistleblower-protection advocate. The Senate Intelligence Committee also learned of the matter, said the knowledgeable people.

After obtaining the email, Buckley approached Meyer’s boss, I. Charles McCullough III, the inspector general for the 17-agency U.S. intelligence community, in what may have constituted a violation of the confidentiality of the whistleblowing process, they said.

[snip]

Meyer’s email concerned allegations that Buckley failed to thoroughly investigate a whistleblower retaliation claim, McClatchy has learned. The retaliation allegedly involved delays by the CIA in paying the legal fees of CIA officials who cooperated with the Senate committee. An indemnification agreement required the agency to cover those costs – which it eventually did – as long as the officers weren’t found to have committed any wrongdoing.

We know David Buckley has been treating whistleblowers inappropriately. Yet he’s the guy who apparently reneged on his claims that CIA illegally spied. Even though they spied after the time John Brennan told them (heh) to stop.

Military Intelligence Industrial Complex Providing 30% Bonuses to Potential HASC and HPSCI Chairs

Because of Buck McKeon and Mike Rogers’ retirement this year, the Chairmanships of both the House Armed Services Committee and the House Intelligence Committee will be up for grabs early next year.

Roll Call decided to see how this was affecting funding for the contenders to replace McKeon and Rogers.Their results were pretty striking. HASC contenders Mac Thronberry and Randy Forbes and HPSCI contenders Devin Nunes and Mike Pompeo are experiencing significantly bigger hauls from defense contractors than in the past.

Four of the top five candidates for the chairmanships of the House Armed Services and Intelligence panels have raised considerably more money this election cycle than they did at a similar point in 2012. The same four have also raised much more money from the defense industry than before – in some cases, more than doubling their takes.

Most of them, too, have raised more money in the first full quarter since the departures of the incumbent chairmen became official, and donated more to other candidates and GOP party committees than in the last cycle.

[snip]

Thornberry, Forbes, Nunes and Pompeo each have raised at least 30 percent more through the first six quarters of the 2014 election cycle than they did over same period of 2012. Only King — who was Homeland Security chairman through 2012 — has raised less. Nunes has raised the most overall: $2 million.

Thornberry, Nunes and Pompeo have more than doubled in the current election cycle the amount they got from the defense sector over the same period in the 2012 election cycle, and Forbes has reaped 40 percent more, while King’s dipped. Thornberry has received the most overall — $344,350.

Thornberry, too, saw the biggest leap from the most recent fundraising quarter than ended in June compared with the same quarter in the 2012 cycle, 84 percent. Forbes and Pompeo also saw increases over that period.

Click through to see how McKeon and Rogers’ retirement announcements set off this boondoggle and how the take has allowed the contenders to fund their colleagues as well.

Ah, democracy as our forefathers intended! Where campaign bribery plays a key role in determining who will oversee the National Security State.

The Intelligence Propaganda Complex

Matt Apuzzo has a remarkable story about the efforts DOJ is making to protect the records of United Against Nuclear Iran, a purported NGO that shames entities potentially doing business with Iran.

Greek shipping magnate Victor Restis is suing the group for defamation, claiming they falsely accused him of being an Iranian front.

The group said it had uncovered a letter proving there was a plan to do business in Iran. It also accused Mr. Restis of using his ships in support of Iran’s oil industry.

Mr. Restis said the letter was fraudulent, the illicit Iranian deal never existed, and his ships made only authorized humanitarian shipments. He accused the group of shaking down companies for donations; the group in turn accused him of being a “master criminal.”

The group said it based its accusations on “valid research, credible documents, distinguished relationships, and pre-eminent sourcing.” In court, Mr. Restis demanded that the group disclose those documents and its relationships.

Soon after that demand, Mr. Restis said he was approached by an Israeli businessman, Rami Ungar, with no direct connection to United Against Nuclear Iran.

According to court documents filed by Mr. Restis’s lawyers, Mr. Ungar knew details about the case and said he was “authorized to try to resolve the issues” on behalf of the group’s supporters.

It was not clear who those supporters were. Like many nonprofit groups, its donor list is secret. Mr. Restis’s lawyers said in a letter to the judge in April that they had uncovered information that United Against Nuclear Iran “is being funded by foreign interests.”

DOJ suggested they might claim a law enforcement exception to protect the files, though it has not yet formally claimed such a privilege. That might suggest the files are Treasury files that may soon be used to impose sanctions on Restis. Or perhaps it means they have files that don’t meet Treasury’s standards for imposing sanctions, and UANI exists to shame people where sanctions are unavailable. In any case, Restis wants to know how Ungar got them; I’d like to know precisely what UANI is getting from whom.

Apuzzo lists some of the characters who are behind the group: former Mideast Peace Envoy Dennis Ross, Fran Townsend, and Joe Lieberman. Otto Reich, whose role in Iran-Contra (as opposed to his role in trying to overthrow Hugo Chavez in the 2002 coup) involved illegally funneling taxpayer dollars for the purposes of lobbying, is of particular note. Restis is particularly interested in interviewing UANI advisor Meir Dagan, the long-time head of Mossad; Restis believes Dagan provided the documents to Ungar. In addition, Richard Dearlove, who was in charge of sexing up the British case for war in 2003 when he was MI6, also advises the group.

in other words, it’s a classic case of a quasi-governmental group, one that apparently plays an extra-legal purpose in the campaign to isolate Iran (to be fair, most, though not all, of its advisors have worked hard to stave off war). And Restis’ efforts to get some kind of justice against it may be stymied by US claims they’ve got privileged interests in the case.

The entire episode raises some very good questions about what goes into isolating our adversaries.

1 2 3 88
Emptywheel Twitterverse
bmaz It's amazing that @ESPN can't quite get the feed on the ASU/Huskies game right for squat, but they can always, oh so easily, parrot Goodell.
10mreplyretweetfavorite
bmaz RT @teddysanfran: @bmaz I wonder if she saw it coming? http://t.co/sTrMmqBMB4
12mreplyretweetfavorite
bmaz Say what you will about Obamacare, but internet+media fanboys saying Dems losing ground in both House+Senate is "winning" issue are insane.
16mreplyretweetfavorite
JimWhiteGNV RT @WilliamsJon: CDC: Health Care Workers volunteering to combat #Ebola epidemic in West Africa are heroes. We must treat them with respect…
17mreplyretweetfavorite
JimWhiteGNV RT @ninatypewriter: I'm just gonna keep on tweeting about this until @MSF_USA nurse Kaci Hickox is out of that fucking tent.
31mreplyretweetfavorite
bmaz @ColMorrisDavis @emptywheel @ddayen @CitizenCohn Also can't wait for the next time @speechboy71 opportunistically wants to shit on my family
32mreplyretweetfavorite
bmaz Perfect question. My guess is NO! RT @teddysanfran I wonder if she saw it coming? http://t.co/3slVw6xNUO
35mreplyretweetfavorite
bmaz Hey @AdobeFlash you asswipes are terminally hashing on my internet mellow. If you are going to be ubiquitous, try not to be such dickheads
36mreplyretweetfavorite
bmaz @ColMorrisDavis @emptywheel @ddayen @CitizenCohn And, hey, no reason for other fanboys to call @speechboy71 out for inconvenient bullshit.
52mreplyretweetfavorite
bmaz @ColMorrisDavis @emptywheel @ddayen @CitizenCohn Guess when yer a soul patched whiz kid of internet like @speechboy71 you can shit on others
54mreplyretweetfavorite
JimWhiteGNV RT @teddysanfran: I wonder if she saw it coming? http://t.co/sTrMmqBMB4
1hreplyretweetfavorite
bmaz @ColMorrisDavis @emptywheel @ddayen @CitizenCohn I'd have to be senile and willing to lie out of my ass like @speechboy71 but, hey, someday.
1hreplyretweetfavorite
October 2014
S M T W T F S
« Sep    
 1234
567891011
12131415161718
19202122232425
262728293031