LAT has a story describing what a slew of others — including me — have already laid out. The OPM hack will enable China to cross-reference a bunch of databases to target our spooks. Aside from laying all that out again (which is worthwhile, because not a lot of people are still not publicly discussing that), LAT notes Russia is doing the same.
But other than that (and some false claims the US doesn’t do the same, including working with contractors and “criminal” hackers) and a review of the dubiously legal Junaid Hussain drone killing, LAT includes one piece of actual news.
At least one clandestine network of American engineers and scientists who provide technical assistance to U.S. undercover operatives and agents overseas has been compromised as a result, according to two U.S. officials.
I would be unsurprised that China was rolling up actual HUMINT spies in China as a result of the OPM breach (which would explain why we’d be doing the same in response, if that’s what we’re doing). But the LAT says China (and/or Russia) is targeting “engineers and scientists who provide technical assistance” to spooks — one step removed from the people recruiting Chinese (or Russian) nationals to share its country’s secrets.
I find that description rather curious because of the way it resembles the complaint by CIA contractor whistleblower John Reidy in an appeal of a denial of a whistleblower complaint by CIA’s Inspector General. (Marisa Taylor first reported on Reidy’s case.) As I extrapolated from redactions some weeks ago, it looks like Reidy reported CIA’s reporting system getting hacked at least as early as 2007, but the contractors whose system got (apparently) hacked got him fired and CIA suppressed his complaints, only to have the problem get worse in the following years until CIA finally started doing something about it — with incomplete information — starting in 2010.
Reidy describes playing three roles in 2005: facilitating the dissemination of intelligence reporting to the Intelligence Community, identifying Human Intelligence (HUMINT) targets of interest for exploitation, and (because of resource shortages) handling the daily administrative functions of running a human asset. In the second of those three roles, he was “assigned the telecommunications and information operations account” (which is not surprising, because that’s the kind of service SAIC provides to the intelligence community). In other words, he seems to have worked at the intersection of human assets and electronic reporting on those assets.
Whatever role he played, he described what by 2010 had become a “catastrophic intelligence failure” in which “upwards of 70% of our operations had been compromised.” The problem appears to have arisen because “the US communications infrastructure was under siege,” which sounds like CIA may have gotten hacked. At least by 2007, he had warned that several of the CIA’s operations had been compromised, with some sources stopping all communications suddenly and others providing reports that were clearly false, or “atmospherics” submitted as solid reporting to fluff reporting numbers. By 2011 the government had appointed a Task Force to deal with the problem he had identified years earlier, though some on that Task Force didn’t even know how long the problem had existed or that Reidy had tried to alert the CIA and Congress to the problem.
All that seems to point to the possibility that tech contractors had set up a reporting system that had been compromised by adversaries, a guess that is reinforced by his stated desire to bring a “qui tam lawsuit brought against CIA contractors for providing products whose maintenance and design are inherently flawed and yet they are still charging the government for the products.” In his complaint, he describes Raytheon employees being reassigned, suggesting that contracting giant may be one of the culprits, but all three named contractors (SAIC, Raytheon, and Mantech) have had their lapses; remember that SAIC was the lead contractor that Thomas Drake and friends exposed.
Reidy’s appeal makes it clear that one of the things that exacerbated this problem was overlapping jurisdiction, with a functional unit apparently taking over control from a geographic unit. While that in no way rules out China, it sounded as much like the conflict between CIA’s Middle East and Counterterrorism groups that has surfaced in other areas as anything else.
The reason I raise Reidy is because — whether or not the engineers targeted as described in the LAT story are the same as the ones Reidy seems to describe — Reidy’s appeal suggests the problem he described arose from contractor incompetence and cover-ups.
I guess you could say the same about the OPM hack (though it was also OPM’s incompetence). Except in the earlier case, you’re talking far more significant intelligence contractors — including SAIC and Raytheon, who both do a lot of cybersecurity contracting on top of their intelligence contracting — and a years-long cover up with the assistance of the agency in question.
All while assets were being exposed, apparently because of insecure computer systems.
China’s hacking is a real threat to the identities of those who recruit human sources (and therefore of the human sources themselves).
But if Reidy’s complaint is true, then it’s not clear how much work China really needs to do to compromise these identities.
The WaPo has a good review of how postal service worker Doug Hughes managed to fly his gyrocopter onto the Capitol lawn without being spotted by the Secret Service or other security forces.
But the best part of the story cites corporate sucklings Chuck Schumer and Ron Johnson expressing dismay that the security theater draping DC didn’t prevent Hughes from landing a harmless aircraft on their lawn.
On Capitol Hill, there was less concern Thursday about Hughes’s message than how he delivered it — flying into the heart of the nation’s capital and alighting on the Capitol lawn about 1:30 p.m. in what amounts to an airborne go-cart, powered by something like a lawn mower engine, and kept aloft by an overhead rotor and a small propeller.
“How did it happen?” Sen. Charles E. Schumer (D-N.Y.) wondered aloud. “How did the helicopter get through? Why weren’t there alarm bells that went off? Why wasn’t it intercepted? Did we know about it? How far from the Capitol grounds did we know?”
Schumer, the Senate’s third-ranking Democrat, added: “Just saying it’s a little helicopter, or it’s one person, or it was harmless, does not answer these questions. And we need to know what happened.”
Sen. Ron Johnson (R-Wis.), chairman of the Homeland Security and Governmental Affairs Committee, said in a statement: “I am deeply concerned that someone has the ability to fly for over an hour through the most restricted airspace in our country, past the White House, and land on the lawn of the Capitol.”
He added that he wants “a full accounting by all federal organizations entrusted with securing the United States from this and similar events.” That Hughes was able to pull off the stunt, Johnson said, is “a reminder that the risk to America and Americans is ever present.”
As Nancy Pelosi noted in comments yesterday (which were almost, but not quite, this shrill), there are reasons to want the Capitol to remain fairly open. And it is fairly open — easier to get into than an airport, for example. That makes it accessible to the thousands of local lobbying and school groups who want to see their Representatives’ office.
But it also makes it permeable by lobbyists.
The big money lobbyists, of course, do far more damage to this country than a gyrocopter ever could, damage that Schumer and Johnson are enthusiastic participants in.
Which is sort of Hughes’ point.
I expect more ironic symbolism from this event going forward, as a bunch of security-industry intoxicated Congressmen take as a lesson from this that they need to insulate themselves even more from the people warning about them insulating themselves form their constituents.
But as Jeremy Scahill tweeted last evening, read this piece by WaPo’s Barton Gellman on malicious code insertion. This news explains recent changes by Google to YouTube once it had been disclosed to the company that exploits could be embedded in video content as CitizenLab.org explains:
“… the appliance exploits YouTube users by injecting malicious HTML-FLASH into the video stream. …”
“… the user (watching a cute cat video) is represented by the laptop, and YouTube is represented by the server farm full of digital cats. You can observe our attacker using a network injection appliance and subverting the beloved pastime of watching cute animal videos on YouTube. …”
The questions this piece shake loose are Legion, but as just as numerous are the holes. Why holes? Because the answers are ugly and complex enough that one might struggle with them. Gellman’s done the best he can with nebulous material.
An interesting datapoint in the first graf of the story is timing — fall 2009.
You’ll recall that Google revealed the existence of a cyber attack code named Operation Aurora in January 2010, which Google said began in mid-December 2009.
You may also recall news of a large batch of cyber attacks in July of 2009 on South Korean targets.
The U.S. military had already experienced a massive uptick in cyber attacks in 1H2009, more than double the rate of the entire previous year.
And neatly sandwiched between these waves and events is a visit by a defense contractor CloudShield Technologies engineer from California, to Munich, Germany with British-owned Gamma Group. Continue reading
You should definitely read the James Risen story describing how the head of Blackwater’s operations in Iraq threatened to kill an investigator into the company’s practices in the period before the Nisour Square. It definitely confirms every concern that has been raised about mercenaries generally and Blackwater specifically.
But I want to look at the frame Risen gave the story, which I suspect few will read closely.
His memo and other newly disclosed State Department documents make clear that the department was alerted to serious problems involving Blackwater and its government overseers before the Nisour Square shooting, which outraged Iraqis and deepened resentment over the United States’ presence in the country.
Condoleezza Rice, then the secretary of state, named a special panel to examine the Nisour Square episode and recommend reforms, but the panel never interviewed Mr. Richter or Mr. Thomas.
Patrick Kennedy, the State Department official who led the special panel, told reporters on Oct. 23, 2007, that the panel had not found any communications from the embassy in Baghdad before the Nisour Square shooting that raised concerns about contractor conduct.
“We interviewed a large number of individuals,” Mr. Kennedy said. “We did not find any, I think, significant pattern of incidents that had not — that the embassy had suppressed in any way.”
The reason this is coming out — aside from the fact the government is trying to try the Nisour Square killers again — is to show that contrary to what Patrick Kennedy said after having done a review of security practices in 2007, there had been a pattern of incidents, and they had been suppressed by the Embassy.
Now consider how that reflects on the GOP’s second favorite scandal, Benghazi. Not only was Kennedy the key judge about the events leading up to that event (which is normal — he’s been a key player in State for a very long time; I’m beginning to believe he’s State’s institutional defender in the same way David Margolis was at DOJ), but the question of security oversight is important there: Blue Mountain Group appears to have done its job inadequately (and there are some sketchy things about its contract and contractors).
Benghazi is actually not a bigger scandal than that State suppressed knowledge of Blackwater’s problems. But there does seem to be continuity.
Somewhere Booz Allen Hamilton Vice Chairman (and former NSA Director) Mike McConnell just said, “Ka-Ching.”
As I noted, the initial manager’s amendment of HR 3361 (AKA USA Freedumb Act) added compensation language to Section 215 that didn’t originally exist.
(j) COMPENSATION.—The Government shall compensate, at the prevailing rate, a person for producing tangible things or providing information, facilities, or assistance in accordance with an order issued or an emergency production required under this section.
In this latest iteration, the compensation has been expanded beyond just the telecoms to anyone else who assists.
(j) COMPENSATION.—The Government shall compensate a person for reasonable expenses incurred for—
(1) producing tangible things or providing information, facilities, or assistance in accordance with an order issued with respect to an application described in subsection (b)(2)(C) or an emergency production under subsection (i) that, to comply with subsection (i)(1)(D), requires an application described in subsection (b)(2)(C); or
(2) otherwise providing technical assistance to the Government under this section or to implement the amendments made to this section by the USA FREEDOM Act.
There’s reason to believe that contractors (AKA Booz!) does some of the triage work on the data currently. So one solution to that problem might be to move those Booz contractors — with their access directly to the raw data of Americans — over to Verizon and AT&T.
Because why shouldn’t NSA contractors be in bed together, wallowing in all your raw data.
Glad to see this bill is improving Intelligence Contractors bottom line, even if it doesn’t improve the dragnet.
The very same week the President released his breathless report on Big! Data!, the Washington Post has a story criticizing the sheer number and types of reports Congress requires from the Federal bureaucracy.
It started out with a good idea. Legislators wanted to know more about the bureaucracy working beneath them. So they turned to a tool as old as bureaucracy itself — the interoffice memo. They asked agencies to send in written reports about specific things they were doing.
Then, as happens in government, that good idea was overused until it became a bad one.
But as the numbers got bigger, Congress started to lose track. It overwhelmed itself. Today, Congress is not even sure how many of those 4,291 reports are actually turned in. And it does not try to save copies of all the ones that are.
So some agencies cheat and send in nothing. And others waste time and money sending in reports — such as the one on dog and cat fur — that simply disappear into the void.
To support its case, WaPo focuses on one report requiring Customs and Border Patrol to report on how much dog and cat fur products are being shipped into the US, which is probably a needless report (which is also probably why WaPo picked it out of the 4,291 it identified).
And WaPo — a member of the Fourth Estate that purportedly serves as a check on power — comes to this very dangerous conclusion.
The problem is that there is no system to sort the good ones from the useless ones. They all flow in together, which makes it hard for congressional staffers to spot any valuable information hidden in the flood.
First, the press is part of that system! Rather than throwing cat and dog fur, perhaps WaPo could have tried to distinguish those that were critical from those that are questionable and those that are clearly frivolous.
Moreover, it is the height of irresponsibility to absolve Congressional staffers — whose bosses are the only ones that can eliminate useless reports — of responsibility for reading the reports they get. Either the staffers must be held accountable for reading the reports, or for eliminating them. That’s how you fix the system. That’s why we’re paying them.
Ultimately, too, I’m not sure I buy the WaPo’s argument that these are useless reports. 4,291 seems like a not unreasonable amount of data for legislators to receive and read about the world’s biggest (perhaps now second biggest) economy, about DOD’s $526 billion budget, about the many federal benefit programs, about the expanding police state.
And if you look at the actual list (rather than WaPo’s admittedly snazzy but not very informative infographic on them), many — perhaps even most — of the reports make a lot of sense.
Consider the reports listed for General Services Administration, an entity with an annual budget of $26 billion, which has the ability to effect great change as the source of enormous spending, and one that has routinely experienced significant spending scandals.
Reports 1, 6, 7, 8, 10, 11, 12, 17, and 18 are simply reports Congress needs to ask for to ensure there’s some visibility into the Agency, to ensure they’ll be informed if GSA finds something wrong itself. Reports 2, 3, 4, 5, 9, 13, 14, 19, and 22 measure the efficacy of efforts to use GSA’s buying power to do some social good (and report 9, on ADA accessibility, involves significant legal compliance). Reports 15 and 16 address an area susceptible to graft. Reports 20 and 21 are not only key to cost-benefit analysis of how Federal employees travel, but they apparently are tied to one of GSA’s most requested links. Some of these are also reports tied to an action, like buying a building. And all that amounts to less than 1 report for every $ billion American taxpayers give to GSA. If anything, there are a few more reports — that might identify obviously politicized or excessive spending, which is a persistent problem with GSA — that are missing.
Admittedly, that’s just one random agency. But aside from some entities the Federal government runs itself (like American Samoa and DC) as well as some Commissions over which there have been political fights in the past I’m not seeing a whole lot of waste here — though there may be some inefficiency in how the information is requested. I might grant that in the era of big data we need to automate this — in effect, give Congress a better way to Big! Data! the bureaucracies it oversees (though that would be awfully susceptible to abuse), but I don’t see a lot of information that shouldn’t be required from the bureaucracy.
I’m reminded how, 2 years ago, James Clapper claimed ODNI had to produce too many reports and should be permitted to eliminate 30 of them. He tried to get rid of the annual report on how many people have security clearance (one of the few ways we can measure the ballooning secret government). He tried to get rid of reports on Department of Homeland Security’s notoriously useless intelligence agency. He tried to eliminate reports on Chinese spying on the US and nuclear lab security, both persistent security issues. He tried to eliminate a report informing Congress what the privacy staffs of intelligence agencies are doing. In short, in the guise of onerous reporting, he tried to eliminate crucial oversight (as well as a paper trail that could be FOIAed) on several areas of great public concern.
Or consider this: DOD cannot pass an audit. The biggest military in the world still is not required to account for the money it spends, both to itself and Congress.
And yet a newspaper is saying we require too much reporting from the great big bureaucracy?
I don’t buy it.
Here’s an interesting “reform” in the RuppRoge’s Fake Dragnet Fix. It pays the telecoms.
COMPENSATION AND ASSISTANCE.–The Government shall compensate, at the prevailing rate, an electronic communications service provider for providing records in accordance with directives issued pursuant to [their bill].
Section 215 does not include such a payment provision. And while the first two phone dragnet orders included provision for such payments, that was probably illegal.
Don’t get me wrong. I’m sure the government has found some way to pay the telecoms, either through added payments for AT&T’s Hemisphere program or gifts in kind. (Though given the timing of DOJ’s suit against Sprint for over-billing, I do wonder whether the government is retaliating for something.) Telecoms don’t spy for free, so I’m sure they’ve been getting paid, illegally, for the last 8 years of dragnet spying they’ve been doing.
But the lack of such provision in Section 215 should have limited the scope of the dragnet. It should have required that requests be so narrow no telecom was going to send big bills to the government every month. And it presumably made the telecoms (well, except for AT&T, which never met a spying request it didn’t love) less willing to interpret orders from the government expansively.
The inclusion of such a compensation clause in the RuppRoge “reform” makes it even more likely this dragnet will expand with the now well-oiled willingness of the telecoms to go above and beyond the letter of the request.
Which is presumably just how the NSA wants it to be.
The NYT has a story about a mock US aircraft carrier Iran is building, its sources say, so Iran can blow it up for the propaganda value.
Iran is building a nonworking mock-up of an American nuclear-powered aircraft carrier that United States officials say may be intended to be blown up for propaganda value.
This has set off chatter about how weird and dumb Iran is for building this giant toy boat, which US sources call the Target Barge.
But pretty soon after I started reading the article I found myself applying the phrases in it to America’s F-35 program which, in many ways, is an even bigger propaganda prop. See how it looks when you swap out Iran’s barge for the F-35?
Intelligence officials do not believe that the US is capable of building an actual F-35.
“Based on our observations, this is not a functioning plane; it’s a large spending program built to look like an plane,” said Cmdr. Jason Salata, a spokesman for the Navy’s Fifth Fleet in Bahrain, across the Persian Gulf from Lockheed. “We’re not sure what the US hopes to gain by building this. If it is a big propaganda piece, to what end?”
“It is not surprising that American military forces might use a variety of tactics — including military deception tactics — to strategically communicate and possibly demonstrate their resolve in air power,” said a Chinese official who has closely followed the construction of the F-35.
[T]he Pentagon has taken no steps to cloak from prying Chinese hackers what it is building in pork-laden building sites across several countries. “The system is often too opaque to understand who hatched this idea, and whether it was endorsed at the highest levels,” said Karim Sadjadpour, an American expert at the Carnegie Endowment for International Peace.
See what I mean?
Opacity of purpose.
Failure to provide adequate security.
Probable impossibility to bring to completion.
I’m not all that sure what distinguishes the F-35 except the cost: Surely Iran hasn’t spent the equivalent of a trillion dollars — which is what we’ll spend on the F-35 when it’s all said and done — to build its fake boat.
So which country is crazier: Iran, for building a fake boat, or the US for funding a never-ending jet program?
In today’s HJC hearing on the NSA, there was extensive discussion about the risks of outsourcing the dragnet to the telecoms or — especially, to a third party holding all the data. It’s a concern I share.
That said, not a single person at the hearing seemed to be aware of this footnote, which has been in the phone dragnet primary orders since at least last April.
5 For purposes of this Order, “National Security Agency” and “NSA personnel” are defined as any employees of the National Security Agency/Central Security Service (“NSA/CSS” or “NSA”) and any other personnel engaged in Signals Intelligence (SIGINT) operations authorized pursuant to FISA if such operations are executed under the direction, authority, or control of the Director, NSA/Chief, CSS (DIRNSA).
If this language left any doubt that it permits contractors to directly query the database of every single phone-based relationship in the US, this language from Dianne Feinstein’s Fake FISA Fix bill report (which aims to codify the status quo) should eliminate them.
The Committee believes that, to the greatest extent practicable, all queries conducted to the authorities established under this section should be performed by Federal employees. Nonetheless, the Committee acknowledges that it may be necessary in some cases to use contractors to perform such queries. By using the term “government personnel” the Committee does not intend to prohibit such contractor use.
Contractors already have access to the dragnet.
If it presents a security threat to have contractors from Booz Allen Hamilton or some other intelligence contractor to have direct access to the dragnet, then we need to shut the dragnet down.
Because they’ve already got it.
In what is sure to be some interesting book publicity, Erik Prince has gone sobbing to the WSJ about the shoddy treatment the government that paid him billions treated him. In the piece, he continues to reveal new details about some of the operations CIA paid him to do, including the kill team training first revealed in 2009.
A chief target of Mr. Prince’s ire is Mr. Panetta, who in 2009 shut down the covert training operation for CIA “hit teams” that former Blackwater officials said took place on Mr. Prince’s Virginia property.
The CIA had been sending officers for training at Blackwater’s North Carolina training facility. But it wanted something closer to its Langley, Va., headquarters, former company officials said. So they asked Mr. Prince to build a small shooting range on his rural Virginia land.
“They needed a place that was only 35 minutes away from work,” said Gary Jackson, the former Blackwater president. “Erik was OK with that, and he has the property, and we had the money.” The trainings, including live-fire exercises, drew some complaints over the years from neighbors, Mr. Jackson said.
When that information became public in 2009, right after Mr. Panetta canceled the Blackwater hit-team training, the CIA director ended the company’s role in maintaining the drones.
Mr. Prince said he is convinced that Mr. Panetta outed him as a CIA “asset” at a closed congressional hearing that year, adding that it was unthinkable for a CIA director to reveal the real name of a covert operative to lawmakers.
“No one was out to scapegoat anyone in the relationship with Blackwater, but there were some issues that arose that prompted a serious look at contracts with the company,” said one former CIA official involved in the discussions. “There was a perception that they were trying to run some of their own operations untethered from agency oversight.” [my emphasis]
Only the last bit is really new (though it is suggested in a profile of the mafia hitman involved in the program).
But remember this real point is not that Panetta outed Prince to the House Intelligence Committee, it’s that he briefed these “programs” at all. According to Jan Schakowsky, under Cheney Blackwater had been working directly with the White House on counterterrorism policy (which makes sense since Cofer Black came up with that policy in the first place).
I reminded, by the way, that Barb Milkulski told John Brennan that Panetta was the only CIA Director who didn’t “jerk around” the intelligence committees.
Imagine how sad Prince must be that his mercenary company beginning to do its own operations got cut off when Congress actually learned about it!