Obama’s “Zoo Animal” Broke Free and “Crossed the Rubicon”

At the bottom of it all has been the Bomb. For the first time in our history, the President was given sole and unconstrained authority over all possible uses of the Bomb.

[snip]

Every executive encroachment or abuse was liable to justification from this one supreme power.

If the President has the sole authority to launch nation-destroying weapons, he has license to use every other power at his disposal that might safeguard that supreme necessity. If he says he needs other and lesser powers, how can Congress or the courts discern whether he needs them when they have no supervisory role over the basis of the claim he is making? To challenge his authority anywhere is to threaten the one great authority.

–Garry Wills, Bomb Power

I suppose I’ll eventually get around to discussing how the series of condoned leaks portraying President Obama as the Deciderer all rest on the pathetic but true fact that he is only borrowing George Bush’s claim to that title.

But for now, I want to focus on the one part of David Sanger’s mixed-metahpor saturated installment in the Deciderer 2.0 series that rings most true:

Mr. Obama, according to participants in the many Situation Room meetings on Olympic Games, was acutely aware that with every attack he was pushing the United States into new territory, much as his predecessors had with the first use of atomic weapons in the 1940s, of intercontinental missiles in the 1950s and of drones in the past decade. He repeatedly expressed concerns that any American acknowledgment that it was using cyberweapons — even under the most careful and limited circumstances — could enable other countries, terrorists or hackers to justify their own attacks.

“We discussed the irony, more than once,” one of his aides said. Another said that the administration was resistant to developing a “grand theory for a weapon whose possibilities they were still discovering.” Yet Mr. Obama concluded that when it came to stopping Iran, the United States had no other choice.

With cyberwar, with drones, and (to a lesser extent) with the embrace of the terrorists’ transnational methods to fight terrorists, Obama has crossed into uncharted territory of the sort Wills explored in his book, Bomb Power. These changes are likely a step beyond the Bomb Power paradigm, whatever that entails.

Yet Obama has only barely begun to think through the ramifications of these tools. He has, instead, focused on the near and overblown threats of Iran and AQAP, not seeing both the strategic implications of even those choices, much less the implications of the sort Wills describes arose in the wake of our use of a nuclear bomb.

The President has embraced waging extralegal war using drones from the Oval Office. The President has embraced using easily manipulable code to wage physical war. What are the implications of these decisions?

Oh sure, Obama started paying attention after the fact. A year ago, he rolled out a “National Strategy for Cyberspace,” calling for international cooperation to enforce responsible behavior of the sort we have already violated.  Even more recently, DOD has been tinkering with our rules of engagement.

But there are signs it is already too late, the battle lines have been drawn. Read more

SCOTUS Cert Grant In Clapper Takes Key 9th Circuit Cases Hostage

Marcy noted briefly Monday morning, the Supreme Court granted certiorari in Clapper v. Amnesty International:

SCOTUS did, however, grant cert to Clapper v. Amnesty, which I wrote about here and here. On its face, Clapper is just about the FISA Amendments Act. But it also has implications for wiretap exceptions–and, I’ve argued–data mining exceptions to the Fourth Amendment. In any case, SCOTUS seems interested in reversing the 2nd Circuit opinion, which had granted standing to people whose work had been chilled by the passage of the FAA. Also, as I hope to note further today, SCOTUS’ Clapper decision may also impact the Hedges v. Obama ruling from last week.

As Marcy indicated, there is nothing good afoot from SCOTUS taking cert in Clapper; if they wanted to leave the very nice decision of the 2nd Circuit intact, they simply leave it intact and don’t grant review. Oh, and, yes, Marcy is quite right, it’s a very safe bet that Clapper will “impact” the also very nice recent decision in Hedges, which is, itself, headed with a bullet to the 2nd Circuit.

There was, of course, much discussion of the significance of the Clapper cert grant yesterday on Twitter; one of the best of which was between Marcy, Lawfare’s Steve Vladeck and, to a lesser extent, me. To make a long story a little shorter, I said (here and here):

See, and I HATE saying this, I think Kennedy will do just that+then same 5 will kill al-Haramain once it gets to SCOTUS and then they will have capped the Bush wiretapping well completely and closed off standing significantly for the future.

Yikes, I did not contemplate just how true this statement was; the Clapper cert grant has already had a far deeper and more pernicious effect than even I suspected. This morning, in a move I do not believe anybody else has caught on to yet, the 9th Circuit quietly removed both al-Haramain and the CCR case encaptioned In Re: NSA Telecommunications Litigation/CCR v. Obama from the oral argument calendar that has long been set for June 1 in the old 9th Circuit Pasadena courthouse. The orders for both al-Haramain and CCR are identical, here is the language from the al-Haramain one:

Argument in this case scheduled for June 1, 2012 in Pasadena, California, is vacated pending the Supreme Court’s decision in Clapper v. Amnesty Int’l, No. 11- 1025. The court may order supplemental briefing following the Supreme Court’s decision. Oral argument will be rescheduled.

Whoa. This is extremely significant, and extremely unfortunate. Also fairly inexplicable. Entering the order for CCR makes some sense, since it involves the same “fear of surveillance” standing issue as is at issue in Clapper; but doing it for al-Haramain makes no sense whatsoever, because al-Haramain is an “actual” surveillance standing case.

There simply is no issue of the claimed, putative, standing concern that permeates Clapper and CCR. Well, not unless the 9th Circuit panel thinks the Supreme Court might speak more broadly, and expand the parameters wildly, in Clapper just as they did in Citizens United. That would be a pretty ugly path for the Supreme beings to follow; but, apparently, not just a cynical bet on my part, but also a bet the 9th Circuit immediately placed as well.

To be fair, even positive forward thinking players, like Steve Vladeck, thought the lower courts might be copacetic, or that the Supremes might comply. Maybe not so much. I know, shocking. Here is a glimpse, through Vladeck, of the situation:

But at a more fundamental level, there’s one more point worth making: Readers are likely familiar with Alex Bickel’s Passive Virtues, and his thesis that, especially on such sensitive questions where constitutional rights intersect with national security, courts might do best to rely on justiciability doctrines to duck the issue—and to thereby avoid passing upon the merits one way or the other. [Think Joshua at the end of WarGames: “The only winning move is not to play.”] And at first blush, this looks like the perfect case for Bickel’s thesis, given the implications in either direction on the merits: recognizing a foreign intelligence surveillance exception and thereby endorsing such sweeping, warrantless interceptions of previously protected communications vs. removing this particular club from the government’s bag…

And yet, the foreign intelligence surveillance exception only exists because it has already been recognized by a circuit-level federal court, to wit, the FISA Court of Review. Whether the passive virtues might otherwise justify judicial sidestepping in such a contentious case, the fact of the matter is that this is a problem largely (albeit not entirely, thanks to the FISA Amendments Act) of the courts‘ making. To duck at this stage would be to let the FISA Court of Review—the judges of which are selected by the Chief Justice—have the last word on such a momentous question of constitutional law. In my view, at least, that would be unfortunate, and it’s certainly not what Bickel meant…

Back to al-Haramain and the effects in the 9th Circuit. Here is the latest, taken from the Motion for Reconsideration filed late yesterday by al-Haramain, Wendell Belew and Asim Ghafoor:

The question presented in Clapper is thus wholly unrelated to the issues presented on the defendants’ appeal in the present case. The Supreme Court’s decision in Clapper will have no effect on the disposition of the present case. Thus, there is no reason to delay the adjudication of this appeal pending the decision in Clapper, which would only add another year or more to the six-plus years that this case has been in litigation.

It makes sense for the Court to have vacated the oral argument date for Center for Constitutional Rights v. Obama, No. 11-15956, which involves theories of Article III standing similar to those in Clapper. It does not, however, make sense in the present case, where Article III standing is based on proof of actual past surveillance rather than the fear of future surveillance and expenditures to protect communications asserted in Clapper.

Yes, that is exactly correct.

And, therein, resides the problem with Vladeck’s interpretation of what is going on with the Clapper case. Steve undersold, severely, just how problematic Clapper is. Both the discussion herein, and the knee jerk action of the 9th Circuit, the alleged liberal scourge of Democratic Federal Appellate Courts, demonstrate how critical this all is and why Clapper is so important.

Clapper has not only consumed its own oxygen, it has consumed that of independent, and important, nee critical, elements of the only reductive cases there are left in the United States judicial system in regards to these ends. That would be, at an irreducible minimum, al-Haramain in the 9th Circuit.

If you have forgotten about al-Haramain, and the proceedings that took place in the inestimable Vaughn Walker’s, court, here it is. Of all the attempts to attack the Bush/Cheney wiretapping crimes, al-Haramain is the only court case that, due to its unique circumstances, has been successful. It alone stands for the proposition that mass crimes were, in fact, committed. al-Haramain had a tough enough road ahead of it on its own, the road has become all the more treacherous now because of Clapper.

The 9th Circuit should grant the motion for reconsideration and reinstate al-Haramain on the oral argument calendar, but that is quite likely a longshot at this point. Expect the DOJ to file a very aggressive response, they are undoubtedly jumping for joy at this stroke of good fortune and will strive to protect it.

Remember When Russia’s Enemy Helped the Mujahadeen Neutralize Russia’s Most Effective Weapon?

“Bluster”! “Exaggeration”!

Those are some of the words Joe Lieberman and some more credible people are using to dismiss Iran’s claim that it has accessed the data from the Sentinel drone it brought down last year.

Aside from “independent experts” pointing out the obvious fact that Iran could have gotten details about the Sentinel’s use to surveil Osama bin Laden’s compound from public reports (though how would it have gotten the specific dates?), the US security establishment has offered no detailed explanation of how Iran got the data it claims to have taken from the drone.

General Hajizadeh cited as evidence data that he said was extracted from the drone’s computer hard drives revealing its operations in the months before it went down in Iran — either because it was shot down, as Iranian officials have claimed, or because it experienced a technical failure, as the Americans have said.

The drone, he said, had undergone repairs in California in October 2010 and returned to Afghanistan in November 2010, where American officials have acknowledged it operated, though without specifying where its missions took it. He added that the drone’s computer memory revealed that it had flown over the compound in Pakistan where Osama bin Laden was killed in an American raid in May 2011.

“Had we not accessed the plane’s softwares and hard disks, we wouldn’t have been able to achieve these facts,” General Hajizadeh said, according to the news agency Fars.

The White House and American intelligence officials declined Sunday to comment on the new claims, though independent experts expressed skepticism. They noted that the information about the drone’s activities — including its use in the Bin Laden raid — could have been drawn from public reports about the sophisticated aircraft.

That may not entirely confirm that the data cited by Iran is accurate, but it sure doesn’t refute it.

That said, all these experts bewailing “bluster” have not mentioned the more obvious explanation behind Iran’s claim–even though just three days ago the news was filled with reports of Russia and China asking for information on the drone and much of the coverage of this latest fact acknowledges that in their stories.

Consider: while the OBL surveillance (though not the timing) was publicly reported, the maintenance records cited by the Iranians probably aren’t. But those details are more likely to be available not in the drone itself, but on Lockheed’s networks, which were hacked (though Lockheed claims no data was compromised) last year; everyone blames China for that hack. And if China has been able to access drone data off our networks like they’ve been able to access all our other weapons development data, then it would presumably make it a lot easier to break the encryption on the Sentinel drone itself.

Our fear-mongering about Iran, as well as our overthrow of Qaddafi and efforts to overthrow Assad, has far more to do with efforts to shore up Saudi–and therefore US–hegemony in the key oil-producing region of the world than nukes. And while China has been cozying up to the Saudis in ways that ought to make us rethink our unquestioning pursuit of Saudi goals, our efforts to eliminate any counter-weight to Saudi power in the region is a real threat to China (not to mention our ability to wage war in the African countries China has spent a decade cultivating by pressing a few buttons in Nevada). Precisely the same kind of threat we judged Russian expansion into Afghanistan to be in 1979 when we started funneling money–and ultimately, some years later, Stinger missiles–to the mujahadeen. The Stinger missiles took away Russia’s air superiority and with it their ambitions to keep Afghanistan and ultimately, their commitment to empire more generally.

So while it may comfort the public to be told Iran could never manage to reverse engineer our drone, the possibility that China and Iran may be making real progress in neutralizing our favorite new weapon would presumably worry the national security establishment. Just in time for Iran to enter negotiations and in such a way that the implicit threat from China is understood.

These blustery experts should have listened to me when I warned that China’s ability to access our defense networks with ease was far more dangerous than Bradley Manning and his Lady Gaga CD.

At What Point Do Our Cyberwar Toys become WMD?

The other day, Ellen Nakashima reported on new cyberwar acquisition guidelines that will allow DOD, under certain circumstances, to deploy targeted exploits without the regular testing or oversight process.

The rapid process will take advantage of existing or nearly completed hardware and software developed by industry and government laboratories. This approach could take several months in some cases, or a few days in others.

[snip]

Under the rapid plan, weapons can be financed through the use of operational funds, in “days to months,” and some steps that ordinarily would be required would be eliminated. These include some planning documents and test activities, according to the report.

The weapons may be designed for a single use or for some other limited deployment, and they would be used in offensive cyber operations or to protect individual computer systems against specific threats, said the report.

As she describes it, this rapid development will (is supposed to?) only be used in fairly targeted cases.

But what are the chances the speed and limited oversight lead to mistakes? What are the chances that our rush to roll out exploits leads us to set off some unintended consequences?

Consider Richard Clarke’s explanation for how StuxNet escaped the narrow confines of the Natanz centrifuge facility it targeted.

“It got loose because there was a mistake,” [Clarke] says. “It’s clear to me that lawyers went over it and gave it what’s called, in the IT business, a TTL.”

“What’s that?”

“If you saw Blade Runner [in which artificial intelligence androids were given a limited life span—a “time to die”], it’s a ‘Time to Live.’” Do the job, commit suicide and disappear. No more damage, collateral or otherwise.

“So there was a TTL built into Stuxnet,” he says [to avoid violating international law against collateral damage, say to the Iranian electrical grid]. And somehow it didn’t work.”

“Why wouldn’t it have worked?”

“TTL operates off of a date on your computer. Well, if you are in China or Iran or someplace where you’re running bootleg software that you haven’t paid for, your date on your computer might be 1998 or something because otherwise the bootleg 30-day trial TTL software would expire.

“So that’s one theory,” Clarke continues. “But in any event, you’re right, it got out. And it ran around the world and infected lots of things but didn’t do any damage, because every time it woke up in a computer it asked itself those four questions. Unless you were running uranium nuclear centrifuges, it wasn’t going to hurt you.”

“So it’s not a threat anymore?”

“But you now have it, and if you’re a computer whiz you can take it apart and you can say, ‘Oh, let’s change this over here, let’s change that over there.’ Now I’ve got a really sophisticated weapon. [first brackets mine, all others original]

Here’s a cyberweapon presumably developed under the existing “deliberate” process, with full testing and oversight. If Clarke’s description of the problem is correct, it’s not so much a testing problem as an inadequate understanding of the environment–a failure to account for all those computers on which, because their clocks were not set properly, the TTL orders malfunctioned. And while StuxNet itself may not have done collateral damage, who knows what hackers who have gotten the code did with it?

So while StuxNet, with the benefit of time and testing, didn’t do excessive damage when DOD’s plans proved to be inadequate, who’s to say that an exploit deployed with far less time–purchased for use–won’t do more damage?

Also, note how much more quickly DOD appears to be moving to make sure it has lots of cyberweapons to deploy than it has moved to make sure it has the most rudimentary defenses against exploitation. Probably, when our cyberwar toys turn into a WMD, they’ll hurt people in the Middle East or China. But given our rush into offensive cyberwar before we’ve protected ourselves, who knows?

Who Brought Key Al Qaeda Forums Down?

A number of al Qaeda’s online jihadist forums have gone down for extended periods.

Al-Qaeda’s main Internet forums have been offline for more than a week in what experts say is the longest sustained outage of the Web sites since they began operating eight years ago.

No one has publicly asserted responsibility for disabling the sites, but the breadth and the duration of the outages have prompted some experts to conclude that the forums have been taken down in a cyberattack — launched perhaps by a government, a government-backed organization or a hackers’ group.

US Cyber Command denied to the WaPo that it–or other US government agencies–were responsible.

There is still some uncertainty about whether a cyberattack caused the recent outages, and skeptics note that some prominent al-Qaeda forums remain online. U.S. government agencies, including U.S. Cyber Command, had no role in the outages, according to officials who would speak about the issue only on the condition of anonymity.

Still, Will McCants, a former State Department

Whereas government sources CNN contacted (Barbara Starr, CNN’s resident DOD mouthpiece, is bylined) declined to comment.

No entity has claimed responsibility and U.S. officials contacted by CNN would not comment.

Ssort of.

A U.S. official said the United States has been aware of the al Qaeda websites being down and finds it “of interest to us.”

But the WaPo also describes our government using foreign government assistance in the past.

In the past, U.S. officials have also relied on diplomatic channels to dismantle extremist sites that are viewed as a threat to American personnel or interests, according to former U.S. officials familiar with the episodes.

The approach has worked in more than a dozen cases and in each instance was backed by at least the implicit threat of a cyberattack by the U.S. military if the Web site’s host country failed to act, the officials said. The countries that cooperated were in Europe, the Persian Gulf and the Pacific, they said.

“We’ve never had a country refuse us,” said James Cartwright, the former vice chairman of the Joint Chiefs of Staff, speaking at a U.S. China Economic and Security Review Commission hearing at George Mason University last week. “But if they did, then you can invoke the right of self-defense.”

It reports the sites in question are hosted in Malaysia, Costa Rica and Gaza.

Meanwhile, Will McCants suggests to CNN that the outage may be related to Spain’s arrest of alleged Al Qaeda propagandist Mudhar Hussein Almalki

Zelin speculated the outage could be tied to the recent arrest of Mudhar Hussein Almalki in Spain. Almalki maintained the Ansar al-Mujahidin Forum, according to a Spanish police document provided to CNN. The police document alleges Almalki ran the site and oversaw who could access it, spread information to jihadists and maintained private chat rooms to “carry out meetings with others to give out instructions,” according to a translation of the document.

Read more

Richard Clarke Also Suggests Hacking Has Made F-35 Ineffective

A number of people have pointed to this interview for Richard Clarke’s suggestion that the US, not Israel, bears most of the responsibility for the StuxNet attack.

But I’m just as interested in his assessment that hacking threatens to undercut our ability to deploy our fanciest war toys.

“I’m about to say something that people think is an exaggeration, but I think the evidence is pretty strong,” he tells me. “Every major company in the United States has already been penetrated by China.

“What?”

“The British government actually said [something similar] about their own country. ”

Clarke claims, for instance, that the manufacturer of the F-35, our next-generation fighter bomber, has been penetrated and F-35 details stolen. And don’t get him started on our supply chain of chips, routers and hardware we import from Chinese and other foreign suppliers and what may be implanted in them—“logic bombs,” trapdoors and “Trojan horses,” all ready to be activated on command so we won’t know what hit us. Or what’s already hitting us.

“My greatest fear,” Clarke says, “is that, rather than having a cyber-Pearl Harbor event, we will instead have this death of a thousand cuts. Where we lose our competitiveness by having all of our research and development stolen by the Chinese. And we never really see the single event that makes us do something about it. That it’s always just below our pain threshold. That company after company in the United States spends millions, hundreds of millions, in some cases billions of dollars on R&D and that information goes free to China….After a while you can’t compete.”

But Clarke’s concerns reach beyond the cost of lost intellectual property. He foresees the loss of military power. Say there was another confrontation, such as the one in 1996 when President Clinton rushed two carrier battle fleets to the Taiwan Strait to warn China against an invasion of Taiwan. Clarke, who says there have been war games on precisely such a revived confrontation, now believes that we might be forced to give up playing such a role for fear that our carrier group defenses could be blinded and paralyzed by Chinese cyberintervention. [my emphasis]

The other day, I suggested that our inability to protect our defense and defense contractor networks means we’re wasting billions on hacking-related rework.

That’s not the only way our vulnerability to hacking will rot our national security supremacy. As Clarke notes, it will make all the defenses we build into our weapons systems less effective. All of which won’t stop us from dumping the national treasure into already-compromised toys. It’ll just make those toys more expensive.

Does NCTC Have the Minimal Data Security to Guard Its New Not-Terrorist-Terrorist Database?

As I noted here and here, yesterday the Director of National Intelligence and DOJ rolled out new Guidelines allowing the National Counterterrrorism Center to acquire non-terrorist datasets from federal agencies–including US person data–so they can do pattern analysis on those datasets and pass off the resulting data to other agencies.

When intelligence officials wanted to explain to Charlie Savage how this would work, they pointed to a State Department dataset–visa applications–as one dataset NCTC might now access directly.

A person from Yemen applies for a visa and lists an American as a point of contact. There is no sign that either person is a terrorist. Two years later, another person from Yemen applies for a visa and lists the same American, and this second person is a suspected terrorist.

Under the existing system, they said, to discover that the first visa applicant now had a known tie to a suspected terrorist, an analyst would have to ask the State Department to check its database to see if the American’s name had come up on anyone else’s visa application — a step that could be overlooked or cause a delay. Under the new rules, a computer could instantly alert analysts of the connection.

The State Department is, of course, still reportedly recovering from the fact that because of DOD’s lax network security, 250,000 diplomatic cables got liberated for the world to see.

Not surprisingly, then, the new Guidelines appear determined to reassure original dataset owners that their data won’t be compromised by sharing it with NCTC (which can then share it with other elements of the Intelligence Community and even foreign allies). You can tell they’re serious about this, because it’s one of the places they occasionally use “shall” (in other sensitive areas, they use the squishier “will”).

For access to or acquisition of specific datasets, the DNI, or the DNI’s designee, shall collaborate with the data provider to identify any legal constraints, operational considerations, privacy or civil rights or civil liberties concerns and protections, or other issues, and to develop appropriate Terms and Conditions that will govern NCTC’s access to or acquisition of datasets under these guidelines.

[snip]

In addition to the [general requirements laid out for sharing this data], at the time when NCTC acquires a new dataset or a new portion of a dataset, the Director of NCTC shall determine, in writing, whether enhanced safeguards, procedures, and oversight mechanisms are needed.

Though this bold approach almost immediately breaks down, as the Guidelines not only revert to “will,” but–worse–dig out the passive voice when describing the data transfer.

Measures will be put into place to ensure that the dataset is received and stored in a manner to prevent unauthorized access and use prior to the completion of replication.

And when the Guidelines get into specifics, they use that passive “will” again.

Access to these datasets will be monitored, recorded, and audited. This includes tracking of logons and logoffs, file and object manipulation, and changes, and queries executed, in according with audit and monitoring standards applicable to the Intelligence Community.

Who will (“shall”) implement these data security measures? What if he or she fails to do so adequately?

It’s a really, really important question because–as this year’s intelligence authorizations make clear, the Intelligence Community does not yet have insider threat detection–the kind of security that would permit these audits–and they’re not going to get it until 18 months from now. Hell, they’re not even going to start getting it until 6 months from now!

(a) Initial Operating Capability.–Not later than October 1, 2012, the Director of National Intelligence shall establish an initial operating capability for an effective automated insider threat detection program for the information resources in each element of the intelligence community in order to detect unauthorized access to, or use or transmission of, classified intelligence.

Read more

BAE F-35 Hack Confirmed

I’ve long complained that the government’s obsession with WikiLeaks is badly misplaced. After all, DOD and some of its contractors simply can’t keep their networks secure from Chinese hackers. So if our chief rival can take what it wants, why worry so much that actual American citizens have access to what China can take with abandon?

Case in point. The Australian has confirmed what was initially reported three years ago: China hacked BAE to steal performance information on the F-35.

CHINESE spies hacked into computers belonging to BAE Systems, Britain’s biggest defence company, to steal details about the design, performance and electronic systems of the West’s latest fighter jet, senior security figures have disclosed.

The Chinese exploited vulnerabilities in BAE’s computer defences to steal vast amounts of data on the $300 billion F-35 Joint Strike Fighter, a multinational project to create a plane that will give the West air supremacy for years to come, according to the sources.

[snip]

One of those present said: “The BAE man said that for 18 months, Chinese cyber attacks had taken place against BAE and had managed to get hold of plans of one of its latest fighters.”

This plane will have taken more than $385 billion to develop and will take $1 trillion to sustain. It is the most expensive weapons system in history. And yet for 18 months, the Chinese were just living on (at least) BAE’s networks taking what they wanted. How much of the considerable cost and rework on this program comes from the data on it China has stolen along the way?

In fact, I’m wondering whether China isn’t borrowing from our own playbook: during the Cold War, we made Russia go bankrupt by engaging in an arms race it couldn’t afford. China doesn’t need to do that. By hacking our data, they can just make us go bankrupt by setting up an arms race between our contractors and its hackers. With the result that we build a trillion dollar plane that it can already exploit.

And yet the government’s priority seems to be shutting up leakers who reveal its crimes, not networks that reveal our biggest military secrets.

Is This What Robert Mueller Meant by Cyber Expertise?

Back on February 3, I noted what I thought was the irony that, four days after FBI Director Robert Mueller bragged about FBI’s cybersecurity expertise–including its partnerships with counterparts overseas–Anonymous released an earlier hacked call between Scotland Yard and FBI.

Mueller: If I may interject, we have built up a substantial bit of expertise in this arena over a period of time, not only domestically but internationally. We have agents that are positioned overseas to work closely with–embedded with–our counterparts in a number of countries, and so we have, over a period of time, built up an expertise. That is not to say that NSA doesn’t have a substantial bit of expertise also, understanding where it’s located.

Mikulski: But it’s a different kind.

Mueller: Well, no, much of it is the same kind, much of it is the same kind, in terms of power, I think NSA has more power, in the sense of capabilities, but in terms of expertise, I would not sell ourselves short.

We now know that at the time of both the hack and Mueller’s comment, the FBI was running Hector Xavier Monsegur–Sabu–as a confidential informant–and the Scotland Yard call is one of the hacks they busted others for with his assistance last week.

In January 2012, O’CEARRBHAIL hacked into the personal e-mail account of an officer with Ireland’s national police service, the An Garda Siochana (the “Garda”). Because the Garda officer had forwarded work e-mails to a personal account, O’CEARRBHAIL learned information about how to access a conference call that the Garda, the FBI, and other law enforcement agencies were planning to hold on January 17, 2012 regarding international investigations of Anonymous and other hacking groups. O’CEARRBHAIL then accessed and secretly recorded the January 17 international law enforcement conference call, and then disseminated the illegally-obtained recording to others.

And meanwhile, all of the things Sabu was saying on his twitter account were closely monitored–if not written–by the FBI, including the comment about FBI’s informants, above, and the multiple “celebrations” of the Scotland Yard hack.

Read more

So It Was the FBI Threatening to Take Down the Internet, Then?

As soon as the news came out today that Sabu, the head of LulzSec, offered an FBI computer to facilitate the publication of Stratfor (no doubt set up a LulzSec-assisted indictment of Julian Assange in the future)…

Hector Xavier Monsegur, an unemployed 28-year-old Puerto Rican living in New York, was unmasked as “Sabu”, the leader of the LulzSec hacking group that has been behind a wave of cyber raids against American corporations including Rupert Murdoch’s News Corporation, the intelligence consultancy Stratfor, British and American law enforcement bodies, and the Irish political party Fine Gael.

[snip]

In a US court document, the FBI’s informant – there described as CW – “acting under the direction of the FBI” helped facilitate the publication of what was thought to be an embarrassing leak of conference call between the FBI and the UK’s Serious and Organised Crime Agency in February.

Officers from both sides of the Atlantic were heard discussing the progress of various hacking investigations in the call.

A second document shows that Monsegur – styled this time as CW-1 – provided an FBI-owned computer to facilitate the release of 5m emails taken from US security consultancy Stratfor and which are now being published by WikiLeaks. That suggests the FBI may have had an inside track on discussions between Julian Assange of WikiLeaks, and Anonymous, another hacking group, about the leaking of thousands of confidential emails and documents.

…I though back to the threat Anonymous made to TAKE DOWN THE ENTIRE INTERNET!!! Which of course made more sense understood as a ploy to help fear monger than an actual threat from actual terrorists.

Was it the FBI making such threats?

Which makes this conversation Sabu had just two weeks before he was indicted all the more interesting.

<SABU> You just said there was a claim that I may be a terrorist. You “researched” it and wrote the article

<SABU> There re claims I am with the CIA pushing to get tighter / stricter cyber-laws passed

<SABU> its literally the same shit, two different extremes.

[snip]

<SABU> The people are aware that our governments in the UK and the US have involved themselves in black operations in the past. it makes a lot of sense if lets say a rogue group of hackers suddenly began attaking national interests — spawning a massive overhaul of internet security, theoretically.

Read more

image_print