We got to see Edward Snowden on almost every news outlet, again today, wishing us all a Merry Christmas. None of those outlets mentioned that he was not in Great Britain for this show, but in Russia, where he is not going to be allowed to speak unless it serves the Russian interests. For an enlightening interview see Putin's press conference, where he talks about Snowden and spying, saying spying is a normal behavior in almost every country and not to be too concerned about it. http://www.washingtonpost.com/blogs/worldviews/wp/2013/12/19/putin-on-obama-i-envy-him-because-he-can-do-something-like-this-and-get-away-with-it/
At the same time, he is using Snowden to poke a finger in the eye of the U.S. President, almost every time he thinks he can. His quote from the press conference was that he envied Obama because he could get away with it. Then he jabs him with another Snowden interview, just to see if he will.
Obama has done the same thing, so they are like two kindergarten children smacking each other, out of spite. Billie Jean King, who Obama sends to Russia to represent the U.S., is not going to make him any friends in a town where the mayor has threatened to arrest any openly gay person. We shall see when the time comes, how that works out for either of them, but Snowden is something else.
Snowden is a daily reminder that Obama acts like every other world leader when he spies. The Chinese, Russians, Israelis, French, Germans, and British have all gotten caught spying, probably more than once, in the last few years. The world expected something else from Obama, and we have to wonder what that was. Maybe that was why he managed to get a Nobel Peace Prize before his Presidential jet ever got warmed up. The world thought he was different. Putin is telling us, he wasn't. Amazon books:
Thursday, December 26, 2013
Monday, December 23, 2013
Snowden Critiques without merit
Matt Crowley at the Wall Street Journal, noted today [ http://blogs.wsj.com/washwire/2013/12/22/snowden-criticizes-u-s-panel-overseeing-surveillance/ ] that Edward Snowden, criticized the presidential panel reviewing U.S. surveillance programs, saying it was a hand-picked group by the government [and it ] only suggested cosmetic changes". Crowley added that this report came from a Sunday Brazilian TV report, actually done by e-mail through a U.S. attorney. You may remember that Snowden offered to trade information about U.S. involvement in spying for sanctuary in Brazil, but he is now backtracking because he found out that could be construed as traitor-like behavior. Throughout all of this, the Russians are lurching to save themselves the possible difficulty of having reporters show up at his door when the Olympics are going on in Sochi. They may have to say no to the International press, or send them off to interview Pussy Riot instead. They are finally out of jail after criticizing the government.
Snowden shows his age and experience with this type of criticism. The complicated issues the Panel had to try to resolve, were largely born from September 11. We were willing to put away some freedom to prevent airplanes from plowing into the buildings our spouses lived in all day, and most of us haven't forgotten why we did. Mine was in the Pentagon, in the wing where the plane hit and I certainly wanted to get even with someone for what they did that day. It took four hours to find that she wasn't one of the casualties in her office, where several people died. Snowden was 18.
So, he turns spy, figures out how to get hired by NSA, hacking the account of the person who developed the selection criteria, and systematically steal a million pages of documents (not a million documents, as some are saying). Then, he runs to China, pretending that he can protect what he takes with him from the Intelligence Services of China and Russia. He is older by that time, but obviously not a lot smarter.
The ACLU is advertising its stance, saying that Snowden should be considered innocent, until proven guilty, something they seldom do for the Intelligence Community. Any whiff of impropriety by someone in CIA, NSA or the FBI and the ACLU is off and running.
If Snowden is innocent of anything, it is because he is not able to comprehend what he has done. It's coming to him. Spying has a cost, and most spies don't die happy. The Chinese didn't want him to stay. The Russians are trying to give him incentive to move somewhere else. Nobody wants him, because nobody trusts his motivation. Spies will never be trusted by anyone, regardless of how much good they may think they have done. Remember Benedict Arnold, the war hero gone bad.
In 1985, Ronald Pelton, former NSA analyst and contractor, was giving information about the same kinds of communications programs to the Russians. He finally admitted that some of the things he gave them "might have caused some personal jeopardy" to people in the programs. Snowden will realize that some of the things he has given to the press are more than issues about perceived abuses of monitoring. They will hurt the country and a few individuals too.
Having Snowden critique the President's Panel is like having a spy, in any other time, saying how easy it is to steal from a democracy. It is. We are far more open and trusting than most of the other countries of the world. We share information. We debate, in public, about things Russia and China never let their own citizens speak about. Yes, there are other things we do to protect our citizens that we don't talk about, but that is largely because the other countries don't play by the same rules. We need to keep quiet about those things.
He fled to China where the Chinese have internal records of every citizen of their country -- police, their equivalent of the CIA and FBI, IRS and 36 other agencies put information in those files. He hides in Russia, where the press has been beaten up for complaining about the administration of government, corruption is rampant, and crime is as bad as it is in China. I hope he stays forever. Amazon books:
Snowden shows his age and experience with this type of criticism. The complicated issues the Panel had to try to resolve, were largely born from September 11. We were willing to put away some freedom to prevent airplanes from plowing into the buildings our spouses lived in all day, and most of us haven't forgotten why we did. Mine was in the Pentagon, in the wing where the plane hit and I certainly wanted to get even with someone for what they did that day. It took four hours to find that she wasn't one of the casualties in her office, where several people died. Snowden was 18.
So, he turns spy, figures out how to get hired by NSA, hacking the account of the person who developed the selection criteria, and systematically steal a million pages of documents (not a million documents, as some are saying). Then, he runs to China, pretending that he can protect what he takes with him from the Intelligence Services of China and Russia. He is older by that time, but obviously not a lot smarter.
The ACLU is advertising its stance, saying that Snowden should be considered innocent, until proven guilty, something they seldom do for the Intelligence Community. Any whiff of impropriety by someone in CIA, NSA or the FBI and the ACLU is off and running.
If Snowden is innocent of anything, it is because he is not able to comprehend what he has done. It's coming to him. Spying has a cost, and most spies don't die happy. The Chinese didn't want him to stay. The Russians are trying to give him incentive to move somewhere else. Nobody wants him, because nobody trusts his motivation. Spies will never be trusted by anyone, regardless of how much good they may think they have done. Remember Benedict Arnold, the war hero gone bad.
In 1985, Ronald Pelton, former NSA analyst and contractor, was giving information about the same kinds of communications programs to the Russians. He finally admitted that some of the things he gave them "might have caused some personal jeopardy" to people in the programs. Snowden will realize that some of the things he has given to the press are more than issues about perceived abuses of monitoring. They will hurt the country and a few individuals too.
Having Snowden critique the President's Panel is like having a spy, in any other time, saying how easy it is to steal from a democracy. It is. We are far more open and trusting than most of the other countries of the world. We share information. We debate, in public, about things Russia and China never let their own citizens speak about. Yes, there are other things we do to protect our citizens that we don't talk about, but that is largely because the other countries don't play by the same rules. We need to keep quiet about those things.
He fled to China where the Chinese have internal records of every citizen of their country -- police, their equivalent of the CIA and FBI, IRS and 36 other agencies put information in those files. He hides in Russia, where the press has been beaten up for complaining about the administration of government, corruption is rampant, and crime is as bad as it is in China. I hope he stays forever. Amazon books:
Wednesday, December 18, 2013
Security Takes Backseat on Obamacare
In a final surrender to public criticism of the Obamacare website, news stories focused on the appointment of a Kurt DelBene, formally the Microsoft Office lead, to oversee the development of the website. Considering his status in such a large company, odds are, he has a bigger job than helping the CMS folks out with a website that is still broken. Why anyone with this pedigree would agree to a task like that, is beyond me.
A New York Daily news piece quoted the HHS Secretary said his focus would be on increasing system stability, redundancy and capacity, and the user interface. Tacked on the end, like the HHS security has been all along, is a short piece that adds he will continue to "prioritize security and privacy issues."
“Kurt will ... focus on increasing system stability, redundancy and capacity, and building on improvements to the user interface, while continuing to prioritize security and privacy issues,” U.S. Health and Human Services Secretary Kathleen Sebelius said in a blog posting.
http://www.nydailynews.com/news/politics/microsoft-executive-named-oversee-obamacare-website-article-1.1550918#ixzz2npl7bHRI
The kinds of changes that are being made will continue to change the ability to secure this data. Change is usually not a security officer's friend. We are already seeing indications of fraud in user registrations, no doubt started by the mills that create phony Medicare and Medicaid customers and treat them with fictitious doctors, multiple times, until somebody in law enforcement finally takes up the case. There are millions of dollars in fraud that can't seem to be stopped, and this will make those numbers seem small.
Years ago, a risk assessment of the IRS electronic filing system told the CIO the risks to deploy the system were too great and it should be postponed until it could be fixed. At that time, he didn't even want to see the report and did not look at it. In the first year, there was a fraud in Texas that got a few people $8 Million in refunds that they weren't entitled to. That was only one of many. The problem didn't affect the IRS very much, but it did affect tax payers who had "already been paid" for their refund.
The people who accept risk today are accepting risks for data they don't own, don't control, and affect every man, woman and child in the U.S. who pays taxes or receives Social Security. Identity thieves were not even thought about when electronic filing was introduced, but now it is an advanced and sophisticated crime, not fairly portrayed in the movie by the same name. Gangs of good hackers in Eastern Europe are exceptionally good at creating credit cards and bank accounts in somebody else's name. All they need is raw data.
So, while HHS plays games with our data, we will hear about it in a few months, when the bills start coming in. Then, maybe we can get HHS to tell some of the people who had their data stolen that they got hacked. If they know.... Amazon books
A New York Daily news piece quoted the HHS Secretary said his focus would be on increasing system stability, redundancy and capacity, and the user interface. Tacked on the end, like the HHS security has been all along, is a short piece that adds he will continue to "prioritize security and privacy issues."
“Kurt will ... focus on increasing system stability, redundancy and capacity, and building on improvements to the user interface, while continuing to prioritize security and privacy issues,” U.S. Health and Human Services Secretary Kathleen Sebelius said in a blog posting.
http://www.nydailynews.com/news/politics/microsoft-executive-named-oversee-obamacare-website-article-1.1550918#ixzz2npl7bHRI
The kinds of changes that are being made will continue to change the ability to secure this data. Change is usually not a security officer's friend. We are already seeing indications of fraud in user registrations, no doubt started by the mills that create phony Medicare and Medicaid customers and treat them with fictitious doctors, multiple times, until somebody in law enforcement finally takes up the case. There are millions of dollars in fraud that can't seem to be stopped, and this will make those numbers seem small.
Years ago, a risk assessment of the IRS electronic filing system told the CIO the risks to deploy the system were too great and it should be postponed until it could be fixed. At that time, he didn't even want to see the report and did not look at it. In the first year, there was a fraud in Texas that got a few people $8 Million in refunds that they weren't entitled to. That was only one of many. The problem didn't affect the IRS very much, but it did affect tax payers who had "already been paid" for their refund.
The people who accept risk today are accepting risks for data they don't own, don't control, and affect every man, woman and child in the U.S. who pays taxes or receives Social Security. Identity thieves were not even thought about when electronic filing was introduced, but now it is an advanced and sophisticated crime, not fairly portrayed in the movie by the same name. Gangs of good hackers in Eastern Europe are exceptionally good at creating credit cards and bank accounts in somebody else's name. All they need is raw data.
So, while HHS plays games with our data, we will hear about it in a few months, when the bills start coming in. Then, maybe we can get HHS to tell some of the people who had their data stolen that they got hacked. If they know.... Amazon books
Monday, December 16, 2013
NSA on 60 Minutes
There seem to be differences of opinion about the NSA story on Edward Snowden at http://www.cbsnews.com/news/nsa-speaks-out-on-snowden-spying/ if you missed it. There are still a few people out there who believe Snowden was a patriot trying to expose a bad government who spies on its own people. I don't like NSA, but most of those who believe that Snowden did what he is accused of because he had a patriotic streak are misguided, at best.
If you follow this story on 60 Minutes, you will notice a couple of things: (1) Snowden planned to work for NSA long before he was hired by them. The story says he hacked the computer of the person who put together the screening criteria for new people. That is careful planning and way beyond those "How to Get a Job in a Government Agency" articles. (2) He used different names of people to steal information because he knew the systems he was on were monitored. (3) He stole 1.2 million pages of material, which is time-consuming and risky. He put himself at risk every day, planned it out, and got away with it for the time being. (4) The Intelligence Community was worried that the controls on computer systems would allow this to happen in other places.
This isn't the way patriots work. This is the stuff of spies. In the old days, spies could get a few files and get them out of the country. Now they just take computers.
You would think, that computer security would be the best at places that have the most to lose. Amazon books:
If you follow this story on 60 Minutes, you will notice a couple of things: (1) Snowden planned to work for NSA long before he was hired by them. The story says he hacked the computer of the person who put together the screening criteria for new people. That is careful planning and way beyond those "How to Get a Job in a Government Agency" articles. (2) He used different names of people to steal information because he knew the systems he was on were monitored. (3) He stole 1.2 million pages of material, which is time-consuming and risky. He put himself at risk every day, planned it out, and got away with it for the time being. (4) The Intelligence Community was worried that the controls on computer systems would allow this to happen in other places.
This isn't the way patriots work. This is the stuff of spies. In the old days, spies could get a few files and get them out of the country. Now they just take computers.
You would think, that computer security would be the best at places that have the most to lose. Amazon books:
Friday, December 13, 2013
Obamacare Website (4)
Just when it seems like we have heard all about the Obamacare website, something new happens. Politico, from the 12th, revives the discussion about security of the website, and makes us wonder about the future of the leadership in HHS. From my days working on the Hill, they probably crossed a line that is not crossed very often.
The Politico story is at http://images.politico.com/global/2013/12/12/hhstoissa.html
House Oversight and Government Reform Committee Chairman, Darrell Issa, issued a subpoena to MITRE for the security review of the website. As most of us know, they only issue a subpoena if they have asked for the document and not received it from HHS. One could reason that has happened. It isn't that unusual that someone ignores a request for documents, especially when there have been so many over the matter of the website construction and management. The system is an IT nightmare, and however much we are assured it works for most people, it isn't secure enough to be used by most of those people and HHS knows it. They have accepted the risk and they are diligently working on remedial correction of the deficiencies. That, at least, is what they want us to think.
However, when the subpoena is issued, they have less wiggle room. Politico speculates that it was because HHS was afraid the Committee would release the information to the public. Actually, Congress has released sensitive information to the public in every administration and by both political parties, so that should not come as a surprise to anyone. In this case, they wouldn't unless they thought it was the only way to keep consumers of the service from putting their data at risk. There are always two sides to this story, and this is the side of HHS:
While we all might share this concern, I wonder why they allow the risk of operating the website to begin with. Testimony on this, so far, indicates there were almost no serious security deficiencies, to the point that the system was allowed to operate with some known "minor" risk elements, and an incomplete report from MITRE. All the good Committee is trying to do is find out how serious those minor things really are. They will find it hard to justify releasing risk information while the system still operates, and shouldn't do that.
On the other hand, if MITRE and the HHS staff feel hackers might be able to exploit existing vulnerabilities in the system, why didn't they think they were serious enough to not stop it from going operational? It isn't risk to HHS. It is risk to my data and millions of others who are the potential users of the systems. Who said that could be done?
You can read HHS' full response below and wonder how serious this really is. Hackers are far brighter than most political appointees, especially in their chosen fields. If there were vulnerabilities so serious that MITRE did not think they should be made public, we can almost say for certain that hackers already know about them. It is certainly not something where they needed to wait for a published report.
But, what will come back to haunt them one day, is putting in writing that they don't trust the Members of Congress to protect information they are given. You might say it in a back room or office, even at a party caucus. Saying it in writing is never smart.
Congress gets Top Secret information almost every day and when I worked in both the Senate and House, it was being protected pretty well. They surely can handle this kind of risk assessment and appreciate the sensitivity of it. The sentiment that they might not, will not be well received by any member of either party. Amazon books:
The Politico story is at http://images.politico.com/global/2013/12/12/hhstoissa.html
House Oversight and Government Reform Committee Chairman, Darrell Issa, issued a subpoena to MITRE for the security review of the website. As most of us know, they only issue a subpoena if they have asked for the document and not received it from HHS. One could reason that has happened. It isn't that unusual that someone ignores a request for documents, especially when there have been so many over the matter of the website construction and management. The system is an IT nightmare, and however much we are assured it works for most people, it isn't secure enough to be used by most of those people and HHS knows it. They have accepted the risk and they are diligently working on remedial correction of the deficiencies. That, at least, is what they want us to think.
However, when the subpoena is issued, they have less wiggle room. Politico speculates that it was because HHS was afraid the Committee would release the information to the public. Actually, Congress has released sensitive information to the public in every administration and by both political parties, so that should not come as a surprise to anyone. In this case, they wouldn't unless they thought it was the only way to keep consumers of the service from putting their data at risk. There are always two sides to this story, and this is the side of HHS:
“As you are aware, MITRE shares our assessment regarding the risks from public disclosure of these documents and has warned, most recently in its letter of December 4, 2013, that the information they contain ‘could be used to hack the system … and may pose a risk to the confidentiality of consumer information accessible through healthcare.gov if disclosed,” Esquea wrote, further offering to let a third party determine whether their publication could imperil the website.
While we all might share this concern, I wonder why they allow the risk of operating the website to begin with. Testimony on this, so far, indicates there were almost no serious security deficiencies, to the point that the system was allowed to operate with some known "minor" risk elements, and an incomplete report from MITRE. All the good Committee is trying to do is find out how serious those minor things really are. They will find it hard to justify releasing risk information while the system still operates, and shouldn't do that.
On the other hand, if MITRE and the HHS staff feel hackers might be able to exploit existing vulnerabilities in the system, why didn't they think they were serious enough to not stop it from going operational? It isn't risk to HHS. It is risk to my data and millions of others who are the potential users of the systems. Who said that could be done?
You can read HHS' full response below and wonder how serious this really is. Hackers are far brighter than most political appointees, especially in their chosen fields. If there were vulnerabilities so serious that MITRE did not think they should be made public, we can almost say for certain that hackers already know about them. It is certainly not something where they needed to wait for a published report.
But, what will come back to haunt them one day, is putting in writing that they don't trust the Members of Congress to protect information they are given. You might say it in a back room or office, even at a party caucus. Saying it in writing is never smart.
Congress gets Top Secret information almost every day and when I worked in both the Senate and House, it was being protected pretty well. They surely can handle this kind of risk assessment and appreciate the sensitivity of it. The sentiment that they might not, will not be well received by any member of either party. Amazon books:
Wednesday, December 11, 2013
The Chinese Propaganda Machine
Nobody is perfect.
According to an article published today by PBS, one of the smaller parts of the Chinese propaganda machine, tried to justify the unearthly smog in Beijing by describing some of the benefits to China. To me, this has the same ring as the doctor who said, "That tumor is malignant. Good thing we caught this early."
The example used was the ability to mask sensors which might be used to target Beijing with missiles, or observe it from outer space. If they really think it is such a good idea, they might want to increase the smog, not only in Beijing, but also in all the other major cities of China. We would certainly have a hard time launching missiles towards those big cities, if we decided to do that. Probably nobody has had that idea, since the Boxer Rebellion, but it could happen.
Maybe the military group that thought up this brilliant justification knows something we don't. If they do, the Chinese have decided to mask their assault by fogging up their capital. Once the attack is over, they will let the civilians breathe again. You have to admit, they are really clever. Amazon books:
According to an article published today by PBS, one of the smaller parts of the Chinese propaganda machine, tried to justify the unearthly smog in Beijing by describing some of the benefits to China. To me, this has the same ring as the doctor who said, "That tumor is malignant. Good thing we caught this early."
The example used was the ability to mask sensors which might be used to target Beijing with missiles, or observe it from outer space. If they really think it is such a good idea, they might want to increase the smog, not only in Beijing, but also in all the other major cities of China. We would certainly have a hard time launching missiles towards those big cities, if we decided to do that. Probably nobody has had that idea, since the Boxer Rebellion, but it could happen.
Maybe the military group that thought up this brilliant justification knows something we don't. If they do, the Chinese have decided to mask their assault by fogging up their capital. Once the attack is over, they will let the civilians breathe again. You have to admit, they are really clever. Amazon books:
Tuesday, December 10, 2013
Information about China
There is a helpful tutorial on China's power structure, put together by Reuters. It shows the relationships between the political leaders, the military, the Communist Party and social structure of the country. If you have never seen it before, it is worth a look.
http://connectedchina.reuters.com/
Monday, December 9, 2013
Snowden's no Whistleblower
There was a BBC article over the weekend repeatedly describing Snowden as a whistleblower. That is wishful thinking by the writers, who will not be named, because they aren't alone. Many of the people in the public press describe him that way. Whistleblowing is "making a disclosure evidencing illegal or improper government activities". In a broad context, that means I can say the government is doing something improper and become a whistleblower. That is what has lead to the use of the term in almost every venue from Civil Rights violations to the hallowed halls of OSHA, where the improper use of a thermostat can qualify for a whistleblower report. The new DODD-FRANK provisions allow the reporting of wrongdoing by businesses. That will be even more interesting, but none of this is whistleblowing in the context of Edward Snowden.
It takes more than a public disclosure of something a person thinks should be public to be named a whistleblower. A lot of what the Federal government does would not make the public happy, if they were provided every detail. The reason you don't see 10,000 whistleblower cases every year in the public is common sense of most people who see government wrong-doing.
Most of them work for the government and bring those matters to the attention of people they work for. In my time working for the government, I reported a few things that were either criminal or unethical. None of them were welcome information to the people who got the reports, but in only one of those cases did any type of recrimination occur. Even in that case, I didn't need whistleblower protection because the matter never became public, and the person who was named was "taken care of" although still employed. At the time, I didn't like that, and it became the central reason I retired from government. Being away from government for several years has changed my mind about what was done.
We need a Whistleblower Protection Act for Federal employees who see wrongdoing and report it, only to find themselves ostracized and discriminated against. Especially, where the government is doing something classified and the matter being reported on requires the use of classified information. There are two sides to this.
First, the public disclosure of classified information, by definition, harms the United States. Newspapers don't seem to mind this, but a few government people who give them information have forgotten that part. There is no longer very much discipline in handling disclosures of classified information, regardless of their source. We have gotten the idea that it is OK, when it isn't. Find out who is doing it and prosecute them.
This isn't new, by any means, but the scope is new. There are, even without Snowden, enough disclosures every day to cause us significant harm. Our enemies love it; our friends don't trust us, and the people inside government get the idea that nobody cares. That would be because there aren't enough who do.
Agencies that think Whistleblower Protection is something they can ignore need to remember that part too. Every time they ignore a whistleblower internally, they run the risk of having someone take things to the public that shouldn't be there. There are some famous cases of this in the last few years. However, the Whistleblower Protection Act specifically exempts the kind of person Snowden was - a contractor, not a Federal employee, and an Intelligence Community employee - neither one of which get protection. President Obama widened those exemptions.
We should start thinking about protecting our country instead of the individual rights of newspaper reporters and people who give classified information to the press. The only ones who appreciate our situation are the Russians and Chinese who have both benefited from what he gave to them, and already do a good deal more to prevent the same thing from happening in their own countries. Amazon books:
It takes more than a public disclosure of something a person thinks should be public to be named a whistleblower. A lot of what the Federal government does would not make the public happy, if they were provided every detail. The reason you don't see 10,000 whistleblower cases every year in the public is common sense of most people who see government wrong-doing.
Most of them work for the government and bring those matters to the attention of people they work for. In my time working for the government, I reported a few things that were either criminal or unethical. None of them were welcome information to the people who got the reports, but in only one of those cases did any type of recrimination occur. Even in that case, I didn't need whistleblower protection because the matter never became public, and the person who was named was "taken care of" although still employed. At the time, I didn't like that, and it became the central reason I retired from government. Being away from government for several years has changed my mind about what was done.
We need a Whistleblower Protection Act for Federal employees who see wrongdoing and report it, only to find themselves ostracized and discriminated against. Especially, where the government is doing something classified and the matter being reported on requires the use of classified information. There are two sides to this.
First, the public disclosure of classified information, by definition, harms the United States. Newspapers don't seem to mind this, but a few government people who give them information have forgotten that part. There is no longer very much discipline in handling disclosures of classified information, regardless of their source. We have gotten the idea that it is OK, when it isn't. Find out who is doing it and prosecute them.
This isn't new, by any means, but the scope is new. There are, even without Snowden, enough disclosures every day to cause us significant harm. Our enemies love it; our friends don't trust us, and the people inside government get the idea that nobody cares. That would be because there aren't enough who do.
Agencies that think Whistleblower Protection is something they can ignore need to remember that part too. Every time they ignore a whistleblower internally, they run the risk of having someone take things to the public that shouldn't be there. There are some famous cases of this in the last few years. However, the Whistleblower Protection Act specifically exempts the kind of person Snowden was - a contractor, not a Federal employee, and an Intelligence Community employee - neither one of which get protection. President Obama widened those exemptions.
We should start thinking about protecting our country instead of the individual rights of newspaper reporters and people who give classified information to the press. The only ones who appreciate our situation are the Russians and Chinese who have both benefited from what he gave to them, and already do a good deal more to prevent the same thing from happening in their own countries. Amazon books:
Tuesday, December 3, 2013
Chinese Justice: No Good Deed Goes Unpunished
Over the weekend, The Financial Times had an interesting article about Chinese justice [Tom Mitchell, China link emerges in case of Irish gangster, Financial Times, Noverber 30/December 2 2013] which tells more about China than the Chinese media controls would normally allow. The story concerns a Hong Kong investigator named Danny Tsang Chi-fai who helped Ireland catch a drug dealer/counterfeiter named Paul Meehan, or Dr. Coke, as he was known in the papers.
The Irish were investigating a less well-known area of counterfeit cigarettes, and the article mentions that 1 in 7 cigarettes sold in Ireland is counterfeit. That seems like a lot of counterfeiting, but my only experience with that sort of thing was helping with an investigation of smuggling real cigarettes from North Carolina into New York, which is hardly in the ball park with the scale of this. The EU is saying they have 10 billion euros worth of them imported each year.
Along the way, the Irish police found guns, cocaine, grenades, heroin, and a little bit of marijuana in with the cigarettes and changed their priority on the investigation. They got help on the investigation from Tsang, who was apparently getting paid by someone else, probably a cigarette manufacturer, though a small company, Douglas Consulting, now closed up [See Lana Lamb, Hong Kong private eye 'abandoned' by Northern Irish police, South China Morning Post, 3 December 2013].
So, here we have a private investigator, running an investigation on counterfeit cigarettes, working for the Irish police (and others) and he is arrested and charged with dealing in counterfeit cigarettes and put in jail for 10 years. The Chinese benefit from puffing the story that Tsang was abandoned by the Irish Police, who would be hard-pressed to get him out of jail, to discourage others from helping with these types of investigations. These kinds of investigations cause trouble for local political leaders who have counterfeit cigarette operations in their towns, among the thousands of things being counterfeited in China.
Politics, family and crime are mixed in China in ways that encourage a local police official to arrest an investigator to keep others from following behind and ruining a good thing. In my first book, I compared this kind of conduct to the HBO series The Sopranos. They are more like the mafia than any business in the West. Tsang must have stepped on some big toes to get 10 years for a crime he was not involved in. His company is now out of business, but you can bet the business of counterfeit cigarettes is not. Amazon books:
The Irish were investigating a less well-known area of counterfeit cigarettes, and the article mentions that 1 in 7 cigarettes sold in Ireland is counterfeit. That seems like a lot of counterfeiting, but my only experience with that sort of thing was helping with an investigation of smuggling real cigarettes from North Carolina into New York, which is hardly in the ball park with the scale of this. The EU is saying they have 10 billion euros worth of them imported each year.
Along the way, the Irish police found guns, cocaine, grenades, heroin, and a little bit of marijuana in with the cigarettes and changed their priority on the investigation. They got help on the investigation from Tsang, who was apparently getting paid by someone else, probably a cigarette manufacturer, though a small company, Douglas Consulting, now closed up [See Lana Lamb, Hong Kong private eye 'abandoned' by Northern Irish police, South China Morning Post, 3 December 2013].
So, here we have a private investigator, running an investigation on counterfeit cigarettes, working for the Irish police (and others) and he is arrested and charged with dealing in counterfeit cigarettes and put in jail for 10 years. The Chinese benefit from puffing the story that Tsang was abandoned by the Irish Police, who would be hard-pressed to get him out of jail, to discourage others from helping with these types of investigations. These kinds of investigations cause trouble for local political leaders who have counterfeit cigarette operations in their towns, among the thousands of things being counterfeited in China.
Politics, family and crime are mixed in China in ways that encourage a local police official to arrest an investigator to keep others from following behind and ruining a good thing. In my first book, I compared this kind of conduct to the HBO series The Sopranos. They are more like the mafia than any business in the West. Tsang must have stepped on some big toes to get 10 years for a crime he was not involved in. His company is now out of business, but you can bet the business of counterfeit cigarettes is not. Amazon books:
Friday, November 29, 2013
China Warnings and War
When Korea, Japan and the U.S. responded to warnings about how China was going to enforce its airspace identification and challenge, the public press saw the Chinese backing down from any threat to their proclaimed lands. This may be prematurely optimistic, given the Chinese way of fighting.
Chinese doctrine says they will pick the time of fighting, when it is to their advantage. When they fought a war with Viet Nam, in 1979, there were 30,000 casualties. Two years before it started the Vietnamese occupied one of the islands still in dispute, the Spratly Islands, but they also invaded Cambodia and ran out the Khmer Rouge, the China-backed government. Both of these things are quite a bit more disconcerting than trying to plant flags on an island.
In 1985 and early 1986, China was lobbing shells over the border into Viet Nam and threatening it with other types of action. In 1988, they fought battle not far from the Spratlys and 70 Vietnamese sailors were killed. They still have run-ins with each other and have had survey equipment and fishing vessels damaged by the Chinese. We usually think of China and Viet Nam as allies.
For those thinking Korea, Japan and the U.S. are off the hook, given the recent response, remember none of these countries are exactly friends of China. The Chinese will wait for a better time, when they have an advantage, and they will indicate the response was intended as a warning over incursions into its territory. We will have limited response options, and the State Department will crank out warnings until the Chinese get tired of reading them, but nothing much will happen after that. This will be a long and winding road, full of surprises and the occasional casualty. It is the way the Chinese fight - even with their friends.
Amazon Books:
Chinese doctrine says they will pick the time of fighting, when it is to their advantage. When they fought a war with Viet Nam, in 1979, there were 30,000 casualties. Two years before it started the Vietnamese occupied one of the islands still in dispute, the Spratly Islands, but they also invaded Cambodia and ran out the Khmer Rouge, the China-backed government. Both of these things are quite a bit more disconcerting than trying to plant flags on an island.
In 1985 and early 1986, China was lobbing shells over the border into Viet Nam and threatening it with other types of action. In 1988, they fought battle not far from the Spratlys and 70 Vietnamese sailors were killed. They still have run-ins with each other and have had survey equipment and fishing vessels damaged by the Chinese. We usually think of China and Viet Nam as allies.
For those thinking Korea, Japan and the U.S. are off the hook, given the recent response, remember none of these countries are exactly friends of China. The Chinese will wait for a better time, when they have an advantage, and they will indicate the response was intended as a warning over incursions into its territory. We will have limited response options, and the State Department will crank out warnings until the Chinese get tired of reading them, but nothing much will happen after that. This will be a long and winding road, full of surprises and the occasional casualty. It is the way the Chinese fight - even with their friends.
Amazon Books:
Sunday, November 24, 2013
China's Warning about Islands
There were quite a few stories about the "new" declaration by China of what territories it expects to defend, but most of them concentrated on perceptions rather than the actual way it was presented. (See Reuters, CBS News and BBC for their articles)
The Chinese are not claiming any new territory, but they are saying they are going to make those territories part of their air defense zone. Their web site says:
November 23, 2013, the Chinese government issued a solemn statement announcing the designation of the East China Sea air defense identification zone. It is adapted to the development of the security situation in the country, focusing on safeguarding national sovereignty and territorial airspace security and maintaining order in the air flying legitimate move is necessary to move the country to better exercise the right of self-defense, but also in line with common practice in the world's major coastal countries.
Non-commercial aircraft are going to be challenged in this zone, which should prove interesting to anyone flying military aircraft in this area. It won't just be the Japanese, since a good part of the warning covers Taiwan and area adjacent to S. Korea. These types of challenges are not new, but they are coming at a time when there are many claims being made to the potential oil in the South China Sea. When it gets interesting, is when somebody is challenged for identification, and they ignore it. Are the Chinese going to shoot? They really want us to think about it.
Wednesday, November 20, 2013
Obamacare Website Security-3
The state of the Obamacare website tells us more about the potential for losing vast quantities of information that users put into that system. As I said in a previous post, MITRE already did a report saying security could not be evaluated because the system wasn’t completed. Chao's testimony last week, showed how far short of operational that website actually is. That would have been enough for an experienced CIO to say the risks were too great to go on-line, on the Internet, where hostile hackers will make mincemeat out of anyone who thinks their security is “good enough for government work.” We can debate whether this website was even that, but it is too soon to tell.
There is a process that HHS is supposed to follow to identify risks early on, and deal with them. At http://www.hhs.gov/ocio/policy/index.html#Security you can find these policies. They are vague, and typical of policies that would be a CYA for any agency CIO. Security falls to the HHS CISO, Dr. Kevin Charest, who has not appeared at any of the Committee Hearings on the website roll-out. Charest got a letter from the Committee asking him to explain some relevant issues (especially who signed the Authority To Operate for this system). The full text of the letter follows, but remember these are seldom written without some knowledge of the expected answer. They try to follow the attorney F. Lee Bailey's advice to never ask a question you don't already know the answer to: Amazon books:
October 15, 2013
Mr. Daniel R. Levinson
Inspector General, U.S. Department of Health and Human Services
330 Independence Ave, SW
Washington, D.C. 20201
Dear Inspector General Levinson:
It is widely understood that every information system can be hacked. Cybersecurity is now one of the greatest threats our nation faces. Bad actors are constantly attacking our information infrastructure and looking for opportunities to expose vulnerabilities. Rapidly evolving technology presents a never-ending challenge to safe-guard against catastrophic attacks. Given these realities, we are concerned for the integrity and security of the Data Services Hub (Data Hub)—the new launching pad for the names, addresses, social security numbers, and residency status of Americans seeking health insurance on the federal exchanges.
Systems of this complexity require sufficient time to ensure the fundamental and necessary controls that protect data systems are met. Specifically, prior to launching a new data system where consumers will provide their most sensitive personal information, a series of front-end controls should be put in place. However, it is unclear if certain critical best practices were conducted prior to releasing the Data Hub—such as pilot programs and employing White Knight hackers to provide feedback on the system’s vulnerabilities. Furthermore, reports that your office did not review the draft and final security designs for the Data Hub is concerning.
Taking all these factors into account, it is imperative that Congress be provided with the information necessary to understand how the Data Hub was certified and what continuing controls have been put in place to protect Americans who are currently accessing the system. Specifically, we request information on the user access controls for the Department of Health and Human Services (HHS) staff and Navigators that have been determined appropriate for using the Data Hub. Additionally, what system has been implemented to monitor the behavioral patterns of the system to identify suspicious activity?
With regard to the Navigator Program, which does not require a background check for the individuals who will interface directly with the public, what measures have been put in place to ensure accountability? What checks and balances have been put in place to protect Navigators from claims of fraud and abuse? Has HHS implemented continuing education programs necessary to ensure Navigators are aware of the most up-to-date fraud and cybersecurity threats?
Cybersecurity threats also exist as users log into the system, input their personal information, and remain on the internet. What controls are in place to protect Americans from these “man-in-the-middle” attacks?
As you are aware, HHS completed its Final Security Control Assessment (SCA) and issued a Security Authorization Decision. Following this action, on October 1, 2013, the Data Hub was fully implemented. We respectfully request your office provide us with a copy of the Final SCA report, including but not limited to the Certification and Accreditation (C&A) plan, in addition to the Interim Authority To Operate (IATO) or the Authority to Operate (ATO).
If an IATO was issued, we request a copy of this decision, as this report would indicate all known vulnerabilities that were identified, in addition with the current plan to ensure corrective action. If an ATO was issued, we seek to understand who defined the controls that the system must adhere to, as directed by the Office of Management and Budget (OMB), in addition to information detailing whether or not the controls were met, or were deemed deficient. Finally, we request a copy of the mitigation plan that the U.S. Chief Information Officer approved that certifies the Data Hub may be fully implemented.
HHS and the Centers for Medicare and Medicaid Services (CMS) have filed their action, “Notice to establish a new system of records” for the Data Hub in the Federal Register. This action reads, “records are maintained with identifiers for all transactions for a period of 10 years after they are entered into the system” (FR Doc No: 2013-02666). At a House Committee on Oversight and Government Reform hearing on July 17, 2013, Congress was informed by CMS that records obtained from the Data Hub would not be maintained. This statement is in direct conflict with the Federal Register. We ask that you provide further clarification on the authority by which HHS may receive records and not maintain the data.
Thank you in advance for your attention to this letter. We look forward to your prompt reply.
Sincerely,
Diane Black Patrick Meehan
Member of Congress Member of Congress
cc:
Mr. Steven VanRoekel
U.S. Chief Information Officer, Office of Management & Budget
1650 Pennsylvania Avenue, NW
Eisenhower Executive Office Building, Room 262
Washington, DC 20503
Mr. Kevin Charest
Chief Information Security Officer, Department Health and Human Services
200 Independence Ave SW
Washington, D.C., DC 20201
Friday, November 15, 2013
China's Fake Fear of Cisco, et. al.
My grandmother used to tell us that accusing someone of doing something you were already doing yourself, was like the pot calling the kettle black. Today that is not so easy to understand, but back in those days, cast iron was black, the stove fires burned every pot black, so it fit.
We have the best example, in a long time, characterized in a Spencer Ante article in today's Wall Street Journal. (see NSA Fallout: Tech Firms Feel a Chill Inside China) The article says IBM, Cisco, HP, and Microsoft have all suffered declining sales in China due to two things: increased emphasis on buying Chinese products and concern over NSA surveillance. We should probably understand that businesses do not find this kind of setback very funny, but it was hard not to laugh at the reasons given for it.
The Chinese, who have so far managed to steal every piece of electronic data they could get their hands on, can't be very concerned with NSA. They used the same kinds of excuses to harass Walmart and Rio Tinto, accusing the latter of stealing "state secrets" so named after they came into their possession. It is just intimidation. Walmart had action brought against them for making too much profit.
I'm surprised more wasn't made of Huawei and ZTE restrictions in the U.S. We still acuse them of being connected to Chinese Intelligence and both deny any such association. Maybe it is easier to say they "worry" about NSA surveillance, than to fight the allegations against both of them. They undermine U.S. sales in China to benefit their own companies. We owe them a little retribution.
We have the best example, in a long time, characterized in a Spencer Ante article in today's Wall Street Journal. (see NSA Fallout: Tech Firms Feel a Chill Inside China) The article says IBM, Cisco, HP, and Microsoft have all suffered declining sales in China due to two things: increased emphasis on buying Chinese products and concern over NSA surveillance. We should probably understand that businesses do not find this kind of setback very funny, but it was hard not to laugh at the reasons given for it.
The Chinese, who have so far managed to steal every piece of electronic data they could get their hands on, can't be very concerned with NSA. They used the same kinds of excuses to harass Walmart and Rio Tinto, accusing the latter of stealing "state secrets" so named after they came into their possession. It is just intimidation. Walmart had action brought against them for making too much profit.
I'm surprised more wasn't made of Huawei and ZTE restrictions in the U.S. We still acuse them of being connected to Chinese Intelligence and both deny any such association. Maybe it is easier to say they "worry" about NSA surveillance, than to fight the allegations against both of them. They undermine U.S. sales in China to benefit their own companies. We owe them a little retribution.
Obamacare Website Security-2
We finally got to hear testimony from some of the people who were responsible for creating the mess on the Obamacare website, which poses risk to data in their networks. A couple of interesting things came from it.
1. MITRE was doing the Independent Verification &Validation part of the evaluation of the security features of the system. CMS hired an ethical hacker to augment their security testing. He found 7-10 items which were "not serious".
2. MITRE published a report, portions of which were redacted because they showed vulnerabilities to the system. This is actually a good thing, since publication would make it even easier to get into the site, something a normal user cannot do.
3. Only a short part of MITRE's report was read in the open hearing, but it contained the following gem of information: "MITRE was unable to evaluate the Confidentiality or Integrity of the system" because it wasn't ready. The three elements of the security evaluation, Confidentiality, Integrity and Availability, were not even done, yet the Administrator of CMS felt confident enough in their design to sign off on the risks. If good designs were enough, we could throw away those acquisitions manuals and buy good designs. On what basis HHS could make such a decision is a mystery. We know Availability failed.
Several sources today (http://www.nextgov.com/health/2013/11/cms-manager-who-okayed-healthcaregov-missed-security-memo/73625/) site portions of a report saying the security risks were "limitless" in this system. When has anyone ever seen an evaluation like this result in an Authority to Operate (ATO)?
4. Mr. Chao, the Deputy CIO at CMS, said security testing was completed at the component level, but was not able to be completed end-to-end. Component level testing would not include the interfaces to the other systems that connect our sensitive data to this portal. Does CMS feel comfortable accepting that level of risk? Do the other agencies connecting to this portal feel comfortable with accepting them? A Hill article today (http://thehill.com/blogs/healthwatch/health-reform-implementation/189916-top-cms-official-didnt-know-about-obamacare) says Chao was not included on parts of the request for sign-off on the ATO. That didn't seem to keep him from rationalizing the lack of security testing.
5. Mr. Powner, from GAO, twice cautioned that we should be concerned about security while the system is being built. Considering that no security testing had been done that would justify granting an ATO, the risks climb dramatically with changes that are being made on the fly, where political pressures abound. Will the system be tested before the 30th of November when all the changes are supposed to be done? Not likely. They cannot even get the portal to work like a portal. Until it is stable, it would be difficult to test.
We should think twice about putting any data into this system until it is operational, the security testing is complete, and the vulnerabilities are corrected. You can bet the Chinese are already hacking this goldmine. Amazon books:
1. MITRE was doing the Independent Verification &Validation part of the evaluation of the security features of the system. CMS hired an ethical hacker to augment their security testing. He found 7-10 items which were "not serious".
2. MITRE published a report, portions of which were redacted because they showed vulnerabilities to the system. This is actually a good thing, since publication would make it even easier to get into the site, something a normal user cannot do.
3. Only a short part of MITRE's report was read in the open hearing, but it contained the following gem of information: "MITRE was unable to evaluate the Confidentiality or Integrity of the system" because it wasn't ready. The three elements of the security evaluation, Confidentiality, Integrity and Availability, were not even done, yet the Administrator of CMS felt confident enough in their design to sign off on the risks. If good designs were enough, we could throw away those acquisitions manuals and buy good designs. On what basis HHS could make such a decision is a mystery. We know Availability failed.
Several sources today (http://www.nextgov.com/health/2013/11/cms-manager-who-okayed-healthcaregov-missed-security-memo/73625/) site portions of a report saying the security risks were "limitless" in this system. When has anyone ever seen an evaluation like this result in an Authority to Operate (ATO)?
4. Mr. Chao, the Deputy CIO at CMS, said security testing was completed at the component level, but was not able to be completed end-to-end. Component level testing would not include the interfaces to the other systems that connect our sensitive data to this portal. Does CMS feel comfortable accepting that level of risk? Do the other agencies connecting to this portal feel comfortable with accepting them? A Hill article today (http://thehill.com/blogs/healthwatch/health-reform-implementation/189916-top-cms-official-didnt-know-about-obamacare) says Chao was not included on parts of the request for sign-off on the ATO. That didn't seem to keep him from rationalizing the lack of security testing.
5. Mr. Powner, from GAO, twice cautioned that we should be concerned about security while the system is being built. Considering that no security testing had been done that would justify granting an ATO, the risks climb dramatically with changes that are being made on the fly, where political pressures abound. Will the system be tested before the 30th of November when all the changes are supposed to be done? Not likely. They cannot even get the portal to work like a portal. Until it is stable, it would be difficult to test.
We should think twice about putting any data into this system until it is operational, the security testing is complete, and the vulnerabilities are corrected. You can bet the Chinese are already hacking this goldmine. Amazon books:
Friday, November 8, 2013
Obamacare Website Security Testing
The Obamacare website fiasco, about which much has been said, is not just the story of a failed website. Lost in the analysis, was a small sentence that indicated security testing had not been done, "because there was a lack of time". I have heard this excuse, more than once, by some of the biggest software vendors in the land. What it boils down to is a priority list of things that must be done, and security testing doesn't make the list.
What it means to users is simple: We will take the risk with your data, while we make improvements to the website.
Who can make that kind of decision, and how can they rationalize signing off on risks that are not theirs to take? The person responsible for security of the site was a man named Tony Trenkle, CIO at Centers for Medicare and Medicade Services, who according to the CBS news story at http://www.cbsnews.com/8301-250_162-57611202/departing-obamacare-security-official-didnt-sign-off-on-site-launch/, resigned this week and is now gone. He would not sign off on the acceptance of risk, but CMS Administration, Marilyn Tavenner did. CBS's article goes on to say "HHS also says there is an aggressive risk mitigation plan in effect, "the privacy and security of consumers personal information is a top priority for us" and personal information is "protected by stringent security standards." Of course, without security testing, they are not in any position to say what the risks are to the data.
Tavenner's testimony http://oversight.house.gov/wp-content/uploads/2013/07/Tavenner-CMS-Statement-PPACA-Data-Hub-7-17.pdf gives broad assurances that security was met through FISMA, indicating she neither understands, nor appreciates, what FISMA actually does. Years from now, we might see a FISMA report telling us what shortcomings have to be corrected to meet existing requirements, but it won't be soon.
More than once, I have been in the position to brief the person responsible for acceptance of risk. I asked them to acknowledge the risks, accept the mitigation strategy (which limits the amount of time the risk will exist), and fund the mitigation effort. Only on rare occasions will the person in charge decline, and almost always, they decline for a good reason. Usually, there is enough significant risk that going operational is not a good option, but delaying will have serious political consequences. Trenkle would have known there was no security testing, so there was no way to measure the amount and type of risk that had to be mitigated. He also knew the consequences of delay were higher up the food chain. So, he declined to sign. Smart man.
Today's Politico http://www.politico.com/politico44/2013/11/white-house-blocks-tech-chief-from-testifying-on-obamacare-177047.html says the White House is declining to allow Todd Park to testify on the Hill because he is "too busy" repairing damage to the site. The House Committee on Oversight and Government Reform will call a witness list that includes HHS Deputy Assistant Secretary for Information Technology Frank Baitman, CMS Deputy Chief Information Officer Henry Chao, U.S. Chief Information Officer Steve VanRoekel and David Powner, Director of IT management at the Government Accountability Office. Maybe someone could ask how they make a risk assessment on a system that had no security testing done on it. Amazon books:
What it means to users is simple: We will take the risk with your data, while we make improvements to the website.
Who can make that kind of decision, and how can they rationalize signing off on risks that are not theirs to take? The person responsible for security of the site was a man named Tony Trenkle, CIO at Centers for Medicare and Medicade Services, who according to the CBS news story at http://www.cbsnews.com/8301-250_162-57611202/departing-obamacare-security-official-didnt-sign-off-on-site-launch/, resigned this week and is now gone. He would not sign off on the acceptance of risk, but CMS Administration, Marilyn Tavenner did. CBS's article goes on to say "HHS also says there is an aggressive risk mitigation plan in effect, "the privacy and security of consumers personal information is a top priority for us" and personal information is "protected by stringent security standards." Of course, without security testing, they are not in any position to say what the risks are to the data.
Tavenner's testimony http://oversight.house.gov/wp-content/uploads/2013/07/Tavenner-CMS-Statement-PPACA-Data-Hub-7-17.pdf gives broad assurances that security was met through FISMA, indicating she neither understands, nor appreciates, what FISMA actually does. Years from now, we might see a FISMA report telling us what shortcomings have to be corrected to meet existing requirements, but it won't be soon.
More than once, I have been in the position to brief the person responsible for acceptance of risk. I asked them to acknowledge the risks, accept the mitigation strategy (which limits the amount of time the risk will exist), and fund the mitigation effort. Only on rare occasions will the person in charge decline, and almost always, they decline for a good reason. Usually, there is enough significant risk that going operational is not a good option, but delaying will have serious political consequences. Trenkle would have known there was no security testing, so there was no way to measure the amount and type of risk that had to be mitigated. He also knew the consequences of delay were higher up the food chain. So, he declined to sign. Smart man.
Today's Politico http://www.politico.com/politico44/2013/11/white-house-blocks-tech-chief-from-testifying-on-obamacare-177047.html says the White House is declining to allow Todd Park to testify on the Hill because he is "too busy" repairing damage to the site. The House Committee on Oversight and Government Reform will call a witness list that includes HHS Deputy Assistant Secretary for Information Technology Frank Baitman, CMS Deputy Chief Information Officer Henry Chao, U.S. Chief Information Officer Steve VanRoekel and David Powner, Director of IT management at the Government Accountability Office. Maybe someone could ask how they make a risk assessment on a system that had no security testing done on it. Amazon books:
Monday, November 4, 2013
New Leaks, Are They Snowden's?
In the Sunday New York Times, Scott Shane put together some new information about what and where NSA was collecting intelligence about these things:
1. Information about positions of the U.N. secretary general, prior to a meeting with our President.
2. Interception of 478 e-mails which helped to foil a plan by jihadists to kill a Swedish artist.
3. Surveillance information about FARC rebels later turned over to over to the Colombian government.
4. Surveillance of Iran's Ayatollah Ali Khamenei, aircraft entering and leaving the airspace around him, his vehicles, weapons, and conversations of aides, down to the details of what was discussed.
5. Surveillance of Somali officials, a U.N. political officer communicating by e-mail, and a local rep from a charity World Vision.
(See: No Morsel Too Minuscule For All-Consuming N.S.A., New York Times, Nov 3, 2013)
The sources of most of these examples are said to be documents that came from Edward Snowden. I watch for these documents, because they are sensitive intelligence matters that should not appear in public and they damage our national security. I haven't seen that many, and I am starting to get the idea that the New York Times, the Guardian, and the Washington Post can write a ton of articles based on their own sources, and say they came from Snowden's stash of documents. We wouldn't have any way of knowing the truth of it, anymore than we would know the truth of the source of the examples they are using. Nobody in the government will acknowledge the truth of any of them, even when they appear in the public media. Nobody can challenge the voracity of the newspapers' statements, nor question whether they really came from Snowden.
The inference in this article is that NSA collects, analyzes and distributes intelligence about almost every aspect of any persons life, anywhere in the world. There would have never been an attack on 9/11, Somali pirates would never capture a ship on the open seas, the FARC would not exist as an organization, and Iran would not have a nuclear program, to speak of, if it were really true that NSA could sweep up everything, and use it to make predictions about what was going to happen anywhere, anytime.
That doesn't stop the press from bringing phony "charges" of NSA's abuses of their sanctioned mission. What this does is undermine our intelligence collection capability, to the benefit of the Russians and Chinese who are the only other countries that can come close to us in that regard. Does anyone think that Snowden picked Hong Kong at random, as the jumping off point for his escapades? Do we think he sought asylum in Russia because he "just happened to be at the airport in Moscow"? Both countries benefit from these disclosures. What we need to find out, and the White House certainly could if they wanted, is where is this information the press is publishing really coming from? I doubt that is just Snowden's documents. It is an easy way to protect other sources by saying so, and we should try to find out who those sources really are.
1. Information about positions of the U.N. secretary general, prior to a meeting with our President.
2. Interception of 478 e-mails which helped to foil a plan by jihadists to kill a Swedish artist.
3. Surveillance information about FARC rebels later turned over to over to the Colombian government.
4. Surveillance of Iran's Ayatollah Ali Khamenei, aircraft entering and leaving the airspace around him, his vehicles, weapons, and conversations of aides, down to the details of what was discussed.
5. Surveillance of Somali officials, a U.N. political officer communicating by e-mail, and a local rep from a charity World Vision.
(See: No Morsel Too Minuscule For All-Consuming N.S.A., New York Times, Nov 3, 2013)
The sources of most of these examples are said to be documents that came from Edward Snowden. I watch for these documents, because they are sensitive intelligence matters that should not appear in public and they damage our national security. I haven't seen that many, and I am starting to get the idea that the New York Times, the Guardian, and the Washington Post can write a ton of articles based on their own sources, and say they came from Snowden's stash of documents. We wouldn't have any way of knowing the truth of it, anymore than we would know the truth of the source of the examples they are using. Nobody in the government will acknowledge the truth of any of them, even when they appear in the public media. Nobody can challenge the voracity of the newspapers' statements, nor question whether they really came from Snowden.
The inference in this article is that NSA collects, analyzes and distributes intelligence about almost every aspect of any persons life, anywhere in the world. There would have never been an attack on 9/11, Somali pirates would never capture a ship on the open seas, the FARC would not exist as an organization, and Iran would not have a nuclear program, to speak of, if it were really true that NSA could sweep up everything, and use it to make predictions about what was going to happen anywhere, anytime.
That doesn't stop the press from bringing phony "charges" of NSA's abuses of their sanctioned mission. What this does is undermine our intelligence collection capability, to the benefit of the Russians and Chinese who are the only other countries that can come close to us in that regard. Does anyone think that Snowden picked Hong Kong at random, as the jumping off point for his escapades? Do we think he sought asylum in Russia because he "just happened to be at the airport in Moscow"? Both countries benefit from these disclosures. What we need to find out, and the White House certainly could if they wanted, is where is this information the press is publishing really coming from? I doubt that is just Snowden's documents. It is an easy way to protect other sources by saying so, and we should try to find out who those sources really are.
Wednesday, October 30, 2013
Merkel's Cell Phone
David Sanger, as some of you know, is one of my favorite reporters because he has some of the best sources in Washington. I always wonder where he gets some of his ideas, especially those on our most sensitive subjects like the Stuxnet Worm deployment in Iran's closely controlled nuclear facilities.
I saw David on TV a couple of nights ago, and he was asked about the U.S. monitoring of calls made by Angela Merkel, Germany's Chancellor. He asked more questions than he answered, but his first one made me think: What head of state does not have an encrypted cell phone to use for communications? Why didn't she have one?
I'm not sure when Heads of State became so careless with information we should know is being monitored. The Chinese are building a raft of small satellites they sell to anyone interested in having one. They can put anything they want on one of these things, so a small country can get into the business of listening in to their neighbors and enemies. Are we so naive as to think the U.S. is monitoring everyone in the world, but nobody else can? The Russians were doing it many years ago, and it would be hard to believe they stopped. The Chinese have hacked every major business in the free world, and nobody has made as big a fuss as our allies have over cell phone monitoring.
An insecure cell phone is an open invitation to anyone with even a glimmer of capability to listen in. The French even admit they spy on everyone, though they seem to be indignant about being monitored themselves. On the Continent, there seems to be a mass of hypocrites, lined up, to say how terrible such a thing can be.
They seem to still believe the words of Henry Stimson, "Gentlemen don't read each other's mail." What we forget is, he used those words to shut down the U.S. code breaking capability for many years, the same capability that was used to break the Japanese codes during WW II.
For those who are squealing the loudest, we might remember another quote of Stimson: The only way to make a man trustworthy is to trust him; and the surest way to make him untrustworthy is to distrust him and show your distrust. There is a little of that on both sides right now.
I saw David on TV a couple of nights ago, and he was asked about the U.S. monitoring of calls made by Angela Merkel, Germany's Chancellor. He asked more questions than he answered, but his first one made me think: What head of state does not have an encrypted cell phone to use for communications? Why didn't she have one?
I'm not sure when Heads of State became so careless with information we should know is being monitored. The Chinese are building a raft of small satellites they sell to anyone interested in having one. They can put anything they want on one of these things, so a small country can get into the business of listening in to their neighbors and enemies. Are we so naive as to think the U.S. is monitoring everyone in the world, but nobody else can? The Russians were doing it many years ago, and it would be hard to believe they stopped. The Chinese have hacked every major business in the free world, and nobody has made as big a fuss as our allies have over cell phone monitoring.
An insecure cell phone is an open invitation to anyone with even a glimmer of capability to listen in. The French even admit they spy on everyone, though they seem to be indignant about being monitored themselves. On the Continent, there seems to be a mass of hypocrites, lined up, to say how terrible such a thing can be.
They seem to still believe the words of Henry Stimson, "Gentlemen don't read each other's mail." What we forget is, he used those words to shut down the U.S. code breaking capability for many years, the same capability that was used to break the Japanese codes during WW II.
For those who are squealing the loudest, we might remember another quote of Stimson: The only way to make a man trustworthy is to trust him; and the surest way to make him untrustworthy is to distrust him and show your distrust. There is a little of that on both sides right now.
Thursday, October 24, 2013
White House Leak Investigations
We used to have a saying about the Washington Post and secrets: "Don't let us see this on the front Page of the Post." In general, it was intended as a warning about whether a person could be employed after something appeared there. Usually, that answer was no. On the front page of today's Post are two examples of what we should see as career-ending disclosures of information.
I have always thought the White House could run a leak investigation when they wanted to, and there is proof positive on the front page today. http://www.washingtonpost.com/politics/stung-by-a-twitter-renegade-group-in-obama-administration-launched-sting-of-its-own/2013/10/23/3cb89d56-3c00-11e3-b6a9-da62c264f40e_story.html?tid=pm_pop One of their own, a member of the National Security Council staff, was using an anonymous Twitter account to disparage White House officials and policies. They did what anyone should do when information leaks, they started a leak investigation and planted information with internal employees to see which pieces of it appeared in the press. This is not novel or unique - anyone should know how to do it. The found the person they were looking for, and by all indications, he will be unemployed.
At the same time, the lead story in the Post today is a more gripping tale of Top Secret agreements between Pakistan and the United States over how and where drone strikes are to be conducted. http://www.washingtonpost.com/world/national-security/top-pakistani-leaders-secretly-backed-cia-drone-campaign-secret-documents-show/2013/10/23/15e6b0d8-3beb-11e3-b6a9-da62c264f40e_story.html?tid=ts_carousel
Now, how is it that the White House can run a fairly mature leak investigation when it involves slams to their own people and those right on their door step, but the can't find out who is leaking Top Secret documents to the people just down the street from them? We have yet to see who actually leaked the information about the new type of underwear bomb plucked out of an Al Qaeda bomb factory, who gave the information to the Times about the Stuxnet worm, or who was behind this latest disclosure about Pakistan and arrangements we had with them on drone strikes. Can anyone at that end of the street keep a secret? Sometimes.
I have always thought the White House could run a leak investigation when they wanted to, and there is proof positive on the front page today. http://www.washingtonpost.com/politics/stung-by-a-twitter-renegade-group-in-obama-administration-launched-sting-of-its-own/2013/10/23/3cb89d56-3c00-11e3-b6a9-da62c264f40e_story.html?tid=pm_pop One of their own, a member of the National Security Council staff, was using an anonymous Twitter account to disparage White House officials and policies. They did what anyone should do when information leaks, they started a leak investigation and planted information with internal employees to see which pieces of it appeared in the press. This is not novel or unique - anyone should know how to do it. The found the person they were looking for, and by all indications, he will be unemployed.
At the same time, the lead story in the Post today is a more gripping tale of Top Secret agreements between Pakistan and the United States over how and where drone strikes are to be conducted. http://www.washingtonpost.com/world/national-security/top-pakistani-leaders-secretly-backed-cia-drone-campaign-secret-documents-show/2013/10/23/15e6b0d8-3beb-11e3-b6a9-da62c264f40e_story.html?tid=ts_carousel
Now, how is it that the White House can run a fairly mature leak investigation when it involves slams to their own people and those right on their door step, but the can't find out who is leaking Top Secret documents to the people just down the street from them? We have yet to see who actually leaked the information about the new type of underwear bomb plucked out of an Al Qaeda bomb factory, who gave the information to the Times about the Stuxnet worm, or who was behind this latest disclosure about Pakistan and arrangements we had with them on drone strikes. Can anyone at that end of the street keep a secret? Sometimes.
Wednesday, October 23, 2013
Snowden's Leaks
On the 18th of October, Ed Pilkington wrote an article for the Guardian indicating Snowden had said he did not take any documents with him to Russia. According to the article (which is at http://www.theguardian.com/world/2013/oct/18/edward-snowden-no-leaked-nsa-documents-russia ) all the documents were left with journalists, presumably to be let out a few at a time, over time, to increase the value of the goods to the publications they appear in. Releasing them all at once, has a narrow impact on circulation, which is the business part of the whole thing. The Guardian already admitted as much.
I want to ask my readers how plausible such a story sounds.
The Russians were taking a risk by accepting Snowden's appeal for asylum. Was he really afraid somebody was going to kill him to keep him from releasing the information, as he once insinuated would happen? If so, he has been watching too much television while sitting around the airport. Nobody is going to believe such a claim.
Was he going to be arrested and put in jail? Yes, he was. Human Rights Watch tried to make a case for this justification for asylum by saying whistleblowers don't have adequate protection in National Security cases (http://www.hrw.org/news/2013/07/03/countries-should-consider-snowden-s-asylum-claim-fairly ) which may even be partially true, but hardly a reason for Russia to think he deserved asylum. They would have a fit if we used that as justification for allowing a Russian to defect to the U.S. It just isn't very convincing that the Russians jumped to his aid because they felt like he might be put in a U.S. jail for what he did. They put reporters in jail for lesser offenses.
Why leave the documents with journalists? For one reason, because the foreign spy agencies in China and Russia have finally figured out that journalists cannot be prosecuted for having them, and spies can. Even though that makes absolutely no sense at all, the law in the U.S. and England have allowed it to be. There will shortly be another case in the U.S. where a spy will be found to have given documents to a journalist and the journalist published stories about them. When the Justice Department made him a co-conspirator in the case, the journalist community raised holy hell. The journalists have a powerful lobby, but that isn't a good reason for their behavior.
If Snowden actually did leave all his sensitive documents with journalists, what could the Russians gain by giving Snowden asylum, that they couldn't get without giving him asylum? The answer would seem to be nothing, but we can't have an answer that runs contrary to every understanding we have the Russian politic. They never do anything like this without a reason. They have to be getting something.
Either they believe Snowden knows a lot he isn't telling yet, or he brought more with him than he is willing to admit. The Russians have to believe they will get more than the altruistic good feeling that comes from keeping a person from going to jail. Nobody, not even the Russians, likes a traitor enough to take one in with the idea that they will get nothing in return. It is too much for any of us to believe.
I want to ask my readers how plausible such a story sounds.
The Russians were taking a risk by accepting Snowden's appeal for asylum. Was he really afraid somebody was going to kill him to keep him from releasing the information, as he once insinuated would happen? If so, he has been watching too much television while sitting around the airport. Nobody is going to believe such a claim.
Was he going to be arrested and put in jail? Yes, he was. Human Rights Watch tried to make a case for this justification for asylum by saying whistleblowers don't have adequate protection in National Security cases (http://www.hrw.org/news/2013/07/03/countries-should-consider-snowden-s-asylum-claim-fairly ) which may even be partially true, but hardly a reason for Russia to think he deserved asylum. They would have a fit if we used that as justification for allowing a Russian to defect to the U.S. It just isn't very convincing that the Russians jumped to his aid because they felt like he might be put in a U.S. jail for what he did. They put reporters in jail for lesser offenses.
Why leave the documents with journalists? For one reason, because the foreign spy agencies in China and Russia have finally figured out that journalists cannot be prosecuted for having them, and spies can. Even though that makes absolutely no sense at all, the law in the U.S. and England have allowed it to be. There will shortly be another case in the U.S. where a spy will be found to have given documents to a journalist and the journalist published stories about them. When the Justice Department made him a co-conspirator in the case, the journalist community raised holy hell. The journalists have a powerful lobby, but that isn't a good reason for their behavior.
If Snowden actually did leave all his sensitive documents with journalists, what could the Russians gain by giving Snowden asylum, that they couldn't get without giving him asylum? The answer would seem to be nothing, but we can't have an answer that runs contrary to every understanding we have the Russian politic. They never do anything like this without a reason. They have to be getting something.
Either they believe Snowden knows a lot he isn't telling yet, or he brought more with him than he is willing to admit. The Russians have to believe they will get more than the altruistic good feeling that comes from keeping a person from going to jail. Nobody, not even the Russians, likes a traitor enough to take one in with the idea that they will get nothing in return. It is too much for any of us to believe.
Monday, October 14, 2013
China Warns U.S. Part II
CNBC reports today that Vice Finance Minister Zhu Guangyao told reporters that he understands the White House is working to resolve the double-edged crisis, but expressed impatience with the lack of progress.
"We have to see that the clock is ticking," Zhu said, according to Agence France Presse."The executive branch of the U.S. government has to take decisive and credible steps to avoid a default on its Treasury bonds," he said.
Curious how the Chinese, who have a different view of the role of government, manage to blame the Executive Branch of government for the condition we are in with the shutdown and debt debate, but our own press tends to blame the Legislative Branch.
A few of our press stalwarts might think the Chinese are ill-informed about how the U.S. government actually works. They might chuckle at their ignorance.
A few might think the Chinese are just greedy, wanting to get the whole thing settled so their sizable investments and bonds are protected from default that would cost them money.
A few might applaud the Chinese for waiting until the "last minute" to engage in the game, when a trillion or two is at stake in this bet. It shows how tolerant they are.
Perhaps, it is more simple than any of these things. The Chinese are off at the APEC Summit while our President sits on the sidelines, and our Secretary of State keeps to Afghanistan trying to get them to agree to another few years of troop support.
The Chinese are quick to step into this area of South East Asia, because they want us out. Two years ago, countries like Japan and Thailand were wanting us to get back into the area because the Chinese were being too aggressive, threatening all of them and staking claims to islands all over the region. They haven't given up on those claims; they are going their best to engage all who live in that part of the world, and they press us to stay home and tend to our budget crisis.
Notice, we listen.
Curious how the Chinese, who have a different view of the role of government, manage to blame the Executive Branch of government for the condition we are in with the shutdown and debt debate, but our own press tends to blame the Legislative Branch.
A few of our press stalwarts might think the Chinese are ill-informed about how the U.S. government actually works. They might chuckle at their ignorance.
A few might think the Chinese are just greedy, wanting to get the whole thing settled so their sizable investments and bonds are protected from default that would cost them money.
A few might applaud the Chinese for waiting until the "last minute" to engage in the game, when a trillion or two is at stake in this bet. It shows how tolerant they are.
Perhaps, it is more simple than any of these things. The Chinese are off at the APEC Summit while our President sits on the sidelines, and our Secretary of State keeps to Afghanistan trying to get them to agree to another few years of troop support.
The Chinese are quick to step into this area of South East Asia, because they want us out. Two years ago, countries like Japan and Thailand were wanting us to get back into the area because the Chinese were being too aggressive, threatening all of them and staking claims to islands all over the region. They haven't given up on those claims; they are going their best to engage all who live in that part of the world, and they press us to stay home and tend to our budget crisis.
Notice, we listen.
.
Saturday, October 12, 2013
China Involved in US Debt Debate
Last week the Chinese warned the Obama White House that they "hold significant debt of the United States" . We can only hope that nobody forgets that China owns owns $1.28 trillion, that they admit to. They have beneficial ownership of a good deal more, but if we think of money as stock, they have as much influence over the U.S. as a share holder with 10% ownership of a company's stock.
Two years ago China made almost the exact same worded warning when Congress was debating what imports to tax. Then, they raised the price of their currency, at a time when we were trying to get them to lower it. So, what is next from China on this? You can bet the backchannels are humming, and the emphasis is on getting the debt debate over with, so they can back-fill their pockets with new payments. The debt ceiling debate is not about what bills we owe; it is just as much about who we owe that money. I am uncomfortable about China, though less so about Japan, owning equal chunks of our debt. Don't we care, or like the Obama White House, do we think China is our friend?
Two years ago China made almost the exact same worded warning when Congress was debating what imports to tax. Then, they raised the price of their currency, at a time when we were trying to get them to lower it. So, what is next from China on this? You can bet the backchannels are humming, and the emphasis is on getting the debt debate over with, so they can back-fill their pockets with new payments. The debt ceiling debate is not about what bills we owe; it is just as much about who we owe that money. I am uncomfortable about China, though less so about Japan, owning equal chunks of our debt. Don't we care, or like the Obama White House, do we think China is our friend?
Monday, September 30, 2013
Another Bad Contractor with a Security Clearance
This is lengthy because it includes an indictment of Donald J. Sachtleben, another cleared government employee who gives us reason to suspect the security clearance process of the Federal Government is not all its cracked up to be. I encourage you to read it, if you have any involvement in classified work in the government.
This is the guy I wrote about in my latest book. He got information about the person who built a bomb delivered to the FBI for analysis. Several news reports say this bomb was collected by a person, who has since been named, and risked his life getting it out.
Sachtleben was not an FBI employee at the time the crime was committed; he was a cleared contractor.
The press has loudly claimed that this Justice Department prosecution raised the spectre of a complete loss of protection of sources, yet the only way this person was discovered was his contact with Reporter A in the indictment. Reporter A's sources' telephone numbers were gathered as a part of that investigation, so we all know who he is now.
Sachtleben would never have been prosecuted had it not been for those phone records, so reporters want to make sure that doesn't happen again.
Read the whole thing carefully and look at the relationship between the reporter, the contractor and the disclosure of classified information. Then, tell me we need new laws to protect the press.
We need new laws to protect us from people who have set out to use the press as a shield to collect things that will get our sources and methods in the public domain. Snowden is not the first of his kind, nor likely to be the last.
This is the guy I wrote about in my latest book. He got information about the person who built a bomb delivered to the FBI for analysis. Several news reports say this bomb was collected by a person, who has since been named, and risked his life getting it out.
Sachtleben was not an FBI employee at the time the crime was committed; he was a cleared contractor.
The press has loudly claimed that this Justice Department prosecution raised the spectre of a complete loss of protection of sources, yet the only way this person was discovered was his contact with Reporter A in the indictment. Reporter A's sources' telephone numbers were gathered as a part of that investigation, so we all know who he is now.
Sachtleben would never have been prosecuted had it not been for those phone records, so reporters want to make sure that doesn't happen again.
Read the whole thing carefully and look at the relationship between the reporter, the contractor and the disclosure of classified information. Then, tell me we need new laws to protect the press.
We need new laws to protect us from people who have set out to use the press as a shield to collect things that will get our sources and methods in the public domain. Snowden is not the first of his kind, nor likely to be the last.
UNITED STATES DISTRICT COURT
SOUTHERN DISTRICT OF INDIANA
INDIANAPOLIS DIVISION
UNITED STATES OF AMERICA No. v. 3 DONALD JOHN SACHTLEBEN, Defendant. STATEMENT
OF OFFENSE Should this matter proceed to trial, the United States of America
would prove the following facts beyond a reasonable doubt: A Introduction 1. On
or about May 2, 2012, the defendant DONALD JOHN SACHTLEBEN having authorized
access to national defense information relating to a disrupted suicide bomb
attack on a U.S.--bound airliner by the Yemen-based terrorist organization
Al--Qaeda in the Arabian Peninsula and the recovery by the United States of a
bomb in connection with that plot in April 2012 (referred to hereinafter as
"the bomb"), willfully disclosed such national defense information to
a person not entitled to receive it, namely a reporter with a national news
organization ("Reporter At the time of his unauthorized disclosure, SACHTLEBEN
had reason to believe that his unauthorized disclosure of such national defense
information could be used to the injury of the United States or to the
advantage of a foreign nation. In or about May 2012, SACHTLEBEN also willfully
possessed and retained national defense information in his residence in Carmel,
Indiana, including an intelligence report classified at the SECRET level that
remains so classified to this day.
Defendant's Background
2. SACHTLEBEN was employed by the Federal Bureau of Investigation from on or about 1983 through 2008. In the course of his career, SACHTLEBEN was a Special Agent Bomb Technician assigned to many FBI Major Cases involving terrorist attacks, including the Oklahoma City bombing, the first World Trade Center bombing, the Unabomber attacks, the United States Embassy bombings in East Africa, the U.S.S. COLE bombing, and the attacks of September 11, 2001. Among other assignments, SACHTLEBEN was assigned to the Explosives Unit at the FBI Laboratory in Quantico, Virginia Lab"). SACHTLEBEN held a TOP SECRET security clearance as an FBI employee on account of his official responsibilities at the FBI. As a result, SACHTLEBEN had regular access to classified and national defense information relating to the BI's activities, as well as the
activities of other members of the United States Intelligence Community.
3. In or about 2008, SACHTLEBEN retired from the FBI and was rehired as a contractor. SACHTLEBEN
maintained his TOP SECRET security clearance as an FBI contractor on account of his official
responsibilities at the FBI. As a result, SACHTLEBEN continued to have regular access to classified and
national defense information relating to the FBI's activities, as well as the activities of other members of the United States Intelligence Community. As a contractor, SACHTLEBEN routinely visited the FBI Lab. SACHTLEBEN was employed as an FBI contractor until on or about May 11, 2012.
4. Beginning in or about 1983, in connection with the start of his employment with the FBI, SACHTLEBEN
entered into various non--disclosure agreements with the United States, obligating him not to disclose
national defense information to any unauthorized person and advising him that any such unauthorized
disclosure could constitute a violation of United States criminal laws, including Title 18, United States Code, Section 793. SACHTLEBEN entered into such non-disclosure agreements both as an FBI employee and as an FBI contractor. The scope of these non-disclosure agreements encompasses the national defense
information referenced in this Statement of Offense. Defendant's Relationship with Reporter A
5. Beginning in or about the fall of 2009, SACHTLEBEN developed a source-reporter relationship with
Repoter A. Their source-reporter relationship initially focused on SACHTLEBEN's contract work on the FBI's National Improvised Explosives amiliarization training program. Their source-reporter relationship
quickly developed into other areas beyond the NIEF program. For example, from in or about January 2010
through in or about May 2012, in emails, text messages, and conversations, SACHTLEBEN provided Reporter A with information about explosives used in terrorist plots or attacks and the FBI's analysis of such
explosives. While doing so, SACHTLEBEN repeatedly requested Reporter A to keep his true identity and his relationship with Reporter A protected and confidential. When discussing in an email exchange how to
refer to SACHTLEBEN as an anonymous source for an article to be published, SACHTLEBEN asked Reporter A
not refer to him as a contractor because there was a "[p]retty small number of us." (The emails and text messages between SACHTLEBEN and Reporter A referenced in this Statement of Offense were obtained from
SACHTLEBEN's electronic devices). Defendant's Unauthorized Disclosure of National Defense Information
6. On or about April 30, 2012, following the disruption of a suicide bomb attack on a U.S.--bound airline by AQAP and the recovery by the United States of a bomb in connection with that plot, the bomb arrived at the FBI Lab for forensic analysis.
7. On or about April 30, 2012, at approximately 6:30 ABC World News Tonight broadcast a news story which stated, in part, that for the past year United States and European officials had warned that AQAP's
master bomb-maker, Ibrahim al-Asiri, had been designing surgically implanted body bombs to get past
airport security, and that there was concern that AQAP may soon try to explode a U.S.-bound aircraft with explosives hidden inside the bodies of terrorists.
8. On or about April 30, 2012, later that evening, beginning at approximately 7: 14 SACHTLEBEN and
Reporter A exchanged text messages about al--Asiri and Reporter A's speculation about the FBI's recovery of a surgically implanted body bomb (also known as a "cavity bomb"). (Note: the bomb referenced in
Paragraph 6 above was not a surgically implanted body bomb or cavity bomb.) These text messages were as follows: Date Time Originating Terminating Content of Text Message Cellular Phone Cellular Phone 4/30/2012 7:14 p.m. Reporter A SACHTLEBEN Al-Asiri is up to his old tricks. I wonder if ur boys got a hold of a cavity bomb 4/30/2012 7: l4 p.m. Reporter A SACHTLEBEN 4/30/2012 7:15 p.m. SACHTLEBEN Reporter A Yikes. Remind me to bring sum purell to the lab 4/30/2012 7: 16 p.m. Reporter A SACHTLEBEN Not totally sure though
9. On or about May 1, 2012, beginning at approximately 9:48 SACHTLEBEN and Reporter A exchanged two more text messages. These text messages were as follows: Date Time Originating Terminating Content of Text Message Cellular Phone Cellular Phone 5/1/2012 9:48 am. SACHTLEBEN Reporter A Hmm. Methinks the 10am news
conf may be related 5/1/2012 9:51 a.m. Reporter A SACHTLEBEN Ah!
10. On or about May 1, 2012, at approximately 10:00 the
FBI held a news conference concerning the arrest of five men in Cleveland,
Ohio, who were charged with plotting a bomb attack on a bridge in Ohio. This
FBI news conference had nothing to do with the bomb referenced in Paragraph 6
above.
11. On or about May 1, 2012, just prior to departing
from the Indianapolis airport and upon landing at the Washington-Dulles airport
for a previously planned trip to the FBI. Lab the following day May 2, 2012),
SACHTLEBEN sent two more text messages to Reporter A. These texts were as follows: Date Time Originating Terminating Content of Text Message
Cellular Phone Cellular Phone 5/
1/2012 9:52 a.m. SACHTLEBEN Reporter A Just abt to take off. Will curious to
coverage when i land at dulles. Hope that tsa doesnt get out the rubber gloves
and ky 5/1/2012 12:49 p.m.
SACHTLEBEN Reporter A Got that one wrong. A lil surprised they wrkin 24 hr
shifts cuz of those mutts. Still sumthin else brewin. Will find out tomorrow
(Emphasis added.)
12. On or about May 2, 2012, at approximately 8:39
SACHTLEBEN used his FBI- issued badge to enter the FBI Lab. Among other things,
SACHTLEBEN logged into the FBI's classified computer system from a computer
terminal located within the FBI Lab in an administrative space designated for
the Explosives Unit. That administrative space was directly across the hallway
from the examination space for the Explosives Unit, where the bomb was then
being examined. SACHTLEBEN also used his FBI-issued badge to enter the
examination space for the Explosives Unit. SACHTLEBEN did not access any
documents on the FBI's classified
computer system about the bomb and did not sign the sign-in sheet for
access to a specific room within the examination space for the Explosives Unit
designated for the examination of the bomb.
13. On or about May 2, 2012, at approximately 10:25
SACHTLEBEN called Reporter A and spoke with him for a little over two minutes.
In that call, SACHTLEBEN disclosed to Reporter A national defense information
that he had gathered that morning, including that the FBI was then engaged in
an ongoing, secretive, and sensitive analysis of the bomb; analysis which
involved other parts of the United States Government besides the FBI. At that
time, SACHTLEBEN believed that the national defense information that he
disclosed to Reporter A was classified at least at the SECRET level.
14. Approximately two-and-a--half hours later, Reporter
A and another reporter from Reporter A's news organization contacted multiple
United States Government officials and stated that they knew the following
facts: (1) the United States had intercepted a bomb from Yemen; (2) the FBI was
analyzing the bomb; and (3) they believed, but had not confirmed, that the bomb
was linked to AQAP's premier bomb-maker, Ibrahim al-Asiri. The facts that these
reporters stated that they knew as of May 2, 2012 (namely, 1) and (2) in the
immediately preceding sentence) constituted classified and national defense
information as of that date.
15. Beginning on May 7, 2012, multiple news
organizations published articles about the disrupted suicide bomb attack and
recovery of the bomb. The lead article was published by Reporter A's news
organization on May 7, 2012, at approximately 4 and was entitled, CIA Thwarts New al-Qaida Underwear Bomb
Plot." Thereafier, Reporter A's news organization and other news
organizations published additional articles and/or broadcast television reports
about the disrupted suicide bomb attack and recovery of the bomb (referred to
collectively hereinafter as the
"Media Reports").
16. Following the publication of the Media Reports,
SACHTLEBEN continued to provide information to Reporter A about the bomb. 17. SACHTLEBEN was never authorized,
directly or indirectly, by the United States Govemment to deliver, communicate,
or transmit any classified or national defense infonnation to Reporter A or any
other member of the media.
Defendant's Unauthorized Possession and Retention of National Defense
Information 18. From a date
uncertain to on or about July 9, 2013, SACHTLEBEN willfully possessed and
retained in his residence in Carmel, Indiana, on numerous pieces of electronic
media, United States Govemment documents bearing classification markings in
their headers or footers or in their individually classified paragraph portion
markings. The majority of these documents bore SECRET classification
markings.
19. From a date uncertain to in or about May 2012,
SACHTLEBEN willfully possessed and retained in his residence in Carmel,
Indiana, a containing, among other things, a Central Intelligence Agency
intelligence report, bearing a classification marking and the date November 2,
2006. The CIA has conducted a formal classification review of that intelligence
report and determined that the report was and remains properly marked at the
classification level. The was
seized in or about May 2012, in connection with an unrelated criminal
investigation of SACHTLEBEN involving his possession and distribution of child
pornography.
20. "Classified" information is defined by
Executive Order 13526 ("Executive Order") as information in any form
that: (1) is owned by, produced by or for, or under control of the United
States Government; (2) falls within one or more of the categories set forth in
the Executive Order; and (3) is
classified by an original classification authority who determines that its unauthorized disclosure reasonably could
be expected to result in damage to the national security which includes defense
against transnational terrorism. Where such unauthorized disclosure reasonably
could be expected to cause "exceptionally grave damage" to the
national security, the information is classified as Where such unauthorized
disclosure reasonably could be expected to cause "serious damage" to
the national security, the information is classified as Where such unauthorized
disclosure reasonably could be expected to cause "damage" to the
national security, the information is classified as The designation means that a classified document cannot be
shared with any foreign nationals or foreign govemments.
Conclusion
Conclusion
21. SACHTLEBEN engaged in the conduct described above
knowingly and willfully, and not by accident, mistake, or any other innocent
reason. In disclosing information to Reporter A, SACHTLEBEN did not believe
that he was exposing government waste, fraud, abuse, or any other kind of govemment malfeasance or
misfeasance. This Statement of
Offense is not intended to be a complete recitation of all of the facts known to the United States or
SACHTLEBEN, but is, instead, intended to provide a sufficient factual basis for the defendant's plea
of guilty to one count of Unauthorized Disclosure of National Defense Information, in violation of 18 U.S.C.
793(d), and one count of Unauthorized
Possession and Retention of National Defense Information, in violation
of 18 U.S.C. 793(6). Respectfully
submitted,
SEPH HOGSETT United States Attorney for the Southern
District of Indiana
SteVeFD./DeBrota'
Senior Litigation Counsel
Subscribe to:
Posts (Atom)