China's Neighbors Arm Up

There was an interesting story by Trefor Moss, in today's Wall Street Journal [ http://www.wsj.com/articles/chinas-neighbors-build-up-militaries-1424996255]  about the neighbors of China - especially Vietnam - arming themselves.  It reminds me that Vietnam fought a fairly large border land battle with China right after the Vietnam war ended for the allies.  There were 20,000 casualties in that one and Vietnam won.

Now Vietnam has beefed up its air force and navy by adding Russian frigates (6) submarines (6) and aircraft.  The subs are particularly interesting since Vietnam didn't have them before and China has challenged them in areas of dispute where large surface navies would put Vietnam at a disadvantage.  The submarines will keep China looking over its shoulder.  

It's interesting too that these arms come from Russia.  The Chinese are probably wondering how the $2 Billion came to be spent there, even though they know the Russians need the money.  Russia arming China's neighbors might indicate they are not the good friends they seem to be at those press conferences.

Dennis F. Poindexter books at Amazon

Terrorist Sentencing

In a press release today, the Department of Justice said two men, Sohiel Omar Kabir, 37, a naturalized U.S. citizen who was born in Afghanistan and  Ralph Deleon, 26, of Ontario, a lawful permanent resident and citizen of the Philippines were sentenced to 300 months  (25 years)  in federal prison for participating in plots to provide material support to terrorists and to kill American personnel in Afghanistan.  Two others pleaded guilty previously and these two went to court.  

Twenty-five years is a long time, even given the number of times parole is granted to people who commit crimes.  They will have to serve 12 or so before they can petition to get a parole hearning.  

This is one area where sentencing has caught up with the crime.  A young girl leaving home with the intent of joining ISIS got 4 years in prison for her intentions.  These guys were going to be killing Americans when they got to Afghanistan, so they deserved more time, but I'm not sure if 25 years is the right amount.  It is about what they would have gotten had they really killed someone.  If you are seeing any sympathy in that statement, forget it.  There is none.  They certainly would have, given the chance.  This way, they won't have the chance for several years.  By that time the 37-year old will be almost 49, assuming he will get parole.  If he serves the whole sentence, he will be 62.  There may be more than a few terrorists who are over 60, but they will slow down quite a bit by then.  

I have to give Justice its due in this area.  When someone lives here, becomes a citizen, and gets the benefits of our tolerance of divergent views, they owe us something in return.  They are allowed to have opinions about our Middle East policy.  They can send money to Islamic charaties that support a wide variety of people, some of whom are terrorists.  They can write articles about how oppressed the world's Muslims are.  They can stand on a street corner and tell anyone who passes by.  They can send out mailers in snail-mail or on e-mail that promotes their causes.  They can get bumper stickers made (although I must admit to never seeing one).  But, what they can't do is provide material support to a group of people trying to kill Americans.  For once, Justice is an apt name for what happens when you do.  

Can 85% of an Agency be Essential?

Part of the debate over funding of the Department of Homeland Security has revealed that 85% of Homeland  employees are considered essential and have to work, whether funding is there or not.  Having been a government employee I was always surprised to hear who was essential and who not when parts of government are shut down for brief periods.  We played this game only rarely, but once is enough for most people who don't get a paycheck during those intervals.  

I heard part of Jey Johnson's political speech yesterday, complete with a 50 or so people standing behind him on the platform, saying his people were so critical to the national security of the U.S.  Some certainly are important, but not 85% of the workforce.  No agency can claim 85% of its force is essential.  They haven't looked very closely at the composition of that workforce if they are saying that. 

DHS has more managers than any place I ever worked.  They can't all be essential.  They have more privacy advocates than any body of its size has ever had.  They had a raft of people who did oversight and management of functions I never heard of before coming there.  They had contractors doing most of the heavy lifting at Headquarters.  Maybe in Customs & Border Patrol, TSA,  and Secret Service more than most other agency personnel are essential, but even in those the 85% number seems excessive.  Outside of those, the numbers are certainly in need of review.  

You can read about how OPM decides who is essentijal at [ https://www.opm.gov/about-us/open-government/about-open-gov/opm-plan-for-the-suspension-of-operations-in-the-absence-of-appropriations.pdf ]  One of OPM's functions is to help people decide who might be essential, so many of the positions that are essential only because they help others make informed decisions.  Apparently, nobody from Homeland has contacted them yet.  

This is another manufactured crisis, made to look worse than it is for political purposes.  Yesterday we had the terrorist mall threat doing the same thing.  Put enough people together in a large agency and they have plently of time to invent these kinds of ploys and get them out to the press.  The people doing that are certainly not essential.  Start the review with them.  

Political Terrorism

We can view the Department of Homeland Security's recent terror warning about Al-Shabaab threatening to attack a mall in the U.S. as political terrorism.  It is no coincidence that Homeland's funding is at issue because Republicans have chosen it to attempt to overturn the Presidential Executive Order on Immigration.  What better way to get the population engaged, than to make a threat that Homeland can count on to get mother's who planned to go to the mall today, to think about the budget of Homeland.  This logic is a little thin, but it will work only if we believe the threat is real and Homeland can actually do anything about it.  It isn't going to hold up on that end either.

Over the years I have seen hundreds of reports about the potential attacks on U.S. agencies or centers made by people who were less than credible.  Some of them had giggling kids in the background, making it easy to rule them out.  Some of them were incredible in their structure, i.e. a nuclear bomb will be dropped on the Washington D.C. mall at 12 pm today.  When this comes in every day from the same phone number, it is easy enough to pass it onto local police.  I had one myself, sitting on a watch desk listening to a woman who was sure aliens had attacked cattle in her back yard and hung their carcasses in a tree.  She mentioned that they had attacked her last week with a electrical charge that penetrated her brain.  I thought there might be something to that one.

For those who might take this as a credible threat, you might read How big of a threat is Al-Shabaab to the United States? at CNN [http://edition.cnn.com/2015/02/22/opinion/bergen-al-shabaab-threat/index.html ] and watch the HBO special Terror at the Mall about the Al-Shahaab attack on a Nairobi mall.  They rarely attack outside Somalia, and then only in their African neighbors where they have not always been very successful.  The FBI doesn't seem to think it is very credible.  The Department of Homeland Security doesn't think it is either.  Yet the Director of Homeland said on TV yesterday that we "should be careful" before going to the mall.  Self-serving as it is, this is political terror.

It is political terror, occasioned by the budget of Homeland coming up at a time when the House and Senate are about to debate funding for his agency.  Homeland can find a threat any day that fits the description of an attack against somebody or something to make people think they should be careful.  It is the credibility of the threat and the timing that make this particular one bureaucratic terrorism.

When Hackers Don't Go Quietly

In today's Wall Street Journal is an interesting article about the difficulty of getting hackers out, once they are in.   [ Three Months Later, State Department Hasn’t Rooted Out Hackers ]  Danny Yadron reports that after three months, the hackers still haven't been removed from the State Department's unclassified e-mail systems.  Three months is a long time, and whatever excuses there may be for not getting this done, none will satisfy anyone who has ever had an incident like it.  Only senior managers who are working against a solution could allow this kind of thing to go on that long.  

Since the suspicion that the attack is coming from Russia, we don't need to wonder what the attackers would be interesting in. The Russians did the same thing in the Ukraine and several Eastern European countries, trying to find out who they could rely on and who they needed to isolate.  This is out and out intelligence collection.  The only difference is it is in a U.S. owned system that is supposed to be protected.  Who is doing security of the State Department's computer systems?  What is the damage assessment showing?  Why can't the agency get this corrected?  Why isn't Congress holding hearings on this right now?  It might be nice to hear some of those senior people try to explain how they could allow this to go on for such a long time and not have the fortitude to do what it takes to correct the problem.  

How did Peace Work for You?

All that "humanitarian aid" that went to the poor fighters in Ukraine did very little to stop the tanks, armored personnel carriers, and rocket launchers that the Russians pushed across the border.  Some of the Ukrainians were lucky to get out of the circling movement that nearly got them all killed.  They had to escape, die or be captured.  If this is how we see peace, it is sure an interesting idea that they Russians must be laughing at.   So, while the leaders of the free world twiddle their thumbs, the Ukraine lost almost a third of its territory, and it the Crimea is any example, they will never get it back.  

In case you are wondering where this is all going, it should not be a surprise, since the Russian propaganda machine has been talking about New Russia for over a year now.  This is the part of Ukraine that New Russia would include.  The Donetsk dot is where the front lines are now.  The Russians want no less than half of the territory of Ukraine.  

Cybersecurity Executive Order

http://www.whitehouse.gov/the-press-office/2015/02/13/executive-order-promoting-private-sector-cybersecurity-information-sharing

This is a rehash of every cyber initiative ever made by Homeland Security and does next to nothing that is new, bold, or even different than the soap opera leadership of Homeland Security in cyber.  

It calls for Homeland Security, the agency already responsible for coordinating industry-government information sharing, to step up creation of Information Sharing and Analysis Organizations (ISAOs) which have been around since I worked on the President's Critical Infrastructure Protection Committee, 10 years ago.  Nothing about them is new and Homeland allowed them to languish to the point of almost going out of existence under their bold management.  At one point there was only one still functioning.  They did almost nothing to get the kind of sharing legislation that was needed for liability protection, and did little to support those who did participate.  

The EO points to the National Cybersecurity and Communications Integration Center, which was a reconstructed coordination center that already existed in Homeland Security when it was built.  It duplicated everything the operations center did, but moved it out of the old building it was in, and shined it up.  It needed work, but that money could have been spent to do something productive instead of building another layer of "coordination" on top of all the rest that was already being done.  I once counted 24 coordination centers all doing cyber and don't think another one will help the other 24 coordinate anything.  

The Order mentions The Industrial Security Program (it was forgotten for years) and adds a line for Defense to coordinate with Homeland on the protection of classified information and to get clearances for those industry people that might need them.  They have been able to do this for years and certainly didn't need this order to do it again.  Second, the Industrial Security Program only protects classified information and we haven't had an incident yet where somebody said they lost classified information in a hack.  There is a mistaken belief that Defense goes out to contractors and helps them protect their computer systems from attack.  That isn't true and won't likely to be true until there is expertise enough in government to do that.  Don't hold your breath for that one.  

When the President needs a new initiative to backdrop a conference on Cybersecurity and Consumer Protection, he turns to his staff and says, "Get me an Executive Order to backdrop this speech."  The White House staff calls Homeland, and this is what we get.  Why didn't they look at this thing before they issued it?  

Industry Cybersecurity Plea to President Obama

In today's Wall Street Journal, there is full-page open letter by the National Retail Federation (NRF) asking the President to consider these legislative intiatives:

Federal Fraud Protection for debit cards

Pin and chip cards for Americans, which they call the "least protected consumers in the world."

Point-to-point encryption through the entire payment chain

Open, competitive tokenization standards to replace personal data

A single National data breach notification law

Law Enforcement legislation that would aid in the investigation and prosecution of criminals

One would think that the middle class orientation of the politicians in Washington would have produced this kind of legislation at some point in the long, long reign of President Obama.  It hasn't even produced a bill to facilitate exchange of threat and vulnerability information, which we might note was not asked for in this "open letter".  I should also point out that the standards for credit and debit cards are largely not developed by the government through legislation.  They come from the industry itself.  These are the same folks who dragged their feet on the implementation of pin and chip cards and finally decided that 4-digit pins were too hard for their customers to remember.  Congress can pass all the legislation it wants, but the industry, including the NRF would be better served to start protecting their customers and stop blaming Congress and the White House for the retail industry's inability to lead.  

Peace in Ukraine

Before anyone jumps for joy at the prospect of peace in the Ukraine, given the touchy-feely get together of the French, German and Russian leaders this week, remember the last time there was a peace accord that Putin was involved in.  The Russians say they don't have troops in Ukraine.  They say they can't control the forces attacking Ukraine.  The last time they got an agreement, the rebels claimed they weren't a party to it, as they are not in this one, and they didn't abide by it.  Fighting started almost immediately.  When that last peace was agreed to, the rebels held only two small areas of the country.  Take a look at the map now.  

By the 17th of February 2015, the Russians had already taken the rail center and were claiming victory.  They ignored the ceasefire.  They gobbled up territory and will likely begin to observe the peace, now that they have what they want.  The Germans and French have a new set of sanctions they are going to fire up to try to prevent the Russians from continuing in their adventure.  The sanctions have worked so well in the past, that we might wonder why they bother.  

Coordinating Cyber Security

In today's Politico, there is a story of woe for Congress which has to approve a lengthy and detailed budget.  In this case [ Lawmakers not briefed on White House cyber center http://www.politico.com/story/2015/02/white-house-cyber-center-lawmakers-115078.html#ixzz3RNYPxA00 ]  there is another "coordination center" being built for a Federal Agency when there are already many of them doing next to nothing to coordinate anything.  Every major agency already has a cyber center [ DHS has at least 2 ] that is supposed to coordinate threats and report incidents.  None of them do much of any value to organizations that detect and report to them.  The Feds would be better served to put the same resources into scanning, investigation and incident handling that works against attacks.  These are technical bodies that can do forensics and trace long-haul communications through their endless paths to government computers.  We don't need coordination centers.  

When we used to do analysis and event management, some of these agencies thought we were intruding on their missions.  One in particular did everything it could to have our operations shut down. They didnt do forensics, incident analysis, correlations, or anything of value, but they didn't want anyone else doing it either.  This is the way of coordination centers.  They coordinate but don't do much of anything of value to anyone.  It becomes obvious when someone else does.  

Before we fund any coordinatiion centers we should have a rule established which forces the agency establishing a new one to reduce their forces by the same number of people going into the new one.  The Defense Information Systems Agency (DISA) had a center where I worked, and managed to tear it apart and scatter it out over the rest of the agency.  Ten years later, I was in a high level Defense Department meeting where they asked for the exact number of people we had before they broke it up, and they wanted to do the same functions.  When I asked them what they did with the people who were in the center before, they looked completely surprised.  They didn't remember that they had the people and the organization before they broke it up.  The Assistant Secretary running the meeting said they would have to look at the request further before making a decision.  I doubt that it even slowed progress on establishment of another center.  

Why is Healthcare on the Internet?

The Anthem Blue Cross case is so big that we have to wonder why this much information of such a sensitive nature is accessible from the Internet.  There are some who believe the Internet is neutral and should be shared by almost anybody who can afford a connection.  This line assumes the Internet is good for anyone who uses it.  

There has always been a principle of security that says the more open an industry is, the more accessible it is to its users and the criminal elements that prey on it.  Changes to healthcare have pushed more doctor's offices to use the Internet.  Our records are automated and those doctors expect to be able to e-mail us with test results or questions about drug prescriptions.  At the same time, this Administration wants to regulate the Internet as if it were a public untility.  I think this approach needs to consider that the Internet is not a safe place to put certain types of data.  There are no policies that mandate the kind of security that would be necessary to try to do that.  

A case in point is encryption at rest.  The existing standards of healthcare do not require encryption at rest for medical data, but they do require "protection" for it.  This is government policy similar to what is required for unclassified information belonging to the government.  I worked for a company that used to send unencrypted data that belonged to the government over long-haul communications.  We pointed out to them that this kind of data had to be protected, but they said it was protected with passwords and intrusion monitoring.   They knew better, of course, but they did it anyway and nobody in government challenged them.  Besides, they said, it cost too much to encrypt data.  This same logic entered into the protection of privacy information on Anthem's systems.  

Like the credit and debit card systems, encryption is essential to protecting data from thieves.  We know there are millions of them on the Internet, so we need to protect that data from people who would steal it.  This is not something new;  they have been stealing data for 20 years or more and those managers have been making the same kinds of decisions about protecting it.  There is no penalty for taking risks with someone else's data that a business maintains.  We should ask HHS why they don't have a requirement for data encryption, and if they did what the penalty and enforcement mechanisms are that would oversee it.  Not only do managers make dubious risk decisions but the government  has no oversight of protection of this type of data.  We used to have an Industrial Security program that had oversight of some types of classified data.  Contractors could have their contracts stopped if it wasn't protected properly.  We don't even do that anymore.  

We can imagine that HHS has no oversight over how doctors protect our data, either privacy data or medical records.  They don't police themselves.  

Let me get reelected first

Current policy in Ukraine is reflected in a conversation between President Obama and then Premier Dimitri Medvedev in March 2012.  It was captured on an open microphone and explains more of U.S. behavior than any event since.  Here is the quote from a Washington Post article 

[  Caught on open mike, Obama tells Medvedev he needs ‘space’ on missile defense, 26 March 2012 ]  

" But in an unscripted moment picked up by camera crews, the American president was more blunt: Let me get reelected first, he said; then I’ll have a better chance of making something happen."  

Letting the Russians succeed in Ukraine, which is not part of NATO and was discouraged by the U.S. from entering, seems to be one of those things he was talking about.  Let's be friends after I am elected, was largely ignored by the U.S. electorate.  Now, it has come back to haunt them.  

We have to wonder what else was lumped into that deal.  Maybe that "humanitarian aid" that flows into the Ukraine, instead of the TOW missiles they need to defend themselves, was part of it.  

In an eloquent defense of the Administration policy given on 9 February, a spokesperson echoed the liberal defense of "We don't want to start a proxy war with Russia".  I'm trying to figure out where this logic entered into public discussion because it infers that any support for the Ukraine government is support for a proxy war with Russia.  Nothing could be further from the truth, and the Russians are fighting somebody in the east.  Who would that be?  Putin already said he could be in Kiev in 3 days, but he seems intent on not rushing.  Who is he fighting?  Who will the countries in the New Russia be? We certainly have to believe he is at war with someone and it is a proxy war of his own making.  The U.S. State Department still believes Russia is a friendly country where we can "make something happen".  

Stopping a Tank with MREs

The Obama Administration seems intent upon continuing to give "humanitarian aid" to the people of Ukraine, when what they need is weapons to hold their own against tanks and armored vehicles that the Russians have sent across the border into the fight.  We all know they can't beat the Russians, but retreat for them is giving up their homeland to an invading army.  Is that preferable to making it painful for the Russians to continue to push weapons and armed special forces into the area?  Apparently so.  

A fighter has a hard time with tanks and armored vehicles when he doesn't have weapons to stop them.  I wouldn't want to be in the position of shooting my 9mm at a tank and hoping for success.  There wouldn't be a second chance to assess the damage.  Humanitarian aid will not stop an armored vehicle, but might help patch a person up after he tries.  

China Hacking Again

When Anthem Blue Cross brought in Mandiant we should have known that China was involved in the theft of data, now put at something like 80 million records.  Mandiant's experience with Chinese hacking is well known in the industry.  The Chinese have stolen data on every aspect of the government civilian and government employee workforces, so there is little reason to see this as anything more than an extension of their past conduct.  They deny it.

The Chinese Embassy spokesperson says, "Chinese law prohibits cyber crimes of all forms."  We have laws that do the same, but they do very little to stop people from hacking.  The Chinese accuse those who speculate about attribution to the Chinese as "hasty", just as they have done in every case so far, including the one that made Madiant famous, drilling into a group of state-sponsored hackers.  Mandiant wasn't speculating in that case.  They had hard evidence, used by the Justice Department to indict some of those same people on the other end of this one, no doubt.  They live and work in China where they are not going to be extradicted because they work for the Army.

 

Today's Wall Street Journal says the data was not encrypted at rest, something not required for healthcare records.  We have to wonder why not.  That would be easy for an auditor to discover.    However smart we may be on automating records, we can't allow cost-benefit analyses slanted towards profits to push security controls down the budget priority.  Eighty million is a big number, but it probably doesn't reflect the real damage being done here.  The Chinese military knows a good bit about every member of the Armed Forces and their civilian support contractors.  We might be tempted to speculate about what they would do with that information if the time came for war.  They think big.  

Women's Rights

Ruth Bader Ginsburg was on CSpan yesterday and she has to be one of the smartest people around anywhere.  The narrator asked her a question and she talked for most of the rest of the time about the answer, with no notes and very little hesitation.  She was talking about women's rights.  

We sometimes forget that things have not always been the way we see them today.  She talked about three cases from the 60s and 70s that kind of took me back a little.  One concerned a woman who was being tried for killing her husband and could not get any women on the jury.  Women weren't on juries back then because they were seen as the center of the home and could not be taken away from those duties.  Somehow, even living through those times, I didn't know that women weren't on juries in Florida, or other places as well.  

She represented a man whoes wife had died in childbirth.  He went to the Social Security office and wanted to get spousal benefits to help raise the child and they told him "those are only for women" so he sued.  The Supreme Court eventually got the case, and hardly hesitated a step in overrulling the Social Security and lower courts.

But what got my attention the most was a question by a student who was going to go overseas to help with women's rights in the Middle East.  I think everyone there thought she would say, "Get out there and stir things up."  But, instead she said go there with the idea that you will study the local culture and understand how you can help women within the confines of that culture.  She said there have been a lot of constitutions written by people with no knowledge of the culture they are writing for and those are, inevitably, failures.  

It made me think about how we try to wage war in the Middle East against cultures who will never understand democracy and don't do well when they have it.  The Taliban are doing better at adminstering justice in Afghanistan than the courts there, and they are winning support for order and safety every day.  They will win eventually, again and we will have wasted a good bit of time and soldiers lives to prove that democracy is not a form of government that works in places like that.  The Taliban seems bent on keeping women from getting an education or being outdoors without being watched by a male relative.  In that part of the world, they are in the majority.  If Ginsburg is right, we can't change them;  we have to empower women to do it themselves, to the limits of the culture they live in.  It is worth thinking about.  

A Doctor's Right to Privacy?

There is an interesting sidelight to the Medicare data that allows investigators to find doctors who abuse the system runnning unnecessary tests and surgeries.  In today's Wall Street Journal, 

Christopher Stewart and John Carreyrou describe how the American Medical Association managed to keep records secret by auguring in court that the doctors right to privacy outweighed the public interest in determining how tax dollars were being spent.  Since a 1979 injunction, they were secret.  To the Wall Street Journal's credit they challenged this approach.    

So, in case we were wondering about why it took so long to discover that doctors were charging for more treatments in Florida than any other state, We can now identify who those doctors are and where that tax money was going.  I wondered how anyone could buy such an argument that a doctors right to privacy could outweigh the public right to such data.  

Worth reading is http://hr.cch.com/hld/FloridaMedicalAssociationvDeptofHealthEducationandWelfare.pdf

In 1977, payments of over $100,000 to a single doctor were made public.  The AMA and Florida Medical Association (FMA) objected that these disclosures violated the Freedom of Information Act, The Privacy Act, the Trade Secrets Act, the First, Fourth, Fifth and Fourteenth Amendments to the Constitution.  They asked that HHS be "preliminarily and permanently" enjoined from releasing the information.  An injunction, in one form or another, has been in effect since 1979, until reviewed and overturned. For awhile, it applied to release to law enforcement,until later modified.

In 2010 and 2011, the Wall Street Journal did a series of investigative reports showing the types of fraud that were undermining Medicare.  As a part of their investigation they sought relief from the injunction and went to court to get it.  In the end, they won, even though the HHS, AMA and FMA argued against them every step of the way.  HHS only conceded in small matters of law and we should wonder why the Federal Agency would back doctors over the public they are supposed to be supporting.  HHS is part of the problem and not part of the solution to the expansion of costs in heathcare.  The next time you pay your medical premiums, think about them.  

Stealing from Brokerage Houses

Just when you thought it was safe to handle your money by trading in the markets, we find the case of brokerage houses that transfer money based on the receipt of an e-mail, presumably with proper credentials.  Matthhias Rieker, in the Wall Street Journal [ Cybercriminals Target Brokers ] takes us down the path of thieves who steal money from unsuspecting or careless brokers who accept an e-mail and do wire transfers without verifying with the client first.  Many people have done wire transfers this way and thought nothing of it.  It won't be so easy in the future, because the targets have had to pay back the accounts for the fraud.

Banks and brokerages have wire transfer verification procedures and they get lax about following them when "they are sure" that e-mail came from you.  Anyone who has ever had a Viagra ad from one of his best friends knows better than to trust e-mail that comes from the ether of cyberspace.   Banks are relearning why they have those verfication procedures for amounts over a certain number.  Training programs have to be effective and tested to make sure every broker understands why they have them and use them.  It is amazing how easy it is to steal e-mails in bulk.  But, even more amazing is the willingness of a few people, who should know better, accepting them as proof the are legitimate requests.  It also does well to remind everyone that those brokerage accounts that just sit there for months at a time without being used, should be checked every week to be sure the money is still there.

U.S. Rethinking Policy in Ukraine

In today's Wall Street Journal, Philip Shishkin [Russian Obstinacy Prompts U.S. Rethink] , lays out how the U.S. has come to change it mind about helping the people in the Ukraine with weapons.  The White House has been dragging its feet on almost every effort to help them defend themselves, while relying on sanctions, which are clearly working, but not very fast for the Ukrainians in the east to live through them.  

Putin doesn't care about world opinion, and doesn't govern by poll numbers.  The U.S. National Security Team apparently argued that since Russia was militarily superior, no amount of aid would help stop them.  Where this rediculous view of this part of the world came from is not mentioned anywhere.  They must have noticed that Russia took Crimea from the Ukraine, and didn't look like stopping there. They must have noticed the flood of Russian soldiers and equipment rolling in from the east.  They are well docummented, even though the Russians deny it is happening.  How can they deny what is easily proven?  How can the U.S. and Europe ignore what is right in front of them?  

This is the same view that allowed the White House to say ISIS was just a little group of no consequence.  It is the same strategy that won't allow them to say that there is such a thing as Islamic terrorists.  They don't send anyone to the march for Charlie Hebdo, but reconsidered when the heat got too great for them.  We used to call this ping-pong diplomacy - bouncing back and forth on issues, always working from behind.  They better start concentrating on Putin's strategy to take back the area of fhe world called New Russia.  He hasn't waivered.  He puts muscle where he mouth is.  

The New Cyberwar:  Technology and the Redefinition of Warfare  http://www.mcfarlandbooks.com/book-2.php?id=978-0-7864-9843-7

Russia's Corrupt Leaders

Bill Browder has a new book, Red Notice, that is an interesting and revealing story about corruption of Russia at the highest levels.  It fits well with my story of the Russian oligarchs who are more mobsters than government or business leaders.  Red Notice is about making money in Russia and having it taken away, while the rest of the world looked on.  He says he was familiar with the 'prison yard rules' of Russian business - never show weakness.  He became an activist shareholder of Gazprom, the Russian oil giant, and it got him expelled and his lawyer murdered (Putin claims it was a heart attack).  Putin runs his government more like Al Capone ran Chicago than the way a world leader does.  

We might just say, "Well, it's his country and it is none of our business", but this government is run by the Federal Security Service and not by an elected government.  It would be like the CIA running the U.S. government.  Browder supports what Robert Gates brought out in Duty, that the Russians are not a democracy in any sense of the word.  Putin leads like he is still in the KGB (FSS).  Where it matters is in places like the Ukraine, where governments which are elected are trying to stop a dictator from taking over the region.  It is surrounded by Putin's grasp of Cyber and Information War.  He has laid out a plan and carries it out with the ruthless precision of a killer. See The New Cyberwar:  Technology and the Redefinition of Warfare, [  http://www.mcfarlandpub.com/book-2.php?id=978-0-7864-9843-7  ]