Digging Up a Spy

It would have been easy to miss the latest installment of the death investigation of Alexander Litninenko, which the Russians claim was suicide, because there has not been much press coverage of it in the U.S.  There should have been.  Mark White, SkyNews is one of many British reporters covering the story in London [see Litvinenko Killed 'After Second Poisoning' 30 July 2015].

Litvinenko was a spy at one time - for Russia.  Nobody is saying that is an honorable profession, or that turning himself into a defector who criticized Putin directly, made him a better person.  He might have been, but I have never been one to trust a person who defects.  But, that doesn’t mean killing him was justified. 

White says the inquiry indicates he was poisoned twice, with a radioactive substance, polonium 210, dropped into his tea at the Millennium hotel in London's Mayfair.  The second time, in 2006, being successful.  Ten years after the event, Scotland Yard says it was done by two accused citizens of Russia they would like at trial, Andrei Lugavoi and Dmitry Kovtun.   

It was probably not suicide because polonium is a rare substance that is hard to come by and not the first choice of most seeking their own death.  It took three weeks to kill him, and proves that radiation poisoning is really ugly.  The pain and loss of the ability to fight infection eventually makes the body susceptible to any kind of disease. It is kind of like your doctor saying, “You have stage 4 cancer and we can’t operate.  Get your affairs in order.”   It was the worst kind of death they could think of. 

This kind of case draws out the difference between a democracy and the kleptocracy in Russia.  They still operate like a Mafia family bent on protecting their reputation in the world of crime.  If somebody defects to another family, their chance at a long life is going to drop.  The British remind us of the willingness to murder a man on another government’s territory and give the man who did it a medal.  This is the kind of in-your-face diplomacy that we have come to expect from the Russians, especially in the Ukraine.  

Leader of Taliban Dead for 2 Years

We have an interesting story of the death of Mullah Omar, the supposed spiritual leader of the Taliban,  but it happened -according to the BBC- in 2013.  Officials in Afghanistan announced it this week. By now, it is old news.

His death occured in Pakistan, despite Pakistan's denial that he had been there.  If this sounds familiar, the death of Osama bin Laden occured in a similar place with the same kind of denials.  No wonder we didn't tell Pakistan that we noticed he was there.  There are more heros of he revolution in Pakistan, we just don't know how many and where they are.

This State Department Friend of ours has managed to hide terrorists of several kinds, but most certainly the Taliban who regularly killed U.S. soldiers, allied combat troops, girls going to school, people in markets shopping, and anyone who says they support the government in Afghanistan.  This is the same country that gave nuclear technology to half a dozen other countries, and started the ball rolling on Iran's nuclear weapons.  With friends like this, we certainly don't need more enemies.

China Singles out an Aerospace Company

So, we finally get a few more details about how things are going in regulating the sale of stock in China.  Not well.

The Wall Street Journal Markets section today [Chinese Regulator Probes Stock Sales] tells the story of the first investigations of senior leaders and those who hold 5% or more of stock in a company being investigated for selling off their stocks before losses in the market catch up with them.  In a free market economy we would call that good business, but the Chinese have been told they have to hang onto their stocks for the greater good.  This has a nice ring to it.  Jack Lew might try it when he gets done with the Iran Nuclear deal.  

The Journal puts it this way:  "AVIC Heibao Co., a manufacturing subsidiary of Aviation Industry Corp. of China, known as AVIC, said Wednesday that shareholders Jincheng Group and AVIC Investment Holdings had received notice of the investigation from the China Securities Regulatory Commission. The regulator didn’t disclose further details of the investigation.

In addition, AVIC Capital Co., AVIC Heibao’s trading arm, dismissed General Manager Yang Shengjun on Wednesday, after AVIC Capital told the Shanghai Stock Exchange that AVIC Heibao is being probed by the regulator for selling shares on Tuesday."  

These are undoubtedly firms that have benefited from the bailout the Chinese have been doing on stocks, and they are saying to their industry leaders that they can't sell to keep from losing money, nor presumably from making money if the stock rises on the state investments.  This is what state managaged comapnies really are in China.  When we say "state-managed or state-owned" we rarely stop to think about what that really means.  Their companies are not like ours.  

We might complain loudly about the benefits to a company from a government bailout like TARP, but the Chinese version is quite a bit different.  That would not be to the liking of most industry leaders who do business there, who are not getting bailed out.  

China Picks Stocks to Save

In the midst of a huge loss in the China markets, the government is exposing an interesting side to a government managed economy - picking winners and losers in a market propped up by the state.

China is experiencing losses in its market place where companies are state-owned or state-controlled. Up until now, they have been able to force banks to loan to companies that didn't have good value.  Eventually, the banks pay for that with bad loans and reduced stock value, but in this case, the government props them up with more cash - potentially, as much as $500 Billion.  

Stephen Roach, formerly of Morgan Stanley Asian said on CNBC today that "share dumping" has become an issue with the government and is being investigated.  Share dumping amounts to people selling off stock that is dropping, and we would encourage private investors to do that.  But, in the case of state-owned or managed companies, this kind of behavior is being discouraged.  Good luck with that.  Smart people bale out of that kind of stock or suffer the losses in silence.

Now, how do they pick winners and losers in an economy that is government controlled?  In the absence of any discussion by the leadership of the exchanges or monetary policy in China (a leadership which has said next to nothing), we can guess that the more senior the leadership involvement, the more likely the bailout will be.  That puts telecoms and the military in much better circumstances than the average business venture.

Why Stop Blaming China for OPM?

There have been several articles in different press outlets saying the White House is no longer pointing the finger at China on the OPM hack.  They are not blaming anyone else, just not mentioning OPM as a Chinese hack.  So, why could that be?

Ellen Nakashima, a writer for the Washington Post with good sources in cyber, says [U.S. decides against publicly blaming China for data hack, 21 July 2015]  it might be because the government is reluctant to reveal its sources for knowing it is China.  She also says they have not "engaged in any direct retaliation against China", which essentially allows them to get away with it.

Shane Harris at the DailyBeast [Team Obama Knows China Is Behind the OPM Hack. Why Won’t They Say So?, 20 July 2015]  said it is due to "sensitive international negotiations", and the matter of compromising sources and methods.  Both of these stories are indicative of why we have no deterrent capability against countries like Russia and China who seem to be able to rip off our secrets with impunity.

As I said in my previous note on testifying at the U.S. China Economic and Security Committee, the thrust of what was being discussed at that session led me to believe that the White House was looking for a treaty with China, similar to the one China did with Russia.  Given the history, this is a really bad idea.

I certainly hope this administration was not holding back on mentioning China because it was seeking a treaty, but you never know, given the willingness to engage in a dubious non-treaty with Iran over nuclear weapons.  It turns out that parts of that non-treaty were being worked out between Iran and the U.N. and neither side were releasing anything.  Part of that, according to our Secretary of State's testimony yesterday, was not discussed with the U.S. and barred U.S. inspectors from sites in Iran.  We got to see how well the U.N. works when the chemical weapons treaty with Syria managed to do almost nothing to stop Syria from developing new types of weapons and using them on their own people.

Cyber protection and deterrence is not going to be based on a treaty.  It has to be based on a credible retaliation strategy.  The Chinese have to believe that they will suffer consequences if they continue to hack the U.S. companies and government activities, like OPM.  So far, we have indicated to them that we have no strategy and we have no deterrent capability.   Dennis F. Poindexter books at Amazon 

Wisconsin's Radical Justice

Collin Levy has a great opinion piece in the Wall Street Journal today [The Wisconsin Targets Tell Their Story] that tells a tale that most anyone would believe took place in China or Russia.  In China, two weeks ago, several lawyers were rounded up by plain-clothes police who arrested them, without telling them what they were charged with, denying them legal council, then denying any opportunity to question the prosecution's witnesses.  The Russian FSB is cut from the same cloth, but slightly rougher and less tactful.  They have access to every e-mail, telephone call, and message a person gets through the Russian Internet, and have been known to use that in their business and personal interests as well as to support the politics of the Russian leadership.

Levy is talking about the John Doe cases brought by the Democrats, probing (blindly, it sounds like) among political friends of Scott Walker, a Republican.  Two of them claim armed police officers came to their houses, told people there they could not call a lawyer, and were to turn over "evidence" identified in an open-ended warrant for almost any communication between friends of Walker and a couple of political advisors.  One was a minor, advised to not call his parents.  They left with the evidence but never provided the warrant, nor a list of what was seized.  It was obvious to another that they had been reading his email before seizing it, because they knew what to ask for.  The Wisconsin Supreme Court ruled this behavior was 'unconstitutional' and 'unsupported in either reason or law', both things that can expose some of them to lawsuits - and they now let their lawyers speak for them. How ironic the application of the rule of law allows them a defense they would not allow their victims.

We might ask where our Justice Department was in all of this.  Is it OK in our current Justice Department to allow a state system of prosecution that borders on the techniques used in Nazi Germany?  If the same guys were stalking Democrats, would it have helped to get then involved?  This isn't about politics and even this admninistration should know better.  It isn't enough to sit back and watch when such a travesty of Justice is going on.  They should  be helping Wisconsin to change a system like this and prosecute the people who abused their prosecutorial discretion.

I interviewed a defector from a Communist country who came to the U.S. because he could tell people in this country were free.  He said they acted free.  They didn't have to look over their shoulder for a policeman or  censor just because they didn't agree with the way people in government thought they should think.  We had a revolution over that once.  The prosecutor in Wisconsin must have missed that part in law school.

Who Pays Out $42 Billion in Overpayments?

It was a shock to see the number of overpayments in one year of Medicare.  An article in the Wall Street Journal [ Report Cites Shortfalls in Medicare’s Screening Process for Doctors, July 22 ] says CMS admits to overpaying for services by at least that amount.  The GAO report the article cites says  22% of the addresses where these amounts are paid to are "potentially ineligible" and some of them were drop boxes where people rent an address.  Congressional hearings actually allowed CMS to try to explain how they could have done such a thing, but the answers are not very revealing.  Cite a specific and CMS will tell you why that example wasn't the best one, without revealing which ones were the best.

Government involvement in healthcare has turned out to be expensive for the taxpayers.  Nowhere else in any service could we say overpayments of this amount of money were just slight oversights, but that is what CMS is trying to say.  These are the same people who brought you the Website rollout that was mismanaged from beginning to end.  There will be enough fraud in that part alone to justify investigations for as long as the Republicans hold the leadership of the Committees.

There is no excuse for an error rate of 22% in any database, regardless of circumstance or justification.  There is no excuse for overpayment of 42 Billion dollars, some to those addresses.  Can you imagine a business overpaying by amounts like this?   Dennis F. Poindexter books at Amazon 

Prisoner Release Nov 1

Some people watch movies for a a large part of thier TV day, but I watch Congressional testimony.  In the Immigration hearings on Tuesday there was in interesting exchange with the Director of Homeland Security as to whether he knew that changes in the sentencing guidelines would cause the release of 10,000 prisoners, many of them illegal aliens, on the 1st of November.  He said he was aware of it and was working with the Justice Department (that would be the same people who changed the sentencing guidelines retroactively) to determine what should be done to make disposition of these people.  This was the first I had heard about this.  It was one thing for the President to release 46 prisoners before their sentences were up, but it quite another to release 10,000.  What idiot proposed that kind of thing?

Before Firings at OPM

A lot of people have, rightly, been calling for the head of Katherine Archuleta at OPM because of the handling of security of personnel security records.  Before the White House -which staunchly stands behind her - does anything it should consider how we got to this point and who is really at fault.  (She resigned the day after this was posted)  These are things that should be considered before she is forced out of her current job:

1.  She didn't move the personnel security records to OPM.  For all of my career those records were kept by the Defense Department and were considered so important when all together, they were classified.  Individual records were not, but the aggregation of them was.  In one of the more ironic "cost saving" measures the Feds have ever made, they were moved to a civil agency where security was never a priority.  Agencies like OPM are used to telling other agencies what to do, but not doing it themselves.  They were not even a large IT organization.  Move those records back to Defense, where there was never a problem with security.

2.  The CIO is responsible for security in every agency and the Director seldom has to get involved.  Where is the CIO in all of this?  If scapegoats are needed, she would be the first to go.  Directors are pretty busy and, if the truth were known, don't even care that much about IT, let alone security of their data.  I can't blame the Director without blaming the CIO for not making it clear that the problems identified in 2011-2014 were serious enough to warrant aggressive emergency action.  If she did, she hasn't said (she appeared but didn't testify at the hearings).  If she did tell the Director, and nothing was done, that is a different matter.  Maybe that is why she hasn't testified.

3.  Why wasn't more done when the first hacks occurred three years ago?  Archuleta rightly says she was not in OPM at the time this happened and did recognize the seriousness of what had occurred when she got there.  There is some tolerance for this defense in the government.  In my first Air Force assignment, we flunked our first Operational Readiness Inspection and heads were rolling.  The first question they asked was, "How long have you been here?"  When I said six weeks, they turned around and walked away.

4.  There was a call today for someone in the White House to take responsibility.  That would be Michael Daniel, whom I don't think was even questioned about the mess at OPM and he is the Cybersecurity Coordinator for the President.  Did he know about it?  There are plenty of other Federal hacks under his tenure there and very few policy changes that would be expected when so much goes wrong.  Most of my contemporaries couldn't even tell you who the Cybersecurity Coordinator was.

Firing people is not something the Federal government does very well or very often, mainly because the rules established by OPM are so difficult to follow.  Firing is hard.  You only have to look at the Veterans Administration to see how it was done there to get an idea of what is needed to be done in OPM.  It takes time to make it happen.

The records of 21 million people are already gone.  Firing may be an act of revenge for us, but revenge is better served cold than hot.  Many things were at the root of this problem and not all of them have been looked at.  We can't expect much from the White House on this because nobody wants to play with fire when so many voters were affected all at once.  Maybe we need to communicate our feelings in this matter so they understand the concerns are not going to go away.  Even half of the 21 million would make a loud noise.

Coincidences of Note

In the last 45 years, I can't remember a set of circumstances like those that stopped trading on the New York Stock Exchange and stopped United Airlines from handling their flying customers.  Both of these were said to be "glitches", a term which means nothing, but is a catchall that means some technical anomaly that is not immediately identifiable.  When I was younger, we called this "magic", which means the same thing, but lasts longer, because we never found out what caused some of those things.

I can't remember a time when two such anomalies occurred to two major businesses on the same day at almost the same time.  The possibilities for a cause to this kind of thing are not endless.

It could be that both of these places used the same kinds of hardware and software that were modified at the same time.  That does happen, but not usually with the consequence of disabling an entire network, let alone two.  We used to call these "self-inflicted denial of service" to express to senior managers how stupid the patching and maintenance of software had become.  What we are asked to believe is that these two services experienced the same set of conditions, by accident, on the same day.  This is kind of like getting struck by lightening and hitting the lottery on your way home from work.  It is possible, but unlikely.
The other possibility is one I like even less.  Both of these systems were attacked in a new way that defies attribution.  A new kind of attack that is delivered from inside the network, not detectable, and not repeated.  This is the kind of attack that should scare us.

There is never going to be "proof" of this kind of attack.  The error can be traced and will lead to a "logical conclusion" with blame being fixed somewhere on some manufacturer or service tech.  In my first book, I outlined what I considered the possibilities given the Chinese manufacture of so many of the components of our infrastructure.  Anytime an enemy has to be relied on for critical components, you run the risk of having something go wrong.  It can be an accident or it can be on purpose.  It is almost undetectable.  It is almost unattributable.  It is the perfect form of war.

For those who might believe this was coincidence, and that the website for the Wall Street Journal was a consequence of this coincidence, you will sleep better for that belief.  For the remainder who might be more skeptical, let’s look for another possibility.  One of those Made in China devices generated an attack, possibly timed or on command, that will make future incidents much less susceptible to detection and attribution.  If we find it, we won’t be making our own devices soon enough.

China's New Security Law

In Saturday’s New York Times, Edward Wong writes the Memo from China, “Security Law Suggests Beijing Is Broadening Its Definition of ‘Core Interests’  an interesting look at how the new national security law defines what is internal and external so we don’t confuse the two.  It is easy to do, when China sees Taiwan as an internal issue [ hexin liyi –“ a critical issue on which there is very little room, if any, for negotiation”].  Wong says there are three “sacrosanct rights of the nation:  maintaining the Communist Party rule, defending sovereignty rights, and economic development.  This is a big expansion of the term core interest, which used to be Taiwan, Tibet, and Xinjiang and puts the claimed land in the South China Sea clearly in  China’s interests to defend.

China is talking more like Russia every day, saying there are Chinese people in Macau, Hong Kong and Taiwan and they owe an obligation to the Chinese mainland.  It seems that obligation might include giving up their own sovereignty, something Taiwan is surely not going to do willingly.  Hong Kong seems to be able to maintain some semblance of independence in spite of attempts by China to bring its own officials to leadership roles there.  It hasn’t worked out as well as they thought it would.

When one of the core interests in maintaining the rule of the Communist Party, one has to wonder why it needed to be clearly stated when the Party still rules and there is little doubt of its authority.  A person’s job may depend on his place in the Party, a concept foreign to those of the Free World.  How independent can a business leader be when his  position exists at the pleasure of the Party?  Where this interest in the supremacy of the Party comes from is another question.  We aren’t talking about the rule of one party at the exclusion of another.  They are a one party system.  Why is so important to say that maintaining it is a core interest?  Maybe the technology of communications has finally caught up with them.  People are having a say in what they don’t like and introducing new ideas.  Maybe one of those ideas is a new way of governing.  They certainly would want to head that off because power sharing is not part of the empire that China has built.  We have to remember, now and again, they are not like us.