The Painful Truth About Snowden

July 19, 2015

Phineas Fahrquar:

Did Moscow sacrifice Edward Snowden to protect their moles within the NSA and other agencies? Fascinating history and speculation from Mr. Schindler.

Originally posted on The XX Committee:

Since the saga of Edward Snowden went public just over two years ago, I’ve had a lot to say in the media about this sensational case. That’s gotten me loads of push-back, not to mention trolling, but my take on the case — particularly that it’s a planned foreign intelligence operation that operates behind the cover of “freedom” and “civil liberties” — has increasingly become accepted by normals.

In the first place, that Snowden shows no sign of leaving Putin’s Russia, not exactly a bastion of liberty, has made all but his most uncritical defenders wonder what’s going on here. The clear damage that Snowden’s vast revelations have done to Western counterterrorism and security likewise has raised doubts about motives. And that’s not been helped by the fact that very few of Snowden’s purloined secrets have to do with NSA domestic operations. The overwhelming majority expose foreign intelligence activities that…

View original 2,863 more words


#ChinaHack: That does it. I want executions.

June 17, 2015
x

OPM network security specialist

This Ars Technica article about today’s House hearing on the Chinese hacking of almost the entire US government personnel database opens with a recounting of the deserved reaming the head of OPM and its CIO received from Chairman Chaffetz (R) and his committee. But, that was not the nut of the article. Oh, no. The crucial piece of information was buried in the next to last paragraph. See if you can spot it.

Some of the contractors that have helped OPM with managing internal data have had security issues of their own—including potentially giving foreign governments direct access to data long before the recent reported breaches. A consultant who did some work with a company contracted by OPM to manage personnel records for a number of agencies told Ars that he found the Unix systems administrator for the project “was in Argentina and his co-worker was physically located in the [People’s Republic of China]. Both had direct access to every row of data in every database: they were root. Another team that worked with these databases had at its head two team members with PRC passports. I know that because I challenged them personally and revoked their privileges. From my perspective, OPM compromised this information more than three years ago and my take on the current breach is ‘so what’s new?'”

Repeat after me: the Chinese (1) had frakking root access (2) to those databases!! That made them top-level administrators with access to everything. All the supposedly secure, classified data on every background check of every US employee investigated by OPM. And who knows what else they could do while they had access?

I’m almost speechless. To Hell with firing people: this is so weapons-grade stupid that only a firing squad will do.

Pour encourager les autres.

via CinnaminM and John Schindler

Footnotes:
(1) Please. Don’t even try to tell me a root-level administrator working in China was not -at the least- turned by Chinese intelligence, if not an active agent.
(2) See.


I was wrong: the #ChinaHack is indeed an espionage “Pearl Harbor”

June 17, 2015

Blown covers?

The other day I mildly disputed Jim Geraghty’s description of the break-in by the Chinese of the OPM’s database as a “cyber-Pearl Harbor.” After all, I offered, bad as the hack was (and it was bad), there was no destruction of an important national security asset, unlike the sinking of much of the Pacific Fleet by the Japanese back then. But I was wrong. I missed the smoking wreckage made of our espionage capabilities:

But there’s an even more serious aspect of this compromise: the threat it poses to American intelligence operations abroad, particularly to officers serving under various false identities, or “covers,” overseas. The Intelligence Community employs myriad cover mechanisms to protect the true identity of its spies posted outside the United States. Cover protects our officers and allows them to conduct their secret work without drawing as much attention to themselves. While many intelligence officers pose as diplomats, that is only one option, and some covers are deeper than others. Regardless, all espionage covers are based upon credible narratives that rely on plausible details. Through a process the Intelligence Community calls back-stopping, any officer’s cover needs to look real and check out if tested. Thus, an American spy who is posing as an oil executive, for instance, has to have a “legend” in that industry that bears that out. Think business cards, company websites, or a team of ersatz oil industry colleagues. Just as another intelligence officer who poses as a diplomat better have his or records in State Department systems, to look plausible.

And now the Chinese have their hands on a database (which may be for sale) that could allow them to sniff out whose bio is real and whose is a cover. To continue:

For American spies abroad, this can be a matter of life or death, and any personnel sent into countries where they could be targeted for kill or capture—which in the age of the Islamic State is a depressingly long list—need to be deeply concerned about how much the OPM breach has complicated, and perhaps threatened, their lives. How bad this is was explained by Joel Brenner, who from 2006 to 2009 served as the Intelligence Community’s top counterintelligence official. Describing the hack as “crown jewels material, a goldmine” for China, who Washington insiders believe is behind the theft, Brenner added: “This is not the end of American human intelligence, but it’s a significant blow.” The only good news in all this is that several of our big spy services like CIA and NSA don’t rely on outside agencies for security clearances. They do their own background investigations, while ninety percent of the Federal government relies on OPM. But that’s cold comfort since the CIA uses other federal agencies as cover so often. Besides, given the enormous extent of this compromise, which gets worse with each new revelation, many are wondering how much information the Chinese don’t have at this point.

Indeed. Remember all the security problems, potential and proven, pointed out regarding Obamacare? Anyone care to bet that those problems have been fixed and that someone hasn’t already riffled though the records of millions of applicants, or used Obamacare’s myriad connections network connections to other agencies to break in elsewhere? Add to that the Snowden operation, Bradley Manning’s data theft, the likely Russian hack of the White House (via the State Department), and you’re left wondering if anyone in the federal government has any real concern or even competence with data security.

More immediately, the Obama administration came into office proclaiming itself the most tech-savvy administration, ever. One would think they would be enraged, not just by these acts of war by China, but the gross, utter, bumbling incompetence displayed by their department heads. And yet, in spite of having been warned for years that the OPM servers were insecure, all they can do is offer free credit monitoring. No resignations. No firings. No consequences.

Except for our clandestine agents in the field.


Snowden is a Fraud

June 12, 2015

Phineas Fahrquar:

Dear Snowden fans, “We told ya so!.” The guy is no hero: far from it.

Originally posted on The XX Committee:

In the two years since the Edward Snowden saga went public, a handful of people who actually understand the Western signals intelligence system have tried to explain the many ways that the Snowden Operation has smeared NSA and its partners with salacious charges of criminality and abuse. I’ve been one of the public faces of what may be called the Snowden Truth movement, and finally there are signs that reality may be intruding on this debate.

No American ally was rocked harder by Snowden’s allegations than Germany, which has endured a bout of hysteria over charges that NSA was listening in on senior German officials, including Chancellor Angela Merkel. Although these stories included a good deal of bunkum from the start, they caused a firestorm in Germany, particularly the alleged spying on Merkel, which was termed Handygate by the media.

In response, Germany tasked Federal prosecutors with looking into the…

View original 964 more words


The OPM Hacking Scandal Just Got Worse

June 12, 2015

Phineas Fahrquar:

Jim Geraghty described this news a a “cyber-Pearl Harbor.” I’d quibble over the “Pearl Harbor” description, but that this is an almost-certain intelligence disaster (and I use that word deliberately) is doubtless. Think I’m wrong? Just read Mr. Schindler’s post analyzing the latest news.

Originally posted on The XX Committee:

The other day I explained in detail how the mega-hack of the Office of Personnel Management’s internal servers looks like a genuine disaster for the U.S. Government, a setback that will have long-lasting and painful counterintelligence consequences. In particular I explained what the four million Americans whose records have been purloined may be in for:

Whoever now holds OPM’s records possesses something like the Holy Grail from a CI perspective.  They can target Americans in their database for recruitment or influence. After all, they know their vices, every last one — the gambling habit, the inability to pay bills on time, the spats with former spouses, the taste for something sexual on the side (perhaps with someone of a different gender than your normal partner) — since all that is recorded in security clearance paperwork (to get an idea of how detailed this gets, you can see the form, called…

View original 781 more words


Never embarrass Vladimir Putin

March 6, 2015
"I won"

“Leave no witnesses”

Because you won’t get a second chance:

Russian secret services may have executed the troops suspected of shooting down Malaysian Airlines flight MH17, say sources involved in the investigation of the crash over eastern Ukraine.

The Dutch-led probe is leaning towards a conclusion that a BUK missile fired from rebel-held territory downed the Boeing 777, killing all 298 on board.

And it is highly likely the aircraft was shot out of the sky by Russian military personnel, according to a report by the Netherlands’ state broadcaster NOS, citing anonymous sources in the police and the group of investigators working on the probe into the plane’s loss.

‘My sources believe that these people might have changed their identities or even been executed by Russian secret service in order to hide everything,’ said Dutch journalist Robert Bas.

(…)

And they’re taking “active measures” to make sure they know what the investigators know:

Sources close to the investigation also complain they are under siege from persistent attempts by Russian secret services to hack their computer system and plant spyware software on their smartphones, reported NOS.

Phones and laptops used by investigators in Ukraine had to be ‘destroyed’ subsequently because they were infected with spyware, it was claimed.

Even home communications devices of police officers on the investigation were removed because they were ‘contaminated’, it was alleged.

Well, what else would you expect from a country run by an ex-KGB colonel who thinks the fall of the USSR is the great geopolitical catastrophe of the age?

This report shows again that, to use a baseball analogy, we’re dealing with a foe who plays hardball, while our leaders aren’t even playing softball. They’re playing Tee-ball.

Only this game has no “mercy rule.”

 


Snowden and Russian Intelligence: An Update

January 12, 2015

Phineas Fahrquar:

The latest on the “Snowden operation” from Mr. Schindler. Of most interest to me is the possibility/probability/certitude that Wikileaks cooperates with Russian intelligence, if it isn’t just a front.

Originally posted on The XX Committee:

Now that Ed Snowden has been in Russia for more than eighteen months, having settled into a cosy domestic arrangement with his stripper dancer girlfriend, his long-term presence in Putinistan has become a bit of an embarrassment to Ed’s admirers who possess any sense of honesty and/or decency. His sponsor and protector is a KGB thug who does smash-and-grabs against other countries, and for normals this is a tad incongruous with Snowden’s saintly status as a “human rights activist” without par.

However, rather than moderate their claims, the Snowden Operation has chosen to double-down. In a recent interview, the most famous of all NSA defectors stated, “They talk about Russia like it’s the worst place on earth. Russia’s great,” without clarifying who exactly “they” might be. Ed was at pains to make clear that he has not yet wound up the vodka-swilling basket-case that most Western defectors to Moscow…

View original 605 more words


Follow

Get every new post delivered to your Inbox.

Join 15,730 other followers