#ChinaHack: That does it. I want executions.

June 17, 2015
x

OPM network security specialist

This Ars Technica article about today’s House hearing on the Chinese hacking of almost the entire US government personnel database opens with a recounting of the deserved reaming the head of OPM and its CIO received from Chairman Chaffetz (R) and his committee. But, that was not the nut of the article. Oh, no. The crucial piece of information was buried in the next to last paragraph. See if you can spot it.

Some of the contractors that have helped OPM with managing internal data have had security issues of their own—including potentially giving foreign governments direct access to data long before the recent reported breaches. A consultant who did some work with a company contracted by OPM to manage personnel records for a number of agencies told Ars that he found the Unix systems administrator for the project “was in Argentina and his co-worker was physically located in the [People’s Republic of China]. Both had direct access to every row of data in every database: they were root. Another team that worked with these databases had at its head two team members with PRC passports. I know that because I challenged them personally and revoked their privileges. From my perspective, OPM compromised this information more than three years ago and my take on the current breach is ‘so what’s new?'”

Repeat after me: the Chinese (1) had frakking root access (2) to those databases!! That made them top-level administrators with access to everything. All the supposedly secure, classified data on every background check of every US employee investigated by OPM. And who knows what else they could do while they had access?

I’m almost speechless. To Hell with firing people: this is so weapons-grade stupid that only a firing squad will do.

Pour encourager les autres.

via CinnaminM and John Schindler

Footnotes:
(1) Please. Don’t even try to tell me a root-level administrator working in China was not -at the least- turned by Chinese intelligence, if not an active agent.
(2) See.


I was wrong: the #ChinaHack is indeed an espionage “Pearl Harbor”

June 17, 2015

Blown covers?

The other day I mildly disputed Jim Geraghty’s description of the break-in by the Chinese of the OPM’s database as a “cyber-Pearl Harbor.” After all, I offered, bad as the hack was (and it was bad), there was no destruction of an important national security asset, unlike the sinking of much of the Pacific Fleet by the Japanese back then. But I was wrong. I missed the smoking wreckage made of our espionage capabilities:

But there’s an even more serious aspect of this compromise: the threat it poses to American intelligence operations abroad, particularly to officers serving under various false identities, or “covers,” overseas. The Intelligence Community employs myriad cover mechanisms to protect the true identity of its spies posted outside the United States. Cover protects our officers and allows them to conduct their secret work without drawing as much attention to themselves. While many intelligence officers pose as diplomats, that is only one option, and some covers are deeper than others. Regardless, all espionage covers are based upon credible narratives that rely on plausible details. Through a process the Intelligence Community calls back-stopping, any officer’s cover needs to look real and check out if tested. Thus, an American spy who is posing as an oil executive, for instance, has to have a “legend” in that industry that bears that out. Think business cards, company websites, or a team of ersatz oil industry colleagues. Just as another intelligence officer who poses as a diplomat better have his or records in State Department systems, to look plausible.

And now the Chinese have their hands on a database (which may be for sale) that could allow them to sniff out whose bio is real and whose is a cover. To continue:

For American spies abroad, this can be a matter of life or death, and any personnel sent into countries where they could be targeted for kill or capture—which in the age of the Islamic State is a depressingly long list—need to be deeply concerned about how much the OPM breach has complicated, and perhaps threatened, their lives. How bad this is was explained by Joel Brenner, who from 2006 to 2009 served as the Intelligence Community’s top counterintelligence official. Describing the hack as “crown jewels material, a goldmine” for China, who Washington insiders believe is behind the theft, Brenner added: “This is not the end of American human intelligence, but it’s a significant blow.” The only good news in all this is that several of our big spy services like CIA and NSA don’t rely on outside agencies for security clearances. They do their own background investigations, while ninety percent of the Federal government relies on OPM. But that’s cold comfort since the CIA uses other federal agencies as cover so often. Besides, given the enormous extent of this compromise, which gets worse with each new revelation, many are wondering how much information the Chinese don’t have at this point.

Indeed. Remember all the security problems, potential and proven, pointed out regarding Obamacare? Anyone care to bet that those problems have been fixed and that someone hasn’t already riffled though the records of millions of applicants, or used Obamacare’s myriad connections network connections to other agencies to break in elsewhere? Add to that the Snowden operation, Bradley Manning’s data theft, the likely Russian hack of the White House (via the State Department), and you’re left wondering if anyone in the federal government has any real concern or even competence with data security.

More immediately, the Obama administration came into office proclaiming itself the most tech-savvy administration, ever. One would think they would be enraged, not just by these acts of war by China, but the gross, utter, bumbling incompetence displayed by their department heads. And yet, in spite of having been warned for years that the OPM servers were insecure, all they can do is offer free credit monitoring. No resignations. No firings. No consequences.

Except for our clandestine agents in the field.


ISIS camps in Mexico near Texas and New Mexico borders?

April 14, 2015
Seal of the new Caliphate

They’re here?

That’s the frightening report from Judicial Watch, an anti-corruption group that’s built a good reputation for forcing government departments to give up information they’d rather the public not see. This is a little out of their bailiwick, but nonetheless a cause for concern:

ISIS is operating a camp just a few miles from El Paso, Texas, according to Judicial Watch sources that include a Mexican Army field grade officer and a Mexican Federal Police Inspector.

The exact location where the terrorist group has established its base is around eight miles from the U.S. border in an area known as “Anapra” situated just west of Ciudad Juárez in the Mexican state of Chihuahua. Another ISIS cell to the west of Ciudad Juárez, in Puerto Palomas, targets the New Mexico towns of Columbus and Deming for easy access to the United States, the same knowledgeable sources confirm.

During the course of a joint operation last week, Mexican Army and federal law enforcement officials discovered documents in Arabic and Urdu, as well as “plans” of Fort Bliss – the sprawling military installation that houses the US Army’s 1st Armored Division. Muslim prayer rugs were recovered with the documents during the operation.

That ISIS would like to strike the United States is a given, and the choice of setting for these bases is a good one: Mexico has little control over this area (some would argue the narco-traficantes really run the border region), and the areas on the US side are understaffed for law enforcement, the terrain is hard to monitor, and the routes are already popular with human and drug smugglers, who I’m sure wouldn’t be averse to taking the caliphate’s cash. Once past the border, there’s a wealth of targets, from schools, to towns, to casinos in Vegas and military bases — a veritable smorgasbord for Muslims waging jihad fi sabil Allah.

It’s not as if this is a new threat, either. Representative Duncan Hunter claimed ISIS fighters were caught sneaking into the US some time last year. A Hizbullah network was broken up in Tijuana, just south of California, while jihadist groups are actively trying to gain converts among disaffected Mexicans. And that’s just in Mexico: Hizbullah is active in Venezuela and the border region between Brazil and Paraguay. It shouldn’t be at all surprising that ISIS would look to our southern border as an avenue of attack. We should only be wondering when we’ll be hit, not if.

Is ISIS staring at us from south of the Border? I don’t know, and it’s fair to point out that Judicial Watch’s sources are unidentified. But, given what we know about our enemies and their goals, it’s also all too plausible.

That’s a reason so many of us are border hawks: not so much illegal immigration per se, but who might be hiding among the immigrants.

via The Blaze


Iranian defector: US acting as Tehran’s advocates in nuclear negotiations

March 28, 2015
x

Such a deal…

I’ll admit to confirmation bias: I’ve suspected this all along —

In his television interview, Mr Mottaghi also gave succour to western critics of the proposed nuclear deal, which has seen the White House pursue a more conciliatory line with Tehran than some of America’s European allies in the negotiating team, comprising the five permanent members of the UN security council and Germany.

“The US negotiating team are mainly there to speak on Iran’s behalf with other members of the 5+1 countries and convince them of a deal,” he said.

Amir Hossein Mottaghi was a close aide to Iranian President Rouhani and ran his campaign’s public relations. He defected when he decided it was impossible to work as a real journalist anymore, rather than as a parrot for the regime. (1) So, he defected in Switzerland when he went their ostensibly to cover the negotiations. (2)

Defector reports are always to be taken with several grains of salt, since they have reason to say things their hosts want to hear, but this is credible to me, given the insane concessions we seem to be making.

It’s a strange thing when I find myself rooting for the failure of an American president’s diplomacy and his consequent embarrassment, but that’s the blunt truth. If Mottaghi is right, we’ve gone from appeasement to collusion against our own interests and those of our allies. This is shaping up to be a horrifically bad deal with potentially catastrophic consequences; the humiliation of Barack Obama to thwart it would be a small price to pay.

via Daniel Halper

Footnote:
(1) It took him this long to realize this?
(2) Good thing he didn’t defect at our embassy. Obama might have been tempted to return him to show our “good faith.” And I’m only half-joking.


Hillary Clinton used private email for her State Dept. business. *All* of it. Updated: More private accounts?

March 3, 2015

800px-Hillary_Clinton_official_Secretary_of_State_portrait_crop

Remember, peasants, the rules are for you to follow. For Our Betters In Washington (all bow), they’re only suggestions:

Hillary Rodham Clinton exclusively used a personal email account to conduct government business as secretary of state, State Department officials said, and may have violated federal requirements that officials’ correspondence be retained as part of the agency’s record.

Mrs. Clinton did not have a government email address during her four-year tenure at the State Department. Her aides took no actions to have her personal emails preserved on department servers at the time, as required by the Federal Records Act.

It was only two months ago, in response to a new State Department effort to comply with federal record-keeping practices, that Mrs. Clinton’s advisers reviewed tens of thousands of pages of her personal emails and decided which ones to turn over to the State Department. All told, 55,000 pages of emails were given to the department. Mrs. Clinton stepped down from the secretary’s post in early 2013.

I want you to consider that bold portion carefully: the Secretary of State was conducting all her official correspondence, including classified material (remember: “exclusively”), on a private email account. That would include not only correspondence with her aides and other departmental and government figures, but exchanges with foreign governments — governments in Moscow, Beijing, Jerusalem, Cairo, Berlin, London, Tokyo, Ouagadougou… you name it. If this article is correct, it was all on a private email system, which is notoriously insecure.

And yet it was her aides, no doubt including consigliere Cheryl Mills, who decided what would be turned over to State. (Did they have a shredding party?)

I’d say the arrogance is astonishing, but this is the Clintons we’re talking about. “Entitlement” is emblazoned on their family crest.

And it’s not as if Lady Macbeth or anyone she worked with didn’t know about these regulations; they’d be part of every orientation and, if you’re too important to attend the ethics orientation, you’d have an aide who knew the rules. So, she had to have known and thus knowing violated the FRA.

On top of that, anyone she corresponded with knew. Her aides, State employees, officers of other departments, the White House… Surely they noticed “clintonemail.com” in the send line? At least some among them had more brains than a turnip and realized she was using an insecure service.

Did no one say anything to her?

Don’t be silly.

Did foreign intelligence services or rogue hackers break into this account?

I’d be shocked if they hadn’t. And I hope to God Clinton was at least using high-grade encryption.

Oh, and I bet you can guess what the elephant in the living room is, can’t you? One word: Benghazi

As Ed Morrissey at Hot Air reminds us, it was odd that the investigating committees looking into the Benghazi massacre found so little in her departmental correspondence. Now we know why — it was all in a private account that was hidden from Congress. From the NYT article, again:

The existence of Mrs. Clinton’s personal email account was discovered by a House committee investigating the attack on the American Consulate in Benghazi as it sought correspondence between Mrs. Clinton and her aides about the attack.

Two weeks ago, the State Department, after reviewing Mrs. Clinton’s emails, provided the committee with about 300 emails — amounting to roughly 900 pages — about the Benghazi attacks.

Mrs. Clinton and the committee declined to comment on the contents of the emails or whether they will be made public.

The State Department, Ms. Psaki said, “has been proactively and consistently engaged in responding to the committee’s many requests in a timely manner, providing more than 40,000 pages of documents, scheduling more than 20 transcribed interviews and participating in several briefings and each of the committee’s hearings.”

Again, note the portion in bold. State turned over those emails to the committee (presumably Rep. Gowdy’s Select Committee) two weeks ago, but Clinton’s huscarls decided what State would get two months ago.

Oh, yeah. Sure. They included everything and anything related to Benghazi and Libya. You betcha.

One point to keep in mind: At least for emails to other government employees, those who received La Clintona’s messages should still have them, assuming they also weren’t on private accounts that have since been scrubbed. That means the Select Committee has a lot of work ahead of it to identify those recipients and subpoena copies of those mails. Have fun, Chairman Gowdy!

A last consideration: This has been a bad sennight or so for the Clintons. Revelations about the bribes questionable donations to the Clinton Foundation while Hillary Clinton was Secretary of State, now this news about her secret email account and continuing speculations about any other pants shoes to drop about Bill’s relationship with billionaire pedophile Jeffrey Epstein — all these bear on her judgement, competence, and honesty, her qualifications to be President.

And all this has come out in such succession that one has to wonder if someone with a trove of embarrassing information who also dislikes the Clintons hasn’t decided to drop dime after dime on her to sympathetic press outlets, MSM organs that would like to see someone else, someone more pure in her progressivism, as the Democratic nominee.

Who needs House of Cards when you have the Clinton’s providing the drama and intrigue?

PS: And before someone can say “the Bush people did it, too!”, sure, though some of the “scandals,” such as the US Attorney firings, were ginned-up nothing-burgers. However, none of these figures did their government business wholly on private accounts and none sent classified information over those accounts, as Hillary certainly had to have, since she used this account “exclusively.”

UPDATE: Per Congressman Gowdy, it appears that Hillary Clinton had more than one personal account.


Ben Sasse (R-NE) on the Iran negotiations: the administration is “explicitly tolerating a renegade nuclear program”

February 25, 2015

The junior senator from Nebraska nails it in this video. Unlike our administration, he seems to have a clear understanding of both the ramifications of Iran obtaining nuclear weapons and the Obama administration’s feckless, delusional approach. Well worth watching:

via Fred Fleitz, who writes:

Obama officials defend their approach to the nuclear talks because they claim a final deal will be subject to robust verification by IAEA inspectors. This argument is hard to take seriously since Iran has never fully cooperated with the IAEA and has specifically refused to cooperated with IAEA inspectors during the talks and cheated on the interim agreement which set up the talks.Moreover, yesterday’s revelations (if they are true) by the NCRI, an Iranian dissident group, that Iran has been operating a secret facility where it has been developing advanced uranium centrifuges and may be enriching uranium adds to the suspicion that Tehran cannot be trusted with any dual-use nuclear technology.

It’s a shame Senator Sasse isn’t leading the negotiations, rather the buffoonish John Kerry.


For the good of the nation, DHS Secretary Jeh Johnson should resign

February 19, 2015
Jeh Johnson

Jeh Johnson

It’s been tough to stomach the vacuous platitudes and the detached-from-all-reality prescriptions being offered at the White House’s three-day “summit” on “Countering Violent Extremism,” which is their latest laughable response to the threat from Islamic terrorism and jihad — though they’ll never use those words in a connected sense. It’s always an amorphous “violent extremism,” as if we should be just as worried about the threat from radical Presbyterians as much as the danger posed by Muslims waging jihad fi sabil Allah.

First there was the President’s own op-ed in the Los Angeles Times, in which, among other fatuities, he tells us we must deal with “legitimate grievances” that lead to “violent extremism,” perhaps meaning a Harf-ite jobs-for-jihadis program. I’m sure the fighters flocking to ISIS to burn people alive and buy sex slaves would lay down their arms if they only had a 9-5 with two weeks off.

Then there was Secretary of State Kerry’s blather about violent extremism and the need for unity and an “action agenda.” If anyone can find any intellectual substance behind his words, you’re a far better detective than I.

But those insults to our intelligence can be shrugged off as more of the mush that masquerades as a genuine foreign and national security policy in the administration. We’ve heard it all before, though it’s harder to take in such concentrated doses.

What can’t be shrugged off, however is a slanderous insult against the American people, especially when offered by the Secretary of the Department of Homeland Security. Speaking at the CVE summit, Secretary Jeh Johnson said:

[W]e in the administration and the government should give voice to the plight of Muslims living in this country and the discrimination that they face. And so I personally have committed to speak out about the situation that very often people in the Muslim community in this country face.

Excuse me? What “plight?” Considering the horror visited upon America on September 11th, 2001, Muslims in the US have been treated with remarkable restraint and even kindness, as many people went out of their way to show they weren’t holding them to blame for the massacre their co-religionists wrought. In fact, in the most recent figures available, the FBI reports that there are more than three-times as many hate-crimes against Jews as against Muslims.  (1)

Will Secretary Johnson “give voice” to the tragic plight of Jews in America, too?

Later in the same article, Power Line’s John Hinderaker writes:

This is simply insane. Does the Obama administration think that pleading guilty–falsely–to discriminating against Muslims is somehow going to pacify ISIS, al Qaeda, Hezbollah and the rest? And what, exactly, is the “plight” of American Muslims? How does it compare with the plight of Muslims who live in Syria, Iraq, Iran, Pakistan, Libya and elsewhere in the Islamic world?

Not to mention the plight of Christians and Jews who live in those places, to the extent there are any left. A funny thing about that: if, as Johnson assures us, “the Islamic faith is one about peace and brotherhood,” what, exactly, happened to all those Christians and Jews? The administration is delusional, but one constant, no matter the context, is its reflexive instinct to condemn America.

Like I said, it’s one thing for Obama and Kerry to spew nonsense; perhaps I’ve become jaded to their drivel, but Secretary Johnson is specifically charged with the protection of Americans in the American homeland. For him to abase himself before the conference attendees and lend credence to the Islamic victim narrative with false accusations against his own people is beyond excuse and renders him unfit for his office.

I’d say he should do the decent thing and resign, but I’ve long stopped expecting decency from the typical Obama appointee.

Footnote:
(1) The recent murders of three Muslims in North Carolina, which apologists from the president down to CAIR were quick to imply were rooted in “Islamophobia,” appear instead to have been the horrifying result of a dispute over parking. But even if they had been motivated by religion, they would have been among the strikingly few examples of anti-Islamic violence in the US.


Follow

Get every new post delivered to your Inbox.

Join 15,713 other followers