Sunday, June 7, 2015

Review: ‘The Great War of Our Time’ by Michael Morell with Bill Harlow | FBI File Shows Whitney Houston Blackmailed Over Lesbian Affair | Schiff, King call on Obama to be aggressive in cyberwar, after purported China hacking | The Iraqi Army No Longer Exists | Hacking Linked to China Exposes Millions of U.S. Workers | Was China Behind the Latest Hack Attack? I Don’t Think So - U.S. National Security and Military News Review - Cyberwarfare, Cybercrimes and Cybersecurity - News Review

FBI File Shows Whitney Houston Blackmailed Over Lesbian Affair |


Schiff, King call on Obama to be aggressive in cyberwar, after purported China hacking |






Review: ‘The Great War of Our Time’ by Michael Morell with Bill Harlow

1 Share
This undated file image posted by the Raqqa Media Center, in Islamic State group-held territory, on Wednesday, Aug. 27, 2014, which has been verified and is consistent with other AP reporting, fighters of the Islamic State wave the group's flag from a damaged display of a government fighter jet following the battle for the Tabqa air base, in Raqqa, Syria
This undated file image posted by the Raqqa Media Center shows fighters of the Islamic State wave the group's flag from a damaged display of a government fighter jet following the battle in Raqqa, Syria / AP
Michael Morell’s insightful new book, The Great War of Our Time: The CIA’s Fight Against Terrorism,describes how the Central Intelligence Agency was the organization perhaps most affected by the rise of jihadist extremism following the terrorist attacks of September 11, 2001.
Serving as a presidential briefer and subsequently as deputy CIA director, Morell is well placed to discuss the challenges, opportunities, and frustrations the Agency faced in confronting terrorism. Much of the first half of the book does so competently.
Readers are given an inside look and riveting account of the hours after the 9/11 attacks when he was with President George W. Bush as the president received news of the attacks. Morell was a witness to history at that moment and describes those events in admirable detail.
That leads into a broader description of the ways in which the CIA was transformed into a paramilitary extension of U.S. counterterrorism policy, a major shift from its traditional focus on the collection and analysis of foreign intelligence. “9/11 changed CIA more than any other single event during my time at the Agency,” Morrell writes.
Along the way the reader is offered glimpses of senior officials who shaped this policy, beginning with Presidents Bush and Obama, both of whom apparently appreciated Morell’s work and are mostly praised by him.
Not everyone gets off so easily. Vice President Cheney and his staff are accused of attempting to politicize intelligence reporting on Iraq—an ironic charge, given that Morell admits the reputedly objective CIA analysts harbored their own biases (which he describes as “rampant”) against the Iraq invasion.
Sens. John McCain (R., Ariz.) and Lindsey Graham (R., S.C.) are charged with impugning Morell’s integrity while Porter Goss, the CIA director appointed by George Bush, is said to have given his aides “too much authority and they mismanaged the place.” By contrast, he offers effusive praise for directors Panetta, Hayden, and Petraeus.
Readers may place those criticisms within the context that since leaving government service Morell has joined as senior counselor Beacon Global Strategies, a consulting firm co-founded by Phillippe Reines, a close associate of Hillary Clinton who also worked for Clinton in the State Department.
On a range of critical issues Morell is painstakingly honest. This stands in sharp contrast to colleagues such as John McLaughlin, another former deputy director, an unvarnished apologist for the Agency’s analytic and operational work on terrorism. Morell’s candor is refreshing and adds to the book’s credibility.
For example, he writes of the CIA’s Middle East assessments that “analysts for that region frequently produced pieces that did not advance the president’s thinking.” Unfortunately, he never comes to grips with the reasons behind these failures, how poor analysis undermines policy maker confidence in CIA’s work, or if any remedial actions were put in place.
Along the way there are useful insights on a bureaucratic process that drives, and at times slows and confounds, the government’s counterterrorism policy. Relations between CIA and the post-9/11 established Office of the Director for National Intelligence (DNI) are characterized as “tense” because of perceived overlapping missions and inevitable suspicions and jealousies.
The idea of bureaucratic rivalries in Washington is hardly groundbreaking, but Morell speaks to this issue from an important vantage point. Again, one wishes he would offer insights into how the problems inherent in that relationship could be improved or what organizational fixes should be considered.
In Morell’s view there also are times when the national interest triumphed over petty bureaucratic machinations. He is generous—and rightly so—in praising the dedication and skills of Agency overseas personnel and counterparts in the Department of Defense Special Forces community, demonstrating that cooperation between bureaucracies is possible as well as essential for advancing U.S. interests.
Much of the second half of the book takes on a different, more defensive tone. He describes a policy process that too often is toxic, driven in Morell’s view by a desire on the part of many to “score political points” rather than advance the national interest.
Perhaps for this reason Morell becomes consumed with defending himself primarily and the Agency secondarily from charges related to the 2012 Benghazi attack, which resulted in the death of Ambassador Chris Stevens and three other Americans. He proceeds on a lengthy and at times tedious recounting of wrangling with some in Congress over those events, even advising the reader in advance to skip that chapter if so desired. Beyond satisfying Morell’s interests or those of his colleagues, it’s difficult to see how that discussion informs or benefits the reader.
If this is an error of commission, there is at least one of omission. Morell discusses the events in 2010-2011 that came to be known as the Arab Spring. He focuses on how al Qaeda benefited from the dramatic political upheavals in Tunisia, Egypt, and Syria.
That was an important development but Morell then stands silent on the far broader implications of the Arab Spring for the remaking of the Middle East and the still emerging sea change for U.S. interests.
Nonetheless, this and other shortfalls should not detract from the book’s core message. The rise of international terrorist organizations has become a dominant national security concern and the CIA’s important role in confronting it is placed in proper context by Morell’s highly readable book.
This is not a book on grand strategy and readers should look elsewhere if that’s what they want. Rather, Morell gives us a look at Washington’s bureaucratic battles—and occasional victories—in fighting terrorism that appear as chaotic and unpleasant in their own way as those in the Middle East.
Read the whole story
 
· · · · ·

Obama Faces Challenges Forging Unity With Europeans Over Russia Sanctions At G7 2015

1 Share
President Obama is expected to push world leaders to present a united front on maintaining sanctions against Russia when he attends the G7 Summit in Germany today. He faces challenges, however, in shoring up support from allies unsure about the efficacy of the sanctions regime, and in smoothing over anger at U.S. spying in Europe.
Obama faces increasing public hostility toward the U.S. in Germany, fueled by revelations that the NSA had tapped Chancellor Angela Merkel's phone, and that the country's intelligence service, the BND, had helped the U.S. spy on European companies, including German giant Siemens AG, and officials for years.
“While we tend to view a lot of the impact of the NSA revelations in Europe as subsided, they have not subsided in Germany,” Heather Conley, the director of the Europe Program at the Center for Strategic and International Studies in Washington, told the Guardian. “This issue is being used in multiple ways to increase, I think, anti-Americanism in Germany and to weaken the chancellor.”
While Obama and Merkel reportedly have a good personal relationship, both have acknowledged the effect the spying revelations have had on relations between the two countries. In a bid to put the affair behind them, the pair plan to open his visit to Germany with a public display of friendliness, delivering remarks about the U.S.-German alliance before taking a walk through the picturesque alpine village of Krün, the paper added.
Problems with Germany aside, Obama must also contend with a wider unease among some of his European allies that the sanctions regime targeting Russia has failed to significantly alter the country's policy.
Despite the clear toll the sanctions, along with the drop in oil prices, have taken on the Russian economy, they have not forced President Vladimir Putin to give up his designs on Ukraine or to surrender Crimea. Some analysts, cited by the New York Times, believe Putin is playing a waiting game on the assumption that he can outlast Euro-American solidarity, raising concerns about the efficacy of the sanctions policy.
Earlier this year, Italy's foreign minister called for sanctions against Russia to be lifted, and Spain and Italy both refused to reach an early agreement to extend the sanctions regime earlier this year, citing fears that such a move would undermine peace negotiations.
Despite the bloc's solidarity in deciding to exclude Putin and Russia from the G7 (formerly G8) last year, Obama may struggle to marshal that kind of unity again.
Read the whole story
 
· ·

Norway Commits to NATO Missile Defense System / Sputnik International

1 Share
Europe
Get short URL
Norwegian Prime Minister Erna Solberg pledged that Norway will increase its military spending in line with NATO policy, and also contribute to the NATO missile defense system, after a meeting with NATO Secretary General Jens Stoltenberg on Friday.
"It is necessary for us to contribute to this," Solberg told a press conference on Friday following the meeting.
"As a committed NATO member, we should also be committed to that part of the strategy."
"We have to go through this and look at what our contribution should be."
The NATO Missile Defense System comprises radar equipment and missile interceptors which have already been deployed to Poland, Romania, Spain, Turkey and the Czech Republic. The US has deployed three of its four US Navy ballistic missile defense destroyers to Europe; it sees them as a key component of the missile defense shield.
At a previous meeting between Solberg and Stoltenberg in January, NATO's Secretary General said all members had to meet the two percent GDP target for military spending:
"There is an obligation for all NATO countries to follow up the decisions we make together. This also applies to the two percent target adopted in Wales in autumn 2014," Stoltenberg told the press after the meeting. 
According to calculations from Norway's Defense Research Institute [FFI], meeting the two percent target requires another 17 billion kroner [$2.14 billion], in addition to this year's defense budget of 40 billion kroner in order to meet NATO's two percent target this year. 
Norway's defense budget for 2015 is 1.43 percent of GDP; the FFI calculated that growth in defense spending of 4.4 percent each year is required for ten years in order to reach the NATO target. Defense Ministers who spoke to Norway's VG Nyheter newspaper said they thought it unlikely the target will be met by 2025.
When asked if she thought the target would be reached while she is in office, Prime Minister Solberg, who took office in October 2013, replied that the aim would not be met:
"I think anyone who knows the Norwegian budget, knows that that's not possible. One way to achieve that goal would be if GDP didn't grow, but that's not our strategy," said the PM.
Of the 28 members of the NATO alliance, only the UK, Poland, Estonia and Greece have joined the US in spending more than two percent of GDP on their defense. The US spends 3.5 percent of GDP on defense. 
Read the whole story
 
· ·

What Can We Learn From The Largest US Government Data Theft?

1 Share
This week, hackers, allegedly from China, infiltrated US government computers and stole the personal records of as many as four million people in one of the most far-reaching breaches of government computers.
The FBI is probing the breach, the origins of which date back as far as April. The Office of Personnel Management that was targeted is basically the personnel department of the US government, and holds valuable information on government employees including background checks, pension information and other payroll data.
What sounds like an uninteresting target is, in fact, a high value one. Several government officials have already described the breach as among the largest known thefts of US government data in history.
So what can we learn from this hack? Here’s what workers in the tech industry had to say:
Nick Wilding, AXELOS head of cyber resilience
“This is another example of the new world all organisations now operate in. One where your most precious information and assets are being attacked and compromised on a regular basis. All organisations now need to accept that successful attacks will happen. They need to plan and test how they can become more resilient and be able to respond and recover quickly in the best interests of their customers, staff and citizens.”
threat detectionAdrian Davis, (ISC)² EMEA managing director
“IT is now embedded in almost every aspect of business as well as our personal lives. It’s becoming increasingly important to limit cyber threats by designing and building IT systems with security in mind. Worryingly, I suspect that we will continue to see worldwide stories like this for some time, as many organisations are still highly reliant on systems that haven’t been built with security considerations. Right now, we need to improve detection and reaction measures concerning breaches much more quickly. In the longer term, cybersecurity needs to be integrated into mainstream education before we will begin to see a real change. Society is getting there with this realisation, however criminals and malicious actors are still coming out ahead. Swift action must be taken in order to surpass their efforts.”
Tony Berning, senior manager at OPSWAT
“Unfortunately the federal government breach underlines the fact that current cyber security defences are not sophisticated enough to prevent infiltration. For high security and classified networks it is important to secure the data flow by deploying one-way security gateways and ensuring that no information can leave the network. In addition, to ensure the highest protection against known and unknown threats, multi-scanning with multiple anti-malware engines should be deployed, leveraging the power of the different detection algorithms and heuristics of each engine, and greatly increasing the detection rate of threats and outbreaks.”
Tom Court, cyber crime researcher, Alert Logic
“Attacks against high profile targets such as this require the adversary to possess the means, a motive and be given an opportunity to strike. In this case the attacker was a group of skilled hackers who had previously demonstrated they had the means by launching a similar attack against the same target in March last year. The motive is clear and should be a red flag to all organisations that hold large amounts of personal data. This information is fast becoming a currency that cyber criminals trade in and should be treated with the same degree of care as financial data. A large organisation with potential IT and security budget constraints presents an opportunity to would-be attackers. Nevertheless, once additional expertise was brought in, the breach was quickly discovered and remediated. This underlines the importance of continuous network monitoring to uncover anomalies before they become headlines.”
Speed - Olivier Le MoalDan Waddell, CISSP, CAP, (ISC)² managing director, National Capital Region
Today, cybersecurity is all about speed. In this case, it is reported that there was an initial breach of a high-value target in December 2014, with detection occurring in April 2015. That is way too much time in between. We should be talking about the time from breach to detection to mitigation in terms of hours or days vs. weeks or months. When these types of breaches occur, I encourage the agency or organisation to release information to the affected users as quickly as possible to help them get a better idea of the scope of the breach – what type of data was leaked, how much, etc. In the meantime, I would recommend all former and current employees and customers monitor their financial accounts and credit reports for any suspicious activity.
Grayson Milbourne, security intelligence director at Webroot
“Although details are still coming in, we do know very sensitive data is involved and the attack may have gone on for a prolonged period of time. Until we can understand what level of data access was achieved, we won’t know the full impact. But, based on the characteristics of the attack, it’s likely the perpetrator was a nation-state.
“Clearly, the government’s approach to cybersecurity needs to be reformed, prioritized and accelerated. That the breach might have been carried out by the Chinese does not absolve the OPM of blame. The issue here is the government’s technological failings and what it should be doing to prevent future attacks.”
Sergio Galindo, general manager of GFI Software
“It’s very easy to immediately point the finger at a foreign power like China or activity group when a hack of this magnitude takes place, but let’s not lose sight of the bigger issue, which is that there was a failing or vulnerability in the first place within the systems that were hacked, which was not identified by the IT staff responsible for monitoring those systems. It also raises questions about the effectiveness of the EINSTEIN intrusion detection system, a security platform that has been largely discredited as a result of its failure to spot or stop this incident. As is often the case, these hacks come about as a result of lax IT management and maintenance and a breakdown in security procedures. These are also the areas that are easier to fix than going after the perpetrators – given that hackers as usually as good at covering their tracks as they are in instigating the hack in the first place.
“Government IT systems, including many of the ones found in departments such as Justice, the DoD, Treasury, Homeland Security, Energy and so on can be quite old – a mixture of not wanting to junk perfectly functional systems that do their day-to-day job well, not wanting to write-off the cost of expensive and custom software written for older systems that took years to build, plus the impact of austerity cuts that are driving both public and private sector bodies to sweat their IT assets for far longer than normal in order to cut costs and work within lower budget limits. All of these potentially increase the likelihood that a hacker might exploit an older, insecure and unsupported system in order to gain access and execute a substantial data theft or other disruptive hacking activity.
“There’s not a lot we can do about the external threat, what we can do is identify the weakness internally and actually do something to shut that weakness down so it can’t be exploited again, and then work on hardening IT systems internally, as well as providing better training and skills development for IT staff so we can head-off new attacks in the future. It’s a cheaper, more realistic and more practical approach that will deliver far more results than focusing all the efforts on chasing down anonymous hackers who are already in the wind.”
data security breachPaul McEvatt, lead security specialist and cyber consultant UKI at Fujitsu
“This data breach highlights, once again, that we are now facing a very real cyber threat impacting the most secure of organisations. The intention to target personal data highlights the value this has to adversaries. Records of four million US government employees have reportedly been compromised and highlights that it is no longer just about prevention, but instead accepting a data breach could occur and the importance of ‘depth in defence’ in a strong security posture.
“According to research from Fujitsu, only 9% of UK consumers believe organisations are doing enough to protect their data with a third admitting that their trust has declined in the last 12 months.
“It’s vital organisations move to a proactive approach focusing on the integration of threat intelligence and other information sources to provide the context necessary to deal with today’s advanced cyber threats. Implementing a strong security education programme underpinned by a robust security framework would allow companies to get on the front foot in combating these types of threats.”
Chris McIntosh, CEO ViaSat UK
“This latest incident shows how cyber-attack is cementing itself as a form of unconventional warfare. Rather than guerrilla raids or sabotage, the greatest threat to governments and other organisations comes increasingly not from the physical world, but from the virtual. However, cyber-attack is unique in both its reach and its ease of use. Unlike other forms of warfare, unconventional or not, it requires relatively few resources and can be performed from anywhere, and almost by anyone. As a result, an attack of some sort will be almost inevitable. Mitigating the effects is, therefore, just as important as prevention.
“The best way for organisations to do this is to assume that their security has already been compromised. Security then becomes a matter of minimising, and where possible eliminating, damage caused by attacks. Encrypting sensitive data, so that even if stolen it is essentially useless to attackers, is one step that should by this point be compulsory. The ability to isolate potentially infected systems is another. However, organisations of any size should ensure they take an all-encompassing approach to security to prevent the risk of serious damage.”
Piers Wilson, product manager, Huntsman Security
“While the exact identity of the US’s latest attacker may never be 100% confirmed, an attack on this scale by a well funded and skilled adversary (such as a foreign power) should not come as a surprise at this point. From ongoing attacks within Europe, to Stuxnet, to the US’s own alleged attacks against North Korea, cyber-attack is firmly entrenched as a 21st century battlefield. However, organisations shouldn’t think that such attacks are only focused on governments and their networks and systems. Like any attacker, a government will attack any target that can benefit it; from opposing nations, to their critical infrastructure, to businesses that it can sabotage or steal valuable information from. What this attack has again shown is that high value, sensitive data (such as employee/HR records) can be at risk as well as valuable intellectual property and other business information.
“Enterprises must be able to detect and triage increasingly sophisticated and well-funded attacks. Since there is no way of predicting where the next attack will come from, and what form it will take, being able to detect evidence of a breach and react in order to contain the threat in the shortest time possible will be critical. Whether an attack comes from a newly discovered virus, a previously unknown vulnerability, or the actions of an employee, the enterprise has to be prepared to spot potentially dangerous behaviour.”
Gavin Millard, technical director of Tenable Network Security
“The UK Government has been aware of the risks associated with the huge amounts of data held on employees by themselves and external agencies for some time. They have been pushing an approach of reducing the risk of loss by focusing on foundational controls through their Cyber Essentials program, which is already having an impact with many external recruitment agencies gaining certification to enable them to place candidates.
“Cyber Essentials, although simple by design, should enable organisations to drive security improvement through businesses that haven’t historically taken data loss as seriously as they should. Good cyber hygiene – through ensuring vulnerable systems are identified and patched in a timely manner, systems are configured to be secure, user and network access controls are sound and finally malware defence is deployed and up to date, will reduce the risk of data loss.”
FBI analystJames Maude, security engineer at endpoint security software firm Avecto
“Although we don’t have all the details yet it is possible that 4]four million current and former employees’ records have been compromised. The FBI have launched an investigation with the focus appearing to be on China following a thwarted attempt to steal files relating to employees with top secret levels of clearance last year that was traced back to the region.
“These recent attacks show just how serious the consequences of cyber-attacks can be, it is not just an attack on an organisation but can impact individuals. Federal employees will be especially concerned as OPM will store highly detailed information that would be more than enough to identify someone, compromise their identity or monitor them.
“Sadly, this attack is not a unique event with organisations across the globe being hit by data breaches on an hourly basis. What is often clear in these attacks is that most current defences are not sufficient to deal with the attacks. Many still rely on signature based detection to identify the known bad, an idea that is fundamentally flawed and unable to keep up with the volume of attacks. Another big problem is over privileged users, in Government this is often referred to as ‘the Snowdon problem’ where users are given wide reaching powers and access with little or no oversight. When threats cannot be identified and users can access too much you create the perfect environment for a data breach.
“It is time for organisations to start to rethink security and become proactive. The focus needs to shift from blame and attribution to a more productive environment of evolving defences and becoming proactive in defence. Security is a journey, not a destination and pointing the finger of blame does nothing to move your own security further down this road.”
Mark Bower, global director, HP Security Voltage
“Theft of personal and demographic data allows one of the most effective secondary attacks to be mounted: direct spear-phishing to yield access to deeper system access, via credentials or malware thus accessing more sensitive data repositories as a consequence. These attacks, now common, bypass of classic perimeter defenses and data-at-rest security and can only realistically be neutralised with more contemporary data-centric security technologies adopted already by the leaders on the private sector. Detection is too late. Prevention is possible today through data de-identification technology. So why is this attack significant? Beyond spear-phishing, knowing detailed personal information past and present creates possible cross-agency attacks given job history data appears to be in the mix. Thus, its likely this attack is less about money, but more about gaining deeper access to other systems and agencies which might even be defence or military data, future economic strategy data, foreign political strategy, and sensitive assets of interest at a nation-state level for insight, influence and intellectual property theft.”
How much do you know about hacking? Take our quiz!
Read the whole story
 
· · · · · · · · · · · ·

Merkel seen as key to Obama’s success at G-7

1 Share

President Obama and German Chancellor Angela Merkel arrive for a group photograph at the Group of Seven summit on June 7 near Garmisch-Partenkirchen, Germany. (Carl Court/Getty Images)
KRUN, Germany — Before he sat down with the leaders of the seven largest industrialized democracies here Sunday, President Obama met with German Chancellor Angela Merkel, a sign of how important their sometimes strained relationship has become to his presidency.
Obama toured a small Bavarian village with the German chancellor, and he kept the mood light. The president praised the alphorn music that greeted his arrival, drank a beer and joked about needing some lederhosen. Then the two leaders discussed for about 45 minutes some of the thorniest and most important foreign policy problems Obama is facing in the fourth quarter of his presidency.
The list Sunday included the financial crisis in Greece, sanctions designed to punish Russia for its aggression in Ukraine and two issues Obama views as critical to his legacy: progress against climate change and the passage of free-trade agreements in Asia and in Europe. Merkel’s support will be critical in all of those endeavors.
“Merkel is the European leader he openly admits he’s been probably the closest to, and yet that relationship has really weathered a number of storms over the last year,” said Julianne Smith, a former deputy national security adviser in the Obama administration and a senior fellow at the Center for a New American Security.
Germans were outraged in 2013 after information released by whistleblower Edward Snowden showed that the National Security Agency was monitoring U.S. allies’ communications, including those of Merkel. The scandal resurfaced last month when new revelations suggested that Berlin’s foreign intelligence agency, known as the BND, might have helped the United States gather intelligence on hundreds of European companies and politicians.
Obama: G-7 to stand up to Russian aggression in Ukraine(1:16)
President Obama said the Group of Seven would discuss standing up to Russian aggression in Ukraine amid an upsurge in violence blamed on Moscow-backed separatists. (Reuters)
The result has been a “spike in anti-Americanism,” said Heather Conley, a senior vice president at the Center for Strategic and International Studies.
In her public remarks, Merkel referred generally to “differences of opinion” with the United States but said the two countries shared an essential partnership based on “mutual interests.”
White House press secretary Josh Earnest said the sensitive surveillance issues did not come up in Obama’s meeting with Merkel. Instead the two leaders, both pragmatists when it comes to foreign policy, focused on areas in which they could cooperate.
Obama needs Merkel’s help most acutely in Ukraine, where Russian separatists recently launched a new offensive. About half of his meeting with Merkel was focused on the way forward in what increasingly looks like a stalemated conflict, in which Russian President Vladi­mir Putin seems to believe that if he can hold out long enough, the resolve of Ukraine’s European allies will fracture.
Defense Secretary Ashton B. Carter, during a visit to Germany last week, conceded that tough economic sanctions had not curbed Putin’s aggressive behavior and suggested that other measures would be needed, though he did not specify what those might entail.
Obama has maintained that the only way to stop the fighting in Ukraine is through a diplomatic solution, driven by the sanctions regime that is in place. His message Sunday to the European allies, which would need to renew the sanctions at a meeting later this month, was to “stay vigilant” and focused.
That is where Merkel will be crucial. A fluent Russian-speaker, Merkel is the Western leader with the closest relationship with Putin.
“Obviously, Chancellor Merkel has played an important and leading role in preserving this unity,” Earnest said.
Less clear is what the White House and the allies will do if the increasingly fragile peace in Ukraine crumbles entirely.
Obama and the other G-7 leaders will need over the next few days to “try to forge a consensus” on how the West might respond if the Russians continue to escalate the fighting, said Charles Kupchan, White House senior director for European affairs. For now, the prospect of selling defensive weapons to Ukrainian forces, an idea that has little support among Washington’s European allies and relatively strong backing in Congress, appears to be dead.
The White House is also relying on Merkel to help forge a compromise with Greece that satisfies the country’s creditors without ruining its economy or forcing Greece out of the European Union. Such a collapse could cause volatility in global financial markets, hurting Europe and the United States.
On trade, Obama is pushing a 12-nation deal in the Asia-Pacific region, the Trans-Pacific Partnership, which faces staunch resistance from many in his party. If it succeeds, the president would like to conclude a similar deal with Europe, where Merkel’s assistance would again be essential to overcome resistance among some on the continent to free-trade deals.
The trade issue has become “something of a proxy for engagement in the world,” said Richard Fontaine, president of the Center for a New American Security.
Obama would like to emerge from the next two days of meetings with the Group of Seven allies with informal pledges to reduce greenhouse gas emissions ahead of a climate-change summit this year in Paris. It is an issue on which Obama’s goals and aspirations are largely in sync with those of Merkel and many of the other European leaders.
The meetings this week in Germany are an “important milestone on this issue,” said Ben Rhodes, a deputy national security adviser to Obama. “We can move both with announcing our own targets and taking steps to support other countries to protect the environment.”
Greg Jaffe covers the White House for The Washington Post, where he has been since March 2009.
Get the Today's Headlines Newsletter
Free daily updates delivered just for you.
Success! Check your inbox for details.
Please enter a valid email address
You might also like:

Our Online Games

Play right from this page
Read the whole story
 
· · · · · ·

SEAL Team 6: A Secret History of Quiet Killings and Blurred Lines

1 Share
They have plotted deadly missions from secret bases in the badlands of Somalia. In Afghanistan, they have engaged in combat so intimate that they have emerged soaked in blood that was not their own. On clandestine raids in the dead of the night, their weapons of choice have ranged from customized carbines to primeval tomahawks.
Around the world, they have run spying stations disguised as commercial boats, posed as civilian employees of front companies and operated undercover at embassies as male-female pairs, tracking those the United States wants to kill or capture.
Those operations are part of the hidden history of the Navy’s SEAL Team 6, one of the nation’s most mythologized, most secretive and least scrutinized military organizations. Once a small group reserved for specialized but rare missions, the unit best known for killing Osama bin Laden has been transformed by more than a decade of combat into a global manhunting machine.
That role reflects America’s new way of war, in which conflict is distinguished not by battlefield wins and losses, but by the relentless killing of suspected militants.
Almost everything about SEAL Team 6, a classified Special Operations unit, is shrouded in secrecy — the Pentagon does not even publicly acknowledge that name — though some of its exploits have emerged in largely admiring accounts in recent years. But an examination of Team 6’s evolution, drawn from dozens of interviews with current and former team members, other military officials and reviews of government documents, reveals a far more complex, provocative tale.
While fighting grinding wars of attrition in Afghanistan and Iraq, Team 6 performed missions elsewhere that blurred the traditional lines between soldier and spy. The team’s sniper unit was remade to carry out clandestine intelligence operations, and the SEALs joined Central Intelligence Agency operatives in an initiative called the Omega Program, which offered greater latitude in hunting adversaries.
Team 6 has successfully carried out thousands of dangerous raids that military leaders credit with weakening militant networks, but its activities have also spurred recurring concerns about excessive killing and civilian deaths.
Afghan villagers and a British commander accused SEALs of indiscriminately killing men in one hamlet; in 2009, team members joined C.I.A. and Afghan paramilitary forces in a raid that left a group of youths dead and inflamed tensions between Afghan and NATO officials. Even an American hostage freed in a dramatic rescue has questioned why the SEALs killed all his captors.
When suspicions have been raised about misconduct, outside oversight has been limited. Joint Special Operations Command, which oversees SEAL Team 6 missions, conducted its own inquiries into more than a half-dozen episodes, but seldom referred them to Navy investigators. “JSOC investigates JSOC, and that’s part of the problem,” said one former senior military officer experienced in special operations, who like many others interviewed for this article spoke on the condition of anonymity because Team 6’s activities are classified.
Even the military’s civilian overseers do not regularly examine the unit’s operations. “This is an area where Congress notoriously doesn’t want to know too much,” said Harold Koh, the State Department’s former top legal adviser, who provided guidance to the Obama administration on clandestine war.
Waves of money have sluiced through SEAL Team 6 since 2001, allowing it to significantly expand its ranks — reaching roughly 300 assault troops, called operators, and 1,500 support personnel — to meet new demands. But some team members question whether the relentless pace of operations has eroded the unit’s elite culture and worn down Team 6 on combat missions of little importance. The group was sent to Afghanistan to hunt Qaeda leaders, but instead spent years conducting close-in battle against mid- to low-level Taliban and other enemy fighters. Team 6 members, one former operator said, served as “utility infielders with guns.”
The cost was high: More members of the unit have died over the past 14 years than in all its previous history. Repeated assaults, parachute jumps, rugged climbs and blasts from explosives have left many battered, physically and mentally.
“War is not this pretty thing that the United States has come to believe it to be,” said Britt Slabinski, a retired senior enlisted member of Team 6 and veteran of combat in Afghanistan and Iraq. “It’s emotional, one human being killing another human being for extended periods of time. It’s going to bring out the worst in you. It’s also going to bring out the best in you.”
Team 6 and its Army counterpart, Delta Force, have delivered intrepid performances that have drawn the nation’s two most recent presidents to deploy them to an expanding list of far-off trouble spots. They include Syria and Iraq, now under threat from the Islamic State, and Afghanistan, Somalia and Yemen, mired in continuing chaos.
Like the C.I.A.’s campaign of drone strikes, Special Operations missions offer policy makers an alternative to costly wars of occupation. But the bulwark of secrecy around Team 6 makes it impossible to fully assess its record and the consequences of its actions, including civilian casualties or the deep resentment inside the countries where its members operate. The missions have become embedded in American combat with little public discussion or debate.
Former Senator Bob Kerrey, a Nebraska Democrat and a member of the SEALs during the Vietnam War, cautioned that Team 6 and other Special Operations forces had been overused. “They have become sort of a 1-800 number anytime somebody wants something done,” he said. But relying on them so much, he added, is inevitable whenever American leaders are faced with “one of those situations where the choice you have is between a horrible choice and a bad choice, one of those cases where you have no option.”
While declining to comment specifically on SEAL Team 6, the United States Special Operations Command said that since the Sept. 11, 2001, attacks, its forces “have been involved in tens of thousands of missions and operations in multiple geographic theaters, and consistently uphold the highest standards required of the U.S. Armed Forces.”
The command said its operators are trained to operate in complex and fast-moving environments and it trusts them to conduct themselves appropriately. “All allegations of misconduct are taken seriously,” the statement said, adding: “Substantiated findings are dealt with by military or law enforcement authorities.”
The unit’s advocates express no doubts about the value of such invisible warriors. “If you want these forces to do things that occasionally bend the rules of international law,” said James G. Stavridis, a retired admiral and former Supreme Allied Commander at NATO, referring to going into undeclared war zones, “you certainly don’t want that out in public.” Team 6, he added, “should continue to operate in the shadows.”
But others warn of the seduction of an endless campaign of secret missions, far from public view. “If you’re unacknowledged on the battlefield,” said William C. Banks, an expert on national security law at Syracuse University, “you’re not accountable.”

Fighting Up Close

During a chaotic battle in March 2002 on the Takur Ghar mountaintop close to the Pakistan border, Petty Officer First Class Neil C. Roberts, an assault specialist in SEAL Team 6, fell from a helicopter onto terrain held by Qaeda forces.
Enemy fighters killed him before American troops were able to get there, mutilating his body in the snow.
It was SEAL Team 6’s first major battle in Afghanistan, and he was the first member to die. The manner in which he was killed sent shudders through the tight-knit community. America’s new war would be up close and ugly. At times, the troops carried out the grisliest of tasks: cutting off fingers or small patches of scalp for DNA analysis from militants they had just killed.
After the March 2002 campaign, most of Osama bin Laden’s fighters fled into Pakistan, and Team 6 would rarely fight another sustained, pitched battle against the terrorist network in Afghanistan. The enemy they had been sent to take on had largely disappeared.
At the time, the team was prohibited from hunting Taliban fighters and also blocked from chasing any Qaeda operatives into Pakistan, out of concern about alienating the Pakistani government. Mostly confined to the Bagram Air Base outside Kabul, the SEALs were frustrated. The C.I.A., though, was under no similar restrictions, and Team 6 members eventually began working with the spy agency and operated under its broader combat authorities, according to former military and intelligence officials.
The missions, part of the Omega Program, allowed the SEALs to conduct “deniable operations” against the Taliban and other militants in Pakistan. Omega was modeled after the Vietnam-era Phoenix Program, when C.I.A. officers and Special Operations troops conducted interrogations and assassinations to try to dismantle the Vietcong’s guerrilla networks in South Vietnam.
But an extensive campaign of lethal operations in Pakistan was considered too risky, the officials said, so the Omega Program primarily focused on using Afghan Pashtuns to run spying missions into the Pakistani tribal areas, as well as working with C.I.A.-trained Afghan militias during night raids in Afghanistan. A C.I.A. spokesman declined to comment for this article.
The escalating conflict in Iraq was drawing most of the Pentagon’s attention and required a steady buildup of troops, including deployments by SEAL Team 6 members. With the relatively small American military footprint in Afghanistan, Taliban forces began to regroup. Alarmed, Lt. Gen. Stanley A. McChrystal, who was leading Joint Special Operations Command, in 2006 ordered the SEALs and other troops to take on a more expansive task in Afghanistan: Beat back the Taliban.
That order led to years of nightly raids or fights by Team 6, which was designated the lead Special Operations force during some of the most violent years in what became America’s longest war. A secret unit that was created to carry out the nation’s riskiest operations would instead be engaged in dangerous but increasingly routine combat.
The surge in operations started during that summer when Team 6 operators and Army Rangers began to hunt down midlevel Taliban figures in hopes of finding leaders of the group in Kandahar Province, the Taliban heartland. The SEALs used techniques developed with Delta Force in kill-and-capture campaigns in Iraq. The logic behind the manhunts was that intelligence gathered from a militant safe house, along with that collected by the C.I.A. and the National Security Agency, could lead to a bomb maker’s workshop and eventually to the door of an insurgent commander.
Special Operations troops struck a seemingly endless succession of targets. No figures are publicly available that break out the number of raids that Team 6 carried out in Afghanistan or their toll. Military officials say that no shots were fired on most raids. But between 2006 and 2008, Team 6 operators said, there were intense periods in which for weeks at a time their unit logged 10 to 15 kills on many nights, and sometimes up to 25.
The accelerated pace caused “guys to become fierce,” said a former Team 6 officer. “These killing fests had become routine.”
Special Operations commanders say the raids helped unravel Taliban networks. But some Team 6 members came to doubt that they were making much of a difference. One former senior enlisted SEAL member, pressed for details about one mission, said, “It became so many of these targets, it was just another name.”
“Whether they were facilitators, Taliban subcommanders, Taliban commanders, financiers, it no longer became important,” he added.
Another former Team 6 member, an officer, was even more dismissive of some of the operations. “By 2010, guys were going after street thugs,” he said. “The most highly trained force in the world, chasing after street thugs.”
The unit pushed to make its operations faster, quieter and deadlier, and benefited from a ballooning budget and from advances in technology since 2001. Team 6’s bland cover name — the Naval Special Warfare Development Group — is a nod to its official mission of developing new equipment and tactics for the broader SEAL organization, which also includes nine unclassified teams.
The SEALs’ armorers customized a new German-made rifle and equipped nearly every weapon with suppressors, which reduce gunshot sounds and muzzle flashes. Infrared lasers enabling the SEALs to shoot more accurately at night became standard issue, as did thermal optics to detect body heat. The SEALs were equipped with a new generation of grenade — a thermobaric model that is particularly effective in making buildings collapse. They often operated in larger groups than they had traditionally done. More SEALs carrying deadlier weapons meant that fewer enemies escaped alive.
Some Team 6 assault troops also used tomahawks crafted by Daniel Winkler, a knife maker in North Carolina who forged blades for the film “The Last of the Mohicans.” During one period, members of Team 6’s Red Squadron — its logo shows crossed tomahawks below the face of a Native American warrior — received a Winkler hatchet after their first year in the squadron, according to two members. In an interview, Mr. Winkler declined to discuss which SEAL units had received his tomahawks, but did say many were paid for by private donors.
The weapons were not just wall ornaments. Several former Team 6 members said that some men carried the hatchets on missions, and at least one killed an enemy fighter with the weapon. Dom Raso, a former Team 6 member who left the Navy in 2012, said that hatchets were used “for breaching, getting into doors, manipulating small locks, hand-to-hand combat and other things.” He added that hatchet and blade kills occurred during his time with the SEALs.
“Whatever tool you need to protect yourself and your brothers, whether it is a blade or a gun, you are going to use,” said Mr. Raso, who has worked with Mr. Winkler in producing a blade.
Many SEAL operators rejected any use of tomahawks — saying they were too bulky to take into combat and not as effective as firearms — even as they acknowledged the messiness of warfare.
“It’s a dirty business,” said one former senior enlisted Team 6 member. “What’s the difference between shooting them as I was told and pulling out a knife and stabbing them or hatcheting them?”

The Culture

SEAL Team 6’s fenced-off headquarters at the Dam Neck Annex of the Oceana Naval Air Station, just south of Virginia Beach, houses a secretive military within the military. Far removed from the public eye, the base is home not just to the team’s 300 enlisted operators (they disdain the term “commandos”), their officers and commanders, but also to its pilots, Seabee builders, bomb disposal technicians, engineers, medical crews and an intelligence unit equipped with sophisticated surveillance and global tracking technology.
The Navy SEALs — the acronym stands for Sea, Air, Land forces — evolved from the frogmen of World War II. Team 6 arose decades later, born out of the failed 1980 mission to rescue 53 American hostages seized in the takeover of the United States Embassy in Tehran. Poor planning and bad weather forced commanders to abort the mission, and eight servicemen died when two aircraft collided over the Iranian desert.
The Navy then asked Cmdr. Richard Marcinko, a hard-charging Vietnam veteran, to build a SEAL unit that could respond quickly to terrorist crises. The name itself was an attempt at Cold War disinformation: Only two SEAL teams existed at the time, but Commander Marcinko called the unit SEAL Team 6 hoping that Soviet analysts would overestimate the size of the force.
He flouted rules and fostered a maverick image for the unit. (Years after leaving the command, he was convicted of military contract fraud.) In his autobiography, “Rogue Warrior,” Commander Marcinko describes drinking together as important to SEAL Team 6’s solidarity; his recruiting interviews often amounted to boozy chats in a bar.
Officially, SEAL Team 6 does not exist. The unit performs some of the military’s most dangerous missions, those considered too risky for conventional troops.
Inside Team 6, there were initially two assault groups, called Blue and Gold, after the Navy colors. Blue used the Jolly Roger pirate flag as its insignia and early on earned the nickname “the Bad Boys in Blue,” for racking up drunken driving arrests, abusing narcotics and crashing rental cars on training exercises with near impunity.
Young officers sometimes were run out of Team 6 for trying to clean up what they perceived as a culture of recklessness. Adm. William H. McRaven, who rose to head the Special Operations Command and oversaw the Bin Laden raid, was pushed out of Team 6 and assigned to another SEAL team during the Marcinko era after complaining of difficulties in keeping his troops in line.
Ryan Zinke, a former Team 6 officer and now a Republican congressman from Montana, recalled an episode after a team training mission aboard a cruise liner in preparation for potential hostage rescues at the 1992 Summer Olympics in Barcelona, Spain. Mr. Zinke escorted an admiral to a bar in the ship’s lower level. “When we opened the door, it reminded me of ‘Pirates of the Caribbean,’” Mr. Zinke said, recalling that the admiral was appalled by the operators’ long hair, beards and earrings. “My Navy?” the admiral asked him. “These guys are in my Navy?”
That was the beginning of what Mr. Zinke referred to as “the great bloodletting,” when the Navy purged Team 6’s leadership to professionalize the force. Current and former Team 6 operators said the culture was different today. Members now tend to be better educated, more athletic, older and more mature — though some are still known for pushing limits.
“I got kicked out of the Boy Scouts,” said one former officer. Most Team 6 SEALs, he added, “were like me.”
Delta Force members, who have a reputation for going by the book, often start out as regular infantry, then move up through the Army’s Ranger units and Special Forces teams before joining Delta. But SEAL Team 6 is more isolated from the rest of the Navy, with many of its men entering the brutal SEAL training pipeline from outside the military.
After several years on regular SEAL teams — the even-numbered ones based in Virginia Beach, the odd-numbered ones in San Diego, and a unit in Hawaii dedicated to mini-submarines — SEALs can try out for Team 6. Many are eager to get to the most elite unit, but about half of them wash out.
Officers rotate through Team 6, sometimes returning for several tours, but the enlisted SEALs typically stay far longer, giving them outsize influence. “A lot of the enlisted guys think that they really run the show,” said one former senior member. “That’s part of the Marcinko style.”
And they tend to swagger, critics and defenders say. While the other SEAL teams (called “white” or “vanilla” SEALs within the military) perform similar tasks, Team 6 pursues the highest value targets and takes on hostage rescues in combat zones. It also works more with the C.I.A. and does more clandestine missions outside war zones. Only Team 6 trains to chase after nuclear weapons that fall into the wrong hands.
Team 6’s role in the 2011 Bin Laden raid spawned a cottage industry of books and documentaries, leaving tight-lipped Delta Force troops rolling their eyes. Members of Team 6 are expected to honor a code of silence about their missions, and many current and former members fume that two of their own spoke out about their role in the Qaeda leader’s death. The men, Matt Bissonnette, author of two best sellers about his tenure at SEAL Team 6, and Robert O’Neill, who said in a television special that he had killed Bin Laden, are under investigation by the Naval Criminal Investigative Service over accusations that they revealed classified information.
Others have been quietly kicked out for drug use or quit over conflicts of interest involving military contractors or side jobs. The Navy reprimanded 11 current and former operators in 2012 for disclosing Team 6 tactics or handing over classified training films to help promote a computer game,“Medal of Honor: Warfighter.”
With multiple deployments over the last 13 years, few of the unit’s members are unscathed. About three dozen operators and support personnel have died on combat missions, according to a former senior team member. They include 15 Gold Squadron members and two bomb specialists who were killed in 2011 when a helicopter with the call sign Extortion 17 was shot down in Afghanistan, the most devastating day in Team 6 history.
Blasts from explosions used to breach compounds on raids, repeated assaults and the battering from riding on high-speed assault boats in sea rescues or training have taken a toll. Some men have sustained traumatic brain injuries. “Your body is trashed,” said one recently retired operator. “Your brain is trashed.”
“SEALs are a lot like N.F.L. guys: They never want to say ‘I am taking myself out of the lineup,’” said Dr. John Hart, medical science director at the Center for BrainHealth at the University of Texas at Dallas, which has treated many SEAL patients. “If they send guys back in who already have the effects of a concussion, they are constantly adding a dose of a hit to an existing brain condition. The brain needs sufficient time to heal.”

Latitude to Kill

Early on in the Afghan war, SEAL Team 6 was assigned to protect the Afghan leader Hamid Karzai; one of the Americans was grazed in the head during an assassination attempt on the future president. But in the years that followed, Mr. Karzai became a bitter critic of the United States Special Operations troops, complaining that they routinely killed civilians in raids. He viewed the activities of Team 6 and other units as a boon for Taliban recruiting and eventually tried to block night raids entirely.
Most missions were not lethal. Several Team 6 members said they herded women and children together and knocked men out of the way, with a push or a gun muzzle, to search homes. They frequently took prisoners; a number of detainees had broken noses after SEALs punched them in struggles to subdue them, one officer said.
The Team 6 members often operate under the watchful eyes of their commanders — officers at overseas operations centers and at Dam Neck can routinely view live surveillance feeds of raids provided by drones high above — but are also given wide latitude. While Special Operations troops functioned under the same rules of engagement as other military personnel in Afghanistan, Team 6 members routinely performed their missions at night, making life-or-death decisions in dark rooms with few witnesses and beyond the view of a camera.
Operators would use weapons with suppressors to quietly kill enemies as they slept, an act that they defend as no different from dropping a bomb on an enemy barracks. “I snuck into people’s houses while they were sleeping,” Mr. Bissonnette says in his book “No Hero,” written under the pseudonym Mark Owen. “If I caught them with a gun, I killed them, just like all the guys in the command.”
And their decisions tend to be certain. Noting that they shoot to kill, a former noncommissioned officer added that the operators fire “security rounds” into those who are down to ensure that they are dead. (In a 2011 mission on a hijacked yacht off the coast of Africa, one Team 6 member slashed a pirate with a knife and left 91 wounds, according to a medical examiner, after the man and other attackers killed four American hostages. Operators are trained “to slice and dice every major artery,” said one former SEAL.)
The rules boiled down to this, the noncommissioned officer said: “If in your assessment you feel threatened, in a split second, then you’re going to kill somebody.” He described how one SEAL sniper killed three unarmed people, including a small girl, in separate episodes in Afghanistan and told his superiors that he felt they had posed a threat. Legally, that was sufficient. “But that doesn’t fly” in Team 6, the noncommissioned officer said. “You actually have to be threatened.” He added that the sniper was forced out of Team 6.
A half-dozen former officers and enlisted troops who were interviewed said they knew of civilian deaths caused by Team 6. Mr. Slabinski, a former senior enlisted member of SEAL Team 6, said he witnessed Team 6 members mistakenly kill civilians “probably four or five times” during his deployments.
Several former officers said they routinely questioned Team 6 operators when their suspicions were raised about unwarranted killings, but they usually found no clear evidence of wrongdoing. “There was no incentive to dig deep on that,” said a former senior Special Operations officer.
“Do I think bad things went on?” another former top officer asked. “Do I think there was more killing than should have been done? Sure.”
“I think the natural inclination was, if it’s a threat, kill it, and later on you realize, ‘Oh, maybe I overassessed the threat,’ ” he said. “Do I think that guys intentionally killed people that didn’t deserve it? I have a hard time believing that.”
Civilian deaths are an inevitable part of every war but in conflicts with no clear battle lines and where enemy fighters are often indistinguishable from noncombatants, some military law experts say, the traditional rules of war have become outdated and new Geneva Convention protocols are necessary. But others bristle at the notion, saying that the longstanding, unambiguous rules of behavior should govern murky, modern combat.
“Emphasizing these lines and rules becomes even more important when you’re fighting a lawless, remorseless enemy,” said Geoffrey S. Corn, the former senior law of war expert for the Army’s Office of the Judge Advocate General and now a professor at South Texas College of Law. “That is when the instinct for revenge is going to be strong. And war is not about revenge.”
Near the end of an Afghan deployment by Team 6’s Blue Squadron, which concluded in early 2008, elders complained to the British general whose forces controlled Helmand Province. He immediately called Capt. Scott Moore, commander of SEAL Team 6, saying that two elders had reported that the SEALs killed civilians in a village, according to a former Team 6 senior member.
Captain Moore confronted those leading the mission, which was intended to capture or kill a Taliban figure code-named Objective Pantera.
When Captain Moore asked what had happened, the squadron commander, Peter G. Vasely, denied that operators had killed any noncombatants. He said they had killed all the men they encountered because they all had guns, according to the former Team 6 member and a military official. Captain Vasely, who now oversees the regular SEAL teams based on the East Coast, declined to comment through a spokesman.
Captain Moore asked the Joint Special Operations Command to investigate the episode. About that time, the command received reports that dozens of witnesses in a village were alleging that American forces had engaged in summary executions.
Another former senior Team 6 member contended later that Mr. Slabinski, Blue Squadron’s command master chief, gave pre-mission guidance that every male at the target be killed. Mr. Slabinski denied that, saying there was no policy to leave all men dead. “I didn’t ever convey that to the guys,” he said in an interview.
He said that around the time of that raid he had been disturbed after witnessing one of the younger operators slashing at the throat of a dead Taliban fighter. “It appeared he was mutilating a body,” Mr. Slabinski said, adding that he quickly yelled, “Stop what you’re doing!”
The Naval Criminal Investigative Service later concluded the operator might have been cutting off gear from the dead fighter’s chest. But Team 6 leaders said they were worried that some operators were getting out of control, and the one involved in the episode was sent back to the United States. Mr. Slabinski, suspecting that his men had not been following the rules of engagement properly, gathered them for what he called a “very stern speech.”
“If any of you feel a need to do any retribution, you should call me,” he recalled telling them. “There’s no one that could authorize that other than me.” He said his message was intended to convey that permission would never come because such conduct was inappropriate. But he conceded that perhaps some of his men may have misunderstood.
JSOC cleared the squadron of any wrongdoing in the Pantera operation, according to two former Team 6 members. It is not clear how many Afghans were killed in the raid or exactly where it happened, though a former officer said he believed it was just south of Lashkar Gah, the capital of Helmand Province.
But the killings prompted a high-level discussion about how, in a country where many men carried guns, Team 6 could “guarantee that we’re only going after the real bad guys,” one of the former senior team leaders said.
In other inquiries, which were usually handled by JSOC, not Navy investigators, no one faced any charges. Typically, men were sent home when concerns arose; three, for example, were sent back to Dam Neck after roughing up a detainee during an interrogation, one former officer said, as were some team members involved in questionable killings.
More than a year later, another mission spurred strong protests from Afghans. Just after midnight on Dec. 27, 2009, dozens of American and Afghan troops landed in helicopters several miles from the small village of Ghazi Khan in Kunar Province, and hiked to the village in darkness. By the time they left, 10 residents had been killed.
What happened that night is still in dispute. The purpose of the mission was to capture or kill a senior Taliban operative, but it was quickly apparent that no Taliban leaders were present at the target. The mission had been based on faulty intelligence, a problem that bedeviled United States military operations even after years in Afghanistan. A former governor of the province investigated, and accused the Americans of killing unarmed schoolboys.
The United Nations mission in Afghanistan issued a statement saying that an initial investigation had concluded that “eight of those killed were students enrolled in local schools.”
American military spokesmen initially said that those who died were part of an insurgent cell that had been building improvised explosive devices. Eventually, they backed off that claim. But some American military officials still insist that all of the youths had guns and were tied to the Taliban. One NATO statement said that the people who carried out the raid were “nonmilitary in nature,” seemingly a reference to the C.I.A., which was in charge of the operation.
But Team 6 members had also participated in that mission. As part of the covert Omega Program, they joined an assault force that included C.I.A. paramilitary officers and Afghan troops trained by the spy agency.
By then, the program that had begun at the dawn of the Afghan war had changed. Forays into Pakistan were limited because it was difficult to operate there without being noticed by Pakistani soldiers and spies, so missions were mostly confined to the Afghan side of the border.
Over time, General McChrystal, who became the top American commander in Afghanistan, responded to Mr. Karzai’s complaints about civilian deaths by tightening the rules on night raids and scaling back the pace of special operations.
After years of refining techniques to sneak up on enemy compounds, Team 6 members were often required to “call out” before attacking a site, akin to a sheriff announcing through a bullhorn, “Come out with your hands up.”
Mr. Slabinski said that civilian casualties occurred most often during the “call out” operations, which were meant to mitigate exactly such losses. Enemy combatants, he said, would sometimes send out family members and then shoot from behind them, or give civilians flashlights and tell them to point out American positions.
Mr. O’Neill, the former Team 6 member, agreed that the rules could be frustrating. “What we found was, the more latitude for collateral damage that they gave us, the more effective we were because we’re not going to take advantage of it but we know we’re not going to be second-guessed,” he said in an interview. “When there were more rules, it did get more difficult.”

Rescue Missions

Years ago, before the Afghan night raids and the wartime deployments, SEAL Team 6 trained constantly to rescue hostages — dangerous, difficult missions they never got a chance to perform before 2001. Since then, the unit has attempted at least 10 rescues, which have been among its most celebrated successes and bitterest failures.
Operators say that in rescues — considered “no-fail” missions — they have to move faster and expose themselves to greater risk than on any other type of operation so that they can protect hostages from being shot or otherwise harmed. The SEALs often end up killing most of the captors.
The first high-profile rescue came in 2003, when SEAL Team 6 operators helped retrieve Pfc. Jessica Lynch, who had been injured, captured and held in a hospital, during the early days of the Iraq war.
Six years later, Team 6 members jumped out of cargo planes into the Indian Ocean with their specially designed assault boats in advance of the mission to rescue Richard Phillips, the captain of the Maersk Alabama, a container ship hijacked by Somali pirates. The operators, captured in a video shown by Mr. O’Neill, parachuted with swim fins strapped over their boots after releasing four boats — small, fast and equipped with stealth features to evade radar — that were each suspended by a canopy of multiple parachutes. SEAL snipers eventually killed three of the pirates.
In 2012, operators sky-dived into Somalia to free an American aid worker, Jessica Buchanan, and her Danish colleague, Poul Hagen Thisted. JSOC considers its performance as the standard for such missions. The SEALs used a free-fall parachuting technique called “HAHO,” for high altitude-high opening, in which they jump from a high altitude and steer their way on the wind for many miles to cross a border secretly, an exercise so risky that over the years several men died while in training.
Ms. Buchanan recalled that four of the kidnappers were within 15 feet of her when the Team 6 members approached under cover of darkness. They shot and killed all nine captors while rescuing the aid workers. “Until they identified themselves, I did not believe a rescue was possible,” Ms. Buchanan said in an interview.
In October 2010, one Team 6 member erred during an attempt to rescue Linda Norgrove, a 36-year old British aid worker being held by the Taliban. Disaster struck in the first two minutes, after operators jumped from helicopters in the mountains of Kunar Province and slid down 90 feet of braided rope to a steep slope, according to two senior military officials.
As they sprinted in the dark toward the Taliban compound, the newest member of the team was confused, he later told investigators. His gun had jammed. “Thinking a million miles a minute,” he said, he threw a grenade at what he believed were a pair of fighters hiding in a ditch.
But after an exchange of gunfire that killed several Taliban captors, the SEALs found the hostage — wearing dark clothing and a head scarf — dead in the ditch. Initially, the operator who threw the grenade and another unit member reported that Ms. Norgrove was killed by an explosive suicide vest. That story quickly fell apart. Surveillance video shows that she died almost instantly from fragmentation wounds to her head and back caused by the grenade blast, the investigative report noted.
A joint inquiry by the American and British governments concluded that the operator who had thrown the grenade had violated procedures for hostage rescues. He was forced out of Team 6, although permitted to remain in another SEAL unit.
A rescue operation two years later succeeded in releasing an American physician, though at great cost. One night in December 2012, a group of Team 6 operators wearing night-vision goggles burst into a compound in Afghanistan where Taliban militants were holding Dr. Dilip Joseph, who had been working with an aid organization. The first operator to enter was felled by a shot to the head, and the other Americans responded with brutal efficiency, killing all five of the captors.
But Dr. Joseph and military officials offer sharply different accounts of how the raid unfolded. The physician said in an interview that a 19-year-old named Wallakah was the sole kidnapper to survive the initial assault. He had been subdued by the SEAL operators and sat on the ground, hands around his knees, his head down, the doctor remembered. Wallakah, he believed, was the one who had shot the Team 6 operator.
Minutes later, while waiting to board a helicopter to freedom, Dr. Joseph said, one of his SEAL rescuers guided him back into the house, where he saw in the moonlight that Wallakah was lying in a pool of blood, dead. “I remember those things as clear as day,” the doctor said.
Military officials, speaking only on background about the classified operation, contended that all of the captors were quickly killed after the SEAL team entered and Wallakah had never been taken prisoner. They also said that Dr. Joseph had seemed disoriented at the time and never re-entered the house, and questioned whether he could have seen what was happening on the dark night.
Two years later, Dr. Joseph remains grateful for his rescue and the sacrifice made by Petty Officer Nicolas D. Checque, the team member killed on the mission. But he still wonders what happened with Wallakah.
“It took me weeks to come to terms with the efficiency of the rescue,” Dr. Joseph said. “It was so surgical.”

A Global Spying Force

From a string of firebases along the Afghan border, Team 6 regularly sent Afghan locals into the tribal areas of Pakistan to collect intelligence. The team transformed the large, brightly painted “jingle” trucks popular in the region into mobile spying stations, hiding sophisticated eavesdropping equipment in the back of the trucks and using Pashtuns to drive them over the border.
Outside the mountains of Pakistan, the team also ventured into the country’s southwest desert, including the volatile Baluchistan region. One mission nearly ended in disaster when militants fired a rocket-propelled grenade from a doorway, causing the roof of their compound to collapse and a Team 6 sniper atop it to fall through onto a small group of fighters. A fellow American sniper nearby quickly killed them, one former operator recounted.
Beyond Afghanistan and Pakistan, members of Team 6’s Black Squadron were scattered around the world on spying missions. Originally Team 6’s sniper unit, Black Squadron was reconfigured after the Sept. 11 attacks to conduct “advance force operations,” military jargon for intelligence gathering and other clandestine activities in preparation for a Special Operations mission.
It was a particularly popular concept at the Pentagon under former Defense Secretary Donald H. Rumsfeld. By the middle of last decade, General McChrystal had designated Team 6 to take on an expanded role in global intelligence-gathering missions, and Black Squadron operatives deployed to American embassies from sub-Saharan Africa to Latin America to the Middle East.
SEAL Team 6 used diplomatic pouches, the regular shipments of classified documents and other material to American diplomatic posts, to get weapons to Black Squadron operators stationed overseas, said a former member. In Afghanistan, Black Squadron operators wore tribal dress and sneaked into villages to plant cameras and listening devices and interview residents in the days or weeks before night raids, according to several former Team 6 members.
The unit sets up front companies to provide cover for Black Squadron operators in the Middle East, and runs floating spying stations disguised as commercial boats off the coasts of Somalia and Yemen. Black Squadron members, working from the American Embassy in Sana, the Yemeni capital, were central to the hunt for Anwar al-Awlaki, the radical cleric and American citizen who had become affiliated with Al Qaeda in the Arabian Peninsula. He was killed in 2011 by a C.I.A. drone.
One former member of Black Squadron said that in Somalia and Yemen, operators were not allowed to pull the trigger unless the highest-value targets were in their sights. “Outside Iraq and Afghanistan we were not throwing any nets,” the former member said. “It was totally different.”
Black Squadron has something the rest of SEAL Team 6 does not: female operatives. Women in the Navy are admitted to Black Squadron and sent overseas to gather intelligence, usually working in embassies with male counterparts. One former SEAL Team 6 officer said that male and female members of Black Squadron would often work together in pairs. It is called “profile softening,” making the couple appear less suspicious to hostile intelligence services or militant groups.
Black Squadron now has more than 100 members, its growth coinciding with the expansion of perceived threats around the world. It also reflects the shift among American policy makers. Anxious about using shadow warriors in the years after the 1993 “Black Hawk Down” debacle in Mogadishu, Somalia, government officials today are willing to send units like SEAL Team 6 to conflicts, whether the United States chooses to acknowledge its role or not.
“When I was in, we were always chasing wars,” said Mr. Zinke, the congressman and former Team 6 member. “These guys found them.”
Read the whole story
 
· · · · · · · · · · · · · · · · · · · · · · · · · · · ·
Next Page of Stories
Loading...
Page 2

FBI File Shows Whitney Houston Blackmailed Over Lesbian Affair

1 Share
As one of the world’s most beloved singers, Whitney Houston lived a life of glamour, luxury, and fame, but this enviable lifestyle did not come without a cost. According to files released by the FBI under the Freedom Of Information Act, Whitney Houston was the victim of a successful extortion plot that threatened to reveal intimate secrets about the singer unless she paid up — secrets that a new book alleges were about a secret lesbian love affair.
The 128 page FBI file, which is heavily redacted, contains numerous harassing and obsessive letters, including a series of correspondences between Houston’s handlers and a party that threatened Houston. A passage from an enclosed memorandum reads, “[Redacted] said [Redacted] told him that [Redacted] has knowledge of intimate details regarding Whitney Houston’s romantic relationships, and will go public with the information unless [Redacted] is paid $250,000. [Redacted] told [Redacted] client will sign a confidentiality agreement if [Redacted] is paid the $250,000.” Also included in the file is an executed confidentiality agreement, suggesting that the extortion plot was successful.
According to a new book, “Whitney & Bobbi Kristina: The Deadly Price of Fame,” by Ian Halperin, The New York Post reports, the extortion plot was based on Houston’s rumored affair with her friend and assistant, Robyn Crawford. The book alleges that Whitney’s father John feared that Crawford would go public with the relationship, and that he voiced these concerns to Kevin Ammons, Whitney’s former bodyguard.
“We’ve got to do something about that motherf-king b-h. She’s ruining my family and driving everybody nuts,” Ammons quoted John as saying. “She’s lost her grip on reality. I’ll pay you $6,000 if you put the fear of God in her.” Ammons reportedly denied that request, but was still warned to “keep an eye” on Crawford.
This occurred during the same year that Whitney married Bobby Brown, and on their wedding day, Houston gave Crawford a black Porsche as a “token of their friendship.”
The extensive FBI file sheds light on the pressures that Houston faced throughout her life in the spotlight — pressures that may have contributed to her drug use and eventual death — and by extension, the tragic repeat of events that left daughter Bobby Kristina clinging to life after being found unconscious in a bathtub earlier this year.
Read the whole story
 
· ·

Schiff, King call on Obama to be aggressive in cyberwar, after purported China hacking

1 Share
Now Playing
Is China behind the US government cyber breach?
Two top-ranking House lawmakers -- a Democrat and Republican -- on Sunday called on President Obama to go beyond the whodunit in the recent hacking of U.S. government computers, suggesting his administration must go on the attack.
“We need to figure out when we’re going on an offensive,” California Rep. Adam Schiff, the top Democrat on the House Intelligence Committee, told “Fox News Sunday.”
Schiff, one of the most hawkish congressional Democrats, said he couldn’t be certain that China was indeed behind the attack. However, the breach was either the work of “state actors” or a “very sophisticated group” working with the Chinese government.
Beijing says U.S. claims that China-based hackers were involved in getting into Office of Personal Management computers are unproven and irresponsible, but has not denied responsibility for the attacks.
The security breach resulted in the purported identify theft of at least 4 million federal workers.
Rep. Peter King, R-N.Y., a member of the House’s Homeland Security Committee and former chairman of the chamber’s Permanent Select Committee on Intelligence, said the United States must do more than it is doing right now.
“We should not be afraid to use all of our tools to stop this,” he told Fox News.
The recent attack on the personal management office marks the fourth time this year that a federal agency has been hacked and it brings increasing focus on Obama’s efforts to stop the attacks.
In November, Obama said the increasing number of cyber attacks was “like the Wild, Wild West” and suggested the U.S. must help lead efforts to stop or at least slow the problem.
Even if the attack were state-sanctioned, the National Security Agency also has a secret and vast data-collection program at home and abroad that was infamously exposed in 2013 by former NSA contract employee Edward Snowden.
Schiff said he “absolutely supports” such NSA efforts and is confident that U.S. intelligence officials are not exposing Americans’ personal information in the process.
He also said he was concerned about the threat of the Islamic State recruiting and training terrorists on American soil, following the incident Tuesday in which investigators fatally shot a Boston man after he refused to drop a military-style knife as they sought to question him about "terrorist-related information," including reported plans to behead police officers.
The suspect, 26-year-old Usaama Rahim, reportedly visited Islamic State-related websites.
However, Schiff was more concerned about an inspector general’s report made public earlier this week that found Transportation Security Administration employees failed to detect mock explosives and weapons nearly 96 percent of the time at airport checkpoints, saying a bomb exploding on a U.S. plane could “radically change” the nature of the country.
The Associated Press contributed to this report.
Read the whole story
 
· · ·

The Iraqi Army No Longer Exists

1 Share
The fog of war lies thick over the battlefields of Iraq and Syria. Deliberate enemy deception, willful self-deception, and the complexity of large-scale combat ensure that the truth about war is almost always obscured by a kind of fog. Occasionally a major event parts the clouds and reveals a few fragments of truth, only to have the fog close in again. The collapse of Iraqi defenses in Ramadi is one such event. But we must look quickly to learn anything at all.
The most important fact revealed by ISIS’s victory is that the “Iraqi Army” no longer exists. This is a different observation from that of Secretary of Defense Carter, who avers that they lost the will to fight. Some people did lose the will to fight in Ramadi. But, we should ask a more fundamental question. Ramadi was under siege for months. How is it that few if any reinforcements were sent to defend a city deemed critical to the defense of Baghdad itself? Public sources reported some fourteen divisions in the Iraqi Army in 2014. Between three and five were destroyed in Mosul, leaving nine. At most one was defending Ramadi. Where were the rest? Indeed, where are they now? How is it that Shiite militias must be called upon to liberate Ramadi? If the Iraqi Army has evaporated, or perhaps more accurately deteriorated into a collection of local militias and palace guards, then theU.S.“re-training” mission in Iraq is vastly more difficult than we have been led to believe. Having claimed to build an Iraqi Army, which seems not to exist, and which one doubts ever really existed, the U.S. military is now trying to build another one, from the ground up. Why will things turn out better this time?
ISIS’s victory in Ramadi also reveals that it is quite capable, not merely tactically, but at the “operational level.” Put another way, it is good not merely at fights, which require committed fanatics who are good with a gun, but at campaigns, which require canny commanders, logistical support, coordinated mutually supporting battles, movement, and intelligence. In Ramadi, despite U.S.command of the air, ISIS was able to sustain its forces for many months. They were able to manufacture very large truck bombs, requiring tons of explosives, to support their final offensive. They attacked under the cover of a sandstorm, which helped neutralize U.S. air power.
The most important fact revealed by ISIS’s victory is that the “Iraqi Army” no longer exists.
Finally, in light of ISIS’s success in Ramadi, we must revisit claimed coalition successes such as the fight at the Syrian border town of Kobani, and the “victory” in Tikrit. It was a mystery why ISIS fought so hard for a worthless border town, in the face of waves of U.S. air attacks. In retrospect, one suspects that they were “going to school” on us—spending lives and equipment to learn how to operate in the face of sustained U.S. air attack, which they apparently have figured out how to do. Central Command has claimed that since the campaign began air attacks have killed 8,500ISIS fighters. These claims seem implausible. The battle of Tikrit, viewed in light of the Ramadi success, now appears as a matador’s cape, a diversionary operation to draw the attention of Iraqi government forces, militias, the Iranians, and the U.S. away from Anbar province and ISIS’s preparations for the attack on Ramadi. Press reports of ISIS casualties in Tikrit do not suggest large losses. Tikrit was well defended, but not heavily defended — an economy-of-force operation, reliant largely on IEDs. If so, the amount of time and energy and collateral damage it required to re-take that town bodes ill for future attacks on places that ISIS might heavily defend, such as Mosul.
Of course, the fog of war only lifted briefly, and we still cannot see the whole picture, which may be worse, or for that matter, better. But the notion that the Iraqi Army, and the supporting U.S.-led coalition, can soon go on the offensive against ISIS seems a fantasy. If instead, an offensive is launched with the collection of Shia militias that now forms the core of the Iraqi government’s military power, heavily supported by U.S. airstrikes, then we can be sure that any victories they might enjoy will be immensely destructive to the local infrastructure, and will be followed by the most brutal repression of the local Sunni Arab population — not the victory for Iraqi civil society U.S. leaders seek, but rather a guarantee of new waves of recruits for jihad.
What policy therefore ought the U.S. to follow? The ingredients exist in the region for a loose ring of containment around ISIS. That ring strengthens when ISIS pushes into areas populated by other ethnic or religious groups. The U.S. should buck up these defenders with weapons, money, intelligence, and air strikes, when they are under pressure, but should be under no illusions about their capability to defeat ISIS, re-occupy huge swathes of Iraq, and bring those areas into a cohesive Iraqi political community.
Read the whole story
 
· · ·

ID-theft criminals happy about the 1 million unfilled cybersecurity jobs

1 Share
Mark Pribish, Special for The Republic | <a href="http://azcentral.com" rel="nofollow">azcentral.com</a> 5:32 p.m. MST June 7, 2015
A shortage of information-security professionals could offer an advantage to ID-theft criminals.(Photo: Getty Images/iStockphoto)
Why would identity theft criminals be happy about millions of unfilled job openings? Because in the case of cybersecurity, it means that the bad guys currently have the advantage. Not good — unless you or your family members are considering a career in cybersecurity.
Just as the shortage of doctors and nurses has been a challenge for the health-care industry, a new and alarming shortage of "information security professionals" is a wake-up call for businesses, educational institutions and consumers worldwide according to three recent reports.
The Cisco 2014 Annual Security Report warns that the worldwide shortage of information security (or InfoSec) professionals is at 1 million openings, even as cyberattacks and data breaches increase each year.
And according to the 2015 (ISC) Global Information Security Workforce Study, "the information security workforce shortfall is widening as 62 percent of the survey respondents stated that their organizations have too few information security professionals."
It's not for lack of money, but a result of "an insufficient pool of suitable candidates is causing this shortfall," according to the study.
Frost & Sullivan, a consulting, technology and market research firm, estimates the shortfall in the global information security workforce will reach 1.5 million in five years.
In addition, the Norwich University Online Information Assurance Program offered sobering statistics on the current state of information security:
 The demand for cybersecurity pros has grown more than 3.5 times faster than the demand for other IT jobs over the past five years, and cybersecurity jobs have increased more than 12 times faster than the demand for all other non-IT jobs.
 There was a 73 percent increase in InfoSec job postings between 2007 and 2012 in the U.S., versus six percent in all jobs.
Industries reporting shortages of InfoSec staff include: Government, 36 percent; manufacturing, 29 percent; financial services, 28 percent; retail/wholesale, 27 percent; health care, 22 percent.
Computerworld's reports that for 2013-14, the average pay had increased by 6.7 percent for chief security officers to $165,600; by 5.3 percent for InfoSec managers to $118,484; and by 3.5 percent for InfoSec specialists, to $90,696.
So what does all this mean to small business, consumers, all of us?
- Consumer ID-theft and business data-breach events are not going away.
- Cyberattacks and data breach events are happening more often.
- Regulatory requirements such as state and federal breach notification laws are forcing all businesses to increase their information security best practices.
- Institutions of higher education need to create and expand cybereducation programs and work to attract new students to them.
- Information-security threats change so often that it's hard for a business to keep up.
- The "Internet of Things" will increase consumer ID-theft and business data-breach events.
Bottom line, the information-security marketplace is a leading job- and growth opportunity for anyone who is interested, and the unfilled jobs in this space are currently an advantage to ID-theft criminals.
Mark's most important: Consider a career in cybersecurity and take seriously the ID-theft threat resulting from more than 1 million unfulfilled cybersecurity jobs.
Mark Pribish is vice president and ID-theft practice leader at Merchants Information Solutions Inc., an ID theft-background screening company based in Phoenix. Contact him at <a href="mailto:markpribish@merchantsinfo.com">markpribish@merchantsinfo.com</a>.
Read or Share this story: <a href="http://azc.cc/1MgHrxL" rel="nofollow">http://azc.cc/1MgHrxL</a>
Read the whole story
 
· · ·

Security Researchers Start Effort to Protect 'Smart' Cities

1 Share
It’s a brave new world when hackers step in to protect citizens because regulators are not getting the job done.
Two years after President Obama signed an executive order setting voluntary guidelines that companies could follow to prevent cyberattacks — especially on critical infrastructure like dams and water treatment facilities — security experts have found that American critical infrastructure is still wide open to attack.
The order was a weakened alternative to cybersecurity legislation that the White House tried and failed to push through Congress after Senate Republicans argued the minimum standards would be too onerous on the private sector.
Last year, Cesar Cerrudo, an Argentine security researcher, began pointing out critical vulnerabilities in America’s so-called smart cities, where wireless sensors control a growing portion of city infrastructure from traffic lights to water and waste management systems.
One year later, Mr. Cerrudo discovered that little had been done to patch those basic vulnerabilities, even as cities around the world poured billions of dollars into bringing more of their basic infrastructure online. Without renewed focus on security, he and other researchers warn, those cities are just creating larger and larger targets for nation states and cyberterrorists.
“What I found is that there are a lot of security problems — the situation is really bad — but I didn’t want to just point out problems without offering solutions,” Mr. Cerrudo said.
In response, on Tuesday, he and others from IOActive Labs; Kaspersky Lab, the Russian cybersecurity company; and a growing list of security experts will announce a new Securing Smart Cities initiative. Their goal is to bring private security researchers and public administrators together to set up basic cybersecurity checklists for smart cities, including properly installed encryption, passwords and systems that can be easily patched for security holes.
They are also seeking to set up better security requirements and approval procedures for the vendors who install, monitor and oversee crucial systems. They want to track access to smart city systems; run regular tests to look for loopholes; and set up emergency response teams that can funnel reports of vulnerabilities from security researchers, coordinate patches and share that information with other cities. They also want to create manual overrides for all smart city systems, in the event they are compromised.
Surprisingly, as it stands, there is no such comprehensive system for vetting security and responding to cyberattacks at the city level.
This, even as spending on smart city technology balloons. In Saudi Arabia, $70 million has been poured into a project to build four smart cities. In South Africa, $7.4 billion has been funneled into a smart city project now underway. By 2020, the market for smart cities is expected to reach $1 trillion, according to Frost & Sullivan, a consulting firm.
“Every day cities are incorporating new technologies really fast without any testing and they are putting citizens and businesses at risk,” Mr. Cerrudo said in an interview. “Every day we depend more and more on technology. If that technology is not secure and protected, it will get attacked, and people and businesses will suffer the consequences.”
Read the whole story
 
· ·

Cyberattack Exposes I.R.S. Tax Returns

1 Share
WASHINGTON — Criminals used stolen data to gain access to past tax returns of more than 100,000 people through an application on the Internal Revenue Service’s website, the agency said on Tuesday.
Using Social Security numbers, birth dates, street addresses and other personal information obtained elsewhere, the criminals completed a multistep authentication process and requested the tax returns and other filings, the I.R.S. said. Information from those forms was used to file fraudulent returns, the I.R.S. said, and the agency sent nearly $50 million in refunds before it detected the scheme.
“We’re confident that these are not amateurs,” John Koskinen, the I.R.S. commissioner, said. “These actually are organized crime syndicates that not only we but everybody in the financial industry are dealing with.”
The agency has opened an investigation into the breach and has temporarily shut down the Get Transcript application, which was used to gain access to the information. Old tax returns are sometimes needed to apply for college loans or mortgages, and taxpayers can still request the records by mail.
More than 200,000 attempts to view the past returns using stolen information were made from February to mid-May, and about half were successful. It is unclear whether the criminals were operating inside or outside the United States.
Dealing with fraudulent tax claims has been a challenge for the I.R.S. as online crime has grown more sophisticated in recent years. The agency paid $5.8 billion in falsely claimed refunds in 2013.
“Eighty percent of the identity theft we’re dealing with and refund fraud is related to organized crime here and around the world,” Mr. Koskinen said at a news conference on Tuesday. “These are extremely sophisticated criminals with access to a tremendous amount of data.”
The I.R.S. said the attackers exploited data, like email addresses and passwords gleaned from other breaches, to answer basic authentication questions about subjects like birth dates or the names of family members. After recent breaches at the health insurer Anthem and Home Depot, security experts note that users’ personal information is now widely available to hackers, who can buy it from criminal websites.
“This is a wake-up call that breaches have a compounding effect and the stakes are getting higher,” said Eric Chiu, a security expert who is the president of HyTrust, a cloud computing security company. “Attackers are on the hunt for our personal and financial information using data stolen from other breaches to gain a larger amount of information on those same individuals.”
The consequence, Mr. Chiu said, “could be devastating to consumers — attacks can potentially open new accounts, siphon off funds and ultimately steal identities of victims.”
After the I.R.S. disclosed the breach, security experts criticized the agency for not adding more context to the authentication questions, or using a so-called multifactor system that sends users a second password via their mobile phone. Experts also criticized the agency for not deploying technology that looks for suspicious activity, such as multiple sign-in attempts from the same device, or encrypting sensitive information.
But Mr. Koskinen said that the I.R.S. had stopped almost three million suspicious returns this year, and officials say that new computer filters that look for anomalies have helped prevent identity theft.
Senate Finance Committee aides said Mr. Koskinen called the committee’s chairman, Senator Orrin G. Hatch, Republican of Utah, late last week to notify him of the breach. The committee kept it quiet while law enforcement officials opened the investigation.
Word of the breach prompted Republicans to increase their attacks on the tax collection agency, which has faced criticism since revelations that the I.R.S. had intentionally targeted political organizations for extra scrutiny of their tax-exempt applications.
“That the I.R.S. — home to highly sensitive information on every single American and every single company doing business here at home — was vulnerable to this attack is simply unacceptable,” Mr. Hatch said. “What’s more, this agency has been repeatedly warned by top government watchdogs that its data security systems are inadequate against the growing threat of international hackers and data thieves.”
But the breach is also likely to prompt the Obama administration to redouble its efforts to increase the I.R.S.’s budget, which has been cut 18 percent since 2010, adjusting for inflation. Since 2010, the agency has shed more than 13,000 employees, or 14 percent of the work force, with nearly 10,000 lost jobs coming from the enforcement staff, which is down 20 percent since 2010.
Representative Sander M. Levin, Democrat of Michigan and the ranking member of the House Ways and Means Committee, said he had spoken with Mr. Koskinen, who assured him that the I.R.S. was getting to the bottom of the problem. “It is important that members of Congress work together to ensure that the I.R.S. has adequate resources to carry out the vital priority of protecting confidential taxpayer information,” Mr. Levin said.
The agency sent letters to the taxpayers whose accounts had been compromised, and it will offer them free credit monitoring. The I.R.S. said its main computer system, which handles tax filings, had not been breached.
“During this filing season, taxpayers successfully and safely downloaded a total of approximately 23 million transcripts,” the agency said.
Read the whole story
 
· · · ·
Next Page of Stories
Loading...
Page 3

Cyber attack hits 4 million current, former U.S. federal workers

1 Share
WASHINGTON Hackers breached the computers of the U.S. government agency that collects personnel information for federal workers in a massive cyber attack that compromised the data of about 4 million current and former employees, U.S. officials said on Thursday.
A U.S. law enforcement source told Reuters a foreign entity or government was believed to be behind the cyber intrusion against the Office of Personnel Management (OPM), and media reports said authorities suspected it originated in China.
The Federal Bureau of Investigation said it had launched a probe and would hold the culprits accountable.
OPM detected new malicious activity affecting its information systems in April and the Department of Homeland Security said it concluded at the beginning of May that the agency's data had been compromised.
The breach affected OPM's IT systems and its data stored at the Department of the Interior's data center, which is a shared service center for federal agencies, a DHS official said on condition of anonymity. The official would not comment on whether other agencies' data had been affected.
OPM had previously been the victim of another cyberattack, as have various federal government computer systems at the State Department, the U.S. Postal Service and the White House.
"The FBI is working with our interagency partners to investigate this matter," the bureau said in a statement. "We take all potential threats to public and private sector systems seriously, and will continue to investigate and hold accountable those who pose a threat in cyberspace.”
A law-enforcement official, speaking on condition of anonmity, said the cyber attack was believed to have been launched from outside the United States, but would neither confirm nor deny that it had originated in China.
The U.S. government has long raised concerns about cyber spying and theft emanating from China and has urged Beijing to do more to curb the problem. China has denied U.S. accusations.
There was no immediate comment from the White House on the latest cyber attack.
Since the intrusion, OPM said it had implemented additional security precautions for its networks. It said it would notify the 4 million people affected and offer credit monitoring and identity theft services to the people affected.
"The last few months have seen a series of massive data breaches that have affected millions of Americans," U.S. Rep. Adam Schiff, the ranking Democrat on the House Permanent Select Committee on Intelligence, said in a statement.
But he called the latest intrusion "among the most shocking because Americans may expect that federal computer networks are maintained with state of the art defenses."
"It's clear that a substantial improvement in our cyber databases and defenses is perilously overdue," Schiff added.
(Additional reporting by Mark HosenballPeter Cooney and Jeff Mason; Writing by Matt Spetalnick and Doina Chiacu; Editing by Peter Cooney)
Read the whole story
 
· ·

Hacking Linked to China Exposes Millions of U.S. Workers

1 Share
WASHINGTON — The Obama administration on Thursday announced what appeared to be one of the largest breaches of federal employees’ data, involving at least four million current and former government workers in an intrusion that officials said apparently originated in China.
The compromised data was held by the Office of Personnel Management, which handles government security clearances and federal employee records. The breach was first detected in April, the office said, but it appears to have begun at least late last year.
The target appeared to be Social Security numbers and other “personal identifying information,” but it was unclear whether the attack was related to commercial gain or espionage. The announcement of the intrusion came on the same day The New York Times reported that the National Security Agency had expanded warrantless surveillance of foreign hackers, an effort that could sweep up the information of innocent Americans.
There seemed to be little doubt among federal officials that the attack was launched from China, but it was unclear whether it might have been state sponsored. The administration did not publicly identify Chinese hackers as the culprits because it is difficult to definitively attribute the source of cyberattacks and to back up such an attribution without divulging classified data.
The breach is the third major foreign intrusion into an important federal computer system in the past year. Last year, the White House and the State Department found that their email systems had been compromised in an attack that was attributed to Russian hackers. In that case, some of President Obama’s unclassified emails were apparently obtained by the intruders.
And last summer, the personnel office announced an intrusion in which hackers appeared to have targeted the files of tens of thousands of workers who had applied for top-secret security clearances.
In that case, the objective seemed clear: The information on security clearances could help identify covert agents, scientists and others with data of great interest to foreign governments. That breach also appeared to have involved Chinese hackers.
But because the breadth of the new attack was so much greater, the objective seemed less clear.
The intrusion came before the personnel office fully put into place a series of new security procedures that restricted remote access for administrators of the network and reviewed all connections to the outside world through the Internet. In acting too late, the personnel agency was not alone: The N.S.A. was also beginning to put in place new network precautions after its most delicate information was taken by Edward J. Snowden.
The Department of Homeland Security’s emergency cyberteam used an antihacking system called Einstein that alerted the agency to the potential compromise of federal employee data, S. Y. Lee, a spokesman, said in a statement.
The F.B.I. said it was working with other agencies to investigate the matter. “We take all potential threats to public and private sector systems seriously, and will continue to investigate and hold accountable those who pose a threat in cyberspace,” Joshua Campbell, a spokesman, said in a statement.
The personnel office told current and former federal employees that they could request 18 months of free credit monitoring to make sure that their identities had not been stolen, and it said it was working with cybersecurity specialists to assess the effects of the breach. It was clear, however, that the scope was sweeping, potentially affecting a vast majority of the federal work force. J. David Cox Sr., the president of the American Federation of Government Employees, said he had been told that the breach might have affected “all 2.1 million current federal employees and an additional two million federal retirees and former employees.”
Katherine Archuleta, the personnel agency’s director, said in a statement, “Protecting our federal employee data from malicious cyberincidents is of the highest priority at O.P.M.”
“We take very seriously our responsibility to secure the information stored in our systems, and in coordination with our agency partners, our experienced team is constantly identifying opportunities to further protect the data with which we are entrusted,” she added.
Administration officials said they made the breach public only after confirming last month that the data had been compromised and after taking additional steps to insulate other government agencies from the intrusion. Mr. Obama has been briefed on the case, officials said.
The attack drew calls for legislation to bolster the nation’s cyberdefenses. In a series of Twitter posts, Representative Adam B. Schiff of California, the senior Democrat on the Intelligence Committee, called the intrusion “shocking because Americans may expect that federal computer networks are maintained with state of the art defenses.”
He said enactment of new cybersecurity measures was “perilously overdue.”
While determining the source of cyberattacks is notoriously difficult, federal officials say they have become far more skilled at it in recent years, largely because of increased monitoring of malicious software entering the United States over international networks. But the most sophisticated attacks often look as if they were initiated inside the United States, and tracking their true origin can lead down many blind paths.
Most Chinese cyberintrusions into the United States, at least until recently, were aimed at the theft of intellectual property, rather than at sweeping up vast amounts of personal data.
One senior federal official said it was not clear what the Chinese government would want from personnel databases. But if the attribution to China holds, it poses an additional challenge to the Obama administration. For the past three years, Mr. Obama has been trying to move the subject of cyberattacks to the center of the American-Chinese relationship. He has spent hours discussing the subject with Xi Jinping, the Chinese president.
A year ago, the Justice Department indicted five members of Unit 61398, a hacking unit of the Chinese People’s Liberation Army, accusing them of stealing data from American firms to benefit state-owned Chinese companies.
But rather than change Chinese behavior, the indictments shut down many of the formal and informal discussions between the United States and China. Chinese officials have often said that they, too, are the victims of hackers.
An annual “Strategic and Economic Dialogue” with Chinese officials is scheduled to take place this month, and cyberissues will again be in the forefront.
Correction: June 4, 2015
Because of an editing error, an earlier version of a summary with this article said incorrectly that the federal employees affected by the data breach worked for the Office of Personnel Management. The breach affected workers whose information was held by the Office of Personnel Management.
Read the whole story
 
· · · · ·

Hunting for Hackers, N.S.A. Secretly Expands Internet Spying at U.S. Border

1 Share
WASHINGTON — Without public notice or debate, the Obama administration has expanded theNational Security Agency‘s warrantless surveillance of Americans’ international Internet traffic to search for evidence of malicious computer hacking, according to classified N.S.A. documents.
In mid-2012, Justice Department lawyers wrote two secret memos permitting the spy agency to begin hunting on Internet cables, without a warrant and on American soil, for data linked to computer intrusions originating abroad — including traffic that flows to suspicious Internet addresses or contains malware, the documents show.
The Justice Department allowed the agency to monitor only addresses and “cybersignatures” — patterns associated with computer intrusions — that it could tie to foreign governments. But the documents also note that the N.S.A. sought permission to target hackers even when it could not establish any links to foreign powers.
The disclosures, based on documents provided by Edward J. Snowden, the former N.S.A. contractor, and shared with The New York Times and ProPublica, come at a time of unprecedented cyberattacks on American financial institutions, businesses and government agencies, but also of greater scrutiny of secret legal justifications for broader government surveillance.
As the threat of malicious hacking has grown, the National Security Agency and the Federal Bureau of Investigation have secretly expanded their surveillance of Internet communications flowing to and from the United States, documents provided by the former intelligence contractor Edward J. Snowden show.
OPEN Document
While the Senate passed legislation this week limiting some of the N.S.A.’s authority, the measure involved provisions in the U.S.A. Patriot Act and did not apply to the warrantless wiretapping program.
Government officials defended the N.S.A.’s monitoring of suspected hackers as necessary to shield Americans from the increasingly aggressive activities of foreign governments. But critics say it raises difficult trade-offs that should be subject to public debate.
The N.S.A.’s activities run “smack into law enforcement land,” said Jonathan Mayer, a cybersecurity scholar at Stanford Law School who has researched privacy issues and who reviewed several of the documents. “That’s a major policy decision about how to structure cybersecurity in the U.S. and not a conversation that has been had in public.”
It is not clear what standards the agency is using to select targets. It can be hard to know for sure who is behind a particular intrusion — a foreign government or a criminal gang — and the N.S.A. is supposed to focus on foreign intelligence, not law enforcement.
The government can also gather significant volumes of Americans’ information — anything from private emails to trade secrets and business dealings — through Internet surveillance because monitoring the data flowing to a hacker involves copying that information as the hacker steals it.
One internal N.S.A. document notes that agency surveillance activities through “hacker signatures pull in a lot.”
Brian Hale, the spokesman for the Office of the Director of National Intelligence, said, “It should come as no surprise that the U.S. government gathers intelligence on foreign powers that attempt to penetrate U.S. networks and steal the private information of U.S. citizens and companies.” He added that “targeting overseas individuals engaging in hostile cyberactivities on behalf of a foreign power is a lawful foreign intelligence purpose.”
The effort is the latest known expansion of the N.S.A.’s warrantless surveillance program, which allows the government to intercept Americans’ cross-border communications if the target is a foreigner abroad. While the N.S.A. has long searched for specific email addresses and phone numbers of foreign intelligence targets, the Obama administration three years ago started allowing the agency to search its communications streams for less-identifying Internet protocol addresses or strings of harmful computer code.
The surveillance activity traces to changes that began after the Sept. 11 terrorist attacks. The government tore down a wall that prevented intelligence and criminal investigators from sharing information about suspected spies and terrorists. The barrier had been erected to protect Americans’ rights because intelligence investigations use lower legal standards than criminal inquiries, but policy makers decided it was too much of an obstacle to terrorism investigations.
The N.S.A. also started the warrantless wiretapping program, which caused an outcry when it was disclosed in 2005. In 2008, under the FISA Amendments Act, Congress legalized the surveillance program so long as the agency targeted only noncitizens abroad. A year later, the new Obama administration began crafting a new cybersecurity policy. That effort included weighing whether the Internet had made the distinction between a spy and a criminal obsolete.
“Reliance on legal authorities that make theoretical distinctions between armed attacks, terrorism and criminal activity may prove impractical,” the White House National Security Council wrote in a classified annex to a policy report in May 2009, which was included in the N.S.A.’s internal files.
About that time, the documents show, the N.S.A. — whose mission includes protecting military and intelligence networks against intruders — proposed using the warrantless surveillance program for cybersecurity purposes. The agency received “guidance on targeting using the signatures” from the Foreign Intelligence Surveillance Court, according to an internal newsletter.
In May and July 2012, according to an internal timeline, the Justice Department granted its secret approval for the searches of cybersignatures and Internet addresses. The Justice Department tied that authority to a pre-existing approval by the secret surveillance court permitting the government to use the program to monitor foreign governments.
That limit meant the N.S.A. had to have some evidence for believing that the hackers were working for a specific foreign power. That rule, the N.S.A. soon complained, left a “huge collection gap against cyberthreats to the nation” because it is often hard to know exactly who is behind an intrusion, according to an agency newsletter. Different computer intruders can use the same piece of malware, take steps to hide their location or pretend to be someone else.
So the N.S.A., in 2012, began pressing to go back to the surveillance court and seek permission to use the program explicitly for cybersecurity purposes. That way, it could monitor international communications for any “malicious cyberactivity,” even if it did not yet know who was behind the attack.
The newsletter described the further expansion as one of the “highest priorities” of the N.S.A. director, Gen. Keith B. Alexander. However, a former senior intelligence official said that the government never asked the court to grant that authority.
Meanwhile, the F.B.I. in 2011 had obtained a new kind of wiretap order from the secret surveillance court for cybersecurity investigations, permitting it to target Internet data flowing to or from specific Internet addresses linked to certain governments.
To carry out the orders, the F.B.I. negotiated in 2012 to use the N.S.A.’s system for monitoring Internet traffic crossing “chokepoints operated by U.S. providers through which international communications enter and leave the United States,” according to a 2012 N.S.A. document. The N.S.A. would send the intercepted traffic to the bureau’s “cyberdata repository” in Quantico, Va.
The disclosure that the N.S.A. and the F.B.I. have expanded their cybersurveillance adds a dimension to a recurring debate over the post-Sept. 11 expansion of government spying powers: Information about Americans sometimes gets swept up incidentally when foreigners are targeted, and prosecutors can use that information in criminal cases.
Citing the potential for a copy of data “exfiltrated” by a hacker to contain “so much” information about Americans, one N.S.A. lawyer suggested keeping the stolen data out of the agency’s regular repository for information collected by surveillance so that analysts working on unrelated issues could not query it, a 2010 training document showed. But it is not clear whether the agency or the F.B.I. has imposed any additional limits on the data of hacking victims.
In a response to questions for this article, the F.B.I. pointed to its existing procedures for protecting victims’ data acquired during investigations, but also said it continually reviewed its policies “to adapt to these changing threats while protecting civil liberties and the interests of victims of cybercrimes.”
None of these actions or proposals had been disclosed to the public. As recently as February, when President Obama spoke about cybersecurity at an event at Stanford University, he lauded the importance of transparency but did not mention this change.
“The technology so often outstrips whatever rules and structures and standards have been put in place, which means that government has to be constantly self-critical and we have to be able to have an open debate about it,” Mr. Obama said.
Read the whole story
 
· · · · · · ·

U.S. Was Warned of System Open to Cyberattacks

1 Share
WASHINGTON — The inspector general at the Office of Personnel Management, which keeps the records and security clearance information for millions of current and retired federal employees, issued a report in November that essentially described the agency’s computer security system as a Chinese hacker’s dream.
But by the time the report was published, Chinese hackers had already cleaned out tens of thousands of files on sensitive security clearances, and were preparing for a much broader attack that ultimately obtained detailed personal information on at least four million current and former government employees. Even today, the agency is struggling to patch numerous vulnerabilities.
A number of administration officials on Friday painted a picture of a government office struggling to catch up, with the Chinese ahead of them at every step.
The agency did not possess an inventory of all the computer servers and devices with access to its networks, and did not require anyone gaining access to information from the outside to use the kind of basic authentication techniques that most Americans use for online banking. It did not regularly scan for vulnerabilities in the system, and found that 11 of the 47 computer systems that were supposed to be certified as safe for use last year were not “operating with a valid authorization.”
The problems were so severe for two systems that hosted the databases used by the Federal Investigative Service, which is responsible for the background investigations for officials and contractors who are issued security clearances, that the inspector general argued for temporarily shutting them down because the security flaws “could potentially have national security implications.”
Hackers in China apparently figured that out months before the report was published. Last summer a breach was detected that appeared aimed directly at the security clearance records — information that could help a determined hacker gain access to email or other accounts belonging to those entrusted with the nation’s secrets.
While upgrades were underway, a much broader attack occurred, apparently starting in December. Before it was detected, personal information on at least four million people was apparently downloaded by a patient, well-equipped adversary — and the number is likely to grow.
As one senior former government official who once handled cyberissues for the administration, who would not speak on the record because it could endanger the person’s role on key advisory committees, said on Friday, “The mystery here is not how they got cleaned out by the Chinese. The mystery is what took the Chinese so long.”
Researchers and government officials have determined that the Chinese group that attacked the office was probably the same one that seized millions of records held by the health care firms Anthem and Primera. Based on the forensics, experts believe the attackers were not part of the People’s Liberation Army, whose Third Department oversees much of the military’s cyberintelligence gathering. Rather they believe the group is privately contracted, though the exact affiliation with the Chinese government is not known.
For the Obama administration, which came to office holding East Room events on cybersecurity and pressing Congress, for years, to pass legislation that would allow the private sector to share information with the government, what has happened at the Office of Personnel Management can only be described as a case study in bureaucratic lethargy and poor security practices.
In the most egregious case cited by the inspector general, outsiders entering the system were not subjected to “multifactor authentication” — the systems that, for example, require a code that is sent to a cellphone to be entered before giving access to a user. Asked about that in an interview, Donna Seymour, the chief information officer at the Office of Personnel Management, said that installing such gear in the government’s “antiquated environment” was difficult and very time consuming, and that her agency had to perform “triage” to determine how to close the worst vulnerabilities.
The agency now plans to install two-step authentication across its network, Ms. Seymour said. A longtime data security official, she also defended the decision to ignore the inspector general’s advice to shut down two systems that contain the security clearance information. Ms. Seymour said that the investigators were using an outdated assessment of the security measures — and that the agency was in the process of getting tighter controls when the intrusion happened. Another senior official said that with the agency under pressure to clear a huge backlog of security clearances, halting the process was “a nonstarter” with Congress.
During the installation of new security scanning software, officials said, they found evidence of the broad downloading of millions of files.
But administration officials said a lack of management focus on the problems contributed to the slow response — combined with a lack of focus on protecting systems that are not part of the national security infrastructure but that contain large amounts of data. And a number of administration officials in interviews on Friday painted a picture of Chinese adversaries who appear to be building huge databases of information on American citizens, useful for intelligence gathering and other purposes.
“They didn’t go to sell the data, which is what criminal groups usually do,” said James Lewis, an expert at the Center for Strategic and International Studies. “It’s biographic databases that really give an intelligence benefit — and that get into an opponent’s skin.” Such databases indicate where a government official was posted, and security clearance information would list their foreign contacts — useful if there was an effort to track down Chinese citizens in contact with Americans.
The chronology of attacks against American targets matches China’s stated economic and strategic objectives, members of Congress were told in briefings held by the Department of Homeland Security and other agencies. “I’m angry and frustrated that we are at a place where this kind of attack can be successful,” said Rep. Jim Langevin, a Rhode Island Democrat who sits on both a subcommittee on cyberissues and the Armed Services Committee. The attackers, he said, “could have been inside the systems for weeks or months.” In fact, investigators believe they were there for at least three months, before being detected in April.
Government officials in the United States have been tracking several such privately contracted Chinese groups since 2008 and believe they operate at the behest of the state. One, based out of Guangzhou in southern China, has been tied to thousands of attacks on victims in the United States, Britain, Canada, Europe, Russia and Africa that develop missile, satellite, space and nuclear propulsion technology.
At the White House, officials were struggling to explain on Friday how the breach could have happened after warnings from the inspector general and others. Michael Daniel, the White House’s top cyberofficial, declined to speak on the record about the attack, and Lisa Monaco, who has been handling cyberissues as one of Mr. Obama’s top national security officials, declined to be interviewed.
“The threat that we face is ever-evolving,” said Josh Earnest, the White House press secretary. “We understand that there is this persistent risk out there. We take this very seriously.”
Mr. Earnest said Mr. Obama’s efforts to push legislation would bolster the nation’s data.
“We need the United States Congress to come out of the Dark Ages and actually join us here in the 21st century to make sure that we have the kinds of defenses that are necessary to protect a modern computer system,” he said.
Read the whole story
 
· · · · ·

Was China Behind the Latest Hack Attack? I Don’t Think So

1 Share
OPM_0606
Opinion
The U.S. Office of Personnel Management building in Washington June 5, 2015. In the latest in a string of intrusions into U.S. agencies' high-tech systems, the OPM suffered what appeared to be one of the largest breaches of information ever on government workers. Gary Cameron/Reuters
The media has picked up on the Washington Post story that the Chinese government is behind the intrusion at the Office of Personnel Management (OPM). While I’m not usually in the position of defending the Chinese, I’m skeptical that China is behind this incident. Here’s why:
  1. The information has little intelligence value. Why the Chinese government would care about the Social Security numbers of every clerk in the Commerce Department is beyond me.
The theory that it can be used in spear phishing campaigns doesn’t make much sense. LinkedIn and Facebook have much more detailed information. So does the Plum Book and publicly available databases on federal employee salaries.
Many close watchers of Chinese cyber activities have observed that Chinese actors have been less brazen since the Mandiant report and the People’s Liberation Army indictments. The fallout from getting caught isn’t worth the intelligence gain.
  1. The intruders burned a zero-day. If reports are true that the intruders used a zero-day, it would indicate that they really wanted the information—they were willing to give up opportunities to use the vulnerability to go after other targets. It would mean that, in this case, the intruders did not target OPM simply because they could, but because they really valued the information OPM had.
  2. The information is more valuable to criminals. It doesn’t make sense that the Chinese government would value the stolen information to this degree. Criminals are the more likely culprits.
This is the same kind of information that was stolen in the Anthem and Carefirst breaches—it’s information that you need to file fraudulent insurance claims or commit tax fraud.
Senator Susan Collins (R-Maine) is the only official who may have had access to actual intelligence that has gone on the record. She has said the hackers are believed to be “based” in China, a far cry from direct attribution to the Chinese government.
  1. I don’t trust the sources. The sources that told the press the attack had been linked to China probably committed a crime. The information would have been part of an ongoing criminal investigation and would likely be the result of classified intelligence activity.
Few people would have access to that information and the leakers would be putting their careers at risk. While there are certainly times when the federal government purposefully shares attribution information like this, I doubt this leak was a policy decision.
Of course, claiming to know something you don’t in fact know and sharing that with a reporter isn’t a crime. It’s usually pretty easy for a reporter to find someone willing to give a quote to make a story.
That’s what happened a year ago when news outlets reported that the NSA had been exploiting the Heartbleed vulnerability for two years, leading the NSA to tweet out a firm denial. In this case, I doubt anyone in the federal government is going to rush to defend the Chinese government, which is no doubt guilty of a thousand other crimes in cyberspace.
Robert K. Knake is senior fellow for cyber policy at the Council on Foreign Relations. This article first appeared on the CFR site.
Read the whole story
 
· · ·

Patrick Lynch, Police Union Chief Who Fought de Blasio, Wins a 5th Term