FBI’s Hacker-Informants

/in , /by

The Guardian uses an eye-popping stat from a hacker journalist–that a quarter of all hackers are FBI moles–to cement a a story about the FBI infiltrating hacker groups.

The underground world of computer hackers has been so thoroughly infiltrated in the US by the FBI and secret service that it is now riddled with paranoia and mistrust, with an estimated one in four hackers secretly informing on their peers, a Guardian investigation has established.

Cyber policing units have had such success in forcing online criminals to co-operate with their investigations through the threat of long prison sentences that they have managed to create an army of informants deep inside the hacking community.

[snip]

So ubiquitous has the FBI informant network become that Eric Corley, who publishes the hacker quarterly, 2600, has estimated that 25% of hackers in the US may have been recruited by the federal authorities to be their eyes and ears. “Owing to the harsh penalties involved and the relative inexperience with the law that many hackers have, they are rather susceptible to intimidation,” Corley told the Guardian.

The number is eye-popping. But there are two details about the story I want to note. First, it suggests that the FBI is recruiting its hacker-informants after catching them hacking. Oddly, though they consider Adrian Lamo among the hackers-moles they describe (indeed, the only one they name), they don’t question whether he just turned Bradley Manning in, or whether he was a more formal informant. Moreover, they don’t note that drug abuse, not hacking, would have been the potential crime Lamo committed in the weeks preceding his turning Manning in.

Also, note what kind of recruiting the story doesn’t address? DOD recruiting. Are all these hackers going straight from FBI to work in DOD’s cyberwars? Or is DOD recruiting a different set of hackers?

The Cyberwar Campaign against Jihadi Literature and WikiLeaks

/in , /by

Ellen Nakashima has a piece following up on the WSJ story previewing DOD’s cyberwar (which I posted on here). Before you read it, though, I wanted to suggest another reason we may be seeing this policy early (in addition to the hacking of all the defense contractors, now including L-3; and note, Nakashima references this legislation at the end of her article).

Last Thursday, the Defense Authorization bill passed the House. It retains Section 962, to which the Administration objected, which reads,

SEC. 962. MILITARY ACTIVITIES IN CYBERSPACE.

(a) AFFIRMATION.—Congress affirms that the Secretary of Defense is authorized to conduct military activities in cyberspace.

(b) AUTHORITY DESCRIBED.—The authority referred to in subsection (a) includes the authority to carry out a clandestine operation in cyberspace—

(1) in support of a military operation pursuant to the Authorization for Use of Military Force (50 U.S.C. 1541 note; Public Law 107–40) against a target located outside of the United States; or

(2) to defend against a cyber attack against an asset of the Department of Defense.

(c) BRIEFINGS ON ACTIVITIES.—Not later than 120 days after the date of the enactment of this Act, and quarterly thereafter, the Secretary of Defense shall provide a briefing to the Committees on Armed Services of the House of Representatives and the Senate on covered military cyberspace activities that the Department of Defense carried out during the preceding quarter.

(d) RULE OF CONSTRUCTION.—Nothing in this section shall be construed to limit the authority of the Secretary of Defense to conduct military activities in cyberspace.

So as you read Nakashima, remember that the Obama Administration objected to a section that authorized cyberwar in two circumstances–in support of an AUMF against a target outside of the US and in defense against a cyber attack on a DOD asset–and required quarterly briefings.

OK, now go read Nakashima.

Within the context of the Defense Authorization, a few points of DOD’s campaign to describe what they believe their cyberwar policy to be stick out. First, it envisions preparatory actions–basically spying on a presumably non-belligerent adversary’s infrastructure to map out how DOD would launch a cyberattack if the time came.

The framework clarifies, for instance, that the military needs presidential authorization to penetrate a foreign computer network and leave a cyber-virus that can be activated later. The military does not need such approval, however, to penetrate foreign networks for a variety of other activities. These include studying the cyber-capabilities of adversaries or examining how power plants or other networks operate. Military cyber-warriors can also, without presidential authorization, leave beacons to mark spots for later targeting by viruses, the official said.

In other words, DOD is indicating that it will engage in cyberwar activities outside of those authorized by Congress, activities which I’m sure they’re claiming fall under their “preparing the battlefield” giant loophole they use to engage in spywork.

Then there’s this:

Last year, for instance, U.S. intelligence officials learned of plans by an al-Qaeda affiliate to publish an online jihadist magazine in English called Inspire, according to numerous current and senior U.S. officials. And to some of those skilled in the emerging new world of cyber-warfare, Inspire seemed a natural target.

The head of the newly formed U.S. Cyber Command, Gen. Keith Alexander, argued that blocking the magazine was a legitimate counterterrorism target and would help protect U.S. troops overseas. But the CIA pushed back, arguing that it would expose sources and methods and disrupt an important source of intelligence. The proposal also rekindled a long-standing interagency struggle over whether disrupting a terrorist Web site overseas was a traditional military activity or a covert activity — and hence the prerogative of the CIA.

The CIA won out, and the proposal was rejected. But as the debate was underway within the U.S. government, British government cyber-warriors were moving forward with a plan.

As Nakashima goes onto explain, the British attack on Inspire managed to delay the publication of a bomb-making article in the magazine for two weeks. But it did eventually get published.

The Inspire story is fascinating not just because it reveals the ongoing turf war between DOD and CIA–and makes clear Mac Thornberry intends to let DOD win these battles.

But also, consider the cyberattack-which-shall-not-be-named: someone’s successful effort to ensure WikiLeaks couldn’t publish the State Department cables from a US server. The Inspire story makes it clear DOD is thinking in terms of take-downs of speech, which is precisely what the WL hack was.

And since WL was ultimately a compromise of DOD’s networks, it would solidly fall under the congressionally-defined defense “against a cyber attack against an asset of the Department of Defense.”

That is, it seems that Thornberry has authorized DOD to do things like hack WL. Congress seems to be in the business of helping the government exercise prior restraint.

That First Amendment sure was nice when we had it!

Though there’s just one weird aspect to this: DOD didn’t launch a cyberattack on WL when it compromised DOD resources: the Afghan and Iraq cables. Rather, it waited until all the DOD materials were already out, and then (we assume though don’t know) started attacking free speech to protect the State Department’s assets.

Anyway, all that prior restraint isn’t good enough, it seems, and the Administration is going to campaign for more lenient guidelines allowing DOD to wade through other countries’ infrastructure to figure out how to cyberattack them when the time comes.

I guess they can’t very well complain about the Lockheed and L-3 hacks then.

About the Lockheed Martin Hack

/in , , , /by

As first started leaking last week, Lockheed Martin seems to have been hacked.

Last weekend was bad for a very large U. S. defense contractor that uses SecureID tokens from RSA to provide two-factor authentication for remote VPN access to their corporate networks. Late on Sunday all remote access to the internal corporate network was disabled. All workers were told was that it would be down for at least a week. Folks who regularly telecommute were asked to come into nearby offices to work. Then earlier today (Wednesday) came word that everybody with RSA SecureID tokens would be getting new tokens over the next several weeks. Also, everybody on the network (over 100,000 people) would be asked to reset their passwords, which means admin files have probably been compromised.

What seems to have happened is hackers used information gotten in the RSA Data Security hack to try to break Lockheed’s own security–basically, Lockheed noticed that hackers were trying to use the keys they stole in March to open a bunch of locks at Lockheed. Lockheed appears to have discovered the effort and in response, started shutting down remote access on parts of its network.

Lockheed Martin, the Pentagon’s No. 1 supplier, is experiencing a major disruption to its computer systems that could be related to a problem with network security, a defense official and two sources familiar with the issue said on Thursday.

Lockheed, the biggest provider of information technology to the U.S. government, is grappling with “major internal computer network problems,” said one of the sources who was not authorized to publicly discuss the matter.

[snip]

The slowdown began on Sunday after security experts for the company detected an intrusion to the network, according to technology blogger Robert Cringely. He said it involved the use of SecurID tokens that employees use to access Lockheed’s internal network from outside its firewall,

[snip]

Loren Thompson, chief operating officer of the Lexington Institute, and a consultant to Lockheed, said the company monitored every node on its vast global computer network from a large operations center in a Maryland suburb near Washington, D.C.

“If it sees signs that the network is being compromised by outsiders it will shut down whole sectors of the network to protect information,” Thompson said.

He said Lockheed had advanced networking monitoring tools that gave it a “much better understanding of their systems’ status than most other organizations, including the Department of Defense.”

In other words, Lockheed may have prevented a much bigger breach into their own systems. But the assumption of many is that other companies might not have noticed what Lockheed did. Stories on this hack all feature a list of other defense contractors–like Boeing and Raytheon and Northrup Grumman–who “decline to comment,” which might mean they’re scrambling to address the same problem Lockheed is, only trying to do so without all the bad PR.

Now, most observers of this hack have suggested that the hackers–who might work for a state actors or some other sophisticated crime group–were after Lockheed’s war toy information (which partly explains why you’d ask Lockheed’s aerospace competitors if they’d been hacked too). But remember that Lockheed does a lot for the government besides build planes. Of particular note, they’re a huge NSA contractor. Maybe the hackers were after info on jet fighters, or maybe they were after the data and data collection programs our own government hides from its own citizens.

Which is all a reminder that, amidst the sound and fury directed at WikiLeaks (which after all shared important information with citizens who deserved to know it), there’s a whole lot more hacking we don’t learn the results of, hacking that either might result in others adopting our lethal technologies, or in third parties stealing the data we’re not even allowed to know.

Now, granted, Lockheed has far far better security than DOD’s SIPRNet does. At least they’re trying to protect their data. But it’s not clear they–or their counterparts–are entirely successful.

The Army’s “Sticky Note” SIPRNet Security

/in /by

No wonder the US Army was allegedly bested in the WikiLeaks leak by a Lady Gaga CD.

In addition to all the other gaping security problems with the classified network, there were apparently widely accessible SIPRNet computers with passwords written out on sticky notes on the computers.

A Guardian investigation focusing on soldiers who worked with Manning in Iraq has also discovered there was virtually no computer and intelligence security at Manning’s station in Iraq, Forward Operating Base Hammer. According to eyewitnesses, the security was so lax that many of the 300 soldiers on the base had access to the computer room where Manning worked, and passwords to access the intelligence computers were stuck on “sticky notes” on the laptop screens.

Rank and file soldiers would watch grisly “kill mission” footage as a kind of entertainment on computers with access to the sensitive network of US diplomatic and military communications known as SIPRNet.

Jacob Sullivan, 28, of Phoenix, Arizona, a former chemical, biological, radiological and nuclear specialist, was stationed at FOB Hammer in Manning’s unit.

“A lot of different people worked from that building and in pretty much every room there was a SIPRNet computer attached to a private soldier or a specialist,” Sullivan said

“On the computers that I saw there was a [sticky label] either on the computer or next to the computer with the information to log on. I was never given permission to log on so I never used it but there were a lot of people who did.”

He added: “If you saw a laptop with a red wire coming out of it, you knew it was a SIPRNet. I would be there by myself and the laptops [would] be sitting there with passwords. Everyone would write their passwords down on sticky notes and set it by their computer. [There] wasn’t a lot of security going on so no wonder something like this transpired.”

Hey DOD? You gotta be trying to keep stuff secret if you’re going to claim it’s secret. If the password to get to the secrets is floating around on Post It notes, you really can’t argue that you were actively trying to keep this stuff secret.

If Only They Had Listened to Thomas Drake, They Might Have Prevented CableGate

/in /by

I’m in the process of reading all the Siobhan Gorman stories for which Thomas Drake might have served as an anonymous source. And one of the ten or so articles for which he’s a possible source exposes the NSA’s failure on an issue at the heart of Bradley Manning’s ability to allegedly leak three major databases to WikiLeaks: adequate user authentication on the network.

The Drake indictment claims that Thomas Drake served as a source for “many” of the Siobhan Gorman articles she wrote about NSA between February 27, 2006 and November 28, 2007.

Thereafter, between on or about February 27, 2006 and on or about November 28, 2007, Reporter A published a series of newspaper articles about NSA, including articles that contained SIGINT information. Defendant DRAKE served as a source for many of these newspaper articles, including articles that contained SIGINT information.

One of her articles from that period, published July 2, 2006, describes how the delay in implementing a new encryption management system for NSA and DOD computers exposed those networks to hackers.

A National Security Agency program to protect secrets at the Defense Department and intelligence and other agencies is seven years behind schedule, triggering concerns that the data will be increasingly vulnerable to theft, according to intelligence officials and unclassified internal NSA documents obtained by The Sun.

[snip]

Encryption, which is an electronic lock, is among the most important of security tools, scrambling sensitive information so that it can ride securely in communications over the Internet or phone lines, and requiring a key to decipher.

Powerful encryption is necessary for protecting information that is beamed from soldiers on the battlefield or that guards data in computers at the NSA’s Fort Meade headquarters.

One of the three big things DOD claims it is doing to respond to WikiLeaks is to introduce smart cards for user credentials on SIPRNet.

DoD has begun to issue a Public Key Infrastructure (PKI)-based identity credential on a hardened smart card. This is very similar to the Common Access Card (CAC) we use on our unclassified network. We will complete issuing 500,000 cards to our SIPRNet users, along with card readers and software, by the end of 2012. This will provide very strong identification of the person accessing the network and requesting data. It will both deter bad behavior and require absolute identification of who is accessing data and managing that access.

In conjunction with this, all DoD organizations will configure their SIPRNet-based systems to use the PKI credentials to strongly authenticate end-users who are accessing information in the system. This provides the link between end users and the specific data they can access – not just network access. This should, based on our experience on the unclassified networks, be straightforward.

Which is precisely the kind of challenge one of Gorman’s named sources in the article addresses.

And as the demand grows for “smart” identification cards with computer chips that verify the card holder’s identity, so does the need for sophisticated ways to manage who is being assigned cards, so that the cards do not end up in the wrong hands, said Stephen Kent, a chief scientist at BBN Technologies who has chaired government panels on information security.

Now, we have no way of knowing whether Drake was one of the 18 sources Gorman used for the article. But a number of her sources seem to compare this clusterfuck with that of Trailblazer–the program Drake and others submitted an Inspector General’s complaint on.

Like other major NSA efforts – such as the failed Trailblazer program to rapidly sift out threat information, and the troubled Groundbreaker program aimed at upgrading the agency’s computer networks – an ever-changing game plan has caused many of the project’s problems, current and former senior intelligence officials said.

Following that passage, Gorman cites a “former senior intelligence official”–the description (the indictment alleges) Drake asked Gorman to use when she cited him.

One former senior intelligence official said that the NSA had unrealistic expectations from the start and repeatedly opted for delays to try to perfect the program. That left the government with aging security protections in the quest for security nirvana, the official said.

“NSA often will say, `Well, this is not totally secure, so you can’t use it,’ when the only alternative is nothing,” the former official said. “My worry is this push for perfect security is the enemy of good security.

And managing the implementation of a new key system sure sounds like something that the “Senior Change Leader” of NSA might be involved with.

Interestingly, the initial deadlines predicted in Gorman’s article–2012–seem to roughly match the deadlines DOD now gives for its smart cards (as well as the insider threat detection, the deadline for which Obama is trying to push back further, though that may be a different issue).

Again, all that’s not proof that Thomas Drake was warning in 2006 that if NSA didn’t fix its management problems, something like CableGate would happen (as well as the widespread hacking we know to be happening).

But 18 people were warning of it back in 2006.

Which is, I guess, DOJ feels the need to prosecute whistleblowers, to cover up embarrassing lapses like this.

As the Arab Spring Gives Way to the Sunni Summer

/in , /by

The AP has a interesting–and interestingly timed–story on the help we’re giving Saudi Arabia to build a “facilities security force” to protect, among other things, its oil fields and planned civilian nuclear sites. The story is based, in part, on this WikiLeaks cable.

Note the date of the cable: October 29, 2008, less than a week before–everyone already knew at the time–Barack Obama would be elected President.

That makes the actual content of the cable all the more interesting. It describes a meeting between US Department of Energy representatives and Mohammed bin Naif, the Assistant Minister of Interior and the son of the long-time Minister of Interior, Naif bin Abdul-Aziz, as well as other representatives from Saudi Arabia’s Ministry of Interior. Basically, the DOE folks gave a presentation about the vulnerabilities in the Abqaiq oil processing plant, after which bin Naif agreed to a broad security program, including the FSF.

Remember, DOE was giving a presentation about an oil facility that had already been attacked by al Qaeda as part of plan to get Saudi Arabia to agree to this 35,000 person force in Saudi Arabia.

At the meeting at which this cooperation was agreed to, CENTCOM handed bin Naif a document describing the exact language Saudi Arabia should use request CENTCOM’s help establishing the FSF. The plan was that Saudi Arabia would then present that request (the one the US wrote) to General Petraeus when he came to Saudi Arabia on November 8 (which would be after Obama’s expected election, but not by much).

The draft [Letter of Request] for OPM-FSF prepared by CENTCOM was presented to MBN. This draft explicitly lays out on one page the exact wording for the SAG’s formal request to the USG to establish OPM-FSF. MBN directed his staff to prepare such a letter for his signature. Once we receive this letter, CENTCOM will then respond with a Letter of Acceptance (LOA) which will allow CENTCOM to begin building up OPM-FSF’s personnel and equipment structure. MOI indicated they plan to present the formal Saudi LOR to GEN Petraeus when he visits the Kingdom, currently scheduled for Nov. 8.

In addition, the cable describes bin Naif’s urgent desire–expressed privately to the US Charge d’Affaires–to solidify this partnership quickly, also mentioning his plan to travel to the US on November 5-7 (that is, the days after Obama’s expected election).

In a private meeting between MBN and the Charge’, MBN conveyed the SAG’s, and his personal, sense of urgency to move forward as quickly as possible to enhance the protection of Saudi Arabia’s critical infrastructure with the priority being its energy production sites. MBN related how his grandfather, King Abdulaziz, had the vision of forming a lasting strategic partnership with the United States. MBN stressed he shared this vision, and wants the USG’s help to protect Saudi critical infrastructure. He commented that neither the Kingdom nor the U.S. would be comfortable with the “French or Russians” involved in protecting Saudi oil facilities. “We built ARAMCO together, we must protect it together.” MBN also confirmed his travel dates to Washington will be Nov. 5 to 7.

In other words, the whole thing seems like something formalized quickly just as Obama was being elected President.

One more interesting detail about the cable? Note who appears at the top of the distribution list: Dick Cheney.

WHITE HOUSE FOR OVP

Okay, so that’s the cable. Using the fear that al Qaeda would attack Saudi Arabia’s oil fields in a repeat of the 2006 attack on Abqaiq, the US (presumably largely directed by Cheney) pushed through the agreement for this 35,000 person elite force just as Obama was being elected President.

So let’s return to the AP article. The article provides some key context for the FSF–notably that it seems to have been a quid pro quo tied to our agreement to give Saudi Arabia civilian nukes.

The new arrangement is based on a May 2008 deal signed by then-Secretary of State Condoleezza Rice and Saudi Interior Minister Prince Nayef. That same month the U.S. and Saudi Arabia also signed an understanding on civil nuclear energy cooperation in which Washington agreed to help the Saudis develop nuclear energy for use in medicine, industry and power generation.

So we give Saudi Arabia nukes that it wants (in part) because Iran is working hard to get them, and it lets us “train” a 35,000 person elite force to guard its critical infrastructure in the name of counter-terrorism. Are you having an Erik Prince moment, yet?

The rest of the article–that part not reliant on the WikiLeaks cable, that is–only partly focuses on the FSF itself–at least on the troops tasked with defending oil infrastructure. In addition, it focuses on missile defense and other arms targeted at Iran.

The U.S. also is in discussions with Saudi Arabia to create an air and missile defense system with far greater capability against the regional rival the Saudis fear most, Iran. And it is with Iran mainly in mind that the Saudis are pressing ahead with a historic $60 billion arms deal that will provide dozens of new U.S.-built F-15 combat aircraft likely to ensure Saudi air superiority over Iran for years.

Read more

Please Help Support My Next 525 Posts on Torture

/in , , , , , , , /by

Become a Member of Firedoglake

GOAL: 1,000 New Members

by June 1st

Support our one-stop shop for in-depth news coverage and hard-hitting activism.

 

Just over two years ago, right around the time I reported that Khalid Sheikh Mohammed was waterboarded 183 times in a month, many of you chipped into the “Marcy Wheeler fund” to support my work; that generosity paid my way until a short time ago. Here’s what that support made possible.

Between May 1, 2009 and yesterday, by my rough count, I wrote 525 posts on torture. I unpacked the torture memos, the CIA IG Report, the OPR Report, and thousands of documents released through FOIA. I showed the bureaucratic games they used to set up our torture program, early efforts to place limits on things like mock execution, followed by more bureaucratic and legal means to get away with violating even those limits. I showed how they hid documents and altered tapes to hide evidence of their torture. I showed how, after CIA and parts of DOJ tried to put limits on torture in 2004, they again used bureaucratic tricks and ridiculous legal documents to reauthorize it. I’ve tracked DOJ’s kabuki claims to investigate torture (though bmaz gets credit for forcing DOJ to admit John Durham’s torture tape investigation had run out the clock on Statutes of Limitation). And I’ve tracked the Obama Administration’s successful efforts to suppress all evidence of torture. And all the while, I’ve relentlessly pushed back against the torture apologists’ lies.

Of course, while writing about torture is a major part mapping out the decline of the rule of law, it’s not the only part. Since May 2009, I’ve written almost 200 posts on wiretapping, almost as many on our Gitmo show trials, posts about state secrets, drones, fusion centers, the forever war metastisizing around the world. I’ve written about Wikileaks and Bradley Manning’s treatment and the banksters and the auto companies.

Cataloging the decline of the rule of law has been exhausting and infuriating. The work has been challenging.

But most of all, it has been humbling. That’s because you made this happen, as much as I did.

In addition to the absolutely brilliant observations you’ve made in comments, your support, two years ago, made this work possible. I’m profoundly grateful that many of you invested your faith and financial support in my work.

And now I’m asking for your faith and financial support again, to support the next 525 posts on torture. This time that support will come in the form of an ongoing Firedoglake membership. By becoming a member of Firedoglake, you will not only give my work some stability over the long term, but support the superb work of Jane and DDay and Jon Walker, and just as importantly, the work of the people backstage who make this all technically possible. And you will become a closer part of our efforts to push our country in the right direction, to return to the rule of law.

Please join Firedoglake today.

I hope some day soon we’ll begin to make headway against our expanding national security state. I hope some day, I won’t feel the need to write a post on torture five days a week. But until then, I feel compelled to write about what is happening to our country. And I can only continue to do that with your help.

Hillary Picks Cheney Aide to Replace PJ Crowley

/in /by

It’s bad enough that Obama didn’t clear out the Cheney folks burrowed into the permanent bureaucracy. Now the Obama Administration will appoint former Cheney aide Victoria Nuland to replace PJ Crowley as State Department spokesperson.

Victoria “Toria” Nuland, the current U.S. special envoy for conventional forces in Europe and a former U.S. ambassador to NATO, will be named the new spokesperson for the State Department this week, officials and foreign policy hands told the Envoy.The State Department did not provide comment in response to queries. Nuland did not respond to  a query.

The appointment is expected to be announced by Secretary of State Hillary Clinton as early as Monday, sources told the Envoy.

Nuland, a career foreign service officer, has previously served as U.S. Ambassador and deputy ambassador to NATO, former principal deputy national security adviser to then Vice President Dick Cheney, and as chief of staff to Clinton-era Deputy Secretary of State Strobe Talbott, now President of the Brookings Institution.

Well, I guess one way to make sure someone doesn’t go off the reservation like PJ Crowley did is to appoint a former Cheney aide.

Though I do hope Hillary recalls how Cheney sabotaged Colin Powell’s efforts at State Department with his agents there (people like John Bolton).

Eric Holder Claims Rule of Law Exists in Cyberspace

/in , /by

Just days after asking Congress not to give the intelligence community a hard deadline to put a basic cybersecurity measure into place, the Obama Administration rolled out a cybersecurity strategy yesterday with great fanfare. The event itself seemed designed to bring as many Cabinet Secretaries into one place at one time–Hillary Clinton, Gary Locke, Janet Napolitano, and Eric Holder, along with DOD Deputy Secretary William Lynn and White House Cybersecurity Coordinator Howard Schmidt–to give the appearance of real cooperation on cyberspace issues.

The strategy itself is still mostly fluff, with paragraphs like this:

This future promises not just greater prosperity and more reliable networks, but enhanced international security and a more sustainable peace. In it, states act as responsible parties in cyberspace—whether configuring networks in ways that will spare others disruption, or inhibiting criminals from using the Internet to operate from safe havens. States know that networked infrastructure must be protected, and they take measures to secure it from disruption and sabotage. They continue to collaborate bilaterally, multilaterally, and internationally to bring more of the world into the information age and into the consensus of states that seek to preserve the Internet and its core characteristics.

And loaded paragraphs like this, in the section on military goals:

Recognize and adapt to the military’s increasing need for reliable and secure networks. We recognize that our armed forces increasingly depend on the networks that support them, and we will work to ensure that our military remains fully equipped to operate even in an environment where others might seek to disrupt its systems, or other infrastructure vital to national defense. Like all nations, the United States has a compelling interest in defending its vital national assets, as well as our core principles and values, and we are committed to defending against those who would attempt to impede our ability to do so.

Lucky for DOD, there was no discussion of deadlines anywhere in the document, so they didn’t have to admit their plan to “adapt to the military’s increasing need for reliable and secure networks” was a long term project.

And then the strategy had a lot of language about norms, which places our cybersecurity strategy in the paradigm and language of international regime development from foreign relations (interestingly, Hillary started off the parade of Secretaries, further emphasizing this diplomatic approach).

But what struck me most about this dog and pony show, delivered on the day SCOTUS endorsed the executive branch’s efforts to hide torture behind the invocation of state secrets, was Eric Holder’s discussion about rule of law in cyberspace.

In recent months, the Justice Department has announced takedowns of significant criminal groups operating from Romania, Egypt, and elsewhere that had been victimizing American businesses and citizens – including children.  We’ve also brought multiple criminal conspirators to justice for their roles in coordinated cybercrimes that, according to court documents, netted nearly 1.5 million dollars from U.S. victims.  And, just a few weeks ago, we announced an operation to disable an international criminal network that had infected more than two million computers worldwide with malicious software.  Until we stepped in – with the help of industry and security experts, as well as key international partners – this malware was allowing criminals to capture bank account numbers, user names, and other sensitive and financial information online.

While we can all be encouraged by these and other successes, we cannot become complacent.  As President Obama has repeatedly indicated – we must, and we will, take our global fight against cyber threats to the next level.  The strategy that we are announcing today is an affirmation of that promise.  It reinforces our nation’s support for the Budapest Convention –and for efforts to establish the rule of law in cyberspace.   It also reflects our ongoing commitment to prevent terrorists and other criminals from exploiting the Internet for operational planning or financing – or for the execution of attacks. [my emphasis]

We’re going to build rule of law in cyberspace apparently. Sort of like an extraterrestrial colony to preserve a way of life that used to exist on Earth (or at least in the US), but no longer does.

So rest assured, if this cyberstrategy is successful, we can expect rule of law in cyberspace as compensation for the fact that the government has destroyed rule of law in meatspace.

Oh, on that note, there was no discussion of any investigation into how it was that a media outlet, Wikileaks, was attacked with a sophisticated DDOS attack, ultimately damaging free speech.

Whitewash Investigation on Detainee Abuse Is Why We Need WikiLeaks

/in , /by

The Nation has a long study on the Army’s Detainee Abuse Task Force, which one of its members described as a “whitewash.”

Jon Renaud, a retired Army Warrant Officer who headed the task force as the Special Agent in Charge for the first half of 2005, now says of the DATF, “It didn’t accomplish anything—it was a whitewash.” Neither he nor his fellow agents could recall a single case they investigated that actually advanced to a court-martial hearing, known as an Article 32.

“These investigations needed to take place,” said Renaud, a Bronze Star recipient who retired in 2009 after twenty years in the military. “But they needed to be staffed and resourced with the same level of resources that they gave the Abu Ghraib case.” He noted that the Army assigned a general and staff to conduct a comprehensive investigation of Abu Ghraib. “That was a single case,” he said, “and we had hundreds of others for six people.”

In addition to the many details of abuses ultimately ignored in Iraq, the Nation’s story demonstrates why we need something like WikiLeaks. After all, not only should there be some kind of public accountability for abuses like this (that should be as accessible and widely reviewed as the Taguba Report), citizens ought to be able search for more information.

But DOD claims the DATF never existed.

Requests to the Army for information about the origins, mission and track record of the DATF were refused, and a FOIA request to CID was denied with this claim: “No documents of the kind you described could be located. No official ‘Detainee Abuse Task Force’ was ever established by the USACIDC.” After a lengthy appeals process, during which we provided several samples of DATF communications on DATF letterhead, this finding was reaffirmed: CID “never created an official ‘Detainee Abuse Task Force,'” the denial letter read. “Individual criminal investigation units may have set up informal, ad hoc task forces while deployed to emphasize detainee abuse investigations. In turn, they may have labeled certain investigations as being subject to a ‘Detainee Abuse Task Force.'” But “there was no official organization for such a task force.”

[snip]

Angela Birt, the Operations Officer who oversaw CID’s felony investigations across Iraq during 2005, including the DATF, expressed disbelief at the military’s response. According to Birt, the DATF did not receive an official unit designator; “there was no heraldry behind it,” she said. “But to say it didn’t exist in the terms that they said in the letter? Wow, that’s really embarrassing for them,” said Birt.

“To say, ‘You never existed,'” Renaud said, “It’s insulting. It’s insulting to the agents that worked on it.

“I have to assume they just don’t want to release the cases,” he went on, “because if anybody actually got ahold of all the cases [and] read over them, they would obviously see huge holes.”

In fact, one of the Nation’s sources noted that the military kept reopening the cases the ACLU was FOIAing.

Renaud explained that his superiors at Fort Belvoir sent him weekly e-mails containing an itemized list of cases they were ordering reopened. He also separately received a list of cases about which the ACLU had filed FOIA requests. And he began to notice a correlation.

“I challenged folks on this. I said, ‘Hey, are we reopening these cases because we’re going to work them? Or are we reopening them to play hide the ball because we don’t want to release them?'”

“We did discuss the potential that they were just sending these back because as long as they’re open, they’re not subject to FOIA,” said Birt. “The rule with [the] Crimes Records Center is: if a case is open, they will not honor a FOIA request because it might jeopardize open and valid investigative pursuits.”

So it’s not just DATF DOD was hiding from FOIA, it was the cases themselves (in a tactic the government appears to be repeating more generally).

The military, if asked, would probably deny that it issued orders not to investigate instances of Iraqi-on-Iraq torture. But, because of Wikileaks, we know they did issue that order.

This is the impact of Frago 242. A frago is a “fragmentary order” which summarises a complex requirement. This one, issued in June 2004, about a year after the invasion of Iraq, orders coalition troops not to investigate any breach of the laws of armed conflict, such as the abuse of detainees, unless it directly involves members of the coalition. Where the alleged abuse is committed by Iraqi on Iraqi, “only an initial report will be made … No further investigation will be required unless directed by HQ”.

Frago 242 appears to have been issued as part of the wider political effort to pass the management of security from the coalition to Iraqi hands. In effect, it means that the regime has been forced to change its political constitution but allowed to retain its use of torture.

The military, if asked, would probably deny knowing that the US turned detainees over to the Iraqi Wolf Brigade to be tortured. But, because of WikiLeaks, we know that did happen.

In Samarra, the series of log entries in 2004 and 2005 describe repeated raids by US infantry, who then handed their captives over to the Wolf Brigade for “further questioning”. Typical entries read: “All 5 detainees were turned over to Ministry of Interior for further questioning” (from 29 November 2004) and “The detainee was then turned over to the 2nd Ministry of Interior Commando Battalion for further questioning” (30 November 2004).

The field reports chime with allegations made by New York Times writer Peter Maass, who was in Samarra at the time. He told Guardian Films : “US soldiers, US advisers, were standing aside and doing nothing,” while members of the Wolf Brigade beat and tortured prisoners. The interior ministry commandos took over the public library in Samarra, and turned it into a detention centre, he said.

[snip]

The Wolf Brigade was created and supported by the US in an attempt to re-employ elements of Saddam Hussein’s Republican Guard, this time to terrorise insurgents. Members typically wore red berets, sunglasses and balaclavas, and drove out on raids in convoys of Toyota Landcruisers. They were accused by Iraqis of beating prisoners, torturing them with electric drills and sometimes executing suspects. The then interior minister in charge of them was alleged to have been a former member of the Shia Badr militia.

And if it weren’t for WikiLeaks, we would know little about the multiple times our government bullied other countries to drop investigations of rendition and torture (one I’m certain we’ll see repeated when the President visits Poland later this month).

Without such transparency, the Nation study makes clear, there will be no accountability for the systematic flouting of US and international law.

But note the irony. As the Nation describes, none of the hundreds of abuse cases–not the ones that involved electrocution, not the ones that involved rape, not the ones that involved mock execution–resulted in a court-martial. But not only has the military charged Bradley Manning, but they have alleged that his actions–and not the torture and not the cover-up of torture–bring discredit on the armed forces.