Sunday, July 12, 2015

Penetrating #CIA

If you worked for the federal government, all your personal data has been compromised!                  []

Click here for related story [arstechnica: Sean Gallagher]

The federal government has been opaque about the level of damage inflicted by the data  breach at OPM [Office of Personnel Management] -- which holds the personnel files on the majority of employees employed by the federal government.  Initially, they estimated only about 10 or 12 million files were accessed; but then, that was revised to about 25 million, but, they weren't sure.

We reckon closer to 50 million, to include all those actively employed as well as all the retired folks who have held security clearances or "positions of trust and responsibility."  The two systems breached were the Electronic Official Personnel Folder (eOPF) system, an entity hosted for OPM at the Department of the Interior's shared service data center, and the central database behind "EPIC," the suite of software used by OPM's Federal Investigative Service in order to collect data for government employee and contractor background investigations.

Significantly, the employees at greatest risk in this breach are intelligence officers, whose background investigations and lifestyle polygraph results were within those files that were breached.

Of course, the personnel files of all the senior career bureaucrats in every federal agency were breached, to include the FBI's background investigations which supported their security clearances.  And, let's not forget that, also included were the classified and unclassified files of every elected politician [and their staffers] on Capitol Hill [such were the files that fell into Hillary's clutches for several years, and which magically appeared in her White House bedroom while Bill was President].

Now, each of these folks filled out a Statement of Personal History [SPH], to include names and locations of family members and friends, membership in all organizations, credit card and other bank debt, bankruptcies, and legal history, to include minor and major crimes.

That's a lot of information for bad guys to have in their clutches just for background, but also to hack into at will to target case officers and their families.

But, let's look at what else the bad guys got.

OPM compromised us!                      [Bridge of Spies]
Most of our Intelligence personnel, whether government or contractor, are required to submit to polygraphs to determine whether or not they are spying for foreign governments, or are vulnerable to blackmail or extortion.  There are two types of these polygraphs:
    a) CounterIntelligence, which poses a series of questions the subject must answer relating to foreign contacts and relationships.  This questioning is limited in scope but is, and has been sufficient to root out spies and double agents in the past in the Spook World.
    b) Life-Style, which covers not only foreign contacts and relationships, but also any and all elements of lifestyle, to include unusual sexual proclivities [e.g., homosexuality, cross-dressing, illegal gun ownership, membership in fringe political groups, past or current drug usage, psychiatric care, psychological issues (to include aberrant thoughts, depression, anger, voyeurism, etc.), and past "crimes" [e.g., violations of the Geneva Convention], and basically, anything the polygrapher might dream up.

For the most part, polygraphers in the Intelligence Community are relatively balanced and mature people, and forego many of their more personal prurient interests in their questioning process.  But, that doesn't hold true as a rule, since the younger, more eager folk go for the throat and hope they can intimidate their subjects into disclosing issues which can be used for prosecutions -- and thus make a name for themselves as "spy-catchers", or at least vicious intimidators.

Way back when we directed operations for the Defense Clandestine Service [DCS], we encountered one of these nasty creatures and removed him, and subsequently restructured our polygraphs.

As such, we constrained our polygraph question lists to only Counter-Intelligence issues since one criteria for selecting good case officers was that they would have been involved in some form of nefarious activity -- to include criminal acts -- prior [of course] to their entry into Federal/Military Service; the concept being that most clandestine operational activities involve breakage the laws of foreign countries [and occasionally US].  We also didn't want their very first criminal act to occur on the government dime since that risked their 'fessing up if they felt a sudden moral compunction.

Thunder Road to spy     [Moonshiners]
After all, a good case officer is not one who quibbles about the morality of persuading foreign nationals to commit treason by spying against their countries, or convincing them to lie, cheat and steal for the greater good of their country [and of course, for the US].  So, the legal history of our case officers occasionally included histories of grand-theft auto, gun-running, moonshine operations, illegal liquor/tobacco movements, money laundering, etc.

In some cases, there may even have been violations of the Geneva Convention due to exigent combat circumstances.  And, our operations were highly successful; so much so that the Senate Select Committee on Intelligence cited our operational production as exceptional and superior to that of any operations in the Intelligence Community.

[That, of course, was prior to the Clinton Administration, during which the DCS was gutted due to the intercession of the new DCI [Director of Central Intelligence, George Tenet.]

But, we could not convince the CIA to eliminate their Lifestyle Polygraphs; so we made it a policy that our case officers would NEVER agree to a CIA Lifestyle Polygraph [there was one exception by a case officer (a Marine) who unilaterally volunteered; he was later brought up on unrelated court martial charges and it took the intercession of the Commandant of the Marine Corps to arrange for his retirement rather than a court martial].

Our problem with the CIA was that most of their case officers were drawn from two primary sources:
a)  Young recruits from the MidWest farmlands before they'd had a chance to commit any significant illegal acts
b)  Police officers at local, state, federal or military levels [e.g., ATF, DEA, etc.], or military police, or even analysts.
[A Chief of Station in Central America in the early 1980s was formerly an enlisted Air Policeman whose expertise was limited to writing speeding tickets and whose weaponry expertise consisted of a Colt .38; he was an advisor to the Nicaraguan Contras and sported a Fidel Castro style beard.]

The difficulty in dealing with CIA's Clandestine Service [NCS] was that they thought [and still think] like cops, looking for an arrest rather than a penetration.  Worse, once they actually committed a grievous crime, they seemed to become addicted and pushed the envelope to see how much they could  get away with before conscience actually kicks in.  Today, they bring in SpecOps grunts to conduct interrogations, presuming their effectiveness equates to the volume of shrieking they can induce from torturing prisoners.  We doubt they have any trained interrogators, although there was a time when they had the best.

In dealing with the CIA, we often found ourselves countering their law enforcement backgrounds to the detriment of the operations.  At times, it was even preferable to work with the FBI agents since they seemed to have a more balanced approach to operational activities -- although only a few had a clue on how to run a counter-intelligence op.

But, we can't condemn the CIA too much since they've had to restructure so many times after Congress either destroyed them directly, or our Presidents appointed idiots such as George Tenet or Leon Panetta as "Directors" but who were actually tools of the cops who had risen to the executive level at the CIA.

But, we digress.

The point of all the blather above is that these data breaches have put at risk our best [and worst] intelligence personnel; and not only the operatives, but the analysts and support personnel who are privy to our most sensitive secrets.

So, all the hoopla about Fast Eddie Snowden spilling state secrets [well, actually, all the illegal activities of the NSA] is actually secondary.  In reality, if you can compromise the operatives and analysts, you've made the ultimate penetration.

But, here's the kicker.
Who are the hackers?

Were they the Chinese, or the Russkies, or ISIS?

Probably not.
As one NSA exec explained to us 40+ years ago, encryption is a pretty solid process.  In order to break the encryption, you have to have at least one end in the clear.  And, that requires a human operative who has a key.

How does that operative get the key?

Well, generally, it's a trusted bureaucrat who has the skill sets to understand the encryption and how to access the system.  And, those folks are few and far between.  So, who are these critters.

Basically, you have to delve back into history [i.e., the 1990s] when the US government demanded that every IT company telecom turn over its encryption keys to the NSA, since otherwise, they couldn't access these files.  The companies screamed bloody murder, but, in the end, the US companies acquiesced and gave up their keys.
[The European companies all told the NSA to pound sand, so only the US companies' data was vulnerable, as were the US public.]

Interestingly, the workaround on this process was the companies which provided the "anti-virus security" programs to protect against the hacker "evil-doers".  Back in the early 1990s, we were consultants at the Pentagon and advised against having a foreign [e.g., Israel] company supply the anti-virus security programs to "protect" the DOD systems -- most particularly, the DODIIS [DOD Intelligence Information System].  At that time, the Army's Intelligence CIO held a PhD in Physical Education, and had no idea how to work his computer, much less how to secure the Intelligence system.  Worse, there was a move afoot to digitize the DCS and its registered sources and case officers -- to save paper and conserve storage space.  [We took the liberty of discussing this issue with the Assistant Secretary of the Army [a personal friend], and ended that nonsense.

But, since then, all those safeguards we tried to put into place were eradicated, and our sensitive intelligence data were wide open to exploitation to the 10th grader who wanted to hack into his school server -- or the DOD classified intelligence systems.

So, whodunit!
We're guessing the Chinese, whom we don't trust as far as we would Hillary Clinton, are not the perps here.  Rather, we suspect this is an Administration op, in which the goal is to identify every individual in the US with a security clearance and to build a complete dossier on these folks since they might pose a threat to the upcoming totalitarian government they plan to install.  [Yes, yes, we know; and for those who doubt us, we'll don our tin-foil hats].

But, we've monitored so many totalitarian governments, and watched their formation, the template is clear:  identify your opposition, neutralize them, collect all the weapons, and then institute a system wherein neighbors spy on each other, and kids report on their parents, police operate without rules, suspend the Constitution, and .... well, you get the picture.

Look at East Germany and talk to the refugees from that Communist state.  They'll be happy to explain to you how the process works -- and how we're headed directly down that path, back to the Berlin Wall.