RUTHFULLY YOURS

Once again the U.S. government has failed to protect sensitive personal information, this time highly sensitive information on 4,000 Air Force officers. This information, contained in extensive 127-page individual security questionnaires known as SF-86 were found on a backup hard drive that was neither password protected or encrypted. In addition, extensive information on high-profile visitors to sites in Afghanistan was also on the same drive along with gigabytes of Outlook emails whose content has yet to be assessed.

This follows a number of other similar cases, the most notorious was the highly successful penetration of SF-86 files and other data held by the Office of Personnel Management (OPM) in June, 2015. In that case, 21.5 million American’s personal data was compromised, again involving the SF-86 security questionnaire. On top of that, 5.6 million fingerprints were also stolen. In applying for a security clearance, the government collects fingerprint data and photos.

Full disclosure: my personal data was also compromised in the OPM hack and I received an OPM letter and some worthless “free for a year” coverage of my personal data going forward.

Does the government have any responsibility to protect sensitive information?

Apparently, anyone who believes that the government has this responsibility is sadly misguided. Not only does the government not protect personal information, it hands it around to other agencies routinely and gives it to private contractors for “processing.”

Like your passport! You go to a passport office, fill out all the information, provide a birth certificate and all the requisite contact information, and you give the passport office photos, one of which will wind up embossed into your passport. Then the Passport Office sends all that (how, by mail?) to a private contractor to “process.” Who has access to it is anyone’s guess. The information is not classified and therefore is not formally protected in any manner.

The same holds true for your tax return, which you send in to the IRS. nowadays electronically. Maybe it is semi-encrypted when you electronically transmit the form, or your accountant does it for you, but when it arrives at the IRS it is stored as an ordinary file with no protection.

The SF-86 form is an especially pernicious example because it contains a vast amount of information, everything from every place you may have worked, who your friends and colleagues are, to your business involvements and who your family members and relatives may be. All of this provides hugely valuable information to potential adversaries who may be nation-states, but who also could be terrorist organizations.

Everyone is shocked, shocked by WikiLeaks’ latest exposé that the Central Intelligence Agency (CIA) has been exploiting software vulnerabilities in our digital and electronic devices. All those “shocked” should have known better by now.

After the publications of files stolen by former National Security Agency’s contractor, Edward Snowden, on U.S. military capabilities, operations, tactics, techniques and procedures, and surveillance details, President Obama announced, “Nobody is listening to your telephone calls.”

In the spring of 2016 — months before Hillary Clinton’s and John Podesta’s emails were published by WikiLeaks — the Pew Research Center survey showed that many Americans “do not trust modern institutions to protect their personal data — even as they frequently neglect cybersecurity best practices in their own personal lives.”

For well over a decade, cyber experts have been testifying in open and closed Congressional hearings on the escalation of hacking into United States government agencies and private industries, communication, websites, and email. All without exception issued warnings on the short-term damages and the long-term threat posed by such hacking to U.S. national security and interests, and the American people by Chinese, Iranian, Russian, and other cybersavvy intelligence agencies, criminal and terrorist organizations. All the while very few, if any, warned of the proliferation of ground-based jammers and their growing interference with GPS timing and locations services, or data corruption and insertion.

In 2010, then Former Under Secretary of Defense for Policy Jim Miller lamented, “The scale of compromise, including the loss of sensitive and unclassified data, is staggering. We’re talking about terabytes of data, equivalent to multiple libraries of Congress.” (The Library of Congress is the world’s largest library, archiving millions of books, photographs, maps, and recordings.)

Successive governments and the private sector have failed to secure our communications, exposing our personal and national secrets, costing untold economic damage to individuals, companies, and our national security.

While the Obama administration oversaw the accelerated pace of moving to wireless communications — leaving very few alternatives, if any, for a time when those will be unavailable due to attack or natural disaster — it has adopted a slow knee-jerk cybersecurity policy. In 2014, the Obama administration was tasked by Congress to develop cyber countermeasure policies. But in response to Sen. John McCain’s (R-AZ) question “Is it correct that these are policy-decisions that have not been made?” U.S. Cyber Command Commander Admiral Michael S. Rogers responded: “The way I would describe it is, we clearly still are focused more on” an “event-by-event” approach to cyber incidents.” He urged to “accelerate debate on how to balance security and privacy in the ever-changing digital realm.” Otherwise, Rogers warned, “an enemy could change and manipulate data — rather than enter a computer system and steal — that action would be a threat to national security.”

Conservatives see the threat of aggressive Islam, which puts us far ahead of liberals, who merely live in stupefied denial. But conservatives tend to treat Islam as monolithic, which it is not.

Right now the Trump administration is considering whether to designate the Muslim Brotherhood as a terrorist organization, which sounds to Arab ears like “Is the Pope Catholic?” Do the Saudis play double games?” “Are the mullahs of Iran really genocidal?”

The answer is Yes! Yes! and Yes!

Which is why even Saudi Arabia, Russia, Syria, Bahrain, and the UAE have officially designated the Muslim Brotherhood as a terror group. One of biggest on the Sunni side of the street.

A new article in Cairo’s Al Ahram this week gives an explanation even the New York Times could understand (if it wanted to). The MBs promote violent Jihad, and carry it on themselves in their civil war against Egypt. They sponsor Hamas terror against Israel. They follow radical doctrines. Most of all (and here comes a new word), the MB’s are taqfiri. (TAHK-fear-ey). They regularly declare other Muslim groups to be infidels, which means they will kill other Muslims unless they submit to the MB version of Islam. From its most basic belief, the Ikhwan is at war with all Muslims who do not follow its militant war doctrine. The doctrine of taqfir is basic, and deviation puts you outside of the circle.

And yes, there are peaceful Muslim sects, like the Ahmadiyya. But they are small minorities in constant trouble from the violence-supporting majority.

There are also rational Muslims like Egypt’s President Abdel Fattah al-Sisi, who has said in a famous speech:

It’s inconceivable that the thinking that we hold most sacred should cause the entire umma [Islamic world] to be a source of anxiety, danger, killing and destruction for the rest of the world. Impossible! …

Is it possible that 1.6 billion people [Muslims] should want to kill the rest of the world’s inhabitants — that is 7 billion — so that they themselves may live? Impossible!

Those may be the most important words any Muslim leader has said since 9/11/01.

Yet Obama chose to ignore Sisi and supported the Muslim Brotherhood instead. What does that tell you?

Hillary’s closest confidante, Huma Abedin, comes from an MB family, was indoctrinated from childhood onward, and is paid by a family “charity” who are all MBs. Hillary and Bill know all that, of course, but the Moobs bring in huge amounts of money to the Democrats, and that’s what counts for the Clintons. (It should also matter to the rest of us.)

The Justice Department has enlisted a former Islamic State fighter in what they say is an effort to combat radicalization.

But the program, centered around Brooklyn native Mohimanul Alam Bhuiya, is fraught with considerable risks as so-called “deradicalization” efforts around the globe have failed spectacularly, and recent high-profile cases of former terrorists-turned-therapists experiments have not ended well.

The Wall Street Journal reports:

Mo, a U.S. citizen whose full name is under seal, left New York City in the summer of 2014 to join Islamic State in Syria.

Mo, now 28 years old, quickly became disillusioned, he says now. Four months in, he sent an email to the Federal Bureau of Investigation. “Please help me get home,” he wrote, according to court documents. “I’m fed up with this evil.”

[…]

Authorities in November 2014 deported Mo back to Brooklyn, where he pleaded guilty to two terrorism charges. He told the FBI that he acted as a building guard for Islamic State and taught other recruits how to use computer software.

Since then, Mo’s work with the U.S. government has included an unusual form of cooperation: conducting an intervention with a 15-year-old boy from Brooklyn who was posting tweets that appeared to support violence and Islamic State, also known as ISIS. The intervention so far has successfully dissuaded the teenager from joining the terrorist group.

It turns out that the Justice Department program is intended to reduce the sentences of U.S. terror supporters:

Under the new initiative, Brooklyn federal prosecutors will also use more discretion before charging someone with providing “material support” to terrorists, a broad violation that carries a maximum of 20 years in prison. Prosecutors may try to arrest some individuals on a lesser charge without the terrorism stigma, such as wire fraud.

For suspects already in custody, prosecutors will give more consideration to a shorter prison sentence in exchange for a longer period of supervised release that includes counseling or treatment.

There’s certainly no reason to question the motives of federal prosecutors backing this program, but there is evidence that calls into question their judgment.

Self-styled “community organizer” and “civil rights activist” Hesham El-Meligy was detained earlier today by the NYPD after refusing a bag search while attempting to board the Staten Island Ferry.

Predictably, El-Meligy is claiming racial profiling and “Islamophobia,” and insisting his rights were denied. But fellow Staten Islanders are pushing back on his claims.

A religious and political activist on Staten Island claims he was placed in handcuffs, frisked and issued two summonses by NYPD officers based on the way he looks.

Hesham El-Meligy, a Muslim who was born in Egypt, was temporarily detained and searched by police at about 8 a.m. Wednesday at the Staten Island Ferry terminal in St. George, after he refused a random bag check.

After a search of his backpack, he was issued summonses for trespassing and disorderly conduct and allowed on to the ferry, police said Thursday.

El-Meligy, founder of the Islamic Civic Association on Staten Island and chairman of the Staten Island Libertarian Party, said he believes the bag check wasn’t so random.

He took to Facebook hours after the incident, saying he felt singled out because his Egyptian heritage.

“I have no doubt that many (people) are in fact stopped randomly, but the manner this was done in my particular case made it feel different,” said El-Meligy.

But at least one eyewitness to El-Meligy’s detention disputes his account:

In 2017 we are facing a new and more sophisticated array of physical security and cybersecurity challenges that pose significant risk to people, places and commercial networks. The nefarious global threat actors are terrorists, criminals, hackers, organized crime, malicious individuals, and, in some cases, adversarial nation states. Everyone and anything is vulnerable, and addressing the threats requires incorporating a calculated security strategy.

According to Transparency Market Research, the global homeland security market is expected to grow a market size of $364.44 billion by 2020. A large part of the spending increase over the past year is directly related to cybersecurity in both the public and private sectors.

A security strategy to meet growing challenges needs to be both comprehensive and adaptive. Defined by the most basic elements in managed risk, security is composed of:

Layered vigilance (intelligence, surveillance);
Readiness (operational capabilities, visual command center, interdiction technologies);
Resilience (coordinated response, mitigation and recovery).

The specifics of a security approach may vary according to circumstances, but the mesh that connects the elements is situational awareness combined with systematic abilities for critical communications in cases of emergency.

Because society is undergoing such a rapid technological change, the traditional paradigms for addressing threats are evolving with the security challenges. Two particular security challenges characterize the current and future connective landscape in both the public and private sectors: protecting critical infrastructure, and protecting the Internet of Things (IoT) and Smart Cities.

The Security Challenge of Protecting Critical Infrastructure

In the U.S., most of the critical infrastructure, including defense, oil and gas, electric power grids, health care, utilities, communications, transportation, education, banking and finance, is owned by the private sector (about 85 percent) and regulated by the public sector. Protecting the critical infrastructure poses a difficult challenge because democratic societies by their nature are open and accessible. According to the National Consortium for the Study of Terrorism and Responses to Terrorism, a Department of Homeland Security Science and Technology Center of Excellence based at the University of Maryland, between 1970 and 2015, 2,723 terrorist attacks took place in the U.S.; of these attacks, 2,055 (75 percent) targeted critical infrastructure.