Was the Consular Consolidated Database (CCD) the main target of the twin hackers?

Posted: 1:27 am EDT


In May 2015, a federal grand jury indicted twin brothers Muneeb and Sohaib Akhter, 23, of Springfield, Virginia, on charges of aggravated identity theft, conspiracy to commit wire fraud, conspiracy to access a protected computer without authorization, access of a protected computer without authorization, conspiracy to access a government computer without authorization, false statements, and obstruction of justice.  According to USDOJ, the brothers and coconspirators also devised a scheme to hack into computer systems at the U.S.  Department of State to access network traffic and to obtain passport information.  (See Twin Brothers and Co-Conspirators on Alleged Scheme to Hack State Dept to Obtain Passport Information).

The bothers pleaded guilty on June 26, 2015.   On October 2, the USDOJ announced that Muneeb Akhter was sentenced for accessing a protected computer without authorization, making a false statement and obstructing justice.  Muneeb Akhter was sentenced to 39 months in prison and Sohaib Akhter was sentenced to 24 months in prison.  Each man was also sentenced to three years of supervised release. Case title: USA v. Akhter et al.  Below is an excerpt from the announcement:

[T]he Akhter brothers and co-conspirators engaged in a series of computer intrusions and attempted computer intrusions against the U.S. Department of State to obtain sensitive passport and visa information and other related and valuable information about State Department computer systems.  In or around February 2015, Sohaib Akhter used his contract position at the State Department to access sensitive computer systems containing personally identifiable information belonging to dozens of co-workers, acquaintances, a former employer and a federal law enforcement agent investigating his crimes.

Sohaib Akhter later devised a scheme to ensure that he could maintain perpetual access to desired State Department systems.  Sohaib Akhter, with the help of Muneeb Akhter and co-conspirators, attempted to secretly install an electronic collection device inside a State Department building.  Once installed, the device could have enabled Sohaib Akhter and co-conspirators to remotely access and collect data from State Department computer systems.  Sohaib Akhter was forced to abandon the plan during its execution when he broke the device while attempting to install it behind a wall at a State Department facility in Washington, D.C.

Furthermore, beginning in or about November 2013, Muneeb Akhter was performing contract work for a private data aggregation company located in Rockville, Maryland.  He hacked into the company’s database of federal contract information so that he and his brother could use the information to tailor successful bids to win contracts and clients for their own technology company.  Muneeb Akhter also inserted codes onto the victim company’s servers that caused them to vote for Akhter in an online contest and send more than 10,000 mass emails to students at George Mason University, also for the purpose of garnering contest votes.

In or about October 2014, Muneeb Akhter lied about his hacking activities and employment history on a government background investigation form while successfully obtaining a position with a defense contractor.  Furthermore, in or about March 2015, after his arrest and release pending trial, Muneeb Akhter obstructed justice by endeavoring to isolate a key co-conspirator from law enforcement officers investigating the conspirators’ crimes.  Among other acts, Muneeb Akhter drove the co-conspirator to the airport and purchased a boarding pass, which the co-conspirator used to travel out of the country to the Republic of Malta.  When the co-conspirator returned to the United States, Muneeb Akhter continued to encourage the co-conspirator to avoid law enforcement agents.

One of the brothers was profiled by WaPo in 2014. Both brothers started college at 16 and they were George Mason’s youngest graduates in 2011. In 2012, the brothers received a $200,000 grant from the Defense Advanced Research Project Agency, or DARPA.

The details of this case are even more disturbing.  Under Count Eight  (Conspiracy to Access a Government Computer without Authorization).

60. The Bureau of Consular Affairs (hereinafter “Bureau”) is a division of the State Department, which administers laws, formulates regulations, and implements policies relating to consular services and immigration. It has physical offices in Washington, DC.

61. Passport Lockbox (hereinafter “Lockbox”) is a Bureau program that performs payment processing, scarming of applications, and initial data entry for US. passport applications. Lockbox has a computer database containing imaged passport applications associated with real individuals. The imaged passport applications in Lockbox’s database contain, among other things, a photograph of the passport applicant, as well as certain personal information including the applicant’s full name, date and place of birth, current address, telephone numbers, parent information, spouse’s name, and emergency contact information.

62. ActioNet, Inc. (hereinafter “ActioNet”) is a contractor that provided information technology support to the State Department. It has physical offices in Falls Church, Virginia, located in the Eastern District of Virginia.

63. From in or about October 2014 to in or about February 2015, SOHAIB AKHTER was a contract employee at ActioNet assigned to a position at the State Department as a Tier II Application Support Resource in the Data Engineering and Data Management Program within the Bureau.

64. Prior to accessing the Lockbox database, and throughout his tenure as a contractor with the State Department, SOHAIB AKHTER was made aware of and indicated he understood: (a) the confidential nature of the Lockbox database and the confidential personal data contained therein; (b) the information contained in the passport records maintained by the State Department pursuant to Lockbox is protected from unauthorized disclosure by the Privacy Act of 1974, 5 U.S.C. § 552a; and (c) passport applications maintained by the State Department in the Lockbox database should be accessed only in connection with an employee’s official government duties and not the employee’s interest or curiosity.

69. MUNEEB AKHTER and SOHAIB AKHTER, UCC-l, and other coconspirators known and unknown to the Grand Jury, engaged in a series of computer intrusions and attempted computer intrusions against the State Department to obtain sensitive passport and visa information and other related and valuable information about State Department computer systems.

70. SOHAIB AKHTER used his contract position at the State Department to search for and access sensitive passport information belonging to coworkers, acquaintances, a former employer, and federal agents investigating him for crimes alleged in this Indictment. After accessing sensitive passport information from State Department computers, SOHAIB AKHTER copied, saved, and shared this information with coconspirators.

71. SOHAIB AKHTER also attempted to use his access to State Department computer systems to create an unauthorized account that would enable him to access State Department computer systems undetected. SOHAIB AKHTER surreptitiously installed malicious programs onto State Department computer systems in order to execute his plan to create the backdoor login account.

72. SOHAIB AKHTER orchestrated a scheme to secretly install a physical device at a State Department building known as SA-17. Once installed, the device would enable SOHAIB AKHTER and coconspirators to collect data from and remotely access State Department computer systems.

73. SOHAIB AKHTER led the conspiracy, organized the intrusion to install the physical device, recruited coconspirators to assist in execution of the intrusion, and managed the execution of the intrusion.

74. MUNEEB AKHTER provided technical assistance to SOHAIB AKHTER for the unauthorized access. MUNEEB AKHTER programmed the physical device, known as a “gumstix,” so that it would collect data from State Department computers and transmit it wirelessly to computers controlled by MUNEEB AKHTER and SOHAIB AKHTER and coconspirators.

75. On the day the scheme was executed, UCC-1 transported materials, including the gumstix, from MUNEEB AKHTER, located at the AKHTER residence, to SOHAIB AKHTER, located at SA-17.
78. In or about October 2014, SOHAIB AKHTER was hired by ActioNet to perform contract work for the State Department at both ActioNet offices in Falls Church, Virginia, and Bureau offices in Washington, DC.

79. Beginning on or about February 12, 2015, and continuing thereafter until on or about February 19, 2015, in Falls Church, Virginia, in the Eastern District of Virginia, and elsewhere, SOHAIB AKHTER, while employed at ActioNet, accessed the Lockbox database without authorization. .

80. Between on or about February 12, 2015, and on or about February 19, 2015, SOHAIB AKHTER conducted approximately 119 searches for U.S. passport records using the Passport Lockbox Lookup report. He accessed personal passport information for approximately 62 different individuals, including: G.R., a DHS special agent investigating the crimes alleged in this Indictment; UCC-1; A.I.; A.M., the CEO of Victim Company 2; and himself. In addition, SOHAIB AKHTER attempted to access passport information for S.T., a DHS special agent investigating the crimes alleged in this Indictment.

82. In or about February 2015, SOHAIB AKHTER viewed and copied from State Department computer systems the personal passport information associated with several individuals, including DHS Special Agent G.R.

83. In or about March 2015, MUNEEB AKHTER told UCC-1 that he and SOHAIB AKHTER stored the personal passport information that SOHIAB AKHTER removed from State Department systems on an external hard drive. MUNEEB AKHTER told UCC-1 that Special Agent G.R.’s information would be valuable to criminals on the “dark net” and that he was considering selling the information.

84. In or about February 2015, SOHAIB AKHTER downloaded several programs to a State Department computer. These programs included malicious software, or malware, which SOHAIB AKHTER hoped would enable him to access State Department computers remotely.

85. In or about February 2015, SOHAIB AKHTER told UCC-1 that if he was able to gain remote access to State Department computer systems, he could: access information on individuals’ passport applications; access and unilaterally approve visa applications without State Department authorization in exchange for payment; and create passports and visas and sell them on the “dark net.”

86. On or about February 15, 2015, SOHAIB AKHTER called UCC-1 and asked him to buy a drill. UCC-1 purchased the drill and then, pursuant to SOHAIB AKHTER’s request, drove to the AKHTER residence to pick up additional items from MUNEEB AKHTER. At the AKHTER residence, in Springfield, Virginia, in the Eastern District of Virginia, MUNEEB AKHTER told UCC-1 that he was programming a SD card, which was later to be inserted into the gumstix. MUNEEB AKHTER gave UCC-1 a bag containing a screwdriver, tape, glue, and the gumstix. Pursuant to SOHAIB AKHTER’s request, UCC—l drove to SA-17, in Washington, DC, and delivered the bag and items to SOHAIB AKHTER outside SA-17. Later that day, MUNEEB AKHTER drove separately to Washington, DC, and delivered the SD card to SOHAIB AKHTER.

87. On or about the evening of February 15, 2015, SOHAIB AKHTER called MUNEEB AKHTER and told him that he attempted to install the gumstix behind a wall inside SA-17 but was ultimately unsuccessful.

88. On or about February 19, 2015, SOHAIB AKHTER sent an email from his State Department email account to the email address akhters3@vcu.edu containing lines of code and headers for State Department servers.


We’re not sure reading this if the intrusion was done on the State Department’s Travel Document Issuance System (TDIS) which includes information from U.S. citizens and nationals applying for passports, other Department of State computer systems, passport acceptance agents, the Social Security Administration, the lockbox provider (CITIBANK), passport specialists, and fraud prevention managers, or, if the intrusion occurred on the Passport Information Electronic Records Systems (PIERS), or wait … the motherload, the Consular Consolidated Database (CCD) The Passport Lockbox program cited in the indictment is vague; it’s not a system of record according to the State Department’s System of Records Notices.  But the indictment identifies it as a State Department database. Could this be in reference to the Citibank® Lockbox Services? That is a high-speed processing environment and image-based platform for receivables management, advanced reporting and image inquiry used by the State Department to enable the scanning of applications, extraction of applicant photos received at lockbox locations and storing and batching of images.

Note that #69 of the indictment also alleges “a series of computer intrusions and attempted computer intrusions against the State Department to obtain sensitive passport and visa information;” does that mean the targeted system was the CCD?  The CCD provides access to passport data in Travel Document Issuance System (TDIS), Passport Lookout Tracking System (PLOTS), and Passport Information Electronic Records System (PIERS).  As of December 2009, the CCD also contains over 100 million visa cases and 75 million photographs, utilizing billions of rows of data, and has a current growth rate of approximately 35 thousand visa cases every day.

By the way, one of the brothers was a contract employee assigned to a position at the State Department as a Tier II Application Support Resource in the Data Engineering and Data Management Program within the CA Bureau from October 2014 to in or about February 2015 (#63).  In November 2014, the State Department suffered some “technical difficulties.” See State Dept Re-attached to the Internet, and About Those “Unrelated” Embassy Outages; State Department’s “Technical Difficulties” Continue Worldwide, So What About the CCD?

Was it just a coincidence that a master of the universe hacker was working at the State Department at the time when the agency’s systems were having technical difficulties?

Or were the Akhter twins the “technical difficulties”?





When the Boss Is Last to Know: Chaffetz Snoops at the Secret Service

Posted: 1:06 pm EDT


The Department of Homeland Security Inspector General has completed its independent investigation into allegations that one or more Secret Service agents improperly accessed internal databases to look up the 2003 employment application of Congressman Jason Chaffetz, Chairman of the House Committee on Oversight and Government Reform. The Inspector General has confirmed that between March 24 and April 2, 2015, on approximately 60 different occasions, 45 Secret Service employees accessed Chaffetz’ sensitive personal information. The OIG concluded that only 4 of the 45 employees had an arguable legitimate need to access the information.

Here is the IG’s conclusion:

This episode reflects an obvious lack of care on the part of Secret Service personnel as to the sensitivity of the information entrusted to them. It also reflects a failure by the Secret Service management and leadership to understand the potential risk to the agency as events unfolded and react to and prevent or mitigate the damage caused by their workforce’s actions.

Screen Shot 2015-09-30

via dhs/oig

All personnel involved – the agents who inappropriately accessed the information, the mid-level supervisors who understood what was occurring, and the senior leadership of the Service – bear responsibility for what occurred. Better and more frequent training is only part of the solution. Ultimately, while the responsibility for this activity can be fairly placed on the shoulders of the agents who casually disregarded important privacy rules, the Secret Service leadership must do a better job of controlling the actions of its personnel. The Secret Service leadership must demonstrate a commitment to integrity. This includes setting an appropriate tone at the top, but more importantly requires a commitment to establishing and adhering to standards of conduct and ethical and reasonable behavior. Standards of conduct and ethics are meaningful only if they are enforced and if deviations from such standards are dealt with appropriately.

It doesn’t take a lawyer explaining the nuances of the Privacy Act to know that the conduct that occurred here – by dozens of agents in every part of the agency – was simply wrong. The agents should have known better. Those who engaged in this behavior should be made to understand how destructive and corrosive to the agency their actions were. These agents work for an agency whose motto – “worthy of trust and confidence” – is engraved in marble in the lobby of their headquarters building. Few could credibly argue that the agents involved in this episode lived up to that motto. Given the sensitivity of the information with which these agents are entrusted, particularly with regard to their protective function, this episode is deeply disturbing.

Additionally, it is especially ironic, and troubling, that the Director of the Secret Service was apparently the only one in the Secret Service who was unaware of the issue until it reached the media. At the March 24th hearing, he testified that he was “infuriated” that he was not made aware of the March 4th drinking incident. He testified that he was “working furiously to try to break down these barriers where people feel that they can’t talk up the chain.” In the days after this testimony, 18 supervisors, including his Chief of Staff and the Deputy Director, were aware of what was occurring. Yet, the Director himself did not know. When he became aware, he took swift and decisive action, but too late to prevent his agency from again being subject to justified criticism.

Read the full report here. Check out Appendix 1 for the chronological access to the Chaffetz record which includes multiple field offices, including the London office. Appendix 2 is the timeline of record access.

We can’t remember anything like this happening in the recent past.  There was the 1992 passportgate, of course, which involves a presidential candidate, but that’s not quite the same. In 2009, the DOJ said that a ninth individual pleaded guilty for illegally accessing numerous confidential passport application files, although it was for what’s considered “idle curiosity.”

Whether the intent of the Chaffetz record breach was to embarrass a sitting congressman or curiosity (not everyone who looked at the files leak it to the media), the files are protected by the Privacy Act of 1974, and access by employees is strictly limited to official government duties. Only 4 of the 45 employees who did access the Chaffetz records had a legitimate reason to access the protected information. If the DOJ pursued 9 State Department employees for peeking at the passport records of politicians and celebrities, we can’t imagine that it could simply look away in this case. Particularly in this case.  Winter is definitely coming to the Secret Service.



State Dept to Renovate Kabul’s Pol-i-Charkhi (PIC) Prison. Again.

Posted: 2:52 am EDT


The State Department has issued a Pre-Solicitation Notice of the Government’s intent to issue a solicitation for the renovation of Pol-i-Charkhi (PIC) Prison in Kabul, Afghanistan.  The project includes renovations in Blocks 1, 2 & 3 and extensive infrastructure and satellite structure improvements to the facility.  Actual solicitation documents are only accessible using the restricted portion of http://www.fbo.gov, so we have not been able to read the details of this renovation.

This is, however, the same prison which is the subject of an October 2014 SIGAR report, Pol-i-Charkhi Prison: After 5 Years and $18.5 Million, Renovation Project Remains Incomplete (pdf) This is Afghanistan’s largest correctional facility, funded in its initial construction by the Soviet Union in 1973.  It is designed for approximately 5,000 prisoners but housed nearly 7,400 during SIGAR’s inspection last year. Extract below from the SIGAR report:

Screen Shot 2015-09-29

  • In June 2009, in response to damage caused by 35 years of neglect, Soviet occupation, and warfare, the Department of State’s Regional Procurement Support Office (RPSO) awarded an INL-funded renovation contract to W (AWCC)—an Afghan firm—for $16.1 million. Following two modifications, the contract’s overall value increased to $20.2 million.
  • In November 2010, the RPSO terminated AWCC’s INL-funded renovation contract at the government’s convenience based on unsatisfactory performance.4 Following contract termination, INL awarded Batoor Construction Company—an Afghan company—a $250,000 contract to document AWCC’s work completed under the renovation contract.
  • More than 5 years after work began, renovation of Pol-i-Charkhi prison has not been completed, and the contract has been terminated for convenience. Following the RPSO’s termination of the INL-funded contract in November 2010, Batoor Construction Company reviewed and documented AWCC’s work completed under the renovation contract. In March 2011, Batoor reported that AWCC completed approximately 50 percent of the required renovation work. Batoor’s report also noted multiple instances of defective workmanship including the lack of backfilling of trenches, not repairing/replacing broken fixtures, lack of proper roof flashing and gutters, and soil settlement issues. For example, the report noted that there were no metal flashing or gutters installed on one of the prison blocks resulting in damage to surface paint and moisture penetration in supporting walls.
  • We conducted our prison inspection on April 19, 2014, but were limited by the fact that the renovation work had been completed more than 3 years prior to our site visit. We found that the prison holding areas had been reconfigured into maximum, medium, and minimum security cells, and the cells contained the required sinks and toilets. Our inspection of the renovated industries building and kitchen facilities did not disclose any major deficiencies. We also found that AWCC procured and installed the six back-up power diesel generators, as required by the contract. However, the generators cannot be used because they were not hooked-up to the prison’s electric power grid before the renovation contract was terminated. INL officials told us that the work necessary to make the generators operational—primarily installing paired transformers—will be done under the planned follow-on renovation contract, which they hope to begin in late 2014 or early 2015.
  • INL officials told us they anticipated an award of a follow-on contract by the spring of 2015 to complete the renovation work initiated in 2009 and a separate contract to construct a wastewater treatment plant. They estimated the renovation work would cost $11 million; the wastewater treatment plant, $5 million.
  • On November 5, 2010, the contracting officer issued a Stop Work Order which noted that AWCC’s performance was deemed unsatisfactory due to its lack of progress on the project, labor unrest at the work site, and a lack of supplies to maintain efficient progress. Then, on November 26, 2012, the RPSO contracting officer issued AWCC a termination for convenience letter.
  • After a 2-year negotiation that concluded in December 2012, RPSO agreed to an $18.5 million settlement with AWCC—92 percent of the $20.2 million contract value. RPSO agreed to the settlement despite INL and Batoor reports showing that AWCC only completed about 50 percent of the work required under the contract. The contracting officer who negotiated the settlement for the U.S. government told us that the final award amount reflected actual incurred costs and not any specific completion rate. The contracting officer noted that an RPSO contract specialist and an Afghan COR10 assisted her in lengthy negotiations with AWCC and joined her for the final round of discussions in Istanbul, Turkey, which concluded with the signed settlement agreement.
  • Although the contracting officer was able to execute some oversight and issue clear warnings to AWCC regarding its performance, INL’s oversight efforts were compromised by a U.S. employee who served as the COR for the AWCC renovation contract as well as the Basirat design and project monitoring contract. The COR served in this capacity until May 2010, when he was suspended after INL and State’s Office of Inspector General found that he had accepted money from Basirat to promote the company’s interests. The COR was convicted and sentenced by a U.S. District Court for accepting illegal gratuities from Basirat.9 As a result, in August 2010, State suspended Basirat from receiving any government contracts. In August 2010, State also suspended AWCC from receiving government contracts based on receiving confidential proposal information from Basirat concerning State solicitations.
  • The contracting officer added that during these final negotiations the COR [contracting officer’s representative] concurred with many of the contractor’s assertions. In June 2013, just 6 months later, the COR’s designation was suspended amid concerns that he may have colluded with another INL contractor, an issue discussed in our May 2014 inspection report on Baghlan prison.11 As noted in that report, INL suspected this COR of enabling a contractor to substitute inferior products and materials, failing to discover substandard construction, approving questionable invoices, and certifying that all contract terms had been met at the time of project turnover to INL even though construction deficiencies remained. The COR resigned in August 2013. SIGAR investigators are currently conducting an inquiry to determine whether the contractor or other U.S. government officials were complicit in these alleged activities.

So  —  the previous contractor collected an $18.5 million settlement,  92 percent of the $20.2 million contract? But it only did 50 percent of the work required under the contract? Maybe we should all move to Kabul and be contractors?

And now, there will be a new $16M contract?  Which will have modifications, of course, and will not really top off at $16M.


Related items:

Here’s what it looks like in Afghanistan’s largest — and still incomplete — prison (WaPo)

America’s Unfinished Prison in Afghanistan Is a Filthy Nightmare (Medium)



State/OIG Inspections Coming Your Way in FY2016

Posted: 1:05 am EDT


Extracted from State/OIG Work Plan FY2016-2017:

In FY 2015, OIG began a project to refine the way it prioritizes, scopes, and conducts inspections, with the overarching goal of improving the efficiency and effectiveness of the inspection process and enhancing the integrity of reports. As part of this project, ISP will be pilot testing new inspection models during FY 2016. The results of this project and the associated pilot tests will influence OIG’s FY 2017 inspection planning and scheduling. At this time, bureaus and posts being considered for inspection in FY 2017 include the Office of Management Policy, Rightsizing, and Innovation; Office of the U.S. Global AIDS Coordinator; Bureau of Consular Affairs, Office of Fraud Prevention Programs; and embassies in China, Kenya, South Africa, Sudan, and South Sudan. Once finalized, the FY 2017 inspections schedule will be added to this planning document.

In addition to the FY 2016 inspections listed below, ISP conducts two to four compliance follow-up reviews each year. The subject inspections for these reviews will be identified 30 to 60 days prior to the initiation of the review. ISP’s schedule is contingent upon availability of funds, budget decisions, and changes in inspection priorities, and is, therefore, subject to revision.

Screen Shot 2015-09-29

Via state.gov/oig

The Work Plan is available here.

Alaina Teplitz Sworn In as Next U.S. Ambassador to Nepal

Posted: 12:49 am EDT



Certificate of Competency – Teplitz Alaina B – Federal Democratic Republic of Nepal – April 2015

The WH released the following brief bio when it announced the nomination  in March 2015:

Alaina B. Teplitz, a career member of the Foreign Service, class of Minister-Counselor, currently serves as the Director of the Office of Management Policy, Rightsizing, and Innovation at the Department of State, a position she has held since 2012.  Previously, Ms. Teplitz served as the Management Minister Counselor at the U.S. Mission in Kabul, Afghanistan from 2011 to 2012, Deputy Executive Director in the Department’s Bureau of Near Eastern and South Asian Affairs from 2009 to 2011, and Director of Management Tradecraft Training at the Department’s Foreign Service Institute from 2007 to 2009.  Prior to that, she was the Deputy Director of Joint Administrative Services at the U.S. Embassy in Brussels, Belgium from 2004 to 2007, Management Officer at the U.S. Embassy in Dhaka, Bangladesh from 2002 to 2004, and Program Analyst at the Center for Administrative Innovation at the Department from 2001 to 2002.  After joining the Foreign Service in 1991, she served in the State Department’s Bureau of Administration, as well as in posts in Australia, Albania, and Mongolia.

Ms. Teplitz received a B.A. from Georgetown University.


Eyes Watching: Real Foreign Service Officers and Puzzle Pieces

Posted: 2:09 am EDT


Jonathan Haslam is the author of “Near and Distant Neighbors: A New History of Soviet Intelligence,” which was just published.He is the George F. Kennan Professor at the Institute for Advanced Study, Princeton. He was a visiting professor at Harvard, Yale and Stanford, and is a member of the society of scholars at the Johns Hopkins University. He pens the following piece via Salon:


Other indicators of a more trivial nature could be detected in the field by a vigilant foreign counterintelligence operative but not uniformly so: the fact that CIA officers replacing one another tended to take on the same post within the embassy hierarchy, drive the same make of vehicle, rent the same apartment and so on. Why? Because the personnel office in Langley shuffled and dealt overseas postings with as little effort as required. The invariable indicators took further research, however, based on U.S. government practices long established as a result of the ambivalence with which the State Department treated its cousins in intelligence.

Thus one productive line of inquiry quickly yielded evidence: the differences in the way agency officers undercover as diplomats were treated from genuine foreign service officers (FSOs). The pay scale at entry was much higher for a CIA officer; after three to four years abroad a genuine FSO could return home, whereas an agency employee could not; real FSOs had to be recruited between the ages of 21 and 31, whereas this did not apply to an agency officer; only real FSOs had to attend the Institute of Foreign Service for three months before entering the service; naturalized Americans could not become FSOs for at least nine years but they could become agency employees; when agency officers returned home, they did not normally appear in State Department listings; should they appear they were classified as research and planning, research and intelligence, consular or chancery for security affairs; unlike FSOs, agency officers could change their place of work for no apparent reason; their published biographies contained obvious gaps; agency officers could be relocated within the country to which they were posted, FSOs were not; agency officers usually had more than one working foreign language; their cover was usually as a “political” or “consular” official (often vice-consul); internal embassy reorganizations usually left agency personnel untouched, whether their rank, their office space or their telephones; their offices were located in restricted zones within the embassy; they would appear on the streets during the working day using public telephone boxes; they would arrange meetings for the evening, out of town, usually around 7.30 p.m. or 8.00 p.m.; and whereas FSOs had to observe strict rules about attending dinner, agency officers could come and go as they pleased.

Read in full here. Sounds like his book is an excellent addition to a gift list for OGA friends.


US Embassy Dhaka Restricts Movement of USG Staff/Families in Bangladesh

Posted: 1:39 am EDT





Excerpt from the Security Message issued by Embassy Dhaka on September 28:

There is reliable new information to suggest that militants may be planning to target Australian interests in Bangladesh.  Such attacks, should they occur, could likely affect other foreigners, including U.S. citizens.

In light of the increased threat, U.S. citizens should consider limiting their attendance at events where foreigners may gather, including events at international hotels.  U.S. citizens should maintain a high level of vigilance and situational awareness and should exercise caution in public places including restaurants, hotels and other places frequented by foreigners.

The U.S. government continues to receive information that terrorist groups in South Asia may also be planning attacks in the region, possibly against U.S. government facilities, U.S. citizens, or U.S. interests.  Terrorists have demonstrated their willingness and ability to attack locations where U.S. citizens or Westerners are known to congregate or visit.

Until further notice, all official U.S. government personnel are prohibited from attending large gatherings in Bangladesh, including events at international hotels, unless they have obtained Regional Security Office permission.

The Embassy advises U.S. citizens residing in or visiting Bangladesh to remain vigilant regarding their personal security and to be alert to local security developments.

A follow-up message notes that following the fatal attack on an Italian national in Gulshan September 28, the U.S. Embassy instructed its personnel to shelter in place until Tuesday morning September 29. American International School in Dhaka (AISD) will be closed on September 29. The Embassy will be open on September 29, including providing consular services. U.S. government personnel and their families will be limiting their movements.


Related posts:

US Embassy Bangui: Escalating Violence, Continue to Shelter in Place

Posted: 1:15 am EDT





Excerpt from the Warden Message:

Violence and looting continued on September 27 and into September 28 in Bangui. We are receiving reports that many roads remain blocked, including the road to the airport; weapons continue to be discharged by armed persons; and large crowds are forming in several locations in the city of Bangui. U.S. citizens should continue to shelter in place and avoid any non-essential movements. The U.S. Embassy in Yaounde has been designated to provide consular services for U.S. citizens currently remaining in CAR. U.S. citizens who are in Bangui should contact Embassy Yaounde at (237) 22220-1500 to report their location. If you are working for an NGO or international organization, please include that information.

U.S. citizens who have decided to stay in CAR despite the travel warning should regularly review their personal security situation. Embassy Bangui cannot provide consular services to U.S. citizens in CAR at this time. U.S. citizens in need of assistance should contact the U.S. Embassy in Yaounde, Cameroon.

Secretary Kerry announced the resumption of limited operations at the U.S. Embassy in Bangui on September 15, 2014.  U.S. citizens in need of routine assistance are advised to contact the U.S. Embassy in Yaounde, Cameroon by email to YaoundeACS@state.gov.


Related posts:

Burn Bag: Get a Portable Career, Bake Cupcakes! Geez Louise!

Via Burn Bag:

Quote from FLO at spouse orientation: “You should consider a portable career – you could bake cupcakes and sell them to the embassy staff”. I am a C-suite executive. Cupcakes.


FLO -Family Liaison Office. FLO’s mission is “to improve the quality of life of all demographics we serve by identifying issues and advocating for programs and solutions, providing a variety of client services, and extending services to overseas communities through the management of the worldwide Community Liaison Office (CLO) program.”

On Family Member Employment, state.gov/M/DGHR/FLO says: “The Family Liaison Office understands that when most family members join the Foreign Service community, they have already established personal and professional lives. Finding meaningful employment overseas is challenging given limited positions inside U.S. missions, language requirements, lower salaries, and work permit barriers on the local economy. The Family Liaison Office (FLO) has a dedicated team of professionals working to expand employment options and information resources to internationally mobile family members, both at home and abroad. FLO’s employment program team will advise individual family members on overseas employment issues, either in person, via email or phone.”


Federal Employees With Stolen Fingerprints From OPM Breach – Now Up to 5.6 Million

Posted: 12:05 pm EDT
Updated: 6:39 pm PDT



Here is the official statement from OPM dated September 23, 2015:

As part of the government’s ongoing work to notify individuals affected by the theft of background investigation records, the Office of Personnel Management and the Department of Defense have been analyzing impacted data to verify its quality and completeness.  During that process, OPM and DoD identified archived records containing additional fingerprint data not previously analyzed.  Of the 21.5 million individuals whose Social Security Numbers and other sensitive information were impacted by the breach, the subset of individuals whose fingerprints have been stolen has increased from a total of approximately 1.1 million to approximately 5.6 million.  This does not increase the overall estimate of 21.5 million individuals impacted by the incident.  An interagency team will continue to analyze and refine the data as it prepares to mail notification letters to impacted individuals.

Federal experts believe that, as of now, the ability to misuse fingerprint data is limited.  However, this probability could change over time as technology evolves.  Therefore, an interagency working group with expertise in this area – including the FBI, DHS, DOD, and other members of the Intelligence Community – will review the potential ways adversaries could misuse fingerprint data now and in the future.  This group will also seek to develop potential ways to prevent such misuse.  If, in the future, new means are developed to misuse the fingerprint data, the government will provide additional information to individuals whose fingerprints may have been stolen in this breach.

As we have stated previously, all individuals impacted by this intrusion and their minor dependent children (as of July 1, 2015) are eligible for identify theft and fraud protection services, at no cost to them.  In conjunction with the Department of Defense, OPM is working to begin mailing notifications to impacted individuals, and these notifications will proceed on a rolling basis.

OPM and our partners across government are working to protect the safety and security of the information of Federal employees, service-members, contractors, and others who provide their information to us. Together with our interagency partners, OPM is committed to delivering high-quality identity protection services to impacted individuals. The interagency team will continue to review the impacted data to enhance its quality and completeness, and to monitor for any misuse of the data. The U.S. Government will continue to evaluate the coverage being provided and whether any adjustments are needed in association with this incident.

Sigh. Grrr. Sigh. Grrr. Sigh. Grrr. Sigh. Grrr.