US Embassy Baghdad: “Several” Americans Missing in Iraq

Posted: 2:15 am EDT

 

CNN is reporting that three American contractors went missing in Iraq two days ago, citing an unnamed senior security official in Baghdad.

“A company filed a report Sunday about three of its staff going missing two days ago. They are American contractors. We are looking into this report,” the official told CNN. Separately, an Iraqi security official with knowledge of the case said that two of three missing contractors are dual Iraqi-American citizens, and that the third is an American national.

“We are working in full cooperation with Iraqi authorities to locate the missing Americans,” said U.S. Embassy spokesman Scott Bolz according to the AP.

Although some media outlets are reporting that three are missing, the U.S. Embassy has confirmed to the AP on Sunday that “several” Americans have gone missing in Iraq, after local media reported that three Americans had been kidnapped in the Iraqi capital.

The latest Travel Warning for Iraq dated December 4, 2015 notes:

The U.S. government considers the potential threat to U.S. government personnel in Iraq to be serious enough to require them to live and work under strict security guidelines.  All U.S. government employees under the authority of the U.S. Chief of Mission must follow strict safety and security procedures when traveling outside the Embassy and Consulates.

It is not clear if the missing are American contractors working for NGOs operating in Iraq or if they are USG contractors. We also have yet to see reporting on the circumstances of their disappearance.

 

#

 

 

 

US Embassy Kabul: Jan 4 Incident is “Getting Lowballed” by US Officials? (POGO)

Posted: 12:29 am EDT

 

We’ve recently posted about the attacks in Kabul (see US Embassy Kabul: January 4 Attacks Target USG Employees at Camp Sullivan and US Mission Afghanistan Contractor Survives Taliban Car Bomb, Takes Photo, Quits Job, Goes on Reddit. On January 7, the Project on Government Oversight (POGO) asks, Is the US Embassy in Kabul the next Benghazi?

Quick excerpt below:

Based on exclusive photos, videos, and messages the Project On Government Oversight (POGO) has been receiving from sources on the ground in Kabul since the housing compound for US Embassy security guards was hit by a bomb on Monday, it is clear that the scope and severity of the blast was significant. However, the US State Department has not mentioned the attack in any of its daily press briefings this week, nor has it provided updates regarding the safety and security of American embassy personnel in Afghanistan. POGO has asked the agency for updated information, but has not received a response at the time of this writing.

An American on the scene at Camp Sullivan, which houses hundreds of US and Nepalese guards, told POGO the blast radius was 100 meters wide and caused a 15- feet deep crater, indicating an explosive charge of at least 2,000 lbs. He said the incident is “getting lowballed” by US officials. A BBC producer in Kabul Tweeted that it was the second largest bomb ever detonated in the Afghan capital.

According to POGO sources on the ground, multiple Afghan nationals were killed (two, according to the Interior Minister) and 11 Nepalese security personnel and one American citizen were injured and flown from the scene. A Kabul hospital reported that nine children were among the wounded in the attack.
[…]

So, how safe are the US embassy and those who defend it?

That’s the question POGO has been asking officials for years at the State Department, Congress, and the Pentagon. Guards defending the facility have long feared that their daily armored convoys to and from the embassy make them sitting ducks for Taliban attacks.
[…]
“If the embassy were attacked, we’d have a huge problem and I don’t want to think about the casualties,” J.P. Antonio, a former medic at the embassy, told POGO in September 2013.
[…]
When a senior State Department official reassured Congress in September 2013 that the the US embassy in Afghanistan was well-protected, POGO challenged the veracity of the centerpiece of his testimony – that the contractors protecting the compound had proven themselves twice in battle – and forced him to correct his testimony when it became clear there were no such tests of the Kabul embassy guard force.

Read in full here.

 

#

 

 

 

US Mission Afghanistan Contractor Survives Taliban Car Bomb, Takes Photo, Quits Job, Goes on Reddit

Posted: 2:19 pm EDT

 

 

On January 4, two attacks were directed at USG personnel in Afghanistan (see US Embassy Kabul: January 4 Attacks Target USG Employees at Camp Sullivan).  On January 5, the “I survived this yesterday, took a photo and then quit my job” thread went live on Reddit with user DanDalVlan, an Air Traffic Controller contractor in Afghanistan who survived the VBIED attack of a USG site near the Karzai International Airport.

He opened his Reddit thread with “Make money, they said. See the world, they said. It’ll be fun, they said.”

[–]DanDalVlan[S] 1706 points 1 day ago 

It was worth it, at first.  Even after the first attack I went through, it was worth it. After this, though? Nope. Big fucking nope. My entire room imploded around me in a surreal blur of glass and brick. If I had been standing instead of laying in bed, I wouldn’t be typing this. permalink

[–]DanDalVlan[S] 4895 points 1 day ago* 

Sorry, I forgot to put the story up. I was living at the compound that got attacked by a Taliban VBIED (Vehicle-Borne Improvised Explosive Device) that was inside of a very large truck. It rendered our compound pretty much useless. Luckily, we had no fatalities with mostly minor injuries (myself included). 

I was working as an Air Traffic Controller out there. The country of Afghanistan doesn’t have the infrastructure to control their own air traffic, so it is contracted out and I was one of those contractors.

Edit I’m editing this just to say that I’m falling behind on answering questions, but I’ll answer them as soon as I can.

2nd Edit I’m officially failing in my attempts to answer questions and reply as fast as they come in. Sorry if I have missed anyone.

3rd Edit I’ve tried replying to all the questions I could find. I’ve gotta stop now though so I can pack my dirty and glass-covered clothes and get on this flight out of here. I’ll try to respond more when I land. permalink

He was asked about how successful the Taliban has been in attempting to influence the region.

[–]DanDalVlan[S] 3171 points 1 day ago

I’ll be honest, I’m not a very good source when it comes to that type of information. We live a VERY sheltered life. We go from secure facility to secure facility, with absolutely zero time spent amongst the local nationals. Unless things like this happen, we hear about stuff at about the same pace as the rest of the world, and with the same twists and biases. Sorry I couldn’t be more help. permalink

He was asked if entertainment is imported?

[–]DanDalVlan[S] 250 points 1 day ago

Yes, luckily we were still able to get mail. I had quite the collection of board games that my friends and I would play. Then there’s internet/youtube, it’s extremely slow, but better than nothing.permalink

[–]DanDalVlan[S] 261 points 1 day ago

We had booze.I’ll just leave it at that. permalink

He was asked about his Top Ten Favorite Boardgames.

[–]DanDalVlan[S] 2 points 22 hours ago

Top 10 in no particular order: 1. Smash Up 2. Revolution 3. Catan 4. Ticket to Ride 5. Kingdom Death: Monster 6. Risk Legacy 7. Betrayal at House on the Hill 8. Rebellion 9. Munchkin 10. Dixit. I don’t usually like games that are “work together” games. They can usually just be played single player and they usually end up with one person “in charge” anyways. permalink

Another user said his relative was in Afghanistan as an air traffic controller about 5 years ago and didn’t think he ever ran into anything such as this though. permalink

[–]DanDalVlan[S] 102 points1 day ago

It’s been getting slowly worse ever since the “official” pullout last year. Usually the winter time is the quietest time since it’s very cold. This year, however, they have been unexpectedly active. permalink

One Reddit user write the question in the American public’s mind: what we are are trying to achieve in a country long known as the graveyard of empires.  “How will Afghanistan come to control their own air traffic in the future if US contractors are doing it all? Is there movement towards Afghanis ever taking it over? Is the US working towards that end, or is this about supplying Americans with jobs? I’m trying to understand what it is we’re trying to achieve there.”

[–]DanDalVlan[S] 58 points1 day ago

Short answer is yes, we are working towards that. We are currently training a handful of Afghanis. However, they have to learn English as well as all the complicated rules governing ATC. They will not be completely taking over anywhere in the foreseeable future. permalink

He was asked how close he was to the VBIED that blow up the compound”

[–]DanDalVlan[S] 150 points 1 day ago

My room was the closest room to it for our building. Probably about 200 feet.permalink

Somebody wanted to know if the bomb ruptured his ear drums?

[–]DanDalVlan[S] 26 points 23 hours ago

No, I kind of felt it coming before anything else and I opened my mouth to avoid having my eardrums pop. permalink

Another user cited a most appropriate use of this video: NSFW Lyrics

[–]DanDalVlan[S] 181 points 1 day ago

That was absolutely amazing and almost entirely accurate. The only difference being that I didn’t really have much of anything left to grab. I’m just glad I have renter’s insurance. permalink

[–]DanDalVlan[S] 122 points1 day ago

I have my ID and passport and some clothes. Everything else is pretty much toast. I’m most sad about my boardgame collection.

He was asked if it is “good pay for risking your neck?”

[–]DanDalVlan[S] 193 points1 day ago

It was before, now it’s not even close. To be clear, the pay didn’t change, my perspective did. permalink

One Reddit user says, “I haven’t seen this mentioned yet, but your still probably in shock from it all, but remember, PTSD is real. I strongly recommend, when you are ready, a therapist. Someone who you can brain dump it all out. Everyone handles near death experiences differently. I was a medic, and addict/alcoholic, and I am one of those whom never got help, and it nearly killed me. I don’t mean to impose any fear or anxiety on you, I just say from personal experience.”

[–]DanDalVlan[S] 11 points21 hours ago

That’s actually why I did this. So I could share and talk about it.permalink

The Reddit post was submitted on January 5.  It currently has 2605 comments, and 5,867 points (96% upvoted). The photo submitted in the aftermath of the attack is here.

#

According to SIGAR, since 2004, FAA—primarily through the Office of the Transportation Counselor at the U.S. Embassy in Kabul—has received $56.5 million from State and USAID to train Afghan civil aviation personnel, assist the Ministry of Transport and Civil Aviation in developing its regulatory regime, and improve Kabul International Airport’s infrastructure and services. There’s more:

Due to difficulties associated with developing Afghan capacity for managing the civil aviation system, FAA officials and coalition forces concluded that effective future operation of Afghan airspace would require the development of a third-party contract for providing airspace management services. Accordingly, in 2013, FAA and coalition forces assisted MOTCA in preparing a contract that included provisions requiring the contractor to train Afghan personnel, similar to the structure of the Afghan-centric aviation security contract.
[…]
The United States planned to transition airspace management responsibilities back to the Afghans at the end of 2014, but, partly due to a lack of certified air traffic controllers, that did not occur.[…] Due to the potential for air service disruption, the Department of State funded an interim, DOD-managed contract for $29.5 million to provide the services through September 2015. If a follow-on contract is not awarded before this contract expires, the United States could be called on to fund another interim contract.

 

#

 

US Embassy Kabul: January 4 Attacks Target USG Employees at Camp Sullivan

Posted: 5:19 pm EDT

 

In December 2015, the US Embassy in Kabul warned of an “imminent attack.”  On January 4, 2016, the US Embassy in Kabul issued a security message that the embassy has received reports that an explosion has taken place in the vicinity of Airport Circle in Kabul at approximately 11:00 a.m. local time and indicated that mission personnel have been advised to avoid the area. The same day, NBC News reported that the Taliban had claimed responsibility for a car bomb attack on a compound for civilian contractors near the Kabul airport on Monday, a senior security official said, hours after another suicide bomber blew himself up. A convoy of U.S. embassy guards who live at Camp Sullivan was targeted in the second attack, the official said, but none of the guards were injured.

Camp Sullivan is a 20.9-acre property located near Kabul International Airport. It sits about 2.14 miles from the main embassy compound.

 

#

 

 

Photo of the Day: New Embassy London Topping Out Ceremony

Posted: 1:32 am EDT

 

Via US Embassy London:

On December 8, the U.S. Embassy in London held a “topping out” ceremony with the Stars and Stripes flying on the roof of the new Embassy undergoing construction at Nine Elms. The building has now reached its full height.  More photos here.

23496557722_6cbf3ed569_z

New US Embassy Topping Out Ceremony Via US Embassy London/Flickr

#

 

Related posts:

CSCC: Think Again. Or #StepAwayFromTheTweets Sez El Snarkistani (Updated)

Posted: 1:44 am EDT
Updated: Dec 16, 1:31 am EDT

 

Update:

#

 

Related post: 

 

 

 

State/OIG Reviews IRM’s Vendor Management Office’s Role in Vanguard’s $3.5.B Contract

Posted: 12:11  am EDT

This is an excerpt from the State/OIG report on IRM’s new Vendor Management Office (VMO):

In a March 2013 action memorandum, the Chief Information Officer (CIO) established the Vendor Management Office (VMO) in the Bureau of Information Resource Management (IRM), Operations, to support the Vanguard Acquisition Strategy. The CIO created the VMO after determining that he needed dedicated staff to monitor the Vanguard contract and assist with the formulation of well-defined performance metrics. The Vanguard Acquisition Strategy, a Department initiative, consolidated existing IRM contracts under the umbrella of one performance-based contract with multiple firm fixed price1 task orders to provide better coordination and improve service delivery. The total Vanguard contract award was $3.5 billion over a period of 10 years and comprised 90 to 95 percent of IRM-wide contracting activity; IRM also has 50 contracts totaling $74 million that do not fall under the VMO or Vanguard.

Three functional support units comprise the VMO: Contract Management, Service Performance Management, and Enterprise Project Lifecycle Management. The VMO is separate from the Bureau of Administration, Office of Logistics Management, Office of Acquisitions Management (AQM), which is responsible for executing the Vanguard contract.
[…]
Since the VMO’s establishment, the CIO has tasked it with coordinating several priority projects that include Public Key Infrastructure deployment, the Virtual Desktop Initiative, the Foreign Affairs Network, and Cyber Security. These are listed objectives in the Department’s IT Strategic Plan. This has led to increased responsibilities for the VMO and the resources needed to support them.

Where is this on the FAM, again?

The language in 1 Foreign Affairs Manual (FAM), 270 Organizations and Functions for the VMO, drafted in August 2014, was still in the clearance process at the time of the inspection.

The VMO operates without authority to require compliance with its procedures. The Department has no guidelines on the operation of a vendor management office in the FAM, which defines authorities and responsibilities for each major component of the Department.

To date, the VMO has operated without a 1 FAM entry or IRM policy or guidance that specifies the office’s authority. On April 13, 2015, IRM circulated a draft 1 FAM, outlining the proposed role and responsibilities of the VMO. In the interim, the VMO has no mechanism beyond consensus building to enforce adherence to its policies, procedures, and processes.

More contractors than direct-hire employees?

At the start of the inspection, the VMO staff consisted of 9 full-time employees, 1 student- trainee, and 16 contract positions. During the inspection, the number of contract positions increased to 24. FY 2014 funding for VMO activities is $1.5 million from diplomatic and consular program funding. As of May 2015, the amount for FY 2015 had increased to $3.9 million because of resources needed to manage new projects.

$376K Performance Incentive Fees to Contractors

The VMO Service Performance Management unit has implemented performance metrics to review and analyze information generated through contractor performance assessments. The CORs and GTMs are required to review and validate performance metrics on a monthly basis. However, between April 2014 and March 2015, the OIG team found that Vanguard GTMs failed to validate, on average, 25 of the 268 performance metrics each month because of other priorities. Despite the lack of review and validation, the CORs and GTMs certify to the contracting officer that the contractor has provided all services as specified in the contract and met all the performance metrics and that the Department can pay contractors their incentive fees. For example, in January and February 2015, the Department paid $376,595 in incentive fees to contractors for superior performance without a review or verification of 20 performance metrics, which could lead to the Department paying for services that it did not receive.

[…]
The system the VMO uses to process performance metric data for contracts is inadequate for mission requirements. The unit currently uses Excel spreadsheets to track, monitor, and analyze contractor compliance with 475 active performance metrics.

What about iSchedule?

The Enterprise Lifecycle Project Management unit created the iSchedule Management System (iSchedule), which provides the framework for integrating information technology project schedules to enable IRM to assign and manage work, monitor and control progress toward milestones, and understand the relationships and dependencies among the information technology projects.
[…]
Despite the VMO’s deployment of the iSchedule application in September 2014, IRM directorates do not use iSchedule on a consistent basis because IRM has not yet made use of the system mandatory. This inconsistent use of iSchedule has resulted in inadequate bureau coordination and incomplete project data and limits visibility on projects, activities, and risk. According to 5 FAH-5 H212, projects may require the formal use of a project management tool.

Inadequate acquisition planning and sole source contracts

The OIG team found little evidence that the Messaging Systems Office and the VMO conducted acquisition planning within the timeframes suggested in the Federal Acquisition Regulation 7.104-General Procedures.

In order to award a new blanket purchase agreement, the Messaging Systems Office submitted a sole source justification based on an urgent and compelling need. The Department’s Office of the Legal Adviser denied the office’s request because of inadequate acquisition planning. Program offices issuing requirements without sufficient lead-time restricts competition and risks increased costs. It can also put a strain on the contracting and administrative staff.

Read the full report here: https://oig.state.gov/system/files/isp-i-16-03.pdf

#

DOD Builds the World’s Most Expensive Gas Station in Afghanistan For $43M, Oh, Joy!

Posted: 1:01 am EDT

 

Apparently, we’ve built a compressed natural gas (CNG) automobile filling station in the city of Sheberghan, Afghanistan. The project cost almost $43 million, and the average Afghans can’t even afford to use it.

The Task Force for Business and Stability Operations (TFBSO or Task Force) was originally created by the Department of Defense (DOD) to help revive the post-invasion economy of Iraq. In 2009, TFBSO was redirected to Afghanistan, where its mission was to carry out projects to support economic development. From 2010 through 2014, Congress appropriated approximately $822 million to TFBSO for Afghanistan, of which the task force obligated approximately $766 million.

The contract awarded to Central Asian Engineering to construct the station was for just under $3 million. Yet according to an economic impact assessment performed at the request of TFBSO:

The Task Force spent $42,718,739 between 2011 and 2014 to fund the construction and to supervise the initial operation of the CNG station (approximately $12.3 [million] in direct costs and $30.0 [million] in overhead costs).

SIGAR says that the $43 million total cost of the TFBSO-funded CNG filling station far exceeds the estimated cost of CNG stations elsewhere. According to a 2010 publication of the International Energy Association, “the range of investment for a public [CNG] station serving an economically feasible amount of vehicles varies from $200,000 to $500,000. Costs in non-OECD [Organization for Economic Co-operation and Development] countries are likely to be in the lower end of this range.”

The SIGAR report notes that the total cost of building a CNG station in Pakistan would be approximately $306,000 at current exchange rates.  In short, at $43 million, the TFBSO filling station cost 140 times as much as a CNG station in Pakistan.

$43 million from the American taxpayers.

The SIGAR report also says that its ’s review of this project was hindered by DOD’s lack of cooperation, and when it comes to TFBSO activities, DOD appears determined to restrict or hinder SIGAR access.

It is both surprising and troubling that only a few months following the closure of TFBSO, DOD has not been able to find anyone who knows anything about TFBSO activities, despite the fact that TFBSO reported directly to the Office of the Secretary of Defense, operated in Afghanistan for over five years, and was only shut down in March 2015.

Further, SIGAR says that “If TFBSO had conducted a feasibility study of the project, they might have noted that Afghanistan lacks the natural gas transmission and local distribution infrastructure necessary to support a viable market for CNG vehicles.  Additionally, it appears that the cost of converting a car to run on CNG may be prohibitive for the average Afghan. TFBSO’s contractor, stated that conversion to CNG costs $700 per car in Afghanistan, where the average annual income is $690.”

We meant well in Afghanistan, too. Oh, joy!  What edition are we on?

But serious question. How can we have something happen like this, with DOD hindering/restricting SIGAR’s access and no one is in jail?

The read and weep report is available online here: https://www.sigar.mil/pdf/special%20projects/SIGAR-16-2-SP.pdf 

#

 

State Dept Seeks Potential New Contractors for $234M Medical Service Support Iraq (MSSI) II Contract

Posted: 5:58 pm EDT

 

The State Department is seeking information for the availability of a new medical service provider for U.S. Mission Iraq.  There is an incumbent contractor,  CHS Middle East, LLC of Cape Canaveral, Florida. The total estimated contract value for the incumbent contractor is approximately $234M. According to the fedbiz announcement, the health units and diplomatic support hospitals will need to be mission capable by summer 2016. Below is an excerpt from the announcement:

Government is requesting information regarding the availability and feasibility of attracting new medical service providers to support the requirements of the U.S. Mission Iraq as described in this RFI. This notice is issued solely for information and planning purposes and does not constitute a Request for Proposal (RFP) or a commitment on the part of the Government to conduct a solicitation for the below-listed services in the future.
[…]
The DOS has a follow-on requirement for a Contractor to provide medical service support to U.S. Government (USG) personnel, USG third party contractors and authorized foreign nationals in Iraq. These medical services will be provided at USG facilities and include but are not limited to the following: general medical, surgical, orthopedic, gynecologic, dental, behavioral health, public health, urgent and emergency care and mortuary affairs. In order to fulfill these requirements the Contractor is responsible for providing trained and certified health care professionals (e.g., physicians, nurse practitioners, surgeons, emergency medical technicians, etc…) and the administrative services and staff to equip and operate the USG contractor-operated health care facilities in Iraq.

The Contractor is responsible for performing random and non-random drug testing for other third party contractors operating in support of the DOS in Iraq. Additionally, because other third party contractors require Emergency Medical Technicians (EMTs) in country, the Contractor is responsible for the medic validation and verification to ensure the verification of maintenance of credentials for EMTs.

Supported population is between 3500-5800

While the primary place of performance is throughout the country of Iraq, the Contractor may be tasked with providing temporary medical service support to other USG facilities located in the Near East Region (i.e., North Africa and the Middle East).

The BDSC Large Diplomatic Support Hospital not only provides primary care to personnel at BDSC, but also may serve as the secondary and trauma care center for the patient population within U.S. Mission Iraq (4300 – 5800 personnel). These services include evacuation management and mortuary affairs.

The Contractor shall provide on-site primary, urgent and initial emergency care for general medical, surgical, orthopedic, gynecologic, and mental health conditions; triage, stabilize and evacuate patients to the next level of medical care; and keep up to two patients in the Health Unit (HU) for up to 24 hours until stabilized or medically evacuated. Staffing shall be continuous and uninterrupted; coverage for illness and vacations shall be the responsibility of the Contractor.

The Contractor is responsible for providing routine care during regular working hours and on an emergency basis after normal working hours based on Chief of Mission (COM) requirements. Medical Service Support Iraq (MSSI) II; Solicitation SAQMMA-15-SS-MSSI .

#

 

 

Was the Consular Consolidated Database (CCD) the main target of the twin hackers?

Posted: 1:27 am EDT

 

In May 2015, a federal grand jury indicted twin brothers Muneeb and Sohaib Akhter, 23, of Springfield, Virginia, on charges of aggravated identity theft, conspiracy to commit wire fraud, conspiracy to access a protected computer without authorization, access of a protected computer without authorization, conspiracy to access a government computer without authorization, false statements, and obstruction of justice.  According to USDOJ, the brothers and coconspirators also devised a scheme to hack into computer systems at the U.S.  Department of State to access network traffic and to obtain passport information.  (See Twin Brothers and Co-Conspirators on Alleged Scheme to Hack State Dept to Obtain Passport Information).

The bothers pleaded guilty on June 26, 2015.   On October 2, the USDOJ announced that Muneeb Akhter was sentenced for accessing a protected computer without authorization, making a false statement and obstructing justice.  Muneeb Akhter was sentenced to 39 months in prison and Sohaib Akhter was sentenced to 24 months in prison.  Each man was also sentenced to three years of supervised release. Case title: USA v. Akhter et al.  Below is an excerpt from the announcement:

[T]he Akhter brothers and co-conspirators engaged in a series of computer intrusions and attempted computer intrusions against the U.S. Department of State to obtain sensitive passport and visa information and other related and valuable information about State Department computer systems.  In or around February 2015, Sohaib Akhter used his contract position at the State Department to access sensitive computer systems containing personally identifiable information belonging to dozens of co-workers, acquaintances, a former employer and a federal law enforcement agent investigating his crimes.

Sohaib Akhter later devised a scheme to ensure that he could maintain perpetual access to desired State Department systems.  Sohaib Akhter, with the help of Muneeb Akhter and co-conspirators, attempted to secretly install an electronic collection device inside a State Department building.  Once installed, the device could have enabled Sohaib Akhter and co-conspirators to remotely access and collect data from State Department computer systems.  Sohaib Akhter was forced to abandon the plan during its execution when he broke the device while attempting to install it behind a wall at a State Department facility in Washington, D.C.

Furthermore, beginning in or about November 2013, Muneeb Akhter was performing contract work for a private data aggregation company located in Rockville, Maryland.  He hacked into the company’s database of federal contract information so that he and his brother could use the information to tailor successful bids to win contracts and clients for their own technology company.  Muneeb Akhter also inserted codes onto the victim company’s servers that caused them to vote for Akhter in an online contest and send more than 10,000 mass emails to students at George Mason University, also for the purpose of garnering contest votes.

In or about October 2014, Muneeb Akhter lied about his hacking activities and employment history on a government background investigation form while successfully obtaining a position with a defense contractor.  Furthermore, in or about March 2015, after his arrest and release pending trial, Muneeb Akhter obstructed justice by endeavoring to isolate a key co-conspirator from law enforcement officers investigating the conspirators’ crimes.  Among other acts, Muneeb Akhter drove the co-conspirator to the airport and purchased a boarding pass, which the co-conspirator used to travel out of the country to the Republic of Malta.  When the co-conspirator returned to the United States, Muneeb Akhter continued to encourage the co-conspirator to avoid law enforcement agents.

One of the brothers was profiled by WaPo in 2014. Both brothers started college at 16 and they were George Mason’s youngest graduates in 2011. In 2012, the brothers received a $200,000 grant from the Defense Advanced Research Project Agency, or DARPA.

The details of this case are even more disturbing.  Under Count Eight  (Conspiracy to Access a Government Computer without Authorization).

60. The Bureau of Consular Affairs (hereinafter “Bureau”) is a division of the State Department, which administers laws, formulates regulations, and implements policies relating to consular services and immigration. It has physical offices in Washington, DC.

61. Passport Lockbox (hereinafter “Lockbox”) is a Bureau program that performs payment processing, scarming of applications, and initial data entry for US. passport applications. Lockbox has a computer database containing imaged passport applications associated with real individuals. The imaged passport applications in Lockbox’s database contain, among other things, a photograph of the passport applicant, as well as certain personal information including the applicant’s full name, date and place of birth, current address, telephone numbers, parent information, spouse’s name, and emergency contact information.

62. ActioNet, Inc. (hereinafter “ActioNet”) is a contractor that provided information technology support to the State Department. It has physical offices in Falls Church, Virginia, located in the Eastern District of Virginia.

63. From in or about October 2014 to in or about February 2015, SOHAIB AKHTER was a contract employee at ActioNet assigned to a position at the State Department as a Tier II Application Support Resource in the Data Engineering and Data Management Program within the Bureau.

64. Prior to accessing the Lockbox database, and throughout his tenure as a contractor with the State Department, SOHAIB AKHTER was made aware of and indicated he understood: (a) the confidential nature of the Lockbox database and the confidential personal data contained therein; (b) the information contained in the passport records maintained by the State Department pursuant to Lockbox is protected from unauthorized disclosure by the Privacy Act of 1974, 5 U.S.C. § 552a; and (c) passport applications maintained by the State Department in the Lockbox database should be accessed only in connection with an employee’s official government duties and not the employee’s interest or curiosity.

69. MUNEEB AKHTER and SOHAIB AKHTER, UCC-l, and other coconspirators known and unknown to the Grand Jury, engaged in a series of computer intrusions and attempted computer intrusions against the State Department to obtain sensitive passport and visa information and other related and valuable information about State Department computer systems.

70. SOHAIB AKHTER used his contract position at the State Department to search for and access sensitive passport information belonging to coworkers, acquaintances, a former employer, and federal agents investigating him for crimes alleged in this Indictment. After accessing sensitive passport information from State Department computers, SOHAIB AKHTER copied, saved, and shared this information with coconspirators.

71. SOHAIB AKHTER also attempted to use his access to State Department computer systems to create an unauthorized account that would enable him to access State Department computer systems undetected. SOHAIB AKHTER surreptitiously installed malicious programs onto State Department computer systems in order to execute his plan to create the backdoor login account.

72. SOHAIB AKHTER orchestrated a scheme to secretly install a physical device at a State Department building known as SA-17. Once installed, the device would enable SOHAIB AKHTER and coconspirators to collect data from and remotely access State Department computer systems.

73. SOHAIB AKHTER led the conspiracy, organized the intrusion to install the physical device, recruited coconspirators to assist in execution of the intrusion, and managed the execution of the intrusion.

74. MUNEEB AKHTER provided technical assistance to SOHAIB AKHTER for the unauthorized access. MUNEEB AKHTER programmed the physical device, known as a “gumstix,” so that it would collect data from State Department computers and transmit it wirelessly to computers controlled by MUNEEB AKHTER and SOHAIB AKHTER and coconspirators.

75. On the day the scheme was executed, UCC-1 transported materials, including the gumstix, from MUNEEB AKHTER, located at the AKHTER residence, to SOHAIB AKHTER, located at SA-17.
[…]
78. In or about October 2014, SOHAIB AKHTER was hired by ActioNet to perform contract work for the State Department at both ActioNet offices in Falls Church, Virginia, and Bureau offices in Washington, DC.

79. Beginning on or about February 12, 2015, and continuing thereafter until on or about February 19, 2015, in Falls Church, Virginia, in the Eastern District of Virginia, and elsewhere, SOHAIB AKHTER, while employed at ActioNet, accessed the Lockbox database without authorization. .

80. Between on or about February 12, 2015, and on or about February 19, 2015, SOHAIB AKHTER conducted approximately 119 searches for U.S. passport records using the Passport Lockbox Lookup report. He accessed personal passport information for approximately 62 different individuals, including: G.R., a DHS special agent investigating the crimes alleged in this Indictment; UCC-1; A.I.; A.M., the CEO of Victim Company 2; and himself. In addition, SOHAIB AKHTER attempted to access passport information for S.T., a DHS special agent investigating the crimes alleged in this Indictment.

82. In or about February 2015, SOHAIB AKHTER viewed and copied from State Department computer systems the personal passport information associated with several individuals, including DHS Special Agent G.R.

83. In or about March 2015, MUNEEB AKHTER told UCC-1 that he and SOHAIB AKHTER stored the personal passport information that SOHIAB AKHTER removed from State Department systems on an external hard drive. MUNEEB AKHTER told UCC-1 that Special Agent G.R.’s information would be valuable to criminals on the “dark net” and that he was considering selling the information.

84. In or about February 2015, SOHAIB AKHTER downloaded several programs to a State Department computer. These programs included malicious software, or malware, which SOHAIB AKHTER hoped would enable him to access State Department computers remotely.

85. In or about February 2015, SOHAIB AKHTER told UCC-1 that if he was able to gain remote access to State Department computer systems, he could: access information on individuals’ passport applications; access and unilaterally approve visa applications without State Department authorization in exchange for payment; and create passports and visas and sell them on the “dark net.”

86. On or about February 15, 2015, SOHAIB AKHTER called UCC-1 and asked him to buy a drill. UCC-1 purchased the drill and then, pursuant to SOHAIB AKHTER’s request, drove to the AKHTER residence to pick up additional items from MUNEEB AKHTER. At the AKHTER residence, in Springfield, Virginia, in the Eastern District of Virginia, MUNEEB AKHTER told UCC-1 that he was programming a SD card, which was later to be inserted into the gumstix. MUNEEB AKHTER gave UCC-1 a bag containing a screwdriver, tape, glue, and the gumstix. Pursuant to SOHAIB AKHTER’s request, UCC—l drove to SA-17, in Washington, DC, and delivered the bag and items to SOHAIB AKHTER outside SA-17. Later that day, MUNEEB AKHTER drove separately to Washington, DC, and delivered the SD card to SOHAIB AKHTER.

87. On or about the evening of February 15, 2015, SOHAIB AKHTER called MUNEEB AKHTER and told him that he attempted to install the gumstix behind a wall inside SA-17 but was ultimately unsuccessful.

88. On or about February 19, 2015, SOHAIB AKHTER sent an email from his State Department email account to the email address akhters3@vcu.edu containing lines of code and headers for State Department servers.

#

We’re not sure reading this if the intrusion was done on the State Department’s Travel Document Issuance System (TDIS) which includes information from U.S. citizens and nationals applying for passports, other Department of State computer systems, passport acceptance agents, the Social Security Administration, the lockbox provider (CITIBANK), passport specialists, and fraud prevention managers, or, if the intrusion occurred on the Passport Information Electronic Records Systems (PIERS), or wait … the motherload, the Consular Consolidated Database (CCD) The Passport Lockbox program cited in the indictment is vague; it’s not a system of record according to the State Department’s System of Records Notices.  But the indictment identifies it as a State Department database. Could this be in reference to the Citibank® Lockbox Services? That is a high-speed processing environment and image-based platform for receivables management, advanced reporting and image inquiry used by the State Department to enable the scanning of applications, extraction of applicant photos received at lockbox locations and storing and batching of images.

Note that #69 of the indictment also alleges “a series of computer intrusions and attempted computer intrusions against the State Department to obtain sensitive passport and visa information;” does that mean the targeted system was the CCD?  The CCD provides access to passport data in Travel Document Issuance System (TDIS), Passport Lookout Tracking System (PLOTS), and Passport Information Electronic Records System (PIERS).  As of December 2009, the CCD also contains over 100 million visa cases and 75 million photographs, utilizing billions of rows of data, and has a current growth rate of approximately 35 thousand visa cases every day.

By the way, one of the brothers was a contract employee assigned to a position at the State Department as a Tier II Application Support Resource in the Data Engineering and Data Management Program within the CA Bureau from October 2014 to in or about February 2015 (#63).  In November 2014, the State Department suffered some “technical difficulties.” See State Dept Re-attached to the Internet, and About Those “Unrelated” Embassy Outages; State Department’s “Technical Difficulties” Continue Worldwide, So What About the CCD?

Was it just a coincidence that a master of the universe hacker was working at the State Department at the time when the agency’s systems were having technical difficulties?

Or were the Akhter twins the “technical difficulties”?

#