Category Archives: State Department

Donald M. Bishop: Sources of State Department Senior Leadership

– Domani Spero

 

Donald M. Bishop, President of the Public Diplomacy Council, served 31 years in USIA and the State Department.  A Public Diplomacy officer, his first assignments were in Hong Kong, Korea, and Taiwan, and he led Public Diplomacy at the American embassies in Bangladesh, Nigeria, China, and Afghanistan.  He served as the Foreign Policy Advisor (POLAD) to two members of the Joint Chiefs of Staff at the Pentagon. The piece below was originally published via the Public Diplomacy Council website and republished here with Mr. Bishop’s kind permission.

Sources of State Department Senior Leadership

by Donald M. Bishop

In recent months, the front pages, websites, columns, blogs, and talking heads rediscovered an old issue — the nomination of individuals who raised funds for a Presidential campaign to be ambassadors.  A few nominees were embarrassed at their Senate confirmation hearings.

This short piece is NOT about ambassadorial nominees.  Rather, let me step back and discuss the naming of political appointees to senior policy positions in the Department of State.

The American Foreign Service Association counts the number of political vs. career appointees as Deputy Secretary, Under Secretary, Assistant Secretary, Special Envoy, Special Representative, Director, Chief, Coordinator, Advisor, and Executive Secretary.  In 2012, 27 were career officers, and 63 were political appointees.  This was the highest percentage of political appointees in policy positions since AFSA began counting.  In 2008 there were 26 senior noncareer Schedule B hires; in 2012 there were 89.

How about Public Diplomacy?  Three bureaus report to the Under Secretary for Public Diplomacy and Public Affairs — Public Affairs (PA), Educational and Cultural Affairs (ECA), and International Information Programs (IIP).  All three bureaus are led by appointees.  The three bureaus have eleven positions at the level of Deputy Assistant Secretary, and six geographic bureaus all have Deputy Assistant Secretaries assigned Public Diplomacy portfolios.   For these 17 positions, the exact count varies with ordinary turnover, but it is safe to say about half are career, and half are political.

No matter the bureau or function, many of these appointees indeed have solid foreign policy credentials.  There are many paths to expertise and several different incubators in foreign affairs, and the Foreign Service is only one.  Many experts have worked in Congress, the NSC and the White House, Presidential campaigns, and at the think tanks at different times in their careers.   At the beginning of their careers, they may have served in the Peace Corps or, less often, the armed forces.

Over the years, I worked with many appointees.  Many brought energy and fresh ideas into the Department.  This essay is not about individuals – many of whom earned my admiration – but rather about organizational dynamics.

I have concluded that an overreliance on political appointees from outside the Foreign Service weakens the conduct of American foreign policy.  These reasons have little to do with the qualifications of the individuals.  If the administration decides that this or that position at the State Department is better filled by a political appointee than by a Foreign Service officer, there are three down sides.

First, the search and selection process, vetting, security clearances, and – for those positions requiring confirmation by the Senate — long waits for hearings and confirmation add up to long vacancies between incumbents.  During the vacancies, someone picks up the slack, for sure, but some other portfolio is shorted.  Even if a career officer serves as “Acting,” the Department waits for the President’s nominee to come on board before launching new initiatives and committing funds.  Preferring political appointees from the outside, then, slows foreign policy down.  Public Diplomacy, in particular, suffered from long periods between Under Secretaries.

Second, whatever their regional or issue expertise, whichever Washington arena gave them their chops, however close appointees may be to the President and his team, they have had no reason to understand “the machinery” or “the mechanics” of the State Department – its funding, authorities, planning, reporting, budget cycle, and incentives.

All organizations have an organizational culture.  For the State Department and the Foreign Service, it encompasses the five cones, the assignment and promotion systems, hierarchies, the “D Committee” which recommends career FSOs to the White House to become ambassadors, and agreements with bargaining agents.  The culture includes such intangibles as policy planning but not program planning, tradeoffs between goals, “buttons to push,” “energy sponges,” “lanes,” “corridor reputations,” and the “thin bench.” The “ship of State” can indeed respond to new priorities, but few appointees have the inside experience to know how to make it turn quickly and smoothly.

All understand, moreover, that if something more is needed – “reform” of the Department, its processes, or the Foreign Service – it can take many years to achieve.  A career officer can commit to a long process of reform and understand the payoff down the road.  A political appointee may understand the need to change the Department’s way of doing business, but what is the incentive for doing so?  The appointee will be on to fresh pastures, through the revolving door, and doing something else soon.  Why take on tasks that will outlast her appointment?

Third, political appointees naturally come to the State Department with a strong intention to advance the President’s agenda.  Their frame of mind is, then, “top down,” meaning that ambassadors, embassies, consulates, and the Foreign Service should take their lead from the White House and become implementers of this month’s or this year’s White House policy initiatives.  If, for instance, the President believes that the United States must promote action against climate change, the political appointees in the Bureaus insure that the Department responds.  As a result, even Embassies in countries with strong environmental records – Western Europe, say — adjust their priorities to respond to the “top down” agenda.

A focus on the administration’s global broad-brush themes, however, inevitably crowds out the attention paid to bilateral issues.  Every Mission spends a large part of its spring in a deliberate process defining specific bilateral strategic goals, but their implementation can be overridden by political appointees and top-down priorities.  Many Public Affairs Officers at overseas posts have noted the shift to a “Washington driven” agenda.  The Foreign Service is always ready to “surge,” so to speak, on the nation’s most important objectives, but it’s not possible to “surge” month in and month out.  When an embassy surges on one administration priority, moreover, it can’t be very effective when yet one more surge is asked for.

I submit, then, that reliance on political appointees weakens not strengthens the achievement of America’s national goals.  Long vacancies slow down the implementation of policy.  Lacking institutional knowledge, appointees increase the friction within the system.  They tip the scales to respond to worldwide, “top-down” rather than bilateral goals.  There will always be a mix of political appointees and career officers in the State Department’s senior policy positions, but in my judgment the nation is better served when there are more of the latter than the former.

 The original post is here, check out the comments.

* * *

About these ads

Leave a comment

Filed under AFSA, Appointments, Career Employees, Foreign Affairs, Foreign Service, FSOs, Leadership and Management, Org Culture, Political Appointees, Realities of the FS, Secretary of State, State Department, US Presidents

Robin Raphel, Presumption of Innocence and Tin Can Phones for Pak Officials

– Domani Spero

 

Late on November 6, WaPo published the following Robin Raphel story:

Here is a link to the NYT story:

 

On November 7, an unnamed official cited by the Associated Press said the FBI investigation was related to access to classified materials:

 

NYT did a follow-up report over two weeks later reporting that an eavesdropping on a Pakistani official led to the Raphel inquiry:

 

A follow-up report from WaPo includes a statement from Amy Jeffress, Ambassador Raphel’s attorney (she is also the former chief of the National Security Section in the U.S. Attorney’s Office for the District of Columbia).

“Ambassador Raphel is a highly respected career diplomat who has dedicated her life to serving the United States and its interests,” said Amy Jeffress, Raphel’s attorney and the former chief of the National Security Section in the U.S. Attorney’s Office for the District of Columbia. “She would never intentionally do anything to compromise those interests. She, and we as her counsel, are cooperating with the investigation, and we are confident that she will be cleared of any suspicion.”

What do we know about this case?  Below is a list of “known” items out there according to media reports:

  • The federal investigation reportedly is part of a counterintelligence probe.
  • Ambassador Raphel’s security clearances reportedly was withdrawn.
  • She reportedly was placed on administrative leave last month, and her contract with the State Department was allowed to expire.
  • The FBI reportedly searched her Northwest Washington home, and her State Department office  also was examined and sealed.
  • Agents reportedly “discovered classified information” during a raid at her home.
  • In an intercepted conversation this year “a Pakistani official suggested that his government was receiving American secrets from a prominent former State Department diplomat,” reportedly setting off the espionage investigation.
  • Apparently,Ambassador Raphel has not been told she is the target of an investigation, and she has not been questioned according to her spokesman.
  • Ambassador Raphel now has a lawyer.
  • Over two weeks after the original report surfaced, she has not been formally accused or charged with a crime. Since she has not been formally charged, she has no way to defend herself from allegations.

The Indian media has had a field day with this investigation, throwing in a bunch of name calling, and well, it looks like she is considered a national nemesis over there. The view from Pakistan (read this) is thoughtful and more wait and see.  We’re also now starting to see Raphel’s name being linked to Hillary Clinton; she has been described as a “close Clinton family friend,” a  “Hillary donor” and a “powerful Clinton ally.”

In any case, we understand from a source inside the building that the FBI would “never investigate” a State employee without coordinating with Diplomatic Security’s Office of Investigations and Counterintelligence. Apparently, there is an FBI liaison in DS/IC to assist with the sharing of case information but whatever role Diplomatic Security played in this case, the bureau is not advertising it.

We’ve compiled a list of the things we don’t know about this case and the questions we have:

  • According to WaPo, two U.S. officials described the investigation as a counterintelligence matter, which typically involves allegations of spying on behalf of foreign governments. Who are these officials and what are their motive for leaking a counter-intel probe to the news media?
  • The investigation reportedly is ongoing; does the media spotlight not jeopardize the investigation?
  • According to NYT, it is unclear exactly what the Pakistani official said in the intercepted conversation that led to this investigation. Apparently, it is also not/not clear “whether the conversation was by telephone, email or some other form of communication.” Does this mean all discrete Pakistani officials in the U.S. now are limited to discussing their lunch menu and tourist opportunities in their host country to using tin can telephones for official subjects?
  • Who is the  Pakistani official? Was he/she aware that USG agents were eavesdropping? If he/she/they were not aware before of the eavesdropping, are they aware now?  We’re seriously perplexed, how is this helpful?
  • We understand that by the time a case like this goes overt, the government has  all the information it needs.  It is not not apparent if that is the case here. If we presume that the USG went overt because it has all the evidence it needs, how come there are no charges to-date?

One of our most sacred principles in the United States is the presumption of innocence until proven guilty.   The government not only must charge an individual suspected of a crime, it also must prove,beyond a reasonable doubt, each essential element of the crime charged. That has not happened here.

Despite what the Indian media says, and even if Pakistani officials in the U.S. now are using tin-can telephones to communicate, the current status of the Raphel case amount to allegations from unnamed officials, and an ongoing investigation.  That is far from clear evidence of guilt.

 * * *

 

Updated on 11/25/14 at 1546 PST to correct grammatical errors and for clarity. 

 

 

 

 

 

 

 

Leave a comment

Filed under Ambassadors, Federal Agencies, FSOs, Functional Bureaus, Hillary, Leaks|Controversies, Security Clearance, State Department

U.S. Embassy Mexico Bars Personnel From Non-Essential Travel to Acapulco

– Domani Spero

 

 

* * *

The U.S. Embassy in Mexico City recently released the following emergency message to U.S. citizens in the country:

This message is to inform U.S. citizens that protests and violent incidents continue in Guerrero state in response to the disappearance of 43 students there.  Embassy personnel have been instructed to defer non-essential travel to Acapulco, by air or land, to include the federal toll road (“cuota”) 95D to/from Mexico City and Acapulco.  Furthermore, road travel in all other parts of the state remains prohibited.  Travel by air to and from Ixtapa/Zihuatanejo is still permitted.  The Embassy cautions U.S. citizens to follow the same guidelines.

The Acapulco Consular Agency remains open.

The Mexican Constitution prohibits political activities by foreigners; such actions may result in detention and/or deportation.  Travelers should avoid political demonstrations and other activities that might be deemed political by the Mexican authorities.  Even demonstrations intended to be peaceful can turn confrontational and escalate into violence.  Demonstrators in Mexico may block traffic on roads, including major arteries, or take control of toll booths on highways.  U.S. citizens are urged to avoid areas of demonstrations, and to exercise caution if in the vicinity of any protests.

Read the full announcement here.

* * *

Leave a comment

Filed under Americans Abroad, Consular Work, Protests, Realities of the FS, Security, State Department, U.S. Missions

Confirmations 11/20: Pettit, Spratlen, Krol, Moreno, Lu, Hartley, Controversial Nominees Up Next Month

– Domani Spero

 

The U.S. Senate confirmed the following nominations by voice vote on November 20:

  • James D. Pettit, to be Ambassador Extraordinary and Plenipotentiary of the United States of America to the Republic of Moldova
  • Pamela Leora Spratlen, to be Ambassador Extraordinary and Plenipotentiary of the United States of America to the Republic of Uzbekistan
  • George Albert Krol, to be Ambassador Extraordinary and Plenipotentiary of the United States of America to the Republic of Kazakhstan
  • Luis G. Moreno, to be Ambassador Extraordinary and Plenipotentiary of the United States of America to Jamaica
  • Donald Lu, to be Ambassador Extraordinary and Plenipotentiary of the United States of America to the Republic of Albania
  • Brent Robert Hartley, to be Ambassador Extraordinary and Plenipotentiary of the United States of America to the Republic of Slovenia

On November 18, the State Department spox, Jeff Rathke said that “The full Senate can consider each of these nominees quickly. Certainly, our career nominees could be confirmed en bloc, they’re well-qualified, and they’re experienced.”

We desperately need all of America’s team on the field of diplomacy, and these are all spectacularly qualified career nominees. This is exactly how our remaining nominations should be considered and confirmed. There are 19 career Foreign Service officers awaiting confirmation on the Senate floor. They were all carefully considered in the Senate Foreign Relations Committee and approved. The full Senate can consider each of these nominees quickly. Certainly, our career nominees could be confirmed en bloc, they’re well-qualified, and they’re experienced.A total of 58 State Department nominees, including 35 career diplomats, are still waiting.
[…]
Nominees on the floor have waited for more than eight and a half months on average, 258 days. It’s critical, in the Department’s view, that we get these nominees confirmed before the Senate adjourns for the year to prevent further delay in meeting our foreign policy objectives, and while we appreciate the progress just made, we know that America is stronger if the backlog is cleared and our nominees are confirmed before Thanksgiving. The Secretary has made a personal plea to his former colleagues in the Senate, and we would ask again for their help.

On November 19, the spox tried again:

Yesterday, I began the briefing with a pitch for my fellow Foreign Service officers who have been waiting for Senate confirmation. Secretary Kerry called in from London to his chief of staff, David Wade, and he asked me to come out here again this afternoon and do the same. The Secretary has been in continued contact with his former colleagues on Capitol Hill about this. It’s very important to him. He needs to have his team and he also feels it’s important that these non-controversial nominees be confirmed before Thanksgiving as well. It’s the right thing to do for them, for their families, and for America’s interests.

On November 20, the spox tried once more to appeal that the nominees be confirmed “en bloc or by unanimous consent”to no avail:

We’ve asked the united – that the Senate confirm these nominations en bloc or by unanimous consent, as we’ve seen in some cases this week, particularly because there’s no objection to these highly qualified and dedicated nominees. We urge the Senate to confirm them quickly and put them to work for the country. We need it desperately.

 

It looks like that’s it for today.  Coming up next month, the nominations of the more controversial nominee to Argentina:

Plus the nominee for Hungary:

 

 * * *

1 Comment

Filed under Ambassadors, Ambassadorships, Confirmed, Congress, Foreign Service, John F. Kerry, Leaks|Controversies, Nominations, Obama, Realities of the FS, Secretary of State, Staffing the FS, State Department, U.S. Missions

Ambassador John Tefft Presents Letter of Credence in Moscow

– Domani Spero

 

 

Russian President Vladimir Putin received the letters of credence from Ambassador Tefft together with  fourteen new ambassadors to Moscow from Djibouti, the Central African Republic, Eritrea, Poland, the Democratic People’s Republic of Korea, Ghana, Vietnam, Zambia, Turkey, Tanzania, Hungary, Peru, Nicaragua and Uzbekistan.

Mr. Putin also gave a speech during the event and his MFA specifically highlighted the following in the English text of the speech:

We take the view that Russia and the United States of America bear special responsibility for maintaining international security and stability and combating global threats and challenges. We are ready for practical cooperation with our American partners in all different areas, based on the principles of respect for each other’s interests, equality and non-intervention in domestic affairs.

Full speech in English here.

 * * *

 

 

 

 

 

 

 

Leave a comment

Filed under Ambassadors, Diplomacy, Foreign Affairs, Foreign Service, FSOs, Staffing the FS, State Department, U.S. Missions

State Dept Re-attached to the Internet, and About Those “Unrelated” Embassy Outages

– Domani Spero

 

A few hours ago, we posted this: State Dept Spox on outages at embassies: “separate”, “unconnected”, “unrelated” — wowie zowie!

It looks like the State Department was re-attached to the Internet sometime this morning. Although as of this writing, go.state.gov is still down for “temporary maintenance.”

Screen Shot 2014-11

Screen capture of http://go.state.gov, still current as of 11/19/2014

Here’s what we’ve learned about the embassy outages:

The Consular Consolidated Database is apparently unaffected, as are visa and passport services.

EXCEPT that Consular Sections were unable to accept credit card payments because those are connected to the Internet, which was unavailable from the State Department’s OpenNet.

Here’s how OpenNet is described in the FAM:

OpenNet is a physical and logical Internet Protocol (IP)-based global network that links the Department of State’s Local Area Networks (LANs) domestically and abroad. The physical aspect of the network uses DTS circuits for posts abroad, FTS-2001-provided circuits, leased lines, and dial-up public switch networks. This includes interconnected hubs, routers, bridges, switches, and cables. The logical aspect of the network uses Integrated Enterprise Management System (NMS) and TCP/IP software, and other operational network applications. OpenNet is a Sensitive But Unclassified (SBU) network, which supports e-mail and data applications.

We understand that the American Citizen Services (ACS) Units, in particular, were not able to process payments by credit cards. Since the Internet connection issue had been reportedly resolved earlier today, we hope that this has resolved itself, too.

As to visa services, those are connected to the Global Support Strategy (GSS) contract, and 99% of fees would have been collected through the GSS contractor, not at post.

EXCEPT that most GSS contractors do scheduling via their own 3rd party websites, which would not be able to be accessed from OpenNet. If visa scheduling had delays, that would be because posts had to find a non-OpenNet Internet connection to update scheduling slots, as necessary.

A note on the GSS:  The GSS contracts provide support services for nonimmigrant and immigrant visa operations at United States consulates and embassies abroad, including but not limited to public inquiry services, appointment services, fee collection services, biometric enrollment services, document delivery services and data collection services.

So when the State Department spox said that these outages were not connected and were unrelated, well –

Congratulations! You sound nice at the podium but what the heck were you talking about?

* * *

Oops! What’s this? Updated at 1552 PST Nov 19:

Screen Shot 2014-11-19 at 3.44.20 PM

* * *

Leave a comment

Filed under Consular Work, Foreign Service, Huh? News, Security, State Department, Technology and Work, U.S. Missions

State Dept Spox on outages at embassies: “separate”, “unconnected”, “unrelated” — wowie zowie!

– Domani Spero

 

We’ve blogged about the outages at overseas posts yesterday (see State Department’s “Technical Difficulties” Continue Worldwide, So What About the CCD?).  On November 17, US Embassy Albania’s internet connection was down and US Embassy London could not accept credit card payments and its online forms for visa and passport inquiries were not working. US embassies in Moscow, Madrid, Manila, Beirut, Ankara, Cameroon, Oslo and Astana tweeted that they were “experiencing technical difficulties that may result in delays in visa processing.”

Unofficial sources tell us that State Department employees are now able to send email outside the Dept but still no Internet access. The Department’s mobile access site GO (go.state.gov) and Web PASS  (Web Post Administrative Software Suite Explorer) are both still offline.

What’s WebPASS?   via WebPASS Privacy Impact Assessment (2009):

WebPASS Explorer (“WebPASS”) is a suite of business applications used by overseas posts to administer a variety of internal activities. Some but not all applications under WebPASS collect and maintain personally identifiable information (PII) about post employees, their family members, and visitors. WebPASS is web-enabled and operates within the confines of OpenNet, the Department’s sensitive but unclassified (SBU) network.

The main application is Web Post Personnel (Web.PS), which is a database of the American employees (AEs), their dependents, and Locally Employed Staff (LES). Whereas the official record for an AE employee is maintained in Washington, DC, the Web.PS database supports local personnel-related tasks. Its LES-related features support personnel actions for LES staff directly hired at the post such as intake, assignments, transfers, grade increases, and terminations.

After an AE or LES staff is established in Web.PS, some of their basic identifiers (e.g., name, employee type, office) may be pulled electronically into other WebPASS applications that support separate functions such as motor pool operations, residency in government-held real property, and distribution of pharmaceutical medications.

The most sensitive unique identifier in WebPASS is the record subject’s SSN, which is stored in Web.PS.

 

Hey, if Professor Boyd, the American ambassador’s husband in Homeland had access to WebPASS, he could have saved himself some sneaking around just to discover (and tamper) with Carrie’s medication!

In any case, on November 18, the State Department spokesman Jeff Rathke was asked about the recent reported hacking and the outages at our embassies. The official word seems to be that these outages at ten posts (maybe more, but those posts have not tweeted their technical difficulties) are separate, unconnected, unrelated or [insert preferred synonym]  to the “technical difficulties” at Main State. Simply put, you folks stop racking your brains with suspicions, these outages are simply, and purely  coincidental.

Of course, coincidences happen every day, but the more I watch these official press briefings, the less I trust coincidences.

Excerpt:

QUESTION: Hacking?

MR. RATHKE: Yes, Lara, please.

QUESTION: Everybody’s favorite topic. You had talked yesterday from the podium about how the – it’s only the unclassified email systems at the State Department that was affected by this most recent data breach that prompted the suspension of – sorry, I’ve got suspended on my mind – (laughter) – but that prompted the shutdown over the weekend. But there’s been some suggestions that some of the missions and embassies and consulates have had some problems or could have some problems with processing passports or visas.

MR. RATHKE: No.

QUESTION: No? Not at all?

MR. RATHKE: No, no. These are unconnected. I mean, we have a separate system that deals with those types of consular issues – passports, visas, and so forth. Now there may be other technical issues that have arisen in one place or another. Is there a specific –

QUESTION: Yeah. Embassy Beirut, I think, had to –

MR. RATHKE: Yeah. No, that’s unrelated to the outage that we’ve had here.

QUESTION: Well, what’s going on in Embassy Beirut, then?

MR. RATHKE: Well, I don’t have the specifics, but it’s a separate issue. And I – from what I understand, they were able to continue doing their operations today, so it was not any major impediment.

I can give you an update, though, on the outage. I can report that our external email services from our main unclassified system are now operating normally, and for those who feel they are tethered to their Blackberries, they are once again, because the Blackberry service is working. So our unclassified external email traffic is now normal, so we’ve had some progress since yesterday’s discussion. So much of it is now operational. Much of our systems that had connectivity to the internet are now operational. We have a few more steps that’ll be taken soon to reach full restoration of our connectivity.

QUESTION: But just to clarify, no consular services, no client-based services –

MR. RATHKE: That’s a separate –

QUESTION: — have been affected by this outage?

MR. RATHKE: No, not to my knowledge. That’s – those are separate.

Yeah.

QUESTION: Do you have internet access from the unclassified system now?

MR. RATHKE: No, we are not – we do not have internet access at this stage. That will be restored soon, we expect. Sorry, yes?

QUESTION: Anything else major that you don’t have now?

MR. RATHKE: No. No, I think that’s mainly it. But it – this has not stopped us from doing our work, so –

QUESTION: The classified system never went down, correct?

MR. RATHKE: No, it was never affected at any point. So as mentioned yesterday, that hasn’t changed. It was not affected.

 

Congress remains more than interested:

 

And now the FBI is wading into the breaches:

* * *

Leave a comment

Filed under Congress, Diplomatic Attacks, Huh? News, Leadership and Management, Security, State Department, Technology, Technology and Work, U.S. Missions, Visas

Senate Confirms Bassett (Paraguay), Bernicat (Bangladesh), Zumwalt (Senegal/GB), Allen (Brunei), Roebuck (Bahrain)

– Domani Spero

 

 

  • Leslie Anne Bassett to be U.S. Ambassador to Paraguay.
  • Marcia Stephens Bloom Bernicat to be U.S. Ambassador to the People’s Republic of Bangladesh.
  • James Peter Zumwalt to be U.S. Ambassador to the Republic of Senegal and U.S. Ambassador to the Republic of Guinea-Bissau
  • Craig B. Allen to be U.S. Ambassador to Brunei Darussalam.
  • William V. Roebuck to be U.S. Ambassador to the Kingdom of Bahrain

Ambassador-designate James Zumwalt was nominated as Ambassador to the Republic of Senegal and the Republic of Guinea Bissau.  Embassy operations in Guinea Bissau had been suspended since  June 14, 1998. The U.S. Ambassador to the Republic of Senegal is dual-hatted as the Ambassador to the Republic of Guinea-Bissau “to serve concurrently and without additional compensation” and is based in Dakar, Senegal.

 * * *

Leave a comment

Filed under Ambassadors, Confirmed, Congress, Foreign Service, FSOs, Nominations, Staffing the FS, State Department, U.S. Missions

State Department’s “Technical Difficulties” Continue Worldwide, So What About the CCD?

– Domani Spero

 

The “technical difficulties” at the State Department continue today.  State Department spokesman Jeff Rathke told Yahoo News that  the State Department is still investigating who — or what — launched the attack saying, “I don’t have anything to share at this point on the origins of the intrusion.”

Rathke said the attack only hit unclassified email systems at the State Department — and not business databases that contain information about Americans or, for example, foreign visa applicants. Although the temporary shutdown was previously scheduled, “in this case, the response to this specific incident needed to be more comprehensive than our regular updates.

Congress is apparently interested on what’s going on.

Meanwhile, the Department’s mobile site go.state.gov remains down, and the “technical difficulties” now include, according to tweets from overseas posts, not just inability to use email  but also inability to accept credit card payment for visa and passport services, and unusable contact forms for visa and passport inquiries.


US Embassy Albania


US Embassy London

 

 

U.S. Embassy Manila

U.S. Embassy Beirut

 

US Embassy Turkey

U.S. Embassy Moscow

 

U.S. Embassy Madrid

* * *

Below is the template of the notice used today:

U.S. embassies and consulates are currently experiencing technical difficulties that may result in delays in visa processing and receiving and sending communications. Additionally, applicants who have interviews for student and exchange visitor (F/M/J) visas scheduled for this week should bring proof of payment of the SEVIS fee. U.S. citizens may also experience delays in sending and receiving communications. U.S. citizens requiring emergency assistance should contact the Embassy [INSERT contact info].

 

We doubt if the State Department would have acknowledged this intrusion had the Associated Press not reported it on Sunday. On a related matter, we understand that Consular Affairs’ Consular Consolidated Database has been having problems “lately.”

Can somebody please ask CA if these ongoing problems are related to the technical difficulties from this past summer, or if this is related to the just known intrusion that brought down the email system and the GO site? We’re not terribly technical but curious — if a cyber intruder starts deleting data from the CCD, would anyone notice what’s missing?

* * *

 

 

 

 

 

 

 

 

Leave a comment

Filed under Congress, Leadership and Management, Security, Social Media, State Department, Technology and Work, U.S. Missions

State Department’s Computer Systems Hacked, 5th Known Agency Breach This Year?

– Domani Spero

 

Just the bit of bad news you don’t need to start your Monday:

 

Below via WaPo:

The State Department did not seek to publicize that it had been hacked. On Friday, it announced that “maintenance” would be done to the unclassified network during a routine, scheduled outage. But on Sunday, after the Associated Press first reported the breach, officials acknowledged they had found traces of suspicious activity in their system and were updating security in the middle of a scheduled outage. In a sign of how complete the shutdown was, duty officers were using Gmail accounts.

A senior State Department official, who spoke on the condition of anonymity to discuss the breach, also told WaPo that “none of the department’s classified systems were compromised.”

Would State report publicly the classified intrusion if those systems were compromised?

This report follows the confirmation of a hack at the National Oceanic and Atmospheric Administration which reportedly forced cybersecurity teams to seal off data vital to disaster planning, aviation, shipping, etc. this past September, the reported breach of the computer networks of the United States Postal Service, compromising the data of more than 800,000 employees and a breach at the White House.  In June this year, the WSJ also reported the breach of computer systems at the Office of Personnel Management, which stores data on federal employees.

An unnamed official told nextgov.com that State is bolstering the security “of its main unclassified network during a scheduled outage of some Internet-linked systems.” The site, nextgov.com says it is “unclear why officials waited until this weekend to disconnect potentially infected systems at State.”

As of this writing, the State Department’s mobile access (go.state.gov) is down with the following notice: “The Department is currently experiencing an ongoing, planned outage to upgrade our network.  during this event, mobile access (GO) will be unavialable.  We apologize for any inconvenience this may cause you.  For questions or more information, please contact the IT Service Center at 202-647-2000.”

We understand that GO will be down until further notice and may need to be rebuilt. A mobile copy is currently live at http://m.state.gov.

* * *

In totally unrelated news, and nothing/nothing whatsoever to do with this reported hack — State/OIG on November 7, published its Audit of Department of State Information Security Program.  The report is readable if you don’t mind the redacted parts:

Screen Shot 2014-11-15 at 11.11.19 AM

Below is an excerpt:

Information technology security controls are important to protect confidentiality, integrity, and availability of information and information systems. When they are absent or deficient, information becomes vulnerable to compromise.[REDACTED]
[…]
Although we acknowledge the Department’s actions to improve its information security program, we continue to find security control deficiencies in multiple information security program areas that were previously reported in FY 2010, FY 2011, FY 2012, and FY 2013. Over this period, we consistently identified similar control deficiencies in more than 100 different systems. As a result, the OIG issued a Management Alert in November 2013 titled “OIG Findings of Significant and Recurring Weaknesses in the Department of State Information System Security Program” that discussed significant and recurring control weaknesses in the Department’s Information System Security Program [REDACTED B(5)]

The FY 2013 FISMA audit report contained 29 recommendations intended to address identified security deficiencies. During this audit, we reviewed corrective actions taken by the Department to address the deficiencies reported in the FY 2013 FISMA report. Based on the actions taken by the Department, OIG closed 4 of 29 recommendations from the FY 2013 report.
[…]
We identified control deficiencies in all [Redacted] (b) (5)  of the information security program areas used to evaluate the Department’s information security program. Although we recognize that the Department has made progress in the areas of risk management, configuration management, and POA&M since FY 2013, we concluded that the Department is not in compliance with FISMA, OMB, and NIST requirements. Collectively, the control deficiencies we identified during this audit represent a significant deficiency to enterprise-wide security, as defined by OMB Memorandum M-14-04.
[…]
Although we found the Department’s Computer Incident Response Team (CIRT) Standard Operating Procedures aligned with NIST SP 800-61, Revision 2,39 procedures do not clearly state all the bureaus, offices, and organizations that require notification prior to closing an incident. As a result, DS/SI/CS did not report all incidents to the U.S. Computer Emergency Readiness Team (US-CERT) as required. Specifically, 1 out of 22 (5 percent) security incidents we tested was not reported to the US-CERT, even though it was a Category 4 incident and involved potential classified spillage. If the Department does not report data spillage incidents (potential or confirmed) to US-CERT within the established timeframes, US-CERT may not be able to help contain the incident and notify appropriate officials within the allotted timeframe.

According to State/OIG, Category 4 incidents are incidents involving improper usage of Department systems or networks (that is, a person that violates acceptable computing use policies).

According to OMB Memorandum M-14-04, a significant deficiency is defined as a weakness in an agency’s overall information systems security program or management control structure, or within one or more information systems that significantly restricts the capability of the agency to carry out its mission or compromises the security of its information, information systems, personnel, or other resources, operations, or assets. via

 * * *

Related item:

Audit of Department of State Information Security Program; Published On: November 07, 2014; Report Date: November 2014; Report Number: AUD-IT-15-17; View Report: aud-it-15-17.pdf

 

 

 

 

 

 

 

Leave a comment

Filed under Diplomatic Security, Functional Bureaus, Govt Reports/Documents, Leadership and Management, Security, State Department, Technology and Work