In 2004, Alden P. Stallings, a Foreign Service Officer pleaded guilty for writing false visa referrals. According to DOJ, Stallings was assigned to the U.S. Embassy in Seoul, Korea as the Deputy Public Affairs Officer when he submitted to the Consular Section 54 referrals in which he provided false information about his relationship with the applicants. DOJ charged that on each of the 54 referral forms, Stallings stated that he recommended the issuance of a non-immigrant visa to the applicant because the applicant was an “important post contact” whom he had “personally known” since a specified date. In fact, on each of the 54 occasions, Stallings knew that his statement on the referral form was false, and that he did not personally know the contact.
At the time Stallings pleaded guilty,he faced a maximum sentence of five years in prison and a $250,000 fine, and that case effectively ended his career.
But hey, is it true that if you are in a senior position or a congressional representative, a personal intervention on behalf of a rejected visa applicant — who allegedly brought foreign maids into the country under false visa pretenses, and donated money to political campaigns — is A-okay?
The Obama administration overturned a ban preventing a wealthy, politically connected Ecuadorean woman from entering the United States after her family gave tens of thousands of dollars to Democratic campaigns, according to finance records and government officials.
The woman, Estefanía Isaías, had been barred from coming to the United States after being caught fraudulently obtaining visas for her maids. But the ban was lifted at the request of the State Department under former Secretary of State Hillary Rodham Clinton so that Ms. Isaías could work for an Obama fund-raiser with close ties to the administration.
It was one of several favorable decisions the Obama administration made in recent years involving the Isaías family, which the government of Ecuadoraccuses of buying protection from Washington and living comfortably in Miami off the profits of a looted bank in Ecuador.
In the spring of 2011, Ms. Isaías, a television executive, was in a difficult situation.
Her father and uncle were Ecuadorean fugitives living in Miami, but she was barred from entering the United States after she brought maids into the country under false visa pretenses and left them at her parents’ Miami home while she traveled.
“Alien smuggling” is what American consular officials in Ecuador called it.
American diplomats began enforcing the ban against Ms. Isaías, blocking her from coming to Miami for a job with a communications strategist who had raised up to $500,000 for President Obama.
Over the course of the next year, as various members of the Isaías family donated to Mr. Menendez’s re-election campaign, the senator and his staff repeatedly made calls, sent emails and wrote letters about Ms. Isaías’s case to Mrs. Clinton, Ms. Mills, the consulate in Ecuador, and the departments of State and Homeland Security.
After months of resistance from State Department offices in Ecuador and Washington, the senator lobbied Ms. Mills himself, and the ban against Ms. Isaías was eventually overturned.
[…] David A. Duckenfield, a partner at the company who is now on leave for a position as deputy assistant secretary of public affairs at the State Department, said Ms. Isaías worked for the firm but declined to comment further. Another senior executive at the firm said she must work outside the office because he had never heard of her.
“There are rigorous processes in place for matters such as these, and they were followed,” said the spokesman, Nick Merrill. “Nothing more, nothing less.”
A White House spokesman, Eric Schultz, declined to comment, saying that visas are issued free from political interference by other federal agencies.
Mr. Boehm, the former Pennsylvania prosecutor, said Senate ethics rules allowed members of Congress to reach out to the administration on behalf of a constituent. “Members of Congress do a lot for their constituents,” Mr. Boehm said.
“These folks are not his constituents,” he added, referring to Mr. Menendez.
Updated 12/16/14 at 9:45 pm: We understand from the “R” shop that 3 FAM 4170 is in clearance now and something about “third time’s a charm!” What’s that about?
* * *
The December issue of the Foreign Service Journal includes a Speaking Out piece by FSO Wren Elhai, Twitter Is a Cocktail Party, Not a Press Conference (or, Social Media for Reporting Officers). The author is currently serving in the political-economic section of Consulate General Karachi. Prior to joining the State Department, he worked at the Center for Global Development, a D.C.-based think-tank, as a policy analyst where he also ran the Center’s Twitter and Facebook pages. Excerpt below:
This is a shockingly vague rule, one that I have been told in training covers even posting quotes from official State Department statements or links to articles that support U.S. policy. It is a rule so vague that any diplomat with a Facebook account will confirm that nearly every one of us violates it on a daily basis.
If you think of Twitter as the digital equivalent of a newspaper, then it makes sense to try to maintain control over what diplomats say there. However, if Twitter is a digital cocktail party, that’s an untenable position. No one would even consider asking diplomats to pre-clear everything they say to people they meet at public events—let alone to seek press office clearance before starting a conversation with a potential contact.
We are paid to know U.S. foreign policy, to present and defend our positions, and to not embarrass ourselves when we open our mouths in public. We are trusted to speak tactfully and to know what topics are best discussed in other settings.
Our policy should treat our interactions online and in the real world on an even footing. Yes, there will be rare occasions when diplomats speak undiplomatically and, just as when this happens in the real world, those diplomats should face consequences.
But just as we don’t limit ourselves to talking about the weather at receptions, we should be able to present U.S. policy and engage with contacts online. To meet people, we need to show up for the party.
On the topic of consequences, Sir James Bevan KCMG, UK High Commissioner to India recently gave a speech to a group of journalists that’s related to this, particularly on how one might be a bit boring on Twitter, and for good reasons:
And we diplomats sometimes have to behave a bit differently from you journalists, or at least have to pretend that we do. There are things which you can do and say which we diplomats cannot, lest we provide you with copy that is good for you but bad for us.
Some of you have said that my Twitter account @HCJamesBevan is a little bit boring. There’s a reason for that: I like my job and I want to keep it. For a diplomat, being too interesting on Twitter is the quickest way to get sacked. I like India and I want to stay here.
This past June, AFSA told its members that for more than a year it has been negotiating a revision to the current Foreign Affairs Manual regulations governing public speaking and writing (3 FAM 4170).
“As mentioned in our 2013 Annual Report, our focus has been to accommodate the rise of social media and protect the employee’s ability to publish. We have emphasized the importance of a State Department response to clearance requests within a defined period of time (30 days or less). For those items requiring interagency review, our goal is to increase transparency, communication and oversight. We look forward to finalizing the negotiations on the FAM chapter soon—stay tuned for its release.”
Here is an excerpt from the transcript of the 12/1/14 DPB:
QUESTION: Do you have any reaction to the court’s decision dropping the charges against former President Mubarak?
MS. PSAKI: Well, generally, we continue to believe that upholding impartial standards of accountability will advance the political consensus on which Egypt’s long-term stability and economic growth depends. But beyond that, I would refer you to the Egyptian Government for any further comment.
QUESTION: So you don’t criticize at all?
QUESTION: What does that mean?
MS. PSAKI: It means that in general, we believe that courts should be —
QUESTION: It sounds to me like it means nothing.
MS. PSAKI: In general, we believe that impartial standards and the justice system should work as planned —
QUESTION: Yeah —
MS. PSAKI: — but I don’t have any specific comment —
QUESTION: But did —
QUESTION: But are you suggesting it wasn’t impartial?
MS. PSAKI: I don’t have any more specifics on —
QUESTION: But I – wow. I don’t understand that at all. What does that mean? You believe that – of course you do. But was that – were those standards upheld in this case?
MS. PSAKI: I don’t have anything – any specific comment on the case. I’d point you to the Egyptian Government.
QUESTION: (Inaudible) justice was served? Do you think justice was served in this case?
MS. PSAKI: I don’t have anything specific on the case.
QUESTION: (Inaudible) not try —
MS. PSAKI: Okay.
QUESTION: — to argue with you or ask about the comment. Are you trying to understand what is – does – this decision means?
MS. PSAKI: I don’t have anything more for you.
Do we have anything more on Egypt?
QUESTION: Do Egyptians explain to you what’s going on?
MS. PSAKI: We obviously remain in close touch with the Egyptians, but I don’t have anything more to peel back for you.
QUESTION: Jen —
MS. PSAKI: Any more on Egypt? Go ahead.
QUESTION: Yeah, but I mean, Transparency International is basically disappointed with that. And some international organizations have also expressed concern over, like, dropping all the charges against Mubarak, who’s accused of having murdered – having ordered the murder of protestors —
MS. PSAKI: I’m familiar with the case, yes.
QUESTION: — and also corruption, other things. And so you’re not willing to show your concern over that?
MS. PSAKI: Well, we speak frequently, including in annual reports, about any concerns we have about – whether its rule of law or freedom of speech, freedom of media, and we do that on a regular basis. I just don’t have anything more specifically for you on this case.
QUESTION: Can you see if – can we ask for – push your people a little bit harder? Because I mean, you call for accountability and transparency all the time from any number of governments. And so if no one is held to account, if no one is being held accountable for what happened, it would seem to me that you would have a problem with that and —
MS. PSAKI: If there’s more we have to say, Matt, we will make sure you all know.
QUESTION: But I mean, what you have said, that the – what you said says nothing. I mean, it just – it’s like saying, “Well, we support the right of people to breathe.” Well, that’s great, but if they can’t breathe —
MS. PSAKI: If we have a further comment on the case, I will make sure all of you have it.
QUESTION: I mean, aren’t you a little bit annoyed that the person who was elected by the Egyptian people, Morsy, is languishing in prison while the person who is accused of murdering hundreds of people is actually out on —
MS. PSAKI: I appreciate your effort, Said. I don’t have anything further on this case.
QUESTION: No, the reason we ask isn’t because —
MS. PSAKI: Said, I’m sorry. We’re going to have to move on.
Tsk! Tsk! Can’t imagine Ambassador Boucher accepting that kind of crap from any bureau. Next time, make the talking points drafter write in Plain English so we, the natives would understand what our government is talking about. And by the way, President Obama signed the Plain Writing Act of 2010 on October 13, 2010. That law requires that federal agencies use “clear Government communication that the public can understand and use.” This response is neither clear, nor usable.
So — if the talking points do not improve with plain language, go ahead and please kick the door. And if that doesn’t work either, get Madame Secretary to sign a reassignment order (apparently the Secretary of State does that kind of thing) and send the drafter and/or approving officer off to Angola.
Noooo, not/not to Portugal. And check the mike next time.
* * *
Updated below on 12/15/14 @ 2:09 am via Ali Weinberg of ABC News:
An employee at the embassy may have given out more than 50 sham visas to people who falsely claimed they needed to enter the U.S. to attend an oil industry conference in Texas, according to unsealed papers in Brooklyn Federal Court. The feds learned the Yemeni citizens never went to the conference. It was not clear if the fraudulent visas were connected to terrorism. The feds have uncovered a breach of security inside the U.S. Embassy in Yemen that led to bogus visas being issued, the Daily News has learned.
* * *
Via U.S. Consulate Amsterdam
If these visas were issued at the embassy, these are authentic visas, using real foils –issued under fraudulent reasons. What are the typical types of visa fraud? Below according to state.gov:
Presenting false documents to apply for a visa
Concealing facts that would disqualify one from getting a visa, like a criminal history in the alien’s home country
The sale, trafficking, or transfer of otherwise legitimate visas
Misrepresenting the reasons for requiring a visa
Counterfeiting, forgery, or alteration of a visa
We must also add, procurement of authentic visa by malfeasance — bribing a consular employee. For more on visa security, read Fred Burton’s Getting Back to the Basics here.
DSS Special Agent Bert Seay’s filed a court statement at the Eastern District of New York supporting probable cause to arrest one of those 50 individuals issued visas in Yemen:
In August 2014, DSS received information from the Department of Homeland Security, Office of the Inspector General (“DHS-OIG”) that DHS-OIG had received an anonymous tip that Yemeni national employees working in the non-immigrant visa unit of the U.S. Embassy in Sanaa, Yemen were helping other Yemeni nationals to fraudulently procure non—immigrant visas in exchange for money. Based on information provided by DHS-OIG, DSS identiﬁed one speciﬁc Yemeni employee at the U.S. Embassy who submitted over 50 suspicious Bl/B2 visa referrals for Yemeni citizens.
DSS identiﬁed the visa applications as suspicious because, in the applications, the Yemeni visa applicants purported to be employed by Yemeni oil companies and stated that their reason for traveling to the United States was to attend an oil industry conference called the “Offshore Technology Conference” in Houston, Texas. However, investigation by DSS determined that, in most instances, the Yemeni oil companies listed as employers on the visa applications were ﬁctitious and, further, that the visa applicants did not, in fact, attend the “Offshore Technology Conference” after traveling to the United States.
The DS agent statement includes a caveat that the “complaint is to set forth only those facts necessary to establish probable cause to arrest,” but does not include “all the relevant facts and circumstances.” The complaint also notes that “DSS identified one speciﬁc Yemeni employee at the U.S. Embassy who submitted over 50 suspicious Bl/B2 visa referrals for Yemeni citizens.”
The allegations involved Yemeni national employees,more than one. Suspicious cases involved over 50 visas, and law enforcement got one arrest. Alert is now broadcasted on all channels. So, how do you catch the Visa Malfeasance and Visa Fraudster Pokemons? It’s not like you can now pretend to send a local employee to FSI for training then arrest him or her upon arrival at Dulles like this or this.
Also, for non-State readers, here is what the regs say about visa referrals:
“A referral is a written request, maintained permanently, to advocate for, or otherwise assist, your contacts at post in the visa application process. Referrals are the only allowed mechanism to advocate for or assist visa applicants prior to visa adjudication.” (See 9 FAM, Appendix K, Exhibit I – pdf).
The news report actually gave us more questions than answers. Visa issuance is a specific responsibility of a Consular Officer; it cannot be issued by just any embassy official or any embassy employee. The processing and issuance process is now automated and requires specific login credentials; it’s not like anyone can just stamp a visa foil on a passport with a stamp pad.
And when did foreign national embassy employees started issuing visa referrals? Only qualified and approved individuals may make visa referrals. But here’s the thing – the regs are clear, to qualify as a visa referring officer you must:
(1) Be a U.S. citizen, direct hire, encumbering an NSDD-38 authorized position or serving in a long-term TDY role (of more than 121 days) in place of a permanently stationed direct hire who falls under Chief of Mission (COM) authority and encumbers an NSDD-38 position as defined by the Human Resources section at post;
(2) Attend a referral briefing with the consular section; and
(3) Submit a signed and dated Worldwide NIV Referral Policy Compliance Agreement to the consular section.
Not only that, the chief of section/agency head of the referring officer’s section or agency must approve each referral (and must attend the briefing and sign the compliance document in order to do so). In the absence of a section/agency head or acting head, the Principal Officer (PO) (if at a consulate), or Deputy Chief of Mission (DCM), or Ambassador must approve the referral.
So, how is it possible for a Yemeni employee in this case (who has not been identified publicly or charged), to submit 50 visa referrals is seriously perplexing.
The complaint identified one defendant as ABDULMALEK MUSLEH ABDULLAH ALZOBAIDI. He allegedly submitted a visa application dated March 8, 2014 presented to an in-person interview with “a Consular Officer at the U.S. Embassy in Sanaa,Yemen on April 14, 2014.” In his visa application, the defendant allegedly stated, among other things, that he was a “manager” of “Jaber Oil Company.” The defendant allegedly further provided the Consular Officer with a business card for Jaber Oil Company. The defendant also allegedly stated in his visa application that the purpose of his trip to the United States was to attend the “Offshore Technology Conference” in Houston, Texas for approximately 15 days.
According to court docs, in September 2014, DSS agents received information from the Yemeni Ministry of Commerce and Information conﬁrming that the Jaber Oil Company is not a registered or legitimate company in Yemen. That Houston conference is an annual event.
Since this individual has now been charged, he will have his day in a New York court but this brings up an even troubling scenario.
According to 2009 unclassified cable published by WikiLeaks, Yemen security conditions prevent the embassy’s Fraud Prevention Unit (FPU) from performing field investigations so post rely almost exclusively on telephone investigations to combat fraud. So, if there’s a universe with 50 suspicious cases, how many were investigated by FPU prior to visa issuance? This would have been a pretty standard practice in a high fraud post like Yemen.
In a 2010 inspection review of US Embassy Sana’a, OIG inspectors noted(pdf) that “Because of staffing limitations, Embassy Sanaa is not doing the required annual reviews of its visa referral system. This important internal control is mandated by 9 FAM Appendix K 105(d). Not regularly reviewing referrals deprives consular management of important information on the adjudication process and potentially improper behavior.”
That report, although old, also noted at that time that nonimmigrant visa processing is “a relatively small part of the post’s consular workload, and it is managed successfully by one part-time officer.”
Embassy Sana’a has suffered from staffing and security limitations for many years. We can’t imagine that the staffing situation at post has grown any better since that 2010 report. Has it?
And this makes one wonder — if Sanaa is under “ordered departure”and has limited staff, why do we insist on processing visas there? Embassy Sana’a did not respond to our inquiry on this case but says on its website that “requests for U.S. tourist and business visa appointments continues to grow.” Also that “Visa services are an important Embassy function, and the robust demand for tourist and business visas reflects the strong continuing relationship between Yemen and the United States.”
The continuing relationship is so strong that no one has been arrested for the multiple attacks of the U.S. mission in Yemen.
According to AQAP, it has targeted US interests in Yemen three times in the last 60 days alone: shelling of compound on September 27, targeting Ambassador Tueller with IEDs on November 6, and the detonation of two IEDs on post’s northern gate on November 27. The attack last week reportedly resulted in embassy guard death/s; this has not been mentioned, confirmed, or denied by the State Department. This news has not made it to the front pages, so you know they will try again.
Spox for #Yemen embassy in DC confirms shooting incident outside US embassy in Sana’a. Dips playing it down, but reports guard shot dead.
OpenNet is a physical and logical Internet Protocol (IP)-based global network that links the Department of State’s Local Area Networks (LANs) domestically and abroad. The physical aspect of the network uses DTS circuits for posts abroad, FTS-2001-provided circuits, leased lines, and dial-up public switch networks. This includes interconnected hubs, routers, bridges, switches, and cables. The logical aspect of the network uses Integrated Enterprise Management System (NMS) and TCP/IP software, and other operational network applications. OpenNet is a Sensitive But Unclassified (SBU) network, which supports e-mail and data applications.
We understand that the American Citizen Services (ACS) Units, in particular, were not able to process payments by credit cards. Since the Internet connection issue had been reportedly resolved earlier today, we hope that this has resolved itself, too.
As to visa services, those are connected to the Global Support Strategy (GSS) contract, and 99% of fees would have been collected through the GSS contractor, not at post.
EXCEPT that most GSS contractors do scheduling via their own 3rd party websites, which would not be able to be accessed from OpenNet. If visa scheduling had delays, that would be because posts had to find a non-OpenNet Internet connection to update scheduling slots, as necessary.
A note on the GSS: The GSS contracts provide support services for nonimmigrant and immigrant visa operations at United States consulates and embassies abroad, including but not limited to public inquiry services, appointment services, fee collection services, biometric enrollment services, document delivery services and data collection services.
So when the State Department spox said that these outages were not connected and were unrelated, well —
Congratulations! You sound nice at the podium but what the heck were you talking about?
We’ve blogged about the outages at overseas posts yesterday (see State Department’s “Technical Difficulties” Continue Worldwide, So What About the CCD?). On November 17, US Embassy Albania’s internet connection was down and US Embassy London could not accept credit card payments and its online forms for visa and passport inquiries were not working. US embassies in Moscow, Madrid, Manila, Beirut, Ankara, Cameroon, Oslo and Astana tweeted that they were “experiencing technical difficulties that may result in delays in visa processing.”
Unofficial sources tell us that State Department employees are now able to send email outside the Dept but still no Internet access. The Department’s mobile access site GO (go.state.gov) and Web PASS (Web Post Administrative Software Suite Explorer) are both still offline.
What’s WebPASS? via WebPASS Privacy Impact Assessment (2009):
WebPASS Explorer (“WebPASS”) is a suite of business applications used by overseas posts to administer a variety of internal activities. Some but not all applications under WebPASS collect and maintain personally identifiable information (PII) about post employees, their family members, and visitors. WebPASS is web-enabled and operates within the confines of OpenNet, the Department’s sensitive but unclassified (SBU) network.
The main application is Web Post Personnel (Web.PS), which is a database of the American employees (AEs), their dependents, and Locally Employed Staff (LES). Whereas the official record for an AE employee is maintained in Washington, DC, the Web.PS database supports local personnel-related tasks. Its LES-related features support personnel actions for LES staff directly hired at the post such as intake, assignments, transfers, grade increases, and terminations.
After an AE or LES staff is established in Web.PS, some of their basic identifiers (e.g., name, employee type, office) may be pulled electronically into other WebPASS applications that support separate functions such as motor pool operations, residency in government-held real property, and distribution of pharmaceutical medications.
The most sensitive unique identifier in WebPASS is the record subject’s SSN, which is stored in Web.PS.
Hey, if Professor Boyd, the American ambassador’s husband in Homeland had access to WebPASS, he could have saved himself some sneaking around just to discover (and tamper) with Carrie’s medication!
In any case, on November 18, the State Department spokesman Jeff Rathke was asked about the recent reported hacking and the outages at our embassies. The official word seems to be that these outages at ten posts (maybe more, but those posts have not tweeted their technical difficulties) are separate, unconnected, unrelated or [insert preferred synonym] to the “technical difficulties” at Main State. Simply put, you folks stop racking your brains with suspicions, these outages are simply, and purely coincidental.
Of course, coincidences happen every day, but the more I watch these official press briefings, the less I trust coincidences.
MR. RATHKE: Yes, Lara, please.
QUESTION: Everybody’s favorite topic. You had talked yesterday from the podium about how the – it’s only the unclassified email systems at the State Department that was affected by this most recent data breach that prompted the suspension of – sorry, I’ve got suspended on my mind – (laughter) – but that prompted the shutdown over the weekend. But there’s been some suggestions that some of the missions and embassies and consulates have had some problems or could have some problems with processing passports or visas.
MR. RATHKE: No.
QUESTION: No? Not at all?
MR. RATHKE: No, no. These are unconnected. I mean, we have a separate system that deals with those types of consular issues – passports, visas, and so forth. Now there may be other technical issues that have arisen in one place or another. Is there a specific —
QUESTION: Yeah. Embassy Beirut, I think, had to —
MR. RATHKE: Yeah. No, that’s unrelated to the outage that we’ve had here.
QUESTION: Well, what’s going on in Embassy Beirut, then?
MR. RATHKE: Well, I don’t have the specifics, but it’s a separate issue. And I – from what I understand, they were able to continue doing their operations today, so it was not any major impediment.
I can give you an update, though, on the outage. I can report that our external email services from our main unclassified system are now operating normally, and for those who feel they are tethered to their Blackberries, they are once again, because the Blackberry service is working. So our unclassified external email traffic is now normal, so we’ve had some progress since yesterday’s discussion. So much of it is now operational. Much of our systems that had connectivity to the internet are now operational. We have a few more steps that’ll be taken soon to reach full restoration of our connectivity.
QUESTION: But just to clarify, no consular services, no client-based services —
MR. RATHKE: That’s a separate —
QUESTION: — have been affected by this outage?
MR. RATHKE: No, not to my knowledge. That’s – those are separate.
QUESTION: Do you have internet access from the unclassified system now?
MR. RATHKE: No, we are not – we do not have internet access at this stage. That will be restored soon, we expect. Sorry, yes?
QUESTION: Anything else major that you don’t have now?
MR. RATHKE: No. No, I think that’s mainly it. But it – this has not stopped us from doing our work, so —
QUESTION: The classified system never went down, correct?
MR. RATHKE: No, it was never affected at any point. So as mentioned yesterday, that hasn’t changed. It was not affected.
The “technical difficulties” at the State Department continue today. State Department spokesman Jeff Rathke told Yahoo News that the State Department is still investigating who — or what — launched the attack saying, “I don’t have anything to share at this point on the origins of the intrusion.”
Rathke said the attack only hit unclassified email systems at the State Department — and not business databases that contain information about Americans or, for example, foreign visa applicants. Although the temporary shutdown was previously scheduled, “in this case, the response to this specific incident needed to be more comprehensive than our regular updates.
Congress is apparently interested on what’s going on.
Meanwhile, the Department’s mobile site go.state.gov remains down, and the “technical difficulties” now include, according to tweets from overseas posts, not just inability to use email but also inability to accept credit card payment for visa and passport services, and unusable contact forms for visa and passport inquiries.
US Embassy Albania
Our Internet connection is down and we can’t be reached via email. For urgent U.S. citizen services, call +355(0)4-224-7285. Thank you.
U.S. embassies and consulates are currently experiencing technical difficulties that may result in delays in visa processing and receiving and sending communications. Additionally, applicants who have interviews for student and exchange visitor (F/M/J) visas scheduled for this week should bring proof of payment of the SEVIS fee. U.S. citizens may also experience delays in sending and receiving communications. U.S. citizens requiring emergency assistance should contact the Embassy [INSERT contact info].
Can somebody please ask CA if these ongoing problems are related to the technical difficulties from this past summer, or if this is related to the just known intrusion that brought down the email system and the GO site? We’re not terribly technical but curious — if a cyber intruder starts deleting data from the CCD, would anyone notice what’s missing?
The State Department did not seek to publicize that it had been hacked. On Friday, it announced that “maintenance” would be done to the unclassified network during a routine, scheduled outage. But on Sunday, after the Associated Press first reported the breach, officials acknowledged they had found traces of suspicious activity in their system and were updating security in the middle of a scheduled outage. In a sign of how complete the shutdown was, duty officers were using Gmail accounts.
A senior State Department official, who spoke on the condition of anonymity to discuss the breach, also told WaPo that “none of the department’s classified systems were compromised.”
Would State report publicly the classified intrusion if those systems were compromised?
This report follows the confirmation of a hack at the National Oceanic and Atmospheric Administration which reportedly forced cybersecurity teams to seal off data vital to disaster planning, aviation, shipping, etc. this past September, the reported breach of the computer networks of the United States Postal Service, compromising the data of more than 800,000 employees and a breach at the White House. In June this year, the WSJ also reported the breach of computer systems at the Office of Personnel Management, which stores data on federal employees.
An unnamed official told nextgov.com that State is bolstering the security “of its main unclassified network during a scheduled outage of some Internet-linked systems.” The site, nextgov.com says it is “unclear why officials waited until this weekend to disconnect potentially infected systems at State.”
As of this writing, the State Department’s mobile access (go.state.gov) is down with the following notice: “The Department is currently experiencing an ongoing, planned outage to upgrade our network. during this event, mobile access (GO) will be unavialable. We apologize for any inconvenience this may cause you. For questions or more information, please contact the IT Service Center at 202-647-2000.”
We understand that GO will be down until further notice and may need to be rebuilt. A mobile copy is currently live at http://m.state.gov.
Information technology security controls are important to protect confidentiality, integrity, and availability of information and information systems. When they are absent or deficient, information becomes vulnerable to compromise.[REDACTED]
Although we acknowledge the Department’s actions to improve its information security program, we continue to find security control deficiencies in multiple information security program areas that were previously reported in FY 2010, FY 2011, FY 2012, and FY 2013. Over this period, we consistently identified similar control deficiencies in more than 100 different systems. As a result, the OIG issued a Management Alert in November 2013 titled “OIG Findings of Significant and Recurring Weaknesses in the Department of State Information System Security Program” that discussed significant and recurring control weaknesses in the Department’s Information System Security Program [REDACTED B(5)]
The FY 2013 FISMA audit report contained 29 recommendations intended to address identified security deficiencies. During this audit, we reviewed corrective actions taken by the Department to address the deficiencies reported in the FY 2013 FISMA report. Based on the actions taken by the Department, OIG closed 4 of 29 recommendations from the FY 2013 report. […] We identified control deficiencies in all [Redacted] (b) (5) of the information security program areas used to evaluate the Department’s information security program. Although we recognize that the Department has made progress in the areas of risk management, configuration management, and POA&M since FY 2013, we concluded that the Department is not in compliance with FISMA, OMB, and NIST requirements. Collectively, the control deficiencies we identified during this audit represent a significant deficiency to enterprise-wide security, as defined by OMB Memorandum M-14-04. […]
Although we found the Department’s Computer Incident Response Team (CIRT) Standard Operating Procedures aligned with NIST SP 800-61, Revision 2,39 procedures do not clearly state all the bureaus, offices, and organizations that require notification prior to closing an incident. As a result, DS/SI/CS did not report all incidents to the U.S. Computer Emergency Readiness Team (US-CERT) as required. Specifically, 1 out of 22 (5 percent) security incidents we tested was not reported to the US-CERT, even though it was a Category 4 incident and involved potential classified spillage. If the Department does not report data spillage incidents (potential or confirmed) to US-CERT within the established timeframes, US-CERT may not be able to help contain the incident and notify appropriate officials within the allotted timeframe.
According to State/OIG, Category 4 incidents are incidents involving improper usage of Department systems or networks (that is, a person that violates acceptable computing use policies).
According to OMB Memorandum M-14-04, a significant deficiency is defined as a weakness in an agency’s overall information systems security program or management control structure, or within one or more information systems that significantly restricts the capability of the agency to carry out its mission or compromises the security of its information, information systems, personnel, or other resources, operations, or assets. via
“Why is the CCD [Consular Consolidated Database] such a piece of trash lately and when is Senior CA [Consular Affairs] Management going to communicate honestly with the Field what the problem is? Anyone with a brain can tell there is something seriously wrong with the system.”
by rhetthammersmithhorror.tumblr.com via giphy.com
Ambassador Kenneywas nominatedon July 19, 2010 by President Barack Obama to be the US Ambassador to the Royal Kingdom of Thailand. She was confirmed by the United States Senate on September 29, 2010. She assumed charge of the US Embassy in Bangkok in January 2011. When she depart post next month, she’ll be a couple months short of a four year tour.