State/OIG Inspects US Mission Japan: Oh, Heck, Where Do We Start?

Posted: 1:35 pm EDT

 

State/OIG released it inspection report of the U.S. Embassy in Tokyo and its constituent posts.  The OIG made 65 recommendations intended to improve Embassy Tokyo’s operations and programs.  Mission Japan is headed by Ambassador Caroline Kennedy who arrived in November 2013, and her DCM,  Jason P. Hyland who arrived in June 2014. Mr. Hyland’s predecessor is not named in the report. Prior to this inspection, US Mission Japan was last reviewed in early 2008, and a report was issued in June 2008 (link to that report at the bottom of this post).

US Embassy Japan from diplomacy.state.gov

Let’s start with the key findings:

 The Department of State has not addressed security problems, including vulnerabilities which the Office of Inspector General identified in previous inspection reports.

 The role and authorities of the Ambassador’s chief of staff are not clearly defined, leading to confusion among staff as to her level of authority, and her role in internal embassy communications.

 The embassy’s focus on daily reporting of political and economic developments comes at the expense of building a broad network of contacts and providing in-depth analysis for policy formulation.

 The embassy is not coordinating reporting and diplomatic engagement across the mission. Constituent posts in Sapporo, Nagoya and Osaka-Kobe need to be brought up to the high standards set by posts in Fukuoka and Naha.

 The level of U.S. direct-hire staffing in the embassy’s political, economic, and consular sections is greater than workload warrants.

 The public affairs section faces major management challenges, but has begun to focus on educational exchanges and staffing adjustments to cope with the high visitor load and public outreach needs.

 American Presence Post Nagoya should cease offering routine consular services; consular operations in Fukuoka and Sapporo are inefficient.

 Although the embassy’s management section has made significant progress on cost containment, senior managers should pay greater attention to management controls over travel and official residence allowances.

 Office of Inspector General inspectors identified $122,665 in cost savings and $2,331,787 in funds put to better use during the inspection.

Overview of the mission:

Mission Japan is one of the U.S. Department of State’s (Department) most important missions in terms of its size and the U.S. interests for which it is responsible. The mission includes 13 U.S. Government agencies and 5 constituent posts: consulates general in Osaka-Kobe and Naha, consulates in Sapporo and Fukuoka, and an American Presence Post1 in Nagoya. The mission also includes the Foreign Service Institute language school in Yokohama. Headquarters of U.S. Forces Japan are located nearby at Yokota Air Base, and various U.S. military commands are located throughout the mainland and on Okinawa. The mission has 272 U.S. direct-hire employees and total employment of 727. In FY 2014, total funding for the mission, including other agencies, was $93.6 million. U.S. direct-hire employees were receiving a 25- to 35-percent cost-of-living allowance based on location at the time of the inspection.

Now, the good news:

  • Good Scores for Ethics | The Ambassador has made clear to the bureau’s executive office, the management officers at Embassy Tokyo, and her front office staff that she wants all her activities to be conducted in accordance with U.S. Government regulations. This was borne out by the fact that the highest score she received from staff members who completed a personal questionnaire was for her ethical behavior.
  • Hague Convention Accession | Japan is second only to Mexico in the number of children abducted from the United States. Japan’s accession to The Hague Convention on International Parental Child Abduction in 2014 was a significant development, due in no small part to Embassy Tokyo’s efforts to encourage Japan to join.
  • EFM Employment | A de facto work agreement with the Government of Japan allows family members to apply for work permits with strict rules governing employment. Twenty-seven eligible family members are employed inside the mission, and 34 eligible family members are employed outside the mission, mostly as English teachers.
  • RSO:  The Tokyo regional security office is responsible for the security and emergency preparedness of a large geographically dispersed diplomatic mission. In discussions and interviews with embassy staff members, the OIG team was told repeatedly that the regional security office is responsive to their needs. Accomplishments of the senior regional security officer include reinvigorating the law enforcement working group, updating and drafting missing or outdated security policies, and implementing modifications to the local guard contract that save the Department approximately $230,000 annually. The regional security office staff uniformly describes the senior regional security officer as a good mentor and communicator.
  • Cost Containment: In 2014, to contain cost, the embassy transferred 70 percent of its voucher processing to the Department’s regional voucher processing center. The cost to process a voucher in Japan is three times higher than at the regional center. The transfer resulted in the elimination of at least two voucher examiner positions.

And the not so good news, oh where do we start?

  • Leadership | A non-career Ambassador with wide experience in nongovernmental and publishing industries leads Embassy Tokyo. She sees the strengthening of mutual understanding between the Japanese and the American people and the deepening of the security alliance as her prime responsibilities. The Ambassador does not have extensive experience leading and managing an institution the size of the U.S. Mission to Japan. She relies upon two key senior staff members—her non-career chief of staff and a career Senior Foreign Service deputy chief of mission (DCM)—to make sure that Embassy Tokyo and its constituent posts receive the resources and guidance they need to conduct day-to-day operations. The chief of staff, who has extensive experience in public relations and has worked with the Ambassador over a period of years, organizes special projects for the Ambassador, coordinates functions within the embassy, and oversees embassy staff interactions with the Ambassador. The DCM, who arrived in Tokyo 6 months before the start of the onsite inspection process, focuses on internal management of the embassy and coordination with the constituent posts.
  • Communication Between the Front Office and Embassy Sections Needs Improvement.
  • High Visibility Ambassador Puts a Strain on Some Embassy Elements
  • Role of Chief of Staff Needs Refinement
  • The Deputy Chief of Mission Should be More Proactive in Exercising Leadership

The leadership section does not include discussion on training, mentoring, and professional development of First and Second Tour (FAST) officers, or mission morale. The report says that “four of seven officers in the public affairs section assigned to Tokyo have left post before their tour end date.”  There’s a term for that; it’s called curtailment.  A non-career chief of staff, a PR person, who has a large sway in the functioning of this embassy is not named in this report.  And just before the arrival of the inspectors, the front office apparently had made some headway on improving communication by holding a town hall meeting to unveil the revised memo outlining the activities the Ambassador would undertake. The report is not clear if this is the ambassador’s first town hall meeting with embassy staff.

Political Section:

  • Minister Counselor Positions Under-Ranked
  • Economic Section Has Too Many Supervisors
  • Economic Section Portfolios Organized Poorly
  • Excess Staff in the Political and Economic Sections
  • Law Enforcement Working Group Lacks Political Context

Econ Section

  • Reporting and Advocacy Needed on Structural Reform
  • Economic Section Not Keeping Proper Records and Files
  • Embassy Tokyo does not have a current records management policy and does not enforce Department and Federal regulations on records management.

  • The economic section’s reporting relies heavily on media sources. On some policy developments, the OIG team found that embassy reporting did not add value to more timely reporting by the international press. Reporting was mostly single-sourced and did not evidence a range of contacts among Japanese business leaders, legislators or staff, political parties, academia, or other economic leaders or decision makers, as intended by 2 FAM 113.1 c (10) and (11).

Consular Section

  • Consular Officer Staffing Is Excessive
  • No Coordination of Consular Social Media
  • Inefficient Consular Operations in Fukuoka and Sapporo

Note that citizens of some countries including Japan, who are traveling to the U.S. for 90 days less for business or tourism may not need a visa as they are eligible for the Visa Waiver Program (VWP). This report says that Tokyo’s consular section, with 14 officers, has more officer positions than other consular operations of similar workload, with a high proportion of managers to entry-level officers.

Management Section:

  • Inconsistencies in Billing Methods Creates Confusion
  • Cashiering Violation and Fiscal Irregularity
  • Class B Cashier’s Cash Advance is Excessive
  • Salaries Inappropriately Paid Directly to Official Residence Expense Staff (this is a pretty common subject in OIG reports)
  • Position Descriptions Are Inaccurate
  • Delays in Processing Within-Grade Increases
  • In-House Post Language Program Is Not Cost Effective
  • No In-House Equal Employment Opportunity Training Provided to Staff
  • Allegations of Sexual Harassment Not Reported to the Office of Civil Rights
  • Unauthorized Use of Motor Pool Shuttle Services
  • Living Quarters Allowance Not in Compliance with the Foreign Affairs Manual
  • No Emergency Backup Generators at Some Constituent Posts
  • The Department’s Office of Fire Safety conducted visits in 2014. The report identified 83 deficiencies of which the mission has corrected 53.
  • Locally Developed Software Applications Not in Compliance
  • Emergency Communication Does Not Meet Department Standards
  • No Logs of Network Maintenance
  • Premium Class Train Travel Policy Does Not Comply with Department Regulations
  • Extra Travel Costs Inappropriately Approved for Using Indirect Routes
  • USCG Naha: Inappropriate Use of Official Residence Expense Funds Instead of Representation Funds

Public Affairs

The OIG report says that in the past 8 months, four of seven officers in the public affairs section assigned to Tokyo have left post before their tour end date. That’s called curtailment. Unless they were all medevaced.

  • Embassy’s 11-person Media Analysis and Translation Team Lacks a Clear Mandate | Without a survey of the MATT’s customers, the embassy cannot confirm who—if anyone—is reading its products or justify the $1.25-million annual cost of operating the MATT.
  • Social Media Lacks Coordination| Several LE staff members work separately with social media, resulting in a multiplicity of uncoordinated messages
  • Grants Management Not in Compliance
  • No Public Diplomacy Strategy
  • The public affairs section was told to take a 26-percent cut. This reduced the public diplomacy allotment from $11.5 million in FY 2011 to $8.6 million in FY 2012. Even at that reduced rate, Mission Japan’s public affairs budget was still the largest in the Bureau of East Asian and Pacific Affairs. As a result of these budget cuts, the public affairs section eliminated 17 LE staff positions. The public affairs section allocated 68 percent of its FY 2014 budget of $8.5 million to LE staff salaries. According to the Under Secretary for Public Diplomacy and Public Affairs, this is high by world standards. […]The Ambassador selected the country public affairs officer, who arrived in Tokyo in August 2014, to stabilize the public affairs section, end the curtailments, define LE staff duties in order to clarify the new distribution of duties following the 2012 staff cuts, bring transparency to personnel decisions, and get the entire staff’s commitment to move forward. Since the public affairs officer’s arrival, the public affairs section has had considerable success, particularly with programs on educational exchange and women’s issues

A few more items with notable details extracted from the report:

Commercial Email Usage |  In the course of its inspection, OIG received reports concerning embassy staff use of private email accounts to conduct official business. On the basis of these reports, OIG’s Office of Evaluations and Special Projects conducted a review and confirmed that senior embassy staff, including the Ambassador, used personal email accounts to send and receive messages containing official business.

Employee Evaluation Reports do not Reflect Demonstrated Weaknesses | The OIG team reviewed a range of Department employee evaluations written by managers at the U.S. Mission to Japan. They found several examples of evaluations that did not reveal any indication of serious weaknesses, even though the rated officers had required in-depth management and or discipline by their supervisors and had absorbed time and resources from senior embassy officers. The DCM, having been at post only 6 months, has not yet produced employee evaluations. The inspectors advised him to make clear to rating officers that employee evaluations must present an accurate record of each staff member’s strengths and a realistic area for improvement.

Yokohama Language Program Cost-Benefit Analysis Lacking | To provide Japanese-language instruction in Yokohama, it costs the Department an estimated $2.3 million per year. The total cost of operating the school, factoring out fixed expenses, such as leasing residences for the students, post allowance, education allowance, the school director’s salary and benefits, and other sunk costs, is $1 million per year. This translates into a per-student cost of from $83,583 to $200,599 for a student body of from 5 to 12 students. The Department could be incurring higher costs for providing language services.

No Justification for Paying Post Allowance to Family Member Appointees | Worldwide, Embassies London and Tokyo are the only two authorized to pay post allowance to family member appointees. In 2001, the Department granted them an exception on the basis of their inability to recruit individuals for family member positions because of lower salaries and wages, in accordance with 3 FAM 8218.1 c. In Japan, these adverse employment conditions no longer exist. Except for security escort positions, the embassy has had no difficulty filling family member positions. It also has been able to fill some of its LE staff vacancies with eligible family members when they meet all position requirements. The cost impact to the embassy of providing the post allowance to nine full-time family members is $59,190, annually.

Consulate General Naha Not Benefiting from Zero Cost Leasing Offer | In February 2010, the Open Source Center located on the U.S. Army’s Torii Station offered four Government-owned houses located on Kadena Air Base to Consulate General Naha at zero leasing costs. Consulate General Naha has not fully considered this offer. The OIG team estimates accepting the Open Source Center’s offer would save leasing costs of $110,665 per year. The embassy would continue to fund utility and make-ready costs. In Naha, U.S. direct hires already use base services, including the commissary, Post Exchange, and other support services. U.S. direct-hire dependents attend Department of Defense schools. According to 15 FAM 228 b, housing selection should achieve maximum cost benefit to the U.S. Government, and every effort should be made to lease appropriate housing with terms that reflect the likelihood of the housing unit remaining in posts inventory, with lease terms of 5 years or more whenever appropriate.

Private Domestic Staff Inappropriately Housed in U.S. Government-Owned Facility | The embassy continues to house private domestic staff of U.S. direct-hire officers in a separate U.S. Government-owned facility (the former U.S. Marine Dormitory) despite a 2008 Office of Legal Counsel’s opinion cautioning that the legality of operating living quarters for private domestic servants of U.S. Government employees on U.S. Government premises is highly doubtful under Federal appropriations/employment law. The presence of such facilities on U.S. Government-controlled real property also raises liability issues under employment law and tort law. The embassy raised concerns about prior fraudulent domestic staff employment contracts, use of appropriated funds to maintain the facility and collection of utilities reimbursements through the employees association as a probable violation of appropriation law. At the time of inspection, 42 domestic staff resided in the 31-room U.S. Government-owned building designated for domestic staff. According to 15 FAM 244, post personnel may house full-time domestic staff in their own U.S. Government-provided quarters if space is available and approved by the regional security officer. The estimated cost of maintaining the facility is $60,000 per year.

#

Related items:

OIG_ISP-i-15-35a JAPAN Aug 25, 2015

OIG – U.S. Embassy Tokyo, Japan and Constituent Posts June 2008

State Dept’s Wibbly Wobbly Jello Stance on Use of Private Email, Also Gummy Jello on Prostitution

Posted: 1:38 am EDT

 

We’ve added to our timeline of the Clinton Email saga (see Clinton Email Controversy Needs Its Own Cable Channel, For Now, a Timeline).

On August 24, 2015, State Dept. Spokesman John Kirby told CNN:  “At The Time, When She Was Secretary Of State, There Was No Prohibition To Her Use Of A Private Email.” Below is the video clip with Mr. Kirby.

Okay, then. Would somebody please get the State Department to sort something out. If there was no prohibition on then Secretary Clinton’s use of a private email, why, oh, why did the OIG inspectors dinged the then ambassador to Kenya, Scott Gration for using commercial email back in 2012? (See OIG inspection of US Embassy Kenya, 2012).

Screen Shot 2015-08-25

Oh, and here’s a more recent one dated August 25, 2015. The OIG inspection of U.S. Embassy Japan (pdf) says this:

In the course of its inspection, OIG received reports concerning embassy staff use of private email accounts to conduct official business. On the basis of these reports, OIG’s Office of Evaluations and Special Projects conducted a review and confirmed that senior embassy staff, including the Ambassador, used personal email accounts to send and receive messages containing official business. In addition, OIG identified instances where emails labeled Sensitive but Unclassified6 were sent from, or received by, personal email accounts.

OIG has previously reported on the risks associated with using commercial email for official Government business. Such risks include data loss, hacking, phishing, and spoofing of email accounts, as well as inadequate protections for personally identifiable information. Department policy is that employees generally should not use private email accounts (for example, Gmail, AOL, Yahoo, and so forth) for official business.7 Employees are also expected to use approved, secure methods to transmit Sensitive but Unclassified information when available and practical.8

OIG report referenced two cables, we’ve inserted the hyperlinks publicly available online: 11 STATE 65111 and 14 STATE 128030 and 12 FAM 544.3, which has been in the rules book, at least since 2005:

12 FAM 544.3 Electronic Transmission Via the Internet  (updated November 4, 2005)

“It is the Department’s general policy that normal day-to-day operations be conducted on an authorized [Automated Information System], which has the proper level of security control to provide nonrepudiation, authentication and encryption, to ensure confidentiality, integrity, and availability of the resident information.”

This section of the FAM was put together by the Office of Information Security (DS/SI/IS) under the Bureau of Diplomatic Security, one of the multiple bureaus that report to the Under Secretary for Management.

Either the somebodies were asleep at the switch, as the cliché goes, or somebody at the State Department gave authorization to the Clinton private server as an Automated Information System.

In any case, the State Department’s stance on the application of regulations on the use of private and/or commercial email is, not wobbly jello on just this one subject or on just this instance.

gummy-bears-o

dancing jello gummy bears

On October 16, 2014, State/OIG released its Review of Selected Internal Investigations Conducted by the Bureau of Diplomatic Security. This review arose out of a 2012 OIG inspection of the Department of State (Department) Bureau of Diplomatic Security (DS). At that time, OIG inspectors were informed of allegations of undue influence and favoritism related to the handling of a number of internal investigations by the DS internal investigations unit. The allegations initially related to eight, high-profile, internal investigations. (See State/OIG Releases Investigation on CBS News Allegations: Prostitution as “Management Issues” Unless It’s NotCBS News: Possible State Dept Cover-Ups on Sex, Drugs, Hookers — Why the “Missing Firewall” Was a Big Deal).

One of those eight cases relate to an allegation of soliciting a prostitute.

The Foreign Affairs Manual (FAM) provides that disciplinary action may be taken against persons who engage in behavior, such as soliciting prostitutes, that would cause the U.S. Government to be held in opprobrium were it to become public.1

In May 2011, DS was alerted to suspicions by the security staff at a U.S. embassy that the U.S. Ambassador solicited a prostitute in a public park near the embassy. DS assigned an agent from its internal investigations unit to conduct a preliminary inquiry. However, 2 days later, the agent was directed to stop further inquiry because of a decision by senior Department officials to treat the matter as a “management issue.” The Ambassador was recalled to Washington and, in June 2011, met with the Under Secretary of State for Management and the then Chief of Staff and Counselor to the Secretary of State. At the meeting, the Ambassador denied the allegations and was then permitted to return to post. The Department took no further action affecting the Ambassador.

OIG found that, based on the limited evidence collected by DS, the suspected misconduct by the Ambassador was not substantiated. DS management told OIG, in 2013, that the preliminary inquiry was appropriately halted because no further investigation was possible. OIG concluded, however, that additional evidence, confirming or refuting the suspected misconduct, could have been collected. For example, before the preliminary inquiry was halted, only one of multiple potential witnesses on the embassy’s security staff had been interviewed. Additionally, DS never interviewed the Ambassador and did not follow its usual investigative protocol of assigning an investigative case number to the matter or opening and keeping investigative case files.

Department officials offered different justifications for handling the matter as a “management issue,” and they did not create or retain any record to justify their handling of it in that manner. In addition, OIG did not discover any guidance on what factors should be considered, or processes should be followed, in making a “management issue” determination, nor did OIG discover any records documenting management’s handling of the matter once the determination was made.

The Under Secretary of State for Management told OIG that he decided to handle the suspected incident as a “management issue” based on a disciplinary provision in the FAM that he had employed on prior occasions to address allegations of misconduct by Chiefs of Mission. The provision, applicable to Chiefs of Mission and other senior officials, states that when “exceptional circumstances” exist, the Under Secretary need not refer the suspected misconduct to OIG or DS for further investigation (as is otherwise required).2 In this instance, the Under Secretary cited as “exceptional circumstances” the fact that the Ambassador worked overseas.3

DS managers told OIG that they viewed the Ambassador’s suspected misconduct as a “management issue” based on another FAM disciplinary provision applicable to lower-ranking employees. The provision permits treating misconduct allegations as a “management issue” when they are “relatively minor.”4 DS managers told OIG that they considered the allegations “relatively minor” and not involving criminal violations.

Office of the Legal Adviser staff told OIG that the FAM’s disciplinary provisions do not apply to Ambassadors who, as in this instance, are political appointees and are not members of the Foreign Service or the Civil Service.5

OIG questions the differing justifications offered and recommends that the Department promulgate clear and consistent protocols and procedures for the handling of allegations involving misconduct by Chiefs of Mission and other senior officials. Doing so should minimize the risk of (1) actual or perceived undue influence and favoritism and (2) disparate treatment between higher and lower-ranking officials suspected of misconduct.6 In addition, OIG concludes that the Under Secretary’s application of the “exceptional circumstances” provision to remove matters from DS and OIG review could impair OIG’s independence and unduly limit DS’s and OIG’s abilities to investigate alleged misconduct by Chiefs of Mission and other senior Department officials.

In the SBU report provided to Congress and the Department, OIG cited an additional factor considered by the Under Secretary—namely, that the Ambassador’s suspected misconduct (solicitation of prostitution) was not a crime in the host country. However, after the SBU report was issued, the Under Secretary advised OIG that that factor did not affect his decision to treat the matter as a “management issue” and that he cited it in a different context. This does not change any of OIG’s findings or conclusions in this matter. 

After the SBU report was issued, the Under Secretary of State for Management advised OIG that he disagrees with the Office of the Legal Adviser interpretation, citing the provisions in the Foreign Service Act of 1980 which designate Chiefs of Mission appointed by the President as members of the Foreign Service. See Foreign Service Act of 1980, §§ 103(1) & 302(a)(1) (22 USC §§ 3903(1) & 3942(a)(1)). 

During the course of that review, State/OIG said it discovered some evidence of disparity in DS’s handling of allegations involving prostitution. Between 2009 and 2011, DS investigated 13 prostitution-related cases involving lower-ranking officials.

The OIG apparently, found no evidence that any of those inquiries were halted and treated as “management issues.”

.

Also, have you heard?  Apparently, DEA now has an updated “etiquette” training for its agents overseas.

That’s all.

Is there a diplomatic way to request that the responsible folks at the State Department culture some real backbone in a petri-dish?

No, no, not jello backbone, please!

#

U.S. Embassy France: U.S. Consular Agency Nice to Close Permanently on Sept 1, 2015

Posted: 1:36 am EDT

Via U.S. Embassy Paris, August 21, 2015:

The U.S. Embassy to France and Monaco and the U.S. Consulate General in Marseille announce a consolidation of consular services in southern France in order to better serve the public and enhance security for customers and staff.  Effective September 1, 2015, the U.S. Consular Agency in Nice will close.  All routine and emergency consular services in the Marseille consular district* will be provided by the U.S. Consulate General in Marseille.  The closure reflects the U.S. government’s policy of providing the highest quality consular service to U.S. citizens and foreign nationals in a location that offers a secure environment for all concerned.

As of September 1, 2015, all U.S. passport applications, reports of birth abroad applications, and notarial services must be scheduled at either the U.S. Consulate General in Marseille or the U.S. Embassy in Paris. For emergency services in the Marseille consular district, U.S. citizens are advised to contact the consular section at the U.S. Consulate General in Marseille.  For emergency services in other regions of France, U.S. citizens are advised to contact the U.S. Embassy in Paris.

The OIG report of US Mission France from 2012 notes that  the Nice consular agency accepts passport applications and provides notarial services. It also says that a senior local employee with more than 40 years of consular experience essentially runs the office, making appointments for the part-time consular agent, who sees applicants on Wednesdays. Back in 2012, the Consulate General Marseille also referred all Federal benefits applicants to Nice. State/OIG notes that  the Social Security Administration funds a five-person Federal benefits unit at Embassy Paris that has responsibility for providing information and processing claims in France and regionally. The assistant in Nice, although knowledgeable about Federal benefits, is providing unreimbursed and duplicative services for customers living in the south of France. A long time to be working for Uncle Sam.

#

US Embassy Paris: Three Americans in France, “Don’t just stand by and watch.”

Posted: 5.25 pm EDT

 

Via France 24:

The three Americans, Spencer Stone, Alek Skarlatos and Anthony Sadler who overpowered a heavily-armed gunman in a train, and have been hailed as “heroes” had a press conference at the U.S. ambassador’s residence in Paris over the weekend.

The alleged attacker, 25-year-old Moroccan national Ayoub El Khazzani, boarded a high-speed train in Brussels bound for Paris on Friday carrying a Kalashnikov rifle, an automatic pistol, ammunition and a box-cutter.

“The gunman would have been successful if my friend Spencer had not gotten up. I want that lesson to be learned. In times of terror like that to please do something. Don’t just stand by and watch.”

.

.

.

.

#

OIG Compliance Review: Minimum Security Standards For Overseas Facilities Remain a Hard Nut to Crack

Posted: 2:00 pm EDT

 

Three ARB-related IG reports were issued this past week, two of them, the Audit of the DOS Implementation of the Vital Presence Validation Process and the Review of the Implementation of the Benghazi Accountability Review Board Recommendation have been designated as Classified. The third one, the Compliance Followup Review of the 2013 Special Review of the Accountability Review Board Process is available in full online.

On September 25, 2013, State/OIG released its Special Review of the Accountability Review Board (ARB) Process. That report contains 20 formal and 8 informal recommendations. For the status of the 20 formal recommendations, see Appendix B of the report.  For the status of the informal recommendations, see Appendix C of the report. The OIG notes that the action taken by State at some Benghazi ARB recommendations “did not appear to align with the intent of the recommendations and some Benghazi ARB recommendations did not appear to address the underlying security issues adequately.”

Thirteen of the formal recommendations and five of the informal recommendations are related to the ARB process. The remaining seven formal and three informal recommendations mirror or are closely related to the Benghazi ARB recommendations. As stated in the ARB process review report, the ARB process team’s rationale for issuing these recommendations was that the action taken to date on some of the Benghazi ARB recommendations did not appear to align with the intent of the recommendations and some Benghazi ARB recommendations did not appear to address the underlying security issues adequately. The classified annex to the report provides an assessment of the Department’s implementation of the recommendations of the Benghazi ARB as of the date of the review. Its focus is on the implementation of the 64 tasks S/ES issued in response to the Benghazi ARB recommendations. It contains no OIG recommendations.

In the Compliance Followup Review or CFR dated August 2015, State/OIG reissued one recommendation from the 2013 inspection report, that the Under Secretary of State for Management, in coordination with the Bureau of Diplomatic Security and the Bureau of Overseas Buildings Operations, develop minimum security standards that must be met prior to occupying facilities located in designated high-risk, high-threat locations and include these minimum standards for occupancy in the Foreign Affairs Handbook as appropriate. The report also include a little nugget about DOD cooperation with investigative reports of security-related incidents that involve State Department personnel, specifically mentioning “the incident in Zabul Province, Afghanistan.” That’s the incident where FSO Anne Smedinghoff and four others were killed in Zabul, Afghanistan in April 2013.

Outstanding Recommendation on Minimum Security Standards 

Recommendation 17 of the ARB process review report recommended that the Department develop minimum security standards that must be met prior to occupying facilities in HRHT locations. The Department rejected this recommendation, stating that existing Overseas Security Policy Board standards apply to all posts and that separate security standards for HRHT posts would not provide better or more secure operating environments. Furthermore, recognizing that Overseas Security Policy Board standards cannot be met at all locations, the Department has a high threshold for exceptions to these standards and the waiver and exceptions process requires “tailored mitigation strategies in order to achieve the intent of the standards.”5

Although OIG acknowledges the Department’s assertion of a “high threshold for exceptions,” the Department’s response does not meet the recommendation’s requirement for standards that must be met prior to occupancy. As was noted in the ARB process review report, “…occupying temporary facilities that require waivers and exceptions to security standards is dangerous, especially considering that the Department occupies these facilities long before permanent security improvements are completed.”6 As the Department has not identified minimum security standards that must be met prior to occupancy, Recommendation 17 is being reissued.

Recommendation CFR 1: The Office of the Under Secretary of State for Management, in coordination with the Bureau of Diplomatic Security and the Bureau of Overseas Buildings Operations, should develop minimum security standards that must be met prior to occupying facilities located in Department of State-designated high-risk, high-threat environments and include new minimum security standards of occupancy in the Foreign Affairs Handbook as appropriate. (Action: M, in coordination with DS and OBO)

So, basically back to where it was before Benghazi, when there were no minimum security standards prior to occupying temporary facilities.

How high is this “high threshold of exceptions” that’s being asserted?

Risk management process now called “tailored mitigation strategies” — resulting in waivers of Inman standards?

So waivers will continue to be executed?

And temporary facilities will continue to be occupied?

Key Findings:

  • The Department of State has complied with all the formal and informal recommendations of the 2013 Special Review of the Accountability Review Board Process, except one, which has been reissued in this report.
  • The Department of State has implemented regulatory and procedural changes to delineate clearly who is responsible for implementation, and oversight of implementation, of Accountability Review Board recommendations. The Under Secretary for Management, in coordination with the Under Secretary for Political Affairs, is responsible for implementation of Accountability Review Board recommendations. The Deputy Secretary for Management and Resources is responsible for overseeing the Department’s progress in Accountability Review Board implementation, which places accountability for implementation at an appropriately high level in the Department of State.
  • The Office of Management Policy, Rightsizing, and Innovation manages the Accountability Review Board function. The Accountability Review Board process review report was critical of the Office of Management Policy, Rightsizing, and Innovation’s recordkeeping and files of past Accountability Review Boards. The Office of Management Policy, Rightsizing, and Innovation has since revised its Accountability Review Board recordkeeping guidelines. These revised guidelines have yet to be tested, as no Accountability Review Board has met since the Benghazi Accountability Review Board, which issued its report in December 2012.

More details excerpted from the IG report

Flow of Information

Formal Recommendations 1, 2, 3, and 9—as well as Informal Recommendations 1 and 3—concern the flow of information within the Department and from the Department to Congress. The recommendations introduce additional reporting requirements for all incidents that might meet the criteria to convene an ARB, as well as a more clearly defined list of congressional recipients for the Secretary’s Report to Congress. Recommendation 9 tasks S/ES with creating a baseline list of congressional recipients for the Secretary’s report to Congress. That list is now more clearly specified and included in regulations governing the ARB process.

Informal Recommendation 3 requires broader circulation of ARB reports as well as the Secretary’s report to Congress. The M/PRI position is that these reports belong to the Secretary and their dissemination should be at the Secretary’s discretion. OIG continues to believe that the Secretary should exercise discretion and circulate ARB reports and subsequent reports to Congress more widely within the Department.

ARB Recordkeeping

In December 2014, M/PRI revised its ARB recordkeeping guidelines regarding those records to be retained and safeguarded. However, because no ARB has convened since Benghazi, these revised guidelines remain untested. Although these guidelines require recording and transcribing telephone interviews, they do not mandate verbatim transcripts of all interviews, including in-person meetings, as the Inspector General suggested in his May 29, 2014, memorandum to the D/MR.

Action Memo for the Secretary

In compliance with Recommendation 1, the OIG CFR team found that M/PRI now drafts an action memo for the Secretary after every Permanent Coordinating Committee (PCC) meeting detailing the PCC decision, even if the PCC does not recommend convening an ARB.

In response to Recommendation 4, the Under Secretary for Management amended 12 FAM 030 to require vetting and reporting security-related incidents, which do not result in convening a PCC. Those cases will be communicated to the Secretary.

Alternative Review

To meet the intent of Recommendation 2, M/PRI has included in its instructions to the PCC chair a reminder to PCC members that if the PCC votes not to convene an ARB, the PCC should decide whether to recommend that the Secretary request an alternative review.

Terminology

Recommendation 5 recommends establishing written criteria to define the key terms “serious injury,” “significant destruction of property,” and “at or related to a U.S. mission abroad.” The 2013 OIG inspection team found that ambiguity in the terminology had led to their inconsistent application as criteria in decisions to convene ARBs.

ARB Implementation

Recommendations 10 and 11 recommend institutionalizing the oversight of the implementation of ARB recommendations as a responsibility of D/MR. M/PRI’s revision of 12 FAM 030 and addition of 12 Foreign Affairs Handbook (FAH)-12 now clearly delineate who is responsible for managing the ARB process and who is responsible for oversight of implementation of ARB recommendations. The Deputy Secretary’s responsibility for overseeing implementation of ARB recommendations places accountability for implementation at an appropriately high level in the Department.

Personnel Performance 

Recommendation 19 tasks M/PRI, in coordination with the Bureau of Human Resources and the Office of the Legal Adviser, to prepare clear guidelines for ARBs on recommendations dealing with issues of poor personnel performance. M/PRI has revised its standing guidance to ARB members, referring them to the Department’s new leadership principles in 3 FAM 1214, 4138, and 4532 when documenting instances of unsatisfactory performance or poor leadership. The Department further codified this ARB authority by expanding the list of grounds for taking disciplinary or separation action against an employee, including “conduct by a senior official that demonstrates unsatisfactory leadership in relation to a security incident under review by an [ARB] convened pursuant to 22 U.S.C. 4831.” In addition, in January 2013 the Department began seeking an amendment to the ARB statute (22 U.S.C. 4834(c)) to provide explicitly that unsatisfactory leadership may be a basis for disciplinary action and that the ARB would have the appropriate authority to recommend such action. No change to the statute has yet been made.

Strengthening Security at High-Risk, High-Threat Posts

New courses:  Guided by a panel of senior DS special agents and outside organizations, DS updated its former High Threat Tactical Course to create a suite of mandatory courses for DS agents assigned to HRHT locations, drawing on lessons learned from the attacks in Benghazi, Libya, and Herat, Afghanistan. The cornerstone of these courses is the “High Threat Operations Course” (HT-310), which, as of October 1, 2013, was made mandatory for all DS agents at grades FS 04 through 06 who are assigned to HRHT locations. Similar, but shorter duration courses (HT-310E and HT-315) are required for senior and mid-level DS agents assigned to such locations.

Marine Detachments

The Department, in coordination with DOD, has added 20 new MSG detachments, and Marine Corps Headquarters has created the Marine Security Augmentation Unit. Although some HRHT posts still lack MSG detachments, for example, because of the lack of host government approval, the Department has made progress in deploying new detachments and increasing the size of existing detachments.[…] The June 2013 revision of the memorandum of agreement also includes a revision of the MSG mission. In the previous version, the MSG’s primary mission was to prevent the compromise of classified information. Their secondary mission was the protection of personnel and facilities. In the revised memorandum of agreement, the mission of the MSG is to protect mission personnel and prevent the compromise of national security information.

DS Agents Embed With DOD Forces

An additional area of security improvement beyond reliance on the host government has been the Department’s closer relationship with DOD, whose personnel have been involved in every Department contingency operation at an HRHT post since the Benghazi attack. Furthermore, DS agents are now embedded in DOD expeditionary forces.

About That Zabul Incident

Recommendation 6 recommends that the Department seek greater assurances from the Department of Defense (DOD) in providing investigative reports of security-related incidents that involve Department personnel. The Department makes its requests via Executive Secretary memorandum to the equivalent DOD addressee, in accordance with 5 FAH-1 H-120. The DOD counterpart has been responsive in delivering requested materials in all the recent instances, including the incident in Zabul Province, Afghanistan. M/PRI will continue to monitor DOD responses to requests for reports in the future.

That means, the State Department now has the Army investigation report into the death of FSO Anne Smedinghoff and four others in Zabul, Afghanistan in April 2013.  See Zabul Attack: Spox Says State Dept Did Its Own Review, It’s Classified, and There’s Now a Checklist! Zabul Attack: Walking But Not Lost, More Details But Not Official; Plus Update on Kelly HuntArmy Report: Poor planning led to FSO Anne Smedinghoff and troops’ death in Afghanistan.

The Chicago Tribune FOIA’ed that Army report but did not make the document public. The State Department internal report of the incident as far as we are aware, remains Classified. Then State Department spox, Jennifer Psaki referred to “multiple investigations” in April 2014;  none publicly released.

#

Related item:

ISP-C-15-33 | Compliance Followup Review of the Special Review of the Accountability Review Board Process | August 2015

 

What’s Next For Former FSO Michael Sestak, Plus Some Unanswered Questions

Posted: 2:05 pm EDT

 

On August 14, 2015, former FSO Michael T. Sestak was sentenced to 64 months imprisonment for receiving over $3 million in bribes in exchange for visas at the U.S. Consulate General in Ho Chi Minh City, Vietnam.

The Preliminary Consent Order of Forfeiture filed in the District Court of Columbia includes forfeiture of a) “any property, real or personal, which constitutes or is derived from proceeds traceable to the offense;” and  b) “a money judgment equal to the value of any property, real or personal, which constitutes or is derived from proceeds traceable to the offense.”

The consent order identifies 1) any and all funds and securities seized from Scottrade Account #XXXX001S, held in the name of Anhdao Thuy Nguyen (“Scottrade Account”); and 2) $198,199.13 seized from the Department of Treasury from the Treasury Suspense Account under Seizure Number 38l30010—O1 (“Treasury Account”); and 3) a money judgment in the amount of at least $6,021,440.58, for which the defendant (Sestak) is jointly and severally liable with any co-conspirators ordered to pay a forfeiture money judgment as a result of a conviction for either offense.

In the plea agreement, Sestak agreed to sell nine properties in Thailand and that the proceeds would be paid to the United
States to satisfy a portion of the money judgment entered against him. The consent order also notes that “upon entry of a forfeiture order, Fed. R. Crim. P. 32.2(b)(3) authorizes the Attorney General or a designee to conduct any discovery the Court considers proper in identifying, locating, or disposing of property subject to forfeiture.”

In a pre-sentencing filing,  Mr. Sestak requested that any term of incarceration occur in a Camp-level facility. Specifically, at FCI Miami or if that’s not available, FCI Pensacola.  Defense justification is based on Sestak’s “lack of criminal history, the non-violent nature of the crimes, his cooperation with the Government, his lifetime of public service, his age, education, and status as a trustee during his pretrial confinement at Northern Neck Regional Jail.”‘

We had a chance to ask a few questions from his lawyer, Gray Broughton; we wanted to know where will be the location of his incarceration.

“The Bureau of Prisons will ultimately make a determination as to where Mr. Sestak is incarcerated,” said Mr. Broughton.  The defense lawyer again cited the nonviolent nature of the crimes and Mr. Sestak’s “clean criminal history.”  Mr. Sestak should be housed in a lower security level facility, according to his lawyer and that his prior employment with the U.S. Marshal will be taken into consideration by the Bureau of Prison.
We asked about the plea deals received by Sestak and main co-conspirator Bihn Vo.   Sestak’s lawyer believed the government made the best deal it could:

Mr. Sestak received a sentence of 64 months – 32 months less than codefendant Binh Vo, who received a sentence of 96 months. The Government will end up getting roughly $5M from Binh Vo – the $3M it already seized and the $2M he has agreed to pay in the next year. Binh Vo’s money (and his wife) are all currently outside of the U.S., so the U.S. doesn’t have any control over either. It made the best deal it felt it could with Binh Vo.

We were also interested in the duration of the sentence. By our calculation, Mr. Sestak would be almost 50 by the time he completes his sentence.  Mr. Broughton, however, told us that “assuming good behavior, Mr. Sestak would serve 85% of the sentence.” He will reportedly also get credit for the 27 months he has been in jail since his arrest, towards his sentence. We’re not sure if he’ll get credit for the full 27 months. But if that’s the case, and if our math is correct, he’d be out between 2-3 years.

We asked what happened to the 500 visa applicants that Mr. Sestak had issued visas to in Vietnam. And if Mr. Sestak was asked to help track or account for the applicants who paid bribes for their visas. Mr. Broughton said, “I don’t know what happened to the visa applicants. I am not aware of any efforts by the US Government in that regard.”

Mr. Broughton also released the following statement after the sentencing:

**
Michael Sestak received a fair, well-reasoned sentence today. The Court had the unenviable task of taking a multitude of opposing factors into consideration in devising Mr. Sestak’s sentence. 

As counsel for the U.S. Government readily admitted during Mr. Sestak’s sentencing hearing, Binh Vo was the mastermind of the visa fraud conspiracy. Binh Vo also had the largest pecuniary gain and will likely have millions of dollars waiting for him upon his release – along with his wife Alice Nguyen, who was able to avoid prosecution as a result of Binh Vo’s plea agreement. The Court appeared to appreciate that a sentence greater than or equal to Binh Vo’s sentence of 8 years would be fundamentally unjust for Michael Sestak, even though the U.S. Sentencing Guidelines recommended a sentence of approximately 20 years.
 
What made things difficult for the Court in determining an appropriate sentence is that Mr. Sestak was an essential component to the conspiracy and a public servant who had taken an oath of loyalty to his Country. It was Mr. Sestak’s status as a public official and the theory that would-be criminals will think twice before committing similar crimes that caused the Court to sentence Michael Sestak to something greater than time served.
 
Ultimately, the Court balanced these countervailing factors by issuing a sentence of 64 months – 32 months less than codefendant Binh Vo, who received a sentence of 96 months.
 
Michael Sestak is a good man who made made a huge mistake. Even after his release from prison, Mr. Sestak’s actions – and the shame that follows – will haunt him forever.
**

 

With the case concluded for all charged co-conspirators, we thought we’d asked the State Department what systemic changes had Consular Affairs instituted at USCG Ho Chi Minh City and worldwide following the Sestak incident.

The State Department, on background says this:

The Bureau of Consular Affairs takes all allegations of malfeasance seriously and continually works to improve its operations. Following any detection of vulnerabilities, CA works to improve management controls and guidance to the field. After the incident in Ho Chi Minh City, the management controls at post were comprehensively reviewed to determine what improvements could be made to their processes. As a matter of policy, we do not discuss the specifics of internal management controls.

Most of the Sestak visa cases were allegedly previous refusals. If true, we don’t quite understand how one officer could overturn so many visa refusals and issue close to 500 visas without red flags, if consular management controls worked as they should.  We wanted to know what consequences will there be for supervisors, embassy senior officials and principal officers who fail to do their required oversight on visas. And by the way, what about those who also do not follow the worldwide visa referral policy, particularly, Front Office occupants? The State Department would only say this:

As a matter of policy we do not discuss specific internal personnel actions. Protecting the integrity of the U.S. visa is a top priority of the U.S. government. We have zero tolerance for malfeasance. We work closely with our law enforcement partners to vigorously investigate all allegations of visa fraud. When substantiated, we seek to prosecute and punish those involved to the fullest extent of the law.

We imagined that the Bureau of Consular Affair’s Consular Integrity Division would be tasked with reviewing procedures and lessons learned on what went wrong in the Sestak case. We wanted to know if that’s the case and wanted to ask questions from the office tasked with the responsibility of minimizing a repeat of the Sestak case. Here is the official response:

The Consular Integrity Division regularly reviews incidents of malfeasance or impropriety and makes recommendations for procedural changes to reduce vulnerabilities and updates training materials for adjudicators and managers based on the lessons learned, including the case in Ho Chi Minh City. The Consular Integrity Division also does reports on the management controls at overseas posts, as well as reports that review global management controls issues, which inform CA leadership about any issues of concern.

No can do.  So far, we’ve only learned that the CID reviewed incidents of malfeasance including the Sestak case but it doesn’t tell us if it did a specific report on HCMC and what systemic changes, if any, were actually made.

We tried again. With a different question: According to in country reports, USCG Ho Chi Minh City received a letter from a jilted man in central Vietnam that helped DS crack the Sestak case. ConGen Ho Chi Minh City is one of the few consular posts that actually has a Regional Security Officer-Investigator, dedicated to visa investigations. If this case started with this reportedly jilted lover, the question then becomes how come neither the RSO-I or the internal consular management controls did not trip up the FSO accused in this case? If there was no anonymous source, would the authorities have discovered what was right under their noses?

As a matter of policy, we do not discuss the details of investigations. Protecting the integrity of the U.S. visa is a top priority of the U.S. government. We continually work to improve its operations, both in the field and here in Washington DC.

Ugh! Sestak was charged in May 2013. In July that year, the State Department told Fox News it was reviewing thoroughly alleged “improprieties” regarding a consular official in Guyana allegedly trading visas for money and possibly sex. In another article in 2014,  former Peace Corps, Dan Lavin,  said, “The State Department makes millions off of the poorest people in the world just by selling them the opportunity to fill out the application.” He also made the following allegation: “There are people at the embassy who can get you a visa,” Lavin said. “If you’re a Sierra Leonean, you go to a man called a ‘broker’; you then pay that ‘broker’ $10,000 and he personally gives that money to someone at the embassy who in turn gets you a visa.”  Apparently,  when asked about the accusations, a spokesperson at the U.S. embassy in Freetown declined to comment.

In any case, we also wanted to know if there were systemic changes with the State Department’s RSO-I program and how they support consular sections worldwide? Or to put it another way, we were interested on any changes Diplomatic Security had implemented in the aftermath of the Sestak case. Here is the amazing grace response, still on background:

It is the mission of DS special agents assigned as Assistant Regional Security Officer-Investigators (ARSO-I) to find fraud in the countries where they serve.

Sigh, we know that already. We thought we’d also ask about those 489 Vietnamese who got their visas under this scheme. What happened to them? Did Diplomatic Security, DHS or some other agency tracked them down?

The Bureau of Consular Affairs conducted a review of visas issued by Mr. Sestak. The Department revoked those visas that were improperly issued. If the visa holder had already travelled to the United States on the improperly issued visa, the Department of State notified the Department of Homeland Security so that agency could take action as appropriate.

We don’t know how many “improperly issued” visas were revoked. All 489?

We don’t know how many of those able to travel to the U.S. were apprehended and/or deported to Vietnam.

Frankly, we don’t really know what happened to the 489 Vietnamese nationals who paid money to get visas.

Calvin Godfrey who covered this case from Vietnam writes:

State Department investigators managed to track down and interrogate a few, though they wouldn’t say how many. The Washington DC office of the US Immigration and Customs Enforcement Agency didn’t respond to a list of questions about their efforts to track them down.

We also don’t know how much was the total proceed from this illegal enterprise. The USG talks about $9.7 million but one of the co-conspirators in an email, talked $20 million. Below via Thanh Nien News:

Prosecutors only put the gang on the hook for a $9.7 million — a “conservative estimate” they came up with by multiplying $20,000 by 489. Statement written by Hong Vo the middle of the illicit ten-month visa auction:

“I can’t believe Binh has pretty much made over $20m with this business,” she wrote to her sister, identified only as Conspirator A.V. “Slow days… are like 3 clients… and that’s like 160k-180.”

 

Then there’s the individual who purportedly started this ball rolling in Vietnam. Below excerpted from Thanh Nien News:

The State Department was quick to crow over Vo’s sentencing, but it remains deeply disingenuous about how this case came about and what it means.

“This case demonstrates Diplomatic Security’s unwavering commitment to investigating visa fraud and ensuring that those who commit this crime are brought to justice,” crowed Bill Miller, the head of the Diplomatic Security Service (DSS) in a press release generated to mark Vo’s sentencing.

The problem there is that the whole case didn’t come about through careful oversight; it came about because a sad sack from Central Vietnam loaned his pregnant wife $20,000 to buy a US visa from Sestak and the Vos. Instead of coming home with their baby boy, she disappeared, married another man and blabbed about it on Facebook. The sad sack wrote rambling letters to the President and the State Department’s OIG trying to get his wife and money back.

That Vietnamese informant reportedly is a recipient of threats from some of the Sestak visa applicants. Poor sod. So, now, one of the co-conspirators got 7 months, another 16 months, Sestak got 5 years, Vo got 8 years,  one alleged co-conspirator was never charged, and we don’t know what happened to close to 500 visa applicants. Also, the USG gets less than half the $20 million alleged gains. It looks like, at least Vo, will not be flipping burgers when he gets out of prison.

Now life goes on.
 #

U.S. Embassy Poland: Ambassador Steve Mull Flies in F-16, Reportedly Lands Top #IranDeal Job

Posted: 3:55 pm EDT

 

.

.

.

.

US Embassy London Local Employee Charged With Cyberstalking, Computer Hacking and Wire Fraud

Posted: 5:50 pm EDT

 

We posted about this case last May (see State Dept Employee Posted at US Embassy London Faces ‘Sextortion’ Charges in Georgia). On August 19, the Justice Department announced that a locally employed staff member of US Embassy London,  Michael C. Ford, 36, was charged by indictment on Aug. 18, 2015, with nine counts of cyberstalking, seven counts of computer hacking to extort and one count of wire fraud.  During the Daily Press Briefing of May 21st, the deputy spokesperson for the State Department informed the press that as of May 18th, this individual is no longer an embassy employee.

Via USDOJ | August 19, 2015:

WASHINGTON—A former locally-employed staff member of the U.S. Embassy in London was charged with engaging in a hacking and cyberstalking scheme in which, using stolen passwords, he obtained sexually explicit photographs and other personal information from victims’ e-mail and social media accounts, and threatened to share the photographs and personal information unless the victims ceded to certain demands.

Assistant Attorney General Leslie R. Caldwell of the Justice Department’s Criminal Division, U.S. Attorney John A. Horn of the Northern District of Georgia, Director Bill A. Miller of the U.S. Department of State’s Diplomatic Security Service and Special Agent in Charge J. Britt Johnson of the FBI’s Atlanta Division made the announcement.

Michael C. Ford, 36, was charged by indictment on Aug. 18, 2015, with nine counts of cyberstalking, seven counts of computer hacking to extort and one count of wire fraud.

“According to the indictment, Ford hacked into e-mail accounts and extorted sexually explicit images from scores of victims,” said Assistant Attorney General Caldwell. “As these allegations highlight, predators use the Internet to target innocent victims. With the help of victims and our law enforcement partners, we will find those predators and hold them accountable.”

“Ford is alleged to have hacked into hundreds of e-mail accounts and tormented women across the country, by threatening to humiliate them unless they provided him with sexually explicit photos and videos,” said U.S. Attorney John Horn. “This sadistic conduct is all the more disturbing as Ford is alleged to have used the U.S. Embassy in London as a base for his cyberstalking campaign.”

“The Diplomatic Security Service is firmly committed to working with the Department of Justice and our other law enforcement partners to investigate allegations of crime and to bring those who commit these crimes to justice,” said Director Miller. “When a public servant in a position of trust is alleged to have committed a federal felony such as cybercrime, we vigorously investigate such claims.”

“While the allegations in this case are disturbing, it does illustrate the willingness and commitment of the FBI and its federal partners to aggressively follow those allegations wherever they take us,” said Special Agent in Charge Johnson. “The FBI will continue to provide significant resources and assets as we address complex cyber based investigations as seen here.”

According to allegations in the indictment, from January 2013 through May 2015, Ford, using various aliases that included “David Anderson” and “John Parsons,” engaged in a computer hacking and “sextortion” campaign to force numerous women to provide him with personal information and sexually explicit photographs and videos. To do so, Ford allegedly posed as a member of the fictitious “account deletion team” for a well-known e-mail service provider and sent notices to thousands of potential victims, including members of college sororities, warning them that their accounts would be deleted if they did not provide their passwords.

Using the passwords collected from this phishing scheme, Ford allegedly hacked into hundreds of e-mail and social media accounts, stole sexually explicit photographs and personal identifying information (PII), and saved both the photographs and PII to his personal repository.

Ford then allegedly e-mailed the victims and threatened to release the photographs, which were attached to the e-mails, unless they obtained videos of “sexy girls” undressing in changing rooms at pools, gyms and clothing stores, and then sent the videos to him.

The indictment alleges that, when the victims either refused to comply or begged Ford to leave them alone, Ford responded with additional threats, including by reminding the victims that he knew where they lived. On several occasions, Ford allegedly followed through with his threats by sending sexually explicit photographs to victims’ family members and friends.

During the pendency of the alleged scheme, Ford was a civilian employee at the U.S. Embassy in London, England. He allegedly used his government-issued computer at the U.S. Embassy to conduct the phishing, hacking and cyberstalking activities.

The charges and allegations contained in an indictment are merely accusations. The defendant is presumed innocent unless and until proven guilty.

The case is being investigated by the U.S. Department of State’s Diplomatic Security Service and the FBI. The Criminal Division’s Office of International Affairs and the U.S. Embassy in London provided assistance. The case is being prosecuted by Senior Trial Attorney Mona Sedky of the Criminal Division’s Computer Crime and Intellectual Property Section, Trial Attorney Jamie Perry of the Criminal Division’s Human Rights and Special Prosecutions Section and Assistant U.S. Attorney Kamal Ghali of the Northern District of Georgia.

Anyone who believes that they are the victim of hacking, cyberstalking, or “sextortion” should contact law enforcement. Resources regarding hacking and other cybercrimes can be found at: https://www.fbi.gov/about-us/investigate/cyber.

#

Purported ISIS ‘Hit List’ With 1,482 Targets Includes State Department Names

Posted: 6:52 pm EDT


According
to CNN, a group calling itself the Islamic State Hacking Division recently posted online a purported list of names and contacts for Americans it refers to as “targets,” according to officials.

Though the legitimacy of the list is questionable, and much of the information it contains is outdated, the message claims to provide the phone numbers, locations, and “passwords” for 1400 American government and military personnel as well as purported credit card numbers, and excerpts of some Facebook chats.

The Guardian describes the list as a spreadsheet, published online last week which exposes names, email addresses, phone numbers and passwords. The 1,482 names include members of the U.S. Marine Corps, NASA, the State Department, the U.S. Air Force, and the FBI.

The Daily Mail  reports that the list includes an accompanying message that reads:  ‘Know that we are in your emails and computer systems, watching and recording your every move, we have your names and addresses, we are in your emails and social media accounts.’

The list apparently also includes the names of eight Australians and UK government personnel. In Australia where there this is huge news, Prime Minister Tony Abbott told the press, “We’ve just discovered that it’s actually able to launch cyber attacks in this country so this is a very sophisticated and deadly threat to us even here in Australia.” A chief executive of a forensic data firm in the country went so far as to advise that Canberra’s public servants get off social media. He also recommended that “on the day [ADFA] cadets enlist, their entire electronic lives be erased” and that “they should not exist on digital networks until they retire from Defence.”

The reaction here is a little less ZOMG!  Last week, then Army Chief of Staff Gen. Ray Odierno said in a press conference that “this is the second or third time they’ve claimed that and the first two times I’ll tell you, whatever lists they got were not taken by any cyber attack.”

“This is no different than the other two,” Odierno said. “But I take it seriously because it’s clear what they’re trying to do … even though I believe they have not been successful with their plan.”

CNN reports that Pentagon spokesman Lt. Col. Jeffrey Pool also cautioned that many of the military email addresses looked at least several years old, based on their suffixes. He said that shortly after this list was posted, a reminder went out to service personnel that they should limit the personal information they put on social media. “If any of your information on it is accurate, you’re very concerned,” former Homeland Security adviser Fran Townsend told CNN, “as are government officials.”

According to the Washington Examiner, State Department employees comprise about a quarter of the alleged personal information on the list. That would be about 370 names. It also says that at the bottom of the leaked document, originally posted on zonehmirrors.org, are receipts from State Department employees along with their credit card numbers.  The report notes that Islamic State supporters tweeted a link to the document and also tweeted, in one instance, information claiming to be the personal details of a staff member from the U.S. embassy in Cairo that said: “To the lone wolves of Egypt.”

Technology security expert, Troy Hunt,  writes that “nothing makes headlines like a combination of ISIS / hackers / terrorism!” and has taken a closer look with an analysis here. Mr. Hunt’s conclusion — drawn merely from looking at the leaked list and applying what he observed from experience with previous data dumps leaked list —  is that “the data is almost certainly from multiple locations and very unlikely to be from a single data breach.” Also that “most of the data is easily discoverable via either existing data breaches or information intentionally made public.” He writes, “Even the source of the amalgamated data is unverifiable – it could be someone who does indeed wish harm on the individuals named, it could be a kid in his pyjamas, there’s just not enough information to draw a conclusion either way.”

In his analysis of the ISIS list, Mr. Hunt says that “there are many sources from which attributes in this list can be compiled.” As an example, he cited the Adobe breach of 2013 in which 152M records were leaked, which includes 257k .gov email addresses. He writes:

The ISIS list has a lot of state.gov email addresses – Adobe leaked 1,657 of those and they look just like this:

state.gov email addresses in the Adobe data breach

state.gov email addresses in the Adobe data breach via Troy Hunt (used with permission)

“Adobe also leaked password hints so you can begin to quite easily build a profile around people working in the US State Department,” he said.

Would be good to know if any of the names in the Adobe breach are showing up in the ISIS list. We have not seen the purported ISIS list or the names from the Adobe hack but we hope somebody at State is looking at those names. Folks probably need to work on their password hints, too.

In a separate post, Mr. Hunt also notes this:

“The hyperbole and the fear, uncertainty and doubt that spread over this was just off the scale compared to the significance of the actual data. Here we have what amounts to little more than easily discoverable information mostly already in the public domain and suddenly it’s become a huge terror hack. [….] However, the legitimacy of the claims that this was an “ISIS hack” appear to have gotten in the way of a good story and the news has simply run with it.

A couple more reading clips below from Troy Hunt:

.

.

There’s not much one can do with the Adobe, Target, Home Depot, OPM hack except to sign up for credit monitoring service or put a credit freeze on one’s account. That is, if we’re concerned about identity thief. But those services  will not work against potential blackmails related to a foreign government hack, or online threats related to potentially scraped data, collected from websites and social media accounts.

We are persuaded by Mr. Hunt’s analysis that this was not a real hack. But real or not, the information is out there and thinking about ‘lone wolf’ offenders seduced by ISIS’ call, in the U.S. or elsewhere is not paranoid.  Folks might consider this a good excuse to review their digital footprint.

The threats online — whether real or part of propaganda — is not going to abate anytime soon. This is the world as it is, and not an attempt at hyperbole.  Employees overseas can report these threats to RSOs but hey, have you seen the rundown of the RSO’s managed programs?   We don’t even know what specific office at State tracks these breaches or who has responsibility for online threats. Was anyone notified by State when the Adobe breach occurred in 2013 and leaked hundreds of official emails? Were those emails changed?  A talkinghead writinghead would like to know.

Also some of USG’s overseas posts still display the official email addresses of personnel in public affairs, and those dealing with contracts, solicitations, and acquisitions on their websites. Those should be generic e-mail accounts not linked to an individual’s name but linked instead to the section, function or office, e.g. Sanaacontracts@state.gov. Makes better sense as people rotate jobs anyway.

We’re trying to find if Diplomatic Security has any response, guidance, reminder for State Department personnel given this report and the Burn Bag received earlier.  Would be a good time as any to issue an opsec reminder. We will have a follow-up post if/when we get an official response.

 #

U.S. flag goes up in Cuba: “What matters is this – that we all belong to the sea between us.”

Posted: 4:37 am EDT
Updated: 1:06 pm EDT

 

Maine poet Richard Blanco who was born to a Cuban exile family and read at President Obama’s second inauguration will read a poem commemorating the reopening of the US Embassy in Havana on August 14. Its title is “Matters Of The Sea” or “Cosas Del Mar,” and its first line goes, “The sea doesn’t matter. What matters is this – that we all belong to the sea between us.” Looking forward to reading it in Spanish!
.

.

.

.

.

.

.

.

#