U.S. Embassy Minsk: A Visit to the Chernobyl Alienation Zone in Gomel Oblast

Posted: 2:59 am ET


Next week the world will mark the 30th year since the Chernobyl disaster, a catastrophic nuclear accident that occurred on April 26, 1986 at the Chernobyl Nuclear Power Plant in the town of Pripyat, in Ukraine. From 1986 to 2000, 350,400 people were reportedly evacuated and resettled from the most severely contaminated areas of Belarus, Russia, and Ukraine. About 60% of the fallout is said to have landed in Belarus.

Via: The Chernobyl nuclear power plant is located ten kilometers from the border with Belarus. This neighborhood has identified extremely high pollution southern areas of Belarus by radioactive materials that were released from the destroyed nuclear reactor in 1996. Almost from the first day of the accident republic territory contaminated by fallout from that April 27 was extremely intense. By April 29 the wind bore radioactive dust from Chernobyl in Belarus and Russia. Due to heavy contamination was evacuated 24,725 people from the Belarusian villages and three districts of the Republic of Belarus was declared mandatory exclusion zone.

Click here to see the map of the predictive contamination in Belarus from 1986 until 2046.

From U.S. Embassy Minsk’s historical photos:

Screen Shot 2016-03-23

Deputy Chief of Mission Constance Phlipot visits the Chernobyl alienation zone in Gomel Oblast. February 2005

We should note the following about the US presence in Belarus via US Embassy Minsk: Due to restrictions imposed unilaterally by the Belarusian Government in 2008 on the number of U.S. diplomats allowed in Minsk, the American Embassy was forced to reduce its staff from 35 to five diplomats as well as withdraw its Ambassador. The number of U.S. diplomats was later increased to six in July 2014. The imposed reduction in staff has greatly impeded the Embassy’s ability to carry out mutually beneficial diplomatic programs and activities, including cultural and educational exchanges, assistance programs, and visa services.



US Embassy Baghdad Issues Warning on Possible Collapse of Iraq’s Mosul Dam

Posted: 3:19 am EDT


On February 29, the U.S. Embassy in Baghdad issued a Security Message to U.S. citizens in the country on planning for the possible collapse of the Mosul Dam, formerly known as Saddam Dam and the largest dam in Iraq.

The disruption of maintenance operations in 2014 increased the risk of the Mosul Dam collapsing.  The Government of Iraq (GOI) is preparing to initiate emergency maintenance operations to reduce the risk of failure.

A dam failure would cause significant flooding and interruption of essential services in low-lying areas along the Tigris River Valley from Mosul to Baghdad.  Some models estimate that Mosul could be inundated by as much as 70 feet (21 meters) of water within hours of the breach.  Downriver cities such as Tikrit, Samarra, and Baghdad could be inundated with smaller, but still significant levels of flooding within 24-72 hours of the breach.

We have no specific information that indicates when a breach might occur, but out of an abundance of caution, we would like to underscore that prompt evacuation offers the most effective tool to save lives of the hundreds of thousands of people living in the most dangerous part of the flood path in the event of a breach.  Proper preparation could save many lives.


The Telegraph reported in December last year that an Italian company, Trevi, won a $2 billion (£1.3 billion) contract to repair the dam and that the Italian government was prepared to send 500 troops to guard the Italian company’s employees who will be tasked to do repair work.  On February 29, a company spokesman confirmed to the Guardian that the contract still had not been signed and gave no expected signature date.

On February 28, the US Embassy in Baghdad also released a fact sheet on the dam:

The floodwave would resemble an in-land tidal wave between Mosul and Samarra’, and would sweep downstream anything in its path, including bodies, buildings, cars, unexploded ordinances, hazardous chemicals, and waste; less than 6 inches of moving water is strong enough to knock a person off his feet, and 16 inches of moving water can carry away most automobiles. Flooding south of Samarra would resemble that of Hurricane Katrina, with standing water that pervades much of Baghdad for weeks to months. As floodwaters recede, mud and waste-covered remnants of previous infrastructure will be left behind.

> Flood water could reach depths greater than 45 feet in some parts of Mosul City in as little as one to four hours, giving residents little time to flee.

> Flood water could reach Tikrit in one to two days.

> Flood water could reach Baghdad in three to four days and have depths of up to 33 feet in the river channel.

> Some parts of Baghdad would be flooded, which could include Baghdad International Airport.

Read in full here:



Embassy Baghdad notes that it would be “extremely limited in its ability to assist in the event of a crisis” and encouraged  U.S. citizens in Iraq, especially those who reside in the floodplain of the Tigris River to develop their personal contingency plans.



Alex Gibney’s ‘The Agent’ — CIA, FBI, and Pre-9/11 Interagency Woes Now on Video

Posted: 3:10 am EDT


The New Yorker recently launched its new video series for Amazon Video with Lawrence Wright, staff writer for The New Yorker and author of The Looming Tower, Ali Soufan, Former FBI Special Agent and author of The Black Banners and others discuss what the CIA knew about the 9/11 hijackers—before 9/11. The Wright piece is an old one from 2006, but the video is new, brief and concise.  The film includes ex-CIA M. Scheuer who said something particularly shocking  (mark 10:26) about FBI agent John O’Neill during a post – 9/11 congressional hearing. O’Neill was among the 2,753 who died on 9/11 at the World Trade Center site. We’re posting this here for that sobering part, when interagency cooperation goes exceptionally wrong. The embed video is a little buggy, if you have issues watching it, you can also see it here or available to stream here via Amazon.






@StateDept Process From Document Production to FOIA Website Needs a Flowchart, Please

Posted: 12″25 am EDT


This is from the Civil Action No. 15-cv-123 (RC), Leopold v. U.S. State Department (PDF) related to the Clinton email production mandated by the court. The declaration is by Eric F. Stein who says he serve as a senior advisor and deputy to the Deputy Assistant Secretary on all issues related to GIS offices and programs. “I oversee all aspects of State’s effort to review, process, and produce the non-exempt portions of the emails provided to State by former Secretary Clinton, including the review and referral of documents to appropriate offices and agencies, and the posting of the documents on the Freedom of Information Act (“FOIA”) website every month. I make the following statements based upon my personal knowledge, which in turn is based upon information furnished to me in the course of my official duties.”  Below is an excerpt of the declaration describing the steps  the documents must go through before they are posted on the foia.state.gov website.

4. This declaration describes the steps that these documents must go through in order to be posted on the FOIA website, and, roughly, how much time those steps take, as of the time of the signing of this declaration, in support of State’s proposal to make this interim production on its website on February 13, as of the time of the signing of this declaration. The time estimates in this declaration depend on several variables, but most importantly on the need to continue devoting sufficient resources to completing the remaining 86% of the project by February 29.

5. Posting documents on State’s FOIA website involves several steps, and State’s ability to efficiently carry out these steps is sometimes limited by the available technology and by the availability of personnel who are sufficiently familiar with the technology. The FOIA system where the documents reside, named FREEDOMS, can be extremely rigid and slow, making the necessary steps in the process more time-consuming than one might otherwise expect. For example, as described herein, most steps must be applied document-by-document, as opposed to in an automated or batch fashion.

6. Where, as with the documents that are the subject of this declaration, feedback from the legal review has been provided to the FOIA office, and FOIA staff has modified redactions in FREEDOMS in accordance with that feedback, the final quality control process and posting begins. This process, which cannot be automated, starts with the manual, document-by- document process of removing internal markings that are used for tracking purposes during the review process. It could take anywhere from two to four hours1 to complete this task for the documents that are the subject of this declaration, depending on the availability of staff to do this work.

7. Once this process of removing internal control markings is completed, copies of the documents must be prepared for production. This posting process is an involved one, particularly because the review software resides solely on State’s classified network, and several steps are involved in transferring documents from that system to a public-facing website while still protecting sensitive national security information.

8. The first step of the posting process for the documents is to finalize the redactions on those documents. This is known as “burning” the document. Before any document can be produced, the proposed redactions, which appear in grayscale during the review process, need to be fully “burned” to the document so that the redacted information does not appear in the version produced to the public. It will take about an hour to burn this volume of documents.

9. After “burning” occurs, a system developer works to migrate a copy of the burned document out of FREEDOMS onto another review site on the classified network. It is on this classified review site that FOIA staff performs the final quality control checks. It would take approximately two hours to migrate this volume of documents.

10. Once this migration is complete, the documents must go through a final quality control check, during which State looks for several things. This check ensures that redactions to each document are consistent with redactions made in other documents. For example, many messages appear multiple times as part of longer email chains, and some emails that are not part of the same chain contain similar or identical information. The quality control check also helps ensure that redactions are marked with the proper exemptions. If there is information that is being redacted using the B1 exemption, further administrative steps are required to ensure that information requiring classification is properly marked as such. This includes the application of classification stamps which identify the level of classification of the information in the document; these stamps are checked to ensure that they show the appropriate level of classification. Based on my prior experience managing this process, I estimate that about four hours of quality control check time would be needed for the documents that are the subject of this declaration. If any changes are needed to the documents, another hour or two may be needed since documents would need to be unburned so that they can be changed, and then they would need to be burned again. For any documents on which changes were made, State would need to spend anywhere from one to several minutes reviewing that document and ensuring that those changes were now properly reflected. Thus, the total potential time needed for this process could be upwards of six hours.

11. After the documents have completed this final quality control check, the FOIA office then begins the process of transferring them from the classified system to the unclassified system. This is a manual process, requiring a person to do the transferring, and cannot be automated. The specific details of how this is accomplished implicate systems security concerns, and are not appropriate for discussion in a public filing. This migration process is estimated to take approximately one hour.

12. Once the documents have been transferred to the unclassified system, they must be copied to servers where they will reside when they are posted on State’s public-facing FOIA website. This will take another two hours to complete for these documents.

13. Prior to the website being made “live” and accessible to the public, a web developer works to test for and troubleshoot any problems that may have arisen during the transfer process as well as any issues that may occur when the documents become publicly available. This will require approximately an additional hour to complete. 14. Accordingly, the total amount of time required for the team to complete the posting of the interim production could be upwards of 16 hours, approximately two 8-hour days. State believes that its proposal of making the interim production on Saturday, February 13, provides time to address any additional problems that may arise, as have occurred in the past at this final stage in the process.

Thank heavens this guy is not writing a recipe, or we’d all be in thrown out of the test kitchen already.

Frankly, we’ve read this declaration several times and we are getting a headache trying to understanding how FREEDOMS works. FREEDOMS stands for Freedom of Information Document Management System which apparently tracks all case FOIA opening, processing, and closing (see performance goal from FY2005 that we’ve been able to dig up). The system is not listed on the State Department’s Privacy Impact Assessments nor its System of Record Notices.  With one exception, we have not been able to find anything more on its public website or the foia.state.gov website.  The Federal IT Dashboard lists IT Spending in FY 2015 for A/GIS/IPS FREEDOMS/FREEDOMS2 (014-000000322) at $2.1million.

We did find a description of it from the National Archives and Records Administration (NARA) as follows:

Screen Shot






Federal Employees With Stolen Fingerprints From OPM Breach – Now Up to 5.6 Million

Posted: 12:05 pm EDT
Updated: 6:39 pm PDT



Here is the official statement from OPM dated September 23, 2015:

As part of the government’s ongoing work to notify individuals affected by the theft of background investigation records, the Office of Personnel Management and the Department of Defense have been analyzing impacted data to verify its quality and completeness.  During that process, OPM and DoD identified archived records containing additional fingerprint data not previously analyzed.  Of the 21.5 million individuals whose Social Security Numbers and other sensitive information were impacted by the breach, the subset of individuals whose fingerprints have been stolen has increased from a total of approximately 1.1 million to approximately 5.6 million.  This does not increase the overall estimate of 21.5 million individuals impacted by the incident.  An interagency team will continue to analyze and refine the data as it prepares to mail notification letters to impacted individuals.

Federal experts believe that, as of now, the ability to misuse fingerprint data is limited.  However, this probability could change over time as technology evolves.  Therefore, an interagency working group with expertise in this area – including the FBI, DHS, DOD, and other members of the Intelligence Community – will review the potential ways adversaries could misuse fingerprint data now and in the future.  This group will also seek to develop potential ways to prevent such misuse.  If, in the future, new means are developed to misuse the fingerprint data, the government will provide additional information to individuals whose fingerprints may have been stolen in this breach.

As we have stated previously, all individuals impacted by this intrusion and their minor dependent children (as of July 1, 2015) are eligible for identify theft and fraud protection services, at no cost to them.  In conjunction with the Department of Defense, OPM is working to begin mailing notifications to impacted individuals, and these notifications will proceed on a rolling basis.

OPM and our partners across government are working to protect the safety and security of the information of Federal employees, service-members, contractors, and others who provide their information to us. Together with our interagency partners, OPM is committed to delivering high-quality identity protection services to impacted individuals. The interagency team will continue to review the impacted data to enhance its quality and completeness, and to monitor for any misuse of the data. The U.S. Government will continue to evaluate the coverage being provided and whether any adjustments are needed in association with this incident.

Sigh. Grrr. Sigh. Grrr. Sigh. Grrr. Sigh. Grrr.






21.5 Million Americans Compromised, OPM’s Ms. Archuleta Still Not Going Anywhere

Posted: 1:36 am  PDT

Excerpt via opm.gov:

OPM announced the results of the interagency forensic investigation into the second incident.  As previously announced, in late-May 2015, as a result of ongoing efforts to secure its systems, OPM discovered an incident affecting background investigation records of current, former, and prospective Federal employees and contractors.  Following the conclusion of the forensics investigation, OPM has determined that the types of information in these records include identification details such as Social Security Numbers; residency and educational history; employment history; information about immediate family and other personal and business acquaintances; health, criminal and financial history; and other details.  Some records also include findings from interviews conducted by background investigators and fingerprints.  Usernames and passwords that background investigation applicants used to fill out their background investigation forms were also stolen.

While background investigation records do contain some information regarding mental health and financial history provided by those that have applied for a security clearance and by individuals contacted during the background investigation, there is no evidence that separate systems that store information regarding the health, financial, payroll and retirement records of Federal personnel were impacted by this incident (for example, annuity rolls, retirement records, USA JOBS, Employee Express).

This incident is separate but related to a previous incident, discovered in April 2015, affecting personnel data for current and former Federal employees.  OPM and its interagency partners concluded with a high degree of confidence that personnel data for 4.2 million individuals had been stolen.  This number has not changed since it was announced by OPM in early June, and OPM has worked to notify all of these individuals and ensure that they are provided with the appropriate support and tools to protect their personal information.

Analysis of background investigation incident.  Since learning of the incident affecting background investigation records, OPM and the interagency incident response team have moved swiftly and thoroughly to assess the breach, analyze what data may have been stolen, and identify those individuals who may be affected.  The team has now concluded with high confidence that sensitive information, including the Social Security Numbers (SSNs) of 21.5 million individuals, was stolen from the background investigation databases.  This includes 19.7 million individuals that applied for a background investigation, and 1.8 million non-applicants, predominantly spouses or co-habitants of applicants.  As noted above, some records also include findings from interviews conducted by background investigators and approximately 1.1 million include fingerprints.  There is no information at this time to suggest any misuse or further dissemination of the information that was stolen from OPM’s systems.

If an individual underwent a background investigation through OPM in 2000 or afterwards (which occurs through the submission of forms SF 86, SF 85, or SF 85P for a new investigation or periodic reinvestigation), it is highly likely that the individual is impacted by this cyber breach. If an individual underwent a background investigation prior to 2000, that individual still may be impacted, but it is less likely.

So, are we supposed to wait for another credit monitoring offer from OPM’s partners for this BI hack, after already being offered credit monitoring for the personnel data compromised in an earlier breach?

Yes. Wonderful.

Ms. Archuleta should do the right thing and resign.

Part of OPM’s public response to these breaches has been to protect the director’s record at the agency.  While she remains in charge, I suspect that the fixes at OPM will also include shielding the director from further damage. News reports already talk about OPM’s push back. Next thing you know we’ll have “setting the record straight” newsbots all over the place.

While it is true that Ms. Archuleta arrived at OPM with legacy systems still in operation, these breaches happened under her watch. Despite her protestation that no one is personally responsible (except the hackers), she is the highest accountable official at OPM.  Part and parcel of being in a leadership position is to own up to the disasters under your wings.  Ms. Archuleta should resign and give somebody else a chance to lead the fixes at OPM.

via reactiongifs.com

via reactiongifs.com








We Meant Well, Afghanistan Edition: Ghost Students, Ghost Teachers, Ghost Schools, Ugh!

Posted: 1:16 am  PDT




Over and over, the United States has touted education — for which it has spent more than $1 billion — as one of its premier successes in Afghanistan, a signature achievement that helped win over ordinary Afghans and dissuade a future generation of Taliban recruits. As the American mission faltered, U.S. officials repeatedly trumpeted impressive statistics — the number of schools built, girls enrolled, textbooks distributed, teachers trained, and dollars spent — to help justify the 13 years and more than 2,000 Americans killed since the United States invaded.

But a BuzzFeed News investigation — the first comprehensive journalistic reckoning, based on visits to schools across the country, internal U.S. and Afghan databases and documents, and more than 150 interviews — has found those claims to be massively exaggerated, riddled with ghost schools, teachers, and students that exist only on paper. The American effort to educate Afghanistan’s children was hollowed out by corruption and by short-term political and military goals that, time and again, took precedence over building a viable school system. And the U.S. government has known for years that it has been peddling hype.
USAID program reports obtained by BuzzFeed News indicate the agency knew as far back as 2006 that enrollment figures were inflated, but American officials continued to cite them to Congress and the American public.

As for schools it actually constructed, USAID claimed for years that it had built or refurbished more than 680, a figure Hillary Clinton cited to Congress in 2010 when she was secretary of state. By 2014, that number had dropped to “more than 605.” After months of pressing for an exact figure, the agency told BuzzFeed News the number was 563, a drop of at least 117 schools from what it had long claimed.

Last week, we were looking for clinics.

What’s next … ghost soldiers? Oops, that’s already an old story?


OPM Hit By Class Action Lawsuit, and Those Phishing Scams You Feared Over #OPMHack Are Real (Corrected)

Posted: 7:16 pm  EDT


The largest federal employee union, the American Federation of Government Employees, filed a class action lawsuit today against the Office of Personnel Management, its director, Katherine Archuleta, its chief information officer, Donna Seymour and Keypoint Government Solutions, an OPM contractor.


A couple of weeks ago, we thought that the “recipe” from the OPM email notification sent to potentially affected employees via email might be copied by online scammers.



Today, the United States Computer Emergency Readiness Team (US-CERT), part of part of DHS’ National Cybersecurity and Communications Integration Center (NCCIC) issued an alert on phishing campaigns masquerading as emails from the Office of Personnel Management (OPM) or the identity protection firm CSID.


ALL Foreign Affairs Agencies Affected By #OPMHack: DOS, USAID, FCS, FAS, BBG and APHIS

Posted: 6:15  pm  PDT


AFSA has now issued a notice to its membership on the OPM data breach. Below is an excerpt:

On Thursday June 4, the Office of Personnel Management (OPM) became aware of a cybersecurity incident affecting its systems and data. AFSA subsequently learned that the Personally Identifiable Information (PII) of many current and former federal employees at the foreign affairs agencies have been exposed as a result of this breach.

The most current information provided to AFSA indicates the following: Most current, former and prospective federal employees at ALL foreign affairs agencies have been affected by this breach. That includes the State Department, USAID, FCS, FAS, BBG and APHIS. OPM discovered a new breach late last week which indicates that any current, former or prospective employee for whom a background investigation has been conducted is affected.

In the coming weeks, OPM will be sending notifications to individuals whose PII was potentially compromised in this incident. The email will come from opmcio@csid.comand it will contain information regarding credit monitoring and identity theft protection services being provided to those federal employees impacted by the data breach. In the event OPM does not have an email address for the individual on file, a standard letter will be sent via the U.S. Postal Service. All the foreign affairs agencies suggest that those affected should contact the firm listed below. Members of the Foreign Commercial Service may additionally contact Commerce’s Office of Information Security at informationsecurity@doc.gov.

As a note of caution, confirm that the email you receive is, in fact, the official notification. It’s possible that malicious groups may leverage this event to launch phishing attacks.  To protect yourself, we encourage you to check the following:

  1. Make sure the sender email address is “opmcio@csid.com“.
  2. The email is sent exclusively to your work email address. No other individuals should be in the To, CC, or BCC fields.
  3. The email subject should be exactly “Important Message from the U.S. Office of Personnel Management CIO”.
  4. Do not click on the included link. Instead, record the provided PIN code, open a web browser, manually type the URL http://www.csid.com/opm into the address bar and press enter. You can then use the provided instructions to enroll using CSID’s Web portal.
  5. The email should not contain any attachments. If it does, do not open them.
  6. The email should not contain any requests for additional personal information.
  7. The official email should look like the sample screenshot below.
image via afsa.org

image via afsa.org

Additional information has been made available on the company’s website, www.csid.com/opm, and by calling toll-free 844-777-2743 (International callers: call collect 512-327-0705).

Agency-Specific Points of Contact:

If you have additional questions, contact AFSA’s constituency vice presidents and representatives:

Read the full announcement here.

Amidst this never ending round of data breaches, go ahead and read Brian Krebs’ How I Learned to Stop Worrying and Embrace the Security Freeze. The USG is not offering to pay the cost of a credit freeze but it might be worth considering.

Of course, the security freeze does not solve the problem if the intent here goes beyond stealing USG employees’ identities.   If the hackers were after the sensitive information contained in the background investigations, for use at any time in the future, not sure that a credit freeze, credit monitoring and/or ID thief protection can do anything to protect our federal employees.

Security clearance investigations, by their very nature, expose people’s darkest secrets — the things a foreign government might use to blackmail or compromise them such as drug and alcohol abuse, legal and financial troubles and romantic entanglements. (via)

I understand why the USG has to show that it is doing something to address the breach but — if a foreign government, as suspected, now has those SF-86s, how can people protect themselves from being compromised? If this is not about compromising credit, or identities of USG employees but about secrets, credit monitoring and/or ID thief protection for $20 Million will be an expensive but useless response, wouldn’t it?