@StateDept Contracting Officer Faces 17-Count Indictment For Bribery and Procurement Fraud

On April 4, the Justice Department announced a 17-count indictment charging State Department contracting officer, Zaldy N. Sabino with conspiracy, bribery, honest services wire fraud, and making false statements. The indictment notes that the defendant was employed by the State Department beginning in or about November 2004 at AQM, the Office of Acquisitions Management:

“SABINO served as a contract specialist with AQM, and he was also a contracting officer who was authorized to execute certain contracts on behalf of the DOS. SABINO worked in AQM’s Facilities Design Construction Division (“FDCD”) in Arlington, Virginia. FDCD supported and administered contracts involving the DOS’s Bureau of Overseas Buildings Operations (“OBO”). OBO frequently awarded contracts to international construction companies seeking to do business and perform design-build contracts at U.S. embassies and consular buildings.”

The Office of Acquisitions Management under the Bureau of Administration (A/OPE/AQM) manages, plans, and directs the Department’s acquisition programs and conducts contract operations in support of activities worldwide. A/OPE/AQM provides the full range of professional contract management services including acquisition planning, contract negotiations, cost and price analysis, and contract administration.

Via USDOJ:

A 17-count indictment was unsealed today charging Zaldy N. Sabino, a contracting officer with the U.S. Department of State, with conspiracy, bribery, honest services wire fraud, and making false statements. 

Assistant Attorney General Brian A. Benczkowski of the Justice Department’s Criminal Division, U.S. Attorney G. Zachary Terwilliger of the Eastern District of Virginia, Inspector General Steve A. Linick of the U.S. Department of State and Assistant Director in Charge Nancy McNamara of the FBI’s Washington Field Office made the announcement.

According to the indictment, between November 2012 and early 2017, Sabino and the owner of a Turkish construction firm allegedly engaged in a bribery and procurement fraud scheme in which Sabino received at least $239,300 in cash payments from the Turkish owner while Sabino supervised multi-million dollar construction contracts awarded to the Turkish owner’s business partners and while Sabino made over a half million in structured cash deposits into his personal bank accounts.  Sabino allegedly concealed his unlawful relationship by, among other things, making false statements on financial disclosure forms and during his background reinvestigation.

The case is being investigated by the Department of State’s Office of Inspector General and the FBI’s Washington Field Office.  Trial Attorney Edward P. Sullivan of the Criminal Division’s Public Integrity Section and Assistant U.S. Attorney Jack Hanly of the Eastern District of Virginia are prosecuting the case. 

An indictment is merely an allegation.  All defendants are presumed innocent until proven guilty beyond a reasonable doubt in a court of law.

Read the original announcement here.

Under “Means and Manner of Conspiracy”, the Indictment enumerates multiple cash payments and withdrawals. Allegation includes “deposited cash into bank accounts maintained by SABINO and his wife, and SABINO paid cash towards his credit card and line of credit accounts (hereafter collectively referred to as “cash deposits”). The cash deposits totaled approximately $507,543.93.” Another allegation includes withdrawal of approximately $239,300″ involving “approximately 396 ATM transactions. ” The indictment alleges that “the majority of these transactions occurred in the lobby of a DOS building” in Arlington, Virginia and BOA branches located near the defendant’s residence in Fort Washington, Maryland.

The unsealed indictment is available to read here: Download Sabino Indictment

#

Advertisements

USG Creates New National Background Investigations Bureau (NBIB) After OPM Data Breach

Posted: 12:16 am EDT
[twitter-follow screen_name=’Diplopundit’ ]

 

Last week, OPM announced a series of changes to modernize and strengthen the way it conduct background investigations for Federal employees and contractors and protect sensitive data. The new bureau will be housed at OPM but will have DOD IT security and operation. It also absorbs OPM’s Federal Investigative Services (FIS).  It is described as a new government wide-service provider. It is not clear how this will affect agencies like the State Department who conducted their own separate background investigations in the past.

Below is an excerpt from the OPM announcement:

These changes include the establishment of the National Background Investigations Bureau (NBIB), which will absorb the U.S. Office of Personnel Management’s (OPM) existing Federal Investigative Services (FIS), and be headquartered in Washington, D.C. This new government-wide service provider for background investigations will be housed within the OPM. Its mission will be to provide effective, efficient, and secure background investigations for the Federal Government. Unlike the previous structure, the Department of Defense will assume the responsibility for the design, development, security, and operation of the background investigations IT systems for the NBIB.

Today’s announcement comes after an interagency 90-Day Suitability and Security review commenced last year in light of increasing cybersecurity threats, including the compromise of information housed at OPM, to re-examine reforms to the Federal background investigations process, assess additional enhancements to further secure information networks and systems, and determine improvements that could be made to the way the Government conducts background investigations for suitability, security and credentialing.

This review was conducted by the interagency Performance Accountability Council (PAC), which is chaired by the Office of Management and Budget (OMB) and comprised of the Director of National Intelligence (DNI), the Director of the U.S. Office of Personnel Management, in their respective roles as Security and Suitability Executive Agents of the PAC, and the Departments of Defense (DOD), the Treasury, Homeland Security, State, Justice, Energy, the Federal Bureau of Investigation, and others. It also included consultation with outside experts.

We are proud of the collaborative effort of the interagency team that helped identify these critical reforms. And we are committed to protecting the security of not only our systems and data, but also the Personally Identifiable Information of the people we entrust with protecting our national security.

We also want to thank the men and women of OPM’s Federal Investigative Services for the work they do every day to provide quality background investigations to agencies across Government.

The Administration will establish a transition team that will develop a plan to stand up NBIB and migrate the existing functions of the current Federal Investigative Service to the NBIB, and to make sure that agencies continue to get the investigative services they need during the transition.

For more information about today’s announcement please go to https://www.whitehouse.gov/blog/2016/01/22/way-forward-federal-background-investigations.

 

#

OPM to Charge Agencies for Credit Monitoring Offered to Federal Employees

Posted: 2:32 am EDT
[twitter-follow screen_name=’Diplopundit’ ]

 

The latest update from “M” on the OPM breach dated July 15, notes that “The State Department never transferred personnel records to the OPM facility. However, if you had other U.S. Government service prior to joining State, you may have had records that were involved.” On the background information breach, it says that “State Department employees’ SF-85 and SF-86 forms (depending on the appointment) were in the OPM system and thus were impacted. However, other background investigation material was not.”

If you have additional questions email DG DIRECT [DGDIRECT@STATE.GOV] or OPM’s new email: cybersecurity@opm.gov

AFSA’s latest update to its membership is dated July 10 and available to read here.

Some developments on the fallout from the data breach:

 

.

.

.

.

.

.

.

.

.

.

#

 

21.5 Million Americans Compromised, OPM’s Ms. Archuleta Still Not Going Anywhere

Posted: 1:36 am  PDT
[twitter-follow screen_name=’Diplopundit’ ]

Excerpt via opm.gov:

OPM announced the results of the interagency forensic investigation into the second incident.  As previously announced, in late-May 2015, as a result of ongoing efforts to secure its systems, OPM discovered an incident affecting background investigation records of current, former, and prospective Federal employees and contractors.  Following the conclusion of the forensics investigation, OPM has determined that the types of information in these records include identification details such as Social Security Numbers; residency and educational history; employment history; information about immediate family and other personal and business acquaintances; health, criminal and financial history; and other details.  Some records also include findings from interviews conducted by background investigators and fingerprints.  Usernames and passwords that background investigation applicants used to fill out their background investigation forms were also stolen.

While background investigation records do contain some information regarding mental health and financial history provided by those that have applied for a security clearance and by individuals contacted during the background investigation, there is no evidence that separate systems that store information regarding the health, financial, payroll and retirement records of Federal personnel were impacted by this incident (for example, annuity rolls, retirement records, USA JOBS, Employee Express).

This incident is separate but related to a previous incident, discovered in April 2015, affecting personnel data for current and former Federal employees.  OPM and its interagency partners concluded with a high degree of confidence that personnel data for 4.2 million individuals had been stolen.  This number has not changed since it was announced by OPM in early June, and OPM has worked to notify all of these individuals and ensure that they are provided with the appropriate support and tools to protect their personal information.

Analysis of background investigation incident.  Since learning of the incident affecting background investigation records, OPM and the interagency incident response team have moved swiftly and thoroughly to assess the breach, analyze what data may have been stolen, and identify those individuals who may be affected.  The team has now concluded with high confidence that sensitive information, including the Social Security Numbers (SSNs) of 21.5 million individuals, was stolen from the background investigation databases.  This includes 19.7 million individuals that applied for a background investigation, and 1.8 million non-applicants, predominantly spouses or co-habitants of applicants.  As noted above, some records also include findings from interviews conducted by background investigators and approximately 1.1 million include fingerprints.  There is no information at this time to suggest any misuse or further dissemination of the information that was stolen from OPM’s systems.

If an individual underwent a background investigation through OPM in 2000 or afterwards (which occurs through the submission of forms SF 86, SF 85, or SF 85P for a new investigation or periodic reinvestigation), it is highly likely that the individual is impacted by this cyber breach. If an individual underwent a background investigation prior to 2000, that individual still may be impacted, but it is less likely.

So, are we supposed to wait for another credit monitoring offer from OPM’s partners for this BI hack, after already being offered credit monitoring for the personnel data compromised in an earlier breach?

Yes. Wonderful.

Ms. Archuleta should do the right thing and resign.

Part of OPM’s public response to these breaches has been to protect the director’s record at the agency.  While she remains in charge, I suspect that the fixes at OPM will also include shielding the director from further damage. News reports already talk about OPM’s push back. Next thing you know we’ll have “setting the record straight” newsbots all over the place.

While it is true that Ms. Archuleta arrived at OPM with legacy systems still in operation, these breaches happened under her watch. Despite her protestation that no one is personally responsible (except the hackers), she is the highest accountable official at OPM.  Part and parcel of being in a leadership position is to own up to the disasters under your wings.  Ms. Archuleta should resign and give somebody else a chance to lead the fixes at OPM.

via reactiongifs.com

via reactiongifs.com

.

.

.

.

.

.

.

The Phantom Memo: DNI-OPM Approved Interim Procedures During e-QIP System Suspension

Posted: 5:50 pm  PDT
[twitter-follow screen_name=’Diplopundit’ ]

 

The blog post title is not original but cribbed from @empiricalerror:

Click on the image below (Thanks C!) to read the memo signed by DNI’s James R. Clapper and OPM Katherine Archuleta (pdf).

One govie told us “there is no process for TS which is all I hire!”  Note that the memo says there are “no interim procedures authorized at this time for access to Top Secret, Top Secret SCI, or “Q” level information.”

There’s a sigh for you, too.

DNI-OPM e-QIP Memo

Click image to read the memo in pdf format (memo originally posted at govexec)

And when the e-QIP is restored, the wait will continue some more while the process runs its course. Will new hires even get to work  by late fall?

One bureau reportedly sent out a note saying, “we are requesting that all tentative job offer notices be temporarily postponed until further guidance is published.”  Apparently, “HR and DS are working together to iron out the details of an interim paper-based SF-86 process.”

Meanwhile, fedscoop reports that OPM wants to hire four IT senior project managers that will cost up to $675,000 to oversee a systems modernization.

#

#OPMBreach: Back to Paper SF-86s, No More Social Media at OPM, Scary Movie Chinese Edition

Posted: 2:15 pm EDT
[twitter-follow screen_name=’Diplopundit’ ]

.

.

.

.

.

.

 

Related Posts:

 

OPM Announces Temporary Suspension of the E-QIP System For Background Investigation

Posted: 12:19 am EDT
[twitter-follow screen_name=’Diplopundit’ ]

 

On June 29, OPM announced the temporary suspension of the online system used to submit background investigation forms.  The system could be offline from 4-6 weeks.  Below via opm.gov:

WASHINGTON, D.C. – The U.S. Office of Personnel Management today announced the temporary suspension of the E-QIP system, a web-based platform used to complete and submit background investigation forms.

Director Katherine Archuleta recently ordered a comprehensive review of the security of OPM’s IT systems. During this ongoing review, OPM and its interagency partners identified a vulnerability in the e-QIP system. As a result, OPM has temporarily taken the E-QIP system offline for security enhancements. The actions OPM has taken are not the direct result of malicious activity on this network, and there is no evidence that the vulnerability in question has been exploited. Rather, OPM is taking this step proactively, as a result of its comprehensive security assessment, to ensure the ongoing security of its network.

OPM expects e-QIP could be offline for four to six weeks while these security enhancements are implemented. OPM recognizes and regrets the impact on both users and agencies and is committed to resuming this service as soon as it is safe to do so.  In the interim, OPM remains committed to working with its interagency partners on alternative approaches to address agencies’ requirements.

“The security of OPM’s networks remains my top priority as we continue the work outlined in my IT Strategic Plan, including the continuing implementation of modern security controls,” said OPM Director Archuleta. “This proactive, temporary suspension of the e-QIP system will ensure our network is as secure as possible for the sensitive data with which OPM is entrusted.”

#

Meanwhile, on June 22, AFSA sent a letter to OPM Director Katherine Archuleta with the following requests:

Screen Shot 2015-06-29

via afsa.org (click for larger view)

 

On June 25, AFSA is one of the 27 federal-postal employee coalition groups who urge President Obama to “immediately appoint a task force of leading agency, defense/intelligence, and private-sector IT experts, with a short deadline, to assist in the ongoing investigation, apply more forceful measures to protect federal personnel IT systems, and assure adequate notice to the federal workforce and the American public.”  (read letter here: AFSA Letter sent in conjunction with the Federal-Postal Coalition |June 25, 2015 | pdf)

#

“M” Writes Update to State Department Employees Regarding OPM Breach

Posted: 1:36 pm EDT
[twitter-follow screen_name=’Diplopundit’ ]

 

It took 18 days before I got my OPM notification on the PII breach. Nothing still on the reported background investigation breach. OPM says it will notify those individuals whose BI information may have been compromised “as soon as practicable.”  That might not happen until the end of July! The hub who previously worked for State and another agency has yet to get a single notification from OPM. We have gone ahead and put a fraud alert for everyone in the family. What’s next? At the rate this is going, will we soon need fraud alerts for the pets in our household? They have names and passports, and could be targeted for kidnapping, you guys!!

And yes, I’ve watched the multiple OPM hearings now, and no, I could not generate confidence for the OPM people handling this, no matter how hard I try. Click here for the timeline of the various breaches via nextgov.com, some never disclosed to the public.

Still waiting for the White House to do a Tina Fey:

you're all fired

via giphy.com

On June 25, the Under Secretary for Management, Patrick Kennedy sent a message to State Department employees regarding the OPM breach. There’s nothing new on this latest State update that we have not seen or heard previously except the detail from the National Counterintelligence and Security Center (NCSC) at http://www.ncsc.gov (pdf) on how to protect personal information from exploitation (a tad late for that, but anyways …) because Foreign Intelligence Services and/or cybercriminals could exploit the information and target you.

Wait, what did OPM say about families? “[W]e have no evidence to suggest that family members of employees were affected by the breach of personnel data.” 

Via the NCSC:

Screen Shot 2015-06-26

no kidding!

Screen Shot 2015-06-26

you don’t say!

Here is M’s message from June 25, 2015 to State employees. As far as we know, this is the first notification posted publicly online on this subject, which is  good as these incidents potentially affect not just current employees but prospective employees, former employees, retirees and family members.

Dear Colleagues,

I am writing to provide you an update on the recent cyber incidents at the U.S. Office of Personnel Management (OPM) which has just been received.

As we have recently shared, on June 4th, OPM announced an intrusion impacting personnel information of approximately four million current and former Federal employees. OPM is offering affected individuals credit monitoring services and identity theft insurance with CSID, a company that specializes in identity theft protection and fraud resolution. Additional information is available on the company’s website, https://www.csid.com/opm/ and by calling toll-free 844-777-2743 (international callers: call collect 512-327-0705). More information can also be found on OPM’s website: www.opm.gov.

Notifications to individuals affected by this incident began on June 8th on a rolling basis through June 19th. However, it may take several days beyond June 19 for a notification to arrive by email or mail. If you have any questions about whether you were among those affected by the incident announced on June 4, you may call the toll free number above.

On June 12th, OPM announced a separate cyber intrusion affecting systems that contain information related to background investigations of current, former, and prospective Federal Government employees from across all branches of government, as well as other individuals for whom a Federal background investigation was conducted, including contractors. This incident remains under investigation by OPM, the Department of Homeland Security (DHS), and the Federal Bureau of Investigation (FBI). The investigators are working to determine the exact number and list of potentially affected individuals. We understand that many of you are concerned about this intrusion. As this is an ongoing investigation, please know that OPM is working to notify potentially affected individuals as soon as possible. The Department is working extensively with our interagency colleagues to determine the specific impact on State Department employees.

It is an important reminder that OPM discovered this incident as a result of the agency’s concerted and aggressive efforts to strengthen its cybersecurity capabilities and protect the security and integrity of the information entrusted to the agency. In addition, OPM continues to work with the Office of Management and Budget (OMB), the Department of Homeland Security, the FBI, and other elements of the Federal Government to enhance the security of its systems and to detect and thwart evolving and persistent cyber threats. As a result of the work by the interagency incident response team, we have confidence in the integrity of the OPM systems and continue to use them in the performance of OPM’s mission. OPM continues to process background investigations and carry out other functions on its networks.

Additionally, OMB has instructed Federal agencies to immediately take a number of steps to further protect Federal information and assets and improve the resilience of Federal networks. We are working with OMB to ensure we are enforcing the latest standards and tools to protect the security and interests of the State Department workforce.

We will continue to update you as we learn more about the cyber incidents at OPM. OPM is the definitive source for information on the recent cyber incidents. Please visit OPM’s website for regular updates on both incidents and for answers to frequently asked questions: www.opm.gov/cybersecurity. We are also interested in your feedback and questions on the incident and our communications. You can reach out to us at DG DIRECT (DGDirect@state.gov) with these comments.

State Department employees who want to learn additional information about the measures they can take to ensure the safety of their personal information can find resources at the National Counterintelligence and Security Center (NCSC) at http://www.ncsc.gov. The following are also some key reminders of the seriousness of cyber threats and of the importance of vigilance in protecting our systems and data.

Steps for Monitoring Your Identity and Financial Information

  • Monitor financial account statements and immediately report any suspicious or unusual activity to financial institutions.
  • Request a free credit report at www.AnnualCreditReport.com or by calling 1-877-322-8228. Consumers are entitled by law to one free credit report per year from each of the three major credit bureaus – Equifax®, Experian®, and TransUnion® – for a total of three reports every year. Contact information for the credit bureaus can be found on the Federal Trade Commission (FTC) website, www.ftc.gov.
  • Review resources provided on the FTC identity theft website, www.Identitytheft.gov. The FTC maintains a variety of consumer publications providing comprehensive information on computer intrusions and identity theft.
  • You may place a fraud alert on your credit file to let creditors know to contact you before opening a new account in your name. Simply call TransUnion® at 1-800-680-7289 to place this alert. TransUnion® will then notify the other two credit bureaus on your behalf.

Read in full here.

#

Social Media Security Screening Is Here: OPM to Make Sole Source Award For Use in Background Investigation

Posted: 1:01 am  PDT
[twitter-follow screen_name=’Diplopundit’ ]

 

Last September, Mike Kelly, the Republican Representative for Pennsylvania’s 3rd congressional district introduced the Enhanced Security Clearance Act of 2014 (HR 5482) aimed at the implementation of enhanced personnel security programs which requires agency programs to “integrate information from government, publicly available, and commercial data sources, consumer reporting agencies, and social media.”

Mr. Kelly told ZDNet, “In particular, the bill will update government background checks to include an applicants’ publicly available electronic data including social media accounts such as Facebook and Twitter.” This bill was introduced on September 16, 2014, in a previous session of Congress, but was not enacted.

Well, the bill may have died but it was only a matter of time before social media content becomes part of the federal background investigation.

The Federal Investigative Services (OPM-FIS) provides investigative products and services for over 100 Federal agencies to use as the basis for suitability and security clearance determinations. OPM provides over 90% of the Government’s background investigations, conducting over two million investigations a year.

On June 17, the Office of Personnel Management, Federal Investigative Service (FIS), PIC Acquisitions Team, published a “Notice of Intent to Sole Source – PAEI Reports” to Social Intelligence, a company headquartered in California.  Social media content is now officially called Publicly Available Electronic Information (PAEI). If we’re reading this correctly, it looks like there already are pilot projects with the same company conducted with the U.S. Army, the Office of Director of National Intelligence (ODNI), the Department of State and the National Reconnaissance Office.

Below is the published notice via fedbiz:

It is the intention of the agency to award a firm-fixed price agreement to Social Intelligence for publicly available electronic information (PAEI) reports. This is not a solicitation for quotations, but rather a notice of the agency’s intent to make a sole source award to Social Intelligence.

The U.S. Office of Personnel Management (OPM) Federal Investigative Services (FIS) seeks to award a firm-fixed price agreement to Social Intelligence who will conduct searches of multiple sources of PAEI in an automated manner and provide complete, accurate, standardized reports to OPM-FIS when searches result in information pertinent to Subjects of Investigation.

OPM-FIS is participating in a set of pilot projects with other federal investigative service providers to evaluate the use of PAEI in the background investigative process. This acquisition will provide 400 PAEI reports over a period of approximately 6-9 months for a sample population of investigations to assess the OPM-FIS operational end-to-end process and relevancy to the investigation along with the effects of quality, costs and timeliness. The vendor must also provide high level training on how to review and analyze the PAEI reports and also provide customer and technical support 24×7 until 400 PAEI reports have been provided to OPM-FIS.

Social Intelligence is the only source that possesses knowledge and expertise obtained through participation in other high level government PAEI pilot projects, to include pilots with the U.S. Army, the Office of Director of National Intelligence (ODNI), the Department of State and the National Reconnaissance Office. Social Intelligence is the only one available whose product will result in a consistent and accurate comparative analysis between results of the OPM-FIS pilot and other government agencies’ pilots. This vendor’s personnel have experience with and have received training on the personnel security process and the thirteen adjudicative guidelines due to participation in previous government pilots. Such experience is required in order to appropriately identify issues containing relevant adjudicative information. Only data that meets the adjudicative guidelines will be collected and retained by OPM-FIS.

This vendor was deemed a consumer reporting agency (CRA) by the Federal Trade Commission, as defined by the Fair Credit Reporting Act. As of January 2013, the vendor was the only social media background screening company designated as a CRA. This designation is important as the FTC has ruled that CRAs must take reasonable steps to ensure the maximum possible accuracy of the information reported from social media sites. All of the above make Social Intelligence a unique source that would provide the best solution with the least risk to the government for this pilot.

According to its website, Social Intelligence (http://www.socialintel.com) “provides social media data, tools, and reports to commercial and Government organizations. Headquartered in Santa Barbara, Calif., the company has developed a unique suite of products including employment background screenings, insurance claims investigations, corporate due diligence, and Government services. … Social Intelligence was created to provide companies and governmental organizations publicly available online information, while ensuring this data is used appropriately and legally.” It provides the following services:

  • Social Intelligence’s Social Monitoring & Evaluation solutions provide a powerful and cost-effective way to monitor and evaluate an individual’s ongoing online activity across the deep web.
  • Social Intelligence’s groundbreaking research into online identity science and its implications allows companies to confidently rely on social media and internet data. A fully automated capability, Social Intelligence’s proven, proprietary Identity Resolution algorithm identifies, matches, and scores aggregated publicly available online information, the first of multiple steps to solidify data veracity.

On it’s website, the company talks about “the opportunity at hand”  — apparently 64 million people are unscorable by traditional credit scores and 55% of millennials are willing to share their data in exchange for discounts.

#