Trump Exits From Syria, Cites “Historic Victories Against ISIS”

The President of the United States minus the “Mission Accomplished” banner, announcing the “historic victories against ISIS” and withdrawal of U.S. troops from Syria:

The happy, thumbs-up people:

Advertisements

US Embassy Kenya’s Threat Designation Downgraded Just as ISIS Claims Stabbing Attack

Posted: 1:15 am ET
[twitter-follow screen_name=’Diplopundit’ ]

 

There was a shooting incident outside the U.S. Embassy in Nairobi, Kenya on October 27 after a knife-wielding assailant attacked an armed Kenyan police officer guarding an entrance to the embassy.  This is one more reminder that local law enforcement employed by host countries and local embassy guards are in the front line of protecting our missions overseas.  The US Embassy said that no Embassy personnel were involved and no U.S. citizens are known to have been affected by this incident.  The Embassy closed to the public on October 28 for routine consular services but emergency consular services for U.S. citizens remained available.  In its Security Message to U.S. citizens, Embassy Nairobi writes, “We are grateful for the ongoing protection provided by the Kenyan police. We are cooperating with Kenyan authorities on the investigation of the incident on Thursday, October 27 and refer all questions about the investigation to them. We will be open to the public for normal operations on Monday, October 31, 2016.”

 

A quick look at the State Department’s Office of Allowances website indicates that Kenya had zero danger pay in September 2013, when the Westgate mall attack occurred. The website indicates that Kenya has been designated as a 15% danger differential post since June 29, 2014  until October 30, 2016 when the latest data is available online.

However, we understand that Embassy Nairobi has recently been downgraded in threat designation for terrorism which eliminates danger pay. We were reminded that it took 9 months after the Westgate Shopping Mall Attack before any danger pay differential kicked in for U.S. Embassy Nairobi; and this happened while reportedly about a third of the country including several neighborhoods in Nairobi remain red no-go zones for employees posted in Kenya.  The allowances website does not reflect the downgraded status as of yet so we’ll have to wait and see what happens to the mid-November update.

The sad reality is these attacks could happen anywhere.  There were 1,475 attacks in 2016 alone involving 12,897 fatalities around the world.

 

#

Suicide Attack at Istanbul Airport Kills 36, Wounds Many More

Posted: 2:04 am ET
[twitter-follow screen_name=’Diplopundit’ ]

The State Department has created a Crisis in Istanbul page to provide updates to American citizens for the terrorist attack at the Ataturk International Airport in Istanbul. Excerpt below:

Turkish media is reporting that possibly two or more explosive devices detonated at Istanbul’s Ataturk Airport at approximately 10:15pm local time June 28, 2016. Police and anti-terror teams are currently at the scene and there is no official announcement on the reason of the explosion(s) or the exact number of wounded.  Entrance to and exit ‎from the Airport have been prohibited.  Flights have been suspended.  All direct flights from Istanbul to the United States had departed prior to the attack at the airport.  U.S. citizens are urged to avoid the area around the airport and to avoid any police action that may be taking place throughout the city.  Please check local media for the latest updates.  We strongly urge U.S. citizens in Turkey to directly contact concerned family members in the United States to advise them of your safety.

Earlier —

 

#

 

 

 

 

 

 

 

 

 

#DefeatingDaesh News Front: Social Media as “Transformational” Tool, Covert Propaganda

Posted: 12:04  am ET
[twitter-follow screen_name=’Diplopundit’ ]

 

Meanwhile, across the pond —

#

Pro-ISIS Hackers Post Alleged “Kill” List With 43 Names Including @StateDept Names

Updated: 2:58 am ET
[twitter-follow screen_name=’Diplopundit’ ]

 

In August last year, we blogged about the Purported ISIS ‘Hit List’ With 1,482 Targets including State Department names. Now, according to  Vocativ, hackers with a pro-ISIS group calling themselves the United Cyber Caliphate have distributed a “kill” list on Monday that appears to include dozens of U.S. government personnel.

The list features 43 names of people linked to the State Department, the Department of Homeland Security and the departments of defense, energy, commerce and health and services. It also identifies the U.S. embassies in Santiago and Kathmandu—as well as the Department of the Navy in Gulfport, Mississippi—as targets.

The purported “hit list” last year reportedly included personnel data of more than 1,482 members of the U.S. military, NASA, the FBI, the Port Authority of New York and New Jersey, and the State Department.  Technology security expert, Troy Hunt,  wrote at that time that “nothing makes headlines like a combination of ISIS / hackers / terrorism!” and had taken a closer look with an analysis here.  How many of these names are from “pastes” that have been reproduced or recycled or new? Whatever the answer, this is a trend that will probably continue into the foreseeable future. Reports like this should be a periodic reminder to review your/your family members privacy settings and digital footprint regularly.

 

#

From Creeping to Warp-Speed? Militarization of American Foreign Policy

Posted: 4:42 pm EDT
[twitter-follow screen_name=’Diplopundit’ ]

 

Via NYT, December 10, 2015

WASHINGTON — As American intelligence agencies grapple with the expansion of the Islamic State beyond its headquarters in Syria, the Pentagon has proposed a new plan to the White House to build up a string of military bases in Africa, Southwest Asia and the Middle East.

The bases could be used for collecting intelligence and carrying out strikes against the terrorist group’s far-flung affiliates.
[…]
The plan has met with some resistance from State Department officials concerned about a more permanent military presence across Africa and the Middle East, according to American officials familiar with the discussion. Career diplomats have long warned about the creeping militarization of American foreign policy as the Pentagon has forged new relationships with foreign governments eager for military aid.

Officials said the proposal has been under discussion for some time, including this week during a White House meeting with some members of President Obama’s cabinet. Shortly after General Dempsey retired in September, Defense Secretary Ashton B. Carter referred to the plan in a little-noticed speech in Washington. “Because we cannot predict the future, these regional nodes — from Morón, Spain, to Jalalabad, Afghanistan — will provide forward presence to respond to a range of crises, terrorist and other kinds,” Mr. Carter said. “These will enable unilateral crisis response, counterterror operations, or strikes on high-value targets.”

Pentagon planners do not see the new approach as particularly costly by military standards. One official estimated it could be in the “low millions of dollars,” mainly to pay for military personnel, equipment and some base improvements.
[…]
For the approach to have any chance of success, analysts said, regional American commanders, diplomats and spies will have to work closely together and with Washington — something that does not always happen now — to combat threats that honor no borders.

Continue reading, Pentagon Seeks to Knit Foreign Bases Into ISIS-Foiling Network.

#

Related items:

These are all the countries where the US has a military presence

Mapping the growth of bases worldwide (August 2015)

Overseas Basing An Assessment of Relative Costs and Strategic Benefits (Rand, 2013)

#

State Dept Responds to Purported ISIS ‘Hit List’ — This Gives Me A Sad

Posted: 3:18 pm EDT
[twitter-follow screen_name=’Diplopundit’ ]

On August 16, we blogged this: Purported ISIS ‘Hit List’ With 1,482 Targets Includes State Department Names.  We asked the State Department about this over the weekend. We wanted to know if the agency has been able to confirmed the affected State personnel. The State Department, on background, told us this:

We acknowledge the reports. While we will not comment on or confirm the specifics of this particular assertion, we know that malicious actors often target email accounts of government and business leaders across the United States.

We’ve also inquired about its response, or guidance to personnel , if any, and the State Department, still on background, would only say this:

We believe it is important for not only government and private sector companies but also individuals to improve their cybersecurity practices. That is why this Administration is working hard to raise our cyber defenses across the board.

Yikes! ¯\_(ツ)_/¯  

Well, we hope they’re talking to employees behind the firewall with more substance than this two-sentence practically useless response.

*

We have not been able to find anything State Department related-response/guidance on this on the public net, but DOD has some useful reminders posted on the wide-web, no logons required. The first set of slides below is actually a social networking cybersecurity awareness briefing by Diplomatic Security. The slide set appears dated a few years back (uses 2009 examples) and is not available, as far as we can tell, from state.gov. We found this set posted on the slideshare site maintained by the Defense Department. The other two set of slides are on opsec for families and one on geotagging safety for those who posts photos online. both from the DOD site.

Social Networking Cybersecurity Awareness


.

Social Media Cyber Security Awareness Briefing | OPSEC For Families

.

Social Media Roundup/Geotagging Safety

#

Purported ISIS ‘Hit List’ With 1,482 Targets Includes State Department Names

Posted: 6:52 pm EDT
[twitter-follow screen_name=’Diplopundit’ ]


According
to CNN, a group calling itself the Islamic State Hacking Division recently posted online a purported list of names and contacts for Americans it refers to as “targets,” according to officials.

Though the legitimacy of the list is questionable, and much of the information it contains is outdated, the message claims to provide the phone numbers, locations, and “passwords” for 1400 American government and military personnel as well as purported credit card numbers, and excerpts of some Facebook chats.

The Guardian describes the list as a spreadsheet, published online last week which exposes names, email addresses, phone numbers and passwords. The 1,482 names include members of the U.S. Marine Corps, NASA, the State Department, the U.S. Air Force, and the FBI.

The Daily Mail  reports that the list includes an accompanying message that reads:  ‘Know that we are in your emails and computer systems, watching and recording your every move, we have your names and addresses, we are in your emails and social media accounts.’

The list apparently also includes the names of eight Australians and UK government personnel. In Australia where there this is huge news, Prime Minister Tony Abbott told the press, “We’ve just discovered that it’s actually able to launch cyber attacks in this country so this is a very sophisticated and deadly threat to us even here in Australia.” A chief executive of a forensic data firm in the country went so far as to advise that Canberra’s public servants get off social media. He also recommended that “on the day [ADFA] cadets enlist, their entire electronic lives be erased” and that “they should not exist on digital networks until they retire from Defence.”

The reaction here is a little less ZOMG!  Last week, then Army Chief of Staff Gen. Ray Odierno said in a press conference that “this is the second or third time they’ve claimed that and the first two times I’ll tell you, whatever lists they got were not taken by any cyber attack.”

“This is no different than the other two,” Odierno said. “But I take it seriously because it’s clear what they’re trying to do … even though I believe they have not been successful with their plan.”

CNN reports that Pentagon spokesman Lt. Col. Jeffrey Pool also cautioned that many of the military email addresses looked at least several years old, based on their suffixes. He said that shortly after this list was posted, a reminder went out to service personnel that they should limit the personal information they put on social media. “If any of your information on it is accurate, you’re very concerned,” former Homeland Security adviser Fran Townsend told CNN, “as are government officials.”

According to the Washington Examiner, State Department employees comprise about a quarter of the alleged personal information on the list. That would be about 370 names. It also says that at the bottom of the leaked document, originally posted on zonehmirrors.org, are receipts from State Department employees along with their credit card numbers.  The report notes that Islamic State supporters tweeted a link to the document and also tweeted, in one instance, information claiming to be the personal details of a staff member from the U.S. embassy in Cairo that said: “To the lone wolves of Egypt.”

Technology security expert, Troy Hunt,  writes that “nothing makes headlines like a combination of ISIS / hackers / terrorism!” and has taken a closer look with an analysis here. Mr. Hunt’s conclusion — drawn merely from looking at the leaked list and applying what he observed from experience with previous data dumps leaked list —  is that “the data is almost certainly from multiple locations and very unlikely to be from a single data breach.” Also that “most of the data is easily discoverable via either existing data breaches or information intentionally made public.” He writes, “Even the source of the amalgamated data is unverifiable – it could be someone who does indeed wish harm on the individuals named, it could be a kid in his pyjamas, there’s just not enough information to draw a conclusion either way.”

In his analysis of the ISIS list, Mr. Hunt says that “there are many sources from which attributes in this list can be compiled.” As an example, he cited the Adobe breach of 2013 in which 152M records were leaked, which includes 257k .gov email addresses. He writes:

The ISIS list has a lot of state.gov email addresses – Adobe leaked 1,657 of those and they look just like this:

state.gov email addresses in the Adobe data breach

state.gov email addresses in the Adobe data breach via Troy Hunt (used with permission)

“Adobe also leaked password hints so you can begin to quite easily build a profile around people working in the US State Department,” he said.

Would be good to know if any of the names in the Adobe breach are showing up in the ISIS list. We have not seen the purported ISIS list or the names from the Adobe hack but we hope somebody at State is looking at those names. Folks probably need to work on their password hints, too.

In a separate post, Mr. Hunt also notes this:

“The hyperbole and the fear, uncertainty and doubt that spread over this was just off the scale compared to the significance of the actual data. Here we have what amounts to little more than easily discoverable information mostly already in the public domain and suddenly it’s become a huge terror hack. [….] However, the legitimacy of the claims that this was an “ISIS hack” appear to have gotten in the way of a good story and the news has simply run with it.

A couple more reading clips below from Troy Hunt:

.

.

There’s not much one can do with the Adobe, Target, Home Depot, OPM hack except to sign up for credit monitoring service or put a credit freeze on one’s account. That is, if we’re concerned about identity thief. But those services  will not work against potential blackmails related to a foreign government hack, or online threats related to potentially scraped data, collected from websites and social media accounts.

We are persuaded by Mr. Hunt’s analysis that this was not a real hack. But real or not, the information is out there and thinking about ‘lone wolf’ offenders seduced by ISIS’ call, in the U.S. or elsewhere is not paranoid.  Folks might consider this a good excuse to review their digital footprint.

The threats online — whether real or part of propaganda — is not going to abate anytime soon. This is the world as it is, and not an attempt at hyperbole.  Employees overseas can report these threats to RSOs but hey, have you seen the rundown of the RSO’s managed programs?   We don’t even know what specific office at State tracks these breaches or who has responsibility for online threats. Was anyone notified by State when the Adobe breach occurred in 2013 and leaked hundreds of official emails? Were those emails changed?  A talkinghead writinghead would like to know.

Also some of USG’s overseas posts still display the official email addresses of personnel in public affairs, and those dealing with contracts, solicitations, and acquisitions on their websites. Those should be generic e-mail accounts not linked to an individual’s name but linked instead to the section, function or office, e.g. Sanaacontracts@state.gov. Makes better sense as people rotate jobs anyway.

We’re trying to find if Diplomatic Security has any response, guidance, reminder for State Department personnel given this report and the Burn Bag received earlier.  Would be a good time as any to issue an opsec reminder. We will have a follow-up post if/when we get an official response.

 #

Obama Admin Official Leaks Dismal Stengel-Kerry Memo on ISIS Counter Messaging

Posted: 2:08 am EDT
[twitter-follow screen_name=’Diplopundit’ ]

 

An internal State Department memo paints a dreary view of the Obama administration’s efforts to counter messaging by the Islamic State. And somebody leaked it to the New York Times.

.

.

.

.

.

Why, indeed?

The internal memo, dated June 9 is marked SBU or “sensitive but unclassified.” It was drafted and approved by Richard A. Stengel, the State Department’s under secretary for public diplomacy and public affairs (State/R) and a former managing editor of Time magazine.  The memo addressed to Secretary Kerry is cleared only by one person, Susan Stevenson, from Stengel’s own Front Office; there are no other addressee.  It’s hard to say how far this memo traveled in 4-5 days before it was leaked but the source could not be too far away from Stengel and Kerry’s offices.

The question now is motive. Who leaked that memo and why? Is it to garner support from higher ups like those in the WH or is it to torpedo Stengel’s “big proposal and immediate improvement” before it get legs. Who gains, who losses from this leak?

The memo is made available online by the NYT.

Pardon me, you’re waiting for the SBU leaker to get caught? We’ll, we’re also waiting for the trap doors for the leakers of the 2010 secret cables sent by then Ambassador Eikenberry on the Afghanistan strategy, and the 2012 top secret cable by then Ambassador Crocker on Pakistani havens.  To-date, none of those leakers have been caught. So, catch the SBU leaker? Good luck!

#

Saudi Arabia Arrests 93 Suspected Terrorists Over Plot to Bomb US Embassy Riyadh

Posted: 3:30  pm EDT
[twitter-follow screen_name=’Diplopundit’ ]

 

.

.

 

Related posts:

#