Top Secret Tinseltown

So this is a city with a lot of secrets. 


I’m not talking about just the run-of-the-mill, non-disclosure agreement (NDA).


This is Top Secret Tinseltown!


And even the stuff that comes out in the news–whether it’s clandestine transfers of $1.7 billion to the Ayatollahs in Iran or the Uranium One deal with the Russians, there is plenty of dirty little games going on. 


What was hilarious is when when saw this huge industrial shredding truck in the parking lot:

Paper Shredding * Electronic Destruction * Medical Waste Disposal


And there were a line of cars waiting to get rid of their little secrets.


I kid you not when I say that on a Saturday morning, there were at least 25 cars in line to dispose of their “stuff.”


Now who do you know in what city that waits 25 cars deep in line for an industrial shredder on a Saturday morning.


And the cars are pulling up, the trunks are popping open, and boxes and boxes of paper and electronic files are being handed over. 


Gee, I hope the Russians or Chinese aren’t getting into the shredding business…and inside the truck isn’t a large shredder but a bunch of analysts waiting for you to hand it all over. 😉


(Source Photo: Andy Blumenthal) 

How Do You Lock A Tree

So this is one of the craziest things in Washington, D.C. 


There is a tree with a lock on it. 


Yes, with a Master Lock on it. 

Hidden in plain site. 


It has letters and numbers or symbols on each button. 


Have you ever seen anything like that before?


Uh, what do you think that is:


– A lock to prevent the tree from being stolen?


– A Maxwell Smart (shoe) phone?


– A surveillance device in the tree bark or along the limbs?


– A secret compartment?


Hmm, is there something locked in the tree?


What could it be?  😉


(Source Photo: Dannielle Blumenthal)

Reading Your Emails

Surveillance.jpeg

So you know you typically get a message when you log on your computer at work that there is “no expectation of privacy.”


Meaning…you’re on the corporate network and so remember that you can be monitored. 


Well we all read that warning and sort of know it by heart.


But do you really think that someone is watching you.


Well be assured that they are!


Talking to one of my colleagues and friends recently and this is what happened.


He had to fire one of his senior guys. 


And I asked him why?


He said:

“Because he was dead wood.”


I asked what he meant as this was a senior person in the organization that was being let go.


So he said:

“Well I read the last few days of his emails on his account and he was doing absolutely nothing!”


And I was like hmm, that’s amazing that you actually go into his account and read his stuff.


Yeah, I know it’s not really his employees–the guy is at work–but still it’s his email account that he uses, seriously.


So it’s not just some corporate spooks sitting in the bowls of the building in a darkened security operations center behind a lot of cool looking screens monitoring your accounts for suspicious activity.


It’s your management too that can logon and see and read your stuff, whenever.


So this guy that was fired wasn’t just dead wood, he was actually dead meat. 


“Smile you’re on camera” in more ways then one.


So if you decide to write some juicy emails today or save some salacious files on “your” computer or on the network, the expectation surely is that they are being read–you can take that to your privacy bank. 😉


(Source Photo: Andy Blumenthal)

Our Assets Are Compromised

Compromise.jpeg

So in the games that nations play, spy games is #1 on the hit parade.


Of course, it’s about using information to get a strategic advantage. 


It runs the gamut from pure espionage in terms of stealing state secrets and intellectual property to conducting stealthy subversive acts to undermine enemies and competitors. 


Whatever spies do, it’s all about compromising assets…whether they be human, information, or critical infrastructure. 


From turning patriots into traitors, words into info warfare, or critical infrastructure in trojan horses ready to im/explode…whatever leads to getting the upper-hand or advantage. 


What one nation comes to rely on for their sustainment and survival is instead exploited and turned against them like a trojan horse or modern-day malware.


And with people, using money, sex, ideology, compromising material (Kompromat), or threats against loved ones–it’s simply about appealing to either opportunism or extortion. 


So truly defense means protecting not only what before one’s eyes, but also what in the rear and at the flanks. 


When the over 21 million personnel records and background investigations where stolen from OPM on virtually all federal employees (civilian, military, and intelligence personnel) a door was left open and the demon is still hiding and waiting to cross the threshold, infiltrate, exfiltrate, and compromise. 


As an society that meaningfully values an open and transparent democracy, we can perhaps too easily become lured or lax to common sense safeguards and vigilance, but that does not excuse negligence, incompetence or stupidity.


Rich people and countries around the world can unknowingly falter by becoming overly comfortable and full of themselves…to the point where many don’t fully care about their jobs or their country, as they sit in their mansions, designer clothes, and with busting bellies.


From the need to vastly improve our competencies in cyberwarfare to defending ourselves from a tidel wave of global terrorism to upgrading the U.S. nuclear triad against resurgent superpowers and dangerous rogue dictators, we have let our guard down to compromise. 


Is expelling 35 Russian diplomats an effective strategy against their technical attempts to subvert our free and democratic elections or does it just underscore how vulnerable we continue to be?


When as a country and with our leadership, we decide to get serious rather than stay scared and war weary then we will not only stand firm again, but fight against weakness and compromise of ourselves. 😉


(Source Photo: Rebecca Blumenthal)

Vetting The Refugees–Do You Think It’ll Work?

Spy.JPEG

So not that anyone was so thrilled with the Syria and Iraq refugee idea post 9/11 to begin with…


But now 31 States have come straight out refusing to take these refugees post the terror attack that happened just last week in Paris–where at least one of the terrorists was...


Guess what?


That’s right!  A fake refugee from Syria


But what about the “intensive vetting process” that is being promised for these 10,000 refugees?


Well what can be more intensive than the vetting that the American government does on employees working for highly sensitive agencies like the CIA, FBI, and NSA? 


So how has that worked out?


Probably not too bad, but the problem is that no vetting no matter how thorough is foolproof, hence major spies have infiltrated these organizations for years or even decades and caused immense harm to national security:


Robert Hanssen (former FBI–spied for the Soviets for 21 years)


Aldrich Ames (31-year veteran of the CIA, compromised 2nd largest number of CIA agents after Robert Hanssen)


Edward Snowden (leaked classified information from the NSA on our surveillance programs)


The point is that no matter how well we vet 10,000 or more refugees from Iraq and Syria, with ISIS vowing “to strike America at its center in Washington”–there certainly can be some errors in the screening and final adjudication process.


Again no vetting process is perfect–especially when the refugees themselves are admitting that fake ideas are being given out to them like candy in a candy store. 


So that’s the dilemma we now face:


HEART–do what our heart tells us to and help people in need by taking in the refugees.


OR 


HEAD–follow our heads not risking another one or more potentially devastating terror attacks on the U.S. homeland. 


The choice is heartbreaking or headache producing! 😉


(Source Photo: Andy Blumenthal)

The “Real” OPM Data Breach

Stealing
A lot has been made and should be made of the theft of over 21 million federal employees’ sensitive personnel records and security clearances. 



Everyone rightly, although somewhat selfishly, is worried about identity theft and the compromised privacy of their information.



The government is worried about hostile nation states using the pilfered information to bribe or coerce military, intelligence, high-level politicals, and others to turn and work for them or otherwise to use against them. 



But what is grossly missing in this discussion is not what information presumably the Chinese stole and how they will use it against us, but rather what information they inserted, altered, or otherwise compromised into the OPM personnel and security databases when they got root access to it.



Imagine for a moment what could hostile nations or terrorists can do to this crown jewel database of personnel and security information:



– They could insert phony records for spies, moles, or other dangerous persons into the database–voila, these people are now “federal employees” and perhaps with stellar performance records and high level security clearances able to penetrate the depths of the federal government with impunity or even as superstars!



– They could alter personnel or security records taking prominent or good government employees and sabotaging them to have questionable histories, contacts, financial, drug or criminal problems and thereby frame or take-down key government figures or divert attention from the real bad guys out there and tie our homeland security and law enforcement establishment in knots chasing after phony leads and false wrongdoers and villains.



Given that the timeline of the hack of OPM goes back to March and December 2014, this was more than enough time for our adversary to not only do to our data what they want, but also for the backup tapes to be affected by the corrupt data entering the system. 



The damage done to U.S. national security is unimaginable. As is typically the case with these things, “An ounce of prevention is worth a pound of cure.” Instead of investing in security, now we can invest in “credit monitoring and identity theft protection” for a very sparse three years, while federal employees will go a lifetime in information jeopardy, and the federal government will be literally chasing its tail on personnel security for decades to come. 



With the price so low to our adversaries in attacking our systems, it truly is like stealing and much more. 😉



(Source Photo: Andy Blumenthal)

tURNING yOUR dEVICE aGAINST yOU!

Eavesdropping
So interesting article in BBC about the Samsung’s “Listening TV.”



This TV has voice activated controls and they don’t just take commands, but…



“If your spoken words include personal or other sensitive information, that information will be among the data captured and transmitted to a third party.”



So aside from hackers (and spies) being able to turn your phone and computer mics, cameras, and GPS location data on and off to surveil and eavesdrop on you, now the dumb television set can listen in as well. 



You can be heard, seen, and found…whether you know it or not. 😉



(Source Photo: Andy Blumenthal with eyes and ears from here and here with attribution to Firas and Simon James)