close
The Wayback Machine - https://web.archive.org/web/20090208044747/http://blog.wired.com:80/27bstroke6/

CIA Agent Pleads Guilty to Defrauding Covert Credit Cards

By Kevin Poulsen EmailFebruary 06, 2009 | 4:41:53 PMCategories: Spooks Gone Wild  

Cia

A 16-year veteran of the CIA pleaded guilty Thursday to a federal fraud charge after using undercover agency credit cards to run up $75,000 in personal expenses, including costly hotel stays and a $700 watch.

Steven J. Levan, 48, worked as a case agent at the CIA until his recent termination over the fraud.  According to an affidavit (.pdf) by a U.S. postal inspector who investigated the case, Levan made unauthorized personal use of four special credit cards that, while not officially billed to the government, are “customarily paid by the agency.”

“The agency had to pay the defendant's fraudulent charges on those credit cards, in order to maintain the means by which the agency protects the identity of certain of its employees,” reads the affidavit.

Despite the relatively mild charges, Levan’s been held without bail since his arrest on January 12, based on the government’s assertion that the former spy could begin peddling national security secrets to foreign powers to raise more money.  Levan’s attorney slammed the espionage rhetoric as “rank speculation” in a motion for bail (.pdf) last month.

BERJAYA
Veteran CIA spy Steven J. Levan used a covert government credit card to buy himself a $700 Raymond Weil watch -- garrote not included.

“Nothing about the underlying allegations relate to espionage or the deprivation of honest services,” wrote Federal Public Defender Michael Nachmanoff. The lawyer acknowledged that Levan has suffered from financial difficulties.

Government filings in the case don’t name the CIA as Levan’s former employer, but Nachmanoff’s bail motion does. Levan apparently joined the agency after graduating from the Virginia Military Institute in 1982, then receiving a Master’s degree in national security studies from the Naval War College and spending four years in the Army.

Judging from his salary tier, Levan occupied a fairly senior position in the CIA: as a GS-15, he earned between $115,000 and $149,000 a year, the top level for government civil service. He’s lived in Virginia -- where the CIA is headquartered -- and the Washington DC area since 1987, “with the exception of several tours overseas,” wrote Nachmanoff.

In a plea deal with prosecutors this week, Levan agreed to abandon his bid for release on bail, and he pleaded guilty to a single count of access device fraud for running up $7,446 on one of the CIA credit cards at the Staybridge Suites hotel in McLean, Virginia.

Levan also admitted (.pdf) using the identity information on the CIA cards to obtain two more credit cards he had sent to his home. Additionally, he stole another covert credit card from a different, unnamed, government agency, and lifted a coworker’s personal credit card to ring up another $15,000.  In all, the losses topped $100,000.

The government has agreed to recommend a term of no more than a year in prison, and full restitution, when Levan is sentenced on May 1.

Levan is the second CIA official to be outed by allegations of criminal conduct in recent weeks. In late January, ABC News published the name of the former station chief of the CIA’s outpost in Algeria, who’s come under suspicion in the alleged date-rape of several women there.

According to court records, Levan is separated from his wife, who lives in his house with the couple’s children. He committed much of the fraud while living at a Residence Inn in Tyson’s Corner, Virginia. Under an assumed identity, naturally.

See Also:


Man Charged in Facebook Sex-Extortion Plot

By David Kravets EmailFebruary 05, 2009 | 6:34:07 PM

Facebookboy An 18-year-old Wisconsin man is being charged with using Facebook to extort sex from boys by threatening to expose nude pictures of them he obtained by acting as girls on the social-networking site.

Waukesha County prosecutors alleged (.pdf) Anthony Stancl posed as females on Facebook, and solicited nude photos and videos from young boys, some of them he knew were under-aged. Stancl, a high school student just west of Milwaukee, was recently expelled for allegedly making a bomb threat. He's also accused of forcing six under-aged boys and one aged 18 to have sexual encounters with him, prosecutors said.

He enticed them by threatening to release their nude images to classmates, Waukesha County District Attorney Brad Schimel said. "The extortion was all about sex," Schimel said in a telephone interview.

"The sexual contact occurred because they were afraid the person they were communicating with would post their nude images to their classmates," Schimel said.

The case has parallels to the Lori Drew case, the first prosecution of its kind in which the 49-year-old woman was convicted in November of three misdemeanor federal computer-hacking charges.

Drew was accused of obtaining unauthorized access to MySpace by creating a fake profile for a nonexistent 16-year-old boy named "Josh Evans." The account was used to flirt with, and then reject a 13-year-old old girl who committed suicide. The conviction is on appeal.

However, the Waukesha County district attorney said that, under Wisconsin law, "The use of the Facebook page and pretending to be a female was not illegal."

The defendant remains jailed in lieu of $250,000 bail, Schimel said. He said the accused is to appear in court Feb. 27.

The defendant's attorney, Craig Kuhary, did not immediately return telephone calls, but told The Associated Press that he was open to a plea deal.

Among other things, the defendant is charged with possession of child pornography, soliciting sex with minors and making a bomb threat by e-mail to teachers at his high school in November.

See Also:


Obama's Prisoner Dilemma: Reject Torture, Defend Torturers

By David Kravets EmailFebruary 04, 2009 | 7:28:16 PMCategories: Politics  

Obama_mail_500px President Barack Obama finds himself in a quandary of sorts over his public position opposing torture and secret detentions.

The new U.S. president has renounced those Bush administration practices, but government lawyers continue to defend the previous administration's top officials accused of authorizing and carrying out those policies.

"The Obama administration, from day one, said waterboarding is torture," says Mary Dryovage, a civil rights lawyer who represents federal employees suing the government. "How can one simultaneously state waterboarding is a crime and represent one of the architects of one of the legal arguments in support of waterboarding, which is defined in the Geneva Conventions as a war crime?"

Chief among those enjoying a taxpayer-funded defense is John Yoo, now a Boalt Hall School of Law scholar at the University of California, Berkeley. As a Bush administration lawyer, Yoo wrote the so-called torture memos the previous administration invoked to rationalize torture of enemy combatants.

The Justice Department is supplying Yoo with several government lawyers to defend himself in federal court in San Francisco, in a lawsuit (.pdf) brought by Jose Padilla. The one-time alleged "dirty bomber," Padilla claims Yoo's internal legal opinions paved the way for his harsh interrogation while he was secretly held without charges at a Navy brig in South Carolina.

Government lawyers are also defending former Secretary of Defense Donald Rumsfeld, former Deputy Secretary of Defense Paul Wolfowitz, former Attorney General John Ashcroft and other Bush administration officials in a second lawsuit by Padilla accusing (.pdf) them of violating his constitutional rights.

The dilemma inherited from the Bush administration comes as Obama's newly-formed cabinet re-examines the government's position in these lawsuits, and begins to untangle eight years of Bush policy on national security, domestic spying, the environment and the economy. Still, while the fledgling administration is just beginning to take shape, the new president has made clear that it has renounced torture and secret detentions and has already moved toward closing Guantanamo Bay.

Picture_17

The Bush administration initially supplied lawyers for Yoo, pictured left, and the others under a federal law that requires the government to represent its current and former employees in court, when they are being sued for actions performed in the course of their employment.

That law, though, only applies when the government determines that such representation does not conflict with the interests of the United States. If he chooses to, Obama could reverse Bush's finding to that effect, and end the Justice Department's representation of the accused torturers.

Unless or until that happens, the government's legal representation of Yoo, Rumsfeld and the others suggests that the Obama administration is not about to pursue criminal charges against these officials.

"If the government is looking into possibly prosecuting these people at all, it can't possibly have one arm looking to prosecute and the other arm defending them," says William Balin, a California attorney and legal ethicist.

The Justice Department declined comment.

Some civil libertarians believe the Justice Department's ongoing defense of the officials sends a message to the public that perhaps Obama is not serious about reversing course from the Bush administration. Even after Obama's inauguration, Justice Department attorneys have urged federal judges in South Carolina and California to dismiss the lawsuits.

"What it says to the citizens of the United States and the world when the Justice Department is representing these individuals, like Mr. Yoo, that war crimes and torture are not being taken seriously," said Wendy Musell, a human rights attorney in San Francisco.

But even if the Obama administration concludes that it should not represent Yoo, Rumsfeld and the others, federal employment law requires that taxpayers foot the bill for their private counsel in civil lawsuits –- a bill that likely would run into the millions of dollars.

"In my personal opinion," Musell said, "this is just another example of a bailout."

See Also:




House Approves Whitelist of People Who Aren't Terrorists

By David Kravets EmailFebruary 04, 2009 | 4:02:24 PMCategories: Watchlists  

Picture_16 The House overwhelmingly adopted legislation this week mandating the creation of a new kind of terrorist watchlist: a database of people who aren't terrorists, but are routinely flagged at airports anyway.

The U.S. government maintains a list of about a million names of suspected terrorists that is crosschecked with passenger names ahead of airline boarding. The list has been dogged for years by sloppy name matches that have ensnared innocent travelers, children, prominent politicians and government officials, the U.S. Conference of Catholic Bishops' secretary of education and all men named David Nelson.

Under the new plan, approved late Tuesday 413-3, innocent victims of the terrorist watchlist must prove to the Department of Homeland Security, through an undetermined appeals process, that they are not terrorists. They would then get their names put on what the legislation calls the "Comprehensive Cleared List."

The legislation is another attempt to assist wrongly flagged passengers and would supersede the troubled DHS Traveler Redress Inquiry Program, which has been criticized for being slow or unresponsive to flier complaints.

The FAST Redress Act, if approved by the Senate, requires the government to report within 240 days on its progress in implementing the new list.

See Also:


Botnets Beat Spartan Laser on Halo 3

By Kevin Poulsen EmailFebruary 04, 2009 | 3:13:56 PMCategories: Cybarmageddon!  

Laser

What's the most powerful weapon you can wield when playing Halo 3 online?

I know. You can control the entire map with a battle rifle and a couple of sticky grenades. But that teeny-bopper you just pwned has you beat with the tiny botnet he leased with his allowance money.

BiozombieThat's because Xbox Live gamers are increasingly turning to easy-to-use botnet software with names like "Bio Zombie Booter" to exact lingering revenge on their online foes, reports Christopher Boyd at SpyWareGuide.com.

Several programs available online,  accompanied by YouTube tutorials, make it easy to sniff out your opponent's IP address, then aim a few dozen zombie machines at him in a distributed denial-of-service attack.

Steal my flag, will you? Enjoy being offline for the rest of the night, newb.

The cyberwar tactic has been an underground Halo 3 phenomenon for a while — complaints of DDoSing abound on gamemaker Bungie's community forum. But now the botnets are "quickly becoming mainstream," Boyd reports. The control software is free, but the entrepreneurial spoilsports behind it sometimes lease the bots for about $2 per zombie. Forty to 60 zombies are recommended to get a decent DDoS going against your enemy's Xbox 360.

Of course, the potential market for this malware is limited to those gamers who take Halo so seriously that they'll commit a felony over it — say, 500,000 or so.


Global ATM Caper Nets Hackers $9 Million in One Day

By Kevin Poulsen EmailFebruary 03, 2009 | 2:43:39 PMCategories: Crime  

A carefully coordinated global ATM heist last November resulted in a one-day haul of $9 million in cash, after a hacker penetrated a server at payment processor RBS WorldPay, New York's Fox 5 reports.

RBS WorldPay announced on December 23 that they'd been hacked, and personal information on approximately 1.5 million payroll-card and gift-card customers had been stolen. (Payroll cards are debit cards issued and recharged by employers as an alternative to paychecks and direct-deposit.) Now we know that account numbers and other mag-stripe data needed to clone the debit cards were also compromised in the breach.

At the time, the company said it identified fraudulent activity on only 100 cards, making it sound like small beans. But it turns out the hacker managed to lift the withdrawal limits on those 100 cards, before dispatching an global army of cashers to drain them with repeated rapid-fire withdrawals. More than 130 ATMs in 49 cities from Moscow to Atlanta were hit simultaneously just after midnight Eastern Time on November 8.

A class action lawsuit has been filed against RBS WorldPay on behalf of consumers.

A nearly identical cybercrime feeding frenzy targeted payment card company iWire in late 2007. From September 30 to October 1 of that year -- just two days -- four iWire payroll cards were hit with more than 9,000 actual and attempted withdrawals from ATM machines around the world, resulting in losses of $5 million.

A similar MO was employed against Citibank account holders last year, after a processing server that handles withdrawals from Citibank-branded ATMs at 7-Eleven convenience stores was breached. In that case, cashers converged on New York and withdrew at least $2 million from Citibank accounts, sending 70 percent of the take back to a mysterious hacker kingpin in Russia.

Could all three breaches be the work of a single wealthy cybercrook sitting on piles of cash somewhere in Moscow? Some of the cashers in the iWire and Citibank caper are cooperating with the FBI, so we may eventually find out.

What's clear is that this is a great time to be a hacker. In just over one year we've seen these kinds of breaches go from virtually unheard of into a multimillion dollar industry.

In September, Canadian police announced the arrest of Israeli hacker Ehud Tenenbaum for allegedly penetrating the Calgary-based financial services company Direct Cash Management and increasing the cash limits on prepaid debit cards he and his co-conspirators legitimately purchased. The caper allegedly netted the crooks the equivalent of $1.7 million U.S.

Despite much-ballyhooed payment card security standards, the industry responsible for protecting our money appears to be as leaky as a sieve. But, as always, consumers aren't responsible for fraudulent withdrawals that they find and promptly report to their card issuer.


Final Guilty Plea Wraps Up Federal 'Warez' Crackdown

By David Kravets EmailFebruary 02, 2009 | 6:10:25 PMCategories: Crime  

Warez The final defendant in a five-year-old nationwide piracy crackdown pleaded guilty to criminal copyright infringement Wednesday, admitting to his role in a so-called "warez" club responsible for tens of thousands of unauthorized copies of video games, software and digital music files.

Defendant Greg Hurley of Orlando, Florida, isn't likely to face time when sentenced later this spring. The 18 defendants sentenced so far under "Operation Safehaven" and "Operation Higher Education" — prosecuted in the U.S. District Court of Connecticut — have received probation, attorneys involved said.

The warez scene consists of underground online communities like "Fairlight," the group in which Hurley, 26, and hundreds of others were members. U.S. law enforcement officials began eying Fairlight more than five years ago. The members were scattered across the nation, but the prosecution was centered in Connecticut.

Fairlight members engaged in the large-scale distribution of copyright works, prosecutors say. "Suppliers," like Hurley, were able to get their hands on commercial software, video games, DVD movies and MP3 music files, often before those titles were available to the public. The suppliers forwarded titles to so-called "crackers," who circumvented digital copy protections.

Others, known as "couriers," distributed the pirated software to a handful of FTP servers with names like "DOH," "Optical Illusion" and "Firesite" for other group members to access, reproduce and further distribute.

"It became a thing where these guys would sit around and try to crack these games and upload them to FTP servers," said Joseph Fisher, Hurley's defense attorney. "It was kind of like a race by each faction of who could put up more titles faster than the others."

"I think this is the end of the warez prosecution for this group in Connecticut," Fisher said.

Law enforcement officials in Connecticut and Washington, D.C., declined to speak on the record.

Three years ago, when a 62-year-old Pennsylvania woman pleaded guilty to similar charges in Connecticut federal court, then-U.S. Attorney Kevin J. O'Connor said, "Stealing the intellectual property of others is no different from any other form of thievery."

The investigations were conducted by U.S. Immigration and Customs Enforcement, the ICE Cybercrimes Center, the U.S. Attorney's Office for the District of Connecticut and the Justice Department.

Through his attorney, Hurley declined to be interviewed for this story. Under the terms of his plea agreement (.pdf) he faces a maximum 27-month term.

When his client was 19, Fisher said, he severed one of his fingers working in construction. While recovering, he got hooked on the warez movement, Fisher said.

"He was stuck at home for literally 18 months," Fisher said. "He was spending hours on his computer. My client's motive: He wanted access to all these games he didn't want to pay for."

Hurley now works at his family's Florida paving business, Fisher said.

(Image courtesy suburbanslice)

See Also:


Colorado Man Faces 10 Years for Threatening Obama by E-Mail

By David Kravets EmailJanuary 30, 2009 | 3:14:59 PM

Gutierrez_2 Timothy Ryan Gutierrez probably wishes he used "Mail Goggles," the Gmail feature requiring the disgruntled or intoxicated to solve a series of math problems before sending e-mails that one might regret later.

Instead, the 20-year-old Colorado man is staring down a maximum of 10 years in the slammer for his alleged recent e-mails sent directly to the Federal Bureau of Investigation threatening to "assassinate" President Barack Obama. Another message said he had "rigged 40 pounds of C4" to blow up vehicles in the Mall of America in suburban Minneapolis, according to an indictment (.pdf).

Gutierrez was arrested Thursday when he surrendered to the FBI in Durango, Colorado, after an indictment was unsealed. He told the Cortez Journal in Colorado that he had no intention of carrying out his messages.

"I'm not mad about him becoming president, but he's not doing what he said he was going to do," he said. "He's not doing anything for the lower class — just the middle and upper class. Medications are going up, not lowering, and jobs are being lost. His actions are going to get him in trouble."

He told the newspaper before he surrendered that he was unemployed, but "played with computers."

According to the indictment, Gutierrez sent the messages eight days before Obama was inaugurated. "I’m going to assassinate the new president of the United States of America. PS you have 48 hours to stop it from happening," one of them said.

Another alleged e-mail sent that same day added:

what are you waiting for you have 48 hours remember and one more thing that I have forgotten to mention I have rigged 40 pounds of C4, he and my favorite TNT to 7 cars outside the Mall of America good luck thank you and God bless he you know the rest time is wasting.

He told the Cortez Journal: "I'm in serious shit."

See Also:


Guilty Plea: Blind Hacker Admits Harassment, Eavesdropping, Fraud

By Kevin Poulsen EmailJanuary 30, 2009 | 2:33:24 PMCategories: Crime  

Eye

A legally blind Massachusetts phone hacker admitted this week to federal computer intrusion and witness intimidation charges that could put him away for as long as 13 years.

Matthew Weigman, 18, pleaded guilty to two felonies before U.S. Magistrate Judge Paul D. Stickney in Dallas on Tuesday.  Known in the telephone party-line scene as "Li'l Hacker," Weigman is widely considered one of the best phone hackers alive.

Relying on an ironclad memory and detailed knowledge of the phone system, the teenager is known for using social engineering to manipulate phone company workers and others into divulging confidential information, and into entering commands into computers and telephone switching equipment on his behalf.  The FBI had been chasing Weigman since he was 15 years old, at times courting him as an informant.  He was finally arrested last May, less than two months after celebrating his 18th birthday.

"I've been interested in phones since I've been about 8," Weigman said in a 2007 interview with Wired.com. "I talked to technicians when they came down here to do things on my phone."

"I will shoot." Listen to the Colorado Springs hostage hoax.



Disconnecting a phone. Audio of Matthew Weigman at work.

In his plea deal with prosecutors, Weigman, who was born blind, admitted to a long criminal resume (.pdf). Among other things, he confessed to conspiring with other telephone hooligans who made hundreds of false calls to police that sent armed SWAT teams bursting into the homes of their party-line enemies.

In a new revelation, Weigman also admitted eavesdropping on customer service calls to Sprint, by dialing into a phone line used by Sprint supervisors to monitor their employees. Weigman parked on the spy line to overhear customers giving out their credit card numbers, which he memorized and passed to accomplices. Weigman and his friends used the numbers to purchase computers and other electronics.

The FBI began investigating Weigman after he staged a 2005 hostage hoax that sent police to the Colorado home of Richard Gasper, a TSA screener whose daughter refused phone sex with Weigman. When the FBI caught up with him more than a year later, cybercrime agent Allyn Lynd offered to make him a confidential informant, but called off the deal when AT&T discovered that Weigman was still manipulating the phone company.

Lynd later told a police detective that Weigman couldn't stop hacking for more than 72 hours.

Continue reading "Guilty Plea: Blind Hacker Admits Harassment, Eavesdropping, Fraud" »


CIA Spy Enlisted Son to Collect Espionage Debts, Feds Say

By David Kravets EmailJanuary 29, 2009 | 6:40:42 PMCategories: Spooks Gone Wild  

Spyspy_2 The son of a disgraced CIA agent convicted of funneling classified information to the Russians was indicted Thursday on allegations of helping his imprisoned father collect overdue bills for his dad's nefarious activities.

The son, Nathaniel James Nicholson of Eugene, Oregon, traveled throughout the world using coded e-mail messages to plot meeting locations with the Russians, and received tens of thousands of dollars on behalf of his convicted spy father, Harold James Nicholson, according to an indictment unsealed Thursday.

The father, nicknamed "Batman," is serving 23 years after pleading guilty a decade ago to furnishing the Russians "documents, photographic negatives and information relating to the national defense of the United States, with the intent and reason to believe that the same would be used to the injury of the United States and to the advantage of the Russian Federation," according to an FBI affidavit (.pdf). As part of the agent's plea deal, the 58-year-old admitted that, during his 16-year tenure, he received $300,000 from the Russian Federation for supplying the identity of CIA operatives in Moscow, including their code names.

In 2006, according to court records and the FBI, the father enlisted his 24-year-old son, the youngest of three children, to collect his unpaid bills from the Russians. The son flew from Portland, Oregon, to numerous destinations, including San Francisco, Mexico City, Peru and Cyprus — bringing back tens of thousands of dollars in greenbacks. The money was dispersed to family members, according to court documents.

At one point, according to the authorities, the son returned to the United States from Peru in possession of a small notebook containing "clandestine communication instructions" on how to communicate in code via an internet e-mail account about future meetings with the Russians.

"The notebook also contained coded messages to be used by defendant Nathaniel James Nicholson when he met with the Russian Federation to confirm his identity," according to court documents (.pdf).

Here is one of the coded messages the son, a pizza worker and community college student, is accused of sending to the Russians to confirm a Dec. 10, 2008, meeting at a TGI Friday's in Cyprus:

SUBJECT LINE: Hola Nancy!
Hello Sweety! How are you? I'm good. Sorry for taking so long to write to you…you know how work is and all. Any7ways, things are good. It looks like I will still be able to go on that vacation! I will keep you updated on that though. I am very much looking forward to it, and to seeing you again! Well hon, I just thought I'd say "hi" since I had the time!

The authorities became suspicious after an inmate at the federal penitentiary in Sheridan, Oregon, tipped off the authorities that the convicted CIA agent was trying to contact the Russians. The authorities began to eavesdrop on the son's cellphone, internet searches and e-mail, court records show. The son often visited his father in prison, the records say.

The son, charged with seven counts of money laundering and espionage-related charges, was expected to appear today in a Portland federal court. The father also faces similar accusations.

See Also:


ISP Agrees to Ban Copyright Scofflaws

By David Kravets EmailJanuary 29, 2009 | 2:56:45 PMCategories: RIAA Litigation  

Commiepics_2_2 The music industry's move to ban from the internet alleged copyright scofflaws inched forward when an Irish internet service provider agreed to a so-called "three-strikes" policy to discontinue service for repeat copyright offenders.

The move by Eircom Group, the largest telecom in Ireland, comes a month after American record labels announced they would work with U.S-based internet service providers to adopt the same program, a plan called "graduated response." In June, the French cabinet approved legislation mandating a similar program where third-time offenders lose service for at least a year, a plan of which Italy is also considering.

None of the major ISPs in the United States, however, has signed on yet. Verizon told us weeks ago it would not participate under the Recording Industry Association of America's proposal. The always clued-in Greg Sandoval at CNET, citing unnamed sources, wrote that Comcast and AT&T were close to coming on board. The RIAA's private detectives perform the surveillance on file sharing networks.

In the United States alone, the RIAA has sued more than 30,000 individuals on allegations of copyright infringement for sharing music on peer-to-peer networks such as Limewire and Kazaa. Most of the cases have settled out of court for a few thousand dollars.

The RIAA, now pushing the American ISPs for the three-strikes rule, says it is discontinuing the 5-year-old litigation campaign. It is litigating cases that have already been filed. In five years, only one case has gone to trial, which resulted in a mistrial.

See Also:


Fannie Mae Logic Bomb Would Have Caused Weeklong Shutdown

By Kevin Poulsen EmailJanuary 29, 2009 | 1:41:19 PMCategories: Threats  

Fannie A logic bomb allegedly planted by a former engineer at mortgage finance company Fannie Mae last fall would have decimated all 4,000 servers at the company, causing millions of dollars in damage and shutting down Fannie Mae for a least a week, prosecutors say.

Unix engineer Rajendrasinh Babubha Makwana, 35, was indicted (.pdf) Tuesday in federal court in Maryland on a single count of computer sabotage for allegedly writing and planting the malicious code on Oct. 24, the day he was fired from his job. The malware had been set to detonate at 9:00 a.m. on Jan. 31, but was instead discovered by another engineer five days after it was planted, according to court records.

Makwana, an Indian national, was a consultant who worked full time on-site at Fannie Mae's massive data center in Urbana, Maryland, for three years.

On the afternoon of Oct. 24, he was told he was being fired because of a scripting error he'd made earlier in the month, but he was allowed to work through the end of the day, according to an FBI affidavit (.pdf) in the case.  "Despite Makwana's termination, Makwana's computer access was not immediately terminated," wrote FBI agent Jessica Nye.

Five days later, another Unix engineer at the data center discovered the malicious code hidden inside a legitimate script that ran automatically every morning at 9:00 a.m. Had it not been found, the FBI says the code would have executed a series of other scripts designed to block the company's monitoring system, disable access to the server on which it was running, then systematically wipe out all 4,000 Fannie Mae servers, overwriting all their data with zeroes.

"This would also destroy the backup software of the servers making the restoration of data more difficult because new operating systems would have to be installed on all servers before any restoration could begin," wrote Nye.

As a final measure, the logic bomb would have powered off the servers.

The trigger code was hidden at the end of the legitimate program, separated by a page of blank lines. Logs showed that Makwana had logged onto the server on which the logic bomb was created in his final hours on the job.

Makwana is free on a $100,000 signature bond. His lawyer didn't immediately return a phone call Thursday.

(Updated January 30, 2009 | 3:00:00 PM to correct Makwana's employment information)

Photo:  Fannie Mae's data center in Urbana, Maryland


CIA Station Chief's Computer Searched Following Rape Allegations

By Kevin Poulsen EmailJanuary 28, 2009 | 5:00:01 PM

Cia A senior CIA officer who headed the agency's Algeria station last year is under investigation for allegedly sexually assaulting at least two Muslim women after incapacitating them with a date-rape drug, ABC News reports.

The 41-year-old spy was recalled home in October after the victims stepped forward, but the case threatens to further damage the United States' reputation in the Muslim world. According to ABC, covert videotapes recovered from his residence in Algiers showed the official engaging in sex acts, with at least one woman appearing to be in a "semiconscious state."

According to court records, the search also turned up "apple martini mix, multiple data storage devices, including multiple computer hard drives, memory cards, Valium and Xanax and a handbook on the investigation of sexual assaults." When the official returned to Washington, D.C., State Department investigators also found photos of the victims on his digital camera and cellphone. They then seized his computer for a forensic search.

Threat Level found the search warrant affidavit for the computer analysis, which describes the suspect as "employed by the United States Government and assigned to the United States Embassy in Algiers, Algeria." Because the official hasn't been formally charged, we've redacted the suspect's name, though it will surely appear elsewhere.

Continue reading "CIA Station Chief's Computer Searched Following Rape Allegations" »


ACLU Demands Eavesdropping, Torture Memos From White House

By David Kravets EmailJanuary 28, 2009 | 2:24:42 PMCategories: Sunshine and Secrecy  

George_w_bush The American Civil Liberties Union is hoping a kinder, gentler Obama administration will disclose secret documents detailing the legal basis for the previous administration's rationale for supporting torture and warrantless surveillance.

The memos are being sought from the Justice Department's Office of Legal Counsel, the White House's legal adviser. The Bush administration had refused the ACLU's bid to obtain the documents via a Freedom of Information Act request.

But last week, President Barack Obama announced his administration would roll back the secrecy that surrounded the Bush Administration, and called on government agencies to err on the side of openness and release information whenever possible.

"Releasing the memos would allow the public to better understand the legal basis for the Bush administration’s national security policies; to better understand the role that the OLC played in developing, justifying and advocating those policies; and to participate more meaningfully in the ongoing debate about national security, civil liberties and human rights," the ACLU wrote the Office of Legal Counsel on Wednesday.

The public disclosure of the documents could spread sunshine on whether Bush administration officials should be held legally accountable for their opinions, including those justifying the form of simulated drowning known as waterboarding. And the request comes as the Obama administration heads to court to respond to a civil lawsuit brought by Jose Padilla, who was suspected of plotting to set off a "dirty bomb."

Dawn Johnsen, Obama's choice to head the OLC, wrote in Slate last year that such documentation should be released to the public.

The ProPublica website lists a host of secret Bush administration legal opinions justifying the Bush administration's positions on detainee treatment and warrantless surveillance adopted in the wake of the Sept. 11 terror attacks.

The Justice Department was not immediately prepared to comment.

See Also:


U.S. Consulate in Israel Auctions Sensitive Information

By Kim Zetter EmailJanuary 28, 2009 | 12:25:22 PMCategories: Breaches  

Who needs to hack a database when you can get information the old-fashioned, low-tech way?

The U.S. consulate in Israel held an auction in December 2005 to get rid of old furniture and reportedly sold cabinets containing hundreds of files with Social Security numbers of U.S. Marines and state department staff stationed in Israel. The files also included U.S. State Department bank account numbers and documents tracking the U.S. funding of local political movements, such as Shalom Achshav, Peace Now.

Among the files was a dossier marked "Secret" detailing an encounter between a U.S. Marine and a young Israeli woman in a Jerusalem hotel bar.

The woman who bought the filing cabinets, an American-Israeli, held on silently to her trove until last fall when an event involving her son's Israeli army unit angered her and she approached reporters. The U.S. consulate asked for her to return the files, but she refused until the Israeli police intervened and threatened her with unspecified charges.

The story doesn't indicate whether the State Department notified the U.S. Marines and state department employees that their data was breached.


China Pledges WTO Copyright, Trademark Cooperation

By David Kravets EmailJanuary 27, 2009 | 3:03:12 PMCategories: Intellectual Property  

Chinapic

It's no surprise that China is home to a flourishing black market for U.S. trademarked and copyrighted goods.

What's surprising, though, is China's calm response Tuesday to a World Trade Organization report (.pdf) that concluded it was breaching its obligations under the World Trade Organization.

"As we strengthen our work on domestic intellectual property rights, we will continue to promote international exchanges and cooperation in order to encourage the healthy development of trade relations," Chinese Ministry of Commerce spokesman Yao Jian said in a statement.

Such a conciliatory tone came a week after China took umbrage with comments from Timothy Geithner, the incoming U.S treasury secretary, who accused the Chinese government of "manipulating" the yuan. The communist regime said such comments do "not accord with reality."

The WTO, acting in a 2007 case brought by the United States, concluded on Monday a number of so-called "deficiencies" of China's intellectual property enforcement, including the unauthorized trademarked and copyrighted goods being sold openly throughout China.

The world body faulted China for allowing public auctions of counterfeited goods that the authorities have confiscated with the sole condition that bogus trademarks or brands be removed from the items. The WTO also faulted China for refusing to provide copyright protection for goods that state censors have not approved for lawful sale.

While it's impossible to verify, the International Intellectual Property Alliance says music, movie, book and software companies have lost a combined $3.7 billion in sales because of piracy in China.

The United States wanted the trade organization to censure China for allegedly failing to prosecute pirates — prosecutorial power the United States does not routinely pursue. The WTO, however, did not oblige, a position the United States said was disappointing.

Under former President George W. Bush, the White House in October successfully lobbied Congress to remove language from legislation that would allow the U.S. Justice Department to sue copyright infringers on behalf of the Recording Industry Association of America, the Motion Picture Association of America and other content owners.

The legislation, however, created a U.S. copyright czar on par with the U.S. drug czar. President Barack Obama has not filled the position.

See Also:

Photo: gruntzooki/Flickr


NSA Whistleblower: Grill the CEOs on Illegal Spying

By Kim Zetter EmailJanuary 26, 2009 | 2:51:32 PMCategories: NSA  

Tice Former National Security Agency analyst Russell Tice shed new light on the Bush administration's warrantless domestic spying last week when he told MSNBC that the NSA blended credit card transaction records with wiretap data to keep tabs on thousands of Americans.

But Tice didn't say where the credit card information, and other financial data, came from. Did the agency scoop it in as part of its surveillance of U.S. communications backbones, or did financial companies give up your records in bulk to the NSA?

The distinction is significant. Telecommunication companies, such as AT&T and Verizon, are embroiled in lawsuits over their alleged cooperation with the government's warrantless surveillance. If credit card companies and banks also provided information without a warrant, it's conceivable they could face a courtroom challenge as well.

I spoke with Tice extensively in the spring of 2006. With Bush still in power, the whistleblower was considerably more taciturn than on television last week. But looking back through the transcript of my interviews now, in the context of his new revelations, it seems clear that Tice was saying that credit card companies and banks gave the same kind of cooperation to the government that phone companies did.

"To get at what's really going on here, the CEOs of these telecom companies, and also of the banking and credit card companies, and any other company where you have big databases, those are the people you have to haul in to Congress and tell them you better tell the truth," he said at the time. "Because anyone in the government is going to claim executive privilege."

The New York Times broke the story in 2006 that the NSA obtained access to financial records in the international SWIFT database. But that database mostly involves wire transfers of money in and out of the U.S., not domestic transactions. Tice's comments reveal that the agency may have obtained bulk data on domestic credit card transactions as well from U.S. financial institutions -- all without a warrant.

I spoke with Tice for a story about a secret room at an AT&T facility in Bridgeton, Missouri that had the earmarks of an NSA data mining operation.

Shortly after Mark Klein, a retired AT&T employee in San Francisco, came forward with information about a secret room in a San Francisco building that appeared to be providing the NSA with a real-time data feed, two sources who once worked for the company told me about a similar room in the company's Bridgeton facility that appeared to be doing the same kind of data mining at a much greater level. Bridgeton is the network operations center for AT&Ts broadband services.

I turned to Tice for more details. Tice had already publicly identified himself as one of the sources the New York Times had used for its 2005 story on the government's warrantless wiretapping. Tice warned me at the start of our conversation that he believed our phone call was being monitored by the FBI and that there were a lot of things he wouldn't be able to discuss, on the advice of his lawyer.

Tice had been in the intelligence community since 1985. He entered the Air Force after finishing college, and went to work in signals intelligence. After leaving the military, he worked as an intelligence contractor, then was employed by the Defense Intelligence Agency before taking a job with the NSA.

His unclassified resume hides all of this history. "[It says] I deal with space systems. Space communications, all kinds of space weenie stuff. If it deals with outer space I'm your man," he said.

Do you have any connection to outer space stuff? I asked.

"I watch Buck Rogers."

What follows are excerpts from my interviews with Tice, beginning with his explanation of one way the NSA's data mining could operate.

Continue reading "NSA Whistleblower: Grill the CEOs on Illegal Spying" »


Obama Administration: Wiretapping Legal Challenge Must Die

By David Kravets EmailJanuary 23, 2009 | 7:15:25 PMCategories: Surveillance  

Spy

SAN FRANCISCO -- The Obama administration urged a federal judge on Friday to stay enforcement of a ruling favoring the plaintiffs in a lawsuit challenging President George W. Bush's warrantless eavesdropping program.

Justice Department special counsel Anthony Coppolino told U.S. District Judge Vaughn Walker during a 60-minute hearing here that the appellate courts should review his Jan. 5 decision allowing classified evidence into the case, a position the Obama administration took in court documents the day before.

Without the classified evidence, Coppolino said, the government wins the case by default, and two American lawyers who claimed they were unlawfully spied upon can't pursue their lawsuit.

"If we are right about this, the case gets dismissed," Coppolino said.

But Judge Walker said he wanted more briefing on the matter. He refused to immediately stay enforcement of his order, which requires the government to allow the plaintiffs' attorneys, and the court, to review a highly-classified document that  purportedly shows that the lawyers for a now-defunct Saudi charity had their telephone conversations wiretapped without warrants in 2004.

The lawyers -- Wendell Belew and Asim Ghafoo - sued the Bush administration after the U.S. Treasury Department accidentally released the Top Secret memo to them, then successfully demanded its return. The memo was barred from the lawsuit through years of litigation, until Walker recently ordered the government to turn it over, after the plaintiffs successfully gathered unclassified evidence to support their case.

As it stands, lawyers for the plaintiffs are scheduled to view the document as early as Feb. 13.

The documents' use in the case is central for the two charity lawyers to acquire legal standing so they may challenge the constitutionality of  Bush administration's warrantless-eavesdropping program.

Jon Eisenberg, the attorney for the two lawyers, suggested the litigation be put on hold to give the new Obama administration time to reconsider the legal posture it inherited from Bush.

"None of us knows whether or not they might take a different approach to this case," Eisenberg argued to Walker.

Neither Coppolino nor Walker responded to that point. Disputes with pretrial decisions generally require the trial judge to permit an appeal.

Walker noted that there were few grounds to allow an appeal partway through this case. But he said he would consider granting an appeal under a statute that allows judges to kick cases up to the appellate courts if a substantial question of law is at issue. In this case: can a document that the government has declared a state secret be allowed in a lawsuit?

"We believe that we have a successful privilege assertion in this case," said Coppolino, citing the "state secrets privilege", which, when invoked, generally results in a dismissal of lawsuits against the government.

Three years ago Walker allowed the government to appeal a decision in a different spy case under similar circumstances. The Electronic Frontier Foundation sued AT&T for allegedly being complicit in Bush's warrantless spy program.

In that case, too, the government asserted the state secrets privilege, saying the lawsuit should be dismissed because it threatens to harm national security.

The 9th U.S. Circuit Court of Appeals dismissed the appeal as moot last year after Congress, including  then-senator Barack Obama, voted to immunize the nation's telecoms from the lawsuit. In a separate vote, Obama opposed immunity, but he finally endorsed it as part of broad legislation legalizing the once-secret warrantless spy program.

Last month, the EFF asked Walker to overturn the immunity legislation. A decision by Walker is pending in that matter.

On Friday, Walker instructed the government and Eisenberg to provide further written arguments within weeks about why he should or should not permit the government to appeal a case brought by two former lawyers for the Al-Haramain Islamic Foundation.

See Also:


NSA Whistleblower: Wiretaps Were Combined with Credit Card Records of U.S. Citizens

By Kim Zetter EmailJanuary 23, 2009 | 7:00:00 AMCategories: NSA, Surveillance  

NSA whistleblower Russell Tice was back on Keith Olbermann's MSNBC program Thursday evening to expand on his Wednesday revelations that the National Security Agency spied on individual U.S. journalists, entire U.S. news agencies as well as "tens of thousands" of other Americans.

Tice said on Wednesday that the NSA had vacuumed in all domestic communications of Americans, including, faxes, phone calls and network traffic.

Today Tice said that the spy agency also combined information from phone wiretaps with data that was mined from credit card and other financial records. He said information of tens of thousands of U.S. citizens is now in digital databases warehoused at the NSA.

"This [information] could sit there for ten years and then potentially it marries up with something else and ten years from now they get put on a no-fly list and they, of course, won't have a clue why," Tice said.

In most cases, the person would have no discernible link to terrorist organizations that would justify the initial data mining or their inclusion in the database.

"This is garnered from algorithms that have been put together to try to just dream-up scenarios that might be information that is associated with how a terrorist could operate," Tice said. "And once that information gets to the NSA, and they start to put it through the filters there . . . and they start looking for word-recognition, if someone just talked about the daily news and mentioned something about the Middle East they could easily be brought to the forefront of having that little flag put by their name that says 'potential terrorist'."

The revelation that the NSA was involved in data mining isn't new. The infamous 2004 hospital showdown between then-White House Counsel Alberto Gonzales and Deputy Attorney General James Comey over the legality of a government surveillance program involved the data mining of massive databases, according to a 2007 New York Times article.

But there was always a slight possibility, despite the suspicions of many critics, that the NSA's data mining involved only people who were legitimately suspected of connections to terrorists overseas, as the Bush Administration staunchly maintained about its domestic phone wiretapping program.

“There’s no spying on Americans,” former Director of National Intelligence Mike McConnell insisted to the New Yorker last year.

But Tice's assertions this week contradict these claims.

With regard to the surveillance of journalists, Tice wouldn't disclose the names of the specific reporters or media outlets he targeted when he worked as an analyst for the NSA but said in the part of the program he covered, "everyone was collected."

"They sucked in everybody and at some point they may have cherry-picked from what they had, but I wasn't aware of who got cherry-picked out of the big pot," he said.

The purpose, he was told, was to eliminate journalists from possible suspicion so that the NSA could focus on those who merited further surveillance. But Tice said on Wednesday that the data on journalists was collected round-the-clock, year-round, suggesting there was never an intent to eliminate anyone from the surveillance.

New York Times reporter James Risen, who co-authored that paper's 2005 story on the warrantless wiretapping program with colleague Eric Lichtblau, suspects he could have been among those monitored, because Bush Administration officials obtained copies of his phone records, which they showed to a federal grand jury. The grand jury is investigating leaked information that appeared in Risen's 2006 book State of War about a CIA program, codenamed Operation Merlin, to infiltrate and destabilize Iran's nuclear program. Risen doesn't know if his records were obtained by the FBI with a legitimate warrant or through the NSA program that Tice described.

Risen told Olbermann that the NSA program to monitor journalists was likely intended to be used to ferret out and intimidate possible sources "to have a chilling effect on potential whistleblowers in the government to make them realize that there's a Big Brother out there that will get them if they step out of line."

Who else might have been among those targeted by the NSA?

Senator Jay Rockefeller (D-West Virginia) said, in a separate interview, that he could very well have been targeted, too.

Rockefeller was speaking to MSNBC host Chris Matthews and gave a cryptic reply when Matthews asked him what he thought about Tice's spying allegations (see 4:14 in the video below).

"I'm quite prepared to believe it," Rockefeller said. "I mean, I think they went after anybody they could get. Including me."

Matthews replied, "They didn't eavesdrop on you, did they Senator?"

"No," Rockefeller said shaking his head, "and they sent me no letters."

If Rockefeller were among those who were spied on, it would be very ironic, since he was instrumental in helping the Bush Administration obtain retroactive immunity for the telecommunications companies that are accused of aiding the Administration in its warrantless surveillance program.

See Also:


Obama Sides With Bush in Spy Case

By David Kravets EmailJanuary 22, 2009 | 4:32:47 PMCategories: Surveillance  

Spy The Obama administration fell in line with the Bush administration Thursday when it urged a federal judge to set aside a ruling in a closely watched spy case weighing whether a U.S. president may bypass Congress and establish a program of eavesdropping on Americans without warrants.

In a filing in San Francisco federal court, President Barack Obama adopted the same position as his predecessor. With just hours left in office, President George W. Bush late Monday asked U.S. District Judge Vaughn Walker to stay enforcement of an important Jan. 5 ruling admitting key evidence into the case.

Thursday's filing by the Obama administration marked the first time it officially lodged a court document in the lawsuit asking the courts to rule on the constitutionality of the Bush administration's warrantless-eavesdropping program. The former president approved the wiretaps in the aftermath of the Sept. 11, 2001, terror attacks.

"The Government's position remains that this case should be stayed," the Obama administration wrote (.pdf) in a filing that for the first time made clear the new president was on board with the Bush administration's reasoning in this case.

The government wants to appeal Walker's decision to the 9th U.S. Circuit Court of Appeals in San Francisco, a legal maneuver requiring Judge Walker's approval. A hearing in Walker's courtroom is set for Friday.

The legal brouhaha concerns Walker's decision to admit as evidence a classified document allegedly showing that two American lawyers for a now-defunct Saudi charity were electronically eavesdropped on without warrants by the Bush administration in 2004.

The lawyers — Wendell Belew and Asim Ghafoo — sued the Bush administration after the U.S. Treasury Department accidentally released the Top Secret memo to them. At one point, the courts had ordered the document, which has never been made public, returned and removed from the case.

Torn_paper2_660x

The document's admission to the case is central for the two former lawyers of the Al-Haramain Islamic Foundation charity to acquire legal standing so they may challenge the constitutionality of the warrantless-eavesdropping program Bush publicly acknowledged in 2005.

The Friday hearing is needed, because disputes with pretrial decisions generally require the trial judge to permit an appeal.

The Obama administration is also siding with the former administration in its legal defense of July legislation that immunizes the nation's telecommunications companies from lawsuits accusing them of complicitity in Bush's eavesdropping program, according to testimony last week by incoming Attorney General Eric Holder.

That immunity legislation, which Obama voted for when he was a U.S. senator from Illinois, was included in a broader spy package that granted the government wide-ranging, warrantless eavesdropping powers on Americans' electronic communications.

A decision on the constitutionality of the immunity legislation is pending before Judge Walker in a separate case brought by the Electronic Frontier Foundation.

See Also:


See more Threat Level
BERJAYA
BERJAYA Kevin Poulsen |
David Kravets | |
Kim Zetter |
Ryan Singel |



BERJAYA
BERJAYA

* : Tech News, Gadget Reviews, and Special Offers - all delivered to your mobile device.

syndication feed Add to your favorite feed reader. Find more Wired.com feeds, including web-based news reader feeds, here.