Tag: state department cables

State Department’s search for a WikiLeaks scapegoat

Hillary Clinton at the state department

Hillary Clinton at the State Department condemned the WikiLeaks release of US embassy cables, but has not commented on the department’s lax security. Photograph: Win Mcnamee/Getty Images

On the same day that more than 250,000 unredacted State Department cables hemorrhaged out onto the internet, I was interrogated for the first time in my 23-year State Department career by State’s Bureau of Diplomatic Security (DS) and told I was under investigation for allegedly disclosing classified information. The evidence of my crime? A posting on my blog from the previous month that included a link to a WikiLeaks document already available elsewhere on the web.

As we sat in a small, gray, windowless room, resplendent with a two-way mirror, multiple ceiling-mounted cameras, and iron rungs on the table to which handcuffs could be attached, the two DS agents stated that the inclusion of that link amounted to disclosing classified material. In other words, a link to a document posted by who-knows-who on a public website available at this moment to anyone in the world was the legal equivalent of me stealing a top secret report, hiding it under my coat and passing it to a Chinese spy in a dark alley.

The agents demanded to know who might be helping me with my blog (“Name names!”), if I had donated any money from my upcoming book on my wacky, year-long State Department assignment to a forward military base in Iraq, and if so, to which charities, the details of my contract with my publisher, how much money (if any) I had been paid, and – by the way – whether I had otherwise “transferred” classified information.

Had I, they asked, looked at the WikiLeaks site at home on my own time on my own computer? Every blog post, every Facebook post and every tweet by every State Department employee, they told me, must be pre-cleared by the department prior to “publication”. Then they called me back for a second 90-minute interview, stating that my refusal to answer questions would lead to my being fired, never mind the fifth (or the first) amendments.

Why me? It’s not like the Bureau of Diplomatic Security has the staff or the interest to monitor the hundreds of blogs, thousands of posts and millions of tweets by Foreign Service personnel. The answer, undoubtedly, is my new book, We Meant Well: How I Helped Lose the Battle for the Hearts and Minds of the Iraqi People. Its unvarnished portrait of State’s efforts and the US at work in Iraq has clearly angered someone, even though one part of State signed off on the book under internal clearance procedures some 13 months ago. I spent a year in Iraq leading a State Department Provincial Reconstruction Team (PRT) and, sadly, know exactly what I am talking about. DS monitoring my blog is like a small-town cop pulling over every African American driver: vindictive, selective prosecution. “Ya’ll be careful in these parts, ‘hear, ’cause we’re gonna set an example for your kind of people.”

Silly as it seems, such accusations carry a lot of weight if you work for the government. DS can unilaterally, and without any right of appeal or oversight, suspend your security clearance and for all intents and purposes end your career. The agents questioning me reminded me of just that, as well as of the potential for criminal prosecution – and all because of a link to a website, nothing more.

It was implied as well that even writing about the interrogation I underwent, as I am doing now, might morph into charges of “interfering with a government investigation”. They labelled routine documents in use in my interrogation as “law enforcement sensitive” to penalise me should I post them online. Who knew such small things actually threatened the security of the United States? Are these words so dangerous, or is our nation so fragile that legitimate criticism becomes a firing offense?

Let’s think through this disclosure of classified info thing, even if State won’t. Every website on the internet includes links to other websites. It’s how the web works. If you include a link to say, a CNN article about Libya, you are not “disclosing” that information – it’s already there. You’re just saying: “Have a look at this.” It’s like pointing out a newspaper article of interest to a guy next to you on the bus. (Careful, though, if it’s an article from the New York Times or the Washington Post: it might quote stuff from WikiLeaks and then you could be endangering national security.)

Security at State: hamburgers and mud

Security and the State Department go together like hamburgers and mud. Over the years, State has leaked like an old boot. One of its most hilarious security breaches took place when an unknown person walked into the secretary of State’s outer office and grabbed a pile of classified documents. From the vast trove of missing classified laptops to bugging devices found in its secure conference rooms, from high-ranking officials trading secrets in Vienna to top diplomats dallying with spies in Taiwan, even the publicly available list is long and ugly.

Of course, nothing compares to what history will, no doubt, record as the most significant outpouring of classified material ever: the dump of hundreds of thousands of cables that are now on display on WikiLeaks and its mushroom-like mirror sites. The Bureau of Diplomatic Security (an oxymoron if ever there was one) is supposed to protect our American diplomats by securing State’s secrets, and over time, they just haven’t done very well at that.

Bradley Manning, left, is accused of stealing classified files released by Julian Assange, rightUS soldier Bradley Manning, left, who is accused of stealing the huge database of classified files released by the WikiLeaks website of Julian Assange, right. Photograph: Associated Press/AFP/Getty ImagesThe State Department and its Bureau of Diplomatic Security never took responsibility for their part in the loss of all those cables, never acknowledged their own mistakes or porous security measures. No one will ever be fired at State because of WikiLeaks – except, at some point, possibly me. Instead, State joined in the federal mugging of army Private Bradley Manning, the person alleged to have copied the cables onto a Lady Gaga CD while sitting in the Iraqi desert.

That all those cables were available electronically to everyone from the secretary of State to a lowly army private was the result of a clumsy post-9/11 decision at the highest levels of the State Department to quickly make up for information-sharing shortcomings. Trying to please an angry Bush White House, State went from sharing almost nothing to sharing almost everything overnight. They flung their whole library onto the government’s classified intranet, SIPRnet, making it available to hundreds of thousands of federal employees worldwide. It is usually not a good idea to make classified information that broadly available when you cannot control who gets access to it outside your own organisation. The intelligence agencies and the military certainly did no such thing on SIPRnet, before or after 9/11.

State did not restrict access. If you were in, you could see it all. There was no safeguard to ask why someone in the army in Iraq in 2010 needed to see reporting from 1980s Iceland. Even inside their own organisation, State requires its employees to “subscribe” to classified cables by topic, creating a record of what you see and limiting access by justifiable need. A guy who works on trade issues for Morocco might need to explain why he asked for political-military reports from Chile.

Most for-pay porn sites limit the amount of data that can be downloaded. Not State. Once those cables were available on SIPRnet, no alarms or restrictions were implemented so that low-level users couldn’t just download terabytes of classified data. If any activity logs were kept, it does not look like anyone checked them.

A few classified State Department cables will include sourcing, details on from whom or how information was collected. This source data allows an informed reader to judge the veracity of the information – was the source on a country’s nuclear plans a street vendor or a high military officer? Despite the sometimes life-or-death nature of protecting sources (though some argue this is overstated), State simply dumped its hundreds of thousands of cables online unredacted, leaving source names there, all pink and naked in the sun.

Then again, history shows that technical security is just not State’s game, which means the WikiLeaks uproar is less of a surprise in context. For example, in 2006, news reports indicated that State’s computer systems were massively hacked by Chinese computer geeks. In 2008, State data disclosures led to an identity theft scheme only uncovered through a fluke arrest by the Washington, DC cops. Before it was closed down in 2009, snooping on private passport records was a popular intramural activity at the State Department, widely known and casually accepted. In 2011, contractors using fake identities appear to have downloaded 250,000 internal medical of State Department employees, including mine.

Wishing isn’t a strategy, hope isn’t a plan

Despite their own shortcomings, State and its Bureau of Diplomatic Security take this position: if we shut our eyes tightly enough, there is no WikiLeaks. (The morning news summary at State includes this message: “Due to the security classification of many documents, the daily addendum will not include news clips that are generated by leaked cables by the website WikiLeaks.”) The corollary to such a position evidently goes something like this: since we won’t punish our own technical security people or the big shots who approved the whole flawed scheme in the first place, and the damned first amendment doesn’t allow us to punish the New York Times, let’s just punish one of our own employees for looking at, creating links to and discussing stuff on the web – and while he was at it, writing an accurate, first-hand and critical account of the disastrous, if often farcical, American project in Iraq.

That’s what frustrated bullies do – they pick on the ones they think they can get away with beating up. The advantage of all this? It gets rid of a “troublemaker”, and the Bureau of Diplomatic Security people can claim that they are “doing something” about the WikiLeaks drip that continues even while they fiddle. Of course, it also chills free speech, sending a message to other employees about the price of speaking plainly.

Now does that make sense? Only inside the world of Diplomatic Security, where historically, it always has.

For example, Diplomatic Security famously took into custody the color slides reproduced in the Foreign Service Journal showing an open copy of one of the government’s most sensitive intelligence documents, albeit only after the photos were published and distributed in the thousands. Similarly, DS made it a crime to take photos of the giant US Embassy compound in Baghdad, but only after the architecture firm building it posted sketches of the embassy online; a Google search will still reveal many of those images; others who served in Iraq have posted them on their unsecured Facebook pages.

Imagine this: State’s employees are still blocked by a firewall from looking at websites that carry, or simply write about and refer to, WikiLeaks documents, including TomDispatch.com, which is publishing this piece. (That, in turn, means my colleagues at State won’t be able to read this – except on the sly.)

In the belly of the beast

Back in that windowless room for a second time, I faced the two DS agents clumsily trying to play semi-bad cop and altogether-bad cop. They once again reminded me of my obligation to protect classified information, and studiously ignored my response – that I indeed do take that obligation seriously; enough, in fact, to distinguish between actual disclosure and a witch-hunt.

As they raised their voices and made uncomfortable eye contact just like it says to do in any Interrogation 101 manual, you could almost imagine the hundreds of thousands of unredacted cables physically spinning through the air around us, heading – splat, splot, splat – for the web. Despite the Hollywood-style theatrics and the grim surroundings, the interrogation was less police state or 1984-style nightmare than a Brazil-like dark comedy.

In the end, though, it’s no joke. I’ve been a blogger since April, but my meeting with the DS agents somehow took place only a week before the publication date of my book. Days after my second interrogation, the principal deputy secretary of State wrote my publisher demanding small redactions in my book – already shipped to the bookstores – to avoid “harm to US security”. One demand: to cut a vignette based on a scene from the movie version of Black Hawk Down.

The link to WikiLeaks is still on my blog. The Bureau of Diplomatic Security declined my written offer to remove it, certainly an indication that however much my punishment mattered to them, the actual link mattered little. I may lose my job in State’s attempt to turn us all into mini-Bradley Mannings and so make America safe.

These are not people steeped in, or particularly appreciative of, the finer points of irony. Still, would anyone claim that there isn’t irony in the way the State Department regularly crusades for the rights of bloggers abroad in the face of all kinds of government oppression, crediting their voices for the Arab Spring, while going after one of its own bloggers at home for saying nothing that wasn’t truthful?

Here’s the best advice my friends in Diplomatic Security have to offer, as far as I can tell: slam the door after the cow has left the barn, then beat your wife as punishment. She didn’t do anything wrong, but she deserved it, and don’t you feel better now?

How 250,000 US embassy cables were leaked

Bradley Manning, left, is accused of stealing classified files released by Julian Assange, right

US soldier Bradley Manning, left, who is accused of stealing the classified files and handing the database to the WikiLeaks website of Julian Assange, right. Photograph: Associated Press/AFP/Getty Images

An innocuous-looking memory stick, no longer than a couple of fingernails, came into the hands of a Guardian reporter earlier this year. The device is so small it will hang easily on a keyring. But its contents will send shockwaves through the world’s chancelleries and deliver what one official described as “an epic blow” to US diplomacy.

The 1.6 gigabytes of text files on the memory stick ran to millions of words: the contents of more than 250,000 leaked state department cables, sent from, or to, US embassies around the world.

What will emerge in the days and weeks ahead is an unprecedented picture of secret diplomacy as conducted by the planet’s sole superpower. There are 251,287 dispatches in all, from more than 250 US embassies and consulates. They reveal how the US deals with both its allies and its enemies – negotiating, pressuring and sometimes brusquely denigrating foreign leaders, all behind the firewalls of ciphers and secrecy classifications that diplomats assume to be secure. The leaked cables range up to the “SECRET NOFORN” level, which means they are meant never to be shown to non-US citizens.

As well as conventional political analyses, some of the cables contain detailed accounts of corruption by foreign regimes, as well as intelligence on undercover arms shipments, human trafficking and sanction-busting efforts by would-be nuclear states such as Iran and Libya. Some are based on interviews with local sources while others are general impressions and briefings written for top state department visitors who may be unfamiliar with local nuances.

Intended to be read by officials in Washington up to the level of the secretary of state, the cables are generally drafted by the ambassador or subordinates. Although their contents are often startling and troubling, the cables are unlikely to gratify conspiracy theorists. They do not contain evidence of assassination plots, CIA bribery or such criminal enterprises as the Iran-Contra scandal in the Reagan years, when anti-Nicaraguan guerrillas were covertly financed.

One reason may be that America’s most sensitive “top secret” and above foreign intelligence files cannot be accessed from Siprnet, the defence department network involved.

The US military believes it knows where the leak originated. A soldier, Bradley Manning, 22, has been held in solitary confinement for the last seven months and is facing a court martial in the new year. The former intelligence analyst is charged with unauthorised downloads of classified material while serving on an army base outside Baghdad. He is suspected of taking copies not only of the state department archive, but also of video of an Apache helicopter crew gunning down civilians in Baghdad, and hundreds of thousands of daily war logs from military operations in Afghanistan and Iraq.

It was childishly easy, according to the published chatlog of a conversation Manning had with a fellow-hacker. “I would come in with music on a CD-RW labelled with something like ‘Lady Gaga’ … erase the music … then write a compressed split file. No one suspected a thing … [I] listened and lip-synched to Lady Gaga’s Telephone while exfiltrating possibly the largest data spillage in American history.” He said that he “had unprecedented access to classified networks 14 hours a day 7 days a week for 8+ months”.

Manning told his correspondent Adrian Lamo, who subsequently denounced him to the authorities: “Hillary Clinton and several thousand diplomats around the world are going to have a heart attack when they wake up one morning and find an entire repository of classified foreign policy is available, in searchable format, to the public … Everywhere there’s a US post, there’s a diplomatic scandal that will be revealed. Worldwide anarchy in CSV format … It’s beautiful, and horrifying.”

He added: “Information should be free. It belongs in the public domain.”

Manning, according to the chatlogs, says he uploaded the copies to WikiLeaks, the “freedom of information activists” as he called them, led by Australian former hacker Julian Assange.

Assange and his circle apparently decided against immediately making the cables public. Instead they embarked on staged disclosure of the other material – aimed, as they put it on their website, at “maximising political impact”.

In April at a Washington press conference the group released the Apache helicopter video, titling it Collateral Murder.

The Guardian’s Nick Davies brokered an agreement with Assange to hand over in advance two further sets of military field reports on Iraq and Afghanistan so professional journalists could analyse them. Published earlier this year simultaneously with the New York Times and Der Spiegel in Germany, the analyses revealed that coalition forces killed civilians in previously unreported shootings and handed over prisoners to be tortured.

The revelations shot Assange and WikiLeaks to global prominence but led to angry denunciations from the Pentagon and calls from extreme rightwingers in the US that Assange be arrested or even assassinated. This month Sweden issued an international warrant for Assange, for questioning about alleged sexual assaults. His lawyer says the allegations spring from unprotected but otherwise consensual sex with two women.

WikiLeaks says it is now planning to post a selection of the cables. Meanwhile, a Guardian team of expert writers has been spending months combing through the data. Freedom of information campaigner Heather Brooke obtained a copy of the database through her own contacts and joined the Guardian team. The paper is to publish independently, but simultaneously with the New York Times and Der Spiegel, along with Le Monde in Paris and El País in Madrid. As on previous occasions the Guardian is redacting information likely to cause reprisals against vulnerable individuals.

TOP-SECRET – Sixteen Individuals Arrested in the United States for Alleged Roles in Cyber Attacks

WASHINGTON—Fourteen individuals were arrested today by FBI agents on charges related to their alleged involvement in a cyber attack on PayPal’s website as part of an action claimed by the group “Anonymous,” announced the Department of Justice and the FBI. Two additional defendants were arrested today on cyber-related charges.

The 14 individuals were arrested in Alabama, Arizona, California, Colorado, the District of Columbia, Florida, Massachusetts, Nevada, New Mexico, and Ohio on charges contained in an indictment unsealed today in the Northern District of California in San Jose. In addition, two individuals were arrested on similar charges in two separate complaints filed in the Middle District of Florida and the District of New Jersey. Also today, FBI agents executed more than 35 search warrants throughout the United States as part of an ongoing investigation into coordinated cyber attacks against major companies and organizations. Finally, the United Kingdom’s Metropolitan Police Service arrested one person and the Dutch National Police Agency arrested four individuals today for alleged related cyber crimes.

According to the San Jose indictment, in late November 2010, WikiLeaks released a large amount of classified U.S. State Department cables on its website. Citing violations of the PayPal terms of service, and in response to WikiLeaks’ release of the classified cables, PayPal suspended WikiLeaks’ accounts so that WikiLeaks could no longer receive donations via PayPal. WikiLeaks’ website declared that PayPal’s action “tried to economically strangle WikiLeaks.”

The San Jose indictment alleges that in retribution for PayPal’s termination of WikiLeaks’ donation account, a group calling itself Anonymous coordinated and executed distributed denial of service (DDoS) attacks against PayPal’s computer servers using an open source computer program the group makes available for free download on the Internet. DDoS attacks are attempts to render computers unavailable to users through a variety of means, including saturating the target computers or networks with external communications requests, thereby denying service to legitimate users. According to the indictment, Anonymous referred to the DDoS attacks on PayPal as “Operation Avenge Assange.”

The defendants charged in the San Jose indictment allegedly conspired with others to intentionally damage protected computers at PayPal from Dec. 6, 2010, to Dec. 10, 2010.

The individuals named in the San Jose indictment are: Christopher Wayne Cooper, 23, aka “Anthrophobic;” Joshua John Covelli, 26, aka “Absolem” and “Toxic;” Keith Wilson Downey, 26; Mercedes Renee Haefer, 20, aka “No” and “MMMM;” Donald Husband, 29, aka “Ananon;” Vincent Charles Kershaw, 27, aka “Trivette,” “Triv” and “Reaper;” Ethan Miles, 33; James C. Murphy, 36; Drew Alan Phillips, 26, aka “Drew010;” Jeffrey Puglisi, 28, aka “Jeffer,” “Jefferp” and “Ji;” Daniel Sullivan, 22; Tracy Ann Valenzuela, 42; and Christopher Quang Vo, 22. One individual’s name has been withheld by the court.

The defendants are charged with various counts of conspiracy and intentional damage to a protected computer. They will make initial appearances throughout the day in the districts in which they were arrested.

In addition to the activities in San Jose, Scott Matthew Arciszewski, 21, was arrested today by FBI agents on charges of intentional damage to a protected computer. Arciszewski is charged in a complaint filed in the Middle District of Florida and made his initial appearance this afternoon in federal court in Orlando, Fla.

According to the complaint, on June 21, 2011, Arciszewski allegedly accessed without authorization the Tampa Bay InfraGard website and uploaded three files. The complaint alleges that Arciszewski then tweeted about the intrusion and directed visitors to a separate website containing links with instructions on how to exploit the Tampa InfraGard website. InfraGard is a public-private partnership for critical infrastructure protection sponsored by the FBI with chapters in all 50 states.

Also today, a related complaint unsealed in the District of New Jersey charges Lance Moore, 21, of Las Cruces, N.M., with allegedly stealing confidential business information stored on AT&T’s servers and posting it on a public file sharing site. Moore was arrested this morning at his residence by FBI agents and is expected to make an initial appearance this afternoon in Las Cruces federal court. Moore is charged in with one count of accessing a protected computer without authorization.

According to the New Jersey complaint, Moore, a customer support contractor, exceeded his authorized access to AT&T’s servers and downloaded thousands of documents, applications and other files that, on the same day, he allegedly posted on a public file-hosting site that promises user anonymity. According to the complaint, on June 25, 2011, the computer hacking group LulzSec publicized that they had obtained confidential AT&T documents and made them publicly available on the Internet. The documents were the ones Moore had previously uploaded.

The charge of intentional damage to a protected computer carries a maximum penalty of 10 years in prison and a $250,000 fine. Each count of conspiracy carries a maximum penalty of five years in prison and a $250,000 fine.

An indictment and a complaint merely contain allegations. Defendants are presumed innocent unless and until proven guilty beyond a reasonable doubt in a court of law.

To date, more than 75 searches have taken place in the United States as part of the ongoing investigations into these attacks.

These cases are being prosecuted by Assistant U.S. Attorneys in the U.S. Attorneys’ Offices for the Northern District of California, Middle District of Florida, and the District of New Jersey. The Criminal Division’s Computer Crime and Intellectual Property Section also has provided assistance.

Today’s operational activities were done in coordination with the Metropolitan Police Service in the United Kingdom and the Dutch National Police Agency. The FBI thanks the multiple international, federal, and domestic law enforcement agencies who continue to support these operations.