Senators cite CNN's Security Clearance reporting in call for answers in US Consulate attack

By Mike Mount

(CNN) - A day after CNN's Security Clearance reported that the diplomatic office in Benghazi, Libya, had less than standard security before an attack there killed four Americans, two U.S. senators have demanded details of the threats and security concerns ahead of the attack.
U.S. Sens. Johnny Isakson, R-Georgia, and Bob Corker, R-Tennessee, both members of the Senate Foreign Relations Committee, penned a letter to Secretary of State Hillary Clinton on Tuesday requesting that the she provide the committee with "all communication relevant to the security situation in Benghazi between the U.S. mission and the State Department leading up to the attacks, including any cables sent from Ambassador Stevens," according to a news release from the offices of the two senators.
Ambassador Christopher Stevens was one of the four Americans killed in the September 11 attack on the U.S. mission.
"We are extremely concerned about conflicting reports over events leading up to the attacks. Specifically, we are concerned over the apparent lack of security preparation made despite a demonstrable increase in risks to U.S. officials and facilities in Benghazi in the period leading up to the attacks," the letter to Clinton says.
In the letter, the senators cited a Monday CNN report about a waiver allowing the diplomatic office to have a lower security level as well as earlier reporting by CNN that Stevens was concerned about the deteriorating security situation in Benghazi. That reporting came from a diary found by CNN in the burned-out mission that was confirmed to belong to Stevens.
The letter to Clinton is the latest request by members of Congress asking how the attack happened and how it was able to become so violent.
In addition to the letter from Isakson and Corker, Sen. Lindsey Graham, R-South Carolina, has called for an investigation. And Sens. Barbara Mikulski, D-Maryland, Dan Coats, R-Indiana, Bill Nelson, D-Florida, and Roy Blunt, R-Missouri, have sent a letter to Clinton questioning host-nation perimeter security at State Department facilities overseas.

 http://edition.cnn.com/

Civilian cyber-warriors not motivated by patriotism

Cybercrimes pose a huge societal risk and have become a hot issue globally, yet little is known about the mindset behind them; new study finds that people who commit cyber-attacks against the government also tend to download music illegally and participate in physical protests; surprisingly, however, they do not appear to be acting out of some sense of national pride or patriotism
People who commit cyber-attacks against the government also tend to download music illegally and participate in physical protests. Surprisingly, however, they do not appear to be acting out of some sense of national pride or patriotism.
Those are some of the findings to emerge from a Michigan State University study that for the first time begins to paint a profile of “civilian cyber-warriors,” or people who engage in attacks against domestic or foreign governments without support from military or government agencies.
A Michigan State University release reports that cybercrimes pose a huge societal risk and have become a hot issue globally, yet little is known about the mindset behind them.
“We were surprised to find that nationalism and patriotism were not predictors for cyber-attacks,” said Thomas Holt, MSU associate professor of criminal justice and lead author on the study. “When officials attempt to identify today’s civilian cyber-warriors, they shouldn’t necessarily be looking for the person who is politically radical.”
Cyber-attacks — such as those carried out by the “hacktivist” group known as Anonymous — have prompted calls for stricter Internet regulations and enforcement. Congress was widely criticized in August when it failed to pass the Cybersecurity Act of 2012, even after many members warned of the catastrophic implications of cyber-attacks.
Holt said the faceless, borderless nature of the Internet allows individuals to mask their identity and better avoid detection. This has given rise to the civilian cyber-warrior, who can potentially attack vulnerable resources such as municipal water systems and power grids, he said.
What might motivate them, though? To find out, Holt and fellow researcher Max Kilger surveyed 357 students from a U.S. university about their willingness to engage in protests, both online and offline, and in cyber-attacks. Eleven percent of the participants were international students, representing about thirty countries.
About 62 percent of participants said they were willing to participate in a physical protest if they believed their home government was being oppressive. More than 77 percent said they would post a Facebook message about the oppression.
A much smaller number of participants said they would engage in a cyber-attack such as defacing a government website (13 percent) or compromising a government server (10 percent). Of those who would engage in a cyber-attack, Holt said three common factors emerged: the participants were also inclined to download illegal music, movies and other media; they were likely to engage in physical protest behaviors; and they were not motivated by a general outlook or attitude toward their government.
“It may be that these individual behaviors correlate not to patriotism, but instead to an altruistic belief that all groups should be treated equally,” Holt said. He added that his future research may begin to paint a clearer picture of what motivates cybercriminals.

http://www.homelandsecuritynewswire.com/

New ISR group supports cyber operations

The 659th Intelligence, Surveillance and Reconnaissance Group was activated Sept. 8 during a ceremony here.
The mission of the 659th ISR Group, commanded by Col. Peter Lambert, is to provide direct ISR support to the 24th Air Force, which contributes to U.S. Cyber Command’s mission. Members of the 659th focus on digital network exploitation analysis and digital network intelligence, which enables computer network operations. The group also provides digital network experts to the National Security Agency.
“The 659th brings ISR cyber capabilities to the 24th Air Force, NSA and the warfighter,” Colonel Lambert said. “Our warfighters in the field have never needed the capabilities of the men and women of the 659th more than they need them today. I look forward to leading this group and taking on new challenges.”
The idea for an Air Force ISR group to support the 24th AF began more than a year ago during an Air Force ISR summit.
“When we were tasked with standing up an ISR group to support 24th Air Force, we laid the foundation within days by establishing the provisional 770th ISR Group, which was the 659th’s precursor,” said Col. John Bansemer, commander of the 70th ISR Wing, the parent unit of the new group.
The provincial group started Oct. 1, 2009, under the command of Lt. Col. Terry Hamrick. With the establishment of the 659th ISR Group, the provisional 770th ISR Group was inactivated.
The new 659th ISR Group has two intelligence squadrons: the 7th Intelligence Squadron here and the 35th IS at Lackland Air Force Base, Texas. The more than 400 military and civilian Airmen of the 659th ISR Group conduct missions at locations worldwide.
The group’s new commander looks forward to the development and growth of the unit’s mission during the next few years.
“I want to better understand our partners’ missions and continue to synergize with the Air Force ISR Agency as well as with other agencies both in and out of the Air Force,” Colonel Lambert said. “My goal while in command is to constantly look toward the future and keep the group and the mission moving forward.”
Because the 659th ISR Group is the first of its kind, unit members are charged with establishing its unique heritage.
Addressing the Airmen of the 659th ISR Group, Colonel Bansemer said, “You are working with a blank slate, forging a new path, a new brand of ISR support. Very few times do we have the chance to write the history books; this is one of those times. The challenge is there and I know the men and the women of the 659th are ready to meet it head on.”

http://www.defencetalk.com/

Bomb explosion near Indonesian capital injures 5

A suspected militant was critically injured when a bomb apparently being prepared for terrorist attacks exploded at a house near Indonesia's capital, police said Sunday. At least three other people living nearby were injured, and witnesses said one of two suspects who fled also appeared to have suffered an injury.
An elite anti-terror squad was searching for the two men who reportedly escaped after the strong blast went off late Saturday in Depok, a town on the outskirts of Jakarta, said National Police spokesman Insp. Gen. Anang Iskandar. The incident came just days after police raided another home in Jakarta where bomb-making materials were found in connection with a terrorist group that allegedly plotted to kill police and bomb the country's parliament building.
Anang said police at the latest site found a badly injured man whose left hand had been cut off. Bomb-making devices were found scattered around him.
"We suspect he was making bombs when one of them detonated prematurely," Capt. Agus Widodo, a local police chief in Depok, told reporters at the scene. "His condition is critical. We cannot talk to him."
He said the man also suffered burns covering up to 70 percent of his face and body.
Police questioned five people living near the rented house — listed as an orphanage foundation office and herbal clinic, but never opened to the public — including two injured men and a woman with slight wounds to her head.
They told investigators that they saw two men flee on a motorbike just after the blast, and that one of them managed to jump a fence even though he appeared wounded, Agus said.
"It was actually a militant safe house from evidence found there," Agus said, adding that a group was apparently preparing bombs for terrorist attacks.
Police seized a big haul of bomb-making materials, including six pipe bombs, three grenades, two machine guns and a Berreta pistol, Iskandar said in a text message. A bomb squad team was investigating the explosives that were packed with nails to maximize impact.
The incident came amid a security crackdown in recent days in which two militants were killed and three others arrested. Just four days earlier, police found bomb-making materials at another home in Jakarta, where suspected bomb maker Muhammad Toriq lived, but managed to escape when police raided his house.
Anang said there was a resemblance between Toriq and the man in critical condition. He said police would conduct a DNA test after gathering a sample from Toriq's mother to determine if the identities match, adding that explosives found in Depok were similar to the homemade bombs discovered at Toriq's home.
Toriq is believed to be linked to a militant group that planned to shoot police and bomb the parliament building to wage "holy war" and establish an Islamic state.
Indonesia, a secular nation with more Muslims than any other in the world, has been battling terrorists since 2002, when militants linked to the Southeast Asian network Jemaah Islamiyah started attacking Western nightclubs, restaurants and embassies.
More than 260 people have been killed, many of them foreign tourists.
Recent terror attacks in Indonesia have been carried out by individuals or small groups and have targeted local "infidels" instead of Westerners, with less deadly results.

http://www.thejakartapost.com/

Kids recovered after abduction, police say

In a dramatic rescue off the coast of Monterey, FBI agents boarded a stolen yacht at about 8 p.m. Friday night, recovered two missing children and arrested their father, a Coast Guard spokesman said.
Law enforcement officials had been stealthily tracking the 41-foot yacht for hours by air and sea, always remaining out of view of the fugitive and his children, said Thomas McKenzie of the Coast Guard.
"The children are fine, but are being checked out by emergency medical technicians as a precaution," McKenzie said. The children were reunited with their mother at the Monterey Coast Guard station.
"I'm so, so relieved," said the children's grandmother, Jean Hipon, who lives with her husband, the children and their mother, Jennifer Hipon, 37, in South San Francisco.
Jean Hipon said she hasn't been able to sleep or eat since the havoc began Tuesday afternoon when Christopher Maffei, 43, showed up at his former girlfriend's home on James Court in South San Francisco and allegedly ran off with his daughter, Brooklynn Maffei, 3, and son, Devin Maffei, 2.
Maffei left in a rented white Ford Fusion. At about 8:30 that evening, he drove to Ballena Isle Marina in Alameda, where authorities said he stole the Unleashed, a sailboat worth about $250,000.

Contacting Coast Guard

From there, with his children, he apparently sailed to Vallejo, where he was seen Wednesday, before heading out the Golden Gate and turning south.
At 4 a.m. Friday, a fisherman spotted the yacht about 50 miles off the coast of Pillar Point in Half Moon Bay. He had recognized the boat from a description he had heard on his marine-band radio, said South San Francisco police Sgt. Bruce McPhillips.
"He approached the vessel and made contact with the subject, who was on the vessel," McPhillips said. "He had a short conversation, and then he left the vessel and contacted the Coast Guard."
By late afternoon, the children's mother said authorities told her the boat appeared heading back to shore. Word of the missing boat had been posted on sailboat Internet sites, said Don Durant, owner of Club Nautique, the sailing school and sales center where the stolen boat was docked.
Durant, who has been getting regular updates on the investigation, said he was told Maffei asked the fisherman he encountered Friday if he could buy fuel from him. The fisherman refused.
The Unleashed's 50-gallon tank would have been close to empty by the time it got that far south, Durant said, adding that if the yacht runs out of gas it still can be sailed at about 5 knots.
Meanwhile, a Coast Guard C-130 Hercules airplane was dispatched to watch the boat overhead from a high altitude, and police and a Coast Guard cutter followed with radar, remaining just over the horizon and out of sight.
"We didn't want to spook him," McKenzie said, explaining why authorities did not want Maffei to know he was being followed.
It's not that they thought he would harm his children, McKenzie said. "We didn't want him to sail further away."
Waiting for updates at her South San Francisco home Friday, Jennifer Hipon described Maffei as her former boyfriend and partner. There was no legal custody agreement for the children, but the couple had informally agreed to share custody, she said.

Blocked his visits

That arrangement began to unravel Monday, she said, when they argued over her decision to block his visits until he got a job and his own place to live.
He "didn't have his life together," she said.
After that discussion, "he kept calling and calling, but I didn't pick up," Hipon said. She said he told her at the time that he "considered it kidnapping" for her to stop him from seeing the children. The couple never married, she said, and Maffei had been living in Thailand from 2010 until May. He grew up in Belmont, and the two met at College of San Mateo.

http://www.sfgate.com/

U.S. Ambassador Killed in Libya

By Matt Vasilogambros
U.S. ambassador to Libya J. Christopher Stevens and three other embassy staff were killed in an attack in Benghazi on Wednesday, the White House confirmed on Wednesday.
President Obama strongly condemned the attacks, while also calling on embassies across the globe to increase security.
"Right now, the American people have the families of those we lost in our thoughts and prayers," Obama said. "They exemplified America's commitment to freedom, justice, and partnership with nations and people around the globe, and stand in stark contrast to those who callously took their lives."
The Americans were targeted in an attack in their car, trying to move to a safer venue away from the violent protests that erupted at the U.S. Consulate, Reuters reported. Stevens died of suffocation, while the three other personnel were killed by gunshot wounds, CBS News reports.
Obama praised the work of Stevens, saying he was "a courageous and exemplary representative of the United States."
"Throughout the Libyan revolution, he selflessly served our country and the Libyan people at our mission in Benghazi," Obama said. "As Ambassador in Tripoli, he has supported Libya's transition to democracy. His legacy will endure wherever human beings reach for liberty and justice. I am profoundly grateful for his service to my administration, and deeply saddened by this loss."
Secretary of State Hillary Clinton called Stevens a dedicated member of the foreign service, saying he "spoke eloquently about his passion for service, for diplomacy and for the Libyan people."
"As the conflict in Libya unfolded, Chris was one of the first Americans on the ground in Benghazi," she said. "He risked his own life to lend the Libyan people a helping hand to build the foundation for a new, free nation. He spent every day since helping to finish the work that he started. Chris was committed to advancing America’s values and interests, even when that meant putting himself in danger."
Clinton confirmed that one of those killed was Sean Smith, a foreign service information management officer. Smith worked in the foreign service for 21 years.
"Sean Smith was a husband and a father of two, who joined the Department ten years ago," Clinton said in a statement. "Like Chris, Sean was one of our best. Prior to arriving in Benghazi, he served in Baghdad, Pretoria, Montreal, and most recently The Hague."
She said the State Department is waiting to release the names of the other two killed until their next of kin is notified. She also further condemned the violence.
"All the Americans we lost in yesterday’s attacks made the ultimate sacrifice," Clinton said. "We condemn this vicious and violent attack that took their lives, which they had committed to helping the Libyan people reach for a better future."
The Libyan official told Reuters the U.S. has transported the bodies on a military plane to Tripoli to fly them back to the U.S.
The protests broke out due to outrage linked to an American video posted online that many Muslims have found offensive. Soon after news of Ambassador Stevens' death broke, Afghan President Hamid Karzai condemned the "inhuman and abusive act" of the filmmakers, which he said, "has caused enmity and confrontation between the religions and cultures of the world," according to the Wall Street Journal. 
In his own statement, President Obama rejected the denigration of religious beliefs, but condemned the violent response.
"While the United States rejects efforts to denigrate the religious beliefs of others, we must all unequivocally oppose the kind of senseless violence that took the lives of these public servants," Obama said.
A Marine fast team of about 50 is being sent to Benghazi to provide further security for embassy officials, Fox News reported.

 http://www.nti.org/gsn/

Cybercrime in the oil and gas industry – why Saudi Aramco got off lightly

The cyber attack on Saudi Aramco in August 2012 is the latest in a growing number of cybercrimes against the oil and gas industry. As contracts and technology grow in value, hackers are becoming more attracted to inside information. Denis Edgar-Nevill, chair of cybercrime forensics with the British Computer Society, explains how the sector can defend its assets.
Saudi Aramco  may be back in business after clearing 30,000 of its computers of a malicious virus in August, but the attack should serve as a stark warning that the oil and gas industry is becoming increasingly attractive to digital thieves.

Continual innovation in the sector means that hackers, whether they are greedy competitors or corrupt employees, are on the prowl for information regarding new patents, technologies, systems or devices.
Details surrounding multimillion-dollar contract bids and acquisitions are also open to attacks as oil and gas supplies slowly diminish.
For the Saudi Arabian oil major, workstations were shutdown and hydrocarbon production remained unaffected, but other companies may not get off so lightly.
Here, Denis Edgar-Nevill, chair of cybercrime forensics with the British Computer Society, discusses the greatest cyber threats to the oil and gas industry and explains how firms can prevent attacks.
Sarah Blackman: Is cybercrime is the new biggest threat to the energy industry?
Denis Edgar-Nevill: Well, cybercrime is a threat to all industries and it's a threat not only to the industrial sector but also to the government, public works and private individuals. So, yes it is a major threat.
Anything to do with energy is to do with critical infrastructure, particularly because some of the systems which energy providers provide are critical to life.
SB: Are oil and gas companies well prepared for cyber threats?
DE: It's wrong to think that one size fits all. Because of the existing safety procedures and policy procedures which are inherent in a high-tech industry such as oil and gas exploration, they are better prepared than many.

There are something like a couple of million new virus strains in the world and variants come out every year, but a small number (in the dozens) are what we call zero-day weapons where you don't know anything about them - they are using a new technique and they are using a clever idea, which somebody has come up with.
SB: Aside from attacking websites what other cyber threats to the energy are out there?
DE: It's really only limited to the imagination of the people who would want to attack you.

"The problem is, we can prepare for things we know about, but it's hard to prepare for things which haven't been invented yet."

With the type of high stakes you are playing with in oil and gas, companies might want to mount attacks on each other or do a little industrial espionage just to find out information about their dealings with individual customers.
It might be stealing new technologies, processes, devices or patents which will give people competitive advantage, or it could be an attempt just to disrupt and damage.
It really depends on who your friends and enemies are, but nobody should feel secure because nobody is secure.
For anybody who has some means of communicating information to the outside world and accepting information from the outside world there is a potential for some sort of attack.
SB: Is social media also a threat?

DE: It's a huge threat, absolutely huge. The thing that has astonished is that when the Data Protection Act was introduced in the UK, companies had to spend a lot of money making sure they weren't holding the wrong information about people that they weren't lawfully allowed to store, and then social media came along and people are putting unbelievable things about themselves, for anybody to look at.
It's when social media is used within the employees of an organisation you'll find all sorts of things leaking out, where somebody makes references to secure projects, for example.
I've even seen, in one or two cases, people actually sharing passwords, which is crazy.
SB: Should companies worry about internal sabotage?
DE: The weakest element of security is the people we employ - the human firewall. We tell people what the acceptable process is and we are really at their mercy about whether they follow that process.
People are awfully easy to manipulate and that's where I do a lot of work, which involves talking to people involved in penetration testing, where a company might employ a firm to test their own defences.
Nine out of ten times the successful attacks which penetration testers will apply to an organisation are against the people. They fool people to into believing they are somebody who should be given detailed information or somebody with legitimate access to a resource.
SB: Reports have shown that digital theft is now a greater threat to the energy industry than terrorist attacks. Do you agree?
DE: It's a question of if somebody is going to attack you, what's in it for them? A terrorist organisation might attempt to attack the energy infrastructure to further a political cause, but they'd have to be very sure it has big impact.

With energy, particularly the oil and gas industry, it's hard to have an immediate impact - you'd have to do something big to cause the industry to stop and generate lots of publicity for their cause. I think terrorists might attack the oil and gas industry if there is an opportunity there, but economic crime is always going to be there. There will always be money to be made.
Oil and gas is one of the areas where there is continual innovation and whether somebody does very well may depend on their new technique for exploiting a particular avenue to make money is available to them.
Oil and gas is also prone to situation where the systems are held to blackmail because whenever something stops, money starts getting wasted. The stakes are very high in oil and gas exploration - a day's inactivity can mean millions of dollars.
SB: What specific steps can the oil and gas industry take to improve their cyber security?
DE: The trouble is, it's always the boring things which are most effective and it's the boring things which actually will solve 95% of the problems. It's making sure that staff aren't allowed to bring in software, discs or thumb-drives which you haven't adequately scanned beforehand.
That's really one of the biggest threats. It's always a balance between trying to make you computer system as usable and as easy to access as possible, compared with trying to make sure that those accesses are legitimate. If you take the example of the Stuxnet attack on the Iranian nuclear industry, Stuxnet was actually introduced on thumb-drives.
It's easy to say let's ban all thumb-drives, but you've got the other problem of how you are going to get information on to these machines and off these machines.
Also, when people find that there is a mechanism that is difficult for them to use, they try and work around security measures and that's exactly when malware will actually strike and cause damage.
SB: What can firms do to stop cyber threats from spiralling out of control?
DE: It's about education. You've got to have systems in place to stop obvious threats and above all you've got to police them - you've got to continually make sure that people are following procedures. Making people security conscious is probably the most cost-effective thing you can do.

 http://www.offshore-technology.com/

Upgrading the dogs of war

In a secluded section of Raleigh, North Carolina live 16 carefully selected recruits for a high-priority Pentagon project that could play a life or death role in Afghanistan.
None of them have any previous military experience, so their training is necessarily disciplined – if they get through the programme their work could pave the way for others, like them, who will be called on to make life-saving decisions in high-stress environments. As a result, nothing is left to chance.  Their days involve intense physical and mental training to see if they are able to cope with the rigors of war.
Outside, a trainer introduced me to one recruit, Jimmy, who is outfitted with a telemetry vest, which can measure his physiological changes, such as heart rate, breathing, and skin temperature. It gives him an almost Olympian look, like an athlete whose every breath is measured by a team of coaches.
But you also get a sense that Jimmy gets a kick out of it. As he is ordered forward, he is panting and his tail is wagging with the enthusiasm of youth.
The good-natured black Labrador retriever is the Jason Bourne of dogs – part of a specialised Navy programme designed to select and train the most highly skilled members of his breed for a high-priority mission: finding improvised explosive devices (IEDs) on the battlefield. While prototypes of the dogs have already been deployed, research on Jimmy and his colleagues is part of a “2.0” version of the programmme, which is based on formal science studies being conducted here at North Carolina State University’s College of Veterinary Medicine, and other universities.
Over the past six years, the Pentagon has spent over $18 billion trying to find ways to detect and neutralise roadside bombs – the leading killer of US troops in Afghanistan –by investing in everything from better mine detectors to newfangled devices that shoot beams of energy. But in North Carolina, a state that is home to a 300-year hunting dog tradition, everyone seems to agree on the best technology for the job.
In the lab, I’m introduced to Dakota, one of Jimmy’s colleagues. In front of Dakota are two small containers, one scented with vanillin and the other with ethanol. Dakota, who is learning to signal when she detects a scent, is supposed to select the vanillin, a training aid that will later be switched to ammonium nitrate used in explosives. If she selects correctly, she’ll be rewarded with a treat. She gets the first one right, choosing vanillin, misses the next two, but then got the fourth one right. At that point, she was averaging 50-50, which is not good, but she was still a beginner with time to learn.
Biting machine?
Though war dogs may be high profile these days – thanks in part to Cairo, the Belgian Malinois who accompanied Navy Seals on the Osama bin Laden raid – there were virtually no deployed military bomb dogs working on battlefields when the US invaded Iraq, and hadn’t been for decades. After the Vietnam War, the military’s working dog programme was handed over to the Air Force, which used them to patrol missile fields in the United States. Those dogs were used to being guided on leashes, living in air-conditioned kennels and working limited shifts: a far cry from a war zone.
That quickly changed with the arrival of IEDs and in 2007, 13 dogs – all Labs – were deployed with the Marines to Iraq and Afghanistan. When the dogs started finding bombs, Marines asked for more, and today there are some 600 dogs.
Whilst successful, they were all essentially prototypes for the next generation of bomb dog. “After we do all this science, we’re going to rewrite the protocols,” says Lisa Albuquerque, an energetic Navy official who heads the programme, known formally as the IED Detector Dog. “It’s basically an upgrade to an existing model.”

 http://www.bbc.co.uk/