A Maryland federal judge will hear arguments in a case accusing President Donald Trump of violating the Constitution by accepting payments from foreign and state governments.
Monday’s arguments before U.S. District Judge Peter Messitte will delve into the substance of the “emoluments clause” and what it means. The clause bans accepting benefits from foreign or state governments without congressional approval.
The plaintiffs, Maryland and the District of Columbia, have argued that Trump is capitalizing on the presidency and causing harm to businesses trying to compete with his Washington, D.C., hotel.
Justice Department lawyers have argued that such business activity, including hotel room stays, isn’t an emolument.
A private lawyer for Trump has argued that the lawsuit should be dismissed because the president cannot be sued.
The U.S. has released its most detailed report yet on accusations that Russia interfered in the U.S. presidential election by hacking American political sites and email accounts.
The 13-page joint analysis by the Department of Homeland Security and the FBI is the first such report ever to attribute malicious cyber activity to a particular country or actors.
It was also the first time the U.S. has officially and specifically tied intrusions into the Democratic National Committee to hackers with the Russian civilian and military intelligence services, the FSB and GRU, expanding on an Oct. 7 accusation by the Obama administration.
The report said the intelligence services were involved in “an ongoing campaign of cyber-enabled operations directed at the U.S. government and its citizens.” It added, “In some cases, (the Russian intelligence services’) actors masqueraded as third parties, hiding behind false online personas designed to cause the victim to misattribute the source of the attack.”
Over the summer stolen emails from Democrats were posted by an online persona known as Guccifer 2.0, believed by U.S. officials to be linked to Russia. Outrage over documents that appeared to show favoritism for Hillary Clinton forced the DNC’s chair, Debbie Wasserman Schultz, to resign.
The U.S. released the report Thursday as President Barack Obama sanctioned the GRU and the FSB, the GRU’s leadership and companies which the U.S. said support the GRU.
The sanctions were the administration’s first use of a 2015 executive order for combatting cyberattacks against critical infrastructure and commercial espionage. Because election systems aren’t considered critical infrastructure, Obama amended the order Thursday to allow for sanctions on entities “interfering with or undermining election processes or institutions.”
The retaliation against Russia, just weeks before President-elect Donald Trump takes office, culminated months of political handwringing about how and whether to respond to Moscow’s alleged meddling. U.S. intelligence agencies concluded that Russia’s goal was to help Trump win — an assessment Trump has dismissed as ridiculous. Trump said Thursday he would meet with the intelligence community’s leaders next week for an update on the situation.
The report did not go far beyond confirming details already disclosed by cybersecurity firm CrowdStrike, which was hired to investigate the DNC hacks.
It described the intelligence services’ use of “spearphishing” — fake emails intended to trick victims into typing in their user names and passwords. At least one person opened attachments with malicious software. The report noted that actors “likely associated” with Russian intelligence services are continuing to engage in spearphishing campaigns, including one launched just days after the U.S. election.
The DNC was infiltrated by the FSB in summer 2015 and again by the GRU in spring 2016 using spearphishing emails that often appeared to come from legitimate or official organizations, the report said.
Russian officials have denied any involvement in hacking U.S. political sites and emails.
The report provides clues for cybersecurity workers in the private sector to identify compromised systems and prevent more intrusions. The Department of Homeland Security said it has already included this information within its own cyber threat information-sharing program, which automatically flags threats in real time for participating companies and agencies.
U.S. officials also provided antivirus vendors with two malicious software samples used by Russian intelligence services.
Associated Press writer Nataliya Vasilyeva in Moscow contributed to this report.
Follow Tami Abdollah on Twitter at https://twitter.com/latams.
Hillary Clinton is vowing anew to respond to foreign hacking the same as any other attack against the United States. When she openly blamed Russia for recent U.S. cyber break-ins, Donald Trump wondered whether to blame overseas governments or overweight hackers working from home.
“She’s saying Russia, Russia, Russia, but I don’t — maybe it was. I mean, it could be Russia, but it could also be China,” Trump said during this week’s presidential debate. “It could also be lots of other people. It also could be somebody sitting on their bed that weighs 400 pounds, OK?”
These are the unanswered questions about how the U.S. government should defend itself after an attack in the internet age: Whether to fire back, how to fire back, and at whom? The Obama administration is still writing its rulebook.
A lingering challenge involves identifying whose hands were on the keyboard: Foreign hacker spies, cybercriminals, disgruntled insiders or bored teenagers? Skilled hackers can cover their tracks, use software tools traceable to others and feign their location across borders or continents.
On Wednesday, Rep. John Conyers, D-Mich., said during a congressional hearing that it was “now the clear consensus of the intelligence community that the Russian government was behind the hack of the Democratic National Committee and not, as some suggested, somebody sitting on their bed that weighs 400 pounds.”
The White House has not officially declared Russia responsible and it’s unclear whether or when it might, since blaming Russia — with whom the U.S. is locked in a bitter dispute over fighting in Syria — would probably require plans for a response.
Clinton has raised eyebrows among some cybersecurity experts with her hawkish language on the campaign trail about retaliating with political, economic or even military means. Her aggressive policy proposal is especially notable since the State Department, which she led during President Barack Obama’s first term, traditionally has a vested interest in avoiding overt conflict since it might complicate diplomatic efforts.
“We’re going to have to make it clear that we don’t want to use the kinds of tools that we have. We don’t want to engage in a different kind of warfare. But we will defend the citizens of this country,” Clinton said during the presidential debate, when asked how she would respond to cyberattacks.
For the first time, cybersecurity led the national security portion of the presidential debate, demonstrating its political stakes and the fact that the next president will shape 21st century cyberwarfare policies, setting rules about how the U.S. responds to foreign hackers.
Trump has not released an official position on cybersecurity. Clinton tackles the issue in one-and-a-half pages of her 288-page campaign book. At the debate Trump mentioned “the cyber” without detailing specifics.
“We should be better than anybody else, and perhaps we’re not,” Trump said. “The security aspect of cyber is very, very tough. And maybe it’s hardly doable.”
The high-profile discussion came amid a presidential race that has been punctuated by hacks that cybersecurity firms, Democrats and the Clinton campaign have pinned on Russia, as well as multiple security breaches and data leaks. The White House is grappling over how to respond to hacking that some lawmakers have said is attempting to undermine voter confidence in the election.
“We’re in the process now, really the very early stages of developing those norms by virtue of the types of attacks we’re seeing,” said Matt Olsen, a former general counsel for the National Security Agency.
Olsen said responding is a challenge: “How do you know who’s responsible for the attack (and) to what extent are the cyber actors even susceptible to the normal responses like economic or diplomatic pressure?”
Clinton’s cybersecurity stance tracks with work she started while at the State Department. Even back in 2010, she said countries or individuals who hack “should face consequences and international condemnation” and that “an attack on one nation’s networks can be an attack on all.” In the State Department, she created the Office of the Coordinator for Cyber Issues to deal with global diplomacy and cyber rules.
“There was no other office in the world like mine when it was created five years ago,” said Christopher Painter, who’s served as the office’s coordinator since its inception. “Now we have 25 counterparts around the world and more on the way. That really indicates something that was a huge priority in foreign policy.”
But Clinton is hardly a technology expert herself, once struggling with how to operate a fax machine or connect a new iPad to Wi-Fi. And her cybersecurity record at the State Department is spotty. The FBI said there was no evidence her private email server in her home’s basement was hacked, but agents concluded that it was possible that hackers broke into her personal email account. At the end of her term as secretary, Clinton left behind an agency with one of the lowest scores in government for its compliance with a federal information security law.
Many of the most noteworthy cyberattacks — and the administration’s policy for dealing with them — occurred after Clinton left the State Department. The Obama administration has in recent years adopted a “name and shame” policy for state-sponsored hackers. It criminally charged five Chinese military officials with stealing secrets from nuclear power and solar companies and Iranian hackers with attacks on financial institutions and a small New York dam. In 2014, the U.S. publicly accused North Korea of hacking Sony Pictures and placed sanctions on the already isolated nation.
Follow Tami Abdollah on Twitter at https://twitter.com/latams
The Homeland Security Department on Thursday formally began sharing details of new digital threats with private business and other government agencies, a culmination of a longtime effort to improve cybersecurity.
“This is the ‘if you see something, say something’ of cybersecurity,” said Homeland Security Secretary Jeh Johnson at the agency’s Virginia-based data sharing hub, the National Cybersecurity and Communications Integration Center.
A federal law passed at the end of 2015 was intended to encourage corporations to share information about cyberthreats, making it harder for businesses to be targeted by threats used elsewhere.
The program is voluntary, and the number of companies that will participate or how effective the program will be remains unclear.
Companies have long been reluctant to acknowledge security failures. As of Thursday, about six organizations had signed up and others have expressed interest, Andy Ozment, the assistant cybersecurity secretary at Homeland Security, said. The names of companies participating are closely held, and records about their involvement are exempt from disclosure under the Freedom of Information Act.
“This is a big deal,” he said. “We’re not going to launch out the gates … and have thousands of companies sharing all sorts of information. We want to make sure we’re providing value and growing.”
Under the new law, the Homeland Security Department programmed its systems to remove personally identifiable information that might be included that private companies might share.
“As companies come on board, we’ll learn more about what’s useful,” and learn to streamline other parts, said Suzanne Spaulding, a top Homeland Security cyber official.
If information pertains to a specific threat of economic damage, death or serious injury or the effort to prosecute or prevent the exploitation of a minor, personal information may be passed on to other agencies.
Information sharing and analysis centers, which industry groups operate, will likely participate in the new program, DHS officials said. Johnson said he was telling such groups, “We are open for business, on time and on schedule.”
Rep. Michael McCaul, R-Texas, chairman of the House Committee on Homeland Security, praised the new effort following recent hacks against Sony Pictures Entertainment Inc. and the Office of Personnel Management. More than 21 million Americans had their personal information stolen in the OPM hack, which the U.S. believes was a Chinese espionage operation.
Cyber threat sharing program information: http://www.us-cert.gov/ais
Follow Tami Abdollah on Twitter at https://twitter.com/latams.
Follow Steve Peoples at http://twitter.com/sppeoples
A massive year-end spending measure moving through Congress includes a provision that will encourage companies to share cyber threat information with the government while providing them with liability protections for not acting on information received.
The measure, a culmination of several years of effort to pass a cyber bill, brings together three different versions that passed the House and Senate earlier this year with hefty bipartisan support. It was released early Wednesday morning.
The Cybersecurity Act of 2015 largely hews to the Senate version of the bill, which passed despite concerns about privacy and transparency from some senators and technology companies, such as Apple and Yelp.
But there are some changes.
The bill allows the president to designate an agency other than the civilian Homeland Security Department to act as a portal for sharing cyber threats with the government only if DHS cannot and it is necessary. However, the Defense Department, including its National Security Agency, is specifically excluded from becoming an alternate portal.
Rep. Adam Schiff, D-Calif., the ranking member of the House Intelligence Committee, urged lawmakers to support the bill and said it was a major improvement over what was put forward last session, which he said lacked privacy protections.
“The bill is very protective of privacy while also doing a lot to help companies protect themselves from cyberattack,” Schiff said. “We have to measure this against the daily invasion of our privacy by these hackers. Those who believe that perfect should be the enemy of the good, have to justify how they’re willing to accept rampant hacking into our privacy and do nothing about it.”
The bill’s liability protections are meant to incentivize data sharing with the government, and offset a major reason why prior bills have failed to pass. Supporters of the cyber sharing bill say it’s necessary to raise the cost to an attacker and ensure the same threats aren’t repeatedly deployed.
The bill also calls on businesses and the government to remove, or scrub, personal identifiable information from threat data before sharing that information.
The first scrub is done by the company when it shares with the Homeland Security Department, and the second when DHS passes it on to other agencies. However, if the cyber threat pertains to a specific threat of the loss of life, economic damage, serious injury or the effort to prosecute or prevent the exploitation of a minor, the personal identifiable information may be passed on.
Sen. Ron Wyden, D-Ore., called the bill “even worse” today, lacking meaningful privacy protections to ensure personal information isn’t passed on and doing little to prevent major hacks.
“Americans deserve policies that protect both their security and their liberty. This bill fails on both counts,” Wyden said.
The ACLU called the cyber bill “a surveillance bill by another name.”
“Instead of passing reforms that would have stopped the Anthem or OPM (Office of Personnel Management) hack, Congress has chosen to advance legislation that places the privacy of Americans in further peril,” it said in a statement, warning that information could be used for criminal prosecutions unrelated to cybersecurity.
The White House said Wednesday it was “pleased” with the cybersecurity provision, noting that President Barack Obama had called for legislation to “help the private sector and government share more cyber threat information by providing for targeted liability protections while carefully safeguarding privacy, confidentiality and civil liberties.”
Also included in the spending measure is the Intelligence Authorization Act, which matches language in a bill that passed with overwhelming support in the House earlier this month. The bill authorizes a 7 percent spending increase for intelligence agencies and presses President Barack Obama to produce a strategy to defeat the Islamic State.
The bill also restricts the president’s privacy and civil liberties oversight board from obtaining information about covert CIA operations and requires regular reports to Congress describing the numbers of foreign fighters going to and from Syria and Iraq.
The House is scheduled to vote Friday on the omnibus bill.
Follow Tami Abdollah on Twitter at http://www.twitter.com/latams .
Mistakes and miscommunication by three governments on three continents over nearly 20 years led to a homeless man known as “Africa” being on Los Angeles’ Skid Row, where he was shot by police after authorities say he became combative and appeared to reach for an officer’s weapon.
The problems began in the late 1990s when French officials gave him a passport under what turned out to be a stolen name. He came to the U.S., robbed a bank and then was convicted and imprisoned under the same false name.
U.S. immigration officials wanted to send him back to his native Cameroon but that country never responded to requests to take him. So he was released from a halfway house last May, and U.S. probation officials lost track of him in November.
It took three failed monthly check-ins for a warrant to be issued on a probation violation and it’s unclear whether anyone actually looked for him. He apparently was living the entire time on Skid Row, roughly 50 square blocks of liquor stores, warehouses, charitable missions and a few modest businesses.
Many of the estimated 1,700 people who sleep each night on the sidewalks are mentally ill, like Africa.
Los Angeles police Cmdr. Andrew Smith said the man had no previous arrests in Los Angeles. While officers spoke to him once or twice, he gave them no reason to suspect he was wanted.
“If you’re cool and you’re quiet, and you don’t make a big fuss, you can sit out there quietly and live in your tent pretty much in peace,” said Smith. “If the feds put out a warrant for this guy, shoot, there’s no reason we’d suspect he’s in Skid Row.”
The true name of the man who was long known to authorities as Charley Saturin Robinet remained a mystery Wednesday, three days after a violent death that was captured on a bystander’s video and watched by millions.
Authorities said the man tried to grab a rookie Los Angeles police officer’s gun, prompting three other officers to shoot. Chief Charlie Beck said the officers had arrived to investigate a robbery report and the man refused to obey their commands and became combative.
Peter Nunez, a former U.S. attorney in San Diego who is chairman of the Center for Immigration Studies in Washington, D.C., said the case points to multiple failures by government.
He criticized France for not being more diligent in investigating the man’s background before issuing a passport and U.S. authorities for not realizing he was a “fraud” before the end of his prison term and then not putting more effort into finding him once he disappeared.
“Shame on all of them,” said Nunez, whose group advocates for stricter immigration policies and enforcement.
Axel Cruau, France’s consul general in Los Angeles, said the system for checking backgrounds was vastly different when the man duped French officials.
“Let’s remember 20 years ago we didn’t have the same databases we have today, the same rules, we didn’t have biometric design, it was before 9/11,” he said.
Using the false name, the man was believed to be a French citizen in 2000 when convicted of robbing a Wells Fargo branch in Los Angeles and pistol-whipping an employee in what he told authorities was an effort to pay for acting classes at the Beverly Hills Playhouse.
In 2013, as he was nearing his release from a federal prison in Rochester, Minnesota, French officials found the real Robinet in France, Cruau said. U.S. Immigration and Customs Enforcement then determined the impostor actually was from Cameroon but said the African country ignored repeated requests for travel documents, hampering efforts to deport him.
The U.S. Supreme Court ruled in 2001 that immigration authorities cannot detain people indefinitely just because no country will take them. Justice Stephen Breyer wrote that the government would need a special reason to keep someone in custody after six months if deportation seemed unlikely in “the reasonably foreseeable future.”
“ICE makes every possible effort to remove all individuals with final orders of removal within a reasonable period,” spokeswoman Virginia Kice said. “If the actual removal cannot occur within the reasonably foreseeable future, ICE must release the individual.”
A person who said he only has one name, Bindz, and heads the consular section at the Cameroon Embassy in Washington said he couldn’t respond to questions by phone and the ambassador would have to answer in writing.
The man was in immigration custody in September 2013 when a federal judge in California ordered him to a halfway house in Los Angeles. He was released from the halfway house in May, said Ed Ross, a spokesman for the Bureau of Prisons. His sentence included three years of supervision by federal probation officials.
The man had no place to stay and eventually found his way to Skid Row. He was required to provide reports to his probation officer each month and did so for a time, Deputy U.S. Marshal Matthew Cordova said. But he failed to make contact in November, December and January, and a warrant was issued Jan. 9.
Karen Redmond, a spokeswoman for the Administrative Office of the United States Courts, which represents U.S. Probation and Pretrial Services System, declined to comment on what attempts were made to find him, citing an open investigation.
Also Wednesday, police said none of the four officers involved, whose experience ranged from rookie to 11-year department veteran, had fired their weapons while on duty before.
The officers’ names were being withheld until it was determined there was no credible threat to their safety, Smith said.
Spagat reported from San Diego. Associated Press writer Alicia Caldwell in Washington, D.C., contributed to this report.
Tami Abdollah can be reached at http://www.twitter.com/latams .
Two men opened fire on a police car patrolling a tough part of Los Angeles, but the two officers inside were not injured and one was able to shoot back, authorities said. One suspect was later arrested and the other was on the loose.
The shooting occurred Sunday night amid heightened tensions over attacks on police elsewhere in the country after grand juries declined to indict white officers in the killings of unarmed black men.
Police on Monday hadn’t determined a motive for the shooting in South Los Angeles — an area plagued by gang violence — but said there were no indications it was linked to other attacks on police in the country.
“It was a completely unprovoked attack,” LAPD Deputy Chief Bob Green said initially. “They were just driving on the street, and somebody struck out and tried to kill two policemen.”
However, Green later said police were looking into whether the officers might have driven into an ongoing dispute and were inadvertently fired at.
“Last night the initial assessment, based on the reaction of officers and the adrenaline factor, was they were getting ambushed, but, you know, things change and it takes a lot to investigate this,” Green said.
Officers arrested one man shortly after the attack. Christopher Taylor, 18, was booked on suspicion of shooting at an occupied vehicle.
An hours-long search followed for the other man, but he remained at large. Police found a handgun and rifle at the scene, and were looking for video evidence and conducting interviews to determine details such as why and how the shooting occurred.
The two officers were responding to an unrelated radio call and driving slowly in a neighborhood when they saw two men on a sidewalk and the flash of a rifle being fired, police said.
The officers stopped the car, and one got out and returned fire as the men fled. Police found one suspect, uninjured, a short time later along with a rifle and a pistol.
Police searched the neighborhood throughout the night for the other man, warning nearby residents to stay in their homes. Police stopped the search after the man wasn’t found.
Chief Charlie Beck said at a news conference Monday that he was concerned that people might be targeting officers but added that the neighborhood had been marred by gang violence during the past several months and there had been a significant number of gang shootings.
“It’s gettin’ bad, it’s gettin’ real bad,” resident Isiah Frierson, 65, said Monday. “You can’t go nowhere.”
Tyler Izen, president of the Los Angeles Police Protective League, said the “blatant violence” was an outrage.
“Anyone who is willing to murder a law enforcement officer threatens the fundamental fabric of our society, and that should terrify the community,” Izen said in a statement. “Murdering police officers is not a form of protest. It is an affront to all citizens and to public safety.”
The shooting came as protesters in California and across the country have rallied for weeks against police killings of unarmed black men in Missouri and New York.
The killing of two New York City officers in their patrol car has authorities on edge across the country.
The New York gunman ambushed the officers then killed himself after posting threats online, including references to the fatal shooting of 18-year-old Michael Brown in Ferguson, Missouri, and the chokehold death of Eric Garner in New York City. Both were killed by white officers.
Associated Press writer Gillian Flaccus contributed to this report.
Tami Abdollah can be reached at http://www.twitter.com/latams
The detective work blaming North Korea for the Sony hacker break-in appears so far to be largely circumstantial, The Associated Press has learned. The dramatic conclusion of a Korean role is based on subtle clues in the hacking tools left behind and the involvement of at least one computer in Bolivia previously traced to other attacks blamed on the North Koreans.
Experts cautioned that hackers notoriously employ disinformation to throw investigators off their tracks, using borrowed tools, tampering with logs and inserting false references to language or nationality.
The hackers are believed to have been conducting surveillance on the network at Sony Pictures Entertainment Inc. since at least the spring, based on computer forensic evidence and traffic analysis, a person with knowledge of the investigation told the AP.
If the hackers hadn’t made their presence known by making demands and destroying files, they probably would still be inside because there was no indication their presence was about to be detected, the person said. This person, who described the evidence as circumstantial, spoke only on condition of anonymity because he was not authorized to talk openly about the case.
Still, the evidence has been considered conclusive enough that a U.S. official told the AP that federal investigators have now connected the Sony hacking to North Korea.
In public, White House spokesman Josh Earnest on Thursday declined to blame North Korea, saying he didn’t want to get ahead of investigations by the Justice Department and the FBI. Earnest said evidence shows the hacking was carried out by a “sophisticated actor” with “malicious intent.”
All this has led to a dilemma for the Obama administration: How and whether to respond?
An earlier formal statement by the White House National Security Council also did not name North Korea but noted that “criminals and foreign countries regularly seek to gain access to government and private sector networks” and said “we are considering a range of options in weighing a potential response. ” The U.S. official who cited North Korea spoke on condition of anonymity because that official was not authorized to openly discuss an ongoing criminal case.
U.S. options against North Korea are limited. The U.S. already has a trade embargo in place, and there is no appetite for military action. Even if investigators could identify and prosecute the individual hackers believed responsible, there’s no guarantee that any who are overseas would ever see a U.S. courtroom. Hacking back at North Korean targets by U.S. government experts could encourage further attacks against American targets.
“We don’t sell them anything, we don’t buy anything from them and we don’t have diplomatic relations,” said William Reinsch, a former senior U.S. Commerce Department official who was responsible for enforcing international sanctions against North Korea and other countries. “There aren’t a lot of public options left.”
Sony abruptly canceled the Dec. 25 release of its comedy, “The Interview,” which the hackers had demanded partly because it included a scene depicting the assassination of North Korea’s leader. Sony cited the hackers’ threats of violence at movie theaters that planned to show the movie, although the Homeland Security Department said there was no credible intelligence of active plots. The hackers had been releasing onto the Internet huge amounts of highly sensitive — and sometimes embarrassing — confidential files they stole from inside Sony’s computer network.
North Korea has publicly denied it was involved, though it has described the hack as a “righteous deed.”
The episode is sure to cost Sony many millions of dollars, though the eventual damage is still anyone’s guess. In addition to lost box-office revenue from the movie, the studio faces lawsuits by former employees angry over leaked Social Security numbers and other personal information. And there could be damage beyond the one company.
Sony’s decision to pull the film has raised concerns that capitulating to criminals will encourage more hacking.
“By effectively yielding to aggressive acts of cyberterrorism by North Korea, that decision sets a troubling precedent that will only empower and embolden bad actors to use cyber as an offensive weapon even more aggressively in the future,” said Sen. John McCain, R-Ariz., who will soon become chairman of the Senate Armed Services Committee. He said the Obama administration has failed to control the use of cyber weapons by foreign governments.
Homeland Security Secretary Jeh Johnson said on MSNBC that the administration was “actively considering a range of options that we’ll take in response to this attack.”
The hacking attack could prompt fresh calls for North Korea to be declared a state sponsor of terrorism, said Evans Revere, a former State Department official and Northeast Asia specialist. North Korea was put on that American list of rogue states in 1988 but taken off in 2008 as the U.S. was involved in multination negotiations with the North on its nuclear weapons program.
Evidence pinning specific crimes on specific hackers is nearly always imprecise, and the Sony case is no exception.
Sony hired FireEye Inc.’s Mandiant forensics unit, which last year published a landmark report with evidence accusing a Chinese Army organization, Unit 61398, of hacking into more than 140 companies over the years. In the current investigation, security professionals examined blueprints for the hacking tools discovered in Sony’s network, the Korean language setting and time zone, and then traced other computers around the world used to help coordinate the break-in, according to the person with knowledge about the investigation.
Those computers were located in Singapore and Thailand, but a third in Bolivia had previously been traced to other attacks blamed on North Korea, the person told the AP. The tools in the Sony case included components to break into the company’s network and subsequently erase all fingerprints by rendering the hard drive useless.
“The Internet’s a complicated place,” said Adam Meyers, vice president of intelligence at CrowdStrike Inc., a security company that has investigated past attacks linked to North Korea. “We’re talking about organizations that understand how to hide themselves, how to appear as if they’re coming from other places. To that end, they know that people are going to come looking for them. They throw things in the way to limit what you can do attribution on.”
Another agreed. “If you have a thousand bad pieces of circumstantial evidence, that doesn’t mean your case is strong,” said Jeffrey Carr, chief executive of Taia Global Inc., which provides threat intelligence to companies and government agencies.
An FBI “flash” bulletin sent to some companies with details of the hacking software described it as “destructive malware, a disk wiper with network beacon capabilities.” The FBI bulletin included instructions for companies to listen for telltale network traffic that would suggest they had been infected.
Other movie studios aren’t taken chances. Warner Bros. executives earlier this week ordered a company-wide password reset and sent a five-point security checklist to employees advising them to purge their computers of any unnecessary data, in an email seen by The Associated Press.
“Keep only what you need for business purposes,” the message said.
Abdollah reported from Los Angeles. Associated Press writers Raphael Satter in London and Ted Bridis and Matthew Pennington in Washington contributed to this story.
Los Angeles police are increasingly relying on technology that not only tells patrol officers where crime is most likely to occur but also identifies and keeps track of ex-cons and other bad guys they believe are most likely to commit them.
Police say the effort has already helped reduce crime in one of the city’s most notorious and historically gang-ridden neighborhoods.
“This is a tremendous step forward. Without this, I couldn’t do my job,” said Capt. Ed Prokop, head of the Los Angeles Police Department division that watches over the grimly nicknamed “Shootin’ Newton” area.
The program — part data collection, part lightning-fast computer platform, part street-level intelligence-gathering — is expanding in LA with the help of a recent federal infusion of $400,000 and has drawn interest from departments across North America.
Dubbed LASER for its ability to zero in on offenders and hotspots, it is one of many newer law enforcement tools that use data tracking and collection — such as license plate scanners and cellphone trackers — often with little public knowledge or regulation.
Privacy advocates say LASER isn’t transparent, has no clear oversight and unjustly focuses on keeping ex-convicts under suspicion even though they’ve served their time.
“People who have paid their debts to society shouldn’t remain stigmatized in the eyes of police,” said Kade Crockford of the American Civil Liberties Union.
LASER uses technology developed by the CIA’s venture capital arm to realize a post-9/11 dream that allows investigators to match up vast troves of data from 15 separate sources to connect dots that they otherwise might miss.
Funded by federal grants, it launched in 2011 in Newton, and an expansion funded by additional money in October, brought the program to a total of eight areas throughout the city, plus the department’s high-tech analysis unit and its helicopters.
More than 3,500 LAPD officers have been trained to use Palantir, a platform that was introduced initially to speed up the process of creating dossiers on chronic offenders and is now used throughout the department for a variety of investigative purposes.
Officials from New York, Nevada, Wisconsin, Washington, Texas and Canada have been briefed on LASER, said Craig Uchida, president of Justice & Security Strategies, Inc., and the program’s research partner.
There has been little outside scrutiny of LASER because the nearly $1 million used to fund it doesn’t affect city budgets. Police officials, however, say it works and cite a steady drop in killings in Newton compared to other areas not using the program.
There were 39 homicides a year before the program started and 14 last year, they say. And at the end of the first year, 87 of the 124 people the program identified as chronic offenders were arrested at least once for “like crimes,” officials said.
Privacy advocates say those statistics alone aren’t enough to determine whether the program is effective.
Under the program, police crunch historical data to determine where crimes have frequently occurred so officers can spend more time at those places. It also creates a list of people it considers more likely to commit crimes based on past behavior.
A crime intelligence unit creates the lists by reviewing interview cards officers submit after stopping people on the street. The unit pays special attention to mentions of gun-related crimes or robberies, and people with violent and lengthy criminal histories.
Police say the lists, which are marked information only and include a photo and the license plate numbers of vehicles that offenders use, among other information, often become starting points in a violent crime investigation.
Supporters say LASER is different than the New York City police department’s “stop and frisk” policy, an anti-street crime program that was deemed unconstitutional because officers disproportionately targeted minorities who hadn’t broken the law.
Crockford said the LAPD risks alienating minorities. “You’re repackaging old biases in new technologies,” she said.
ACLU lawyer Peter Bibring said the bulletins amount to intelligence files on people who may commit crimes — a violation of federal law. Once on the list, he said, “the chances of police scrutiny go up significantly, and your chances of being identified wrongly in a crime.”
Bibring said it’s also not clear that the program is following the department’s own standards for collecting criminal intelligence. An LAPD division was shut down 30 years ago after the public learned it was compiling millions of intelligence files on 55,000 people.
LASER analysts are encouraged to purge lists to remove those who haven’t committed a crime in more than six months, but there is no requirement, Uchida said.
David Carter, a former police officer and expert on criminal justice and police surveillance at Michigan State University, said he can understand the civil libertarians’ concerns, but that the police are “doing their due diligence” and their actions are based on reasonable suspicion.
Jim Bueermann, the president of the nonprofit Police Foundation, said it makes sense for police to focus limited resources on troubled areas and people, but they must tread carefully because “American policing has a history of abusing this notion of domestic intelligence gathering.”
There’s a fine line, he said, between being smart on crime and saying that a criminal will always be a criminal.
“People do change,” he said.
Tami Abdollah can be reached at http://www.twitter.com/latams .
A California judge’s initial ruling against a tech entrepreneur seeking access to records kept secret in government databases detailing the comings and goings of millions of cars in the San Diego area via license plate scans was the second legal setback within a month for privacy advocates.
The tentative decision issued Thursday upheld the right of authorities to block the public from viewing information collected on their vehicles from vast networks that rely on cameras mounted on stoplights and police cars.
The rapidly expanding systems and their growing databases have been the subject of a larger debate pitting privacy rights against public safety concerns in a new frontier over high-tech surveillance. A Los Angeles judge ruled in August that city police and sheriff’s departments don’t have to disclose records from the 3 million plates they scan each week.
Michael Robertson, best known for creating the music website MP3.com, stepped into the discussion with a personal lawsuit, asking for access to only his information. He will still get to present his case Friday, despite the initial ruling from San Diego Superior Court Judge Katherine Bacal that went against him.
The ACLU of Southern California and the Electronic Frontier Foundation had been seeking a week’s worth of data from databases that hold hundreds of millions of scans.
The license plate scanning systems have multiplied across the U.S. over the last decade, funded largely by Homeland Security grants. They’re governed by a patchwork of local laws and regulations that have not yet standardized how they’re used and who has access to the information they collect.
About seven in 10 law enforcement agencies used license plate scanners in 2012 and an overwhelming majority planned to acquire such systems or expand their use, according to a study by the Police Executive Research Forum, a research and policy group.
Privacy advocates say these files need to be open to public scrutiny to prevent government overreach and unconstitutional privacy invasions.
“If I’m not being investigated for a crime, there shouldn’t be a secret police file on me” that details “where I go, where I shop, where I visit,” Robertson said in an interview with The Associated Press prior to the ruling. “That’s crazy, Nazi police-type stuff.”
On the other side are government and law enforcement officials who say they’re not misusing the systems and that tracking and storing the data can help with criminal investigations, either to incriminate or exonerate a suspect.
“At some point, you have to trust and believe that the agencies that you utilize for law enforcement are doing what’s right and what’s best for the community, and they’re not targeting your community,” Los Angeles County Sheriff’s Sgt. John Gaw said.
In San Diego’s case, records are kept for up to two years, but other agencies keep them five years or more and are limited mainly by server space.
“If that information is deleted or purged too quickly, then we lost that, and we can never go back,” said Lt. Karen Stubkjaer of the San Diego Sheriff’s Department.
In Robertson’s case against the San Diego Association of Governments, he was seeking access to a sweeping system that links police, sheriffs and eight other law enforcement agencies. The San Diego sheriff’s department has made 9.8 million scans since the system was introduced in 2009, Stubkjaer said.
He said he has no problem with officials using the technology for legitimate purposes like tracking down stolen cars. But he says license plate readers are ripe for abuse, and there’s no reason for long-term storage of data on innocent people.
“I want a strong police force,” he said. “But I also want my personal freedom.”
Neither ruling set legal precedent, but are part of a growing debate.
“License plate readers are part of a larger conversation,” said Chuck Wexler, head of the Police Executive Research Forum. “Technology is changing how the police view crime, and it is raising a number of public policy issues: How long do you hold on to this information? And what part of this information should the public have access to?”
Tami Abdollah can be reached at http://www.twitter.com/latams