Sources: White House aware of Russian bounties in 2019

By JAMES LaPORTA

Top officials in the White House were aware in early 2019 of classified intelligence indicating Russia was secretly offering bounties to the Taliban for the deaths of Americans, a full year earlier than has been previously reported, according to U.S. officials with direct knowledge of the intelligence.

The assessment was included in at least one of President Donald Trump’s written daily intelligence briefings at the time, according to the officials. Then-national security adviser John Bolton also told colleagues at the time that he briefed Trump on the intelligence assessment in March 2019.

The White House didn’t respond to questions about Trump or other officials’ awareness of Russia’s provocations in 2019. The White House has said Trump wasn’t — and still hasn’t been — briefed on the intelligence assessments because they haven’t been fully verified. However, it’s rare for intelligence to be confirmed without a shadow of a doubt before it is presented to top officials.

Bolton declined to comment Monday when asked by the AP if he’d briefed Trump about the matter in 2019. On Sunday, he suggested to NBC that Trump was claiming ignorance of Russia’s provocations to justify his administration’s lack of response.

“He can disown everything if nobody ever told him about it,” Bolton said.

The revelations cast new doubt on the White House’s efforts to distance Trump from the Russian intelligence assessments. The AP reported Sunday that concerns about Russian bounties also were in a second written presidential daily briefing this year and that current national security adviser Robert O’Brien had discussed the matter with Trump. O’Brien denies doing that.

On Monday, O’Brien said that while the intelligence assessments regarding Russian bounties “have not been verified,” the administration has “been preparing should the situation warrant action.”

The administration’s earlier awareness of the Russian efforts raises additional questions about why Trump didn’t take punitive action against Moscow for efforts that put the lives of American service members at risk. Trump has sought throughout his time in office to improve relations with Russia and President Vladimir Putin, moving this year to try to reinstate Russia as part of a group of world leaders it had been kicked out of.

Officials said they didn’t consider the intelligence assessments in 2019 to be particularly urgent, given Russian meddling in Afghanistan isn’t a new occurrence. The officials with knowledge of Bolton’s apparent briefing for Trump said it contained no “actionable intelligence,” meaning the intelligence community didn’t have enough information to form a strategic plan or response. However, the classified assessment of Russian bounties was the sole purpose of the meeting.

The officials insisted on anonymity because they weren’t authorized to disclose the highly sensitive information.

The intelligence that surfaced in early 2019 indicated Russian operatives had become more aggressive in their desire to contract with the Taliban and members of the Haqqani Network, a militant group aligned with the Taliban in Afghanistan and designated a foreign terrorist organization in 2012 during the Obama administration.

The National Security Council and the undersecretary of defense for intelligence held meetings regarding the intelligence. The NSC didn’t respond to questions about the meetings.

Late Monday, the Pentagon issued a statement saying it was evaluating the intelligence but so far had “no corroborating evidence to validate the recent allegations.”

“Regardless, we always take the safety and security of our forces in Afghanistan — and around the world — most seriously and therefore continuously adopt measures to prevent harm from potential threats,” said Pentagon spokesman Jonathan Hoffman.

Concerns about Russian bounties flared anew this year after members of the elite Naval Special Warfare Development Group, known to the public as SEAL Team Six, raided a Taliban outpost and recovered roughly $500,000 in U.S. currency. The funds bolstered the suspicions of the American intelligence community that Russians had offered money to Taliban militants and linked associations.

The White House contends the president was unaware of this development, too.

The officials told the AP that career government officials developed potential options for the White House to respond to the Russian aggression in Afghanistan, which was first reported by The New York Times. However, the Trump administration has yet to authorize any action.

The intelligence in 2019 and 2020 surrounding Russian bounties was derived in part from debriefings of captured Taliban militants. Officials with knowledge of the matter told the AP that Taliban operatives from opposite ends of the country and from separate tribes offered similar accounts.

Putin spokesman Dmitry Peskov denied Russian intelligence officers had offered payments to the Taliban in exchange for targeting U.S. and coalition forces.

Secretary of State Mike Pompeo called the Taliban’s chief negotiator, a spokesman for the insurgents said Tuesday, but it was unknown whether there was any mention during their conversation of allegations about Russian bounties. Pompeo pressed the insurgents to reduce violence in Afghanistan and discussed ways of advancing a U.S.-Taliban peace deal signed in February, the Taliban spokesman tweeted.

The U.S. is investigating whether Americans died because of the Russian bounties. Officials are focused on an April 2019 attack on an American convoy. Three U.S. Marines were killed after a car rigged with explosives detonated near their armored vehicles as they returned to Bagram Airfield, the largest U.S. military installation in Afghanistan.

The Defense Department identified them as Marine Staff Sgt. Christopher Slutman, 43, of Newark, Delaware; Sgt. Benjamin Hines, 31, of York, Pennsylvania; and Cpl. Robert Hendriks, 25, of Locust Valley, New York. They were infantrymen assigned to 2nd Battalion, 25th Marines, a reserve infantry unit headquartered out of Garden City, New York.

Hendriks’ father told the AP that even a rumor of Russian bounties should have been immediately addressed.

“If this was kind of swept under the carpet as to not make it a bigger issue with Russia, and one ounce of blood was spilled when they knew this, I lost all respect for this administration and everything,” Erik Hendriks said.

Three other service members and an Afghan contractor were wounded in the attack. As of April 2019, the attack was under a separate investigation, unrelated to the Russian bounties.

The officials who spoke to the AP also said they were looking closely at insider attacks from 2019 to determine if they were linked to Russian bounties.

Associated Press writers Zeke Miller and Deb Riechmann in Washington, Deepti Hajela in New York and Vladimir Isachenkov in Moscow contributed to this report.

Powered by WPeMatico

Russians will hack again in ’18. Here’s how So Cal elections will answer

At a recent conference on election security, Orange County Registrar of Voters Neal Kelley said he’d asked former CIA Director Michael Hayden if Russian hackers will try to disrupt the 2018 mid-term elections.

“He didn’t hesitate,” Kelley recounted. “He said, ‘They will be targeting congressional races.’”

In Southern California, home to some of the nation’s most-competitive congressional contests, that threat is being taken seriously. Consider just a few of the many new security protocols being adopted by election officials in the four-county region.

Office emails are being encrypted and networks buttressed. Election employees are randomly being mock phished to see if they’ll fall for simulated online invaders. Federal officials are being invited to inspect and test the region’s many voting systems.

Even the seemingly oldest of old-school safety protocols — counting up some election results by hand — is expected to play an expanded role in the 2018 midterms.

The local upgrades are part of a national response to Russia’s meddling in America’s 2016 elections. Intelligence agencies have determined that, among other things, Russian agents and their operatives executed a cyberattack on a U.S. voting software supplier, sent spear-phishing emails to election officials, and targeted voter rolls in at least 21 states, breaching a small (but undisclosed) number of them.

Since then, Congress has authorized $380 million to help states strengthen voting systems’ digital defenses, including $34 million earmarked to protect the integrity of elections in California. In the last weeks of the Obama administration, the Department of Homeland Security also designated state-run election systems as critical infrastructure, elevating them to the same classification as nuclear reactors and the Hoover Dam. And the FBI and other federal officials are offering free cybersecurity assessments to local election offices.

To date, there’s no evidence that votes were changed or voting machines infected during the 2016 cyberattacks. And election security experts say such threats are remote in any specific jurisdiction, and nearly impossible on a substantial scale.

But the upcoming midterms are the first national election since 2016. And those same election experts caution that attacks remain feasible in some American elections systems, particularly if existing vulnerabilities aren’t fixed.

Risk is low; security high

California’s voting infrastructure is, in many ways, far more secure than those of most other states. Counties in California are legally required to keep paper ballots as fixed records of electronic voting tallies and to hand-count the ballots cast at one percent of all precincts to verify digital totals. That means even if voting machines are compromised, there’s a physical backup to warn of a discrepancy.

That’s not true in 11 states, where voting equipment can’t be audited manually and a hack that alters voting results could go entirely undetected. (Interestingly, most of the un-auditable, all-digital machines in those states were put into use after Florida’s “hanging-chad” debacle during the 2000 presidential election scared officials away from punch-card voting systems to what were perceived as more reliable electronic machines.)

Despite California’s superior safeguards, cybersecurity experts say the state’s voting systems remain susceptible to some forms of attack. Recognizing the threat, election officials in Los Angeles, Orange, San Bernardino and Riverside counties all said recently that they’ve become more vigilant since the 2016 campaign and have welcomed help from federal agents to assess their systems.

But implementing fixes has happened at different speeds across the region, with some counties addressing potential vulnerabilities more aggressively than others.

The leader of the pack seems to be Orange County, where four congressional contests in longtime GOP-held districts are being targeted by national Democrats in their effort to take control of the House of Representatives.

In April, Kelley released a 28-page “2018 Election Security Playbook” outlining new security protocols his office has implemented: from improving its ability to detect network intrusions and malware, to encrypting its emails, to enhancing building security, to implementing a third-party cybersecurity audit, to randomly testing its employees by sending them faux phishing emails and seeing if they bite.

The most substantial of the county’s new fixes is its risk-limiting audit – a protection that verifies electronic tallies with an even higher degree of certainty by hand-counting a random sample of paper ballots, with the number of votes scrutinized corresponding to the margin of victory in a given race.

Kelley knows firsthand that malicious actors are constantly probing local voting systems.

At the election security conference, held at UC Irvine in March, Kelley revealed that he and Los Angeles County Registrar of Voters Dean Logan were contacted by federal officials in spring 2016. They warned Kelley that people using overseas IP addresses had prodded his office’s networks in a move that was described as “checking to see if the front door of your house was locked.”

Kelley said his office’s defenses withstood the test, but he immediately worked to strengthen protections anyway.

“We’ve reevaluated every piece of the voting system and process, identified potential vulnerabilities, and made sure those are solid and secure,” said Kelley, who serves on a recently created federal 25-member election security council.

“Even though the risk is low, (the potential for hacking) is being taken very seriously,” he said. “And that should inspire voter confidence, just to know that there’s a different approach being taken to elections than there was in 2016.”

In Los Angeles County, home to another one of the nation’s most competitive congressional races, Logan has educated his staff on cyber threats by having them see firsthand how voting machines can be hacked.

Last year, he sent members of his team to DEF CON in Las Vegas, one of the world’s largest hacker conventions. There, at something called the “Voting Machine Hacking Village,” they watched white-hat hackers “go through and show the vulnerability of voting systems,” a process that helped Logan’s office identify its own potential shortcomings. Since the 2016 elections, the office has upgraded its malware protection and mandated cybersecurity training for staff. It soon will implement vulnerability-assessment and phishing exercises to further test its new systems.

“If we don’t know those vulnerabilities, we can’t respond to them,” Logan said at the conference.

San Bernardino County Registrar of Voters Michael Scarpello was more cryptic about what he’d done to enhance election security in his jurisdiction.

Scarpello said his office had been working with federal agents and the county’s IT department to harden its voting systems, website and local voter registration database from attack. He noted the effort was partially in response to a “heightened level of scrutiny, based on what’s going on at a national level.” Scarpello declined to identify any specific security system or protocol changes – and even refused to disclose the federal agency his office worked with.

And in Riverside County, election officials say the FBI and Department of Homeland Security are helping to monitor their network traffic and supplying a list of IP addresses to watch out for.

Riverside County Registrar of Voters Rebecca Spencer said the increased vigilance isn’t in response to a July 2017 Time magazine cover story. In that article, the Riverside County District Attorney stated that hackers had changed a small number of county residents’ voter registration data in advance of the 2016 primary. And unnamed national cybersecurity officials said the incident may have been a “test run by the Russians… (to see) what kind of chaos they could unleash on Election Day.”

Since then, that version of events has been rebuffed by election officials. California Secretary of State Alex Padilla’s office, which operates the state’s voter registration database, said his office had no evidence that voter rolls were breached. And Spencer said her office had identified the cause of nearly all the voter roll changes, many of which occurred because voters simply forgot they had updated their information.

Hacking your confidence

Despite all the recent upgrades to Southern California’s election infrastructure, cybersecurity experts say most voting systems – even bolstered local ones – still have vulnerabilities.

Many Southern California polling places use 15-to-20-year-old voting machines with outdated operating systems that officials acknowledge are less secure than modern versions. While voting machines are tightly protected, some need to be programmed with a separate memory card, which, depending on the offices’ protocols, could be a vehicle for malicious code. And experts say some voting machines are serviced by outside vendors with varying security protocols, sometimes via computers that might occasionally be connected to the internet, providing a pathway for attack.

Another feasible mode of attack, experts say, could target the state’s voter registration system. Intruders might seek to change or delete portions of voter rolls in a way to deter citizens from voting – similar to what was alleged in Riverside County. To prevent such a breach, Padilla’s office has buttressed its information systems in advance of the 2018 elections by conducting an agency-wide security audit, enhancing its server security and replacing antiquated infrastructure. The state also has implemented “increased 24/7 monitoring” to detect and block potential strikes.

“I think we’re in a much better place in 2016 because we really have our antennas up,” UC Irvine law professor Jack Lerner, who studies electronic voting, said of California’s system.

“I don’t think we’re totally safe unless we have a (mandatory risk-limiting) audit, the way experts have recommended. But we’re in way better shape than other jurisdictions.”

Even if the elections systems are never breached, though, many election-security experts worry the intrusions and hacking attempts are damaging elections in a more intangible way.

Mary Beth Long, a former CIA intelligence officer and Assistant Secretary of Defense, said at the UC Irvine conference that a central aim of Russia’s efforts is to foster distrust of the democratic process and amplify divisive dialogues by causing voters to think elections are able to be rigged.

“It sows discord, controversy and a real lack of confidence in our system… And that has a tremendous impact in how we conduct ourselves, and how we move forward with our elections,” Long said.

“We’ll definitely see more (attempts) in 2018 and 2020.”

That knowledge has put election officials and others in a delicate position when deciding whether or not to sound the alarm about potential election security threats and the need to safeguard and modernize voting systems. Tread too softly, and the fixes might never come. Announce the vulnerabilities too loudly, and you risk cultivating skepticism among voters.

“There are election officials who worry that if voters know what the risks are, they might not come to the polling place,” said Alex Halderman, a University of Michigan computer scientist who in 2017 testified before U.S. Senate Select Committee on Intelligence about cyber threats to U.S. elections.

“Although studies show that voters who are more aware of cybersecurity issues are just as likely to vote, I think there’s a concern that even talking about these problems is somehow negative,” Halderman said at the UC Irvine conference.

“But if we don’t talk about them, nothing is ever going to get done.”

Powered by WPeMatico