FBI Helps Marshall Center Counterterrorism Network Stop Future Attacks

Christine June at the George C. Marshall European Center for Security Studies offers the below piece:

GARMISCH-PARTENKIRCHEN, Germany, July 13, 2018 — For the past five years, Special Agents Tom and Jean O’Connor, both with the FBI’s Joint Terrorism Task Force in Washington, have shared their experiences collecting evidence at terrorism sites with international participants attending the Program on Terrorism and Security Studies held twice a year at the George C. Marshall European Center for Security Studies here.

“The practical, real-life information provided by Tom and Jean on how to collect evidence can help our participants find out who the terrorists are and how they did it,” said retired Marine Corps Col. James Howcroft, Marshall Center’s PTSS director. “Then, you can figure out who are their friends, contacts and even, other members of the cell and this can help you stop a terrorist attack before it happens.”

Together, the husband-wife team has more than 40 years of experience investigating and collecting evidence at terrorist attack sites around the world. They have investigated large-scale terrorism sites such as the Sept. 11, 2001, attack on the Pentagon, as well as bombings on the USS Cole and at the U.S. Embassy in Nairobi and U.S. Consulate in Pakistan.

“The way we have done our training for PTSS participants is that we give a personal perspective on how to work these scenes and what investigative steps to take to locate the evidence that will help with the overall investigation,” Tom O’Connor said.

Evidence and Prosecution

The presentation they give for each PTSS program is a special evening class on evidence and prosecution. On July 9 here, they presented case studies on the incidents they have investigated or for which they collected evidence to illustrate the evidence response team’s 12-step process, from preparation to releasing the scene.

“I think PTSS has the internationally reach that I have not seen anywhere else. Case in point, we just hit up 68 potential investigators from 44 countries in one classroom,” Tom O’Connor said.  “We have been doing this twice a year since 2013. That’s a lot of countries and individuals who have been receiving this information, and a lot of potential terrorist attacks and criminal acts that are going to be able to be solved or prevented through investigative efforts.”

He added that the information provided in their presentation not only helps when the bomb goes off, but also can help before it goes off.

“When someone is doing an investigation and they come across some of the things Jean and I have talked about, they are able to put the case together and arrest individuals before the bad stuff happens,” he said.

Functionally Focused Program

The O’Connors are PTSS alumni. Tom attended in 2011, and Jean followed the next year in 2012.

“I think it’s really important to have alumni come back and share their experiences with other members of the PTSS,” Howcroft said.  “My team and I strive to make sure that PTSS is a course for practitioners, and we select speakers who offer experience and practical knowledge, and there is nobody better than Tom and Jean.”

Marshall Center’s PTSS is a functionally focused program that draws in civilian, law enforcement and military counterterrorism professionals from around the world and improves their capacity to counter terrorism's regional and transnational implications. It aims to combat terrorism in all of its manifestations nationally, regionally and globally.

The first PTSS course was in 2004, and this iteration is the Marshall Center’s 28th. It began June 27 and will finish July 26.

‘Real, Practical, Useful Takeaway’

“Through our teaching here at PTSS and talking to participants, we are also letting them know the capability of the FBI and that we have legal attaches based in U.S. Embassies throughout the world,” Jean O’Connor said. “This is important for them to know, because they all have evidence collection teams, and depending on what that level is in terms of training and capability, they could possibly use our assistance to collect evidence or have access to the FBI Laboratory.”

That is a real, practical and useful takeaway from the PTSS course, Howcroft said.

“The FBI has people like Tom and Jean who respond to events around the world, and they are there to help our partners to improve their capabilities to collect evidence in order to prosecute terrorists and discover their networks,” he added. “This is really important and, in fact, crucial for our participants to know that in their countries or regions, there are FBI agents who can help them.”

Marshall Center Alumni Network

The Marshall Center is a 25-year-old, German-American security partnership that has produced generations of global security professionals schooled in American and German security policies. Its alumni network has more than 12,500 security professionals from 154 nations. From the Marshall Center’s alumni network, close to 2,000 from 127 countries are PTSS alumni.

The O’Connors have contacted Marshall Center alumni when they have traveled overseas conducting investigations or participating in training.

“They do work internationally, and they have met up with alumni in many of the places they have gone to work like Kenya, Ukraine, Pakistan and Yemen,” Howcroft said. “They are really living this idea of the value of the alumni network here at the Marshall Center.”

Note: In the above DoD photo by Christine June Special Agents Tom and Jean O’Connor, both with the FBI’s Joint Terrorism Task Force in Washington, talk about evidence and prosecution to 68 security professionals from 44 countries attending the Program on Terrorism and Security Studies at the George C. Marshall European Center for Security Studies in Garmish-Partenkirchen, Germany on  July 9, 2018.

U.S. National Pleads Guilty To The Attempted Murder Of U.S. Consulate Official In Mexico

The U.S. Justice Department released the below information:

A U.S. national and former medical student pleaded guilty today to shooting a U.S. diplomat stationed at the U.S. Consulate in Guadalajara, Mexico.

Acting Assistant Attorney General John P. Cronan of the Justice Department’s Criminal Division, U.S. Attorney G. Zachary Terwilliger of the Eastern District of Virginia, Special Agent in Charge Robert F. Lasky of the FBI’s Miami Field Office and Director Christian J. Schurman of the U.S. Department of State’s Diplomatic Security Service (DSS) made the announcement.

Zia Zafar, 33, of Chino Hills, California, pleaded guilty to one count of attempted murder of an internationally protected person and one count of discharging a firearm during a crime of violence.  Zafar entered his guilty plea before U.S District Judge Anthony J. Trenga of the Eastern District of Virginia.  Judge Trenga scheduled Zafar’s sentencing hearing for November, 7, 2018. 

According to admissions made in connection with his plea, on Jan. 6, 2017, Zafar armed himself with a firearm, donned a wig and sunglasses to disguise his appearance, and waited in a parking garage for a Vice Consul, who worked at the U.S Consulate in Guadalajara.  Although Zafar initially was following the Vice Consul as he walked towards his vehicle, Zafar noticed a security guard nearby, and instead moved to the vehicle exit ramp, where he waited for the Vice Consul to exit.  As the Vice Consul approached the exit in his car, Zafar fired a single shot into the vehicle, striking the Vice Consul in his chest and leaving him in serious condition.  Zafar admitted that he targeted the Vice Consul because he knew from earlier surveillance that the victim worked at the U.S. Consulate. 

“Zia Zafar surveilled and targeted a U.S. official serving in Mexico, lying in wait before shooting him in the chest in a heinous act of premeditated violence,” said Acting Assistant Attorney General Cronan.  “Today’s guilty plea sends a clear message that the Department of Justice will aggressively prosecute those who seek to harm U.S. officials serving overseas.  The Department of Justice will continue work with our domestic and international partners to ensure that anyone who targets U.S. officials abroad will be brought to justice.”

“The Vice Consul was targeted and shot because he represented the United States,” said G. Zachary Terwilliger, U.S. Attorney for the Eastern District of Virginia. “No one should doubt the resolve of law enforcement to steadfastly investigate and apprehend those who attack us. I wish to express our sincere thanks to the many United States and Mexican law enforcement agencies involved in the apprehension and return of this defendant to the United States to face justice.”

“Crime doesn’t stop at international borders, as such, the FBI works closely with international partners and security services in order to conduct complex investigations and acquire evidence from abroad for criminal prosecutions in the United States,” said FBI Special Agent in Charge Lasky of the Miami Field Office.  “I want to thank the Mexican government for their full support and cooperation throughout this investigation.”

"This guilty plea makes a strong statement to those who would attempt to commit such a heinous crime. The Diplomatic Security Service is dedicated to ensuring those who commit these crimes are brought to justice,” said DSS Director Schurman. “Our global presence allows DSS to work with both U.S. and foreign law enforcement to stop criminals who would attempt to murder a U.S. citizen."

FBI and DSS investigated the case in close cooperation with Mexican authorities and with valuable assistance from the Justice Department’s Office of International Affairs, the Drug Enforcement Administration, and U.S. Immigration and Customs Enforcement’s Homeland Security Investigations.  Trial Attorney Jamie Perry of the Criminal Division’s Human Rights and Special Prosecutions Section and Assistant U.S. Attorney Ronald L. Walutes Jr. of the Eastern District of Virginia are prosecuting the case. 

The Department of Justice gratefully acknowledges the government of Mexico, to include the Secretaría de Relaciones Exteriores, Procuraduria General de la Republica, Fiscalia del Estado de Jalisco and Instituto Nacional de Migracion for their extraordinary efforts, support and professionalism in responding to this incident. 

Grand Jury Indicts 12 Russian Intelligence Officers For Hacking Offenses Related To The 2016 Election

The U.S. Justice Department released the below information:

The Department of Justice today announced that a grand jury in the District of Columbia returned an indictment presented by the Special Counsel’s Office. The indictment charges twelve Russian nationals for committing federal crimes that were intended to interfere with the 2016 U.S. presidential election. All twelve defendants are members of the GRU, a Russian Federation intelligence agency within the Main Intelligence Directorate of  the Russian military. These GRU officers, in their official capacities, engaged in a sustained effort to hack into the computer networks of the Democratic Congressional Campaign Committee, the Democratic National Committee, and the presidential campaign of Hillary Clinton, and released that information on the internet under the names "DCLeaks" and "Guccifer 2.0" and through another entity.

“The Internet allows foreign adversaries to attack America in new and unexpected ways,” said Deputy Attorney General Rod J. Rosenstein. “Together with our law enforcement partners, the Department of Justice is resolute in its commitment to locate, identify and seek to bring to justice anyone who interferes with American elections. Free and fair elections are hard-fought and contentious, and there will always be adversaries who work to exacerbate domestic differences and try to confuse, divide, and conquer us. So long as we are united in our commitment to the shared values enshrined in the Constitution, they will not succeed.”

According to the allegations in the indictment, Viktor Borisovich Netyksho, Boris Alekseyevich Antonov, Dmitriy Sergeyevich Badin, Ivan Sergeyevich Yermakov, Aleksey Viktorovich Lukashev,  Sergey Aleksandrovich Morgachev, Nikolay Yuryevich Kozachek, Pavel Vyacheslavovich Yershov, Artem Andreyevich Malyshev, Aleksandr Vladimirovich Osadchuk, Aleksey Aleksandrovich Potemkin, and Anatoliy Sergeyevich Kovalev were officials in Unit 26165 and Unit 74455 of the Russian government’s Main Intelligence Directorate.

In 2016, officials in Unit 26165 began spearphishing volunteers and employees of the presidential campaign of Hillary Clinton, including the campaign’s chairman. Through that process, officials in this unit were able to steal the usernames and passwords for numerous individuals and use those credentials to steal email content and hack into other computers. They also were able to hack into the computer networks of the Democratic Congressional Campaign Committee (DCCC) and the Democratic National Committee (DNC) through these spearphishing techniques to steal emails and documents, covertly monitor the computer activity of dozens of employees, and implant hundreds of files of malicious computer code to steal passwords and maintain access to these networks.

The officials in Unit 26165 coordinated with officials in Unit 74455 to plan the release of the stolen documents for the purpose of interfering with the 2016 presidential election. Defendants registered the domain DCLeaks.com and later staged the release of thousands of stolen emails and documents through that website. On the website, defendants claimed to be “American hacktivists” and used Facebook accounts with fictitious names and Twitter accounts to promote the website.  After public accusations that the Russian government was behind the hacking of DNC and DCCC computers, defendants created the fictitious persona Guccifer 2.0. On the evening of June 15, 2016 between 4:19PM and 4:56PM, defendants used their Moscow-based server to search for a series of English words and phrases that later appeared in Guccifer 2.0’s first blog post falsely claiming to be a lone Romanian hacker responsible for the hacks in the hopes of undermining the allegations of Russian involvement.

Members of Unit 74455 also conspired to hack into the computers of state boards of elections, secretaries of state, and US companies that supplied software and other technology related to the administration of elections to steal voter data stored on those computers.

To avoid detection, defendants used false identities while using a network of computers located around the world, including the United States, paid for with cryptocurrency through mining bitcoin and other means intended to obscure the origin of the funds. This funding structure supported their efforts to buy key accounts, servers, and domains. For example, the same bitcoin mining operation that funded the registration payment for DCLeaks.com also funded the servers and domains used in the spearphishing campaign.

The indictment includes 11 criminal counts:

Count One alleges a criminal conspiracy to commit an offense against the United States through cyber operations by the GRU that involved the staged release of stolen documents for the purpose of interfering with the 2016 president election;

Counts Two through Nine charge aggravated identity theft for using identification belonging to eight victims to further their computer fraud scheme; Count Ten alleges a conspiracy to launder money in which the defendants laundered the equivalent of more than $95,000 by transferring the money that they used to purchase servers and to fund other costs related to their hacking activities through crypto currencies such as bitcoin; and Count Eleven charges conspiracy to commit an offense against the United States by attempting to hack into the computers of state boards of elections, secretaries of state, and US companies that supplied software and other technology related to the administration of elections.

There is no allegation in the indictment that any American was a knowing participant in the alleged unlawful activity or knew they were communicating with Russian intelligence officers. There is no allegation in the indictment that the charged conduct altered the vote count or changed the outcome of the 2016 election.

Everyone charged with a crime is presumed innocent unless proven guilty in court. At trial, prosecutors must introduce credible evidence that is sufficient to prove each defendant guilty beyond a reasonable doubt, to the unanimous satisfaction of a jury of twelve citizens.

This case was investigated with the help of the FBI’s cyber teams in Pittsburgh, Philadelphia and San Francisco and the National Security Division. The Special Counsel's investigation is ongoing. There will be no comments from the Special Counsel at this time.

Cold War Navy SEAL And Che Guevara In Africa: My Q&A With Former Navy SEAL And CIA Operative James M. Hawes

Counterterrorism magazine published my Q&A with former Navy SEAL and CIA operative James M. Hawes, author of Cold War Navy SEAL: My Story of Che Guevara, War in the Congo, and the Communist Threat in Africa.

You can read the piece below:

A Look Back At Carlos The Jackal: Once The World's Most Wanted Man

Counterterrorism magazine published my look back at "Carlos the Jackal," a terrorist who was once the world’s most wanted man.

You can read the piece below:

FBI: Schooled in Fraud - Education Bait-And-Switch Scheme Cheated Veterans Of Tuition Benefits

The FBI released the below information:

The GI Bill provides the country’s service members and veterans a free or reduced-cost college education to those who qualify, offering them a head start on their return to civilian life. But one group of fraudsters used the Post-9/11 GI Bill and other U.S. Department of Defense educational programs for veterans as a piggy bank to line their own pockets while cheating more than 2,500 service members out of an education they were entitled to under the law.

“This was straight up stealing. Stealing money for veterans that was supposed to help them advance their careers and make themselves more marketable to employers after coming out of the military,” said FBI Special Agent James Eagleeye, who investigated the case out of the FBI’s Newark Division along with investigators from the Department of Veterans Affairs (VA), the Department of Defense, and Department of Education.

The scheme was a basic bait-and-switch. A company called Ed4Mil worked with two schools: one, the private liberal arts Caldwell University in New Jersey; the other, an online correspondence school hired by Ed4Mil to develop and administer courses. Ed4Mil aggressively recruited service members and veterans, offering them free computers and gift cards to sign up for what they thought were classes taught by Caldwell University. Yet when Ed4Mil enrolled the students, they would put them in and pay for unaccredited correspondence school classes—but then charge the government the university tuition rates and pocket the difference.

At the center of the scheme was Ed4Mil founder and president David Alvey. The Harrisburg, Pennsylvania resident saw a business opportunity in educating veterans with government funds but learned that when the government provides tuition and other educational benefits directly to a school, certain requirements must be met that his startup could not satisfy.

To get around the law, Alvey conspired with a Caldwell University official to use the university’s name on coursework that the VA would not have approved. The official—then an associate dean at the school—falsely certified that students were taking the same courses from the same instructors who taught on campus at Caldwell.

But the veterans were instead enrolled in online courses like archery and heavy diesel mechanics that were actually taught by the correspondence school. Students sometimes received a housing allowance for the online school, in violation of the rules governing educational benefits.

Caldwell University has publicly said that current university officials had no knowledge of the fraud, and the university cooperated fully in the investigation.

In some cases, Ed4Mil would take a one-semester correspondence course that cost less than $1,000, break the course up over several semesters, and charge the government $20,000 for the classes to make it seem as if they had been taken at a university.

Ed4Mil also failed to notify service members that they would need to pay their tuition money back to the VA if they didn’t complete a course. In the case of the fraudulent courses, Ed4Mil officials would simply fabricate a grade to make it appear as though the coursework was being completed, as they did not want the service members to complain about owing back tuition.

“This was straight up stealing. Stealing money for veterans that was supposed to help them advance their careers and make themselves more marketable to employers after coming out of the military.”

The scheme went on for about four years, until a student became suspicious of the course content. The student looked up the actual cost of the course he was taking online through the correspondence school and alerted the VA Office of Inspector General (OIG). The VA OIG approached the FBI to partner on an investigation.

As the scheme began to unravel, Ed4Mil scrambled to hide their subcontracting relationship with the correspondence school from their students and attempted to develop their own curriculum—although this curriculum still likely would not have met VA requirements for reimbursement.

Alvey pleaded guilty to conspiracy to commit wire fraud and was sentenced last month to five years in prison. He was also ordered to pay $24 million in restitution. His two co-conspirators—one of his employees as well as the associate dean—each pleaded guilty to conspiracy to commit wire fraud and were sentenced to probation.

Alvey collected most of the profits himself—more than $20 million. He bought a mansion, artwork, and high-end cars and also started other businesses. Under his plea agreement, any ill-gotten gains will have to be forfeited as part of the asset forfeiture process.

Eagleeye saw the fraudsters’ actions as a flagrant abuse of veterans’—and the public’s—trust.

“The military members were presented with this pitch from somebody they thought was from an accredited university. These salespeople were allowed on the reservist post or military base by their military superiors,” Eagleeye said. “To the soldiers, everything appeared to be legitimate.”

The FBI’s partnership with the Department of Veterans Affairs was crucial to rooting out and stopping the corruption.

“This was egregious on so many fronts. The courses were overpriced, they were not high-quality classes, and they spread them out over more months than needed. They wasted the limited monthly entitlements of these veterans,” said VA OIG Special Agent Jenny Walenta. “This was a very well-run case because we worked it collaboratively. Everyone had their own expertise, but we worked together and did our part to help each other stop this fraud that was hurting veterans.” 

A Spy Called Orphan: The Enigma Of Donald Maclean

Veteran journalist and author Joseph C. Goulden offers a good review in the Washington Times of Roland Phillips’ A Spy Named Orphan: The Enigma of Donald Maclean.

Even after the passage of more than half a century, anyone even vaguely familiar with national security clearances must blink at British handling of the coterie of Soviet spies known as “The Cambridge Five.”

Consider the rogue at hand, Donald Maclean. Although a blithering drunk for much of his career in the Foreign Office, he seemed on a path to be foreign minister while in his mid-30s.

Roland Phillips, who had a long career in London publishing, uses newly-released British archives to add fresh details on the oft-told story of the five Cambridge students recruited as Soviet agents the 1930s.

He also gained access to Maclean family papers.

Aside from H.R. “Kim” Philby who culminated his career as counterintelligence chief for British intelligence, Maclean was the most effective agent.

Campus communists inevitably drew the attention of Soviet recruiters. Maclean possessed four desirable qualities of a secret agent: “an inherent class resentfulness, a predilection for secretiveness, a yearning to belong, and an infantile appetite for praise and reassurance.” He was given the code name “Waise” in German, meaning “Orphan.”

You can read the rest of the review via the below link:

https://www.washingtontimes.com/news/2018/jul/10/book-review-a-spy-named-orphan-by-roland-phillips/