Ellen Nakashima

The Obama Administration announced sweeping new measures against Russia on Dec 29 in retaliation for what US officials have characterized as interference in 2016’s presidential election, ordering the expulsion of Russian “intelligence operatives” and slapping new sanctions on state agencies and individuals suspected in the hacks of US computer systems. The response, unveiled just weeks before President Barack Obama leaves office, culminates months of internal debate over how to react to Russia’s election-year provocations.

In recent months, the FBI and CIA have concluded that Russia intervened repeatedly in the 2016 election, leaking damaging information in an attempt to undermine the electoral process and help Donald Trump take the White House. Because Dec 29's announcement is an executive action, it can be undone by the next administration. President Obama also ejected 35 suspected Russian intelligence operatives from the United States and imposed sanctions on Russia’s two leading intelligence services.

With weeks to go in his tenure, President Barack Obama on Dec 23 moved to end the controversial “dual-hat” arrangement under which the National Security Agency and the nation’s cyberwarfare command are headed by the same military officer. It is unclear whether President-elect Donald Trump will support such a move. A transition official said only that “cybersecurity has been and will be a central focus of the transition effort.”

Pressure had grown on President Obama to make such a move on the grounds that the two jobs are too large for one person to handle, that the two organizations have fundamentally different missions and that US Cyber Command, or Cybercom, needed its own leader to become a full-fledged fighting force. “While the dual-hat arrangement was once appropriate in order to enable a fledgling Cybercom to leverage NSA’s advanced capabilities and expertise, Cybercom has since matured” to the point where it needs its own leader, President Obama said in a statement accompanying his signing of the 2017 defense authorization bill.

FBI Director James B. Comey and Director of National Intelligence James R. Clapper Jr. are in agreement with a CIA assessment that Russia intervened in the 2016 election in part to help Donald Trump win the White House, officials disclosed , as President Obama issued a public warning to Moscow that it could face retaliation. New revelations about Comey’s position could put to rest suggestions by some lawmakers that the CIA and the FBI weren’t on the same page on Russian President Vladi­mir Putin’s intentions. The positions of Comey and Clapper were revealed in a message that CIA Director John Brennan sent to the agency’s workforce.

FBI Director James B. Comey and Director of National Intelligence James R. Clapper Jr. are in agreement with a CIA assessment that Russia intervened in the 2016 election in part to help Donald Trump win the presidency, according to US officials. Director Comey’s support for the CIA’s conclusion — and officials say that he never changed his position — suggests that the leaders of the three agencies are in agreement on Russian intentions, contrary to suggestions by some lawmakers that the FBI disagreed with the CIA.

“Earlier this week, I met separately with (Director) FBI James Comey and DNI Jim Clapper, and there is strong consensus among us on the scope, nature, and intent of Russian interference in our presidential election,” CIA Director John Brennan said in a message to the agency’s workforce, according to U.S. officials who have seen the message. “The three of us also agree that our organizations, along with others, need to focus on completing the thorough review of this issue that has been directed by President Obama and which is being led by the DNI,” Brennan’s message read.

The Defense Department became the first US government agency to launch a policy enabling researchers to report bugs or flaws they discover in its websites without fear of prosecution. Calling it a “see something, say something” policy for the digital domain, Defense Secretary Ashton B. Carter said the program is aimed at improving the security of the Pentagon’s unclassified, public-facing networks. The Army also opened registration for Hack the Army, a challenge in which researchers and hackers scour Army sites for software flaws and compete for thousands of dollars in bounty rewards. The Army contest explicitly authorizes researchers to try to hack a limited set of Army systems to find weaknesses. Meanwhile, the new policy is aimed at creating a way for hackers or researchers who come across flaws to report them without exposing themselves to criminal liability.

“This is a historic moment for hackers and the U.S. government,” said Katie Moussouris, founder of Luta Security and an adviser to the Pentagon on the new policy. “For the first time since hacking became a felony offense over 30 years ago, the Department of Defense has now opened the doors for ongoing vulnerability disclosure from helpful hackers who want to help secure these systems without fear of legal prosecution.”

The heads of the Pentagon and the nation’s intelligence community have recommended to President Barack Obama that the director of the National Security Agency, Adm. Michael Rogers, be removed. The recommendation, delivered to the White House on Oct 2016, was made by Defense Secretary Ashton Carter and Director of National Intelligence James Clapper Jr, according to several US officials familiar with the matter.

Action has been delayed, some administration officials said, because relieving Adm. Rogers of his duties is tied to another controversial recommendation: to create separate chains of command at the NSA and the military’s cyberwarfare unit, a recommendation by Clapper and Carter that has been stalled because of other issues. The news comes as Adm. Rogers is being considered by President-elect Donald Trump to be his nominee for director of national intelligence to replace Clapper as the official who oversees all 17 U.S. intelligence agencies. In a move apparently unprecedented for a military officer, Adm. Rogers, without notifying superiors, traveled to New York to meet with Trump at Trump Tower. That caused consternation at senior levels of the administration, according to the officials, who spoke on the condition of anonymity to discuss internal personnel matters.

Federal prosecutors in Baltimore (MD) said they will charge a former National Security Agency contractor with violating the Espionage Act, alleging that he made off with “an astonishing quantity” of classified digital and other data in what is thought to be the largest theft of classified government material ever. In a 12-page memo, US Attorney Rod Rosenstein and two other prosecutors laid out a much more far-reaching case against Harold T. Martin III than was previously outlined.

They said he took at least 50 terabytes of data and “six full banker’s boxes worth of documents,” with many lying open in his home office or kept on his car’s back seat and in the trunk. Other material was stored in a shed on his property. One terabyte is the equivalent of 500 hours worth of movies. The prosecutors also said Martin had an “arsenal” of weapons in his home and car, including an assault-rifle-style tactical weapon and a pistol-grip shotgun with a flash suppressor. Martin, who will appear at a detention hearing in US District Court in Baltimore on Oct 21, also took personal information about government employees as well dozens of computers, thumb drives and other digital storage devices over two decades, the government alleged. In a complaint unsealed earlier in Oct, the government charged him with felony theft of government property and the unauthorized removal and retention of classified materials, a misdemeanor. Conviction under the Espionage Act could send Martin to prison for up to 10 years on each count and is considered the most serious of the three charges.

The Justice Department has kept classified at least 74 opinions, memos and letters on national security issues, including interrogation, detention and surveillance, the Brennan Center for Justice. Also still classified are between 25 and 30 significant opinions issued between 2003 and 2013 by the Foreign Intelligence Surveillance Court (FISC), the secretive federal court that interprets the law governing foreign intelligence-gathering inside the United States. And at the State Department, 807 international agreements signed between 2004 and 2014 have not been published.

The opinions and memos by the Justice Department’s Office of Legal Counsel (OLC) were written between 2002 and 2009, said the report’s author, Elizabeth Goitein, who obtained several data sets through Freedom of Information Act requests. “This is an extensive body of secret law, which is fundamentally incompatible with democratic self-governance,” said Goitein, the co-director of the Brennan Center’s Liberty and National Security Program. “When the government makes law out of the public eye, the results are more likely to be tainted by bias or groupthink, and are frankly more liable to violate statutes or to be unconstitutional.” But senior national security officials said the government has in fact been particularly transparent in recent years.

The Justice Department asked the full appeals court for the Southern District of New York to review a decision that upheld Microsoft’s refusal to comply with a search warrant for an alleged drug trafficker’s e-mails held in a server in Ireland. The July ruling by a three-judge panel of the US Court of Appeals for the 2nd Circuit in Manhattan was a win for Microsoft, which has argued that the court’s power to issue the warrant and the government’s authority to seize the data do not extend overseas. Microsoft, one of the world’s largest e-mail providers, received the warrant in December 2013. But what might ordinarily have been routine compliance with a federal law enforcement request has instead become a pitched battle over government access to digital data held overseas — one that might be headed to the Supreme Court.

The warrant came in the wake of disclosures that shed light on tech firms’ role in complying with US surveillance programs, damaging the burgeoning cloud computing industry. The law at issue is the Stored Communications Act, passed in 1986. “Congress did not intend the SCA’s warrant provisions to apply extraterritorially,” US Appeals Court Judge Susan Carney wrote in the opinion. “The focus of those provisions is protection of a user’s privacy interests.” Prosecutors argue that the panel erred. They say the law’s focus is disclosure, not privacy. There is “widespread recognition that the limit of privacy is reached where the warrant begins,” US Attorney Preet Bharara argued in the petition to the full appeals court.

A federal contractor suspected of leaking powerful National Security Agency hacking tools has been arrested and charged with stealing classified information from the US government, according to court records and a law enforcement official familiar with the case. Harold Thomas Martin III, 51, who worked for Booz Allen Hamilton, was charged with theft of government property and unauthorized removal and retention of classified materials, authorities said. He was arrested in August after investigators searched his home in Glen Burnie (MD) and found documents and digital information stored on various devices that contained highly classified information, authorities said.

The breadth of the damage Martin is alleged to have caused was not immediately clear, though officials alleged some of the documents he took home “could be expected to cause exceptionally grave damage to the national security of the United States.” Investigators are probing whether Martin was responsible for an apparent leak that led to a cache of NSA hacking tools appearing online in August, according to an official familiar with the case. Those tools included “exploits” that take advantage of unknown flaws in firewalls, for instance, allowing the government to control a network.