Feeds

Petraeus sex'n'menaces webmail trail leads to NATO A'stan general

Spook, soldier, G-man embroiled with adulterous minx duo

Build a business case: developing custom apps

The top US Army commander in Afghanistan has been dragged into an investigation that led to the resignation of former CIA Director David Petraeus over an extramarital affair.

General John Allen faces allegations of allegedly inappropriate communication with Jill Kelley, a central figure in the unfolding scandal.

Kelley is a friend of the Petraeus family from Tampa, Florida, who serves as volunteer social liaison with military families at MacDill Air Force Base. Kelley's complaint about email harassment prompted an investigation that led to Paula Broadwell, Petraeus' biographer and secret lover.

Email records unearthed during the investigation exposed the affair and led to Petraeus' resignation as America's top spook on Friday.

The same investigation uncovered between 20,000 and 30,000 pages of communications - mostly emails sent between 2010 to 2012 - between Allen and Kelley, AP reports. The news agency cites an unnamed US official as a source of the shock revelation. The official declined to detail the nature of the allegedly inappropriate exchanges. The possibility that these exchange might, at least in part, have involved secrets therefore remains open.

Defense Secretary Leon Panetta and President Obama have agreed to delay Allen's nomination to be Commander of U.S. European Command and Supreme Allied Commander Europe. He was due to face Senate confirmation hearings on Thursday. Plans to appoint General Joseph Dunford as Allen's successor in Afghanistan have also been put on hold.

What began beck in May as a simple simple cyberstalking case has mushroomed into a full-blown national security investigation.

"While the matter is under investigation and before the facts are determined, General Allen will remain commander of ISAF," Panetta told Reuters, referring to leadership of NATO's force in Afghanistan - held by Petraeus before Allen took over the role.

The FBI have passed on the handling of the Allen case onto military investigators, the NYT reports. Allen reportedly denies any wrongdoing.

Love quadrangle?

According to various accounts, Petraeus engaged in an affair with Broadwell (after he left the military to become CIA chief) between September 2011 and the summer of 2012, apparently breaking off the relationship around the time he discovered that Broadwell had been harassing Kelley by email. Kelley had reported the anonymous threatening email to the FBI in spring, prompting an investigation.

The Feds traced the emails to Broadwell and began monitoring her communications, stumbling across the fact that Broadwell appeared to be exchanging intimate messages with Petraeus using a Gmail account. The lovers reportedly used shared access to the same Gmail account, set up by Petraeus under a pseudonym, to exchange sexy chitchat.

Messages sent between different account would have left an obvious trail to follow. So instead messages for each other were left in a draft folder, which the other partner read when they next logged into the account.

Broadwell maintained a Yahoo webmail address exposed by the Anonymous hack on private intelligence firm Strafor. As previously reported the fairly strong password she used for her Stratfor account was crackable by brute force alone, so if she made the mistake of using this password on other accounts then hackers could have obtain early access to some extremely juicy correspondence.

It seems Broadwell suspected Kelley of hitting on Petraeus and warned her to "stay away from" the general. These threatening messages may have included extracts of sexually suggestive messages sent by Petraeus. The messages also contained potentially sensitive information that prompted FBI investigators to delve deeper in the case, the BBC reports.

The FBI quickly escalated the investigation because the threatening emails regularly quoted detailed information about the private movements of generals involved with the US Central and Southern Commands. Both are run out of MacDill Air Force Base in Tampa.

The investigation almost stalled because the email accounts from which the messages originated had been registered anonymously. However, what was not concealed was the IP (internet protocol) address of the computers from which the messages were sent.

Investigators seem to have established that harassing e-mails sent to Kelley were sent from IP addresses traced to an address Broadwell shared with her husband in North Carolina. On other occasions the threatening emails were sent from locations or hotels where Broadwell was staying, allowing Feds to use location-based information to identify Broadwell as the likely culprit. At that point her electronic communications were more closely monitored and the illicit sex chat exchanges with Petraeus were exposed. Wired has more on how location-based data allowed Feds to uncover Petraeus' affair here.

Investigators eventually obtained a warrant to search Broadwell's computer, identifying secret documents on the system, Wired adds. Petraeus has been cleared of supplying these documents to Broadwell.

In yet another further twist it seems that the FBI agent who initiated the investigation was a friend of Kelley's, and faces possible disciplinary action after allegedly getting too involved in the case. The Wall Street Journal adds that the as yet unnamed agent sent shirtless pictures of himself to Kelley before the investigation began.

The agent involved initially handed the case over to the bureau's cyber crimes unit. However the agent didn't leave things there instead relaying his concerns as the months passed that the investigation was been blocked by the Obama administration to a Republican member of congress, David Reichert. The agent is under investigation by the Office of Professional Responsibility over his conduct, which violated instructions by his superiors to leave the case alone, the WSJ adds. ®

Endpoint data privacy in the cloud is easier than you think

More from The Register

next story
14 antivirus apps found to have security problems
Vendors just don't care, says researcher, after finding basic boo-boos in security software
'Things' on the Internet-of-things have 25 vulnerabilities apiece
Leaking sprinklers, overheated thermostats and picked locks all online
iWallet: No BONKING PLEASE, we're Apple
BLE-ding iPhones, not NFC bonkers, will drive trend - marketeers
Multipath TCP speeds up the internet so much that security breaks
Black Hat research says proposed protocol will bork network probes, flummox firewalls
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
Microsoft's Euro cloud darkens: US FEDS can dig into foreign servers
They're not emails, they're business records, says court
Plug and PREY: Hackers reprogram USB drives to silently infect PCs
BadUSB instructs gadget chips to inject key-presses, redirect net traffic and more
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
prev story

Whitepapers

7 Elements of Radically Simple OS Migration
Avoid the typical headaches of OS migration during your next project by learning about 7 elements of radically simple OS migration.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Solving today's distributed Big Data backup challenges
Enable IT efficiency and allow a firm to access and reuse corporate information for competitive advantage, ultimately changing business outcomes.
A new approach to endpoint data protection
What is the best way to ensure comprehensive visibility, management, and control of information on both company-owned and employee-owned devices?