Softpanorama

Home Switchboard Unix Administration Red Hat TCP/IP Networks Neoliberalism Toxic Managers
May the source be with you, but remember the KISS principle ;-)
Skepticism and critical thinking is not panacea, but can help to understand the world better

Cyberwarfare

News Computer Security Recommended Links Cold War II Stuxnet Flame Vault 7 scandal DNC and Podesta emails leak and  subsequent false flag operation to  blame Vladimir Putin
Anti-Russian hysteria in connection emailgate and DNC leak Hillary Clinton email scandal False flag operations as an important part of demonization of the enemy strategy False flag operations in cyberspace Privacy is Dead – Get Over It Cyberstalking Total control: keywords in your posts that might trigger surveillance Spyware defence strategy
Facebook as Giant Database about Users Blocking Facebook Was Guccifer 2.0 a false flag operation? Phishing Malware Spyware Humor Etc

There is a tendency to exaggerate attacks, although genuine cyberwarfare attacks do exist starting from Stuxnet. The term “war” could be applied to “cyber” activity only if there is a deliberate attempt to destroy some kind of infrastructure of foreign state like was the case of Stuxnet. 

(Re: It does not take a village — or a country; http://tinyurl.com/yguw93g  ).

If country A attacks country B power grid or disrupt government communications that is  a clear “cyber warfare”.

Criminal hacking, Web site defacement, denial-of-service attacks — especially those directed against non-military and non-infrastructure targets — aren't “war” of any kind. It's more like (possibly a state-sponsored)  terrorism: attempt to get attention to specific group or goals. Not that different from, for example, support of jihadists by the USA during Soviet Afghan war,  

Let’s be very clear; "real" war results in people being killed, in property being destroyed, in infrastructure and logistical capabilities being crippled. So for Internet attack to be called cyberwarfare it should meet at least one of this criteria; if not in effect, then in intention. And by “infrastructure” I mean real infrastructure— factories, hospitals, water treatment plants, power-generation facilities, roads and bridges. At least web sites that provide some kind of essential services like financial websites, not the Internet web site with general public information. 

Anything short of this is merely cyber terrorism, propaganda war, or "cold war" if you wish.

Hacking high officials email is more like a color revolution inspired trick, the attempt to destabilizes the government.

US Cyber Attack on Russia’s Power Grid is an ‘Act of War’ (According to the US) Dissident Voice

The Times article, the publication of which President Trump decried in a tweet as “close to treason,” was disturbing for a number or reasons. One was that sources told the Times the hacking by the US Cyber Command of Russia’s power grid had been conducted without the president’s knowledge, for fear that he might act to prevent it or might disclose it.

In other words, an action — the hostile hacking of another rival country’s essential infrastructure, which the US government has warned other nations would be viewed as an “act of war,” is being taken by the US military, without the President’s or Congress’s knowledge!

That should be enough to send shivers down the spine of any sane person. In fact, that could lead to Russian “military response.”

If the Times is correct, the current US hacking of Russia’s power grid is evidence of a US military establishment run amok.

Congress should be outraged and calling for immediate hearings to determine the chain of command that allowed this to happen. Either Trump is lying, and knows all about the hacking, or some high-ranking military officers who acted without his knowledge should be fired the way President Truman fired an insubordinate Gen. Douglas McArthur during the Korean War.

But the Times article was disturbing for another reason too. The lengthy investigative piece, while it talked all about the secret cyber war already being fought by the internet forces of the US and Russia, never mentioned Venezuela.

Recall that at the height of opposition militancy a few months ago, when middle-class Venezuelan backers of calls for President Nicolás Maduro’s resignation were taking to the streets of Caracas and confronting police and army soldiers, virtually the whole country was thrown into darkness and chaos by the collapse of its power grid.

Maduro’s government claimed to have solid evidence that the grid had been hacked by the US. Meanwhile the US, which was openly calling for a coup to oust Maduro, and seeking to build support for it by blocking food imports to Venezuela and oil exports from the country, squeezing its economy in every way possible, and working underground to try and persuade senior military leaders to turn on the government, denied that it was hacking the country’s power grid.

Many people probably assumed that the idea of the US using cyber tool to bring down a country’s power grid was science fiction, or a paranoid fantasy. But now we know it’s reality. If the Pentagon’s Cyber Command has the capability to plant remote-controlled cyber weapons in the software of Russia’s power grid computer systems, it certainly has the capability of using them to bring down the power grid of a Third World country like Venezuela.

But such an act of sabotage and war has deadly consequences. When Venezuela was out of electricity, hospitals were without power, street lights no longer functioned, frail old people were left in darkness where they were at risk of deadly falls, people in multi-story apartment buildings were without elevators and forced to use dark stairwells to go to and from their apartments, and water, which relies on pumps to reach faucets, became scarce. The list of risks to life and health are endless. If the victims of such an attack were added up, I’m sure it would be staggering.

Did the US bring down the Venezuelan power grid?

Given the depth of US involvement in the opposition movement against Maduro, which included creating and propping up the ludicrous self-proclaimed “legitimate President” Juan Guaidó (who self destructed in a fake “coup” attempt orchestrated by the US with help from the US media, when Guaidó was caught pretending to be in control of a “liberated” air force base when he was really with a handful of soldiers standing on a bridge outside the base), it seems harder to believe that the US was not behind the rid collapse than that it caused it.

How could the Times, which clearly had excellent sources inside the Cyber Command to have produced its current story of the successful if deadly risky hacking of Russia’s power grid, not have also mentioned the hacking of the Venezuelan grid, which many observers have already accused the US of being behind? Surely it was relevant to the story. If the reporters left it out, why didn’t an editor say to ask about, and to include a reference to it? If the reporters did their jobs and did ask about and try to include the Venezuela grid story in their piece and it was deleted by the editors, why didn’t the reporters complain publicly?

Well, we know the answer to that. The Times is a “responsible” news organization. It might take sides over a disputed issue within the foreign policy establishment, which surely is why the paper learned about, and decided to report on the hacking of the Russian power grid. The article even mentions that some government and military officials have opposed using cyber attacks on Russian infrastructure to counter alleged Russian hacking of US campaign related organizations and social media platforms. But as a “responsible” news organization, the paper would not publish any information about a cyber attack on a country that its editors agree is led by an “autocrat” who opposes US interests. US backing of a coup to oust the Maduro government, after all, has the backing of the whole US foreign policy establishment.

That, of course, is not real journalism. It’s propaganda.

It’s important to know, which we now do, that our country is at war with Russia in cyberspace. But we need to know too that cyberwars have real flesh-and-blood victims, and that the cyberwar the US almost certainly launched against Venezuela earlier this spring is also underway and killing innocent people.


Top Visited
Switchboard
Latest
Past week
Past month

NEWS CONTENTS

Old News ;-)

[Jul 09, 2019] So what does a cybersecurity company that is hemorrhaging money and can't protect it's clients do? It does an IPO

Notable quotes:
"... So in the past three years Crowdstrike: ..."
"... a) detected the DNC server hack, but failed to stop it b) falsely accused the Russians of hacking Ukrainian artillery c) failed to prevent the NRCC from being hacked, even though that was why they were hired ..."
"... In other words, Crowdstrike is really bad at their job. In addition, Crowdstrike is really bad at business too. CrowdStrike recorded a net loss last year of $140 million on revenue of $249.8 million, and negative free cash flow of roughly $59 million. ..."
Jul 09, 2019 | caucus99percent.com

So in the past three years Crowdstrike:

a) detected the DNC server hack, but failed to stop it
b) falsely accused the Russians of hacking Ukrainian artillery
c) failed to prevent the NRCC from being hacked, even though that was why they were hired

In other words, Crowdstrike is really bad at their job. In addition, Crowdstrike is really bad at business too. CrowdStrike recorded a net loss last year of $140 million on revenue of $249.8 million, and negative free cash flow of roughly $59 million.

So what does a cybersecurity company that is hemorrhaging money and can't protect it's clients do? It does an IPO .

It just goes to show that "getting it right" is not the same thing as "doing a good job." If you tell the right people what they want to hear, the money will take care of itself.

[Jul 09, 2019] Crowdstrike mode of operation:

Jul 09, 2019 | caucus99percent.com

Whoops, you got hacked? Gee, nothing we could have done. More money please!

I think this is most of the IT biz right here

It just goes to show that "getting it right" is not the same thing as "doing a good job."

If you tell the right people what they want to hear, the money will take care of itself.

It's all about making the people at the top feel smart for having hired you and assuring them they don't need to waste their beautiful minds trying to understand what it is you do.

Whoops, you got hacked? Gee, nothing we could have done. More money please!

[Jun 27, 2019] Did the USA Planted Malware In Russia's Power Grid or it was NYT provocation coordinated with the US intelligence againces?

Notable quotes:
"... The real story is how and who leaked this to the NYT. ..."
"... This story was a threat sent by the US government to the Russian government, not to release the information the Russian government gained in South America of criminal US espionage operations in South America. When that fuckwit Bolton was busy trying to hack Venezuela and did not bother to secure operations in his typical corrupt incompetent way, a empty headed bullshittter. ..."
"... The telegraph story about the Soviet pipeline is a canard. The Soviets had no digital controls for their pipelines. ..."
"... This is nothing new and has been going on for decades [telegraph.co.uk] ..."
"... The real story is how and who leaked this to the NYT. ..."
"... "The US has the BEST malware folks! So many malwares... only the best. Trust me. But we didn't tell the Russian about this, 'cause NO COLLUSION. They were totally in the dark, like Argentina is in the Southwest of Africa." ..."
"... Good Luck to them. It is the same idiotism as Y2K fear of nuclear power stations meltdown. They have no computers to break in. They have no computer clocks or Intel based processors to break in. ..."
Jun 27, 2019 | hardware.slashdot.org

DanDD ( 1857066 ) writes: on Sunday June 16, 2019 @01:43PM ( #58772030 )

Nothing new ( Score: 4 , Insightful)

This is nothing new and has been going on for decades [telegraph.co.uk]

The real story is how and who leaked this to the NYT.

rtb61 ( 674572 ) writes: on Monday June 17, 2019 @01:22AM ( #58774154 ) Homepage
Re:Nothing new ( Score: 2 )

This story was a threat sent by the US government to the Russian government, not to release the information the Russian government gained in South America of criminal US espionage operations in South America. When that fuckwit Bolton was busy trying to hack Venezuela and did not bother to secure operations in his typical corrupt incompetent way, a empty headed bullshittter.

So the US government is threatening the Russian government to try to prevent the Russia government from releasing evidence about US criminal espionage activities in South America to the American public. They don't care about the lost information, they only care if the American public get it, evidence of the criminal activity of the US government, this ain't even the first time.

The US government apparently does not care what Russian espionage services know, they only care if the American public get that information and the criminals in the US government end up the ones behind bars. ›

dunkelfalke ( 91624 ) writes: on Monday June 17, 2019 @01:48AM ( #58774210 )
Re:Nothing new ( Score: 3 )

The telegraph story about the Soviet pipeline is a canard. The Soviets had no digital controls for their pipelines.

Re:Nothing new ( Score: 5 , Informative) by fahrbot-bot ( 874524 ) writes: on Sunday June 16, 2019 @02:05PM ( #58772130 )
This is nothing new and has been going on for decades [telegraph.co.uk]

The real story is how and who leaked this to the NYT.

Probably some guy [wikipedia.org] -- like John Barron, John Miller, Carolin Gallego or David Dennison -- who just can't keep his mouth shut.

"The US has the BEST malware folks! So many malwares... only the best. Trust me. But we didn't tell the Russian about this, 'cause NO COLLUSION. They were totally in the dark, like Argentina is in the Southwest of Africa."

So (from TFA) of course they didn't tell Trump. :-)

Anonymous Coward writes: on Sunday June 16, 2019 @01:46PM ( #58772036 )
NYT believes that Russian power grid has computers ( Score: 3 , Funny)

Good Luck to them. It is the same idiotism as Y2K fear of nuclear power stations meltdown. They have no computers to break in. They have no computer clocks or Intel based processors to break in.

[Jun 21, 2019] The astonishing thing about the Russian grid malware story is the casual way it is presented because, after all, inserting malware into someone's electrical grid might well be considered an act of war

Looks like fake propaganda story to force Russians to react.
Notable quotes:
"... The New York Times ..."
"... The astonishing thing about the story is the casual way it is presented because, after all, inserting malware into someone's electrical grid might well be considered an act of war. ..."
"... Assuming that Sanger did his job right and the story is actually correct, a number of aspects of it might be considered. First, interfering with a country's electrical grid, upon which so many elements of infrastructure depend, is extremely reckless behavior, particularly when the activity has been leaked and exposed in a newspaper. ..."
"... The Sanger story elaborates: "Since at least 2012, current and former officials say, the United States has put reconnaissance probes into the control systems of the Russian electric grid. But now the American strategy has shifted more toward offense, officials say, with the placement of potentially crippling malware inside the Russian system at a depth and with an aggressiveness that had never been tried before. ..."
Jun 20, 2019 | www.strategic-culture.org

What is going on with Iran is certainly front-page material but there are two other stories confirming that brain-dead flesh-eating zombies have somehow gained control of the White House. The first comes from David Sanger of The New York Times , who reported last week that the United States had inserted malware into the Russian electrical grid to serve as both a warning and a possible response mechanism should the Kremlin continue with its cyberwarfare ways.

The astonishing thing about the story is the casual way it is presented because, after all, inserting malware into someone's electrical grid might well be considered an act of war. The White House responded to the story with a tweet from the president claiming that "This is a virtual act of Treason by a once great paper so desperate for a story, any story, even if bad for our Country " though he did not state that the account was untrue. In fact, if it was actually treason, that would suggest that the news article was accurate in its description of what must be a Top Secret program. But then Trump or one of his advisors realized the omission and a second tweet soon followed: " ..ALSO, NOT TRUE!"

Assuming that Sanger did his job right and the story is actually correct, a number of aspects of it might be considered. First, interfering with a country's electrical grid, upon which so many elements of infrastructure depend, is extremely reckless behavior, particularly when the activity has been leaked and exposed in a newspaper. Sanger explained the genesis of his story, revealing that he had been working at it for several months. He wrote: "The United States is stepping up digital incursions into Russia's electric power grid in a warning to President Vladimir V. Putin and a demonstration of how the Trump administration is using new authorities to deploy cybertools more aggressively, current and former government officials said. In interviews over the past three months, the officials described the previously unreported deployment of American computer code inside Russia's grid and other targets as a classified companion to more publicly discussed action directed at Moscow's disinformation and hacking units around the 2018 midterm elections. Advocates of the more aggressive strategy said it was long overdue, after years of public warnings from the Department of Homeland Security and the F.B.I. that Russia has inserted malware that could sabotage American power plants, oil and gas pipelines, or water supplies in any future conflict with the United States."

The Sanger story elaborates: "Since at least 2012, current and former officials say, the United States has put reconnaissance probes into the control systems of the Russian electric grid. But now the American strategy has shifted more toward offense, officials say, with the placement of potentially crippling malware inside the Russian system at a depth and with an aggressiveness that had never been tried before. It is intended partly as a warning, and partly to be poised to conduct cyberstrikes if a major conflict broke out between Washington and Moscow. The commander of United States Cyber Command, Gen. Paul M. Nakasone, has been outspoken about the need to 'defend forward' deep in an adversary's networks to demonstrate that the United States will respond to the barrage of online attacks aimed at it. President Trump's national security adviser, John R. Bolton, said the United States was taking a broader view of potential digital targets as part of an effort to warn anybody 'engaged in cyberoperations against us.' 'They don't fear us,' he told the Senate a year ago during his confirmation hearings."

If the Sanger tale is true, and it certainly does include a great deal of corroborative information, then the United States has already entered into a tit-for-tat situation with Russia targeting power grids, largely initiated to "make them fear us." One might suggest that the two countries are already at war. That is in no one's interest and the signals it sends could lead to a major escalation very rapidly. Interestingly, the article states that President Donald Trump does not know about the program even though it could potentially lead to World War 3. That the piece appeared at all also inevitably makes some readers wonder why Sanger has not been arrested for exposing national security information a la Julian Assange.

[Jun 20, 2019] Washington s Dr. Strangeloves: Is plunging Russia into darkness really a good idea?

Notable quotes:
"... ...What else did you expect other than the MIC/Intelligence Agencies/Pentagon/embedded war mongers handling this stuff? ..."
"... Gen. Buck Turgidson is most certainly going rogue. ..."
"... That's really the bigger story here. It has become a mainstream idea that it is a GOOD thing that an elected President is a figurehead with no real power. ..."
Jun 20, 2019 | www.zerohedge.com

Not if_ But When , 11 minutes ago link

...What else did you expect other than the MIC/Intelligence Agencies/Pentagon/embedded war mongers handling this stuff?

SurfingUSA , 2 minutes ago link

Gen. Buck Turgidson is most certainly going rogue.

joego1 , 11 minutes ago link

It's all about the bankers bitches.

LetThemEatRand , 17 minutes ago link

...That's really the bigger story here. It has become a mainstream idea that it is a GOOD thing that an elected President is a figurehead with no real power.

Of course it's been true for a long time, but it's a fairly recent phenomenon that a large number of Americans like it. Russiagate is another example.

Huge portions of America were cheering for the unseating of an elected President by unelected police state apparatus because they don't like him.

[Jun 20, 2019] What About Venezuela's Hacked Power Grid? by Dave Lindorff

Notable quotes:
"... In other words, an action -- the hostile hacking of another rival country's essential infrastructure, which the US government has warned other nations would be viewed as an "act of war," is being taken by the US military, without the President's or Congress's knowledge! ..."
"... If the Times is correct in both its articles, the current US hacking of Russia's power grid is evidence of a US military establishment run amok. ..."
"... Congress should be outraged and calling for immediate hearings to determine the chain of command that allowed this to happen. Either Trump is lying, and knows all about the hacking, or some high-ranking military officers who acted without his knowledge should be fired the way President Truman fired an insubordinate Gen. Douglas McArthur during the Korean War. ..."
"... Many people probably assumed that the idea of the US using cyber tool to bring down a country's power grid was science fiction, or a paranoid fantasy. But now we know it's reality. If the Pentagon's Cyber Command has the capability to plant remote-controlled cyber weapons in the software of Russia's power grid computer systems, it certainly has the capability of using them to bring down the power grid of a Third World country like Venezuela. ..."
"... But such an act of sabotage and war has deadly consequences. When Venezuela was out of electricity, hospitals were without power, street lights no longer functioned, frail old people were left in darkness where they were at risk of deadly falls, people in multi-story apartment buildings were without elevators and forced to use dark stairwells to go to and from their apartments, and water, which relies on pumps to reach faucets, became scarce. The list of risks to life and health are endless. If the victims of such an attack were added up, I'm sure it would be staggering. ..."
"... Did the US bring down the Venezuelan power grid? ..."
"... Given the depth of US involvement in the opposition movement against Maduro, which included creating and propping up the ludicrous self-proclaimed "legitimate President" Juan Guaidó (who self destructed in a fake "coup" attempt orchestrated by the US with help from the US media, when Guaidó was caught pretending to be in control of a "liberated" air force base when he was really with a handful of soldiers standing on a bridge outside the base), it seems harder to believe that the US was not behind the rid collapse than that it caused it. ..."
"... Well, we know the answer to that. The Times is a "responsible" news organization. It might take sides over a disputed issue within the foreign policy establishment, which surely is why the paper learned about, and decided to report on the hacking of the Russian power grid. ..."
Jun 19, 2019 | www.counterpunch.org

Russia and the US are engaging in tit-for-tat hacking of each others' power grid, the New York Times is reporting, in what is really a kind of cyber "cold war" where the hackers from each country's military and intelligence services load electronic "explosives" in the computer systems of critical infrastructure of the other, that in a crisis or war could be "detonated" to create chaos or bring down electric grids.

The Times article, the publication of which President Trump decried in a tweet as "close to treason," was disturbing for a number or reasons. One was that sources told the Times the hacking by the US Cyber Command of Russia's power grid had been conducted without the president's knowledge, for fear that he might act to prevent it or might disclose it.

In other words, an action -- the hostile hacking of another rival country's essential infrastructure, which the US government has warned other nations would be viewed as an "act of war," is being taken by the US military, without the President's or Congress's knowledge!

That should be enough to send shivers down the spine of any sane person. In fact, the that could lead to a US "military response."

If the Times is correct in both its articles, the current US hacking of Russia's power grid is evidence of a US military establishment run amok.

Congress should be outraged and calling for immediate hearings to determine the chain of command that allowed this to happen. Either Trump is lying, and knows all about the hacking, or some high-ranking military officers who acted without his knowledge should be fired the way President Truman fired an insubordinate Gen. Douglas McArthur during the Korean War.

But of course that won't happen. Trump might fire Gen. Jim Mattis as war secretary, and might fire Gen. H. R. McMaster, as National Security Advisor, but he's not going to fire anyone for hacking Russia's power grid, whether it's Acting Secretary of "Defense" Patrick Shanahan or National Security Advisor John Bolton, the known war-mongerer who may well have been behind the order to do it. The Times itself didn't even deign to run an editorial calling for heads to roll over the news of the dangerous provocation.

But the Times article was disturbing for another reason too. The lengthy investigative piece, while it talked all about the secret cyber war already being fought by the internet forces of the US and Russia, never mentioned Venezuela.

Recall that at the height of opposition militancy a few months ago, when middle-class Venezuelan backers of calls for President Nicolás Maduro's resignation were taking to the streets of Caracas and confronting police and army soldiers, virtually the whole country was thrown into darkness and chaos by the collapse of its power grid.

Maduro's government claimed to have solid evidence that the grid had been hacked by the US. Meanwhile the US, which was openly calling for a coup to oust Maduro, and seeking to build support for it by blocking food imports to Venezuela and oil exports from the country, squeezing its economy in every way possible, and working underground to try and persuade senior military leaders to turn on the government, denied that it was hacking the country's power grid.

Many people probably assumed that the idea of the US using cyber tool to bring down a country's power grid was science fiction, or a paranoid fantasy. But now we know it's reality. If the Pentagon's Cyber Command has the capability to plant remote-controlled cyber weapons in the software of Russia's power grid computer systems, it certainly has the capability of using them to bring down the power grid of a Third World country like Venezuela.

But such an act of sabotage and war has deadly consequences. When Venezuela was out of electricity, hospitals were without power, street lights no longer functioned, frail old people were left in darkness where they were at risk of deadly falls, people in multi-story apartment buildings were without elevators and forced to use dark stairwells to go to and from their apartments, and water, which relies on pumps to reach faucets, became scarce. The list of risks to life and health are endless. If the victims of such an attack were added up, I'm sure it would be staggering.

Did the US bring down the Venezuelan power grid?

Given the depth of US involvement in the opposition movement against Maduro, which included creating and propping up the ludicrous self-proclaimed "legitimate President" Juan Guaidó (who self destructed in a fake "coup" attempt orchestrated by the US with help from the US media, when Guaidó was caught pretending to be in control of a "liberated" air force base when he was really with a handful of soldiers standing on a bridge outside the base), it seems harder to believe that the US was not behind the rid collapse than that it caused it.

How could the Times, which clearly had excellent sources inside the Cyber Command to have produced its current story of the successful if deadly risky hacking of Russia's power grid, not have also mentioned the hacking of the Venezuelan grid, which many observers have already accused the US of being behind? Surely it was relevant to the story. If the reporters left it out, why didn't an editor say to ask about, and to include a reference to it? If the reporters did their jobs and did ask about and try to include the Venezuela grid story in their piece and it was deleted by the editors, why didn't the reporters complain publicly?

Well, we know the answer to that. The Times is a "responsible" news organization. It might take sides over a disputed issue within the foreign policy establishment, which surely is why the paper learned about, and decided to report on the hacking of the Russian power grid. The article even mentions that some government and military officials have opposed using cyber attacks on Russian infrastructure to counter alleged Russian hacking of US campaign related organizations and social media platforms. But as a "responsible" news organization, the paper would not publish any information about a cyber attack on a country that its editors agree is led by an "autocrat" who opposes US interests. US backing of a coup to oust the Maduro government, after all, has the backing of the whole US foreign policy establishment.

That, of course, is not real journalism. It's propaganda.

It's important to know, which we now do, that our country is at war with Russia in cyberspace. But we need to know too that cyberwars have real flesh-and-blood victims, and that the cyberwar the US almost certainly launched against Venezuela earlier this spring is also underway and killing innocent people. Join the debate on Facebook More articles by: Dave Lindorff

Dave Lindorff is a founding member of ThisCantBeHappening! , an online newspaper collective, and is a contributor to Hopeless: Barack Obama and the Politics of Illusion (AK Press).

[Jun 19, 2019] Washington's Dr. Strangeloves by Stephen F. Cohen

Notable quotes:
"... What is the significance of this story, apart from what it tells us about the graver dangers of the new US-Russian Cold War, which now includes, we are informed, a uniquely fraught "digital Cold War"? Not so long ago, mainstream liberal Democrats, and the Times itself, would have been outraged by revelations that defense and intelligence officials were making such existential policy behind the back of a president. No longer, it seems. There have been no liberal, Democratic, or for the most part any other, mainstream protests, but instead a lawyerly apologia justifying the intelligence-defense operation without the president's knowledge. ..."
"... As I have often emphasized, the long historical struggle for American-Russian (Soviet and post-Soviet) détente, or broad cooperation, has featured many acts of attempted sabotage on both sides, though most often by US intelligence and defense agencies. ..."
"... Now the sabotaging of détente appears be happening again. As the Times article makes clear, Washington's war party, or perhaps zealous Cold War party, referred to euphemistically by Sanger and Perlroth as "advocates of the more aggressive strategy," is on the move. ..."
"... Détente with Russia has always been a fiercely opposed, crisis-ridden policy pursuit, but one manifestly in the interests of the United States and the world. No American president can achieve it without substantial bipartisan support at home, which Trump manifestly lacks. What kind of catastrophe will it take -- in Ukraine, the Baltic region, Syria, or somewhere on Russia's electric grid -- to shock US Democrats and others out of what has been called, not unreasonably, their Trump Derangement Syndrome, particularly in the realm of American national security? Meanwhile, the Bulletin of Atomic Scientists has recently reset its Doomsday Clock to two minutes before midnight. ..."
Jun 19, 2019 | www.thenation.com

Occasionally, a revelatory, and profoundly alarming, article passes almost unnoticed, even when published on the front page of The New York Times . Such was the case with reporting by David E. Sanger and Nicole Perlroth , bearing the Strangelovian title "U.S. Buries Digital Land Mines to Menace Russia's Power Grid," which appeared in the print edition on June 16. The article contained two revelations.

First, according to Sanger and Perlroth, with my ellipses duly noted, "The United States is stepping up digital incursions into Russia's electric power grid. Advocates of the more aggressive strategy said it was long overdue " The operation "carries significant risk of escalating the daily digital Cold War between Washington and Moscow." Though under way at least since 2012, "now the American strategy has shifted more toward offense with the placement of potentially crippling malware inside the Russian system at a depth and with an aggressiveness that had never been tried before." At this point, the Times reporters add an Orwellian touch. The head of the U.S. Cyber Command characterizes the assault on Russia's grid, which affects everything from the country's water supply, medical services, and transportation to control over its nuclear weapons, as "the need to 'defend forward,'" because "they don't fear us."

Nowhere do Sanger and Perlroth seem alarmed by the implicit risks of this "defend forward" attack on the infrastructure of the other nuclear superpower. Indeed, they wonder "whether it would be possible to plunge Russia into darkness." And toward the end, they quote an American lawyer and former Obama official, whose expertise on the matter is unclear, to assure readers sanguinely, "We might have to risk taking some broken bones of our own from a counter response. Sometimes you have to take a bloody nose to not take a bullet in the head down the road." The "broken bones," "bloody nose," and "bullet" are, of course, metaphorical references to the potential consequences of nuclear war.

The second revelation comes midway in the Times story: "[President] Trump had not been briefed in any detail about the steps to place 'implants' inside the Russian grid" because "he might countermand it or discuss it with foreign officials." (Indeed, Trump issued an angry tweet when he saw the Times report, though leaving unclear which part of it most aroused his anger.)

What is the significance of this story, apart from what it tells us about the graver dangers of the new US-Russian Cold War, which now includes, we are informed, a uniquely fraught "digital Cold War"? Not so long ago, mainstream liberal Democrats, and the Times itself, would have been outraged by revelations that defense and intelligence officials were making such existential policy behind the back of a president. No longer, it seems. There have been no liberal, Democratic, or for the most part any other, mainstream protests, but instead a lawyerly apologia justifying the intelligence-defense operation without the president's knowledge.

The political significance, however, seems clear enough. The leak to the Times and the paper's publication of the article come in the run-up to a scheduled meeting between President Trump and Russian President Vladimir Putin at the G-20 meeting in Japan on June 28–29. Both leaders had recently expressed hope for improved US-Russian relations. On May 4, Trump again tweeted his longstanding aspiration for a "good/great relationship with Russia"; and this month Putin lamented that relations " are getting worse and worse " but hoped that he and Trump could move their countries beyond "the games played by intelligence services."

As I have often emphasized, the long historical struggle for American-Russian (Soviet and post-Soviet) détente, or broad cooperation, has featured many acts of attempted sabotage on both sides, though most often by US intelligence and defense agencies. Readers may recall the Eisenhower-Khrushchev summit meeting that was to take place in Paris in 1960, but which was aborted by the Soviet shoot-down of a US spy plane over the Soviet Union, an intrusive flight apparently not authorized by President Eisenhower. And more recently, the 2016 plan by then-President Obama and Putin for US-Russian cooperation in Syria, which was aborted by a Department of Defense attack on Russian-backed Syrian troops.

Now the sabotaging of détente appears be happening again. As the Times article makes clear, Washington's war party, or perhaps zealous Cold War party, referred to euphemistically by Sanger and Perlroth as "advocates of the more aggressive strategy," is on the move. Certainly, Trump has been repeatedly thwarted in his previous détente attempts, primarily by discredited Russiagate allegations that continue to be promoted by the war party even though they still lack any evidential basis. (It may also be recalled that his previous summit meeting with Putin was widely and shamefully assailed as "treason" by influential segments of the US political-media establishment.)

Détente with Russia has always been a fiercely opposed, crisis-ridden policy pursuit, but one manifestly in the interests of the United States and the world. No American president can achieve it without substantial bipartisan support at home, which Trump manifestly lacks. What kind of catastrophe will it take -- in Ukraine, the Baltic region, Syria, or somewhere on Russia's electric grid -- to shock US Democrats and others out of what has been called, not unreasonably, their Trump Derangement Syndrome, particularly in the realm of American national security? Meanwhile, the Bulletin of Atomic Scientists has recently reset its Doomsday Clock to two minutes before midnight.

This commentary is based on Stephen F. Cohen's most recent weekly discussion with the host of The John Batchelor Show . Now in their sixth year, previous installments are at TheNation.com . Ad Policy Stephen F. Cohen is a professor emeritus of Russian studies and politics at New York University and Princeton University. A Nation contributing editor, his new book War With Russia? From Putin & Ukraine to Trump & Russiagate is available in paperback and in an ebook edition.

[Jun 18, 2019] US Foreign Policy Exposed

Jun 18, 2019 | dissidentvoice.org

In the last week, the realities of US foreign policy have been exposed by a leaked audio tape, a leak about a US attack on the Russian electrical grid, and US attempts to extradite Julian Assange. All the information points to a foreign policy that violates international law and standards, perpetrates wars and conflict and seeks to undermine press freedom in order to commit its crimes in secret.

This is not new information to those of us who closely follow US foreign policy, but these new exposures are broad and are in the mass media where many millions of people can view them and gain a greater understanding of the realities of US actions around the world. Join the People's Mobilization to Stop the US War Machine this September.

... ... ...

US Cyberattack on Russian Electrical Grid

On June 15, the New York Times reported on interviews with military officials over the last three months that showed the US stepping up digital incursions into Russia's electric power grid. The US has deployed computer code into the Russian electrical system for future cyber attacks. The actions are a warning to President Putin and a demonstration of how the Trump administration is using new authorities to deploy cybertools more aggressively, according to current and former government officials.

The Times reports the US "strategy has shifted more toward offense with the placement of potentially crippling malware inside the Russian system at a depth and with an aggressiveness that had never been tried before."

Last year, new authorities were granted separately by the White House and Congress to United States Cyber Command, an arm of the Pentagon, to conduct offensive online operations without receiving presidential approval. The Times reports that Trump has not been briefed on the details of these actions for fear of his reaction. Trump denies the report and accused the Times of "a virtual act of treason ."

It is not clear how far the US has gone into the Russian electrical system. Could it cripple Russia's electrical system or shut down its military? This may not be known until it is activated. Attacks on power grids by the US are not new, as shown in the attack on the Venezuelan electrical system in March, but boring into a system in preparation for war seems to be new.

... ... ...

The facade is being lifted on US foreign policy. It is no longer possible for the US to get away with its crimes. And global power is shifting. Last week, Russia and China signed two major agreements, thus ending the US as the dominant superpower and creating a multipolar world. Alliances are changing – India may partner with Russia and China.

We are facing a historic crossroad. Will the US continue to try to dominate the world using economic, cyber and military weapons, further isolating itself and wasting resources that are needed to meet human needs and protect the planet, or will the US become a partner in good faith with other great powers? It is up to us to determine which path is taken. Join us this September during the United Nations General Assembly to call for the US to be held accountable in the People's Mobilization to Stop the US War Machine. Click here for more information .

Kevin Zeese and Margaret Flowers are co-directors of Popular Resistance. Margaret serves as co-chair of the Green Party of the United States. Read other articles by Kevin Zeese and Margaret Flowers .

[Jun 18, 2019] This story claims the bugs are "in place", ready for activation. This is guaranteed to cause a lot of extra work for some technical people in Russia

Notable quotes:
"... Cue Russian rejection of MS Windows ( STUXNET/HDIs for PLCs ) ..."
"... As far as I know, all governmental computers in Russia run Astra Linux https://astralinux.ru Even my youngest daughter's school ditched MS Windows years ago and run the public Astra Linux and I think Libre Office. ..."
"... The Times would no doubt argue that its bringing transparency offers a chance to open the door to reason. This is mere malarky coming from the Times. Reason would consist in the Times engaging in a thousand mea culpas for its part in fixing in stone the anti Russian hysteria that consumes the Capital beltway because the favored candidate lost the 2016 election. What do the people at the Times think? That their article will get Putin on the phone with Trump to say that we need to talk about this; that Trump will find the balls to say yeah, we do. The sanctimony of the Times is as boundless as the dysfunction of our Nation's capital. ..."
"... "the NY Times is egregiously irresponsible for publishing the story" ..."
"... By all means this should be kept secret from the citizens of the USA. How dare Americans find out what the Obama administration did in 2012 or what the Congress authorized in the "John S. McCain National Defense Authorization Act for Fiscal Year 2019" or that John Bolton or General Nakasone can conduct offensive online operations without receiving direct presidential approval. By all means keep that secret, we don't want anyone to hold Bolton and company accountable. Did you notice Pompeo's name is nowhere to be seen in that article. I wonder why ..."
"... I imagine that the article will generate some serious conversations in Moscow and Beijing. ..."
"... The Times is telling Russia to back the eff off as "we" don't want interference when and if we move on Iran. It's global/strategic level. Iran must be neutralized in part for the usual ME reasons but now it's also messaging to China who depend on Gulf oil. Notice uprisings I'm Hong Kong. This morning WAPO said Xi goes to North Korea very soon - first by PRC leader in 17 yrs. ..."
"... frankly i would worry more about our own under protected power grid if a state possessing the computer talent Russia and China have should they become vindictive for all horseshit we have thrown at them the past 20 years ..."
"... How many utility workers are a security risk due to personal debt? How well is the power grid maintained? Have the back up systems been tested for function? We had a bunch of Wile E. Coyote Super Geniuses show how fragile they could make the financial system and the auto manufacturing parts supply system a few years ago. How robust and secure are the electrical power distribution systems? ..."
"... I doubt Russian professionals will need to do much of anything because most of the Russian grid isn't connected to the internet. ..."
"... Additionally, it's more of a reason for them to continue moving away from Windows/Linux and off to their own distro AstraOS running Elbrus processors. ..."
"... Keith Harbaugh , 16 June 2019 at 01:56 PM ..."
"... Old saying seems quite applicable here: "People who live in glass houses shouldn't throw stones." ..."
"... I wonder whether the people who cooked up this kind of bright idea have looked at who tends to win the annual International Collegiate Programming Contest, which is headquartered at Baylor University. ..."
"... Russiagate paranoia level 11 appears to now be the official USG position, thanks in no small part to clickbait fearmongering pieces like this in the NYT and elsewhere of course. ..."
Jun 18, 2019 | turcopolier.typepad.com

BabelFish , 16 June 2019 at 08:16 AM

The whole NeoCon motivation portfolio is incomprehensible to me. The US treatment of Russia smacks of "you were supposed to become another U.S.A." Socially, you can always tell the latest group think identified security threat by who the entertainment industry portrays as the most immoral supervillains. Those are Russians and Russian Oligarchs.

On China, I believe that they have engaged in a long term war with America and are doing an excellent job of it. I truly have no issues with dealing with the them as a currently non-military for. I have been fearful over a military confrontation with them for some time now.

Fred , 16 June 2019 at 09:23 AM
Per your linked article: "Since at least 2012, current and former officials say, the United States has put reconnaissance probes into the control systems of the Russian electric grid."

So the Obama administration was interfering with Russian electric grid controls at least 4 years before the 2016 election. I wonder what the Russian response could possibly have been? But it gets even better ! The Russians interfered with Ukraine's electric grid - for "a few hours" - in 2015. I bet that really upset Vice President Biden's former coke using son who was working for Bursima, the company based in Cyprus which runs Ukraine's natural gas system, since 2014. Don't bother researching what then Secretary of State Kerry's former 'senior' advisors were up to. Just don't. Thank goodness all the people who failed from 2008 to 2018 are all still running the show. BTW I just loved the moniker "energetic bear", it is so much more creative than "cozy bear".

"Two administration officials said they believed Mr. Trump had not been briefed in any detail about the steps to place "implants" -- software code that can be used for surveillance or attack -- inside the Russian grid."

Yeah, better not tell Trump you are doing all this stuff on behalf of President Bolton or he might send out a tweet or something. On a bright note only 144,000 illegals were caught crossing the US Souther border last month. Crisis over! Congratulations President Bolton Trump. Better move our army to Poland - the country whose former President is also working for Bursima - because nothing deters illegal imigration from South of the Border like promising to defend some other country.

Morongobill , 16 June 2019 at 09:43 AM
Insanity has taken over in the capitol city.

Tulsi is really starting to look good to this Trump voter and supporter.

Ken , 16 June 2019 at 09:46 AM
Obama also approved a previously undisclosed covert measure that authorized planting cyberweapons in Russia's infrastructure, the digital equivalent of bombs that could be detonated if the United States found itself in an escalating exchange with Moscow. The project, which Obama approved in a covert-action finding, was still in its planning stages when Obama left office. It would be up to President Trump to decide whether to use the capability.
https://www.washingtonpost.com/graphics/2017/world/national-security/obama-putin-election-hacking/?utm_term=.fa1fd9a5c8d6
Ishmael Zechariah , 16 June 2019 at 09:50 AM
The Russians must have considered the possibility of an attack on their power grid, and taken whatever precautions they could. As such, this is not "news" to someone skilled in the art. OTOH, this story claims the bugs are "in place", ready for activation. This is guaranteed to cause a lot of extra work for some technical people in Russia. Could the committee comment about the purpose behind the publication of this story? It seems to have upset Trump, if nothing else.
Ishmael Zechariah
Unpleasant Person , 16 June 2019 at 09:55 AM
Cue Russian rejection of MS Windows ( STUXNET/HDIs for PLCs ) and even GNU/Linux based solutions (DanceFloor) for the likes of KasperskyOS .

It does also raise a question about Loss of Load and consequent cooling issues for nuclear plants. Any ugliness resulting from such an action (with attendant reminders about make believe attacks on the Vermont grid by make believe Russians) could be interesting.

Peter Williams said in reply to Unpleasant Person... , 16 June 2019 at 03:21 PM
As far as I know, all governmental computers in Russia run Astra Linux https://astralinux.ru Even my youngest daughter's school ditched MS Windows years ago and run the public Astra Linux and I think Libre Office.
Flavius , 16 June 2019 at 10:53 AM
I think that there is a lot to think about and the feeling that will accompany the thinking will be one of chagrin and helplessness.

If the story is fundamentally true, the big thinkers in the National Defense establishment who were responsible for launching and implementing this program have 'big thought' the lot of us living in the real world several clicks closer to calamity.

Whether it is wholly true, partially true, or entirely false, the NY Times is egregiously irresponsible for publishing the story. The net effect of the story will be that those nations who consider themselves to be, or about to be, in a defensive posture vis a vis the US will say to themselves "we must do something about this", initiate similar attacks, and undertake countermeasures; and of course, anything that increases the perception that the ambitions of the Beltway bureaucracies are technically unbounded and reckless will accelerate the formation of alliances in opposition.

The Times would no doubt argue that its bringing transparency offers a chance to open the door to reason. This is mere malarky coming from the Times. Reason would consist in the Times engaging in a thousand mea culpas for its part in fixing in stone the anti Russian hysteria that consumes the Capital beltway because the favored candidate lost the 2016 election. What do the people at the Times think? That their article will get Putin on the phone with Trump to say that we need to talk about this; that Trump will find the balls to say yeah, we do. The sanctimony of the Times is as boundless as the dysfunction of our Nation's capital.

What next? Grinning and bearing it is becoming more tiresome, but what choice do we have?

Fred -> Flavius... , 16 June 2019 at 12:02 PM
Flavius,

"the NY Times is egregiously irresponsible for publishing the story"

By all means this should be kept secret from the citizens of the USA. How dare Americans find out what the Obama administration did in 2012 or what the Congress authorized in the "John S. McCain National Defense Authorization Act for Fiscal Year 2019" or that John Bolton or General Nakasone can conduct offensive online operations without receiving direct presidential approval. By all means keep that secret, we don't want anyone to hold Bolton and company accountable. Did you notice Pompeo's name is nowhere to be seen in that article. I wonder why .

Flavius said in reply to Fred ... , 16 June 2019 at 08:29 PM
My expectation is that the Times article will have considerably more effect in foreign capitals than in ours. We have the very same NY Times and political journals like the Washington Post to thank for this for the reason I mentioned, their constitutional inability to accept the result of the 2016 election. Their irresponsible reporting to mitigate their grief has created a political atmosphere inside the Beltway where the lunatic element in the bureaucracies will be credited for having done a good thing and most everyone else won't give a crap because it is the Russians after all, you know, those nefarious Russians the Times, the Post, the Networks have been telling us about for 2 1/2 years ad nauseam.

If the article has its wholly unintended effect of stiffening Trump's spine towards draining the swamp he inherited as he promised to do, getting rid of the Boltons and the Pompeos, sending Javanka back to the upper east side of Manhattan, it will have been an ill wind that blew some good. But in that regard, when it comes to the Donald, I'm tired of holding my breath. On the other hand, I imagine that the article will generate some serious conversations in Moscow and Beijing.

Fourth and Long said in reply to Flavius... , 17 June 2019 at 09:00 AM
The Times is telling Russia to back the eff off as "we" don't want interference when and if we move on Iran. It's global/strategic level. Iran must be neutralized in part for the usual ME reasons but now it's also messaging to China who depend on Gulf oil. Notice uprisings I'm Hong Kong. This morning WAPO said Xi goes to North Korea very soon - first by PRC leader in 17 yrs.
ted richard , 16 June 2019 at 01:19 PM
russian computer science professionals are now and have been for some at the very pinnacle of talent found anywhere in the world. i seriously doubt at this point in time there is anything we could plant into any of their critically important systems they can not identify in real time or soon thereafter.

frankly i would worry more about our own under protected power grid if a state possessing the computer talent Russia and China have should they become vindictive for all horseshit we have thrown at them the past 20 years

SAC Brat said in reply to ted richard... , 16 June 2019 at 04:04 PM
How many utility workers are a security risk due to personal debt? How well is the power grid maintained? Have the back up systems been tested for function? We had a bunch of Wile E. Coyote Super Geniuses show how fragile they could make the financial system and the auto manufacturing parts supply system a few years ago. How robust and secure are the electrical power distribution systems?
nero said in reply to ted richard... , 16 June 2019 at 04:04 PM
I doubt Russian professionals will need to do much of anything because most of the Russian grid isn't connected to the internet.

Additionally, it's more of a reason for them to continue moving away from Windows/Linux and off to their own distro AstraOS running Elbrus processors.

Keith Harbaugh , 16 June 2019 at 01:56 PM
Old saying seems quite applicable here: "People who live in glass houses shouldn't throw stones."
David Habakkuk , 16 June 2019 at 02:19 PM
All,

I wonder whether the people who cooked up this kind of bright idea have looked at who tends to win the annual International Collegiate Programming Contest, which is headquartered at Baylor University.

(See https://en.wikipedia.org/wiki/International_Collegiate_Programming_Contest#2019_World_Finals )

This year, highly untypically, an American University – MIT – actually managed to make it among the Gold medallists, winning second place. (British universities as ever failed to make it among the top twelve.)

Also as ever, the Russians were way ahead of the field, with Moscow State University coming out winners, and two others in the top twelve.

In the twelve years since 2008, the Russians have won ten times, the Chinese twice. And there is strength in depth – the pattern where, in a leading global competition, around a quarter of the top universities are Russian is also familiar.

Another long-term change may also be relevant.

In the 2005 study 'The Soviet Century' in which he summarised his life's work, the late Moshe Lewin discussed a report submitted to Andropov in November 1960 on the state of opinion among students in Odessa. (See the chapter 'Kosygin and Andropov', pps. 248-268.)

What the then KGB chief was told by his subordinates, unambiguously, was that contempt for the system and its ideology was endemic among the students, that the bright ones chose the natural sciences and technology because the 'social science' they were offered was so awful, and that this garbage was of interest only to those set on a career in the party.

And Lewin's summary of the report to Andropov concludes: 'Students' preference for anything Western was scarcely surprising, given their lack of respect for those whom they heard criticizing the West.'

Actually, however, in the years that followed researchers at institutes associated with the Academy of Sciences, such as the Institute of the USA and Canada under Georgiy Arbatov, and the Institute for World Economy and International Relations under Alexander Yakovlev and Yevgeney Primakov, did a lot of rather good 'social science.'

The conclusion key figures drew was the same as that of the students: that the ideology and the system were bankrupt. And that was a key part of the background to the Gorbachev-era 'new thinking.'

Three decades later, perceptions of the West have, quite patently, radically changed.

One interesting case study is that of Primakov, another that of Sergei Karaganov, who went with Vitaly Zhurkin from Arbatov's Institute to found the new Institute of Europe in 1987-8.

As Patrick Armstrong recalled some time back, it was what Primakov was writing in mid-1987 that was instrumental in alerting some of those in the West who had been interested in trying to figure out how the Soviet system worked to the recognition of the failure of the system which underpinned Gorbachev's attempts at reform.

Both American and British intelligence agencies were utterly clueless.

(For a good treatment of the key July 1987 article in 'Pravda' to which Patrick referred from the time, see a piece in the 'Christian Science Monitor' headlined 'Soviet shift in world policy. Revision of long-held view – of West as constant military threat – seems sign of new Soviet flexibility', at https://www.csmonitor.com/1987/0716/oforn.html .)

By the time when, as Foreign Minister in March 1999, Primakov turned his plane back from Washington in response to NATO's bombing of Serbia, he had already executed 'Primakov's Loop' in a far deeper sense. In 1996, he had put forward an 'Eurasianist' vision for the future of Russia, based on a rapprochement with China, and the attempt to bring that country and India together.

(For a discussion by an Indian commentator sympathetic to his vision, see an obituary tribute by Rakesh Krishnan Simha published in June 2015, headlined 'Primakov: The man who created multipolarity', at

https://www.rbth.com/blogs/2015/06/27/primakov_the_man_who_created_multipolarity_43919 .)

It took Karaganov much longer to abandon the dream of being reintegrated into 'Western civilisation': a key event, I think, being the 2008 Georgian war – as with Valery Gergiev.

Today, however, Karaganov is an impassioned champion of the 'Eastern orientation.' As such, he explains in article after article – generally available in good English translations – that the 'Petrine' period in Russian history is over.

Ironically, even such an admirable – and invaluable – commentator as Stephen F. Cohen appears to have difficulty grasping the radicalism of what is involved here. Commenting last October on the disdain for ordinary American voters revealed by 'Russiagate,' he wrote that:

'It is worth noting that this disdain for rank-and-file citizens echoes a longstanding attitude of the Russian political intelligentsia, as recently expressed in the argument by a prominent Moscow policy intellectual that Russian authoritarianism springs not from the nation's elites but from the "genetic code" of its people.'

(See https://www.thenation.com/article/whos-really-undermining-american-democracy/ )

Actually, the 'Ogonyok' interview with Karaganov to which Cohen alludes says almost the reverse of Cohen suggests.

It is, among other things, a plea to his fellow-intellectuals to stop regarding the weakness of a 'democratic' culture in Russia as a mark of inferiority.

Instead, Karaganov is suggesting, they need to grasp that it has been, and continues to be, a perfectly 'rational' adaptive response to the harsh imperatives of survival in the 'heartlands' of Eurasia, which is 'genetic', in the sense that traits which work for organisms over long periods of time become entrenched.

(While the 'deplorables' may get a lot wrong, this one they called right, and the Moscow/St. Petersburg 'intelligenty' got it, as we sometimes say in England, 'arse about face.')

(See https://eng.globalaffairs.ru/pubcol/We-Have-Used-Up-the-European-Treasure-Trove-19769 .)

All this, I am afraid, puts me in mind of a crucial moment in British history.

By 1937 the then head of the Government Code and Cyper School, Alastair Denniston – viciously caricatured in the film 'The Imitation Game' – had realised that in the wars of movement which was now likely on land as well as on sea, encrypted communications were going to be even more important than they had been in 1914-18.

And he also realised that the problems of breaking the codes were becoming vastly more difficult, and required top-class mathematical talent.

(See https://spartacus-educational.com/Alastair_Denniston.htm .)

As a result, Denniston went to dinner at 'high tables', in Oxford and Cambridge. From the connections he established, came the work done by Turing and other less well-known but crucial mathematicians, like Gordon Welchmann and Jack Good (born Isadore Jacob Gudak.)

A central part of the background to this, however, was that in the late 'Thirties very many British intellectuals who had thought that Hitler was just a loud-mouth – a very easy ssumption to make in the early 'Thirties – shifted towards the view that there was a potential 'existential threat' from Germany.

Of its nature, this would demand the utmost not just from those who had to fight the wars, but also from those who used the most sophisticated intellectual tools to make sure that, in so doing, they had the crucial advantage of intelligence superiority.

I am not sure the thought has crossed many people's minds, in Washington and in London, that not only does Russia now have what looks to be a rather competent 'general staff', who are looking for 'asymetric' ways to counter the power of NATO, but that Western policy over the past thirty years may have created a not entirely dissimilar sense of 'existential threat.'

If one thinks this is so, obviously one will conclude that an unintended consequence of rather stupid Western policies may have been to make it much easier for Soviet strategic planners to recruit and exploit some at least of the best scientific minds.

Moreover, if my suggestion is remotely near the mark, then a 'cyberwars' contest may be precisely that in the 'relative advantage' does not lie with the West, because throwing money at the problem does not help that much, if on the other side there are people who want other things – honour among them, and glory.

Can anyone imagine how either honour, or glory, could inspire anyone to do what Robert Hannigan told them to do, as both motives once inspired people who worked for his predecessors?

But then, people in London and Washington seem to find it difficult, these days, to understand that people could work for anything other than money. That, or 'insiderdom.'

Fred -> David Habakkuk ... , 16 June 2019 at 04:53 PM
David,

Thank you for the insightful commentary. One thing strikes me as relevant today, based on your comment about British intellectuals in the thirties shifting "... towards the view that there was a potential 'existential threat' from..."

It is my perception that American intellectuals see America itself as an existential threat to their ideas and are unlikely to recognize threats from abroard, either cyber in Russian, China or India (the later two nations also have thousands of nationals resident with H1B or student visas); or physical by a population dilution migration effort now underway on America's borders. As to you final observation I can't agree more.

Barbara Ann said in reply to David Habakkuk ... , 16 June 2019 at 08:42 PM
David Habakkuk

Welchmann's achievements, particularly as a pioneer of traffic analysis, have certainly been overshadowed by the work of Turing. Having read his book, I would be grateful if anyone here may be able to affirm or correct my impression; that the IC's ire at its publication in 1982 was primarily due to its exposé of the critical importance of traffic analysis to an adversary, rather than the fact that (or the details of how) Enigma was broken.

Only now is GCHQ attempting to subvert end to end cryptography , which seems to suggest, at least until now, it has not been deemed a critical threat. The real lesson of The Hut Six Story to me was the importance of metadata and from the other side, the importance of tools like anonymous remailers for real privacy.

Dave Schuler , 16 June 2019 at 03:22 PM
I have a question. If our military were to engage in such activities without notifying the president and without his authorization, how many breaches of the UCMJ would that be?
Turcopolier said in reply to Dave Schuler ... , 16 June 2019 at 03:43 PM
a great many.
Barbara Ann , 16 June 2019 at 06:48 PM
So we learn Cyber warfare has evolved its own version of MAD. From the NYT article:

" The question now is whether placing the equivalent of land mines in a foreign power network is the right way to deter Russia. While it parallels Cold War nuclear strategy, it also enshrines power grids as a legitimate target. "

Also: " As it games out the 2020 elections, Cyber Command has looked at the possibility that Russia might try selective power blackouts in key states, some officials said. For that, they said, they need a deterrent. "

And I thought Rachel Madcow's "What would happen if Russia killed the power in Fargo today?" was a one off result of her watching too many Coen bros. movies. Russiagate paranoia level 11 appears to now be the official USG position, thanks in no small part to clickbait fearmongering pieces like this in the NYT and elsewhere of course.

Speaking of cyber defenses, the NYT ought to look a little closer to home. Their paywall is vulnerable to that highly sophisticated Russian hacker trick of disabling JavaScript in your browser.

jdledell , 16 June 2019 at 08:06 PM
My oldest son, Aric, who is an MIT graduate and now Techinical Director of Dell Computer's Security subsidiary which handles a lot of real time computer security of large financial institutions. In a Father's Day phone call this morning I asked him about the NY Times article. He clearly thought getting into a cyber security battle with Russia was a very bad idea. His analysis was it was like sending minor leaguers (U.S.) against major league cyber players (Russia). He was well aware of Russians attempting to break into U.S. Systems, mainly for profit, but there is a lot of computer talent in Russia that can be recruited as needed. Most U.S cyber knowledge exists at the level of personal computers while most of Russina cyber expertise exists at the mainframe computer level. It is the latter knowledge that can be devastating to many of our core systems running most of American commerce, transportation and utilities.
turcopolier , 16 June 2019 at 08:09 PM
jdledell - Nice house you have. Do I get a discount on Dell stuff? Joke
Mathias Alexander , 17 June 2019 at 03:15 AM
All this is only possible because everybody links all their hardware together via the internet, i.e. via the public telephone network. Why do they do that?
Anonymous , 17 June 2019 at 03:36 AM
Israel has a few russians but they are not good at maths so not to worry everthing will be alright in the morning.There is no more state,just players,who have no allegiance at all who believe in get rich or die trying
O'Shawnessey , 17 June 2019 at 03:36 AM
So who at the Times pushed the story? The stenographers got fed the whole thing from someone who had the pull to get it in print, no? If you squint at this POS, the overall result is T looking like an irrelevance. Bibi's done a good job keeping T right where he wants him, still in office but in a straight-jacket that has him stepping and fetching Bibi's water. Sound a lot like Bibi has the motivation, expertise and resources to plant this one.

[Jun 18, 2019] "US Ramps Up Online Attacks on Russian Power Grid, NYT Says" - TTG

Looks like pure speculation on the part of TTG, who is the past proved to be not very reliable source about IT topics, anyway.
After Stuxnet escaped, was repurposed and infected several nations other then Iran, there was a lot of work to prevent this type of worms from penetrating national control systems. Especially in the USA which was very vulnerable.
Actually Stuxnet was pretty reckless operation negative effects of which far outweigh any positive, if such exist. It painted the USA as the developer of dangerous malware which the same USA no longer can control and which can be repurposed and improved upon both by other nation states and criminals. It also created stimulus for allocating funds for similar developer in other nations, which is twice as dangerous. It also inflected damage of the USA software producers (especially Microsoft) and intensified efforts to get rid of it in government systems. And it definitely increased research efforts in malware development in all major countries, which in no way improves the USA national security. The same is true about kicking out Microsoft OS from the most sensitive projects.
I view NYT article as a reckless provocation of neocon, which the distinct desire to inflict some costs on Russians (as in search for the black cat in the dard room, when there is no cat their)
TTG cavalier approach to this topic actually is testament of his incompetence in this are, so all information below whoudl be taken with the grain of salt.
Notable quotes:
"... Cyber operations are here to stay. They are becoming more effective for reconnaissance and attribution, for disrupting a target's networks and infrastructure and for perception management. The inhibitions against engaging in these operations are relaxing. ..."
"... What do you think about the Russians backup plans to sever all ties with the internet, and continue their operations in their own national intranet? ..."
"... To do this its designers had stolen digital 'keys' so that the malware could masquerade as a legitimate update from the vendor. Think Microsoft Windows Update, only not from Microsoft... ..."
"... As for the Russian grid, it might use a computer network for communications monitoring and administration but I have my doubts about them using it to actually control the operation of the grid, so while this alleged malware might complicate the operations of the agency responsible for the Russian grid, it seems to me it would be unlikely to be able to actually take over the operation of the grid. ..."
"... I believe that the unremitting attacks on Trump have been for the express purpose of making it impossible for him to push for negotiations with Russia - about anything. ..."
"... I always believed whatever Trump said concerning Russia during his campaign had to be taken with a grain of salt, ..."
"... There are rumors, who made him choose Bolton, and all that sponsor needed were other relevant promises during his election campaign. They were mostly ignored here on SST as relevant, although all over the place. But those he fulfilled almost all so far. ..."
"... Now we learn of new cyberwarfare initiatives, designed to bait the Bear in one of the areas where they've a demonstrated superiority. Sounds very much like the endgame of Empire. ..."
"... Likely the US won't be able to quickly defeat Iran on the ground (large place, difficult terrain and likely skilled and determined resistance), but they can cause a hell of damage from a 'safe distance' and the air or the sea. ..."
"... There is that joke that Bolton never saw a problem for which war was not his preferred solution. Never let the man crack an egg during breakfast ... you may end up with a thermonuclear fried egg. ..."
"... Such a dude is a Molotov cocktail at the fiery table of a maximum escalation ..."
"... And as for baiting the bear in cyber war, that incident in Baltimore suggests the US are themselves rather vulnerable in that field, ironically indirectly thanks to the NSA. ..."
"... It is not very smart to invite skilled opponents to that sort of game, but then ... the US have now three stable geniuses to deal with that, ..."
"... I assume that this would have not have been disclosed unless US agencies knew that the Russians were aware of it. ..."
"... One might imagine he also is being fed disinformation - the video of the Iran tankers and the unimaginative story of limpet mines (someone has a very low opinion of the US media and public, or is just too lazy to care) likely was presented to Trump as fact. ..."
"... My problem: What is the difference between what the U. S. is alleged to have done and the Russians saying: "hi, we have just hidden twenty suitcase nuclear weapons in your major cities, just in case."? ..."
"... Trump's supporters claimed that he would dismantle the Deep State. Turns out that Trump has so little authority in his own house that the Deep State blithely commits an act of war against a nuclear power and doesn't even bother to inform the commander-in-chief. ..."
"... If the statement is true, I don't see why we would want to give away the fact. That makes it so much more likely that the Russkis will be able to disable those "implants", does it not? ..."
"... IMO there is no Russia source on this matter. Steele made the whole thing up based on his instructions from people in the UK intelligence and propaganda apparat acting on coordination with Clapper and Brennan. ..."
Jun 18, 2019 | turcopolier.typepad.com

Walrus has already started an engaging conversation on this subject. As someone deeply involved in the early development of DoD cyber operations, I wanted to add my two cents from a different angle. I am not as horrified by this development as many here are. But I am very uneasy with the apparent involvement of Bonkers Bolton. That creature is as dangerous as a malfunctioning Dalek. I'm pretty sure he doesn't understand these things. Even if he did, he wouldn't care.

-- -- -- -- --

The U.S. is stepping up digital incursions into Russia's electric power grid in a warning to President Vladimir Putin, the New York Times reported , citing current and former government officials. While the U.S. has probed the Russian grid since at least 2012 and there's no evidence it has turned off power, the Trump administration's strategy has shifted more toward offense with the deployment of U.S. computer code inside the grid and other targets, the newspaper said. The effort has gotten far more aggressive over the past year, the Times quoted an unidentified senior intelligence official as saying.

The administration declined to disclose specifics, according to the report. However, National Security Adviser John Bolton said publicly on Tuesday that the U.S. is taking a broader view "to say to Russia, or anybody else that's engaged in cyberoperations against us, 'You will pay a price,"' the Times said. (Bloomberg)

-- -- -- -- --

This is a far cry from our early attempts at preparing to conduct offensive cyber operations. I remember attending several briefings at one of these early organizations at the NSA. The control of offensive tools was as restrictive as the control of nuclear weapons. It was obvious these things scared the crap out of DoD and NSA back then. It's equally obvious DoD and now CYBERCOM have learned to stop worrying and love the "Cyber-Bomb." Our use of the Stuxnet worm to sabotage Iranian centrifuges was proof of our growing comfort with these things.

However, Stuxnet was used against Iran. We're comfortable with raining all kinds of death and destruction throughout the Middle East. Now we're taking actions to disrupt Russia's power grid. That's playing with raining death and destruction upon a nuclear capable peer competitor. Hacking the grid is one thing. We've all done that for many years. That's just part of the intelligence preparation of the battlespace (IPB). Implanting weapons to disable the Russian grid is a leap beyond that. Seems CYBERCOM has embraced the concept of operational preparation of the battlespace (OPB), a concept widely practiced in JSOC and in other parts of the special operations community. MG Michael Repass, a former 10th Group Commander, wrote a paper in 2003 describing these things.

"Advanced Force Operations consists of US SecDef-approved military operations such as clandestine operations. It is logically part of Operational Preparation of the Battlespace (OPB), which follows the Intelligence Preparation of the Battlespace, a concept well-known in U.S. and NATO doctrine, OPB is seldom used outside of SOF channels. OPB is defined by the U.S. Special Operations Command as "Non-intelligence activities conducted prior to D-Day, H-Hour, in likely or potential areas of employment, to train and prepare for follow-on military operations."

I don't think this was ever official policy, but OPB was widely viewed as a powerful tool to break the CIA's stranglehold on covert action, at least on the operational level. Given that CYBERCOM is a unified combatant command finally gaining independence from NSA and the IC in general, this embrace of OPB is a natural progression. What else CYBERCOM copies from JSOC's authorities and tactics, techniques and procedures (TTP) will be interesting. It could also be quite dangerous. Cyber operations are here to stay. They are becoming more effective for reconnaissance and attribution, for disrupting a target's networks and infrastructure and for perception management. The inhibitions against engaging in these operations are relaxing.

An interesting point in the NYT story is that it appears Trump has not been briefed on this stuff. Perhaps CYBERCOM and DoD don't consider this level of OPB rising to the level of Presidential decision making. Pulling the trigger on grid disruption certainly should. Why wouldn't they brief the President? Is it to keep him in the dark out of a lack of trust? That's disheartening.

Now with the story published all over the world, DoD should feel impelled to fully brief the President. The best outcome would be Trump pushing for negotiations with Russia, China and maybe others to develop a de-escalation/non-proliferation treaty on cyber operations with the same vigor and earnestness that we once approached nuclear weapons.

TTG


J , 16 June 2019 at 10:31 PM

TTG,

What do you think about the Russians backup plans to sever all ties with the internet, and continue their operations in their own national intranet?

Putin has been proactive on this as one of their asymmetries, and the Duma has been following his suit with supported legislation.

The Twisted Genius -> J... , 16 June 2019 at 10:58 PM
J, We worked closely with the Russians when preparing for Y2K. They did a lot of that then. Also prepared for manual control. We do the same things as part of continuity of operations planning. Remember, the Iranian centrifuges were not connected to the internet, either.
Barbara Ann said in reply to Mathias Alexander... , 17 June 2019 at 09:20 AM
Re "..how did Stuxnet get in?".

I heard of a study once which slipped CD ROMs (it was a while back) printed with the company logo into the personal effects, of various executives (outside the office). A good proportion of the sample inserted the CD ROM into a drive at work, out of curiosity I guess. The CD ROM just left a digit fingerprint for research purposes in this case, but it could have been carrying anything.

It's called crossing an 'air gap' (from the internet) and the people that do this stuff are an imaginative bunch. In Stuxnet's case, as far as I understand it, the software got to the PLCs which controlled the centrifuges via a software update. To do this its designers had stolen digital 'keys' so that the malware could masquerade as a legitimate update from the vendor. Think Microsoft Windows Update, only not from Microsoft...

JJackson said in reply to Barbara Ann... , 17 June 2019 at 04:54 PM
I heard that in this case the Israeli agent dropped blank memory sticks. These, once picked up and used on the Engineers laptops, overcame the air gapping.
Ghost Ship said in reply to The Twisted Genius ... , 17 June 2019 at 04:22 AM
Have the Iranians ever admitted the alleged damage to their centrifuges? Not that I know of, so as far as I can see they are the only ones who really know what happened at the sharp end. All the claims by the Israelis and US IC are just conjecture.

As for the Russian grid, it might use a computer network for communications monitoring and administration but I have my doubts about them using it to actually control the operation of the grid, so while this alleged malware might complicate the operations of the agency responsible for the Russian grid, it seems to me it would be unlikely to be able to actually take over the operation of the grid.

BTW, I can believe that even if Russia knew about this malware (Kaspersky), they wouldn't tell anyone or complain about it, but just wait for someone to throw the switch. There's nothing like watching an antagonist waste billions on systems that don't work and the US has a solid recent history of that.

JamesT , 16 June 2019 at 10:31 PM
Alas - I can imagine a cyberwar, escalating to an EMP burst, escalating to a hot war. I believe that the unremitting attacks on Trump have been for the express purpose of making it impossible for him to push for negotiations with Russia - about anything.
joanna said in reply to JamesT ... , 17 June 2019 at 07:25 AM
I believe that the unremitting attacks on Trump have been for the express purpose of making it impossible for him to push for negotiations with Russia - about anything.

I always believed whatever Trump said concerning Russia during his campaign had to be taken with a grain of salt, since most of it was purely a reaction to the inner US campaign dynamics. In other words a reaction to ... guess who ...

There are rumors, who made him choose Bolton, and all that sponsor needed were other relevant promises during his election campaign. They were mostly ignored here on SST as relevant, although all over the place. But those he fulfilled almost all so far.

Pirate Laddie , 16 June 2019 at 10:58 PM
Let's see. We don't seem to be able to field a team that can prevail in Iraq or Affie. Actions against Syria and Venezuela appear to have "miscarried." Putin & Company are doing quite well in their public relations campaigns against "the West," specifically the US. In the European theater, the whole "Brexit" imbroglio is a G*d-send, ditto the Gilets Jaunes. There's talk of Russian hypersonic weapons while F-35s struggle to get off the ground.

Now we learn of new cyberwarfare initiatives, designed to bait the Bear in one of the areas where they've a demonstrated superiority. Sounds very much like the endgame of Empire.

confusedponderer -> Pirate Laddie... , 17 June 2019 at 03:57 AM
Pirate Laddie,

re: "We don't seem to be able to field a team that can prevail in Iraq or Affie"

The orange penal tax lover and his happy henchmen Bolton and Pompeo don't have a problem with war, for one since they themselves won't (have to) fight it and then since they have proved to gain delight from occasional cruise missile orgasms.

Likely the US won't be able to quickly defeat Iran on the ground (large place, difficult terrain and likely skilled and determined resistance), but they can cause a hell of damage from a 'safe distance' and the air or the sea.

There is that joke that Bolton never saw a problem for which war was not his preferred solution. Never let the man crack an egg during breakfast ... you may end up with a thermonuclear fried egg.

Such a dude is a Molotov cocktail at the fiery table of a maximum escalation out of 'principal' man, who just invented "Charles, the prince of Whales", and so accidentally explained to the more simpleminded the REAL source of the strength of the Royal Navy. And by the way, it was likely determined delphins, who sinked the Bismarck, but ... shhh!

And as for baiting the bear in cyber war, that incident in Baltimore suggests the US are themselves rather vulnerable in that field, ironically indirectly thanks to the NSA.

It is not very smart to invite skilled opponents to that sort of game, but then ... the US have now three stable geniuses to deal with that, if not four with Pence...

Fred -> Pirate Laddie... , 18 June 2019 at 12:25 AM
Pirate,

Saddam Hussein and his government are gone and the social order overturned. You can't prevail much better than that.

Liza , 17 June 2019 at 12:13 AM
TTG:

I have three questions. If you have the time or inclination to answer any of these, I would appreciate it.

1) Walrus wrote that he doubted this was true. Do you believe that it is true ?

2) I assume that this would have not have been disclosed unless US agencies knew that the Russians were aware of it. Last month, there was an unusual cyber operation on a US power grid. Do you think that this could have been a message from the Russians that they are able to respond in kind ?

https://www.npr.org/2019/05/04/720221912/cyber-disruption-affected-parts-of-u-s-energy-grid

3) Could a similar cyber attack have been used to shut down the power grid in Venezuela ? Russian personnel were sent to help repair the power grid. If the cyber attack was in fact similar, is it probable that the Russians would be able to detect and disable malware in their power grid ?

The Twisted Genius -> Liza... , 17 June 2019 at 12:24 PM
Liza, I don't know if this story is true, but it tracks with everything I've seen before my retirement. Hacking the power grid has been a holy grail of cybergeeks since the dawn of dial in modems. Until fairly recently, these probes and attacks have been done between Russia and the US quietly with great finesse and a great deal of deniability. I've seen that change with the 2015 attack on the JCS and DOS networks. These attacks were noisy, bold and persistent. These attacks were witnessed by the Dutch AIVD penetration of the hacker's office in Moscow. I also saw how the probably Russian penetration of our classified JWICS and SIPRNET in 2008 affected our cyber people. All those nerds and geeks wanted vengeance. Given these events, I would not be at all surprised if our implantation of destructive tools within the Russian power grid is confirmed.

Can the Russians, and others, respond in kind? Sure. However, not every power grid failure is due to a hack. Things break. Operators make mistakes. To assume every glitch whether it be in Venezuela, Argentina or our own Target stores is a mistake. This other war in the shadows has been going on since the days of "The Cuckoo's Egg" and it will only intensify. I think it is imperative that we all maintain our cool and not equate every network attack, power grid failure or information operation with a full on nuclear attack. BTW, I heartedly recommend that book. It describes the nature of the attacker-defender relationship which continues to this day.

JJackson said in reply to The Twisted Genius ... , 17 June 2019 at 05:06 PM
TTG

I recall from the 'Zero days' documentary one section is which the composite interviewee said that Stuxnet was the tip of the iceberg and proudly stated that they were into everything and could basically shut Iran down whenever they wanted to as they already had dormant code in place. I recall thinking if that is true for Iran then it seems unlikely not to be true for everyone else.

ISL , 17 June 2019 at 02:51 AM
"An interesting point in the NYT story is that it appears Trump has not been briefed on this stuff. .... Thats disheartening."

I would call it quite alarming. The president making decisions / policy on incomplete and deliberately withheld information.
If he is not informed on this, what else is he not informed on? It seems unlikely that this is the only thing being kept from him to deliberately manipulate his world view.

One might imagine he also is being fed disinformation - the video of the Iran tankers and the unimaginative story of limpet mines (someone has a very low opinion of the US media and public, or is just too lazy to care) likely was presented to Trump as fact.

walrus , 17 June 2019 at 04:12 AM
My problem: What is the difference between what the U. S. is alleged to have done and the Russians saying: "hi, we have just hidden twenty suitcase nuclear weapons in your major cities, just in case."?

I don't see much difference.

Fred -> walrus ... , 17 June 2019 at 12:18 PM
walrus,

why bother with that, and probably lose control of one or more nuclear weapons, when you can just infiltrate one or more NGOs and convince them to pay for some Congolese to migrate to the US via the Mexican border during the same timeframe as an Ebola outbreak?

Barbara Ann , 17 June 2019 at 07:25 AM
Very interesting TTG.

Agree re the urgent need for a Cyber equivalent of the NPT, but given that the current direction of travel in that area is the exact opposite, I am not holding my breath. And there are other problems, such as monitoring & attribution. Nuclear weapons controls are associated with inspections of weapons and production facilities, the work of the IAEA etc. How would it be possible to audit the use of computer code? And even code in violation of a treaty can be easily spoofed to appear to have "Iran written all over it", for example. I cannot see how any sort of treaty would be a practical possibility.

There is another critical difference between offensive cyber weapons and nukes. Stuxnet was discovered thru reports of infections in Siemens PLCs in countries right around the globe. In the documentary Zero Days it was alleged that Israeli insistence on inserting the code into Natanz ASAP led to a relaxation of the methods by which it could be transmitted. The result was a scatter gun, with an uncontrolled spread. What just happened in Argentina & Uruguay might be entirely unrelated, but it is exactly the sort of outcome we can expect if these weapons are handled carelessly.

And if we must learn to love the "Cyber-Bomb" we'd better all prepare ourselves for the day a non-state actor gets hold of a suitcase version. Only you don't need a suitcase, just a memory stick.

prawnik , 17 June 2019 at 11:09 AM
Trump's supporters claimed that he would dismantle the Deep State. Turns out that Trump has so little authority in his own house that the Deep State blithely commits an act of war against a nuclear power and doesn't even bother to inform the commander-in-chief.

https://www.nytimes.com/2019/06/15/us/politics/trump-cyber-russia-grid.html

Keith Harbaugh , 17 June 2019 at 02:53 PM
What I have been noticing is the amount of clearly TS/SI, etc. data appearing on the front page of the NYT, information whose publication, on the face of it, harms the U.S. national interest. Should this article be such? If the statement is true, I don't see why we would want to give away the fact. That makes it so much more likely that the Russkis will be able to disable those "implants", does it not?

Here is another probably harmful leak on the NYT's front page: "Potential Clash Over Secrets Looms Between Justice Dept. and C.I.A." , NYT , 2019-05-24

[O]fficials said Mr. Barr wanted to learn more about sources in Russia, including a key informant who helped the C.I.A. conclude that President Vladimir V. Putin ordered the intrusion on the 2016 election.
That statement, on its very face, is revealing a source. You can report you have intelligence information, without revealing whether it was derived from HUMINT, SIGINT, or whatever. Why narrow the Russkis search for who/whatever revealed that information, assuming that the report is an accurate one?
turcopolier , 17 June 2019 at 03:01 PM
KH

IMO there is no Russia source on this matter. Steele made the whole thing up based on his instructions from people in the UK intelligence and propaganda apparat acting on coordination with Clapper and Brennan. Both these men have always been on the Left and hated the idea of a DJT led counter-revolution. You may not like DJT, I do not, but for whatever reasons he certainly has been leading a counter-revolution against the steady movement toward globalist policies. As to the present story about the Russia grid, IMO Bolton and the neocons have been leaking this material as part of their drive toward war with Russia and Iran. The tanker attacks IMO have been put on by local surrogates in th ME to advance these policies. Unless the president told them personally to leak the material they should be prosecuted.

Keith Harbaugh -> turcopolier ... , 17 June 2019 at 03:38 PM
War with Russia? My God, I hope not. War with Iran would be a terrible and costly disaster for the U.S., but war with Russia, whatever damage we could/would do to them, would really mean the end to the U.S. as we have known it.

Could such war be kept limited? I highly doubt it. It would escalate to the thermonuclear cataclysm long feared. A long ago reference some may remember: On Thermonuclear War by Herman Kahn, 1960 Do you really think "Bolton and the neocons" are driving toward war with Russia?

turcopolier , 17 June 2019 at 04:33 PM
KH
The hard core neocons have convinced them selves that they could ride out a war with Russia or the Russians would cave in before the crunch came.
The Twisted Genius , 17 June 2019 at 11:18 PM
According to RIA Novosti, a source within the leadership of one of the Russian law enforcement agencies (FSB?) said foreign intelligence services' efforts to penetrate into the transport, banking and energy management systems of Russia have increased over the last few years. The source continued, "However, we manage to neutralize these actions."

Rather than getting overly excited about the NYT claim, we should accept that this tit for tat cyber activity is now as normal a part of our world as espionage. At the same time we should stop the silly talk of Russian IO to influence our elections being an act of war. It isn't. It's another way of nations competing with each other. We still need to negotiate and establish some kind of international protocol governing this activity, perhaps something along the lines of UNCLOS III.

[Jun 17, 2019] Pentagon Keeps Trump in the Dark About its Cyber Attacks on Russia by Peter Wade

Notable quotes:
"... New laws, enacted by Congress last year, allow such "clandestine military activity" in cyberspace to go ahead without the president's approval. So, in this case, those new laws are protecting American interests by keeping the sitting president out of the loop. What a (scary) time to be alive. ..."
Jun 16, 2019 | www.rollingstone.com

"Intelligence officials described broad hesitation to go into detail with [the president] about operations," the report said

On Saturday, the New York Times published an important story about how the United States military branches are attempting to thwart and combat Russian cyber attacks on American utility networks and interference in elections.

But deeper into the article, an interesting and disturbing nugget has drawn attention: The Pentagon has gone out of its way to keep President Donald Trump ignorant of certain details about the operation because of "the possibility that he might countermand it or discuss it with foreign officials."

After giving an in-depth account about the "deployment of American computer code" into Russia's electric power grid, to work as both a warning to Russian President Vladimir Putin and a more offensive posture in the cyber warfare realm, The Times then wrote: "Two administration officials said they believed Mr. Trump had not been briefed in any detail about the steps to place 'implants' -- software code that can be used for surveillance or attack -- inside the Russian grid.

"Pentagon and intelligence officials described broad hesitation to go into detail with Mr. Trump about operations against Russia for concern over his reaction -- and the possibility that he might countermand it or discuss it with foreign officials, as he did in 2017 when he mentioned a sensitive operation in Syria to the Russian foreign minister."

New laws, enacted by Congress last year, allow such "clandestine military activity" in cyberspace to go ahead without the president's approval. So, in this case, those new laws are protecting American interests by keeping the sitting president out of the loop. What a (scary) time to be alive.

Editors' Picks

[Jun 17, 2019] 'Treason!' Trump slams NYT claim of US cyberattacks on Russia's power grid as harmful fake news

Jun 17, 2019 | www.rt.com

Published time: 16 Jun, 2019 02:29 Edited time: 16 Jun, 2019 08:10 Get short URL 'Treason!' Trump slams NYT claim of US cyberattacks on Russia's power grid as harmful fake news 'Treason!' Trump slams NYT claim of US cyberattacks on Russia's power grid as harmful fake news © Reuters / Steve Marcus Following a bombastic report that US government hackers are targeting Russia's power grid, President Donald Trump took to Twitter to accuse the NY Times of spreading fake news detrimental to US credibility and national security. "This is a virtual act of Treason by a once great paper so desperate for a story, any story, even if bad for our Country " Trump tweeted on Saturday evening, before realizing that he forgot to actually dismiss the report of Washington increasingly targeting Moscow in a cyber-warfare campaign as "fake news."

".....ALSO, NOT TRUE!" he added in a follow-up tweet, without specifying whether the report was untrue in its entirety – or just the specifics like the targets of US cyber-offenses or their gravity.

.....ALSO, NOT TRUE! Anything goes with our Corrupt News Media today. They will do, or say, whatever it takes, with not even the slightest thought of consequence! These are true cowards and without doubt, THE ENEMY OF THE PEOPLE!

-- Donald J. Trump (@realDonaldTrump) June 16, 2019

The US leader also stopped short of explaining what exactly he believes constitutes treason – the mere fact that the paper unveiled Washington's presumably top-secret operation, or that the revelation might further erode the US' image as the world's moral beacon.

In an in-depth yet frustratingly void-of-details report on Saturday, the New York Times treated its readers to a carousel of security officials talking up their "aggressive" posture, including one faceless intelligence spook who bragged "We are doing things at a scale we never contemplated a few years ago."

Now just imagine the media hysteria if it were the other way around

[Jun 16, 2019] Hack away! NYT says US planted CYBER KILL SWITCH in Russian power grid media shrugs -- RT USA News

Jun 16, 2019 | www.rt.com

FILE PHOTO: The control room of a hydroelectric power station in Krasnoyarsk, Russia © Reuters / Ilya Naymushin The best defense is a good offense: the US seems to have taken this maxim to its logical conclusion, and has "aggressively" hacked Russia's power grid, according to a new report. God forbid the shoe were on the other foot.

An in-depth report in the New York Times on Saturday lays out an alleged ongoing US operation to penetrate and implant malware in Russia's power grid, partly as "a warning" to Moscow, and partly to stake out the high ground should competition between the two powers one day spill over into outright cyber warfare.

Also on rt.com 'Treason!' Trump slams NYT claim of US cyberattacks on Russia's power grid as harmful fake news

Due to the clandestine nature of the subject, the article is light on specifics. All we know is that the authority to carry out offensive cyber operation is enshrined in the National Defense Authorization Act since last summer, and that President Donald Trump delegated approval for such attacks to Cyber Command – set up by the Obama administration in 2008 to counter alleged similar efforts by Moscow – around the same time.

"Russia is hacking the American power grid as a demonstration of its capabilities."

Only, joking! It's actually the US attacking Russia (reports @nytimes ). But just try to imagine the hysteria in US/UK media, if it were the other way around? https://t.co/Y1oRthnoqY

-- Bryan MacDonald (@27khv) June 15, 2019

In the absence of details, the Times treated its readers to a carousel of security officials talking up their "aggressive" posture, including one faceless intelligence spook who bragged "We are doing things at a scale we never contemplated a few years ago." A chorus of these same officials also justified the cyberwar efforts, including one who dropped the wonderfully Washingtonian term "defend forward" to describe the incursions.

But imagine for a second that the shoe were on the other foot? How would the Times cover a sophisticated Russian effort to infiltrate the US grid? How massive would the media uproar be?

Also on rt.com 'Vast number of attacks staged from US soil' – Kremlin about cyber op on Russia

It would be naive to think that both nations haven't probed each other's cyber defenses for weaknesses. However, the Times struck a different tone when "Russian hackers" were accused of penetrating the American utilities grid last summer.

The article then mentioned "hundreds of victims" in the event of Russia launching a cyberattack. (No potential Russian victims were mentioned in Saturday's article). "It is hard to fully understand why they have put so much effort" into planting malware in the grid, the Times pondered back then. This week, the American efforts were explained as a simple matter of national security.

As for what response a cyberattack could warrant, the Times painted a picture of the US firing a "digital shot across the bow" while carefully avoiding open war. A Russian attack, meanwhile, would "almost certainly result in a military response," a general quoted in both articles said.

Also on rt.com Russiagate is #1 threat to US national security – Stephen Cohen

Of course, last year's article was written at a time when panic over "Russian meddling,""Russian interference," and "Russian hackers" was at fever pitch. The hysteria then was not confined to the pages of the New York Times, and US outlets competed with each other to deliver the most terrifying Russian conspiracy theories they could muster.

The heavyweight champion of fearmongering and conspiracies was undoubtedly MSNBC's Rachel Maddow. Night after night, Maddow detailed new and sinister Russian ploys to interfere in elections, undermine democracy, and even freeze Americans to death in their homes.

Also on rt.com Russia could 'flip the off switch' on US electricity at any time, warns Maddow in new conspiracy

That's right, Maddow warned viewers earlier this year that Russian hackers may have infiltrated the US power grid and could literally "flip the off switch" at any time.

"What would you do if you lost heat, indefinitely, as the act of a foreign power?" she asked her viewers. "What would you and your family DO?" As Maddow rang every alarm bell she could, much of the United States was going through a record-breaking freeze, with temperatures in North Dakota down to -33 degrees Fahrenheit (-36 Celsius).

However, it gets cold in Russia too. Like, very cold. For all its talk of "warning shots" at Putin, the New York Times never considered the fact that an attack on Russia's utility grid could leave ordinary citizens without heating, in a country where winter temperatures regularly drop below -33, and where at one point last year, one village recorded a temperature lower than that of the planet Mars.

Also on rt.com Coldest village on Earth: Residents of Siberian settlement unfazed by -62C temperatures (VIDEO)

But when the cyberwar is waged by Washington, geopolitical victory trumps human lives, and supersedes the danger of open war, and the harshest measures are necessary just to prove a point.

As one former Obama administration official told the newspaper: "We might have to risk taking some broken bones of our own from a counter response, just to show the world we're not lying down and taking it."

Subscribe to RT newsletter to get stories the mainstream media won't tell you.

[Jun 16, 2019] Attacking Russian Power Grid by Walrus

Jun 16, 2019 | turcopolier.typepad.com

"The NYT in an article is alleging that The United States Government has deliberately and with malice and forethought inserted unspecified computer malware into the Russian Federation power grid infrastructure with the obvious intention of destroying or severely damaging it if needed.

"But now the American strategy has shifted more toward offense, officials say, with the placement of potentially crippling malware inside the Russian system at a depth and with an aggressiveness that had never been tried before. It is intended partly as a warning, and partly to be poised to conduct cyberstrikes if a major conflict broke out between Washington and Moscow."

My opinion, if the article is true, which I doubt, is that such an operation would constitute an act of war. As such the Russian reaction, if they believed this to be true, could be, to put it mildly, "disproportionate".

To put that another way, it is one thing to dick around in the shadows, but to overtly engage in what amounts to life threatening attacks on civilians? Folks, how are you going to feel if Russia puts missiles back in Cuba? That is on the same scale of action as this alleged stunt.

It also begs the question of the likelihood of any meaningful negotiations with Russia, or China over anything at all.

What does the committee think?

https://www.msn.com/en-us/news/world/us-escalates-online-attacks-on-russias-power-grid/ar-AACV9BZ


BabelFish , 16 June 2019 at 08:16 AM

The whole NeoCon motivation portfolio is incomprehensible to me. The US treatment of Russia smacks of "you were supposed to become another U.S.A." Socially, you can always tell the latest group think identified security threat by who the entertainment industry portrays as the most immoral supervillains. Those are Russians and Russian Oligarchs.

On China, I believe that they have engaged in a long term war with America and are doing an excellent job of it. I truly have no issues with dealing with the them as a currently non-military for. I have been fearful over a military confrontation with them for some time now.

Fred , 16 June 2019 at 09:23 AM
Per your linked article: "Since at least 2012, current and former officials say, the United States has put reconnaissance probes into the control systems of the Russian electric grid."

So the Obama administration was interfering with Russian electric grid controls at least 4 years before the 2016 election. I wonder what the Russian response could possibly have been? But it gets even better ! The Russians interfered with Ukraine's electric grid - for "a few hours" - in 2015. I bet that really upset Vice President Biden's former coke using son who was working for Bursima, the company based in Cyprus which runs Ukraine's natural gas system, since 2014. Don't bother researching what then Secretary of State Kerry's former 'senior' advisors were up to. Just don't. Thank goodness all the people who failed from 2008 to 2018 are all still running the show. BTW I just loved the moniker "energetic bear", it is so much more creative than "cozy bear".

"Two administration officials said they believed Mr. Trump had not been briefed in any detail about the steps to place "implants" -- software code that can be used for surveillance or attack -- inside the Russian grid."

Yeah, better not tell Trump you are doing all this stuff on behalf of President Bolton or he might send out a tweet or something. On a bright note only 144,000 illegals were caught crossing the US Souther border last month. Crisis over! Congratulations President Bolton Trump. Better move our army to Poland - the country whose former President is also working for Bursima - because nothing deters illegal imigration from South of the Border like promising to defend some other country.

Morongobill , 16 June 2019 at 09:43 AM
Insanity has taken over in the capitol city.

Tulsi is really starting to look good to this Trump voter and supporter.

Ken , 16 June 2019 at 09:46 AM
Obama also approved a previously undisclosed covert measure that authorized planting cyberweapons in Russia's infrastructure, the digital equivalent of bombs that could be detonated if the United States found itself in an escalating exchange with Moscow. The project, which Obama approved in a covert-action finding, was still in its planning stages when Obama left office. It would be up to President Trump to decide whether to use the capability.
https://www.washingtonpost.com/graphics/2017/world/national-security/obama-putin-election-hacking/?utm_term=.fa1fd9a5c8d6
Ishmael Zechariah , 16 June 2019 at 09:50 AM
The Russians must have considered the possibility of an attack on their power grid, and taken whatever precautions they could. As such, this is not "news" to someone skilled in the art. OTOH, this story claims the bugs are "in place", ready for activation. This is guaranteed to cause a lot of extra work for some technical people in Russia. Could the committee comment about the purpose behind the publication of this story? It seems to have upset Trump, if nothing else.
Ishmael Zechariah
Unpleasant Person , 16 June 2019 at 09:55 AM
Cue Russian rejection of MS Windows ( STUXNET/HDIs for PLCs ) and even GNU/Linux based solutions (DanceFloor) for the likes of KasperskyOS .

It does also raise a question about Loss of Load and consequent cooling issues for nuclear plants. Any ugliness resulting from such an action (with attendant reminders about make believe attacks on the Vermont grid by make believe Russians) could be interesting.

Peter Williams -> Unpleasant Person... , 16 June 2019 at 03:21 PM
As far as I know, all governmental computers in Russia run Astra Linux https://astralinux.ru Even my youngest daughter's school ditched MS Windows years ago and run the public Astra Linux and I think Libre Office.
Flavius , 16 June 2019 at 10:53 AM
I think that there is a lot to think about and the feeling that will accompany the thinking will be one of chagrin and helplessness.
If the story is fundamentally true, the big thinkers in the National Defense establishment who were responsible for launching and implementing this program have 'big thought' the lot of us living in the real world several clicks closer to calamity.
Whether it is wholly true, partially true, or entirely false, the NY Times is egregiously irresponsible for publishing the story. The net effect of the story will be that those nations who consider themselves to be, or about to be, in a defensive posture vis a vis the US will say to themselves "we must do something about this", initiate similar attacks, and undertake countermeasures; and of course, anything that increases the perception that the ambitions of the Beltway bureaucracies are technically unbounded and reckless will accelerate the formation of alliances in opposition.
The Times would no doubt argue that its bringing transparency offers a chance to open the door to reason. This is mere malarky coming from the Times. Reason would consist in the Times engaging in a thousand mea culpas for its part in fixing in stone the anti Russian hysteria that consumes the Capital beltway because the favored candidate lost the 2016 election. What do the people at the Times think? that their article will get Putin on the phone with Trump to say that we need to talk about this; that Trump will find the balls to say yeah, we do. The sanctimony of the Times is as boundless as the dysfunction of our Nation's capital.
What next? Grinning and bearing it is becoming more tiresome, but what choice do we have?
Fred -> Flavius... , 16 June 2019 at 12:02 PM
Flavius,

"the NY Times is egregiously irresponsible for publishing the story"

By all means this should be kept secret from the citizens of the USA. How dare Americans find out what the Obama administration did in 2012 or what the Congress authorized in the "John S. McCain National Defense Authorization Act for Fiscal Year 2019" or that John Bolton or General Nakasone can conduct offensive online operations without receiving direct presidential approval. By all means keep that secret, we don't want anyone to hold Bolton and company accountable. Did you notice Pompeo's name is nowhere to be seen in that article. I wonder why.

ted richard , 16 June 2019 at 01:19 PM
russian computer science professionals are now and have been for some at the very pinnacle of talent found anywhere in the world. i seriously doubt at this point in time there is anything we could plant into any of their critically important systems they can not identify in real time or soon thereafter.

frankly i would worry more about our own under protected power grid if a state possessing the computer talent russia and china have should they become vindictive for all horseshit we have thrown at them the past 20 years

SAC Brat said in reply to ted richard... , 16 June 2019 at 04:04 PM
How many utility workers are a security risk due to personal debt? How well is the power grid maintained? Have the back up systems been tested for function?

We had a bunch of Wile E. Coyote Super Geniuses show how fragile they could make the financial system and the auto manufacturing parts supply system a few years ago. How robust and secure are the electrical power distribution systems?

nero said in reply to ted richard... , 16 June 2019 at 04:04 PM
I doubt Russian professionals will need to do much of anything because most of the Russian grid isn't connected to the internet.

Additionally, it's more of a reason for them to continue moving away from Windows/Linux and off to their own distro AstraOS running Elbrus processors.

Keith Harbaugh , 16 June 2019 at 01:56 PM
Old saying seems quite applicable here:
"People who live in glass houses shouldn't throw stones."
David Habakkuk , 16 June 2019 at 02:19 PM
All,

I wonder whether the people who cooked up this kind of bright idea have looked at who tends to win the annual International Collegiate Programming Contest, which is headquartered at Baylor University.

(See https://en.wikipedia.org/wiki/International_Collegiate_Programming_Contest#2019_World_Finals )

This year, highly untypically, an American University – MIT – actually managed to make it among the Gold medallists, winning second place. (British universities as ever failed to make it among the top twelve.)

Also as ever, the Russians were way ahead of the field, with Moscow State University coming out winners, and two others in the top twelve.

In the twelve years since 2008, the Russians have won ten times, the Chinese twice. And there is strength in depth – the pattern where, in a leading global competition, around a quarter of the top universities are Russian is also familiar.

Another long-term change may also be relevant.

In the 2005 study 'The Soviet Century' in which he summarised his life's work, the late Moshe Lewin discussed a report submitted to Andropov in November 1960 on the state of opinion among students in Odessa. (See the chapter 'Kosygin and Andropov', pps. 248-268.)

What the then KGB chief was told by his subordinates, unambiguously, was that contempt for the system and its ideology was endemic among the students, that the bright ones chose the natural sciences and technology because the 'social science' they were offered was so awful, and that this garbage was of interest only to those set on a career in the party.

And Lewin's summary of the report to Andropov concludes: 'Students' preference for anything Western was scarcely surprising, given their lack of respect for those whom they heard criticizing the West.'

Actually, however, in the years that followed researchers at institutes associated with the Academy of Sciences, such as the Institute of the USA and Canada under Georgiy Arbatov, and the Institute for World Economy and International Relations under Alexander Yakovlev and Yevgeney Primakov, did a lot of rather good 'social science.'

The conclusion key figures drew was the same as that of the students: that the ideology and the system were bankrupt. And that was a key part of the background to the Gorbachev-era 'new thinking.'

Three decades later, perceptions of the West have, quite patently, radically changed.

One interesting case study is that of Primakov, another that of Sergei Karaganov, who went with Vitaly Zhurkin from Arbatov's Institute to found the new Institute of Europe in 1987-8.

As Patrick Armstrong recalled some time back, it was what Primakov was writing in mid-1987 that was instrumental in alerting some of those in the West who had been interested in trying to figure out how the Soviet system worked to the recognition of the failure of the system which underpinned Gorbachev's attempts at reform.

Both American and British intelligence agencies were utterly clueless.

(For a good treatment of the key July 1987 article in 'Pravda' to which Patrick referred from the time, see a piece in the 'Christian Science Monitor' headlined 'Soviet shift in world policy. Revision of long-held view – of West as constant military threat – seems sign of new Soviet flexibility', at https://www.csmonitor.com/1987/0716/oforn.html .)

By the time when, as Foreign Minister in March 1999, Primakov turned his plane back from Washington in response to NATO's bombing of Serbia, he had already executed 'Primakov's Loop' in a far deeper sense. In 1996, he had put forward an 'Eurasianist' vision for the future of Russia, based on a rapprochement with China, and the attempt to bring that country and India together.

(For a discussion by an Indian commentator sympathetic to his vision, see an obituary tribute by Rakesh Krishnan Simha published in June 2015, headlined 'Primakov: The man who created multipolarity', at

https://www.rbth.com/blogs/2015/06/27/primakov_the_man_who_created_multipolarity_43919 .)

It took Karaganov much longer to abandon the dream of being reintegrated into 'Western civilisation': a key event, I think, being the 2008 Georgian war – as with Valery Gergiev.

Today, however, Karaganov is an impassioned champion of the 'Eastern orientation.' As such, he explains in article after article – generally available in good English translations – that the 'Petrine' period in Russian history is over.

Ironically, even such an admirable – and invaluable – commentator as Stephen F. Cohen appears to have difficulty grasping the radicalism of what is involved here.

Commenting last October on the disdain for ordinary American voters revealed by 'Russiagate,' he wrote that:

'It is worth noting that this disdain for rank-and-file citizens echoes a longstanding attitude of the Russian political intelligentsia, as recently expressed in the argument by a prominent Moscow policy intellectual that Russian authoritarianism springs not from the nation's elites but from the "genetic code" of its people.'

(See https://www.thenation.com/article/whos-really-undermining-american-democracy/ )

Actually, the 'Ogonyok' interview with Karaganov to which Cohen alludes says almost the reverse of Cohen suggests.

It is, among other things, a plea to his fellow-intellectuals to stop regarding the weakness of a 'democratic' culture in Russia as a mark of inferiority.

Instead, Karaganov is suggesting, they need to grasp that it has been, and continues to be, a perfectly 'rational' adaptive response to the harsh imperatives of survival in the 'heartlands' of Eurasia, which is 'genetic', in the sense that traits which work for organisms over long periods of time become entrenched.

(While the 'deplorables' may get a lot wrong, this one they called right, and the Moscow/St. Petersburg 'intelligenty' got it, as we sometimes say in England, 'arse about face.')

(See https://eng.globalaffairs.ru/pubcol/We-Have-Used-Up-the-European-Treasure-Trove-19769 .)

All this, I am afraid, puts me in mind of a crucial moment in British history.

By 1937 the then head of the Government Code and Cyper School, Alastair Denniston – viciously caricatured in the film 'The Imitation Game' – had realised that in the wars of movement which was now likely on land as well as on sea, encrypted communications were going to be even more important than they had been in 1914-18.

And he also realised that the problems of breaking the codes were becoming vastly more difficult, and required top-class mathematical talent.

(See https://spartacus-educational.com/Alastair_Denniston.htm .)

As a result, Denniston went to dinner at 'high tables', in Oxford and Cambridge. From the connections he established, came the work done by Turing and other less well-known but crucial mathematicians, like Gordon Welchmann and Jack Good (born Isadore Jacob Gudak.)

A central part of the background to this, however, was that in the late 'Thirties very many British intellectuals who had thought that Hitler was just a loud-mouth – a very easy ssumption to make in the early 'Thirties – shifted towards the view that there was a potential 'existential threat' from Germany.

Of its nature, this would demand the utmost not just from those who had to fight the wars, but also from those who used the most sophisticated intellectual tools to make sure that, in so doing, they had the crucial advantage of intelligence superiority.

I am not sure the thought has crossed many people's minds, in Washington and in London, that not only does Russia now have what looks to be a rather competent 'general staff', who are looking for 'asymetric' ways to counter the power of NATO, but that Western policy over the past thirty years may have created a not entirely dissimilar sense of 'existential threat.'

If one thinks this is so, obviously one will conclude that an unintended consequence of rather stupid Western policies may have been to make it much easier for Soviet strategic planners to recruit and exploit some at least of the best scientific minds.

Moreover, if my suggestion is remotely near the mark, then a 'cyberwars' contest may be precisely that in the 'relative advantage' does not lie with the West, because throwing money at the problem does not help that much, if on the other side there are people who want other things – honour among them, and glory.

Can anyone imagine how either honour, or glory, could inspire anyone to do what Robert Hannigan told them to do, as both motives once inspired people who worked for his predecessors?

But then, people in London and Washington seem to find it difficult, these days, to understand that people could work for anything other than money. That, or 'insiderdom.'

Dave Schuler , 16 June 2019 at 03:22 PM
I have a question. If our military were to engage in such activities without notifying the president and without his authorization, how many breaches of the UCMJ would that be?
Turcopolier said in reply to Dave Schuler ... , 16 June 2019 at 03:22 PM
a great many.

[Jun 15, 2019] U.S. Escalates Online Attacks on Russia s Power Grid by David E. Sanger and Nicole Perlroth

Comments published by NYT draw a very sad picture of paranoid, brainwashed society. Very few critical comments (less then a dozen), while number of jingoistic and otherwise stupid comments is in the hundreds). This is very sad, if not tragic.
Petty CIA-controlled provocateurs from Grey Prostitute. Hacking national grid means war.. Bolton needs to be fired for jingoism and stupidity.
I am pretty sure that two of those warmongering neocons David E. Sanger Nicole Perlroth ( MadCow disease.
Do those two presstitutes and their handlers accurately calculated possible reaction from Moscow on such "revelations"?
From comments: "It is horrible to think that we have our of control counterintelligence agencies with their own agenda operating as independent forces capable of dragging the country into international conflict "
From comments: "Aggressive malware intrusions into foreign countries' sensitive (and sovereign) computer systems is now seen as a standard security procedure. "Gunboat diplomacy" is not an apt metaphor, as gunboats remained at discreet distances from borders. Our cyber policy is more akin to placing bombs in the public squares of foreign cities with threats to detonate. "
Notable quotes:
"... But in a public appearance on Tuesday, President Trump's national security adviser, John R. Bolton, said the United States was now taking a broader view of potential digital targets as part of an effort "to say to Russia, or anybody else that's engaged in cyberoperations against us, 'You will pay a price.'" ..."
"... Two administration officials said they believed Mr. Trump had not been briefed in any detail about the steps to place "implants" -- software code that can be used for surveillance or attack -- inside the Russian grid. ..."
"... Pentagon and intelligence officials described broad hesitation to go into detail with Mr. Trump about operations against Russia for concern over his reaction -- and the possibility that he might countermand it or discuss it with foreign officials, as he did in 2017 when he mentioned a sensitive operation in Syria to the Russian foreign minister. ..."
"... The intent of the operations was described in different ways by several current and former national security officials. Some called it "signaling" Russia, a sort of digital shot across the bow. Others said the moves were intended to position the United States to respond if Mr. Putin became more aggressive. ..."
"... Already, such attacks figure in the military plans of many nations. In a previous post, General Nakasone had been deeply involved in designing an operation code-named Nitro Zeus that amounted to a war plan to unplug Iran if the United States entered into hostilities with the country. ..."
"... How Mr. Putin's government is reacting to the more aggressive American posture described by Mr. Bolton is still unclear. "It's 21st-century gunboat diplomacy," said Robert M. Chesney, a law professor at the University of Texas, who has written extensively about the shifting legal basis for digital operations. "We're showing the adversary we can inflict serious costs without actually doing much. We used to park ships within sight of the shore. Now, perhaps, we get access to key systems like the electric grid." ..."
"... successful attack on Iranian centrifuges as one example ..."
"... Not willing to discuss it with the President but happy to chat about it with reporters..? ..."
"... This scenario sounds like something straight out of Dr, Strangelove. All sides and all actors need to realize that this is a no win game, with the very real possibility of serious harm to the lives and livelihoods of millions of people hanging in the balance. ..."
"... It's a macho power game that can easily escalate into unintended and out-of-control consequences. As with prior successful nuclear test ban negotiations & treaties we need to step back and consider what's truly in the long-term national interests of all concerned. The citizens of all the countries involved are not pawns to be played with like disposable chess pieces, in a power game with no real winners. ..."
"... This turn of events is truly disturbing, as it presents the seriousness, now, of how cyberwar is more likely a prelude to actual war ..."
"... Restated, the Commander In Chief is not briefed on military operations for fear of betrayal. I feel like I'm going nuts. Someone please tell me what is going on in this country! ..."
Jun 15, 2019 | www.nytimes.com

WASHINGTON -- The United States is stepping up digital incursions into Russia's electric power grid in a warning to President Vladimir V. Putin and a demonstration of how the Trump administration is using new authorities to deploy cybertools more aggressively, current and former government officials said.

In interviews over the past three months, the officials described the previously unreported deployment of American computer code inside Russia's grid and other targets as a classified companion to more publicly discussed action directed at Moscow's disinformation and hacking units around the 2018 midterm elections.

Advocates of the more aggressive strategy said it was long overdue, after years of public warnings from the Department of Homeland Security and the F.B.I. that Russia has inserted malware that could sabotage American power plants, oil and gas pipelines, or water supplies in any future conflict with the United States.

But it also carries significant risk of escalating the daily digital Cold War between Washington and Moscow. Advertisement

The administration declined to describe specific actions it was taking under the new authorities, which were granted separately by the White House and Congress last year to United States Cyber Command, the arm of the Pentagon that runs the military's offensive and defensive operations in the online world.

But in a public appearance on Tuesday, President Trump's national security adviser, John R. Bolton, said the United States was now taking a broader view of potential digital targets as part of an effort "to say to Russia, or anybody else that's engaged in cyberoperations against us, 'You will pay a price.'"

Power grids have been a low-intensity battleground for years. Since at least 2012, current and former officials say, the United States has put reconnaissance probes into the control systems of the Russian electric grid. But now the American strategy has shifted more toward offense, officials say, with the placement of potentially crippling malware inside the Russian system at a depth and with an aggressiveness that had never been tried before. It is intended partly as a warning, and partly to be poised to conduct cyberstrikes if a major conflict broke out between Washington and Moscow.

The commander of United States Cyber Command, Gen. Paul M. Nakasone, has been outspoken about the need to "defend forward" deep in an adversary's networks to demonstrate that the United States will respond to the barrage of online attacks aimed at it. President Trump's national security adviser, John R. Bolton, said the United States was taking a broader view of potential digital targets as part of an effort to warn anybody "engaged in cyberoperations against us." Credit Doug Mills/The New York Times

Image
President Trump's national security adviser, John R. Bolton, said the United States was taking a broader view of potential digital targets as part of an effort to warn anybody "engaged in cyberoperations against us." Credit Doug Mills/The New York Times

"They don't fear us," he told the Senate a year ago during his confirmation hearings.

But finding ways to calibrate those responses so that they deter attacks without inciting a dangerous escalation has been the source of constant debate.

Mr. Trump issued new authorities to Cyber Command last summer, in a still-classified document known as National Security Presidential Memoranda 13, giving General Nakasone far more leeway to conduct offensive online operations without receiving presidential approval.

But the action inside the Russian electric grid appears to have been conducted under little-noticed new legal authorities, slipped into the military authorization bill passed by Congress last summer. The measure approved the routine conduct of "clandestine military activity" in cyberspace, to "deter, safeguard or defend against attacks or malicious cyberactivities against the United States."

Under the law, those actions can now be authorized by the defense secretary without special presidential approval.

"It has gotten far, far more aggressive over the past year," one senior intelligence official said, speaking on the condition of anonymity but declining to discuss any specific classified programs. "We are doing things at a scale that we never contemplated a few years ago."

The critical question -- impossible to know without access to the classified details of the operation -- is how deep into the Russian grid the United States has bored. Only then will it be clear whether it would be possible to plunge Russia into darkness or cripple its military -- a question that may not be answerable until the code is activated. Sign Up for On Politics With Lisa Lerer

A spotlight on the people reshaping our politics. A conversation with voters across the country. And a guiding hand through the endless news cycle, telling you what you really need to know.

Sign Up

* Captcha is incomplete. Please try again. Thank you for subscribing

You can also view our other newsletters or visit your account to opt out or manage email preferences .

An error has occurred. Please try again later. You are already subscribed to this email.

View all New York Times newsletters. Advertisement

Both General Nakasone and Mr. Bolton, through spokesmen, declined to answer questions about the incursions into Russia's grid. Officials at the National Security Council also declined to comment but said they had no national security concerns about the details of The New York Times's reporting about the targeting of the Russian grid, perhaps an indication that some of the intrusions were intended to be noticed by the Russians.

Speaking on Tuesday at a conference sponsored by The Wall Street Journal, Mr. Bolton said: "We thought the response in cyberspace against electoral meddling was the highest priority last year, and so that's what we focused on. But we're now opening the aperture, broadening the areas we're prepared to act in."

He added, referring to nations targeted by American digital operations, "We will impose costs on you until you get the point." Gen. Paul Nakasone, the commander of United States Cyber Command, was given more leeway to conduct offensive online operations without obtaining presidential approval.

Gen. Paul Nakasone, the commander of United States Cyber Command, was given more leeway to conduct offensive online operations without obtaining presidential approval. Credit Erin Schaff for The New York Times

Two administration officials said they believed Mr. Trump had not been briefed in any detail about the steps to place "implants" -- software code that can be used for surveillance or attack -- inside the Russian grid.

Pentagon and intelligence officials described broad hesitation to go into detail with Mr. Trump about operations against Russia for concern over his reaction -- and the possibility that he might countermand it or discuss it with foreign officials, as he did in 2017 when he mentioned a sensitive operation in Syria to the Russian foreign minister.

Because the new law defines the actions in cyberspace as akin to traditional military activity on the ground, in the air or at sea, no such briefing would be necessary, they added.

The intent of the operations was described in different ways by several current and former national security officials. Some called it "signaling" Russia, a sort of digital shot across the bow. Others said the moves were intended to position the United States to respond if Mr. Putin became more aggressive.

So far, there is no evidence that the United States has actually turned off the power in any of the efforts to establish what American officials call a "persistent presence" inside Russian networks, just as the Russians have not turned off power in the United States. But the placement of malicious code inside both systems revives the question of whether a nation's power grid -- or other critical infrastructure that keeps homes, factories, and hospitals running -- constitutes a legitimate target for online attack.

Already, such attacks figure in the military plans of many nations. In a previous post, General Nakasone had been deeply involved in designing an operation code-named Nitro Zeus that amounted to a war plan to unplug Iran if the United States entered into hostilities with the country.

How Mr. Putin's government is reacting to the more aggressive American posture described by Mr. Bolton is still unclear. "It's 21st-century gunboat diplomacy," said Robert M. Chesney, a law professor at the University of Texas, who has written extensively about the shifting legal basis for digital operations. "We're showing the adversary we can inflict serious costs without actually doing much. We used to park ships within sight of the shore. Now, perhaps, we get access to key systems like the electric grid."

Russian intrusion on American infrastructure has been the background noise of superpower competition for more than a decade.

A successful Russian breach of the Pentagon's classified communications networks in 2008 prompted the creation of what has become Cyber Command. Under President Barack Obama, the attacks accelerated. But Mr. Obama was reluctant to respond to such aggression by Russia with counterattacks, partly for fear that the United States' infrastructure was more vulnerable than Moscow's and partly because intelligence officials worried that by responding in kind, the Pentagon would expose some of its best weaponry.

At the end of Mr. Obama's first term, government officials began uncovering a Russian hacking group, alternately known to private security researchers as Energetic Bear or Dragonfly. But the assumption was that the Russians were conducting surveillance, and would stop well short of actual disruption.

That assumption evaporated in 2014, two former officials said, when the same Russian hacking outfit compromised the software updates that reached into hundreds of systems that have access to the power switches.

"It was the first stage in long-term preparation for an attack," said John Hultquist, the director of intelligence analysis at FireEye, a security company that has tracked the group.

In December 2015, a Russian intelligence unit shut off power to hundreds of thousands of people in western Ukraine. The attack lasted only a few hours, but it was enough to sound alarms at the White House.

A team of American experts was dispatched to examine the damage, and concluded that one of the same Russian intelligence units that wreaked havoc in Ukraine had made significant inroads into the United States energy grid, according to officials and a homeland security advisory that was not published until December 2016. Advertisement

"That was the crossing of the Rubicon," said David J. Weinstein, who previously served at Cyber Command and is now chief security officer at Claroty, a security company that specializes in protecting critical infrastructure.

In late 2015, just as the breaches of the Democratic National Committee began, yet another Russian hacking unit began targeting critical American infrastructure, including the electricity grid and nuclear power plants. By 2016, the hackers were scrutinizing the systems that control the power switches at the plants. In 2012, the defense secretary at the time, Leon E. Panetta, was warned of Russia's online intrusions, but President Barack Obama was reluctant to respond to such aggression by Moscow with counterattacks. Credit Luke Sharrett for The New York Times

Image
In 2012, the defense secretary at the time, Leon E. Panetta, was warned of Russia's online intrusions, but President Barack Obama was reluctant to respond to such aggression by Moscow with counterattacks. Credit Luke Sharrett for The New York Times

Until the last few months of the Obama administration, Cyber Command was largely limited to conducting surveillance operations inside Russia's networks. At a conference this year held by the Hewlett Foundation, Eric Rosenbach, a former chief of staff to the defense secretary and who is now at Harvard, cautioned that when it came to offensive operations "we don't do them that often." He added, "I can count on one hand, literally, the number of offensive operations that we did at the Department of Defense."

But after the election breaches and the power grid incursions, the Obama administration decided it had been too passive.

Mr. Obama secretly ordered some kind of message-sending action inside the Russian grid, the specifics of which have never become public. It is unclear whether much was accomplished.

"Offensive cyber is not this, like, magic cybernuke where you say, 'O.K., send in the aircraft and we drop the cybernuke over Russia tomorrow,'" Mr. Rosenbach said at the conference, declining to discuss specific operations.

After Mr. Trump's inauguration, Russian hackers kept escalating attacks.

Mr. Trump's initial cyberteam decided to be far more public in calling out Russian activity. In early 2018, it named Russia as the country responsible for " the most destructive cyberattack in human history ," which paralyzed much of Ukraine and affected American companies including Merck and FedEx.

When General Nakasone took over both Cyber Command and the N.S.A. a year ago, his staff was assessing Russian hackings on targets that included the Wolf Creek Nuclear Operating Corporation , which runs a nuclear power plant near Burlington, Kan., as well as previously unreported attempts to infiltrate Nebraska Public Power District's Cooper Nuclear Station, near Brownville. The hackers got into communications networks, but never took over control systems.

In August, General Nakasone used the new authority granted to Cyber Command by the secret presidential directive to overwhelm the computer systems at Russia's Internet Research Agency -- the group at the heart of the hacking during the 2016 election in the United States. It was one of four operations his so-called Russia Small Group organized around the midterm elections. Officials have talked publicly about those, though they have provided few details.

But the recent actions by the United States against the Russian power grids, whether as signals or potential offensive weapons, appear to have been conducted under the new congressional authorities.

As it games out the 2020 elections, Cyber Command has looked at the possibility that Russia might try selective power blackouts in key states, some officials said. For that, they said, they need a deterrent.

In the past few months, Cyber Command's resolve has been tested. For the past year, energy companies in the United States and oil and gas operators across North America discovered their networks had been examined by the same Russian hackers who successfully dismantled the safety systems in 2017 at Petro Rabigh, a Saudi petrochemical plant and oil refinery.

The question now is whether placing the equivalent of land mines in a foreign power network is the right way to deter Russia. While it parallels Cold War nuclear strategy, it also enshrines power grids as a legitimate target.

"We might have to risk taking some broken bones of our own from a counterresponse, just to show the world we're not lying down and taking it," said Robert P. Silvers, a partner at the law firm Paul Hastings and former Obama administration official. "Sometimes you have to take a bloody nose to not take a bullet in the head down the road." David E. Sanger reported from Washington, and Nicole Perlroth from San Francisco


Bitsy Fort Collins, CO 6h ago Times Pick

See the Zero Days documentary, available on several streaming services, if you want to better understand this issue and its origins and early applications (successful attack on Iranian centrifuges as one example). This cat has been out of the bag for some time.
Dubliner Dublin 6h ago Times Pick
Not willing to discuss it with the President but happy to chat about it with reporters..? If the President didn't know about it he does now, so it's hardly a successful strategy. I would presume this is more a way to convince the public that something is being done. Whether there is reality behind it is a different issue.
Stan Chaz Brooklyn,New York 6h ago Times Pick
This scenario sounds like something straight out of Dr, Strangelove. All sides and all actors need to realize that this is a no win game, with the very real possibility of serious harm to the lives and livelihoods of millions of people hanging in the balance.

It's a macho power game that can easily escalate into unintended and out-of-control consequences. As with prior successful nuclear test ban negotiations & treaties we need to step back and consider what's truly in the long-term national interests of all concerned. The citizens of all the countries involved are not pawns to be played with like disposable chess pieces, in a power game with no real winners.

David Henderson Arlington, VA 6h ago Times Pick
On the cyber playing field, the U.S. has so far shown itself still in the minor leagues against other nations. If the U.S. is so bold as to reveal action against Russia's power grid, we'd be best advised to stock up on candles and batteries.
B. Rothman NYC 6h ago Times Pick
And here is yet another reason for the US to get off the use of public utilities alone for the production of electricity. A big goal for national security ought to be the decentralization of electrical production. Businesses and many individual households could do this and create a manufacturing boom at the same time. Too bad the guys in charge are so fixated on making energy money in way only.
newsmaned Carmel IN 6h ago Times Pick
What's most disturbing about this article is that Trump hasn't been told much about it, out of concern he could screw it up. It raises the question of how much the president is actually The President or just an obstacle to be managed while parts of the federal government are haring off on their own into uncharted waters.
TMah Salt Lake City 10h ago Times Pick
The US Military revealing that they have done this means that they believe that they have established superiority with this malware, and also the ability to re-establish it if needed. Else, why would they reveal it. If you think what a patchwork the controls on US Power systems, dams, and other key infrastructure are, Russia's must be in much worse shape. Their national systems are likely made up largely of outdated infrastructure, with controls that are a patchwork. Their economy is the size of Italy's, yet they funnel inordinate amounts of money to their armed forces, starving other areas. Their economy is based on petroleum and natural gas, using technology and expertise from European and American companies --just imagine what opportunities that provides.
Bruce1253 San Diego 10h ago Times Pick
We are extremely vulnerable here. The US power grid is made up of a series of local systems that are tied together with high voltage interconnects that allow power to be sent from one system to another to balance loads. Those interconnects are powered by a few, very few, specialized transformers.

These transformers are huge, expensive, and take a long time to build. Disruption of these transformers would have devastating consequences. Several years ago we got a taste of this in SoCal. There was a region wide power outage. The back up generators for business's promptly kicked in, no problem. The power outage lasted longer than their fuel supply, you could not drive to the gas station to get more fuel, all of SoCal was without power. One by one these businesses and other critical operations shutdown. Now try to imagine you life with no power at all for just a short time, say a week. . . .

Telly55 St Barbara 10h ago Times Pick
This turn of events is truly disturbing, as it presents the seriousness, now, of how cyberwar is more likely a prelude to actual war. But what it most alarming is that we have a President who cannot be trusted to honor the institutional frameworks around National Security and our own Intelligence Institutions and organization. It is the height of incredulity to know that his narcissism, coupled with his sense of authoritarian marriage to wealth and delusions of Royalty, is the weakest point, now, in our security as a nation. So--given these new developments: what about all those earlier attempt to create "back channels" with Russia???

Does Trump feign arrogance and disinterest in reading and keeping up on Security and Intelligence briefings--so that he can assimilate what he chooses to "hear/grasp" and then operate on such information as it might fit is grifter family's greed and faux aristocratic delusions? There is much to worry us--and it is worse than daily lies...

William Romp, Vermont | June 15

It is telling that the language of military "defense" has become indistinguishable from that of military offense. Aggressive malware intrusions into foreign countries' sensitive (and sovereign) computer systems is now seen as a standard security procedure. "Gunboat diplomacy" is not an apt metaphor, as gunboats remained at discreet distances from borders. Our cyber policy is more akin to placing bombs in the public squares of foreign cities with threats to detonate.

Absent in this discussion is the distinction between military targets of cyber warfare and civilian targets, if such distinctions remain. America prepares to unplug millions of Russian citizens, including the elderly and children, plus hospitals and other sensitive civilian infrastructure targets, in order to "inflict pain" (on foreign citizens) and "send a message" (to foreign politicians). The abandonment of moral principles formerly displayed by American institutions is striking.

The failure of leadership on all sides is even more striking. Having spent many months in Russia and China I can tell you (as can anyone who has travelled beyond the tourist destinations) that the people there hold largely positive feelings toward Americans and other foreigners. A small minority of xenophobes and racists dominate the leadership, as in America, and form foreign policies that are at odds with the citizenship, at odds with moral justice, and at odds with humanity.

Viv, .|10h ago

@William Romp

In the abstract, of course people hold positive views of their "enemy" nations. In practice, it is not at all true.

You don't need to travel to Russia to find Russians who have been victims of American xenophobia and bigotry. They're right there in America.

Americans has never really held to "moral" standards of war.

To this day you have people believing that dropping atomic bombs on civilians was the right thing to do because it "minimized" loss of life. This is absurd.

To this day you have people believing that it was okay to not only finance the mujahadeen in Afghanistan, but indoctrinate their children to be war fighters.

There's nothing to be proud about this "moral" leadership.

Tim Rutledge, California | June 15

Won't they just do the same to us? This is the strategy?

DaWill, 11 hours ago

"Pentagon and intelligence officials described broad hesitation to go into detail with Mr. Trump about operations against Russia for concern over his reaction - and the possibility that he might countermand it or discuss it with foreign officials, as he did in 2017 when he mentioned a sensitive operation in Syria to the Russian foreign minister."

Restated, the Commander In Chief is not briefed on military operations for fear of betrayal. I feel like I'm going nuts. Someone please tell me what is going on in this country!

Carlos Fiancé Oak Park, Il | June 15
I appreciate this article. The US media breathlessly report on Russia spending a few hundred thousand on Facebook, but rarely do they recount all the ways the US meddles with Russia, as well as a host of other countries. "Let him who is without sin cast the first stone", as Jesus (doubtfully) said.

Pete, CA|11h ago, @HonorB14U

Actually, everything you could think of in American 'technology' is the result of government, usually military, development projects. The internet and everything associated with it came out of DARPA. American advances in solid state integrated circuitry are the results of satellite, rocketry, i.e. military development.

Castanet, MD-DC-VA | June 15

Another theatre of war where Pandora's unintended consequences plays a major role. We hope the better angels will be able to keep the balance. And put the lid back on the box, and put the box away forever.

Norman, NYC|9h ago

@TMah

Outdated infrastructure is less vulnerable to cyberattacks. It's not connected to the internet. It's like the railroads in Atlas Shrugged. When the latest technology is left dysfunctional, you can go back to the manual controls.

If I was designing digital equipment that's so complicated it's essentially a black box and you can't understand what's going on inside, I'd design it with a fallback to simpler controls, even manual controls.

C.O., Germany|11h ago

For me it is really amazing that so many believe in the meddling of Russia in the US-election in 2016. I at least have never seen or read about concrete evidence that they did. What was apparent, however, was the misuse of social media like Facebook and Co in the election. They are open to everyone who can speak English, and everyone can use fake names. I am sure there were indeed waves of misinformation among voters in the US. But every reasonable person could have read American newspapers or watched American television to correct fake news if they pop up. In addition, I think that FoxNews, Trump's and Steve Bannon's disruptive and manipulative ideology and the massive campaign funds have been much more effective for Trump's victory. To blame it all on Russia is really too simple and in the end rather dangerous. To call for "persistent presence" inside Russian and its digital systems, as Bolton does, moreover shows that the US is not an innocent victim but up to the state of art. Frightening.

N. Smith, New York City|6h ago

It speaks volumes that Donald Trump was not informed and purposely kept out of the loop about these cyber operations against Russia's power grid.
But it's not surprising.

Especially when only a few days ago before walking it back, this President said that he'd have no problem taking advantage of any available information to undercut his opponent, obviously forgetting that Russia already took him up this invitation in the 2016 elections.

No doubt they're primed to do it again. Sooner or later Americans will come to the realization that Vladimir Putin is an ex-KGB operative who plans to restore Russia to its former Soviet glory. And the Cold War never ended.

Phil, Brooklyn | 4h ago

So your argument is that it's a good thing that the military is staging attacks against a nuclear power, basically without any oversight from any branch of government?

Paul, Virginia | June 15

The use of cyber attacks is another slippery road to actual shooting war. Some says that cyber warfare would deter or prevent nations from actually going to war with each other. This is wishful thinking for the national survival instinct would force a nation on the verge of being plunged into darkness and thus cyber defeat to resort to nuclear weapons or maximum conventional warfare which could easily lead to the use of nuclear weapons.
The world's leading powers should come together, discuss, and agree to a treaty outlawing the use of cyber attacks against other nations' power grids and other online systems essential for human welfare. The world cannot afford another arm race similar to the nuclear arm race after WW II that has since placed the survival of the human race on the vagaries of a few men.

Michael, Evanston, IL|June 15

@M. Casey Yes, and we have been doing it to them (and others) for some time. So it is a perfectly reasonable response to wonder if this won't simply escalate. And I hardly assume that this is a transparent process in which we will even know what is going on.

TPH, Colorado|11h ago

@David Henderson Actually, the US has been deeply involved in cyber-warfare for over nine years. In June 2010, the US attacked Iran with a cyber-attack and, together with Israel, completely took out the Iranian military nuclear facility in Natanz with the cyber-worm 'Stuxnet'. That attack destroyed over 1,000 nuclear centrifuges and pushed the Iranian nuclear program back by at least two years. The type of attacks on civilian power plants now being discussed would be a cakewalk in comparison. Nearly ten years of continuing development has taken place since -- not just in the US -- and the tech people working for and with the US government are some of the best in the world.

If the US has decided to start implanting the latest 2019 malware in the Russian power grid, they have a real reason for concern. It will be far more damaging and difficult to stop than anything the Russians have yet to develop.

[Jun 15, 2019] In Baltimore and Beyond, a Stolen NSA Tool Wreaks Havoc by Nicole Perlroth and Scott Shane

The idea that NonPetya was developed using NSA exploit EternalBlu is most probably false
Notable quotes:
"... Some F.B.I. and Homeland Security officials, speaking privately, said more accountability at the N.S.A. was needed. A former F.B.I. official likened the situation to a government failing to lock up a warehouse of automatic weapons. ..."
"... "I disagree completely," said Tom Burt, the corporate vice president of consumer trust, insisting that cyberweapons could not be compared to pickup trucks. "These exploits are developed and kept secret by governments for the express purpose of using them as weapons or espionage tools. They're inherently dangerous. When someone takes that, they're not strapping a bomb to it. It's already a bomb." ..."
"... Brad Smith, Microsoft's president, has called for a "Digital Geneva Convention" to govern cyberspace, including a pledge by governments to report vulnerabilities to vendors, rather than keeping them secret to exploit for espionage or attacks. ..."
May 25, 2019 | www.nytimes.com

For nearly three weeks, Baltimore has struggled with a cyberattack by digital extortionists that has frozen thousands of computers, shut down email and disrupted real estate sales, water bills, health alerts and many other services.

But here is what frustrated city employees and residents do not know: A key component of the malware that cybercriminals used in the attack was developed at taxpayer expense a short drive down the Baltimore-Washington Parkway at the National Security Agency, according to security experts briefed on the case.

Since 2017, when the N.S.A. lost control of the tool , EternalBlue, it has been picked up by state hackers in North Korea, Russia and, more recently, China, to cut a path of destruction around the world, leaving billions of dollars in damage. But over the past year, the cyberweapon has boomeranged back and is now showing up in the N.S.A.'s own backyard.

It is not just in Baltimore. Security experts say EternalBlue attacks have reached a high , and cybercriminals are zeroing in on vulnerable American towns and cities, from Pennsylvania to Texas, paralyzing local governments and driving up costs. Advertisement

The N.S.A. connection to the attacks on American cities has not been previously reported, in part because the agency has refused to discuss or even acknowledge the loss of its cyberweapon, dumped online in April 2017 by a still-unidentified group calling itself the Shadow Brokers . Years later, the agency and the Federal Bureau of Investigation still do not know whether the Shadow Brokers are foreign spies or disgruntled insiders.

Thomas Rid, a cybersecurity expert at Johns Hopkins University, called the Shadow Brokers episode "the most destructive and costly N.S.A. breach in history," more damaging than the better-known leak in 2013 from Edward Snowden, the former N.S.A. contractor.

"The government has refused to take responsibility, or even to answer the most basic questions," Mr. Rid said. "Congressional oversight appears to be failing. The American people deserve an answer."

The N.S.A. and F.B.I. declined to comment.

Since that leak, foreign intelligence agencies and rogue actors have used EternalBlue to spread malware that has paralyzed hospitals, airports, rail and shipping operators, A.T.M.s and factories that produce critical vaccines. Now the tool is hitting the United States where it is most vulnerable, in local governments with aging digital infrastructure and fewer resources to defend themselves.

On May 7, city workers in Baltimore had their computers frozen by hackers. Officials have refused to pay the $100,000 ransom. Credit .

Image
On May 7, city workers in Baltimore had their computers frozen by hackers. Officials have refused to pay the $100,000 ransom. Credit .

Before it leaked, EternalBlue was one of the most useful exploits in the N.S.A.'s cyberarsenal. According to three former N.S.A. operators who spoke on the condition of anonymity, analysts spent almost a year finding a flaw in Microsoft's software and writing the code to target it. Initially, they referred to it as EternalBluescreen because it often crashed computers -- a risk that could tip off their targets. But it went on to become a reliable tool used in countless intelligence-gathering and counterterrorism missions. Advertisement

EternalBlue was so valuable, former N.S.A. employees said, that the agency never seriously considered alerting Microsoft about the vulnerabilities, and held on to it for more than five years before the breach forced its hand.

The Baltimore attack , on May 7, was a classic ransomware assault. City workers' screens suddenly locked, and a message in flawed English demanded about $100,000 in Bitcoin to free their files: "We've watching you for days," said the message, obtained by The Baltimore Sun . "We won't talk more, all we know is MONEY! Hurry up!"

Today, Baltimore remains handicapped as city officials refuse to pay, though workarounds have restored some services. Without EternalBlue, the damage would not have been so vast, experts said. The tool exploits a vulnerability in unpatched software that allows hackers to spread their malware faster and farther than they otherwise could.

North Korea was the first nation to co-opt the tool, for an attack in 2017 -- called WannaCry -- that paralyzed the British health care system, German railroads and some 200,000 organizations around the world. Next was Russia, which used the weapon in an attack -- called NotPetya -- that was aimed at Ukraine but spread across major companies doing business in the country. The assault cost FedEx more than $400 million and Merck, the pharmaceutical giant, $670 million.

The damage didn't stop there. In the past year, the same Russian hackers who targeted the 2016 American presidential election used EternalBlue to compromise hotel Wi-Fi networks. Iranian hackers have used it to spread ransomware and hack airlines in the Middle East, according to researchers at the security firms Symantec and FireEye.

"It's incredible that a tool which was used by intelligence services is now publicly available and so widely used," said Vikram Thakur, Symantec's director of security response. Sign Up for The Daily Newsletter

Every Friday, get an exclusive look at how one of the week's biggest news stories on "The Daily" podcast came together.

One month before the Shadow Brokers began dumping the agency's tools online in 2017, the N.S.A. -- aware of the breach -- reached out to Microsoft and other tech companies to inform them of their software flaws. Microsoft released a patch, but hundreds of thousands of computers worldwide remain unprotected. Microsoft employees reviewing malware data at the company's offices in Redmond, Wash. EternalBlue exploits a flaw in unpatched Microsoft software.

Hackers seem to have found a sweet spot in Baltimore, Allentown, Pa., San Antonio and other local, American governments, where public employees oversee tangled networks that often use out-of-date software. Last July, the Department of Homeland Security issued a dire warning that state and local governments were getting hit by particularly destructive malware that now, security researchers say, has started relying on EternalBlue to spread.

Microsoft, which tracks the use of EternalBlue, would not name the cities and towns affected, citing customer privacy. But other experts briefed on the attacks in Baltimore, Allentown and San Antonio confirmed the hackers used EternalBlue. Security responders said they were seeing EternalBlue pop up in attacks almost every day.

Amit Serper, head of security research at Cybereason, said his firm had responded to EternalBlue attacks at three different American universities, and found vulnerable servers in major cities like Dallas, Los Angeles and New York.

The costs can be hard for local governments to bear. The Allentown attack, in February last year, disrupted city services for weeks and cost about $1 million to remedy -- plus another $420,000 a year for new defenses, said Matthew Leibert, the city's chief information officer.

He described the package of dangerous computer code that hit Allentown as "commodity malware," sold on the dark web and used by criminals who don't have specific targets in mind. "There are warehouses of kids overseas firing off phishing emails," Mr. Leibert said, like thugs shooting military-grade weapons at random targets. Advertisement

The malware that hit San Antonio last September infected a computer inside Bexar County sheriff's office and tried to spread across the network using EternalBlue, according to two people briefed on the attack.

This past week, researchers at the security firm Palo Alto Networks discovered that a Chinese state group, Emissary Panda, had hacked into Middle Eastern governments using EternalBlue.

"You can't hope that once the initial wave of attacks is over, it will go away," said Jen Miller-Osborn, a deputy director of threat intelligence at Palo Alto Networks. "We expect EternalBlue will be used almost forever, because if attackers find a system that isn't patched, it is so useful." Adm. Michael S. Rogers, who led the N.S.A. during the leak, has said the agency should not be blamed for the trail of damage. Credit Erin Schaff for The New York Times

Image

Until a decade or so ago, the most powerful cyberweapons belonged almost exclusively to intelligence agencies -- N.S.A. officials used the term "NOBUS," for "nobody but us," for vulnerabilities only the agency had the sophistication to exploit. But that advantage has hugely eroded, not only because of the leaks, but because anyone can grab a cyberweapon's code once it's used in the wild.

Some F.B.I. and Homeland Security officials, speaking privately, said more accountability at the N.S.A. was needed. A former F.B.I. official likened the situation to a government failing to lock up a warehouse of automatic weapons.

In an interview in March, Adm. Michael S. Rogers, who was director of the N.S.A. during the Shadow Brokers leak, suggested in unusually candid remarks that the agency should not be blamed for the long trail of damage. Advertisement

"If Toyota makes pickup trucks and someone takes a pickup truck, welds an explosive device onto the front, crashes it through a perimeter and into a crowd of people, is that Toyota's responsibility?" he asked. "The N.S.A. wrote an exploit that was never designed to do what was done."

At Microsoft's headquarters in Redmond, Wash., where thousands of security engineers have found themselves on the front lines of these attacks, executives reject that analogy.

"I disagree completely," said Tom Burt, the corporate vice president of consumer trust, insisting that cyberweapons could not be compared to pickup trucks. "These exploits are developed and kept secret by governments for the express purpose of using them as weapons or espionage tools. They're inherently dangerous. When someone takes that, they're not strapping a bomb to it. It's already a bomb."

Brad Smith, Microsoft's president, has called for a "Digital Geneva Convention" to govern cyberspace, including a pledge by governments to report vulnerabilities to vendors, rather than keeping them secret to exploit for espionage or attacks.

Last year, Microsoft, along with Google and Facebook, joined 50 countries in signing on to a similar call by French President Emmanuel Macron -- the Paris Call for Trust and Security in Cyberspace -- to end "malicious cyber activities in peacetime."

Notably absent from the signatories were the world's most aggressive cyberactors: China, Iran, Israel, North Korea, Russia -- and the United States.

[Jun 15, 2019] Two filthy NYT neocons try to provoke Russia to attack the USA power grid

Looks like NYT provocation. Coordinated with whom? With Brennan and his cabal?
I wonder what will be reaction of Russian authorities and military intelligence on reading this stupid provocation. Hopefully they will not overreact.
Notable quotes:
"... I think they're revealing it because it may be for Russian ears, but not necessarily true or as good as stated. Misinformation abounds, especially when they're letting the press in. Mass destruction anyone? In Reply to Socrates ..."
"... While Obama and Trump are obviously different in some ways, this article reveals yet another continuity between their administrations. Burgeoning attacks on a foreign country's power grid, and little need for prior approval and oversight. ..."
"... Given the timing and the decision to talk about something so classified just now, I take this to be a threat aimed at Iran. "General Nakasone had been deeply involved in designing an operation code-named Nitro Zeus that amounted to a war plan to unplug Iran if the United States entered into hostilities with the country." The leak is an escalation, a threat. ..."
"... This will not end well. The unspoken assumption behind this issue is that the US assumes it must have dominance in all relations to other countries, and that moral outrage for such acts do not apply to us, because we are the "good guys" of course. ..."
"... It's always the big-mouth in the bar that starts the bar fight, then he sneaks out the side door while the rest of us get hit with beer bottles. ..."
"... What about attaching a price to the US's misdeeds, there are plenty of them, Iraq, and all the other US forced regime changes or attempted regime change as in Syria and Venezuela. ..."
"... Giving the military the authority to decide if and when a cyber attack occurs seems unconstitutional. And it seems very dangerous. Just because the actions originate on computer networks doesn't mean it's not violence against a foreign power. Even though everyone is dancing around the issue, a cyber attack is an act of war. Congress is supposed to make decisions on attacks by the military. It seems very Dr. Strangelove-like to me. Very risky giving a military commander the authority to start a war. ..."
"... Of course, the problem with all these "implants" and zero-day exploits is that once they are out there, they are readily deconstructed, repurposed, and turned back to bite us in new form, as has already happened on numerous occasions. ..."
"... To this day you have people believing that it was okay to not only finance the mujahadeen in Afghanistan, but indoctrinate their children to be war fighters. There's nothing to be proud about this "moral" leadership. ..."
"... Sure, the US can install malware deep inside Russia's grid. But that doesn't mean that the American cyberwar gambit is effective. And it doesn't mean that the US has the capacity to prevent Russia from using malware to inflict even deeper damage on the American grid. ..."
"... To understand exactly who is probably getting the better of who in this conflict, we need to ask ourselves what motivates Russia and America to fight this conflict. The answer doesn't bode well for Americans. Russia, which has been on the defensive since the fall of the USSR three decades ago, is fighting to protect its sovereignty against American encroachment. ..."
"... We could have mandated IPV6 with its better security model twenty years ago. We could encourage end-to-end encryption to secure networks. We could have directed the NSA and other security agencies to search out and fix bugs in software libraries instead of building backdoors that are now open to everyone. Instead everything gets converted to a weapon. Fear reigns supreme. Then we go to war and the merchants of death make huge profits ..."
"... The U.S. escalates cyber attacks on Russia's power grid. However, the Pentagon [and NSA] will not brief Trump because he might "countermand it or discuss it with foreign officials" as he did before with the Russians. Folks, we're running an unchecked cyber war against a global nuclear power without the involvement of POTUS who isn't interested, doesn't care, and is too busy complaining about CNN on Twitter. We are a banana republic and no one is minding the store ..."
"... I just don't get it. The New York Times publishing what surely must be classified information about a secret incursion by the U.S. government into the Russian power grid! And Julian Assange is criminally charged for doing the same thing? ..."
"... The US is certainly a very offensive country. The US Is considered The Exceptional World Leader. I don't know if the world can survive such leadership. The US is going to drown in its military superiority, and settle into a state of violent mediocrity with a poorly educated, somewhat unhealthy citizenry with loads of of weaponry, poor mental health and lots of drug addiction and a country with the world's highest rate of incarceration and lousy infrastructure. ..."
"... And for all of those who are blaming Russia, kindly remember how the U.S. started all this with the creation and deployment of Stuxnet against Iran. ..."
"... This reminds me of the Cold War. We were sold a bill of goods about Russia's capacity to harm us when, we the US was actually the aggressor, JFK sold this under the brand of "Missile Gap". The United States is, as usual, the aggressor here. The US Empire wants to control the world. Any independent nation will be considered a threat and not be tolerated. This demonization of Russia is an embarrassment and worse, is extremely dangerous, The Russian bear is not to be trifled with, despite American fantasies. ..."
"... The world needs a Cyber Geneva Convention. Immediately if not years ago. All the tunnel vision patriotic cheering in these comments is very alarming. Think about where Cyber War could go, what it could do, who it would harm. ..."
"... This is the path to the military itself becoming a danger to the state through ill-considered unilateral action. ..."
"... "Defend forward?" A new entry in the Newspeak dictionary... We are partying like it's 1984. ..."
"... "Pentagon and intelligence officials described broad hesitation to go into detail with Mr. Trump about operations against Russia for concern over his reaction..." So the commander of United States Cyber Command, Gen. Paul M. Nakasone, decided to undertake an overt act of war and not tell his Commander in Chief because he thought he might disagree? If true, Trump should fire this guy tomorrow, if not court-martial him for insubordination. ..."
"... Something's wrong with this article. A newspaper is telling the world that the US is messing around with Russia's power grid? Shouldn't this be super confidential? Basically now Russians are allowed to re tagliate in any way for what the USA is doing. What would be the reaction of the US if the situation was reversed? A bunch of blackouts in NYC, Chicago, San Francisco and the Russians saying "we did it"? Our military would bomb them right away! ..."
"... GREAT ! A military junta within the Trump regime...what could go wrong. ..."
"... There is a real danger in deploying cyber-mines in adversary systems. All code can be broken and used in retaliation. Even so-called "encapsulated" code can be disassembled. STUXNET was disassembled and repurposed as ransom-ware. ..."
Jun 15, 2019 | www.nytimes.com

Bruce Rozenblit Kansas City, MO 11h ago

This is very disturbing and it threatens the security of the entire planet. Cyber warfare is cheap. As this technology continues to develop, no nation, no industry, no utility will be safe. Just as many nations want the bomb, many will want this capability and they don't have to spend much to have it. The economic and human costs of disrupting power flows could be huge. This isn't a video game. It is real warfare. We should be extremely cautious with the application of these cyber tools. Do we want to live in a world where nation states are actively trying to cripple any infrastructure they can get at? Talk about the war of all against all. It is also very troubling that organizations within our government can carry out these incursions without specific orders from the top of our command structures. We can't have the dept. of this or that conducting assaults on other nations on their own. Everyone can see where that aircraft carrier is, but no one can see that malware hiding in a water treatment center. These weapons cause us to lose our ability of command and control. That's the real danger here, loss of command and control. We already have president who has command but no control. We don't need a dozen agencies with the same problem.
alanore or 9h ago
@TMah

I think they're revealing it because it may be for Russian ears, but not necessarily true or as good as stated. Misinformation abounds, especially when they're letting the press in. Mass destruction anyone? In Reply to Socrates

Socrates Downtown Verona. NJ 8h ago
@Marcus Aurelius

"the action inside the Russian electric grid appears to have been conducted under little-noticed new legal authorities, slipped into the military authorization bill passed by Congress last summer. " That bipartisan bill, now law, is known as "H.R.5515 - The John S. McCain National Defense Authorization Act for Fiscal Year 2019", was reluctantly signed by Donald Trump; he hated the law because it was named after an American patriot and hero that he hated.

JDM South Bend, IN June 15
While Obama and Trump are obviously different in some ways, this article reveals yet another continuity between their administrations. Burgeoning attacks on a foreign country's power grid, and little need for prior approval and oversight.
David G. Wisconsin 11h ago
How did we ever survive for half a century without putting our power grid on the internet? Get our power back off the internet, create some extra jobs to do what computers do now, raise prices a couple of percent to cover the new employees, and avoid the worry about hacking the grid. 2 Replies
Mark Thomason Clawson, MI 6h ago
Given the timing and the decision to talk about something so classified just now, I take this to be a threat aimed at Iran. "General Nakasone had been deeply involved in designing an operation code-named Nitro Zeus that amounted to a war plan to unplug Iran if the United States entered into hostilities with the country." The leak is an escalation, a threat.
William Wroblicka Northampton, MA 4h ago
It seems to be common knowledge that our country's electric grid has been infiltrated by the Russians. What I don't understand, given this situation, is why the compromised systems can't be purged of any malware that might be present and the security holes that allowed it to be installed in the first place patched.

Retail software companies (e.g., Microsoft) are finding security vulnerabilities in and releasing updates to their products all the time. What's so different about industrial software systems?

Scott Newton San Francisco , Ca 6h ago
This will not end well. The unspoken assumption behind this issue is that the US assumes it must have dominance in all relations to other countries, and that moral outrage for such acts do not apply to us, because we are the "good guys" of course. Almost anything that another country can be accused of (interfering in elections, cyber-espionage, stealing trade secrets and technology) is something almost surely done by the US first to others. I applaud the NYT for reporting this, but reporters should question the reasoning behind it a bit more. 1 Reply
itsmildeyes philadelphia 8h ago
It's always the big-mouth in the bar that starts the bar fight, then he sneaks out the side door while the rest of us get hit with beer bottles. Sure wish the bouncer had stopped DJT and his entourage at the door.
CK Rye 11h ago
@Socrates - But keep in mind: just any blue will NOT do. Reject Neoliberals without hesitation! In

Reply to Mauichuck

KC Okla 4h ago
They're what? My son graduated in 2002 and we've been at war or trying to start one ever since. Can we not do anything but build weapons of death and destruction and look for ways to put them to use? This war thing is getting out of control.
Lucy Cooke California 8h ago
@GV

What about attaching a price to the US's misdeeds, there are plenty of them, Iraq, and all the other US forced regime changes or attempted regime change as in Syria and Venezuela.

The US has wrecked lots of countries with its superior military and awesome financial clout. The US is going to drown in its military superiority, and settle into a state of violent mediocrity with a poorly educated, somewhat unhealthy citizenry with loads of of weaponry, poor mental health and lots of drug addiction and a country with the world's highest rate of incarceration and lousy infrastructure.

If the US would just drown quickly, before it destroys the livability of the world, perhaps Europe, Russia and China could cooperate enough to save the world.

Michael Chicago 11h ago
Giving the military the authority to decide if and when a cyber attack occurs seems unconstitutional. And it seems very dangerous. Just because the actions originate on computer networks doesn't mean it's not violence against a foreign power. Even though everyone is dancing around the issue, a cyber attack is an act of war. Congress is supposed to make decisions on attacks by the military. It seems very Dr. Strangelove-like to me. Very risky giving a military commander the authority to start a war. 1 Reply
LiorSamson Mass 6h ago
Of course, the problem with all these "implants" and zero-day exploits is that once they are out there, they are readily deconstructed, repurposed, and turned back to bite us in new form, as has already happened on numerous occasions.

Those of us in the cybersecurity community have been sounding the alarm for more than a decade, whether in professional papers, the general press, or in fictionalized accounts. With escalation, we are virtually inviting the Russians to mount counterattacks, the cost of which could be incalculable. Our natural gas transmission network may be even more vulnerable than our power grid, as an industry insider confessed to me prompting the writing of Gasline in 2013. Of course, now we have Trump on the trigger and...

Clearwater Oregon June 15
I can't wait until this US president is gone so that our future Executive branch can directly and positively (not out of self interest or hind-covering denial) get back to the the table with Russia and bring about real change on both sides. If we don't, one has to assume that all types of cold war warfare can lead to a thermonuclear exchange.

That has always been the potential endgame since 1948. Did you think that was no longer possible after 1991? You, like myself, were being naive. I think it's more possible now than ever before. For we have two authoritarians, each carrying a football named, Doom. 1 Reply

Viv . 11h ago
@William Romp In the abstract, of course people hold positive views of their "enemy" nations. In practice, it is not at all true. You don't need to travel to Russia to find Russians who have been victims of American xenophobia and bigotry. They're right there in America. Americans has never really held to "moral" standards of war. To this day you have people believing that dropping atomic bombs on civilians was the right thing to do because it "minimized" loss of life. This is absurd.

To this day you have people believing that it was okay to not only finance the mujahadeen in Afghanistan, but indoctrinate their children to be war fighters. There's nothing to be proud about this "moral" leadership. In Reply to Viv

Ted McGuire 3h ago
Sure, the US can install malware deep inside Russia's grid. But that doesn't mean that the American cyberwar gambit is effective. And it doesn't mean that the US has the capacity to prevent Russia from using malware to inflict even deeper damage on the American grid.

To understand exactly who is probably getting the better of who in this conflict, we need to ask ourselves what motivates Russia and America to fight this conflict. The answer doesn't bode well for Americans. Russia, which has been on the defensive since the fall of the USSR three decades ago, is fighting to protect its sovereignty against American encroachment.

The US, meanwhile, isn't fighting because it has to. America is fighting Russia simply to aggrandize its own power, and to expand its influence over world affairs. In my opinion, Russia is the power that has greater motivation to win this fight. For this reason, any American effort to defeat Russia by using cyberwarfare is likely to trigger a devastating Russian response. The US should quit while it's ahead. 1 Reply

rbitset Palo Alto 4h ago
Reagan talked about a missile shield, a Star Wars defense, that would make nuclear weapons obsolete. Almost 40 years later we know that was a pipe dream. But we can be safe in cyberspace. Many of the tools are there. A few more might need to be invented. What stands in the way? A U.S. government that wants, claims to need, to spy on everyone including its citizens stands in the way. Businesses that want to vacuum up and sell everyone's information stand in the way. Hardware companies that want to lease you a networked service instead of a stand alone device stand in the way.

We could have mandated IPV6 with its better security model twenty years ago. We could encourage end-to-end encryption to secure networks. We could have directed the NSA and other security agencies to search out and fix bugs in software libraries instead of building backdoors that are now open to everyone. Instead everything gets converted to a weapon. Fear reigns supreme. Then we go to war and the merchants of death make huge profits.

Bruce1253 San Diego 8h ago
@B. Rothman Micro grids would be helpful, yes, but what about large businesses? Say the ones who make the fuel for your home furnace, or that power the compressors for your natural gas? Or that power the giant freezers at the plant that makes your french fries? My point is that we are really interconnected, and vulnerable to attacks as described in this article. This is the kind of thing that gives the cyber security pro at you local utility nightmares. We are balanced on a ball. In Reply to Eric Peterson
Dave Madison. WI 11h ago
@M. Casey - Here we go with "timidity" and Obama. At the time, and in keeping with the strategy to withhold knowledge of our cyber reach into their systems, Obama's decision probably made sense. Such a thoughtful approach would have benefited us in the phony, "Weapons of Mass Destruction" war against Iraq, which cost thousands of American lives and hundreds of thousands of Iraqi lives. Such a thoughtful approach, which is anathema to chest-pounding chickenhawks, would have also been useful in Vietnam. And the Falklands. And Beirut. And Cuba and... In Reply to JM
Pelasgus Earth 5h ago
Electricity generation and reticulation worked perfectly satisfactorily before the internet, so why does it need to be connected to the internet? The obvious solution to attacks on systems is to cut the internet out of the equation. 2 Replies
Barbara SC 8h ago
@Bruce1253 I have lived through hurricanes that caused power outages for a week or more. Puerto Ricans can tell us just what it's like right now, given the damage they experienced recently. Our forebears lived without power for centuries. We would survive, but we wouldn't enjoy it. In Reply to Larry L
Mark Kinsler Lancaster, Ohio USA 2h ago
Some thoughts from an obsolete old power engineer:

(1) For the most part our power grid can be run by people at the substations and generating plants. There are always manual overrides--to wit: big levers with handles that actuate big switches. This is not a new development, for the systems were initially designed for manual operation. The digital relays were added later.

(2) The whole business makes power guys cringe, for they've been trained to keep the system going. But if necessary, every section of the power grid can be brought back to life by the employees.

(3) No public utility can operate reliably in a war or anywhere else that's lacking basic civil behavior. I'm surprised that cell phones have done so well in combat zones, for they rely on cables to link the towers.

JAS3rd Florida 11h ago
Overdue indeed. Unfortunately, if the U.S. doesn't do it, we would just disadvantage ourselves.
Aaron VanAlstine DuPont, WA 6h ago
The U.S. escalates cyber attacks on Russia's power grid. However, the Pentagon [and NSA] will not brief Trump because he might "countermand it or discuss it with foreign officials" as he did before with the Russians. Folks, we're running an unchecked cyber war against a global nuclear power without the involvement of POTUS who isn't interested, doesn't care, and is too busy complaining about CNN on Twitter. We are a banana republic and no one is minding the store
ldc Woodside, CA 7h ago
@Mark. Ok, but it is inconceivable that either the national security apparatus or his own advisors would have conspired to keep Obama in the dark because they didn't trust him. In Reply to Mark
Hardbop50 Ohio 4h ago
It's clear that most American, including many Times' readers don't understand Putin's strategy toward the U.S. and other democracies of western Europe. The real danger is his attack on our political system and democratic values. While an aggressive cyber defense and hardening of targets is important, cyber operations also need to undermine Russians' confidence in Putin and his government. There are plenty of ways to spread fake news and paranoia in Russia social and political media. The sanctions are our best "weapon". They hurt Russian economy and threaten wealthy oligarchs. If they didn't, why would Putin try so hard to squash them. Unfortunately, the President fails to enforce or expand them. Any guesses why he undermines sanctions?
Mike Ransmil San Bernardino June 15
that's not nice of the US.---disrupting Russia's power [grid]. They will not be happy about this. Donald can expect a phone call from Vladimir, expressing his displeasure!
Eugene NYC 6h ago
The problem, as usual is management. It is not possible underestimate management. Those of us on Long Island were without power after Sandy. In portions of The Rockaways, some 20' or more above sea level, National Grid turned off the power for 15 days. So we know what it is like to have no power. Having solar cells on the roof is no solution because LIPA / PSEG-LI REQUIRES the system to shut down if grid power drops!

But the real question must be, why is the electrical grid vulnerable? Do the control systems use PCs, or rock solid IBM z/OS architecture? Has any z/OS system ever been compromised? Why aren't individual electric systems designed to operate off the regional and therefore national grid in the event of a failure? And whatever happened to synchronous encrypted communication over secure leased lines? These problems are not difficult to solve. They only require a desire. Mr. Cuomo, are you listening?

Ross Stuart NYC 7h ago
I just don't get it. The New York Times publishing what surely must be classified information about a secret incursion by the U.S. government into the Russian power grid! And Julian Assange is criminally charged for doing the same thing? 2 Replies
Doremus Jessup On the move 8h ago
George Orwell would have a great time with all this.
Lucy Cooke California 11h ago
The US is certainly a very offensive country. The US Is considered The Exceptional World Leader. I don't know if the world can survive such leadership. The US is going to drown in its military superiority, and settle into a state of violent mediocrity with a poorly educated, somewhat unhealthy citizenry with loads of of weaponry, poor mental health and lots of drug addiction and a country with the world's highest rate of incarceration and lousy infrastructure.

If the US would just drown quickly, before it destroys the livability of the world, perhaps Europe, Russia and China could cooperate enough to save the world. Or, if enough citizens vote for Senator Bernie Sanders for President, the US could refresh its world leadership with a sane, even wise foreign policy and provide citizens with quality education for all, health care for all, better infrastructure, and, mostly, A FUTURE TO BELIEVE IN. 1 Reply

Mike Iker Mill Valley, CA 7h ago
It's been pointed out for years that our much higher level of internet control of our systems makes us more vulnerable to cyber attacks that Russia or China or Iran and certainly N. Korea. If this story is getting out, and based on the thesis that nothing happens by accident in the political world, the source must think that our defenses are strong enough to more than offset our inherent vulnerabilities. I hope that's true.
Roger Alaska June 15
The fact that we have implanted code is well-known, or at least should be. To say there has been only a handful of offensive operations is either purposely deceitful or shows the lack of access by the person quoted.
Lauren SW Virginia 6h ago
"Pentagon and intelligence officials described broad hesitation to go into detail with Mr. Trump about operations against Russia for concern over his reaction -- and the possibility that he might countermand it or discuss it with foreign officials, as he did in 2017 when he mentioned a sensitive operation in Syria to the Russian foreign minister." Sigh.... our prez. Our number one threat to National Security.
Charles M Saint John, NB, Canada 11h ago
@HonorB14U Always? Who went first into space? If you were a trained technical person in control systems you'd know the names of lots of Russians who made fundamental break-throughs in understanding - more Russian names than I can recall American names. In Reply to HonorB14U
free range upstate 6h ago
This mutual insanity results from the disease people all around the world suffer from: the nation-state. Nation-states, in their modern form only four hundred years old, have taken the world hostage through feverish calls to nationalism and patriotism, deliberately confusing in our minds cultural identity with the nation-state. But cultural identity is not dependent on the nation-state! Either we find a way to free our cultural identities from those in power or, if and when this insane posturing leads to war, we pay the ultimate price of losing our lives.
Woof NY 11h ago
@jrinsc Re to freeze Russian oligarchs out of their ill-gotten assets. London is where Russian oligarchs store their assets See link below No US government has taken on the "City" (UK equivalent of Wall Street) on that issue https://www.economist.com/leaders/2018/10/11/londons-financial-flows-are-polluted-by-laundered-money 16 Replies
Lawrence Colorado 4h ago
Upgrading the grid to be more resilient to hacking and also to better accommodate wind and solar would be a significant, smart, long term investment. It would improve something we all use that really needs improving. It would help reduce our carbon footprint. It would generate good jobs here in America. So instead the GOP spent a trillion dollars on tax breaks for very wealthy people which the corporate kind used mostly for stock buy backs.
Doug Karo Durham, NH 8h ago
If both countries didn't have stable geniuses in charge, I would be pretty worried. If the stability of one of the leaders was not the case, I would be even more worried.
Ron Vermont 11h ago
So all these attacks we're trading have all gone through proper quality control procedures to make sure they don't disrupt anything by accident? Not likely. And with the UK, China, North Korea and others all doing the same, both the large controlling computers and the small embedded control system components are going to start failing due to all the malware they're being asked to hold. Malware will attack expecting it is attacking clean manufacturer supplied software/firmware, but if someone else has already modified it, how will these systems react? This seems like a mutual game of Russian Roulette. Any time an opponent makes a mistake something will break somewhere.
maureen f. Albuquerque, NM 11h ago
The scariest thing about this escalation is that nobody really knows which country--the U.S., Russia, or China--has the best cyber-weapons and cyber-defenses until the cyber-war actually begins. And for all of those who are blaming Russia, kindly remember how the U.S. started all this with the creation and deployment of Stuxnet against Iran. 2 Replies
RL Groves Amherst, MA 2h ago
This reminds me of the Cold War. We were sold a bill of goods about Russia's capacity to harm us when, we the US was actually the aggressor, JFK sold this under the brand of "Missile Gap". The United States is, as usual, the aggressor here. The US Empire wants to control the world. Any independent nation will be considered a threat and not be tolerated. This demonization of Russia is an embarrassment and worse, is extremely dangerous, The Russian bear is not to be trifled with, despite American fantasies.
Floyd New Mexico 4h ago
Why would information of such intelligence operations be publically announced as it has? Baffling. 1 Reply
Ned OSJL 11h ago
The world needs a Cyber Geneva Convention. Immediately if not years ago. All the tunnel vision patriotic cheering in these comments is very alarming. Think about where Cyber War could go, what it could do, who it would harm.
Saba Albany June 15
@M Congress should be at the helm of formulating an overall policy. The power to make war has moved from Congress to the President, and some Presidents have had an attitude of leave it up to the generals. So, the departments have gained power in some cases. Rightfully, Congress should create defensive and offensive policy which the President should endorse and the Cabinet should carry out. In Reply to TJ
J. von Hettlingen Switzerland 6h ago
John Bolton has a long history as a Russia hawk. It seems he's now in involved in ramping up cyber attacks on Russia's power grid, sending the message "You will pay a price" for cyberoperations – like election interference – against the US. ...
James San Clemente, CA 8h ago
I can understand why the U.S. would want to have this capability and to let the Russians know about it for the purposes of deterrence, but still, the news fills me with dread. The U.S. power infrastructure is far from perfect, but as anyone who has lived and worked in Russia knows, their system is much less reliable and far more prone to breakdowns. In addition, for anyone who watched the recent HBO series "Chernobyl," the idea of messing with the power grid in Russia is a little alarming. Russia still operates several RBMK reactors, and although there are repeated assurances that they are safe now, I wouldn't want to put that theory to the test by fiddling with the system. I'm sure our guys are all well aware of this, but, just sayin'...
Joseph Los Angeles 7h ago
And we'd be the first to complain if they did this to us. How about if humans finally stopped behaving like vindictive petulant 8 year olds. We're all stuck on this rock, so get along!
JohnW13 California June 15
Perhaps the most disturbing reveal in this article is that Trump has delegated an undisclosed amount of authority to engage in offensive military action by launching a cyber attack, potentially amounting to an act of war, without direct presidential oversight and approval. Trump issued "National Security Presidential Memoranda 13, giving General Nakasone far more leeway to conduct offensive online operations without receiving presidential approval." 9 Replies
Eric Peterson Napa, CA. 8h ago
@B. Rothman Individual decentralization of your home or business or a factory when the grid power goes out would be a wise move for many. This would most likely be solar or wind and possibly a generator as well, all backed by a battery. The interesting part comes in when your system is connected with the power companies grid. Will it be interactive? If it is then if the power company is hacked you are also hacked. If your system only comes on when the grid power goes off you would not be connected to the power companies grid communication and therefor you would not be hacked. An independent distributed system would keep your power on. Only used when the grid power was off. You would not be able to send excess power to the grid or get paid for excess power from solar or wind. Think military base or critical infrastructure. If all critical systems are isolated they stand alone and cannot be taken down by cyber war fare. This is a redundant system but it does keep the power on when everything else goes down. The only way I can see around this is to be connected to the power grid on a two way communication that is secured and verified to be hack free at all times. Not likely in this day of cyber war. It may be possible to shut down communication to the grid as soon as power goes down, thus isolating the location from any further attack or control by the outside. Then get conformation that it was not an attack, just an ordinary power outage and then reconnect. Simple. In Reply to Eric Peterson
Jo Williams Keizer 11h ago
Power grids as legitimate targets. Affecting hospitals, schools, civilian homes. After 9/11 there was discussion as to whether the Geneva Conventions on war should be modified, and also discussions on designating captured terrorists as POWs or....enemy combatants. A follow up article on how these ...agreements on war....might cover cyber attacks, would be helpful. Shutting off the power to a hospital- or all the hospitals, doctor's offices, clinics in a major city- how many die? Nuclear power plants as targets? If its war, call it war. At least we possible victims will know we aren't just disposable pawns in cyber gamesmanship.
Michael Pittsburgh June 15
Until recently I would be concerned if our military was acting independently of presidential direction or oversight and if the president or presidential advisors were not kept informed of initiatives our military and security forces were undertaking against other nations. Now I am thankful for it. As for the U.S. embedding malware and other malicious software in Russian, Chinese, North Korean, Iranian, Saudi, Israeli, and other potentially hostile nation infrastructure systems, we should be prepared to send them all back to campfires and candles at a moment's notice.
Nick Wright Halifax, NS 6h ago
The article reveals that the military is withholding information from the president about actions it's taking against another country, because it doesn't trust him. Predictably in the current political climate, everyone focuses on what it says about President Trump and fails to consider what it says about the military; i.e., that it feels it has a mandate to decide, at its own discretion, what military action against other nations is in the country's best interests. The military didn't trust President Obama either -- to the extraordinary extent of public insubordination by its top leadership.

How do we know that it obeyed his directive not to wage cyberwarfare against Russia, or any other country? We now have no reason to believe that it did. It doesn't matter that the military distrusts the current and previous president for different reasons. It will defy a strong, competent president as easily as it will sideline a weak, incompetent president. This is the path to the military itself becoming a danger to the state through ill-considered unilateral action.

Meredith New York 8h ago
@Andrzej Warminski...they'd call it 'un-American' to freeze US oligarchs out of ill gotten assets. Russia has its oligarchs, we have ours. Ours get protection for spiraling profits and power by mega donations to the lawmakers we elect, and our own Supreme Court legalized this Constitutional 1st A -Free Speech. This obvious collusion of big money and politics is avoided in our news media, famous for it's 1st Amendment protections from censorship. Russia has it's state media, and we have ours. FOX news functions as the GOP state media, consulting with Trump, and broadcasting his messages daily. Then social media further amplifies this across the country. 16 Replies
R. Fenwick U.S. South 11h ago
@David G. Generally increased use of the internet in any industry is a way to cut labor costs. In the pre-internet days, grid workers were likely paid more in today's dollars and jobs were more plentiful. In Reply to R. Fenwick
Doug Marcum Oxford, Ohio 7h ago
"Defend forward?" A new entry in the Newspeak dictionary... We are partying like it's 1984.
B. Honest Puyallup WA 7h ago
@JohnW13 It bothers me the Most that Mr Bolton is in the line of command there, for some ungodly reason. He is the type that would have flown drones, himself, to do a false flag attack like that. That they were above waterline is telling. I wonder what Iran found when they took whatever it was that attached itself to that tanker. I am sure that will be interesting indeed. 9 Replies
Lawrence Linn Phoenix 4h ago
"Pentagon and intelligence officials described broad hesitation to go into detail with Mr. Trump about operations against Russia for concern over his reaction..." So the commander of United States Cyber Command, Gen. Paul M. Nakasone, decided to undertake an overt act of war and not tell his Commander in Chief because he thought he might disagree? If true, Trump should fire this guy tomorrow, if not court-martial him for insubordination.
AR San Francisco 8h ago
The Chinese! The Russians! They started it! Anyone who believes fairy tales from the Pentagon or Washington about this is a fool. Let's see at the end of the 'Cold War' Washington promised not expand NATO if the Russians et al handed over much of their nukes. They handed them over and Clinton, etc. marched NATO right up to the Russian border. George Kennan warned it was the greatest strategic error post WWII.

Who knows what nasty things Washington is really up to. Like the mysterious Venezuelan blackouts right at the height of their coup operation. Washington's unending saber-rattling and war mongering can never be trusted. What a horrifying thought that they would cut off heat and power to millions of Russian people in the winter. It will be ordinary people who pay the price on all sides.

Chris Rurally Isolated 1h ago
I have found that nobody listens to my critique of technology by which I state that 1) we no longer possess the skills that technology does for us, 2) our division of labor has become so extreme due to technological advancements that nobody really knows how to do anything but their one job, shopping and driving, and 3) should we lose power, we lose petroleum too, and without both we lose our society in just a few days. Food goes bad immediately, water pressure drops in cities precipitously, and people can't go to work, school or entertainment -- they can't do anything but wait for the power to come back on. But they don't wait, they loot, they attack, they scavenge, they make trouble. Anybody with a personal supply of food and water are targets. None of this is hyperbole or paranoia, yet those who make such slanders are driven by fearsome possibilities they NEVER want to face. Power outages would be akin to full-scale bombing of whole cities. The Defense Department knows this, but the citizenry does not.
Luca F Philadlphia 7h ago
Something's wrong with this article. A newspaper is telling the world that the US is messing around with Russia's power grid? Shouldn't this be super confidential? Basically now Russians are allowed to re tagliate in any way for what the USA is doing. What would be the reaction of the US if the situation was reversed? A bunch of blackouts in NYC, Chicago, San Francisco and the Russians saying "we did it"? Our military would bomb them right away!
Larry L Dallas, TX 8h ago
@Bruce1253, fragmented systems are inherently more resilient because one system going down does not mean everything else goes down. But having fragmented CONTROLS over INTERCONNECTED systems is more problematic. Lack of coordination will mean that if a problem occurs, there will be lack of oversight and will not be able to react quickly enough to contain the situation. As someone else also mentioned: old pre-Internet systems are actually far more secure because they are off the grid. Attempts by companies to make things more efficient (and profitable) actually makes them less secure. 9 Replies
polymath British Columbia 11h ago
"As Washington's strategy shifts to offense ..." What does the word "Washington" mean? It *used* to mean the U.S. gov't -- when it used to speak with more or less one voice. But it doesn't speak with one voice anymore. So, what does it mean now?
Bubba CA 2h ago
Here's the thing - if electricity goes out for any protracted time in the U.S., people will die. Many people, and quickly. The fragile veneer of social cohesion will be the first, and fatal, casualty.
dsbarclay Toronto 7h ago
If you are going to start covert operations that attack Russia's essential power grid, why brag about it? American geeks conducting cyber war can't keep a secret is one answer. Its certainly the wrong thing to do; it gives Putin more ammunition in his propaganda war against the West, and ensures he remain the 'savior' of mother Russia for the people.
HANK Newark, DE 8h ago
GREAT ! A military junta within the Trump regime...what could go wrong. I'm sure these attacks are devastating to Russian citizens, but how will it compare when the Russians are finally successful with similar attacks on us? They've already shown us what happens when they blow up and election.
Debbie Atlanta 6h ago
This brings to mind the devastating power outage in Venezuela recently. Maduro blamed the US for cyberattacking the grid. And others blamed the failing system itself. We may never know but the effects seen there are a sample of what could happen anywhere in the world with this new technology. https://www.forbes.com/sites/kalevleetaru/2019/03/09/could-venezuelas-power-outage-really-be-a-cyber-attack /
Lucy Cooke California 8h ago
@GV and, I suppose the way the game is played, Putin, and any other leader of a country who has suffered because of the US actions, and that list is long, should attach a price to our misdeeds. The word "price" always reminds me of Secretary of State Madeleine Albright saying, when asked about the deaths of 500,000 Iraqi children due to US sanctions, "The price was worth it". With the US has The Exceptional World Leader, the world may not survive in a livable state. We need more Nelson Mandelas and Mikhail Gorbachevs. GV, do you know much Russian history? Putin's misdeeds are so minor compared to the killing of hundreds of thousands and wrecking of countries by the US... Iraq, Afghanistan, Libya, Syria, Somalia 14 Replies
Vic Malen Offshore 2h ago
What is wrong with this law system? Open demand on attacking energy sources which could lead to casualties, property and environmental damage is an international criminal case and such officials must be investigated and charged immediately to avoid subsequent collateral effects.
Angelsea Maryland 4h ago
There is a real danger in deploying cyber-mines in adversary systems. All code can be broken and used in retaliation. Even so-called "encapsulated" code can be disassembled. STUXNET was disassembled and repurposed as ransom-ware. To be effective in Internet-connected systems, any attack-code must emulate "normal" behavior. To do this, publicly available programming code, such as, Java, Perl, etc., is used as components of the attack-code. Once the encapsulation of the code is broken, and it will be, the code can be reverse-engineered, defended against, and repurposed to use against us. CYBERCOM, tread lightly.
Socrates Downtown Verona. NJ 7h ago
@TMah Russian hackers are generally superior to American hackers. This won't end well. 9 Replies
markd michigan 8h ago
Is it just me or shouldn't this kind of program be, you know, black? Eyes only, top secret. The US would have a lot more to lose than Russia if we lost the East Coast for a few weeks. We don't stockpile transformers which are the backbones of the grid so if Russia overloaded a few thousand of them we'd be down for months. We shouldn't "overbound our steps" as Stan Laurel used to say. 1 Reply
Righty America 8h ago
@Bruce1253 exactly. We experienced the giant blackout of 2003. You really can't imagine how damaging this can be until you experience it. We lived somewhat near the interstate and hundreds of people had to pull off at our exit - they were low on gas, and there was no way to get gas. In the city, we know someone who was stuck in a subway under the East River for hours not even knowing what had happened, then had to crawl through dirty tunnels to get up to the streets. These are just the relatively minor things that happen in the first few hours. People were generally helpful, but I can't imagine that lasting over a few days. we don't need to be tested like this. We need to be protected. 9 Replies
Old Maywood Arlington, VA 8h ago
Think on this for just a bit... These authorities were delegated downwards and the plans are largely being kept from Trump because the military and other national security authorities don't trust him not to tell Russia about them. That's right, the military does not trust Trump not to tell Russia or "put Russia first." The good news is that as long as this story stays in the newspapers and not on TV, Trump will never know about it.
AR San Francisco 11h ago
Yes but is a useful narrative created by the Clinton campaign to justify their electoral debacle. It also serves as a useful tool to seek to deligitimize Trump (like the Republicans with Whitewater and 'birther' angles-- both parties equally rotten liars). What is most dangerous is the Democrats resurrection of McCarthyite and jingoistic denunciations of 'foreign' influences (like BLM), and calls for greater and greater censorship of the media and social media. While that seems attractive when applied to rightists, they are fools not to understand it will be enforced against the left first and foremost. In Reply to Dan K
Ed Watters San Francisco 2h ago
Yeah, and I'm pretty certain that Venezuela's accusations of US online attack on their power grid has merit.
sonnel Isla Vista, CA 7h ago
Oh great, American politicians who think power originates in the plug on the wall making decisions about things that neither their IQ nor their training allow them to understand. I can hear our President saying, "we just turned off power to the bad guys' houses and crime dens". Meanwhile, our top leaders will never report how many die in the hospitals or accidents that their messing with the power grids in other countries have caused. Just like... bombing Iraq. Collateral damage: out of sight, out of mind.
Marcus Aurelius Terra Incognita 11h ago
@Socrates As usual, the article read in its entirety tells a different story about what the President's involvement actually was and why presidential briefing wasn't required. "Mr. Trump issued new authorities to Cyber Command last summer, in a still-classified document known as National Security Presidential Memoranda 13, giving General Nakasone far more leeway to conduct offensive online operations without receiving presidential approval." And as to what the -- again, as usual, "anonymous") officials purportedly aside: "Because the new law defines the actions in cyberspace as akin to traditional military activity on the ground, in the air or at sea, no such briefing would be necessary, they added." In Reply to Mauichuck
Blank Venice 8h ago
@jrinsc Wisely our military and intelligence 'leaders' restrict information flow to Individual-1. He is very Kirkland Russian asset. Remember that he passed Top Secret information to Russians in the Oval Office as a Russian press entourage looked on. 16 Replies
A Goldstein Portland 8h ago
This is a new definition of war in the 21st century, cyber-war, and I suspect that most Americans, especially Trump supporters are nearly clueless about what is at stake. With Putin and other authoritarian rulers, we must put on display our capabilities in more than nuclear warheads and naval powers. I trust the U.S. intelligence agencies and military much more than the executive branch of government. This is not my preference but it reflects the unprecedented time in which we are living.
Frank Raleigh, NC 7h ago
From yesterdays article on US doing trying to start a war with Iran. That was regarding oil tankers that were attacked in the Gulf of Oman. Your editorial on that yesterday stated that we need to stay on top of this tanker violence because of: "American objectives in Syria, Iraq and elsewhere across the region." Those tankers are not American and the serial lying about the middle east and Russia and of course Venezuela are pathetic. All of this combined with climate change, world population growth and a news media that is only doing the "Manufacturing Consent" thing for the corporations including military industrial complex can only lead to world disaster. It is existential. Russia has been interfering with our military recently and that is another horrid example of why Donald Trump is the worst president we have ever had. A very dangerous man who surrounds himself with the most ignorant, hysterical, people who support the military industrial complex over anything else. Billions and billions of money is given to the military by the congress whenever they ask. We do not look for peace; we look to support the MIC at all costs and those COSTS ARE VERY, VERY HIGH AND GLOOMY. Attacking Russian power plants? Faking news for Venezuela and Iran? "American objectives in Syria, Iraq and elsewhere across the region?" Wake up folks. It's up to you; no one else can save us!
Susan Anderson Boston 8h ago
@jrinsc And, of course, Trump and Senate Republicans will reverse the freezing, as has been done in the past. 16 Replies
Raven Earth 2h ago
Imagine a world where one country tried to tell every other country in the world who to be friends with, who to trade with, who their rulers should be, what products they should buy and from whom, what laws they should pass, what meetings they should attend, how to live, etc, etc. And imagine this same world where the people who lived in this bully of a country thought they and their country had the God-given right to tell other people in other countries how to live. Sounds like some future dystopian hellscape, right? Surprise! It's not. This is 'Murica! in the 21st century on planet Earth.
Leslie Amherst 7h ago
How can we aggress in this manner and then be so indignant when it is done to us?? I hate this!! I don't want to be a citizen of a country that attacks others. I want peace! Defense is understandable; attack is not.
Aram Hollman Arlington, MA 2h ago
The newer and more digital a system is, the more vulnerable it is to hacking. The older and less digital it is, the less vulnerable. That probably makes us more vulnerable than Russia, but our somewhat obsolete infrastructure (the one we need to spend $1 trillion on) may be less vulnerable than expected due to its obsolescence. The inherent immorality of going after power plants, refineries, and other non-military targets is that the effects target civilians. The fact that one nation may have done so (Russia, to Ukraine's electricity during a winter) does not justify another nation doing the same.
J Denver 7h ago
This entire notification is a message for one person... Trump. This is the intelligence agencies using their newfound powers that lack White House oversight, to signal to the White House that the intelligence agencies are DEEP inside Russia's systems and that they will know if Trump shows up inside those systems during the next election cycle. They can't stop Russia from waging cyber war... and they can't stop Trump from welcoming help from or siding with Russia... but they can send a message that they will know if this administration "goes there"... again...
ebmem Memphis, TN 4h ago
@Stan Chaz MAD [mutual assured destruction] between Russia and the United States prevented nuclear devastation because both sides knew they couldn't win. We are in a different universe now. Russia, with its poor economy one fifth of the US is no longer a superpower, although it is rebuilding its network of client states [with some like Cuba and Venezuela dying on the vine, and other former satellites like Ukraine and Georgia resisting their reacquisition by Russia.] China is also a growing player, expanding its wealth an political and economic strength. Various quasi stateless terrorist groups can damage the US and not experience appropriate retaliation because they have no official governments or homelands to hold accountable. In Reply to Ron
LibertyLover California 8h ago
@David Henderson I would suggest going back and reading some of the material Edward Snowden revealed about the NSA. Those capabilities will be oriented toward this objective now rather than just conventional espionage. The expertise is second to none. For that matter, read the DOJ indictment of the 12 GRU officers who hacked the DNC. The amount of detail described there will make you understand their capabilities. It's as if they were in the room with them. 7 Replies
Bob M Whitestone, NY 7h ago
This is very concerning on why the Trump administration would disclose this to the public. What's their motive? More concerning is that Trump in his infinite wisdom had the idea of setting up a joint cyber security task force with none other than Russia. Weird.
Loyd Collins Laurens,SC 7h ago
@Telly55 And this from the article. Pentagon and intelligence officials described broad hesitation to go into detail with Mr. Trump about operations against Russia for concern over his reaction -- and the possibility that he might countermand it or discuss it with foreign officials, as he did in 2017 when he mentioned a sensitive operation in Syria to the Russian foreign minister. 4 Replies
WeHadAllBetterPayAttentionNow Southwest 11h ago
I am not so sure I believe much in this. Bragging about such a program would be counterproductive. Meanwhile, our Republican president and Senate continue to deny Russian interference in our elections and do nothing about it.
Chris San Francisco 7h ago
Anyone who thinks that our military is not constantly fighting our enemies doesn't know anything about the military. Some version of this kind of thing has been ongoing throughout history. They are very good at it, often the best in the world. That the US officials would reveal this information can be nothing but part of a strategy related to global objectives, including but not limited to Russia. The revelation itself can be considered a kind of weapon, though, of course, the general public is not privy to it's purpose. I trust the competence of our military almost completely, but I do not trust their ability to set national policy. They control some enormous hammers, and there are many things in the world that could look like a nail. The erosion of civilian oversight described in this article is terrifying. Unfortunately we're all getting used to that.
Dan K Louisville, CO 11h ago
@C.O. I would suggest that you read the Mueller Report. In Reply to Dan K
stan continople brooklyn 8h ago
If I was Russia, I'd demonstrate my prowess by making the NYC subway system run on time. That would cause absolute panic.
chambolle Bainbridge Island 7h ago
All of which begs the question, why on earth do we spend about $750 billion a year on military hardware and personnel, when our adversaries have learned to do as much damage as they want without firing a shell, torpedo or missile? And, it would appear -- and one would hope -- so can we. It cost Russia next to nothing to commence the unraveling of America's political system - a few hackers sitting in cubicles, each with a laptop and an internet connection accomplished that, with the help of Fox News, facebook, instagram, you tube and, above all, an uneducated, bible-thumping American populace uninterested in facts and seemingly incapable of rational thought.
Mike LaFleur Minneapolis, MN 7h ago
To whom it may concern: This article would be far more credible if it listed the names of the companies that make and sell the vulnerable power plant operating systems, transmission line management systems, and the power distribution systems. Which systems are vulnerable? Emerson's? ABB's? Siemens? Who's switch gear is vulnerable? Are they infiltrating the operating systems, the sensors, communications, the actuators, or maybe even the metering? Even the US electric grid is, for the most part, very unsophisticated. Grid operators have very limited visibility into what is happening on the grid. In most of the US, when there is a power outage, linemen are dispatched in trucks to visually look for downed wires with their eyes!!! No computers needed. Combine the fact that Trump shows no interest in fighting election interference with the improbability of vast penetration into the electric grid and all you have left is a paper tiger named John Bolton. This article is likely fake news. Mike
dominic KL 7h ago
I don't quite understand this, if US know that Russia is illegally hacking in to US power grids you either remove the malware or lodge a complaint with with the UN or whatever international authorities involved. If you hack back then you are no better then Russia.
Stuart Alaska 8h ago
@tim k If there was no such thing as global warming your point would be a cogent one. Unfortunately, we can't ignore that fact. 14 Replies
george coastline 7h ago
HOW TO WIN AN ELECTION WITHOUT STEALING ANY EMAILS 1 Restrict early voting in key swing states 2 Pass laws discouraging absentee ballots in those same states 3 On election day, turn off the power in the core of every large city where democrats usually win by large margins, heavily suppressing turnout 4 Count the ballots: Trump wins the state and is re-elected President.
HonorB14U Michigan 7h ago
America decides our wins and losses; not Russia! We decide how much we lose and what success we win on.
Michael Feeley Honolulu 4h ago
Maybe we could do something really useful and sabotage Facebook and Twitter. Now there's an idea that would improve the quality of life.
Michael Tyndall San Francisco 11h ago
My concern with US cyber warfare is the possibility the same code is turned around and used against us or our allies (I think we still have those outside outside our favored Sunni and right wing autocracies). The possibility of boomerang cyber mischief isn't confined to governments either. Remember the stolen NSA hacking tools that ended up on the dark web? Those have been turned against municipal governments and individuals in the form of ransom ware. Perhaps we can limit such risks by forming the most sophisticated cyber weapons as binary tools. Ones where the full capability isn't effective without two secret parts, only one part of which is installed in an adversary's infrastructure. But once fully deployed, there's still the risk the weapon is identified, preserved, and later redeployed against us. I think there are also ways for our adversaries to guard against erasure protocols within cyber weapons. Lastly, we still don't know if our president is a Russian asset. Maybe he just really likes murderous kleptocrats and autocrats like Putin, Kim, MBS, MBZ, and Duterte. Maybe he just has to talk privately with no one else from our side listening. Either way, none of our current top secrets or foreign intelligence assets may be safe while he's in office, or even after he leaves (unless he's in jail).
B. Honest Puyallup WA 8h ago
@maureen f. Israel released Stuxnet, just a minor correction there. That is actually more problem than had we done it, Israel is more unstable than we are, and that says something. In Reply to B. Honest
Jim Georgia 6h ago
What was published here is not classified and if you read the article, you will know that administration officials had no problem with the publication of this work. Assange, on the other hand, definitely published stolen classified information and may have solicited and facilitated its acquisition -- a crime. In Reply to Jim
Alex E elmont, ny 7h ago
I thought that Trump is a stooge of Putin, so, he won't take any action against Russia. This is the misinformation NY Times and other fake news have been telling Americans and the world. Now by releasing this classified information they are jeopardizing American National security. No wonder they are called enemies of the people. 2 Replies
Andy Salt Lake City, Utah 7h ago
Escalating attacks? Or informing Russia of their weaknesses? Cyber assault is inherently centered around stealth. Sounds to me like Trump is intentionally tipping our hand. A submarine isn't much use if you teach your enemy how to find it. The description presented here more closely resembles a joint exercise. However, the US is the only one providing intelligence. Surprise, surprise. Unilaterally providing intelligence to Putin no less.
J Darby Woodinville, WA 7h ago
Good news, I hope we're hitting the cyber bullies as hard or harder than they're hitting us. And it's wise to let trump in on as little as possible.
pb calif 8h ago
This sounds like a coverup story for Trump and the GOP. If it were true, it would have been classified. Gimme a break! Vote them out!
Jomo San Diego 8h ago
Just think what will happen when Russia plants malware into all our self-driving cars.
Mark Conway Naples FL 4h ago
I don't understand why Trump allows such threatening behavior toward one of his closest allies. Isn't he in control of his own government?
Frank Seattle 6h ago
US taxpayers still paying for government officials to create new malware that will eventually be turned against US taxpayers. Thanks "public servants".
Mary Lake Worth FL 7h ago
@M Trump has made unpresented changes much like a fascist dictator, which he wants to be. It's just a wing and a prayer that our government hasn't ceased to function effectively, due to long-standing norms and those who would resist his worst impulses. All Russia would need is another cosy private meeting with Trump to have him bragging about this new secret weapon to deliver all this for Comrad Putin to use on us. Flattery is the way to his heart and there goes everything that should be kept under wraps for security. 8 Replies
md green Topanga, Ca. 8h ago
@GV Couldn't agree more! And it would make the Straits of Hormuz attach a much different issue. What's it going to take to get this oil addicted country to switch to renewables? I guess we'll find out. 14 Replies
Rebel in Disguise TO, Canada 8h ago
This doesn't bode well for Putin's next job performance appraisal of the POTUS he worked so hard to put into power. Trump's been kept in the dark by Americans who aren't subservient to Putin.
New World NYC 8h ago
I keep 14 days worth of water, food, and candles in my apt. I live on the 12th floor and twice a week I use the stairs to get up to my apt. I also keep a shotgun and cash
David Oak Lawn 4h ago
You see how Donald Trump's Iran claims were eaten up by the mainstream media. Now you see how Trump is playing both sides. He claims he wants to be lenient with Russia (which is a fool's errand) but his administration is getting tougher with Russia. Trump is easy to manipulate because he is so beholden to so many interests. Sorry to say it, but this makes him an attractive candidate to powerful interests.
Tim Nelson Seattle 8h ago
The best defense is a good offense, and a vital part of this American offensive capability is to keep the details out of the hands of this president. I have long waited to hear of how we are actively and effectively responding to Russian aggression, but in this age of Trump I have feared his ability to undermine any steps on our part. Of course he is beholden to the regime that got him elected. It is essential to counter the aggression of authoritarian regimes like Putin's and just as important to rid America in 2020 of the authoritarian menace that is Donald Trump.
TTC USA 2h ago
I thought America was the country that always played by the rules, and we're upset because we've been taken advantage of for too long. But apparently we're attacking another nation's power grid. Hypocrites we are. It's better if we're just honest with ourselves. Admit that we spin facts to feed our narrative, to justify the damage we cause to other nations. Next nation to justify going to war with? China. Cause only we can be #1.
uga muga miami fl 4h ago
Finally something presidential about Trump. They say there's a lot of symbolism to the presidency and this piece reflects an instance where he's president in name only.
K. H. Boston 8h ago
GOOD! About time we started punching back. Russia is mistaken if it thinks it can wantonly interfere in other countries (Salisbury, 2016, etc.) without repercussion. Good job boys.
Duane McPherson Groveland, NY 7h ago
Well, if the US decides to engage in some covert cyber-warfare then we should be safe, because the NSA has some really powerful hacking tools. So I'm sleeping easy tonight. Oh, wait, you say those tools got misplaced and lost? Never mind then, just buy some candles for light and a Coleman stove to cook on. You'll be fine; it'll be fun, just like camping out. In your own kitchen.
T OC 4h ago
It is time to go on the offensive in this Cold War. We've been on the losing defensive side of this way too long.
shiningstars122 CT 11h ago
Its obvious that we need to protect our online infrastructure in ways we have never done before, which a majority of the US economy uses. If this is not the case I get nervous if we start kicking the hornets next and we are not fully prepared for the response. As a consumer I am very wary of buying and using " smart" products in my home. It is obvious that the private sector has not even fortified their own firewalls to protect themselves. Do you think that Alexsa or that new refrigerator will have the level of encryption and protection guess against even the most basic cyber attack. I think a parallel approach is to fortify our own network in ways that have not occurred before, but sadly too much of these illegal breaches are based on human error and when it comes to that one you will never be fully secure. It is clear the rules of engagement for cyber warfare need to be discussed and treaties need to be put in play to protect civilians, who sadly in warfare always pay the highest prices when our maligned leaders, like the one currently holding office, go off the deep end.
Easy Goer Louisiana 8h ago
@Bruce1253 Agree. However, imagine your life without any power, for good? Everyone involved, whether they be American, Russian, Chinese, Korean, etc. is playing a deadly chess game, and humanity are the pawns. 9 Replies
steve CT 7h ago
So now we are going to attack other countries power grids , to hurt citizens like it seems we did to Venezuela to try and install our puppet Gaido, because we want to control their oil the largest in the world. We did not like their election of President Maduro so we tried to overthrow him because he wasn't willing to be controlled, like the 73% of dictators around the world that are our allies that we sell arms too. We have never cared about other countries elections, I also wonder if our elections are rigged, with our electronic machines supplied by questionable corporations. Now we are blaming the Russian government for what a troll farm company did in Russia buying election ads for clickbait so they could profit. This sounds like the 1950's red scare. Russia should be our friend just like Iran, except we ally with countries like Saudi Arabia the largest financier of terrorist groups like Al Qaeda and that spreads Wahhabism. This is all so our Military Industrial Complex can profit needing ever larger weapons systems. Peace is not profitable it seems for our Oligarchy.
Robert Richardson Halifax June 15
If the US is openly pursuing this course, and succeeds, I would expect Putin to hit back in kind, by shutting down the power grids of America's less prepared allies. Like Canada, where our aging power grid is already struggling, without being attacked. 1 Reply
PE Seattle 11h ago
I'm not sure we want to perpetuate this tactic as fair game in war. Do we want our power grid hacked? This puts regular people at risk of have no electricity, no heat, no AC. Our war is not with regular people. Our war is with oligarchs.
Marc Chicago 7h ago
"Under the law, those actions [cyber espionage against U.S. adversaries] can now be authorized by the defense secretary without special presidential approval." Because Donny would pick up the phone to tattle to his BFF Vlad.
New World NYC 4h ago
One day we're all gonna wake up and look at our bank statements, 401Ks and our Etrade accounts and see a $0.00 balance. Then what ?
stefanie santa fe nm 7h ago
I thought the stable genius did not reveal what he was doing in terms of attacking another country. And if his good bro, Putin, said nothing was going on, why is the US attacking Russia? (sarcasm).
John Grillo Edgewater, MD 8h ago
What an absurd, clearly unprecedented, and highly dangerous state this country is in when the Commander-in-Chief, as reported herein, cannot be trusted by our own military and intelligence leaders with probably compartmentalized, top secret classified information about our cyber warfare capabilities and plans against Russia for fear that he could very well compromise the operation. Isn't this yet another reason why Trump should be removed from office by impeachment? What his own Administration's national security people are saying is that their leader cannot be trusted with the most sensitive information held by the government. If this Fake President is a threat to the nation on a scale of that profound magnitude, he cannot and must not be allowed to remain in office. Congress, are you listening???
C. Gregory California 2h ago
"Two administration officials said they believed Mr. Trump had not been briefed in any detail..." Um, isn't it normal procedure to brief the president of the United States about major changes in military strategy like this? I mean, the president is supposedly "commander in chief." How about Congress, or at least the relevant Congressional committees? Are they being kept in the loop? Or are Bolton and Co. just winging it on their own? If so, that's quite disturbing.
rjh NY 4h ago
So if a Russian nuclear plant has a meltdown or other catastrophe, will they be justified in wondering if the US caused it? Also, the malware against Iran spread to other countries even thought that was not intended to do so.
saucier Pittsburgh 7h ago
Wasn't their just an excellent show on HBO that shows what happens when you mess with controlling power? No, not Game of Thrones. Chernobyl. Nuclear comprises 20% of Russia's electricity generation. Do we really want our fingerprints all over the crime scene should something go wrong? Can't we mess with computer controlled vodka distillation instead?
Norman McDougall Canada 8h ago
Let me understand this. The same USA that is outraged by Russian election hacking is simultaneously conducting cyber-attacks on Russian infrastructure? This situation would be merely ironic if it weren't so callously hypocritical.
just Robert North Carolina 8h ago
It would be nice to think that the self proclaimed 'genius Trump knows something about the cyber war we are fighting or at least trust the experts on the front lines of this war. As it is he looks into Putin's eyes and declares him without sin and denies that Russia used cyber space to hack our 2016 elections and even declares that this information can be used to help his campaign. He prevaricates a little, but we heard you the first time, Mr.Trump. Our intelligence agencies may be planting these bugs in the Russian electric grid, but what we need is a leader who has the intelligence and wisdom to guide its use.
larry dc 8h ago
So CyberCommand doesn't brief the President because (1) they don't think the law requires them to do so, (2) and they don't trust him with important information? This is deeply disturbing on multiple fronts.
Larry L Dallas, TX 7h ago
@Barbara, in the past, before urbanism, it was possible to survive because you could live off the land. This is not a possibility in the middle of NYC, DC or SF. 9 Replies
joshbarnes Honolulu, HI 8h ago
It will all end in tears, I know it.

[May 22, 2019] Israel hacking the world

May 22, 2019 | www.unz.com

Republic , says: Next New Comment May 22, 2019 at 3:40 pm GMT

@Sean McBride

https://www.youtube.com/embed/5VGpWl56ZF0?feature=oembed

Israel hacking the world

[Apr 24, 2019] Viable Opposition Iran and the CIA's Worst Nightmare

Apr 24, 2019 | viableopposition.blogspot.com

Monday, April 22, 2019 Iran and the CIA's Worst Nightmare While the world was distracted by all things Mueller, there was a significant news event that took place in Iran.
Here is the news item as reported by Iran's Presstv:

Note that the news item refers to a November 2018 report on Yahoo which you can find here :

Let's look at some some key details from Yahoo's lengthy article:
"From around 2009 to 2013, the U.S. intelligence community experienced crippling intelligence failures related to the secret internet-based communications system, a key means for remote messaging between CIA officers and their sources on the ground worldwide. The previously unreported global problem originated in Iran and spiderwebbed to other countries, and was left unrepaired -- despite warnings about what was happening -- until more than two dozen sources died in China in 2011 and 2012 as a result, according to 11 former intelligence and national security officials.
The disaster ensnared every corner of the national security bureaucracy -- from multiple intelligence agencies, congressional intelligence committees and independent contractors to internal government watchdogs -- forcing a slow-moving, complex government machine to grapple with the deadly dangers of emerging technologies....
A former senior intelligence official with direct knowledge of the compromise said it had global implications for the CIA. "You start thinking twice about people, from China to Russia to Iran to North Korea," said the former official. The CIA was worried about its network "totally unwinding worldwide."
Yahoo News' reporting on this global communications failure is based on conversations with eleven former U.S. intelligence and government officials directly familiar with the matter who requested anonymity to discuss sensitive operations. Multiple former intelligence officials said that the damage from the potential global compromise was serious -- even catastrophic -- and will persist for years.
More than just a question of a single failure, the fiasco illustrates a breakdown that was never properly addressed. The government's inability to address the communication system's insecurities until after sources were rolled up in China was disastrous. "We're still dealing with the fallout," said one former national security official. "Dozens of people around the world were killed because of this." " (my bolds)
In September 2009, the Obama Administration announced that Iran had a secret underground nuclear enrichment facility near the holy city of Qom. This facility was located in an underground tunnel complex on the grounds of an Islamic Revolutionary Guards Corps base and was slated to enrich uranium in 2874 centrifuges . Here is how the Guardian reported the news:

The letter from Iran stated that the facility would not enrich uranium beyond the 5 percent level. On the eve of a showdown meeting with Iran, Barack Obama demanded that the IAEA be given access to the plant, stating that Iran was breaking the rules and not living up to its international responsibilities.
This breach of secrecy resulted in the Iranians looking for foreign spies that may have passed the information to the West. Unfortunately for the CIA, the communication system being used to communicate with its agents was flawed and was easily breached by the sophisticated counterintelligence technology being used by other nations. As a result of this negligence, Iran was able to identify and dismantle a CIA network in Iran, arresting a significant number of intelligence officers and CIA assets in May and November 2011 as shown here :

....and here :

According to two former U.S. intelligences officials, the Iranians recruited a double agent who led them to the CIA communications system. This system allowed CIA officers to communicate remotely in dangerous operational environments like Iran where person-to-person meetings are risky. Interestingly, it is believed that the Iranians used Google to identify the website that the CIA was using to communicate with its agents. From there, Iran's intelligence services searched the internet for other websites with similar components, eventually allowing them to locate other secret CIA websites. From there, Iran was able to track who was visiting these websites, allowing them to unravel the CIA's network.
What is ironic about this (and particularly so given the intelligence community issues that were raised after the September 11, 2001 attacks) is that John Reidy, a contractor at the CIA, advised his employer in 2009 - 2010 that there were potential serious security weaknesses in the CIA's communications network. For this, he was punished by being fired, resulting in his appeal to the intelligence community inspector general as shown here :


Ultimately, this breach of security discovered by the Iranians led to the execution and imprisonment of some of the CIA's informants and forced the CIA to exfiltrate others.
Let's close by looking at one last quote from the Presstv's coverage of the most recent revelations about the CIA's global intelligence network:
' Iran's intelligence minister specifically highlighted a quote from American national security analyst Irvin McCullough, who described the major American intelligence setback as "one of the most catastrophic intelligence failures" since the September 11 attacks in 2001. Alavi said that further details of the operations would be publicized soon, adding that a similar successful counter-espionage operation had been carried out against Britain's MI6 intelligence service.
The Iranian minister added that the breakthrough comes as his ministry has shifted from focusing on defensive operations to conducting offensive counter-intelligence operations, some of which had even "expanded deep" into Israel.
Iran has been successful in protecting itself from the spillover of terrorism and foreign-backed conflict -- constant features of life in a number of regional countries -- due to high vigilance by its intelligence and security forces." (my bolds)
It is unfortunate that the Central Intelligence Agency seems incapable of learning from its past mistakes.
Posted by A Political Junkie at 8:30 AM Labels: CIA , Iran , United States 1 comment:

  1. jrkrideau April 22, 2019 at 5:14 PM

    Why would the Obama administration announce that Iran had a secret underground nuclear enrichment facility near the holy city of Qom without at least extracting any agents involved?

    This is a horrible level of incompetence. Has no one in the CIA ever read about Enigma and how it was used in WWII? Added to by not totally killing the system immediately.

[Apr 15, 2019] We have confirmation of" Obama's administration supporting, not fighting terrorism, Patrushev explained. Changing this policy is essential for improving Russian/US relations.

Apr 15, 2019 | www.zerohedge.com

Justin Case , 50 minutes ago link

Washington recklessly accuses Russia and China of hacking while providing no evidence backing its claims.

At the same time, it's silent about most Internet servers located in America, facilitating its espionage, including hacking to obtain unauthorized data. Washington rules mandate doing what "we" say, not what "we" do.

Russian Security Council secretary explained the problem, saying "(w)e have been fixing growing attempts from external forces to damage Russian information systems. Those are cases of hacking, and also unauthorized collection of data."

"This is done with active involvement of global operators and providers, and the methods used are constantly evolving."

"For example, the Obama administration groundlessly accuses Russia of hacking attacks, deliberately ignoring the fact that most Internet servers are located inside the US, and are used by Washington for spying and other purposes aimed at protecting that country's dominant position in the world."

Patrushev hopes Trump will change things responsibly, Moscow and Washington cooperating in combating terrorism instead of pursuing opposite objectives for so long.

"We have confirmation of" Obama's administration supporting, not fighting terrorism, Patrushev explained. Changing this policy is essential for improving Russian/US relations.

If Trump governs responsibly, Moscow welcomes an ally in counterterrorism activities, information security, trade and other areas of mutual interest.

If Trump wants improved ties, "we will be ready to resume full-format consultations with US partners of the Russian Security Council," Patrushev explained.

"The Obama administration sought domina(nce) (internationally, its policies amounting to) reckless schemes."

"Unfriendly actions (violating) international law resulted in a frenzy of terrorism (causing) humanitarian disasters in certain states and regions."

Does Trump intend changing things or continuing Obama's reckless agenda? Will he wage endless wars or responsibly work with Russia and other nations in resolving ongoing ones?

Aussiestirrer , 1 hour ago link

The headline sums up western hypocricy aptly

Justin Case , 50 minutes ago link

Exactly. " keep democracy safe" while supporting the erection of a Gov't by coup for Venezuelans. He's talking out of both sides of his mouth the hypocrite.

Russian interference in elections. LOL

pinkfloyd , 44 minutes ago link

you said erection...tee hee,

Fluff The Cat , 1 hour ago link

Wait, let me guess... another pro-Zionist sell-out harping on about how evil Russia is. Am I right?

[Jan 29, 2019] US steps up offensive against China with more "hacking charges" by Mike Head

Notable quotes:
"... Washington Post ..."
"... Sections of the Chinese regime responded belligerently to the accusations. An editorial in the state-owned Global Times ..."
"... The editorial asked: "Assuming China is so powerful that it has stolen technological information for over a decade that is supposedly worth over a trillion in intellectual property, as the US has indicated, then how is it that China still lags behind the US in so many fields, from chips to electric vehicles, and even aviation engines?" ..."
Dec 21, 2018 | www.wsws.org

Further escalating its economic and strategic offensive to block China from ever challenging its post-World War II hegemony, the US government yesterday unveiled its fifth set of economic espionage charges against Chinese individuals since September.

As part of an internationally-coordinated operation, the US Justice Department on Thursday published indictments of two Chinese men who had allegedly accessed confidential commercial data from US government agencies and corporate computers in 12 countries for more than a decade.

The announcement represents a major intensification of the US ruling class's confrontation against China, amid a constant build-up of unsubstantiated allegations against Beijing by both the Republican and Democrat wings of Washington's political establishment.

Via salacious allegations of "hacking" on a "vast scale," every effort is being made by the ruling elite and its media mouthpieces to whip up anti-China hysteria.

The indictment's release was clearly politically timed. It was accompanied by a global campaign by the US and its allies, accusing the Chinese government of an illegal cyber theft operation to damage their economies and supplant the US as the world's "leading superpower."

US Secretary of State Mike Pompeo and Homeland Security Secretary Kirstjen Nielsen immediately issued a statement accusing China of directing "a very real threat to the economic competitiveness of companies in the United States and around the globe."

Within hours, US allies around the world put out matching statements, joined by declarations of confected alarm by their own cyber-warfare and hacking agencies.

The Washington Post called it "an unprecedented mass effort to call out China for its alleged malign acts." The coordination "represents a growing consensus that Beijing is flouting international norms in its bid to become the world's predominant economic and technological power."

The Australian government, the closest ally of the US in the Indo-Pacific region, was in the forefront. Foreign Affairs Minister Marise Payne and Home Affairs Minister Peter Dutton explicitly accused the Chinese government and its Ministry of State Security (MSS) of being responsible for "a global campaign of cyber-enabled commercial intellectual property theft."

Geoffrey Berman, the US attorney for the Southern District of New York, called the Chinese cyber campaign "shocking and outrageous." Such pronouncements, quickly emblazoned in media headlines around the world, destroy any possibility of anything resembling a fair trial if the two men, named as Zhu Hua and Zhang Shilong, are ever detained by US agencies and brought before a court.

The charges themselves are vaguely defined. Federal prosecutors in Manhattan accused the men of conspiracy to commit computer intrusions, wire fraud and aggravated identity theft. Zhu and Zhang acted "in association with" the MSS, as part of a hacking squad supposedly named "APT1o" or "Stone Panda," the indictment said.

FBI Director Christopher Wray called a news conference to issue another inflammatory statement against China. Pointing to the real motivations behind the indictments, he declared: "China's goal, simply put, is to replace the US as the world's leading superpower, and they're using illegal methods to get there."

Coming from the head of the US internal intelligence agency, this further indicates the kinds of discussions and planning underway within the highest echelons of the US political and military-intelligence apparatus to prepare the country, ideologically and militarily, for war against China.

Washington is determined to block President Xi Jinping's "Made in China 2025" program that aims to ensure China is globally competitive in hi-tech sectors such as robotics and chip manufacture, as well as Beijing's massive infrastructure plans, known as the Belt and Road Initiative, to link China with Europe across Eurasia.

The US ruling class regards these Chinese ambitions as existential threats because, if successful, they would undermine the strategic position of US imperialism globally, and the economic dominance of key American corporations.

Yesterday's announcement seemed timed to fuel tensions between Washington and Beijing, after the unprecedented December 1 arrest of Meng Wanzhou, the chief financial officer of Chinese telecommunications giant Huawei, in Canada at the request of the US.

Last weekend, US Vice President Mike Pence again accused China of "intellectual property theft." These provocations came just weeks after the US and Chinese administrations agreed to talks aimed at resolving the tariff and trade war launched by US President Donald Trump.

The Trump administration is demanding structural changes to China's state-led economic model, greater Chinese purchases of American farm and industrial products and a halt to "coercive" joint-venture licensing terms. These demands would severely undermine the "Made in China 2025" program.

Since September, US authorities have brought forward five sets of espionage allegations. In late October, the Justice Department unsealed charges against 10 alleged Chinese spies accused of conspiring to steal sensitive commercial secrets from US and European companies.

Earlier in October, the US government disclosed another unprecedented operation, designed to produce a show trial in America. It revealed that a Chinese citizen, accused of being an intelligence official, had been arrested in Belgium and extradited on charges of conspiring to commit "economic espionage" and steal trade secrets.

The extradition was announced days after the Pentagon released a 146-page document, titled "Assessing and Strengthening the Manufacturing and Defense Industrial Base and Supply Chain Resiliency of the United States," which made clear Washington is preparing for a total war effort against both China and Russia.

Trump, Pence and Wray then all declared China to be the greatest threat to America's economic and military security. Trump accused China of interfering in the US mid-term elections in a bid to remove him from office. In a speech, Pence said Beijing was directing "its bureaucrats and businesses to obtain American intellectual property -- the foundation of our economic leadership -- by any means necessary."

Whatever the truth of the spying allegations against Chinese citizens -- and that cannot be assumed -- any such operations would hardly compare with the massive global intrigue, hacking, regime-change and military operations directed by the US agencies, including the National Security Agency (NSA) and its "Five Eyes" partners.

These have been exposed thoroughly by NSA whistleblower Edward Snowden and WikiLeaks founder Julian Assange. Leaked documents published by WikiLeaks revealed that the CIA has developed "more than a thousand hacking systems, trojans, viruses and other 'weaponized' malware," allowing it to seize control of devices, including Apple iPhones, Google's Android operating system, devices running Microsoft Windows, smart TVs and possibly the control of cars and trucks.

In an attempt to broaden its offensive against China, the US government said that along with the US and its Five Eyes partners, such as Britain, Canada and Australia, the countries targeted by the alleged Chinese plot included France, Germany, Japan, Sweden and Switzerland.

Chinese hackers allegedly penetrated managed services providers (MSPs) that provide cybersecurity and information technology services to government agencies and major firms. Finance, telecommunications, consumer electronics and medical companies were among those said to be targeted, along with military and US National Aeronautics and Space Administration laboratories.

Sections of the Chinese regime responded belligerently to the accusations. An editorial in the state-owned Global Times branded them "hysterical" and a warning sign of a "comprehensive" US attack on China.

The editorial asked: "Assuming China is so powerful that it has stolen technological information for over a decade that is supposedly worth over a trillion in intellectual property, as the US has indicated, then how is it that China still lags behind the US in so many fields, from chips to electric vehicles, and even aviation engines?"

The Global Times declared that "instead of adhering to a low-profile strategy, China must face these provocations and do more to safeguard national interests."

The promotion of Chinese economic and militarist nationalism by a mouthpiece of the Beijing regime is just as reactionary as the nationalist xenophobia being stoked by the ruling elite of American imperialism and its allies. The answer to the evermore open danger of war is a unified struggle by the international working class to end the outmoded capitalist profit system and nation-state divisions and establish a socialist society.

Ron Ruggieri13 hours ago

ANY rational person would think : a nation like USA TODAY which can name a different ENEMY every other week is clearly SICK, led by sociopaths. China ? Russia, Iran, North Korea ? Venezuela ? ( all fail to live up to the high moral standards of " OUR democracy " ?)
How are any of these countries a greater threat to YOU than the local Democratic or Republican party hacks ?
If YOU think that so many people hate you , would it not make sense to ask if there is perhaps something wrong with YOU ?
Lidiya17 hours ago
Imperialism means wars, as usual, Lenin was right in his polemics against Kautsky.

[Dec 21, 2018] China national charged with stealing trade secrets by David Shepardson and Makini Brice

Dec 21, 2018 | finance.yahoo.com

The U.S. Justice Department said on Friday a Chinese national had been arrested for stealing trade secrets from a U.S.-based petroleum company, his employer, related to a product worth more than $1 billion.

The department alleged Hongjin Tan downloaded hundreds of files related to the manufacture of a "research and development downstream energy market product," which he planned to use to benefit a company in China that had offered him a job. He was arrested on Thursday in Oklahoma and will next appear in court on Wednesday, the department said.

Tan's LinkedIn page said he has worked as a staff scientist for Phillips 66 (PSX.N) in Bartlesville, Oklahoma, since May 2017.

Phillips 66 said in a statement it was cooperating with the Federal Bureau of Investigation in a probe involving a "former employee at our Bartlesville location," but declined to comment further.

An FBI affidavit said Phillips 66 called the agency last week to report the theft of trade secrets and Tan told a former co-worker he was leaving to return to China.

The FBI found on Tan's laptop an employment agreement from a Chinese company that has developed production lines for lithium ion battery materials.

Tan accessed files for marketing the trade secret "in cell phone and lithium-based battery systems," the FBI said. Phillips 66 said it has one of two refineries in the world that manufacture the unspecified product.

Tan was responsible for research and development of the U.S. company's battery programme and developing battery technologies using its proprietary processes. Phillips 66 told the FBI it had earned an estimated $1.4 billion to $1.8 billion from the unspecified technology.

[Dec 15, 2018] Pwnie Awards

Dec 15, 2018 | pwnies.com

Lifetime Achievement Award

Most hackers have the personality of a supermodel who does discrete mathematics for fun. Like mathematicians, hackers get off on solving very obscure and difficult to even explain problems. Like models, hackers wear a lot of black, think they are more famous than they are, and their career effectively ends at age 30. Either way, upon entering one's third decade, it is time to put down the disassembler and consider a relaxing job in management.

[Sep 04, 2018] The USA intelligence agencies push for elimination of Microsoft software in Russia and China

As soon as some idiot declare intention to prevail in cyberwarefare, the chances for Microsoft to survive in Rusia drop. the same is true about level of usage of Google, Facebook and other social sites controlled by the USA.
Sep 04, 2018 | nationalinterest.org
Prevailing in Today's Cyber Battlefield Requires Strategic Consensus

Eisenhower's Solarium Commission on the Soviet threat provides the best model to follow today.

by Annie Fixler Follow @afixler on Twitter L Tyler Stapleton Follow @Ty_D_Stapleton on Twitter L ,

In 1953, the United States stood at a precipice. After the death that year of Soviet strongman Joseph Stalin, senior U.S. cabinet officials could not agree on how to contain and confront Soviet expansion and aggression. So President Eisenhower devised an exercise to " analyze competing national strategies " to check the Soviets where possible and roll back their advances where feasible. The White House convened three teams of leading scholars and practitioners to analyze and craft distinct strategies so that the president could review the strongest arguments, reach consensus among his advisors, and determine the direction of U.S. policy. The exercise, Project Solarium , influenced U.S. national security policy for decades.

Sixty-five years later, this project is serving as the template for addressing a new challenge. The President this month signed the John S. McCain National Defense Authorization Act for Fiscal Year 2019 which created the Cyberspace Solarium Commission to forge consensus in the face of new and diverse threats in the cyber domain.

[Aug 29, 2018] How the Department of Homeland Security Created a Deceptive Tale of Russia Hacking US Voter Sites

Notable quotes:
"... Special to Consortium News ..."
"... The Wall Street Journal ..."
"... The Washington Post. ..."
"... Manufactured Crisis: The Untold Story of the Iran Nuclear Scare ..."
"... If you valued this original article, please consider making a donation to Consortium News so we can bring you more stories like this one. ..."
Aug 29, 2018 | consortiumnews.com

August 28, 2018 • 9 Comments

Save

The narrative about Russian cyberattacks on American election infrastructure is a self-interested abuse of power by DHS based on distortion of evidence, writes Gareth Porter.

By Gareth Porter
Special to Consortium News

The narrative of Russian intelligence attacking state and local election boards and threatening the integrity of U.S. elections has achieved near-universal acceptance by media and political elites. And now it has been accepted by the Trump administration's intelligence chief, Dan Coats , as well.

But the real story behind that narrative, recounted here for the first time, reveals that the Department of Homeland Security (DHS) created and nurtured an account that was grossly and deliberately deceptive.

DHS compiled an intelligence report suggesting hackers linked to the Russian government could have targeted voter-related websites in many states and then leaked a sensational story of Russian attacks on those sites without the qualifications that would have revealed a different story. When state election officials began asking questions, they discovered that the DHS claims were false and, in at least one case, laughable.

The National Security Agency and special counsel Robert Mueller's investigating team have also claimed evidence that Russian military intelligence was behind election infrastructure hacking, but on closer examination, those claims turn out to be speculative and misleading as well. Mueller's indictment of 12 GRU military intelligence officers does not cite any violations of U.S. election laws though it claims Russia interfered with the 2016 election.

A Sensational Story

On Sept. 29, 2016, a few weeks after the hacking of election-related websites in Illinois and Arizona, ABC News carried a sensational headline: "Russian Hackers Targeted Nearly Half of States' Voter Registration Systems, Successfully Infiltrated 4." The story itself reported that "more than 20 state election systems" had been hacked, and four states had been "breached" by hackers suspected of working for the Russian government. The story cited only sources "knowledgeable" about the matter, indicating that those who were pushing the story were eager to hide the institutional origins of the information.

(Erik Hersman/CC BY 2.0)

Behind that sensational story was a federal agency seeking to establish its leadership within the national security state apparatus on cybersecurity, despite its limited resources for such responsibility. In late summer and fall 2016, the Department of Homeland Security was maneuvering politically to designate state and local voter registration databases and voting systems as "critical infrastructure." Such a designation would make voter-related networks and websites under the protection a "priority sub-sector" in the DHS "National Infrastructure Protection Plan, which already included 16 such sub-sectors.

DHS Secretary Jeh Johnson and other senior DHS officials consulted with many state election officials in the hope of getting their approval for such a designation. Meanwhile, the DHS was finishing an intelligence report that would both highlight the Russian threat to U.S. election infrastructure and the role DHS could play in protecting it, thus creating political impetus to the designation. But several secretaries of state -- the officials in charge of the election infrastructure in their state -- strongly opposed the designation that Johnson wanted.

On Jan. 6, 2017 -- the same day three intelligence agencies released a joint "assessment" on Russian interference in the election -- Johnson announced the designation anyway.

Media stories continued to reflect the official assumption that cyber attacks on state election websites were Russian-sponsored. Stunningly, The Wall Street Journal reported in December 2016 that DHS was itself behind hacking attempts of Georgia's election database.

The facts surrounding the two actual breaches of state websites in Illinois and Arizona, as well as the broader context of cyberattacks on state websites, didn't support that premise at all.

In July, Illinois discovered an intrusion into its voter registration website and the theft of personal information on as many as 200,000 registered voters . (The 2018 Mueller indictments of GRU officers would unaccountably put the figure at 500,000 . ) Significantly, however, the hackers only had copied the information and had left it unchanged in the database.

That was a crucial clue to the motive behind the hack. DHS Assistant Secretary for Cyber Security and Communications Andy Ozment told a Congressional committee in late September 2016 that the fact hackers hadn't tampered with the voter data indicated that the aim of the theft was not to influence the electoral process. Instead, it was "possibly for the purpose of selling personal information." Ozment was contradicting the line that already was being taken on the Illinois and Arizona hacks by the National Protection and Programs Directorate and other senior DHS officials.

In an interview with me last year, Ken Menzel, the legal adviser to the Illinois secretary of state, confirmed what Ozment had testified. "Hackers have been trying constantly to get into it since 2006," Menzel said, adding that they had been probing every other official Illinois database with such personal data for vulnerabilities as well. "Every governmental database -- driver's licenses, health care, you name it -- has people trying to get into it," said Menzel.

In the other successful cyberattack on an electoral website, hackers had acquired the username and password for the voter database Arizona used during the summer, as Arizona Secretary of State Michele Reagan learned from the FBI. But the reason that it had become known, according to Reagan in an interview with Mother Jones , was that the login and password had shown up for sale on the dark web -- the network of websites used by cyber criminals to sell stolen data and other illicit wares.

Furthermore, the FBI had told her that the effort to penetrate the database was the work of a "known hacker" whom the FBI had monitored "frequently" in the past. Thus, there were reasons to believe that both Illinois and Arizona hacking incidents were linked to criminal hackers seeking information they could sell for profit.

Meanwhile, the FBI was unable to come up with any theory about what Russia might have intended to do with voter registration data such as what was taken in the Illinois hack. When FBI Counterintelligence official Bill Priestap was asked in a June 2017 hearing how Moscow might use such data, his answer revealed that he had no clue: "They took the data to understand what it consisted of," said the struggling Priestap, "so they can affect better understanding and plan accordingly in regards to possibly impacting future elections by knowing what is there and studying it."

The inability to think of any plausible way for the Russian government to use such data explains why DHS and the intelligence community adopted the argument, as senior DHS officials Samuel Liles and Jeanette Manfra put it, that the hacks "could be intended or used to undermine public confidence in electoral processes and potentially the outcome." But such a strategy could not have had any effect without a decision by DHS and the U.S. intelligence community to assert publicly that the intrusions and other scanning and probing were Russian operations, despite the absence of hard evidence. So DHS and other agencies were consciously sowing public doubts about U.S. elections that they were attributing to Russia.

DHS Reveals Its Self-Serving Methodology

In June 2017, Liles and Manfra testified to the Senate Intelligence Committee that an October 2016 DHS intelligence report had listed election systems in 21 states that were "potentially targeted by Russian government cyber actors." They revealed that the sensational story leaked to the press in late September 2016 had been based on a draft of the DHS report. And more importantly, their use of the phrase "potentially targeted" showed that they were arguing only that the cyber incidents it listed were possible indications of a Russian attack on election infrastructure.

Furthermore, Liles and Manfra said the DHS report had "catalogued suspicious activity we observed on state government networks across the country," which had been "largely based on suspected malicious tactics and infrastructure." They were referring to a list of eight IP addresses an August 2016 FBI "flash alert" had obtained from the Illinois and Arizona intrusions, which DHS and FBI had not been able to attribute to the Russian government.

Manfra: No doubt it was the Russians. (C-SPAN)

The DHS officials recalled that the DHS began to "receive reports of cyber-enabled scanning and probing of election-related infrastructure in some states, some of which appeared to originate from servers operated by a Russian company." Six of the eight IP addresses in the FBI alert were indeed traced to King Servers, owned by a young Russian living in Siberia. But as DHS cyber specialists knew well, the country of ownership of the server doesn't prove anything about who was responsible for hacking: As cybersecurity expert Jeffrey Carr pointed out , the Russian hackers who coordinated the Russian attack on Georgian government websites in 2008 used a Texas-based company as the hosting provider.

The cybersecurity firm ThreatConnect noted in 2016 that one of the other two IP addresses had hosted a Russian criminal market for five months in 2015. But that was not a serious indicator, either. Private IP addresses are reassigned frequently by server companies, so there is not a necessary connection between users of the same IP address at different times.

The DHS methodology of selecting reports of cyber incidents involving election-related websites as "potentially targeted" by Russian government-sponsored hackers was based on no objective evidence whatever. The resulting list appears to have included any one of the eight addresses as well as any attack or "scan" on a public website that could be linked in any way to elections.

This methodology conveniently ignored the fact that criminal hackers were constantly trying to get access to every database in those same state, country and municipal systems. Not only for Illinois and Arizona officials, but state electoral officials.

In fact, 14 of the 21 states on the list experienced nothing more than the routine scanning that occurs every day, according to the Senate Intelligence Committee . Only six involved what was referred to as a "malicious access attempt," meaning an effort to penetrate the site. One of them was in Ohio, where the attempt to find a weakness lasted less than a second and was considered by DHS's internet security contractor a "non-event" at the time.

State Officials Force DHS to Tell the Truth

For a year, DHS did not inform the 21 states on its list that their election boards or other election-related sites had been attacked in a presumed Russian-sponsored operation. The excuse DHS officials cited was that it could not reveal such sensitive intelligence to state officials without security clearances. But the reluctance to reveal the details about each case was certainly related to the reasonable expectation that states would publicly challenge their claims, creating a potential serious embarrassment.

On Sept. 22, 2017, DHS notified 21 states about the cyber incidents that had been included in the October 2016 report. The public announcement of the notifications said DHS had notified each chief election officer of "any potential targeting we were aware of in their state leading up to the 2016 election." The phrase "potential targeting" again telegraphed the broad and vague criterion DHS had adopted, but it was ignored in media stories.

But the notifications, which took the form of phone calls lasting only a few minutes, provided a minimum of information and failed to convey the significant qualification that DHS was only suggesting targeting as a possibility. "It was a couple of guys from DHS reading from a script," recalled one state election official who asked not to be identified. "They said [our state] was targeted by Russian government cyber actors."

A number of state election officials recognized that this information conflicted with what they knew. And if they complained, they got a more accurate picture from DHS. After Wisconsin Secretary of State Michael Haas demanded further clarification, he got an email response from a DHS official with a different account. "[B]ased on our external analysis," the official wrote, "the WI [Wisconsin] IP address affected belongs to the WI Department of Workforce Development, not the Elections Commission."

California Secretary of State Alex Padilla said DHS initially had notified his office "that Russian cyber actors 'scanned' California's Internet-facing systems in 2016, including Secretary of State websites." But under further questioning, DHS admitted to Padilla that what the hackers had targeted was the California Department of Technology's network.

Texas Secretary of State Rolando Pablos and Oklahoma Election Board spokesman Byron Dean also denied that any state website with voter- or election-related information had been targeted, and Pablos demanded that DHS "correct its erroneous notification."

Despite these embarrassing admissions, a statement issued by DHS spokesman Scott McConnell on Sept. 28, 2017 said the DHS "stood by" its assessment that 21 states "were the target of Russian government cyber actors seeking vulnerabilities and access to U.S. election infrastructure." The statement retreated from the previous admission that the notifications involved "potential targeting," but it also revealed for the first time that DHS had defined "targeting" very broadly indeed.

It said the category included "some cases" involving "direct scanning of targeted systems" but also cases in which "malicious actors scanned for vulnerabilities in networks that may be connected to those systems or have similar characteristics in order to gain information about how to later penetrate their target."

It is true that hackers may scan one website in the hope of learning something that could be useful for penetrating another website, as cybersecurity expert Prof. Herbert S. Lin of Stanford University explained to me in an interview. But including any incident in which that motive was theoretical meant that any state website could be included on the DHS list, without any evidence it was related to a political motive.

Arizona's further exchanges with DHS revealed just how far DHS had gone in exploiting that escape clause in order to add more states to its "targeted" list. Arizona Secretary of State Michele Reagan tweeted that DHS had informed her that "the Russian government targeted our voter registration systems in 2016." After meeting with DHS officials in early October 2017, however, Reagan wrote in a blog post that DHS "could not confirm that any attempted Russian government hack occurred whatsoever to any election-related system in Arizona, much less the statewide voter registration database."

What the DHS said in that meeting, as Reagan's spokesman Matt Roberts recounted to me, is even more shocking. "When we pressed DHS on what exactly was actually targeted, they said it was the Phoenix public library's computers system," Roberts recalled.

National Security Agency headquarters in Fort Meade, Md. (Wikimedia)

In April 2018, a CBS News "60 Minutes" segment reported that the October 2016 DHS intelligence report had included the Russian government hacking of a "county database in Arizona." Responding to that CBS report, an unidentified "senior Trump administration official" who was well-briefed on the DHS report told Reuters that "media reports" on the issue had sometimes "conflated criminal hacking with Russian government activity," and that the cyberattack on the target in Arizona "was not perpetrated by the Russian government."

NSA Finds a GRU Election Plot

NSA intelligence analysts claimed in a May 2017 analysis to have documented an effort by Russian military intelligence (GRU) to hack into U.S. electoral institutions. In an intelligence analysis obtained by The Intercept and reported in June 2017, NSA analysts wrote that the GRU had sent a spear-phishing email -- one with an attachment designed to look exactly like one from a trusted institution but that contains malware design to get control of the computer -- to a vendor of voting machine technology in Florida. The hackers then designed a fake web page that looked like that of the vendor. They sent it to a list of 122 email addresses NSA believed to be local government organizations that probably were "involved in the management of voter registration systems." The objective of the new spear-phishing campaign, the NSA suggested, was to get control of their computers through malware to carry out the exfiltration of voter-related data.

But the authors of The Intercept story failed to notice crucial details in the NSA report that should have tipped them off that the attribution of the spear-phishing campaign to the GRU was based merely on the analysts' own judgment -- and that their judgment was faulty.

The Intercept article included a color-coded chart from the original NSA report that provides crucial information missing from the text of the NSA analysis itself as well as The Intercept 's account. The chart clearly distinguishes between the elements of the NSA's account of the alleged Russian scheme that were based on "Confirmed Information" (shown in green) and those that were based on "Analyst Judgment" (shown in yellow). The connection between the "operator" of the spear-phishing campaign the report describes and an unidentified entity confirmed to be under the authority of the GRU is shown as a yellow line, meaning that it is based on "Analyst Judgment" and labeled "probably."

A major criterion for any attribution of a hacking incident is whether there are strong similarities to previous hacks identified with a specific actor. But the chart concedes that "several characteristics" of the campaign depicted in the report distinguish it from "another major GRU spear-phishing program," the identity of which has been redacted from the report.

The NSA chart refers to evidence that the same operator also had launched spear-phishing campaigns on other web-based mail applications, including the Russian company "Mail.ru." Those targets suggest that the actors were more likely Russian criminal hackers rather than Russian military intelligence.

Even more damaging to its case, the NSA reports that the same operator who had sent the spear-phishing emails also had sent a test email to the "American Samoa Election Office." Criminal hackers could have been interested in personal information from the database associated with that office. But the idea that Russian military intelligence was planning to hack the voter rolls in American Samoa, an unincorporated U.S. territory with 56,000 inhabitants who can't even vote in U.S. presidential elections, is plainly risible.

The Mueller Indictment's Sleight of Hand

The Mueller indictment of GRU officers released on July 13 appeared at first reading to offer new evidence of Russian government responsibility for the hacking of Illinois and other state voter-related websites. A close analysis of the relevant paragraphs, however, confirms the lack of any real intelligence supporting that claim.

Mueller accused two GRU officers of working with unidentified "co-conspirators" on those hacks. But the only alleged evidence linking the GRU to the operators in the hacking incidents is the claim that a GRU official named Anatoly Kovalev and "co-conspirators" deleted search history related to the preparation for the hack after the FBI issued its alert on the hacking identifying the IP address associated with it in August 2016.

A careful reading of the relevant paragraphs shows that the claim is spurious. The first sentence in Paragraph 71 says that both Kovalev and his "co-conspirators" researched domains used by U.S. state boards of elections and other entities "for website vulnerabilities." The second says Kovalev and "co-conspirators" had searched for "state political party email addresses, including filtered queries for email addresses listed on state Republican Party websites."

Mueller: Don't read the fine print. (The White House/Wikimedia)

Searching for website vulnerabilities would be evidence of intent to hack them, of course, but searching Republican Party websites for email addresses is hardly evidence of any hacking plan. And Paragraph 74 states that Kovalev "deleted his search history" -- not the search histories of any "co-conspirator" -- thus revealing that there were no joint searches and suggesting that the subject Kovalev had searched was Republican Party emails. So any deletion by Kovalev of his search history after the FBI alert would not be evidence of his involvement in the hacking of the Illinois election board website.

With this rhetorical misdirection unraveled, it becomes clear that the repetition in every paragraph of the section of the phrase "Kovalev and his co-conspirators" was aimed at giving the reader the impression the accusation is based on hard intelligence about possible collusion that doesn't exist.

The Need for Critical Scrutiny of DHS Cyberattack Claims

The DHS campaign to establish its role as the protector of U.S. electoral institutions is not the only case in which that agency has used a devious means to sow fear of Russian cyberattacks. In December 2016, DHS and the FBI published a long list of IP addresses as indicators of possible Russian cyberattacks. But most of the addresses on the list had no connection with Russian intelligence, as former U.S. government cyber-warfare officer Rob Lee found on close examination .

When someone at the Burlington, Vt., Electric Company spotted one of those IP addresses on one of its computers, the company reported it to DHS. But instead of quietly investigating the address to verify that it was indeed an indicator of Russian intrusion, DHS immediately informed The Washington Post. The result was a sensational story that Russian hackers had penetrated the U.S. power grid. In fact, the IP address in question was merely Yahoo's email server, as Rob Lee told me, and the computer had not even been connected to the power grid. The threat to the power grid was a tall tale created by a DHS official, which the Post had to embarrassingly retract.

Since May 2017, DHS, in partnership with the FBI, has begun an even more ambitious campaign to focus public attention on what it says are Russian "targeting" and "intrusions" into "major, high value assets that operate components of our Nation's critical infrastructure", including energy, nuclear, water, aviation and critical manufacturing sectors. Any evidence of such an intrusion must be taken seriously by the U.S. government and reported by news media. But in light of the DHS record on alleged threats to election infrastructure and the Burlington power grid, and its well-known ambition to assume leadership over cyber protection, the public interest demands that the news media examine DHS claims about Russian cyber threats far more critically than they have up to now.

Gareth Porter is an independent investigative journalist and winner of the 2012 Gellhorn Prize for journalism. His latest book is Manufactured Crisis: The Untold Story of the Iran Nuclear Scare .

If you valued this original article, please consider making a donation to Consortium News so we can bring you more stories like this one.


David G , August 29, 2018 at 2:42 am

From yesterday's (8/28) NY Times, p. A19, Corrections:

"An article on Thursday [print edition; Wednesday web] about a suspected hacking of the Democratic National Committee misstated what cybersecurity officials said about hackers' efforts to gain access to the organization's voter database. The officials said the hackers *may* have sent so-called spearphishing emails to D.N.C. officials, not that they *did* send such emails."
[*emphasis added*]

Charming. But wait, there's more!

Unmentioned in this correction is that the entire original article was rendered nugatory the next day (i.e. last Thursday), when the Times reported that (oops), "[t]he suspected hacking attempt of the Democratic National Committee's voter database this week was a false alarm, and the unusual activity that raised concern was merely a test, party officials said on Thursday."

But while the original article – which had "Russia" sprinkled liberally throughout, despite no claim of a Russian connection to the alleged attempted hack being reported – appeared in the print edition (8/23), the follow-up saying the whole thing was just a mistake and never-mind was web-only. (This puts the Times's motto "All the news that's fit to print", if taken literally, in a curious new light.)

And (to repeat) the correction in yesterday's paper referred only to the original article on an alleged hacking attempt, not to the followup article saying it never happened.

And so it goes.

Craig , August 29, 2018 at 1:40 am

I had impression that they said that there was not found that voter sites had been hacked.
Has it not been great propaganda campaign?

Gen Dao , August 29, 2018 at 12:22 am

Another great report by Gareth Porter. It should be top news at NYT, WaPo, CNN, and MSNBC, but unfortunately it won't be, because all four have degenerated into military industrial surveillance state propaganda outlets. Russiagate is the biggest hoax since Iraqi WMDs and Remember the Maine! If we didn't have outstanding real journalists like Porter, we would probably be at war with Russia right now. What this article shows very clearly is that our electoral system is under constant assault from criminal elements and political cheaters. We need to be having a national conversation right now on eliminating all digital voting machines and switching to paper ballots, but any questioning of the present system would upset the present advanced state of voter electoral fraud in the US and those who profit from it. Blaming electoral corruption and cheating in the US on a foreign boogeyman such as Russia (soon it will probably be China) is pretty obviously a method of hiding the real, domestic sources of various kinds of US electoral wrongdoing and of ensuring that those sources, including the so-called deep state, will continue to be able to operate effectively. The Clinton wing of the Dem Party is not the only group that regards election rigging as a justifiable means to a "good" end. I look forward to Mr. Porter's further research.

Gary Weglarz , August 28, 2018 at 11:30 pm

Events in the physical world now are simply unimportant sidelights since – "reality" – as it is reported in media – is completely fabricated and concocted out of thin air within the very mediocre brains of the numbskulls fronting for this dying empire. Corruption is as corruption does – I think Forrest Gump's mother said that.

KiwiAntz , August 29, 2018 at 1:27 am

Forest Gump's Mama said " Stupid is, as stupid does"! Sounds like the perfect logo to describe the American Nation State? A stupid Nation run by stupider people!

Jeff Harrison , August 28, 2018 at 6:15 pm

Lies, Damned Lies, and Government press releases. The real question is how long it will take before the American people really refuse to take the government at its word and demand proof. One of the worst things that the regime in Washington can do is to make American citizens mistrustful of the government.

KiwiAntz , August 29, 2018 at 1:20 am

The American people are completely gaslighted beyond belief & "captured" by their corrupt Govt & Leaders, to such an extent, that they will not question or dispute their Govt's narratives? Never has a Nation's citizens been so successfully brainwashed, in all of human history, as the American people have been & the only comparison that can be found is how Hitler & the Nazi's successfully hoodwinked the german people! The exception here is the American citizens, who frequent this website & are awake to their Govt's gross corruption & immoral actions around the globe! The rest of the US populace is asleep & want to stay that way?

john wilson , August 29, 2018 at 2:20 am

Well, KiwiAntz, you're probably right, but I think the accolade for stupidity, idiocy and acquiesce goes to we British people. Sheep are one of the worlds most common agricultural animals and we've got lots of them over here in the UK.

Dr. Ip , August 29, 2018 at 2:57 am

Since when have American citizens NOT been mistrustful of the government?

[Feb 19, 2018] What the Arrest of the Russian Intel top Cyber-Crime Expert Has to Do With American elections

Feb 19, 2018 | thebell.io

Sergei Mikhailov was arrested one year ago, on Dec. 5, 2016. Officers of the agency's internal security division seized him at his office and led him away with a sack over his head. Mikhailov is a black belt in karate and the officers feared that he might resist, explained one of the colonel's acquaintances.

Prior to his arrest, Mikhailov was head of the 2nd Directorate of the FSB's Information Security Center (TsIB) and within Russian intelligence circles he was considered the main authority on cybercrime.

Now he and three other men -- Dmitry Dokuchayev , an FSB major and former criminal hacker, accused in the U.S. of hacking 500 million Yahoo! accounts in 2014; Ruslan Stoyanov , a former Kaspersky Lab employee; and Georgy Fomchenkov , a little-known internet entrepreneur -- are suspected of state treason. The four are being held in Moscow's high-security Lefortovo Prison

[Feb 19, 2018] The FSB breaks up Russia's most notorious hacker group

Notable quotes:
"... Rosbalt said that when Anikeyev's business reached national levels, he started using new techniques. For example, Anikeyev would go to restaurants and cafes popular among officials, and with the help of sophisticated equipment he created fake Wi-Fi and mobile phone connections. ..."
"... Unsuspecting officials would connect to the network through the channel created by the hacker and he would have access to the information on their devices. ..."
"... Through the Looking Glass, ..."
"... The Anonymous International website was opened in 2013 and content stolen from the phones and emails of Russian politicians immediately started appearing on it. According to Life News , only the correspondence of the public officials and businessmen who refused to pay was published. At the same time members of Shaltai-Boltai positioned themselves as people with an active civil stance. ..."
"... Mikhailov tracked down Anonymous International at the beginning of 2016 and decided to take it under his control, as well as make some money from blackmail along the way. According to Life News , there is another theory - that Mikhailov had been managing the Shaltai-Boltai business from the start. ..."
"... Whatever the truth, Mikhailov and Dokuchayev have now been charged with treason. Anikeyev and Stoyanov will be prosecuted under a different charge - "unauthorized access to computer information." According to Rosbalt , the treason charges against Mikhailov and Dokuchayev are to do with Anonymous International's involvement in leaking to Ukraine the private correspondence of presidential aide Vladislav Surkov. ..."
"... Shaltai-Boltai's website has not been updated since Nov. 26 and its Twitter account since Dec. 12. The group's remaining members, who are believed to live in Thailand and the Baltic States, have been put on an FSB wanted list. ..."
Feb 19, 2018 | www.rbth.com

The alleged leader of the Anonymous International hacker group, also known as Shaltai-Boltai, has been arrested along with important officials in the security services who collaborated with the group. For several years Shaltai-Boltai terrorized state officials, businessmen and media figures by hacking their emails and telephones, and threatening to post their private information online unless blackmail payments were made. "The price tag for our work starts at several tens of thousands of dollars, and I am not going to talk about the upper limit," said a man who calls himself Lewis during an interview with the news website, Meduza , in January 2015.

Lewis, whose name pays hommage to the author Lewis Carroll, is the leader of Anonymous International, the hacker group specializing in hacking the accounts of officials and businessmen. Another name for Anonymous International is Shaltai-Boltai, Russian for "Humpty-Dumpty."

Several years ago Lewis and his colleagues prospered thanks to extortion. They offered their victims the chance to pay a handsome price to buy back their personal information that had been stolen. Otherwise their information would be sold to third persons and even posted online. In the end, Russian law-enforcement tracked down Lewis, and in November he was arrested and now awaits trial . His real name is Vladimir Anikeyev.

Shaltai-Boltai's founding father

"One's own success is good but other people's failure is not bad either," said the profile quote on Vladimir Anikeyev's page on VKontakte , Russia's most popular social network.

Vladimir Anikeyev / Photo: anikeevv/vk.com

Rosbalt news website said that in the 1990s Lewis worked as a journalist in St. Petersburg and specialized in collecting information through various methods, including dubious ones. "He could go for a drink with someone or have an affair with someone's secretary or bribe people," Rosbalt's source said.

In the 2000s Anikeyev switched to collecting kompromat (compromising material). Using his connections, he would find the personal email addresses of officials and entrepreneurs and break into them using hackers in St. Petersburg, and then blackmail the victims. They had to pay to prevent their personal information from ending up on the Internet.

Fake Wi-Fi

Rosbalt said that when Anikeyev's business reached national levels, he started using new techniques. For example, Anikeyev would go to restaurants and cafes popular among officials, and with the help of sophisticated equipment he created fake Wi-Fi and mobile phone connections.

Unsuspecting officials would connect to the network through the channel created by the hacker and he would have access to the information on their devices.

In the beginning Anikeyev was personally involved in the theft of information but later he created a network of agents.

The business grew quickly; enormous amounts of information were at Anikeyev's disposal that had to be sorted and selected for suitability as material for blackmail. In the end, according to Rosbalt, Anonymous International arose as a handy tool for downloading the obtained information.

Trying to change the world

The second name of the group refers to the works of Lewis Carroll, according to Shaltai-Boltai members. The crazy world of Through the Looking Glass, with its inverted logic, is the most apt metaphor for Russian political life. Apart from Lewis Anikeyev, the team has several other members: Alice; Shaltai, Boltai (these two acted as press secretaries, and as a result of a mix-up, the media started calling the whole project, Shaltai-Boltai); and several others, including "technicians," or specialist hackers.

The Anonymous International website was opened in 2013 and content stolen from the phones and emails of Russian politicians immediately started appearing on it. According to Life News , only the correspondence of the public officials and businessmen who refused to pay was published. At the same time members of Shaltai-Boltai positioned themselves as people with an active civil stance.

"We can be called campaigners. We are trying to change the world. To change it for the better," Shaltai told the Apparat website. In interviews members of the group repeatedly complained about Russian officials who restricted Internet freedom, the country's foreign policy and barriers to participation in elections.

Hacker exploits

Shaltai-Boltai's most notorious hack was of an explicitly political nature and not about making money. It hacked Russian Prime Minister Dmitry Medvedev's Twitter account. On Aug. 14, 2014 tweets were posted on the account saying that Medvedev was resigning because he was ashamed of the government's actions. The `prime minister' also had time to write that Putin was wrong, that the government had problems with common sense, and that the authorities were taking the country back to the past.

The scourge of banks and politicians: 4 famous Russian hackers

On the same day Anonymous International posted part of the prime minister's stolen archive, admitting that, "there is nothing particularly interesting in it."

"The posted material was provided by a certain highly-placed reptilian of our acquaintance," the hackers joked .

Medvedev is far from being Shaltai-Boltai's only victim. The hackers published the private correspondence of officials in the presidential administration: Yevgeny Prigozhin, a businessman close to Vladimir Putin; Aram Gabrelyanov, head of the pro-Kremlin News Media holding company; and of Igor Strelkov, one of the leaders of the uprising in east Ukraine. Lewis, however, insisted that only material that had failed to sell ended up on the Internet.

Law-enforcement links

Anikeyev was detained in November, and the following month Sergei Mikhailov, head of the 2nd operations directorate of the FSB Information Security Center, was also arrested. According to Kommersant , Mikhailov was a major figure in the security services who, "was essentially overseeing the country's entire internet business."

Mikhailov's aide, FSB Major Dmitry Dokuchayev, and a former hacker known as Forb, was also arrested. Shortly after, Ruslan Stoyanov, head of the department for investigating cybercrime at the antivirus software company Kaspersky Lab, was also detained. Stoyanov also worked closely with the secret services.

According to Rosbalt , Anikeyev revealed information about the FSB officers and the Kaspersky Lab computer expert and their close involvement with Shaltai-Boltai.

Mikhailov tracked down Anonymous International at the beginning of 2016 and decided to take it under his control, as well as make some money from blackmail along the way. According to Life News , there is another theory - that Mikhailov had been managing the Shaltai-Boltai business from the start.

Shaltai-Boltai had a big fall

Whatever the truth, Mikhailov and Dokuchayev have now been charged with treason. Anikeyev and Stoyanov will be prosecuted under a different charge - "unauthorized access to computer information." According to Rosbalt , the treason charges against Mikhailov and Dokuchayev are to do with Anonymous International's involvement in leaking to Ukraine the private correspondence of presidential aide Vladislav Surkov.

Shaltai-Boltai's website has not been updated since Nov. 26 and its Twitter account since Dec. 12. The group's remaining members, who are believed to live in Thailand and the Baltic States, have been put on an FSB wanted list.

Anyway, Shaltai-Boltai anticipated this outcome. "What awaits us if we are uncovered? Criminal charges and most likely a prison sentence. Each member of the team is aware of the risks," they said dispassionately in the interview with Apparat in 2015.

[Feb 19, 2018] Shaltai-Boltai's leader arrested by the FSB Crime

Notable quotes:
"... Anikeev immediately began to cooperate with the investigation and provide detailed evidence, which repeatedly mentioned Mikhailov as being associated with the Shaltai-Boltai's team," said the source of Rosbalt. And in December 2016, Mikhailov and his "right hand," another official of the Information Security Center, Dmitry Dokuchaev, were arrested. The Court took a decision on their arrest. Another ISC official was also detained, but after questioning, no preventive measures involving deprivation of liberty were applied to him. ..."
"... After the summer, Shaltai-Boltai began to work exclusively with the content given to it by the curator. ..."
"... later it switched to civil servants' email that contained information that could bring serious trouble. When it became known that Surkov's correspondence "leaked" to Ukraine, it broke the camel's back. "Mikhailov's a magnificent expert. Best in his business. One can say that the ISC is Mikhailov.. But he crossed all possible borders," told a source of Rosbalt. ..."
Feb 19, 2018 | rusletter.com

RusLetter

The story around the arrest of a high-ranking ISC official, Sergey Mikhailov, is becoming an actual thriller.

The creator of Shaltai-Boltai (Humpty Dumpty) website, which containted the correspondence of officials, journalist Vladimir Anikeev, better known in some circles as Lewis, was arrested on arrival from Ukraine, where he is supposed to have been involved in the publishing on a local site of presidential aide Vladislav Surkov's correspondence. In his testimony, Lewis said about the employee of the Information Security Center, Mikhailov.

As a source familiar with the situation told Rosbalt, Vladimir Anikeev was detained by the FSB officers at the end of October 2016, when he arrived in St. Petersburg from Ukraine. "The operation was the result of a long work. There was a complicated operative combination with the aim to lure Lewis from Ukraine, which he didn't indend to leave," said the source to the news agency. Anikeev was taken to Moscow, where the Investigation department of the FSB charged him under Article 272 of the Criminal Code (Illegal access to computer information).

First and foremost the counterintelligence was interested in the situation with the "leakage" of Vladislav Surkov's correspondence: by the time it was known that it was in the hands of the Shaltai-Boltai's team. Since it was e-mail with from the .gov domain, the situation caused great concern in theFSO. As a result of this, the correspondence was published on the website of a Ukrainian association of hackers called Cyber-Junta. In reality, it is suspected that Anikeev was involved in that affair. He'd been constantly visiting this country, his girlfriend lived there, and, according to available data, he was not going to return to Russia. Lewis was also asked about other officials' correspondence, which already appeared on the Shaltai-Boltai website.

" Anikeev immediately began to cooperate with the investigation and provide detailed evidence, which repeatedly mentioned Mikhailov as being associated with the Shaltai-Boltai's team," said the source of Rosbalt. And in December 2016, Mikhailov and his "right hand," another official of the Information Security Center, Dmitry Dokuchaev, were arrested. The Court took a decision on their arrest. Another ISC official was also detained, but after questioning, no preventive measures involving deprivation of liberty were applied to him.

According to the version of the agency's source, the situation developed as follows. At the beginning of 2016, the department headed by Mikhailov received an order to "work" with Shaltai-Boltai's website, which published the correspondence of civil servants. The immediate executor was Dokuchaev. Officers of the ISC were able to find out the team of Shaltai-Boltai, which participants nicknamed themselves after Lewis Carroll's "Alice in Wonderland": Alice, the March Hare, etc. The website creator and organizer, Anikeev, was nicknamed Lewis. In the summer there were searching raids in St. Petersburg, although formally for other reasons.

According to the Rosbalt's source, just after the summer attack the team of Shaltai-Boltai appeared to have the owner, or, to be exact, the curator. According to the source, it could be Sergey Mikhailov. As the result, the working methods of the Lewis's team also changed, just as the objects whose correspondence was being published for public access. Previously, Lewis's people figured out objects in places where mobile phone was used. They were given access to the phone contents by means of a false cell (when it came to mobile internet) or using a false-Wi-FI (if the person was connected to Wi-FI). Then the downloaded content was sent to member of the Lewis's team, residing in Estonia. He analyzed to to select what's to be put in the open access and what's to be sold for Bitcoins. The whole financial part of the Shaltai-Boltai involved a few people living in Thailand. These Bitcoins were cashed in Ukraine. Occasionally the Lewis published emails previously stolen by other hackers.

After the summer, Shaltai-Boltai began to work exclusively with the content given to it by the curator. Earlier, it published correspondence of rather an "entertaining" character, as well as officials whose "secrets" would do no special harm; but later it switched to civil servants' email that contained information that could bring serious trouble. When it became known that Surkov's correspondence "leaked" to Ukraine, it broke the camel's back. "Mikhailov's a magnificent expert. Best in his business. One can say that the ISC is Mikhailov.. But he crossed all possible borders," told a source of Rosbalt.

[Feb 19, 2018] Russian Lawyer Says FSB Officers, Kaspersky Manager Charged With Treason

Feb 19, 2018 | www.rferl.org

At the time of their arrests in December, Sergei Mikhailov and Dmitry Dokuchayev were officers with the FSB's Center for Information Security, a leading unit within the FSB involved in cyberactivities.

Pavlov confirmed to RFE/RL the arrest of Mikhailov and Dokuchayev, along with Ruslan Stoyanov, a former employee of the Interior Ministry who had worked for Kaspersky Labs, a well-known private cyber-research company, which announced Stoyanov's arrest last month.

The newspaper Kommersant reported that Mikhailov was arrested at a meeting of FSB officers and was taken from the meeting after a sack was put on his head.

The independent newspaper Novaya Gazeta, meanwhile, said that a total of six suspects -- including Mikhailov, Dokuchayev, and Stoyanov -- had been arrested. The state news agency TASS reported on February 1 that two men associated with a well-known hacking group had also been arrested in November, but it wasn't immediately clear if those arrests were related to the FSB case.

There has been no public detail as to the nature of the treason charges against Mikhailov, Dokuchayev, and Stoyanov. The Interfax news agency on January 31 quoted "sources familiar with the situation" as saying that Mikhailov and Dokuchayev were suspected of relaying confidential information to the U.S. Central Intelligence Agency (CIA).

Pavlov told RFE/RL the individuals were suspected of passing on classified information to U.S. intelligence, but not necessarily the CIA.

[Feb 18, 2018] The FSB breaks up Russia's most notorious hacker group - Russia Beyond

Notable quotes:
"... Through the Looking Glass, ..."
"... Mikhailov tracked down Anonymous International at the beginning of 2016 and decided to take it under his control, as well as make some money from blackmail along the way. According to Life News , there is another theory - that Mikhailov had been managing the Shaltai-Boltai business from the start. ..."
"... Whatever the truth, Mikhailov and Dokuchayev have now been charged with treason. Anikeyev and Stoyanov will be prosecuted under a different charge - "unauthorized access to computer information." According to Rosbalt , the treason charges against Mikhailov and Dokuchayev are to do with Anonymous International's involvement in leaking to Ukraine the private correspondence of presidential aide Vladislav Surkov. ..."
"... Shaltai-Boltai's website has not been updated since Nov. 26 and its Twitter account since Dec. 12. The group's remaining members, who are believed to live in Thailand and the Baltic States, have been put on an FSB wanted list. ..."
Feb 18, 2018 | www.rbth.com

The alleged leader of the Anonymous International hacker group, also known as Shaltai-Boltai, has been arrested along with important officials in the security services who collaborated with the group. For several years Shaltai-Boltai terrorized state officials, businessmen and media figures by hacking their emails and telephones, and threatening to post their private information online unless blackmail payments were made. "The price tag for our work starts at several tens of thousands of dollars, and I am not going to talk about the upper limit," said a man who calls himself Lewis during an interview with the news website, Meduza , in January 2015.

Lewis, whose name pays hommage to the author Lewis Carroll, is the leader of Anonymous International, the hacker group specializing in hacking the accounts of officials and businessmen. Another name for Anonymous International is Shaltai-Boltai, Russian for "Humpty-Dumpty."

Several years ago Lewis and his colleagues prospered thanks to extortion. They offered their victims the chance to pay a handsome price to buy back their personal information that had been stolen. Otherwise their information would be sold to third persons and even posted online. In the end, Russian law-enforcement tracked down Lewis, and in November he was arrested and now awaits trial . His real name is Vladimir Anikeyev.

Shaltai-Boltai's founding father

"One's own success is good but other people's failure is not bad either," said the profile quote on Vladimir Anikeyev's page on VKontakte , Russia's most popular social network.

Vladimir Anikeyev / Photo: anikeevv/vk.com Vladimir Anikeyev / Photo: anikeevv/vk.com

Rosbalt news website said that in the 1990s Lewis worked as a journalist in St. Petersburg and specialized in collecting information through various methods, including dubious ones. "He could go for a drink with someone or have an affair with someone's secretary or bribe people," Rosbalt's source said.

In the 2000s Anikeyev switched to collecting kompromat (compromising material). Using his connections, he would find the personal email addresses of officials and entrepreneurs and break into them using hackers in St. Petersburg, and then blackmail the victims. They had to pay to prevent their personal information from ending up on the Internet.

Fake Wi-Fi

Rosbalt said that when Anikeyev's business reached national levels, he started using new techniques. For example, Anikeyev would go to restaurants and cafes popular among officials, and with the help of sophisticated equipment he created fake Wi-Fi and mobile phone connections.

Unsuspecting officials would connect to the network through the channel created by the hacker and he would have access to the information on their devices.

In the beginning Anikeyev was personally involved in the theft of information but later he created a network of agents.

The business grew quickly; enormous amounts of information were at Anikeyev's disposal that had to be sorted and selected for suitability as material for blackmail. In the end, according to Rosbalt, Anonymous International arose as a handy tool for downloading the obtained information.

Trying to change the world

The second name of the group refers to the works of Lewis Carroll, according to Shaltai-Boltai members. The crazy world of Through the Looking Glass, with its inverted logic, is the most apt metaphor for Russian political life. Apart from Lewis Anikeyev, the team has several other members: Alice; Shaltai, Boltai (these two acted as press secretaries, and as a result of a mix-up, the media started calling the whole project, Shaltai-Boltai); and several others, including "technicians," or specialist hackers.

The Anonymous International website was opened in 2013 and content stolen from the phones and emails of Russian politicians immediately started appearing on it. According to Life News , only the correspondence of the public officials and businessmen who refused to pay was published. At the same time members of Shaltai-Boltai positioned themselves as people with an active civil stance.

"We can be called campaigners. We are trying to change the world. To change it for the better," Shaltai told the Apparat website. In interviews members of the group repeatedly complained about Russian officials who restricted Internet freedom, the country's foreign policy and barriers to participation in elections.

Hacker exploits

Shaltai-Boltai's most notorious hack was of an explicitly political nature and not about making money. It hacked Russian Prime Minister Dmitry Medvedev's Twitter account. On Aug. 14, 2014 tweets were posted on the account saying that Medvedev was resigning because he was ashamed of the government's actions. The `prime minister' also had time to write that Putin was wrong, that the government had problems with common sense, and that the authorities were taking the country back to the past.

The scourge of banks and politicians: 4 famous Russian hackers The scourge of banks and politicians: 4 famous Russian hackers

On the same day Anonymous International posted part of the prime minister's stolen archive, admitting that, "there is nothing particularly interesting in it."

"The posted material was provided by a certain highly-placed reptilian of our acquaintance," the hackers joked .

Medvedev is far from being Shaltai-Boltai's only victim. The hackers published the private correspondence of officials in the presidential administration: Yevgeny Prigozhin, a businessman close to Vladimir Putin; Aram Gabrelyanov, head of the pro-Kremlin News Media holding company; and of Igor Strelkov, one of the leaders of the uprising in east Ukraine. Lewis, however, insisted that only material that had failed to sell ended up on the Internet.

Law-enforcement links

Anikeyev was detained in November, and the following month Sergei Mikhailov, head of the 2nd operations directorate of the FSB Information Security Center, was also arrested. According to Kommersant , Mikhailov was a major figure in the security services who, "was essentially overseeing the country's entire internet business."

Mikhailov's aide, FSB Major Dmitry Dokuchayev, and a former hacker known as Forb, was also arrested. Shortly after, Ruslan Stoyanov, head of the department for investigating cybercrime at the antivirus software company Kaspersky Lab, was also detained. Stoyanov also worked closely with the secret services.

According to Rosbalt , Anikeyev revealed information about the FSB officers and the Kaspersky Lab computer expert and their close involvement with Shaltai-Boltai.

Mikhailov tracked down Anonymous International at the beginning of 2016 and decided to take it under his control, as well as make some money from blackmail along the way. According to Life News , there is another theory - that Mikhailov had been managing the Shaltai-Boltai business from the start.

Shaltai-Boltai had a big fall

Whatever the truth, Mikhailov and Dokuchayev have now been charged with treason. Anikeyev and Stoyanov will be prosecuted under a different charge - "unauthorized access to computer information." According to Rosbalt , the treason charges against Mikhailov and Dokuchayev are to do with Anonymous International's involvement in leaking to Ukraine the private correspondence of presidential aide Vladislav Surkov.

Shaltai-Boltai's website has not been updated since Nov. 26 and its Twitter account since Dec. 12. The group's remaining members, who are believed to live in Thailand and the Baltic States, have been put on an FSB wanted list.

Anyway, Shaltai-Boltai anticipated this outcome. "What awaits us if we are uncovered? Criminal charges and most likely a prison sentence. Each member of the team is aware of the risks," they said dispassionately in the interview with Apparat in 2015.

[Feb 18, 2018] What the Arrest of the Russian Intel top Cyber-Crime Expert Has to Do With American elections -- The Bell

Feb 18, 2018 | thebell.io

Sergei Mikhailov was arrested one year ago, on Dec. 5, 2016. Officers of the agency's internal security division seized him at his office and led him away with a sack over his head. Mikhailov is a black belt in karate and the officers feared that he might resist, explained one of the colonel's acquaintances.

Prior to his arrest, Mikhailov was head of the 2nd Directorate of the FSB's Information Security Center (TsIB) and within Russian intelligence circles he was considered the main authority on cybercrime.

Now he and three other men -- Dmitry Dokuchayev , an FSB major and former criminal hacker, accused in the U.S. of hacking 500 million Yahoo! accounts in 2014; Ruslan Stoyanov , a former Kaspersky Lab employee; and Georgy Fomchenkov , a little-known internet entrepreneur -- are suspected of state treason. The four are being held in Moscow's high-security Lefortovo Prison

[Feb 18, 2018] Moscow Court Sentences 'Shaltai-Boltai' Hackers To Prison

Notable quotes:
"... A Moscow court has sentenced two Russian hackers to three years in prison each for breaking into the e-mail accounts of top Russian officials and leaking them. ..."
"... The 2016 arrests of the Shaltai-Boltai hackers became known only after Russian media reported that two officials of the Federal Security Service's cybercrime unit had been arrested on treason charges. ..."
Feb 18, 2018 | www.rferl.org

A Moscow court has sentenced two Russian hackers to three years in prison each for breaking into the e-mail accounts of top Russian officials and leaking them.

Konstantin Teplyakov and Aleksandr Filinov were members of the Shaltai-Boltai (Humpty Dumpty in Russian) collective believed to be behind the hacking of high-profile accounts, including the Twitter account of Prime Minister Dmitry Medvedev.

The two were found guilty of illegally accessing computer data in collusion with a criminal group.

Earlier in July, Shaltai-Boltai leader Vladimir Anikeyev was handed a two-year sentence after striking a plea bargain and agreeing to cooperate with the authorities.

The 2016 arrests of the Shaltai-Boltai hackers became known only after Russian media reported that two officials of the Federal Security Service's cybercrime unit had been arrested on treason charges.

Russian media reports suggested the officials had connections to the hacker group or had tried to control it.

[Feb 18, 2018] Notorious Russian Hacker With Links To FSB Scandal Sentenced To Prison

Feb 18, 2018 | www.rferl.org

A notorious Russian hacker whose exploits and later arrest gave glimpses into the intersection of computer crime and Russian law enforcement has been sentenced to two years in prison.

The Moscow City Court issued its ruling July 6 against Vladimir Anikeyev in a decision made behind closed doors, one indication of the sensitivity of his case.

[Feb 18, 2018] Making Sense of Russia's Cyber Treason Scandal

Notable quotes:
"... The stories implicating Mikhailov gained credence when Russian businessman Pavel Vrublevsky made similar accusations. He asserted that Mikhailov leaked details of Russian hacking capabilities to U.S. intelligence agencies. ..."
Feb 18, 2018 | worldview.stratfor.com

In January, the Kremlin-linked media outlet Kommersant suggested that the heads of Russia's Information Security Center (TsIB) were under investigation and would soon leave their posts. The TsIB is a shadowy unit that manages computer security investigations for the Interior Ministry and the FSB. It is thought to be Russia's largest inspectorate when it comes to domestic and foreign cyber capabilities, including hacking. It oversees security matters related to credit theft, financial information, personal data, social networks and reportedly election data -- or as some have claimed in the Russian media, "election rigging." Beyond its investigative role, it is presumed that the TsIB is fully capable of planning and directing cyber operations. A week after the initial Kommersant report surfaced, Andrei Gerasimov, the longtime TsIB director, resigned. Not long after Gerasimov's resignation at the end of January, reports emerged from numerous Kremlin-linked media outlets in what appeared to be a coordinated flood of information and disinformation about the arrests of senior TsIB officers. One of the cyber unit's operational directors, Sergei Mikhailov, was arrested toward the end of last year along with his deputy, Dmitri Dokuchaev, and charged with treason. Also arrested around the same time was Ruslan Stoyanov, the chief investigator for Kaspersky Lab, which is the primary cybersecurity contractor for the TsIB. There is much conjecture, but Mikhailov was apparently forcibly removed from a meeting with fellow FSB officers -- escorted out with a bag over his head, so the story goes -- and arrested. This is thought to have taken place some time around Dec. 5. His deputy, a well-respected computer hacker recruited by the FSB, was reportedly last seen in November. Kaspersky Lab's Stoyanov was a career cybersecurity professional, previously working for the Indrik computer crime investigation firm and the Interior Ministry's computer crime unit. Novaya Gazeta, a Kremlin-linked media outlet, reported that two other unnamed FSB computer security officers were also detained. Theories, Accusations and Rumors

Since the initial reports surfaced, Russian media have been flooded with conflicting theories about the arrests; about Mikhailov, Dokuchaev and Stoyanov; and about the accusations levied against them. Because the charges are treason, the case is considered "classified" by the state, meaning no official explanation or evidence will be released. An ultranationalist news network called Tsargrad TV reported that Mikhailov had tipped U.S. intelligence to the King Servers firm, which the FBI has accused of being the nexus of FSB hacking and intelligence operations in the United States. (It should be noted that Tsargrad TV tends toward sensationalism and has been used as a conduit for propaganda in the past.) The media outlet also claimed that the Russian officer's cooperation is what enabled the United States to publicly accuse Moscow of sponsoring election-related hacking with "high confidence."

The stories implicating Mikhailov gained credence when Russian businessman Pavel Vrublevsky made similar accusations. He asserted that Mikhailov leaked details of Russian hacking capabilities to U.S. intelligence agencies. Vrublevsky, however, had previously been the target of hacking accusations leveled by Mikhailov and his team, so it is possible that he has a personal ax to grind. To further complicate matters, a business partner of Vrublevsky, Vladimir Fomenko, runs King Servers, which the United States shut down in the wake of the hacking scandal.

[Feb 18, 2018] The FBI just indicted a Russian official for hacking. But why did Russia charge him with treason?

This article is almost a year old but contains interesting information about possible involvement of Shaltai Boltai in framing Russia in interference in the USA elections.
Notable quotes:
"... Also called Anonymous International, Shaltai-Boltai was responsible for leaking early copies of Putin's New Year speech and for selling off "lots" of emails stolen from Russian officials such as Prime Minister Dmitry Medvedev ..."
"... Later media reports said that the group's leader, Vladimir Anikeyev, had recently been arrested by the FSB and had informed on Mikhailov, Dokuchaev and Stoyanov. ..."
Mar 17, 2017 | www.washingtonpost.com

The FBI just indicted a Russian official for hacking. But why did Russia charge him with treason? - The Washington Post But what is less clear is why one of the men has been arrested and charged with treason in Russia. Dmitry Dokuchaev, an agent for the cyberinvestigative arm of the FSB, was arrested in Moscow in December. He's accused by the FBI of "handling" the hackers, paying "bounties" for breaking into email accounts held by Russian officials, opposition politicians and journalists, as well as foreign officials and business executives. The Russian targets included an Interior Ministry officer and physical trainer in a regional Ministry of Sports. (The full text of the indictment, which has a full list of the targets and some curious typos, is here .)

Reading this hackers indictment. I'm pretty sure there is no such position as the "deputy chairman of the Russian Federation" pic.twitter.com/DOWXYNoWjZ

-- Shaun Walker (@shaunwalker7) March 15, 2017

Dokuchaev's case is part of a larger and mysterious spate of arrests of Russian cyber officials and experts. His superior, Sergei Mikhailov, deputy chief of the FSB's Center for Information Security, was also arrested in December and charged with treason. According to Russian reports, the arrest came during a plenum of FSB officers, where Mikhailov had a bag placed over his head and was taken in handcuffs from the room. Ruslan Stoyanov, a manager at the Russian cybersecurity company Kaspersky Lab, was also arrested that month. Stoyanov helped coordinate investigations between the company and law enforcement, a person who used to work at the company said.

Below are some of the theories behind the Russian arrests. Lawyers for some of the accused have told The Washington Post that they can't reveal details of the case and, because of the secrecy afforded to treason cases, they don't have access to all the documents.

None of the theories below has been confirmed, nor are they mutually exclusive.

1. Links to U.S. election hacking : With attention focused on the hacking attacks against the U.S. Democratic National Committee allegedly ordered by Russian President Vladimir Putin, some Russian and U.S. media suggested that Dokuchaev and Mikhailov leaked information implicating Russia in the hack to the United States. The Russian Interfax news agency, which regularly cites government officials as sources, reported that "Sergei Mikhailov and his deputy, Dmitry Dokuchaev, are accused of betraying their oath and working with the CIA." Novaya Gazeta, a liberal, respected Russian publication, citing sources, wrote that Mikhailov had tipped off U.S. intelligence about King Servers, the hosting service used to support hacking attacks on targeted voter registration systems in Illinois and Arizona in June. That had followed reports in the New York Times, citing one current and one former government official, that "human sources in Russia did play a crucial role in proving who was responsible for the hacking."

Nakashima wrote yesterday that "the [FBI] charges are unrelated to the hacking of the Democratic National Committee and the FBI's investigation of Russian interference in the 2016 presidential campaign. But the move reflects the U.S. government's increasing desire to hold foreign governments accountable for malicious acts in cyberspace."

2. A shadowy hacking collective called Shaltai-Boltai (Humpty-Dumpty) : Also called Anonymous International, Shaltai-Boltai was responsible for leaking early copies of Putin's New Year speech and for selling off "lots" of emails stolen from Russian officials such as Prime Minister Dmitry Medvedev. In a theory first reported by the pro-Kremlin, conservative Orthodox media company Tsargrad, Mikhailov had taken control of Shaltai-Boltai, "curating and supervising" the group in selecting hacking targets. Later media reports said that the group's leader, Vladimir Anikeyev, had recently been arrested by the FSB and had informed on Mikhailov, Dokuchaev and Stoyanov. A member of the group who fled to Estonia told the Russian media agency Fontanka that they had recently acquired an FSB "coordinator," although he could not say whether it was Mikhailov. None of the hacks mentioned in the FBI indictment could immediately be confirmed as those carried out by Shaltai-Boltai.

Lawyers contacted by The Post said that in documents they had seen, there was no link to Shaltai-Boltai in the case.

3. A grudge with a cybercriminal : A Russian businessman who had specialized in spam and malware had claimed for years that Mikhailov was trading information on cybercriminals with the West. Mikhailov had reportedly testified in the case of Pavel Vrublevsky, the former head of the payment services company Chronopay, who was imprisoned in 2013 for ordering a denial of service attack on the website of Aeroflot, the Russian national airline. Vrublevsky claimed then that Mikhailov began exchanging information about Russian cybercriminals with Western intelligence agencies, including documents about Chronopay. Brian Krebs, an American journalist who investigates cybercrime and received access to Vrublevsky's emails, wrote in January : "Based on how long Vrublevsky has been trying to sell this narrative , it seems he may have finally found a buyer ."

4. Infighting at the FSB: The Russian government is not monolithic, and infighting between and within the powerful law enforcement agencies is common. The Russian business publication RBC had written that Mikhailov and Dokuchaev's Center for Information Security had been in conflict with another department with similar responsibilities, the FSB's Center for Information Protection and Special Communications. The conflict may have led to the initiation of a criminal case, the paper's sources said.

[Feb 18, 2018] Yahoo hack and Russia's cyber hacking

Feb 18, 2018 | www.businessinsider.com

As Leonid Bershidsky, founding editor of the Russian business daily publication Vedomosti, wrote in January, the dramatic arrests of two high-level FSB officers -- Sergei Mikhailov , the deputy head of the FSB's Information Security Center, and Major Dmitry Dokuchaev , a highly skilled hacker who had been recruited by the FSB -- on treason charges in December offers a glimpse into "how security agencies generally operate in Putin's Russia."

At the time of their arrest, Dokuchaev (who was one of the Russian officials indicted for the Yahoo breach) and Mikhailov had been trying to cultivate a Russian hacking group known as "Shaltai Boltai" -- or "Humpty Dumpty" -- that had been publishing stolen emails from Russian officials' inboxes, according to Russian media reports.

"The FSB team reportedly uncovered the identities of the group's members -- but, instead of arresting and indicting them, Mikhailov's team tried to run the group, apparently for profit or political gain," Bershidsky wrote. Shaltai Boltai complied, Bershidsky wrote, because it wanted to stay afloat, and didn't mind taking orders from "government structures."

"We get orders from government structures and from private individuals," Shaltai Boltai's alleged leader said in a 2015 interview. "But we say we are an independent team. It's just that often it's impossible to tell who the client is. Sometimes we get information for intermediaries, without knowing who the end client is."

It appears that Dokuchaev and Mikhailov got caught running this side project with Shaltai Boltai -- which was still targeting high-level Russian officials -- when the FSB began surveilling Mikhailov. Officials targeted Mikhailov after receiving a tip that he might have been leaking information about Russian cyber activities to the FBI, according to the Novaya Gazeta.

Short of working against Russian interests, hackers "can pursue whatever projects they want, as long as their targets are outside of Russia and they follow orders from the top when needed," said Bremmer, of Eurasia Group. The same goes for FSB officers, who are tactically allowed to "run private security operations involving blackmail and protection," according to Bershidsky.

US intelligence agencies have concluded that the hack on the Democratic National Committee during the 2016 election was likely one such "order from the top" -- a directive issued by Russian President Vladimir Putin and carried out by hackers hired by the GRU and the FSB.

It is still unclear if the Yahoo breach was directed by FSB officials at the instruction of the Kremlin, like the DNC hack, or if it was one of those "private security operations" Bershidsky alluded to that some Russian intelligence officers do on the side.

Bremmer said that it's possible the Yahoo breach was not done for state ends, especially given the involvement of Dokuchaev, who was already caught up in Shaltai Baltai's operations to steal and sell information for personal financial gain.

[Feb 17, 2018] A Brief History of the Kremlin Trolls by Scott Humor

Notable quotes:
"... Perhaps more significantly, it has more recently been claimed that members of Shaltay-Boltay have admitted to forging some parts of the correspondence that they hacked. The putative aim was to boost the profile of their group. ..."
"... Reading between the lines of this, I find more support for Scott's angle on this story. Shaltay-Boltay were indeed not hackers in a conventional sense. They were traders in an illicit information economy, and apparently weren't above fabricating that information if it would raise their profile. For the extent and nature of that fabrication, i look forward to Scott's next report! ..."
"... Out of nowhere, my gentleman acquaintance brought up the topic of the day: Russia hacking the elections. The more things change, the more they are not the same anymore. ..."
Feb 17, 2018 | thesaker.is

Scott on October 17, 2017 · at 3:03 pm UTC

to Mujo

That's what my research is about, despite Ivan Pavlov's defense denying the connection between the Shaltay-Boltay group and former FSB officers convicted for treason. https://en.crimerussia.com/gromkie-dela/defendant-in-high-treason-case-personally-detained-shaltay-boltay-s-leader-/

But that's what a good defense is for, to deny.

Treason is very serious charge that includes working for foreign governments intelligence services. I believe I have enough to prove my point, using, of course, only information openly available on the internet. However, if these people worked for SBU or Mossad, I will write about this, also.

See also, Arrested Russian FSB Agents Allegedly Passed Information to CIA

http://foreignpolicy.com/2017/01/31/arrested-russian-fsb-agents-allegedly-passed-information-to-cia-trump-putin/ https://www.cbsnews.com/news/russia-treason-fsb-spies-kaspersky-labs-us-intelligence-denies-cia-hacking/ https://www.theguardian.com/world/2017/jan/31/russian-cybersecurity-experts-face-treason-charges-cia https://www.usatoday.com/story/news/2017/01/26/report-arrested-russian-intel-officer-allegedly-spied-us/97094696/ https://www.rbth.com/politics_and_society/2017/02/02/fsb-officers-charged-with-treason-media-claim-cia-ties_693641

You wrote "(2) Why did they defect from the FSB to join the CIA? Do we have any insight on this?"

Maybe they defected, or maybe they started working there after being recruited by the foreign intelligence services. We will find out. ­

Mujo on October 18, 2017 , · at 5:58 am UTC

Scott,

Thanks for these follow-up links -- very helpful.

I also found this interview with Alexander Glazastikov (Humpty), which you have probably read:

The only member of Shaltay-Boltay left on the loose reveals details on their work

As described by various media sources, the basic story about Shaltay-Boltay is that they formed in mid-2013 to hack e-mail, social media, and data of officials and businessmen in Russia, and then sold this data for large amounts of money through the digital underground. In particular, this happened through a portal called "Exchange of Information", a kind of anonymous auction site for stolen data. Glazastikov says Shaltay-Boltay "was supposed to be a spokesman for the Anonymous International", and was created by himself, Vladimir Anikeev, and Konstantin Teplyakov.

Although most all of the Western media sources insinuate some connection between Shaltay-Boltay, the FSB officers who were arrested, and the putative "hacking" of the 2016 U.S. election, Glazastikov denies any interest in targets outside Russia.

There is also disagreement around the connection between Shaltay-Boltay and the FSB. Glazastikov says that the FSB contacted him, saying they were aware of Shaltay-Boltay's activity, and wanted to assert "control" and veto power in exchange for not arresting them. Russia Beyond claims that it was Sergei Mikhailov (FSB) who took control of Shaltay-Boltay and "received kickbacks from its founder, Vladimir Anikeyev". However, Glazastikov's testimony contradicts that of Anikeev, his lawyer (Ruslan Koblev), and Ivan Pavlov, lawyer for one of the FSB defendants, all of whom deny any working relationship between Shaltay-Boltay and the FSB.

Interestingly, Glazastikov notes that neither Anikeev nor Teplyakov had technical expertise. Moreover, Glazastikov makes it sound like even he was not primarily involved in hacking, and the "Exchange of Information" admins claim no connection with Shaltay-Boltay. For the heavy lifting, Shaltay-Boltay would use "specialized hacking sites" where they outsourced pay-to-order hacks with IT mercenaries. A target e-mail address could be hacked for a few thousand rubles. And even this, Glazastikov states, wasn't really the original idea for Shaltay-Boltay. Instead, he imagined they would be doing "advertising or administration fee".

Perhaps more significantly, it has more recently been claimed that members of Shaltay-Boltay have admitted to forging some parts of the correspondence that they hacked. The putative aim was to boost the profile of their group.

Reading between the lines of this, I find more support for Scott's angle on this story. Shaltay-Boltay were indeed not hackers in a conventional sense. They were traders in an illicit information economy, and apparently weren't above fabricating that information if it would raise their profile. For the extent and nature of that fabrication, i look forward to Scott's next report!

Internal Exile USA on October 17, 2017 , · at 4:29 pm UTC
This is incredible research, you put most YTube new journalists to shame. I hope this material makes its way into your next book. "Enemy of the State" is an instant classic full of insights on how to live life that are a soothing balm to children of the Sick West with senses of humor somewhat intact.

On the east coast of the U.S., the mundane worlds of the Masters of (their imagined) Universe can be seen fairly easily, especially if you wander into places and act like you belong there.

Regarding the kinds of people that instigate the madness you describe above: I recently had the opportunity to visit a very interesting social club that was opened to the public for one day only. Three Ivy league schools I'm sure you've heard of. On the walls upstairs were listed all the latest presidents in different colors, like red for an "H" school: Obama, Clinton, Bush II, Bush I . Kennedy John Quincy Adams, etc. I can't remember Nixon or Carter being there, but I talked to someone who's name is on another wall, and it struck me that members of this club did not hate Trump because of his manners, parents, background, politics, or alleged business acumen. Instead, they hated the fact that his name couldn't be written on their wall. It's really only acceptable to be President if you've been BMOC at Harvard.

Out of nowhere, my gentleman acquaintance brought up the topic of the day: Russia hacking the elections. The more things change, the more they are not the same anymore.

There were pictures of famous football teams from years gone by, the place had a charm but it was shabby, and the ceiling looked like sprayed styrafoam, an aesthetic disgrace that these imaginary jocks failed to appreciate. The drinks, by the way, were terrible. They must make their highballs with Minute Maid. The creativity and intelligence, not to mention taste of the West are surely at a low ebb.

[Feb 17, 2018] Empire actually don t know what Russia don t know or do know. It has to be noted that the Kremlin is very silent on this subject. May be becuase speaking of paranoiacs with mania of world domination is not such a good idea

Russia became a standard punch ball in the US political games. As in "Russia dog eat my homework."
Notable quotes:
"... This article is very important and outlines the destructive effort being done to Russia by the USA. It should be noted and clearly displayed by the psychopathic nature of USA meddling in Russian affairs. ..."
"... "With the current uproar about Russia interfering in the USA elections. It has to be noted that the Kremlin is very silent on this subject." ..."
"... It is extremely difficult and time consuming for an ordinary person to find the truth in the millions of pages on the Internet, the ordinary mushroom knowing that the MSM only serves you sh't and keeps you in the dark. ..."
"... Yea, just a common internet malpractice called spoofing, that any IT professional, especially one working in IT security, knows about. I suspected all along that most or all of this "Russian Hacking" and "Russians did it" was exactly that. ..."
Feb 17, 2018 | thesaker.is

Nick on October 16, 2017 , · at 1:06 am UTC

With the current uproar about Russia interfering in the USA elections. It has to be noted that the Kremlin is very silent on this subject. It is more important now than ever to bring forth information from Russia in exposing how serious the problem is from the USA interfering in not only Russian affairs but how the intelligence community continues unabated in interfering in most countries.

This article is very important and outlines the destructive effort being done to Russia by the USA. It should be noted and clearly displayed by the psychopathic nature of USA meddling in Russian affairs.

One has to wonder why people cannot see how the current government of the USA is totally out of control around the world.

Everything has its cycle of life and the USA is no exception to this theory. When humanity is controlled in such a fashion, by that I mean that the USA is supported by the four pillars consisting of GREED, CORRUPTION, POWER and CONTROL. They are sitting on the top of these structures and are desperately trying to maintain their grip over the world.

smr on October 16, 2017 , · at 3:01 am UTC
"With the current uproar about Russia interfering in the USA elections. It has to be noted that the Kremlin is very silent on this subject."

thank goodness! Trying to reason with drunken punks is hopeless and makes you look like a fool yourself.

Anonymous on October 16, 2017 , · at 11:02 am UTC
Perhaps the purpose is to "open Russia" to debunk those silly "Kremlin hacking" claims and give Empire more important information inside Russia. E.g how to go deep through military security defense line.

Empire actually don't know what Russia don't know or do know. Is this chess where you have to sacrifice pawn or two or even knight to secure queen and king? Or why to shoot fly with cannon?

Den Lille Abe on October 16, 2017 , · at 7:47 pm UTC
"One has to wonder why people cannot see how the current government of the USA is totally out of control around the world." end quote.

It is extremely difficult and time consuming for an ordinary person to find the truth in the millions of pages on the Internet, the ordinary mushroom knowing that the MSM only serves you sh't and keeps you in the dark. The most reliable method (not 100 % though) is the "Follow the money" method, who has to gain by this or that development, but even that can lead to false conclusions. Always count on that everyone has a hidden agenda, but watch out you are not gripped by paranoia.

MarkinPNW on October 16, 2017 , · at 2:27 am UTC
Yea, just a common internet malpractice called spoofing, that any IT professional, especially one working in IT security, knows about. I suspected all along that most or all of this "Russian Hacking" and "Russians did it" was exactly that.
Tom Welsh on October 16, 2017 , · at 4:55 am UTC
What a pathetic waste of time. American society and government are really getting very low.

And, of course, reality is actually defined as "what you cannot change by speaking about it". You can change reality, a very little bit at a time, by doing honest physical work.

[Feb 17, 2018] The only member of Shaltay-Boltay left on the loose reveals details on their work

Notable quotes:
"... Much later, in mid-2013, the idea of Shaltay-Boltay appeared. ..."
"... Anikeev had sources of information, the information itself, important and interesting one. Anikeev decided to leave the information and analytical structure for which he had been working, and start his own project. ..."
"... His role has been greatly exaggerated. He's just our mutual old friend. When we were getting significant numbers of files that had to be processed, we would ask Teplyakov to help, for a fee. We knew him and trusted him. ..."
"... Just then, I was beginning to get annoyed with the country, I decided to go to Thailand. When I started discussing this project with Anikeev, it seemed okay: you could engage in an interesting and promising business from home. What did I expect in financial terms? Definitely not the sale of arrays of information. I was rather thinking about advertising or administration fee. Lite-version. ..."
"... All the information came from Anikeev. I published the received information, perhaps, by illegal means, but I have nothing to do with how it was obtained. Yesterday, I sent a letter to the former President of Estonia Toomas Hendrik Ilves. I think by our actions, especially in 2014, when we were working on the idea, I deserved asylum in Estonia. So far no response was received. ..."
"... The Anonymous International published a lot of information from the correspondence of officials and businessmen between 2014 and 2016. Among the disclosed information was Dmitry Medvedev's hacked Twitter, and e-mail, Facebook, iPhone and iPad of owner of NewsMedia Holding Aram Gabrellyanov; e-mail and WhatsApp of TV host Dmitry Kiselev, official correspondence between the employees of "Prosecutor's Office" and the "Ministry of State Security" of the self-proclaimed Donetsk People's Republic, and a lot of other, equally interesting information. ..."
"... Before Anikeev's detention, Shaltay-Boltay also obtained the correspondence of the presidential assistant Vladislav Surkov. ..."
Feb 17, 2018 | en.crimerussia.com

St. Petersburg programmer Alexander Glazastikov, who was hiding under the mask of Shaltay-Boltay (Humpty Dumpty), hoping for a political asylum reached out to the former President of Estonia. He is the only member of Anonymous International who remains at large.

Fontanka has been chasing the last Shaltay-Boltay member for a week. One member of the mysterious hacker group, which has been leaking e-mails of businessmen and officials for three years was found in Estonia, but shied away from a direct talk.

After the news came that Anonymous International members Vladimir Anikeev, Konstantin Teplyakov, and Filinov were arrested, it was not difficult to single out their colleague Alexander Glazastikov. The 'scary hackers' themselves, as it turned out, were quite unrestrained on social networks and left striking marks on the Internet.

Five days ago, Alexander Glazastikov gave an evasive answer to the straight question sent by Fontanka via e-mail. Three days ago, he admitted to being one of the Anonymous International on condition of anonymity. Then, he agreed to an interview saying "Come to Estonia".

When, on the arranged day, a Fontanka reporter arrived to Tartu, Alexander dropped a bombshell: "I'm on my way to Tallinn: already twenty kilometers away from Tartu." He suggested: "I can wait at the gas station Valmaotsa. Drive up, let's go together." It was the offer, from which one cannot refuse. A taxi was found quickly.

When the meeting took place, the Shaltay-Boltay member, who was easily recognizable due to the photos from the web, surprised the journalist once again: he silently passed him the ignition keys from the SUV. After a question, he explained: "You will have to drive, I was drinking beer while waiting." There wasn't much of a choice, and the correspondent of Fontanka drove the hackers group member to Tallinn to meet with the crew of Dozhd TV-channel and Ksenia Sobchak. 180 kilometers and two hours of time was enough to have a decent conversation.

- Alexander, you are probably the only member of the Anonymous International who managed to remain at large. You're in Estonia, the Russian justice is far away, can I call you by your name and surname?

- Perhaps, you can. Anyway, tomorrow or the day after, I will officially reach out to the authorities for a political asylum. The FSB already knows my name.

- They know the surname. And who are you in the Anonymous International: Shaltay or Boltay?

- Shaltay, Boltay ... what a mess. Initially, when starting this project, Shaltay-Boltay was supposed to be a spokesman for the Anonymous International. Mainly, I was doing this job. Then, Anikeev started introducing himself to the reporters as Lewis and got everyone confused.

- How many people initiated the Anonymous International?

- Me, Anikeev. Teplyakov helped with some things, but purely technical aspects.

- Who is Filinov, whose arrest was reported in connection with Shaltay-Boltay?

- I don't know the man. He was not involved in the creation of the Anonymous International. I think this is Anikeev's acquaintance, who accidentally got under the press. I've heard his name for the first time, when the media wrote about his arrest.

- Have you known Anikeev and Teplyakov for a long time?

- For a long time... There was a resource called Damochka.ru. When basically no social networks existed, and VKontakte only began to emerge, everyone was on this website, it was one of the most fun projects. In the real world, meetings of the website users were held, some users just organized those parties – Dima Gryzlov, Nikolai Bondarik, and Anikeev. That's how we met. Much later, in mid-2013, the idea of Shaltay-Boltay appeared.

- How? Did you just decide that you would steal e-mails of bad people?

- Anikeev had sources of information, the information itself, important and interesting one. Anikeev decided to leave the information and analytical structure for which he had been working, and start his own project.

- Could this project be called a business?

- It depends It was assumed that the project will bring substantial financial result, but initially it was made partly out of ideological considerations.

- But Anikeev is not a hacker at all, judging by the stories of his former colleagues.

- True. If he needed to install any software on the computer, he would usually ask me to do it.

- But Teplyakov is a programmer.

- His role has been greatly exaggerated. He's just our mutual old friend. When we were getting significant numbers of files that had to be processed, we would ask Teplyakov to help, for a fee. We knew him and trusted him.

- And why did you join this project?

- Just then, I was beginning to get annoyed with the country, I decided to go to Thailand. When I started discussing this project with Anikeev, it seemed okay: you could engage in an interesting and promising business from home. What did I expect in financial terms? Definitely not the sale of arrays of information. I was rather thinking about advertising or administration fee. Lite-version.

- With a reference to the investigation, there was information that Shaltay-Boltay has a whole network of agents with special equipment, who, at places popular among local officials, steal information by creating fake Wi-Fi connections. Do you have a network?

- Complete nonsense. There were discussions about getting to know technical possibilities like this. As far as I know, and I know a lot, in fact, we didn't have it.

- Where did you get the information from, then?

- From specialized hacking sites, one can order hacking someone else's e-mail box for a few thousand rubles.

- It worked successfully. If you remember 2014 was the most fruitful year. Serious stories, serious figures, and no commerce. Strelkov, Prigozhin...

- Out of the three years that the project existed, 2014 was the most significant. I am proud of that year.

- But, from 2015, the Anonymous International has become almost a purely commercial project. How much money did you manage to earn?

- Only one or two million dollars.

- So, you are now a rich man?

- No. Most of the money was spent on operating expenses, so to speak. There were about fifty boxes in the work. Plus, there were variants in which a transaction was made not via bitcoins, but with the help of Anikeev's friends; these intermediaries could ask for two thirds of the whole amount.

- Was there anyone above you and Anikeev? For several years, people have been wondering who Shaltay-Boltay works for?

- Funny. Everyone is looking for conspiracy, but, in fact, it was a 'quick and dirty' project made by me and Anikeev. However, at some point, in the summer or in the spring of 2016, Anikeev said that some person from the FSB found us, he knew our names. Allegedly, military counterintelligence was looking for us, but the FSB found our meadow attractive and decided to take control of our petty pranks. They, supposedly, were uninterested in the commercial part of the project: the scale was much bigger, but they wanted to supervise the project and to have the veto right. Mikhailov's name was not voiced, in fact, no one's was. Nothing, actually, happened: no one used the veto right and no one leaked any information. If these mysterious people existed at all. And who turned whom in: they – Anikeev or Anikeev – them, or even third force got them all, I do not know.

- How quickly did you find out about Anikeev's arrest?

- The next morning. He sent me a selfie from Pulkovo Airport, wrote that he checked in and flies to Minsk. The next morning, it was reported that he was arrested and transported to Moscow. Given the subsequent events, it could be the game of the FSB. Then, he contacted me, convinced that he solved all the issues and now works under the control of the FSB, called in me to Russia, but I didn't believe him for some reason.

- Did Teplyakov believe?

- Teplyakov, in the summer of 2016, moved from Thailand to Kiev. He had no permanent earnings, he depended on Anikeev. When the game was on, and it was claimed that the project would continue, but he needs to come to Russia and work there under supervision, for safety reasons, as well, Teplyakov didn't have much of a choice. He went to Russia.

- Is there somewhere a chest with Shaltay-Boltay's information?

- Good question. I need to think how to respond. Well no, not really. What was sold and purchased by the clients was deleted. What was sold was fairly deleted and this information doesn't exist anymore. Perhaps, some of our customers are now concerned about this question, but what was declared, was implemented. Some operative material that we had been working on, I also deleted. Maybe a couple of screenshots were left in the trash bin, but nothing more.

- Alexander, you're going to submit a request for a political asylum. Aren't you afraid that Estonians will simply put you in a cell? In this country, they are very sensitive to computer security, and the specificity of computer crimes lies in the fact that, for committing them, one can be prosecuted in almost any country?

- My position is that I was not personally involved in the cracking of passwords and sending malicious links. To me all that information was already delivered in an open form. Yes, it was, probably, stolen...

- So were you ordering its thefts or not?

- No.

- Who did, then?

- All the information came from Anikeev. I published the received information, perhaps, by illegal means, but I have nothing to do with how it was obtained. Yesterday, I sent a letter to the former President of Estonia Toomas Hendrik Ilves. I think by our actions, especially in 2014, when we were working on the idea, I deserved asylum in Estonia. So far no response was received.

We drove to Tallinn. More and more texts came to Alexander's telephone from Dozhd TV journalists, who were preparing to shoot with Ksenia Sobchak. After leaving the car in the parking lot, we said goodbye. Alexander Glazastikov promised to inform when he receives a reply from the Estonian government.

It is to be recalled that Glazastikov's colleagues from the Anonymous International are awaiting trial in a predetention center. The law enforcement agencies arrested Vladimir Anikeev and his two probable accomplices: Konstantin Teplyakov and Alexander Filinov. The latter two were arrested as early as November 2016, and, on February 1, the judge of the Lefortovo District Court of Moscow extended their detention until April. The alleged leader of the Anonymous International, who was acting under the nickname Lewis, was arrested on January 28 after a short time spent in the company of police officers; he confessed.

All three are charged with the crimes stipulated under part 3 of Art. 272 of the Russian Criminal Code (Illegal access to legally-protected computer information, which caused a major damage or has been committed because of vested interest or committed by a group of persons by previous concert through his/her official position).

Initially, the media associated their criminal case with the investigation on the FSB staff and the manager of the Kaspersky Lab, who were accused of treason, but later, the lawyer of one of the defendants denied this information.

The Anonymous International published a lot of information from the correspondence of officials and businessmen between 2014 and 2016. Among the disclosed information was Dmitry Medvedev's hacked Twitter, and e-mail, Facebook, iPhone and iPad of owner of NewsMedia Holding Aram Gabrellyanov; e-mail and WhatsApp of TV host Dmitry Kiselev, official correspondence between the employees of "Prosecutor's Office" and the "Ministry of State Security" of the self-proclaimed Donetsk People's Republic, and a lot of other, equally interesting information.

Before Anikeev's detention, Shaltay-Boltay also obtained the correspondence of the presidential assistant Vladislav Surkov.

[Feb 17, 2018] A Brief History of the Kremlin Trolls The Vineyard of the Saker

Notable quotes:
"... Out of nowhere, my gentleman acquaintance brought up the topic of the day: Russia hacking the elections. The more things change, the more they are not the same anymore. ..."
Feb 17, 2018 | thesaker.is

Scott on October 17, 2017 · at 3:03 pm UTC

to Mujo

That's what my research is about, despite Ivan Pavlov's defense denying the connection between the Shaltay-Boltay group and former FSB officers convicted for treason. https://en.crimerussia.com/gromkie-dela/defendant-in-high-treason-case-personally-detained-shaltay-boltay-s-leader-/

But that's what a good defense is for, to deny.

Treason is very serious charge that includes working for foreign governments intelligence services. I believe I have enough to prove my point, using, of course, only information openly available on the internet. However, if these people worked for SBU or Mossad, I will write about this, also.

See also, Arrested Russian FSB Agents Allegedly Passed Information to CIA

http://foreignpolicy.com/2017/01/31/arrested-russian-fsb-agents-allegedly-passed-information-to-cia-trump-putin/ https://www.cbsnews.com/news/russia-treason-fsb-spies-kaspersky-labs-us-intelligence-denies-cia-hacking/ https://www.theguardian.com/world/2017/jan/31/russian-cybersecurity-experts-face-treason-charges-cia https://www.usatoday.com/story/news/2017/01/26/report-arrested-russian-intel-officer-allegedly-spied-us/97094696/ https://www.rbth.com/politics_and_society/2017/02/02/fsb-officers-charged-with-treason-media-claim-cia-ties_693641

You wrote "(2) Why did they defect from the FSB to join the CIA? Do we have any insight on this?"

Maybe they defected, or maybe they started working there after being recruited by the foreign intelligence services. We will find out. ­

Mujo on October 18, 2017 , · at 5:58 am UTC

Scott,

Thanks for these follow-up links -- very helpful.

I also found this interview with Alexander Glazastikov (Humpty), which you have probably read:

The only member of Shaltay-Boltay left on the loose reveals details on their work

As described by various media sources, the basic story about Shaltay-Boltay is that they formed in mid-2013 to hack e-mail, social media, and data of officials and businessmen in Russia, and then sold this data for large amounts of money through the digital underground. In particular, this happened through a portal called "Exchange of Information", a kind of anonymous auction site for stolen data. Glazastikov says Shaltay-Boltay "was supposed to be a spokesman for the Anonymous International", and was created by himself, Vladimir Anikeev, and Konstantin Teplyakov.

Although most all of the Western media sources insinuate some connection between Shaltay-Boltay, the FSB officers who were arrested, and the putative "hacking" of the 2016 U.S. election, Glazastikov denies any interest in targets outside Russia.

There is also disagreement around the connection between Shaltay-Boltay and the FSB. Glazastikov says that the FSB contacted him, saying they were aware of Shaltay-Boltay's activity, and wanted to assert "control" and veto power in exchange for not arresting them. Russia Beyond claims that it was Sergei Mikhailov (FSB) who took control of Shaltay-Boltay and "received kickbacks from its founder, Vladimir Anikeyev". However, Glazastikov's testimony contradicts that of Anikeev, his lawyer (Ruslan Koblev), and Ivan Pavlov, lawyer for one of the FSB defendants, all of whom deny any working relationship between Shaltay-Boltay and the FSB.

Interestingly, Glazastikov notes that neither Anikeev nor Teplyakov had technical expertise. Moreover, Glazastikov makes it sound like even he was not primarily involved in hacking, and the "Exchange of Information" admins claim no connection with Shaltay-Boltay. For the heavy lifting, Shaltay-Boltay would use "specialized hacking sites" where they outsourced pay-to-order hacks with IT mercenaries. A target e-mail address could be hacked for a few thousand rubles. And even this, Glazastikov states, wasn't really the original idea for Shaltay-Boltay. Instead, he imagined they would be doing "advertising or administration fee".

Perhaps more significantly, it has more recently been claimed that members of Shaltay-Boltay have admitted to forging some parts of the correspondence that they hacked. The putative aim was to boost the profile of their group.

Reading between the lines of this, I find more support for Scott's angle on this story. Shaltay-Boltay were indeed not hackers in a conventional sense. They were traders in an illicit information economy, and apparently weren't above fabricating that information if it would raise their profile. For the extent and nature of that fabrication, i look forward to Scott's next report!

Internal Exile USA on October 17, 2017 , · at 4:29 pm UTC
This is incredible research, you put most YTube new journalists to shame. I hope this material makes its way into your next book. "Enemy of the State" is an instant classic full of insights on how to live life that are a soothing balm to children of the Sick West with senses of humor somewhat intact.

On the east coast of the U.S., the mundane worlds of the Masters of (their imagined) Universe can be seen fairly easily, especially if you wander into places and act like you belong there.

Regarding the kinds of people that instigate the madness you describe above: I recently had the opportunity to visit a very interesting social club that was opened to the public for one day only. Three Ivy league schools I'm sure you've heard of. On the walls upstairs were listed all the latest presidents in different colors, like red for an "H" school: Obama, Clinton, Bush II, Bush I . Kennedy John Quincy Adams, etc. I can't remember Nixon or Carter being there, but I talked to someone who's name is on another wall, and it struck me that members of this club did not hate Trump because of his manners, parents, background, politics, or alleged business acumen. Instead, they hated the fact that his name couldn't be written on their wall. It's really only acceptable to be President if you've been BMOC at Harvard.

Out of nowhere, my gentleman acquaintance brought up the topic of the day: Russia hacking the elections. The more things change, the more they are not the same anymore.

There were pictures of famous football teams from years gone by, the place had a charm but it was shabby, and the ceiling looked like sprayed styrafoam, an aesthetic disgrace that these imaginary jocks failed to appreciate. The drinks, by the way, were terrible. They must make their highballs with Minute Maid. The creativity and intelligence, not to mention taste of the West are surely at a low ebb.

[Feb 16, 2018] A Brief History of the "Kremlin Trolls" by Scott Humor

Notable quotes:
"... Everything what we know now about the so-called "Kremlin trolls from the Internet Research Agency paid by Putin's favorite chef," came from one source, a group of CIA spies that used the mascot of Shaltay-Boltay, or Humpty-Dumpty, for their collective online persona. ..."
"... Bazzfeed also said back in 2014, that " The leak from the Internet Research Agency is the first time specific comments under news articles can be directly traced to a Russian campaign." Now, this is a very important grave mark. ..."
"... Just think about this working scheme: Shaltay-Boltay with a group of anti-government "activists" created the "Internet Research Agency," they and some "activists" created 470 FaceBook accounts used to post comments that looked unmistakably "trollish." ..."
"... After that other, CIA affiliated entities, like the entire Western Media, claimed the "Russian interference in the US election." Finally, the ODNI published a report lacking any evidence in it. ..."
"... https://www.dni.gov/files/documents/ICA_2017_01.pdf ..."
"... People from the Shaltay-Boltay group weren't hackers in the proper terms because they worked with and for the CIA. Middle-of the-road and run-of-the-mill intelligence agencies would collect and analyze information for their governments. The CIA invents information, then goes on to manufacture and forge documents in support of their invented information; they then recruit people inside other countries and other governments to claim that they "obtained" this explosive evidence. Being the dirty cops that they are, the CIA doesn't obtain and secure evidence, but instead they plant fake evidence on their victims. ..."
"... Knowing full well that the hackers who "leaked" the information about this "Agency" were arrested and successfully charged for treason because they worked for the CIA should prevent the CIA to run fake news about the entities and people they themselves made up. You would think that the matter of the "Kremlin trolls from Saint Petersburg" should be dead and buried after the arrest. The CIA and other 16 intelligence agencies should know better than to use information that is being known now as "discovered' with their "help." ..."
"... We also know everything that the CIA touches is fake. Speaking in layman's term, it's as if all those middle aged bald guys would start licking their balls while claiming to be in fulfilling relations. If it's just you, guys, there is no relations. It's just you. Deal with it! ..."
"... The United Business Registry database in Russia works according to the Federal laws, so after twelve months of inactivity a business is simply liquidated. The Internet Research Agency was liquidated in December 2016 by the government system after it been inactive for twelve month. It's inactivity implied that the company had no employees, no office, and no bank transactions for at least twelve months! ..."
"... The US is now perceived as an imperial power which has lost all sense of reality, thinking it can do anything it wants and having the rest of the world agree with it. That is simply not the case. All the anti-Russian rhetoric has done is to make Russia more popular and more mature in the eyes of the world, which now sees Vladimir Putin as a factor of stability. ..."
Oct 15, 2017 | thesaker.is

Saint Petersburg, Savushkina, 55 is the most famous office building in the world, thanks to the relentless promotion of the United States government, the CIA, FBI, and by the powers of the entire Western media, financed by Western governments. VOA, NPR, and Svoboda, by the government of the US; the BBC by the government of the UK; CNN by the governments of Saudi Arabia; the DW, by the government of Germany; and so on and so forth. You name it, they all punched time to promote this office building.

To be specific, it's not even a building, but several adjoined buildings that cover an entire city block, an urban development plan common for Saint Pete's. That's why every business here has the address of Savushkina, 55 followed by a building number. You can take a virtual tour around it, to see for yourself. The buildings are shared by several dozens of private businesses, by the local Police department, and by the newsrooms of half a dozen Russia Media sources like the FAN (Federal News Agency), the Neva News (Nevskie Novosti), Political Russia, Kharkov News Agency, publishing Ukrainian news, and others. They all are privately owned and operated and generate over 55 million unique visitors per month. Overall, several thousand people come to this building to work every morning. But you wouldn't know this by account of Western media. For over two years now, these people are being harassed and collectively branded as "THE KREMLIN TROLLS."

The building is very popular because it's located in a quiet historical neighborhood and is in walking distance from a suburban train station. It's newly renovated offices offer open floor plans with Scandinavian fleur so very appreciated by the news people. In addition, the rent for this building is less than in center city. Which is why Evgeny Zubarev, a former top editor for the RIA NEWS, choose it for his media startup. He took several offices allowing him to manage his growing media giant without wasting time to commute. Now, the FAN newsroom alone employs about 300 journalists.

This wasn't always the case.

At the beginning of 2014, the building was still under construction and renovation, when an anti-Russian government group of hackers called first "The Anonymous International" and latter "Shaltay-B0ltay" fingered it as the "Kremlin trolls' layer."

Their wordpress blog is still here. It was last updated on November 2016. Its title states: "Anonymous International. Shaltay Boltay/Press Secretary of the group. Creating reality and giving meaning to words."

November 7, 2014, Khodorkovsky, who acted as an integral part of the CIA "Kremlin trolls" Project, tweeted the picture of one of the entrances to one of the buildings saying: "Savuchkina 55. New home for bots. ID check system. Not a sign there. I won't say who took the photo."

... ... ...

The phone number on the picture 324-56-06 belongs to the commercial real estate company Praktis Consulting & Brokerage that managed the rent of offices.

Midsummer 2014, Evgeny Zubarev with his start up and several hundred journalists moved in, along with the Police department, and a slew of other businesses people. Little did they know what was to come.

The best way to get information is to make it up.

Everything what we know now about the so-called "Kremlin trolls from the Internet Research Agency paid by Putin's favorite chef," came from one source, a group of CIA spies that used the mascot of Shaltay-Boltay, or Humpty-Dumpty, for their collective online persona.

They were arrested in November 2016 and revealed as the FSB and former FSB officers . One of them even managed a security department for the Kaspersky Lab. They all were people highly skilled and educated in manipulating and creating large online databases, in any online research imagined, and the knowledge of hacking and altering databases, including those that were run by the Russian government. They weren't poor people. They weren't there for the money. They were ideologically driven. Their hatred towards Russia and its people was the motive for their actions.

At some point, Gazeta.ru, an online Russophobic publication, suggested that " Shaltai-Boltai was just a distraction meant to confuse everybody." They themselves were more concise by stating that they were working to change the reality.

Russian authorities, the courts, and the lawyers, refused to call these men hackers. There was a reason for this. They weren't so much hackers in a classic sense, as in when someone gains access to real information and copies it. This group wasn't necessarily hacking existing information, but planting information. They were creating files about fake nonexistent companies and employees, files with blurry fake paystubs, memos, emails, phone messages and so on. The fakes looked convincing, but they still were forgeries that could be easy disproved for someone who had access to the real information.

That's when the hacking took place, when the FSB agents went into government databases and created records of people and companies that didn't exist.

I think that part of the reasons why some of them got the mild sentences of three years in general security prison, and some were left free, wasn't just the fact that they agreed to collaborate with the Russian government, but also the fact that they didn't actually steal information from government officials like Medvedev and his press secretary, Nataliya Timakova, or the owner of the largest in Europe catering business, Evgeny Prigozhin. They made information up and claimed that it was real.

These guys gave a bad name to all hackers, whistleblowers, leakers and spies. Now, journalists presented with some "hacked" and leaked secrets has to think it over, less they end up with an egg on their face like journos from the Fontanka, Vedomosti and Novaya Gazeta in case of the "Kremlin's trolls."

If we accept that the Shaltay-Boltay group was working to create and distribute documents they forged, claiming that those files were "hacked," we would also understand a mysterious statement made by them to BuzzFeed.

"In email correspondence with BuzzFeed , a representative of the group claimed they were "not hackers in the classical sense."

"We are trying to change reality. Reality has indeed begun to change as a result of the appearance of our information in public ," wrote the representative, whose email account is named Shaltai Boltai, which is the Russian for tragic nursery rhyme hero Humpty Dumpty."

Bazzfeed also said back in 2014, that " The leak from the Internet Research Agency is the first time specific comments under news articles can be directly traced to a Russian campaign." Now, this is a very important grave mark.

Just think about this working scheme: Shaltay-Boltay with a group of anti-government "activists" created the "Internet Research Agency," they and some "activists" created 470 FaceBook accounts used to post comments that looked unmistakably "trollish."

After that other, CIA affiliated entities, like the entire Western Media, claimed the "Russian interference in the US election." Finally, the ODNI published a report lacking any evidence in it.

The link to their report is here, but I don't recommend you to read it. You will gain as much information by reading this report as you would by chewing on some wet newspaper. Ask my dog for details.

Assessing Russian Activities and Intentions in Recent US Elections

https://www.dni.gov/files/documents/ICA_2017_01.pdf

Only three paragraphs is interesting on the page 4:

"Russia used trolls as well as RT as part of its influence efforts to denigrate Secretary Clinton. This effort amplified stories on scandals about Secretary Clinton and the role of WikiLeaks in the election campaign.

The likely financier of the so-called Internet Research Agency of professional trolls located in Saint Petersburg is a close Putin ally with ties to Russian intelligence.

A journalist who is a leading expert on the Internet Research Agency claimed that some social media accounts that appear to be tied to Russia's professional trolls -- because they previously were devoted to supporting Russian actions in Ukraine -- started to advocate for President-elect Trump as early as December 2015."

In other words, in its report with a subtitle: "Background to "Assessing Russian Activities and Intentions in Recent US Elections": The Analytic Process and Cyber Incident Attribution" the Office of the Director of National Intelligence ODNI, is quoting the Shaltay-Boltay, a group that had been proved to work for the CIA by "creating reality."

The only reason why they don't provide us with evidence, with at least one lousy IP address with the Russian trace roots that would convincingly point at the company named the Internet Research Agency, is because this company never existed, it never had any IP addresses assigned to it that would be verifiable via third parties like RIPE network coordination and via online domain tools.

We understand that having hundreds of people working ten to twelve hours a day, as they claimed, posting hundreds messages hourly, would use huge amount of bandwidth. They would need a very fast internet connection with unlimited bandwidth that only a business can get. Inevitably, this internet connection would come with the assigned IP addresses. No internet provider would let this kind of bandwidth hog to create this kind traffic without being forced to separate them from other customers.

One example, a woman with the last name Malcheva filed a lawsuit in court against the companies "Internet Research, LLC" and "TEKA, LLC," claiming unpaid wages.

The court asked her to produce evidence of her work, and then denied her claim after she produced a photo of a computer with an IP address on its screen as evidence of her employment.

An IP address that was assigned to a luxury hotel in Saint-Petersburg. A hotel that was awarded multiple international awards for excellence. An immensely popular hotel among discriminating travelers. A very expensive hotel located in the center of a historic city. The woman claimed that she was an "online troll' working from this location ten hours a day with hundreds of other virtual trolls. The judge didn't believe her. Would you?

People from the Shaltay-Boltay group weren't hackers in the proper terms because they worked with and for the CIA. Middle-of the-road and run-of-the-mill intelligence agencies would collect and analyze information for their governments. The CIA invents information, then goes on to manufacture and forge documents in support of their invented information; they then recruit people inside other countries and other governments to claim that they "obtained" this explosive evidence. Being the dirty cops that they are, the CIA doesn't obtain and secure evidence, but instead they plant fake evidence on their victims.

By this act alone they change our current and past reality, and they change our future. They change our history by forging never existing "proof" of invented myths. They hire and train groups of military men to act as "protesters" around government buildings, while other military men from other countries shoot at unsuspected bystanders whose death allows Washington to claim the sovereign governments' wrongdoing.

CIA-operated groups arrest and kill government officials or force them to flee, like in Ukraine. They take over a couple of government buildings and declare their victory over a huge country, just like it happened in Russia in 1991 and 1993 and in Ukraine in 2005 and 2014. For some reason, they claim that governments are those people who take over a couple of buildings in one city. When in fact, our countries' governments are those people whose names we wrote on ballots, regardless of where these people are located. We don't run around like chickens with our heads cut off electing a new president every time our current president leaves the country.

Going back to the CIA's Humpty-Dumpty project that came online sometime in 2013. Why would anyone name their enterprise after such predictable failure, you might ask. Because, in the Russian alliteration, Shalti-Boltai means "shake up and brag about it" and not as in its original Carroll's version of "humping and dumping."

I went ballistic after someone retweeted me this CNN clip titled "Russia used Pokemon Go to interfere with the US elections."

I actually listened to the clip itself, in which they brought up the Internet Research Agency" from SP. Knowing full well that the hackers who "leaked" the information about this "Agency" were arrested and successfully charged for treason because they worked for the CIA should prevent the CIA to run fake news about the entities and people they themselves made up. You would think that the matter of the "Kremlin trolls from Saint Petersburg" should be dead and buried after the arrest. The CIA and other 16 intelligence agencies should know better than to use information that is being known now as "discovered' with their "help."

Because it's all fake and we know it.

We also know everything that the CIA touches is fake. Speaking in layman's term, it's as if all those middle aged bald guys would start licking their balls while claiming to be in fulfilling relations. If it's just you, guys, there is no relations. It's just you. Deal with it!

The American intelligence community cannot claim an existence of threats against America if all fingers in those "threats" are pointing back at the American intelligence community.

By stating that someone interfered with the US election using the Internet Research Agency in SP, is plainly to state that it's CIA that interfered in the American elections.

--

Let's just briefly run over the matter, before I tell you what exactly took place.

--

On September 6, 2017, Alex Stamos, a Chief Security Officer, posted a statement titled "An Update On Information Operations On Facebook":

"In reviewing the ads buys, we have found approximately $100,000 in ad spending from June of 2015 to May of 2017 -- associated with roughly 3,000 ads -- that was connected to about 470 inauthentic accounts and Pages in violation of our policies. Our analysis suggests these accounts and Pages were affiliated with one another and likely operated out of Russia."

To make sure that people including myself won't find those accounts, the FB deleted them.

"We don't allow inauthentic accounts on Facebook, and as a result, we have since shut down the accounts and Pages we identified that were still active."

That's how it's done in the US. They destroy all potential evidence while laying heavy blame on Russia. Facebook destroys evidence of "Russians crimes" while public ask them to show those evidences. This means only one thing: the pieces of evidence are pointing at something Facebook wants to protect, which is the CIA.

You see, I am not suggesting that they are lying about those accounts being real or that they "affiliated with Russia," because, if the Shaltay-Boltay group worked with people from the Soros and Khodorkovky-backed group of human rights lawyers " Team 29, " created in February 2015, then their only task, it seems, was to service the psyop of the "Internet Trolls." It looks to me like they could also coordinated the work done by those 470 FaceBook accounts while being on the territory of Russia. Considering that, it's not a complete lie for the FB to say that those accounts were "Russia affiliated" and that they were "likely operated from Russia."

Facebook also can claim with plausible deniability that they are ignorant of the fact that people behind the Internet Research Agency troll hoax are proved by the Russian court to be affiliated with the CIA, while people who have been acting as the "witnesses" to this Project are lawyers from Team 29, "human rights activists and also journalists from the Norwegian Bonnier AB owned Fontanka, Taiwan-based Novaya Gazeta, and the Latvia-based Meduza; these people are factually proven to be backed by Soros, a CIA financial branch, like a journalist who has received an award from Khodorkovsky.

The entire campaign of blaming Russia in "meddling" is being reported without ANY tangible proof that could be verified by at least two independently existing sources, that's why we should grab ANY grains of information. That's why Facebook's statement that " About one-quarter of these ads were geographically targeted, and of those, more ran in 2015 than 2016″ is very important.

Why?

Because, fake business entities known as " the Internet Research Agency ," and " the Internet Research" in the government electronic business registry, they were treated as real companies by the system . Because of their inactivity on all of their bank accounts and because no one ever filed required forms, they were automatically liquidated by the electronic system.

The United Business Registry database in Russia works according to the Federal laws, so after twelve months of inactivity a business is simply liquidated. The Internet Research Agency was liquidated in December 2016 by the government system after it been inactive for twelve month. It's inactivity implied that the company had no employees, no office, and no bank transactions for at least twelve months! The Internet Research company was liquidated on September 2, 2015 by merging with TEKA company. According to the federal business Registry TEKA was a construction retailer. I wasn't able to find any indication, like an office, phone number, names of the managers or employees, anything at all that would indicate that this company existed. Just like the Internet Research Agency and the Internet Research, TEKA existed only in the federal registry and nowhere else.

The automatic liquidation in the federal registry for inactivity explains the drop in activity on the accounts run by the Shaltay-Boltay and the others. Oh, yes, they were also hunted and on the run, out of the country. It's hard to use bank accounts to simulate activities after you have fled the country.

The Team 29, of the human rights lawyers and activists, was created in February 2015. To give to this new company some proof of reality and instant notoriety they immediately filed a lawsuit against the Internet Research company using an activist woman with a Ukrainian last name Ludmila Savchuk (Людмила Савчук) who went and filed a lawsuit against the company, claiming some unpaid wages. Her first lawsuit the judge threw out. Only after the local general prosecutor's office pressed the judge to take the case, the district court took the case and partially granted the Claimant her claim, but not the "moral damages." She wanted the money for working for the "troll factory." In essence, they wanted an official court paper that would say black on white, that there is a "troll factory" that this poor woman worked for. Without reading the file, I don't know what the judge was thinking, but she might have smelled a rat among those virtual "trolls."

This took place in August 2015, and by September 2 2015, a fake company named the "Internet Research" was liquidated by merging it, in the Business registry, with another fake entity, TEKA, that was created in spring 2015 as the construction materials retailer.

"Facebook disclosed on Wednesday that it had identified more than $100,000 worth of divisive ads on hot-button issues purchased by a shadowy Russian company linked to the Kremlin."

"Most of the 3,000 ads did not refer to particular candidates but instead focused on divisive social issues such as race, gay rights, gun control and immigration, according to a post on Facebook by Alex Stamos, the company's chief security officer. The ads, which ran between June 2015 and May 2017, were linked to some 470 fake accounts and pages the company said it had shut down."

"Facebook officials said the fake accounts were created by a Russian company called the Internet Research Agency , which is known for using "troll" accounts to post on social media and comment on news websites."

"The January intelligence report said the "likely financier" of the Internet Research Agency was "a close Putin ally with ties to Russian intelligence." The company, profiled by The New York Times Magazine in 2015, is in St. Petersburg and uses its small army of trolls to put out messages supportive of Russian government policy."

"To date, while news reports have uncovered many meetings and contacts between Trump associates and Russians, there has been no evidence proving collusion in the hacking or other Russian activities."

"While there is no direct link between the Kremlin and any of these projects -- both Surkov and Zubarev say their projects are privately funded -- the timing, scale, and coordination of these efforts are suspicious. BuzzFeed was not able to find evidence of direct government funding to the "Internet Research Agency ," the pro-Kremlin troll outlet operating out of 55 Savushkina , but they did reference a number of sources that revealed some level of involvement."

-- -

In my next study, I will provide you with more links, screenshots and translations. I will demonstrate to you how this story connects to the war on the Middle East and the international war on the Russian population of Ukraine.

--

In conclusion I just want to say that everything the United State touches turns into a warzone. The building on Savushkina, 55 in Saint Petersburg is no exception.

Multiple death threats are being directed at people who work there. Popular and excellent in their quality media outlets operating there have to hide their true location and rent a separate office across the city for their visitors, because people are simply afraid to come in.

Journalists and multiple business employees are threatened online with rape.

Threats to hang the journalists during a "protest meeting" on Oct 1, 2017

At least one case of terror attack on the office building that resulted in arson on October 26, 2016.

On Oct 26, 2016, several men threw bottles of Molotov cocktail in the windows of the Nevskie Novosti (Neva News). Luckily, no one was there but the owner of the Media conglomerate, Evgeny Zubarev, who put out the fire.

https://www.youtube.com/embed/hO02D2hOsrg

All of these, every threat, every simple lie is all on the United State government, its intelligence community, on those traitors, who are in prison now, and those who are still at large. ­


jfb on October 15, 2017 , · at 11:45 pm UTC

Finally a detailed article on this. Anyone who has read sputnik or RT during the years 2015-2016 can figure that something is wrong with those claims.

We have two media outlets truelly affiliated with the Russian government (although not completely) and they didnt produce any pro-Trump article during that period. They interviewd Jill Stein and Ron Paul several times however

Nick on October 16, 2017 , · at 1:06 am UTC
With the current uproar about Russia interfering in the USA elections. It has to be noted that the Kremlin is very silent on this subject. It is more important now than ever to bring forth information from Russia in exposing how serious the problem is from the USA interfering in not only Russian affairs but how the intelligence community continues unabated in interfering in most countries.

This article is very important and outlines the destructive effort being done to Russia by the USA. It should be noted and clearly displayed by the psychopathic nature of USA meddling in Russian affairs. One has to wonder why people cannot see how the current government of the USA is totally out of control around the world. Everything has its cycle of life and the USA is no exception to this theory.

When humanity is controlled in such a fashion, by that I mean that the USA is supported by the four pillars consisting of GREED, CORRUPTION, POWER and CONTROL. They are sitting on the top of these structures and are desperately trying to maintain their grip over the world.

_smr on October 16, 2017 , · at 3:01 am UTC
"With the current uproar about Russia interfering in the USA elections. It has to be noted that the Kremlin is very silent on this subject."

thank goodness! Trying to reason with drunken punks is hopeless and makes you look like a fool yourself.

Anonymous on October 16, 2017 , · at 11:02 am UTC
Perhaps the purpose is to "open Russia" to debunk those silly "Kreml hacking" claims and give Empire more important information inside Russia. E.g how to go deep through military security defense line.

Empire actually don't know what Russia don't know or do know. Is this chess where you have to sacrifice pawn or two or even knight to secure queen and king? Or why to shoot fly with cannon?

Den Lille Abe on October 16, 2017 , · at 7:47 pm UTC
"One has to wonder why people cannot see how the current government of the USA is totally out of control around the world." end quote.

It is extremely difficult and time consuming for an ordinary person to find the truth in the millions of pages on the Internet, the ordinary mushroom knowing that the MSM only serves you sh't and keeps you in the dark. The most reliable method (not 100 % though) is the "Follow the money" method, who has to gain by this or that development, but even that can lead to false conclusions. Always count on that everyone has a hidden agenda, but watch out you are not gripped by paranoia.

MarkinPNW on October 16, 2017 , · at 2:27 am UTC
Yea, just a common internet malpractice called spoofing, that any IT professional, especially one working in IT security, knows about. I suspected all along that most or all of this "Russian Hacking" and "Russians did it" was exactly that.
Tom Welsh on October 16, 2017 , · at 4:55 am UTC
What a pathetic waste of time. American society and government are really getting very low.

And, of course, reality is actually defined as "what you cannot change by speaking about it". You can change reality, a very little bit at a time, by doing honest physical work.

Nussiminen on October 16, 2017 , · at 2:29 pm UTC
Agreed, well put.

At the same time, it's strange they don't follow up by more imbecilic slander against Russia for Charlottesville and Las Vegas. I mean, the attention span of Ziomedia consumers is parlously narrow. The US Presidential Election should have all but faded as an event in the distant past.

B.F. on October 16, 2017 , · at 6:50 am UTC
I wonder if the US Government and Washington political establishment are aware that the rest of the world is watching them and drawing appropriate conclusions. Probably not.

What has been happening in the US during Trumps election campaign, and in the period after he became President, has left a very poor impression of the US in the eyes of the international community.

The US is now perceived as an imperial power which has lost all sense of reality, thinking it can do anything it wants and having the rest of the world agree with it. That is simply not the case. All the anti-Russian rhetoric has done is to make Russia more popular and more mature in the eyes of the world, which now sees Vladimir Putin as a factor of stability.

CrazySerb on October 16, 2017 , · at 9:15 am UTC
Scott can you elaborate , what is the cause of that hate towards Russian people?

What are the reasons to hate your own nation and the people who live there , after all you were born there and lived your whole life?
If you do not like to live there you can simply leave , Soviet Union is no more.

B.F. on October 16, 2017 , · at 3:51 pm UTC
Russia is multi ethnic. I don't think those were Russians.
Guru on November 20, 2017 , · at 8:09 am UTC
It goes back to the Bible and Tree of Knowledge. Read Ishmael by Daniel Quinn. Explains it all.
jo6pac on October 16, 2017 , · at 9:21 am UTC
Thanks Scott.
twilight on October 16, 2017 , · at 10:04 am UTC
There's only one thing you need to know about the recent election cycle in the USA- the organised force that operated on behalf of Hillary Clinton was unprecented in Human History and spent more money to get her elected than in any previous campaign- and they ***failed***.

Was there pro-Trump activity, including by soft 'unofficial' foreign sources? For sure, but it measured less than 1% of 1% of 1% of the size of the official state sanctioned efforts made by every regime of the West to get Clinton elected. The Deep State Demons, led by Tony Blair, are not angry cos Trump won, they are angry because their effort proved so impotent. After all within days of Trump winning, they got Putin to back off and thus were able to 'turn' Trump. So Trump ain't the issue- but having such 'PR' resources fail is.

We, the people, are the living 'batteries' that power the Demon's greater plans. Without our assent- even passively given- the Demons can achieve nothing major on this Planet. So the Demons battle for hearts and minds. And our support doesn't not have to be 'active' so Brits protesting against Blair's Iraq invasion in record numbers isn't a issue if the same Brits support their 'troops' after the fact and then vote Blair back into power.

Americans can think they hate Trump and Clinton- but this doesn't trouble the Deep State one whit so long as the same fools support everything Trump or Clinton do- passively or not.

Does Russia 'troll' the West officially and unofficially? Of course it does. Russia is obliged, as a major power, to do to the West what the West does to Russia. Do Russia's tiny efforts 'weigh' as much as a far far greater chunk of the efforts of the West? Of course- Russia has to be super efficient, lacking the resources of the West. Does this mean Russia was responsible for Clinton's defeat? Obviously not!

Russia reached a tiny section of self-aware US voters who already would never vote for Clinton. The vast majority of US sheeple are still fodder for the zionist press machine. They voted against Clinton because they could not stand her perfume of sulpher- they perceived correctly her rotted soul- and her "all about me" attitude. And the Clinton 'dynasty' thing was the final straw. For the 'left' to push the idea of 'royal' families was stupid beyond belief.

So why is Russia still based over its non-relevant activities at that time? Because it is always about ***now*** and not ***then***. Attacking Putin in the aftermath of Trump's election successfully got Putin to run backward, leaving Trump exposed and without powerful allies. And the Deep State just had to walk thru that open door, and 'take' Trump. So Russia showed itself very weak to name-calling. And our people show themselves likewise weak, hence this article. When you spend your time apologising and denying the 'truth' of vindictive attacks on your reputation, you look weak and start to feel weak and always on the defensive.

Want to see how this plays out- look at the RT news service. Constant attacks on RT have RT bending over backward to present a pro-Israeli narrative. The language of RT's news reports are the same language used by the BBC. The people running RT are constantly looking over their shoulder and asking themselves the question "are we fair and unbiased". Let me ask you all a question. When does the zionist press of the West ever ask itself that question?

You see the Deep State, via the racist zionists, controls 99.99% of the planet's mainstream media and 95% of the so-called indy-media (mostly via real life nazi jew Soros). It is the duty of our tiny fraction of news outlets to counter this monolith, ***not*** to worry about 'bias'.

In Britain, the jewish run government press censorship bodies that masquerade as 'independent'- the same ones that ***banned*** PressTV- constantly attack RT for not presenting 'both' sides of the story. This is the same Britain that when the jews of Israel use WW3 class weapons to holocaust the people of Gaza, insist that the BBC and ITN ***never*** interview members of the Gaza government- and give exclusive airtime to the jewish butchers so they can explain why 'sub-Human' non-jews must be slaughtered.

RT tries to mock these requirements by giving airtime to self-destruction rabid zionists whose very mouth-frothing evil helps ruin the arguments of the Deep State. It does not matter. RT is on 'borrowed time' and when things get darker in the near future, will be banned anyway.

Anyway my greater point is I don't care about the zionist press demonising of counter propaganda using false lying examples. It is their job to make our side look bad any way they can. I car about the effectiveness of our real counter propaganda- and that we engage in it powerfully, loudly and without apology. We don't have to present the arguements of the other side for 'fairness'. The other side is represented by a press machine of unprecedented size, power and reach. 100% of our efforts have to be in exposing the work and agenda of the Deep State Demons, and those that willingly ally with them, like the Friends of Israel.

bernie on October 17, 2017 , · at 3:03 am UTC
twilight is half half neither full light nor darkness. so are your writings. I admit you write very well very cunningly instilling confusion, the devil could not do it better. You may upset a few newcomers on this blog but that s' it. In fact your writings have a particular air .. . Go on until nobody takes you serious anymore.
Anonymous on October 17, 2017 , · at 4:29 am UTC
Well said.

Verbosity, generally, equates to obfuscation -- especially when implemented in a turgid, pompous style of vacuous content.

Nikkobaud on October 16, 2017 , · at 10:47 am UTC
Thanks for the detailed puncturing of this mainstream fake news balloon. But, as fake as all of the "Russian interference, Putin done it, et al" memes are, and therefore seemingly jejune and transparent propaganda psy-ops, I think their real purpose is to create a false climate, a public justification for the eventual hard censorship of internet alt-news sites for Western users. And in that they seem to be succeeding, if only, for the moment, in skewing the results of internet searches away from what are claimed to be "fake news" sites, but are, in fact, usually the real news sources, if often contradicting the mainstream party line. A fake threat is being created that will be answered by a real throttling of internet access.
Nussiminen on October 16, 2017 , · at 1:24 pm UTC
Russia shouldn't waste precious time and resources on retarded, despicable Westerners forever high on their vile, corporate mindrot. Well, I take back what I just said -- it would actually be hilarious to the n :th degree if Russia dismissed the slander on pure Western supremacist grounds:

"How the hell would a nation of backward, imbecilic, Asiatic savages like us ever be able to master anything coming out of the West (except, perhaps, pornography) ?!?"

Supreme contempt accompanied by refined amusement is unbeatable when you're dealing with Western supremacists, believe me.

oldnik007 on October 16, 2017 , · at 1:36 pm UTC
"Ask my dog for details "hilarious. well researched scott and very clear explanation.
Richard Steven Hack on October 16, 2017 , · at 3:03 pm UTC
Very nice detective work, Scott! Well done.

Rather than Putin being a mastermind controlling the world from Moscow, it seems that most bad things happening in the world are in fact being controlled out of Langley, Virginia. Which pretty much agrees with everything I've ever read about the CIA going back decades.

The US needs to disband the CIA entirely, investigate their operations and put most of the heads in jail.

Larchmonter445 on October 16, 2017 , · at 3:08 pm UTC
Scott,

Good work on this article.

Very important resource piece. Illuminating.

Thanks.

vot tak on October 16, 2017 , · at 4:27 pm UTC
With soros and khodorkovsky being israelis, this covert op involved a lot more than just some trouser droppers at the cia. It is part of a much wider israeloamerican series of covert ops against Russia. I suspect there is a whole lot more of this govno and this is just one individual op being described here.
Den Lille Abe on October 16, 2017 , · at 7:39 pm UTC
This is very disappointing to read. I have now been in sharp training , to hopefully be employed by one of these nebulous actor as a bona fide troll, posting comments with a satirical edge but always advocating this or that point of view. It is most distressing to say the least.
End of satirical part.
If this article is true, i have no choice, but to post what is my current opinion, which of course is formed by the current MSM tagline Confused ? Dont be!
The recent years have seen the rise of three letter agencies use of the internet in in their paid for masters agenda, and the truth has in fact never been further out of reach for a ordinary person.
Ohh sweet irony, 30 years ago it took searching libraries, news clippings to find the truth, but it could be done, as the smoke and diversion was only a single or few layers thick.
Not so today, with all information at hand within microseconds, the truth has never been buried deeper, the public never been more "propagandised than ever.
Anonymous on October 17, 2017 , · at 7:53 am UTC
Scott, you were right in your intuition that the Catalonia "revolution" was remindful of Maidan. Remember that Maidan video "I am Ucrainian"?
https://www.youtube.com/watch?v=Hvds2AIiWLA

Well, there is this one about Catalonia that looks and sounds very very very similar. Clearly copied from the Maidan model

Help Catalonia
https://www.youtube.com/watch?v=wouNL14tAks

Mujo on October 17, 2017 , · at 9:22 am UTC
Thanks for this article.

Perhaps somebody could help me to understand this story better.

It seems that the so-called "Kremlin trolls" were current and former FSB officers who went to work for the CIA.

Questions

(1) How do we know they worked for the CIA? Reading this article, I find numerous claims to this effect but no evidence. Did I miss something? Is there a smoking gun?

(2) Why did they defect from the FSB to join the CIA? Do we have any insight on this?

Scott on October 17, 2017 , · at 3:03 pm UTC
to Mujo

That's what my research is about, despite Ivan Pavlov's defense denying the connection between the Shaltay-Boltay group and former FSB officers convicted for treason. https://en.crimerussia.com/gromkie-dela/defendant-in-high-treason-case-personally-detained-shaltay-boltay-s-leader-/

But that's what a good defense is for, to deny.
Treason is very serious charge that includes working for foreign governments intelligence services.
I believe I have enough to prove my point, using, of course, only information openly available on the internet.
However, if these people worked for SBU or Mossad, I will write about this, also.

See also,
Arrested Russian FSB Agents Allegedly Passed Information to CIA
http://foreignpolicy.com/2017/01/31/arrested-russian-fsb-agents-allegedly-passed-information-to-cia-trump-putin/
https://www.cbsnews.com/news/russia-treason-fsb-spies-kaspersky-labs-us-intelligence-denies-cia-hacking/
https://www.theguardian.com/world/2017/jan/31/russian-cybersecurity-experts-face-treason-charges-cia
https://www.usatoday.com/story/news/2017/01/26/report-arrested-russian-intel-officer-allegedly-spied-us/97094696/
https://www.rbth.com/politics_and_society/2017/02/02/fsb-officers-charged-with-treason-media-claim-cia-ties_693641

You wrote "(2) Why did they defect from the FSB to join the CIA? Do we have any insight on this?"
Maybe they defected, or maybe they started working there after being recruited by the foreign intelligence services. We will find out.

Mujo on October 18, 2017 , · at 5:58 am UTC
Scott,

Thanks for these follow-up links -- very helpful.

I also found this interview with Alexander Glazastikov (Humpty), which you have probably read:

The only member of Shaltay-Boltay left on the loose reveals details on their work

As described by various media sources, the basic story about Shaltay-Boltay is that they formed in mid-2013 to hack e-mail, social media, and data of officials and businessmen in Russia, and then sold this data for large amounts of money through the digital underground. In particular, this happened through a portal called "Exchange of Information", a kind of anonymous auction site for stolen data. Glazastikov says Shaltay-Boltay "was supposed to be a spokesman for the Anonymous International", and was created by himself, Vladimir Anikeev, and Konstantin Teplyakov.

Although most all of the Western media sources insinuate some connection between Shaltay-Boltay, the FSB officers who were arrested, and the putative "hacking" of the 2016 U.S. election, Glazastikov denies any interest in targets outside Russia.

There is also disagreement around the connection between Shaltay-Boltay and the FSB. Glazastikov says that the FSB contacted him, saying they were aware of Shaltay-Boltay's activity, and wanted to assert "control" and veto power in exchange for not arresting them. Russia Beyond claims that it was Sergei Mikhailov (FSB) who took control of Shaltay-Boltay and "received kickbacks from its founder, Vladimir Anikeyev". However, Glazastikov's testimony contradicts that of Anikeev, his lawyer (Ruslan Koblev), and Ivan Pavlov, lawyer for one of the FSB defendants, all of whom deny any working relationship between Shaltay-Boltay and the FSB.

Interestingly, Glazastikov notes that neither Anikeev nor Teplyakov had technical expertise. Moreover, Glazastikov makes it sound like even he was not primarily involved in hacking, and the "Exchange of Information" admins claim no connection with Shaltay-Boltay. For the heavy lifting, Shaltay-Boltay would use "specialized hacking sites" where they outsourced pay-to-order hacks with IT mercenaries. A target e-mail address could be hacked for a few thousand rubles. And even this, Glazastikov states, wasn't really the original idea for Shaltay-Boltay. Instead, he imagined they would be doing "advertising or administration fee".

Perhaps more significantly, it has more recently been claimed that members of Shaltay-Boltay have admitted to forging some parts of the correspondence that they hacked. The putative aim was to boost the profile of their group.

Reading between the lines of this, I find more support for Scott's angle on this story. Shaltay-Boltay were indeed not hackers in a conventional sense. They were traders in an illicit information economy, and apparently weren't above fabricating that information if it would raise their profile. For the extent and nature of that fabrication, i look forward to Scott's next report!

Internal Exile USA on October 17, 2017 , · at 4:29 pm UTC
This is incredible research, you put most YTube new journalists to shame. I hope this material makes its way into your next book. "Enemy of the State" is an instant classic full of insights on how to live life that are a soothing balm to children of the Sick West with senses of humor somewhat intact.

On the east coast of the U.S., the mundane worlds of the Masters of (their imagined) Universe can be seen fairly easily, especially if you wander into places and act like you belong there.

Regarding the kinds of people that instigate the madness you describe above: I recently had the opportunity to visit a very interesting social club that was opened to the public for one day only. Three Ivy league schools I'm sure you've heard of. On the walls upstairs were listed all the latest presidents in different colors, like red for an "H" school: Obama, Clinton, Bush II, Bush I . Kennedy John Quincy Adams, etc. I can't remember Nixon or Carter being there, but I talked to someone who's name is on another wall, and it struck me that members of this club did not hate Trump because of his manners, parents, background, politics, or alleged business acumen. Instead, they hated the fact that his name couldn't be written on their wall. It's really only acceptable to be President if you've been BMOC at Harvard.

Out of nowhere, my gentleman acquaintance brought up the topic of the day: Russia hacking the elections. The more things change, the more they are not the same anymore.

There were pictures of famous football teams from years gone by, the place had a charm but it was shabby, and the ceiling looked like sprayed styrafoam, an aesthetic disgrace that these imaginary jocks failed to appreciate. The drinks, by the way, were terrible. They must make their highballs with Minute Maid. The creativity and intelligence, not to mention taste of the West are surely at a low ebb.

TIJAT on October 18, 2017 , · at 10:20 am UTC
Excellent article. In depth and well reported. Blows away the MSM!
Nussiminen on October 18, 2017 , · at 3:20 pm UTC
Frankly, I don't really see too big a problem with people swallowing the hogwash about "Kremlin disinformation trolls" working to undermine the West's irrepressible belief in itself. As usual, the most appropriate response amounts to contemptuous, refined amusement:

"They seem to know indeed what they are talking about -- well worth their salary for doing honest work."

If you cannot change the Weltanschau of Ziomedia addicts, then at least you're fully entitled to have some fun at the slobs' expense.

Internal Exile USA on October 19, 2017 , · at 9:20 pm UTC
Absolutely, humor is one of the best weapons around. The more pompous a person is, the more they hate being dropped down to size. Pop goes the balloon of hot air. Humor has probably woken more people up than any other method. It's not as though we have a lack of ludicrous, ridiculous material. As the inventor of this site once described, how did the people in the late-era Soviet Union fight their declining regime? Jokes.
TIAJAT on October 19, 2017 , · at 8:08 pm UTC
Awesome work, and no one has been able to post any rebuttals. Probably because they don't have any?
Colin on October 21, 2017 , · at 11:54 pm UTC
Interesting how the incorrect information masqueraded as first hand eyewitness reports by boots on the ground in St.Petersburg -- in effect 'doxxing' the Kremin's Troll Factory.
It's as though someone misinterpreted (or merely read in school misrepresentations of) Asch's conformity test results.
This was obviously aimed at those old enough to remember the Lubyanka building; fighting ghosts of the cold war in old peoples' minds, eh?

It'll probably work on political fools like Kelly (chief of staff)

yet, once wonders if the yet to be released JFK files will point directly at Russia (assuming the old intelligence communities planted evidence against russia long ago and sealed it among the other documents) and if Clinton on her book tour spreading total BS about russia and wikileaks is laying the groundwork for Trump to resurrect his mentor's McCarthyism skeletons?

I don't think they really give a rat's arse about Russia. Just read Bush's speech he gave (that the MSM blatantly lies calling it anti-racist only) about the 'cyber revolution' coming. Who the hell do you think is the second highest paid lobbyist group besides the military industrial complex? That's right, the USA's ISP companies.

Aaron Swartz must be rolling in his grave. poor guy. no way he hung himself.

Matt on October 28, 2017 , · at 12:38 pm UTC
First, I will address the author's attempted discrediting of the Shaltai Boltai hacking group, which included someone from the FSB. They released the internal communications of the St. Petersburg troll factory. Now, the author tries painting them as traitors working for the CIA, who planted fake information. This is entirely untrue. The group became infamous for its initial release of information in late 2013, and the subsequent hacks of various Kremlin insiders. Here are the other leaks they released:

Mandatory Questions for Putin's Press-conference in Austria

An internal Kremlin index of the relevant bloggers: divided into "Guards" (either official Kremlin
accounts or trusted trolls), highlighted in red or "Opposition", in yellow, or "Neutrals" in green.

Mailbox of Vera Kerova, a Kremlin PR adviser who worked closely on ensuring the Crimean referendum was a predetermined success.

Emails of Timur Prokopenko, head of the "Internal Politics" department at President Putin's administration, de facto spin-master of the Kremlin.

Emails of Kremlin employee Alexey Anisimov, one of the assistants to the Kremlin's chief of Domestic Politics Vyacheslav Volodin.

Emails of Georgi Gavrish, a former officer of the Russian embassy in Athens, and, like Dugin, at one point employed by oligarch Malofeev.

As you can see, their hacks were deep and numerous. Not once has any information they released been deemed fake. Further, the amount of information released is staggering. They could not forge the thousands of emails messages from the troll factory, or the tens of thousands of messages from the above personalities. Some emails contained entire drafts of unpublished books. And the information has indeed been corroborated. Shaltai Boltai also blackmailed some people for money, but despite this, none of their released have been proven to be fakes. Nor do they have a connection to the CIA. The FSB is known to hire former cybercriminals. That one of its employees ran such a hacking group is not surprising.

Now, here is some information on the hacked files:

https://www.buzzfeed.com/maxseddon/documents-show-how-russias-troll-army-hit-america?utm_term=.sn2B3bYRLe#.pgpO98mAj0

https://globalvoices.org/2015/03/14/russia-kremlin-troll-army-examples/

Further, the author tries claiming that the building was "for rent" in 2014 and that this means there could not have been a troll factory there. This is entirely false. The "for rent" sign was placed in some time 2013 and the troll factory moved in in 2013. By the summer of 2014, Shaltai Boltai had hacked the factory. The author also tries making some incorrect technical claims, that posting so many comments would require a huge amount of bandwith and that no ISP would allow this. This is another false argument, considering it is very easy and cheap to get high bandwith internet for businesses, which the troll factory technically is. Posting comments is not some bandwith-intensive task at all, nor is general browsing. The author also gets confused and claims that Shaltai Boltai and the CIA created those >400 troll accounts, as revealed by FB. Shaltai Boltai actually released the internal communications years before any "Russiagate" hysteria. Lastly, the author points out that there are many companies registered from the address, not just the troll factory. He then lists some of these companies and fails to note the irony of mentioning FAN. We will get to FAN news network later.

The author then states:

"This took place in August 2015, and by September 2 2015, a fake company named the "Internet Research" was liquidated by merging it, in the Business registry, with another fake entity, TEKA, that was created in spring 2015 as the construction materials retailer."

The lawyer who won Savchuk's case, Ivan Pavlov, who heads Team 29, says:

"Meanwhile, the company has changed its name to Teka, Pavlov said. It also has moved its legal headquarters, although the trolling operation remains in a large gray building north of the St. Petersburg city center, near the head of the Gulf of Finland."

This is what investigative journalist Andrei Zakharov, who works for the business media group RBC, says (he has written numerous articles investigating the finances of the troll factory):

"They have a lot of legal entities, and they still, I think, change it every year or every two years."

Another company at 55 Savushkina Street is Glavset, whose director general has the same name as the boss of IRA. Glavset lists the "creation and use of databases and information resources" as well as the "development of computer software, advertising services and information placement services" among its activities. It was listed as a company in the Russian legal entities registry in February 2015. A short time later, it began advertising for staff on a headhunting site (hh.ru). One post looking for a copywriter says the job involves "writing diverse texts for the Internet and content for social networks." The posting offered a salary of 30,000 rubles a month (then a little over $500) and said experience was unnecessary. Recruits would work with a team of "young and enthusiastic colleagues" in "a comfortable and stylish office," according to the posting. Source: https://www.washingtonpost.com/world/asia_pacific/the-notorious-kremlin-linked-troll-farm-and-the-russians-trying-to-take-it-down/2017/10/06/c8c4b160-a919-11e7-9a98-07140d2eed02_story.html

As you can see, the fact that the company continually changes names and merges is to obscure its existence and make it difficult to find out more information about it.
After the troll factory's emails were hacked, various journalists contacted the trolls using their leaked email addresses, to get interviews. One such journalist was the NYT's Adrian Chen:

http://www.nytimes.com/2015/06/07/magazine/the-agency.html

It's a lengthy piece, but I suggest everyone read it. It also mentions the "FAN news network", mentioned by the author. This is another entity created to obscure the existence of the troll factory. Several other interviews were published, by Western and Russian sources:

http://www.telegraph.co.uk/news/worldnews/europe/russia/11656043/My-life-as-a-pro-Putin-propagandist-in-Russias-secret-troll-factory.html

http://www.theguardian.com/world/2015/apr/02/putin-kremlin-inside-russian-troll-house

https://www.rferl.org/a/russia-trolls-headquarters-media-internet-insider-account/26904157.html

Let's assume that all this is fake, including all the troll factory emails and that the interviews were conducted by the biased Western media outlets, using CIA actors or something. What about the Russian media? Did they report on this too? Indeed, they did:

http://mr7.ru/articles/112478/

The above is a local, St. Petersburg-based media outlet and they released several documents from the troll factory, given to them by a former employee. Are they lying too?

RBC, one of Russia's most respected business news outlets, ran a story about the troll factory and its funders, this April. The story focused on restaurateur Evgeny Prigozhin, a close friend of Putin, responsible for the financing of the St. Petersburg troll factory:

http://www.rbc.ru/magazine/2017/04/58d106b09a794710fa8934ac?from=subject

Just today, they released this:

https://meduza.io/en/news/2017/10/17/russian-journalists-publish-massive-investigation-into-st-petersburg-troll-factory-s-u-s-operations

They also revealed the names of two highly popular troll accounts: an anti-Clinton FaceBook group with 140,000 subscribers, called "Secure Borders", and a right-wing Twitter account called Tea Party News, with 22,000 followers. It's my hypothesis that FaceBook used these accounts to find other accounts, as there were some of the first accounts suspended. This wasn't the only Russian media article about the troll factory or its wealthy funder. One of the very first articles about the troll factory was published in 2013, by Novaya Gazeta, one of Russia's oldest opposition papers:

https://globalvoices.org/2013/06/21/the-kremlins-kitchen-serves-up-russias-free-press/

TV Rain also recently interviewed a former troll:

https://tvrain.ru/teleshow/reportazh/oni_sdelali_video_kak_negr_zanimaetsja-448671/

Is it likely that RBC, NG, MR7, and TV Rain are also lying?

Lastly, there are several examples of the troll factory getting caught red-handed:

http://www.theepochtimes.com/n3/2002774-fake-video-of-american-shooting-a-quran-traced-to-russian-propaganda-agency/

https://globalvoices.org/2015/07/13/open-source-information-reveals-pro-kremlin-web-campaign/

https://globalvoices.org/2014/11/19/fake-ukrainian-news-websites-run-by-russian-troll-army-offshoots/

https://globalvoices.org/2015/12/22/massive-livejournal-troll-network-pushes-pro-kremlin-narratives/

In conclusion, the author was unable to prove that the leaked correspondence is fake, ignores the mountain of evidence proving the existence of the troll factory, blames, without evidence, the CIA for being behind all this, and tries using faulty logic to disprove the existence of the troll factory. He also is confused about the troll factory's continuous morphing. Lastly, he tries linking the drop in leaking activity by Shaltai Boltai with the troll factory's merging into other entities. The two things are completely unrelated, since the troll factory changes its name every year or so, and has gone by many names. I find it hard to believe that a Russian speaker like the author could make so many mistakes and leave out the above information. I don't even understand Russian, yet, even I addressed the mountain of evidence from the RuNet regarding the troll factory. We have thousands of messages from the factory, leaked not just by Shaltai Boltai, but local news outlets from St. Petersburg, who received the documents from a former employee. We have numerous interviews from the American, Russian, British, and German media of not just one person (which the author tries smearing due to her Ukrainian last name), but countless other former employees. Conveniently, the author ignores them.

Matt on November 17, 2017 , · at 12:15 pm UTC
It's been a few weeks, but no response to my post. I would very much appreciate one. Thank you.
David on January 09, 2018 , · at 3:42 pm UTC
You say that an alleged Russian troll farm moved into that building in 2014?

Hmm. The USA had a $200 million troll farm program already in 2010. And the difference between the existence of the US' far larger troll farm program than anything that has been alleged of Russia, is that the US troll farm program is confirmed to exist, and was confirmed, in comprehensive detail, to exist by the US government years before any allegations that Russia might be doing something similar existed.

In fact, I suppose that you could be one of the US' paid social media propaganda trolls, Matt. After all, they are everywhere, these days -- and have been for getting close to a decade, now.

http://www.nbcnews.com/id/29040299/ns/us_news-military/
http://russia-insider.com/en/ny-times-frets-about-russian-propaganda-ignores-massive-troll-farms-run-america-and-its-allies
https://www.cbsnews.com/news/so-why-does-the-air-force-want-hundreds-of-fake-online-identities-on-social-media-update/
http://www.businessinsider.com/ndaa-legalizes-propaganda-2012-5
http://russia-insider.com/en/us-prepares-lavishly-funded-anti-russia-propaganda-and-troll-army/ri21805
http://russia-insider.com/en/yet-another-us-govt-agency-spending-big-spread-foreign-policy-lies-gec/ri22087

And here is a particularly good article that details the US' social media troll farm program, as it was already in 2010.

https://www.theguardian.com/technology/2011/mar/17/us-spy-operation-social-networks

" According to publicized 2011 USA Central Command documents and contracts which detailed the program, the USA has by far the world's largest cyber-army, and contracts companies to set up and pay people to post in social media "around the world," "using fake online personas to influence internet conversations and spread pro-American propaganda "the software could allow US service personnel, working around the clock in one location, to respond to emerging online conversations with any number of co-ordinated messages, blogposts, chatroom posts and other interventions .The discovery that the US military is developing false online personalities -- known to users of social media as "sock puppets" -- could also encourage other governments, private companies and non-government organisations to do the same."

Basically, if the Russian government is paying posters to post in social media, they got the idea from the USA government (and Israel, which admitted paying social media trolls during their 2008 -- 2009 war against Gaza), which was publicly broadcasting that it was doing the same thing years earlier, and with a budget in the hundreds of millions of dollars.

Since then, a lot of countries have copies the US and Israel's pioneering of social media troll farms, and today Israel, the US, the UK, Ukraine, Poland etc.

http://www.newsweek.com/35000-volunteers-sign-ukraines-information-army-first-day-310121
https://sputniknews.com/analysis/201710111058132063-poland-cyber-army-analysis/

Matt on January 09, 2018 , · at 6:59 pm UTC
Hello David,

I already know about those links. First, none of them prove the U.S. has troll farms to target countries. Those links only discuss writing in foreign languages to fight Jihadist propaganda online. But no evidence of the U.S. hiring people to post messages on Russian forums, for example.

"In fact, I suppose that you could be one of the US' paid social media propaganda trolls, Matt."

Hmm, strange ad hominem. I never insulted you, so I don't understand.

David on January 09, 2018 , · at 9:43 pm UTC
Hello again Matt,

"Those links only discuss writing in foreign languages to fight Jihadist propaganda online"

With the USA having the largest known troll farm budget and operation in the world, and using the phrase "around the world" to describe the scope of its social media propaganda, it is simple logic that the US is targeting everybody with their propaganda. But, the links I gave are certainly not exclusive to countering jihadist propaganda, with the US government's own description of its social media propaganda program being focused on social media "around the world", and with some of the links I gave explicitly focus on Russia-targeting efforts, while others involve targeting US citizens with domestic propaganda.

http://russia-insider.com/en/us-prepares-lavishly-funded-anti-russia-propaganda-and-troll-army/ri21805
http://russia-insider.com/en/politics/meet-brig-gen-joel-harding-natos-ziggy-stardust-and-his-spiders-mars/ri16367
http://russia-insider.com/en/politics/brig-gen-joel-harding-natos-teen-porn-addict-and-troll-king-extraordinaire-part-ii/ri16368

Also, the US spends $50 -- $100 million a year just targeting Russia with propaganda in general. And that's only what's on the public books (the real figure could be much higher):

http://freewestmedia.com/2017/09/23/foreign-governments-spend-millions-to-influence-russian-elections/

The USAF probably is not involved in countering pro-jihad propaganda:

https://www.cbsnews.com/news/so-why-does-the-air-force-want-hundreds-of-fake-online-identities-on-social-media-update/

One of the US' social media troll farms is operated by Ntrepid, near L.A. ( https://ntrepidcorp.com/ ). Do you expect they're working on countering jihad propaganda? Personally, I doubt that.

Another US security company that was seeking a troll farm contract from the US government was HBGary ( https://en.wikipedia.org/wiki/HBGary ) -- a company that had a record of conducting social media disinformation campaigns and cyber attack on behalf of US corporations and in support of US government interests.

Now, why would the US government have made propaganda directed against US citizens legal ( http://www.businessinsider.com/ndaa-legalizes-propaganda-2012-5 ), if the US government's only purpose was to counter pro-jihad messages, notably those in countries in the Middle East? Obviously, the US government's propaganda programs are not only, or even mostly about countering pro-jihad messaging, but feature comprehensive social media propagandizing against many targets.

Proving this, the purpose stated in the National Defense Authorization Act for Fiscal Year 2017, for the US' Global Engagement Center, says:

http://russia-insider.com/en/yet-another-us-govt-agency-spending-big-spread-foreign-policy-lies-gec/ri22087

"The purpose of the Center shall be to lead, synchronize, and coordinate efforts of the Federal Government to recognize, understand, expose, and counter foreign state and non-state propaganda and disinformation efforts aimed at undermining United States national security interests."

That does not limit the US' social media propaganda to countering jihadist, but specifically includes propaganda against states.

Also, the phrasing of the US government, calling its own propaganda 'countering propaganda', is itself propaganda, and trying to white-wash the US' hefty international offensive propaganda programs as something noble and just, and the targets of those programs as being deserving of being propagandized against. That rationalizing is by no means an honest description, being just hubris and arrogance.

At any rate, all the details make it clear that the US is committing social media propaganda not just against jihad groups, but also against its own citizens, against Russia, and against the world, in general.

And if there was still any doubt about this (though I think there shouldn't be), then look at the US' own description of its goals in conducting social media propaganda:

https://www.theguardian.com/technology/2011/mar/17/us-spy-operation-social-networks

"using fake online personas to influence internet conversations and spread pro-American propaganda."

Pro-USA propaganda is not countering-jihad propaganda. Those are completely different subjects, and the stated goal of the social media propaganda program that the US government detailed on a US government jobs site in 2010 was to bias internet conversation by spreading pro-USA propaganda. I imagine that a lot of that work is done in Western news sites, and on Facebook targeting English audiences. Maybe some of that work involves targeting Russian audiences, too. It probably does.

Countering jihadist propaganda is only one facet of the US' comprehensive social media propaganda programs.

The Washington Post also explains some Russia-targeting propaganda efforts by the US government:

https://www.washingtonpost.com/business/economy/effort-to-combat-foreign-propaganda-advances-in-congress/2016/11/30/9147e1ac-e221-47be-ab92-9f2f7e69d452_story.html

"The initiative grows out of a bill authored in March by Portman and Sen. Chris Murphy (D-Conn.) called the "Countering Foreign Propaganda and Disinformation Act." It initially sprang from a desire to help independent journalists and nongovernmental organizations in European nations such as Ukraine, Moldova and Serbia, which face a heavy tide of Russian propaganda."

Once again, calling setting up a propaganda program a propaganda-countering program is white-washing what it is. Propaganda is propaganda. And the US had Russia-targeting propaganda long before this 2016 initiative, and that initiative is just one more Russia-targeting propaganda endeavour of the US.

"Hmm, strange ad hominem. I never insulted you, so I don't understand."

Is it necessarily ad hominem? My point is that I think it's fact that people playing the apologist for US social media propaganda, or insisting that a geopolitical rival of the US is conducting this type of propaganda, could be a US paid propaganda troll. I think that the US pays propaganda trolls to do. That's how the same messaging that many like yourself constantly push sounds when the roles are reversed -- and if the public were more informed, they'd know the roles actually are reversed since before any of the Russophobic hysteria was even gestating.

David on January 11, 2018 , · at 8:16 pm UTC
Hi again, Matt,

A new article from today shows that the US' Pentagon is seeking social media bot AI to monitor and post US propaganda in social media discussions.

https://www.rt.com/usa/415609-us-army-ai-language-bot/

I believe I've shown in the information that I posted above that the US is running large-scale troll farms to spam pro-US propaganda in social media around the world. But a statement made in the RT article by former Mi-5 agent, Annie Machon, parallels my own thinking when I read the article's title:

" the timing to me is interesting, because for sure the West has been running these so-called troll farms against other countries as well for a long time, so are they just trying to expand their operations by developing this new software? Or are they trying to disingenuously suggest to people that actually they haven't done it before and only the Big Bad Russians, or the Big Bad Chinese, have run troll farms."

I think that the US government is trying to retro-actively legitimatize their social media bots and paid propaganda trolls, but that this stuff that the US government is now publicly broadcasting has been happening for a very long time.

And there is evidence of it in the 2011 Guardian article, which details US social media propaganda software from 2010:

https://www.theguardian.com/technology/2011/mar/17/us-spy-operation-social-networks

" the software could allow US service personnel, working around the clock in one location, to respond to emerging online conversations with any number of co-ordinated messages, blogposts, chatroom posts and other interventions. Details of the contract suggest this location would be MacDill air force base near Tampa, Florida, home of US Special Operations Command."

So, the US government's troll farms have been, for many years, attacking social media with specialized software enabling them to facilitate tag-teaming comments sections, to make it appear as though multiple people agree with the pro-US propaganda, when in-fact it could be just 5 puppet account belonging to one paid US propaganda troll, or, it could be multiple paid US propaganda trolls, using their special software to tag-team one comments section.

We do know that the US is targeting US media with its troll farm program, as the US government did specifically change US laws in 2011 to make propagandizing against US citizens legal. And I strongly suspect that I have personally encountered US paid propaganda trolls multiple times when posting at US news sites.

I suspect that Ars Technica is one particular target that paid US propaganda trolls have been targeting and staking out over the past few years. There has been definite tag-teaming of BS US propaganda there whenever there's an attack article about Russia -- and Ars has run many, many fanatical, hysterical, and conspiracy attack pieces against Russia in the previous few years (most relying on now heavily-debunked information, and wild hypothesis, while pushing it as though fact).

Other details of the US' social media troll farm program reveal that the US goes to great lengths to disguise its paid trolls, and to provide "powerful deniability".

"It also calls for "traffic mixing", blending the persona controllers' internet usage with the usage of people outside Centcom in a manner that must offer "excellent cover and powerful deniability"."

" US-based controllers should be able to operate false identities from their workstations "without fear of being discovered by sophisticated adversaries"."

So, paid US propaganda trolls are not going to admit to what they're doing, and they're rather going to point to their identity as having robust background "evidence" that they're normal people, that they're IP is located somewhere else, that there are multiple people saying the same thing as they are when it's just one, or a few paid US propaganda trolls tag-teaming a comments section, using multiple puppet accounts each, and with VPNs to make their puppet accounts appear as though they're posting from various different places in the US, and around the world.

I would also like to bring attention to this part of the 2011 The Guardian article:

"Centcom said it was not targeting any US-based web sites, in English or any other language, and specifically said it was not targeting Facebook or Twitter."

That article was made regarding information on the US' social media propaganda program as it was in 2010.

But the US government changed its law to make using the same propaganda against US citizens legal, in 2011 -- 2012: http://www.businessinsider.com/ndaa-legalizes-propaganda-2012-5

So, if the US troll farm programs weren't targeting US citizens at the time those initial details were uncovered, it was only because it was, at the time, illegal for the US government to target the citizens of the US with propaganda. But that was changed around 2012, and so comments that the US government is not targeting US citizens no longer apply, as they're out-dated.

[Feb 16, 2018] Moscow charges ex-FSB Kaspersky staff with treason 'in interests of US' lawyer

Notable quotes:
"... "treason in favor of the US," ..."
"... "There is no mention of the CIA at all. [The entity] in question is the US, not the CIA," ..."
"... 'Shaltai Boltai' ..."
"... "no personnel changes" ..."
Feb 01, 2017 | www.rt.com

Two senior FSB officers and a high-level manager of Russia's leading cybersecurity firm Kaspersky Lab are facing official charges of treason in the interests of the US, a lawyer representing one of the defendants has confirmed to Interfax. Ruslan Stoyanov, head of Kaspersky Lab's computer incidents investigations unit, Sergey Mikhailov, a senior Russian FSB officer, and his deputy Dmitry Dokuchayev are accused of "treason in favor of the US," lawyer Ivan Pavlov said on Wednesday, as cited by Interfax. Read more © Michael Weber / Global Look Press 70mn cyberattacks, mostly foreign, targeted Russia's critical infrastructure in 2016 – FSB

Pavlov chose not to disclose which of the defendants he represents, adding, however, that his client denies all charges.

The charges against the defendants do not imply they were cooperating with the CIA, Pavlov added. "There is no mention of the CIA at all. [The entity] in question is the US, not the CIA," he stressed, according to TASS.

The lawyer maintained the court files included no mention of Vladimir Anikeev, an alleged leader of 'Shaltai Boltai', a hacking group that previously leaked emails from top Russian officials, including Prime Minister Dmitry Medvedev.

The hacking group's name was in the news earlier in January, when Russian media reports linked Mikhailov and Dokuchayev to 'Shaltai Boltai' . In an unsourced article last Wednesday, Rosbalt newspaper claimed Mikhailov's unit was ordered in 2016 to work with the group.

Kremlin spokesman Dmitry Peskov told RIA Novosti on Wednesday the treason charges do not relate to the US suspicions of Russia being behind the alleged cyberattacks on the 2016 presidential elections. He added that President Vladimir Putin is receiving regular updates on the current investigation.

Russian media reports said Mikhailov was arrested during a conference of top FSB leadership. He was reportedly escorted out of the room with a bag placed over his head. His deputy, Dokuchayev, is said to be a well-known hacker who allegedly began cooperating with the FSB several years ago. Kaspersky Lab manager Stoyanov was also placed under arrest several weeks ago.

Stoyanov is still employed by Kaspersky Lab, the company told RIA Novosti later on Wednesday, adding there were "no personnel changes" at this point.

Treason charges mean that the defendants could be handed a sentence of up to 20 years in prison. The treason charges also mean any trial will not be public due to its sensitive nature.

[Dec 28, 2017] How CrowdStrike placed malware in DNC hacked servers by Alex Christoforou

Highly recommended!
If this is true, then this is definitely a sophisticated false flag operation. Was malware Alperovich people injected specifically designed to implicate Russians? In other words Crowdstrike=Fancy Bear
Images removed. For full content please thee the original source
One interesting corollary of this analysis is that installing Crowdstrike software is like inviting a wolf to guard your chicken. If they are so dishonest you take enormous risks. That might be true for some other heavily advertized "intrusion prevention" toolkits. So those criminals who use mistyped popular addresses or buy Google searches to drive lemmings to their site and then flash the screen that they detected a virus on your computer a, please call provided number and for a small amount of money your virus will be removed get a new more sinister life.
I suspected many of such firms (for example ISS which was bought by IBM in 2006) to be scams long ago.
Notable quotes:
"... Disobedient Media outlines the DNC server cover-up evidenced in CrowdStrike malware infusion ..."
"... In the article, they claim to have just been working on eliminating the last of the hackers from the DNC's network during the past weekend (conveniently coinciding with Assange's statement and being an indirect admission that their Falcon software had failed to achieve it's stated capabilities at that time , assuming their statements were accurate) . ..."
"... To date, CrowdStrike has not been able to show how the malware had relayed any emails or accessed any mailboxes. They have also not responded to inquiries specifically asking for details about this. In fact, things have now been discovered that bring some of their malware discoveries into question. ..."
"... there is a reason to think Fancy Bear didn't start some of its activity until CrowdStrike had arrived at the DNC. CrowdStrike, in the indiciators of compromise they reported, identified three pieces of malware relating to Fancy Bear: ..."
"... They found that generally, in a lot of cases, malware developers didn't care to hide the compile times and that while implausible timestamps are used, it's rare that these use dates in the future. It's possible, but unlikely that one sample would have a postdated timestamp to coincide with their visit by mere chance but seems extremely unlikely to happen with two or more samples. Considering the dates of CrowdStrike's activities at the DNC coincide with the compile dates of two out of the three pieces of malware discovered and attributed to APT-28 (the other compiled approximately 2 weeks prior to their visit), the big question is: Did CrowdStrike plant some (or all) of the APT-28 malware? ..."
"... The IP address, according to those articles, was disabled in June 2015, eleven months before the DNC emails were acquired – meaning those IP addresses, in reality, had no involvement in the alleged hacking of the DNC. ..."
"... The fact that two out of three of the Fancy Bear malware samples identified were compiled on dates within the apparent five day period CrowdStrike were apparently at the DNC seems incredibly unlikely to have occurred by mere chance. ..."
"... That all three malware samples were compiled within ten days either side of their visit – makes it clear just how questionable the Fancy Bear malware discoveries were. ..."
Dec 28, 2017 | theduran.com

Of course the DNC did not want to the FBI to investigate its "hacked servers". The plan was well underway to excuse Hillary's pathetic election defeat to Trump, and CrowdStrike would help out by planting evidence to pin on those evil "Russian hackers." Some would call this entire DNC server hack an "insurance policy."

... ... ...

[Oct 09, 2017] Masquerading Hackers Are Forcing a Rethink of How Attacks Are Traced

Oct 09, 2017 | theintercept.com

The growing propensity of government hackers to reuse code and computers from rival nations is undermining the integrity of hacking investigations and calling into question how online attacks are attributed, according to researchers from Kaspersky Lab.

In a paper set for release today at the Virus Bulletin digital security conference in Madrid , the researchers highlight cases in which they've seen hackers acting on behalf of nation-states stealing tools and hijacking infrastructure previously used by hackers of other nation-states. Investigators need to watch out for signs of this or risk tracing attacks to the wrong perpetrators, the researchers said.

Threat researchers have built an industry on identifying and profiling hacking groups in order to understand their methods, anticipate future moves, and develop methods for battling them. They often attribute attacks by "clustering" malicious files, IP addresses, and servers that get reused across hacking operations, knowing that threat actors use the same code and infrastructure repeatedly to save time and effort. So when researchers see the same encryption algorithms and digital certificates reused in various attacks, for example, they tend to assume the attacks were perpetrated by the same group. But that's not necessarily the case.

... ... ...

Intelligence agencies and military hackers are uniquely positioned to trick researchers through code and tool reuse because of something they do called fourth-party collection. Fourth-party collection can encompass a number of activities, including hacking the machine of a victim that other hackers have already breached and collecting intelligence about the hackers on that machine by stealing their tools. It can also involve hacking the servers the hackers use to launch their assaults. These machines sometimes store the arsenal of malicious tools and even source code that the attackers use for their attacks. Once the other group's tools and source code are stolen, it's easy to go a step further and reuse them.

"Agency A could steal another agency's source code and leverage it as their own. Clustering and attribution in this case begin to fray," wrote Juan Andrés Guerrero-Saade, principal security researcher with Kaspersky, and his colleague, Costin Raiu, who leads Kaspersky's global research and analysis team.

"[O]ur point in the paper was: This is what it would look like [if someone were to do a false-flag operation] and these are the cases where we've seen people trying and failing," said Guerrero-Saade.

The recent WannaCry ransomware outbreak is an obvious example of malware theft and reuse. Last year, a mysterious group known as the Shadow Brokers stole a cache of hacking tools that belonged to the National Security Agency and posted them online months later. One of the tools -- a so-called zero-day exploit, targeting a previously unknown vulnerability -- was repurposed by the hackers behind WannaCry to spread their attack. In this case, it was easy to make a connection between the theft of the NSA code and its reuse with WannaCry, because the original theft was well-publicized. But other cases of theft and reuse won't likely be so obvious, leaving researchers in the dark about who is really conducting an attack.

"[I]f a superpower were to break fully into, let's say, the DarkHotel group tomorrow and steal all of their code and have access to all of their [command-and-control infrastructure], we're not going to find out about that monumental event," Guerrero-Saade told The Intercept, referring to a hacker group that has conducted a series of sophisticated attacks against guests in luxury hotels . "At that point, they're in a position to mimic those operations to a T without anyone knowing."

[Jul 04, 2017] Foisting Blame for Cyber-Hacking on Russia by Gareth Porter

Notable quotes:
"... Recent hearings by the Senate and House Intelligence Committees reflected the rising tide of Russian-election-hacking hysteria and contributed further to it. Both Democrats and Republicans on the two committees appeared to share the alarmist assumptions about Russian hacking, and the officials who testified did nothing to discourage the politicians. ..."
"... The Department of Homeland Security (DHS) has a record of spreading false stories about alleged Russian hacking into US infrastructure , such as the tale of a Russian intrusion into the Burlington, Vermont electrical utility in December 2016 that DHS later admitted was untrue. There was another bogus DHS story about Russia hacking into a Springfield, Illinois water pump in November 2011. ..."
"... So, there's a pattern here. Plus, investigators, assessing the notion that Russia hacked into state electoral databases, rejected that suspicion as false months ago. Last September, Assistant Secretary of DHS for Cybersecurity Andy Ozment and state officials explained that the intrusions were not carried out by Russian intelligence but by criminal hackers seeking personal information to sell on the Internet. ..."
"... Illinois is the one state where hackers succeeded in breaking into a voter registration database last summer. The crucial fact about the Illinois hacking, however, was that the hackers extracted personal information on roughly 90,000 registered voters, and that none of the information was expunged or altered. ..."
"... "Any time you more carefully monitor a system you're going to see more bad guys poking and prodding at it," he observed, " because they're always poking and prodding." [Emphasis added] ..."
"... Reagan further revealed that she had learned from the FBI that hackers had gotten a user name and password for their electoral database, and that it was being sold on the "dark web" – an encrypted network used by cyber criminals to buy and sell their wares. In fact, she said, the FBI told her that the probe of Arizona's database was the work of a "known hacker" who had been closely monitored "frequently." ..."
"... The sequence of events indicates that the main person behind the narrative of Russian hacking state election databases from the beginning was former FBI Director James Comey. In testimony to the House Judiciary Committee on Sept. 28, Comey suggested that the Russian government was behind efforts to penetrate voter databases, but never said so directly. ..."
"... The media then suddenly found unnamed sources ready to accuse Russia of hacking election data even while admitting that they lacked evidence. The day after Comey's testimony ABC headlined , "Russia Hacking Targeted Nearly Half of States' Voter Registration Systems, Successfully Infiltrating 4." The story itself revealed, however, that it was merely a suspicion held by "knowledgeable" sources. ..."
"... But that claim of a "likely" link between the hackers and Russia was not only speculative but highly suspect. The authors of the DHS-ODNI report claimed the link was "supported by technical indicators from the US intelligence community, DHS, FBI, the private sector and other entities." They cited a list of hundreds of I.P. addresses and other such "indicators" used by hackers they called "Grizzly Steppe" who were supposedly linked to Russian intelligence. ..."
"... But the highly classified NSA report made no reference to any evidence supporting such an attribution. The absence of any hint of signals intelligence supporting its conclusion makes it clear that the NSA report was based on nothing more than the same kind of inconclusive "indicators" that had been used to establish the original narrative of Russians hacking electoral databases. ..."
"... Russian intelligence certainly has an interest in acquiring intelligence related to the likely outcome of American elections, but it would make no sense for Russia's spies to acquire personal voting information about 90,000 registered voters in Illinois. ..."
Jul 04, 2017 | original.antiwar.com
Cyber-criminal efforts to hack into U.S. government databases are epidemic, but this ugly reality is now being exploited to foist blame on Russia and fuel the New Cold War hysteria

Recent hearings by the Senate and House Intelligence Committees reflected the rising tide of Russian-election-hacking hysteria and contributed further to it. Both Democrats and Republicans on the two committees appeared to share the alarmist assumptions about Russian hacking, and the officials who testified did nothing to discourage the politicians.

On June 21, Samuel Liles, acting director of the Intelligence and Analysis Office's Cyber Division at the Department of Homeland Security, and Jeanette Manfra, acting deputy under secretary for cyber-security and communications, provided the main story line for the day in testimony before the Senate committee - that efforts to hack into election databases had been found in 21 states.

Former DHS Secretary Jeh Johnson and FBI counterintelligence chief Bill Priestap also endorsed the narrative of Russian government responsibility for the intrusions on voter registration databases.

But none of those who testified offered any evidence to support this suspicion nor were they pushed to do so. And beneath the seemingly unanimous embrace of that narrative lies a very different story.

The Department of Homeland Security (DHS) has a record of spreading false stories about alleged Russian hacking into US infrastructure , such as the tale of a Russian intrusion into the Burlington, Vermont electrical utility in December 2016 that DHS later admitted was untrue. There was another bogus DHS story about Russia hacking into a Springfield, Illinois water pump in November 2011.

So, there's a pattern here. Plus, investigators, assessing the notion that Russia hacked into state electoral databases, rejected that suspicion as false months ago. Last September, Assistant Secretary of DHS for Cybersecurity Andy Ozment and state officials explained that the intrusions were not carried out by Russian intelligence but by criminal hackers seeking personal information to sell on the Internet.

Both Ozment and state officials responsible for the state databases revealed that those databases have been the object of attempted intrusions for years. The FBI provided information to at least one state official indicating that the culprits in the hacking of the state's voter registration database were cyber-criminals.

Illinois is the one state where hackers succeeded in breaking into a voter registration database last summer. The crucial fact about the Illinois hacking, however, was that the hackers extracted personal information on roughly 90,000 registered voters, and that none of the information was expunged or altered.

The Actions of Cybercriminals

That was an obvious clue to the motive behind the hack. Assistant DHS Secretary Ozment testified before the House Subcommittee on Information Technology on Sept. 28 ( at 01:02.30 of the video ) that the apparent interest of the hackers in copying the data suggested that the hacking was "possibly for the purpose of selling personal information."

Ozment 's testimony provides the only credible motive for the large number of states found to have experienced what the intelligence community has called "scanning and probing" of computers to gain access to their electoral databases: the personal information involved – even e-mail addresses – is commercially valuable to the cybercriminal underworld.

That same testimony also explains why so many more states reported evidence of attempts to hack their electoral databases last summer and fall. After hackers had gone after the Illinois and Arizona databases, Ozment said, DHS had provided assistance to many states in detecting attempts to hack their voter registration and other databases.

"Any time you more carefully monitor a system you're going to see more bad guys poking and prodding at it," he observed, " because they're always poking and prodding." [Emphasis added]

State election officials have confirmed Ozment's observation. Ken Menzel, the general counsel for the Illinois Secretary of State, told this writer, "What's new about what happened last year is not that someone tried to get into our system but that they finally succeeded in getting in." Menzel said hackers "have been trying constantly to get into it since 2006."

And it's not just state voter registration databases that cybercriminals are after, according to Menzel. "Every governmental data base – driver's licenses, health care, you name it – has people trying to get into it," he said.

Arizona Secretary of State Michele Reagan told Mother Jones that her I.T. specialists had detected 193,000 distinct attempts to get into the state's website in September 2016 alone and 11,000 appeared to be trying to "do harm."

Reagan further revealed that she had learned from the FBI that hackers had gotten a user name and password for their electoral database, and that it was being sold on the "dark web" – an encrypted network used by cyber criminals to buy and sell their wares. In fact, she said, the FBI told her that the probe of Arizona's database was the work of a "known hacker" who had been closely monitored "frequently."

James Comey's Role

The sequence of events indicates that the main person behind the narrative of Russian hacking state election databases from the beginning was former FBI Director James Comey. In testimony to the House Judiciary Committee on Sept. 28, Comey suggested that the Russian government was behind efforts to penetrate voter databases, but never said so directly.

Comey told the committee that FBI Counterintelligence was working to "understand just what mischief Russia is up to with regard to our elections." Then he referred to "a variety of scanning activities" and "attempted intrusions" into election-related computers "beyond what we knew about in July and August," encouraging the inference that it had been done by Russian agents.

The media then suddenly found unnamed sources ready to accuse Russia of hacking election data even while admitting that they lacked evidence. The day after Comey's testimony ABC headlined , "Russia Hacking Targeted Nearly Half of States' Voter Registration Systems, Successfully Infiltrating 4." The story itself revealed, however, that it was merely a suspicion held by "knowledgeable" sources.

Similarly, NBC News headline announced, "Russians Hacked Two US Voter Databases, Officials Say." But those who actually read the story closely learned that in fact none of the unnamed sources it cited were actually attributing the hacking to the Russians.

It didn't take long for Democrats to turn the Comey teaser - and these anonymously sourced stories with misleading headlines about Russian database hacking - into an established fact. A few days later, the ranking Democrat on the House Intelligence Committee, Rep. Adam Schiff declared that there was "no doubt" Russia was behind the hacks on state electoral databases.

On Oct. 7, DHS and the Office of the Director of National Intelligence issued a joint statement that they were "not in a position to attribute this activity to the Russian government." But only a few weeks later, DHS participated with FBI in issuing a "Joint Analysis Report" on "Russian malicious cyber activity" that did not refer directly to scanning and spearphishing aimed of state electoral databases but attributed all hacks related to the election to "actors likely associated with RIS [Russian Intelligence Services]."

Suspect Claims

But that claim of a "likely" link between the hackers and Russia was not only speculative but highly suspect. The authors of the DHS-ODNI report claimed the link was "supported by technical indicators from the US intelligence community, DHS, FBI, the private sector and other entities." They cited a list of hundreds of I.P. addresses and other such "indicators" used by hackers they called "Grizzly Steppe" who were supposedly linked to Russian intelligence.

But as I reported last January, the staff of Dragos Security, whose CEO Rob Lee, had been the architect of a US government system for defense against cyber attack, pointed out that the vast majority of those indicators would certainly have produced "false positives."

Then, on Jan. 6 came the "intelligence community assessment" – produced by selected analysts from CIA, FBI and National Security Agency and devoted almost entirely to the hacking of e-mail of the Democratic National Committee and Hillary Clinton's campaign chairman John Podesta. But it included a statement that "Russian intelligence obtained and maintained access to elements of multiple state or local election boards." Still, no evidence was evinced on this alleged link between the hackers and Russian intelligence.

Over the following months, the narrative of hacked voter registration databases receded into the background as the drumbeat of media accounts about contacts between figures associated with the Trump campaign and Russians built to a crescendo, albeit without any actual evidence of collusion regarding the e-mail disclosures.

But a June 5 story brought the voter-data story back into the headlines. The story, published by The Intercept, accepted at face value an NSA report dated May 5, 2017 , that asserted Russia's military intelligence agency, the GRU, had carried out a spear-phishing attack on a US company providing election-related software and had sent e-mails with a malware-carrying word document to 122 addresses believed to be local government organizations.

But the highly classified NSA report made no reference to any evidence supporting such an attribution. The absence of any hint of signals intelligence supporting its conclusion makes it clear that the NSA report was based on nothing more than the same kind of inconclusive "indicators" that had been used to establish the original narrative of Russians hacking electoral databases.

A Checkered History

So, the history of the US government's claim that Russian intelligence hacked into election databases reveals it to be a clear case of politically motivated analysis by the DHS and the Intelligence Community. Not only was the claim based on nothing more than inherently inconclusive technical indicators but no credible motive for Russian intelligence wanting personal information on registered voters was ever suggested.

Russian intelligence certainly has an interest in acquiring intelligence related to the likely outcome of American elections, but it would make no sense for Russia's spies to acquire personal voting information about 90,000 registered voters in Illinois.

When FBI Counterintelligence chief Priestap was asked at the June 21 hearing how Moscow might use such personal data, his tortured effort at an explanation clearly indicated that he was totally unprepared to answer the question.

"They took the data to understand what it consisted of," said Priestap, "so they can affect better understanding and plan accordingly in regards to possibly impacting future election by knowing what is there and studying it."

In contrast to that befuddled non-explanation, there is highly credible evidence that the FBI was well aware that the actual hackers in the cases of both Illinois and Arizona were motivated by the hope of personal gain.

Gareth Porter, an investigative historian and journalist specializing in US national security policy, received the UK-based Gellhorn Prize for journalism for 2011 for articles on the U.S. war in Afghanistan. His new book is Manufactured Crisis: the Untold Story of the Iran Nuclear Scare . He can be contacted at porter.gareth50@gmail.com . Reprinted from Consortium News with the author's permission.

Read more by Gareth Porter Why Afghanistan? Fighting a War for the War System Itself – June 13th, 2017 The Kissinger Backchannel to Moscow – June 4th, 2017 Will Trump Agree to the Pentagon's Permanent War in Iraq, Afghanistan and Syria? – May 14th, 2017 US 'Deep State' Sold Out Counter-Terrorism To Keep Itself in Business – April 23rd, 2017 New Revelations Belie Trump Claims on Syria Chemical Attack – April 14th, 2017

View all posts by Gareth Porter

[Jun 24, 2017] Obama Ordered Cyberweapons Implanted Into Russias Infrastructure by Jason Ditz

Jun 23, 2017 | news.antiwar.com

Former Official: Implants Designed to 'Cause Them Pain and Discomfort'

A new report from the Washington Post today quoted a series of Obama Administration officials reiterating their official narrative on Russia's accused hacking of the 2016 election. While most of the article is simply rehashes and calls for sanctions, they also revealed a secret order by President Obama in the course of "retaliation" for the alleged hacking.

This previously secret order involved having US intelligence design and implant a series of cyberweapons into Russia's infrastructure systems, with officials saying they are meant to be activated remotely to hit the most important networks in Russia and are designed to " cause them pain and discomfort ."

The US has, of course, repeatedly threatened "retaliatory" cyberattacks against Russia, and promised to knock out broad parts of their economy in doing so. These appear to be the first specific plans to have actually infiltrate Russian networks and plant such weapons to do so.

Despite the long-standing nature of the threats, by the end of Obama's last term in office this was all still in the "planning" phases. It's not totally clear where this effort has gone from there, but officials say that the intelligence community, once given Obama's permission, did not need further approval from Trump to continue on with it, and he'd have actually had to issue a countermanding order, something they say he hasn't.

The details are actually pretty scant on how far along the effort is, but the goal is said to be for the US to have the ability to retaliate at a moment's notice the next time they have a cyberattack they intend to blame on Russia.

Unspoken in this lengthy report, which quotes unnamed former Obama Administration officials substantially, advocating the effort, is that in having reported that such a program exists, they've tipped off Russia about the threat.

This is, however, reflective of the priority of the former administration, which is to continuing hyping allegations that Russia got President Trump elected, a priority that's high enough to sacrifice what was supposed to be a highly secretive cyberattack operation.

[Jun 03, 2017] Putin hits on false flag operation to implicate Russians

Notable quotes:
"... "The most important this is that we don't do that on government level," he said. "Secondly, I can imagine that some purposefully does that, building the chain of these attacks in a way to make it seem that Russia is the source of these attacks. Modern technology allows to do that quite easily." ..."
"... On high level like in case of Iranian hacks only state actors can operate. But they are not needed with such suckers like completely incompetent and arrogant Hillary. Here anybody suffice and that can be "lesser states" hostile to Russia (such as Ukraine, or Estonia) or even the USA agencies themselves (false flag operation) ..."
"... The level of incompetence demonstrated by "bathroom server" saga is simply staggering, to say the least: State Department essentially is as close to a security agency as one could get: they took over some former CIA functions ("color revolutions" is one such function) and generally they work in close cooperation. And this close cooperation is typical not only for the USA. But here we have a server in comparison with which many colleges email server installations are paragons of security. ..."
Jun 02, 2017 |

http://www.cnn.com/2017/06/01/politics/russia-putin-hackers-election/index.html

It contain even more important quote about how Russia can be intentionally framed:

While he maintained Thursday that the Russian government wasn't behind the attacks, he said hackers anywhere could make their efforts appear like they came from the state.

"The most important this is that we don't do that on government level," he said. "Secondly, I can imagine that some purposefully does that, building the chain of these attacks in a way to make it seem that Russia is the source of these attacks. Modern technology allows to do that quite easily."

And there is some evidence in favor of his hypothesis

1. On high level like in case of Iranian hacks only state actors can operate. But they are not needed with such suckers like completely incompetent and arrogant Hillary. Here anybody suffice and that can be "lesser states" hostile to Russia (such as Ukraine, or Estonia) or even the USA agencies themselves (false flag operation)

The level of incompetence demonstrated by "bathroom server" saga is simply staggering, to say the least: State Department essentially is as close to a security agency as one could get: they took over some former CIA functions ("color revolutions" is one such function) and generally they work in close cooperation. And this close cooperation is typical not only for the USA. But here we have a server in comparison with which many colleges email server installations are paragons of security.

And her staff incompetence was also simply amazing. IMHO they all were criminally incompetent.

To hack such idiots for state actors is highly unusual -- they instantly suspect that this is a mousetrap, so called honeypot.

2. As for "gullible Podesta" he was such a joke that it hurts; this idiot (with very strange inclinations) did not even managed to buy a $15 USB security key that Google provides for two factor authentication.

https://arstechnica.com/security/2014/10/google-offers-usb-security-key-to-make-bad-passwords-moot/

Here too "state actor" would think that this is a trap. To give up password for nothing. For the "grey cardinal" of DNC ? You are kidding.

2. Doublethink demonstrated in this case suggest nefarious goals. Of course, Hillary bathroom server hacks are disputed. Both by Hillary and MSM :-). Who simultaneously are convinced about DNC hacks ;-).

This is really from 1984: "Doublethink is the act of simultaneously accepting two mutually contradictory beliefs as correct, often in distinct social contexts." (Wikipedia)

3. There is a more plausible version about DNC "hack", which is swiped under the rag. That it was actually a leak, not hack and it involves Seth Rich. Here it is even more probably that Russian are framed. Nobody in MSM wants to touch this theme. How one would explain such a lack interest to what is really sensational material? By the State Department talking points?

4. Also now we know that CIA can imitate attack of any state actor including Russia, China or North Korea. They have special tools for this. So if one puts such a name as "Felix Edmundovich Dzerzhinsky" ( https://en.wikipedia.org/wiki/Felix_Dzerzhinsky ) into malware this is clearly not a Russian. Can be Polish hacker. Can well be some guy from Langley with perverse sense of humor ;-). BTW Alperovitch, the head of the company CrowdStrike, to which investigation of DNC hack was mysteriously outsourced (see below) never asked himself this simple question.

5. Another interesting fact is that investigation of "DNC hack" was outsourced by FBI to a shady company run by Dmitry Alperovitch ( https://en.wikipedia.org/wiki/Dmitri_Alperovitch )

Can you imagine that ? We need to assume that FBI does not have specialists, so FBI decided to use a "headlines grabber" type of security company to perform this important for national security investigation:

https://www.linkedin.com/pulse/crowdstrike-needs-address-harm-causedukraine-jeffrey-carr

Cue bono from such a decision? That is the question :-)

IMHO this action alone raises serious questions both about Comey and the whole DNC hack story (I like the term "Fancy Bear" that Alperovitch used; this bear might reside well outside of Russia and in reality be a panda or even a skunk :-)

6. Hacking is a simply perfect ground for false flag operations. So in any objective investigation this hypothesis needs to be investigated. Nobody even tried to raise this question. Even once. Including honchos in Congress. Which for an independent observer increases probability that this might well be a false flag operation with a specific purpose.

All-in-all we have more questions then answers here. So jumping to conclusions and resulting witch hunt of the US media and the behavior of some US officials is really suspicious.

[Jun 03, 2017] Putin Hackers may be 'patriots' but not working for Russian government

Jun 03, 2017 | www.cnn.com
In comments to reporters at the St. Petersburg Economic Forum, Putin likened hackers to "artists," who could act on behalf of Russia if they felt its interests were being threatened. "(Artists) may act on behalf of their country, they wake up in good mood and paint things. Same with hackers, they woke up today, read something about the state-to-state relations. "If they are patriotic, they contribute in a way they think is right, to fight against those who say bad things about Russia," Putin said. Putin: We didn't hack US election Russia has repeatedly denied involvement in any attempts to influence November's US Presidential election. When asked directly whether Russia interfered in the election, Putin said in March: "Read my lips: No." He also described the allegations as "fictional, illusory, provocations and lies." Derek Chollet, senior adviser of the German Marshall Fund of the US, told CNN's Brian Todd that's not true. "The US intelligence community in January concluded with high confidence that Vladimir Putin ordered an influence campaign to try to shape the US election. And part of that influence campaign were hackers. This is Putin trying to obfuscate and blur what is the reality." US-Russia investigation

While he maintained Thursday that the Russian government wasn't behind the attacks, he said hackers anywhere could make their efforts appear like they came from the state. "The most important this is that we don't do that on government level," he said. "Secondly, I can imagine that some purposefully does that, building the chain of these attacks in a way to make it seem that Russia is the source of these attacks. Modern technology allows to do that quite easily." However, he said that even if hackers did intervene it's unlikely they could swing a foreign election. "No hacker can affect an electoral campaign in any country, be it Europe, Asia or America." "I'm certain that no hackers can influence an electoral campaign in another country. It's just not going to settle on the voter's mind, on the nation's mind," he added. CNN's Fareed Zakaria said Putin's remarks on the hacking mirror what Putin said when Russia seized Ukraine's Crimea region. "If you remember, when the invasion of Crimea and the destabilization of eastern Ukraine took place, Vladimir Putin said, 'I don't know who these people are ... it seems there are patriotically minded Ukrainians and Russians who want the Crimea to be part of Russia," Zakaria said.

[Jun 03, 2017] Putins remark looks like a valid observation about a very dangerous phenomena -- State actors can provoke non-state actors in cyberspace and vice versa, non-state actors can provoke state actors. As a result the spiral of confrontation can start unwinding uncontrollably.

Jun 03, 2017 | economistsview.typepad.com

EMichael -

, June 02, 2017 at 08:28 AM
"(Artists) may act on behalf of their country, they wake up in good mood and paint things. Same with hackers, they woke up today, read something about the state-to-state relations.
"If they are patriotic, they contribute in a way they think is right, to fight against those who say bad things about Russia," Putin said.
libezkova - , June 02, 2017 at 09:24 PM
This is a complex issues and some considerations below are gross simplifications and should be viewed as such. But the key question is: can "hacking wars" eventually lead to the nuclear war due to interplay between state and non-state actors?

As Paul Craig Roberts recently observed "The most important truth of our time is that the world lives on the knife-edge of the American military/security complex's need for an enemy in order to keep profits flowing."

So the main danger here is that cyber attacks which were made "to keep profits flowing" (including false flag operating; hacking a perfect field for false flag operations) can provoke a real war, which can escalate into nuclear exchange. Especially if one side thinks that it can intercept the missiles from the other.

So Putin's remark looks like a valid observation about a very dangerous phenomena -- State actors can provoke non-state actors in cyberspace and vice versa, non-state actors can provoke state actors. As a result the spiral of confrontation can start unwinding uncontrollably.

Hostile action like the current McCarthyism witch hunt against Russia provokes reaction, including unanticipated from non-state actors. Some now really inclined to hack the US servers.

Similarly US hackers now are more inclined to hack Russian servers.

Which provokes another reaction, but now from the state actors. As a result money are flowing into appropriate coffers, which was the key idea from the start.

[May 08, 2017] Another Leaks about emails, this time about Macron

Notable quotes:
"... to be fair though, those emails leaks seem totally dull. I browsed what I could, it's just generic staff chat, campaign bills to pay, bills to make, yadda yadda Whoever got the mail passwords few months ago must have waited for something juicy to land and since nothing really interesting came up, they're just posting the whole stock as is. Won't make the slightest difference on sunday. ..."
"... Exactly. I wouldnt be surprised if its Macron team itself that leaked this dull, uninportant stuff to show that "russians have interfered". ..."
"... Macron won 1st step with the intense fear campaign spammed on our heads during 6 months. I know plenty reasonable people who voted Macron while they hardly can stand his program, because they were told hundreds times he was the "best choice" to beat Le Pen. ..."
"... That's so absurd Macron got the most votes last sunday AND at the same time got the LOWEST "adhesion" (adherence ? not sure in english) rate of all 11 candidates, basically nearly half of "his" voters put the bulletin with his name for reasons that have nothing to do with him. ..."
"... Macron's dirty secrets according to The Duran: http://theduran.com/breaking-macron-emails-lead-to-allegations-of-drug-use-homosexual-adventurism-and-rothschild-money/ ..."
"... That all the evils in western society are the fault of the external bogeyman. Putin, ISIS Refugees, Asian footwear makers, whatever. ..."
"... Is that your services & politicians Would never pull a false leak or a controlled leak or a limited hangout. That they are angels that sit on their hands. ..."
"... These two underpin the absolute lunacy we have seen unfold before our eyes. An extraordinarily dangerous situation to be in which is getting worse fast. ..."
May 08, 2017 | www.moonofalabama.org
Jean | May 6, 2017 8:32:33 AM | 10
Another Leaks about emails, this time about Macron. The difference is that nobody is allowed to publish any part of it by the electoral commission (15,000 euros fine). No doubt there will be a huge crackdown on alt media once he gets elected.

France is an occupied country, much more than the US

http://theduran.com/breaking-macron-email-hacking-shows-that-free-speech-is-dead-in-france/

roflmaousse | May 6, 2017 8:43:48 AM | 12
to be fair though, those emails leaks seem totally dull. I browsed what I could, it's just generic staff chat, campaign bills to pay, bills to make, yadda yadda Whoever got the mail passwords few months ago must have waited for something juicy to land and since nothing really interesting came up, they're just posting the whole stock as is. Won't make the slightest difference on sunday.
Anon | May 6, 2017 8:52:27 AM | 13
roflmaousse

Exactly. I wouldnt be surprised if its Macron team itself that leaked this dull, uninportant stuff to show that "russians have interfered".

roflmaousse | May 6, 2017 9:04:11 AM | 14
@jen : what possibility ? none
Macron won 1st step with the intense fear campaign spammed on our heads during 6 months. I know plenty reasonable people who voted Macron while they hardly can stand his program, because they were told hundreds times he was the "best choice" to beat Le Pen. And that's it. They probably don't fully believe it, but the doubt was hammered deep in their mind, and they won't take the (imaginary) risk to appear the on "wrong" side of history and be shamed for years... And the same thing will obviously happen tomorrow.

That's so absurd Macron got the most votes last sunday AND at the same time got the LOWEST "adhesion" (adherence ? not sure in english) rate of all 11 candidates, basically nearly half of "his" voters put the bulletin with his name for reasons that have nothing to do with him.

Anon | May 6, 2017 4:10:36 PM | 46
Lol the french regime now warn people not to spread the leak... apparently that is a "criminal offense"!

https://tinyurl.com/m7a37ew

You cant make this stuff up! Censorship is here and accepted, scary.

Mina | May 6, 2017 6:55:59 PM | 57
Californian leak? Who cares, the msm have already blamed the ruskies all day
james | May 6, 2017 7:02:12 PM | 58
@46 anon.. that macron leak story has legs! i like what some guy on twitter said - "Amazing that the French government and media now stand as enemies of freedom of speech." who whudda thunk it? lol... remind anyone of any other countries?
Mina | May 6, 2017 7:06:12 PM | 59
So cute from the bbc that he doesnt want to reveal the contents of the leak although nothing obliges it to

http://www.bbc.com/news/world-europe-39830379

Anon | May 7, 2017 3:09:11 AM | 63
Indeed, Macron is basically married to his mother already in a way: Macron married to a 24 year older wife
https://www.thestar.com/life/2017/04/27/french-presidential-candidates-older-wife-only-scandalous-to-the-rest-of-the-world-timson.html
Shakesvshav | May 7, 2017 4:02:44 AM | 64
Macron's dirty secrets according to The Duran: http://theduran.com/breaking-macron-emails-lead-to-allegations-of-drug-use-homosexual-adventurism-and-rothschild-money/
Mina | May 7, 2017 4:16:59 AM | 65
Well well well... you know... its France... le pen's mother made nacked pictures for french playboy when she divorced the father... another one is on x... just pawns.
Mina | May 7, 2017 5:07:56 AM | 66
The MSM are going to be embarassed with the leaks. On one side they keep referring to the Ruskies and Trump, and on the other no one among the Western politicians has a B plan in case Trump continues to wreck havoc (and he will).

Next week, he goes to KSA before Israel and since the Saudi prince said it would be 'historical' we can bet KSA will announce the recognizance of Israel
Then step 2 will be to say Syria and Iran: you recognize or we turn you to Somalia.
And where will Junker, Hollande, Macron and co go then?

(as for Le Pen she's not a suggestion; she's been changing her views almost every week except on the fate she reserves to gypsies, latest she went to explain the Zionist lobby that she supports the colonies)
http://www.lexpress.fr/actualite/politique/fn/comment-marine-le-pen-cherche-a-seduire-la-communaute-juive_1777887.html
http://www.alterinfo.net/LE-PEN-DRAGUE-LES-ELECTEURS-JUIFS-JUSQU-EN-ISRAEL_a129982.html

Mina | May 7, 2017 5:29:38 AM | 67
even Wikileaks says the metadata is full of cyrillic. clumsiness or the will to point towards the usual culprits?
not sure if Hollande has really turned into a Machiavel but that sounds like him
b | May 7, 2017 1:07:26 PM | 93

Sài Gòn Séamus @SaiGonSeamus on the Macron "leaks":

None of it makes sense, yet everyone laps it up like mother's milk. This is the 1st of these leaks to have obvious forgeries in it.

The release date makes no sense, there appears to be nothing damaging in it, the speed at which the trusties found the Cyrillic metadata says they were looking for it / told where to look / not looking for damaging material.

The sheer scale of the breach from what must be the closely monitored mail server in political history.

None of it adds up if you look at it with an open mind. This is dangerous slavish behavior from infosec, the media and public. If you will swallow this hook, line & sinker then your parliaments need more fire extinguishers

Everything is based on two enormous falacies.

1. That all the evils in western society are the fault of the external bogeyman. Putin, ISIS Refugees, Asian footwear makers, whatever. That the Trumps, Le Pens, Farages are not a native virus.

2. Is that your services & politicians Would never pull a false leak or a controlled leak or a limited hangout. That they are angels that sit on their hands.

These two underpin the absolute lunacy we have seen unfold before our eyes. An extraordinarily dangerous situation to be in which is getting worse fast.

Mina | May 7, 2017 1:13:27 PM | 94
mediapart commenting the macronleaks: no ref to the contents or to wikileaks has having decided to host the files.
b | May 7, 2017 1:17:29 PM | 95
Did Macron Outsmart Campaign Hackers? - While it's still too early to tell, so far the big document dump by hackers of the Macron campaign has not been damaging.
"You can flood these [phishing] addresses with multiple passwords and log-ins, true ones, false ones, so the people behind them use up a lot of time trying to figure them out," Mounir Mahjoubi, the head of Macron's digital team, told The Daily Beast for its earlier article on this subject.

In the end, whoever made the dump may not have known what is real and what is false, which would explain in part the odd timing. After the disruptive revelations of the Democratic National Committee hacks in the United States, the public is conditioned to think that if there's a document dump like this, it has to be incriminating. By putting it out just before the news blackout, when Macron cannot respond in detail, the dump becomes both the medium and the message.
...

[Apr 21, 2017] Americas Cyberwar Hypocrisy

Apr 21, 2017 | www.foreignaffairs.com

Today's cyberbattles could almost make one nostalgic for the Cold War . The nuclear arms race created a sense of existential threat, but at least it was clear who had the weapons. In contrast, a cyberattack could be the work of almost anyone. After hackers broke into the U.S. Democratic National Committee's servers in 2016 and released e-mails embarrassing to the DNC's leadership, the Republican presidential candidate Donald Trump said the attacker could be China, Russia, or "somebody sitting on their bed that weighs 400 pounds."

U.S. intelligence officials have said that the attack did indeed come from Russia , which Trump later acknowledged . But Trump's comment underscored a larger problem with cyberwarfare: uncertainty. How does a government respond to an invisible attacker, especially without clear rules of engagement? How can officials convince other governments and the public that they have fingered the right suspects? How can a state prevent cyberattacks when without attribution, the logic of deterrence-if you hit me, I'll hit you back-no longer applies? Two recent books delve into these questions. Dark Territory , by Fred Kaplan, and The Hacked World Order , by Adam Segal, lay out the history of cybersecurity in the United States and explain the dangers that future digital conflicts might pose. Both authors also make clear that although Americans and U.S. institutions increasingly feel themselves to be in the cross hairs of hackers and other cybercriminals, the United States is itself a powerful aggressor in cyberspace.

In 2014 alone, the United States suffered more than 80,000 cybersecurity breaches.

In the future, the United States must use its cyberpower judiciously. Every conflict poses the risk that one party will make a mistake or overreact, causing things to veer out of control. When it comes to cyberwar, however, the stakes are particularly high for the United States, as the country's technological sophistication makes it uniquely vulnerable to attack.

Iranian President Mahmoud Ahmadinejad visits the Natanz nuclear enrichment facility, April 2008.

Iranian President Mahmoud Ahmadinejad visits the Natanz nuclear enrichment facility, April 2008.

CYBER-SUPERPOWER

The dramatic headlines surrounding Russia's alleged hacking of the DNC and attempts to spread misinformation online during the U.S. election may have reinforced the perception among Americans that the United States is primarily a victim of cyber-intrusions. It's not. In Dark Territory , Kaplan details the United States' long history of aggression in cyberspace. It's not easy to write an engaging book on cyberwar, and Kaplan, a national security columnist at Slate , has done an admirable job. He presents a clear account of the United States' evolution into a formidable cyberpower, guiding the reader through a thicket of technical details and government acronyms.

It turns out that the U.S. govern ment has been an aggressor for over a quarter century. Kaplan describes "counter command-control warfare"-attempts to disrupt an enemy's ability to control its forces-that goes back to the Gulf War in 1990–91. At a time when U.S. President George H. W. Bush had never used a computer, the National Security Agency (NSA) was employing a secret satellite to monitor the conversations of Iraqi President Saddam Hussein and his generals, which sometimes revealed the positions of Iraqi soldiers.

The United States flexed its digital muscles again in the late 1990s, when Serbs in Bosnia and Herzegovina were protesting the presence of NATO soldiers enforcing the 1995 Dayton peace agreement, which had ended the Bosnian war. U.S. officials learned that local newscasters were telling protesters when and where to gather and even instructing them to throw rocks at NATO soldiers. It turned out that 85 percent of Serbs got their television broadcasts from just five transmission towers. U.S. officials, working with the NATO-led stabilization force, or SFOR, installed devices on those five transmitters that allowed SFOR engineers to turn them on and off remotely. Whenever a newscaster began urging people to protest, the engineers shut off the transmitters.

American officials also enlisted the help of Hollywood producers, persuading them to supply programming to a U.S. -aligned Serbian station. During major anti-NATO protests, Serbians would turn on the television to find the channel playing episodes of Baywatch . Kaplan asserts, "Many Serbs, who might otherwise have hit the streets to make trouble , stayed in to watch young women cavorting in bikinis."

Around a decade later, the United States set up what Kaplan calls a "mini -NSA" in Iraq. Kaplan describes how NSA teams in the Middle East intercepted insurgents' e-mails and shut down many of their servers with malware. In other cases, they sent insurgents deceptive e-mails directing them to places where U.S. Special Forces would be waiting to kill them. "In 2007 alone, these sorts of operations . . . killed nearly four thousand Iraqi insurgents," Kaplan writes.

The United States will likely not win social media wars against countries such as China or Russia.

The United States' most ambitious cyberattack began in 2006, when it teamed up with Israel to sabotage the Iranian nuclear program. The collab oration, dubbed Operation Olympic Games, targeted Iran's Natanz reactor, which relied on remote computer controls . Malware designed by American pro grammers took over the reactor's valve pumps, allowing NSA operatives to remotely increase the flow of uranium gas into the centrifuges, which eventually burst. By early 2010, the operation had destroyed almost a quarter of Iran's 8,700 centrifuges.

For years, the Iranians failed to detect the intrusion and must have wondered if the malfunctions were their own fault. In that sense, Kaplan writes, "Operation Olympic Games was a classic campaign of information warfare : the target wasn't just the Iranians' nuclear program but also the Iranians' confidence-in their sensors, their equipment, and themselves." The Iranians and the wider public might never have learned about the virus, now widely known as Stuxnet, if it had not accidentally spread from the computers in Natanz to machines in other parts of the world, where private-sector security researchers ultimately discovered it.

With Olympic Games, the United States "crossed the Rubicon," in the words of the former CIA director Michael Hayden. Stuxnet was the first major piece of malware to do more than harm other computers and actually cause physical destruction. The irony was rich, as Kaplan notes: "For more than a decade, dozens of panels and commissions had warned that America's critical infrastructure was vulnerable to a cyber attack-and now America was launching the first cyber attack on another nation's critical infrastructure."

Of course, cyberattackers have often targeted the United States. In 2014 alone, Kaplan reports, the country suffered more than 80,000 cybersecurity breaches, more than 2,000 of which led to data losses. He also points out that until recently, U.S. policymakers worried less about Russia than China, which was "engaging not just in espionage and battlefield preparation, but also in the theft of trade secrets, intellectual property, and cash."

China and Russia are not the only players. Iran and North Korea have also attacked the United States. In 2014, the businessman Sheldon Adelson criticized Iran, which responded by hacking into the servers of Adelson's Las Vegas Sands Corporation, doing $40 million worth of damage. That same year, hackers calling themselves the Guardians of Peace broke into Sony's network. They destroyed thousands of computers and hundreds of servers, exposed tens of thousands of Social Security numbers, and released embarrassing personal e-mails pilfered from the accounts of Sony executives. U.S. government officials blamed the North Korean government for the attack . Sony Pictures was about to release The Interview , a silly comedy about a plot to assassinate the North Korean ruler Kim Jong Un. As opening day neared, the hackers threatened theaters with retaliation if they screened the movie. When Sony canceled the release, the threats stopped.

EVERYBODY HACKS

The Hacked World Order covers some of the same ground as Dark Territory , although with a slightly wider lens. In addition to discussing cyberattacks and surveillance, Segal, a fellow at the Council on Foreign Relations, details how the United States and other countries use social media for political ends. Russia, for example, tries to shape online discourse by spreading false news and deploying trolls to post offensive or distracting comments. The Russian government has reportedly hired English speakers to praise President Vladimir Putin on the websites of foreign news outlets. The goal is not necessarily to endear Americans to Putin, Segal explains . Rather, it sows confusion online to "make reasonable, rational conversation impossible." Chinese Internet commenters also try to muddy the waters of online discussion. Segal claims that the Chinese government pays an estimated 250,000–300,000 people to support the official Communist Party agenda online.

The public understands cyberthreats far less well than it does the threat of nuclear weapons.

Segal suggests that the United States will likely not win social media wars against countries such as China or Russia . U.S. State Department officials identify themselves on Facebook and Twitter, react slowly to news, and offer factual, rule-based commentary. Unfortunately, as Segal notes, "content that is shocking , conspiratorial, or false often crowds out the reasonable, rational, and measured."

Social media battles also play out in the Middle East. In 2012, the Israel Defense Forces and Hamas fought a war for public opinion using Facebook, Twitter, Google, Pinterest, and Tumblr at the same time as the two were exchanging physical fire. The Islamic State (also known as ISIS) has launched digital campaigns that incorporate, in Segal's words, "brutality and barbarism, packaged with sophisticated production techniques ." The United States has tried to fight back by sharing negative stories about ISIS and, in 2014, even created a video, using footage released by the group , that featured severed heads and cruci fixions. The video went viral, but analysts inside and outside the U.S. government criticized it for embracing extremist tactics similar to ISIS' own. Moreover, as Segal notes, it seems to have failed to deter ISIS' supporters.

Part of what makes the cyber-era so challenging for governments is that conflict isn't limited to states. Many actors, including individuals and small groups, can carry out attacks. In 2011, for example, the hacker collective Anon ymous took down Sony's PlayStation Network, costing the company $171 million in repairs. Individuals can also disrupt traditional diplomacy, as when WikiLeaks released thousands of State Department cables in 2010, revealing U.S. diplomats' candid and sometimes embarrassing assessments of their foreign counterparts.

Segal is at his best in his discussion of China's cyberstrategy, on which he has considerable expertise. Americans tend to see themselves as a target of Chinese hackers-and indeed they are. The problem is that China also sees itself as a victim and the United States as hypocritical. In June 2013, U.S. President Barack Obama warned Chinese President Xi Jinping that Chinese hacking could damage the U.S.-Chinese relationship. Later that month, journalists published documents provided by Edward Snowden, an NSA contractor, showing that the NSA had hacked Chinese universities and telecommunications companies. It didn't take long for Chinese state media to brand the United States as "the real hacking empire."

The U.S.-Chinese relationship also suffers from a more fundamental disagreement. U.S. policymakers seem to believe that it's acceptable to spy for political and military purposes but that China's theft of intellectual property crosses a line. The United States might spy on companies and trade negotiators all over the world, but it does so to protect its national interests, not to benefit specific U.S. companies. The Chinese don't see this distinction. As Segal explains:

Many states, especially those like China that have developed a form of state capitalism at home, do not see a difference between public and private actors. Chinese firms are part of an effort to modernize the country and build comprehensive power, no matter whether they are private or state owned. Stealing for their benefit is for the benefit of the nation.

The intense secrecy surrounding cyberwarfare makes deciding what kinds of hacking are acceptable and what behavior crosses the line even harder. The Snowden revelations may have alerted Americans to the extent of U.S. government surveillance, but the public still remains largely in the dark about digital conflict. Yet Americans have a lot at stake. The United States may be the world's strongest cyberpower, but it is also the most vulnerable. Segal writes:

The United States is . . . more exposed than any other country. Smart cities, the Internet of Things, and self-driving cars may open up vast new economic opportunities as well as new targets for destructive attacks. Cyberattacks could disrupt and degrade the American way of war, heavily dependent as it is on sensors, computers, command and control, and information dominance.

Putin and Defence Minister Sergei Ivanov visit the new GRU military intelligence headquarters building in Moscow, November 2006.

Putin and Defence Minister Sergei Ivanov visit the new GRU military intelligence headquarters building in Moscow, November 2006.

FOREWARNED IS FOREARMED

Neither Kaplan nor Segal offers easy solutions to these challenges. Kaplan argues that the cyber-era is much murkier than the era of the Cold War. Officials find it difficult to trace attack ers quickly and reliably, increasing the chances that the targeted country will make an error. The U.S. government and U.S. firms face cyberattacks every day, and there is no clear line between those that are merely a nuisance and those that pose a serious threat. The public also understands cyberthreats far less well than it does the threat of nuclear weapons. Much of the informa tion is classified, inhibiting public discus sion, Kaplan notes. He concludes that "we are all wandering in dark territory."

The public understands cyberthreats far less well than it does the threat of nuclear weapons.

Segal's conclusions are somewhat more prescriptive. The United States must support research and technological innovation, for example, and not just by providing more federal funding. Segal recommends that the United States replace its federal research plan with a public-private partnership to bring in academic and commercial expertise. Government and private companies need to share more information, and companies need to talk more openly with one another about digital threats. The United States should also "develop a code of conduct that draws a clear line between its friends and allies and its potential adversaries." This would include limiting cyberattacks to military actions and narrowly targeted covert operations, following international law, rarely spying on friends, and working to strengthen international norms against economic espionage. If the United States is attacked, it should not necessarily launch a counterattack, Segal argues; rather, it should explore using sanctions or other tools. This was apparently the path that Obama took after the attack on the DNC, when the United States punished Moscow by imposing fresh sanctions and expelling 35 suspected Russian spies.

It's likely only a matter of time before the Trump administration faces a major cyberattack. When that happens, the government will need to react calmly, without jumping to conclusions. Failure to do so could have dire consequences. "The United States, Russia, and China are unlikely to launch destructive attacks against each other unless they are already engaged in military conflict or perceive core interests as being threatened," Segal writes. "The greatest risks are misperception, miscalculation, and escalation."

Those risks now seem greater than ever. Some experts have argued that Obama's response to the Russian cyberattacks in 2016 did not do enough to deter future attackers. But if Obama underreacted, the United States may now face the opposite problem. Trump has proved willing to make bold, some times unsubstantiated accusations. This behavior is dangerous in any conflict, but in the fog of cyberwar, it could spell catastrophe.

Is there anything the American public can do to prevent this? All over the country, people have been trying to check Trump's worst impulses by protesting, appealing to members of Congress, or simply demanding more information. Policy about cyberspace generally doesn't draw the same level of public engagement, in part due to a lack of knowledge. Cyberbattles can seem confusing, technical, and shrouded in secrecy, perhaps better left to the experts. But cybersecurity is everyone's problem now. The American public should inform itself, and these two books are a good place to start. If Washington inadvertently led the United States into a major cyberwar, Americans would have the most to lose.

[Jan 18, 2017] Mainstream Media's Russian Bogeymen

Jan 18, 2017 | original.antiwar.com

The mainstream hysteria over Russia has led to dubious or downright false stories that have deepened the New Cold War

by Gareth Porter , January 16, 2017 Print This | Share This In the middle of a major domestic crisis over the U.S. charge that Russia had interfered with the US election, the Department of Homeland Security (DHS) triggered a brief national media hysteria by creating and spreading a bogus story of Russian hacking into US power infrastructure.

DHS had initiated the now-discredited tale of a hacked computer at the Burlington, Vermont Electricity Department by sending the utility's managers misleading and alarming information, then leaked a story they certainly knew to be false and continued to put out a misleading line to the media.

Even more shocking, however, DHS had previously circulated a similar bogus story of Russian hacking of a Springfield, Illinois water pump in November 2011.

The story of how DHS twice circulated false stories of Russian efforts to sabotage US "critical infrastructure" is a cautionary tale of how senior leaders in a bureaucracy-on-the-make take advantage of every major political development to advance its own interests, with scant regard for the truth.

The DHS had carried out a major public campaign to focus on an alleged Russian threat to US power infrastructure in early 2016. The campaign took advantage of a US accusation of a Russian cyber-attack against the Ukrainian power infrastructure in December 2015 to promote one of the agency's major functions - guarding against cyber-attacks on America's infrastructure.

Beginning in late March 2016, DHS and FBI conducted a series of 12 unclassified briefings for electric power infrastructure companies in eight cities titled, "Ukraine Cyber Attack: implications for US stakeholders." The DHS declared publicly, "These events represent one of the first known physical impacts to critical infrastructure which resulted from cyber-attack."

That statement conveniently avoided mentioning that the first cases of such destruction of national infrastructure from cyber-attacks were not against the United States, but were inflicted on Iran by the Obama administration and Israel in 2009 and 2012.

Beginning in October 2016, the DHS emerged as one of the two most important players – along with the CIA-in the political drama over the alleged Russian effort to tilt the 2016 election toward Donald Trump. Then on Dec. 29, DHS and FBI distributed a "Joint Analysis Report" to US power utilities across the country with what it claimed were "indicators" of a Russian intelligence effort to penetrate and compromise US computer networks, including networks related to the presidential election, that it called "GRIZZLY STEPPE."

The report clearly conveyed to the utilities that the "tools and infrastructure" it said had been used by Russian intelligence agencies to affect the election were a direct threat to them as well. However, according to Robert M. Lee, the founder and CEO of the cyber-security company Dragos, who had developed one of the earliest US government programs for defense against cyber-attacks on US infrastructure systems, the report was certain to mislead the recipients.

"Anyone who uses it would think they were being impacted by Russian operations," said Lee. "We ran through the indicators in the report and found that a high percentage were false positives."

Lee and his staff found only two of a long list of malware files that could be linked to Russian hackers without more specific data about timing. Similarly a large proportion of IP addresses listed could be linked to "GRIZZLY STEPPE" only for certain specific dates, which were not provided.

The Intercept discovered, in fact, that 42 percent of the 876 IP addresses listed in the report as having been used by Russian hackers were exit nodes for the Tor Project, a system that allows bloggers, journalists and others – including some military entities – to keep their Internet communications private.

Lee said the DHS staff that worked on the technical information in the report is highly competent, but the document was rendered useless when officials classified and deleted some key parts of the report and added other material that shouldn't have been in it. He believes the DHS issued the report "for a political purpose," which was to "show that the DHS is protecting you."

Planting the Story, Keeping it Alive

Upon receiving the DHS-FBI report the Burlington Electric Company network security team immediately ran searches of its computer logs using the lists of IP addresses it had been provided. When one of IP addresses cited in the report as an indicator of Russian hacking was found on the logs, the utility immediately called DHS to inform it as it had been instructed to do by DHS.

In fact, the IP address on the Burlington Electric Company's computer was simply the Yahoo e-mail server, according to Lee, so it could not have been a legitimate indicator of an attempted cyber-intrusion. That should have been the end of the story. But the utility did not track down the IP address before reporting it to DHS. It did, however, expect DHS to treat the matter confidentially until it had thoroughly investigated and resolved the issue.

"DHS wasn't supposed to release the details," said Lee. "Everybody was supposed to keep their mouth shut."

Instead, a DHS official called The Washington Post and passed on word that one of the indicators of Russian hacking of the DNC had been found on the Burlington utility's computer network. The Post failed to follow the most basic rule of journalism, relying on its DHS source instead of checking with the Burlington Electric Department first. The result was the Post's sensational Dec. 30 story under the headline "Russian hackers penetrated US electricity grid through a utility in Vermont, US officials say."

DHS official evidently had allowed the Post to infer that the Russians hack had penetrated the grid without actually saying so. The Post story said the Russians "had not actively used the code to disrupt operations of the utility, according to officials who spoke on condition of anonymity in order to discuss a security matter," but then added, and that "the penetration of the nation's electrical grid is significant because it represents a potentially serious vulnerability."

The electric company quickly issued a firm denial that the computer in question was connected to the power grid. The Post was forced to retract, in effect, its claim that the electricity grid had been hacked by the Russians. But it stuck by its story that the utility had been the victim of a Russian hack for another three days before admitting that no such evidence of a hack existed.

The day after the story was published, the DHS leadership continued to imply, without saying so explicitly, that the Burlington utility had been hacked by Russians. Assistant Secretary for Pubic Affairs J. Todd Breasseale gave CNN a statement that the "indicators" from the malicious software found on the computer at Burlington Electric were a "match" for those on the DNC computers.

As soon as DHS checked the IP address, however, it knew that it was a Yahoo cloud server and therefore not an indicator that the same team that allegedly hacked the DNC had gotten into the Burlington utility's laptop. DHS also learned from the utility that the laptop in question had been infected by malware called "neutrino," which had never been used in "GRIZZLY STEPPE."

Only days later did the DHS reveal those crucial facts to the Post. And the DHS was still defending its joint report to the Post, according to Lee, who got part of the story from Post sources. The DHS official was arguing that it had "led to a discovery," he said. "The second is, 'See, this is encouraging people to run indicators.'"

Original DHS False Hacking Story

The false Burlington Electric hack scare is reminiscent of an earlier story of Russian hacking of a utility for which the DHS was responsible as well. In November 2011, it reported an "intrusion" into a Springfield, Illinois water district computer that similarly turned out to be a fabrication.

Like the Burlington fiasco, the false report was preceded by a DHS claim that US infrastructure systems were already under attack. In October 2011, acting DHS deputy undersecretary Greg Schaffer was quoted by The Washington Post as warning that "our adversaries" are "knocking on the doors of these systems." And Schaffer added, "In some cases, there have been intrusions." He did not specify when, where or by whom, and no such prior intrusions have ever been documented.

On Nov. 8, 2011, a water pump belonging to the Curran-Gardner township water district near Springfield, Illinois, burned out after sputtering several times in previous months. The repair team brought in to fix it found a Russian IP address on its log from five months earlier. That IP address was actually from a cell phone call from the contractor who had set up the control system for the pump and who was vacationing in Russia with his family, so his name was in the log by the address.

Without investigating the IP address itself, the utility reported the IP address and the breakdown of the water pump to the Environmental Protection Agency, which in turn passed it on to the Illinois Statewide Terrorism and Intelligence Center, also called a fusion center composed of Illinois State Police and representatives from the FBI, DHS and other government agencies.

On Nov. 10 – just two days after the initial report to EPA – the fusion center produced a report titled "Public Water District Cyber Intrusion" suggesting a Russian hacker had stolen the identity of someone authorized to use the computer and had hacked into the control system causing the water pump to fail.

The contractor whose name was on the log next to the IP address later told Wired magazine that one phone call to him would have laid the matter to rest. But the DHS, which was the lead in putting the report out, had not bothered to make even that one obvious phone call before opining that it must have been a Russian hack.

The fusion center "intelligence report," circulated by DHS Office of Intelligence and Research, was picked up by a cyber-security blogger, who called The Washington Post and read the item to a reporter. Thus the Post published the first sensational story of a Russian hack into a US infrastructure on Nov. 18, 2011.

After the real story came out, DHS disclaimed responsibility for the report, saying that it was the fusion center's responsibility. But a Senate subcommittee investigation revealed in a report a year later that even after the initial report had been discredited, DHS had not issued any retraction or correction to the report, nor had it notified the recipients about the truth.

DHS officials responsible for the false report told Senate investigators such reports weren't intended to be "finished intelligence," implying that the bar for accuracy of the information didn't have to be very high. They even claimed that report was a "success" because it had done what "what it's supposed to do – generate interest."

Both the Burlington and Curran-Gardner episodes underline a central reality of the political game of national security in the New Cold War era: major bureaucratic players like DHS have a huge political stake in public perceptions of a Russian threat, and whenever the opportunity arises to do so, they will exploit it.

Gareth Porter, an investigative historian and journalist specializing in US national security policy, received the UK-based Gellhorn Prize for journalism for 2011 for articles on the U.S. war in Afghanistan. His new book is Manufactured Crisis: the Untold Story of the Iran Nuclear Scare . He can be contacted at porter.gareth50@gmail.com .

Reprinted from Consortium News with the author's permission.

Read more by Gareth Porter

[Jan 16, 2017] Mainstream Medias Russian Bogeymen by Gareth Porter

DHS security honchos want to justify their existence. There is not greater danger to national security then careerists in position of security professionals. Lying and exaggerating the treats to get this dollars is is what many security professionals do for living. They are essentially charlatans.
Notable quotes:
"... In the middle of a major domestic crisis over the U.S. charge that Russia had interfered with the US election, the Department of Homeland Security (DHS) triggered a brief national media hysteria by creating and spreading a bogus story of Russian hacking into US power infrastructure. ..."
"... Even more shocking, however, DHS had previously circulated a similar bogus story of Russian hacking of a Springfield, Illinois water pump in November 2011. ..."
"... Beginning in late March 2016, DHS and FBI conducted a series of 12 unclassified briefings for electric power infrastructure companies in eight cities titled, "Ukraine Cyber Attack: implications for US stakeholders." The DHS declared publicly, "These events represent one of the first known physical impacts to critical infrastructure which resulted from cyber-attack." ..."
"... That statement conveniently avoided mentioning that the first cases of such destruction of national infrastructure from cyber-attacks were not against the United States, but were inflicted on Iran by the Obama administration and Israel in 2009 and 2012. ..."
"... Beginning in October 2016, the DHS emerged as one of the two most important players – along with the CIA-in the political drama over the alleged Russian effort to tilt the 2016 election toward Donald Trump. Then on Dec. 29, DHS and FBI distributed a "Joint Analysis Report" to US power utilities across the country with what it claimed were "indicators" of a Russian intelligence effort to penetrate and compromise US computer networks, including networks related to the presidential election, that it called "GRIZZLY STEPPE." ..."
"... according to Robert M. Lee, the founder and CEO of the cyber-security company Dragos, who had developed one of the earliest US government programs for defense against cyber-attacks on US infrastructure systems, the report was certain to mislead the recipients. ..."
"... "Anyone who uses it would think they were being impacted by Russian operations," said Lee. "We ran through the indicators in the report and found that a high percentage were false positives." ..."
"... The Intercept discovered, in fact, that 42 percent of the 876 IP addresses listed in the report as having been used by Russian hackers were exit nodes for the Tor Project, a system that allows bloggers, journalists and others – including some military entities – to keep their Internet communications private. ..."
"... Instead, a DHS official called The Washington Post and passed on word that one of the indicators of Russian hacking of the DNC had been found on the Burlington utility's computer network. The Post failed to follow the most basic rule of journalism, relying on its DHS source instead of checking with the Burlington Electric Department first. The result was the Post's sensational Dec. 30 story under the headline "Russian hackers penetrated US electricity grid through a utility in Vermont, US officials say." ..."
"... DHS official evidently had allowed the Post to infer that the Russians hack had penetrated the grid without actually saying so. The Post story said the Russians "had not actively used the code to disrupt operations of the utility, according to officials who spoke on condition of anonymity in order to discuss a security matter," but then added, and that "the penetration of the nation's electrical grid is significant because it represents a potentially serious vulnerability." ..."
"... The electric company quickly issued a firm denial that the computer in question was connected to the power grid. The Post was forced to retract, in effect, its claim that the electricity grid had been hacked by the Russians. But it stuck by its story that the utility had been the victim of a Russian hack for another three days before admitting that no such evidence of a hack existed. ..."
"... Only days later did the DHS reveal those crucial facts to the Post. And the DHS was still defending its joint report to the Post, according to Lee, who got part of the story from Post sources. The DHS official was arguing that it had "led to a discovery," he said. "The second is, 'See, this is encouraging people to run indicators.'" ..."
"... The false Burlington Electric hack scare is reminiscent of an earlier story of Russian hacking of a utility for which the DHS was responsible as well. In November 2011, it reported an "intrusion" into a Springfield, Illinois water district computer that similarly turned out to be a fabrication. ..."
"... The contractor whose name was on the log next to the IP address later told Wired magazine that one phone call to him would have laid the matter to rest. But the DHS, which was the lead in putting the report out, had not bothered to make even that one obvious phone call before opining that it must have been a Russian hack. ..."
Jan 16, 2017 | original.antiwar.com

The mainstream hysteria over Russia has led to dubious or downright false stories that have deepened the New Cold War

In the middle of a major domestic crisis over the U.S. charge that Russia had interfered with the US election, the Department of Homeland Security (DHS) triggered a brief national media hysteria by creating and spreading a bogus story of Russian hacking into US power infrastructure.

DHS had initiated the now-discredited tale of a hacked computer at the Burlington, Vermont Electricity Department by sending the utility's managers misleading and alarming information, then leaked a story they certainly knew to be false and continued to put out a misleading line to the media.

Even more shocking, however, DHS had previously circulated a similar bogus story of Russian hacking of a Springfield, Illinois water pump in November 2011.

The story of how DHS twice circulated false stories of Russian efforts to sabotage US "critical infrastructure" is a cautionary tale of how senior leaders in a bureaucracy-on-the-make take advantage of every major political development to advance its own interests, with scant regard for the truth.

The DHS had carried out a major public campaign to focus on an alleged Russian threat to US power infrastructure in early 2016. The campaign took advantage of a US accusation of a Russian cyber-attack against the Ukrainian power infrastructure in December 2015 to promote one of the agency's major functions - guarding against cyber-attacks on America's infrastructure.

Beginning in late March 2016, DHS and FBI conducted a series of 12 unclassified briefings for electric power infrastructure companies in eight cities titled, "Ukraine Cyber Attack: implications for US stakeholders." The DHS declared publicly, "These events represent one of the first known physical impacts to critical infrastructure which resulted from cyber-attack."

That statement conveniently avoided mentioning that the first cases of such destruction of national infrastructure from cyber-attacks were not against the United States, but were inflicted on Iran by the Obama administration and Israel in 2009 and 2012.

Beginning in October 2016, the DHS emerged as one of the two most important players – along with the CIA-in the political drama over the alleged Russian effort to tilt the 2016 election toward Donald Trump. Then on Dec. 29, DHS and FBI distributed a "Joint Analysis Report" to US power utilities across the country with what it claimed were "indicators" of a Russian intelligence effort to penetrate and compromise US computer networks, including networks related to the presidential election, that it called "GRIZZLY STEPPE."

The report clearly conveyed to the utilities that the "tools and infrastructure" it said had been used by Russian intelligence agencies to affect the election were a direct threat to them as well. However, according to Robert M. Lee, the founder and CEO of the cyber-security company Dragos, who had developed one of the earliest US government programs for defense against cyber-attacks on US infrastructure systems, the report was certain to mislead the recipients.

"Anyone who uses it would think they were being impacted by Russian operations," said Lee. "We ran through the indicators in the report and found that a high percentage were false positives."

Lee and his staff found only two of a long list of malware files that could be linked to Russian hackers without more specific data about timing. Similarly a large proportion of IP addresses listed could be linked to "GRIZZLY STEPPE" only for certain specific dates, which were not provided.

The Intercept discovered, in fact, that 42 percent of the 876 IP addresses listed in the report as having been used by Russian hackers were exit nodes for the Tor Project, a system that allows bloggers, journalists and others – including some military entities – to keep their Internet communications private.

Lee said the DHS staff that worked on the technical information in the report is highly competent, but the document was rendered useless when officials classified and deleted some key parts of the report and added other material that shouldn't have been in it. He believes the DHS issued the report "for a political purpose," which was to "show that the DHS is protecting you."

Planting the Story, Keeping it Alive

Upon receiving the DHS-FBI report the Burlington Electric Company network security team immediately ran searches of its computer logs using the lists of IP addresses it had been provided. When one of IP addresses cited in the report as an indicator of Russian hacking was found on the logs, the utility immediately called DHS to inform it as it had been instructed to do by DHS.

In fact, the IP address on the Burlington Electric Company's computer was simply the Yahoo e-mail server, according to Lee, so it could not have been a legitimate indicator of an attempted cyber-intrusion. That should have been the end of the story. But the utility did not track down the IP address before reporting it to DHS. It did, however, expect DHS to treat the matter confidentially until it had thoroughly investigated and resolved the issue.

"DHS wasn't supposed to release the details," said Lee. "Everybody was supposed to keep their mouth shut."

Instead, a DHS official called The Washington Post and passed on word that one of the indicators of Russian hacking of the DNC had been found on the Burlington utility's computer network. The Post failed to follow the most basic rule of journalism, relying on its DHS source instead of checking with the Burlington Electric Department first. The result was the Post's sensational Dec. 30 story under the headline "Russian hackers penetrated US electricity grid through a utility in Vermont, US officials say."

DHS official evidently had allowed the Post to infer that the Russians hack had penetrated the grid without actually saying so. The Post story said the Russians "had not actively used the code to disrupt operations of the utility, according to officials who spoke on condition of anonymity in order to discuss a security matter," but then added, and that "the penetration of the nation's electrical grid is significant because it represents a potentially serious vulnerability."

The electric company quickly issued a firm denial that the computer in question was connected to the power grid. The Post was forced to retract, in effect, its claim that the electricity grid had been hacked by the Russians. But it stuck by its story that the utility had been the victim of a Russian hack for another three days before admitting that no such evidence of a hack existed.

The day after the story was published, the DHS leadership continued to imply, without saying so explicitly, that the Burlington utility had been hacked by Russians. Assistant Secretary for Pubic Affairs J. Todd Breasseale gave CNN a statement that the "indicators" from the malicious software found on the computer at Burlington Electric were a "match" for those on the DNC computers.

As soon as DHS checked the IP address, however, it knew that it was a Yahoo cloud server and therefore not an indicator that the same team that allegedly hacked the DNC had gotten into the Burlington utility's laptop. DHS also learned from the utility that the laptop in question had been infected by malware called "neutrino," which had never been used in "GRIZZLY STEPPE."

Only days later did the DHS reveal those crucial facts to the Post. And the DHS was still defending its joint report to the Post, according to Lee, who got part of the story from Post sources. The DHS official was arguing that it had "led to a discovery," he said. "The second is, 'See, this is encouraging people to run indicators.'"

Original DHS False Hacking Story

The false Burlington Electric hack scare is reminiscent of an earlier story of Russian hacking of a utility for which the DHS was responsible as well. In November 2011, it reported an "intrusion" into a Springfield, Illinois water district computer that similarly turned out to be a fabrication.

Like the Burlington fiasco, the false report was preceded by a DHS claim that US infrastructure systems were already under attack. In October 2011, acting DHS deputy undersecretary Greg Schaffer was quoted by The Washington Post as warning that "our adversaries" are "knocking on the doors of these systems." And Schaffer added, "In some cases, there have been intrusions." He did not specify when, where or by whom, and no such prior intrusions have ever been documented.

On Nov. 8, 2011, a water pump belonging to the Curran-Gardner township water district near Springfield, Illinois, burned out after sputtering several times in previous months. The repair team brought in to fix it found a Russian IP address on its log from five months earlier. That IP address was actually from a cell phone call from the contractor who had set up the control system for the pump and who was vacationing in Russia with his family, so his name was in the log by the address.

Without investigating the IP address itself, the utility reported the IP address and the breakdown of the water pump to the Environmental Protection Agency, which in turn passed it on to the Illinois Statewide Terrorism and Intelligence Center, also called a fusion center composed of Illinois State Police and representatives from the FBI, DHS and other government agencies.

On Nov. 10 – just two days after the initial report to EPA – the fusion center produced a report titled "Public Water District Cyber Intrusion" suggesting a Russian hacker had stolen the identity of someone authorized to use the computer and had hacked into the control system causing the water pump to fail.

The contractor whose name was on the log next to the IP address later told Wired magazine that one phone call to him would have laid the matter to rest. But the DHS, which was the lead in putting the report out, had not bothered to make even that one obvious phone call before opining that it must have been a Russian hack.

The fusion center "intelligence report," circulated by DHS Office of Intelligence and Research, was picked up by a cyber-security blogger, who called The Washington Post and read the item to a reporter. Thus the Post published the first sensational story of a Russian hack into a US infrastructure on Nov. 18, 2011.

After the real story came out, DHS disclaimed responsibility for the report, saying that it was the fusion center's responsibility. But a Senate subcommittee investigation revealed in a report a year later that even after the initial report had been discredited, DHS had not issued any retraction or correction to the report, nor had it notified the recipients about the truth.

DHS officials responsible for the false report told Senate investigators such reports weren't intended to be "finished intelligence," implying that the bar for accuracy of the information didn't have to be very high. They even claimed that report was a "success" because it had done what "what it's supposed to do – generate interest."

Both the Burlington and Curran-Gardner episodes underline a central reality of the political game of national security in the New Cold War era: major bureaucratic players like DHS have a huge political stake in public perceptions of a Russian threat, and whenever the opportunity arises to do so, they will exploit it.

Gareth Porter, an investigative historian and journalist specializing in US national security policy, received the UK-based Gellhorn Prize for journalism for 2011 for articles on the U.S. war in Afghanistan. His new book is Manufactured Crisis: the Untold Story of the Iran Nuclear Scare . He can be contacted at porter.gareth50@gmail.com .

Reprinted from Consortium News with the author's permission.

[Jan 13, 2017] Mystery Hackers Blow Up Secret NSA Hacking Tools in 'Final F--k You'

Notable quotes:
"... The message was accompanied by a parting gift...an apparently complete NSA backdoor kit targeting the Windows operating system. The kit is comprised of 61 malicious Windows executables, only one of which was previously known to antivirus vendors... ..."
Jan 13, 2017 | www.thedailybeast.com
by Kevin Poulsen

"A mysterious hacking group has been bedeviling the U.S. intelligence community for months, releasing a tranche of secret National Security Agency hacking tools to the public while offering to sell even more for the right price. Now with barely a week to go before Donald Trump's inauguration, the self-styled "Shadow Brokers" on Thursday announced that they were packing it in.

"So long, farewell peoples. TheShadowBrokers is going dark, making exit," the group wrote on its darknet site... The message was accompanied by a parting gift...an apparently complete NSA backdoor kit targeting the Windows operating system. The kit is comprised of 61 malicious Windows executables, only one of which was previously known to antivirus vendors...

... ... ...

The Shadow Brokers emerged in August with the announcement that they'd stolen the hacking tools used by a sophisticated computer-intrusion operation known as the Equation Group, and were putting them up for sale to the highest bidder. It was a remarkable claim, because the Equation Group is generally understood to be part of the NSA's elite Tailored Access Operations program and is virtually never detected, much less penetrated.

... ... ...

Released along with the announcement was a huge cache of specialized malware, including dozens of backdoor programs and 10 exploits, two of them targeting previously unknown security holes in Cisco routers-a basic building block of the internet. While Cisco and other companies scrambled for a fix, security experts pored over the Shadow Brokers tranche like it was the Rosetta Stone. "It was the first time, as threat-intelligence professionals, that we've had access to what appears to be a relatively complete toolkit of a nation-state attacker," says Jake Williams, founder of Rendition Infosec. "It was excitement in some circles, dismay in other circles, and panic and a rush to patch if you're running vulnerable hardware."

[Dec 26, 2016] HP Shutting Down Default FTP, Telnet Access To Network Printers

Dec 26, 2016 | hardware.slashdot.org
(pcworld.com) 83 Posted by msmash on Tuesday December 06, 2016 @11:00AM from the business-as-usual dept. Security experts consider the aging FTP and Telnet protocols unsafe, and HP has decided to clamp down on access to networked printers through the remote-access tools . From a report on PCWorld: Some of HP's new business printers will, by default, be closed to remote access via protocols like FTP and Telnet. However, customers can activate remote printing access through those protocols if needed. "HP has started the process of closing older, less-maintained interfaces including ports, protocols and cipher suites" identified by the U.S. National Institute of Standards and Technology as less than secure, the company said in a statement. In addition, HP also announced firmware updates to existing business printers with improved password and encryption settings, so hackers can't easily break into the devices.

[Dec 26, 2016] New Stegano Exploit Kit Hides Malvertising Code In Banner Pixels

Dec 26, 2016 | it.slashdot.org
(bleepingcomputer.com) 207 Posted by BeauHD on Tuesday December 06, 2016 @08:25PM from the hidden-in-plain-sight dept. An anonymous reader quotes a report from BleepingComputer: For the past two months, a new exploit kit has been serving malicious code hidden in the pixels of banner ads via a malvertising campaign that has been active on several high profile websites. Discovered by security researchers from ESET , this new exploit kit is named Stegano, from the word steganography , which is a technique of hiding content inside other files. In this particular scenario, malvertising campaign operators hid malicious code inside PNG images used for banner ads. The crooks took a PNG image and altered the transparency value of several pixels. They then packed the modified image as an ad, for which they bought ad displays on several high-profile websites. Since a large number of advertising networks allow advertisers to deliver JavaScript code with their ads, the crooks also included JS code that would parse the image, extract the pixel transparency values, and using a mathematical formula, convert those values into a character. Since images have millions of pixels, crooks had all the space they needed to pack malicious code inside a PNG photo. When extracted, this malicious code would redirect the user to an intermediary ULR, called gate, where the host server would filter users. This server would only accept connections from Internet Explorer users. The reason is that the gate would exploit the CVE-2016-0162 vulnerability that allowed the crooks to determine if the connection came from a real user or a reverse analysis system employed by security researchers. Additionally, this IE exploit also allowed the gate server to detect the presence of antivirus software. In this case, the server would drop the connection just to avoid exposing its infrastructure and trigger a warning that would alert both the user and the security firm. If the gate server deemed the target valuable, then it would redirect the user to the final stage, which was the exploit kit itself, hosted on another URL. The Stegano exploit kit would use three Adobe Flash vulnerabilities (CVE-2015-8651, CVE-2016-1019 or CVE-2016-4117) to attack the user's PC, and forcibly download and launch into execution various strains of malware.

[Dec 26, 2016] Backdoor Accounts Found in 80 Sony IP Security Camera Models

Dec 26, 2016 | yro.slashdot.org
(pcworld.com) 55 Posted by msmash on Wednesday December 07, 2016 @12:20PM from the security-woes dept. Many network security cameras made by Sony could be taken over by hackers and infected with botnet malware if their firmware is not updated to the latest version. Researchers from SEC Consult have found two backdoor accounts that exist in 80 models of professional Sony security cameras , mainly used by companies and government agencies given their high price, PCWorld reports. From the article: One set of hard-coded credentials is in the Web interface and allows a remote attacker to send requests that would enable the Telnet service on the camera, the SEC Consult researchers said in an advisory Tuesday. The second hard-coded password is for the root account that could be used to take full control of the camera over Telnet. The researchers established that the password is static based on its cryptographic hash and, while they haven't actually cracked it, they believe it's only a matter of time until someone does. Sony released a patch to the affected camera models last week.

[Dec 26, 2016] Yahoo Fixes Flaw Allowing an Attacker To Read Any User's Emails

Dec 26, 2016 | tech.slashdot.org
(zdnet.com) 30 Posted by msmash on Thursday December 08, 2016 @11:45AM from the security-woes-and-fixes dept. Yahoo says it has fixed a severe security vulnerability in its email service that allowed an attacker to read a victim's email inbox . From a report on ZDNet: The cross-site scripting (XSS) attack only required a victim to view an email in Yahoo Mail. The internet giant paid out $10,000 to security researcher Jouko Pynnonen for privately disclosing the flaw through the HackerOne bug bounty, In a write-up, Pynnonen said that the flaw was similar to last year's Yahoo Mail bug, which similarly let an attacker compromise a user's account. Yahoo filters HTML messages to ensure that malicious code won't make it through into the user's browser, but the researcher found that the filters didn't catch all of the malicious data attributes.

[Dec 26, 2016] Zeus Variant 'Floki Bot' Targets PoS Data

Dec 26, 2016 | it.slashdot.org
(onthewire.io) 25 Posted by BeauHD on Friday December 09, 2016 @05:00AM from the out-of-the-woodwork dept. Trailrunner7 quotes a report from On the Wire: Malware gangs, like sad wedding bands bands, love to play the hits. And one of the hits they keep running back over and over is the Zeus banking Trojan, which has been in use for many years in a number of different forms. Researchers have unearthed a new piece of malware called Floki Bot that is based on the venerable Zeus source code and is being used to infect point-of-sale systems, among other targets. Flashpoint conducted the analysis of Floki Bot with Cisco's Talos research team, and the two organizations said that the author behind the bot maintains a presence on a number of different underground forums, some of which are in Russian or other non-native languages for him. Kremez said that attackers sometimes will participate in foreign language forums as a way to expand their knowledge. Along with its PoS infection capability, Floki Bot also has a feature that allows it to use the Tor network to communicate. "During our analysis of Floki Bot, Talos identified modifications that had been made to the dropper mechanism present in the leaked Zeus source code in an attempt to make Floki Bot more difficult to detect. Talos also observed the introduction of new code that allows Floki Bot to make use of the Tor network. However, this functionality does not appear to be active for the time being," Cisco's Talos team said in its analysis .

[Dec 26, 2016] 5-Year-Old Critical Linux Vulnerability Patched

Dec 26, 2016 | linux.slashdot.org
(threatpost.com) 68 Posted by EditorDavid on Saturday December 10, 2016 @12:34PM from the local-Linux-attacks dept. msm1267 quotes Kaspersky Lab's ThreatPost: A critical, local code-execution vulnerability in the Linux kernel was patched more than a week ago, continuing a run of serious security issues in the operating system, most of which have been hiding in the code for years. Details on the vulnerability were published Tuesday by researcher Philip Pettersson , who said the vulnerable code was introd in August 2011.

A patch was pushed to the mainline Linux kernel December 2, four days after it was privately disclosed. Pettersson has developed a proof-of-concept exploit specifically for Ubuntu distributions, but told Threatpost his attack could be ported to other distros with some changes. The vulnerability is a race condition that was discovered in the af_packet implementation in the Linux kernel, and Pettersson said that a local attacker could exploit the bug to gain kernel code execution from unprivileged processes. He said the bug cannot be exploited remotely.
"Basically it's a bait-and-switch," the researcher told Threatpost. "The bug allows you to trick the kernel into thinking it is working with one kind of object, while you actually switched it to another kind of object before it could react."

[Dec 26, 2016] Vulnerability Prompts Warning: Stop Using Netgear WiFi Routers

Dec 26, 2016 | mobile.slashdot.org
(securityledger.com) 147 Posted by EditorDavid on Sunday December 11, 2016 @01:34PM from the nixing-the-network dept. "By convincing a user to visit a specially crafted web site, a remote attacker may execute arbitrary commands with root privileges on affected routers," warns a new vulnerability notice from Carnegie Mellon University's CERT. Slashdot reader chicksdaddy quotes Security Ledger's story about certain models of Netgear's routers: Firmware version 1.0.7.2_1.1.93 (and possibly earlier) for the R7000 and version 1.0.1.6_1.0.4 (and possibly earlier) for the R6400 are known to contain the arbitrary command injection vulnerability . CERT cited "community reports" that indicate the R8000, firmware version 1.0.3.4_1.1.2, is also vulnerable... The flaw was found in new firmware that runs the Netgear R7000 and R6400 routers. Other models and firmware versions may also be affected, including the R8000 router, CMU CERT warned.

With no work around to the flaw, CERT recommended that Netgear customers disable their wifi router until a software patch from the company that addressed the hole was available... A search of the public internet using the Shodan search engine finds around 8,000 R6450 and R7000 devices that can be reached directly from the Internet and that would be vulnerable to takeover attacks. The vast majority of those are located in the United States.
Proof-of-concept exploit code was released by a Twitter user who, according to the article, said "he informed Netgear of the flaw more than four months ago, but did not hear back from the company since then."

[Dec 26, 2016] Malvertising Campaign Infects Your Router Instead of Your Browser

Dec 26, 2016 | it.slashdot.org
(bleepingcomputer.com) 137 Posted by BeauHD on Wednesday December 14, 2016 @07:45PM from the connected-devices dept. An anonymous reader quotes a report from BleepingComputer: Malicious ads are serving exploit code to infect routers , instead of browsers, in order to insert ads in every site users are visiting. Unlike previous malvertising campaigns that targeted users of old Flash or Internet Explorer versions, this campaign focused on Chrome users, on both desktop and mobile devices. The malicious ads included in this malvertising campaign contain exploit code for 166 router models, which allow attackers to take over the device and insert ads on websites that didn't feature ads, or replace original ads with the attackers' own. Researchers haven't yet managed to determine an exact list of affected router models , but some of the brands targeted by the attackers include Linksys, Netgear, D-Link, Comtrend, Pirelli, and Zyxel. Because the attack is carried out via the user's browser, using strong router passwords or disabling the administration interface is not enough. The only way users can stay safe is if they update their router's firmware to the most recent versions, which most likely includes protection against the vulnerabilities used by this campaign. The "campaign" is called DNSChanger EK and works when attackers buy ads on legitimate websites and insert malicious JavaScript in these ads, "which use a WebRTC request to a Mozilla STUN server to determine the user's local IP address," according to BleepingComputer. "Based on this local IP address, the malicious code can determine if the user is on a local network managed by a small home router, and continue the attack. If this check fails, the attackers just show a random legitimate ad and move on. For the victims the crooks deem valuable, the attack chain continues. These users receive a tainted ad which redirects them to the DNSChanger EK home, where the actual exploitation begins. The next step is for the attackers to send an image file to the user's browser, which contains an AES (encryption algorithm) key embedded inside the photo using the technique of steganography. The malicious ad uses this AES key to decrypt further traffic it receives from the DNSChanger exploit kit. Crooks encrypt their operations to avoid the prying eyes of security researchers."

[Dec 26, 2016] Newly Uncovered Site Suggests NSA Exploits For Direct Sale

Dec 26, 2016 | news.slashdot.org
(vice.com) 33 Posted by BeauHD on Wednesday December 14, 2016 @08:25PM from the buy-one-get-one dept. An anonymous reader quotes a report from Motherboard: The Shadow Brokers -- a hacker or group of hackers that stole computer exploits from the National Security Agency -- has been quiet for some time. After their auction and crowd-funded approach for selling the exploits met a lukewarm reception, the group seemingly stopped posting new messages in October. But a newly uncovered website, which includes a file apparently signed with The Shadow Brokers' cryptographic key, suggests the group is trying to sell hacking tools directly to buyers one by one , and a cache of files appears to include more information on specific exploits. On Wednesday, someone calling themselves Boceffus Cleetus published a Medium post called "Are the Shadow Brokers selling NSA tools on ZeroNet?" Cleetus, who has an American flag with swastikas as their profile picture, also tweeted the post from a Twitter account created this month. The site includes a long list of supposed items for sale, with names like ENVOYTOMATO, EGGBASKET, and YELLOWSPIRIT. Each is sorted into a type, such as "implant," "trojan," and "exploit," and comes with a price tag between 1 and 100 bitcoins ($780 -- $78,000). Customers can purchase the whole lot for 1000 bitcoins ($780,000). The site also lets visitors download a selection of screenshots and files related to each item. Along with those is a file signed with a PGP key with an identical fingerprint to that linked to the original Shadow Brokers dump of exploits from August. This newly uncovered file was apparently signed on 1 September; a different date to any of The Shadow Brokers' previously signed messages .

[Dec 26, 2016] Netgear Releases 'Beta' Patches For Additional Routers Found With Root Vulnerability

Dec 26, 2016 | it.slashdot.org
(netgear.com) 26 Posted by EditorDavid on Saturday December 17, 2016 @10:34AM from the but-they-might-not-work dept. The Department of Homeland Security's CERT issued a warning last week that users should "strongly consider" not using some models of NetGear routers, and the list expanded this week to include 11 different models. Netgear's now updated their web page, announcing eight "beta" fixes, along with three more "production" fixes. chicksdaddy writes: The company said the new [beta] firmware has not been fully tested and " might not work for all users ." The company offered it as a "temporary solution" to address the security hole. "Netgear is working on a production firmware version that fixes this command injection vulnerability and will release it as quickly as possible," the company said in a post to its online knowledgebase early Tuesday.

The move follows publication of a warning from experts at Carnegie Mellon on December 9 detailing a serious "arbitrary command injection" vulnerability in the latest version of firmware used by a number of Netgear wireless routers. The security hole could allow a remote attacker to take control of the router by convincing a user to visit a malicious web site... The vulnerability was discovered by an individual...who says he contacted Netgear about the flaw four months ago , and went public with information on it after the company failed to address the issue on its own.

[Dec 26, 2016] McAfee Takes Six Months To Patch Remote Code Exploit In Linux VirusScan Enterprise

Dec 26, 2016 | linux.slashdot.org
Posted by EditorDavid on Saturday December 17, 2016 @05:34PM from the jeopardized-in-June dept. mask.of.sanity writes: A researcher has reported 10 vulnerabilities in McAfee's VirusScan Enterprise for Linux that when chained together result in root remote code execution. McAfee took six months to fix the bugs issuing a patch December 9th.
Citing the security note , CSO adds that "one of the issues affects Virus Scan Enterprise for Windows version 8.7i through at least 8.8 ." The vulnerability was reported by Andrew Fasano at MIT's federally-funded security lab, who said he targeted McAfee's client because "it runs as root, it claims to make your machine more secure, it's not particularly popular, and it looks like it hasn't been updated in a long time."

[Dec 26, 2016] Massive Mirai Botnet Hides Its Control Servers On Tor

Dec 26, 2016 | it.slashdot.org
Posted by EditorDavid on Saturday December 17, 2016 @06:34PM from the catch-me-if-you-can dept. "Following a failed takedown attempt, changes made to the Mirai malware variant responsible for building one of today's biggest botnets of IoT devices will make it incredibly harder for authorities and security firms to shut it down," reports Bleeping Computer. An anonymous reader writes: Level3 and others" have been very close to taking down one of the biggest Mirai botnets around, the same one that attempted to knock the Internet offline in Liberia , and also hijacked 900,000 routers from German ISP Deutsche Telekom .The botnet narrowly escaped due to the fact that its maintainer, a hacker known as BestBuy, had implemented a domain-generation algorithm to generate random domain names where he hosted his servers.

Currently, to avoid further takedown attempts from similar security firms, BestBuy has started moving the botnet's command and control servers to Tor . "It's all good now. We don't need to pay thousands to ISPs and hosting. All we need is one strong server," the hacker said. "Try to shut down .onion 'domains' over Tor," he boasted, knowing that nobody can.

[Dec 26, 2016] LinkedIn Warns 9.5 Million Lynda Users About Database Breach

Dec 26, 2016 | yro.slashdot.org
(neowin.net) 35 Posted by EditorDavid on Sunday December 18, 2016 @02:34PM from the profile-views dept. Less than four weeks after Microsoft formally acquired LinkedIn for $26 billion , there's been a database breach. An anonymous reader writes: LinkedIn is sending emails to 9.5 million users of Lynda.com, its online learning subsidiary, warning the users of a database breach by "an unauthorized third party" . The affected database included contact information for at least some of the users. An email to customers says "while we have no evidence that your specific account was accessed or that any data has been made publicly available, we wanted to notify you as a precautionary measure." Ironically, the breach comes less than a month after Russia blocked access to LinkedIn over privacy concerns .
LinkedIn has also reset the passwords for 55,000 Lynda.com accounts (though apparently many of its users don't have accounts with passwords).

[Dec 26, 2016] The FBI Is Arresting People Who Rent DDoS Botnets

Dec 26, 2016 | yro.slashdot.org
(bleepingcomputer.com) 211 Posted by EditorDavid on Sunday December 18, 2016 @04:44PM from the denial-of-liberty-counterattack dept. This week the FBI arrested a 26-year-old southern California man for launching a DDoS attack against online chat service Chatango at the end of 2014 and in early 2015 -- part of a new crackdown on the customers of "DDoS-for-hire" services. An anonymous reader writes: Sean Krishanmakoto Sharma, a computer science graduate student at USC, is now facing up to 10 years in prison and/or a fine of up to $250,000. Court documents describe a service called Xtreme Stresser as "basically a Linux botnet DDoS tool," and allege that Sharma rented it for an attack on Chatango, an online chat service. "Sharma is now free on a $100,000 bail," reports Bleeping Computer, adding "As part of his bail release agreement, Sharma is banned from accessing certain sites such as HackForums and tools such as VPNs..."

"Sharma's arrest is part of a bigger operation against DDoS-for-Hire services, called Operation Tarpit ," the article points out. "Coordinated by Europol, Operation Tarpit took place between December 5 and December 9, and concluded with the arrest of 34 users of DDoS-for-hire services across the globe, in countries such as Australia, Belgium, France, Hungary, Lithuania, the Netherlands, Norway, Portugal, Romania, Spain, Sweden, the United Kingdom and the United States." It grew out of an earlier investigation into a U.K.-based DDoS-for-hire service which had 400 customers who ultimately launched 603,499 DDoS attacks on 224,548 targets.
Most of the other suspects arrested were under the age of 20.

[Dec 26, 2016] Russians Used Malware On Android Devices To Track and Target Ukraine Artillery, Says Report

Dec 26, 2016 | yro.slashdot.org
(reuters.com) 101 Posted by BeauHD on Thursday December 22, 2016 @06:25PM from the come-out-come-out-wherever-you-are dept. schwit1 quotes a report from Reuters: A hacking group linked to the Russian government and high-profile cyber attacks against Democrats during the U.S. presidential election likely used a malware implant on Android devices to track and target Ukrainian artillery units from late 2014 through 2016, according to a new report released Thursday. The malware was able to retrieve communications and some locational data from infected devices, intelligence that would have likely been used to strike against the artillery in support of pro-Russian separatists fighting in eastern Ukraine, the report from cyber security firm CrowdStrike found. The hacking group, known commonly as Fancy Bear or APT 28, is believed by U.S. intelligence officials to work primarily on behalf of the GRU, Russia's military intelligence agency. The implant leveraged a legitimate Android application developed by a Ukrainian artillery officer to process targeting data more quickly, CrowdStrike said. Its deployment "extends Russian cyber capabilities to the front lines of the battlefield," the report said, and "could have facilitated anticipatory awareness of Ukrainian artillery force troop movement, thus providing Russian forces with useful strategic planning information."

[Dec 26, 2016] Security Researchers Can Turn Headphones Into Microphones

Dec 26, 2016 | news.slashdot.org
(techcrunch.com) 122 Posted by BeauHD on Thursday November 24, 2016 @08:00AM from the proof-of-concept dept. As if we don't already have enough devices that can listen in on our conversations, security researchers at Israel's Ben Gurion University have created malware that will turn your headphones into microphones that can slyly record your conversations. TechCrunch reports: The proof-of-concept, called " Speake(a)r ," first turned headphones connected to a PC into microphones and then tested the quality of sound recorded by a microphone vs. headphones on a target PC. In short, the headphones were nearly as good as an unpowered microphone at picking up audio in a room. It essentially "retasks" the RealTek audio codec chip output found in many desktop computers into an input channel. This means you can plug your headphones into a seemingly output-only jack and hackers can still listen in. This isn't a driver fix, either. The embedded chip does not allow users to properly prevent this hack which means your earbuds or nice cans could start picking up conversations instantly. In fact, even if you disable your microphone, a computer with a RealTek chip could still be hacked and exploited without your knowledge. The sound quality, as shown by this chart, is pretty much the same for a dedicated microphone and headphones. The researchers have published a video on YouTube demonstrating how this malware works.

[Dec 26, 2016] Personal Data For More Than 130,000 Sailors Hacked: U.S. Navy

Dec 26, 2016 | news.slashdot.org
(reuters.com) 57 Posted by msmash on Thursday November 24, 2016 @10:04AM from the security-woes dept. Hackers gained access to sensitive information, including Social Security numbers, for 134,386 current and former U.S. sailors, the U.S. Navy has said . According to Reuters: It said a laptop used by a Hewlett Packard Enterprise Services employee working on a U.S. Navy contract was hacked. Hewlett Packard informed the Navy of the breach on Oct. 27 and the affected sailors will be notified in the coming weeks, the Navy said. "The Navy takes this incident extremely seriously - this is a matter of trust for our sailors," Chief of Naval Personnel Vice Admiral Robert Burke said in a statement.

[Dec 26, 2016] Muni System Hacker Hit Others By Scanning For Year-Old Java Vulnerability

Dec 26, 2016 | developers.slashdot.org
(arstechnica.com) 30 Posted by BeauHD on Tuesday November 29, 2016 @09:05PM from the thank-God-for-backups dept. An anonymous reader quotes a report from Ars Technica: The attacker who infected servers and desktop computers at the San Francisco Metropolitan Transit Agency (SFMTA) with ransomware on November 25 apparently gained access to the agency's network by way of a known vulnerability in an Oracle WebLogic server . That vulnerability is similar to the one used to hack a Maryland hospital network's systems in April and infect multiple hospitals with crypto-ransomware. And evidence suggests that SFMTA wasn't specifically targeted by the attackers; the agency just came up as a target of opportunity through a vulnerability scan. In an e-mail to Ars, SFMTA spokesperson Paul Rose said that on November 25, "we became aware of a potential security issue with our computer systems, including e-mail." The ransomware "encrypted some systems mainly affecting computer workstations," he said, "as well as access to various systems. However, the SFMTA network was not breached from the outside, nor did hackers gain entry through our firewalls. Muni operations and safety were not affected. Our customer payment systems were not hacked. Also, despite media reports, no data was accessed from any of our servers." That description of the ransomware attack is not consistent with some of the evidence of previous ransomware attacks by those behind the SFMTA incident -- which Rose said primarily affected about 900 desktop computers throughout the agency. Based on communications uncovered from the ransomware operator behind the Muni attack published by security reporter Brian Krebs , an SFMTA Web-facing server was likely compromised by what is referred to as a "deserialization" attack after it was identified by a vulnerability scan. A security researcher told Krebs that he had been able to gain access to the mailbox used in the malware attack on the Russian e-mail and search provider Yandex by guessing its owner's security question, and he provided details from the mailbox and another linked mailbox on Yandex. Based on details found in e-mails for the accounts, the attacker ran a server loaded with open source vulnerability scanning tools to identify and compromise servers to use in spreading the ranso