Progress Pond

The Trail of VP Alperovitch @CrowdStrike

Is there global cyber warfare? Definitely!
Is there a global propaganda war with fake news articles in MSM? Definitely!  

IC’s report on Russia’s tampering in the election – an Assessment | Emptywheel |
Underwhelming Intel Report Shows Need for Congressional Investigation of DNC Hack | The Intercept |

CrowdStrike got a financial boost from DNC backers in 2015 …

Clinton’s defeat left Soros NGOs hanging to dry in support of “spreading democracies”

So why would Crowdstrike blame Russia?

It should be noted that Crowdstrike had three funders:  1)  Warburg Pincus.  Tim Geithner, is president of  Warburg Pincus, former Secretary of Treasury under Obama, and formerly worked in the Clinton administration…  Uh-oh.   Warburg Pincus was a contributor to the DNC and Clinton campaign.   2)   Accel Partners is also a CrowdStrike funder.

    Former first daughter Chelsea Clinton and Accel partner Sonali De Rycker have both joined the board
    of IAC/InterActiveCorp, the company announced in an SEC filing [Eff. Sept. 22, 2011]. The two will
    join IAC’s 14-member board which includes IAC chief Barry Diller and former Disney CEO Michael Eisner.

According to the Clinton Foundation website,  Accel is a venture capitalist partner in the Endeavor Investor Network [Board members that include eBay founder Pierre Omidyar of Ukrainian Maidan infamy].   3)   And the last funder of CrowdStrike is Google Capital, now CapitalG, managed under David Drummond of Google who was instrumental in `realigning’ Google search engines to favor Hillary’s campaign.

[Update-2] :: Just thinking, was it Putin’s motive to take down Soros by defeating Clinton (D) – see Ukraine coup d”etat through Maidan Revolt.

Meeting With Wall Street Mogul Pushing To Shift Retiree Savings To Financial Firms

Days before publicly promoting a plan that could funnel billions of dollars of retiree assets to Wall Street, the president of one of the world’s largest financial firms was organizing a private meeting with Hillary Clinton’s economic team. A hacked email detailing the meeting between Blackstone President Tony James— a top Clinton fundraiser — and Clinton’s economic advisers was released by Wikileaks.

On January 1, 2016, James published a New York Times op-ed promoting his plan to enact a new 3 percent payroll tax that would raise hundreds of billions of dollars to fund guaranteed retirement accounts. As International Business Times reported last month, James’ firm is a major private equity and hedge fund player, and his plan [pdf] promoted the fact that the money could be invested in those kind of alternative investments.

Wikileaks emails now show that three days before that op-ed was published, a Blackstone official contacted Clinton campaign chairman John Podesta, letting him know that James was convening a meeting at his apartment to discuss economic policy with Clinton’s top aides. The meeting was to be hosted by James and former Treasury Secretary Tim Geithner, who is now the president of the private equity giant Warburg Pincus.

“Blackstone President Tony James and Tim Geithner are hosting a small dinner for your economic team on January 20th,” wrote Blackstone‘s Christine Anderson. “Schmidt, Shapiro, Sullivan and Harris are confirmed. Ann is tentative but will attend if she’s in town that night. Tim and Tony were hoping you would join. Small. Off the record. No agenda other than hopefully a dynamic conversation about economic policy. This will either be at Tony’s apartment or a location closer to the campaign.”

The Impact of Cyber Capabilities in the Syrian Civil War | Small Wars Journal |

The Syrian Civil War has also spilled over into cyberspace.  The FSA has launched DDoS cyberattacks on government websites belonging to Syria’s parliament and pro-Assad media outlets.  Syrian individuals have also joined the war for cyberspace and have employed sophisticated hacking techniques to launch their own cyberattacks.  One hacker was able use malware and information from the SEA’s Facebook page to launch a DDoS attack on four pro-Assad news outlets.

The opposition was also able to obtain access to al-Assad’s personal email correspondence.  These emails revealed details about Assad’s life like revelations that he was buying luxury goods during the war and that he was likely accepting strategic advice from Iran, which he had publicly denied.  These details were eventually leaked to the Wikileaks and the newspaper, The Guardian.  These revelations proved to be embarrassing for al-Assad and helped to discredit his strategic narrative.

Junk Journalism: The “Assad” E-mails | Land Destroyer | by Tony Cartolucci

The opposition has also used cyber capabilities to obtain a tactical advantage on the battlefield. Rebel fighters are known to use online applications, like Google Maps, to locate targets and calibrate long-range weapons to strike them. These fighters have also used the internet to coordinate units on the battlefield.  The regime, however, has adapted to this tactic by occasionally disrupting the internet and other communications networks ahead of government military offensives.  The regime has also successfully used cyber capabilities to gain a tactical advantage. The SEA uploaded malware onto numerous social media websites like YouTube, Facebook, and Skype. This malware attacked opposition social media accounts and allowed the SEA to steal passwords, gain control of opposition computers, and monitor online activity.  This left the opposition vulnerable to being spied on and located through geolocation data, which exposed them to attack by military forces. The regime also gained access to social media accounts by obtaining login information from captured activists and fighters. This allowed the SEA to pose as opposition activists and spread misinformation and malware. It might also have allowed the regime to send fake battle plans to units to draw them into ambushes. The opposition has detected and adapted to these tactics, making it more difficult for the regime to effectively use cyber capabilities. As a result, the regime has also started to track foreign aid workers through geolocation data since they are often in close proximity to the opposition forces and are less wary of cyber security concerns.

The International Dimension of the Conflict

The Syrian conflict has a proxy war dimension with various states supporting or attempting to topple Assad’s regime. This geopolitical struggle has pitted many of the world’s most powerful countries against each other as they have supported different sides of the conflict.  As a result, this dimension of the conflict should be viewed as a traditional interstate proxy war.  However, many states including the United States and Iran have threatened direct military intervention in the conflict.

What is notable about the Syrian conflict is that the countries that are supporting and opposing the Syrian government have largely refrained from using their cyber capabilities.  The United States had considered the use of cyberattacks to undermine the Assad regime because it would be a low risk way to respond to the public’s calls for intervention in the conflict.  The Pentagon and National Security Agency had drafted a plan to use American cyber capabilities to attack the Syrian military.  The objective of the plan was to ground the Syrian air force and disable key military sites.  President Obama, however, decided against a cyberattack because its impacts would be highly visible and it would be difficult for America to deny that it was involved in such a sophisticated cyberattack.  As a result, there were fears that a cyberattack could lead to the escalation of the conflict and would invite cyber retaliation from Iran or Russia.  Obama thus felt that the political risks of a cyberattack were too great.

New law signed by Obama targets independent media outlets, websites, for elimination under NDAA | Dec. 26, 2016 |

One, the Intelligence Authorization Act for Fiscal Year 2017 (H.R. 6393, reintroduced as H.R. 6480), authorized funding for the federal intelligence services. The other, the National Defense Authorization Act (NDAA) for Fiscal Year 2017, authorized funding for the Department of Defense. While both contained provisions related to foreign propaganda, only one, the NDAA, was signed into law before Christmas 2016. It contained a section (originally introduced as separate legislation called the Counter Disinformation and Anti-Propaganda Act)

See also my recent diaries …

Cyber Vulnerability: Contour of Next Global War
Galeotti: The West’s Paranoia About Putin
EU/NATO Propaganda It’s About Daesh and Russia [Update5]

THE END … ALMOST

Obama Was Too Good at Social Media | The Atlantic |

[Update-1] :: Former FBI executive Shawn Henry joins CrowdStrike, a pioneer in cyber security

Continued below the fold …

Shawn Henry, former FBI cyber cop worries about a digital 9/11 | CNN Money – July 2012 |

An obscure U.S. government agency slipped a hair-raising disclosure into its monthly newsletter: Hackers had successfully penetrated the networks of several natural gas pipeline operators.

Here was a rare public acknowledgement that hackers are currently laying the foundation for a critical-infrastructure attack — the nightmare scenario that keeps cybersecurity pros up at night.

The natural gas attackers got in through “convincingly crafted” emails that appeared to be internal and went to a “tightly focused” list of targets, according a Department of Homeland Security cybersecurity team. The campaign lasted three months before it was discovered.

In his opening keynote at Black Hat — one of the largest annual gatherings of security researchers — Shawn Henry, the FBI’s longtime top cybercrime official, cited the natural gas intrusion as an example of the escalating stakes of cybersecurity.

“The adversary knows that if you want to harm civilized society — take their water away, do away with their electricity,” Henry said. “There are terrorist groups that are online now calling for the use of cyber as a weapon.”

Protecting the power grid from hackers

“I still hear from CEOs, ‘Why would I be a target?'” Henry said. “We worked with one company that lost $1 billion worth of IP in the course of a couple of days — a decade of research. That is not an isolated event. … Your data is being held hostage, and the life of your organization is at risk.”

So what can companies do? Echoing the words of many government officials — including FBI Director Robert Mueller, who predicts that cybercrime will soon eclipse terrorism as his agency’s top priority — Henry called for greater public-private collaboration and information sharing.

Shawn Henry,
Executive Assistant Director FBI – Responding to the Cyber Threat (2011)

CrowdStrike’s Shawn Henry on Cyberterrorists, Ransomware and Hacked Elections

Interviewer: During the current election cycle, there has been a lot of talk about Russia’s potential to interfere with the upcoming presidential election. Is our election process, for example, electronic voting machines, are they vulnerable to hacking? And just how probable is it that we might see state-sponsored “cyber interference,” for lack of a better term, in the upcoming election?

Shawn Henry: I think that the way the system’s set up right now, it’s pretty dispersed. In other words, we don’t have a national election system where everybody’s vote is online and connected to the network. You have 50 states, each of which has a different system. Most of them have paper backups. Even if they do something online, they can turn to the paper backups for verification. A lot of states actually still just use paper.

I don’t think we’re susceptible to a really nefarious type of attack, but only because our system is not advanced enough. I think that there could be a destruction of voter records. In other words, the registry of voters.

The Election Is Over, But Russia Is Still Hacking | NBC News |

Even though Trump and Putin have expressed support for improved U.S.-Russia relations, via his win Trump has suddenly become an opponent for a Russian president who views the U.S. as not just a competitor but in many ways as an enemy, experts said. As such, aggressive collection of intelligence on the Trump transition effort would be part of Putin’s playbook, in terms of how the former KGB intelligence officer seeks to gain leverage over his opponents, said Shawn Henry, a former top FBI cybersecurity official who is now at the CrowdStrike security firm.

“They are interested in anything that is going to demonstrate and dictate the direction that the U.S. is going,” including key players and policies, said Henry, whose security firm has tracked Cozy Bear for several years.

“It is a whole-cloth collection across the U.S. and how they can use that information in negotiations,” Henry told NBC News. “If you know the answer before the test you are in a stronger position.”

The CozyDuke APT detected by Kaspersky Lab

CozyDuke (aka CozyBear, CozyCar or “Office Monkeys”) is a precise attacker. Kaspersky Lab has observed signs of attacks against government organizations and commercial entities in the US, Germany, South Korea and Uzbekistan. In 2014, targets included the White House and the US Department of State, as believed.

The operation presents several interesting aspects

  • extremely sensitive high profile victims and targets
  • evolving crypto and anti-detection capabilities
  • strong malware functional and structural similarities mating this toolset to early MiniDuke second stage components, along with more recent CosmicDuke and OnionDuke components

The actor often spearphishes targets with e-mails containing a link to a hacked website. Sometimes it is a high profile, legitimate site such as “diplomacy.pl”, hosting a ZIP archive. The ZIP archive contains a RAR SFX which installs the malware and shows an empty PDF decoy.

    On Feb 12th 2013, FireEye announced the discovery of an Adobe Reader 0-day exploit which is used to drop
    a previously unknown, advanced piece of malware. We called this new malware “ItaDuke” because it reminded us
    of Duqu and because of the ancient Italian comments in the shellcode copied from Dante Aligheri’s Divine Comedy.

    [Source: Kaspersky Lab .pdf]

MiniDuke, CosmicDuke and OnionDuke have a same matrix

NEXT DIARY » »
‘Sir’ Andrew Wood as spy chief in Moscow

NEXT DIARY » »
British Intelligence Delivers Another ‘Dodgy Dossier’

NEXT DIARY » »
NATO and Soros Crossed Russia’s Red Line in Europe

0 0 votes
Article Rating
Exit mobile version