A Look Back at the Last Decade

Sadly, so much of the domestic and world events have affected our daily lives while other events have carried into this new decade. This is hardly a complete look back and readers are encouraged to leave comments with additional major events of the last decade. Congratulations for surviving and prevailing the last decade.

Image result for arab spring tunisia

2010: The Arab Spring

Deepwater Horizon Oil Spill

Apple introduces first iPad

President Obama signed the Affordable Care Act into law

7.0 Earthquake strike Haiti

Instagram Debuts

Image result for abbottabad raid

2011:  Abbottabad Raid Killing Osama bin Ladin

8.9 Earthquake Hits Japan

Prince William Marries Catherine Middleton

Casey Anthony Acquitted of Killing her Daughter

Syrian Civil War Began

2012: Baumgartner’s Stratosphere Jump

Benghazi attack

Super Hurricane Sandy

Aurora, Colorado Theater Shooting

Sandy Hook Elementary School Shooting

2013: IRS Targeting

Boston Marathon Bombing

Edward Snowden NSA leaks

Pope Benedict Resignation, First Ever

Black Lives Matter Activist Movement Originates

Failed Government Launch of Healthcare.gov

Image result for malaysia flight 370

2014: Malaysia Flight #370 Goes Missing

Actor Robin Williams Dies by Suicide

Bowe Bergdahl Taliban Prisoner Swap

Ebola Virus Outbreak

Boko Harem Kidnaps 200 Schoolgirls

Uber Launches Rideshare

Obama Normalizes Relations with Cuba

Islamic State (ISIL-ISIS) Battle Begins in Mosul

Image result for bataclan terror attack

2015:  San Bernardino Terror Attack

Pope Francis Speech to Joint Session of Congress

Hillary Clinton Email Scandal

Charlie Hebdo Terror Attack

Paris Stade de France Bombing

Bataclan Terror Attack

Syrian European Refugee Crisis

2016: Rio Olympic Games, Ryan Lochte scandal

U.S. Supreme Court Legalizes Gay Marriage

Singer Prince Found Dead from Fentanyl Overdose

Colin Kaepernick Began Kneeling Protest

Brexit Vote for Withdraw of United Kingdom from European Union

Russia Hacks U.S. Obama Expels Russian Diplomats and Spies

2017: Rare Coast to Coast Full Solar Eclipse

#MeToo Movement Begins

Las Vegas Mandalay Bay Hotel Shooting Killing 58 Wounding 413

Arianna Grande Manchester Bombing

Robert Mueller Named Special Council to Investigate Donald Trump and Russian Collusion

Hurricane Harvey, Category 4 Hits Leaving $125 Billion in Damage

Hurricane Irma, Category 5

Hurricane Maria, Category 5

President Trump Launches #FakeNews

ANTIFA Launches National Activist Operations

Image result for thailand soccer team cave

2018: Thailand Soccer Team Rescued from Cave

North Korea Agrees to Trump to Denuclearize

Cambridge Analytica-Facebook Scandal

Christine Blasey Ford v. Brett Kavanugh (Supreme Court Nominee)

Prince Harry Marries American Meghan Markle

Stoneman Douglas High School Shooting, Killing 17

Image result for u.s immigration crisis southern border

2019:  Robert Mueller Special Council Investigation Ends

U.S. House of Representatives Votes on Two Articles of Impeachment of President Trump

Trump Installs Sweeping Immigration Enforcement Measures

U.S. China Trade Pact Finalizes First Agreement

Boeing Jets Grounded

Hong Kong Freedom Fighters Protest China for Freedom

Locked Shields Versus Iran

Since the death of several Iranian warlords including Qassim Soleimani, the United States has dispatched more military personnel to the Middle East. The Patriot missile batteries scattered in the region including in Bahrain are now at the ready. When it comes to cyber operations inside Iran, little is being discussed as a means of retribution against the United States. Iran does have cyber warfare capabilities and does use them.

It has been mentioned in recent days that President Trump has been quite measured in responding to Iran’s various attacks including striking Saudi oil fields, hitting oil tankers and shooting down one of the drones operated by the United States. In fact, the United States did respond directly after the downing of our drone by inserting an effective cyber-attack against Iran’s weapons systems by targeting the controls of the missile systems.

APT33 phishing Read details from Security Affairs.

Iran has an estimated 100,000 volunteer cyber trained operatives that has been expanding for the last ten years led by the Basij, a paramilitary network. The cyber unit known for controlling the Iranian missile launchers is Sepehr 110 is a large target of the United States and Israel. Iran also mobilizes cyber criminals and proxy networks including another one known as OilRig.

In 2018, the United States charged 9 Iranians (Mabna Hackers) for conducting massive cyber theft, wire fraud and identity theft that affected hundreds of universities, companies and other proprietary entities.

Due to a more global cyber threat by Iran known to collaborate with North Korea, China and Russia, NATO has been quite aggressive in cyber defense operations via the Cooperative Cyber Defense Center of Excellence applying the Locked Shields Program.

Not too be lost in the cyber threat conditions, Iran also uses their cyber team to blast out propaganda using social media platforms. If this sounds quite familiar, it is. The Russian propaganda operations manual is also being used by Iran. The bots and trolls are at work in Europe to keep France, Britain and Germany connected to the Iranian nuclear deal and to maintain trade operations with Iran including diplomatic operations. There are fake Iranian and Russian accounts still today all over Twitter and Facebook for which Europe is slow to respond if at all.

Meet APT33, which the West calls the Iranian hacking crew(s), the other slang name is Elfin. APT33 is not only hacking, but it is performing cyber-espionage as well. There are many outside government organizations researching and decoding Iran’s cyber operations that cooperate with inside U.S. government cyber operations located across the globe that also cooperate with NATO.

Recorded Future is one such non-government pro-active cyber operation working on Iran. These include attributions of cyber attacks by Iran against Saudi Arabia as well as the West by decoding phishing campaigns, relationships, malware and webshells and security breeches.

Recent published results include in part:

Nasr Institute and Kavosh Redux

In our previous report, “Iran’s Hacker Hierarchy Exposed,” we concluded that the exposure of one APT33 contractor, the Nasr Institute, by FireEye in 2017, along with our intelligence on the composition and motivations of the Iranian hacker community, pointed to a tiered structure within Iran’s state-sponsored offensive cyber program. We assessed that many Iranian state-sponsored operations were directed by the Iranian Revolutionary Guard Corps (IRGC) or the Ministry of Intelligence and Security (MOIS).

According to a sensitive Insikt Group source who provided information for previous research, these organizations employed a mid-level tier of ideologically aligned task managers responsible for the compartmentalized tasking of over 50 contracting organizations, who conducted activities such as vulnerability research, exploit development, reconnaissance, and the conducting of network intrusions or attacks. Each of these discrete components, in developing an offensive cyber capability, were purposefully assigned to different contracting groups to protect the integrity of overarching operations and to ensure the IRGC and/or MOIS retained control of operations and mitigated the risk from rogue hackers. Read more here in detail from a published summary of 6 months ago.

Trump’s Reelection Operation Targeted by Cyber Attacks

Hey Hillary it is not Russia, but they are out there for sure. This time most notable attributions are pointing to Iran.

When the Pentagon recently awarded Microsoft a $10 billion contract to transform and host the US military’s cloud computing systems, the mountain of money came with an implicit challenge: Can Microsoft keep the Pentagon’s systems secure against some of the most well-resourced, persistent, and sophisticated hackers on earth?

“They’re under assault every hour of the day,” says James Lewis, vice president at the Center for Strategic and International Studies. 

Microsoft’s latest win over cloud rival Amazon for the ultra-lucrative military contact means that an intelligence-gathering apparatus among the most important in the world is based in the woods outside Seattle. These kinds of national security responsibilities once sat almost exclusively in Washington, DC. Now in this corner of Washington state, dozens of engineers and intelligence analysts are dedicated to watching and stopping the government-sponsored hackers proliferating around the world.

Members of the so-called MSTIC (Microsoft Threat Intelligence Center) team are threat-focused: one group is responsible for Russian hackers code-named Strontium, another watches North Korean hackers code-named Zinc, and yet another tracks Iranian hackers code-named Holmium. MSTIC tracks over 70 code-named government-sponsored threat groups and many more that are unnamed.

El acuerdo del Pentágono con Microsoft conlleva un centro ...

What are the superpowers of Microsoft?

“Microsoft sees stuff that just nobody else does,” says Williams, who founded the cybersecurity firm Rendition Infosec. “We routinely find stuff, for instance, like flags for malicious IPs in Office 365 that Microsoft flags, but we don’t see it anywhere else for months.”

Connect the dots

Cyber threat intelligence is the discipline of tracking adversaries, following bread crumbs, and producing intelligence you can use to help your team and make the other side’s life harder. To achieve that, the five-year-old MSTIC team includes former spies and government intelligence operators whose experience at places like Fort Meade, home to the National Security Agency and US Cyber Command, translates immediately to their roles at Microsoft. 

MSTIC names dozens of threats, but the geopolitics are complicated: China and the United States, two of the most significant players in cyberspace and the two biggest economies on earth, are virtually never called out the way countries like Iran, Russia, and North Korea frequently are. 

“Our team uses the data, connects the dots, tells the story, tracks the actor and their behaviors,” says Jeremy Dallman, a director of strategic programs and partnerships at MSTIC. “They’re hunting the actors—where they’re moving, what they’re planning next, who they are targeting—and getting ahead of that.”

Microsoft, like other tech giants including Google and Facebook, regularly notifies people targeted by government hackers, which gives the targets the chance to defend themselves. In the last year, MSTIC has notified around 10,000 Microsoft customers that they’re being targeted by government hackers. 

New targets

Beginning in August, MSTIC spotted what’s known as a password spraying campaign. Hackers took around 2,700 educated guesses at passwords for accounts associated with an American presidential campaign, government officials, journalists, and high-profile Iranians living outside Iran. Four accounts were compromised in this attack.

“Once we understand their infrastructure—we have an IP address we know is theirs that they use for malicious purposes—we can start looking at DNS records, domains created, platform traffic,” Dallman says. “When they turn around and start using that infrastructure in this kind of attack, we see it because we’re already tracking that as a known indicator of that actor’s behavior.” 

After doing considerable reconnaissance work, Phosphorus tried to exploit the account recovery process by using targets’ real phone numbers. MSTIC has spotted Phosphorus and other government-sponsored hackers, including Russia’s Fancy Bear, repeatedly using that tactic to try to phish two-factor authentication codes for high-value targets.

What raised Microsoft’s alarm above normal on this occasion was that Phosphorus varied its standard operating procedure of going after NGOs and sanctions organizations. The cross-hairs shifted, the tactics changed, and the scope grew.

Microsoft’s sleuthing ultimately pointed the finger at Iranian hackers for targeting presidential campaigns including, Reuters reported, Donald Trump’s 2020 reelection operation.

One consequence of the 2016 US election is a rise in the sheer number of players fighting to hack political parties, campaigns, and think tanks, not to mention government itself. Election-related hacking has typically been the province of the “big four”—Russia, China, Iran, and North Korea. But it’s spreading to other countries, although the Microsoft researchers declined to specify what they’ve seen.

“What is different is that you’re getting additional countries joining the fray that weren’t necessarily there before,” says Jason Norton, a principal project manager on MSTIC. “The big two [Russia and China]—now, we can say they’ve been historically going after this since well before the 2016 election. But now you’re getting to see additional countries do that—poking and prodding the soft underbelly in order to know the right pieces to have an influence or impact in the future.” 

“The field is getting crowded,” Dallman agrees. “Actors are learning from each other. As they learn tactics from the more prominent names, they turn that around and use them.” 

The upcoming election is different, too, in that no one is surprised to see this malicious activity. Leading into 2016, Russian cyber activity was greeted with a collective dumbfounded naïveté, contributing to paralysis and an unsure response. Not this time.

You saw them in 2016, you saw what they did in Germany, you saw them in the French elections—all following the same MO. The 2018 midterms, too—to a lesser degree, but we still saw some of the same MO, the same actors, the same timing, the same techniques. Now we know, going into 2020, that this is the MO we’re looking for. And now we’ve started to see other countries come out and start doing other tactics.”

In 2016, it was CrowdStrike that first investigated and pointed the finger at Russian activity aiming to interfere with the American election. The US law enforcement and intelligence community later confirmed the company’s findings and eventually, after Robert Mueller’s investigation, indicted Russian hackers and detailed Moscow’s campaign.

MIT Technology Review visited Microsoft, the full summary is here.

Under Obama, the Russians Breached FBI Communications

So, at the time we had Comey, Mueller, Brennan, Clapper, Holder, Lynch, Rice, Power, Monaco, Donilon, McDonough, Rhodes and more.

Anyone remember when there was a pile of Russian spies that Obama expelled and traded? Remember at the very end of the Obama presidency when he expelled another pile of Russians from 3 locations and closed Russian dachas?

A big question remains that has yet to be answered and that is why did the Obama administration wait so long to impose a consequence?

Okay, well sit back this is a long read but it for sure explains the way too casual approach by Obama to Russia.

Simply put, the entire Obama administration and those democrats in congress had to be really embarrassed. With all the later Russian collusion stuff, that operation had to be a huge head-fake cover-up thing.

Whew what a mess. The Russians punked the FBI and that hurt America’s national security and policy badly…so we dispatched Hillary to do that Russian reset with that pesky red button.

Okay, here we go….

Russia carried out a ‘stunning’ breach of FBI communications system, escalating the spy game on U.S. soil

YahooNews: On Dec. 29, 2016, the Obama administration announced that it was giving nearly three dozen Russian diplomats just 72 hours to leave the United States and was seizing two rural East Coast estates owned by the Russian government. As the Russians burned papers and scrambled to pack their bags, the Kremlin protested the treatment of its diplomats, and denied that those compounds — sometimes known as the “dachas” — were anything more than vacation spots for their personnel.

The Obama administration’s public rationale for the expulsions and closures — the harshest U.S. diplomatic reprisals taken against Russia in several decades — was to retaliate for Russian meddling in the 2016 presidential election. But there was another critical, and secret, reason why those locations and diplomats were targeted.

Both compounds, and at least some of the expelled diplomats, played key roles in a brazen Russian counterintelligence operation that stretched from the Bay Area to the heart of the nation’s capital, according to former U.S. officials. The operation, which targeted FBI communications, hampered the bureau’s ability to track Russian spies on U.S. soil at a time of increasing tension with Moscow, forced the FBI and CIA to cease contact with some of their Russian assets, and prompted tighter security procedures at key U.S. national security facilities in the Washington area and elsewhere, according to former U.S. officials. It even raised concerns among some U.S. officials about a Russian mole within the U.S. intelligence community.

“It was a very broad effort to try and penetrate our most sensitive operations,” said a former senior CIA official.

American officials discovered that the Russians had dramatically improved their ability to decrypt certain types of secure communications and had successfully tracked devices used by elite FBI surveillance teams. Officials also feared that the Russians may have devised other ways to monitor U.S. intelligence communications, including hacking into computers not connected to the internet. Senior FBI and CIA officials briefed congressional leaders on these issues as part of a wide-ranging examination on Capitol Hill of U.S. counterintelligence vulnerabilities.

These compromises, the full gravity of which became clear to U.S. officials in 2012, gave Russian spies in American cities including Washington, New York and San Francisco key insights into the location of undercover FBI surveillance teams, and likely the actual substance of FBI communications, according to former officials. They provided the Russians opportunities to potentially shake off FBI surveillance and communicate with sensitive human sources, check on remote recording devices and even gather intelligence on their FBI pursuers, the former officials said.

“When we found out about this, the light bulb went on — that this could be why we haven’t seen [certain types of] activity” from known Russian spies in the United States, said a former senior intelligence official.

The compromise of FBI systems occurred not long after the White House’s 2010 decision to arrest and expose a group of “illegals” – Russian operatives embedded in American society under deep non-official cover – and reflected a resurgence of Russian espionage. Just a few months after the illegals pleaded guilty in July 2010, the FBI opened a new investigation into a group of New York-based undercover Russian intelligence officers. These Russian spies, the FBI discovered, were attempting to recruit a ring of U.S. assets — including Carter Page, an American businessman who would later act as an unpaid foreign policy adviser to Donald Trump’s 2016 presidential campaign.

The breaches also spoke to larger challenges faced by U.S. intelligence agencies in guarding the nation’s secrets, an issue highlighted by recent revelations, first published by CNN, that the CIA was forced to extract a key Russian asset and bring him to the U.S. in 2017. The asset was reportedly critical to the U.S. intelligence community’s conclusion that Russian President Vladimir Putin had personally directed the interference in the 2016 presidential election in support of Donald Trump.

Yahoo spoke about these previously unreported technical breaches and the larger government debates surrounding U.S. policies toward Russia with more than 50 current and former intelligence and national security officials, most of whom requested anonymity to discuss sensitive operations and internal discussions. While the officials expressed a variety of views on what went wrong with U.S.-Russian relations, some said the United States at times neglected to appreciate the espionage challenge from Moscow, and paid a significant price for a failure to prioritize technical threats.

“When I was in office, the counterintelligence business was … focused entirely on its core concern, which is insider threats, and in particular mole hunting,” said Joel Brenner, the head of U.S. counterintelligence and strategy from 2006 to 2009. “This is, in fact, the core risk and it’s right that it should be the focus. But we were neither organized nor resourced to deal with counterintelligence in networks, technical networks, electronic networks.”

The discovery of Russia’s newfound capacity to crack certain types of encryption was particularly unnerving, according to former U.S. officials.

“Anytime you find out that an adversary has these capabilities, it sets off a ripple effect,” said a former senior national security official. “The Russians are able to extract every capability from any given technology. … They are singularly dangerous in this area.”

The FBI’s discovery of these compromises took place on the heels of what many hoped would be a breakthrough between Washington and Moscow — the Obama administration’s 2009 “reset” initiative, which sought to improve U.S.-Russia relations. Despite what seemed to be some initial progress, the reset soon went awry.

In September 2011, Vladimir Putin announced the launch of his third presidential campaign, only to be confronted during the following months by tens of thousands of protesters accusing him of electoral fraud. Putin, a former intelligence officer, publicly accused then-Secretary of State Hillary Clinton of fomenting the unrest.

It was around this time that Putin’s spies in the United States, operating under diplomatic cover, achieved what a former senior intelligence official called a “stunning” technical breakthrough, demonstrating their relentless focus on the country they’ve long considered their primary adversary.

That effort compromised the encrypted radio systems used by the FBI’s mobile surveillance teams, which track the movements of Russian spies on American soil, according to more than half a dozen former senior intelligence and national security officials. Around the same time, Russian spies also compromised the FBI teams’ backup communications systems — cellphones outfitted with “push-to-talk” walkie-talkie capabilities. “This was something we took extremely seriously,” said a former senior counterintelligence official.

The Russian operation went beyond tracking the communications devices used by FBI surveillance teams, according to four former senior officials. Working out of secret “listening posts” housed in Russian diplomatic and other government-controlled facilities, the Russians were able to intercept, record and eventually crack the codes to FBI radio communications.

Russians leave country retreats in the U.S., ordered out ...

Some of the clandestine eavesdropping annexes were staffed by the wives of Russian intelligence officers, said a former senior intelligence official. That operation was part of a larger sustained, deliberate Russian campaign targeting secret U.S. government communications throughout the United States, according to former officials.

The Spy Next Door: What Went On in Russia's Shuttered U.S ...

The two Russian government compounds in Maryland and New York closed in 2016 played a role in the operation, according to three former officials. They were “basically being used as signals intelligence facilities,” said one former senior national security official.

Russia to U.S.: Return Seized Diplomatic Compounds, or Else

Russian spies also deployed “mobile listening posts.” Some Russian intelligence officers, carrying signals intelligence gear, would walk near FBI surveillance teams. Others drove vans full of listening equipment aimed at intercepting FBI teams’ communications. For the Russians, the operation was “amazingly low risk in an angering way,” said a former senior intelligence official.

The FBI teams were using relatively lightweight radios with limited range, according to former officials. These low-tech devices allowed the teams to move quickly and discreetly while tracking their targets, which would have been more difficult with clunkier but more secure technology, a former official said. But the outdated radios left the teams’ communications vulnerable to the Russians. “The amount of security you employ is the inverse of being able to do things with flexibility, agility and at scale,” said the former official.

A former senior counterintelligence official blamed the compromises on a “hodgepodge of systems” ineffective beyond the line of sight. “The infrastructure that was supposed to be built, they never followed up, or gave us the money for it,” said the former official. “The intelligence community has never gotten an integrated system.”

The limitations of the radio technology, said the former senior officials, led the FBI’s surveillance personnel to communicate on the backup systems.

“Eventually they switched to push-to-talk cellphones,” said a former counterintelligence executive. “The tech guys would get upset by that, because if they could intercept radio, they might be able to intercept telephones.”

That is indeed what happened. Those devices were then identified and compromised by Russian intelligence operatives. (A number of other countries’ surveillance teams — including those from hostile services — also transitioned from using radios to cellphones during this time, noted another former official.)

U.S. intelligence officials were uncertain whether the Russians were able to unscramble the FBI conversations in real time. But even the ability to decrypt them later would have given the Russians critical insights into FBI surveillance practices, including “call signs and locations, team composition and tactics,” said a former intelligence official.

U.S. officials were also unsure about how long the Russians had been able to decipher FBI communications before the bureau realized what was happening. “There was a gap between when they were really onto us, and when we got onto them,” said a former senior intelligence official.

Even after they understood that the Russians had compromised the FBI teams’ radios, U.S. counterintelligence officials could not agree on how they had done it. “The intel reporting was they did break our codes or got their hands on a radio and figured it out,” said a former senior intelligence official. “Either way, they decrypted our comms.”

Officials also cautioned, however, that the Russians could only crack moderately encrypted communications, not the strongest types of encryption used by the U.S. government for its most sensitive transmissions. It was nonetheless “an incredible intelligence success” for the Russians, said the former senior official.

While the Russians may have developed this capability by themselves, senior counterintelligence officials also feared that someone from within the U.S. government — a Russian mole — may have helped them, said former officials. “You’re wondering, ‘If this is true, and they can do this, is this because someone on the inside has given them that information?’’ said another former senior intelligence official.

Russia has a clear interest in concealing how it gets its information, further muddying the waters. According to a former senior CIA officer who served in Moscow, the Russians would often try to disguise a human source as a technical penetration. Ultimately, officials were unable to pinpoint exactly how the Russians pulled off the compromise of the FBI’s systems.

Mark Kelton, who served as the chief of counterintelligence at the CIA until he retired in 2015, declined to discuss specific Russian operations, but he told Yahoo News that “the Russians are a professionally proficient adversary who have historically penetrated every American institution worth penetrating.”

This remains a core worry for U.S. spy hunters. The number of ongoing espionage investigations into U.S. government personnel — at the CIA, the FBI and elsewhere — including those potentially recruited by Russia, “is not a little, it’s a lot,” said another former senior counterintelligence official.

Once the compromises of FBI communications devices were confirmed, U.S. officials scrambled to minimize the exposure of mobile surveillance team operations, quickly putting countermeasures in place, according to former senior officials. There was a “huge concern” about protecting the identities of the individuals on the teams — an elite, secret group — said the former senior counterintelligence official. U.S. officials also conducted a damage assessment and repeatedly briefed select White House officials and members of Congress about the compromise.

After the FBI discovered that its surveillance teams’ cellphones had been compromised, they were forced to switch back to encrypted radios, purchasing different models, according to two former officials. “It was an expensive venture,” said one former counterintelligence official.

But the spying successes went both ways. The U.S. intelligence community collected its own inside information to conclude that the damage from the compromises had been limited, partly due to the Russians’ efforts to keep their intelligence coup secret, according to a former senior intelligence official. “The Russians were reticent to take steps [that might reveal] that they’d figured it out,” the former senior official said.

Even so, the costs to U.S. intelligence were significant. Spooked by the discovery that its surveillance teams’ communications had been compromised, the FBI worried that some of its assets had been blown, said two former senior intelligence officials. The bureau consequently cut off contact with some of its Russian sources, according to one of those officials.

At the time of the compromise, some of the FBI’s other Russian assets stopped cooperating with their American handlers. “There were a couple instances where a recruited person had said, ‘I can’t meet you anymore,’” said a former senior intelligence official. In a damage assessment conducted around 2012, U.S. intelligence officials concluded the events may have been linked.

The impact was not limited to the FBI. Alerted by the bureau to concerns surrounding Russia’s enhanced interception capabilities, the CIA also ceased certain types of communications with sources abroad, according to a former senior CIA official. The agency “had to resort to a whole series of steps” to ensure the Russians weren’t able to eavesdrop on CIA communications, the former senior official said. There was a “strong hint” that these newly discovered code-breaking capabilities by Russia were also being used abroad, said another former senior intelligence official.

The CIA has long been wary of Russian spies’ eavesdropping efforts outside of the United States, especially near U.S. diplomatic facilities. U.S. officials have observed Russian technical officers repeatedly walking close to those compounds with packages in their hands, or wearing backpacks, or pushing strollers, or driving by in vehicles — all attempts, U.S. officials believe, to collect information on the different signals emanating from the facilities. While the tools used by the Russians for these activities were “a bit antiquated,” said a former senior CIA official, they were still a “constant concern.”

It’s not unusual for intelligence officers operating from diplomatic facilities, including the United States’s own operatives, to try and intercept the communications of the host nation. “You had to find ways to attack their surveillance,” said Rolf Mowatt-Larssen, former head of counterintelligence at the Department of Energy and a former CIA officer who first served in Moscow in the 1980s. “The Russians do everything in the U.S. that we did in Moscow.”

Indeed, the focus on cracking radio communications was no different.

“We put extraordinary effort into intercepting and monitoring the FSB surveillance radio networks for the purpose of understanding whether our officers were under surveillance or not,” said another former senior CIA officer who also served in Moscow.

The discovery of the Russians’ new code-breaking capabilities came at a time when gathering intelligence on Russia and its leaders’ intentions was of particular importance to the U.S. government. U.S. national security officials working on Russia at the time received rigorous security training on how to keep their digital devices secure, according to two former senior officials. One former U.S. official recalled how during the negotiations surrounding the reset, NSC officials, partially tongue in cheek, “would sometimes say things on the phone hoping [they] were communicating things to the Russians.”

According to a former CIA official and a former national security official, the CIA’s analysts often disagreed about how committed Russia was to negotiations during the attempted reset and how far Putin would go to achieve his strategic aims, divergences that confused the White House and senior policy makers.

“It caused a really big rift within the [National Security Council] on how seriously they took analysis from the agency,” said the former CIA official. Senior administration leaders “went along with” some of the more optimistic analysis on the future of U.S.-Russia relations “in the hopes that this would work out,” the official continued.

Those disagreements were part of a “reset hangover” that persisted, at least for some inside the administration, until the 2016 election meddling, according to a former senior national security official. Those officials clung to the hope that Washington and Moscow could cooperate on key issues, despite aggressive Russian actions ranging from the invasion of Ukraine to its spying efforts.

“We didn’t understand that they were at political war with us already in the second term once Putin was reelected and Obama himself was reelected,” said Evelyn Farkas, the former deputy assistant secretary of defense for Russia, Ukraine, and Eurasia during the Obama administration.

As high-level hopes for the U.S.-Russia “reset” withered, concerns about the threat of Russian spying made their way to Capitol Hill. Top officials at the FBI and CIA briefed key members of Congress on counterintelligence issues related to Russia, according to current and former U.S. officials. These included briefings on the radio compromises, said two former senior officials.

Mike Rogers, a former Republican lawmaker from Michigan who chaired the House Permanent Select Committee on Intelligence from 2011 to 2015, alluded to counterintelligence concerns at a conference earlier this year in Washington, D.C.

One of those concerns was a massive intelligence failure related to the secret internet-based communications system the CIA used to communicate with agents. The extent of that failure, first reported publicly by Yahoo News in 2018, got the attention of Congress earlier.

But the problems were broader than that issue, according to Rogers.

“Our counterintelligence operations needed some adjustments,” said Rogers, adding that he and his Democratic counterpart from Maryland, Dutch Ruppersberger, requested regular briefings on the subject from agency representatives. “We started out monthly until we just wore them out, then we did it quarterly to try to make sure that we had the right resources and the right focus for the entire community on counter[intelligence].”

Rogers later told Yahoo News that his request for the briefings had been prompted by “suspected penetrations, both physical and technical, which is the role of those [Russian and Chinese] intelligence services,” but declined to be more specific.

The former committee chairman said he wanted the intelligence community to make counterintelligence a higher priority. “Counterintelligence was always looked at as the crazy uncle at the party,” he said. “I wanted to raise it up and give it a robust importance.”

The briefings, which primarily involved counterintelligence officials from the FBI and CIA and were limited to the committee leadership and staff directors, led to “some useful inquiries to help focus the intelligence community,” Rogers said. The leaders of the Senate Select Committee on Intelligence were also included in some of the inquiries, according to Rogers and a current U.S. government official.

Spokespeople for the current House and Senate intelligence committees did not respond to a request for comment. The FBI and CIA declined to comment. The Russian Embassy in Washington, D.C. did not respond to a request for comment.

The briefings were designed to “get the counterintelligence house in order,” said Jamil Jaffer, senior counsel at the House intelligence committee from 2011 to 2013, and to ensure that Congress and the intelligence agencies were “on the same page” when it came to such matters. “There were some concerns about what the agencies were doing, there were some concerns about what Congress knew, and all of these issues, of course, had China-Russia implications.”

Rogers and Jaffer declined to provide further details about what specific counterintelligence issues the committee was addressing, but other former officials indicated that worries weren’t limited to the compromise of FBI radio systems. Senior U.S. officials were contemplating an even more disturbing possibility: that the Russians had found a way to penetrate the communications of the U.S. intelligence community’s most sensitive buildings in and around Washington, D.C.

Suspected Russian intelligence officers were seen conspicuously loitering along the road that runs alongside the CIA’s headquarters, according to former senior intelligence officials. “Russian diplomats would be sitting on Route 123, sometimes in cars with diplomatic plates, other times not,” a former senior intelligence executive said. “We thought, they’re out doing something. It’s not just taking down license plates; those guys are interrogating the system.”

Though this behavior dated back at least to the mid-2000s, former officials said those activities persisted simultaneously with the compromise of the FBI’s communication system. And these were not the only instances of Russian intelligence operatives staking out locations with a line of sight to CIA headquarters. They were “fixated on being in neighborhoods” that gave them exposure to Langley, said a former senior official.

Over time, U.S. intelligence officials became increasingly concerned that Russian spies might be attempting to intercept communications from key U.S. intelligence facilities, including the CIA and FBI headquarters. No one knew if the Russians had actually succeeded.

“The question was whether they had capabilities to penetrate our comms at Langley,” said a former senior CIA official. In the absence of any proof that that was the case, the working theory was that the Russian activities were provocations designed to sow uncertainty within the CIA. “We came to the conclusion that they were trying to get into our heads,” the former senior official said.

A major concern was that Russian spies with physical proximity to sensitive U.S. buildings might be exfiltrating pilfered data that had “jumped the air gap,” i.e., that the Russians were collecting information from a breach of computers not connected to the Internet, said former officials.

One factor behind U.S. intelligence officials’ fears was simple: The CIA had already figured out how to perform similar operations themselves, according to a former senior CIA officer directly familiar with the matter. “We felt it was pretty revolutionary stuff at the time,” the former CIA officer said. “It allowed us to do some extraordinary things.”

While no one definitively concluded that the Russians had actually succeeded in penetrating Langley’s communications, those fears, combined in part with the breach of the bureau’s encrypted radio system, drove an effort by U.S. intelligence officials around 2012 to fortify sensitive Washington-area government buildings against potential Russian snooping, according to four former officials.

At key government facilities in the Washington area, entire floors were converted to sensitive compartmented information facilities, or SCIFs. These are specially protected areas designed to be impenetrable to hostile signals intelligence gathering.

The normal assumption was that work done in a SCIF would be secure, but doubts arose about the safety of even those rooms. “The security guys would say, your windows are ‘tempested’”—that is, protected against the interception of emissions radiating from electronic equipment in the building —“you’re in a SCIF, it’s fine,” a former senior counterintelligence executive recalled. “The question was, ‘Is it true?’”

Increasingly, U.S. officials began to fear it was not.

New security practices were instituted in sensitive government facilities like the FBI and CIA headquarters, according to former officials. “It required many procedural changes on our part to make sure we were not susceptible to penetrations,” said a former senior CIA official. These included basic steps such as moving communication away from windows and changing encryption codes more frequently, as well as more expensive adjustments, said four former officials.

Revelations about the Russian compromise of the radio systems, recalled a former senior intelligence official, “kick-started the money flowing” to upgrade security.

While the breaches of the FBI communications systems appeared to finally spur Congress and the intelligence agencies to adopt steps to counter increasingly sophisticated Russian eavesdropping, it took the Putin-directed interference in the 2016 election to get the White House to expel at least some of those officials deemed responsible for the breaches, and to shut down the facilities that enabled them.

Even then, the decision was controversial. Some in Washington worried about retribution by the Russians and exposure of American intelligence operations, according to a former senior U.S. national security official directly involved in the discussions. The FBI consistently supported expulsions, said another former national security official.

More than two years later, the Russian diplomatic compounds used in the FBI communications compromises remain shuttered. The U.S. government has prevented many of the Russian spies expelled by the United States from returning, according to national security experts and senior foreign intelligence officials. “They are slowly creeping back in, but [the] FBI makes it hard,” said a senior foreign intelligence official. “The old guard is basically screwed. They need to bring in a whole new generation.”

In the meantime, those familiar with Russian operations warn that the threat from Moscow is far from over. “Make no mistake, we’re in an intelligence war with the Russians, every bit as dangerous as the Cold War,” said a former senior intelligence officer. “They’re trying all the time … and we caught them from time to time,” he said. Of course, he added, “you don’t know what you don’t know.”

That’s the same message that special counsel Robert Mueller tried to convey during the highly contentious hearings to discuss his report on Russian interference in the 2016 election. “They are doing it as we sit here, and they expect to do it during the next campaign,” Mueller told lawmakers on the House Intelligence Committee about covert Russian involvement in U.S. politics.

But a number of observers believe Mueller’s message about the threat from Russia was largely lost amid a partisan battle on Capitol Hill over President Trump.

During his Washington conference appearance earlier this year, Rogers, the former chair of the House Intelligence Committee, also lamented that the current politicized state of the intelligence committees would make spy agencies more hesitant to admit their failures.

“They’re not going to call you to say, ‘I screwed up.’ They’re going to say, ‘God, I hope they don’t find that,’” he said. “That’s what’s going to happen. I’ll guarantee it’s happening today.”

What Can Be Purchased at Canadian RX Pharmacies?
The best thing about Canadian drugstores is the abundance of medications they offer to their clients. As a rule, at such websites, you may find effective remedies or medical solutions to any kind of disorders, which refers to not just RX medications available on prescription, but also personal care products, vitamins and nutritional supplements. Canadian pharmacy Canadapharmrxon.com even offer a broad assortment of generic medications which are just as good as prescription drugs but are available at a more affordable price. So, what can be found at Canadian drugstores? Here is a list of the most popular options:
Anti-inflammatory medicines;
Medicines to fight infectious diseases such as antibiotics;
Antipsychotic drugs and other mental health solutions;
Men’s health goods;
Women’s skin care products;
High blood pressure solutions;
Weight control medicines;
Personal care products;
Drugs to treat stomach disorders;
Over-the-counter medicines such as herbal drugs or supplements.

 

Feds Prepare States for Foreign Voting Interference

The Democrats have really lost their argument against voter ID if they are being fully candid about foreign interference. It is without question that several cities and states are victims of ransomware and Florida is especially concerned. Remember that a foreign actor, where clues point to Russia were able to gain access to voter registration databases and it stands to reason China will attempt the same.

Continually, the Democrats say that the Trump administration is virtually doing nothing to protect the election system. Read on as the Democrats know the mission and actions of the Cyber division of the Department of Homeland Security.

Image result for foreign hackers us voting systems photo
As Reuters reports:

The U.S. government plans to launch a program in roughly one month that narrowly focuses on protecting voter registration databases and systems ahead of the 2020 presidential election.

These systems, which are widely used to validate the eligibility of voters before they cast ballots, were compromised in 2016 by Russian hackers seeking to collect information. Intelligence officials are concerned that foreign hackers in 2020 not only will target the databases but attempt to manipulate, disrupt or destroy the data, according to current and former U.S. officials.

“We assess these systems as high risk,” said a senior U.S. official, because they are one of the few pieces of election technology regularly connected to the Internet.

The Cybersecurity Infrastructure Security Agency, or CISA, a division of the Homeland Security Department, fears the databases could be targeted by ransomware, a type of virus that has crippled city computer networks across the United States, including recently in Texas, Baltimore and Atlanta.

“Recent history has shown that state and county governments and those who support them are targets for ransomware attacks,” said Christopher Krebs, CISA’s director. “That is why we are working alongside election officials and their private sector partners to help protect their databases and respond to possible ransomware attacks.”

A ransomware attack typically locks an infected computer system until payment, usually in the form of cryptocurrency, is sent to the hacker.

The effort to counter ransomware-style cyberattacks aimed at the election runs parallel to a larger intelligence community directive to determine the most likely vectors of digital attack in the November 2020 election, according to current and former U.S. officials.

“It is imperative that states and municipalities limit the availability of information about electoral systems or administrative processes and secure their websites and databases that could be exploited,” the FBI said in a statement, supporting the Homeland Security initiative.

CISA’s program will reach out to state election officials to prepare for such a ransomware scenario. It will provide educational material, remote computer penetration testing, and vulnerability scans as well as a list of recommendations on how to prevent and recover from ransomware.

These guidelines, however, will not offer advice on whether a state should ultimately pay or refuse to pay ransom to a hacker if one of its systems is already infected.

“Our thought is we don’t want the states to have to be in that situation,” said a Homeland Security official. “We’re focused on preventing it from happening.”

Over the last two years, cyber criminals and nation state hacking groups have used ransomware to extort victims and create chaos. In one incident in 2017, which has since been attributed to Russian hackers, a ransomware virus was used to mask a data deletion technique, rendering victim computers totally unusable.

That attack, dubbed “NotPetya,” went on to damage global corporations, including FedEx and Maersk, which had offices in Ukraine where the malware first spread.

The threat is concerning because of its potential impact on voting results, experts say.

“A pre-election undetected attack could tamper with voter lists, creating huge confusion and delays, disenfranchisement, and at large enough scale could compromise the validity of the election,” said John Sebes, chief technology officer of the ESET Institute, an election technology policy think tank.

The databases are also “particularly susceptible to this kind of attack because local jurisdictions and states actively add, remove, and change the data year-round,” said Maurice Turner, a senior technologist with the Center for Democracy and Technology. “If the malicious actor doesn’t provide the key, the data is lost forever unless the victim has a recent backup.”

Nationwide, the local governments that store and update voter registration data are typically ill-equipped to defend themselves against elite hackers.

State election officials told Reuters they have improved their cyber defenses since 2016, including in some cases preparing backups for voter registration databases in case of an attack. But there is no common standard for how often local governments should create backups, said a senior Homeland Security official.

“We have to remember that this threat to our democracy will not go away, and concern about ransomware attacks on voter registration databases is one clear example,” said Vermont Secretary of State Jim Condos. “We’re sure the threat is far from over.”