Russia’s Silent Effective War Against the United States

Posted on by

There is no country that is better with propaganda tactics than Russia and they are in use today. The measure of the costs related to Russia’s tactics especially when it comes to the internet is not measurable.

This silent war is noticed even by Secretary of State John Kerry when he declared he was certain that both China and Russia have access or have read his emails. So why no declaration of war or prosecution of espionage?

***

A Russian crime ring has amassed the largest known collection of stolen Internet credentials, including 1.2 billion user name and password combinations and more than 500 million email addresses, security researchers say.

The records, discovered by Hold Security, a firm in Milwaukee, include confidential material gathered from 420,000 websites, including household names, and small Internet sites. Hold Security has a history of uncovering significant hacks, including the theft last year of tens of millions of records from Adobe Systems. More details here.

***

Exclusive: Russian antivirus firm faked malware to harm rivals – Ex-employees

Reuters: Beginning more than a decade ago, one of the largest security companies in the world, Moscow-based Kaspersky Lab, tried to damage rivals in the marketplace by tricking their antivirus software programs into classifying benign files as malicious, according to two former employees.

They said the secret campaign targeted Microsoft Corp (MSFT.O), AVG Technologies NV (AVG.N), Avast Software and other rivals, fooling some of them into deleting or disabling important files on their customers’ PCs.

Some of the attacks were ordered by Kaspersky Lab’s co-founder, Eugene Kaspersky, in part to retaliate against smaller rivals that he felt were aping his software instead of developing their own technology, they said.

“Eugene considered this stealing,” said one of the former employees. Both sources requested anonymity and said they were among a small group of people who knew about the operation.

Kaspersky Lab strongly denied that it had tricked competitors into categorizing clean files as malicious, so-called false positives.

“Our company has never conducted any secret campaign to trick competitors into generating false positives to damage their market standing,” Kaspersky said in a statement to Reuters. “Such actions are unethical, dishonest and their legality is at least questionable.”

Executives at Microsoft, AVG and Avast previously told Reuters that unknown parties had tried to induce false positives in recent years. When contacted this week, they had no comment on the allegation that Kaspersky Lab had targeted them.

The Russian company is one of the most popular antivirus software makers, boasting 400 million users and 270,000 corporate clients. Kaspersky has won wide respect in the industry for its research on sophisticated Western spying programs and the Stuxnet computer worm that sabotaged Iran’s nuclear program in 2009 and 2010.

The two former Kaspersky Lab employees said the desire to build market share also factored into Kaspersky’s selection of competitors to sabotage.

“It was decided to provide some problems” for rivals, said one ex-employee. “It is not only damaging for a competing company but also damaging for users’ computers.”

The former Kaspersky employees said company researchers were assigned to work for weeks or months at a time on the sabotage projects.

Their chief task was to reverse-engineer competitors’ virus detection software to figure out how to fool them into flagging good files as malicious, the former employees said.

The opportunity for such trickery has increased over the past decade and a half as the soaring number of harmful computer programs have prompted security companies to share more information with each other, industry experts said. They licensed each other’s virus-detection engines, swapped samples of malware, and sent suspicious files to third-party aggregators such as Google Inc’s (GOOGL.O) VirusTotal.

By sharing all this data, security companies could more quickly identify new viruses and other malicious content. But the collaboration also allowed companies to borrow heavily from each other’s work instead of finding bad files on their own.

Kaspersky Lab in 2010 complained openly about copycats, calling for greater respect for intellectual property as data-sharing became more prevalent.

In an effort to prove that other companies were ripping off its work, Kaspersky said it ran an experiment: It created 10 harmless files and told VirusTotal that it regarded them as malicious. VirusTotal aggregates information on suspicious files and shares them with security companies.

Within a week and a half, all 10 files were declared dangerous by as many as 14 security companies that had blindly followed Kaspersky’s lead, according to a media presentation given by senior Kaspersky analyst Magnus Kalkuhl in Moscow in January 2010.

When Kaspersky’s complaints did not lead to significant change, the former employees said, it stepped up the sabotage.

INJECTING BAD CODE

In one technique, Kaspersky’s engineers would take an important piece of software commonly found in PCs and inject bad code into it so that the file looked like it was infected, the ex-employees said. They would send the doctored file anonymously to VirusTotal.

Then, when competitors ran this doctored file through their virus detection engines, the file would be flagged as potentially malicious. If the doctored file looked close enough to the original, Kaspersky could fool rival companies into thinking the clean file was problematic as well.

VirusTotal had no immediate comment.

In its response to written questions from Reuters, Kaspersky denied using this technique. It said it too had been a victim of such an attack in November 2012, when an “unknown third party” manipulated Kaspersky into misclassifying files from Tencent (0700.HK), Mail.ru (MAILRq.L) and the Steam gaming platform as malicious.

The extent of the damage from such attacks is hard to assess because antivirus software can throw off false positives for a variety of reasons, and many incidents get caught after a small number of customers are affected, security executives said.

The former Kaspersky employees said Microsoft was one of the rivals that were targeted because many smaller security companies followed the Redmond, Washington-based company’s lead in detecting malicious files. They declined to give a detailed account of any specific attack.

Microsoft’s antimalware research director, Dennis Batchelder, told Reuters in April that he recalled a time in March 2013 when many customers called to complain that a printer code had been deemed dangerous by its antivirus program and placed in “quarantine.”

Batchelder said it took him roughly six hours to figure out that the printer code looked a lot like another piece of code that Microsoft had previously ruled malicious. Someone had taken a legitimate file and jammed a wad of bad code into it, he said. Because the normal printer code looked so much like the altered code, the antivirus program quarantined that as well.

Over the next few months, Batchelder’s team found hundreds, and eventually thousands, of good files that had been altered to look bad. Batchelder told his staff not to try to identify the culprit.

“It doesn’t really matter who it was,” he said. “All of us in the industry had a vulnerability, in that our systems were based on trust. We wanted to get that fixed.”

In a subsequent interview on Wednesday, Batchelder declined to comment on any role Kaspersky may have played in the 2013 printer code problems or any other attacks. Reuters has no evidence linking Kaspersky to the printer code attack.

As word spread in the security industry about the induced false positives found by Microsoft, other companies said they tried to figure out what went wrong in their own systems and what to do differently, but no one identified those responsible.

At Avast, a largely free antivirus software maker with the biggest market share in many European and South American countries, employees found a large range of doctored network drivers, duplicated for different language versions.

Avast Chief Operating Officer Ondrej Vlcek told Reuters in April that he suspected the offenders were well-equipped malware writers and “wanted to have some fun” at the industry’s expense. He did not respond to a request on Thursday for comment on the allegation that Kaspersky had induced false positives.

WAVES OF ATTACKS

The former employees said Kaspersky Lab manipulated false positives off and on for more than 10 years, with the peak period between 2009 and 2013.

It is not clear if the attacks have ended, though security executives say false positives are much less of a problem today.

That is in part because security companies have grown less likely to accept a competitor’s determinations as gospel and are spending more to weed out false positives.

AVG’s former chief technology officer, Yuval Ben-Itzhak, said the company suffered from troves of bad samples that stopped after it set up special filters to screen for them and improved its detection engine.

“There were several waves of these samples, usually four times per year. This crippled-sample generation lasted for about four years. The last wave was received at the beginning of the year 2013,” he told Reuters in April.

AVG’s chief strategy officer, Todd Simpson, declined to comment on Wednesday.

Kaspersky said it had also improved its algorithms to defend against false virus samples. It added that it believed no antivirus company conducted the attacks “as it would have a very bad effect on the whole industry.”

“Although the security market is very competitive, trusted threat-data exchange is definitely part of the overall security of the entire IT ecosystem, and this exchange must not be compromised or corrupted,” Kaspersky said.

Another Illegal and an Unimaginable Triple Murder

Posted on by

Ft. Myers, Florida: Family member charged in ‘extremely violent’ triple homicide

The Lee County Sheriff’s Office announced Thursday that Brian Omar Hyde has been charged in the deaths of Dorla Pitts, 37, her daughter Starlette Pitts, 17, and Michael Kelly, Jr., 19.

Deputies were called to the home in the 3507 21st Street SW shortly before noon Tuesday. It all started when Dorla Pitts walked in on the scene while she was on the phone with her husband. Her scream was the last thing Dorrien Pitts heard. He then called a family friend who went to the home and discovered the bodies.

– VIDEO: Watch the full LCSO press conference

The 18-month-old daughter of Starlette and Michael was found unharmed. Detectives are not sharing details on whether the child was near the bodies.

Hyde, 19, is charged with three counts of second-degree murder and faces a charge in the death of Starlette Pitts’ unborn child. He was arrested Tuesday for driving without a license. At the time of his arrest, he had blood on his body and clothes, according to LCSO.

– DOWNLOAD: Brian Omar Hyde arrest report

Michael’s mother, Sherri Flemming, said Hyde is Starlette’s cousin and Dorla’s nephew who had been staying at the home after recently moving here from Belize. According to LCSO, Hyde is in the country illegally and is awaiting a court hearing as an illegal immigrant, having crossed the Texas border earlier this year.

Lt. Matt Sands said it was an “extremely violent scene, even for us. All homicide scenes are normally violent, but this scene was what we considered unimaginable.”

He said there is evidence all the victims tried to defend themselves.

At the same time deputies were working the Lehigh scene, Fort Myers Police received a call for a reckless driver. Hyde was pulled over in a white Range Rover for driving on the opposite side of the road, at which time he was arrested for driving with no license. The Range Rover was registered to the Lehigh address, as were two other sets of keys Hyde had with him. Detectives say a bloody palm print found at the scene matched Hyde’s.

LCSO is still investigating a motive.

Investigators are not releasing specific details on the murder weapon, only stating that the victims were hit several times with a sharp object.

FAMILY LEFT TO PICK UP THE PIECES

Michael’s mother, Sherri Flemming, said Thursday that when she met Brian Hyde, she felt something was off, but accepted him because he is Starlette’s cousin. She said the young couple took him in because they were good, caring people.

“This could happen to anybody, so be careful who you bring into your house. It could be your own family member,” Flemming said.

She said Hyde was made to feel like family by Starlette and Michael, who invited him to his family’s gatherings, but Flemming said she felt uncomfortable when Hyde came around.

While it helps to know how they died, it’s the why that leaves Flemming emotional. “They was innocent people, how could you do this?”

Michael’s sister, Derquiasha Henderson, said they were just picking out baby names for the new baby. “We were just doing all of that, we were supposed to hang out.”

She said now they’ll have to show the surviving 18-month-old, found unharmed in a bedroom, how much her parents loved her.

“I can picture her trying to go to her mom and my brother and wake them up, because that’s the type of baby she is. She love her parents, she loved them and they loved her,” Henderson said.

The surviving grandparents from both families are in the process of figuring out how to care for the little girl, and say what they need most right now is time to heal.

WHO IS BRIAN HYDE?

Authorities in Brian Hyde’s native country of Belize say he is no stranger to them.

Hyde was recently wanted in connection to a recent robbery of a cell phone store there before fleeing the country.

Hyde first came to the U.S. in January, illegally entering through Texas, according to investigators.

– VIDEO: Who is Brian Hyde?

Since then, Hyde had been staying with his relatives, the Pitts, in Lehigh Acres.

According to Belize media outlets, Hyde was also arrested in November of last year for assaulting a police officer, a charge he later disputed.

Other reports show Hyde and two other men were suspects in a double murder case dating back to October 2013. He was only charged with a lesser crime of “handling stolen goods.”

A newspaper reporter said Hyde comes from a known “criminal” family.

His uncle, Russell Hyde, was considered a suspect in the brutal murders of two Belize nationals in May. Both men were found decapitated and dismembered.

To date, Russell Hyde has not been charged with their murders.

According to sources in Belize, police do not have the technology to analyze DNA and other forensic evidence like the U.S. does, which may be one reason they had such a hard time connecting Russell Hyde to those deaths.

As for Brian Hyde, he remains in Lee County Jail and faces trial here.

Attorney Michael Raheb said if Hyde is found not guilty, he’ll face an immigration judge and most likely be deported.

But if found guilty, “then he may be serving life in prison, in which case the whole point of deportation becomes moot because he won’t be released from Florida state prison,” Raheb said.

Officials at the Department of Immigration and Customs Enforcement have not yet responded to NBC2’s requests for comment.

ISIS Uses Chemical Weapons in Iraq

Posted on by

EDGARTOWN, Massachusetts (AP) — The United States is investigating whether the Islamic State used chemical weapons, the White House said Thursday, following allegations that IS militants deployed chemical weapons against Kurdish forces in northern Iraq.

 

Alistair Baskey, a spokesman for the White House’s National Security Council, said the U.S. is taking the allegations “very seriously” and seeking more information about what happened. He noted that IS had been accused of using such weapons before.

“We continue to monitor these reports closely, and would further stress that any use of chemicals or biological material as a weapon is completely inconsistent with international standards and norms regarding such capabilities,” Baskey said in a statement.

Earlier Thursday, Kurdish officials said their forces, known as peshmerga, were attacked the day before near the town of Makhmour, not far from Irbil. Germany’s military has been training the Kurds in the area, and the German Defense Ministry said some 60 Kurdish fighters had suffered breathing difficulties from the attack — a telltale sign of chemical weapons use. But neither Germany nor the Kurds specified which type of chemical weapons may have been used.

Confirmation of chemical weapons use by IS would mark a dramatic turn in the U.S.-led effort to rout the extremist group from the roughly one-third of Iraq and Syria that it controls.

Although the U.S. and its coalition partners are mounting airstrikes against the Islamic State, they are relying on local forces like the Kurds, the Iraqi military and others to do the fighting on the ground. Already, those forces have struggled to match the might of the well-funded and heavily armed extremist group.

At the United Nations, U.S. Ambassador Samantha Power said the U.S. was speaking with the Kurds who had made the allegations to gather more information. She said that if reports of chemical weapons are true, they would further prove that what IS calls warfare is really “just systematic attacks on civilians who don’t accord to their particularly perverse world view.”

“I think we will have to again move forward on these allegations, get whatever evidence we can,” Power said.

She added that as a result of earlier chemical weapons use by the Syrian government, the U.S. and its partners now have advanced forensic systems to analyze chemical weapons attacks. She said anyone responsible should be held accountable.

Similar reports of chemical weapons use by IS had surfaced in July. But it’s unclear exactly where the extremist group may have obtained any chemical weapons.

Following a chemical weapon attack on a suburb of the Syrian capital of Damascus in 2014 that killed hundreds of civilians, the U.S. and Russia mounted a diplomatic effort that resulted in Syrian President Bashar Assad’s government agreeing to the destruction or removal of its chemical weapons stockpiles. But there have been numerous reports of chemical weapons use in Syria since then — especially chlorine-filled barrel bombs. The Organization for the Prohibition of Chemical Weapons, the global chemical weapons watchdog, has been investigating possible undeclared chemical weapons stockpiles in Syria.

Word of the White House’s probe into possible chemical weapons use by IS came as President Barack Obama was vacationing with his family in Martha’s Vineyard in Massachusetts. Also on Thursday, IS militants claimed responsibility for a truck bombing at a Baghdad market that killed 67 people in one of the deadliest single attacks there since the Iraq War.

Further details can be found here.

U.S. Flag Raised in Cuba Today by John Kerry and Envoy

Posted on by

The weekend before Secretary of State John Kerry travels to Cuba with an envoy to raise the U.S. flag at the re-opening of the embassy in Havana, 60 Cubans were arrested in what is more repression. Arrested were Cuban Ladies in White and yet Barack Obama on vacation in Martha’s Vineyard had nothing to say and John Kerry was mute of the matter himself.

John Kerry leads delegation to Cuba for flag raising at U.S. Embassy

WaPo: The United States plans to raise the Stars and Stripes at its embassy in Havana Friday morning, kicking off a day of symbolism and carefully balanced outreach to both Cuba’s communist government and its restive population.

Two U.S. government aircraft are scheduled to depart Washington at dawn to carry Secretary of State John F. Kerry and dozens of others on the 2   1/2 hour flight to the island. In addition to a 20-person official delegation of officials and members of Congress, selected Cuban-Americans, entrepreneurs and a large media contingent will be aboard, along with the three retired Marines who last lowered the flag when relations were severed more than 54 years ago.

Speeches are to follow the raising of the banner outside the seven-story embassy building, built in the early 1950s on the Malecón, Havana’s sweeping waterfront boulevard. The U.S. Army’s Brass Quintet will play both country’s anthems.

President Obama’s inaugural poet, Richard Blanco, whose family left Cuba shortly before he was born in 1968, will read “Matters of the Sea,” a poem he has written for the occasion.

The embassy has been open for nearly a month, following the official July 20 re-establishment of U.S.-Cuba relations. But the flag has been kept under wraps for the arrival of Kerry, the highest U.S. government official to set foot in Cuba since Franklin D. Roosevelt was president .

After the ceremony, Kerry will meet privately with Cardinal Jaime Ortega, the Roman Catholic archbishop of Havana. Ortega was instrumental, along with Pope Francis, in the success of nearly two years of secret bilateral negotiations that led to this day. Obama and Cuban President Raul Castro announced plans to restore relations last December.

In a carbon copy of last month’s official opening of the Cuban Embassy here, Kerry will meet with Foreign Minister Bruno Rodriguez at his ministry, and the two will then hold a joint news conference.

Later in the afternoon, a separate U.S. flag will be raised at the oppulent estate in western Havana that is the once and future residence of the U.S. ambassador, currently occupied by Charge d’Affairs Jeffrey DeLaurentis. Members of Cuban civil society — including political dissidents — ave been invited to that ceremony and to a reception with Kerry will host.

In an interview Wednesday with CNN Espanol, Kerry rejected criticism Cuban government opponents were not asked to attend the morning events at the embassy.

“We just disagree with that. We’re going to meet,” he said. The embassy ceremony, “is a government-to-government moment. We’re opening an embassy. It’s not open to everybody in the country. And later we’ll have an opportunity where there is a broader perspective to be able to meet with … a broad cross-section of Cuban civil society, including dissidents,” he said.

While many dissidents support the U.S-Cuba opening, many also oppose it, charging that the administration is helping the Castro government stay in power while getting little in return. Since the restoration of relations was announced, the number of opposition demonstrations has sharply increased, along with government detention of dissidents.

“The truth is that this will not be the complete and total change everybody wants overnight. It’s going to take a little bit of time,” Kerry told CNN. “But I am convinced … President Obama is convinced, that by being there, we will be able to do more to help the Cuban people,” he said. “Their concerns, their issues, their hopes, their dreams will be better represented more directly to our government with accountability in that process.”

Human rights, Kerry said, is “at the top of our agenda in terms of the first things that we will be focused on in our direct engagement with the Cuban government,” including his Friday talks with Rodriguez.

In a Thursday letter to Kerry, the organization Reporters Without Borders USA noted that Cuba ranks 169 of 180 countries on its press freedom index. “Cuba’s information monopoly and censorship practices do not apply only to local media,” it said, “foreign journalists are also subject to restrictions, receiving accreditation only selectively” and “deported” when they displease “the current regime.”

Despite the restoration of relations, the U.S. economic embargo against Cuba remains in place. Obama has called for Congress to lift it, along with remaining restrictions on U.S. travel to the island, but lawmakers have resisted.

The eight members of Congress in Kerry’s official delegation include Sens. Barbara Boxer (D-Calif.), Jeff Flake (R-Ariz.), Amy Klobuchar (D-Minn.) and Patrick Leahy (D-Vt.); and Democratic Reps. Karen Bass (Calif.), Steve Cohen (Tenn.), Barbara Lee (Calif.) and Jim McGovern (Mass.).

The embargo continues to be a rallying point for the Cuban government. In an article published in Granma, the official Cuban Communist party paper, on the occasion of his 89th birthday Thursday, revolutionary leader and former president Fidel Castro criticized the United States for everything from dropping an atomic bomb on Japan near the end of World War II, to setting the stage for global economic crisis by amassing most of the world’s gold supply.

That crisis, Castro said, had battered Cuba’s economy, even as it is “owed compensation equivalent to damages, which have reached many millions of dollars” as a result of the U.S. sanctions.

 

Smoke Coming From the Hillary Server Fire is Worse

Posted on by

Strip the security clearance from this woman. There are many calling for this exact action and the State Department will not comment if she in fact still has it. At least during this investigation, her clearance should be suspended.

Posted on this site was a timeline and factual information when it comes to the Hillary Servergate affair. A few hours have passed and there of course is more to report.

More factual intrigue is listed below and it is not in any real date order given what and how information is being obtained. This comes as the FBI begins the data and material investigations.

1. Barack Obama drafted and signed a lengthy Executive Order #13526 spelling out the comprehensive conditions of all classified and top secret information. The Democrats and those supporting the Hillary camp in Severgate can NO longer claim restrictive laws are passed AFTER her term as Secretary of State. Further and quite important, Hillary was ONE of 20 who were designate with authority to apply classified codes to documents making it all the more curious on how she can claim ignorance in top secret or restricted documents.

2, It is now confirmed, the second server in question which held the material involved in Servergate, located in New Jersey and seized by the FBI was stripped of data. The FBI does in fact have the skills to rebuild and retrace all administrative actions in the server.

3, Now another at the core of this investigation is Huma Abedin who was and is Hillary’s personal confidant and aide de camp. To date, she has not signed nor turned over as order by Judge Sullivan the certification under penalty of perjury or the email materials which hovers in the range of 7000 communication transmissions.

4. As discussed before, not only was there 3 thumb drives of the Hillary email transaction surrendered to the FBI and 3 servers, but the FBI will likely need to obtain or gain a search warrant for 3 additional communication devices held by Hillary, those being her Blackberry, her iPhone and her iPad.

5. When it comes to the SIGINT or geo-spatial top secret email in question, it appears it was relating to a drone image of terror groups in Pakistan. This speaks to sources and methods such that the top secret designations would have originated with the original transmission of the critic (critical communications).

6. Platte River was NOT an approved facility to house or support classified material. Outside vendors are to be approved in the case of top secret material that have hardened rooms preventing espionage or eavesdropping.

7. There will be more Hillary personnel caught up in the investigation snare and those likely will include Mike Morrell, Deputy Director of the CIA; Phillippe Reines, Hillary’s gatekeeper; Jeremy Bash, former Chief of Staff for Leon Panetta; Andrew Shapiro, Hillary’s Policy Advisor; and several others now at Beacon Global Strategies, Hillary’s personnel policy think tank.

8. The contracted server company, Platte River is now raising deeper questions due in part to a lawsuit and investigation from November 2014. The lawsuit document is found here. They stole phone numbers and metadata from White House military advisors.

The Internet company used by Hillary Clinton to maintain her private server was sued for stealing dozens of phone lines including some which were used by the White House.

Platte River Networks is said to have illegally accessed the master database for all US phone numbers.

It also seized 390 lines in a move that created chaos across the US government.

Among the phone numbers which the company took – which all suddenly stopped working – were lines for White House military support desks, the Department of Defense and the Department of Energy, a lawsuit claims.

Others were the main numbers for major financial institutions, hospitals and the help desk number for T2 Communications, the telecom firm which owned them.

A lawsuit filed on behalf of T2 claims that the mess took 11 days to fix and demands that Platte River pay up $360,000 in compensation.

More to come for sure…..stay tuned.