Every U.S. Corporation Hacked by China

From the Former NSA Director McConnell via CNN:

“The Chinese have penetrated every major corporation of any consequence in the United States and taken information,” he said. “We’ve never, ever not found Chinese malware.”
He said the malware lets Chinese spies extract information whenever they want. McConnell, who also led the NSA from 1992 until 1996, continues to investigate hacks as a high-ranking adviser to Booz Allen Hamilton (BAH).
He listed victims he has come across during his investigations: U.S. Congress, Department of Defense, State Department (which is currently dealing with Russian hackers) and major corporations.
The U.S. government has said it has caught Chinese spies stealing blueprints and business plans. Last year, federal prosecutors took the unprecedented step of filing formal criminal charges against five Chinese government spies for breaking into Alcoa (AA), U.S. Steel Corp. (X), Westinghouse and others.

Exclusive: Secret NSA Map Shows China Cyber Attacks on U.S. Targets

A secret NSA map obtained exclusively by NBC News shows the Chinese government‘s massive cyber assault on all sectors of the U.S economy, including major firms like Google and Lockheed Martin, as well as the U.S. government and military.

The map uses red dots to mark more than 600 corporate, private or government “Victims of Chinese Cyber Espionage” that were attacked over a five-year period, with clusters in America’s industrial centers. The entire Northeast Corridor from Washington to Boston is blanketed in red, as is California’s Silicon Valley, with other concentrations in Dallas, Miami, Chicago, Seattle, L.A. and Detroit. The highest number of attacks was in California, which had almost 50.

Each dot represents a successful Chinese attempt to steal corporate and military secrets and data about America’s critical infrastructure, particularly the electrical power and telecommunications and internet backbone. And the prizes that China pilfered during its “intrusions” included everything from specifications for hybrid cars to formulas for pharmaceutical products to details about U.S. military and civilian air traffic control systems, according to intelligence sources.

The map was part of an NSA briefing prepared by the NSA Threat Operations Center (NTOC) in February 2014, an intelligence source told NBC News. The briefing highlighted China’s interest in Google and defense contractors like Lockheed Martin, and in air traffic control systems. It catalogued the documents and data Chinese government hackers have “exfiltrated” — stolen — from U.S. corporate, government and military networks, and also listed the number and origin of China’s “exploitations and attacks.”

The map suggests that NSA has been able to monitor and assess the Chinese cyber espionage operations, and knows which specific companies, government agencies and computer networks are being targeted.

The NSA did not immediately respond to repeated requests for comment.



The China Hack of United Airlines, Electronic Insurgency

Warning corporations, industry and government entities is one thing, action and protection and or declaration of a cyber war is yet another.

July 2015:

Aspen Institute: Cyber warfare is one of the most potent security threats the United States faces, National Security Agency Director and Commander of the US Cyber Command General Keith Alexander told the crowd at the Aspen Security Forum in Aspen, discussing in conversation with NBC News Correspondent Pete Williams the nature of the threat and how his department is working to address it.
With the Stuxnet, Duqu, and Flame viruses in the fore of the public consciousness, Alexander took pains to point out that nation-states were not the only potential cyber actors. Citing power and water grids as his chief concerns, he said, “Somebody who finds vulnerability in our infrastructure could cause tremendous problems. They could erase the Input/output of a system so it can’t boot, and would have to be replaced. And these capabilities are not only nation-state-only capabilities.”

Alexander assessed the US’ readiness to confront such an attack as a three on a scale of ten, calling lack of adequately trained cyber defense forces the critical impediment to greater preparedness. “Our issue isn’t [having the tools] to address the threat,” he said. “It’s having the capacity, and building and training cyber forces. We have a big requirement, and a small force that is growing steadily.”

China-Tied Hackers That Hit U.S. Said to Breach United Airlines


The hackers who stole data on tens of millions of U.S. insurance holders and government employees in recent months breached another big target at around the same time — United Airlines.

United, the world’s second-largest airline, detected an incursion into its computer systems in May or early June, said several people familiar with the probe. According to three of these people, investigators working with the carrier have linked the attack to a group of China-backed hackers they say are behind several other large heists — including the theft of security-clearance records from the U.S. Office of Personnel Management and medical data from health insurer Anthem Inc.

The previously unreported United breach raises the possibility that the hackers now have data on the movements of millions of Americans, adding airlines to a growing list of strategic U.S. industries and institutions that have been compromised. Among the cache of data stolen from United are manifests — which include information on flights’ passengers, origins and destinations — according to one person familiar with the carrier’s investigation.


It’s increasingly clear, security experts say, that China’s intelligence apparatus is amassing a vast database. Files stolen from the federal personnel office by this one China-based group could allow the hackers to identify Americans who work in defense and intelligence, including those on the payrolls of contractors. U.S. officials believe the group has links to the Chinese government, people familiar with the matter have said.

That data could be cross-referenced with stolen medical and financial records, revealing possible avenues for blackmailing or recruiting people who have security clearances. In all, the China-backed team has hacked at least 10 companies and organizations, which include other travel providers and health insurers, says security firm FireEye Inc.

Tracking Travelers

The theft of airline records potentially offers another layer of information that would allow China to chart the travel patterns of specific government or military officials.

United is one of the biggest contractors with the U.S. government among the airlines, making it a rich depository of data on the travel of American officials, military personnel and contractors. The hackers could match international flights by Chinese officials or industrialists with trips taken by U.S. personnel to the same cities at the same time, said James Lewis, a senior fellow in cybersecurity at the Center for Strategic and International Studies in Washington.

“You’re suspicious of some guy; you happen to notice that he flew to Papua New Guinea on June 23 and now you can see that the Americans have flown there on June 22 or 23,” Lewis said. “If you’re China, you’re looking for those things that will give you a better picture of what the other side is up to.”

Computer Glitches

The timing of the United breach also raises questions about whether it’s linked to computer faults that stranded thousands of the airline’s passengers in two incidents over the past couple of months. Two additional people close to the probe, who like the others asked not to be identified when discussing the investigation, say the carrier has found no connection between the hack and a July 8 systems failure that halted flights for two hours. They didn’t rule out a possible, tangential connection to an outage on June 2.

Luke Punzenberger, a spokesman for Chicago-based United, a unit of United Continental Holdings Inc., declined to comment on the breach investigation.

Zhu Haiquan, a spokesman for the Chinese embassy in Washington, said in a statement: “The Chinese government and the personnel in its institutions never engage in any form of cyberattack. We firmly oppose and combat any forms of cyberattacks.”

Embedded Names

United may have gotten help identifying the breach from U.S. investigators working on the OPM hack. The China-backed hackers that cybersecurity experts have linked to that attack have embedded the name of targets in web domains, phishing e-mails and other attack infrastructure, according to one of the people familiar with the investigation.

In May, the OPM investigators began drawing up a list of possible victims in the private sector and provided the companies with digital signatures that would indicate their systems had been breached. United Airlines was on that list.

Safety Concerns

In contrast to the theft of health records or financial data, the breach of airlines raises concerns of schedule disruptions or transportation gridlock. Mistakes by hackers or defenders could bring down sensitive systems that control the movement of millions of passengers annually in the U.S. and internationally.

Even if their main goal was data theft, state-sponsored hackers might seek to preserve access to airline computers for later use in more disruptive attacks, according to security experts. One of the chief tasks of the investigators in the United breach is ensuring that the hackers have no hidden backdoors that could be used to re-enter the carrier’s computer systems later, one of the people familiar with the probe said.

United spokesman Punzenberger said the company remains “vigilant in protecting against unauthorized access” and is focused on protecting its customers’ personal information.

There is evidence the hackers were in the carrier’s network for months. One web domain apparently set up for the attack — UNITED-AIRLINES.NET — was established in April 2014. The domain was registered by a James Rhodes, who provided an address in American Samoa.

James Rhodes is also the alias of the character War Machine in Marvel Comics’ Iron Man. Security companies tracking the OPM hackers say they often use Marvel comic book references as a way to “sign” their attack.

Targeting Pentagon

This isn’t the first time such an attack has been documented. Chinese military hackers have repeatedly targeted the U.S. Transportation Command, the Pentagon agency that coordinates defense logistics and travel.

A report last year from the Senate Armed Services Committee documented at least 50 successful hacks of the command’s contractors from June 2012 through May 2013. Hacks against the agency’s contractors have led to the theft of flight plans, shipping routes and other data from organizations working with the military, according to the report.

“The Chinese have been trying to get flight information from the government; now it looks as if they’re trying to do the same in the commercial sector,” said Tony Lawrence, a former Army sergeant and founder and chief executive officer of VOR Technology, a Columbia, Maryland-based cybersecurity firm.

It’s unclear whether United is considering notifying customers that data may have been compromised. Punzenberger said United “would abide by notification requirements if a situation warranted” it.

The airline is still trying to determine exactly which data was removed from the network, said two of the people familiar with the probe. That assessment took months in the OPM case, which was discovered in April and made public in June.

M&A Strategy

Besides passenger lists and other flight-related data, the hackers may also have taken information related to United’s mergers and acquisitions strategy, one of the people familiar with the investigation said.

Flight manifests usually contain the names and birthdates of passengers, but even if those files were taken, experts say that would be unlikely to trigger disclosure requirements in any of the 47 states with breach-notification laws.

Those disclosure laws are widely seen as outdated. The theft by hackers of corporate secrets usually goes unreported, while the stealing of customer records such as Social Security numbers and credit cards is required in most states.

“In most states, this is not going to trigger a notification,” said Srini Subramanian, state government leader for Deloitte cyber risk services.

WH: Census to Home Surveys to HUD to Massive Database

In 2013, Congresswoman Maxine Waters appeared on television and spilled the secret.

Did you ever wonder exactly why the White House took control of the U.S. Census in 2010 from the Commerce Secretary? It was a multi-tracked mission that not only included future Gerrymandering efforts, but it was for data-mining housing, and to all patterns of personal life across the country.

The Wall Street Journal reports that the Chinese have hacked databases and has personal data.

It was just a few weeks ago that Housing and Urban Development announced a scheme to racially diversify neighborhoods across the country. Zipcodes appear to be racist and the White House with HUD is working to change that.

So understand these efforts, in 2013 the profiles of cities began where fact sheets have been created.

A sample of what they are tracking is found here.

Screen shot 2015-07-18 at 6.07.54 PM




So, when the NY Post publishes this by Paul Sperry, one must take real notice. We have a pattern here.

Obama collecting personal data for a secret race database

A key part of President Obama’s legacy will be the fed’s unprecedented collection of sensitive data on Americans by race. The government is prying into our most personal information at the most local levels, all for the purpose of “racial and economic justice.”

Unbeknown to most Americans, Obama’s racial bean counters are furiously mining data on their health, home loans, credit cards, places of work, neighborhoods, even how their kids are disciplined in school — all to document “inequalities” between minorities and whites.

This Orwellian-style stockpile of statistics includes a vast and permanent network of discrimination databases, which Obama already is using to make “disparate impact” cases against: banks that don’t make enough prime loans to minorities; schools that suspend too many blacks; cities that don’t offer enough Section 8 and other low-income housing for minorities; and employers who turn down African-Americans for jobs due to criminal backgrounds.

Big Brother Barack wants the databases operational before he leaves office, and much of the data in them will be posted online.

So civil-rights attorneys and urban activist groups will be able to exploit them to show patterns of “racial disparities” and “segregation,” even if no other evidence of discrimination exists.

Obama is presiding over the largest consolidation of personal data in US history.

Housing database

The granddaddy of them all is the Affirmatively Furthering Fair Housing database, which the Department of Housing and Urban Development rolled out earlier this month to racially balance the nation, ZIP code by ZIP code. It will map every US neighborhood by four racial groups — white, Asian, black or African-American, and Hispanic/Latino — and publish “geospatial data” pinpointing racial imbalances.

The agency proposes using nonwhite populations of 50% or higher as the threshold for classifying segregated areas.

Federally funded cities deemed overly segregated will be pressured to change their zoning laws to allow construction of more subsidized housing in affluent areas in the suburbs, and relocate inner-city minorities to those predominantly white areas. HUD’s maps, which use dots to show the racial distribution or density in residential areas, will be used to select affordable-housing sites.

HUD plans to drill down to an even more granular level, detailing the proximity of black residents to transportation sites, good schools, parks and even supermarkets. If the agency’s social engineers rule the distance between blacks and these suburban “amenities” is too far, municipalities must find ways to close the gap or forfeit federal grant money and face possible lawsuits for housing discrimination.

Civil-rights groups will have access to the agency’s sophisticated mapping software, and will participate in city plans to re-engineer neighborhoods under new community outreach requirements.

“By opening this data to everybody, everyone in a community can weigh in,” Obama said. “If you want affordable housing nearby, now you’ll have the data you need to make your case.”

Mortgage database

Meanwhile, the Federal Housing Finance Agency, headed by former Congressional Black Caucus leader Mel Watt, is building its own database for racially balancing home loans. The so-called National Mortgage Database Project will compile 16 years of lending data, broken down by race, and hold everything from individual credit scores and employment records.

Mortgage contracts won’t be the only financial records vacuumed up by the database. According to federal documents, the repository will include “all credit lines,” from credit cards to student loans to car loans — anything reported to credit bureaus. This is even more information than the IRS collects.

The FHFA will also pry into your personal assets and debts and whether you have any bankruptcies. The agency even wants to know the square footage and lot size of your home, as well as your interest rate.

FHFA will share the info with Obama’s brainchild, the Consumer Financial Protection Bureau, which acts more like a civil-rights agency, aggressively investigating lenders for racial bias.

The FHFA has offered no clear explanation as to why the government wants to sweep up so much sensitive information on Americans, other than stating it’s for “research” and “policymaking.”

However, CFPB Director Richard Cordray was more forthcoming, explaining in a recent talk to the radical California-based Greenlining Institute: “We will be better able to identify possible discriminatory lending patterns.”

Credit database

CFPB is separately amassing a database to monitor ordinary citizens’ credit-card transactions. It hopes to vacuum up some 900 million credit-card accounts — all sorted by race — representing roughly 85% of the US credit-card market. Why? To sniff out “disparities” in interest rates, charge-offs and collections.

Employment database

CFPB also just finalized a rule requiring all regulated banks to report data on minority hiring to an Office of Minority and Women Inclusion. It will collect reams of employment data, broken down by race, to police diversity on Wall Street as part of yet another fishing expedition.

School database

Through its mandatory Civil Rights Data Collection project, the Education Department is gathering information on student suspensions and expulsions, by race, from every public school district in the country. Districts that show disparities in discipline will be targeted for reform.

Those that don’t comply will be punished. Several already have been forced to revise their discipline policies, which has led to violent disruptions in classrooms.

Obama’s educrats want to know how many blacks versus whites are enrolled in gifted-and-talented and advanced placement classes.

Schools that show blacks and Latinos under-enrolled in such curricula, to an undefined “statistically significant degree,” could open themselves up to investigation and lawsuits by the department’s Civil Rights Office.

Count on a flood of private lawsuits to piggyback federal discrimination claims, as civil-rights lawyers use the new federal discipline data in their legal strategies against the supposedly racist US school system.

Even if no one has complained about discrimination, even if there is no other evidence of racism, the numbers themselves will “prove” that things are unfair.

Such databases have never before existed. Obama is presiding over the largest consolidation of personal data in US history. He is creating a diversity police state where government race cops and civil-rights lawyers will micromanage demographic outcomes in virtually every aspect of society.

The first black president, quite brilliantly, has built a quasi-reparations infrastructure perpetually fed by racial data that will outlast his administration.

Paul Sperry is a Hoover Institution media fellow and author of “The Great American Bank Robbery,” which exposes the racial politics behind the mortgage bust.


Iran JPOA Titled Executive Agreement Not Treaty

Full text of the Iran deal is here.

Official the Joint Plan of Action with Iran is now complete with several items considered just housekeeping matters are still to be worked out. The Parchin plant MAY have allowed inspections while the other locations are off limits. The Fordo plant continues the enrichment work and Bashir al Assad is dancing at Disney. (sarcasm)

It is unclear if the UK Parliament or France votes on the JPOA but it is likely to occur. China and Russia stand with Iran especially on the arms embargo and sanction relief side.

Israel is sounding the alarms for security not only for Israel but for America and Europe.

Lifted sanctions include these individuals:

Embedded image permalink


For the full text of the JPOA, click here.

By at Bloomberg:

As the Senate wraps up debate this week on Iran legislation, expect to hear a lot about “hardliners.”

The Senate’s alleged hardliners have tried to add conditions to a nuclear deal the U.S. is currently negotiating with Iranian moderates, but there is little chance the senators will succeed. The majority leader, Mitch McConnell, is expected to call for an end to debate on their meddling amendments.

According to a certain school of thought, all of this is a good thing. Our hardliners, say cheerleaders for the Iran negotiations, empower Iran’s hardliners, who are also wary of a deal.

President Obama views the politics of the Iran deal in these terms himself. Back in March when Senator Tom Cotton and 46 other Republicans sent a letter to Iran’s leaders, reminding them that any deal signed with Obama could be reversed by Congress or future presidents, the president played the hardliner card: “I think it’s somewhat ironic to see some members for Congress wanting to make common cause with the hardliners in Iran.”

There is definitely a political logic to pinning this “hardliner” label on the senators. The White House can artfully shift the conversation away from the contents of the deal it is negotiating. Instead the debate is framed as the Americans and Iranians who seek peace (moderates) versus those in both nations who want war (hardliners).

It’s simple, but deceptive. This tactic understates the power of Iran’s hardliners and dramatically overstates the power of U.S. hardliners.

In Iran, the people inside the system who are negotiating a deal, such as Foreign Minister Javad Zarif, must take the agreement to Iran’s supreme leader, Ayatollah Ali Khamenei, for approval. In Iran, the hardliner approves the deal.

In the U.S. system it’s the other way around. Senators like Marco Rubio, Tom Cotton and Ted Cruz support amendments that would set new conditions before lifting Congressional sanctions on Iran. But there are not enough votes in the Senate to overturn an Obama veto on the legislation if these amendments are attached. In other words, Obama frames the conversation in the U.S., because he has the power to ignore his hardliners whereas Zarif is obliged to placate his.

Then there is the substance of the amendments themselves. Democrats and Republicans have derided certain Republicans’ amendments to the bill as “poison pills,” aimed at making a deal with Iran impossible. But these amendments would require Iran to end its war against its neighbors, release U.S. citizens who have been jailed and recognize the right of the world’s only Jewish state to exist. Outside the context of Iran negotiations, these are hardly radical views. Obama has expressed support for these positions himself.

Compare those demands with those of the Iranian hardliners. Gen. Hassan Firouzabadi, the chief of staff of Iran’s armed forces on Sunday reiterated the red line that no military installations would be accessible for international inspections. This would pose a problem, given that the U.S. and other great powers have agreed to allow Iran to keep most of its nuclear infrastructure in exchange for tough inspections. The Iranian hardliners appear to be putting back in play something Obama’s team believed was already agreed.

The most important distinction between Iran’s hardliners and America’s hardliners however is their political legitimacy. Iran’s people have supported reform, but nonetheless the country’s Revolutionary Guard Corps and domestic spy agency have tightened the grip on power despite elections when reformers won the presidency.

Contrast their ascent with the plight of Iran’s moderates: In 1997, Iranians elected a reformer president, Mohammed Khatami, who promised to open up Iran’s political system. But throughout his presidency he was unable to stop the arrests of student activists or the shuttering of opposition newspapers. By the end of Khatami’s presidency, some of his closest advisers were tried in public for charges tantamount to treason. In 2013, Iranians elected Hassan Rouhani, who ran as a reformer even though under Khatami he had overseen crackdowns on reformers. Rouhani has not freed the leaders of the 2009 green movement from house arrest or most of the activists who protested elections in 2009.

When Obama talks about his Iran negotiations, he glosses over all of this. He emphasizes instead that Rouhani has a mandate to negotiate and that he is taking advantage of this diplomatic window.

Obama had threatened to veto legislation that would give Congress a chance to review, but not modify, any agreement the administration reaches with Iran and five other world powers. Now the president says he will sign the legislation, but only if it doesn’t include the kinds of amendments favored by the so-called hardliners. After all, those amendments are unacceptable to the hardliners who actually have sway — in Iran.

Cyberwar, Deeper Truth on China’s Unit 61398

The NSA has been hacking China for years, so it is a cyberwar. What the United States cyber experts have known at least since 2009 spells out that there has been no strategy to combat cyber intrusions much less a declaration that these hacks are an act of war.

The NSA Has A Secret Group Called ‘TAO’ That’s Been Hacking China For 15 Years

China hacking charges: the Chinese army’s Unit 61398
Operating out of a tower block in Shanghai, Unit 61398 allegedly hacks Western companies in support of the Chinese government’s political and economic aims.

From DarkReading:

According to the DOJ indictment, Huang Zhenyu was hired between 2006 and 2009 or later to do programming work for one of the companies (referred to as “SOE-2” in the indictment). Huang was allegedly tasked with constructing a “secret” database to store intelligence about the iron and steel industry, as well as information about US companies.

“Chinese firms hired the same PLA Unit where the defendants worked to provide information technology services,” according to the indictment, which the US Department of Justice unsealed Monday. “For example, one SOE involved in trade litigation against some of the American victims herein hired the Unit, and one of the co-conspirators charged herein, to hold a ‘secret’ database to hold corporate ‘intelligence.'”

The for-hire database project sheds some light on the operations of China’s most prolific hacking unit, Unit 61398 of the Third Department of China’s People’s Liberation Army (also known as APT1), where the alleged hackers work. US Attorney General Eric Holder announced an unprecedented move Monday: The Justice Department had indicted the five men with the military unit for allegedly hacking and stealing trade secrets of major American steel, solar energy, and other manufacturing companies, including Alcoa, Allegheny Technologies Inc., SolarWorld AG, Westinghouse Electric, and US Steel, as well as the United Steel Workers Union.

It has never been a secret, it has only been a topic debated with no resolutions behind closed doors. China has a database on Americans and is filling it with higher details, growing their intelligence on everything America.

China has launched a strategic plan when one examines the order of hacks of American companies, the timing and the data. A full report was published on Unit 61398.

New York Times report

Hacked in the U.S.A.: China’s Not-So-Hidden Infiltration Op

From Bloomberg: The vast cyber-attack in Washington began with, of all things, travel reservations.

More than two years ago, troves of personal data were stolen from U.S. travel companies. Hackers subsequently made off with health records at big insurance companies and infiltrated federal computers where they stole personnel records on 21.5 million people — in what apparently is the largest such theft of U.S. government records in history.

Those individual attacks, once believed to be unconnected, now appear to be part of a coordinated campaign by Chinese hackers to collect sensitive details on key people that went on far longer — and burrowed far deeper — than initially thought.


But time and again, U.S. authorities missed clues connecting one incident to the next. Interviews with federal investigators and cybersecurity experts paint a troubling portrait of what many are calling a serious failure of U.S. intelligence agencies to spot the pattern or warn potential victims. Moreover, the problems in Washington add new urgency to calls for vigilance in the private sector.

In revealing the scope of stolen government data on Thursday, Obama administration officials declined to identify a perpetrator. Investigators say the Chinese government was almost certainly behind the effort, an allegation China has vehemently denied.

‘Facebook of Intelligence’

Some investigators suspect the attacks were part of a sweeping campaign to create a database on Americans that could be used to obtain commercial and government secrets.

“China is building the Facebook of human intelligence capabilities,” said Adam Meyers, vice president of intelligence for cybersecurity company CrowdStrike Inc. “This appears to be a real maturity in the way they are using cyber to enable broader intelligence goals.”

The most serious breach of records occurred at the U.S. Office of Personnel Management, where records for every person given a government background check for the past 15 years may have been compromised. The head of the government personnel office, Katherine Archuleta, resigned Friday as lawmakers demanded to know what went wrong.

The campaign began in early 2013 with the travel records, said Laura Galante, manager of threat intelligence for FireEye Inc., a private security company that has been investigating the cyber-attacks.

Stockpiling Records

By mid-2014, it became clear that the hackers were stockpiling health records, Social Security numbers and other personal information on Americans -– a departure from the country’s traditional espionage operations focusing on the theft of military and civilian technology.

“There was a clear and apparent shift,” said Jordan Berry, an analyst at FireEye.

Recognition came too late for many of the victims. Vendors of security devices say health-care companies are spending tens of millions of dollars this year to upgrade their computer systems but much of the data is already gone.

U.S. intelligence agencies were collecting information on the theft of personal data but failed to understand the scope and potential damage from the aggressive Chinese operation, according to one person familiar with the government assessment of what went wrong.

In the last two years, much of the attention of U.S. national security agencies was focused on defending against cyber-attacks aimed at disrupting critical infrastructure like power grids.