Category Archives: China

Deep Panda, the Hacker of OPM Employee Files

Posted on by

Personnel records held at the Office of Personnel Management going back 35 years on people who worked for government as employees or contractors are for sale on the Darknet.

Government records stolen in a sweeping data breach that was reported last week are popping up for sale on the so-called “darknet,” according to a tech firm that monitors the private online network used by criminals and creeps throughout the world.

Credentials to log into the Office of Personnel Management are being offered just days after the announcement the agency’s records, including extremely personal information of 4.1 million federal government employees dating back to the 1980s, had been compromised, said Chris Roberts, founder and CTO of the Colorado-based OneWorldLabs (OWL), a search engine that checks the darknet daily for data that could compromise security for its corporate and government clients, including government IDs and passwords.

The FBI has identified the operation. The hackers likely used Chinese associates already inside government for access. In classified briefings to members of Congress in recent days, intelligence officials have described what appears to be a systematic Chinese effort to build databases that explain the inner workings of the United States government. The information includes friends and relatives, around the world, of diplomats, of White House officials and of officials from government agencies, like nuclear experts and trade negotiators. Read more here.

FBI Alert Reveals ‘Groups’ Behind OPM Hack

President says cyber attack threat ‘accelerating’

The FBI has disclosed that multiple hacker groups carried out the cyber attack that compromised the records of 4 million government workers in the networks of the Office of Personnel Management.

“The FBI has obtained information regarding cyber actors who have compromised and stolen sensitive business information and personally identifiable information (PII),” states a Flash alert dated June 5. “Information obtained from victims indicates that PII was a priority target.”

Security analysts familiar with the OPM breach, disclosed in a notice last week, said two groups of Chinese state-sponsored hackers appear to be behind the cyber attacks, including one linked to the Chinese military that has been dubbed “Deep Panda.”

Deep Panda is a highly sophisticated Chinese military hacker unit that has been gathering data on millions of Americans. The group was linked in the past to the hacking of the health care provider Anthem that compromised the personal data of some 80 million customers.

The FBI did not directly link its warning to the OPM hacking. But it said cyber investigators have “high confidence” about the threat posed by the cyber attackers based on its investigation into the data breach.

According to the alert, the stolen personal data “has been used in other instances to target or otherwise facilitate various malicious activities such as financial fraud though the FBI is not aware of such activity by these groups.”

The groups were not identified by name or by country.

However, the alert revealed that the software used by the hackers is called Sakula, which security analysts say was the Root Access Tool, or RAT, that was used by the Chinese in both the OPM and Anthem hacks.

Sakula software employs stolen, signed security certificates to gain unauthorized network access and analysts said the use of that technique requires cyber sophistication that is not known to be used outside of nation-state cyber forces.

The software allows remote users to gain computer network administrator access, which permits the theft of large amounts of data.

The FBI warned in the notice that any entity that discovers the Sakula malware and other signatures should seek cyber security assistance and notify the FBI.

“Any activity related to these groups detected on a network should be considered an indication of a compromise requiring extensive mitigation and contact with law enforcement,” the notice said.

The groups involved were observed “across a variety of intrusions leveraging a diverse selection of tools and techniques to attempt to gain initial access to a victim including using credentials acquired during previous intrusions.”

President Obama was asked after the G-7 summit in Germany on Tuesday about the Chinese role in the OPM cyber attacks and declined to name Beijing as the perpetrator.

“We haven’t publicly unveiled who we think may have engaged in these cyber attacks,” Obama said. “But I can tell you that we have known for a long time that there are significant vulnerabilities and that these vulnerabilities are going to accelerate as time goes by, both in systems within government and within the private sector.”

Obama said part of the problem is “very old systems” used in government computer networks.

“And we discovered this new breach in OPM precisely because we’ve initiated this process of inventorying and upgrading these old systems to address existing vulnerabilities,” he said.

“[W]e’re going to have to keep on doing it, because both state and non-state actors are sending everything they’ve got at trying to breach these systems,” the president said.

“In some cases, it’s non-state actors who are engaging in criminal activity and potential theft,” Obama said. “In the case of state actors, they’re probing for intelligence or, in some cases, trying to bring down systems in pursuit of their various foreign policy objectives. In either case, we’re going to have to be much more aggressive, much more attentive than we have been.”

The problem of cyber attacks is “going to accelerate,” he said. “And that means that we have to be as nimble, as aggressive, and as well-resourced as those who are trying to break into these systems.”

The administration has rejected calls by senior U.S. security officials to engage in more aggressive, offensive cyber retaliation against states such as China as a way to develop cyber deterrence.

The president and his advisers are said to fear that offensive cyber attacks will lead to a major conflict. Supporters of taking more aggressive responses to hacking have said demonstrations of U.S. cyber retaliatory strikes will deter future attacks.

The administration has favored using law enforcement and diplomatic policies to deal with the problem.

One private sector cyber security specialist familiar with the OPM hack said that in addition to the government’s personnel database, other major cyber attacks believed to be carried out by Chinese hackers include clandestine intrusions into the networks of a major telecommunications company and a major aviation industry firm.

The hackers’ use of several domain names in the OPM hacking also are similar to domains used by Chinese cyber attackers in the past. The domains were identified as OPMsecurity.org and opm-learning.org.

Another signature linking the OPM hack to China was the hackers’ use of a program called Mimikatz that is used to gain high-level remote access to networks.

“Mimikatz is a classic of Deep Panda” in terms of tactics, techniques, and procedures, said a security analyst familiar with details of the attack. “This allows the actors to dump password hashes, perform pass the hash and ‘golden ticket’ attacks in the victim environment.”

The private security company CrowdStrike first identified Deep Panda and has called the group among the most sophisticated state-sponsored hackers.

China’s main military intelligence service that has been linked to cyber attacks is the Third Department of the General Staff, or 3PLA, which conducts cyber warfare.

What is Missing from the TPP? Reward Offered

Posted on by

If The TPP is Such a Great Idea, Why Keep it a Secret?

The Obama Administration has been pressuring members of Congress to pass the bill that will give President Obama the “fast track”  authority to negotiate the Trans-Pacific Partnership(TPP) agreement without any debate in Congress.  Fast track authority would not allow for any amendments and the bill would remain secret until just before it is voted on.

“President Obama is currently pressing members of Congress to pass Fast-Track authority for a trade and investment agreement called the Trans-Pacific Partnership (TPP). If Fast Track passes, it means that Congress must approve or deny the TPP with minimal debate and no amendments. Astonishingly, our lawmakers have not seen the agreement they are being asked to expedite.” Nation of Change

This trade agreement, like previous international trade agreements, like NAFTA, is not a partisan issue.  On just about every other piece of legislation that the Obama Administration has introduced to Congress, the Republican majority has stood fast against it.  However, in this instance, Congress appears to be strangely united in its efforts to pass a secret bill that they have not even been allowed to read.  More important details here.

WikiLeaks issues call for $100,000 bounty on monster trade treaty

Today WikiLeaks has launched a campaign to crowd-source a $100,000 reward for America’s Most Wanted Secret: the Trans-Pacific Partnership Agreement (TPP). One chapter is found here.

Over the last two years WikiLeaks has published three chapters of this super-secret global deal, despite unprecedented efforts by negotiating governments to keep it under wraps. US Senator Elizabeth Warren has said

“[They] can’t make this deal public because if the American people saw what was in it, they would be opposed to it.”

The remaining 26 chapters of the deal are closely held by negotiators and the big corporations that have been given privilleged access. Today, WikiLeaks is taking steps to bring about the public’s rightful access to the missing chapters of this monster trade pact.

The TPP is the largest agreement of its kind in history: a multi-trillion dollar international treaty being negotiated in secret by the US, Japan, Mexico, Canada, Australia and 7 other countries. The treaty aims to create a new international legal regime that will allow transnational corporations to bypass domestic courts, evade environmental protections, police the internet on behalf of the content industry, limit the availability of affordable generic medicines, and drastically curtail each country’s legislative sovereignty.

The TPP bounty also heralds the launch of WikiLeaks new competition system, which allows the public to pledge prizes towards each of the world’s most wanted leaks. For example, members of the public can now pledge on the missing chapters of the TPP.

WikiLeaks founder Julian Assange said,

“The transparency clock has run out on the TPP. No more secrecy. No more excuses. Let’s open the TPP once and for all.”

Note: The TPP is also noteworthy as the icebreaker agreement for the giant proposed ’T-treaty triad’ of TPP-TISA-TTIP which extends TPP style rules to 53 nations, 1.6 billion people and 2/3rds of the global economy.

See https://wikileaks.org/pledge/

Military Dominance Under Obama, Lost

Posted on by

Just about every country across the globe relies on the United States military for defense, support and technology. Yet under the current sequestration which was concocted by the Obama White House, the United States and NATO’s competitive edge is no longer a possibility or probability as compared to Russia and China.

The Air Force’s continued budgetary constraints are limiting its ability to maintain dominance over competitors such as China and Russia, Under Secretary of Defense for Acquisition, Technology and Logistics Frank Kendall said Sept. 17.“Today, the predominance that our military has enjoyed for decades confronts powerful enemies,” Kendall said at the Air Force Association’s annual conference at National Harbor, Maryland. Kendall was pinch-hitting for Secretary of Defense Chuck Hagel, who could not make it to the keynote address. Rather than deliver his own speech, Kendall read from Hagel’s prepared remarks.

 
The Air Force is tasked with being the greatest air power in the world, he said, but is being asked to maintain its edge with fewer resources. And the reason it has fewer resources is the current budget environment, he said.
The Obama White House predicted that the conflict with Islamic State, Afghanistan, Libya, Yemen, Iraq and Syria will bleed into the next administration, but at what cost and why?
At issue in Washington today is the The Trans-Pacific Partnership (TPP) which has passed the Senate. The dispute is this legislation required security clearance to gain access to the language and most have not read the framework while the entire bill is not fully written much less accessible. Another why? Well maybe it has something to do with China. One must ask could Barack Obama be setting the table for a future conflict with China and or Russia all while sequestration is destroying our military dominance and readiness?
The Trans-Pacific Partnership (TPP) is now being touted as the answer to U.S. security concerns with the People’s Republic of China. This is just the latest argument from TPP proponents to advance fast track trade negotiating authority in Congress and to ease passage for the TPP under expedited and preferential procedures. Unfortunately, this argument just doesn’t hold up to scrutiny. Over the last several years China has assumed an increasingly aggressive role in Asia. Its posture challenges the interests of many of its neighbors; Japan, for example, has scrambled jets repeatedly as China has tested the perimeters of its defense and confronted fishing and other vessels. China has challenged the maritime interests of other nations in the South and East China Seas. China has laid claim to small land masses as a way of expanding its territorial interests and is shoring up small reefs with airstrips and outposts to counter the interests of others in the region. China has tried to establish offshore oil rigs in waters claimed by Vietnam and is directly countering the interests of other nations in the region.
The following is a May 21, 2015 letter from Senate Armed Services Committee chairman Sen. John McCain (R-Ariz.) and ranking member Sen. Jack Reed (D-R.I.) to Secretary of Defense Ash Carter asking the Pentagon not to invite the Chinese People’s Liberation Army Navy to the international Rim of the Pacific (RIMPAC) exercises in 2016 due primarily to China’s extensive reclamation efforts in contested areas in the South China Sea. Letter is found here.
There is no doubt that not only is there no defined campaign strategy to deal with ISIS in Syria and Iraq, but looking ahead there is no strategy to deal with China and Russia.
Iran says ‘Obama has not done a DAMN THING to confront ISIS’, even accusing Obama of being ‘an accomplice in the plot’

“Obama has not done a damn thing so far to confront ISIS; doesn’t that show that there is no will in America to confront it?”

This is what Qassem Suleimani said about U.S. President Obama, who has become the laughing-stock throughout the Muslim world, even accusing Obama as “being an accomplice in the plot”.

Suleimani is no small fry. He could only advance to his stature as result of Obama’s exit strategy in Iraq to become the head of Iran’s Quds Force as well as Iran’s appointee, to manage Iran’s external affairs (specifically in Iraq), which made him the most powerful operative in the Middle East. The U.S. has no say so in Iraq and Suleimani is flexing his muscle to tell the world that Iran is now roosting in Iraq.

In Iran, the daily newspaper Javan, which is seen as close to the Revolutionary Guard, quoted Soleimani as saying the U.S. didn’t do a “damn thing” to stop the extremists’ advance on Ramadi.

 

$6Billion in Fines for Rigging Currency

Posted on by

Just pay the fine and no one goes to jail. Those that pay the billions in fines are the stockholders, there is never a personal or individual consequence. Jamie Dimon should have been in prison years ago, next to Bernie Madoff. Even more troubling is Jon Corzine with his criminal activity.

Attorney General, Loretta Lynch knows the depths of the fraudulent activity and seems to be complicit in giving individuals a blind-eye.

Big banks to pay $6B for market manipulation

Six of the biggest names in finance have agreed to pay nearly $6 billion dollars in penalties, with five pleading guilty to criminal charges over long-running manipulation of key financial markets.

The Justice Department announced the massive settlement Wednesday, its latest in a series of deals to bring to a close probes of financial manipulation of everything from benchmark interest rates to top currency exchanges.

Attorney General Loretta Lynch said the latest settlement brings to an end a manipulation scheme of “breathtaking flagrancy,” in which traders conspired to artificially alter currency exchange markets to obtain illicit profits.

U.S. authorities said that traders from competing banks frequently used chat rooms to conspire with each other to maximize profits for their institutions by manipulating currency trades, forming a group they dubbed “the cartel.” Dating back to 2007, Lynch said traders “acted as partners rather than competitors” in a “brazen display of collusion.”

The banks will pay the Justice Department and the Federal Reserve a total of $5.7 billion in criminal penalties, with most of the institutions also agreeing to plead guilty to some criminal charges.

Barclays, Citigroup, JPMorgan and the Royal Bank of Scotland all agreed to plead guilty to charges of conspiring to fix prices. UBS agreed to plead guilty to charges stemming from a previous investigation after the bank’s role in this new probe led the Justice Department to toss out a prior agreement not to seek criminal charges. Bank of America agreed to pay a fine as well.

The announcement is just the most recent in a string of settlements the government has struck with huge banks over industrywide bad behavior.

In April, Deutsche Bank agreed to pay a record $2.5 billion in fines, and fire several employees, for its role in rate-rigging. And in November, five large banks agreed to pay a combined $4.25 billion in penalties to U.S. and British authorities.

But those eye-popping numbers are unlikely to tamp down complaints from some lawmakers, like Sen. Elizabeth Warren (D-Mass.), and from outside groups that complain the government has failed to bring charges against top executives for illegal activity at their banks. Rather, they contend banks are happy to continue paying large fines as the cost of doing business.

On Tuesday, UBS announced it will pay $545 million to settle claims that it was manipulating the foreign exchange market. The bank also noted that the Justice Department terminated a 2012 non-prosecution agreement it struck with the bank, which was part of a previous settlement over interest-rate-rigging where the bank paid $1.5 billion.

But the government argued that the new charges violated the terms of that deal.

While the bank faces no criminal charges from the recent currency probe, the bank agreed to plead guilty to wire fraud stemming from the previous rate-rigging investigation, and attributed the misbehavior to “a small number of employees.”

Bank CEOs Blame Currency Rigging on the Work of a Few Bad Apples

Wall Street’s biggest banks admitted Wednesday to rigging currency markets around the world. Within minutes of the Justice Department’s announcement, they were blaming it on a few rotten apples.

“I share the frustration of shareholders and colleagues that some individuals have once more brought our company and industry into disrepute,” Barclays Plc Chief Executive Officer Antony Jenkins said in a statement announcing his bank’s guilty plea.

JPMorgan Chase & Co. CEO Jamie Dimon also pointed a finger at a few currency traders.

“The lesson here is that the conduct of a small group of employees, or of even a single employee, can reflect badly on all of us,” Dimon said in a statement.

Dimon ran his bank during the length of the currency conspiracy, which the Justice Department said lasted from 2007 through 2013. Jenkins has been CEO of Barclays since 2012.

Barclays and JPMorgan were among banks that didn’t detect and address traders’ illegal cooperation to manipulate benchmark currency prices, the Federal Reserve said Wednesday. Among the clues they missed: an instant-message group called “The Cartel,” where dealers exchanged information on client orders and decided how to trade.

Under a $5.8 billion settlement, JPMorgan, Barclays and units of Citigroup Inc. and Royal Bank of Scotland Group Plc agreed to plead guilty to conspiring to manipulate the price of U.S. dollars and euros.

‘Ethical Behavior’

Attorney General Loretta Lynch said at a news conference in Washington that the investigation is continuing. The Justice Department may bring charges against individuals, according to people familiar with the matter.

“Fostering a culture of ethical behavior has been, and continues to be, a top priority” for Citigroup, CEO Michael Corbat said in a statement. He added that the bank’s “internal investigation has so far resulted in nine terminations and additional disciplinary actions.”

RBS pinned the blame for violating U.S. antitrust law on one currency trader. Still, Chairman Philip Hampton said that more people may have been involved.

“We have dismissed three people and suspended two more pending further investigation,” Hampton said in a statement.

General Mattis Declares Strategic Atrophy

Posted on by

How can anyone argue with General Mattis, former Commander of CENTCOM when he tells the audience there is no strategy and the cost of blind leadership causes a full tilt of the balance across the globe.

On Russia:

Mattis: U.S. Suffering ‘Strategic Atrophy’

Because the United States lacks a global strategy, “volatility is going to get to the point that chaos threatens,” a former Central Command (CENTCOM) commander told a Heritage Foundation audience Wednesday.

Speaking in Washington, D.C., retired Marine Corps Gen. James Mattis said, “the perception is we’re pulling back” on America’s commitment to its allies and partners, leaving them adrift in a changing world. “We have strategic atrophy.”

He said Russia’s military moves against its neighbors—taking Crimea and backing separatists in Ukraine is “much more severe, more serious” than Washington and the European Union are treating it.

The nationalist emotions that Russian President Vladimir Putin has stirred up will make it “very, very hard [for him or his successors] to pull back from some of the statements he has made” about the West. At the same time, Putin faces problems of his own with jihadists inside Russia’s borders that threaten domestic stability.

But Putin also demonstrated Russia’s nuclear capability with long-range bomber flights near NATO countries. His intent is “to break NATO apart.”

Mattis said China “is doing a pretty good job of finding friction points between our allies,” such as Korea and Japan.

While Putin creates instability along Russia’s border, China’s approach is a “tribute model,” Mattis said, executing a “veto authority in each of the countries around their periphery.”

In the Middle East, he described a Sunni and Shi’ia civil war where “terrorism is only part of the problem.” He said there is a more important question: “Is political Islam [in both sects] in our best interest?”

Mattis said it is important “to find the people who want to stand with you.” He cited the United Arab Emirates and Jordan, stepping forward to help fill the gaps in Afghanistan when the United Kingdom and France began removing forces there.

He said since World War II the United States helped create a world order—diplomatically [United Nations] , economically [World Bank and International Monetary Fund], culturally and militarily.

By renewing that combination of inspiration and intimidation, “I have no doubt we can turn this around.”

Outside the scope of Russia and militant Islam sweeping the globe, there is China. Many months ago, the White House announced an Asia Pivot. The pivot to Asia was obscured under the real guise of trade and not a security strategy even while China has continued to threaten U.S. allies over control of the South China Sea. China is not impressed and the disputed waters and islands in the South China Sea are still being challenged.

Meanwhile it is important to telegraph what China is doing while the National Security Council, the White House and the State Department look the other way.

Report: China Hacked Two Dozen U.S. Weapon Designs

Chinese hackers have obtained designs for more than two dozen U.S. weapon systems — including the Aegis Ballistic Missile Defense System, the F-35 Lighting II Joint Strike Fighter, the Littoral Combat Ship and electromagnetic railguns. A partial list of stolen U.S. military technologies by China is found here.

Making matters worse, at the Pentagon is under sequestration which stifles innovation, repair, weapons systems, defensive systems and acquiring advanced technology keep a competitive edge of adversaries, the U.S. is lagging while China has advanced beyond the scope and imagination of the Department of Defense and contractors.

Pentagon: China Developing New Anti-Satellite Weapons, Jammers

 

China is designing weapons to counter advanced Western satellite technology using directed energy weapons and jammers and may have already tested some, according to a Friday Chinese military assessment to Congress.

The West — particularly the U.S. — relies on ever expanding constellations of communications and surveillance satellites to maintain its information edge over potential rivals and China is seeking ways to erode that advantage in the event of a conflict, according to the Military and Security Developments
Involving the People’s Republic of China 2015 report to Congress.

“China continues to develop a variety of capabilities designed to limit or prevent the use of space- based assets by adversaries during a crisis or conflict, including the development of directed-energy weapons and satellite jammers,” read the report.

Dubbed counterspace, the efforts follow several demonstrations of China’s capabilities to interdict satellites with ground-based missiles in the last several years.

Perhaps the most well known is Jan. 11, 2007 test in which a modified Chinese ballistic missile successfully destroyed a defunct weather satellite in polar orbit — littering Earth’s orbit with debris and surprising the West.

Since then, the Pentagon report has cited several instances in which it appears the People’s Liberation Army (PLA) has conducted similar — albeit non-destructive — tests.

A July 2014 missile test “did not result in the destruction of a satellite or space debris, read the report.
”However, due to the evidence suggesting that this was a follow-up to the 2007 destructive test, the United States expressed concern that China’s continued development of destructive space technologies represented a threat to all peaceful space-faring nations, and was inconsistent with China’s public statements about the use of space for peaceful purposes.”
Additionally, in 2013 a suspicious Chinese launch sent an object into an orbital neighborhood crowded with geosynchronous communications satellites.

“Analysis of the launch determined that the booster was not on the appropriate trajectory to place objects in orbit and that no new satellites were released,” read the report.

After a little more than nine hours, the mystery object landed, leaving the rest of the space faring world puzzled to what the object was.

“The United States and several public organizations expressed concern to Chinese representatives and asked for more information about the purpose and nature of the launch. China thus far has refrained from providing additional information,” read the report.

The report feared the test could “have been a test of technologies with a counterspace mission in geosynchronous orbit.”

The U.S. relies heavily on satellites for communications and some targeting of its weapons a fact that has not been lost on the PLA.

“PLA writings emphasize the necessity of ‘destroying, damaging, and interfering with the enemy’s reconnaissance … and communications satellites,’ suggesting that such systems, as well as navigation and early warning satellites, could be among the targets of attacks designed to ‘blind and deafen the enemy’,” read the report.
“PLA analysis of U.S. and coalition military operations also states that ‘destroying or capturing satellites and other sensors … will deprive an opponent of initiative on the battlefield and [make it difficult] for them to bring their precision guided weapons into full play’.”

The report to Congress comes as some in the Air Force have called for a more robust defense of U.S. space assets, according to a Monday analysis from Jane’s Defence Weekly.

“The USAF’s outgoing military acquisition chief recently acknowledged that the Pentagon is devising new concepts for protecting its space assets, hinting at the need for new types of deterrence. ‘We have to put some resources and some focus on protection capability,’ Lt. Gen. Ellen Pawlikowski said in April,” read the Monday report.