Category Archives: Cyber War

WikiLeaks, Trump, Manafort, Kremlin, Oligarchs, DNC

Posted on by

Today, July 22, 1016, WikiLeaks published 50,000 files from the DNC. For background, Julian Assange, the known manager of the entire WikiLeaks program appears to have some Belarus and Russia loyalties. Furthermore, Paul Manafort and Donald Trump have relationships as well. Could it be that Assange and the Kremlin have colluded in the U.S. elections and the DNC is waiting for the moment to destroy the general election process?

 

Julian Assange and Europe’s Last Dictator

The former WikiLeaks chief will moderate a public discussion about Belarus, more here.

*****

Related reading:   Russian government hackers penetrated DNC, stole opposition research on Trump

Related reading: Donald Trump and the Siberian Candidate

Manafort didn’t just represent oligarchs tight with the Kremlin. He became business partners with them. He ran a private equity fund in which the aluminum magnate (and Putin pal) Oleg Deripaska invested millions. As the Washington Post has shown, this fund didn’t exactly do much investing. In fact, Manafort struggled to account for the cash he received. And rather than pay back Deripaska, he apparently went underground. In 2014, Deripaska’s lawyers noted, “It appears that Paul Manafort and [his business partner] Rick Gates have simply disappeared”: Manafort’s vanishing became a joke in certain Republican circles. So why has Manafort suddenly felt comfortable re-emerging into public view? How did he square his debts with Putin’s ally? Another question for the campaign chairman: What are his dealings with the Kremlin? It’s clear that he has advanced its interests in Ukraine, where he managed the political rehabilitation of its favored candidate, Viktor Yanukovych. He also went into business with one of the Kremlin’s primary natural gas middlemen, Dmitry Firtash. To what extent did these relationships bring him into the inner sanctum of Russian power?  More here from Slate.

*****

Trump himself and Russian oligarchs:

Trump On His Meeting In Moscow About A Potential Hotel Development: “The Russian Market Is Attracted To Me. I Have A Great Relationship With Many Russians, And Almost All Of The Oligarchs Were In The Room.” “A replica of Bayrock/Sapir’s Trump Soho hotel may be Moscow’s first big new hotel in ten years. Alex Sapir and Rotem Rosen of the Sapir Organization, co-developers on the Soho hotel at 246 Spring Street, met with Russian developer Aras Agalarov and Donald Trump over the weekend to discuss plans for the new project – Trump’s first in Russia. ‘The Russian market is attracted to me,’ Trump told Real Estate Weekly. ‘I have a great relationship with many Russians, and almost all of the oligarchs were in the room.’ Trump told REW that he is in talks with Agalarov and three other groups, and that there is no rush on a timeline for the project. He also did not disclose the hotel’s planned height or square footage, saying only that ‘it has to be a large development, big enough to justify the travel.'” [Real Estate Weekly, 11/12/13<http://therealdeal.com/2013/11/12/the-donald-sapir-execs-mull-bringing-trump-soho-to-moscow/>] More here.

*****

Taking this a step further due to known business relationships between Paul Manafort and the Kremlin, the cable below demonstrates one such item of evidence.

Paul Manafort, Donald Trump’s top campaign chief has had previous business interactions with the Kremlin and events regarding Ukraine. As noted by this cable:

(U) Sensitive but unclassified, please handle accordingly. Not for internet distribution. 1. (SBU) Summary: Party of Regions’ U.S. campaign consultants Paul Manafort, Phil Griffin, and Catherine Barnes called on DCM and poloff March 10 to share Regions’ concerns about election organizational problems that they feared could call the legitimacy of the March 26 election into question. Manafort complained about the indifferent attitude of OSCE/ODIHR. He also claimed that the identified inadequacies were not mere oversights, but were intentional on the part of those in power, specifically Yushchenko and Our Ukraine; he said that Regions’ past experience allowed them to “see what was coming around the corner.” If these shortcomings were not fixed by March 14, the day the Rada would consider technical amendments to address problems, warned Manafort, they could call into question the integrity of the March 26 vote. Manafort acknowledged that the 2006 election cycle was considerably better than in 2004 but stressed that the U.S., ODIHR, and other western countries and institutions needed to be as supportive of the democratic process in 2006 as they had been in 2004, lest the impression be given that there were two sets of standards depending on who was in power. Manafort added that the people who felt that the 2004 elections had been stolen from them — and since he was not in Ukraine in 2004, he could not judge what had happened — would feel that it was happening to them again. End Summary. Regions concerns about voter lists, precinct committees ——————————————— ———- 2. (SBU) Manafort stated that “massive inaccuracies” in voter lists and the lack of formation of polling station committees (PSC) made it impossible for some voters to check the lists and seek administrative remedies. We noted that Ukrainian NGOs had identified the same concerns (reftel). In response to a question, Manafort suggested that the inadequacies were not mere oversights but were intentional on the part of those in power, specifically Yushchenko and Our Ukraine, and said that Regions’ past experience allowed them to “see what was coming around the corner.” If these shortcomings were not fixed, warned Manafort, they could call into question the integrity of the March 26 vote, and an “explosion” could result. We asked if he thought the problems he had cited resulted from acts of commission or omission. He replied that those in power had the ability to correct the problems. 3. (SBU) Regions had delivered specific information on their concerns to the prosecutors’ office, the Central Election Commission, OSCE/ODIHR, and now to the Embassy. Manafort complained that the ODIHR deputy head of Mission, Robert Cherreli, had met with a Regions delegation including an MP earlier March 10 dressed completely inappropriately (jeans, hiking boots, shirt hanging out). He also characterized ODIHR’s response to Regions’ concerns as “indifferent; they didn’t seem to be bothered about the allegations and did not plan on taking any action.” We pointed out that ODIHR’s mandate was as an observer mission, not a lobbying participant, and that OSCE member-state Russia in particular had been highly critical of ODIHR, accusing it in the past of exceeding its observer mandate. 4. (SBU) Manafort disputed this line of argument, which ODIHR itself had used in response to the Regions’ concerns, claiming: “everyone knows what OSCE does in these sorts of situations.” Manafort warned that western countries like the U.S. and institutions like OSCE/ODIHR were risking the appearance of not pushing as hard for high standards of democratic process in 2006 as they had in 2004, and that there could be negative consequences in the eyes of people who saw the “West made certain demands on the one hand when one group was in power but reacted differently, or stayed silent, when another group was in power.” We made clear that the U.S. position on the importance of free and fair elections was unchanged from 2004 to 2006. Manafort replied that the “perception” nevertheless was “out there.” 5. (SBU) Manafort added that the people who felt that the 2004 elections had been stolen from them — rightly or wrongly, that was how they felt — would feel that it was happening to them again. In apparent anticipation of our next statement, Manafort offered that he was not in Ukraine in 2004 and could not make a judgment of what had happened. What was past was past; he was concerned about the present. 6. (SBU) Manafort’s associate Catherine Barnes opened a folder with documents she said supported the Regions’ complaints. The most specific example cited was a Luhansk precinct (Oktyabr district) in which 10,000 eligible voters were supposedly missing from the list, including entire apartment blocks; 16,000 were listed incorrectly, mainly due to mistakes in translating from Russian into Ukrainian. Barnes said that the possible remedy in the works was a series of technical amendments the parliament (Rada) could pass March 14 to address the problems. There was consensus among Rada factions about certain corrections, but disagreement on others. 7. (SBU) Manafort claimed that CEC Chair Davydovych supported all the amendments under consideration and had characterized the condition of the voters’ lists as being worse than in 2004. In contrast, according to Manafort, President Yushchenko’s Our Ukraine representative had rejected a mechanism to allow voters recourse on election day to have the PSC add their names, vowing that Yushchenko would veto it, either with a direct veto or fail to sign the legislation, which would have the same effect, since the election would be less than two weeks away after the March 14 vote. He also said that, except for Our Ukraine, there was broad agreement among all political forces including Tymoshenko’s Bloc that the amendments were needed. We observed in reply that in the 2004 election, a district court or the territorial election commission could add someone to the voter list, but not the PSC itself. Our understanding of the proposed legislative fix under consideration in the Rada was that it would allow a local court to authorize same-day additions to the voter list, not PSCs. 8. (SBU) Manafort suggested that on March 14, two sets of amendments could be put to a vote in the Rada, one with consensus support, and the other including fixes supported by Regions and other parties, “including some orange parties,” but likely to be rejected by Yushchenko/Our Ukraine. This rejection could cause a “major problem” for perceptions of the elections’ legitimacy. Even though “it would not change the result, it could change the magnitude.” 9. (SBU) Catherine Barnes, Project Manager for the “Ukraine Election Integrity Project,” a Manafort sub-project to train Regions’ poll watchers in the standards of the code of conduct adopted by the Party for the 2006 election cycle, briefly mentioned her efforts, which have trained over 1200 Regions’ members. The materials she handed to the embassy about the integrity issues brief notes that while Regions expects to win handily, it “has serious concerns about the political will of the current government to conduct free and fair elections, concerns that are increasingly shared by the CEC and other political parties in the Verkhovna Rada.” 10. (SBU) We noted the great differences between the 2006 and 2004 election cycles. On the streets of Zaporizhzhya, there were nearly a dozen political party tents representing the entire political spectrum lined up right next to each other, without incident or problem; on the same street in 2004, only one color was allowed to be seen. Manafort, Griffin, and Barnes nodded in agreement, with Manafort adding: “and that’s why we have to ensure this opportunity to cement gains made isn’t lost.” 11. (SBU) DCM raised the case of Black Sea TV, a Tymoshenko bloc-affiliated station which had been subject to a court ruling to shut it down, based on a petition from a local Party of Regions branch citing a clause in the election law universally condemned by free media advocates. Manafort said that the action had not come at the request of the national Party of Regions, claimed that the petitioning party was not a local Regions branch per se but were supporters of Yanukovych, and suggested that in fact Yushchenko-affiliated forces had inspired the shut down action in a “Black PR” effort to besmirch Party of Regions’ reputation. DCM asked if Yanukovych had or planned to distance himself from these actions. Manafort replied that this was deemed unnecessary, because “the courts would take care of this.” 12. (SBU) We also raised the March 9 statement of Regions’ Campaign Chief Kushnariov, who had attacked US policy towards Ukraine, accused it of meddling in the election process by passing the repeal Jackson-Vanik amendment, granting Market Economy Status, and signing a bilateral WTO accession agreement to keep in power an “orange” government willing to “take instructions” from across the Atlantic. Kusnariov’s statement was posted on the Regions’ website. Manafort said that he would talk to Kushnariov, who had not mentioned it to him in their daily morning meeting; the statement was in Russian, but had not been posted on the English version of the site, Manafort added. 13. (U) Note: In comments to the media in Uzhhorod March 9 picked up by the UNIAN wire service, Ambassador underscored concerns over the voters’ lists and sufficient staffing of precinct commissions. Other views ———– 14. (SBU) Our Ukraine’s Anton Klymenko held a press conference March 10 alleging that Regions, not Our Ukraine, was involved in voter list manipulation in eastern Ukraine, and that the “new” voter lists for some precincts in Donetsk which had stripped off many “dead souls” on the 2004 rolls had been replaced by the voter lists used in 2004, when fraud in the East was prevalent. Yarema Bachinsky, who runs a USAID-funded election-related education project, said that at this point there is no way to confirm the mutual accusations, which echo the charges and counter charges made in the 2004 election cycle. Since the Central Election Commission has not officially indicated how many PSCs are not fully functional, it is difficult to assess the extent of concerns about voter lack of access to a mechanism to check and possibly correct their names. 15. (SBU) This perspective was echoed by ODIHR’s Political analyst Beata Martin-Rozumilowicz, who told us that Regions, NeTak and Communists are making an issue of the transliteration of names, alleging that either their voters won’t be able to vote or there is a possibility of double listing/voting. ODIHR doesn’t have any way of verifying the lack of access to non-functional PSCs, though they cited a report that the CEC deputy Chair told the Rada in mid-February that 7000 PSCs lacked enough commissioners to function. CEC members are supposed to go out to the provinces over the weekend of March 11-12 to assess the current state of readiness. Regarding the Rada consideration of amendments, Martin-Rozumilowicz added that the CEC has proposed one set of technical amendments, and the Party of Regions has proposed its own. 16. (SBU) Note: Following is the original text of memo handed to DCM only at the conclusion of the meeting. The consultants did not voice the appeal in the final paragraph preceding the note. Begin text: MEMORANDUM To: Sheila Gwaltny, Deputy Chief of Mission, US Embassy in Ukraine From: Paul Manafort, Davis Manafort Re: Meeting with OSCE-ODIHR Date: 10 March 2006 This morning, there was a meeting between the Party of Regions and OSCE-ODIHR to discuss the party’s grave concerns about massive inaccuracies in the Voters’ List and the problems in the formation and functioning of PECs which makes is impossible for voters in some areas to check the Voters’ List and seek administrative remedies. These meeting was not positively assessed by the Party of Regions, which interpreted the OSCE-ODIRH response as indifferent. During the meeting, POR representatives made a presentation on the massive problems with the Voters’ List that they have identified in there core regions in the South and East and provided extensive documentation on the magnitude of these problems. In once district in Lugansk, for example, 10,000 eligible voters are missing from the list and 16,000 are entered incorrectly. They also indicated that some 7,000 precinct election commissions have yet to be properly formed, which impedes the ability to check and correct the lists as envisioned by the law. POR sees these issues as potentially leading to the complete unraveling of elections in Ukraine if not dealt with before Election Day. It is working in consultation with other political parties in the Verhovna Rada and with the Chairman of the CEC to propose a series of technical amendments to the parliamentary election law to address these problems. These include steps to ensure the proper functioning of PECs, reducing the quorum required for PECs to make decisions, and providing for the addition of eligible voters to the Voters’ List at the polling stations on Election Day. There is broad consensus on the problems and on the technical remedies. The main hurdle to adoption of these technical amendments is the party of power, Our Ukraine. During the meeting with OSCE-ODIHR, the severity of the problems was established and documented. They indicated that there is a multi-party process underway in parliament to provide technical solutions was elaborated upon and that the key amendment, additions to the Voters’ List on Election Day is being opposed by Our Ukraine. POR asked for assistance from OSCE-ODIHR in urging the Government to join with other political parties to support the technical amendments to the law in order to avert a disaster on Election Day. These technical amendments must be adopted at the Verhovna Rada session that begins on 14 March and the President must immediately sign the amendments into law to ensure their implementation. OSCE-ODHIR indicated that it was aware of the problems and appreciated the documentation provided by POR. It promised to look into the problems and indicated that its long term observers were already in contact with POR representatives in the regions. It indicated, OSCE-ODIHR indicated however that as an observer mission that it cannot intercede in the political process. PbR impressions of the meeting where that OSCE-ODIHR, while cognizant of the problems and increasingly willing to investigate and report on them, appears to have no political will to prevent the impending disaster by encouraging the President to take the necessary and broadly supported steps to fix the problems that his Administration created. In order to stop this ticking time bomb, the intervention of the international community is needed. Without the leadership of the United States, it would appear that the time bomb is set to explode. Note: The meeting was attended by Elena Lukash, POR representative on the CEC and Victor Slauta, an MP representing POR and who serves on the parliamentary working group considering technical amendments to the parliamentary election law attended as did Catherine Barnes, election integrity advisor for Davis Manafort. OSCE-ODIHR was represented by the Deputy Head of Mission, Roberto Cherreli, the elections advisor Kamel Ivanov, and the legal advisor Hans Birchler. The Deputy Head of Mission showed up in casual attire (jeans, hiking boots, shirt hanging out), to meet a member of parliament, which suggests the seriousness with which the meeting was taken. End text. 14. (U) Visit Embassy Kiev’s classified website at: www.state.sgov.gov/p/eur/kiev. HERBST

Turkey Hacks Library of Congress During Coup

Posted on by

Primer:

In part from Time: Kerry raised the question of Turkey’s NATO membership, suggesting that anti-democratic behavior by Erdogan could imperil the country’s place in the alliance. “NATO also has a requirement with respect to democracy,” Kerry said, and added said NATO would “measure” Turkey’s actions in days to come. “Obviously, a lot of people have been arrested and arrested very quickly,” Kerry said. “The level of vigilance and scrutiny is obviously going to be significant in the days ahead. Hopefully we can work in a constructive way that prevents a backsliding.”

Turkey’s membership in the NATO alliance is a matter of major strategic importance to the U.S., and talk of the country being ousted caught some experts by surprise in the U.S. Amb. Bryza of the Atlantic Council said Kerry’s comments were being taken as threats in Turkey, and that it was an “extreme misinterpretation that we would kick them out of NATO.” Much more detail here.

Turkish hackers claim credit for Library of Congress attack

FCW: A hacking group called the Turk Hack Team is taking credit for a shutdown of the Library of Congress website and hosted systems including Congress.gov, the Copyright Office, Congressional Research Service and other sites.

The group claimed credit on an online message board where users go for updates on the availability of websites.

The attack was launched July 17, in the midst of Turkey’s response to the military coup targeting the elected government of President Recep Tayyip Erdogan. Prominent Turkish officials have accused the U.S. of fomenting the coup; Secretary of State John Kerry issued a stern denial of such accusations.

The Turk Hack Team is not considered at the level of a nation-state sponsored group or an advanced persistent threat, former U.S. CERT director Ann Barron-DiCamillo told FCW. They’re more of a “middle-tier, hacktivist” type group, she said. They’ve gone after targets for perceived slights to Turkey’s honor in the past, including an April 2015 hack on the Vatican website made in response to comments from Pope Francis characterizing the 1915 massacres of Turkish Armenians as a genocide.

The group has not gone after U.S. targets in the past, but Baron-DiCamillo, currently partner and CTO at Strategic Cyber Ventures, said U.S. officials would likely be on the lookout for more hacktivist activity emanating from Turkey. “This is the first kind of visible activity generated post-coup, but it doesn’t mean it’s going to be the last,” she said.

Library of Congress CIO Bernard Barton said on July 20 that the attack had been successfully thwarted.

“This was a massive and sophisticated DNS assault, employing multiple forms of attack, adapting and changing on the fly,” he wrote in a blog post. “We’ve turned over key evidence to the appropriate authorities who will investigate and hopefully bring the instigators of this assault to justice.”

 

 

Congress is not covered by the Federal Information Security Management Act and is not required to report cyber incidents to the Department of Homeland Security.

Spokesperson Gayle Osterberg told FCW that the Library of Congress reports all cyber-related criminal activity to the FBI.

DHS is aware of the incident but is not involved in the investigation or mitigation of the attacks, according to an agency source.

DDOS attacks can be expensive to deal with, requiring network operators to obtain specialized routing services from their internet service providers. They can also potentially front for other attacks, or test systems to see what kind of defenses are in place.

Related reading: Turkey blocks access to WikiLeaks after ruling party email dump

Mostly, Barron-DiCamillo said, they are “distracting, causing pain to both users and customers, but not impacting back-end systems and more critical data.”

It is possible the hackers imagined that the Congress.gov and LOC.gov domains represented a more critical target than they actually are. Congress.gov is mostly a public-facing information warehouse that is not integral to the legislative function of the House and Senate. Most of the complaints about the site being down came from librarians and researchers looking to execute catalog searches.

The outage also affected the Congressional Research Service, the in-house think tank for Congress. CRS reports, available only to members and staff, are not published elsewhere except on an ad hoc basis legislators and public interest groups that obtain the odd document. A bill introduced by Rep. Mike Quigley (D-Ill.) just days before the hack would open up CRS reports to the public, and have the effect of creating a backup site for the material on the Government Publishing Office website.

Obama/DoJ Allowing Foreigners to Serve Warrants

Posted on by

This sounds like selective investigations, prosecutions and collaborated witch hunts which all add up to an offshore shadow NSA and new type of Interpol. Is this something else that also will be under the purview of the United Nations? Hello Google?

 Photo: Leaksource

 Photo: Security Affairs

WSJ: The Obama administration is working on a series of agreements with foreign governments that would allow them for the first time to serve U.S. technology companies with warrants for email searches and wiretaps—a move that is already stirring debates over privacy, security, crime and terrorism.

Brad Wiegmann, a senior official at the Justice Department, discussed the administration’s efforts during a public forum on Friday at a congressional office building in Washington, D.C. The first such agreement is being assembled with the U.K., he said.

Word of the plans came one day after a federal appeals court ruled that federal warrants couldn’t be used to search data held overseas by Microsoft Corp. MSFT -0.07 % , dealing the agency a major legal defeat.

The court’s decision in favor of Microsoft could prove to be a major barrier to the Obama administration’s proposed new rules to share data with other nations in criminal and terrorism probes, which would be sharply at odds with the ruling. It might lead some companies to reconfigure their networks to route customer data away from the U.S., putting it out of the reach of federal investigators if the administration’s plan fails.

The Justice Department has indicated it is considering appealing the Microsoft ruling to the Supreme Court.

Meanwhile, Justice Department officials are pressing ahead with their own plan for cross-border data searches.

Under the proposed agreements described by Mr. Wiegmann, foreign investigators would be able to serve a warrant directly on a U.S. firm to see a suspect’s stored emails or intercept their messages in real time, as long as the surveillance didn’t involve U.S. citizens or residents.

Such deals would also give U.S. investigators reciprocal authority to search data in other countries.

“They wouldn’t be going to the U.S. government, they’d be going directly to the providers,’’ said Mr. Wiegmann. Any such arrangement would require that Congress pass new legislation, and lawmakers have been slow to update electronic privacy laws.

That U.K. agreement, which must be approved by the legislatures of both countries, could become a template for similar deals with other countries, U.S. officials said.

Mr. Wiegmann said the U.S. would strike such deals only with nations that have clear civil liberties protections to ensure that the search orders aren’t abused.

“These agreements will not be for everyone. There will be countries that don’t meet the standards,’’ he said.

Greg Nojeim, a privacy advocate at the Center for Democracy and Technology, criticized the plan. He said it would be “swapping out the U.S. law for foreign law’’ and argued that U.K. search warrants have less stringent judicial protections than U.S. law.

British diplomat Kevin Adams disputed that, saying the proposal calls for careful judicial scrutiny of such warrants. Privacy concerns over creating new legal authorities are overblown, he added.

“What is really unprecedented is that law enforcement is not able to access the data they need,’’ Mr. Adams said. The ability to monitor a suspect’s communications in real time “is really an absolutely vital tool to protect the public.’’

While Thursday’s court decision represented a victory for Microsoft, which strives to keep data physically near its customers, it may not be viewed as a positive development for all internet companies, said University of Kentucky law professor Andrew Woods. Yahoo Inc., YHOO -0.63 % Facebook Inc. FB -0.37 % and Alphabet Inc. GOOGL -0.02 % ’s Google operate more centralized systems. They didn’t file briefs in support of Microsoft’s position in the case, he noted.

Mr. Woods warned that increased localization of data could have the unintended consequence of encouraging governments to become more intrusive.

“If you erect barriers needlessly to states getting data in which they have a legitimate interest, you make this problem worse,’’ he said. “You increase the pressure that states feel to introduce backdoors into encryption.”

Microsoft President and Chief Legal Officer Brad Smith said the company shares concerns about the “unintended consequences” of excessive data localization requirements.

“But rather than worry about the problem, we should simply solve it” through legislation, Mr. Smith said. Microsoft supports the proposed International Communications Privacy Act. That legislation would, among other provisions, create a framework for law enforcement to obtain data from U.S. citizens, regardless of where the person or data was located.

Companies and governments generally agree that the current legal framework for cross-border data searches is far too slow and cumbersome. Though major tech firms don’t always agree on the particular changes they would like to see, the industry has long sought to get clearer rules from the U.S. and other governments about what their legal obligations are.

A coalition of the country’s largest tech companies, including Microsoft, Facebook and Google, created a group called Reform Government Surveillance that is pushing for updating data-protection laws. The group has said it was “encouraged by discussions between the U.S. and the U.K.”

Thursday’s ruling could lead some Microsoft rivals that offer email, document storage, and other data storage services, but which haven’t designed systems to store data locally, to alter their networks, said Michael Overly, a technology lawyer at Foley & Lardner in Los Angeles.

Google, for example, stores user data across data centers around the world, with attention on efficiency and security rather than where the data is physically stored. A given email message, for instance, may be stored in several data centers far from the user’s location, and an attachment to the message could be stored in several other data centers. The locations of the message, the attachment and copies of the files may change from day to day.

“[Internet companies] themselves can’t tell where the data is minute from minute because it’s moving dynamically,” Mr. Overly said.

The ruling could encourage tech companies to redesign their systems so that the data, as it courses through networks, never hits America servers.

A person familiar with Google’s networks said that such a move wouldn’t be easy for the company.

Why is Trump Against Ukraine and Siding with Russia?

Posted on by

Are we to expect the Trump agenda as president is to normalize all relations with the Kremlin? Is this the first official foreign policy disaster? Below are a handful of factual conditions that Trump is already wrong where the RNC Convention policy was right, but Trump objects. Something else smells here.

We have not even addressed how Russia is not cooperating with the West on Islamic State and the Defense Department refuses to collaborate with Russia on war missions or intelligence.

 

Even The Treasury Department has reasons to apply sanctions to Russia.

Directives 1 and 2 Pursuant to EO 13662 (Issued July 16, 2014)

Important Advisories

OFAC issues advisories to the public on important issues related to the sanctions programs it administers.  While these documents may focus on specific industries and activities, they should be reviewed by any party interested in OFAC compliance.

Due to the invasion of Crimea and Ukraine, Russia was eliminated from the G8 making it the G7 and sanctions remain.

****

The Kremlin has a full blown internet troll operation against the United States

So, That Cyber Caliphate is Not ISIS, it is Russian!

General Dunford Tells Congress Russia Poses Greatest Threat to US Security

G7 summit: Obama and Merkel firm on Russia sanctions

BBC: Moscow is the target of European Union and US sanctions over its role in support of Ukrainian rebels.

Russia has been excluded from what was previously known as the G8, since the annexation of Crimea last year.

The West accuses Russia of sending military forces into eastern Ukraine to help the rebels – a charge echoed by analysts. Moscow denies this, saying any Russian soldiers there are volunteers. More from BBC

Trump campaign guts GOP’s anti-Russia stance on Ukraine

Rogin/WashingtonPost: The Trump campaign worked behind the scenes last week to make sure the new Republican platform won’t call for giving weapons to Ukraine to fight Russian and rebel forces, contradicting the view of almost all Republican foreign policy leaders in Washington.

Throughout the campaign, Trump has been dismissive of calls for supporting the Ukraine government as it fights an ongoing Russian-led intervention. Trump’s campaign chairman, Paul Manafort, worked as a lobbyist for the Russian-backed former Ukrainian president Viktor Yanukovych for more than a decade.

Still, Republican delegates at last week’s national security committee platform meeting in Cleveland were surprised when the Trump campaign orchestrated a set of events to make sure that the GOP would not pledge to give Ukraine the weapons it has been asking for from the United States.

Inside the meeting, Diana Denman, a platform committee member from Texas who was a Ted Cruz supporter, proposed a platform amendment that would call for maintaining or increasing sanctions against Russia, increasing aid for Ukraine and “providing lethal defensive weapons” to the Ukrainian military.

“Today, the post-Cold War ideal of a ‘Europe whole and free’ is being severely tested by Russia’s ongoing military aggression in Ukraine,” the amendment read. “The Ukrainian people deserve our admiration and support in their struggle.”

Trump staffers in the room, who are not delegates but are there to oversee the process, intervened. By working with pro-Trump delegates, they were able to get the issue tabled while they devised a method to roll back the language.

On the sideline, Denman tried to persuade the Trump staffers not to change the language, but failed. “I was troubled when they put aside my amendment and then watered it down,” Denman told me. “I said, ‘What is your problem with a country that wants to remain free?’ It seems like a simple thing.”

Finally, Trump staffers wrote an amendment to Denman’s amendment that stripped out the platform’s call for “providing lethal defensive weapons” and replaced it with softer language calling for “appropriate assistance.”

That amendment was voted on and passed. When the Republican Party releases its platform Monday, the official Republican party position on arms for Ukraine will be at odds with almost all the party’s national security leaders.

“This is another example of Trump being out of step with GOP leadership and the mainstream in a way that shows he would be dangerous for America and the world,” said Rachel Hoff, another platform committee member who was in the room.

Of course, Trump is not the only politician to oppose sending lethal weapons to Ukraine. President Obama decided not to authorize it, despite recommendations to do so from his top Europe officials in the State Department and the military. The United States has provided Ukraine with non-lethal equipment and aid.

Trump’s view of Russia has always been friendlier than most Republicans. He’s said he would “get along very well” with Vladimir Putin and called it a “great honor” when Putin praised him. Trump has done a lot of business in Russia and has been traveling there since 1987. Last August, he said of Ukraine joining NATO, “I wouldn’t care.” He traveled there in September, and he told Ukrainians their war is “really a problem that affects Europe a lot more than it affects us.”

For Trump, the biggest threat to Europe is not Russia, according to people familiar with his thinking. He believes the United States should focus on helping Europe fight Islamist terrorism and open borders, not confronting Putin. He has called for a reduction of the U.S. commitment to NATO. He simply doesn’t see Russia as a dangerous threat.

For Denman, the Trump campaign’s actions betrayed the U.S. commitment to supporting struggling democracies around the world, which she considers a core Republican value.

“The Ukrainian people are trying to come out of the past and stay free. We owe to those who are fighting for freedom still to give them a helping hand,” she said.

“I’m very passionate and supportive of the Reagan foreign policy of peace through strength.”

Trump too often invokes Ronald Reagan when talking about America’s role in the world. But although Reagan negotiated with the Soviet Union, he also stood up to Russian aggression in Europe and defended democratic principles abroad.

When the platform comes out, Republicans will see how far from the Reagan doctrine their party has drifted, thanks to Trump.

Grid Hacking Tool Found, Have a Generator Yet?

Posted on by

Researchers Found a Hacking Tool that Targets Energy Grids on the Dark Web

Motherboard: A sophisticated piece of government-made malware, designed to do reconnaissance on energy grid’s system ahead of an eventual cyberattack on critical infrastructure, was found on a dark web hacking forum.

Cybersecurity researchers usually catch samples of malicious software like spyware or viruses when a victim who’s using their software such as an antivirus, gets infected. But at times, they find those samples somewhere else. Such was the case for Furtim, a newly discovered malware, caught recently by researchers from the security firm SentinelOne.

SentinelOne’s researchers believe the malware was created by a team of hackers working for a government, likely from eastern Europe, according to a report published on Tuesday.

Hacking forums, of course, are home to a lot of malicious data and software. But they are usually not places where sophisticated government-made hacking tools get exchanged.

Udi Shamir, chief security officer at SentinelOne, said that it’s normal to find reused code and malware on forums because “nobody tries to reinvent the wheel again and again and again.” But in this case, “it was very surprising to see such a sophisticated sample” appear in hacking forums, he told Motherboard in a phone interview.

“This was not the work of a kid. […] It was cyberespionage at its best.”

Shamir said that the malware, dubbed Furtim, was “clearly not” made by cybercriminals to make some money but for a government spying operations.

Furtim is a “dropper tool,” a platform that infects a machine and then serves as a first step to launch further attacks. It was designed to target specifically European energy companies using Windows, was released in May, and is still active, according to SentinelOne.

Another interesting characteristic is that Furtim actively tries to avoid dozens of common antivirus products, as well as sandboxes and virtual machines, in an attempt to evade detection and stay hidden as long as possible. The goal is “to remove any antivirus software that is installed on the system and drop its final payload,” SentintelOne’s report reads.

Security experts believe that critical infrastructure, such as the energy grid, is highly vulnerable to cyberattacks, and believe a future conflict might start with taking down the power using malware. While it might sound far-fetched, at the end of last year, hackers believed to be working for the Russian government caused a blackout in parts of Ukraine after gaining access to the power grid using malware.

It’s unclear who’s behind this cyberespionage operation, but Shamir said it’s likely a government from Eastern Europe, with a lot of resources and skills. The malware’s developers were very familiar with Windows; they knew it “to the bone,” according to him.

“This was not the work of a kid,” he said. “It was cyberespionage at its best.”

****

The dropper’s principle mission is to avoid detection; it will not execute if it senses it’s being run in a virtualized environment such as a sandbox, and it also can bypass antivirus protection running on compromised machines.

The sample also includes a pair of privilege escalation exploits for patched Windows vulnerabilities (CVE-2014-4113 and CVE-2015-1701), as well as a bypass for Windows User Account Control (UAC), which limits user privileges.

“It escalates privileges after all these checks and registers a hidden binary that it drops onto the hard drive that runs early in the boot process,” SentinelOne senior security researcher Joseph Landry said. “It will go through and systematically remove any AV on the machine that it targets. Then it drops another payload to the Windows directory and runs it during login time.” More from ThreatPost