Category Archives: Cyber War

CyberCaliphate Hacks Govt Emails of the Brits

Posted on by

Just a few weeks ago, a Brit who was head of the ISIS cyber-hacking team was killed by a drone. Without much news or fanfare, there is coordination and key reasons why some are targets while others are not. Such is the case with Junaid Hussain.

Raqqa is Being Slaughtered Silently

Hussain Junaid posts on Twitter, was not just words, they were messages to ISIS fighters around the world, giving them orders on how to move against the targets. His job was not only to send encrypted messages, but he was one of the largest financiers of ISIS through hacking bank accounts and stealing its money for ISIS.
Junaid Hussein AKA British nicknamed Abu Hussein, is of Pakistani origin, He was a young man in his 20’s who descended from the British city of Birmingham. He was a former detainee, arrested in 2012 after stealing private information from the Internet and hacking British ex Prime Minister Tony Blair account.
Hussain posted in the past several Tweets that preceded ISIS operations in Europe and America, and adopted few minutes after they have occurred, as happened on the 3rd of May when the attack on the Prophet Muhammad exhibition in Texas.
The Independent British newspaper, revealed that “Abu Hussein” is responsible for the deployment ISIS ideas in his homeland «Britain» and all Western countries, through posting jihadi slogans constantly online specially on social networking sites, like saying: “someday ISIS flag will be held over Downing Street and the White House.”
Hussain was also responsible of the training of electronic army of ISIS, in order to expand their activity in the cyberspace and gain new financial resources.
His first lesson given to his trainees was t hacking Central Command of the US Army social networking site “Twitter”, and video sharing site on the Internet, “YouTube”, in January 2015.
The hackers published tweets though the hacked accounts declaring that the electronic Khilafa was responsible for the attack, and sent messages to the American soldiers. Also, they published lists of names of ISIS commanders includes personal information.
Hussain was known to have high capability of changing his position and hide well, to escape the coalition air strikes. He used to move very carefully with 4 cars, each going to a different place. He didn’t spend more than 6 hours in one place, and stayed underground.
All this didn’t allow him to stay alive serving ISIS, because the coalition forces managed yesterday to kill him after attacking a group of cars near Abu Al Haif gas station in the city of Raqqa. According to our correspondent in the city ”The air forces targeted a car near the gas station, which killed 3 people, one of them is a high profile”. They our source confirmed that the person who died is in fact Junaid Al Hussain, with two of his men, one of them is European.
ISIS has not declared His death, despite all the services he provided to them. Rumors inside Al Raqqa says that Hussain managed to get ISIS a huge amount of money, through hacking, but yet, no statements from ISIS were issued to announce his death.

ISIS hackers violated top secret British Government emails

cyber-caliphate-analysis-6

According to an investigation by the GCHQ intelligence agency ISIS hackers targeted information held by some of David Cameron’s most senior ministers.

According the experts at the British Intelligence GCHQ, ISIS hackers intercept top secret British Government emails.

The investigation conducted by the GCHQ allowed the British intelligence to uncover a serious breach, terrorists linked to the ISIS have been targeting email accounts held by some of David Cameron’s most senior ministers, including the Home Secretary Theresa May.

The hack could have exposed confidential information related to the British Government and members of the Royal family, at the Time I’m writing there aren’s information related to the data accessed by the ISIS hackers.

“It is understood that at least one of the plot’s ringleaders was killed by a drone strike in an operation disclosed by the Prime Minister this week.” reported the Mirror.

The news doesn’t surprise media, Government entities, politicians and military organizations are privileged targets for the ISIS sympathizers that use the web for intelligence gathering on potential targets. In May Pro-Isis Hackers belonging to Cyber Caliphate hacking team threaten ‘Electronic War’ on US and Europe.

GCHQ against pedophilies

In May, GCHQ warned Whitehall security officials about ISIS plans to attack British targets.

Although no security breach occurred to the Government email systems, officials were told to tighten security procedures.

The Mirror makes explicit reference to the “changing passwords,” not referring the adoption of further defense mechanisms to protect the email accounts, such as two-factor authentication.

Unfortunately, the ISIS is continuing ti develop its cyber capabilities, in the past they demonstrated a mastery of technology for both propaganda and hacking purposes. In June, ISIS supporters were spreading online a collection of tutorial titled the Book of Terror to teach how Hack a Wi-FI network and which are main spying tools.

Among the group of hackers that claim to be affiliated with the ISIS there is a collective of hackers calling themselves the “Islamic State’s Defenders in the Internet,” also known as Cyber Caliphate. The group, which was involved in the hijacking of social media accounts belonging to the US CENTCOM, released a propaganda video threatening cyber attacks anticipating the operation of the terrorists in the Internet.

At the end of August, one of the most popular ISIS hackers, Junaid Hussain, was killed in a US targeted air strike in Syria. The hacker was actively recruiting ISIS sympathizers and according to the British intelligence he directed a plot to kill the Queen.

Iran, Qods Force, Russia, the Game-changer

Posted on by

Protecting the Iranian nuclear sites?

Wendy Sherman sat with John Kerry every day during the Iran talks. This is a short interview and a must watch. She has bought into believing Iran.

Meanwhile, there is Russia and the Iranian Revolutionary Guard Corps.

The missile deal:

Russia, Iran Ready to Sign S-300 Delivery Contract in Near Future

Fars News Agency

Originally published at
http://english.farsnews.com/newstext.aspx?nn=13940618001360

Posted on by

TEHRAN (FNA)- A contract between Moscow and Tehran on the delivery of Russian S-300 missile defense systems to Iran will be signed in the near future, Russian Deputy Foreign Minister Sergei Ryabkov said on Wednesday.

“The negotiations are continuing, the contract will be signed in the near future. All political decisions have been made, there are no obstacles there,” Ryabkov was quoted as saying by Sputnik news website.

In 2007, Iran signed a contract worth $800mln to buy five Russian S300 missile defense systems.

But the deal was scrapped in 2010 by the then-Russian President Dmitry Medvedev under the pretext of the UN Security Council sanctions, although the UN embargoes did not include defensive military systems.

Iran filed a $4bln lawsuit against Russia in the international arbitration court in Geneva.

Moscow then struggled to have the lawsuit dropped, including by offering the Tor anti-aircraft systems as replacement, media reported in August, adding that the offer was rejected by Tehran.

Yet, some reports said the Antei-2500 could be a better solution. The system does not formally fall under the existing sanctions against Iran while still being useful for the Middle-Eastern country.

While the S-300 was developed for the use by missile defense forces, the Antei-2500 was specifically tailored for the needs of ground forces, which could also be an advantage for Iran, known for its large land force.

Later, Iran rejected the offer, stressing that it would not change its order.

The S-300 is a series of Russian long range surface-to-air missile systems produced by NPO Almaz, all based on the initial S-300P version. The S-300 system was developed to defend against aircraft and cruise missiles for the Soviet Air Defense Forces. Subsequent variations were developed to intercept ballistic missiles.

The S-300 system was first deployed by the Soviet Union in 1979, designed for the air defense of large industrial and administrative facilities, military bases, and control of airspace against enemy strike aircraft.

In the meantime, Iran designed and developed its own version of the S-300 missile shield, known as Bavar (Belief) 373. The Iranian version has superior features over the original Russian model as it enjoys increased mobility and reduced launch-preparation time.

In April, Iranian Defense Minister Brigadier General Hossein Dehqan announced that Iran would receive the S-300 air defense systems from Russia in 2015.

“We will sign the contract for the delivery of S-300 air defense systems with the Russian side during an upcoming visit to Moscow in the current year,” Brigadier general Dehqan said prior to his departure to Moscow to take part in 2015 International Moscow Security Conference.

He noted that the Iranian Defense Ministry had studied the details of the S-300 contract and the air defense system would be delivered to Iran before the end of 2015.

“What is important is that since the beginning of talks about this contract, the Americans and the Zionist regime voiced their opposition to the sale of S-300 systems and called for a halt to the implementation of the contract,” Brigadier General Dehqan said.

In April, President Putin removed the ban on the delivery of the missile shield to Iran.

Following the announcement, Brigadier General Dehqan said “the decree came as an interpretation of the will of the two countries’ political leaders to develop and promote cooperation in all fields”.

Putin’s decision was announced hours after relevant reports said the Kremlin also plans to supply China with the advanced S-400 air defense system.

Putin said during a meeting with Iran’s Admiral Shamkhani that his decision to deliver the sophisticated S-300 air defense missile systems to Tehran set a role model at global class that every nation should remain loyal to its undertakings.

“The decision which was taken today bears this clear message that all countries are necessitated to remain committed to their undertakings,” Putin said at the meeting in Moscow.

In January, Tehran and Moscow signed an agreement to broaden their defensive cooperation and also resolve the problem with the delivery of Russia’s S300 missile defense systems to Iran.

The agreement was signed by General Dehqan and his visiting Russian counterpart General Sergei Shoigu in a meeting in Tehran in January.

The Iranian and Russian defense ministers agreed to resolve the existing problems which have prevented the delivery of Russia’s advanced air defense systems to Iran in recent years.

The two sides also agreed to broaden their defense cooperation and joint campaign against terrorism and extremism.

Russian build-up in Syria part of secret deal with Iran’s Quds Force leader

FNC: As the Pentagon warily eyes a Russian military build-up in Syria, Western intelligence sources tell Fox News that the escalated Russian presence began just days after a secret Moscow meeting in late July between Iran’s Quds Force commander — their chief exporter of terror — and Russian President Vladimir Putin.

Fox News has learned Quds head Qassem Soleimani and Putin discussed such a joint military plan for Syria at that meeting, an encounter first reported by Fox News in early August.

“The Russians are no longer advising, but co-leading the war in Syria,” one intelligence official said.

The Quds Force is the international arm of Iran’s Revolutionary Guard, involved in exporting terrorism to Iran’s proxies throughout the Middle East including Lebanon, Syria, Iraq and Yemen.

Intelligence sources told Fox News that — in addition to the previously reported arrival of nearly 50 Russian marines, 100 housing units and armored vehicles delivered by a stream of massive Antonov-124 Condor military transport aircraft and two Russian landing ships in Syria — the Russians have delivered aviation, intelligence and communications facilities to deploy a powerful offensive force.

Officials who have monitored the build-up say they’ve seen more than 1,000 Russian combatants — some of them from the same plainclothes Special Forces units who were sent to Crimea and Ukraine. Some of these Russian troops are logistical specialists and needed for security at the expanding Russian bases.

“Imagine how the Americans came to Iraq and Afghanistan. It’s the same kind of build-up. They bring everything, they build everything they need,” the intelligence official said.

The shadowy Iranian commander Soleimani visited Moscow from July 24-26 — just 10 days after the nuclear deal was announced, despite a travel ban and U.N. Security Council resolutions barring him from leaving Iran. He met with Russian Defense Minister Sergei Shoigu and Putin to discuss arms deals. But Fox News has since learned that the Russian and Iranian leaders were also discussing a new joint military plan to strengthen Syrian President Bashar Assad, a plan that is now playing out with the insertion of Russian forces in Syria.

There are indications that Soleimani is not only involved in the Russian build-up in Syria, but may be leading the operation, though he has not been seen in Syria recently.

The Russians want to protect their interests in Syria. When the Syrian civil war began in 2011, the Russians had $4 billion in outstanding arms contracts with the Syrian government. The Russian Navy has maintained a base in Syria since the 1970s. This week, an image also surfaced purporting to show Nusra Front fighters standing by a Russian-supplied aircraft at a captured Syrian air base.

U.S. defense sources tell Fox News that most of Russia’s heavy military equipment has arrived by sea onboard Russian amphibious transport ships. Those ships began arriving in the Syrian port of Tartous in recent days. U.S. officials have confirmed a total of eight military cargo planes from Russia landed in the past few days outside Latakia, a port city on the Mediterranean, becoming an almost daily occurrence.

Onboard those vessels: Russian armored vehicles, tanks, helicopters, unmanned drones that can be armed and used for intelligence gathering. Western intelligence sources also confirm that the Russians have sent a mobile air traffic control system, communication/listening units, and pre-built housing units.

Fox News has learned that the Russian units include  members of the Airborne Rifle brigade, the equivalent of U.S. Army Rangers.

The reason that the Iranians are increasingly concerned about Assad’s future is that they do not want a situation in which the Islamic State makes its way to Lebanon unchallenged, posing a threat to Iran’s proxy Hezbollah, according Western sources. This makes the Iranians natural allies of the Russians.

Iran, these sources say, wants Syria to serve as its buffer zone between ISIS and Hezbollah.

Few think Russia’s military build-up denotes an intent by Russia to join the U.S.-led anti-ISIS coalition. Despite downplaying the reports last week, the State Department and Pentagon are now so concerned by Russia’s presence that Secretary of State John Kerry called his Russian counterpart twice this week to express his misgivings about the escalating conflict.

 

General Dempsey Clues to Europe Refugee Crisis

Posted on by

A criminal network is behind the refugee insurgency and NATO is working to contain, control and stop the crisis.

Implications:

Austrian Federal Railways says train service has been suspended between the main border crossing point to Hungary and Vienna. That appears to have prompted thousands of asylum-seekers to begin trekking on foot toward the Austrian capital.

The railways press department says the move was prompted due to lack of capacity to deal with the thousands of people at the Nickelsdorf crossing wanting to board trains daily to the Austrian capital. Once in Vienna, most have traveled on to Germany and other Western EU nations.

Railway officials are meeting Friday to try to resolve the issue. Meanwhile, thousands of migrants and refugees are trying to cover the 60 kilometers (40 miles) to Vienna on foot.

Austrian police official Hans Peter Doskozil says 7,500 people crossed into Austria at Nickelsdorf on Thursday. More here.

From the Department of Defense:

Dempsey: Refugee Crisis ‘Very Complex’

BERLIN, September 10, 2015 — The chairman of the Joint Chiefs of Staff and his German counterpart met here today, with the refugee crisis in Europe a focus of the discussions.

After today’s talks with Gen. Volker Wieker, the chief of staff of the German armed forces, U.S. Army Gen. Martin E. Dempsey noted that the “very complex” issue also will be a subject of NATO meetings later this week in Istanbul.

The chairman said he and Wieker discussed whether NATO should have a role in addressing the cause of the crisis.

Dempsey, who spoke to reporters after his meeting today, said the refugee crisis stems from instability in the Middle East, Afghanistan and North Africa, and economic conditions in the Balkans.

A Deluge of Refugees

Earlier this week, Germany said it expects to take in 800,000 refugees this year from Africa, Afghanistan, Syria and the Balkans.

The trickle of refugees suddenly became a deluge, Dempsey said, noting that many of the refugees were young men. The sudden flow, he added, possibly indicates a network of criminal activity is behind the influx.

“Somebody, somewhere in a very deliberate fashion has established a network for profit to enable these young men to escape their current conditions and into Europe,” the chairman said.

The young men looking for a better life and economic opportunities could be vulnerable to “those who would potentially seek to radicalize them,” he said. “We all have to be alert to that possibility,” Dempsey added.

NATO Meetings in Turkey

There are multiple, complex threats facing the alliance, he said. One goal of the day of NATO talks Saturday is to have a conversation about what each nation will do both unilaterally and as a member of the alliance in response to issues such as Russia, the Islamic State of Iraq and the Levant, and the refugee crisis, the chairman said.

While Turkey might not feel threatened by Russia, it is important that each member of the alliance accept and concede there are multiple threats facing NATO, Dempsey said.

“We’ve had many conversations with them about the threat from violent extremist organizations and radical ideologies and their vulnerability on their southern flank, which happens to be NATO’s southeastern flank,” he noted.

Turkey, as the only Muslim country in NATO, can provide valuable input to the alliance on issues evolving in the Middle East and North Africa, Dempsey said.

Chairman Honored

During his visit to the German Ministry of Defense, Dempsey laid a wreath in honor of fallen German soldiers and received the Knight Commander’s Cross of the Order of Merit of the Federal Republic of Germany.

In presenting the decoration, Wieker hailed Dempsey as a close ally and friend who “enjoys the highest recognition around the world” as the top U.S. military officer.

“The Federal Republic of Germany is grateful for your outstanding contribution to the American-German friendship and your dedication to all bilateral and transatlantic partnership,” he told Dempsey.

The chairman said it was “quite a remarkable honor and privilege” to receive the decoration.

“I accept it on behalf of the many, many, many soldiers, sailors, airmen and Marines who have served here in your wonderful country,” he said, noting he began his career as a young Army officer stationed in Germany.

“I found it fitting and appropriate that I would end my career where I began it,” Dempsey said, who retires at the end of this month after more than four decades of service.

*** Could it be the Syrian Muslim Brotherhood is behind this criminal network moving the refugees? Personally, this is my best guess at this time, but could it also be a nefarious component States?

DUBAI, United Arab Emirates (AP) — The Islamic State group is extending its reach in Saudi Arabia, expanding the scope of its attacks and drawing in new recruits with its radical ideology. Its determination to bring down the U.S.-allied royal family has raised concerns it could threaten the annual Muslim hajj pilgrimage later this month.

So far, the extremist group’s presence in the kingdom appears to be in a low-level stage, but it has claimed four significant bombings since May, one of them in neighboring Kuwait. And it has rapidly ramped up its rhetoric, aiming to undermine the Al Saud royal family’s legitimacy, which is rooted in part in its claim to implement Islamic Shariah law and to be the protectors of Islam’s most sacred sites in Mecca and Medina that are at the center of hajj.

“Daesh and its followers have made it very clear that Saudi Arabia is their ultimate target,” Saudi analyst Fahad Nazer said, referring to the Islamic State group by its Arabic acronym. “Because of Mecca and Medina … That’s their ultimate prize.”

An attack last month in which IS claimed responsibility appeared to mark a significant spread in the group’s reach. Militants claiming loyalty to the group had already carried out three major bombings — two in eastern Saudi Arabia in May and one in Kuwait City in June, all targeting Shiite mosques and killing 53 people.

But on Aug. 6, a suicide bomber attacked in western Saudi Arabia, hitting a mosque inside a police compound in Abha, 350 miles south of Mecca, killing 15 people in the deadliest attack on the kingdom’s security forces in years. Eleven of the dead belonged to an elite counterterrorism unit whose tasks include protecting the hajj pilgrimage.

The alleged affiliate that claimed responsibility for the August attack called itself the “Hijaz Province” of the Islamic State, its first claim of a branch in the Hijaz, the traditional name for the western stretch of the Arabian Peninsula where the holy cities are located. The previous attacks were claimed by the group’s “Najd Province,” the traditional name for the central heartland of the peninsula and the homeland of the Al Saud family.

Lori Boghardt, Gulf security analyst at the Washington Institute, said it would not be surprising if IS militants tried to take advantage of the hajj to stage an attack, particularly since the group has encouraged lone wolf operations. This year, the hajj begins Sept. 21 and is expected to draw some 3 million Muslims from around the world.

“The kingdom is a holy grail of sorts as a target from the perspective of ISIS because of its significance to Muslims,” she said, referring to the group by its longer acronym.

A direct attack on pilgrims carrying out the hajj rites — potentially causing large casualties or damaging holy sites — may be a risky move for IS, bringing a backlash from shocked Muslims worldwide. Still, the group “has made it very clear they have no red lines,” said Nazer, a senior analyst at the Virginia-based consultancy and security firm JTG Inc.

But there are other potential targets, including security forces in or around Mecca. The group could attempt to hit pilgrims from Shiite-majority nations like Iran, who would stand out since pilgrims generally move in groups by country. IS and other Sunni radicals consider Shiites heretics.

Justin Mahshouf, a 30 year-old American Shiite planning to perform the hajj this year, said friends and family are telling him to be careful. “There seems to be a really bad vibe right now in the Shiite community.”

Little is known about the structure of the Islamic State group in Saudi Arabia. It is not known if the militants in the kingdom have direct operational ties with the group’s leadership based in its self-declared “caliphate” in Iraq and Syria — or if they simply operate independently in the group’s name.

In all four attacks claimed by the branches in the kingdom, the bombers were young Saudis, suggesting the group’s ranks are largely homegrown as opposed to foreign militants. The bomber in the August attack was identified as Yousef Suleiman, a 21-year-old Saudi with no record of ever having travelled abroad, pointing to the group’s ability to radicalize even youth who have not gone to join fighting in Syria.

“If you are looking at IS as a state, the territory it controls is not going to vastly expand, but the ideology it espouses is expanding,” said Hani Sabra, head of Middle East practice at Eurasia Group.

Since Syria’s civil war escalated over the past four years, Saudi Arabia’s ultraconservative clerics urged young men to go fight alongside Sunni rebels in Iraq and Syria. Concerned about possible radicalization, the late King Abdullah last year banned fighting abroad or encouraging it. But by then, some 2,500 Saudis had already gone to Syria. The Interior Ministry says around 650 have since returned and that they left disillusioned with the fighting.

This year, Saudi Arabia and other Gulf countries joined the U.S.-led campaign of airstrikes against IS in Syria.

In an Aug. 24 audiotape, an IS supporter denounced the royal family as “tyrants” ruling Islam’s heartland without implementing what IS calls its true teachings.

“Pledge allegiance to the Islamic State,” the audio urged Saudis. “Stand up against the tyrants and liberate the peninsula of Muhammad … from their filth.”

A prominent radical Saudi cleric, Nasr al-Fahd, who has been imprisoned since 2003 for connections to militancy, recently declared support for IS in a message smuggled from his prison. In the letter carried by IS supporters online, he advised others to pledge allegiance to the Islamic State group, which he said had “destroyed the idols” and is implementing Shariah, not “man-made laws.”

Saudi Arabia is already run by one of the most ultraconservative interpretations of Shariah, known as Wahhabism. Some of its clerics view Shiites as heretics, are virulently opposed to monuments or tombs they see as encouraging idolatry, believe in a strict segregation of the sexes and support the use of religious police to enforce Shariah rules — all teachings not far from the Islamic State group’s ideology.

But Wahhabi clerics make a crucial distinction, preaching that the recognized ruler — in this case, the Al Sauds — must be obeyed. They condemn protests or violence that could lead to instability. The kingdom’s highest religious authority, Grand Mufti Sheikh Abdulaziz Al Sheikh, denounced IS and al-Qaida as Islam’s number one enemy.

When asked by The Associated Press by email about possible threats of attacks on the hajj, Interior Ministry spokesman Maj. Gen. Mansour al-Turki replied that “that security forces will act swiftly and decisively with any violations of laws and instructions related to hajj.”

He said the holy sites are protected by a force specifically dedicated to the task and a large number of additional security forces will be deployed during hajj to ensure pilgrims’ “security and safety” and manage the traffic of the large crowds. He also pointed to the elaborate security system of surveillance cameras and helicopters that the kingdom implements each year. He could not give exact figures or specify whether the deployment would be larger this year.

The kingdom has also arrested hundreds of suspected militants this year. Overseeing that effort is Crown Prince Mohammed bin Nayef, who is also interior minister and led the battle that eventually crushed al-Qaida’s branch in the kingdom in 2006.

Sabra of Eurasia Group said despite a strengthening presence, IS does not currently represent a direct threat to Saudi political stability. He pointed to the crown prince’s experience in counterterrorism. “Mohammed bin Nayef has proven that this is a job that he takes very seriously.”

Hacking the Department of Energy, the Threat to You

Posted on by

The USDOEnergy is a cabinet level department and while responsibility includes power, laboratories, it includes nuclear. The agency secretary is Earnest Moniz, most notable for being at the side of John Kerry during the Iran nuclear talks.

Hacking this agency is terrifying and added into this equation, in 1999 the FBI investigated how China obtained specific specifications for a particular nuclear device from Los Alamos National Laboratory.

Records: Energy Department struck by Cyber Attacks

USAToday: Attackers successfully compromised U.S. Department of Energy computer systems more than 150 times between 2010 and 2014, a review of federal records obtained by USA TODAY finds.

Cyber attackers successfully compromised the security of U.S. Department of Energy computer systems more than 150 times between 2010 and 2014, according to a review of federal records obtained by USA TODAY.

Incident reports submitted by federal officials and contractors since late 2010 to the Energy Department’s Joint Cybersecurity Coordination Center shows a near-consistent barrage of attempts to breach the security of critical information systems that contain sensitive data about the nation’s power grid, nuclear weapons stockpile and energy labs.

The records, obtained by USA TODAY through the Freedom of Information Act, show DOE components reported a total of 1,131 cyberattacks over a 48-month period ending in October 2014. Of those attempted cyber intrusions, 159 were successful.

“The potential for an adversary to disrupt, shut down (power systems), or worse … is real here,” said Scott White, Professor of Homeland Security and Security Management and Director of the Computing Security and Technology program at Drexel University. “It’s absolutely real.”

Energy Department officials would not say whether any sensitive data related to the operation and security of the nation’s power grid or nuclear weapons stockpile was accessed or stolen in any of the attacks, or whether foreign governments are believed to have been involved.

“DOE does not comment on ongoing investigations or possible attributions of malicious activity,” Energy Department spokesman Andrew Gumbiner said in a statement.

In all cases of malicious cybersecurity activity, Gumbiner said the Energy Department “seeks to identify indicators of compromise and other cybersecurity relevant information, which it then shares broadly amongst all DOE labs, plants, and sites as well as within the entire federal government.”

The National Nuclear Security Administration, a semi-autonomous agency within the Energy Department responsible for managing and securing the nation’s nuclear weapons stockpile, experienced 19 successful attacks during the four-year period, records show.

While information on the specific nature of the attacks was redacted from the records prior to being released, numerous Energy Department cybersecurity vulnerabilities have been identified in recent years by the department’s Office of Inspector General, an independent watchdog agency.

After a cyber attack in 2013 resulted in unauthorized access to personally identifying information for more than 104,000 Energy Department employees and contractors, auditors noted “unclear lines of responsibility” and “lack of awareness by responsible officials.” In an audit report released in October of last year, the Inspector General found 41 Energy Department servers and 14 workstations “were configured with default or easily guessed passwords.”

Felicia Jones, spokeswoman for the Energy Department Office of Inspector General, said while there have been some improvements, “threats continue and the Department cannot let down its guard.”

Records show 53 of the 159 successful intrusions from October 2010 to October 2014 were “root compromises,” meaning perpetrators gained administrative privileges to Energy Department computer systems.

Manimaran Govindarasu, a professor in the Department of Electrical and Computer Engineering at Iowa State University who studies cybersecurity issues involving the power grid, said the root compromises represent instances where intruders gained “super-user” privileges.

“That means you can do anything on the computer,” he said. “So that is definitely serious. Whether that computer was critical or just a simple office computer, we don’t know.”

Govindarasu said while there could be information in Energy Department computer systems concerning security plans or investments related to the nation’s power grid, the grid’s real-time control systems are operated by utilities and are not directly connected to the Energy Department’s computer systems.

The Energy Department federal laboratories, however, sometimes pull data on the operation of the grid from utilities for research and analysis.

Records show 90 of the 153 successful cyber intrusions over the four-year period were connected to the DOE’s Office of Science, which directs scientific research and is responsible for 10 of the nation’s federal energy laboratories.

A USA TODAY Media Network report in March found a physical or cyber attack nearly once every four days on the nation’s power infrastructure, based on an analysis of reports to the U.S. Department of Energy through a separate reporting system which requires utility companies to notify the federal agency of incidents that affect power reliability.

Amid mounting concerns, the oversight and energy subcommittees of the House Committee on Science, Space and Technology will hold a joint hearing at 10 a.m. Thursday to examine vulnerabilities of the national electric grid and the severity of various threats.

The congressional committee’s charter for Thursday’s meeting, citing USA TODAY’s report in March, notes the growing vulnerability of the nation’s increasingly sophisticated bulk electric system.

“As the electric grid continues to be modernized and become more interconnected,” the charter states, “the threat of a potential cybersecurity breach significantly increases.”

Example: Depths of Chinese Hacking the U.S.

Posted on by

Former Top FBI Lawyer and Counterintelligence Official Admits Chinese Hacked His Home Computer

September 8, 2015

China Allegedly Hacked Top Former FBI Lawyer 

Jeff Stein, Newsweek

Marion “Spike” Bowman, a top former FBI lawyer and U.S. counterintelligence official who heads an influential organization of retired American spies, says a hacker from China penetrated his home computer, beginning with an innocent-looking email last spring.

“It was an email supposedly from a woman in China, and I exchanged correspondence with her a couple of times,” says Bowman, who was deputy general counsel to three FBI directors between 1995 and 2006. “She sent me a document that a friend of hers had supposedly written, in English, and wanted my opinion on it,” he tells Newsweek. She also sent him her picture.

“I never got around to replying, so I never heard from her again,” says Bowman, who went on to become deputy director of the National Counterintelligence Executive, which is tasked with developing policies to thwart foreign spies and terrorists.

But then, a week ago, he says, he got another message from China via his email account at George Washington University, where he has lectured on national security law since 2003.

“It was apparently from a university in China asking me come to speak at a conference on the environment”—not even remotely one of his areas of expertise, Bowman says. He called the FBI.

After a forensic examination of his machine, the FBI told him “they had found a malware type that’s designed to find out what’s on my computer,” Bowman says. “It wasn’t anything to infect it.” Still, just being able to read the contents of a target’s computer can reveal lots of valuable information like emails and documents, contact files with phone numbers and other personal data, like home addresses.

“Somebody who really knows what they’re doing” can wreak havoc, he says.

The FBI didn’t tell him exactly who was behind the hack, he says, “but they think they identified the woman” in a picture she sent along with one of her emails last spring. “It was somebody that they knew,” Bowman says. “I didn’t inquire any further.”

Before joining the FBI, Bowman was a Navy lawyer assigned to advise SEAL teams on clandestine operations, among other sensitive matters. His portfolio at the FBI gave him intimate knowledge of the details of operations to counter threats from foreign spy agencies.

“I still carry lots of deep Cold War secrets in my head,” he says, although not on his computer. But he is still very active in national security circles as chairman of the board of directors of the Association of Former Intelligence Officers, an organization with several thousand members nationwide, about half of them former CIA personnel.

Bowman’s revelation follows several months of bad news about the vulnerability of government computers to foreign hackers, the latest being a report published Monday saying that Chinese and Russian intelligence agencies are “aggressively aggregating and cross-indexing hacked U.S. computer databases” to catch American spies working overseas. China-based hackers breached about 22 million files held by the federal Office of Personnel Management, officials say.

“At least one clandestine network of American engineers and scientists who provide technical assistance to U.S. undercover operatives and agents overseas has been compromised as a result” of the Russian and Chinese exploitation of the files, the Los Angeles Times reported, citing two U.S. officials.

The story, Bowman says, was “pretty much on target.”

*** It obviously is much worse than we know for the Obama administration to sign off on a sanction and or other consequence ahead of the Xi’s visit to the United States next week.

U.S. may punish Chinese hacking before Xi’s visit

Imposing sanctions before this month’s summit could derail other priorities.

Top government officials are floating the idea of retaliating within the next week to Chinese cyberattacks, possibly by imposing targeted sanctions on some officials and firms, people familiar with the discussions say. But outside experts say it would be wiser to wait until after this month’s White House summit with Chinese President Xi Jinping.

“I heard from one person that it could be as early as next week,” Jim Lewis, director of the Center for Strategic and International Studies’ Strategic Technologies Program, told POLITICO. He added, “I still think it would be best to wait for the summit.”

Calls for U.S. retalation to Chinese hacking have risen to a furor since the China-linked breach of highly sensitive security clearance forms from 21.5 million current and former federal employees, disclosed in June.

But imposing sanctions before the late-September summit would risk derailing a serious conversation on cyber issues along with myriad other topics, including China’s economic troubles, Chinese belligerence in the South China Sea and cooperation on climate change.

Some China watchers even suspect that the White House is trying to improve its bargaining position in advance of the summit by floating the possibility of sanctions in a serious way.

“My sense is that they’re floating the idea to try to create some kind of leverage in the meetings,” said Adam Segal, a China scholar and director of the Digital and Cyberspace Policy Program at the Council on Foreign Relations.

If the White House did impose sanctions before the meeting, it would be deeply embarrassing to the Chinese and to Xi personally and risk the Chinese doing something to downgrade the summit’s importance, Segal said. “I think if they’re going to do it before the summit, they’ve got to be prepared for the summit to really take a downward turn,” he said.

Business leaders are also dubious about imposing sanctions before Xi’s visit.

The White House should use the summit “as an opportunity to engage in effective dialogue on the cyber issue. If sanctions jeopardize that opportunity, we’d rather see them put it off,” the leader of a major industry organization said in an interview, speaking without attribution because he was speculating about government policy.

If the White House ultimately imposes targeted sanctions, the association leader added, the sanctions should be “based on transparent, credible evidence that’s legally sound.” They should also be designed with a clear path forward that, ultimately, leads to fewer China-linked cyberattacks, he said.

“Most business executives we’ve spoke with felt the indictments against Chinese PLA officers didn’t meet that test,” he added, referring to the May 2014 U.S. indictments of five hackers employed by China’s People’s Liberation Army. That was the Obama administration’s most significant diplomatic strike against Chinese hacking to date.

“[The indictments] didn’t seem to advance anything and they seemed to increase tension rather than reduce it around the issue,” the official said.

In the wake of the OPM hacks, some political leaders have called for much more belligerent responses to Chinese hacking. They include GOP White House contenders Mike Huckabee, who has urged the U.S. to hack back against the communist nation, and Wisconsin Gov. Scott Walker, who has suggested canceling the Obama-Xi summit entirely.

But even cyber hawks warned that aggressive action could backfire in advance of the summit.

“I think everything is going to basically be on hold until the Iran deal goes through and until after President Xi comes to meet with [President Obama],” said Rep. Dutch Ruppersberger (D-Md.), who was formerly ranking member on the House Intelligence Committee.

Ruppersberger added that “we have to eventually draw a line on cyberattacks,” and that the U.S. bargaining position relative to China may be improved now because of the tailspin in the Chinese stock market and other financial difficulties.

The White House has routinely declined to speak publicly about the possibility of sanctioning China for cyberattacks or any more forceful follow-up to the PLA indictments. Press secretary Josh Earnest has said several times that Obama plans to raise cyber concerns with Xi during their summit.

“There’s no doubt that the president will certainly raise, as he has in every previous meeting with his Chinese counterpart, concerns about China’s behavior in cyberspace,” Earnest said during an Aug. 26 news conference.

White House officials have determined they must respond to China’s hacking of OPM, but have been debating for months what the appropriate response should be and when to impose it, Lewis said.

The option of targeted cyber sanctions, which Obama created by executive order in April, has long been on the table along with additional indictments or some form of diplomatic protest, he said.

White House officials have fingered China for the OPM hack anonymously but have not done so, thus far, on the record.

A forceful response to the OPM hack and to Chinese theft of U.S. companies’ intellectual property and trade secrets has also been delayed by more pressing diplomatic priorities, Lewis said, including securing Chinese cooperation for a deal to halt Iran’s nuclear weapons program

“This administration has done more than any other on cybersecurity, but, in a lot of cases, it ends up being No. 2 because of the need to get agreement on other things,” Lewis said. “Cyber always ends up coming in second place, particularly when it comes to China.”