Category Archives: Cyber War

Facebook’s Tool is CrowdTangle for Media and Academia

Posted on by

Ever wonder about the tracking that Facebook uses to prioritize posts, block others or issue warnings? There are some good uses for selection institutions, corporations or agencies for sure….but we remain suspect of Facebook and all social media, and with good reason.

So, take a look at the tool Facebook uses and is exploited by others.

Facebook Acquires CrowdTangle to Access its Performance at ...

Meet CrowdTangle…

When it comes to poll testing used by politicians, CrowdTangle is generally the ‘go-to’ source.

CrowdTangle Search: The top trend graph will show how election or candidate keywords have performed on social over time. Meme search will help with text on image posts so you’ll have broader results from overall election keywords.

Lists: Set up lists for politicians, candidates, local officials, campaign staffers, political Facebook groups, political influencers and journalists. Set up a weekly digest (in our notifications section) for these lists to keep track of what everyone is saying.

Intelligence: See who’s driving more social interactions around their content. Compare candidates in races, political groups and more.

Live Displays: Create an election-themed Live Display to give your team a real-time, multi-platform view of what candidates are saying, what local and national publishers are saying about the candidates, to compare your coverage of the election to that of your competitors, and more.

Check out these Live Displays for these 2020 Elections:

Elections Resources for Journalists

Monitoring social media for misinformation, part two

What is CrowdTangle?

CrowdTangle is a public insights tool from Facebook that makes it easy to follow, analyze, and report on what’s happening with public content on social media.

What is CrowdTangle used for?

Organizations primarily use CrowdTangle to:

  1. Follow. Easily follow public content across Facebook, Instagram and Reddit.
  2. Analyze. Benchmark and compare performance of public accounts over time.
  3. Report. Track referrals and find larger trends to understand how public content spreads on social media.

Some examples include:

  • Journalists using CrowdTangle Search to search across Facebook or Instagram for content relevant to their reporting.
  • Social media managers tracking their own account performance and comparing themselves to the competition in Intelligence.
  • TV producers broadcasting real-time streams of social posts related to breaking news events using Live Displays.
  • Fact-checkers identifying posts that contain misinformation.
  • Researchers analyzing trends across thousands of accounts over time and reporting on how information spreads.

You can also see specific examples within our case studies.

What data does CrowdTangle track?

CrowdTangle only tracks publicly available posts.

The kind of data CrowdTangle shares includes:

  • When something was posted.
  • The type of post (video, image, text).
  • Which Page or public account it was posted from, or which public group it was posted to.
  • How many interactions (e.g. likes, reactions, comments, shares) or video views it received.
  • Which other public Pages or accounts shared it.

CrowdTangle doesn’t track:

  • Reach or impressions on a post.
  • Ephemeral content like stories.
  • Demographic information on users. CrowdTangle can tell you a particular post earned 1,000 likes, but it can’t tell you who liked it, where they are from or their age.
  • Paid or boosted posts. CrowdTangle doesn’t differentiate between paid or organic engagement.
  • Any data or posts from private accounts, or accounts that have put location or age restrictions on their content.

What accounts does CrowdTangle track?

CrowdTangle tracks influential public accounts and groups across Facebook, Instagram, and Reddit, including all verified users, profiles, and accounts like politicians, journalists, media and publishers, celebrities, sports teams, public figures and more. CrowdTangle also can track 7 days of public Twitter data via CrowdTangle Search and our Chrome Extension. CrowdTangle does not track any private accounts.

CrowdTangle’s database currently includes:

  • Facebook: 6M+ Facebook Pages, public Groups, and verified profiles. This includes all Facebook Pages with more than 100K likes (new Pages are added automatically via an API).
  • Instagram: 2M+ public Instagram accounts. This includes all accounts with more than 75K followers, as well as all verified accounts.
  • Reddit: ~20K+ of the most active subreddits. Built and maintained in partnership with Reddit.

You can see a table that summarizes the percentage of Facebook Pages active in the last 28 days that CrowdTangle tracks, updated monthly here.

 

Owner of World’s Information to Become Citizen of Cyprus

Posted on by

What does he know? Why bail on America?

The former CEO of Google has applied to become a citizen of Cyprus

Eric Schmidt is effectively buying a passport that he can use to enter the European Union.

Google blocks child porn from 100,000 searches | Inquirer ...

Source: The former CEO of Google, Eric Schmidt, is finalizing a plan to become a citizen of the island of Cyprus, Recode has learned, becoming one of the highest-profile Americans to take advantage of one of the world’s most controversial “passport-for-sale” programs.

Schmidt, one of America’s wealthiest people, and his family have won approval to become citizens of the Mediterranean nation, according to a previously unreported notice in a Cypriot publication in October. While it is not clear why exactly Schmidt has pursued this foreign citizenship, the new passport gives him the ability to travel to the European Union, along with a potentially favorable personal tax regime.

A screenshot from the Cypriot publication Alithia, announcing Schmidt’s citizenship application.
Alithia

The move is a window into how the world’s billionaires can maximize their freedoms and finances by relying on the permissive laws of countries where they do not live. Schmidt’s decision in some ways mirrors that of another famous tech billionaire, Peter Thiel, who in 2011 controversially managed to secure citizenship in New Zealand.

Interest from Americans in non-American citizenship has been spiking during the coronavirus pandemic, which has sharply limited Americans’ ability to travel overseas. Experts say some of that increase is also due to concerns about political instability in the United States.

But it is still uncommon to see Americans apply to the Cyprus program, according to published data and citizenship advisers who work with the country. The program is far more popular with oligarchs from the former Soviet Union and the Middle East, and it has become mired in so many scandals that the Cypriot government announced last month that it was to be shut down.

A representative for Schmidt declined to comment on the move or Schmidt’s thinking.

The Cyprus program is one of about a half-dozen programs in the world where foreigners can effectively purchase citizenship rights, skirting residency requirements or lengthy lines by making a payment or an investment in the host country. They have become the latest way for billionaires around the world to go “borderless” and take advantage of foreign countries’ laws, moving themselves offshore just like they might move their assets offshore, a phenomenon documented by the journalist Oliver Bullough in the recent book Moneyland.

Small, financially struggling countries — beginning with St. Kitts and Nevis in the Caribbean — have embraced the idea over the last few decades, raking in money that they would otherwise never see in exchange for citizenship papers. But what can be good for one country can be bad for the world: Anti-corruption activists have grown deeply worried about a race to the bottom with these programs, concerned that criminals can purchase foreign citizenship to escape prosecution in their home countries, or to funnel drugs through friendly borders, or to hide their assets from tax authorities.

The Cyprus program in particular — despite helping save the country after its 2013 bankruptcy by bringing in $8 billion since then — has become notorious.

The lion’s share of the 4,000 Cypriot citizenship recipients since 2013 have been wealthy individuals from Russia, according to people who advise these individuals on obtaining Cypriot citizenship. It has historically not even been marketed to Americans, whose passports usually allow them to travel freely in Europe. It is not unheard of, however, for Americans to take advantage of the program, and advisers say it has been happening more frequently over the last few months.

An Al Jazeera investigation discovered the identities of 2,500 people who had bought Cypriot citizenship between 2017 and 2019 — and only 32, or about 1 percent, were Americans.

That investigation helped spell the end of the program, which had drawn scrutiny for years. Undercover journalists found that Cyprus government officials were saying they could arrange a passport for someone despite being told that the person was a criminal, a scandal that ended up leading to the officials’ resignations. Cyprus announced in mid-October that due to “abusive exploitation,” it was shutting the program down. (Which is also, coincidentally, around when Schmidt’s approval was published.)

“European values are not for sale,” a European Union official said.

It isn’t known what role the coronavirus and new travel restrictions might have played in Schmidt’s decision to apply to Cyprus. Schmidt likely applied between six months ago, when the pandemic was raging, and about a year ago, when it had yet to begin, according to advisers. Schmidt’s wife, the philanthropist Wendy Schmidt, and his daughter, the media executive Sophie Schmidt, have also applied and been approved, according to the listing in the Cypriot publication, Alithia.

Theo Andreou, who heads the Cyprus program for Astons, an “investment immigration firm,” said that 90 percent of the firm’s clients seek Cyprus citizenship either as a backup plan or an insurance policy due to concerns in their home country, such as the coronavirus, or for financial reasons. Andreou speculated that Schmidt could be making the move for two possible reasons.

“One reason is to have a Plan B during Covid. The other reason is that they are expanding their business in Europe,” he said.

Nuri Katz, the founder of Apex Capital Partners and who has advised the Cypriot government on immigration matters, guessed that Schmidt “feels the need to diversify his citizenship.”

“Eric Schmidt cannot travel to Europe,” Katz noted. “He’s like everybody else — like a lot of other high-net-worth people who want to have options.”

Individuals who claim Cyprus citizenship can also be attracted by a reduction in their tax burden, especially if they’re willing to renounce their US citizenship. Immigration attorney Andy Semotiuk said that his only American client who had claimed Cypriot citizenship did so to avoid paying US income tax.

The way the program works is that once a foreigner lays down between $2 million and $3 million worth of investment in Cyprus, typically through a real estate purchase, they can apply to what is technically called the “Citizenship by Investment” program. After the government reviews the applicant’s background, conducts a security check, and hosts a visit from the foreigner, their application can be approved.

Schmidt, with a net worth of $15 billion and many homes around the US, is a titan of the technology industry: The longtime CEO of Google helped make the company into an international powerhouse and served as the tip of the spear of the company’s US lobbying program. While he stepped down as CEO in 2011 and left the board last year, he still serves as a technical adviser to the company and is one of its largest shareholders. These days, he spends most of his time as a philanthropist, investor, and Democratic political donor at Schmidt Futures, the organization that gives away his and his wife’s money, and speaking out on issues like competition with China and how Silicon Valley can cooperate with the US military.

At Google, Schmidt was a proponent for the company paying as little in taxes as possible, even if that meant capitalizing on foreign countries’ tax rules. The company has long been dogged by allegations that it was not paying its fair share of American taxes by utilizing foreign tax rules in places like Bermuda or the United Kingdom.

“I am very proud of the structure that we set up. We did it based on the incentives that the governments offered us to operate,” Schmidt told one interviewer in 2012. “It’s called capitalism.”

US blames Iran for Spoofed Proud Boys Emails

Posted on by

US blames Iran for spoofed Proud Boys emails threatening Democrat voters

ZDNet: US claims Iran is behind a wave of emails purporting to be from right-wing Proud Boys group that threatened registered Democrat voters with repercussions if they didn’t vote for Trump.

iran-emails-proud-boys.png

In a short press conference held today by the US Department of Justice, high-ranking officials with the US government claimed that Iran was behind a wave of emails sent to US voters earlier this week.

Spoofing the identity of violent extremist group Proud Boys, the emails threatened registered Democrat voters with repercussions if they didn’t vote for Donald Trump in the upcoming US Presidential Election.

The senders claimed to have “gained access into the entire [US] voting infrastructure,” but appeared to use public voter registration databases to target Democrat voters in Alaska, Arizona, and Florida.

Two waves of emails were sent this week, the first on Tuesday (October 20), and the second on Wednesday (October 21), according to a report from email security firm Proofpoint, which has been tracking the spam campaigns.

The second wave of emails, besides the original message threatening Democrat voters, also included a link to a video claiming to show an individual print out a voting ballot with another person’s information (a copy of the video is embedded in the Proofpoint report). The video was debunked by several US news media publications.

Responding to intense media coverage surrounding the emails, in a short press conference earlier today, FBI Director Christopher Wray and Director of National Intelligence John Ratcliffe attributed the spam campaigns to Iran.

Addressing the video shared in the emails, Ratcliffe added that “the information in the video is not true.”

Ratcliffe also added that besides Iran, Russia has also also “taken specific actions to influence public opinion relating to our election.”

“Although we have not seen the same actions from Russia, we are aware that they have obtained some voter registration information,” Ratcliffe added.

The two officials urged the US public to remain calm and not spread any similar messages they receive in the future.

Neither of the two officials presented any evidence during the press conference but only made short statements.

Spokespersons for several cyber-security firms could not confirm the Iranian attribution, when inquired by ZDNet today. However, they didn’t dismiss it either.

“Iranian information operations date back at least eight years and they have grown beyond fake news sites and social network activity to elaborate tactics, such as impersonating journalists to solicit video interviews and placing op-eds. They have even impersonated American politicians,” John Hultquist, Senior Director of Analysis, Mandiant Threat Intelligence, told ZDNet.

“The information operations we have seen from Iran to date have been about amplifying pro-Iranian messages and pushing a desired narrative out into the world that’s anti-Saudi or ant-Israeli or pro-JCPOA,” he added.

“This is different. This is deliberate interference in our democracy and it crosses a major red line. I think the Intel community scored a win here against Iran today,” Hultquist said.

 

Finally the DoJ Sues Google

Posted on by

Justice Department Sues Monopolist Google For Violating Antitrust Laws

The Antitrust Case against Google | Yale Insights source is Yale and endorse the anti-trust case complete with a roadmap.

Department Files Complaint Against Google to Restore Competition in Search and Search Advertising Markets

Today, the Department of Justice — along with eleven state Attorneys General — filed a civil antitrust lawsuit in the U.S. District Court for the District of Columbia to stop Google from unlawfully maintaining monopolies through anticompetitive and exclusionary practices in the search and search advertising markets and to remedy the competitive harms. The participating state Attorneys General offices represent Arkansas, Florida, Georgia, Indiana, Kentucky, Louisiana, Mississippi, Missouri, Montana, South Carolina, and Texas.

“Today, millions of Americans rely on the Internet and online platforms for their daily lives.  Competition in this industry is vitally important, which is why today’s challenge against Google — the gatekeeper of the Internet — for violating antitrust laws is a monumental case both for the Department of Justice and for the American people,” said Attorney General William Barr. “Since my confirmation, I have prioritized the Department’s review of online market-leading platforms to ensure that our technology industries remain competitive.  This lawsuit strikes at the heart of Google’s grip over the internet for millions of American consumers, advertisers, small businesses and entrepreneurs beholden to an unlawful monopolist.”

“As with its historic antitrust actions against AT&T in 1974 and Microsoft in 1998, the Department is again enforcing the Sherman Act to restore the role of competition and open the door to the next wave of innovation—this time in vital digital markets,” said Deputy Attorney General Jeffrey A. Rosen.

As one of the wealthiest companies on the planet with a market value of $1 trillion, Google is the monopoly gatekeeper to the internet for billions of users and countless advertisers worldwide. For years, Google has accounted for almost 90 percent of all search queries in the United States and has used anticompetitive tactics to maintain and extend its monopolies in search and search advertising.

As alleged in the Complaint, Google has entered into a series of exclusionary agreements that collectively lock up the primary avenues through which users access search engines, and thus the internet, by requiring that Google be set as the preset default general search engine on billions of mobile devices and computers worldwide and, in many cases, prohibiting preinstallation of a competitor. In particular, the Complaint alleges that Google has unlawfully maintained monopolies in search and search advertising by:

  • Entering into exclusivity agreements that forbid preinstallation of any competing search service.
  • Entering into tying and other arrangements that force preinstallation of its search applications in prime locations on mobile devices and make them undeletable, regardless of consumer preference.
  • Entering into long-term agreements with Apple that require Google to be the default – and de facto exclusive – general search engine on Apple’s popular Safari browser and other Apple search tools.
  • Generally using monopoly profits to buy preferential treatment for its search engine on devices, web browsers, and other search access points, creating a continuous and self-reinforcing cycle of monopolization.

These and other anticompetitive practices harm competition and consumers, reducing the ability of innovative new companies to develop, compete, and discipline Google’s behavior.

The antitrust laws protect our free market economy and forbid monopolists from engaging in anticompetitive practices. They also empower the Department of Justice to bring cases like this one to remedy violations and restore competition, as it has done for over a century in notable cases involving monopolists over other critical industries undergirding the American economy like Standard Oil and the AT&T telephone monopoly. Decades ago the Department’s case against Microsoft recognized that the antitrust laws forbid anticompetitive agreements by high-technology monopolists to require preinstalled default status, to shut off distribution channels to rivals, and to make software undeletable. The Complaint alleges that Google is using similar agreements itself to maintain and extend its own dominance.

The Complaint alleges that Google’s anticompetitive practices have had harmful effects on competition and consumers. Google has foreclosed any meaningful search competitor from gaining vital distribution and scale, eliminating competition for a majority of search queries in the United States. By restricting competition in search, Google’s conduct has harmed consumers by reducing the quality of search (including on dimensions such as privacy, data protection, and use of consumer data), lessening choice in search, and impeding innovation. By suppressing competition in advertising, Google has the power to charge advertisers more than it could in a competitive market and to reduce the quality of the services it provides them. Through filing the lawsuit, the Department seeks to stop Google’s anticompetitive conduct and restore competition for American consumers, advertisers, and all companies now reliant on the internet economy.

Google is a limited liability company organized and existing under the laws of the State of Delaware, and is headquartered in Mountain View, California. Google is owned by Alphabet Inc., a publicly traded company incorporated and existing under the laws of the State of Delaware and headquartered in Mountain View, California.

DOJ Charges 6 Russian Military Hackers for Global Cyberattacks

Posted on by

FNC: The Justice Department on Monday announced the indictment of six military hackers with the Russian GRU who allegedly carried out a global conspiracy that included cyberattacks around the world.

The alleged attacks hit targets in Ukraine, the 2018 Winter Olympics in South Korea, and western Pennsylvania.

“No country has weaponized its cyber-capabilities as maliciously and irresponsibly as Russia,” Assistant Attorney General John C. Demers said at a DOJ press conference.

The defendants are six current and former members of GRU, Russia’s military intelligence service. The DOJ said the attacks began in November 2015 and continued until at least October 2019. The allegations do not include any interference in U.S. elections.

The alleged attacks include malware strikes against the Ukrainian power grid, Ministry of Finance, and State Treasury Service; spearphishing campaigns and attacks against French President Emmanuel Macron’s political party, local French governments, and French politicians before their 2017 elections; the global NotPetya malware attack that infected computer worldwide including those in medical facilities in western Pennsylvania and a large American pharmaceutical company; the Olympic Destroyer attack that targeted computers supporting the 2018 Olympics; a spearphishing campaign targeting South Korean officials and citizens, as well as Olympic athletes; another spearphishing campaign against the United Kingdom’s Defence Science and Technology Laboratory, and attacks targeting government entities and companies in Georgia.

(Source: FBI)

(Source: FBI)

The NotPetya attack alone allegedly resulted in nearly $1 billion in losses, the DOJ said.

The Olympic attacks allegedly came after Russian athletes were banned from competing under the Russia flag due to their country’s government-sponsored doping efforts. The defendants – Yuriy Sergeyevich Andrienko, Sergey Vladimirovich , Pavel Valeryevich Frolov, Anatoliy Sergeyevich Kovalev, Artem Valeryevich Ochichenko and Petr Nikolayevich Pliskin – are charged with conspiracy, computer hacking, wire fraud, aggravated identity theft and false registration of a domain name.

“The crimes committed by these defendants,” said Western District of Pennsylvania U.S. Attorney Scott Brady, “are truly breathtaking in their scope, scale, and impact.”

The Justice Department thanked tech companies including Google, Facebook and Twitter for assisting them in their investigation, but did not explain how they helped.

***

In part from the Justice Department: These GRU hackers and their co-conspirators engaged in computer intrusions and attacks intended to support Russian government efforts to undermine, retaliate against, or otherwise destabilize: (1) Ukraine; (2) Georgia; (3) elections in France; (4) efforts to hold Russia accountable for its use of a weapons-grade nerve agent, Novichok, on foreign soil; and (5) the 2018 PyeongChang Winter Olympic Games after Russian athletes were banned from participating under their nation’s flag, as a consequence of Russian government-sponsored doping effort.

Their computer attacks used some of the world’s most destructive malware to date, including: KillDisk and Industroyer, which each caused blackouts in Ukraine; NotPetya, which caused nearly $1 billion in losses to the three victims identified in the indictment alone; and Olympic Destroyer, which disrupted thousands of computers used to support the 2018 PyeongChang Winter Olympics.  The indictment charges the defendants with conspiracy, computer hacking, wire fraud, aggravated identity theft, and false registration of a domain name.

According to the indictment, beginning in or around November 2015 and continuing until at least in or around October 2019, the defendants and their co-conspirators deployed destructive malware and took other disruptive actions, for the strategic benefit of Russia, through unauthorized access  to victim computers (hacking).  As alleged, the conspiracy was responsible for the following destructive, disruptive, or otherwise destabilizing computer intrusions and attacks:

  • Ukrainian Government & Critical Infrastructure: December 2015 through December 2016 destructive malware attacks against Ukraine’s electric power grid, Ministry of Finance, and State Treasury Service, using malware known as BlackEnergy, Industroyer, and KillDisk;
  • French Elections: April and May 2017 spearphishing campaigns and related hack-and-leak efforts targeting French President Macron’s “La République En Marche!” (En Marche!) political party, French politicians, and local French governments prior to the 2017 French elections;
  • Worldwide Businesses and Critical Infrastructure (NotPetya): June 27, 2017 destructive malware attacks that infected computers worldwide using malware known as NotPetya, including hospitals and other medical facilities in the Heritage Valley Health System (Heritage Valley) in the Western District of Pennsylvania; a FedEx Corporation subsidiary, TNT Express B.V.; and a large U.S. pharmaceutical manufacturer, which together suffered nearly $1 billion in losses from the attacks;
  • PyeongChang Winter Olympics Hosts, Participants, Partners, and Attendees: December 2017 through February 2018 spearphishing campaigns and malicious mobile applications targeting South Korean citizens and officials, Olympic athletes, partners, and visitors, and International Olympic Committee (IOC) officials;
  • PyeongChang Winter Olympics IT Systems (Olympic Destroyer): December 2017 through February 2018 intrusions into computers supporting the 2018 PyeongChang Winter Olympic Games, which culminated in the Feb. 9, 2018, destructive malware attack against the opening ceremony, using malware known as Olympic Destroyer;
  • Novichok Poisoning Investigations: April 2018 spearphishing campaigns targeting investigations by the Organisation for the Prohibition of Chemical Weapons (OPCW) and the United Kingdom’s Defence Science and Technology Laboratory (DSTL) into the nerve agent poisoning of Sergei Skripal, his daughter, and several U.K. citizens; and
  • Georgian Companies and Government Entities: a 2018 spearphishing campaign targeting a major media company, 2019 efforts to compromise the network of Parliament, and a wide-ranging website defacement campaign in 2019.

Cybersecurity researchers have tracked the Conspirators and their malicious activity using the labels “Sandworm Team,” “Telebots,” “Voodoo Bear,” and “Iron Viking.”