Your Introduction to United Front

The Chinese Communist Party is operating everywhere across the globe but those of us outside the Beltway should really come to understand the threats. Congressman Mike Gallagher heads a very important committee in the House that is doing outstanding work but the flow of that work is not getting to us as it needs to. So, this is summary is here to help. The enemy is inside the wire, meaning right here embedded in our every day lives.

The committee published an easy to read and understand 6 page introduction for your use. It includes social media, universities, policy demands, manufacturing and trade. Civic groups, public schools, theft and espionage. In fact as an aside, you can’t even play Candy Crush without being forced to watch a Temu ad (Chinese) or be secretly tied to Tik Tok which steals your all you data from your electronic devices in places like Facebook.

You are being manipulated every hour of every day by misinformation, propaganda and influence and you need to see and understand the consequences including election interference. We have major power brokers and industry leaders as well as politicians such as Governor Newsom that simply love all things China, so take extreme caution.

https://sp.rmbl.ws/s8/6/8/s/S/a/8sSao.WdEB.1.jpg President Xi arrives in San Francisco

Newsweek has done some good independent work in this area including exposing 600 United Front linked civic groups.

It is important to pay attention to Congressman Gallagher’s production and for sure former CIA Director and former State Department Secretary Mike Pompeo. Below is a sample of the work:

In February, for example, Pompeo warned the National Governors Association at a meeting in Washington D.C. that the CPC was identifying and grooming state and local politicians who would support its interests. A Chinese think tank had already graded governors on their “friendliness,” Pompeo said. Newsweek obtained and translated a copy of the 2019 report, which labeled 17 governors as “friendly;” called 14 “ambiguous,” deemed six as “hardline” and the rest “unclear.” Pompeo told the governors, “Whether you are viewed by the CPC as friendly or hardline, know that it’s working you, know that it’s working the team around you.”

Six months later, at a meeting of economists and sociologists in Zhongnanhai, a secretive leaders’ compound in Beijing, Xi told more than a dozen top economists and sociologists that China would double down on seeking “cooperation” with U.S. politicians and business leaders at the states and local level, exactly what Pompeo had warned about. “We must actively develop cooperation with all countries, regions and enterprises willing to cooperate with us, including states, localities and enterprises in the United States,” Xi said, according to Xinhua, the state news agency.

In his talk, Pompeo gave several examples that he said reflected an uptick in CPC interference at the state level. In 2019, he said, diplomats at the Chinese consulate in Houston wrote to the Mississippi governor, Phil Bryant, threatening to cancel a Chinese investment in his state if he traveled to Taiwan, the de facto independent island nation that Beijing claims and says no one may have official ties with. Bryant went anyway.

In another example, Chinese diplomats at the consulate in Chicago wrote to a Wisconsin lawmaker, Republican Roger Roth, asking him to sponsor a bill they wrote praising China’s response to the COVID-19 pandemic, the Wisconsin Examiner reported. Roth initially ignored the request thinking it a joke. The Chinese diplomats sent it again. Roth replied with one word: “nuts.”

Those two attempts may have faltered in the face of pushback, but outreach often works, especially on the business level. Speaking on background, one official described the pattern: “Say you are governor of a state that has tremendous economic investments in China, or that has a good relationship with China exporting soybeans or grain. China can use that relationship,” say, by asking their political or business contacts to make calls to Washington to try and influence policy. It sounds like U.S. political lobbying, “but you have to know, it’s a foreign government playing this game,” the official says.

He is asking you, the reader to challenge your own knowledge and then challenger your own local leaders.

Furthermore from Newsweek:

A three-day summit that took place in mid-October at the China Institute, a New York City non-profit, provides a classic example of how the United Front works. The event, titled “Finding Success in an Age of Crisis,” promised to help participants figure out how to “achieve success in the face of strained U.S.-China relations and a volatile world.”

The event featured an illustrious line-up of panelists from U.S. business, academia, technology, media, diplomacy and politics, including Rick Snyder, former governor of Michigan, and Stapleton J. Roy, a founder of the Wilson Center’s Kissinger Institute. Yet what participants likely didn’t know: Three of the four “knowledge partners” are directly or indirectly part of the United Front.

The Beijing-based Center for China & Globalization, a think tank, is one of them. The organization was co-founded by Wang Huiyao, who is also a deputy chairman of the Western Returned Students Association, a United Front Work Department group, according to Joske, who has documented Wang’s multiple connections to the United Front. The other were the China General Chamber of Commerce USA and the China General Chamber of Commerce USA Chicago, both among the 600 or so American groups Newsweek has linked to the CPC system.

Asked for comment, the China Institute replied that it “chose to engage with these organizations because of their large memberships and connection to the issues and topics that are a priority today. We wanted to ensure they were engaged in the conversation.” In an emailed statement, the China General Chamber of Commerce–USA denied it was linked to the United Front system, saying it was “a non-profit and non-governmental organization representing Chinese enterprises in the U.S.,” with a mission “to create value, generate economic growth, and enhance cooperation between the U.S. and Chinese business communities.”

Shame on the Biden administration and for sure shame on Governor Newsom.

 

 

Two Tech Companies Report Chinese Malware in the Power Grids

No worries America, President Biden is on vacation again, this time for a week. Meanwhile, it was back in May that Microsoft and Mandiant (0wned by Google) reported Volt Typhoon was in a few power systems either for espionage or worse for later capability to disrupt. Presently, there is no immediate threat however, experts outside of the Federal government are studying the cyber language and issuing warnings.

Volt Typhoon's Cyberattack: Key Concerns and Implications for the Industry  | TXOne Networks source

Experts say it’s one of the largest known cyber espionage campaigns against the US.

A key US military outpost, Guam’s ports and air bases would be crucial to any Western response to a conflict in Asia. Together with the Five Eyes alliance – comprising the intelligence agencies of the US, Australia, Britain, New Zealand and Canada – Microsoft published details of the malware.

A cyberattack on Guam is equivalent to an attack on Silicon Valley. Guam, with a population of nearly 154,000, is indistinguishable from the 50 states for the purposes of defense under international and domestic law. It would also be vital to US military operations in any conflict over Taiwan. The Guam Defense System, the defense architecture surrounding Guam and the Mariana Island Chain, is the top homeland defense priority of the current commander of the US Indo-Pacific Command, Admiral John Aquilino. Guam contains the United States’ largest refueling and armament stations in the first and second island chains that provide lines of defense against China. The 2023 National Defense Authorization Act also announced $1.4 billion for defense projects in Guam, and the U.S. Marine Corps is building its first new base in 72 years there. Guam has among the highest military recruitment levels in the United States. In recognition of Guam’s military importance, China calls its DF-26 intermediate ballistic missile, which has a 2500-mile firing range, “the Guam Killer.” Source

The U.S. has 3 military bases (installations in Guam)

Q&A: What does the US military do on the island of Guam? source

***

China’s “peacetime” targeting of critical infrastructure that is used by both civilians and the US military erodes the principles of the law of war. The principle of distinction ordinarily forbids targeting civilian objects, such as civilian property and infrastructure. However, many computer networks are used for both civilian and military purposes. Such “dual use” objects may be targetable based on their nature, purpose, and use. However, combatants must still comply with the other principles of the law of war: military necessity, proportionality, and avoiding unnecessary suffering.

Microsoft has tracked a group of what it believes to be Chinese state-sponsored hackers who have since 2021 carried out a broad hacking campaign that has targeted critical infrastructure systems in US states and Guam, including communications, manufacturing, utilities, construction, and transportation.

Microsoft’s blog post offered technical details of the hackers’ intrusions that may help network defenders spot and evict them: The group, for instance, uses hacked routers, firewalls, and other network “edge” devices as proxies to launch its hacking—targeting devices that include those sold by hardware makers ASUS, Cisco, D-Link, Netgear, and Zyxel. The group also often exploits the access provided from compromised accounts of legitimate users rather than its own malware to make its activity harder to detect by appearing to be benign.

Blending in with a target’s regular network traffic in an attempt to evade detection is a hallmark of Volt Typhoon and other Chinese actors’ approach in recent years, says Marc Burnard, a senior consultant of information security research at Secureworks. Like Microsoft and Mandiant, Secureworks has been tracking the group and observing its campaigns. He added that the group has demonstrated a “relentless focus on adaption” to pursue its espionage.

US government agencies, including the National Security Agency, the Cybersecurity and Infrastructure Security Agency (CISA), and the Justice Department published a joint advisory about Volt Typhoon’s activity today alongside Canadian, UK, and Australian intelligence. “Private sector partners have identified that this activity affects networks across US critical infrastructure sectors, and the authoring agencies believe the actor could apply the same techniques against these and other sectors worldwide,” the agencies wrote. As early as 2009, US intelligence officials warned that Chinese cyberspies had penetrated the US power grid to “map” the country’s infrastructure in preparation for a potential conflict. Two years ago, CISA and the FBI also issued an advisory that China had penetrated US oil and gas pipelines between 2011 and 2013. China’s Ministry of State Security hackers have gone much further in cyberattacks against the country’s Asian neighbors, actually crossing the line of carrying out data-destroying attacks disguised as ransomware, including against Taiwan’s state-owned oil firm CPC. Source

It was not until the New York Times reported this condition that anyone took it seriously. What is worse are the facts reported by CyberScoop in part:

The largely unknown amount of Chinese-made equipment within the North American grid is a threat to national security, experts warned during a Thursday congressional hearing that explored cybersecurity vulnerabilities within the electric sector.

Witnesses from the Department of Energy and private sector testifying during the Senate Energy and Natural Resources Committee echoed a sentiment increasingly heard in Washington that a longstanding dependence on Chinese technologies and cheap components is now an alarming national security issues for U.S. critical infrastructure.

 

 

 

Your Vehicle is Spying on you and You’re not Getting Paid

Every app on your phone is collecting data, often protected and confidential data and selling it. Selling it to whom? No idea. But then you have invited the same thing when it comes to your home with the streaming apps…never mind Alexa and Siri. But now while it has been highly suggested to never use or click on Tik Tok videos that people seem to ignore at their own peril…let’s consider your own cars or trucks you drive every day. Oh you have nothing to hide…yeah yeah yeah…but manufacturers and tech companies are making trillions a year selling everything about YOU and you don’t care or have nothing to hide? Are you fine with your passwords, social security numbers, ATM card numbers or even children’s names being transported to entities unknown to you?

Privacy is gone and you should care…. it is a cyber war actually and you are in the middle of it.

Autonomous Car Technology Market Outlook From 2020-2026 - Science Techniz source

It all started with OnStar and now there is facial recognition requirements to even start your car….

America’s national security experts have made a compelling case that TikTok, the popular social media application owned in part by the Chinese government, constitutes a national security threat.

The Federal Bureau of Investigation has warned that TikTok allows the Chinese government to access location, biometric identifiers and browsing history, which could be shared with the Chinese Communist Party. This information led a bipartisan group of senators, led by Sen. Mark Warner (D-Va.), to recently introduce legislation providing the Department of Commerce the power to regulate the popular social media app. The Biden White House quickly endorsed the bill and called for its immediate passage.

It’s encouraging that the federal government is taking the TikTok threat so seriously. Many policy analysts even believe it should double its efforts to combat harmful social media companies’ data collection. After all, TikTok is not the first company that poses such a problem, nor will it be the last. Many other apps, such as WeChat, have equally dangerous connections to the Chinese Communist Party that lawmakers should watch closely.The data regulations that they impose on TikTok should apply across the board including American companies that may pose similar threats.

That said, Chinese-owned social media apps are not the only data collection threat that the American people currently face. Chinese-owned automakers present just as significant of a national security problem, if not an even greater one.

Modern cars are becoming data collection vacuums. Their cameras and computers not only diagnose engines, but they also collect information about where you travel, what stores you shop at, what music you listen to, and how fast you drive. Electric cars, particularly autonomous vehicles, collect millions of terabytes of information that automakers rightfully see as digital gold.

This data collection would be beneficial if consumers owned and controlled it, but currently, they don’t. The car companies do. Best Android Car Apps 2016 | Caromotor 2017

Chinese automakers like Volvo and Lotus must comply with the same Military-Civil Fusion laws that TikTok and other problem Chinese apps must follow. That means the same data security concerns apply but with even more in-depth personal in play, from when they leave the house to their driving patterns and histories.

American vehicle manufacturers have yet to modernize their security infrastructures with the modern-digital age. Over the last year, API attacks in the automotive industry have surged by over 380 percent, and 34 percent of auto employees admitting their company receives more security threats now than two years ago. China is one of the global leaders in API attacks, and U.S. attorneys have already warned automakers to watch out for the country’s theft of their personal information.

For all these reasons and more, this information shouldn’t remain the property of the carmakers. The drivers should own and control it.

Reps. Gus Bilirakis (R-Fla.) and Jan Schakowsky’s (D-Ill.) Innovation, Data, and Commerce Subcommittee should consider a comprehensive legislative framework that ensures transparency and accountability from car manufacturers and protects drivers against misuse of their personal information. This will turn a staunch national security problem — TikTok on wheels — into a valuable addition to the U.S. economy.

Again, the problem is not that this auto data exists; the problem is that carmakers are the ones in control of it. From diagnosing and fixing vehicle malfunctions to providing insurance discounts, vehicles keeping track of this information is benefiting drivers in untold ways. If consumers own this data instead of the auto industry, they will receive the utility of this information without the baggage of it potentially falling in the wrong hands.  Source

Cuba Agrees to Host Chinese Spy Base

First there was a full-throated denial by Adm. Kirby from the White House Press Room that the story the Wall Street Journal reported was true. Then a couple of days later, Adm. Kirby walked it back and attempted in national security platitudes to explain why he initially denied the story. Then the White House decided to blame the Trump administration stating that China has had a base in Cuba since 2019. If that was true, then why would the Biden administration lift some sanctions on Cuba?

Well….no , under the Trump administration, that is not accurate either. Perhaps China only has had radar surveillance installation since 2018. but you can bet that since Russia has had a spy base in Cuba known as the Lourdes signals intelligence facility, they are not only collaborating but perhaps co-locating especially since Beijing and Moscow have nurtured a a friendly business relationship without limitations. However, no one is putting China and Cambodia in the conversation…that is right, China has a secret base there too, called the Ream Base. .Satellite imagery of Ream Naval Base from 5 February 2023, annotated to show the shape of the pier extension. Original image courtesy of BlackSky

 

Lourdes

Russia 'to reopen Lourdes spy base in Cuba' - BBC News 2014 source

Beyond the Wall Street Journal doing great work, then comes the Miami Herald with more.

The CIA and Office of the Director of National Intelligence declined to comment. The Cuban government also pushed back against the initial WSJ report calling it “totally false and unfounded information” in a statement made by the Vice-minister of Foreign Affairs, Carlos Fernández de Cossío.

Regardless of Cuba’s sovereign rights in defense matters, the official said, Cuba rejects “any foreign military presence in Latin America and the Caribbean, including that of numerous United States military bases and troops, especially the military base that illegally occupies a portion of the national territory in the province of Guantánamo.” While China might be already collecting intelligence on the U.S. from its commercial facilities in the region, having a signals-intelligence facility “adds to China’s capabilities, especially in times of war,” said Evan Ellis, professor at the U.S. Army War College Strategic Studies Institute, which monitors China’s relationship with Latin America and the Caribbean. “I think it telegraphs Chinese willingness in the current difficult environment between our two countries to take some of these bolder steps and their sense, with their growing military power and economic power and the perception of the U.S. democratic disarray, that they can take these steps that maybe a decade ago, they would not have risked,” Ellis said. “It’s not that big of a threshold that they’ve crossed, but it is significant,” he added.

The news follows intense speculation that Russia, not China, was planning to reopen its Soviet-era espionage base in Lourdes, a town near Havana, which it shut down in 2002. High-ranking Russian national security officials and diplomats have been traveling to the island recently and the two governments appear as close as ever, with Cuban leaders offering public support for Russia’s invasion of Ukraine. But when publicly asked about reopening the Lourdes base during his trip to Havana in April, Russian Foreign Minister Sergei Lavrov did not directly address the question. And despite several economic agreements recently announced by Russian and Cuban authorities, including land-lease deals, the news about a Chinese spy base speaks to the realities on the ground: The island is desperate for cash as its economy continues sinking. Russia had limited resources even before embarking on a war against Ukraine — and China can pay. On May 20, Cuba’s Interior Minister, Gen. Lázaro Alberto Álvarez Casas, met with China’s Minister of Public Security, Wang Xiaohong. “China stands ready to work with Cuba to implement the important consensus reached by the leaders of the two countries and deepen pragmatic cooperation in various fields, especially in law enforcement and security,” a Chinese government statement said.

The news about the spy base comes as the Biden administration has been taking steps to improve its strained relationship with China, which is considered the United States’ primary military and economic rival. At the same time, State Department officials and members of Congress have been raising concerns about China’s increased influence in Latin America and the Caribbean. China has become South America’s largest trading partner and has exploited the Biden administration’s reluctance to new trade deals and has inked a free trade agreement with Ecuador, while Uruguay and Panama are in line, U.S. Rep Maria Elvira Salazar, a Miami Republican, said during a congressional hearing she chaired on Wednesday. “That is very troublesome,” Salazar said, blaming the Biden administration for ignoring the pleas of allies in the region with conservative governments “to the benefit of our enemies.”

When asked by representative Warren Davidson, R-Ohio, why the United States has seemed to become “more passive” and allowed China to increase its influence in the Western Hemisphere, the State Department’s top diplomat for the region acknowledged the administration needs to act with a sense of urgency. “This is the most challenging moment I have seen in 30 years in our hemisphere, and we have to do everything that we can to help our neighbors and our partners around the region to succeed and resist these strategic competitors from outside,” Assistant Secretary for Western Hemisphere affairs Brian Nichols said. The China deal also complicates U.S. policy towards Cuba.

The administration has lifted some restrictions on flights and remittances, resumed the family reunification program for Cubans and reestablished migration and law enforcement talks with the Cuban government. But it stopped short of easing other embargo restrictions and removing Cuba from the list of countries that sponsor terrorism, which the Cuban government had made a condition to improving relations. The cozying up to Russia and China indicates the Cuban government has chosen to seek further support from its longtime political and ideological allies rather than pursuing normalization of relations with the U.S. at a time Cuban authorities perceive their grip on power is at risk. Cuba is facing its worst economic crisis in decades and serious political challenges from a population that has taken to the streets to protest and demand regime change. Ebrahim Raeisi, the president of Iran, another major U.S. adversary, is set to travel to the island after visiting Venezuela and Nicaragua next week. The strategy suggests something else: The Cuban military is calling the shots on the island, not the civilian team led by Cuba’s handpicked president, Miguel Díaz-Canel. If true, the deal with China shows “Cuba’s desperation. It’s the same thing with Russian investors. Cuba is looking for cash where it can get it,” Ellis said. “Cuba also understands the limits of the Biden administration.

With the Republicans in control of the House in Washington, with Biden being more conservative, with a sense of lessons learned that the Obama opening was seen as ‘we gave up too much and receive too little from Cuba,’ there’s an understanding in Cuba that they’re not going to get much more out of Washington.” Latin America’s sharp turn to the left and the consolidation of power by Nicolás Maduro in Venezuela also gives Cuba confidence to do bolder things, Ellis said, while noticing that island has not gone that far as to sign military agreements with Russia or receive Russian weapons. Florida Republicans in Congress quickly reacted to the report on the China espionage base deal to highlight what they said is an increasing national security threat coming from Cuba. “The threat to America from Cuba isn’t just real, it is far worse than this,” Sen. Marco Rubio tweeted. “But to date, not only does the Biden White House not care, they have people who actually want to appease the regime.” “The Cuban regime is auctioning off land to the Russians, hosting the Iranians, and letting the Chinese open a base to spy on the U.S.,” Salazar tweeted. “Just 90 miles from our coast, the dictatorship has opened the door to our greatest enemies!” Later on Thursday, Rubio, who is the Vice Chairman of the Select Committee on Intelligence and the committee’s chairman, Mark R. Warner (D-VA), issued a statement urging the Biden administration “to take steps to prevent this serious threat to our national security and sovereignty.” “We must be clear that it would be unacceptable for China to establish an intelligence facility within 100 miles of Florida and the United States, in an area also populated with key military installations and extensive maritime traffic,” they said.

Read more at: https://www.miamiherald.com/news/nation-world/world/americas/cuba/article276215936.html#storylink=cpy

 

The Clop Ransomware Gang Have Struck State, Federal Agencies and Hospitals

It was several days ago that the first reports started to surface and as CISA/FBI issued warnings, the target list/victims continues to expand.

All attributions so far point to an Russian entity with history on this and those attributions do  not come from the Federal government but rather outside cyber expert companies across the country.

Clop ransomware gang starts extorting MOVEit data-theft victims source and expanded details

So, anyone remember when President Biden gave a list of entities that were completely off limits to cyber attacks? Remember?

Well it was exactly a year ago this month…

There are 16 critical infrastructure sectors whose assets, systems, and networks, whether physical or virtual, are considered so vital to the United States that their incapacitation or destruction would have a debilitating effect on security, national economic security, national public health or safety, or any combination thereof. Presidential Policy Directive 21 (PPD-21): Critical Infrastructure Security and Resilience advances a national policy to strengthen and maintain secure, functioning, and resilient critical infrastructure. This directive supersedes Homeland Security Presidential Directive 7.

Click here for the full description of the list. 

Meanwhile, the victims of this cyber attack related to MoveIT and CLOT include:

Reported by TechTarget:

Illinois, Minnesota and Missouri state governments are among a growing list of organizations attacked via a critical flaw in Progress Software’s MoveIT Transfer product.

Progress Software on May 31 detailed an SQL injection bug in its managed file transfer (MFT) software MoveIt Transfer. Progress urged customers to immediately apply mitigations for the vulnerability, tracked as CVE-2023-34362, while it worked on a patch, which was released later that day. But as security vendors reported soon after, the critical bug was already under active exploitation in the wild.

wave of organizations have disclosed data breaches in the wake of CVE-2023-34362 coming to light. Some of the early major names affected by the MoveIT flaw included the government of Nova Scotia, Canada; HR software provider Zellis; the BBC; British Airways; and British retailer Boots.

Several other organizations have disclosed compromises since that initial wave, including U.K. broadcast regulator Ofcom and networking vendor Extreme Networks. Multinational accounting firm Ernst and Young was also reportedly breached via the critical flaw. Ernst and Young did not reply to TechTarget Editorial’s request for comment, but the BBC said it received confirmation of a data breach from the firm.

Additionally Johns Hopkins University Hospital got hit as well as British Airlines. 

CNN adds information to the report:

A Russian-speaking hacking group known as CLOP last week claimed credit for some of the hacks, which have also affected employees of the BBC, British Airways, oil giant Shell, and state governments in Minnesota and Illinois, among others.

The Russian hackers were the first to exploit the vulnerability, but experts say other groups may now have access to software code needed to conduct attacks.

The ransomware group had given victims until Wednesday to contact them about paying a ransom, after which they began listing more alleged victims from the hack on their extortion site on the dark web. As of Thursday morning, the dark website did not list any US federal agencies.

The episode shows the widespread impact that a single software flaw can have if exploited by skilled criminals.

The hackers – a well-known group whose favored malware emerged in 2019 – in late May began exploiting a new flaw in a widely used file-transfer software known as MOVEit, appearing to target as many exposed organizations as they could. The opportunistic nature of the hack left a broad swath of organizations vulnerable to extortion.

Progress, the US firm that owns the MOVEit software, has also urged victims to update their software packages and has issued security advice.