Category Archives: Cyber War

Russian Bombers Near Kodiak, Alaska, Deconfliction Line Busy?

Posted on by

Again and again…  There was no cockpit-to-cockpit radio communication between the US and Russian pilots. So that ‘deconfliction’ line between the United States and Russia apparently goes to voicemail.

It was just a few days ago that Hawaii formally requested military emergency response operations due to the North Korea threat. Likely, the manner of which Russia maintains aggressive messaging, those two bombers were dispatched to test U.S. response and air defense systems.

FNC: A pair of Russian nuclear-capable bombers flew near Alaska Monday night, two U.S. officials told Fox News, coming as close as 100 miles from Kodiak Island — the first time since President Trump took office that Moscow has sent bombers so close to the U.S.

The two Russian Tu-95 “Bear” bombers flew roughly 280 miles southwest of Elmendorf Air Force Base, within the Air Defense Identification Zone of the United States.

The U.S. Air Force scrambled two F-22 stealth fighter jets and an E-3 airborne early warning plane to intercept the Russian bombers.

The American jets flew alongside the Russian bombers for 12 minutes, before the Russian bombers reversed course and headed back to their base in eastern Russia.

Last week in Moscow, Secretary of State Rex Tillerson said U.S.-Russian relations were at a “low point” while sitting next to Russian Foreign Minister Sergey Lavrov.

While Tillerson was in Moscow, three Russian bombers flew near the east coast of Japan, forcing the Japanese military to scramble 14 fighter jets at various times to intercept the bombers. A Russian spy plane also flew along Japan’s west coast.

The last time Russian bombers flew near the U.S. was July 4, 2015, when a pair of Russian bombers flew off the coasts of Alaska and California, coming as close as 40 miles to Mendocino, Calif.

Russian President Vladimir Putin called then-President Barack Obama to wish him a happy Independence Day while the bombers cruised the California coastline.

***

WaPo: Gen. Paul Selva recently became the first Pentagon official to state publicly that Russia has deployed a land-based cruise missile in direct violation of its treaty obligations to the United States. Selva, who serves as vice chairman of the Joint Chiefs of Staff, said in testimony before the House Armed Services Committee: “We believe that the Russians have deliberately deployed it in order to pose a threat to NATO.” He also noted — to the best of his knowledge — that “they do not intend to return to compliance.”

In other words, the Russians have calculated that it costs them more to fulfill their treaty commitments than to break them. The only proper response to this provocation is to increase the costs and change Russia’s calculation.

The agreement in question is the Intermediate-Range Nuclear Forces Treaty, which the Soviet Union and the United States signed in 1987 to eliminate an entire class of land-based missiles with a range of 500 to 5,500 kilometers. Reasons for the treaty date back to the late 1970s, when the Soviet Union deployed intermediate-range nuclear missiles to Europe, reducing warning times and threatening to divide Europe from North America. NATO responded by deploying U.S. intermediate-range nuclear missiles in 1983. The increased tensions ultimately led to arms-control negotiations and the landmark INF Treaty.

***

The Tu-95 is the worlds fastest propeller driven aircraft in the world today. The Tupolev Tu-95 (Russian: Туполев Ту-95; NATO reporting name: “Bear”) is a large, four-engine turboprop-powered strategic bomber and missile platform. First flown in 1952, the Tu-95 entered service with the Soviet Union in 1956 and is expected to serve the Russian Air Force until at least 2040.[1] A development of the bomber for maritime patrol is designated Tu-142, while a passenger airliner derivative was called Tu-114.

The aircraft has four Kuznetsov NK-12 engines, each driving contra-rotating propellers. It is the only propeller-powered strategic bomber still in operational use today. The tips of the propeller-blades move faster than the speed of sound, making it one of the noisiest military aircraft.[2] Its distinctive swept-back wings are at a 35° angle.

Design and development[edit]

A Tu-95MS in 2007.

A Tu-95 showing its swept wing and anti-shock bodies
The design bureau led by Andrei Tupolev designed the Soviet Union’s first intercontinental bomber, the 1949 Tu-85, a scaled up version of the Tu-4, a Boeing B-29 Superfortress copy.[3]

A new requirement was issued to both Tupolev and Myasishchev design bureaus in 1950: the proposed bomber had to have an un-refueled range of 8,000 km (4,970 mi)—far enough to threaten key targets in the United States. Other goals included the ability to carry an 11,000 kg (12.1 ton) load over the target.[citation needed]

The big problem for Tupolev was the engine choice: the Tu-4 showed that piston engines were not powerful enough to fulfill that role, while the fuel-hungry AM-3 jet engines of the proposed T-4 intercontinental jet bomber did not provide adequate range.[4] Turboprops offered more power than the piston engines and better range than jets available for the new bomber’s development at the time, while offering a top speed in between these two alternative choices.

Tupolev’s proposal was selected and Tu-95 development was officially approved by the government on 11 July 1951. It featured four Kuznetsov[5] coupled turboprops, each fitted with two contra-rotating propellers of four blades each, producing a nominal 8,948 kW (12,000 eshp) power rating. The then-advanced engine was designed by a German team of ex-Junkers prisoner-engineers under Ferdinand Brandner. In contrast, the fuselage was conventional: a mid-wing cantilever monoplane with 35 degrees of sweep, an angle which ensured the main wing spar passed through the fuselage in front of the bomb bay. Retractable tricycle landing gear was fitted, with all three gear strut units retracting rearwards, with the main gear units retracting rearwards into extensions of the inner engine nacelles.[citation needed]

The Tu-95/I, with 2TV-2F engines, first flew in November 1952 with test pilot Alexey Perelet at the controls.[6] After six months of test flights this aircraft suffered a propeller gearbox failure and crashed, killing Perelet. The second aircraft, Tu-95/II featured four of the 12,000 ehp Kuznetsov NK-12 turboprops which proved more reliable than the coupled 2TV-2F. After a successful flight testing phase, series production of the Tu-95 started in January 1956.[5]

A Tu-95MS simulating aerial refueling with an Ilyushin Il-78 during the Victory Day Parade in Moscow on 9 May 2008.
For a long time, the Tu-95 was known to U.S./NATO intelligence as the Tu-20. While this was the original Soviet Air Force designation for the aircraft, by the time it was being supplied to operational units it was already better known under the Tu-95 designation used internally by Tupolev, and the Tu-20 designation quickly fell out of use in the USSR.[citation needed] Since the Tu-20 designation was used on many documents acquired by U.S. intelligence agents, the name continued to be used outside the Soviet Union.[citation needed]

Initially the United States Department of Defense evaluated the Tu-95 as having a maximum speed of 644 km/h (400 mph) with a range of 12,500 km (7,800 mi).[7] These numbers had to be revised upward numerous times.[citation needed]

Like its American counterpart, the Boeing B-52 Stratofortress, the Tu-95 has continued to operate in the Russian Air Force while several subsequent iterations of bomber design have come and gone. Part of the reason for this longevity was its suitability, like the B-52, for modification to different missions. Whereas the Tu-95 was originally intended to drop free-falling nuclear weapons, it was subsequently modified to perform a wide range of roles, such as the deployment of cruise missiles, maritime patrol (Tu-142), and even civilian airliner (Tu-114). An AWACS platform (Tu-126) was developed from the Tu-114. An icon of the Cold War, the Tu-95 has served not only as a weapons platform but as a symbol of Soviet and later Russian national prestige. Russia’s air force has received the first examples of a number of modernised strategic bombers Tu-95MSs following upgrade work.

Answer to Those Missile Failures of N. Korea

Posted on by

The author of this site has mentioned for several months the reason for the recent failed missile launches of North Korea. There are two distinct causes and both point to the United States. They are cyber operations and electronic warfare.

Over the past decade of conflict, the U.S. Army has deployed the most capable communications systems in its history. U.S. forces dominated cyberspace and the electromagnetic spectrum (EMS) in Afghanistan and Iraq against enemies and adversaries lacking the technical capabilities to challenge our superiority in cyberspace. However, regional peers have since demonstrated impressive capabilities in a hybrid operational environment that threaten the Army’s dominance in cyberspace and the EMS.

The Department of Defense information network-Army (DODIN-A) is an essential warfighting platform foundational to the success of all unified land operations. Effectively operating, securing, and defending this network and associated data is essential to the success of commanders at all echelons. We must anticipate that future enemies and adversaries will persistently attempt to infiltrate, exploit, and degrade access to our networks and data. A commander who loses the ability to access mission command systems, or whose operational data is compromised, risks the loss of lives and critical resources, or mission failure. In the future, as adversary and enemy capabilities grow, our ability to dominate cyberspace and the EMS will become more complex and critical to mission success.

Incorporating cyberspace electromagnetic activities (CEMA) throughout all phases of an operation is key to obtaining and maintaining freedom of maneuver in cyberspace and the EMS while denying the same to enemies and adversaries. CEMA synchronizes capabilities across domains and warfighting functions and maximizes complementary effects in and through cyberspace and the EMS. Intelligence, signal, information operations (IO), cyberspace, space, and fires operations are critical to planning, synchronizing, and executing cyberspace and electronic warfare (EW) operations. CEMA optimizes cyberspace and EW effects when integrated throughout Army operations. More here.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

You can be assured there is acute cooperation between the military and other Federal agencies including the CIA and NSA when it comes to North Korea. What do we know that media is not sharing?

North Korea’s proliferation of missile technology and expertise is another serious concern for the United States. Pyongyang has sold missile parts and/or technology to several countries, including Egypt, Iran, Libya, Burma, Pakistan, Syria, United Arab Emirates, and Yemen.53 Sales of missiles and telemetric information from missile tests have been a key source of hard currency for the Kim regime.

North Korea and Iran have cooperated on the technical aspects of missile development since the 1980s, exchanging information and components.54 Reportedly, scientific advisors from Iran’s ballistic missile research centers were seen in North Korea leading up to the December 2012 launch and may have been a factor in its success.55 There are also signs that China may be assisting the North Korean missile program, whether directly or through tacit approval of trade in sensitive materials. Heavy transport vehicles from Chinese entities were apparently sold to North Korea and used to showcase missiles in a military parade in April 2012, prompting a U.N. investigation of sanctions violations.56  More here.

Security experts and U.S. officials have voiced increasing concern about North Korea’s improving cyberattack capabilities. In March 2013, an attack on the computer systems of several South Korean media and financial institutions disrupted their functioning for days, in one of the most significant cyberattacks in the country’s history; cybersecurity analysts identified North Korean hackers as the culprit.68 The FBI determined that North Korean hackers were responsible for the November 2014 cyberattack on Sony Pictures Entertainment, an intrusion that disrupted the company’s communication systems, released employees’ personal information, and leaked yet-to-be released films. (Some reports speculate that the cyberattack on Sony Pictures could have been an attempt to punish the company for its production of a comedy in which American journalists assassinate Kim Jong-un at the instigation of the Central Intelligence Agency.) Perhaps in response to doubts about the attribution of the cyberattack to North Korea, U.S. officials revealed that the National Security Agency had penetrated North Korean computer networks years in advance of the Sony hacking.69

*** Much has been printed in recent months, the WikiLeaks release of the CIA/NSA toolkit that demonstrates abilities of both agencies ability to intrude and intercept adversaries and allies in the cyber realm. Due to private citizens fear of unauthorized and possible access to personal data and internet activities, many Americans are angry. That anger is not misplaced, however, consider, do we want our agencies to have cyber skills to penetrate such rogue regimes as North Korea, Syria, Iran or militant factions such as al Qaeda and Islamic State? The answer is likely yes.

The UK Sunday Times reports: ”

A missile test by North Korea that failed seconds after launch may have been sabotaged by a US cyber-attack, a former foreign secretary has said.

The US said a ballistic missile “blew up immediately” after firing near the port of Sinpo on the east coast early today.

“It could have failed because the system is not competent enough to make it work, but there is a very strong belief that the US through cyber methods has been successful on several occasions in interrupting these sorts of tests and making them fail,” Sir Malcolm Rifkind, the former foreign and defence secretary, told the BBC.”.

*** The UK Telegraph tells us in part: U.S. Pacific Command detected and tracked what it assessed to be a North Korean ballistic missile launch at 11:21 a.m. Hawaii time (2121 GMT) on Saturday, said U.S. Navy Commander Dave Benham, a spokesman for  Pacific Command.

“The missile blew up almost immediately. The type of missile is still being assessed,” he said.

It was launched  from a base at Sinpo, a port city on the North Korean east coast. The North’s previous attempted missile launch, on April 5, also suffered an in-flight failure before the weapon crashed into the Sea of Japan. Experts have suggested that the United States may be carrying out “left-of-launch” attacks on the missiles using electromagnetic propagation or cyber attacks, including through infected electronics aboard the weapon that confuse its command and control or targeting systems. More here.

*** So, while we tend to panic and push back on the cyber toolkit of Federal agencies which WikiLeaks tells us to do, perhaps we should look wider and deeper to the positive affects of those operations as Japan and S. Korea are most at risk if North Korea is remotely successful. Can and do Federal agencies exploit cyber tools and electronic warfare against American citizens and is there evidence of abuse? Not so much yet, but this site does invite readers to offer evidence.

*** Some other items of interest with regard to North Korea:

  1. Chinese troops are always stationed in the northeast near North Korea, and Yun Sun, a senior associate with the East Asia Program at the Stimson Center, told Business Insider that “Chinese troop movements happen often along that border” when North Korean nuclear and missile provocations seem imminent.

    “When North Korea acts up with some sort of provocation, the Chinese in the past have moved their troops to reinforce their deployments in the northeast for military preparedness,” Yun said.

    “On the other hand,” Yun said, “I think it does signal that the Chinese are concerned about a potential escalation, or even potential conflict” between the US and North Korea, as North Korea plans a nuclear test and the USS Carl Vinson aircraft carrier pulls up to Korea’s coast.

  2. North Korea forces citizens to work outside the country in often slave labor conditions and the regime keeps 85% of the revenue. “150,000 N.Koreans Sent to Slave Labor Abroad,” Chosun Ilbo, November 13, 2014.  This often amounts to $1 billion a year in revenue.
  3. North Korea selling arms to Hamas and advises on tunnel systems.
  4. North Korea has a sizeable inventory and robust program in both chemical and biological weapons. While the DPRK possesses considerable capabilities to deliver CW agents, it is unclear whether comparable munitions are available to deliver BW agents. Although the DPRK has advanced missile technology, the fragile nature of biological agents complicates the task of using missiles as a means of delivery and dispersal. While the ROK government has estimated that half of the DPRK’s long-range missiles and 30 percent of its artillery pieces are capable of delivering chemical or biological warheads, it is not known whether biological payloads would survive and be effectively dispersed by these missiles. More here.

 

 

 

CIA Director Spoke Truths and then got Trolled

Posted on by

CIA’s Pompeo rips WikiLeaks as ‘hostile intelligence service’ abetted by Russia

CIA Director Mike Pompeo, in his first speech since taking over the agency, lambasted WikiLeaks and its founder Julian Assange — calling the group a “non-state hostile intelligence service” that is often abetted by “state actors like Russia.”

Image result for cia pompeo YahooFinance

Speaking Thursday at the Center for Strategic and International Studies, Pompeo called Assange a “fraud,” someone with no “moral compass” and a “narcissist who has created nothing of value.”

He asserted that Assange and former National Security Agency staffer and famed leaker Edward Snowden “seek to use that information to make a name for themselves” and they “care nothing about the lives they put at risk or the damage they cause to national security.”

Asked why he would focus on WikiLeaks rather than other issues, Pompeo said he felt it was vital to inform the American people about the threat they pose.

In the case of Snowden, Pompeo said the detrimental impact of his leaks was expansive and that more than 1,000 foreign targets attempted to change their means of communication as a result of the Snowden disclosures.

“The bottom line is that it became harder for us in the intelligence community to keep Americans safe. It became harder to monitor the communications of terrorist organizations that are bent on bringing bloodshed to our shores.  Snowden’s disclosures helped these groups find ways to hide themselves in the crowded digital forest,” he said.

Last week, WikiLeaks released the latest chapter in its ongoing “Vault 7” series of cyber and hacking tools that it claims were stolen from the CIA.

According to its release, the new leaked information contains 27 documents from the CIA’s Grasshopper Framework, which is allegedly the software tools used by the CIA to infiltrate Microsoft’s Windows platform.  More here.

Image result for cia twitter wikileaks Baaghi

Enter the trolls:

The Hill reports:

WikiLeaks hit back at CIA Director Mike Pompeo on Thursday after he criticized the website.

Pompeo called WikiLeaks a “non-state hostile intelligence service” that had done “great harm to our nation’s national security.”

The site hit back by posting one of Pompeo’s now-deleted tweets from 2016 citing the group’s work publishing leaked documents from the Democratic National Committee.

“Need further proof that the fix was in from Pres. Obama on down? BUSTED: 19,252 Emails from DNC Leaked by Wikileaks,” Pompeo had tweeted.

WikiLeaks shared an image of that tweet, adding:”Tweet sent by CIA Director Mike Pompeo on 24 July 2016.” More here.

***

Okay, it is popular now to dislike James Comey, the Director of the FBI. Okay, but the rank and file agents at the FBI are the ones doing the hard work on investigations.

Associated Press reports:

WASHINGTON (AP) — FBI Director James Comey said Americans should be aware of foreign efforts to undermine confidence in U.S. elections and mindful of the possibility that what they’re reading might be part of an organized disinformation campaign.

U.S. adversaries, including Russia last year, have “used all kinds of vectors to try and influence and undermine our own faith in our democratic processes” and have relied on increasingly sophisticated tactics, the FBI director warned.

Speaking at a Newseum event Wednesday night, he said the FBI would be transparent in publicly calling out efforts to meddle in American politics and that the public also should take steps to guard against foreign influence.

“The most important thing to be done is people need to be aware of the possibility that what they’re reading has been shaped by troll farms looking to push a message on Twitter to undermine our confidence” about the electoral process, Comey said. More here.

*** Just in case you are still not a believer, this site published a summary of a two panel hearing before the Senate regarding ‘Active Measures’ and constant KGB tactic(s) used during the Cold War and especially now with the use of the internet and social media.

When is it Enough for Putin and Russia? This describes the Russian ‘botnet’ operation with testimony from 6 experts not employed by any Federal government agency. And in case you missed it, also from this site is FBI Global Hackers Sweeping Sting Arrests where most of those arrested were…yup Russian.

A believer yet? Maybe there just was and is a reason for several government investigations into the American infrastructure……right?

 

FBI Global Hackers Sweeping Sting Arrests

Posted on by

So many complain the FBI is slow-walking cyber and hacking operations especially when it comes to the Russian investigations. Well, the FBI rarely announces cases and prosecutions. When it comes to the recent Russian hacking scandal into the United States election and campaign infrastructure, perhaps the Department of Justice and the FBI are building a huge file for proof.

So, try this:

NBC/McClatchy

 

U.S. sweeping up Russian hackers in a broad global dragnet

BY TIM JOHNSON/WASHINGTON

McClatchy: The arrests caught the Russian hackers totally by surprise. One was at a Finnish border crossing. Another was arriving at an airport in Spain. A third was dining at a restaurant in Prague. Still others were at luxury resorts in the Maldives and Thailand.

Many have now turned up in U.S. courts. The long arm of U.S. law enforcement is spanning the globe like never before to bring criminal hackers to justice.

And it may not be just about crime. The Justice Department cites fuzzy and overlapping boundaries between criminal hackers and Russian intelligence agencies, the same ones the U.S. accuses of coordinating the hacking and subsequent disclosure of emails from the Democratic National Committee and the Hillary Clinton presidential campaign.

President Donald Trump dismisses allegations that Russia meddled in the election as “fake news,” but the FBI and congressional committees have launched probes and the Obama administration ordered the expulsion of 35 Russian diplomats in late December.

Rubio says Russian hackers targeted his presidential campaign

During a Senate committee hearing on Thursday, Florida Senator Marco Rubio stated that his 2016 presidential campaign staff members were the targets of Russian hackers in July 2016 and March 2017, but both efforts were unsuccessful.

The U.S. campaign leaves Russian hackers with a dilemma: If they leave the safe confines of Russia, which has no extradition treaty with the United States, or Russia’s most ardent allies, they may get picked up and sent to the U.S.

“They no longer travel, the high-profile hackers. They understand the danger,” said Arkady Bukh, a criminal defense lawyer in New York City who has defended numerous accused Russian cybercriminals.

Still, some Russian and Eastern European hackers do enjoy holidays abroad – and live to regret it. Just this week, Maxim Senakh, a 41-year-old Russian, pleaded guilty in a Minneapolis courtroom to operating a massive robotic network that generated tens of millions of spam emails a day in a zombie criminal enterprise that purportedly brought in millions in profits.

Senakh didn’t come voluntarily. He’d been visiting a sister in Finland before that country put him on a U.S.-bound plane in January, answering a U.S. extradition request.

“He fought it, the Russian government fought it, and the Russian government put political pressure on its neighbor, Finland,” federal prosecutor Kevin S. Ueland said at a Feb. 19 hearing.

Another Russian, Mark Vartanyan, 29, pleaded guilty March 20 to computer fraud in an Atlanta courtroom after reaching a deal with prosecutors to offer far-reaching cooperation that would limit a prison term to five years or less.

Norway extradited Vartanyan to the U.S. in December.

David Hickton, a former U.S. attorney in Pittsburgh who made the city a hub for prosecutions of foreign hackers, said such actions are a sign of the new dimensions of crime.

IT’S NO DIFFERENT THAN IF SOMEONE PULLED A TRUCK UP TO YOUR HOUSE AND STOLE VALUABLE MATERIAL. David Hickton, former federal prosecutor

“This is 21st century burglary. It’s no different than if someone pulled a truck up to your house and stole valuable material,” said Hickton, who now directs the Institute for Cyber Law, Policy and Security at the University of Pittsburgh.

But Hickton acknowledged that carrying off successful prosecutions is a challenge.

“These cyber investigations are very, very hard. You’re talking about evaporating evidence, borderless crimes and defendants who can hide behind the borders of countries that don’t have extradition treaties with us,” he said.

It is not easy to pigeonhole the accused and convicted hackers. Some are brainy but merely cogs in larger crime groups. Others flash their wealth and opulent lifestyles.

NOT ALL OF THEM ARE RICH. 

Arkady Bukh, criminal defense attorney in New York City

“Not all of them are rich,” Bukh said. “A lot of them are involved in computer intrusion and that does not bring much money.”

Bukh recalled one client, Aleksandr Panin, who was placed by authorities on a plane in the Dominican Republic to 2013 bound for Atlanta, put on trial and convicted.

“The guy couldn’t afford a car even with (having caused) a billion dollars in losses. He’s like a mad scientist geek,” Bukh said.

Then there are those on the opposite extreme, who pose for photos with piles of cash or at luxury beach resorts. One of them, Roman Seleznev, was convicted last year in Seattle on 38 counts related to cybercrime. His father is a deputy in the Russian parliament, or Duma. Prosecutors retrieved a photo from his cell phone of him standing next to a yellow Dodge Challenger muscle car in Red Square near the Kremlin.

The magnitude of damages that prosecutors have alleged can be mind-boggling.

Vartanyan, the young Russian hacker brought to Atlanta from Norway, was part of the development team that created Citadel, a “universal spyware system” sold on underground Russian criminal hacker forums that ended up lodged on 11 million infected computers around the world.

In their complaint against him, prosecutors cited industry estimates that Citadel caused “over $500 million in losses” in a three-year period.

The investigations can be incredibly complex, leading federal investigators to call in specialized cybersecurity firms to conduct forensics. In the probe of Senakh, whose guilty plea came last month, the feds turned to ESET, a cybersecurity firm with 18 offices around the world.

ESET analyzed the malicious code Senakh used, dubbed Ebury malware, and found that it had compromised 25,000 servers around the world, researcher Marc-Etienne Leveille said in an email.

Stanislav Lisov, a computer programmer from Taganrog, a town on Russia’s Black Sea coast, had arrived at Barcelona’s international airport with his wife on Jan. 13 when Spanish Civil Guard police arrested him on an FBI warrant issued through Interpol. The charges: electronic and computer fraud.

WE WERE DETAINED AT THE AIRPORT IN BARCELONA. 

Darya Lisova, wife of accused Russian hacker Stanislav Lisov

“We were detained at the airport in Barcelona, when we came to return a rented car before flying out to Lyon, to continue our trip and visit friends. When we were getting out of the car, two police officers approached, showed us the badge, and said they were detaining my husband,” Darya Lisova told the Russian state-operated RT network.

Spain has not yet extradited Lisov, who is blamed for being the architect of a sophisticated Trojan, NeverQuest, used in stealing log-in credentials for bank accounts.

Here is a rundown of some other recent cases:

Yevgeniy Nikulin, 29, was arrested by police while dining with his girlfriend in a hotel restaurant in Prague’s Old Town Oct. 5. He has been indicted by a federal grand jury in northern California on charges of computer intrusion, identity theft and other crimes for penetrating into the systems of high-tech companies LinkedIn, Dropbox and Formspring. Since then, Washington and Moscow have been in a tug-of-war over Nikulin’s extradition.

Olga Komova, a 26-year-old Uzbek, and Dmitry Ukrainsky, a Russian, were arrested in mid-2016 at beach resorts in Thailand and accused of stealing more than $28 million as part of a mega cyber bank fraud ring. Komova has turned up in U.S. custody and faces federal charges of wire fraud and money laundering. How she was brought to the United States is unclear. Her U.S. lawyer, Michael Soroka, declined to discuss the case.

When extradition isn’t an option, U.S. authorities lure alleged hackers to jurisdictions where they can be arrested. Such tactics have been decried by Moscow as “kidnapping.”

Seleznev, the identity thief who is the son of the Duma deputy, chose to vacation at a five-star resort in the Indian Ocean archipelago nation of the Maldives in 2014 precisely because it has no extradition treaty with the United States.

U.S. officials got word and persuaded Maldives authorities to intercept Seleznev at the airport, where in a fast-paced operation he was bundled on a private plane to Guam, a U.S. territory in the western Pacific, then flown to Seattle to face federal charges.

Upon his conviction last August, prosecutors said Seleznev had stolen millions of credit card numbers, causing 3,700 banks $169 million in losses. He faces a 40-year jail term.

No matter where the hackers travel, prosecutors say they will follow.

The U.S. attorney in Atlanta, John Horn, who has also made a name for himself in prosecuting Russian hackers, offered an unapologetic defense last year of the global reach of U.S. justice.

“Cybercrime is borderless, but increasingly, so too are our law enforcement capabilities,” Horn said.

Pyotr Levashov Arrested in Barcelona, Hacker

Posted on by

All domestic news media has been blaming the Russians for cyber election intrusion. Conservative outlets have pushed back asking for evidence. There are investigations on The Hill regarding Russian interference and the House Intelligence Committee, chaired by Devin Nunes has seen the documents and share them with the White House. The committee co-chair Adam Schiff was angry he was not read on early enough. A big political conflict has occurred and Nunes recused himself from the specific committee investigation regarding Russia as Nunes remains chairman of the committee.

Okay so what you ask?

Well we want to blame the FBI, Comey and ODNI, Clapper for not being more forthcoming on the matter. Slow down everyone, as cyber investigations are international in scope and it takes a mobilized set of experts and agencies and international collaboration to make attribution by using exceptional tools, cyber talent and agreements. So….what does all this mean? It means the lid could soon blow off this whole operation.

You see, there was malware, phishing and countless botnet systems that were part of the U.S. election interference as we saw with the DNC hack and the John Podesta emails via WikiLeaks. There are countless moving parts and they are international. It is gratifying to know however, not only is government part of the investigation, but outside cyber corporations are doing their own due diligence and offering additional clues, evidence and assistance to the FBI. How so you ask?

From Krebs on Security: Then, on Jan. 26. 2012, I ran a story featuring a trail of evidence suggesting a possible identity of “Severa (a.k.a. “Peter Severa”), another SpamIt affiliate who is widely considered the author of the Waledac botnet (and likely the Storm Worm). In that story, I included several screen shots of Severa chatting on Spamdot.biz, an extremely secretive Russian forum dedicated to those involved in the spam business. In one of the screen shots, Severa laments the arrest of Alan Ralsky, a convicted American spam kingpin who specialized in stock spam and who — according to the U.S. Justice Department – was partnered with Severa. Anti-spam activists at Spamhaus.org maintain that Peter Severa’s real name is Peter Levashov (although the evidence I gathered also turned up another name, Viktor Sergeevich Ivashov). Read more here, it is fascinating and well done.

*** No wonder attribution takes a very long time right? Yes so read on please…..

Programmer Pyotr Levashov reportedly suspected in US election hacking arrested

Madrid: A Russian computer programmer, Pyotr Levashov, has been arrested in the Spanish city of Barcelona, a spokesman for the Russian embassy in Madrid said on Sunday.

It was unclear why Levashov was arrested. The embassy spokesman declined to give details for his arrest, and Spanish police and the interior ministry were not available for comment on Sunday.

Russian television station RT reported that Levashov was arrested under a US international arrest warrant and was suspected of being involved in hacking attacks linked to alleged interference in last year’s US election.

Peter Carr, a spokesman for the US Justice Department’s criminal division, said: “The US case remains under seal, so we have no information to provide at this time.”

The criminal division is separate from the national security division, which is responsible for investigating state-sponsored cyber crimes.

A US Department of Justice official said it was a criminal matter without an apparent national security connection.

Spanish authorities notified the Russian embassy of Levashov’s arrest on Friday, the embassy spokesman said.

In January, Spanish police arrested another Russian computer programmer, whose name was given as “Lisov” and who was wanted by the United States for leading a financial fraud network.

Russia's embassy in Madrid.Russia’s embassy in Madrid. Photo: Wikimedia/Luis García (Zaqarbal)

The US government has formally accused Russia of hacking Democratic Party emails to help the campaign of Republican President Donald Trump. The US Congress is also examining links between Russia and Trump during the election campaign.

Russian officials, including President Vladimir Putin, have repeatedly denied that Russia tried to influence the election.

Reuters

Related reading: Spain arrests Russian bank-account hacker wanted by FBI

January 2017: Spain has arrested a 32-year-old Russian computer programmer at Barcelona airport who is alleged to have designed and used software to steal bank account details from banks and individuals, Spanish police said on Friday.

Working with the U.S. Federal Bureau of Investigation (FBI), the man, named Lisov, was arrested by Spanish police on Jan. 13 as he waited to take a flight to another European country. He is suspected of leading a financial fraud network, the police said in a statement.

Lisov, wanted by the United States under an international arrest warrant, had been under observation by authorities for several days in the north-eastern region of Catalonia, police said. Police did not give the man’s first name. More here.

Related reading: Russian FSB Officers Charged in Yahoo Hack and More

Tip sheet on above:

ALEXSEY BELAN

Conspiring to Commit Computer Fraud and Abuse; Accessing a Computer Without Authorization for the Purpose of Commercial Advantage and Private Financial Gain; Damaging a Computer Through the Transmission of Code and Commands; Economic Espionage; Theft of Trade Secrets; Access Device Fraud; Aggravated Identity Theft; Wire Fraud

   Seems we need to be more patient when it comes to the FBI and associated international agencies…eh?