Category Archives: Cyber War

The Other NSA Thief Indicted, Worse than Snowden?

Posted on by

What is going on at the NSA? Or is it really the NSA contractor, Booz, Allen and Hamilton? Either way…this is beyond dangerous.

Bring in Harold Martin…..  Image result for harold martin nsa NBC

Read the full indictment here.

According to an indictment released Wednesday, the information stolen by Harold Martin, a former NSA contractor who was arrested in August of last year, may be far more damaging to the U.S. intelligence community than anything taken by Edward Snowden.

On October 5, the New York Times broke the story that the FBI had arrested an employee of the intelligence community over suspicions the worker had stolen highly classified computer code.

From that report:

“The contractor was identified as Harold T. Martin III of Glen Burnie, Md., according to a criminal complaint filed in late August and unsealed Wednesday. Mr. Martin, who at the time of his arrest was working as a contractor for the Defense Department after leaving the NSA, was charged with theft of government property and the unauthorized removal or retention of classified documents.”

According to the Times, a neighbor saw “two dozen FBI agents wearing military-style uniforms and armed with long guns” storm Martin’s home and later escort the man out in handcuffs.

At the time, there was speculation that Martin could be connected to stolen NSA code that found its way into the hands of a group called the Shadow Brokers — for a period, Martin worked for the elite NSA unit from which the data was taken — but even now, authorities can’t prove he actually passed on any information.

But the mere fact that he possessed such highly sensitive material is enough to put Martin away for the rest of his life, as the recently released indictment indicates.

“For more than two decades,” Business Insider wrote on Thursday, “Martin allegedly made off with highly-classified documents that were found in his home and car that included discussions of the US military’s capabilities and gaps in cyberspace, specific targets, and ‘extremely sensitive’ operations against terror groups, according to an indictment released Wednesday.”

The indictment gives the public a much clearer look at the type of data Martin allegedly stole. And next to Edward Snowden, whose security clearance limited the documents he took to mostly training materials, it appears Harold Martin’s reach went far further into the national intelligence community.

Martin is charged with 20 counts of having unauthorized possession of classified material. The government alleges that over this long intelligence career, the 51-year-old took material from the NSA, the National Reconnaissance Office, U.S. Cyber Command, and even the CIA.

Some of the items allegedly taken, according to text from the indictment, include:

A 2008 CIA document containing information regarding foreign intelligence collection sources and methods, and relating to a foreign intelligence collection target.

A USCYBERCOM document, dated August 17, 2016, discussing capabilities and gaps in capabilities of the US military and details of specific operations.

A description of the technical architecture of an NSA communications system.

An outline of a classified exercise involving real-world NSA and US military resources to demonstrate existing cyber intelligence and operational capabilities.

Martin’s first court appearance is set for February 14. If found guilty, he faces up to 200 years in prison. More here.

***

Meanwhile, Putin is allegedly considering returning Edward Snowden to the United States as a goodwill gesture. If so, it is a double game as Putin would never do anything out of kindness without something attached. If Snowden does stand trial for treason/espionage or theft, the United States would then have to offer up classified material and reveal sources and methods which is likely what Russia wants. The Kremlin extended the visa for Snowden until 2020.

*** Image result for edward snowden

In part from NBC: Snowden’s ACLU lawyer, Ben Wizner, told NBC News they are unaware of any plans that would send him back to the United States.

“Team Snowden has received no such signals and has no new reason for concern,” Wizner said.

Snowden responded to NBC’s report on Twitter and said it shows that he did not work with the Russian government.

“Finally: irrefutable evidence that I never cooperated with Russian intel,” Snowden said. “No country trades away spies, as the rest would fear they’re next.”

Snowden’s Russian lawyer, Anatoly Kucherena, reacted to the report with dismay.

“There are no reasons to extradite Edward Snowden to the U.S.,” Kucherena said, according to TASS, the state-owned news agency. “This is some kind of speculation coming from so-called US special service sources. I think this topic was and remains on the political plane in the U.S., but it’s American special services that are puppeteering this story with sporadic information plants.”

“There is not the slightest reason to raise or discuss this topic in Russia,” Kucherena said.

Russia, he said, does not sell people. “The Snowden issue cannot be a bargaining chip on any level, neither political nor economic,” he said, according to the news agency.

Former deputy national security adviser Juan Zarate urged the Trump administration to be cautious in accepting any Snowden offer from Russian President Vladimir Putin.

“For Russia, this would be a win-win. They’ve already extracted what they needed from Edward Snowden in terms of information and they’ve certainly used him to beat the United States over the head in terms of its surveillance and cyber activity,” Zarate said.

 

Russian Information Troops, Others Helping the West

Posted on by

Going back a few years, it is important to understand how the cyber war began and where the Russians are today. While many in the United States laugh about the Russians hacked the Super Bowl and other ridiculous comments, there is a real seriousness that must be considered. So, for those who consider the Russian hacking thing to be ‘fake-news’, consider what the experts in the UK published in 2011.

Primer: Norway accuses group linked to Russia of carrying out cyber-attack, Norwegian intelligence service PST among targets of malicious emails believed to have been sent by APT 29.

***

Not too sure any agency or those collaborative countries know the depth of Russian cyber/espionage activity, except to offer very educated guesses and estimates based on other confirmed facts.

In part:

The narrative of “information war” is developing within Russia, but mostly under

the influence of initiatives taken overseas. The approach to CNO by the USA and

to a lesser extent by its allies is followed closely. The most recent senior comment

on the subject at the time of writing came from influential long-term Duma deputy,

and former Secretary of the Security Council and Deputy Minister of Defence,

Andrey Kokoshin – a long-term proponent of the vital importance of information

superiority for Russian security [71], with, intriguingly, a first qualification in

radio-electronics from the then Bauman Higher Technical College [72].

Speaking at the launch of a report entitled “’Cyber Wars’ and International

Security” published in late January 2011 jointly by the Institute of International

Security Issues of the Russian Academy of Sciences and the Faculty of World

Politics of Moscow State University, Kokoshin said that “the development of

issues of information warfare and ‘cyber wars’ must take place on an

interdisciplinary level… the experience of many states shows that information

warfare is not just a function of the Armed Forces: other state institutions including

the secret services take part in it [73]”. This makes an interesting counterpoint to

the FSB statement cited earlier in this paper which appeared to be suggesting that it

was not the business of the Armed Forces at all. The “’Cyber Wars’ and

International Security” report, according to the Russian Ministry of Defence

newspaper Krasnaya Zvezda, “examines primarily US and Chinese policy in this

area… The study examines issues such as operations in cyberspace as an integral

part of information operations [74].” At the time of writing, the report itself

appeared to be unavailable in open sources.

Meanwhile, Russian security concerns will continue to be prompted by the fact that

“influencing the transfer and storage of data means that the physical destruction of

your opponent’s facilities is no longer required [75]” – potentially negating all the

benefits of Russia’s hard-won military reforms. Efforts will continue to be

“directed at introducing international legal mechanisms that would make it possible

to contain potential aggressors from uncontrolled and surreptitious use of

cyberweapons against the Russian Federation and its geopolitical allies [76].”

So, Russian statements and initiatives on cyber operations have to be placed in this

context of observing rapidly-developing capabilities overseas, and listening to

public announcements in the USA and elsewhere of ever-greater potential and

willingness to inflict damage on adversaries by means of cyber attack. At present,

the urgent arguments for the creation of “Information Troops” within the Armed

Forces have not yet given rise to any visible change in tasking or designation of

military structures, and visions of Russia’s potential organised cyber warriors

range from the heroic and omnipotent [77] to the realms of surreal parody [78]; but

there is no doubt that the preoccupation with a perceived lack of capacity to

prosecute or defend against CNO within the military will continue to provoke calls

for action. Read the full summary here.

**** This is important due to the declarations made by U.S. domestic intelligence agencies, as they cannot be dismissed. This site recently published some items on three Russians arrested and are moved to treason cases.

Related reading: Russian Hacking, We knew Because we had an Inside Operative(s)

Related reading: $500 million for new Russian cyber army, 2014

Related reading: Russian cyber group seen preparing to attack banks, 2015

Some of these operatives were aiding the United States for as long as 7 years.

****

Russian officers ‘passed secrets to US for 7 years’

TheTimesUK: Two senior officers from Russia’s FSB spy agency passed state secrets to the United States for at least seven years in an espionage coup for Washington, it was alleged yesterday.

Ruslan Stoyanov is accused of handing over data supplied by two FSB officers

Sergei Mikhailov and Dmitri Dokuchayev have been charged with treason alongside Ruslan Stoyanov, a manager from the cybersecurity and anti-virus company Kaspersky Lab, who is accused of being an intermediary.

They are said to have helped the US pinpoint Russian hacking during the presidential election. The news of the arrests in December emerged late last month and details of the charges have not been officially released.

Yesterday a source familiar with the investigation said that the two FSB officers received payments to pass secret data to Mr Stoyanov and a representative of another cybersecurity company. The information was then transferred to “acquaintances abroad who worked closely with foreign special services”.

“This is not a one-off story, this activity was carried out for a minimum of seven years and caused substantial harm to the interests of the Russian Federation,” the source told the Rosbalt news agency.

 

Mr Mikhailov, a department head at the FSB’s Centre for Information Security, was arrested dramatically during a conference in Moscow. A sack was pulled over his head and he was marched out of the room. Mr Dokuchayev, one of Mr Mikhailov’s subordinates, is said to be a former hacker known as “Forb” who was recruited to the FSB under threat of prosecution.

Security and law-enforcement sources have told Russian media that the men passed information indirectly to the CIA or an organisation close to it.

Ivan Pavlov, a lawyer, is acting for one of the three accused men although he has refused to say which one. He said all three had been charged with state treason, which carries a potential 20-year prison sentence. The case files “refer to America but not the CIA”, he claimed.

Novaya Gazeta, the independent newspaper, said that Mr Mikhailov was suspected of handing the US information on Vladimir Fomenko, the owner of King Servers. Hackers used servers provided by the company to breach election databases in Illinois and Arizona last summer, according to ThreatConnect, a US cybersecurity company.

Mr Pavlov said yesterday that Mr Mikhailov had retracted an initial confession to the treason charge.

There has been a flurry of leaks about the highly secret treason investigation in Russian media, suggesting a clash of interests inside the FSB.

Two sources told the RBK news agency that the centre where the two accused officers worked was in conflict with the Centre for Information Defence and Special Communications, a rival FSB body with overlapping responsibilities. Andrei Ivashko, the head of that rival centre, is said to be friends with Konstantin Malofeev, founder of Tsargrad, a small television channel that first revealed the FSB arrests.

The scandal has been spiced further by reports that it may be linked to the arrest of three men from the Shaltai-Boltai (Humpty Dumpty) hacking group. Vladimir Anikeyev, known as “Lewis”, and two associates nicknamed March Hare and The Hatter were taken into custody in November but the arrests only emerged recently. They are charged with gaining “illegal access to computer information”.

Some media claimed that Mr Mikhailov had infiltrated the group and was using it for his own purposes, but a lawyer acting for Mr Anikeyev said yesterday that the treason case and the arrest of his client were not connected.

 

Tech Companies Filed Amicus Brief, Supports Foreign Workers

Posted on by

Amicus Brief Tech companies This is an employment epidemic across the nation where companies sponsor foreign national for domestic jobs, leaving thousands to train their replacements. We have not addresses how many could be purposely placed for industrial espionage.

Related reading: China’s Best Method of Industrial Espionage

***

Apple, Google, Microsoft pile in: 97 US tech firms file brief against Trump’s travel ban

In part from ZDNet: Immigrants or their children founded 200 US companies that generate $4.2 trillion in annual revenues, the brief highlights, among them Apple, AT&T, and Google, as well as Ford, General Electric, McDonald’s, Boeing, and Disney.

“Businesses and employees have little incentive to go through the laborious process of sponsoring or obtaining a visa, and relocating to the United States, if an employee may be unexpectedly halted at the border.

“Skilled individuals will not wish to immigrate to the country if they may be cut off without warning from their spouses, grandparents, relatives, and friends. They will not pull up roots, incur significant economic risk, and subject their family to considerable uncertainty to immigrate to the United States in the face of this instability.” Full article here.

***

The H1-B visa program has a cap to the number allowed to be issued. It is a visa program that needs more scrutiny by Congress for the sake of American employees. There have been abuses to the program and further companies like Disney hire foreign nationals to replaced domestic employees driving down the salary costs.

Janet Napolitano, the former Secretary of the Department of Homeland security and now the president of the University of California system knows it all so well and how to work the system.

In part from the LATimes: Using a visa loophole to fire well-paid U.S. information technology workers and replace them with low-paid immigrants from India is despicable enough when it’s done by profit-making companies such as Southern California Edison and Walt Disney Co.

But the latest employer to try this stunt sets a new mark in what might be termed “job laundering.” It’s the University of California. Experts in the abuse of so-called H-1B visas say UC is the first public university to send the jobs of American IT staff offshore. That’s not a distinction UC should wear proudly. Full op-ed here.

*** One of 5 huge examples beyond California is:

Pfizer Connecticut R&D

In 2008, workers at pharmaceutical giant Pfizer’s New London and Groton (Connecticut) research and development campus raised the alarm: They were being replaced by Indian workers on H-1B visas and forced to train their replacements. Those outsourced workers were scheduled to return to India, where they will run the same systems as their U.S. counterparts, albeit at a cheaper rate and with diminished benefits. The move was part of an outsourcing agreement signed in 2005 between Pfizer, Infosys Technologies and Satyam Computer Services. More here.

***

A 100 page Joint Venture report for tech companies includes the following text:

Foreign-Born Residents

Silicon Valley has an extraordinarily large share of residents who are foreign born (37.4%, compared to California, 27.1%, or the United States, 13.3%). This population share increases to 50% for the employed, core working age population (ages 25-44), and even higher for certain occupational groups. For instance, nearly 74% of all Silicon Valley employed Computer and Mathematical workers ages 25-44 in 2014 were foreign-born. Correspondingly, the region also has an incredibly large share of foreign-language speakers, with 51% of Silicon Valley’s population over age five speaking a language other than exclusively English at home (compared to 43% in San Francisco, 44% in California, and 21% in the United States as a whole). This majority share in 2014 was up from 49% in 2011.

*** The Senate held a hearing in 2015 with a few former employees that were forced to train their foreign replacements. Many of these employees are paid a severance package but it also includes a major stipulation to remain mute on the topic as noted below:

My former company, a large utility company, replaced 220 American IT workers with H-1Bs…we would have to train them in order to receive our severance packages. This was one of the most humiliating situations that I have ever been in as an IT professional.

The whole IT department was going through the same fate as myself. Those were the longest and hardest five months of my life. Not only did I lose a work family, but I lost my job and my self-esteem. We had constant emails sent by HR that we could not talk about this situation to anyone or make posts to social media. If we did, we would be fired immediately and not get our severance. Read the full article here.

 

Trump Signs New Sanctions on Iran

Posted on by

For more information on Iran sanctions, go here.

Image result for iran sanctions

U.S. Treasury Department Announces New Sanctions On Iran

 

NPR: The U.S. Treasury Department announced additional sanctions on Iran on Friday, less than a week after a ballistic missile test prompted the Trump administration to accuse Iran of violating an international a weapons agreement.

The newly announced sanctions target people and businesses the U.S. government says support Iran’s ballistic missile program and its Islamic Revolutionary Guard Corps-Quds Force, according to a Treasury Department statement. They are in line with previous sanctions, implemented over what then-President Barack Obama called Iran’s “violations of human rights, for its support of terrorism and for its ballistic missile program.”

The acting director of the Treasury unit in charge of sanctions, John Smith, said the latest sanctions do not violate the international nuclear deal reached with Iran in 2015, which required Iran to scale back its nuclear program in exchange for the lifting of some economic sanctions.

A top Treasury Department official tells NPR’s Michele Kelemen that the actions are part of the U.S. efforts to counter Iranian “malign activity abroad.”

The public text of the sanctions lists 12 companies and 13 individuals, blocking assets and prohibiting U.S. citizens from dealing with them. Among the individuals, four are listed as Iranian citizens, two are Lebanese, one is Chinese, and one holds a passport from the island nation of St. Kitts and Nevis. It also announced changes to previous, unrelated sanctions on a 14th individual.

The businesses are based both inside and outside Iran.

According to the Treasury Department, the sanctions target:

“several networks and supporters of Iran’s ballistic missile procurement, including a critical Iranian procurement agent and eight individuals and entities in his Iran- and China-based network, an Iranian procurement company and its Gulf-based network, and five individuals and entities that are part of an Iran-based procurement network.”

Hours before the sanctions were announced, President Trump addressed Iran in a tweet, writing, “Iran is playing with fire — they don’t appreciate how ‘kind’ President Obama was to them. Not me!”

Iran’s foreign minister, Mohammad Javad Zarif, tweeted an hour later that “we will never use our weapons against anyone, except in self-defense.”

***

We will never use our weapons against anyone, except in self-defense. Let us see if any of those who complain can make the same statement.

Both U.S. and Iranian officials weighed in on whether Sunday’s missile test broke the terms of the nuclear deal.

Acting State Department spokesman Mark Toner told The Associated Press on Monday that the U.S. was looking into whether the test violated a 2015 side agreement to the nuclear accord, and that the U.S. would “hold Iran accountable” if it did.

Zarif said Tuesday, that “the missile issue is not part of the nuclear deal.”

National Security Adviser Mike Flynn said a day later that former President Barack Obama had gone too easy on Iran, but that “as of today, we are officially putting Iran on notice.”

Flynn also listed the administration’s grievances with Tehran, including its test of a ballistic missile and what he said were attacks by proxy forces in Yemen on U.S. and Middle Eastern ships, as we reported.

One of the incidents he appeared to be referring to occurred in October 2016, when U.S. Navy ships off Yemen’s southwestern coast came under missile attacks twice in four days.

According to the Pentagon, the missiles came from an area controlled by Houthi forces, who are fighting against the government of Yemen and who the U.S. government says are backed by the Iranian government, which is supplying weapons to the rebel group.

But it was unclear who ordered October’s missile launches, as NPR’s Philip Ewing reported. Houthi leaders denied the attacks, and Tehran has denied U.S. accusations that Iran is supporting Houthi forces. Nonetheless, the U.S. carried out airstrikes against what the Pentagon said were radar installations in Houthi-controlled areas.

In December, Congress extended U.S. sanctions against Iran originally imposed in 1996 until 2026.

Gibridnaya Voina vs. President Trump

Posted on by

Russia looks for weakness, they have found it. The War College understands and warns that Russia is at war with the West, is the West paying attention? Some are, others not so much. The White House relented or was ‘all-in’ from the beginning.

War has changed in the 21st century and combat is not always kinetic. Russia’s battlefields are the internet, financial markets and television airwaves. The goal is not necessarily to take and hold territory but to expand Russia’s sphere of influence and achieve political goals.

This is hybrid warfare, or gibridnaya voina, the much hyped and discussed way of war. But, as intelligence expert Mark Galeotti tells us on this week’s War College, Moscow’s conception of hybrid war isn’t new – it’s a reaction to and an Eastern adaptation of American military strategy during the Cold War. The goal is simple – expand Russian soft power to make the world more agreeable to the Kremlin’s point of view.

US eases sanctions against Russian Federal Security Service

“All transactions and activities” with participation of the Russian Federal Security Service are now authorized.
***

Related reading: Russian Hacking, We knew Because we had an Inside Operative(s)

So, it was the Kremlin’s political/diplomatic coup and it worked. Meanwhile, Trump authorized the U.S. Army to bolster Europe and NATO.

cyber_gl1 by zerohedge on Scribd