China Warning to America, Prepare to Live off the Land

It is a major cyber attack discovered by Microsoft. It was discovered while we were all watching that ‘silly spy balloon’ as Biden called it. The attack is called Volt Typhoon, so be on notice America. The Biden White House has said nothing….

Microsoft has uncovered stealthy and targeted malicious activity focused on post-compromise credential access and network system discovery aimed at critical infrastructure organizations in the United States. The attack is carried out by Volt Typhoon, a state-sponsored actor based in China that typically focuses on espionage and information gathering. Microsoft assesses with moderate confidence that this Volt Typhoon campaign is pursuing development of capabilities that could disrupt critical communications infrastructure between the United States and Asia region during future crises.

Volt Typhoon has been active since mid-2021 and has targeted critical infrastructure organizations in Guam and elsewhere in the United States. In this campaign, the affected organizations span the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. Observed behavior suggests that the threat actor intends to perform espionage and maintain access without being detected for as long as possible.

To achieve their objective, the threat actor puts strong emphasis on stealth in this campaign, relying almost exclusively on living-off-the-land techniques and hands-on-keyboard activity. They issue commands via the command line to (1) collect data, including credentials from local and network systems, (2) put the data into an archive file to stage it for exfiltration, and then (3) use the stolen valid credentials to maintain persistence.

***

Dark Reading in part published the following:

China-sponsored threat actors have managed to establish persistent access within telecom networks and other critical infrastructure targets in the US, with the observed purpose of espionage — and, potentially, the ability down the line to disrupt communications in the event of military conflict in the South China Sea and broader Pacific.

The first signs of compromise emerged in telecom networks in Guam, according to a New York Times report ahead of the findings being released. The National Security Agency discovered those intrusions around the same time that the Chinese spy balloon was making headlines for entering US airspace, according to the report. It then enlisted Microsoft to further investigate, eventually uncovering a widespread web of compromises across multiple sectors, with a particular focus on air, communications, maritime, and land transportation targets.

A Shadow Goal? Laying Groundwork for Disruption

The discovery of the activity is playing out against the backdrop of the US’ frosty relations with Beijing; the two superpowers have stalled in their diplomacy since the shooting down of the balloon, and has worsened amidst fears that Russia’s invasion of Ukraine could spur China to do the same in Taiwan.

In the event of a military crisis, a destructive cyberattack on US critical infrastructure could disrupt communications and hamper the country’s ability to come to Taiwan’s aid, the Times report pointed out. Or, according to John Hultquist, chief analyst at Mandiant Intelligence – Google Cloud, a disruptive attack could be used as a proxy for kinetic action.

“These operations are aggressive and potentially dangerous, but they don’t necessarily indicate attacks are looming,” he said in an emailed statement. “A far more reliable indicator for [a] destructive and disruptive cyberattack is a deteriorating geopolitical situation. A destructive and disruptive cyberattack is not just a wartime scenario either. This capability may be used by states looking for alternatives to armed conflict.”

Andersen Air Force Base in Yigo, Guam Anderson Air Foce Base/source

Dubbing such preparations “contingency intrusions,” he added that China is certainly not alone in conducting them — although notably, China-backed APTs are typically far more focused on cyber espionage than destruction.

“Over the last decade, Russia has targeted a variety of critical infrastructure sectors in operations that we do not believe were designed for immediate effect,” Hultquist noted. “Chinese cyber threat actors are unique among their peers in that they have not regularly resorted to destructive and disruptive cyberattacks. As a result, their capability is quite opaque.”

An Observed Focus on Stealth & Spying

To achieve initial access, Volt Typhoon compromises Internet-facing Fortinet FortiGuard devices, a popular target for cyberattackers of all stripes (Microsoft is still examining how they’re being breached in this case). Once inside the box, the APT uses the device’s privileges to extract credentials from Active Directory account and authenticate to other devices on the network. Read more here. 

Migrants in America Causing Collapse of Law Enforcement

These sanctuary governors and mayors are arguing the wrong point. It is not so much about where to house these people and re-shipping them to other locations, but rather the scandal should be to tell the entire illegal immigrant operation that there is nothing in America to come to that is better than what they left. Consider just how much money these people spend to come here and the deadly traveling just to get beyond our borders. Are these people coming to anything better in the long term than what they left? Do they really want to work in slaughter houses, work farms in disgusting living conditions? Do they really want to be trafficked in the sex trade industry?

Ah, but read on to see a Chicago police station and consider how it is in expensive hotels across the country where we have no idea of their names, ages or even their history, no visas, no passports and no documents at all. How can law enforcement even begin to deal with this considering all the other existing crime across the country….

A huge hat tip to Rebecca Brannon!

New footage shows a Chicago police station filled with mattresses and dozens of illegal migrants, as the city struggles to house the hundreds of border crossers arriving there each day.

Officials in Chicago have said they cannot afford to rent hotel rooms for the more than 8,000 migrants who have arrived in their city and have pushed for more federal funds to cover costs.

Due to the lack of available shelters, some migrants have turned to police stations for a safe place to sleep.

The migrant-housing crisis in Chicago follows last week’s end to the Trump-era COVID-19 border restriction known as Title 42, which allowed U.S. authorities to send migrants back to Mexico without giving them a chance to seek asylum.

Tens of thousands of people hurried to cross the border illegally into the U.S. before President Joe Biden implemented a strict new asylum policy to replace Title 42.

In the shocking footage posted by photojournalist Rebecca Brannon, dozens and dozens of migrants are seen sitting on and around mattresses in a Chicago police station.

Brannon reported that many of the migrants have slept and eaten on the floors, which has placed a strain on the law enforcement officers whose day-to-day jobs have been made more difficult by their presence.

Small children were seen running around and an alley sits full of trash produced by the migrants.

Chicago already has a serious violent crime problem, with its new influx of migrants likely to further strain budgets desperately-needed to try and make the city safer.

More than 8,000 migrants have arrived in Chicago since August, which is when southern states started to bus asylum seekers north. Texas Gov. Greg Abbott sent migrants to the Democrat-led cities to help ease the burden on border towns.

‘To provide much-needed relief to our overrun border communities, Texas began busing migrants to sanctuary cities such as your ‘Welcoming City,’ along with Washington, DC, New York City, and Philadelphia, with more to come. Until Biden secures the border to stop the inflow of mass migration, Texas will continue this necessary program,’ Abbott noted in a letter earlier this month.

Migrants been sent to cities such as Chicago, Philadelphia and New York. Migrants have also arrived in Washington, DC, with buses stopping outside the home of Vice President Kamala Harris.

Despite the Chicago’s obvious overcrowding issue, new Mayor Brandon Johnson, a progressive Democrat who assumed office Monday, said in his inauguration speech that in Chicago, ‘there’s enough room for everyone.’

Johnson’s affirmed commitment to welcoming migrants to Chicago follows his predecessor – Lori Lightfoot’s decision to declare a state of emergency earlier this month, calling migrant arrivals a ‘humanitarian crisis’ and pushing for increased federal aid.

Chicago officials have said they expect a $53 million shortfall without additional aid because of the cost from housing migrants.

‘We’re in May, and we haven’t received any funding from FEMA,’ Chicago budget director Susie Park recently told the City Council, according to the Chicago Sun-Times. ‘The need is great. A lot of requests are coming in. New York is probably asking for $1 billion. There is a lot of need.’

WH/Susan Rice is well Aware of Child Labor Violations/Immigrants

Yes, THAT Susan Rice, the hateful video/Benghazi lady that works at the Biden White House. Furthermore, the Secretary of Health and Human Services, Xavier Beccera does nothing when it comes to sponsors that immigrant children are released to. And then there is the Department of Labor….silence…

But this is nothing new as it began under the Obama administration. After an internet search, several outlets reported much that same that the Obama administration actually did separate children from parents or when just children came across the border they were placed into sponsors’ care and trafficked into the sex slave industry or into agricultural operations under all the same conditions described by the recent New York Times investigation. Yes, imagine the New York Times actually doing on investigation on this scandal…yes….after a long read, there is much the NYT’s left out but it is a start, at least.

As a primer, the Department of Labor is responsible for child labor law enforcement which does include limited exemptions. These immigrant children are actually slave labor working in conditions and overnight shifts that violate the Fair Labor Standards Act.

Related stories: https://www.nytimes.com/2023/02/25/us/unaccompanied-migrant-child-workers-exploitation.html

https://www.axios.com/2023/03/01/american-child-labor

So, what did the New York Times investigation offer? Titled –>

Read the full NYT’s investigation here.

The White House and federal agencies were repeatedly alerted to signs of children at risk. The warnings were ignored or missed.

In the spring of 2021, Linda Brandmiller was working at an arena in San Antonio that had been converted into an emergency shelter for migrant children. Thousands of boys were sleeping on cots as the Biden administration grappled with a record number of minors crossing into the United States without their parents.

Ms. Brandmiller’s job was to help vet sponsors, and she had been trained to look for possible trafficking. In her first week, two cases jumped out: One man told her he was sponsoring three boys to employ them at his construction company. Another, who lived in Florida, was trying to sponsor two children who would have to work off the cost of bringing them north.

She immediately contacted supervisors working with the Department of Health and Human Services, the federal agency responsible for these children. “This is urgent,” she wrote in an email reviewed by The New York Times.

But within days, she noticed that one of the children was set to be released to the man in Florida. She wrote another email, this time asking for a supervisor’s “immediate attention” and adding that the government had already sent a 14-year-old boy to the same sponsor.

Ms. Brandmiller also emailed the shelter’s manager. A few days later, her building access was revoked during her lunch break. She said she was never told why she had been fired.

Over the past two years, more than 250,000 migrant children have come alone to the United States. Thousands of children have ended up in punishing jobs across the country — working overnight in slaughterhouses, replacing roofs, operating machinery in factories — all in violation of child labor laws, a recent Times investigation showed. After the article’s publication in February, the White House announced policy changes and a crackdown on companies that hire children.

Inside the White House, Ms. Rice was at the center of the migrant children crisis. As she pressed to move children out of shelters more quickly, clues began to emerge about what was happening to them once they left.

In the summer of 2021, near the height of the crush at the border, H.H.S. managers wrote a memo detailing their worry about increasing reports that children were working alongside their sponsors, a sign of possible labor trafficking. Ms. Rice’s team received the memo, and Ms. Rice was also told what it said, according to two people familiar with the conversations.

Andrew J. Bates, White House deputy press secretary, disputed that, saying Ms. Rice “did not see the memo and was not made aware of its contents.”

Around the same time, Ms. Rice’s team was told about concerns over a large group of children who had been released to one city in Alabama, according to six current and former staff members. The situation was the subject of frequent updates as H.H.S. sent case managers to the city to check on children, and coordinated with the Labor Department and Homeland Security Investigations to look into whether they were working in poultry plants. The full article is found here.

 

Meet Zhe Wu and His Low Orbit Balloon Program

It went with almost zero attention that between our US Commerce Department added a handful of companies to a so-called Entity List last week, restricting them from obtaining US technologies in a move blasted by Beijing on Monday as “illegal unilateral sanctions”, almost as soon as the first balloon was shot out of the sky off the coast of South Carolina. Now, just exactly how did our officials know to do that so fast? Now we have to wonder why Treasury has not done the same.

At least someone was paying attention and knew of Zhe Wu and his work…yet no other part of any Federal agency or any part of the military was on their game for the last several years?

Okay…sounds about right.

Beijing Nanjiang Aerospace Technology

Established in 2015, Beijing Nanjiang is controlled by a subsidiary of Shanghai-listed real estate company Deluxe Family Co Ltd, which also invests in materials and robotics projects.

The state-run Science and Technology Daily in 2015 hailed the firm’s development of a large silver helium airship as the country’s first “new near-space platform with capabilities for both military and surveillance use”.

State media said the company’s steerable, reusable and continuously powered airship was equipped with broadband communications and “high-definition observation” gear.

China Electronics Technology Group Corporation 48th Research Institute

Part of a state-owned IT giant, the research institute specialises in building power systems and solar energy components, as well as semiconductor equipment.

The institute has worked to develop flexible solar power cells suitable for both military and civilian aircraft, the China National Space Administration said in a document in 2017.

Parent company China Electronics Technology Group Corporation also funds Hikvision, a surveillance camera maker that has been implicated in intensified monitoring of the Uyghur minority in Xinjiang.

Eagles Men Aviation Science and Technology Group Co

Founded by military aircraft expert Wu Zhe, the group specialises in research and development of stealth aircraft technologies.

Eagles Men is “devoted to becoming a benchmark business for China’s (strategy of) military-civil fusion”, according to the company’s profile page on the official Chinese Society of Aeronautics and Astronautics website.

The company in 2013 filed a patent for making airship skins stronger.

Wu told state media in 2019 that his team had developed a stratospheric airship able to “fly around the globe”.

Dongguan Lingkong Remote Sensing Technology Co

Set up in 2019, the company counts among its investors a branch of the state-run Beihang University, as well as Eagles Men Aviation.

Public records show Dongguan Lingkong has received licences from local market supervisors to conduct research on remote sensing technology, which allows aircraft to detect conditions on the ground from a high altitude.

Guangzhou Tian-Hai-Xiang Aviation Technology Co

The company was originally established by the Chinese military to develop “vehicle-mounted unmanned reconnaissance aircraft”, according to its official website.

Specialising in surveillance drones, the company was reorganised in 2006 with its current name and under the control of military veteran Li Yuzhuang.

Tian-Hai-Xiang says it has received multiple defence science awards, with its website boasting that the company was “the first unit in the domestic drone industry to equip our military’s first digitalised troops”.

Shanxi Eagles Men Aviation Science and Technology Group Co

A wholly owned subsidiary of Eagles Men Aviation, the company was set up in 2012 with a focus on chemical products, according to Chinese business database Tianyancha.

As report in part from The Wire:

On an October morning in 2007, Wu Zhe, an aircraft design expert at Beihang University, gave a lecture about the “military value of balloons.” He described why it was an area of key scientific research for China and explained different solutions for powering these unique aircraft. When he concluded, according to a university press release, his “erudite knowledge and brilliant speech” received multiple rounds of applause.

Nearly two decades later, Wu and his business partner, a tech investor and executive named Wang Dong, are at the center of a military-linked program that has sent balloons over the U.S. and other nations, setting off a diplomatic crisis in Washington. After days of intense media coverage, on February 4, the U.S. shot down one Chinese balloon off the coast of South Carolina, and has since shot down three more unidentified objects floating in American and Canadian airspace.

On Friday, the Commerce Department announced that they were leveling sanctions against six Chinese companies involved in the balloon program — which U.S. officials say aims to intercept communications and surveil the ground below, including sensitive military sites.

Records show that Wu and Wang are linked to four of the six sanctioned firms. The two men, according to data from WireScreen, have a complex network of companies involved in balloon and aerospace technologies, some of which are closely affiliated with the Chinese military but are not sanctioned by the U.S. government.

In a statement on Friday about the sanctions, Alan F. Estevez, the under secretary of commerce for industry and security, said that “today’s action makes clear that entities that seek to harm U.S. national security and sovereignty will be cut off from accessing U.S. technologies.” Neither of the two Chinese men, through their companies, responded to requests for comment.

Zhe Wu has published at least 23 scholarly papers of his work and they are found here..quite chilling actually. For instance: (note the date)

Hovering control for a stratospheric airship in unknown wind

A novel hovering control methodology for a stratospheric airship is presented by using path following approach in the presence of unknown wind by expressing the wind field in the state equation, which avoids the difficulty of guaranteeing system stability in strong wind for other stabilization methods.

In late 2022,
noted –>

Mystery airship spotted over Philippines near South China Sea

  • Images of an unidentified craft near Subic Bay have sparked speculation it could have been collecting military intelligence
  • There is no evidence the airship was from China, though its design appears similar to types on display at the Zhuhai air show

Images of the stratospheric airship – allegedly taken in Pangasinan province, about 100km (62 miles) from Subic Bay in the northern Philippine island of Luzon – were first posted on Facebook last weekend. The pictures were deleted, but not before they were also shared on Twitter.

There is no evidence that the airship was from China, although its design appears to be similar to several unmanned types developed by the state-owned Aviation Industry Corporation of China’s Special Aircraft Research Institute and other scientific academies.

Images of a stratospheric, long-endurance airship, said to have been taken near Subic Bay in the northern Philippines, were shared on social media. Photo: Facebook
The we hear that the objects in the airspace of North America were cylindrical.
Could it be? Below reported from Poland in reference to the same object.
Philippines. A stratospheric airship over the disputed South China Sea -  Polish News
I have asked several out there smarter than me about the connection of the objects with clustered ground hubs..or if ground hubs were dropped by the balloon or objects….I did not need an answer.. Seems there are several that have the answers and we are collaborating AGAIN with China?
An Observation Scheduling Approach Based on Task Clustering for High-Altitude Airship
by Jiawei  Chen, Oizhang Luo and Guohua Wu.

1
School of Computational Science and Engineering, Georgia Institute of Technology, Atlanta, GA 30332, USA
2
School of Traffic & Transportation Engineering, Central South University, Changsha 410075, China
3
Department of Electrical & Computer Engineering, National University of Singapore, Singapore 119260, Singapore
Sensors 22 02050 g001 550

You but the judge….

 

There is Never Going to be Adequate Consequences for Putin

The list is long…his war crimes in Syria…his approval for poisoning dissidents and the blasting of a passenger airliner out of the sky…those are just a few.

MH17 probe links Putin to missile that brought down plane


DW: Prosecutors in The Hague said Wednesday that Russian leader Vladimir Putin approved the transfer of missiles to Russian-backed rebel forces in eastern Ukraine who were later responsible for shooting down Malaysian Airlines flight MH17.

MH17 was struck down by a BUK missile over eastern Ukraine on July 17, 2014 as it flew from Amsterdam to Kuala Lumpur. All 298 people on board MH17 died.

The Missile Launcher that Shot Down MH17 - War on the Rocks source

Investigators in the Netherlands said there were “strong indications” based on intercepted phone calls that Putin had personally approved the weapons transfers to its proxy forces in the east of Ukraine.

Russia has long denied any involvement despite a mounting body of evidence to the contrary.

Despite the evidence, the probe is being halted as “all leads have been exhausted” and no further prosecutions could go forward.

The latest announcement comes weeks after a Dutch court convicted two Russians and a Ukrainian of mass murder for the loss of life aboard the flight.

What did investigators say?

In a statement, the Joint Investigation Team of six nations probing the incident said, “There are strong indications that the Russian president decided on supplying the Buk TELAR to the DPR (Donetsk People’s Republic) separatists.”

The Joint Investigation Team consists of investigators from the Netherlands, Australia, Belgium, Ukraine and Malaysia.

Investigators also said Russian officials were said to have delayed a decision on whether or not to send weapons to its proxy forces in the east of Ukraine while Putin was at a D-Day commemoration in France in June of 2014.

They played a recorded conversation of an aide who said, “There is only one who makes a decision,” later adding, “the person who is currently at a summit in France,” a reference to Putin.

As head of state, however, Putin enjoys immunity, investigators noted. They also hedged and suggested that “although we speak of strong indications, the high bar of complete and conclusive evidence is not reached.”

MH17 flight debris on fire in a field in Ukraine
Investigators said all investigatiive avenues in the deadly incident had been exhaustedImage: Dmitry Lovetsky/AP/dpa/picture alliance

Previously, investigators sought to name those responsible for firing the BUK missile that brought down MH17 and those whose responsibility extends to the chain of command. However, investigators conceded there were few avenues left to investigate the catastrophe.

In 2019, investigators released phone calls showing contact between Russian proxy forces occupying part of eastern Ukraine and a Kremlin aide at the time, Vladislav Surkov.

Dutch prosecutor Digna van Boetzelaer told a news conference, “The investigation has now reached its limit, all leads have now been exhausted, the investigation is therefore being suspended.”

The BUK missile that took out the Malaysian Airlines flight was brought from a Russian military base located in the city of Kursk.

Victims of MH17 came from 10 countries, with 196 Dutch, 43 Malaysians and 38 Australian residents on board at the time of the missile strike.

Australia vows to hold Russia accountable

Australia pledged to hold Russia accountable for shooting down Malaysia Airlines flight MH17, after a team of international investigators halted its probe into the disaster.

Australian Foreign Minister Penny Wong and Attorney-General Mark Dreyfus said Russia had repeatedly tried to thwart the investigation, making it “impossible” to collect proof.

However, they added that Australia would “hold Russia to account for its role in the downing of the civilian aircraft.”

ar/jcg (AFP, AP, dpa, Reuters)