WTH: Siphoning off Cellphone Data in DC is Real

First

An IMSIcatcher (International Mobile Subscriber Identity) is a telephony eavesdropping device used for intercepting mobile phone traffic and tracking movement of mobile phone users. Essentially a “fake” mobile tower acting between the target mobile phone(s) and the service provider’s real towers, it is considered a man-in-the-middle (MITM) attack.

Low-cost IMSI catcher for 4G/LTE networks tracks phones’ precise locations

$1,400 device can track users for days with little indication anything is amiss.

The researchers have devised a separate class of attacks that causes phones to lose connections to LTE networks, a scenario that could be exploited to silently downgrade devices to the less secure 2G and 3G mobile specifications. The 2G, or GSM, protocol has long been known to be susceptible to man-in-the-middle attacks using a form of a fake base station known as an IMSI catcher (like the Stingray). 2G networks are also vulnerable to attacks that reveal a phone’s location within about 0.6 square mile. 3G phones suffer from a similar tracking flaw. The new attacks, described in a research paper published Monday, are believed to be the first to target LTE networks, which have been widely viewed as more secure than their predecessors.

“The LTE access network security protocols promise several layers of protection techniques to prevent tracking of subscribers and ensure availability of network services at all times,” the researchers wrote in the paper, which is titled “Practical attacks against privacy and availability in 4G/LTE mobile communication systems.”

Second

ESD Overwatch:

Generate a continuously updated national situation report by means of distributed detection and localization of a multitude of baseband attacks as well as the manipulation of cellular signaling.

Detect and monitor cellular attacks in real-time

  • IMSI Catchers

    IMSI Catchers

  • Baseband Attacks

    Baseband Processor Attacks

  • Rogue Basestation

    Rogue Basestations

  • Cellular Jamming

    Cellular Jamming

Third

Suspected Hack Attack Snagging Cell Phone Data Across D.C.

Malicious entity could be tracking phones of domestic, foreign officials

FreeBeacon: An unusual amount of highly suspicious cellphone activity in the Washington, D.C., region is fueling concerns that a rogue entity is surveying the communications of numerous individuals, likely including U.S. government officials and foreign diplomats, according to documents viewed by the Washington Free Beacon and conversations with security insiders.

A large spike in suspicious activity on a major U.S. cellular carrier has raised red flags in the Department of Homeland Security and prompted concerns that cellphones in the region are being tracked. Such activity could allow pernicious actors to clone devices and other mobile equipment used by civilians and government insiders, according to information obtained by the Free Beacon.

It remains unclear who is behind the attacks, but the sophistication and amount of time indicates it could be a foreign nation, sources said.

Mass amounts of location data appear to have been siphoned off by a third party who may have control of entire cell phone towers in the area, according to information obtained by the Free Beacon. This information was compiled by a program that monitors cell towers for anomalies supported by DHS and ESD America and known as ESD Overwatch.

Cell phone information gathered by the program shows major anomalies in the D.C.-area indicating that a third-party is tracking en-masse a large number of cellphones. Such a tactic could be used to clone phones, introduce malware to facilitate spying, and track government phones being used by officials in the area.

“The attack was first seen in D.C. but was later seen on other sensors across the USA,” according to one source familiar with the situation. “A sensor located close to the White House and another over near the Pentagon have been part of those that have seen this tracking.”

The data gathered by the ESD Overwatch program indicates the U.S. cell carrier has experienced “unlawful access to their network for the purpose of large scale subscriber tracking,” according to a report prepared by ESD Overwatch, a contractor working on behalf of DHS, and viewed by the Free Beacon.

Information gathered by the program shows a massive uptick in efforts to identify and track cellphones. The third-party hacker appears to be identifying phones as they connect with local cellphone towers and recording this information.

This method of hacking could permit a malicious actor to track an individual’s cellphone and pinpoint phones that may be of importance, such as government entities.

The cellular network involved in the attack is being abused in order to track phones subscribed to the carrier, according to one source familiar with the situation.

DHS’s Office of Public Affairs confirmed that the ESD Overwatch program has been operating under a 90-day pilot program that began Jan. 18. Before the surveillance program was initiated the federal government did not have a method to detect intrusions of the nature seen over the past several months.

The attack on this network is still underway, according to sources monitoring the situation.

An official with ESD Overwatch acknowledged the existence of the DHS program, but would not comment further on the matter.

The issue of cellphone vulnerabilities has been a top concern in Congress, where lawmakers petitioned DHS on Wednesday to outline steps the government is taking to prevent foreign governments from performing the type of attacks observed by Overwatch.

“For several years, cyber security experts have repeatedly warned that U.S. cellular communications networks are vulnerable to surveillance by foreign governments, hackers, and criminals exploiting vulnerabilities in Signaling System 7,” which is used by cellular phones and text messaging applications, according to a letter set by Sen. Ron Wyden (D., Ore.) and Rep. Ted Lieu (D., Calif.).

“U.S. cellular phones can be tracked, tapped, and hacked—by adversaries thousands of miles away—through SS7-enabled surveillance,” the lawmakers write. “We are deeply concerned that the security of America’s telecommunications infrastructure is not getting the attention it deserves.”

“We suspect that most Americans simply have no idea how easy it is for a relatively sophisticated adversary to track their movements, tap their calls, and hack their smartphones,” the lawmakers write.

Concerns continue to mount that the government is not adequately taking steps to secure cellular networks.

The lawmakers request that DHS outline specific steps being taken to insulate networks from attacks and ensure that U.S. cell carriers are doing the same.

 

Gen. Flynn Worked for Several Russian Companies

  Image result for general flynn

WSJ: President Trump’s former national security adviser, Mike Flynn, was paid tens of thousands of dollars by Russian companies shortly before he became a formal adviser to the then-candidate, according to documents obtained by a congressional oversight committee that revealed business interests that hadn’t been previously known.

Mr. Flynn was paid $11,250 each by a Russian air cargo company that had been suspended as a vendor to the United Nations following a corruption scandal, and by a Russian cybersecurity company that was then trying to expand its business with the U.S. government, according to the documents, which were reviewed by The Wall Street Journal.

The speaking engagements took place in the summer and fall of 2015, a year after Mr. Flynn had been fired as the director of the Defense Intelligence Agency and while he continued to maintain a top-secret level security clearance.

In December 2015, the Kremlin-backed news organization RT also paid Mr. Flynn $33,750 to speak about U.S. foreign policy and intelligence matters at a conference in Moscow.

In February 2016, Mr. Flynn became an official adviser to the presidential campaign of Donald Trump, who at the time was taking a softer stance toward Moscow than his Republican rivals.

Mike Flynn resigned Monday as Trump’s national security adviser. He came under fire for making conflicting statements on whether he discussed sanctions with a Russian official before the president’s inauguration. Photo: Reuters (Originally published Feb., 14, 2017)

Price Floyd, a spokesman for Mr. Flynn, said he reported his RT appearance to the Defense Intelligence Agency, as required. Mr. Floyd didn’t immediately respond to questions about the other fees.

The new details about Mr. Flynn’s speaking engagements are contained in emails and documents provided to congress by his speaker’s bureau, Leading Authorities, and shed light on a continuing inquiry into Mr. Flynn’s and other Trump associates’ ties to Moscow.

On Monday, FBI Director James Comey and other current and former U.S. officials are scheduled to testify about possible Russian interference in the 2016 presidential election before a congressional committee that is also probing Trump associates’ ties to Russia.

Attorney General Jeff Sessions has recused himself from any investigation related to the 2016 presidential campaign after he failed to disclose the extent of his own contacts with the Russian ambassador to the U.S., Sergei Kislyak.

Mr. Flynn resigned under pressure in February after he failed to tell White House officials about phone calls he had with Mr. Kislyak, in which the two discussed the potential lifting of U.S. sanctions on Russia, according to U.S. officials familiar with the contents of the conversations.

While the documents from Mr. Flynn’s speaker’s bureau provide the most detail to date on his business dealings with Russia, they don’t show what other work he may have been doing outside his role as a paid speaker. Mr. Flynn commanded high fees for speaking on the state of global security and talking about his role as one of the most senior intelligence officials in the Obama administration.

Mr. Flynn was removed from his post as DIA chief after complaints of poor management and organization, not because of a policy dispute, according to people who worked with him at the time.

Last week, Mr. Flynn filed papers with the Justice Department disclosing that his firm was paid $530,000 to work in the U.S. on behalf of the interests of the Turkish government. Mr. Flynn had performed those services while he was advising Mr. Trump, then a presidential candidate.

Little additional information has become public about other clients the former military intelligence chief’s private consulting firm, Flynn Intel Group, may have had before the retired general’s appointment as national security adviser.

In a letter sent Thursday by Rep. Elijah Cummings (D., Md.) to Mr. Trump, Defense Secretary Jim Mattis and Mr. Comey, Mr. Cummings wrote that by taking the RT speaking fee, Mr. Flynn had “accepted funds from an instrument of the Russian government.”

Mr. Cummings, the top Democrat on the House Oversight and Government Reform Committee, pointed to a Central Intelligence Agency analysis written in 2012, while Mr. Flynn was running the DIA, that said RT was “created and financed by the Russian government,” which spent hundreds of millions of dollars a year to help the network create and disseminate programming that is broadcast in English around the world, including in the U.S.

Mr. Cummings said that by taking the fee, Mr. Flynn had violated the emoluments clause of the Constitution, which prohibits people in public office from accepting money from foreign governments. Some analysts have said this prohibition may apply to retired officers as well, because they could be recalled to service.

“I cannot recall anytime in our nation’s history when the president selected as his national security adviser someone who violated the Constitution by accepting tens of thousands of dollars from an agent of a global adversary that attacked our democracy,” Mr. Cummings wrote.

Though Mr. Flynn’s RT appearance had been reported, the documents provided new details about how he came to speak at the RT conference in December 2015, an event marking the network’s 10th anniversary.

While Mr. Flynn’s speakers’ bureau acted as a middleman, email communications indicate that RT sought to orchestrate the event and the content of his remarks.

“Using your expertise as an intelligence professional, we’d like you to talk about the decision-making process in the White House—and the role of the intelligence community in it,” an official from RT TV-Russia wrote in an email on Nov. 20, 2015, the month before Mr. Flynn’s appearance in Moscow.

In an earlier email in October, an RT official described the event as a networking opportunity for Mr. Flynn and an occasion to meet “political influencers from Russia and around the world.” At a gala dinner during the event, Mr. Flynn sat at the head table next to Russian President Vladimir Putin.

“It was something of a surprise to see General Flynn there,” said Ray McGovern, a former CIA officer and political activist who also attended.

Before the dinner, Mr. Flynn gave an interview on stage with an RT correspondent and chastised the Obama administration for objecting to Russia’s intervention in Syria.

“The United States can’t sit there and say, ‘Russia, you’re bad,’” Mr. Flynn said, according to a video of the interview, noting that both countries had shared global interests and were “in a marriage, whether we like it or not.” The countries should “stop acting like two bullies in a playground” and “quit acting immature with each other,” Mr. Flynn said.

Mr. Flynn attended with his son, Michael Flynn Jr., who worked as the chief of staff to his consulting firm. Records show that RT paid for travel and lodging expenses for both Flynns, including business-class airfare, accommodations at Moscow’s Hotel Metropol, and meals and incidental expenses while in Russia.

Mr. Putin entered the dinner late with two body guards, Mr. McGovern said. He waved and took his seat at the table, where he remained for about 20 minutes. After a fifteen-minute speech, Mr. Putin sat down, listened to a performance by the Russian Army chorus and then left, Mr. McGovern said.

It isn’t clear what Mr. Flynn said during speeches to the other two companies, computer security firm Kaspersky and Russian airliner Volga-Dnepr.

Mr. Flynn appears to have to spoken to Kaspersky at a conference the company sponsored in Washington, D.C., in October 2015. It wasn’t clear where Mr. Flynn spoke to Volga-Dnepr, but records from his speaker’s bureau show the engagement took place on August 19, 2015.

Kaspersky sponsors a number of events world-wide and in recent years has been trying to expand its business in the U.S., looking to supply government clients with antivirus products for industrial control systems.

Kaspersky said in a statement that its U.S. subsidiary paid Mr. Flynn a speaker fee for remarks at the 2015 Government Cyber Security Forum in Washington, D.C.

“As a private company, Kaspersky Lab has no ties to any government, but the company is proud to collaborate with the authorities of many countries, as well as international law enforcement agencies in the fight against cybercrime,” the company said.

Volga-Dnepr didn’t respond to a request for comment. The Russian cargo air firm is known for operating one of the largest military transport aircraft in the world, the An-124, which the U.S. has contracted in the past to lift military equipment, including Russian helicopters, into Afghanistan. The plane has a larger capacity than the U.S. military’s biggest cargo plane.

***

In part from Associated Press: Flynn’s sparkling military resume had included key assignments at home and abroad, and high praise from superiors.

The son of an Army veteran of World War II and the Korean war, Flynn was commissioned as a second lieutenant in May 1981 after graduating from the University of Rhode Island. He started in intelligence, eventually commanding military intelligence units at the battalion and then brigade level. In the early years of the Iraq war, he was intelligence chief for Joint Special Operations Command, the organization in charge of secret commando units like SEAL Team 6 and Delta Force. He then led intelligence efforts for all U.S. military operations in the Middle East and then took up the top intelligence post on the Joint Staff in the Pentagon.

Ian McCulloh, a Johns Hopkins data science specialist, became an admirer of Flynn while working as an Army lieutenant colonel in Afghanistan in 2009. At the time, Flynn ran intelligence for the U.S.-led international coalition in Kabul and was pushing for more creative approaches to targeting Taliban networks, including use of data mining and social network analysis, according to McCulloh.

“He was pushing for us to think out of the box and try to leverage technology better and innovate,” McCulloh said, crediting Flynn for improving the effectiveness of U.S. targeting. “A lot of people didn’t like it because it was different.”

It was typical of the determined, though divisive, approach Flynn would adopt at the Defense Intelligence Agency, which provides military intelligence to commanders and defense policymakers. There, he quickly acquired a reputation as a disruptive force. While some applauded Flynn with forcing a tradition-bound bureaucracy to abandon old habits and seek out new, more effective ways of collecting and analyzing intelligence useful in the fight against extremist groups, others saw his efforts as erratic and his style as prone to grandstanding.

In the spring of 2014, after less than two years on the job, he was told to pack his bags.

According to Flynn’s telling, it was his no-nonsense approach to fighting Islamic extremist groups that caused the rift.

A former senior Obama administration official who was consulted during the deliberations disputed that account. Flynn was relieved of his post for insubordination after failing to follow guidance from superiors, including James Clapper, Obama’s director of national intelligence, said the official, who asked for anonymity to discuss personnel matters.

Plunged into civilian life for the first time in 33 years, Flynn moved quickly to capitalize on his military and intelligence world connections and experience. He did so in an unorthodox way.

“I didn’t walk out like a lot of guys and go to big jobs in Northrup Grumman or Booz Allen or some of these other big companies,” Flynn told Foreign Policy magazine in 2015.

Instead, he opened his own consulting firm, Flynn Intelligence Group, in Alexandria, Va. He brought in his son, Michael G. Flynn as a top aide, and began assembling a crew of former armed forces veterans with expertise in cyber, logistics and surveillance, and sought out ties with lesser-known figures and companies trying to expand their profiles as contractors in the military and intelligence spheres.

One “team” member listed on the firm’s site was James Woolsey, President Bill Clinton’s former CIA director. Woolsey briefly joined Flynn on Trump’s transition team as a senior adviser, but quit in January. Another was lobbyist Robert Kelley.

Kelley proved a central player in the Flynn Group’s decision to help a Turkish businessman tied to Turkey’s government. At the same time that Flynn was advising Trump on national security matters, Kelley was lobbying legislators on behalf of businessman Ekim Alptekin’s firm between mid-September and December last year, lobbying documents show.

It was an odd match. Flynn has stirred controversy with dire warnings about Islam, calling it a “political ideology” that “definitely hides behind being a religion” and accusing Obama of preventing the U.S. from “discrediting” radical Islam. But his alarms apparently didn’t extend to Turkish President Recep Tayyip Erdogan’s government as it cracked down on dissent and jailed thousands of opponents after a failed coup last summer. Erdogan’s power base is among Turkey’s conservative Muslim voters and many affected by his crackdown are secularists. More here.

Russian FSB Officers Charged in Yahoo Hack and More

  NBC, Washington

Yahoo announced on Thursday that the account information of at least 500 million users was stolen by hackers two years ago, in the biggest known intrusion of one company’s computer network.

In a statement, Yahoo said user information — including names, email addresses, telephone numbers, birth dates, encrypted passwords and, in some cases, security questions — was compromised in 2014 by what it believed was a “state-sponsored actor.” More here from NYT’s.

U.S. Charges Russian FSB Officers and Their Criminal Conspirators for Hacking Yahoo and Millions of Email Accounts

FSB Officers Protected, Directed, Facilitated and Paid Criminal Hackers

Image result for Dmitry Aleksandrovich Dokuchaev Image result for Igor Anatolyevich Sushchin Image result for Alexsey Alexseyevich Belan

Image result for Karim Akehmet Tokbergenov Karim Taloverov, arrested in Canada

A grand jury in the Northern District of California has indicted four defendants, including two officers of the Russian Federal Security Service (FSB), for computer hacking, economic espionage and other criminal offenses in connection with a conspiracy, beginning in January 2014, to access Yahoo’s network and the contents of webmail accounts. The defendants are Dmitry Aleksandrovich Dokuchaev, 33, a Russian national and resident; Igor Anatolyevich Sushchin, 43, a Russian national and resident; Alexsey Alexseyevich Belan, aka “Magg,” 29, a Russian national and resident; and Karim Baratov, aka “Kay,” “Karim Taloverov” and “Karim Akehmet Tokbergenov,” 22, a Canadian and Kazakh national and a resident of Canada.

The defendants used unauthorized access to Yahoo’s systems to steal information from about at least 500 million Yahoo accounts and then used some of that stolen information to obtain unauthorized access to the contents of accounts at Yahoo, Google and other webmail providers, including accounts of Russian journalists, U.S. and Russian government officials and private-sector employees of financial, transportation and other companies. One of the defendants also exploited his access to Yahoo’s network for his personal financial gain, by searching Yahoo user communications for credit card and gift card account numbers, redirecting a subset of Yahoo search engine web traffic so he could make commissions and enabling the theft of the contacts of at least 30 million Yahoo accounts to facilitate a spam campaign.

The charges were announced by Attorney General Jeff Sessions of the U.S. Department of Justice, Director James Comey of the FBI, Acting Assistant Attorney General Mary McCord of the National Security Division, U.S. Attorney Brian Stretch for the Northern District of California and Executive Assistant Director Paul Abbate of the FBI’s Criminal, Cyber, Response and Services Branch.

“Cyber crime poses a significant threat to our nation’s security and prosperity, and this is one of the largest data breaches in history,” said Attorney General Sessions. “But thanks to the tireless efforts of U.S. prosecutors and investigators, as well as our Canadian partners, today we have identified four individuals, including two Russian FSB officers, responsible for unauthorized access to millions of users’ accounts. The United States will vigorously investigate and prosecute the people behind such attacks to the fullest extent of the law.”

“Today we continue to pierce the veil of anonymity surrounding cyber crimes,” said Director Comey. “We are shrinking the world to ensure that cyber criminals think twice before targeting U.S. persons and interests.”

“ The criminal conduct at issue, carried out and otherwise facilitated by officers from an FSB unit that serves as the FBI’s point of contact in Moscow on cybercrime matters, is beyond the pale,” said Acting Assistant Attorney General McCord. “Once again, the Department and the FBI have demonstrated that hackers around the world can and will be exposed and held accountable. State actors may be using common criminals to access the data they want, but the indictment shows that our companies do not have to stand alone against this threat. We commend Yahoo and Google for their sustained and invaluable cooperation in the investigation aimed at obtaining justice for, and protecting the privacy of their users.”

“This is a highly complicated investigation of a very complex threat. It underscores the value of early, proactive engagement and cooperation between the private sector and the government,” said Executive Assistant Director Abbate. “The FBI will continue to work relentlessly with our private sector and international partners to identify those who conduct cyber-attacks against our citizens and our nation, expose them and hold them accountable under the law, no matter where they attempt to hide.”

“Silicon Valley’s computer infrastructure provides the means by which people around the world communicate with each other in their business and personal lives. The privacy and security of those communications must be governed by the rule of law, not by the whim of criminal hackers and those who employ them. People rightly expect that their communications through Silicon Valley internet providers will remain private, unless lawful authority provides otherwise. We will not tolerate unauthorized and illegal intrusions into the Silicon Valley computer infrastructure upon which both private citizens and the global economy rely,” said U.S. Attorney Stretch. “Working closely with Yahoo and Google, Department of Justice lawyers and the FBI were able to identify and expose the hackers responsible for the conduct described today, without unduly intruding into the privacy of the accounts that were stolen. We commend Yahoo and Google for providing exemplary cooperation while zealously protecting their users’ privacy.”

Summary of Allegations

According to the allegations of the Indictment:

The FSB officer defendants, Dmitry Dokuchaev and Igor Sushchin, protected, directed, facilitated and paid criminal hackers to collect information through computer intrusions in the U.S. and elsewhere. In the present case, they worked with co-defendants Alexsey Belan and Karim Baratov to obtain access to the email accounts of thousands of individuals.

Belan had been publicly indicted in September 2012 and June 2013 and was named one of FBI’s Cyber Most Wanted criminals in November 2013. An Interpol Red Notice seeking his immediate detention has been lodged (including with Russia) since July 26, 2013. Belan was arrested in a European country on a request from the U.S. in June 2013, but he was able to escape to Russia before he could be extradited.

Instead of acting on the U.S. government’s Red Notice and detaining Belan after his return, Dokuchaev and Sushchin subsequently used him to gain unauthorized access to Yahoo’s network. In or around November and December 2014, Belan stole a copy of at least a portion of Yahoo’s User Database (UDB), a Yahoo trade secret that contained, among other data, subscriber information including users’ names, recovery email accounts, phone numbers and certain information required to manually create, or “mint,” account authentication web browser “cookies” for more than 500 million Yahoo accounts.

Belan also obtained unauthorized access on behalf of the FSB conspirators to Yahoo’s Account Management Tool (AMT), which was a proprietary means by which Yahoo made and logged changes to user accounts. Belan, Dokuchaev and Sushchin then used the stolen UDB copy and AMT access to locate Yahoo email accounts of interest and to mint cookies for those accounts, enabling the co-conspirators to access at least 6,500 such accounts without authorization.

Some victim accounts were of predictable interest to the FSB, a foreign intelligence and law enforcement service, such as personal accounts belonging to Russian journalists; Russian and U.S. government officials; employees of a prominent Russian cybersecurity company; and numerous employees of other providers whose networks the conspirators sought to exploit. However, other personal accounts belonged to employees of commercial entities, such as a Russian investment banking firm, a French transportation company, U.S. financial services and private equity firms, a Swiss bitcoin wallet and banking firm and a U.S. airline.

 

During the conspiracy, the FSB officers facilitated Belan’s other criminal activities, by providing him with sensitive FSB law enforcement and intelligence information that would have helped him avoid detection by U.S. and other law enforcement agencies outside Russia, including information regarding FSB investigations of computer hacking and FSB techniques for identifying criminal hackers. Additionally, while working with his FSB conspirators to compromise Yahoo’s network and its users, Belan used his access to steal financial information such as gift card and credit card numbers from webmail accounts; to gain access to more than 30 million accounts whose contacts were then stolen to facilitate a spam campaign; and to earn commissions from fraudulently redirecting a subset of Yahoo’s search engine traffic.

 

When Dokuchaev and Sushchin learned that a target of interest had accounts at webmail providers other than Yahoo, including through information obtained as part of the Yahoo intrusion, they tasked their co-conspirator, Baratov, a resident of Canada, with obtaining unauthorized access to more than 80 accounts in exchange for commissions. On March 7, the Department of Justice submitted a provisional arrest warrant to Canadian law enforcement authorities, requesting Baratov’s arrest. On March 14, Baratov was arrested in Canada and the matter is now pending with the Canadian authorities.

 

An indictment is merely an accusation, and a defendant is presumed innocent unless proven guilty in a court of law.

 

The FBI, led by the San Francisco Field Office, conducted the investigation that resulted in the charges announced today. The case is being prosecuted by the U.S. Department of Justice National Security Division’s Counterintelligence and Export Control Section and the U.S. Attorney’s Office for the Northern District of California, with support from the Justice Department’s Office of International Affairs.

Defendants: At all times relevant to the charges, the Indictment alleges as follows:

    • Dmitry Aleksandrovich Dokuchaev, 33, was an officer in the FSB Center for Information Security, aka “Center 18.” Dokuchaev was a Russian national and resident.
    • Igor Anatolyevich Sushchin, 43, was an FSB officer, a superior to Dokuchaev within the FSB, and a Russian national and resident. Sushchin was embedded as a purported employee and Head of Information Security at a Russian investment bank.
    • Alexsey Alexseyevich Belan, aka “Magg,” 29, was born in Latvia and is a Russian national and resident. U.S. Federal grand juries have indicted Belan twice before, in 2012 and 2013, for computer fraud and abuse, access device fraud and aggravated identity theft involving three U.S.-based e-commerce companies and the FBI placed Belan on its “Cyber Most Wanted” list.  Belan is currently the subject of a pending “Red Notice” requesting that Interpol member nations (including Russia) arrest him pending extradition. Belan was also one of two criminal hackers named by President Barack Obama on Dec. 29, 2016, pursuant to Executive Order 13694, as a Specially Designated National subject to sanctions.
    • Karim Baratov, aka “Kay,” “Karim Taloverov” and “Karim Akehmet Tokbergenov,” 22. He is a Canadian and Kazakh national and a resident of Canada.

Victims: Yahoo; more than 500 million Yahoo accounts for which account information about was stolen by the defendants; more than 30 million Yahoo accounts for which account contents were accessed without authorization to facilitate a spam campaign; and at least 18 additional users at other webmail providers whose accounts were accessed without authorization.

 

Time Period: As alleged in the Indictment, the conspiracy began at least as early as 2014 and, even though the conspirators lost their access to Yahoo’s networks in September 2016, they continued to utilize information stolen from the intrusion up to and including at least December 2016.

 

Crimes:

Count(s) Defendant(s) Charge Statute                 18 U.S.C. Conduct Maximum Penalty
1 All Conspiring to commit computer fraud and abuse § 1030(b) Defendants conspired to hack into the computers of Yahoo and accounts maintained by Yahoo, Google and other providers to steal information from them.

 

First, Belan gained access to Yahoo’s servers and stole information that allowed him, Dokuchaev, and Sushchin to gain unauthorized access to individual Yahoo user accounts.

Then, Dokuchaev and Sushchin tasked Baratov with gaining access to individual user accounts at Google and other Providers (but not Yahoo) and paid Baratov for providing them with the account passwords. In some instances, Dokuchaev and Sushchin tasked Baratov with targeting accounts that they learned of through access to Yahoo’s UDB and AMT (e.g., Gmail accounts that served as a Yahoo user’s secondary account).

10 years
2 Dokuchaev

Sushchin

Belan

Conspiring to engage in economic espionage § 1831(a)(5) Starting on Nov. 4, 2014, Belan stole, and the defendants thereafter transferred, received and possessed the following Yahoo trade secrets:

  • the Yahoo UDB, which was proprietary and confidential Yahoo technology and information, including subscriber names, secondary accounts, phone numbers, challenge questions and answers;
  • the AMT, Yahoo’s interface to the UDB; and
  • Yahoo’s cookie “minting” source code, which enabled the defendants to manufacture account cookies to then gain access to individual Yahoo user accounts.
15 years
3 Dokuchaev

Sushchin

Belan

Conspiring to engage in theft of trade secrets § 1832(a)(5) See Count 2 10 years
4-6 Dokuchaev

Sushchin

Belan

Economic espionage §§ 1831(a)(1), (a)(4), and 2 See Count 2 15 years (each count)
7-9 Dokuchaev

Sushchin

Belan

Theft of trade secrets §§ 1832(a)(1), and 2 See Count 2 10 years (each count)
10 Dokuchaev

Sushchin

Belan

Conspiring to commit wire fraud § 1349 The defendants fraudulently schemed to gain unauthorized access to Yahoo’s network through compromised Yahoo employee accounts and then used the Yahoo trade secrets to gain unauthorized access to valuable non-public information in individual Yahoo user accounts. 20 years
11-13 Dokuchaev

Sushchin

Belan

Accessing (or attempting to access) a computer without authorization to obtain information for the purpose of commercial advantage and private financial gain. §§ 1030(a)(2)(C), 1030(c)(2)(B)(i)-(iii), and 2 The defendants gained unauthorized access to Yahoo’s corporate network and obtained information regarding Yahoo’s network architecture and the UDB. 5 years

(each count)

14-17 Dokuchaev

Sushchin

Belan

Transmitting code with the intent to cause damage to computers. §§ 1030(a)(5)(A), 1030(c)(4)(B), and 2 During the course of their unauthorized access to Yahoo’s network, the defendants transmitted code on Yahoo’s network in order to maintain a persistent presence, to redirect Yahoo search engine users and to mint cookies for individual Yahoo accounts. 10 years (each count)
18-24 Dokuchaev

Sushchin

Belan

Accessing (or attempting to access) a computer without authorization to obtain information for the purpose of commercial advantage and private financial gain. §§ 1030(a)(2)(C), 1030(c)(2)(B)(i)-(iii), and 2 Defendants obtained unauthorized access to individual Yahoo user accounts. 5 years

(each count)

25-36 Dokuchaev

Sushchin

Belan

Counterfeit access device fraud §§ 1029(a)(1), 1029(b)(1), and 2 Defendants used minted cookies to gain unauthorized access to individual Yahoo user accounts. 10 years (each count)
37 Dokuchaev

Sushchin

Belan

Counterfeit access device making equipment §§ 1029(a)(4) Defendants used software to mint cookies for unauthorized access to individual Yahoo user accounts. 15 years
38 Dokuchaev

Sushchin

Baratov

Conspiring to commit access device fraud §§ 1029(b)(2) Defendants Dokuchaev and Sushchin tasked Baratov with gaining unauthorized access to individual user accounts at Google and other Providers and then paid Baratov for providing them with the account passwords. In some instances, Dokuchaev and Sushchin tasked Baratov with targeting accounts that they learned of through access to Yahoo’s UDB and AMT (e.g., Gmail accounts that served as a Yahoo user’s secondary account). 7 ½ years.
39 Dokuchaev

Sushchin

Baratov

Conspiring to commit wire fraud § 1349 See Count 38 20 years
40-47 Dokuchaev

Baratov

Aggravated identity theft § 1028A(a)(1) See Count 38 2 years

Dmitri Dokuchae et al Indictment Redacted

17-278

National Security Division (NSD)

USAO – California, Northern

Topic:

Counterintelligence and Export Control

Updated March 15, 2017

DNC: Tom Perez/Keith Ellison, DemRulz

  

Politico: New Democratic National Committee Chair Tom Perez and Deputy Chair Keith Ellison are taking their buddy show on the road.

Starting later this month, the pair will embark on what they are calling a “Democratic Turnaround Tour” that hits a collection of states that the party lost in 2016 and where there are ongoing races. The first stops, beginning March 24, are in Detroit and Flint, Michigan — where Hillary Clinton was the first Democrat to lose since 1988.

That trip will be followed by visits to Texas — where Democrats are looking to make inroads — and to the states that will hold the two gubernatorial races in 2017, New Jersey and Virginia.

Perez and Ellison are set to announce the tour on Wednesday night, less than two weeks after the former Labor secretary won the chairmanship and named the Minnesota congressman his deputy in Atlanta.

After a four-month long campaign that devolved into a messy proxy war between the establishment wing of the party and the Bernie Sanders wing of the party, the two have gone out of their way to appear together.
It started with a joint press conference following Perez’s victory — in which they were wearing each other’s campaign pins — and continued at President Donald Trump’s first address to Congress, at which Perez was Ellison’s guest.

Now, their push to unify the party is heading to some of the states most vital to the Democrats’ comeback strategy.

When they are traveling, the duo will meet with local party members to talk about the importance of local organization — a key point in both of their campaigns for the chairmanship. But they will also push for Democrats to convey a positive economic message to respond to Trump, not simply an anti-Trump one like the party’s prevailing push during the 2016 campaign.

*** Per Wikipedia:

Perez announced his candidacy for Chair of the Democratic National Committee on December 15, 2016.[158] He argued that the party needs to go to the suburbs, the exburbs and rural America, and talk to people.[159] Perez promised not to take money from federal lobbyists, foreign nationals, or current Labor Department employees.[160] His candidacy was endorsed by former Vice President Joe Biden and other Obama administration officials.[161]

On February 25, 2017 Perez was elected DNC chair.[162][163] Perez won on the second ballot with 235 votes, beating nearest rival Representative Keith Ellison who earned 200 votes.[162] After winning the election, Perez named Ellison as Deputy Chairman of the DNC.[161] Perez is the first Latino and the first Dominican-American to chair the Democratic National Committee.[164]

*** DeRay gets another paying gig, he is among friends.

Image result for deray mckesson blm dnc  BET

 

Shady Globalism Hurts Personally When it Involves Water

We witnessed the Flint, Michigan water crisis, where it was just safe to drink and few cared until they did. The water crisis goes far beyond Michigan where drinking water and water for showers, cooking and washing clothes is just not safe. Gray or used water is scooped to flush toilets. Where you ask? California and it was not due to the 5 year drought. The crisis goes beyond California, it is in Arizona and the corn/wheat belt in the middle of the country.

Really? How does globalism fit into the issue?

Big corporations, Wall Street and Hedge Funds as well as Saudi Arabia and Qatar are part of the crisis.

Individual farmers and small agriculture business has faded away, sold out to big Agri-corporations where offers to buy the land is a cover as the water and aquifers are more valuable. Water is the new gold or oil. Urban and suburban areas, just plain people are paying the price to save water for the sake of water to be available for bigger operations. In fact it is so bad, domestic and foreign interests are pumping water in one location and transferring via privately owned pipe to locations up to and perhaps more than 100 miles away.

When it comes to the EPA controlling water access and use, the agency was not wrong but it was actually wrong for reasons far beyond the headlines. The EPA is protecting, controlling and managing water not for the individual but rather for Wall Street firms and foreign investments.

The EPA is not the only agency, it includes the Department of Agriculture. Trump’s nominee for Secretary of Agriculture, Sonny Perdue has not yet been confirmed however Scott Pruitt has been confirmed as Secretary of the EPA.

Saudi Arabia

Exports of U.S. food and agricultural products to Saudi Arabia reached a record $1.5 billion in fiscal year 2014. Major exports include coarse grains, soybeans, dairy products, and vegetable oils.

In September 2012, the United States signed a trade and investment framework agreement (TIFA) with the Gulf Cooperation Council (which includes Saudi Arabia, as well as the United Arab Emirates, Kuwait, Qatar, Oman and Bahrain) to continue expanding and liberalizing trade relations. More here.

Trade is a good thing for sure for farmers but the little guy is shut out of the trade system due to access of water and volume. The United States is feeding the Middle East.

The Office of Agricultural Affairs (OAA) is part of the U.S. Department of Agriculture’s Foreign Agricultural Service (FAS), which has 93 offices covering 171 countries

OAA promotes and facilitates exports of U.S. agricultural products to Saudi Arabia and Bahrain.

OAA promotes exports of U.S. agricultural products by:

  • Conducting and participating in market development activities with non-profit U.S. high value food product and commodity trade associations.
  • Hosting trade promotion events.
  • Identifying possible opportunities for U.S. products, and placing potential importers in contact with U.S. exporters.
  • Recruiting representatives of Saudi food and agricultural product importers to attend major regional and U.S. based food and agricultural shows.
  • Providing match making and trade lead services.

OAA facilitates the export of U.S. agricultural products by:

  • Reporting on market opportunities and conditions.
  • Resolving trade policy issues by working with the governments of the Kingdom of Saudi Arabia and Bahrain, and with the Gulf Standardization Organization (GSO).
  • Counseling and informing exporters and importers of U.S. agricultural products.
  • Developing and maintaining contacts in the food, logistics and agriculture sectors.
  • Coordinating workshops, technical seminars, and other events with non-profit U.S. commodity trade associations and other organizations.

***

The Middle Eastern kingdom, Saudi Arabia, needs hay for its 170,000 cows. So, it’s buying up farmland for the water-chugging crop in the drought-stricken American Southwest. 14,000 acres to be exact. Almarai Co. bought land in January that roughly doubled its holdings in California’s Palo Verde Valley, an area that enjoys first dibs on water from the Colorado River. The company also acquired a large tract near Vicksburg, Arizona, becoming a powerful economic force in a region that has fewer well-pumping restrictions than other parts of the state.

“Southern California and Arizona have good water rights. Who knows if that will change, but that’s the way things are now,” said Daniel Putnam, an agronomist at the University of California, Davis.

Over the last decade, Saudi Arabia and the United Arab Emirates emerged as significant buyers of American hay as their governments moved to curb water use. Together they accounted for 10 percent of U.S. exports of alfalfa and other grasses last year.

The land purchases signal that Almarai doesn’t just want to buy hay; it wants to grow. And it’s not the only Arab-owned Gulf company to take that approach.

Al Dahra ACX Global Inc., a top U.S. hay exporter based in Bakersfield, California, is owned by Al Dahra Agriculture Co. of United Arab Emirates. It farms extensively in Southern California and Arizona and, according to its website, plans to add 7,500 acres in the United States for alfalfa and other crops. The exporter packages crops grown across the West at its two plants in California and one in Washington state.

Most of the farms that Arab companies own worldwide are in developing nations. For instance, Qatar’s sovereign wealth fund has holdings in Latin America and Africa.

But part of the kingdom’s long-term food security strategy means investing in higher-cost countries with greater political stability, said John Lawton, owner of Agriculture Technology Co., a farming company in Saudi Arabia.  More here from CSMonitor.

*** What about household use of water that is not drinkable?

The problem is that the groundwater it is using is unsafe for nearly 800,000 residents, according to the state’s water resources control board, because of longtime contamination from nitrates and arsenic.

That’s meant less drinkable water in California’s struggle to survive more than three years of severely dry weather.

“Most areas affected by contamination don’t have surface water supplies so they have to find new groundwater sources,” said Kurt Souza, a branch chief of the division of drinking water at the California State Water Resources Control Board.

“But that’s not always easy to do,” Souza added. “Sometimes you can find new ground locations for water and sometimes you can’t.”

The lack of rain and subsequent heavy demand on ground wells—which are also facing supply problems—is making a bad situation worse, said Sara Aminzadeh, executive director of the California Coastkeeper Alliance, a statewide advocacy group for safe water. According to the state water resources study, unsafe levels of arsenic are the top contaminant in groundwater supplies, followed by nitrates.

Nitrates are most often traced to farming chemicals and animal waste. Arsenic is found naturally in soil and rock in much of the world and seeps into groundwater.

Chronic low exposure to arsenic has been traced to respiratory problems in children and adults as well as having links to diabetes, cardiovascular diseases and cancers of the skin. More here from NBC, video included.

For more confusion on the shadiness of the whole thing, here are a few additional items. If it is going on in California, perhaps we need to investigate and ask the same questions in other farming regions of the country. Then perhaps we need deeper research out of the EPA and the Department of Agriculture where most of this gained additional traction and success under the Obama administration.

By the way, it was never really about that pesky Delta Smelt fish that the other environmentalists were trying to protect. That was a cover story.

  • The Monterey Amendment: Monterey Amendment ended up in court, challenged by the Planning and Conservation League, Citizens Planning Association of Santa Barbara County, and a small SWP contractor, the Plumas County Flood Control and Water Conservation District.In 2000, a state appeals court agreed with the challengers that the Environmental Impact Report for the amendment did not analyze provisions for completion of the SWP or permanent water shortages.

    In 2003, a settlement was reached that called for preparation of a new EIR, more detailed reporting of the project’s actual delivery capability and public participation on any project amendments.

    DWR in 2007 released a draft EIR, which discusses the project alternatives, growth inducement, water supply reliability, as well as potential areas of controversy and concern. The final EIR was released in 2009. DWR decided to continue to operate the SWP under the existing Monterey Amendment to the SWP long-term water supply contracts, including the Kern Water Bank transfer, and under the Settlement Agreement entered in PCL v. DWR. DWR’s decision was challenged by two groups of plaintiffs on issues relating to the adequacy of the EIR and the validity of the Monterey Amendment. The cases are currently being heard by the trial court. Final resolution of the issues is likely to take a number of years.

  • Roll International Corporation/Kern Water Bank: The Wonderful Company LLC, formerly known as Roll Global, is a private corporation based in Los Angeles, California. With revenues of over $4.8 billion,[1] it functions as a holding company for Stewart and Lynda Resnick, and as such is a vehicle for their personal investments in a number of businesses. The company currently counts as business divisions the following brands: flower delivery service Teleflora, juice company POM Wonderful, bottled water company FIJI Water, Wonderful Pistachios and Wonderful Almonds (formerly Paramount Farms), Wonderful Citrus (formerly Paramount Citrus), sea freight company Neptune Pacific Line, JUSTIN Vineyards and Winery, pest control company Suterra, and in-house marketing agency Wonderful Agency
  • Paramount Farming: Paramount Farming Company, LLC produces almonds, pistachios, and pomegranates in California. It also offers pomegranate, mango, tangerine, blueberry, and cherry juices. The company was founded in 1986 and is headquartered in Bakersfield, California. Paramount Farming Company, LLC operates as a subsidiary of Roll International Corporation.
  • Westside Mutual Water Co., LLC.
  • IN 2014, California will establish statewide management of water pumped from the ground, under legislation signed Tuesday by Gov. Jerry Brown. This really limits household usage and benefits big farming entities.
  • California is sinking even faster than scientists had thought, new NASA satellite imagery shows. Some areas of the Golden State are sinking more than 2 inches (5.1 centimeters) per month, the imagery reveals. Though the sinking, called subsidence, has long been a problem in California, the rate is accelerating because the state’s extreme drought is fueling voracious groundwater pumping. California Sinking Faster Than Thought, Aquifers Could Permanently Shrink
    New NASA imagery reveals that parts of California are sinking at an astonishing rate, with some parts of the San Joaquin Valley sinking as much as 2 inches per month.

    Credit: Canadian Space Agency/NASA/JPL-Caltech

    Editor’s Note: This story was updated at 2:00 p.m. E.T.

    California is sinking even faster than scientists had thought, new NASA satellite imagery shows.

    Some areas of the Golden State are sinking more than 2 inches (5.1 centimeters) per month, the imagery reveals. Though the sinking, called subsidence, has long been a problem in California, the rate is accelerating because the state’s extreme drought is fueling voracious groundwater pumping. 

    “Because of increased pumping, groundwater levels are reaching record lows — up to 100 feet (30 meters) lower than previous records,” Mark Cowin, director of California’s Department of Water Resources, said in a statement. “As extensive groundwater pumping continues, the land is sinking more rapidly, and this puts nearby infrastructure at greater risk of costly damage.” [It’s Raining Spiders! The Weirdest Effects of California’s Drought]

    What’s more, this furious groundwater pumping could have long-term consequences. If the land shrinks too much, and for too long, it can permanently lose its ability to store groundwater, the researchers said.

    The state’s sinking isn’t new: California has long suffered from subsidence, and some parts are now a few dozen feet lower than they were in 1925, according to the U.S. Geological Survey.

    But the state’s worst drought on record — 97 percent of the state is facing moderate to exceptional drought — has only accelerated the trend. To quantify this accelerated sinking, researchers at the Department of Water Resources and NASA’s Jet Propulsion Laboratory in Pasadena, California, compared satellite imagery of California over time. Thanks to images taken from both satellites and airplanes using a remote-sensing technique called interferometric synthetic aperture radar (InSAR), which uses radar to measure elevation differences, researchers can now map changes in the surface height of the ground with incredible precision. For the current study, the team stitched together imagery from Japan’s satellite-based Phased Array type L-band Synthetic Aperture Radar and Canada’s Earth Observation satellite Radarsat-2, as well as NASA’s airplane-based Uninhabited Aerial Vehicle Synthetic Aperture Radar.

    Certain hotspots are shrinking at an astonishing rate — regions of the Tulare Basin, which includes Fresno, sank 13 inches (33 cm) in just eight months, they found. The Sacramento Valley is sinking about 0.5 inches (1.3 cm) per month. And the California Aqueduct — an intricate network of pipes, canals and tunnels that funnels water from high in the Sierra Nevada mountains in northern and central California to Southern California — has sunk 12.5 inches (32 cm), and most of that was just in the past four months, according to the new study.

    The unquenchable thirst for groundwater in certain regions is largely a result of agriculture: Most of the state’s agricultural production resides in the fast-sinking regions around some of the state’s most endangered river systems — the San Joaquin and Sacramento rivers. As the heat and lack of rainfall have depleted surface-water supplies, farmers have turned to groundwater to keep their crops afloat.

    Subsidence isn’t just an aesthetic problem; bridges and highways can sink and crack in dangerous ways, and flood-control structures can be compromised. In the San Joaquin Valley, the sinking Earth has destroyed the outer shell around thousands of privately drilled wells.

    “Groundwater acts as a savings account to provide supplies during drought, but the NASA report shows the consequences of excessive withdrawals as we head into the fifth year of historic drought,” Corwin said. “We will work together with counties, local water districts, and affected communities to identify ways to slow the rate of subsidence and protect vital infrastructure such as canals, pumping stations, bridges and wells.”