Category Archives: FBI

The Under Reported Threat to the US of Smuggling Chinese

Posted on by

We have watched for years the chaos at the U.S. Southern border with Mexico. While there is has been a single focus on Latin Americans crossing into the United States, very little has been reported about the volume of Chinese. This should stimulate some critical thinking and questions.

Is this espionage, operatives or the building of a force for other reasons? In February of 2020, NBC News was asking some of the same questions.

A Chinese student walked around a perimeter fence at a U.S. naval base in Key West, taking pictures of government buildings. Stopped by police, he said he was trying to capture images of the sunrise.

aerial view of nas key west naval air station base truman ...

And nine days after that, two more Chinese students drove past a guard at the same naval base. When stopped by security 30 minutes later, they voluntarily displayed the videos and photos they had taken of the base.

The first Chinese student arrested at the naval base in Key West was Zhao Qianli, 20, who was taken into custody on Sept. 26, 2018.

Zhao entered the base by walking along the facility’s secure fence line and trudging through the beach, court documents say.

Zhao headed directly to the Joint Interagency Task Force South property, according to court records, where he took several photographs on his Motorola cellphone and his Canon EOS digital camera.

His devices contained photos and videos of sensitive equipment at the facility’s “antenna farm,” as well as images of warning signs that read “Military Installation” and “Restricted Area,” according to court documents.

Zhao initially told military police that he was “lost” and that he was a “dishwasher from New Jersey.” In later conversations with the FBI, Zhao said he traveled to Key West to “see the sights, such as the Hemingway House,” but there were no images of tourist attractions on his phone, according to his sentencing memo.

Zhao admitted to receiving military training as a university student in China and was found to have a “police blouse” and a People’s Republic of China Interior Ministry belt buckle at his hotel, the memo says.

 

In 2016, Newsweek in part reported:

Smuggling Chinese across the southern U.S. border appeals to traffickers because it is more lucrative than smuggling individuals from Mexico or Central America. A longer journey commands a steeper price and the going rate per person is believed to be somewhere between $50,000 and $70,000; the total value of the trade for the Chinese mafias involved has been estimated at $750 million.

The role of Chinese mafia groups (triads) in bringing migrants across the border has also deepened their exposure to and ties with Latin American narcotics cartels, both in human smuggling and beyond.

An “alliance between Chinese and Latin American smuggling rings” was noted as early as 1993, but today the scope of this “alliance” encompasses not just smuggling, but also other illicit activity including the sale of drug precursors from Asia and pirated materials.

In Mexico, contact between triads and cartels occurs in various regions, including those ruled by the ruthless Los Zetas syndicate and the Gulf and Juarez cartels, depending on what routes are used for migrants. Triad groups are believed to operate in the Mexican state of Chiapas and the Red Dragon triad, which operates in Peru, is involved not only in smuggling, but also in extortion and drug trafficking within Latin America. The wide-ranging activities of transnational organized crime groups generate additional law enforcement concerns beyond border security.

But it is important to look to the other side of our country, the area of the Bahamas and South Florida. A few islands in the Bahamas are now fully owned by China, one such island is Bird Cay. From Forbes in 2019 in part:

Quoting CaribbeanNews.com directly:

“China has set its sights on The Bahamas and has invested billions of dollars in building new infrastructure and industry across the country.

New roads, new businesses, new hotels, and booming Chinese immigration has led to many companies being staffed with more Chinese workers than local Bahamians.”

Plus, “Reports show that over 200,000 Chinese are illegally smuggled into the Caribbean every year to open their shops or work at Chinese businesses, with many sending their money back to China.”

However, the local government doesn’t see how it’s in a good position to do anything about it since Chinese state banks are simultaneously flooding the islands with tens of millions of dollars… even going so far as to finance new ports there.

Private Islands for sale - Bird Cay - Bahamas - Caribbean Bird Cay, owned now by China

Hold on, there is South Florida where those smuggled Chinese are making their way into the United States aboard some very expensive yachts.

The Miami Herald just last year told us:

Dozens of Chinese nationals without proper papers have been smuggled from the Bahamas to South Florida by operators of luxury yachts who are charging them thousands of dollars each for the short Atlantic journey, according to federal criminal cases.

In recent instances, the Coast Guard stopped two vessels approaching the South Florida shore, leading to the arrests of three men accused of transporting a total of 26 Chinese passengers and one Bahamian, court records show. The alien smuggling operations were not related, however.

Rocco Oppedisano, a 51-year-old Italian national, is scheduled for arraignment in Miami federal court Wednesday on charges of conspiring to transport aliens into the United States and bringing them here for financial gain. Oppedisano told a magistrate judge this week that properties he once owned in the Northeast have been sold along with his Mercedes-Benz, Porsche and Fiat vehicles to pay for legal costs over his immigration troubles.

Oppedisano was stopped by the Coast Guard on Dec. 2 while he was commandeering a 63-foot Sunseeker yacht named INXS FINALLY with 14 Chinese passengers and one Bahamian, according to an indictment. Among the passengers was a Chinese national, Ying Lian Li, who was deported last April but tried to re-enter the country.

It is unclear why these Chinese nationals — unlike Cubans and Haitians smuggled here in both go-fast and rickety boats in the past — sought to come to South Florida. But over the past five years, the Bahamas has experienced an influx of Chinese workers flocking to the archipelago as part of a push by China to invest in the country’s hotel, tourism and trade industries.

In the other alien smuggling case, a Coast Guard cutter encountered a 70-foot Hatteras yacht about 20 miles east of South Florida on July 23, when officers radioed the vessel to ask how many people were on board. The yacht’s response: two crew and eight Japanese passengers with passports, who did not need additional visas to enter the United States.

It was all a lie, according to a Homeland Security Investigations criminal affidavit.

About 10 miles east of Port Everglades, Coast Guard officers boarded the yacht and asked crew member Robert L. McNeil Jr. to bring all the passengers on deck. The officers counted 12 passengers with passports from the People’s Republic of China but without required visas to enter the United States, according to the HSI affidavit.

The Coast Guard concluded that none of the 12 Chinese nationals possessed documents that would allow them to enter the United States legally. McNeil, and the yacht’s charter captain, James A. Bradford, along with the 12 Chinese nationals were transferred to the Coast Guard cutter.

During questioning, Bradford said he left South Florida on the Hatteras yacht bearing the name CAREFREE on July 22 and arrived in Nassau, Bahamas, that day. He admitted that the purpose of the trip was to pick up a “tour group of aliens” in the Bahamas, transport them to South Florida and return to the Bahamas on July 26.

Bradford, who has been a charter captain for decades, said “he never checked to see if the passengers had proper documents to come to the U.S.,” according to the affidavit.

A search of the yacht uncovered 10 cellphones in the bridge area; none of the Chinese nationals had mobile phones on them.

“Based on my knowledge and experience in human smuggling cases, smugglers often collect cell phones from migrants until they are paid for delivering the migrants to the U.S.” wrote HSI special agent David Jansen, who added that none of the passengers carried any luggage.

The search also uncovered $118,100 hidden behind the wall paneling of the yacht’s master bedroom, the affidavit said. Investigators also seized more than $2,800 from McNeil.

Both Bradford and McNeil were indicted on charges of conspiring to transport aliens into the United States and bringing them here for financial gain. To resolve his case, McNeil pleaded guilty earlier this month to one count of alien smuggling to make a profit. He faces up to 10 years in prison.

The Hill says this is a disturbing trend.

Matt Cardy/Getty Images

While it’s unclear why these Chinese nationals sought to come to South Florida, the move is part of a larger five-year trend in the region. The Bahamas has seen a surge of Chinese workers as China invests in the archipelago’s hospitality and tourism industries. China’s presence in the Bahamas reportedly stems from a burgeoning relationship between the two countries, after China provided disaster relief in a bid to establish trade.

 

Have you Heard of the FBI’s Trojan Shield Program?

Posted on by

New court records detail how the FBI turned encrypted phone company ‘Anom’ into a honeypot for organized crime.

Vice: For years the FBI has secretly run an encrypted communications app used by organized crime in order to surreptitiously collect its users’ messages and monitor criminals’ activity on a massive scale, according to a newly unsealed court document. In all, the elaborate operation netted more than 20 million messages from over 11,800 devices used by suspected criminals.

The news signals a major coup for law enforcement: ordinarily, agencies either shut down or crack messages on an already established service, such as Phantom Secure or Encrochat, two similar encrypted messaging networks. But in this case, the FBI took control of a communications company called ‘Anom’ in its infancy and turned that into a wide reaching honeypot, with the suspected criminal users instead coming to them.

“The FBI opened a new covert investigation, Operation Trojan Shield, which centered on exploiting Anom by inserting it into criminal networks and working with international partners, including the Australian Federal Police (“AFP”), to monitor the communications,” the unsealed court record reads, referring to Anom, the app at the center of the investigation. Seamus Hughes, a researcher at George Washington University, shared the document with Motherboard.

Do you know anything else about Anom? Were you a user? We’d love to hear from you. Using a non-work phone or computer, you can contact Joseph Cox securely on Signal on +44 20 8133 5190, Wickr on josephcox, OTR chat on [email protected], or email [email protected].

The AFP began going public with the contours of Anom Tuesday morning local time, and announced it had begun making arrests with data pulled from the honeypot.

In 2018, the FBI arrested Vincent Ramos, the CEO of Phantom Secure, which provided custom, privacy-focused devices to organized criminals. In the wake of that arrest, a confidential human source (CHS) who previously sold phones on behalf of Phantom and another firm called Sky Global, was developing their own encrypted communications product. This CHS then “offered this next generation device, named ‘Anom,’ to the FBI to use in ongoing and new investigations,” the court document reads. While criminals left Phantom, they flocked to other offerings. One of those was Anom; the FBI started what it called Operation Trojan Shield, in which it effectively operated a communications network targeted to criminals and intercepted messages running across it.

The FBI, AFP, and CHS built the Anom system in such a way that a master key silently attached itself to every message set through the app, enabling “law enforcement to decrypt and store the message as it is transmitted,” the document reads.

“A user of Anom is unaware of this capability,” it adds.

But first the FBI and their source needed to establish Anom as an option in the criminal underworld. As Motherboard showed in a years-long investigation, using sources around Phantom as well as FBI files, Phantom was particularly popular in Australia. The CHS introduced Anom to his already trusted distributors of mobile devices, who were in turn trusted by criminal organizations, the document reads. Three people in Australia who had previously distributed Phantom, “seeing a huge payday,” agreed to then sell these Anom devices, the document adds. With this, “the FBI aimed to grow the use of Anom organically through these networks,” it reads.

anom-site.png

A screenshot of the Anom site Motherboard took before Anom closed. Image: Motherboard.

Earlier on Monday before obtaining the court record, Motherboard reviewed Anom’s social media presence. The company’s Reddit account first announced the existence of the company two years ago, according to a since deleted but cached Reddit post that Motherboard found.

“Introducing Anom—a Ultra-Secure Mobile-Cell-Phone Messaging App for Android,” the announcement read. “Your Confidentiality, Assured. Software hardened against targeted surveillance and intrusion—Anom Secure. Keep Secrets Safe!”

Anom started to grow, with initially 50 devices distributed in Australia and the AFP able to monitor the phones. It was slow at first, but soon word of the new devices spread, with Anom gathering several hundred users a year later, the document continued.

A third country also got involved in the investigation, and provided the FBI with Anom user data three times a week.

“This data comprises the encrypted messages of all of the users of Anoms with a few exceptions (e.g., the messages of approximately 15 Anom users in the U.S. sent to any other Anom device are not reviewed by the FBI),” the document reads.

Anom had grown exponentially in size, stretching beyond its Australian beginnings to having over 10,000 devices in over 90 countries. Germany, the Netherlands, Spain, and Serbia were also popular, with over 300 distinct transnational criminal organizations (TCOs) using the devices, the document reads. When authorities closed down Sky, as Motherboard reported in March, Anom’s user base tripled.

The number of obtained messages totalled at over 20 million messages since October 2019. Messages include discussions around drug smuggling, corruption, and other high-level organized criminal activities. The document also includes direct quotes of messages from Anom users discussing cocaine shipments.

anom-message.png

A series of messages included in the court document. Image: Motherboard.

“There is 2kg put inside french diplomatic sealed envelopes out of Bogotta [sic],” one message reads referring to how the people are allegedly hiding shipments of cocaine.

“The Trojan Shield investigation has uncovered that Anom devices are used by TCOs to traffic drugs and launder the proceeds of those drug sales,” the document reads. “The distributors of these devices also obstruct justice by remotely wiping the content of devices when law enforcement seizes them. Additionally, the review of Anom messages has initiated numerous high-level public corruption cases in several countries. The most prominent distributors are currently being investigated by the FBI for participating in an enterprise which promotes international drug trafficking, money laundering, and obstruction of justice.”

anom-map.png

A screenshot of a map showing what the FBI says its Anom’s spread around the world. Image: Motherboard

Late Monday, the FBI said that it would be holding “a news conference announcing a massive worldwide takedown based on the San Diego FBI’s unprecedented investigation involving the interception of encrypted communications” on Tuesday.

The Phantom, Sky, and Encrochat operations showed that law enforcement may shutdown or even hack into encrypted phone companies. But the Anom case shows that law enforcement will also go one step further: they will run such a network themselves. A previous DEA operation involved something similar but on a much smaller scale with BlackBerry devices.

“A goal of the Trojan Shield investigation is to shake the confidence in this entire industry because the FBI is willing and able to enter this space and monitor messages,” the document reads.

US has Recovered Ransom Payment of the Colonial Pipeline Hack

Posted on by

Just last month, this site posted a detailed article about the fallout of DarkSide, the hackers of the Colonial Pipeline. In short, U.S. officials seized at least two servers.

Now there is more….like the ransom payment, not all of it, but $2.3 million in real dollars, remember it was paid in cryptocurrency. (Remember, money was paid out to all the dark actors of the DarkSide)

“In addition, a couple of hours after the seizure, funds from the payment server (belonging to us and our clients) were withdrawn to an unknown account,” the DarkSide ransomware operation told its affiliates.

DarkSide: New targeted ransomware demands million dollar ...

****

(AP) — The Justice Department has recovered the majority of a multimillion-dollar ransom payment to hackers after a cyberattack that caused the operator of the nation’s largest fuel pipeline to halt its operations last month, officials said Monday.

The operation to recover the cryptocurrency from the Russia-based hacker group is believed to be the first of its kind, and reflects what U.S. officials say is an increasingly aggressive approach to deal with a ransomware threat that in the last month has targeted critical industries around the world.

“By going after an entire ecosystem that fuels ransomware and digital currency, we will continue to use all of our tools and all of our resources to increase the costs and the consequences of ransomware attacks and other cyber-enabled attacks,” Deputy Attorney General Lisa Monaco said at a news conference announcing the operation.

Georgia-based Colonial Pipeline, which supplies roughly half the fuel consumed on the East Coast, temporarily shut down its operations on May 7 after a gang of criminal hackers known as DarkSide broke into its computer system.

Colonial officials have said they took their pipeline system offline before the attack could spread to its operating system, and decided to pay a roughly $4.4 million ransom in an effort to bring itself back online as soon as it could.

The FBI generally discourages the payment of ransom, fearing it could encourage additional hacks.

But What is NOT in Fauci’s Emails?

Posted on by

That is the question(s)…

While many are calling for the resignation of Dr. Anthony Fauci, I say hold on. Why? Often, in fact most often, former government employees rarely are investigated, charged or prosecuted. I say just suspend him without pay until a full commission is launched.

There are all kinds of people reading through all the released Fauci emails and rightly so. While reading through many articles and posts relating to the emails where so appear to be smoking guns…we must consider what is not in the emails.

As Joe Biden has ordered the intelligence agencies to go through a full review and report back, a long application of strategic thinking is also in order. The reader is invited to ask their own questions in the comments section of this post.

For some context and courtesy of Bloomberg News in part:

No matter where the inquiry leads, the history of lab safety shows, at the very least, that leaks of pathogens have happened in the past — sometimes with deadly consequences. It also shows that even transparent, thorough investigations into the origins of an outbreak can end in uncertainty.

By the late 1970s, smallpox had been eradicated in nature, but work on it continued in a handful of labs around the world, including a facility in Birmingham, England, which had access to a particularly virulent strain. In the summer of 1978, a medical photographer working there named Janet Parker fell ill. When pustules spread across her upper body, a local doctor diagnosed it as a bad case of chickenpox.

It was the third leak of smallpox that decade from a British lab. The British government moved aggressively to contain the outbreak, quarantining hundreds of people and vaccinating many more. Thanks to their efforts, only one other person — Parker’s mother — developed the disease. But Parker died an excruciating, lonely death in an isolation ward — the last known victim of smallpox.

But there were other victims. At the time, the newspapers covering the episode fixated on the director of the laboratory, an expert on pox viruses named Henry Bedson. Despite an absence of evidence, the press blamed him for the outbreak. Quarantined at home and despondent, Bedson went out to his garden shed and slit his own throat; he died soon afterward.

The British government commissioned a thorough investigation into the outbreak. It turned up evidence that Bedson may not have observed sufficient safety protocols and speculated that Parker must have somehow contracted smallpox through contamination in the air ducts. Later, a lawsuit effectively refuted this explanation, leading to the unsettling possibility that Parker herself may have entered one of the work spaces without proper protection. The debate continues to this day.

When lab leaks take place in a secretive society, the difficult job of confirming the source of an outbreak gets much harder. A good case in point was the infamous anthrax outbreak in Sverdlovsk, an isolated city in the Soviet Union.

In 1979, rumors of anthrax killing dozens — or even thousands — began trickling out to the West. Later that year, Soviet journals confirmed some of these reports, noting that upward of a hundred people had contracted anthrax after ingesting contaminated meat; over 60 had died. A tragedy, yes, but perhaps inevitable: Anthrax was endemic in local animal populations.

Intelligence officials in the U.S. weren’t convinced. Satellite imagery showed what looked like decontamination trucks around the city, with considerable activity focused on a mysterious military facility known as Compound 19. CIA analysts hypothesized that the Soviets had mistakenly released a weaponized form of anthrax. More here.

***

Remember, Dr. Fauci has the Director of the NIAID since 1984. He not only knows the history of super bugs and pandemics but he also has access to the files and documentation of global laboratories and scientists.

Can we quit saying ‘lab leaks’, which infers an accident? Perhaps ‘released’ should replace ‘leak’. Anyway, moving on.

Exactly why was the CIA not called in by Fauci or the suggestion of that in 2019 or earlier like around the time of the warning cables that were sent by U.S. Embassy officials back to the State Department in 2018?

How come Dr. Fauci’s emails did not include communication exchanges with other countries that provided big financial aid to the Wuhan Lab like France and Canada?

As the Public Health Agency of Canada refuses to release uncensored internal documents, a Conservative MP says he wants to know how far Canada’s collaboration with China on Level-4 pathogens went — and why two federal scientists were let go by the National Microbiology Lab in Winnipeg in January.

“We need these documents. We need to know what the Government of Canada was doing through the National Microbiology Lab in Winnipeg with respect to cooperating with the Wuhan Institute of Virology in Wuhan, China,” Conservative foreign affairs critic Michael Chong said during a special parliamentary committee hearing on Canada-China relations Monday night.

The special committee has demanded to know why two federal government scientists were escorted out of Canada’s only Level 4 Lab in July 2019, just four months after one of them shipped samples of the Ebola and Henipah viruses to the Wuhan Institute of Virology in China — stories first published by CBC News.

Two months after that shipment, on May 24, 2019, the Public Health Agency of Canada (PHAC) referred an “administrative matter” to RCMP that resulted in the removal of two Chinese research scientists — Xiangguo Qiu and her husband, Keding Cheng — and several international students on July 5.

No where in the Fauci emails is the request for the medical files of ‘patient zero’ or of any Chinese scientists that fell ill or died. Why?

Did Dr. Fauci reach out to the Galveston National Laboratory which is part of the University of Texas for any pandemic details? Not so much, why?

Galveston bio lab explains connections to Wuhan | Local ...

How come Dr. Fauci only had Dr. Deborah Birx as an addition to the White House Virus Task Force and other virology experts were not called on like other world health leaders?

How about any references to expert white papers that Dr. Fauci made? He only said data…what data?

There are hundreds of questions and standing up a full commission is past due. Meanwhile, suspect the doctor and start the real interviews and subpoenas. There are likely hundreds if not thousands more across the world that know more with evidence….Dr. Fauci makes no email inquiries and the same goes for the intelligence agencies, unless they have and that is being embargoed too.

Feds Seized 2 Cyber Domains of Hackers/SolarWinds

Posted on by

DOJ:

Domain Names Were in Part Used to Control a Cobalt Strike Software Tool that the Actors Implanted on Victim Networks

WASHINGTON – On May 28, pursuant to court orders issued in the Eastern District of Virginia, the United States seized two command-and-control (C2) and malware distribution domains used in recent spear-phishing activity that mimicked email communications from the U.S. Agency for International Development (USAID). This malicious activity was the subject of a May 27 Microsoft security alert, titled “New sophisticated email-based attack from Nobelium,” and a May 28 FBI and Cybersecurity and Infrastructure Security Agency joint cybersecurity advisory.

The Department’s seizure of the two domains was aimed at disrupting the malicious actors’ follow-on exploitation of victims, as well as identifying compromised victims. However, the actors may have deployed additional backdoor accesses between the time of the initial compromises and last week’s seizures.

“Last week’s action is a continued demonstration of the Department’s commitment to proactively disrupt hacking activity prior to the conclusion of a criminal investigation,” said Assistant Attorney General John C. Demers for the Justice Department’s National Security Division. “Law enforcement remains an integral part of the U.S. government’s broader disruption efforts against malicious cyber-enabled activities, even prior to arrest, and we will continue to evaluate all possible opportunities to use our unique authorities to act against such threats.”

“Cyber intrusions and spear-phishing email attacks can cause widespread damage throughout affected computer networks, and can result in significant harm to individual victims, government agencies, NGOs, and private businesses,” said Acting U.S. Attorney Raj Parekh for the Eastern District of Virginia. “As demonstrated by the court-authorized seizure of these malicious domains, we are committed to using all available tools to protect the public and our government from these worldwide hacking threats.”

“Friday’s court-authorized domain seizures reflect the FBI Washington Field Office’s continued commitment to cyber victims in our region,” said Assistant Director in Charge Steven M. D’Antuono of the FBI’s Washington Field Office. “These actions demonstrate our ability to quickly respond to malicious cyber activities by leveraging our unique authorities to disrupt our cyber adversaries.”

“The FBI remains committed to disrupting this type of malicious cyber activity targeting our federal agencies and the American public,” said Assistant Director Bryan Vorndran of the FBI’s Cyber Division. “We will continue to use all of the tools in our toolbelt and leverage our domestic and international partnerships to not only disrupt this type of hacking activity but to impose risk and consequences upon our adversaries to combat these threats.”

On or about May 25, malicious actors commenced a wide-scale spear-phishing campaign leveraging a compromised USAID account at an identified mass email marketing company. Specifically, the compromised account was used to send spear-phishing emails, purporting to be from USAID email accounts and containing a “special alert,” to thousands of email accounts at over one hundred entities. More here.

Solarwinds Management Tools - Full Control Networks source

More details on the backstory of SolarWinds

“This release includes bug fixes, increased stability and performance improvements.”

The routine software update may be one of the most familiar and least understood parts of our digital lives. A pop-up window announces its arrival and all that is required of us is to plug everything in before bed. The next morning, rather like the shoemaker and the elves, our software is magically transformed.

Last spring, a Texas-based company called SolarWinds made one such software update available to its customers. It was supposed to provide the regular fare — bug fixes, performance enhancements — to the company’s popular network management system, a software program called Orion that keeps a watchful eye on all the various components in a company’s network. Customers simply had to log into the company’s software development website, type a password and then wait for the update to land seamlessly onto their servers.

The routine update, it turns out, is no longer so routine.

Hackers believed to be directed by the Russian intelligence service, the SVR, used that routine software update to slip malicious code into Orion’s software and then used it as a vehicle for a massive cyberattack against America.

“Eighteen thousand [customers] was our best estimate of who may have downloaded the code between March and June of 2020,” Sudhakar Ramakrishna, SolarWinds president and CEO, told NPR. “If you then take 18,000 and start sifting through it, the actual number of impacted customers is far less. We don’t know the exact numbers. We are still conducting the investigation.”

On Thursday, the Biden administration announced a roster of tough sanctions against Russia as part of what it characterized as the “seen and unseen” response to the SolarWinds breach.

NPR’s months-long examination of that landmark attack — based on interviews with dozens of players from company officials to victims to cyber forensics experts who investigated, and intelligence officials who are in the process of calibrating the Biden administration’s response — reveals a hack unlike any other, launched by a sophisticated adversary who took aim at a soft underbelly of digital life: the routine software update.

By design, the hack appeared to work only under very specific circumstances. Its victims had to download the tainted update and then actually deploy it. That was the first condition. The second was that their compromised networks needed to be connected to the Internet, so the hackers could communicate with their servers.

For that reason, Ramakrishna figures the Russians successfully compromised about 100 companies and about a dozen government agencies. The companies included Microsoft, Intel and Cisco; the list of federal agencies so far includes the Treasury, Justice and Energy departments and the Pentagon.