Category Archives: Gangs and Crimes

UN Protects Palestinian Violence and Pays them too

Posted on by

Okay, the action President Trump took regarding Jerusalem being the capitol of Israel and eventually moving the embassy while a great action, it is not new. The United States already has a diplomatic post in Jerusalem and Jerusalem already is the capitol. At issue is no one across the globe will admit it and it is being manifested by UNRWA a United Nations agency.

UNRWA:

Let’s begin by the United States officially defunding UNRWA.

American taxpayer money spent on U.N. programs is often wasted, and the U.N. Relief and Works Agency for Palestine Refugees (UNRWA) is a prime example. The United States remains the largest contributor to the United Nations, funding 22 percent of the organization’s 2015 budget. The United States is also the single largest donor to UNRWA, paying approximately $380 million toward a nearly $1 billion budget in 2015 [see the figure].

UNRWA Has Failed Its Mandate. Over the past 66 years, despite billions of dollars in aid, there has been little improvement in the lives of Palestinians under UNRWA’s care.

The United Nations set up UNRWA in 1950 to provide relief services for Palestinian Arabs displaced after the 1948 war between the new state of Israel and its Arab neighbors. The organization was intended to provide temporary social services only to Palestinian Arab refugees and only until they could be integrated into the countries that sheltered them. UNRWA has instead grown into a near-permanent refugee industry. Its substandard education, health care and social services have left nearly 5 million Palestinian Arabs in refugee camps in Jordan, Lebanon, Syria, Gaza and the West Bank with little hope of improving their lives.

Meanwhile, did you know that Americans born in Jerusalem cannot list Israel on the birth certificate?

The Consular Reports of Birth Abroad and U.S. Passports will make no changes it appears to this little detail. This anti-Israel and pro Palestine thing is a contagious misguided policy throughout the U.S. government and allies.

Then we have the leader of the Palestinian Authority Mahmood Abbas….real name is Abu Mazen.

As reported previously on this site:

JERUSALEMMahmoud Abbas, the president of the Palestinian Authority, and President Vladimir V. Putin of Russia may have more in common than an interest in Middle East peace talks. According to a newly discovered Soviet document, Mr. Abbas may have once worked for the K.G.B., too.

The possibility, trumpeted by the Israeli media on Wednesday night and just as quickly dismissed by Palestinian officials, emerged from a document in a British archive listing Soviet agents from 1983. A reference to Mr. Abbas is tantalizing but cryptic, just two lines identifying him by the code name “Mole.” At the end of his entry are two words: “K.G.B. agent.”

He was assigned to Syria operations. By the way, Mahmoud Abbas’s predecessor, Yasser Arafat was also KGB. Get the picture here?

So, for decades the United States has been a willing accomplice of all of this mess and now with fresh protests underway in Jerusalem…what more do we need to know? Start with this question, is Moscow and Iran as a bonus directing the planned and organized call to action for protests? Yes…

***

Thursday’s strike at schools, stores and businesses meant Palestinians, notably younger Palestinians, were free to take part in Fatah protests in the city centers. And from there it is a short path to the checkpoints with Israel.

 

Thursday’s strike at schools, stores and businesses meant Palestinians, notably younger Palestinians, were free to take part in Fatah protests in the city centers. And from there it is a short path to the checkpoints with Israel.

The Palestinian Authority and Fatah are organizing the rallies in the city centers, but a key question is whether the Palestinian security services will stop demonstrators from reaching the potential flashpoints. In light of the Palestinian-Arab-Muslim consensus against US President Trump’s decision to recognize Jerusalem, PA security may receive orders not to step in to block protesters on their way to the checkpoints, except, perhaps, to prevent the use of firearms.

This week marks 30 years since an IDF truck collided with a civilian car in Jabalia refugee camp in Gaza, killing four Palestinians, which led to the outbreak of the First Intifada, also known as the stone-throwing intifada. Friday may see a repeat of some of those First Intifada-style confrontations but on a larger scale. This time Hamas is already calling for an intifada. More here.

 

About that July FBI Hillary Interview

Posted on by

The FBI released a summary of former Secretary of State Hillary Clinton’s July 2, 2016 interview with the FBI concerning allegations that classified information was improperly stored or transmitted on a personal e-mail server she used during her tenure. We also are releasing a factual summary of the FBI’s investigation into this matter. We are making these materials available to the public in the interest of transparency and in response to numerous Freedom of Information Act (FOIA) requests. Appropriate redactions have been made for classified information or other material exempt from disclosure under FOIA.

 

Hillary Clinton Emails FBI Report OCR by LawNewz on Scribd

There is a lot here but also know that many pages have full redactions. Parts 1-16 can be found here.

Accompanying Mrs. Clinton into the meeting were her lawyer David E. Kendall; Cheryl D. Mills and Heather Samuelson, longtime aides who are also lawyers; and two lawyers from Mr. Kendall’s firm, Williams & Connolly, Katherine Turner and Amy Saharia. Eight officials from the F.B.I. and the Department of Justice conducted the interview, according to a person who was familiar with the substance of the session but declined to be named because the meeting was private. We do know however that Peter Stzrok was in attendance in the lead in the interview.

The campaign has prioritized assisting the F.B.I., but it declined to cooperate with a State Department inspector general’s audit of Mrs. Clinton’s email practices.

Those findings, delivered to members of Congress in May, undermined some of Mrs. Clinton’s initial statements defending her use of the server.

The report said there was “no evidence” that she had requested or received approval for the server, despite having “an obligation to discuss using her personal email account to conduct official business.”

Federal law deems it a crime to “knowingly” mishandle classified information outside secure government channels or to permit the practice through “gross negligence.”

The week prior to this FBI interview, was the time that Bill Clinton met Loretta Lynch on the tarmac at the Phoenix airport.

***  Image result for peter strzok Peter Strzok

Peter Strzok, also worked with FBI director James Comey on the Clinton email investigation. In fact, he was so deeply involved in the Clinton investigation that he is said to have interviewed Cheryl Mills and Huma Abedin, and to have been present when the FBI interviewed Clinton. According to CNN, he was part of the team responsible for altering the FBI’s conclusion that Clinton was “grossly negligent” in handling classified emails (a finding that could have triggered criminal liability) to “extremely careless” — a determination that allowed her to escape prosecution entirely.

*** We all know that the Russians not only intruded and continue to intrude into our political process as noted by the fake accounts and the bot operations in social media, such is the case in many foreign nations allied with the United States. Mueller’s investigative operation while countless Republicans and conservatives want the process terminated, it should be argued that these two FBI agents at a minimum were attempting to affect the election outcome significantly more than what Russia attempted to do. Let that sink in for a moment or two.

Much like the work of an inspector general, the Mueller team will recommend cases for prosecution which has already happened, however, there will be recommendations going forward to further examine the money trail, the people, the activities and further the intrusions such that going into the mid-term elections and into the general election in 2020, the United States is much more aware and possibly prepared to ward off any outside interference.

We also cannot forget John Podesta as a major player. If was completely honest and candid the first time, he would not have had to make a second appearance.

The House Intelligence Committee on Monday afternoon interviewed John Podesta in a return appearance for the former Clinton campaign chairman, according to Rep. Mike Conaway (R-Texas).

The committee was “following up on questions we had as a result of subsequent revelations with respect to Fusion and Glenn Simpson,” Conaway said, an apparent reference to the recent disclosure that Clinton’s campaign and the Democratic National Committee (DNC) helped fund a controversial dossier of opposition research into then-candidate Donald Trump.

Podesta “answered all our questions,” Conaway said, but declined to comment further.

Podesta has, in the past, been of interest to the committee over the hack of his personal email account by suspected Russian operatives.

*** Meanwhile, the former Podesta Group appears to have a new name and some new and old players.

Two more former lobbyists from the Podesta Group are striking out on their own after Tony Podesta’s firm imploded last month.

The lobbyists, Oscar Ramirez and Dana Thompson, are teaming up with Josh Lamel, who recently left BGR Group, to start InSight Public Affairs.

Ramirez and Thompson had originally planned to join Cogent Strategies, the new firm that the Podesta Group’s longtime Chief Executive Kimberley Fritts started last month. Their pictures were included on the firm’s website when it launched.

“From a client-service perspective and an everyday work perspective, it seemed natural” to join Cogent, Thompson said in an interview on Friday.

But Thompson and Ramirez continued to consider their next moves in the wake of the Podesta Group’s collapse and decided they’d rather start a firm of their own. They teamed with Lamel, who had left the BGR Group, a top Washington lobbying firm, in October with plans to open a shop of his own.

While many former Podesta Group staffers have joined Cogent, others have scattered to other lobbying firms or started their own shops. Those who have opted to strike out on their own include Paul Brathwaite, who launched Federal Street Strategies, and Josh Lahey, who teamed up with Colin Hayes, a former Senate Energy and Natural Resources Committee staff director, to start Lot Sixteen.

InSight Public Affairs will do lobbying and other public affairs work for a variety of clients with a focus on the tech and telecommunications sectors. “A large chunk of our business is going to be working with clients that are part of the innovation economy,” Ramirez said, including the clean energy industry, tech startups and financial and educational technology firms.

Around and around we go….

 

3 Chinese Nationals Charged with Hacking, Stealing Intellectual Property

Posted on by

Indictment found here.

Wonder if President Trump has called President Xi….The U.S. Treasury should at least sanction Guangzhou Bo Yu Information Technology Company Limited….

Pittsburgh:

The Justice Department on Monday unsealed an indictment against three Chinese nationals in connection with cyberhacks and the alleged theft of intellectual property of three companies, according to US officials briefed on the investigation.

But the Trump administration is stopping short of publicly confronting the Chinese government about its role in the breach. The hacks occurred during both the Obama and Trump administrations.
The charges being brought in Pittsburgh allege that the hackers stole intellectual property from several companies, including Trimble, a maker of navigation systems; Siemens, a German technology company with major operations in the US; and Moody’s Analytics.
US investigators have concluded that the three charged by the US attorney in Pittsburgh were working for a Chinese intelligence contractor, the sources briefed on the investigation say. But missing from court documents filed in the case is any explicit mention that the thefts were state-sponsored.
A 2015 deal between then-President Barack Obama and Chinese President Xi Jinping prohibits the US and China from stealing intellectual property for the purpose of giving advantage to domestic companies.
In recent months some US intelligence agencies have concluded that China is breaking the agreement, sources briefed on the matter say. But there’s debate among intelligence officials about whether there’s sufficient evidence to publicly reveal the Chinese government’s role in the infractions, these people say.
Obama administration officials had touted the Obama-Xi agreement, as well as 2014 Justice Department charges against members of the Chinese People’s Liberation Army for commercial espionage, for reducing some of the Chinese cyberactivity against companies in the US.
But the 2015 Obama-Xi deal was met with skepticism inside the US agencies whose job it is to guard against Chinese cyberactivity targeting US companies. Some now say there was only a brief drop in the number of cyberspying incidents, if at all.
In the waning months of the Obama administration, intelligence officials briefed senior White House officials on information showing that the Chinese cyberattacks were back to levels previously seen, sources familiar with the matter told CNN. Early in the Trump administration, US intelligence officials briefed senior officials, including the President and vice president, as well as advisers Jared Kushner and Steve Bannon. More here.
***

Acting U.S. Attorney for Western Pennsylvania Soo C. Song charged Wu Yingzhuo, Dong Hao and Xia Lei with conspiracy to commit computer fraud and abuse, conspiracy to steal trade secrets, wire fraud and identity theft.

The most serious charge, wire fraud, carries a sentence of up 20 years in federal prison. Each conspiracy charge has a possible sentence of up to 10 years and the identity theft carries a sentence of up to two years.

The indictment alleged that Wu, Dong and Xia worked with Guangzhou Bo Yu Information Technology Company Limited, a Chinese cybersecurity firm in Guangzhou, but used their skills to launch attacks on corporations in the U.S.

Between 2011 and May 2017, the trio stole files containing documents and data pertaining to a new technology under development by Trimble, along with employee usernames and passwords and 407 gigabytes of proprietary data concerning Siemens’ energy, technology and transportation efforts, according to the indictment. The trio gained access to the internal email server at Moody’s Analytics and forwarded all emails sent to an “influential economist” working for the firm, the indictment stated. Those emails contained proprietary and confidential economic analyses, findings and opinions. The economist was not named in the indictment.

A Siemens spokesperson said that the company “rigorously” monitors and protects its infrastructure and continually detects and hunts for breaches. The company did not comment on the alleged breach by the Chinese hackers and declined to comment on internal security measures.

Michael Adler, a spokesman for Moody’s Analytics, said that to the company’s knowledge no confidential consumer data or other personal employee information was exposed in the alleged hack.

“We take information security very seriously and continuously review and enhance our cybersecurity defenses to safeguard the integrity of our data and systems,” Adler wrote in an email to the Tribune-Review.

Trimble, in a statement sent to the Trib, wrote that no client data was breached. The company concluded that the attack had no meaningful impact on its business.

Song, however, said the loss to the companies targeted was considerable.

“The fruit of these cyber intrusions and exfiltration of data represent a staggering amount of dollars and hours lost to the companies,” Song said.

Wu, Dong and Xia used “spearphish” emails to gain access to computers, spread malware to infect networks and covered their tracks by exploiting other computers known as “hop points.”

Hop points allow users to hide their identities and locations by routing themselves through third-party computer networks.

“But there were missteps that led our investigators right to them,” said FBI Special Agent in Charge Bob Johnson of the Pittsburgh office.

Johnson would not elaborate on the missteps the accused hackers took, claiming doing so could jeopardize future investigations.

The U.S. Attorney’s Office led the investigation and was assisted by the FBI’s Pittsburgh Division, the Navy Criminal Investigative Service Cyber Operations Field Office and the Air Force Office of Special Investigations.

Cottage Industry in U.S. for Refugee Resettlement

Posted on by

There was a time when the U.S. State Department along with associated agencies including USAID and the CIA would work to migrate countries from communism to democracies. After the rise of militant Islam and terror attacks around the world, countless gestures have been launched to destroy terror including of course war. Stable countries are now vulnerable and susceptible to radical migrant refugees and migrants.

Europe is in the worst condition and the United States is functioning in much the same manner. We constantly hear that the United States was built on immigrants and we invite legal immigration. Few conceive the notion that immigrants would not seek out America if there home countries were stable, democratic and functioning especially when the United States sends billions each year offshore for assistance and stability.

Meanwhile, America continues to budget and appropriate funds for migrants and refugees in the United States and more coming.

Image result for Reception and Placement Programphoto

For an exact sample on how the states operate, this site provided some great insight using Michigan.

Do you wonder what the total and comprehensive costs are for refugee resettlement? Well, the General Accounting Office is to report those costs, yet there seems to be no recent report. Meanwhile see pages 8-9 for the resettlement numbers by state by clicking here.

FY 2017 Notice of Funding Opportunity for Reception and Placement Program

Funding Procedures

Under current funding procedures, each agency with which the Bureau enters into a Cooperative Agreement (CA) is provided $2,025 for each refugee it sponsors who arrives in the United States during the period of the CA and is verified to have been placed and assisted by the agency. The funding is intended to supplement private resources available to the applicant and may be used at the local affiliates at which refugees are resettled and only for the direct benefit of refugees and for the delivery of services to refugees in accordance with program requirements as described in the CA. In addition, the Bureau funds national R&P Program management costs according to separately negotiated and approved budgets based on the applicant’s sponsorship capacity.

The annual ceiling for refugee admissions will be established by the President following consultations with the Congress towards the end of FY 2016. The FY 2017 appropriation and refugee ceiling have not yet been determined. For planning purposes, applicants should use the following refugee admissions projections as a baseline, although they may not necessarily be the regional or total ceilings that will be set by the President for FY 2017. Projections by region are as follows:

Africa — 30,000

East Asia — 12,000

Europe and Central Asia — 5,000

Latin America and the Caribbean — 5,000

Near East and South Asia — 44,000

Unallocated Reserve — 4,000

In addition, applicants should include 7,000 Special Immigrant Visa (SIV) recipients in their planning.

As in previous years, applicants should base their placement plans provided to PRM in response to this notice of funding opportunity on the capacity of their network of local affiliates, which will have consulted with resettlement partners in their communities in order to ensure that the placement plans are reasonable and appropriate. Should the FY 2017 Presidential Determination and appropriation processes result in ceilings that are different from the total capacity that has been proposed by all approved applicants, the Bureau will work with approved applicants, as necessary, to develop a revised plan, as it has in previous years. If you can stand it, continue the stipulations and grant procedures here.

***

It has become a cottage industry with almost zero checks and balances and your tax dollars? Well glad you asked. Check it:

Requirements to resettle refugees
To be selected as an R&P program agency, a non-governmental organization must apply to the PRM, which stipulates they meet three requirements:
1. Applicants must be “well-established social service providers with demonstrated case management expertise and experience managing a network of affiliates that provide reception and placement or similar services to refugees or other migrant populations in the United States;
2. (they must) have been in operation for at least three full years in non-profit status;
3. and document the availability of private financial resources to contribute to the program” (FY 2012 Funding Opportunity Announcement for Reception and Placement Program).

How it works 
Each agency enters into a Cooperative Agreement (CA) with the PRM and is provided $1800 per refugee it sponsors who arrives in the U.S. during the period of the CA. Resettlement agencies have voluntary agreements with the Office of Refugee Resettlement within the U.S. Department of Health and Human Services (US DHHS). The resettlement agencies generally receive seven to ten days notice prior to the arrival of a refugee so that they can assign a case manager, find housing, furniture, and purchase necessary household items. If the refugee has a relative or other tie already living in the U.S. (called an “anchor”), the resettlement agency usually establishes an agreement before the refugees arrive to determine the role the relative or tie will have in assisting the newly arrived refugee in accessing core services.

Service period & basic services
The R&P service period is thirty days long, but can be extended to up to ninety days if more time is necessary to complete delivery of R&P services, although some service agencies allow extensions of assistance based on a client’s needs. Basic support consists of the provision of:
1. Decent, safe, sanitary, and affordable housing
2. Essential furnishings
3. Appropriate food and food allowances
4. Necessary clothing
5. Assistance in applying for social security cards
6. Assistance in registering children in school
7. Transportation to job interviews and job training
8. At least two home visits
9. An initial housing orientation visit by a designated R&P representative or case manager
10. Assistance in obtaining health screening and mental health services
11. Obtaining employment services
12. Obtaining appropriate benefits
13. Referrals to social service programs
14. Enrollment in English as a Second Language instruction.
15. Pre-arrival processing & reception planning
16. Airport pickup
17. Hot meal on night of arrival
18. General case management
19. Development and implementation of a resettlement plan
20. Cultural orientation classes
21. Employment assessment and possible enrollment in UST’s employment program
22. Referrals to UST internal programs
23. Advocacy within government and social services agencies
24. Coordination of community volunteers that provide additional adjustment assistance
25. Follow up and basic needs support

If refugees are still in need of assistance after this 30-90 day period, they can seek aid from public benefit programs for up to seven years. Refugees retain their status as such for one year, and then are considered permanent residents for four years. After that, they can apply for U.S. citizenship.

Other services listed on our website are also accessible to our clients.  Some services are subject to office location.

 

AP Blames FBI for Few Warning on Fancy Bear Hacks

Posted on by

While much of the global hacking came to a scandal status in 2015-16, the Russian ‘Fancy Bear’ activity goes back to at least 2008. The FBI is an investigative wing and works in collaboration with foreign intelligence and outside cyber experts. For official warnings to be provided to U.S. government agencies, contractors, media or political operations, the FBI will generally make an official visit to affected entities to gather evidence. The NSA, Cyber Command and the DHS all have cyber experts that track and work to make accurate attributions of the hackers.

Image result for fancy bear apt 28

The Department of Homeland Security is generally the agency to make official warnings. The Associated Press gathered independent cyber experts to perform an independent study and is ready to blame the FBI for not going far enough in warnings.

When it came to the Clinton presidential campaign hack, the FBI made several attempts to officials there and were met with disdain and distrust. The FBI wanted copies of the ‘log-in’ files for evidence and were denied.

In part the AP report states:

“CLOAK-AND-DAGGER”

In the absence of any official warning, some of those contacted by AP brushed off the idea that they were taken in by a foreign power’s intelligence service.

“I don’t open anything I don’t recognize,” said Joseph Barnard, who headed the personnel recovery branch of the Air Force’s Air Combat Command.

That may well be true of Barnard; Secureworks’ data suggests he never clicked the malicious link sent to him in June 2015. But it isn’t true of everyone.

An AP analysis of the data suggests that out of 312 U.S. military and government figures targeted by Fancy Bear, 131 clicked the links sent to them. That could mean that as many as 2 in 5 came perilously close to handing over their passwords.

It’s not clear how many gave up their credentials in the end or what the hackers may have acquired.

Some of those accounts hold emails that go back years, when even many of the retired officials still occupied sensitive posts.

Overwhelmingly, interviewees told AP they kept classified material out of their Gmail inboxes, but intelligence experts said Russian spies could use personal correspondence as a springboard for further hacking, recruitment or even blackmail.

“You start to have information you might be able to leverage against that person,” said Sina Beaghley, a researcher at the RAND Corp. who served on the NSC until 2014.

In the few cases where the FBI did warn targets, they were sometimes left little wiser about what was going on or what to do.

Rob “Butch” Bracknell, a 20-year military veteran who works as a NATO lawyer in Norfolk, Virginia, said an FBI agent visited him about a year ago to examine his emails and warn him that a “foreign actor” was trying to break into his account.

“He was real cloak-and-dagger about it,” Bracknell said. “He came here to my work, wrote in his little notebook and away he went.”

Left to fend for themselves, some targets have been improvising their cybersecurity.

Retired Gen. Roger A. Brady, who was responsible for American nuclear weapons in Europe as part of his past role as commander of the U.S. Air Force there, turned to Apple support this year when he noticed something suspicious on his computer. Hughes, a former DIA head, said he had his hard drive replaced by the “Geek Squad” at a Best Buy in Florida after his machine began behaving strangely. Keller, the former senior spy satellite official, said it was his son who told him his emails had been posted to the web after getting a Google alert in June 2016.

A former U.S. ambassador to Russia, Michael McFaul, who like many others was repeatedly targeted by Fancy Bear but has yet to receive any warning from the FBI, said the lackluster response risked something worse than last year’s parade of leaks.

“Our government needs to be taking greater responsibility to defend its citizens in both the physical and cyber worlds, now, before a cyberattack produces an even more catastrophic outcome than we have already experienced,” McFaul said. Read the full article here.

Image result for fancy bear apt 28 photo

***

Every organization has a Chief Technology Officer, even small business has a ‘go-to’ person for issues. To be in denial there are any vulnerabilities is reckless and dangerous. To assume systems are adequately protected against cyber intrusions is also derelict in duty.

Fancy Bear is listed as APT 28. APT=Advanced Persistent Threat.

APT28 made at least two attempts to compromise Eastern European government organizations:
In a late 2013 incident, a FireEye device
deployed at an Eastern European Ministry of
Foreign Affairs detected APT28 malware in
the client’s network.
More recently, in August 2014 APT28 used a
lure (Figure 3) about hostilities surrounding a
Malaysia Airlines flight downed in Ukraine in
a probable attempt to compromise the Polish
government. A SOURFACE sample employed
in the same Malaysia Airlines lure was
referenced by a Polish computer security
company in a blog post.
The Polish security
company indicated that the sample was “sent
to the government,” presumably the Polish
government, given the company’s locations and visibility.
Additionally:
Other probable APT28 targets that we have
identified:
Norwegian Army (Forsvaret)
Government of Mexico
Chilean Military
Pakistani Navy
U.S. Defense Contractors
European Embassy in Iraq
Special Operations Forces Exhibition (SOFEX)
in Jordan
Defense Attaches in East Asia
Asia-Pacific Economic Cooperation
There is also NATO, the World Bank and military trade shows. Pure and simple, it is industrial espionage.
MALWARE
Evolves and Maintains Tools for Continued, Long-Term Use
Uses malware with flexible and lasting platforms
Constantly evolves malware samples for continued use
Malware is tailored to specific victims’ environments, and is designed to hamper reverse engineering efforts
Development in a formal code development environment
Various Data Theft Techniques
Backdoors using HTTP protocol
Backdoors using victim mail server
Local copying to defeat closed/air gapped networks
TARGETING
Georgia and the Caucasus
Ministry of Internal Affairs
Ministry of Defense
Journalist writing on Caucasus issues
Kavkaz Center
Eastern European Governments & Militaries
Polish Government
Hungarian Government
Ministry of Foreign Affairs in Eastern Europe
Baltic Host exercises
Security-related Organizations
NATO
OSCE
Defense attaches
Defense events and exhibitions
RUSSIAN ATTRIBUTES
Russian Language Indicators
Consistent use of Russian language in malware over a period of six years
Lure to journalist writing on Caucasus issues suggests APT28 understands both Russian and English
Malware Compile Times Correspond to Work Day in Moscow’s Time Zone
Consistent among APT28 samples with compile times from 2007 to 2014
The compile times align with the standard workday in the UTC + 4 time zone which includes major Russian cities such as Moscow and St. Petersburg
FireEye, is a non-government independent cyber agencies that has performed and continues to perform cyber investigations and attributions. There are others that do the same. To blame exclusively the FBI for lack of warnings is unfair.
Hacking conditions were especially common during the Obama administration and countless hearings have been held on The Hill, while still there is no cyber policy, legislation or real consequence. Remember too, it was the Obama administration that chose to do nothing with regard to Russia’s interference until after the election in November and then only in December did Obama expel several Russians part of diplomatic operations and those possibly working under cover including shuttering two dachas and one mission post in San Francisco.