Category Archives: Industry Jobs Oil Economics

Adding Another 25 Cents to the Price of Gas at the Pump

Posted on by

Sigh….would that revenue be applied to pay off U.S. debt? Nah…

Commerce Secretary Wilbur Ross, who called raising gas taxes a ‘horrible idea,’ says Trump is considering a hike

  • Raising the federal gas tax is one of several options President Donald Trump is considering to pay for infrastructure spending, Commerce Secretary Wilbur Ross said.
  • The president proposed an increase of 25 cents per gallon last week, according to several sources.
  • Ross, who once called raising the federal fuel levy a “horrible idea,” on Thursday said it’s logical to charge drivers for road improvements.

States With the Highest and Lowest Gas Taxes - 24/7 Wall St. photo

Enter the U.S Chamber of Commerce:

The U.S. Chamber has long believed that implementing a modest increase in the motor vehicle fuel user fee (also known as the gas tax) is the simplest, fairest, and most effective way to raise the money that America needs to fund critical upgrades to our roads, bridges, and transit systems.

Earlier this year, and for the first time, we threw out a number: 25 cents. By raising the federal gas tax by 25 cents—five cents per year over five years—we could raise $394 billion over the next decade, and it would only cost the average motorist about $9 a month.

That’s the kind of money we need to be investing in our nation’s infrastructure system. It’s that important, and we won’t be able to build what we need to build if we do it on the cheap.

So far, we’ve seen strong support for our proposal from across the U.S. business community, and a few weeks ago, President Trump indicated his openness to backing a 25-cent increase as part of his administration’s infrastructure modernization efforts.

Despite the momentum that exists to come up with a long-term and sustainable funding solution for America’s infrastructure woes, our concrete and common-sense proposal has met resistance from some corners of Washington, most of it based on incomplete information about the gas tax and the impact of an increase.

To help fill that gap, we’ve compiled five assertions we’ve heard about the gas tax over the last few weeks, and we’ve filled in parts of the story that have so far been missing from the debate.

1. Assertion: An increase in the gas tax is regressive.

Reality: Any user fee, toll, fare, or sales tax is by definition regressive. The fixed fee or tax is larger as a share of income the less the payer makes. A bus fare, for example, costs a larger share of income for someone who makes $30,000 a year than it does for someone who makes $300,000 a year.

The only way to avoid a regressive system of financing our highways and transit systems is to abandon the user fee model altogether and instead fund infrastructure out of general income taxes. Do opponents of adjusting the gas tax really believe a better alternative is raising income taxes and making the current code more progressive?

It is worth remembering that the costs associated with crumbling and substandard infrastructure are also regressive; inaction is expensive.

Forty-four percent of America’s major roads are in poor or mediocre condition. Driving on those bad roads costs U.S. motorists $120 billion a year in extra vehicle repairs and operating costs—$553 per motorist, in fact. Those bills are a bigger burden for low-income drivers than high-income drivers.

Congestion is also stealing time from American families. The average commute time to work has increased by 35 minutes a week between 1990 and 2015. Higher congestion means longer commutes and higher costs.

2. Assertion:  An increase in the gas tax would wipe out the benefits of tax reform.

Reality: The Ways and Means Committee has estimated that the typical family of four earning the median family income of $73,000 will receive a tax cut of $2,059. Based on average household consumption of gasoline, if a 25-cent increase in the motor fuel tax was implemented all at once (and it is more likely to be phased in) the additional fee would only be $285, a very small portion of the average family’s total tax relief.

Let’s not forget that thanks to common-sense energy policies and increased fuel efficiency, families today are paying less for gasoline. In 2008, the average household expenditure for gasoline was $2,715.  In 2017, it is estimated to have been $1,197, a difference of $738. That savings is more than two times greater than the cost of increasing the motor fuel user fee.

3. Assertion: We don’t need to raise the gas tax. Congress should instead cut spending on bike paths and other wasteful items.

Reality: There is no question that Congress should repurpose any wasteful or low-priority infrastructure spending, but funding for so-called “transportation alternatives” is less than 2% of overall federal highway spending. And of that less than 2%, states are already authorized to transfer half of the funds from alternative projects to more traditional projects.

If you eliminated all funding for transportation alternatives, you would reduce the current $138 billion shortfall in the highway and transit trust fund by only approximately 6%. Furthermore, during the last two federal highway authorization laws (MAP-21 and FAST Act), Congress has substantially reduced the number of federally required programs from 112 to 12, therefore focusing limited dollars on programs with the greatest economic return.

Occasionally, critics will claim that “wasteful,” non-highway funding is much higher—say 20% or more of total spending. However, these critics only get to this larger number by lumping in funding for transit programs. The most recent highway bill provided approximately $10 billion a year in funding for transit programs. Since 1983, when President Reagan signed legislation dedicating a portion of the motor vehicle fuel user fee to transit programs, there has been no serious consideration of divorcing transit funding from highway funding. If Congress, were to do so, it would likely only mean that general fund spending would need to be increased to cover transit program spending, meaning no additional money for highways.

4. Assertion: States have already raised their own gas taxes, so there is no need for Congress to do so.

Reality: Support for our highway infrastructure has historically been a partnership between the federal government and state governments, with state government devoting more dollars to building and maintaining our highway system than the federal government. Adjusted for inflation, spending at all levels of government has been on the decline since 2000. State governments are raising their user fees in many cases in order to just maintain their level of support for highway modernization.  If the federal government fails to do likewise, the historic partnership will break down along with our infrastructure.

5. Assertion: Raising the gas tax is politically impossible.

Reality: Thirty-nine states have raised gas taxes since 1993, and some have done it several times.

We haven’t found a single lawmaker who has lost his or her seat solely because of a vote in favor of raising the gas tax. It may be a tougher vote in some regions of the country or for some elected leaders than others, but it’s a vote worth taking. Each and every day, American voters interact with our nation’s roads, bridges, airports, and more, and we believe voters will reward leaders who acknowledge that infrastructure investments can mean more economic growth and more prosperity.

The Monies and Deals that Flowed into Iran, People Swap

Posted on by
  1. Why does France want to keep the Iran nuclear deal? Rohani et Macron au téléphone: promotion des relations ...French exports to Iran for the first 11 months of 2017 rose 120% to €1.29 billion ($1.6 billion) and imports grew 80 % to €2.16 billion,” Celestin-Urbain said.

    “The short-term priority was to keep trade simple and complete a scheme this year to offer euro-denominated credits to Iranian buyers of French goods,” he said, a move that would keep bilateral trade outside the reach of US sanctions.

    The head of state-owned investment bank Bpifrance, which is putting the plan together, said he was confident the scheme, which had a pipeline of deals worth €1.5 billion, could start operating by end-May or early-June. However, he warned that talks were ongoing on how to protect French firms if the US snapped back sanctions.

  2. The U.S. government wired $848,000 to Iran in July 2015 to settle a dispute over fossils and architectural drawings now in Iran’s possession.
  3. The U.S. also wired $9 million to Iran in exchange for 32 tons of heavy water.
  4. There is some chatter also about $400 million relating to the freedom of a U.S . spy. (likely part of #2) also came from the New York Federal Reserve and was converted to Swiss Francs.
  5. The $1.7 billion that went to Iran traveled through a network of the New York Federal Reserve and several European banks. This money was then transferred to the Swiss bank, converted to Swiss banknotes and moved to the Swiss National Bank. The U.S, government then transported them to Geneva via a flight bound for Iran. The transactions out of the U.S reserves were three separate transactions. At the same time there was a large hostage exchange. Iran released 4 American hostages. The Dutch Central Bank was also instrumental in facilitating the $1.3 billion into Euros. These monies appear to all be spent on the export of terror, supporting Bashir al Assad of Syria and keeping the Houthi rebels armed in Yemen.
  6. People:

    Khosrow Afghahi

    Afghahi, 72, was arrested in California in April and faced charges for allegedly violating the Iranian embargo and money laundering.
    He was the managing director and part owner of Tehran-based Faratel Corporation and the minority owner of Houston-based Smart Power Systems, according to a grand jury indictment filed in federal court in Texas in April.
    He was accused of participating in a scheme to illegally export high-tech microelectronics as part of an “Iranian procurement network operating in the United States,” the Justice Department said after his arrest.
    He had pleaded not guilty and the case had not yet gone to trial, attorney David Gerger said. A pardon was handed to him at 4:30 a.m. Sunday, allowing him to be released from prison after nine months behind bars, according to his attorney.
    Gerger described his release as “the right result,” adding that his client is now spending time with his family.
    “He is a good man,” Gerger said, “and we are glad to put this behind him.”
    U.S. companies violated Iran sanctions, indictment says

    Tooraj Faridi

    Faridi, of Houston, was vice president of Smart Power Systems and was accused of participating in the alleged scheme. In a statement released at the time of the indictment, an FBI official said such microelectronics shipments could put national security at risk.
    “The proliferation of sensitive U.S. technologies to Iran and the direct support to their military and weapons programs remains a clear threat to U.S. national security,” said Randall Coleman, assistant director of the FBI’s counterintelligence division.
    Faridi’s attorney told CNN affiliate KPRC that his client never posed a threat to the country.
    “He’s as American as anybody that was born in this country. He’s loved being here, he’s fought hard to be here and he’s going to stay here, so it’s been very stressful to him to be accused of being somebody who’s a threat to national security when he’s just as American and patriotic as anybody in this town,” attorney Kent Schaffer said.
    He faced charges for allegedly violating the Iranian embargo and money laundering. The case had not yet gone to trial. He was pardoned on Sunday as part of the deal.

    Bahram Mechanic

    Mechanic, the majority owner of Faratel and Smart Power Systems, also was accused in the same alleged scheme. He faced charges of violating the embargo and money laundering, among other counts.
    Attorney Joel Androphy told CNN that Mechanic, Faridi and Afghahi were met by their wives after their release and headed to their homes.
    “They were ecstatic to be out,” he said.
    The attorney told KPRC that his client eventually plans to return to Iran.
    Androphy told Forbes the accusations against his client were baseless and he believes they would have won if the case had gone to trial.
    Mechanic was pardoned on Sunday as part of the deal.

    Nima Golestaneh

    The 30-year-old Iranian national pleaded guilty in December to charges of wire fraud and unauthorized access to computers, the Department of Justice said.
    He was arrested in Turkey in November 2013 and extradited to the United States last February.
    According to a plea agreement, he conspired to hack the network and computers at Arrow Tech, an engineering consulting and software company in Vermont.
    His lawyer did not immediately respond to a request for comment.

    Nader Modanlo

    The naturalized U.S. citizen, who lived in Potomac, Maryland, was convicted in 2013 of conspiring to illegally provide satellite services to Iran, federal officials said at the time.
    He was a mechanical engineer with science and engineering degrees from George Washington University. Prosecutors argued he’d broken the law by helping Iran launch communications satellites.
    He was sentenced to eight years in prison in 2013. That sentence was commuted as part of the deal.
    His lawyer did not immediately respond to a request for comment.

    Arash Ghahreman

    A naturalized U.S. citizen, Ghahreman was convicted in April of violating U.S. export and money laundering laws as part of a scheme to buy marine navigation equipment and military electronic equipment for illegal export to Iran.
    He was sentenced to six-and-a-half years in prison last August. That sentence was commuted Sunday as part of the deal.
    Attorney Ellis Johnson said Ghahreman and his family were extremely relieved after his release.
    “He plans to spend some time with his aunt and her family on the East Coast, reunite with his girlfriend who’s currently on the West Coast, and hopefully visit his elderly parents in Iran, whom he hasn’t seen in years since this case began,” Johnson said.
    Ghahreman, the attorney said, is a “kind, considerate man who poses no threat to the United States.”

    Ali Saboonchi

    A federal jury in convicted Saboonchi, who holds both Iranian and U.S. citizenship, in August 2014 of conspiracy and seven counts of exporting American manufactured industrial products to Iran.
    He was sentenced to 24 months in prison last February. That sentence was commuted Sunday as part of the deal.
    In a written statement, his attorneys described Saboonchi as a “hard-working family man and American” who poses no danger and “has a bright future ahead.”
    “He was born in the U..S and is proud to be raising his young family here. His arrest and incarceration were devastating to his many friends and family,” attorneys Elizabeth Oyer, Lucius Outlaw III and Meghan Skelton said. “Ali is thrilled and grateful for his release and return to his family.”

Immigration, Migrant, Refugee, Asylum Law Clean-up Required

Posted on by

Okay, let us start with ‘catch and release’. Actually under GW Bush and Michael Certoff, it was a policy of ‘catch and return’. That is until many home countries refused to take back their citizens. During that time, the United States had to have detention facilities to house these people until their case(s) could be worked through the varied systems. Then the left decided there needed to be a lawsuit on the whole detention thing. Yup, it went to the Supreme Court and the decision was a time limit of 6 months of detention and then the case had to be resolved. Well, there were not enough judges, so ‘catch and release’ was tried, hoping they would show up to court….well 80% did not show up. Catch and release now remains.

Now we continue to hear new labels applied to people entering the United States by various methods including across the borders, by air and by ship. In fact more enter by air than any other means and overstay the visa. So, advertisement float around the world and especially in Central and South America on who to contact to get to the United States, how much it costs, what to do, what to say, what to have. Yup, advertisements and sadly that does include our diplomatic posts and embassies in regions of conflict(s). The buzzword today is ‘asylum’. Here is the rub on that…

People applying for asylum must first apply after they are provided an alien status and must prove why they cannot be returned to their home country. Over the years, that process has become twisted an no real proof or approval of the application is necessary especially in states where it is well known there are humanitarian issues. It should also be understood that asylum status is NOT a forever status as conditions can change, thus making it favorable for return to the home country. If that still proves impossible, coordination can be made with other countries that are not of origin to accept these people. President Clinton in 1994 when it came to Haitian and Cuban refugees, he worked a deal to have many go to Suriname, Grenada, Barbados and St. Lucia. Further, he did a remarkable and clever thing, for those wanting to get out of their failed home state, he held hearings for their cases in their home country or aboard ships, such that they would not enter the U.S. in the first place.

The United States has about a 16 year waiting list for cases to get through the immigration court process, that is if and when people do show up.

Now for the international pressures of refugees like from Honduras, Guatemala, Syria, Libya or Iran. The United States is a signatory to the United Nations Protocol Relating to the Status of Refugees. That DOES not force the United States to accept any refugee. It is time for the United States to make an annex condition stating a new and updated policy with regard to foreign nationals and refugees.

Check this: The Illegal Immigrant Reform and Immigrant Responsibility Act of 1996 (IIRIRA, P.L. 104-208) made substantial changes to the asylum process: establishing expedited removal proceedings; codifying many regulatory changes; adding time limits on filing claims; and limiting judicial review in certain circumstances, but it did not alter the numerical limits on asylee adjustments. Okay, so we need a quota system perhaps, well we have quota systems, so we need one that is law and enforced.

While we are at it, we need updated and concise cogent definitions of asylum. It cannot just be the word fear….that does not work or apply anymore. Heck people are borrowing children to fabricate a family and claim fear if forced to return…who is lying to who? Ever wonder why these people dont apply to Mexico, Peru, or Sri Lanka for refugee or asylum status? Just being snarky….Read more details here.

Now let us take a sample country like Honduras.

According to the State Department website, Honduras has some of the highest favorabilty ratings to the United States in the Western hemisphere. Sheesh they should…why?

Several of our federal agencies give big money to Honduras like the Department of Commerce and the Department of Agriculture. Then we have this agency that I watch constantly, The Millennium Challenge. Just in 2013 alone, that MCC gave Honduras $15.6 million to improve public financial management and to create more effective and transparent public-private partnerships. What the heck does that mean? Trade between the United States and Honduras in 2015 was $10 billion.

Now, USAID gives money to Honduras, along with climate change money and military subsidies….oh yeah, did you know we have full control of our own air base in Honduras that we kinda share with the Honduran military? We have an estimated 700-1000 military personnel assigned to Soto Cano Air Base, of which our troops were living in air conditioned huts until about two years ago until we built condos for them….this time with running water.

DVIDS - Images - 231st Citizen-Airmen travel to Honduras ...

So, what does our military even do in Honduras? Counter-narcotics….oh wait …isn’t that the reason all these Hondurans are leaving due to violent drug operations? We also do medical stuff like pediatric nutrition and dentisty via our military at Soto Cano, as well as weather prediction, fire protection and aircraft maintenance. From time to time we do patrol(s).

10 Countries With The Highest Murder Rates In The World photo

So, ask yourself, if the United States was not located in Honduras, or if USSCOM via Joint Task Bravo was not in Honduras for the last 35 years…what state would that state be in today? Well, in 2011, we should remember Operation Castaway. That was the Honduras version of Operation Fast and Furious. Ah yes, we do have FBI and ATF in Honduras even as recently as 2017 where trafficking weapons from places like North Carolina flows in and out of Honduras.

Perhaps is it time we fix the real problems in these home countries with the money we do send there under our management and begin to stop failed nations like Honduras and the exodus problem causing our homeland problems.

Definitions, policies, laws and agreements need to be cleaned up for sure, country by country, document by document, agency by agency.

 

 

POTUS and Omnibus, No Line Item Veto?

Posted on by

2232 pages of stupid and everyone should take the time to just scan the $1.3 trillion spending bill. I got to page 184 last night and went to bed mad. There is no line item veto but there should be. President Trump can veto the whole truck load of crap and should. In place of the line item veto, he can wield his pen and sign an Executive Order eliminating countless crazy spending things or suspend some of the acts for the rest of his term. Something like the Food for Progress Act. And we are still bailing out the healthcare insurance companies…. anyway…there is also $687 million to address Russian interference. Just what is that plan?

  1. How about the Cloud Act? Foreign governments get access to our data? WHAT?   2. Okay how about Trump’s “wall funding.” It’s not a wall. It’s repairs, drones and pedestrian fencing – no construction. 3. Then we have the House Freedom Caucus with their letter to President Trump:   So…need more?  Conservative Review has these 10 items for your consideration.Here are the top 10 problems with the bill:

    1) Eye-popping debt: This bill codifies the $143 billion busting of the budget caps, which Congress adopted in February, for the remainder of this fiscal year. This is on top of the fact that government spending already increased $130 billion last year over the final year of Obama’s tenure. Although the Trump administration already agreed to this deal in February, the OMB put out a memo suggesting that Congress appropriate only $10 billion of the extra $63 billion in non-defense discretionary spending. Now it’s up to Trump to follow through with a veto threat. It’s not just about 2018. This bill paves the road to permanently bust the budget caps forever, which will lead to trillions more in spending and cause interest payments on the debt to surge past the cost of the military or even Medicaid in just eight years.

    Keep in mind that all the additional spending will be stuffed into just six months remaining to the fiscal year, not a 12-month period. A number of onerous bureaucracies will get cash booster shots instead of the cuts President Trump wanted.

    Remember when Mick Mulvaney said the fiscal year 2017 budget betrayal was needed so that he could do great things with the fiscal year 2018 budget? Good times.

    2) Bait and switch on the wall: Since this bill increases spending for everything, one would think that at least the president would get the $15 billion or so needed for the wall. No. The bill includes only $641 million for 33 miles of new border fencing but prohibits that funding for being used for concrete barriers. My understanding is that President Trump already has enough money to begin construction for roughly that much of the fence, and pursuant to the Secure Fence Act, he can construct any barrier made from any This actually weakens current law.

    3) Funds sanctuary cities: When cities and states downright violate federal law and harbor illegal aliens, Congress’ silence in responding to it is deafening. Cutting off block grants to states as leverage against this dangerous crisis wasn’t even under discussion, even as many other extraneous and random liberal priorities were seriously considered.

    4) Doesn’t fund interior enforcement: Along with clamping down on sanctuary cities, interior enforcement at this point is likely more important than a border wall. After Obama’s tenure left us with a criminal alien and drug crisis, there is an emergency to ramp up interior enforcement. Trump requested more ICE agents and detention facilities, but that call was ignored in this bill. Trump said that the midterms must focus on Democrats’ dangerous immigration policies. Well, this bill he is supporting ensures that they will get off scot-free.

    5) Doesn’t defund court decisions: Some might suggest that this bill was a victory because at least it didn’t contain amnesty. But we have amnesty right now, declared, promulgated, and perpetuated by the lawless judiciary. For Congress to pass a budget bill and not defund DACA or defund the issuance of visas from countries on Trump’s immigration pause list in order to fight back against the courts is tantamount to Congress directly passing amnesty.

    6) Funds Planned Parenthood: We have no right to a border wall or more ICE funding, but somehow funding for a private organization harvesting baby organs was never in jeopardy or even under discussion as a problem.

    7) Gun control without due process: Some of you might think I’m being greedy, demanding that “extraneous policies” be placed in a strict appropriations bill. Well, gun control made its way in. They slipped in the “Fix NICS” bill, which pressures and incentivizes state and federal agencies to add more people to the system even though there is already bipartisan recognition that agencies are adding people who should not be on the list, including veterans, without any due process in a court of law. They are passing this bill without the House version of the due process protections and without the promised concealed carry reciprocity legislation. Republicans were too cowardly to have an open debate on such an important issue, so they opted to tack it onto a budget bill, which is simply unprecedented. The bill also throws more funding at “school violence” programs when they refuse to repeal the gun-free zone laws that lie at the root of the problem.

    8) More “opioid crisis funding” without addressing the problem: The bill increases funding for “opioid addiction prevention and treatment” by $2.8 billion relative to last year, on top of the $7 billion they already spent in February. This is the ultimate joke of the arsonist pretending to act as the firefighter, because as we’ve chronicled in detail, these funds are being used to clamp down on legitimate prescription painkillers and create a de facto national prescription registry so that government can violate privacy and practice medicine. Meanwhile, the true culprits are illicit drugs and Medicaid expansion, exacerbated by sanctuary cities, as the president observed himself. Yet those priorities are jettisoned from the bill.

    9) Student loan bailout: The bill offers $350 million in additional student loan forgiveness … but only for graduates who take “lower-paid” government jobs or work for some non-profits! This was a big priority of Sen. Elizabeth Warren.  Government created this problem of skyrocketing student debt by fueling it with subsidies and giving the higher education cartel a monopoly of accreditation, among other things. Indeed, this very same bill increases Pell grants by $2 billion. But more money is always the solution, especially when it helps future government workers.

    10) Schumer’s Gateway projects earmark: Conservatives had a wish list of dozens of items, but it’s Schumer’s local bridge and tunnel project that got included. While the bill didn’t contain as much as Schumer asked for (remember the tactic of starting off high), the program would qualify for up to $541 million in new transportation funding. Also, the bill would open up $2.9 billion in grants through the Federal Transit Administration for this parochial project that should be dealt with on a state level. New York has high taxes for a reason.

 

4 Days of Food Left…Panic? National Grid Hacked

Posted on by

If there is no transportation, there is no food, medicine or basic supplies….what country is ready to deal with this?

British cities would be uninhabitable within days and the country is only a few meals from anarchy if the National Grid was taken down in a cyber attack or solar storm, disaster and security experts have warned.

Modern life is so reliant on electricity that a prolonged blackout would quickly lead to a loss of water, fuel, banking, transport and communications that would leave the country “in the Stone Age”.

Russia plot to cut off UK with hackers taking down ... photo

The warning comes weeks after the Defence Secretary, Gavin Williamson, said Russia had been spying on the UK’s energy infrastructure and could cause “thousands and thousands and thousands” of deaths if it crippled the power supply.

***

The U.S. government has just released an important cybersecurity alert that confirms Russian government cyberattacks targeting energy and other critical infrastructure sectors in the United States.

While there has recently been a significant rise in cyberattacks in these industries, up to now we’ve only been able to speculate on who the actors are, or what their motives may be. In this case the threat actor and their strategic intent has been clearly confirmed, something the U.S. government rarely does publicly.

In addition, the US-CERT alert provides descriptions of each stage of the attack, detailed indicators of compromise (IOCs), and a long list of detection and prevention measures. Many of the attack tactics are like Dragonfly 2.0, so much so that one might call this an expanded playbook for Dragonfly. The Nozomi Networks solution ships today with an analysis toolkit that identifies the presence of Dragonfly 2.0 IOCs.

This article is intended to help you gain perspective on this recent alert, provide additional guidance on what security measures to take, and describe how the Nozomi Networks solution can help.

Russian-Cyberattacks-on-Infrastructure

U.S. energy facilities, like this one, are one of the critical infrastructure targets of the Russian cyberattacks.

Multi-Stage Campaigns Provide Opportunities for Early Detection

The US-CERT alert characterizes this attack as a multi-stage cyber intrusion campaign where Russian cyber actors conducted spear phishing and gained remote access into targeted industrial networks. After obtaining access, the threat vectors conducted network reconnaissance, moved laterally, and collected information pertaining to Industrial Control Systems (ICS).

This pattern of behavior is typical of APTs (Advanced Persistent Threats). APTs occur over an extended period, meaning there is an opportunity to detect and stop them before damage is done. With the right technology monitoring the industrial network, it is much harder for them to go unobserved before their final attack.

In this case the Russian cyberattacks started by infecting staging targets, which are peripheral organizations, such as trusted third-party suppliers, as pivot points for attacking the final intended targets.

The attackers used a multitude of tactics involving information relevant to industrial control professionals for initial infection of the staging targets. Examples include:

  • Altering trade publication websites
  • Sending emails containing resumes for ICS personnel as infected Microsoft Word attachments
  • Analyzing publicly available photos that inadvertently contained information about industrial systems

The credentials of staging targets’ staff were in turn used to send spear phishing emails to the staff of the intended targets. They received malicious .docx files, which communicated with a command and control (C2) server to steal their credentials.

The SMB (Server Message Block) network protocol was used throughout the spear phishing phases to communicate with external servers, as was described for the Dragonfly 2.0 attacks.This is a distinctive tactic. SMB is usually only used to communicate within LANs, not for outbound communications. Now that this is known, asset owners should ensure their firewalls are locked down for outbound service restrictions.

The credentials of the intended targets were used to access victim’s networks. From there, the malware established multiple local administrator accounts, each with a specific purpose. The goals ranged from creation of additional accounts to cleanup activity. For the report, click here.

***

What Is Known

Forensic analysis shows that the threat actors sought information on network and organizational design and control system capabilities within the organization. In one instance, the report says, the threat actors downloaded a small photo from a publicly accessible human resource page, which, when expanded, was a high-resolution photo that displayed control systems equipment models and status information in the background. The threat actors also compromised third-party suppliers to download source code for several intended targets’ websites. They also attempted to remotely access corporate web-based email and virtual private network (VPN) connections.

Once inside the intended target’s network, the threat actors used privileged credentials to access domain controllers via remote desktop protocols (RDP) and then used the batch scripts to enumerate hosts and users, as well as to capture screenshots of systems across the network.

The threat is inside. US-CERT on March 15 warned that threat actors associated with the Russian government had infiltrated ICS and SCADA systems at power plants using a variety of tactics. This image is a DHS reconstruction of a screenshot fragment of a human machine interface (HMI) that the threat actors accessed. Source: US-CERT

The threat is inside. US-CERT on March 15 warned that threat actors associated with the Russian government had infiltrated ICS and SCADA systems at power plants using a variety of tactics. This image is a DHS reconstruction of a screenshot fragment of a human machine interface (HMI) that the threat actors accessed. Source: US-CERT

Along with publishing an extensive list of indicators of compromise, the DHS and FBI recommended that network administrators review IP addresses, domain names, file hashes, network signatures, and a consolidated set of YARA rules for malware associated with the intrusion authored by the National Cybersecurity and Communications Integration Center. YARA is an open-source and multiplatform tool that provides a mechanism to exploit code similarities between malware samples within a family.