DHS Website Hacked with Pro-Iranian Messages

Seems with the timing, that as I was publishing an article yesterday about Iran’s robust cyber operations, they or proxies were at work taking down our own Department of Homeland Security website. Another thought is a domestic Iranian sympathizer took down the site.

A website within the Department of Homeland Security was offline Sunday after a hacker uploaded photos onto the site that included an Iranian flag and an image depicting a bloodied President Donald Trump being punched in the face.

 

The images appeared on the Federal Depository Library Program program’s website late Saturday before the site was taken offline. The Cybersecurity and Infrastructure Security Agency, a division of the Department of Homeland Security, said it was monitoring the situation.

“We are aware the website of the Federal Depository Library Program was defaced with pro-Iranian, anti-US messaging,” the cybersecurity agency said in a statement. “At this time, there is no confirmation that this was the action of Iranian state-sponsored actors. The website was taken offline and is no longer accessible.”

The statement added that “in these times of increased threats” all organizations should increase cyber monitoring, back up IT systems, implement secure authentication and have an incident response plan ready should a hack take place.

DHS also issued a two-week National Terrorism System advisory noting the U.S. drone strike in Iraq last week that killed Iran commander Qassem Soleimani. That spurred Iran and several affiliated extremist organizations to state publicly they intend to retaliate against the U.S.

“Iran maintains a robust cyber program and can execute cyber attacks against the United States,” DHS warned. “Iran is capable, at a minimum, of carrying out attacks with temporary disruptive effects against critical infrastructure in the United States.”

The library program website essentially had been replaced with a page exclaiming “Iranian Hackers!” An image of Iran’s supreme leader Ayatollah Ali Khamenei also was posted, along with a message that “martyrdom was (Soleimani’s) reward for years of implacable efforts.

A graphic showed Trump being punched by a fist from Iran amid a flurry of missiles.

“With his departure and with God’s power, his work and path will not cease and severe revenge awaits those criminals who have tainted their filthy hands with his blood and blood of the other martyrs,” a message on the website read.

Another message claimed the hack was the work of an Iranian “security group,” adding that “this is only small part of Iran’s cyber ability!”

Iran has promised a military response to Soleimani’s killing. Trump has vowed that if Iran attacks an American base or any American, “which I would strongly advise them not to do, we will hit them harder than they have ever been hit before!”

I also received the following bulletin yesterday from the DHS email system.

Image

 

 

Locked Shields Versus Iran

Since the death of several Iranian warlords including Qassim Soleimani, the United States has dispatched more military personnel to the Middle East. The Patriot missile batteries scattered in the region including in Bahrain are now at the ready. When it comes to cyber operations inside Iran, little is being discussed as a means of retribution against the United States. Iran does have cyber warfare capabilities and does use them.

It has been mentioned in recent days that President Trump has been quite measured in responding to Iran’s various attacks including striking Saudi oil fields, hitting oil tankers and shooting down one of the drones operated by the United States. In fact, the United States did respond directly after the downing of our drone by inserting an effective cyber-attack against Iran’s weapons systems by targeting the controls of the missile systems.

APT33 phishing Read details from Security Affairs.

Iran has an estimated 100,000 volunteer cyber trained operatives that has been expanding for the last ten years led by the Basij, a paramilitary network. The cyber unit known for controlling the Iranian missile launchers is Sepehr 110 is a large target of the United States and Israel. Iran also mobilizes cyber criminals and proxy networks including another one known as OilRig.

In 2018, the United States charged 9 Iranians (Mabna Hackers) for conducting massive cyber theft, wire fraud and identity theft that affected hundreds of universities, companies and other proprietary entities.

Due to a more global cyber threat by Iran known to collaborate with North Korea, China and Russia, NATO has been quite aggressive in cyber defense operations via the Cooperative Cyber Defense Center of Excellence applying the Locked Shields Program.

Not too be lost in the cyber threat conditions, Iran also uses their cyber team to blast out propaganda using social media platforms. If this sounds quite familiar, it is. The Russian propaganda operations manual is also being used by Iran. The bots and trolls are at work in Europe to keep France, Britain and Germany connected to the Iranian nuclear deal and to maintain trade operations with Iran including diplomatic operations. There are fake Iranian and Russian accounts still today all over Twitter and Facebook for which Europe is slow to respond if at all.

Meet APT33, which the West calls the Iranian hacking crew(s), the other slang name is Elfin. APT33 is not only hacking, but it is performing cyber-espionage as well. There are many outside government organizations researching and decoding Iran’s cyber operations that cooperate with inside U.S. government cyber operations located across the globe that also cooperate with NATO.

Recorded Future is one such non-government pro-active cyber operation working on Iran. These include attributions of cyber attacks by Iran against Saudi Arabia as well as the West by decoding phishing campaigns, relationships, malware and webshells and security breeches.

Recent published results include in part:

Nasr Institute and Kavosh Redux

In our previous report, “Iran’s Hacker Hierarchy Exposed,” we concluded that the exposure of one APT33 contractor, the Nasr Institute, by FireEye in 2017, along with our intelligence on the composition and motivations of the Iranian hacker community, pointed to a tiered structure within Iran’s state-sponsored offensive cyber program. We assessed that many Iranian state-sponsored operations were directed by the Iranian Revolutionary Guard Corps (IRGC) or the Ministry of Intelligence and Security (MOIS).

According to a sensitive Insikt Group source who provided information for previous research, these organizations employed a mid-level tier of ideologically aligned task managers responsible for the compartmentalized tasking of over 50 contracting organizations, who conducted activities such as vulnerability research, exploit development, reconnaissance, and the conducting of network intrusions or attacks. Each of these discrete components, in developing an offensive cyber capability, were purposefully assigned to different contracting groups to protect the integrity of overarching operations and to ensure the IRGC and/or MOIS retained control of operations and mitigated the risk from rogue hackers. Read more here in detail from a published summary of 6 months ago.

Don’t Investigate Bidens Now, then When?

As the U.S. presidential race began roaring to life in 2016, authorities in the former Soviet republic of Latvia flagged a series of “ suspicious” financial transactions to Hunter Biden and other colleagues at a Ukrainian natural gas company and sought Kiev’s help investigating, according to documents and interviews.

The Feb. 18, 2016 alert to Ukraine came from the Latvian prosecutorial agency responsible for investigating money laundering, and it specifically questioned whether Vice President Joe Biden’s younger son and three other officials at Burisma Holdings were the potential beneficiaries of suspect funds.

“The Office for Prevention of Laundering of Proceeds Derived from Criminal Activity … is currently investigating suspicious activity of Burisma Holdings Limited,” the Latvian agency also known as the FIU wrote Ukraine’s financial authorities.

The memo was released to me by the Ukrainian General Prosecutor’s Office and confirmed by the Latvian embassy to the United States.

Latvian authorities said they did not get any incriminating information back from Ukraine to warrant further investigation and did not take additional action in 2016. But the memo adds to the mounting evidence that there was ongoing investigative activity surrounding Burisma Holdings and Hunter Biden’s compensation as a board member in the weeks just before Joe Biden forced the firing of the Ukraine prosecutor overseeing the Burisma investigation in spring 2016.

The Latvian law enforcement memo identified a series of loan payments totaling about $16.6 million that were routed from companies in Beliz and the United Kingdom to Burisma through Ukraine’s PrivatBank between 2012 and 2015.

The flagged funds were “partially transferred” to Hunter Biden, a board member at Burisma since May 2014, and three other officials working for the Ukrainian natural gas company, the Latvian memo said. More here from Solomon.

***

But hold on as the media knew much of this as did so many members of Congress and quite frankly our intelligence agencies including the U.S. Department of State.

Politico reported just recently: The Bidens took over Paradigm Global Advisors. In the late summer of 2006 Joe Biden’s son Hunter and Joe’s younger brother, James, purchased the firm. On their first day on the job, they showed up with Joe’s other son, Beau, and two large men and ordered the hedge fund’s chief of compliance to fire its president, according to a Paradigm executive who was present. At the time, the senator was just months away from both assuming the chairmanship of the Senate Foreign Relations Committee and launching his second presidential bid.

Image result for joe beau hunter james biden

According to the executive, James Biden made it clear he viewed the fund as a way to take money from rich foreigners who could not legally give money to his older brother or his campaign account. “We’ve got investors lined up in a line of 747s filled with cash ready to invest in this company,” the executive remembers James Biden saying.

 

PCM Merger Agreement by Anonymous Q1yQNGqtP on Scribd

The Biden family have consistently mixed business and politics over nearly half a century, moving from one business to the next as Joe’s stature in Washington grew. None of the ventures appear to have been runaway successes, and Biden’s relatives have not been accused of criminal wrongdoing in their dealings. But over the years, several of their partners and associates have ended up indicted or convicted. The dealings have brought Joe unwelcome scrutiny and threaten to distract from his presidential bid. Read the long and full story here.

But hold there is still more beyond Burisma and China. That is we need to go back even further.

A son of Democratic vice presidential candidate Joe Biden was paid an undisclosed amount of money as a consultant by MBNA, the largest employer in Delaware, during the years the senator supported legislation that was promoted by the credit card industry and opposed by consumer groups.

Barack Obama’s presidential campaign said Biden helped forge a bipartisan compromise on the measure, which is now law and makes it harder for consumers to obtain bankruptcy protection in the courts.

MBNA’s consulting payments to Hunter Biden, first reported by The New York Times, followed his departure in 2001 from the company, where he had been an executive.

At the time Hunter Biden was receiving consulting payments from MBNA, he also was a Washington lobbyist at a firm he had co-founded.

“He was not a lobbyist for MBNA, and his work had absolutely nothing to do with the bankruptcy bill. Zero. Nothing,” said Wade.

Resurrecting Biden’s role in the bankruptcy legislation could undercut one of the Obama campaign’s lines of attack: That his Republican opponent, John McCain, is insensitive to the financial woes of middle-class Americans.

Consumer and civil rights groups and unions, as well as Democratic opponents, had argued that the bankruptcy legislation was unfair to low-income working people, single mothers, minorities and the elderly, and would remove a safety net for those who have lost their jobs or face mounting medical bills. More here.

But are there other politicians we need to look at? Yes.

Robert Powell, the husband of Rep. Debbie Mucarsel-Powell, D-Fla., reportedly took $700,000 from a Ukrainian oligarch named Igor Kolomoisky. Mucarsel-Powell sits on the House Judiciary Committee, the committee that drafted two articles of impeachment against President Donald Trump for his alleged abuse of power with regards to Ukraine.

Image result for Debbie Mucarsel-Powell

In 2018, the Daily Beast reported that a number of businesses linked to Kolomoisky hired Powell as an attorney. One of those firms paid Powell at least $700,000 over two years, according to public records.

The Miami Herald reported Powell was working for companies tied to Kolomoisky for 10 years. Powell made most of his money in the two years leading up to his wife’s election in 2018.

Kolomoisky has been accused of contract killings and embezzlement in the past. Yet, in 2018 when Mucarsel-Powell was running for her seat, she did not see her husband’s work as relevant to her campaign. More here.

As President Trump works diligently to be the law and order president, it is no wonder AG Barr, John Dunham, Rudy Guiliani and so many others including conservative media are doing the real investigative work…draining the swamp.

So, while we have elections around the corner, we have much more to learn and consider at the ballot box. Could it be that the Democrats led by Speaker Pelosi are scrambling to cover up some other nasty events we are slowly learning about?

 

 

 

FISA, Horowitz v. FBI

The second hearing in the Senate where Inspector General Horowitz delivered more testimony to the Senate Homeland Security and Governmental Affairs Committee was quite chilling and revealing.
There was a particular exchange between Senator Josh Hawley (R-Mo.) and Horowitz that explains the bias or perhaps even the plotting.

Sen. Josh Hawley, R-Mo., was blunt in trying to get to the bottom of what happened during Wednesday’s Senate Homeland Security and Governmental Affairs Committee hearing.

“Were they just all incompetent?” he asked. Hawley then noted that due to the complexities involved, “it doesn’t sound like they’re very stupid to me.”

Hawley ultimately asked why the members of the FBI would commit such failures to mislead a court multiple times.

“That was precisely the concern we had,” Horowitz said. The inspector general made clear that he did not reach any conclusions regarding intent, but he did not necessarily accept the reasons people gave him during his investigation.

“There are so many errors, we couldn’t reach a conclusion or make a determination on what motivated those failures other than we did not credit what we lay out here were the explanations we got,” Horowitz said.

This echoed what Horowitz said in his opening statement, where he made clear that “although we did not find documentary or testimonial evidence of intentional misconduct, we also did not receive satisfactory explanations for the errors or the missing information and the failures that occurred.”

Horowitz previously appeared before the Senate Judiciary Committee in the aftermath of his report on the subject, but Wednesday’s hearing before the Senate homeland security panel comes a day after the Foreign Intelligence Surveillance Court (FISC) sharply criticized the FBI in a rare public order that referenced his findings.

Horowitz said that both Justice Department attorneys and the Foreign Intelligence Surveillance Court “should have been given complete and accurate information,” adding, “that did not occur and as a result, the surveillance of Carter Page continued even as the FBI gathered evidence and information that weakened the assessment of probable cause and made the FISA applications less accurate.”

So, the Democrats along with the media prepackaged the headlines prior to the Horowitz testimony that the IG report found NO bias. We are now getting more concise and factual information that says otherwise. Seems those on the top floor of the J. Edgar Hoover building opened some old history books on the former Director of the FBI and used several of Hoover’s tactics for all things Crossfire Hurricane and the 4 FISA warrants.

 

Image result for fisa courtThe IG report is teeming with deceit and clandestine maneuvers at the hands of the SSA’s (Special Agents) on the top floor and not those of 7 levels down from the Director level as Comey and McCabe have declared.

The first FISA application: “contained seven significant inaccuracies and omissions.”. None of these were corrected with an addendum or with the 3 renewals.  Contrary to Comey’s constant testimony, the dossier played the largest role in the warrant application and the FBI knew that Carter Page worked as an agent for the CIA to collect and share information on his Russian interactions, yet that was stripped out of the hundreds of pages in the warrant applications. By the way, both the FBI and the CIA as a matter of practice use civilian informants and even top leaders of global corporations to gather intelligence during foreign travels and interactions.

Now, where is the outrage of the pesky now very loyal and dedicated pro-Constitutional Democrats and where is the media on all this? In fact, with the top judge, Rosemary Collyer at the FISA court issuing a demand letter after the IG report and testimony to the FBI, what will the all the clean up measures include and will there be legal consequences for those who lied, cheated and deceived the court? Beware, much of our media, TV and print operates with wild abandon by applying propaganda….the Kremlin would be proud.

GOP War Room v. Pelosi’s Impeachment?

Do the Republicans in both Houses of Congress need to collaborate with the Department of Justice to create a war room to counter the Democrat’s impeachment operation? Yes, and there are several legal and factual avenues to explore. But one in particular is already in play. In fact, it has been in play since at least 2016, long before Former Vice President Joe Biden announced his candidacy for President of the United States.

The Democrats for months have been not only alleging President Trump for inviting a foreign power into our 2020 election process by asking a favor of the Ukraine President. They additionally charge President Trump for publicly asking China for the same thing. Remember, President Trump said in the phone call: can you do US a favor, OUR COUNTRY has been through a lot. That is not a personal favor for President Trump but rather a service to our nation as a whole. Given the decades of rampant corruption in Ukraine and frankly in our own country, you would think the Democrats would want the same favor right when it comes to money-laundering and interference into our election(s).

So, let us go back to that one avenue already in play since 2016 and that is Rosemont Seneca and Bohai Capital.

For example, one of the companies involved in the Henniges transaction was a billion dollar private investment fund called Bohai Harvest RST (BHR). BHR was formed in November of 2013 by a merger between the Chinese-government linked firm, Bohai Capital, and a company named Rosemont Seneca Partners. Rosemont Seneca was reportedly formed in 2009 by Hunter Biden, the son of then-Vice President Joe Biden, Chris Heinz, the stepson of former Secretary of State John Kerry, and others.3The direct involvement of Mr. Hunter Biden and Mr. Heinz in the acquisition of Henniges by the Chinese government creates a potential conflict of interest. Both are directly related to high-ranking Obama administration officials. The Department of State, then under Mr. Kerry’s leadership, is also a CFIUS member and played a direct role in the decision to approve the Henniges transaction. The appearance of potential conflicts in this case is particularly troubling given Mr. Biden’s and Mr. Heinz’s history of investing in and collaborating with Chinese companies, including at least one posing significant national security concerns. This history with China pre and post-dates the 2015 Henniges transaction. For example, in December of 2013, one month after Rosemont Seneca’s merger with Bohai Capital to form BHR, Hunter Biden reportedly flew aboard Air Force Two with his father, then-Vice President Biden to China.4 While in China, he helped arrange for Jonathan Li, CEO of Bohai Capital, to “shake hands” with Vice-President Biden.5 Afterward, Hunter Biden met with Li for reportedly a “social meeting.”6 After the China trip, BHR’s business license was approved.7 In December of 2014, BHR also reportedly became an investor in China General Nuclear Power Corp (CGN), a state-owned energy company involved in building nuclear reactors.8 In April of 2016, the U.S. Department of Justice (DOJ) charged CGN with conspiracy to unlawfully engage and participate in the production and development of special nuclear material outside the United States which could cause “significant damage to our national security.”9 Then, in August of 2015, Gemini Investments Limited, another Chinese-government linked entity, purchased 75 percent of Rosemont Reality, a sister company of Rosemont 3 Seneca.10 Rosemont Realty became Gemini Rosemont and it reportedly focused on purchasing American real estate.11In September 2015, BHR joined with a subsidiary of the Aviation Industry Corporation of China (AVIC) to acquire Henniges for $600 million. AVIC acquired 51 percent of the company, and BHR acquired 49 percent.12 According to reports, the acquisition of Henniges by BHR and AVIC was the “biggest Chinese investment into US automotive manufacturing assets to date.”13 Because the acquisition gave Chinese companies direct control of Henniges’ anti-vibration technologies, the transaction was reviewed by CFIUS. CFIUS approved the transaction despite reports that in 2007, years before BHR teamed up with AVIC’s subsidiary, AVIC was reportedly involved in stealing sensitive data regarding the Joint Strike Fighter program. AVIClater reportedly incorporated the stolen data into China’s J-20 and J-31 aircraft.14

You will notice numbered footnotes in the text above. That text is in part of a letter sent by Senator Grassley (Senate Finance Committee) to Treasury Secretary Mnuchin this past August. It is uncertain if Treasury did respond to the letter. But hold on there is more.

In May of 2016, the Wall Street Journal had an interesting piece regarding the sale of fake Indian tribal bonds. 7 people were charged of this fraud. Among them was a former campaign adviser to Secretary of State John Kerry and a second man once dubbed by the media “porn’s new king” along with five others. Devon Archer, an advisor to Mr. Kerry’s presidential campaign in 2004 and Jason Galanis a former investor in the adult entertainment business allegedly duped clients into investing more than $43 million in sham bonds in 2014 and 2015.

Image result for Rosemont Seneca Bohai, LLC

Now Devon Archer and Hunter Biden were best of buddies. In 2014, there was a lot of money flowing into a Morgan Stanley account under the name of Rosemont Seneca Bohai, LLC c/o Devon Archer.

 

Rosemont Seneca Partners Co… by JohnSolomon on Scribd

Now, we must remember that the United States has a ‘Mutual Legal Assistance Treaty’ (MLAT) with several countries.

Click here for the presentation of the Mutual Legal Assistance Treaty

This is an agreement between two or more countries for the purpose of gather and exchanging information in a effort to enforce laws and prosecute public or criminal cases that include witness statements, service of documents, forfeiture, illicit assets, terrorism, sanctions, freezing accounts, restraining orders, judgement, subpoenas, transfers of financial instruments, security, regulations and disclosures. Most of the time these cases are a result of transnational organized crime, tax evasions or money-laundering. Other cooperative international agencies include Europol, Interpol repatriation organizations including the FBI and the United Nations.

So Nancy, with assistance of some in the Senate, the Treasury Department and the Trump White House, Trump is doing the right thing by following the law, draining the swamp and asking for continued foreign cooperation in fraud cases. Hold your powder everyone, this will get very interesting.