Category Archives: Presidential campaign

Trump’s Reelection Operation Targeted by Cyber Attacks

Posted on by

Hey Hillary it is not Russia, but they are out there for sure. This time most notable attributions are pointing to Iran.

When the Pentagon recently awarded Microsoft a $10 billion contract to transform and host the US military’s cloud computing systems, the mountain of money came with an implicit challenge: Can Microsoft keep the Pentagon’s systems secure against some of the most well-resourced, persistent, and sophisticated hackers on earth?

“They’re under assault every hour of the day,” says James Lewis, vice president at the Center for Strategic and International Studies. 

Microsoft’s latest win over cloud rival Amazon for the ultra-lucrative military contact means that an intelligence-gathering apparatus among the most important in the world is based in the woods outside Seattle. These kinds of national security responsibilities once sat almost exclusively in Washington, DC. Now in this corner of Washington state, dozens of engineers and intelligence analysts are dedicated to watching and stopping the government-sponsored hackers proliferating around the world.

Members of the so-called MSTIC (Microsoft Threat Intelligence Center) team are threat-focused: one group is responsible for Russian hackers code-named Strontium, another watches North Korean hackers code-named Zinc, and yet another tracks Iranian hackers code-named Holmium. MSTIC tracks over 70 code-named government-sponsored threat groups and many more that are unnamed.

El acuerdo del Pentágono con Microsoft conlleva un centro ...

What are the superpowers of Microsoft?

“Microsoft sees stuff that just nobody else does,” says Williams, who founded the cybersecurity firm Rendition Infosec. “We routinely find stuff, for instance, like flags for malicious IPs in Office 365 that Microsoft flags, but we don’t see it anywhere else for months.”

Connect the dots

Cyber threat intelligence is the discipline of tracking adversaries, following bread crumbs, and producing intelligence you can use to help your team and make the other side’s life harder. To achieve that, the five-year-old MSTIC team includes former spies and government intelligence operators whose experience at places like Fort Meade, home to the National Security Agency and US Cyber Command, translates immediately to their roles at Microsoft. 

MSTIC names dozens of threats, but the geopolitics are complicated: China and the United States, two of the most significant players in cyberspace and the two biggest economies on earth, are virtually never called out the way countries like Iran, Russia, and North Korea frequently are. 

“Our team uses the data, connects the dots, tells the story, tracks the actor and their behaviors,” says Jeremy Dallman, a director of strategic programs and partnerships at MSTIC. “They’re hunting the actors—where they’re moving, what they’re planning next, who they are targeting—and getting ahead of that.”

Microsoft, like other tech giants including Google and Facebook, regularly notifies people targeted by government hackers, which gives the targets the chance to defend themselves. In the last year, MSTIC has notified around 10,000 Microsoft customers that they’re being targeted by government hackers. 

New targets

Beginning in August, MSTIC spotted what’s known as a password spraying campaign. Hackers took around 2,700 educated guesses at passwords for accounts associated with an American presidential campaign, government officials, journalists, and high-profile Iranians living outside Iran. Four accounts were compromised in this attack.

“Once we understand their infrastructure—we have an IP address we know is theirs that they use for malicious purposes—we can start looking at DNS records, domains created, platform traffic,” Dallman says. “When they turn around and start using that infrastructure in this kind of attack, we see it because we’re already tracking that as a known indicator of that actor’s behavior.” 

After doing considerable reconnaissance work, Phosphorus tried to exploit the account recovery process by using targets’ real phone numbers. MSTIC has spotted Phosphorus and other government-sponsored hackers, including Russia’s Fancy Bear, repeatedly using that tactic to try to phish two-factor authentication codes for high-value targets.

What raised Microsoft’s alarm above normal on this occasion was that Phosphorus varied its standard operating procedure of going after NGOs and sanctions organizations. The cross-hairs shifted, the tactics changed, and the scope grew.

Microsoft’s sleuthing ultimately pointed the finger at Iranian hackers for targeting presidential campaigns including, Reuters reported, Donald Trump’s 2020 reelection operation.

One consequence of the 2016 US election is a rise in the sheer number of players fighting to hack political parties, campaigns, and think tanks, not to mention government itself. Election-related hacking has typically been the province of the “big four”—Russia, China, Iran, and North Korea. But it’s spreading to other countries, although the Microsoft researchers declined to specify what they’ve seen.

“What is different is that you’re getting additional countries joining the fray that weren’t necessarily there before,” says Jason Norton, a principal project manager on MSTIC. “The big two [Russia and China]—now, we can say they’ve been historically going after this since well before the 2016 election. But now you’re getting to see additional countries do that—poking and prodding the soft underbelly in order to know the right pieces to have an influence or impact in the future.” 

“The field is getting crowded,” Dallman agrees. “Actors are learning from each other. As they learn tactics from the more prominent names, they turn that around and use them.” 

The upcoming election is different, too, in that no one is surprised to see this malicious activity. Leading into 2016, Russian cyber activity was greeted with a collective dumbfounded naïveté, contributing to paralysis and an unsure response. Not this time.

You saw them in 2016, you saw what they did in Germany, you saw them in the French elections—all following the same MO. The 2018 midterms, too—to a lesser degree, but we still saw some of the same MO, the same actors, the same timing, the same techniques. Now we know, going into 2020, that this is the MO we’re looking for. And now we’ve started to see other countries come out and start doing other tactics.”

In 2016, it was CrowdStrike that first investigated and pointed the finger at Russian activity aiming to interfere with the American election. The US law enforcement and intelligence community later confirmed the company’s findings and eventually, after Robert Mueller’s investigation, indicted Russian hackers and detailed Moscow’s campaign.

MIT Technology Review visited Microsoft, the full summary is here.

Iran’s Underground Enrichment Facility

Posted on by

Under the Iran deal, Iran agreed to redesign, convert and limit its nuclear facilities.

Particular focus was put on Iran’s uranium-enrichment capabilities, putting serious limitations on uranium-enrichment facilities in Iran – Natanz and Fordow. Among other resolutions, Iran also agreed to allow inspection of all its nuclear facilities and the IAEA inspectors will be able to request visits to military sites. However, it doesn’t guarantee them access to military sites.

Fordow is Iran’s second fuel enrichment facility, buried under a mountain in the Great Salt Desert near the holy city of Qom. Before the Iran deal, the bunker was filled with 2,710 centrifuges that could enrich uranium to weapons-grade materials.

Under the nuclear agreement, Iran agreed to stop any uranium enrichment and uranium enrichment R&D at Fordow and turn the plant into a nuclear physics and technology center that will produce radioisotopes for use in medicine, agriculture, industry and science.

Reported in part by Free Beacon:

U.S. State Department officials described Iran’s blocking of an international nuclear inspector from accessing key nuclear sites last week as an “outrageous and unwarranted act of intimidation” amid growing concerns Iran is hiding undeclared nuclear materials.

The administration suspects that Iran is trying to prevent international inspectors from confirming its work with prohibited nuclear materials.

“The United States is deeply concerned about the two issues the IAEA acting director general described in today’s special session of the IAEA Board of Directors,” the official said. “First, that the IAEA has detected evidence of potential undeclared nuclear material in Iran, and second, the detention of an IAEA inspector. Along with Iran’s expansion of proliferation-sensitive nuclear activity, this pattern of deception and intimidation is unacceptable. All nations should be concerned that Iran is not fully cooperating with the IAEA and should demand Iran immediately redress these serious problems.”

The diplomatic escalation comes as Iran breaches limits on the amount of enriched uranium it produces and the enrichment methods it uses. It escalated installations of advanced centrifuges in the past week and has vowed to continue doing so.

Nuclear experts told the Free Beacon that Iran’s behavior raises multiple questions and concerns about the nature of its ongoing work.

“Assuming the IAEA version of events is correct and she did not have explosive contamination on her person, then Iran may be testing what the reaction is to denying inspectors access to safeguarded sites,” David Albright, a former weapons inspector and president of the Institute for Science and International Security, told the Free Beacon.

“How long does it take for this episode to be reported to the board and media?” he asked. “Does the IAEA send a replacement quickly? How many countries and which ones believe the Iranian rationale? Is there outrage or are there divisions that delay a coordinated response?”

Andrea Stricker, a nonproliferation analyst and research fellow at the Foundation for Defense of Democracies, described Iran’s actions as “highly provocative.”

It “gives the impression that Iran could be considering curtailing inspection authorities as a future step to draw down its JCPOA commitments,” Stricker said. “It’s a hostile sign for sure.”

Will the Investigations Include the Unmasking Scandal?

Posted on by

2016: Primer

Could it be that the Obama White House called for a favor from the Washington Post to help on this? The Obama White House used media to an historic art form including selling the bad Iran nuclear deal. Anyway…

The operatives needed to have the list of names first and Trump shared some names that included Whalid Phares, Joe Schmitz and Carter Page. Remember the FISA application scandal listed Carter Page’s name. Further, Joe Schmitz, a former Defense official and lawyer was also a top executive at Blackwater. No wonder there was the festering story about Eric Prince and his alleged nefarious meeting in the Seychelles with Putin’s money-man, Kirill Dmitriev.

Dots connecting…

Moving forward to April of 2017…

Per Eli Lake at Bloomberg:

Facebook Rolling Out “Educational Tool” to Help Users Spot ...

White House lawyers discovered that the former national security adviser Susan Rice requested the identities of U.S. persons in raw intelligence reports on dozens of occasions that connect to the Donald Trump transition and campaign, according to U.S. officials familiar with the matter.

Lake further reports that Rice’s pattern of requesting unmasking was discovered by Trump National Security Council staffer Ezra Cohen-Watnick, whom The New York Times reported last week was one of Nunes’s sources. Cohen-Watnick informed the White House Counsel’s office, Lake reports.

Okay, then we heard that the U.S. Ambassador to the United Nations, Samantha Power also ordered unmaskings, of which she later denied.

Samantha Power testified in Gowdy’s committee last week, and Fox News reported weeks before her appearance that she was thought to have made as many as 260 requests to “unmask” Americans caught up in the surveillance of non-U.S. citizens.

But Tuesday evening, Gowdy told Fox News that Power told his committee that she was not the official requesting that unmasking in every case. More here.

Moving way ahead to February of 2017, enter Congressman Adam Schiff.

Donald Trump believes House Intelligence Chairman Adam Schiff is trying to hire White House employees to gain an edge in his investigation of foreign attempts to influence the president, people familiar with the matter said.

Schiff has hired one former career official at the National Security Council, Abigail Grace, who left the White House last year, the people said. She has a congressional email address and is listed in a directory as working for the Intelligence Committee’s Democratic majority.

A second career employee detailed to the Trump White House is also considering joining Schiff’s staff, according to people familiar with the matter. They didn’t identify the person. More here.

Abigail was a research associate with the Asia-Pacific Security Program at the Center for a New America Security.

The Washington Examiner has reported that two ex-NSC staffers are now employed by Schiff. Abigail Grace, who worked at the NSC until 2018, was hired in February, while Sean Misko, an NSC aide until 2017, joined Schiff’s committee staff in August, the same month the whistleblower submitted his complaint.

Eric Ciaramella, the alleged Ukraine whistleblower, was a guest of Vice President Joe Biden at a glitzy lunch in October 2016 to honor the prime minister of Italy.

Biden co-hosted the banquet with former Secretary of State John Kerry for then-Italian Prime Minister Matteo Renzi. Ciaramella, who is of Italian heritage, was among the U.S. officials who accepted an invitation. This week, the Washington Examiner reported that Ciaramella is now a deputy national intelligence officer for Russia and Eurasia on the National Intelligence Council, reporting to the director of national intelligence. More here.

Now remember during a hearing where AG William Barr asserted there were indications of the government spying on the Trump campaign? Barr has seen major indicators that such activity did occur and hence he hired U.S Attorney John Durham to track the records of the origins of the Russia investigation. The Democrats and media blew up about the term ‘spying’. Well then debates happened in the public square about spying versus surveillance. Okay, how about moles? How about using encrypted text messages between groups of operatives? How about all of it?

America is waiting and waiting and waiting for the IG report, for the Durham report, for the declassification of documents….waiting and waiting.

So when it comes to the list of witnesses that the Republicans are asking Congressman Schiff for permission to provide testimony, the list should be much larger. Others that should be included are: Lisa Monaco, Dennis McDonough, John Brennan, James Clapper, Samantha Power, Mike Morell, Susan Rice, Ben Rhodes, George Soros, Igor Sikorsky, Col. Andriy Ordynovych among others.

Waiting and waiting…

 

 

 

 

FBI in Joint Ukraine Corruption Investigation Since 2016

Posted on by

It is labeled to be the largest bank theft of the 21st Century. Did FBI Director Wray briefed President Trump on this prior to the contention phone call with Ukraine President Zalensky? You can bet members of Congress know this as well giving plenty of reasons to delay transfer of military assistance until a condition report was provided.

Read on…

Congressman Nunes issued a letter to Chairman Schiff seeking approval of the Republicans witness list  uring the impeachment inquiry. The list is pretty good and most interesting is Nellie Ohr, the wife of Bruce Ohr who worked with Fusion GPS using Ukraine as a channel.

Good, this list is a great start but hardly complete. There should be at least ten more on the list, yet Congressman Nunes may be holding back on additional names so as not to interfere or complicate John Durham’s work.
The matter of the impeachment operation managed by Speaker Pelosi has now centered on a quid pro quo scandal that bubbled to the surface as a result of at least three whistleblowers reporting on the President Trump phone call with Ukraine President Zelensky asking for a favor with regard to the Bidens and holding back military aid. Obama essentially held back requested military aid to Ukraine by not fulfilling the country’s request for military weapons, rather Obama only provided night vision goggles, radar equipment and MRE’s. President Trump allowed the real request to finally move to Ukraine which included Javelin missiles. So, ignore all that, because President Trump is NOT the first President or American politician to request foreign assistance for political purposes by far.
Further the matter of investigating the Bidens and Burisma was underway long before VP Joe Biden announced his candidacy for President. 
Two channels of concern are important here and they include the Obama administration infecting the US election process by using Ukrainian-American Alexandra Chalupa who was a contractor for the DNC. She visited the Obama White House 27 times according to visitor logs. At least one of her missions was the plot against Paul Manafort. Another channel is the matter of corruption in Ukraine. Beyond the matter of the Obama administration merging USAID with Burimsa to advance the energy business in Ukraine, which was later stopped due to corruption, there is a much larger scandal that has been in the works for many years and it regards billions stolen from Ukraine, You read that right, BILLIONS.
Beyond the mutual legal assistance cooperation agreement between the United States and Ukraine signed by President Clinton, there is the FBI cooperation agreement.
    Over the next two years the National Anti-Corruption Bureau of Ukraine (NABU) and the Federal Bureau of Investigation (USA) (International Corruption Unit) will cooperate in investigations related to money laundering, international asset recovery and Ukrainian high-level officials’ bribery and corruption. This is stated in the Memorandum of Understanding between the NABU and the Federal Bureau of Investigation (FBI), which was signed on June 29,2017, by the NABU Director Artem Sytnyk and the Head of the FBI Criminal Division Matthew Moon.
The abovementioned Memorandum was signed in continuation of cooperation launched last year when in June 2016, the Parties agreed to support each other. Thanks to the cooperation of the FBI and the NABU, the employees of the Special Operations Department of the NABU had the opportunity to train the skills of possession of weapons in conditions of physical and mental load, speed and accuracy of shooting, tactical training, identifying of the real goal and a potential threat, adopting competent tactical decisions in stressful situations.
Since February 2016, the representative of the FBI has a permanent Office in the NABU and jointly with the NABU Detectives works on the execution of international requests and controls their passage through the competent authorities of the United States of America.
Also, on June 19, 2017, the NABU Detectives in cooperation with the FBI detained 7 persons involved in demanding and receiving an improper advantage for the illegal lobbying of interests of a foreign company in amber mining in Ukraine.
As a part of a new Memorandum the NABU and the FBI will exchange the information, conduct trainings and joint investigations of the corruption offences. The Ambassador also informed Director Sytnyk that the International Narcotics and Law Enforcement Affairs Section of the Embassy (INL) will provide U.S. Special Weapons and Tactics (SWAT) officers to train with NABU’s tactical officers on the execution of high-risk warrants and other tactical law enforcement operations.

 

 

 

 

 

 

 

 

 

 

 

 

 

In addition, Director of NABU told US Ambassador about plans to create a criminal laboratory for electronic devices and data carriers, equipment for which will be provided by British partners in the nearest future. Ambassador Geoffrey R. Pyatt said that FBI employees have a unique experience in decoding, and data recovery, and expressed readiness to further support the Bureau in implementing new technologies in investigations.
 
It should be reminded that the FBI with the support of the US Embassy to Ukraine provided the NABU`s Department of analysis and data processing with the equipment for criminal proceedings documents digitalizing.
Speaker Pelosi and Chairman Schiff are essentially covering for Biden and Obama. Remember, Biden tells us he does not need nor has he asked for Obama’s endorsement. Consider, the plot against Supreme Court Justice Brett Kavanaugh was a large mobilized operation that failed, the choreographed operation against candidate Trump failed with the Russia collusion operation as noted in the Mueller report. This impeachment plot against President Trump is actually a good thing for America while boring and tedious is soon to show how the nasty underbelly of Washington DC works against a duly elected President and against Republicans. This too will fail, so be patient, we will have a trifecta of failed plots against Republicans. Take notes and then vote accordingly.

The Lawyer’s Plot for the Coup Against Trump

Posted on by

Have you met Edward Luttwak? You can be sure the lawyer for the Whistleblower has. Luttwak published a book titled Coup D’ Etat, the practical handbook.

Coup d’État astonished readers when it first appeared in 1968 because it showed, step by step, how governments could be overthrown. Translated into sixteen languages, it has inspired anti-coup precautions by regimes around the world. In addition to these detailed instructions, Edward Luttwak’s revised handbook offers an altogether new way of looking at political power—one that considers, for example, the vulnerability to coups of even the most stable democracies in the event of prolonged economic distress.

So we have this cat, Mark Zaid. Within minutes of the inaugural event for President Trump, Zaid’s tweets began stating the coup has begun. Now the question is who in Washington DC was watching, considering and conspiring to join the coup army…plenty.

Mark Zaid: It’s troubling that Trump gave Jared Kushner security clearance

Zaid is a known quantity inside the Beltway.

Zaid is a recognized expert in Federal court especially in whistle-blower cases. These cases almost always include leaking or publishing classified material as such is/was the case of Edward Snowden. The Zaid law firm, where he is the managing partner includes at least 5 other lawyers handling cases of national security, diplomatic immunity, defamation cases and international transactions. Zaid is the founder of the James Madison Project, a non-profit organization that takes on government agencies for alleged wrong-doing, coverups and secrecy policies. Note however he never took on Hillary and Libya…or the email server scandal….

Mr. Zaid has testified before several committees in the House and the Senate all with the twist of meeting the ‘curiosity of this town’ as noted on the law firms website. With his early launch of the coup has started, you can bet some of this friendlies on The Hill followed his legal handbook and we are now enduring what Congressman Nunes calls a paper coup. Zaid has TS/SCI clearance and that add more bona fides to his power within the offices of the Democrats that include for sure Speaker Pelosi that is often providing all the permissions needed to Congressman Adam Schiff leading the impeachment inquiries.

Does anyone wonder how come Mr. Zaid never took any whistle-blower cases as they related to the Obama administration or even John Kerry with regard to the Iran deal? How about the IRS targeting operation or any of the other scandals in recent years….just sayin…

Okay, then there is also the other lawyer and law firm that has Andrew Bakaj with Compass Rose Legal Group.

 

 

An attorney who left the CIA in 2014 after facing professional retaliation for trying to work with intelligence community whistleblowers is now representing the U.S. official who reportedly filed a complaint alleging wrongdoing by President Trump.

Attorney Profiles – Compass Rose Legal Group, PLLC

Andrew Bakaj, a national security attorney working for Compass Rose Legal Group, a Washington national security law firm, has taken on the still unidentified whistleblower as his newest client, according to information first reported by the New York Times and confirmed by Yahoo News.

According to his Linkedin profile, Bakaj was an intern at the U.S. State Department from June 2002 to August 2002 at the U.S. Embassy in Kyiv, Ukraine. He, “Created the Embassy’s fraud database, performed various counter-fraud duties, interviewed visa candidates, translated official Ukrainian/Russian documents into English, and represented official U.S. interests at various events throughout Ukraine.

On September 24, Bakaj sent a ‘Notice of Intent to Contact Congressional Intelligence Committees’ letter to acting Director of National Intelligence Joseph Maguire, who took over for Dan Coats directly with the complaint. House Intelligence Committee Chairman Adam B. Schiff, who was copied on Bakaj’s letter, responded the same day. Schiff, who represented California’s 28th congressional district, asked for the whistleblower to come in for “voluntary interview” after Maguire testifies in a rare, open session Thursday, September 26, in a “secure location.”

Bakaj made a $100 campaign contribution to former Vice President Joe Biden’s 2020 Democratic presidential primary campaign through ActBlue, according to Federal Election Commission records. He made the contribution on April 26, 2019. ActBlue is a nonprofit that facilitates contributions to Democratic candidates.

Bakaj interned for Senator Chuck Schumer in the spring of 2001 and for then-Senator Hillary Clinton the fall of the same year. Hat tip.