Category Archives: Russia

Russia is a Threat, China Aggression is Under-Reported

Posted on by

President Jimmy Carter gave away the Panama Canal which was officially transferred in 2000. Few know about the other canal project in Nicaragua, which is designed to be bigger and better. It was launched by a Chinese billionaire however, it appears the Chinese government is actually behind it.

Image result for china nicaragua canal

The whole matter is shrouded in secrecy while the Panama Canal is going through a huge expansion.

Image result for china militarize islands PBS

China has been creating islands in the South China Sea while other islands are a source of major dispute. China has been seen as militarizing the manufactured islands giving rise to concerns of major cargo and global shipping lanes. Could China be making a worldwide play to control commerce and sea transportation?

Chinese state firms have expressed an interest to develop land around the Panama Canal, the chief executive of the vital trade thoroughfare said, underlining China’s outward push into infrastructure via railways and ports around the world. China’s state firms have in recent years already chalked up investments in key logistics nodes, including Piraeus in Greece and Bandar Malaysia, a major development project that is set to be the terminal for a proposed high-speed rail link between Kuala Lumpur and Singapore. More here from Reuters.

So is there more to this under reported threat by China? Yes. For instance:

HONG KONG — When the United States Air Force wanted help making military robots more perceptive, it turned to a Boston-based artificial intelligence start-up called Neurala. But when Neurala needed money, it got little response from the American military.

So Neurala turned to China, landing an undisclosed sum from an investment firm backed by a state-run Chinese company.

Chinese firms have become significant investors in American start-ups working on cutting-edge technologies with potential military applications. The start-ups include companies that make rocket engines for spacecraft, sensors for autonomous navy ships, and printers that make flexible screens that could be used in fighter-plane cockpits. Many of the Chinese firms are owned by state-owned companies or have connections to Chinese leaders.

The deals are ringing alarm bells in Washington. According to a new white paper commissioned by the Department of Defense, Beijing is encouraging Chinese companies with close government ties to invest in American start-ups specializing in critical technologies like artificial intelligence and robots to advance China’s military capacity as well as its economy. More here from the New York Times.

Humm, need more? Both China and North Korea are known for hacking. China may have some obscure agreement with North Korea to hack selected global sites. As we know, North Korea is a threat as they are continuing to advance their missile program and super thrust rocket engines which are tied to their nuclear weapons program. China provides that communications, telecom and internet platform and servers for North Korea.

Image result for china hacking BBC

North Korea relies on China for Internet connectivity, partially due to longstanding ties between the two nations and partly because it has few options. North Korea borders just three countries: South Korea, with which it is still technically at war, Russia and China. The Chinese Internet is well developed and the Russian border is far from Pyongyang, the North Korean capital, making China a good choice. Going back to 2014, the U.S. State Department was well aware of all these conditions between China and North Korea, still no solution by the Obama administration.

***

Hackers associated with the Chinese government have repeatedly infiltrated the computer systems of U.S. airlines, technology companies and other contractors involved in the movement of U.S. troops and military equipment, a U.S. Senate panel has found.

Cybersecurity expert Dmitri Alperovitch, chief technology officer with the security firm Crowdstrike, said China had for years shown a keen interest in th the logistical patterns of the U.S. military.

The investigation focused on the U.S. military’s ability to seamlessly tap civilian air, shipping and other transportation assets for tasks including troop deployments and the timely arrival of supplies from food to ammunition to fuel. U.S. authorities charged five Chinese military officers, accusing them of hacking into American nuclear, metal and solar companies to steal trade secrets.

Last month, Community Health Systems (CYH.N), one of the largest U.S. hospital groups, said Chinese hackers had stolen Social Security numbers and other personal data from some 4.5 million patients.

*** North Korea has an elite and secret hacking unit as well known as Bureau 121. The Department of Defense submitted a report to Congress on Bureau 121 using asymmetric warfare. North Korea also has an additional cyber unit known as Office 91.

Office 91 is thought to be the headquarters of North Korea’s hacking operation although the bulk of the hackers and hacking and infiltration into networks is done from Unit 121, which operates out of North Korea and has satellite offices overseas, particularly in Chinese cities that are near the North Korean border. One such outpost is reportedly the Chilbosan Hotel in Shenyang, a major city about 150 miles from the border. A third operation, called Lab 110, participates in much the same work.

There are also several cyberunits under North Korea’s other arm of government, the Workers’ Party of Korea.

Unit 35 is responsible for training cyberagents and is understood to handle domestic cyberinvestigations and operations. Unit 204 takes part in online espionage and psychological warfare and Office 225 trains agents for missions in South Korea that can sometimes have a cyber component. More here from PCWorld.

*** China is well aware of North Korea activities, while China has and is becoming more aggressive globally. There is clearly collusion, yet what is the West and in particular the United States prepared to do in response remains unclear. However, China did approve 38 Trump trademarks. President Trump meets with Xi Jinping, maybe we will know more in April.

 

 

About that Trump Server with Pings from Alfa Bank

Posted on by

A matter of note: Alfa Bank has FIFA as a customer. Under Loretta Lynch at DoJ, she prosecuted the FIFA fraud, Further, that pesky Trump dossier that was crafted by Christopher Steele is the same person that broke the case on FIFA. (Note the end of this press release).

Image result for alfa bank  Image result for alfa bank russia

Press Statement: Alfa Bank confirms it has sought help from U.S. authorities, and discloses new cyberattacks linked to Trump hoax  —

Alfa Bank, a privately owned Russian bank, confirmed today that it has contacted U.S. law enforcement authorities for assistance and offered U.S. agencies its complete co-operation in finding the people behind attempted cyberattacks on its servers that have made it appear falsely that it has been communicating with the Trump Organization.

Alfa Bank confirmed a story in Circa News that it had been subjected to three new attempted domain name server (DNS) cyberattacks of increasing intensity over the last few weeks. In the attacks, multiple DNS requests were made by unidentified individuals, mostly using U.S. server providers, to a Trump Organization server. The DNS requests were made to appear as if they originated from Alfa Bank. The DNS responses from the Trump server were then erroneously returned to Alfa Bank, activating Alfa Bank’s automated security systems on February 18 and again on March 11 and 13. Alfa Bank has engaged the U.S.-based cyber forensics firm Stroz Friedberg to investigate these new attacks.

Alfa Bank believes that these malicious attacks are designed to create the false impression that Alfa Bank has a secretive relationship with the Trump Organization. In fact, there is not and never has been such a relationship.

New February 2017 attack on Alfa Bank server

On February 18, 2017, Alfa Bank experienced suspicious cyber-activity from an unidentified third-party. Specifically, the unidentified third-party repeatedly sent suspicious DNS queries from servers in the U.S. to a Trump Organization server. The unidentified individuals made it look as though these queries originated from variants of MOSCow.ALFAintRa.nET. As a result, the DNS responses from the Trump server were returned incorrectly to Alfa Bank’s server, which triggered Alfa Bank’s automated security system.

Alfa Bank believes that unknown individuals — using an identified U.S.-based service provider — are behind this recent attack, and that they are attempting to trigger verification signals between Alfa Bank and a server associated with the Trump Organization.

It believes that someone or some group manufactured this deceit by «spoofing» or falsifying DNS lookups to create the impression of communication between Alfa Bank and the Trump Organization. However, Alfa Bank’s DNS servers neither send nor receive email. Instead, they react when contacted by unwanted and unsolicited messages by sending out DNS verification signals asking, in effect, who is the server contacting Alfa Bank.

An Alfa Bank spokesperson said:

“The cyberattacks are an attempt by unknown parties to manufacture the illusion of contact between Alfa Bank’s DNS servers and ’Trump servers’.

«A simple analogy would be someone in the U.S. sending an empty envelope (in this case a DNS signal) to a Trump office (server) addressed to Trump, but on the back of the envelope the return address is Russia (Alfa Bank) instead of its own real address. The Trump office, recognizing there is nothing in the empty envelope to deal with, returns it as undelivered to Russia instead of to the U.S.-based sender. So, on cursory examination, Alfa Bank appears to have been receiving responses to queries it never actually sent.

«We have gone to the U.S. Justice Department and offered our complete co-operation to get to the bottom of this sham and fraud.»

Other indications of human intervention include the fact that the queries occurring in these logs included mixed uppercased and lowercased letters. The majority of DNS queries are machine based queries (for example, browsers and email clients), which would send lowercased queries to the DNS servers.

A few days after the February 18 DNS attack, Alfa Bank again started to receive inquiries from U.S. media outlets, including CNN, about allegations of cyber links with Donald Trump. No such link exists or, in fact, has ever existed between Alfa Bank and Mr. Trump or his organization.

An anonymous group has been trying for months to persuade news organizations to publish stories that such a link is real. Alfa Bank has asked reporters who have contacted it about the traffic to assist by letting the bank know if someone is trying to create the false impression that Alfa Bank has business or other dealings with Mr. Trump.

Two new confirmed March 2017 attacks on Alfa Bank server

On March 11 and 13, Alfa Bank was subjected to two new DNS attacks using similar methods. These attacks appear to have been orchestrated from multiple servers primarily in the U.S.

Between 02:00 and 07:00 (Moscow Time) on March 11 and at 21:00 on March 13, Alfa Bank experienced suspicious cyber activity from an unidentified third party or parties. The unidentified third parties or party repeatedly sent unusual DNS queries to a Trump server, the responses to which again ultimately triggered Alfa Bank’s automated security system.

Over a five-hour period on Saturday — and again on Monday — Alfa Bank received more than 1,340 DNS responses containing mail.trump-email.com.moscow.alfaintra.net.

These malicious and seemingly co-ordinated DNS attacks are coming from unidentified users using a variety of predominantly U.S. servers, including Google and Amazon web services. These IP service providers are inadvertently allowing their infrastructure to be used to attack Alfa Bank.

Alfa Bank suspects the unidentified parties are attempting to cover their tracks by using cloud services from these providers.

Given the frequency of the attacks and the variety of Internet service providers used in the attacks, Alfa Bank’s working hypothesis is that these new attacks are being launched from a botnet.

Possible third new attack In March 2017

Alfa Bank has now started to monitor all incoming messages to its servers containing the word «trump.» This monitoring has revealed that Alfa Bank also is receiving unsolicited marketing emails from «marketing@trumphotels.com.» These incoming spam marketing emails also trigger Alfa Bank’s security system, which automatically sends multiple DNS verification requests back to the originating server — here, the Trump server — in order to ascertain the identity of the sender.

Alfa Bank does not know whether these marketing emails are legitimate, or whether a third-party is orchestrating the campaign in another attempt to create the false impression of inappropriate communications between Alfa Bank and the Trump Organization.

In response to media questions that started last September, Alfa Bank asked Mandiant, one of the world’s leading cyber experts, to investigate allegations suggested by an anonymous cyber group of a link between Alfa Bank and Trump, based on unverified DNS logs.

Mandiant completed its independent investigation late last year. After examining Alfa Bank’s system both remotely and on the ground in Moscow, and the unverified DNS data presented to the media by the anonymous cyber group, Mandiant concluded that there is no evidence of substantive contact, such as emails or financial links, between Alfa Bank and the Trump Campaign or the Trump Organization.

Mandiant investigated (1) the DNS data given to the media, which journalists had shared with independent DNS experts, and (2) Alfa Bank servers for any evidence of links.

Mandiant concluded:

DNS data — There is no information that indicates where the list (obtained by reporters) has come from. The list contains approximately 2,800 look ups of a Domain Name over a period of 90 days. The information is inconclusive and is not evidence of substantive contact or a direct email or financial link between Alfa Bank and the Trump Campaign or Organization.

Alfa Bank servers — Nothing we have or have found alters our view as described above that there is no evidence of substantive contact or a direct email or financial link between Alfa Bank and the Trump Campaign or Organization.

Mandiant’s working hypothesis is that the activity the reporters’ sources alleged last year was caused by an email marketing/spam campaign possibly targeted at Alfa Bank employees by a marketing server, which triggered security software.

Earlier this year, Alfa Bank launched another investigation to find out who was — and maybe still is — behind this elaborate hoax.

Access to other’s DNS data is highly privileged and is usually independently examined for academic purposes and cyber security research. Therefore, the examination and sharing of DNS data by the people involved in these fraudulent activities brings into question whether these data were acquired lawfully and whether it was ethical to misuse privileged access in order to manufacture a deceit.

Alfa Bank’s working hypothesis is that an individual — possibly well known in internet research circles — may have fed selected DNS data to an anonymous cyber group to ensure they reached a specific (and erroneous) conclusion. Alternatively, the cyber group may have been complicit in the deceit. In the most recent cases, unknown individuals demonstrably attempted to insert falsified records onto Alfa Bank’s computer systems designed to create the same impression.

An Alfa Bank spokesperson said: «The anonymous cyber group, which is led according to news accounts by ‘Tea Leaves,’ cannot produce evidence of a link because there never has been one. Alfa Bank believes that it is under attack and has pledged its complete cooperation to U.S. authorities to find out who is behind these malicious attacks and false stories.»

Founded in 1990, Alfa-Bank is a full-service bank operating in most sectors of the financial market, including retail and corporate lending, investment banking, leasing, factoring and trade finance.

According to its IFRS Consolidated Financial Statements as of 31 December 2016, the Alfa Banking Group, which comprises ABH Financial, Joint Stock Company Alfa-Bank as well as its subsidiary financial companies, had total assets of $38.2 bn, gross loans of $23.9 bn, and total equity of $5.7 bn. Net profit for 2016 amounted to $527 mln.

As of December 31, 2016 the Alfa Banking Group serves around 334,000 corporate and 14.3 mln retail customers, while the branch network consists of 733 offices across Russia and abroad, including a subsidiary bank in the Netherlands and financial subsidiaries in United Kingdom and Cyprus.

Alfa-Bank is an official European bank of the 2018 FIFA World Cup and the 2017 FIFA Confederations Cup. Since its foundation in 1990 Alfa-Bank has been known for supporting of large cultural events. With the assistance of Alfa-Bank a lot of world-famous foreign musicians visited Russia: Ray Charles, Elton John, Tina Turner, Bryan Adams, Eric Clapton, Sting, Robbie Williams, Whitney Houston, Paul McCartney, Mark Knopfler and others.

In 2011 the bank organized a 4D show of internationally acknowledged David Atkins on Moscow’s Vorobyovy Hills visited by over 800 000 spectators. In addition, Alfa-Bank is the organizer of the annual modern music and technology festival AlfaFuturePeople.

North Korea’s Weapons Program Includes More Countries

Posted on by

We can go back to 1968 when North Korea hijacked our naval intelligence ship USS Pueblo as a reminder for the basis on how to address North Korea today.

Image result for uss puelbo

Then as today, Russia collaborated with North Korea as does Iran. North Korea dispatched 2 MiG fighter jets along with several attack submarines in the capture of the Pueblo. At the time was also the Vietnam war of which Russia provided unmeasured military support to North Vietnam and did not want to add another theater of conflict with the United States, as noted by the Blue House raid.  noted by the In fact, China cannot be overlooked either for many reasons.

Newly placed U.S. Secretary of State Rex Tillerson is traveling the region meeting with Asian leaders on the matter of stopping North Korea. The question is how far and wide are these talks with regard to additional countries cooperation with North Korea.

As for Iran and North Korea, The Telegraph reported the following:

The Shahab-3 is a modified version of North Korea’s Nodong missile which itself is based on the old Soviet-made Scud.

The Nodong, which Iran secretly acquired from North Korea in the mid-1990s, is designed to carry a conventional warhead. But Iranian engineers have been working for several years to adapt the Shahab-3 to carry nuclear weapons.

“This is a major breakthrough for the Iranians,” said a senior US official. “They have been trying to do this for years and now they have succeeded. It is a very disturbing development.”

The Shahab 3 has a range of 800 miles, enabling it to hit a wide range of targets throughout the Middle East – including Israel.

Image result for north korea high thrust engine UPI

Further in 2015, Forbes reported collaboration between Iran and North Korea where the exchange of engineers and scientists between the two countries is common:

North Korea and Iran are believed to be exchanging critical stuff – North Korean experts and workers remaining in place while Iran sends observers to check out intermittent North Korean missile launches and see what North Korea is doing about staging a fourth underground nuclear explosion.

The nuclear exchange revolves around North Korea’s program for developing warheads with highly enriched uranium – with centrifuges and centrifuge technology in part acquired from Iran. At the same time, North Korea is able to assist Iran in miniaturizing warheads to fit on missiles – a goal the North has long been pursuing – and also can supply uranium and other metals mined in its remote mountain regions.

“North Korea continues to supply technology, components, and even raw materials for Iran’s HEU weaponization program,” says Bruce Bechtol, author of numerous books and studies on North Korea’s military and political ambitions. Moreover, he says, “They are even helping Iran to pursue a second track by helping them to build a plutonium reactor.”

That assessment supports the view of analysts that Iran is counting on North Korean expertise in constructing a reactor that produces warheads with plutonium. The reactor would be a more powerful version of the aging five-megawatt “experimental” reactor with which the North has built perhaps a dozen warheads at its nuclear complex at Yongbyon, including three that it’s tested underground — in October 2006, May 2009 and February 2013, two years ago this month.

Then comes China, where the entire North Korea internet platform used by North Korea is hosted by China. Beyond managing cyber systems for North Korea, China is also collaborating with North Korea on nuclear weapons at key production sites producing lithium for thermonuclear and boosted fission research and development.

Sanctions have been placed on North Korea due to violations of UN resolutions due to the weapons of mass destruction operations which does include missiles and the nuclear program. However, North Korea has not been affected with regard to the research/development and production due to out of country front operations where China and Malaysia are involved.

Forbes also reported:

Although the UN resolutions have highly restricted North Korea’s access to the financial system on paper, the report suggests that these sanctions have not affected the ability of North Korean networks such as Pan Systems Pyongyang to finance its operations, asserting that the network maintains bank accounts in China, Malaysia, Singapore, Indonesia, and the Middle East. By conducting financial transactions under the names of its affiliates such as Pan Systems Singapore, the company has been able to maintain sufficient financial access to the international financial system that it was able to transfer funds to a supply chain of more than twenty companies in China, and has also used front companies to conduct transactions via Hong Kong-registered companies that were cleared through U.S. correspondent banks in New York. The Panel of Experts report also provides details on the interception in the Suez Canal of the Cambodian-flagged and North Korean-crew piloted Jie Shun in what it categorizes as the “largest interdicted ammunition consignment in DPRK sanctions history,” superseding the 2013 interdiction of the North Korean flagged Chong Chon Gang ship that was loaded with vintage Cuban munitions and airplane parts. The interdiction of the Jie Shun by Egypt revealed a cargo from North Korea through the Suez Canal containing 30,000 PG-7 rocket propelled grenades (RPG) and related sub-components shipped in wooden crates concealed under 2,300 tons of limonite (iron ore). The Jie Shun evaded detection by cutting off GPS during most of its journey, with the exception of transit through heavily trafficked straits and ports. The shipment from Haeju in North Korea to an undisclosed Middle Eastern destination were falsely labeled as “assembly parts for an underwater pump,” and the bill of lading showed the address of the “Dalian Haoda Petroleum Chemical Company, Ltd.”

Rex Tillerson stated that ‘strategic patience’ has run out with regard to North Korea and all options remain on the table including preemptive strikes. North Korea has launched 46 missiles since 2011 and the most recent launch was to test a super high thrust rocket steering engine which was designed by Russian blueprints and engineers.

 Tillerson at the DMZ lexpress.fr

The addition of a four-chamber steering engine further points toward a design rooted in Soviet missile technology as RD-250 and its descendants – when used on the R-36 missile and Tsiklon-2/3 orbital launchers – were coupled with a four-chamber RD-68M steering engine.

Photo: KCNA

This engine adaptation in all likelihood uses Unsymmetrical Dimethylhydrazine and Nitrogen Tetroxide propellants – a more powerful combination in terms of specific impulse compared to the Nitric Acid / UDMH propellant used by North Korea’s Unha booster

September 2016 Test Setup vs- March 2017 Test Setup – Images: KCTV/KCNA

 

 

WTH: Siphoning off Cellphone Data in DC is Real

Posted on by

First

An IMSIcatcher (International Mobile Subscriber Identity) is a telephony eavesdropping device used for intercepting mobile phone traffic and tracking movement of mobile phone users. Essentially a “fake” mobile tower acting between the target mobile phone(s) and the service provider’s real towers, it is considered a man-in-the-middle (MITM) attack.

Low-cost IMSI catcher for 4G/LTE networks tracks phones’ precise locations

$1,400 device can track users for days with little indication anything is amiss.

The researchers have devised a separate class of attacks that causes phones to lose connections to LTE networks, a scenario that could be exploited to silently downgrade devices to the less secure 2G and 3G mobile specifications. The 2G, or GSM, protocol has long been known to be susceptible to man-in-the-middle attacks using a form of a fake base station known as an IMSI catcher (like the Stingray). 2G networks are also vulnerable to attacks that reveal a phone’s location within about 0.6 square mile. 3G phones suffer from a similar tracking flaw. The new attacks, described in a research paper published Monday, are believed to be the first to target LTE networks, which have been widely viewed as more secure than their predecessors.

“The LTE access network security protocols promise several layers of protection techniques to prevent tracking of subscribers and ensure availability of network services at all times,” the researchers wrote in the paper, which is titled “Practical attacks against privacy and availability in 4G/LTE mobile communication systems.”

Second

ESD Overwatch:

Generate a continuously updated national situation report by means of distributed detection and localization of a multitude of baseband attacks as well as the manipulation of cellular signaling.

Detect and monitor cellular attacks in real-time

  • IMSI Catchers

    IMSI Catchers

  • Baseband Attacks

    Baseband Processor Attacks

  • Rogue Basestation

    Rogue Basestations

  • Cellular Jamming

    Cellular Jamming

Third

Suspected Hack Attack Snagging Cell Phone Data Across D.C.

Malicious entity could be tracking phones of domestic, foreign officials

FreeBeacon: An unusual amount of highly suspicious cellphone activity in the Washington, D.C., region is fueling concerns that a rogue entity is surveying the communications of numerous individuals, likely including U.S. government officials and foreign diplomats, according to documents viewed by the Washington Free Beacon and conversations with security insiders.

A large spike in suspicious activity on a major U.S. cellular carrier has raised red flags in the Department of Homeland Security and prompted concerns that cellphones in the region are being tracked. Such activity could allow pernicious actors to clone devices and other mobile equipment used by civilians and government insiders, according to information obtained by the Free Beacon.

It remains unclear who is behind the attacks, but the sophistication and amount of time indicates it could be a foreign nation, sources said.

Mass amounts of location data appear to have been siphoned off by a third party who may have control of entire cell phone towers in the area, according to information obtained by the Free Beacon. This information was compiled by a program that monitors cell towers for anomalies supported by DHS and ESD America and known as ESD Overwatch.

Cell phone information gathered by the program shows major anomalies in the D.C.-area indicating that a third-party is tracking en-masse a large number of cellphones. Such a tactic could be used to clone phones, introduce malware to facilitate spying, and track government phones being used by officials in the area.

“The attack was first seen in D.C. but was later seen on other sensors across the USA,” according to one source familiar with the situation. “A sensor located close to the White House and another over near the Pentagon have been part of those that have seen this tracking.”

The data gathered by the ESD Overwatch program indicates the U.S. cell carrier has experienced “unlawful access to their network for the purpose of large scale subscriber tracking,” according to a report prepared by ESD Overwatch, a contractor working on behalf of DHS, and viewed by the Free Beacon.

Information gathered by the program shows a massive uptick in efforts to identify and track cellphones. The third-party hacker appears to be identifying phones as they connect with local cellphone towers and recording this information.

This method of hacking could permit a malicious actor to track an individual’s cellphone and pinpoint phones that may be of importance, such as government entities.

The cellular network involved in the attack is being abused in order to track phones subscribed to the carrier, according to one source familiar with the situation.

DHS’s Office of Public Affairs confirmed that the ESD Overwatch program has been operating under a 90-day pilot program that began Jan. 18. Before the surveillance program was initiated the federal government did not have a method to detect intrusions of the nature seen over the past several months.

The attack on this network is still underway, according to sources monitoring the situation.

An official with ESD Overwatch acknowledged the existence of the DHS program, but would not comment further on the matter.

The issue of cellphone vulnerabilities has been a top concern in Congress, where lawmakers petitioned DHS on Wednesday to outline steps the government is taking to prevent foreign governments from performing the type of attacks observed by Overwatch.

“For several years, cyber security experts have repeatedly warned that U.S. cellular communications networks are vulnerable to surveillance by foreign governments, hackers, and criminals exploiting vulnerabilities in Signaling System 7,” which is used by cellular phones and text messaging applications, according to a letter set by Sen. Ron Wyden (D., Ore.) and Rep. Ted Lieu (D., Calif.).

“U.S. cellular phones can be tracked, tapped, and hacked—by adversaries thousands of miles away—through SS7-enabled surveillance,” the lawmakers write. “We are deeply concerned that the security of America’s telecommunications infrastructure is not getting the attention it deserves.”

“We suspect that most Americans simply have no idea how easy it is for a relatively sophisticated adversary to track their movements, tap their calls, and hack their smartphones,” the lawmakers write.

Concerns continue to mount that the government is not adequately taking steps to secure cellular networks.

The lawmakers request that DHS outline specific steps being taken to insulate networks from attacks and ensure that U.S. cell carriers are doing the same.

 

Gen. Flynn Worked for Several Russian Companies

Posted on by

 Image result for general flynn

WSJ: President Trump’s former national security adviser, Mike Flynn, was paid tens of thousands of dollars by Russian companies shortly before he became a formal adviser to the then-candidate, according to documents obtained by a congressional oversight committee that revealed business interests that hadn’t been previously known.

Mr. Flynn was paid $11,250 each by a Russian air cargo company that had been suspended as a vendor to the United Nations following a corruption scandal, and by a Russian cybersecurity company that was then trying to expand its business with the U.S. government, according to the documents, which were reviewed by The Wall Street Journal.

The speaking engagements took place in the summer and fall of 2015, a year after Mr. Flynn had been fired as the director of the Defense Intelligence Agency and while he continued to maintain a top-secret level security clearance.

In December 2015, the Kremlin-backed news organization RT also paid Mr. Flynn $33,750 to speak about U.S. foreign policy and intelligence matters at a conference in Moscow.

In February 2016, Mr. Flynn became an official adviser to the presidential campaign of Donald Trump, who at the time was taking a softer stance toward Moscow than his Republican rivals.

Mike Flynn resigned Monday as Trump’s national security adviser. He came under fire for making conflicting statements on whether he discussed sanctions with a Russian official before the president’s inauguration. Photo: Reuters (Originally published Feb., 14, 2017)

Price Floyd, a spokesman for Mr. Flynn, said he reported his RT appearance to the Defense Intelligence Agency, as required. Mr. Floyd didn’t immediately respond to questions about the other fees.

The new details about Mr. Flynn’s speaking engagements are contained in emails and documents provided to congress by his speaker’s bureau, Leading Authorities, and shed light on a continuing inquiry into Mr. Flynn’s and other Trump associates’ ties to Moscow.

On Monday, FBI Director James Comey and other current and former U.S. officials are scheduled to testify about possible Russian interference in the 2016 presidential election before a congressional committee that is also probing Trump associates’ ties to Russia.

Attorney General Jeff Sessions has recused himself from any investigation related to the 2016 presidential campaign after he failed to disclose the extent of his own contacts with the Russian ambassador to the U.S., Sergei Kislyak.

Mr. Flynn resigned under pressure in February after he failed to tell White House officials about phone calls he had with Mr. Kislyak, in which the two discussed the potential lifting of U.S. sanctions on Russia, according to U.S. officials familiar with the contents of the conversations.

While the documents from Mr. Flynn’s speaker’s bureau provide the most detail to date on his business dealings with Russia, they don’t show what other work he may have been doing outside his role as a paid speaker. Mr. Flynn commanded high fees for speaking on the state of global security and talking about his role as one of the most senior intelligence officials in the Obama administration.

Mr. Flynn was removed from his post as DIA chief after complaints of poor management and organization, not because of a policy dispute, according to people who worked with him at the time.

Last week, Mr. Flynn filed papers with the Justice Department disclosing that his firm was paid $530,000 to work in the U.S. on behalf of the interests of the Turkish government. Mr. Flynn had performed those services while he was advising Mr. Trump, then a presidential candidate.

Little additional information has become public about other clients the former military intelligence chief’s private consulting firm, Flynn Intel Group, may have had before the retired general’s appointment as national security adviser.

In a letter sent Thursday by Rep. Elijah Cummings (D., Md.) to Mr. Trump, Defense Secretary Jim Mattis and Mr. Comey, Mr. Cummings wrote that by taking the RT speaking fee, Mr. Flynn had “accepted funds from an instrument of the Russian government.”

Mr. Cummings, the top Democrat on the House Oversight and Government Reform Committee, pointed to a Central Intelligence Agency analysis written in 2012, while Mr. Flynn was running the DIA, that said RT was “created and financed by the Russian government,” which spent hundreds of millions of dollars a year to help the network create and disseminate programming that is broadcast in English around the world, including in the U.S.

Mr. Cummings said that by taking the fee, Mr. Flynn had violated the emoluments clause of the Constitution, which prohibits people in public office from accepting money from foreign governments. Some analysts have said this prohibition may apply to retired officers as well, because they could be recalled to service.

“I cannot recall anytime in our nation’s history when the president selected as his national security adviser someone who violated the Constitution by accepting tens of thousands of dollars from an agent of a global adversary that attacked our democracy,” Mr. Cummings wrote.

Though Mr. Flynn’s RT appearance had been reported, the documents provided new details about how he came to speak at the RT conference in December 2015, an event marking the network’s 10th anniversary.

While Mr. Flynn’s speakers’ bureau acted as a middleman, email communications indicate that RT sought to orchestrate the event and the content of his remarks.

“Using your expertise as an intelligence professional, we’d like you to talk about the decision-making process in the White House—and the role of the intelligence community in it,” an official from RT TV-Russia wrote in an email on Nov. 20, 2015, the month before Mr. Flynn’s appearance in Moscow.

In an earlier email in October, an RT official described the event as a networking opportunity for Mr. Flynn and an occasion to meet “political influencers from Russia and around the world.” At a gala dinner during the event, Mr. Flynn sat at the head table next to Russian President Vladimir Putin.

“It was something of a surprise to see General Flynn there,” said Ray McGovern, a former CIA officer and political activist who also attended.

Before the dinner, Mr. Flynn gave an interview on stage with an RT correspondent and chastised the Obama administration for objecting to Russia’s intervention in Syria.

“The United States can’t sit there and say, ‘Russia, you’re bad,’” Mr. Flynn said, according to a video of the interview, noting that both countries had shared global interests and were “in a marriage, whether we like it or not.” The countries should “stop acting like two bullies in a playground” and “quit acting immature with each other,” Mr. Flynn said.

Mr. Flynn attended with his son, Michael Flynn Jr., who worked as the chief of staff to his consulting firm. Records show that RT paid for travel and lodging expenses for both Flynns, including business-class airfare, accommodations at Moscow’s Hotel Metropol, and meals and incidental expenses while in Russia.

Mr. Putin entered the dinner late with two body guards, Mr. McGovern said. He waved and took his seat at the table, where he remained for about 20 minutes. After a fifteen-minute speech, Mr. Putin sat down, listened to a performance by the Russian Army chorus and then left, Mr. McGovern said.

It isn’t clear what Mr. Flynn said during speeches to the other two companies, computer security firm Kaspersky and Russian airliner Volga-Dnepr.

Mr. Flynn appears to have to spoken to Kaspersky at a conference the company sponsored in Washington, D.C., in October 2015. It wasn’t clear where Mr. Flynn spoke to Volga-Dnepr, but records from his speaker’s bureau show the engagement took place on August 19, 2015.

Kaspersky sponsors a number of events world-wide and in recent years has been trying to expand its business in the U.S., looking to supply government clients with antivirus products for industrial control systems.

Kaspersky said in a statement that its U.S. subsidiary paid Mr. Flynn a speaker fee for remarks at the 2015 Government Cyber Security Forum in Washington, D.C.

“As a private company, Kaspersky Lab has no ties to any government, but the company is proud to collaborate with the authorities of many countries, as well as international law enforcement agencies in the fight against cybercrime,” the company said.

Volga-Dnepr didn’t respond to a request for comment. The Russian cargo air firm is known for operating one of the largest military transport aircraft in the world, the An-124, which the U.S. has contracted in the past to lift military equipment, including Russian helicopters, into Afghanistan. The plane has a larger capacity than the U.S. military’s biggest cargo plane.

***

In part from Associated Press: Flynn’s sparkling military resume had included key assignments at home and abroad, and high praise from superiors.

The son of an Army veteran of World War II and the Korean war, Flynn was commissioned as a second lieutenant in May 1981 after graduating from the University of Rhode Island. He started in intelligence, eventually commanding military intelligence units at the battalion and then brigade level. In the early years of the Iraq war, he was intelligence chief for Joint Special Operations Command, the organization in charge of secret commando units like SEAL Team 6 and Delta Force. He then led intelligence efforts for all U.S. military operations in the Middle East and then took up the top intelligence post on the Joint Staff in the Pentagon.

Ian McCulloh, a Johns Hopkins data science specialist, became an admirer of Flynn while working as an Army lieutenant colonel in Afghanistan in 2009. At the time, Flynn ran intelligence for the U.S.-led international coalition in Kabul and was pushing for more creative approaches to targeting Taliban networks, including use of data mining and social network analysis, according to McCulloh.

“He was pushing for us to think out of the box and try to leverage technology better and innovate,” McCulloh said, crediting Flynn for improving the effectiveness of U.S. targeting. “A lot of people didn’t like it because it was different.”

It was typical of the determined, though divisive, approach Flynn would adopt at the Defense Intelligence Agency, which provides military intelligence to commanders and defense policymakers. There, he quickly acquired a reputation as a disruptive force. While some applauded Flynn with forcing a tradition-bound bureaucracy to abandon old habits and seek out new, more effective ways of collecting and analyzing intelligence useful in the fight against extremist groups, others saw his efforts as erratic and his style as prone to grandstanding.

In the spring of 2014, after less than two years on the job, he was told to pack his bags.

According to Flynn’s telling, it was his no-nonsense approach to fighting Islamic extremist groups that caused the rift.

A former senior Obama administration official who was consulted during the deliberations disputed that account. Flynn was relieved of his post for insubordination after failing to follow guidance from superiors, including James Clapper, Obama’s director of national intelligence, said the official, who asked for anonymity to discuss personnel matters.

Plunged into civilian life for the first time in 33 years, Flynn moved quickly to capitalize on his military and intelligence world connections and experience. He did so in an unorthodox way.

“I didn’t walk out like a lot of guys and go to big jobs in Northrup Grumman or Booz Allen or some of these other big companies,” Flynn told Foreign Policy magazine in 2015.

Instead, he opened his own consulting firm, Flynn Intelligence Group, in Alexandria, Va. He brought in his son, Michael G. Flynn as a top aide, and began assembling a crew of former armed forces veterans with expertise in cyber, logistics and surveillance, and sought out ties with lesser-known figures and companies trying to expand their profiles as contractors in the military and intelligence spheres.

One “team” member listed on the firm’s site was James Woolsey, President Bill Clinton’s former CIA director. Woolsey briefly joined Flynn on Trump’s transition team as a senior adviser, but quit in January. Another was lobbyist Robert Kelley.

Kelley proved a central player in the Flynn Group’s decision to help a Turkish businessman tied to Turkey’s government. At the same time that Flynn was advising Trump on national security matters, Kelley was lobbying legislators on behalf of businessman Ekim Alptekin’s firm between mid-September and December last year, lobbying documents show.

It was an odd match. Flynn has stirred controversy with dire warnings about Islam, calling it a “political ideology” that “definitely hides behind being a religion” and accusing Obama of preventing the U.S. from “discrediting” radical Islam. But his alarms apparently didn’t extend to Turkish President Recep Tayyip Erdogan’s government as it cracked down on dissent and jailed thousands of opponents after a failed coup last summer. Erdogan’s power base is among Turkey’s conservative Muslim voters and many affected by his crackdown are secularists. More here.