Biden Ends Combat Operations in Iraq, Except we Already Did

In part from Reuters:

(Reuters) – U.S. President Joe Biden and Iraqi Prime Minister Mustafa al-Kadhimi on Monday sealed an agreement formally ending the U.S. combat mission in Iraq by the end of 2021, more than 18 years after U.S. troops were sent to the country.

Coupled with Biden’s withdrawal of the last American forces in Afghanistan by the end of August, the Democratic president is completing U.S. combat missions in the two wars that then-President George W. Bush began under his watch.

Biden and Kadhimi met in the Oval Office for their first face-to-face talks as part of a strategic dialogue between the United States and Iraq.

“Our role in Iraq will be … to be available, to continue to train, to assist, to help and to deal with ISIS as it arises, but we’re not going to be, by the end of the year, in a combat mission,” Biden told reporters as he and Kadhimi met.

There are currently 2,500 U.S. troops in Iraq focusing on countering the remnants of Islamic State. The U.S. role in Iraq will shift entirely to training and advising the Iraqi military to defend itself.

The shift is not expected to have a major impact since the United States has already moved toward focusing on training Iraqi forces.

President Joe Biden, right, speaks as Iraqi Prime Minister Mustafa al-Kadhimi, left, listens during their meeting in the Oval…

President Joe Biden, right, speaks as Iraqi Prime Minister Mustafa al-Kadhimi listens during their meeting in the Oval Office of the White House in Washington, July 26, 2021.  source

The real truth?

The Iraqi Prime Minister Mustafa al-Kadhemi on Monday in his first meeting with the weakened leader, whose loyalties are precariously split between the US ally and pro-Iran factions at home.

At the heart of the meeting will be the presence of US troops in Iraq and more broadly, whether Baghdad has what it takes to stand up to residual Islamic State jihadist group cells within the country’s borders.

Just last week, the IS group claimed a deadly suicide bombing at a Baghdad market that killed 30 people, according to the official toll.

All the while, US forces in Iraq have been subject to repeat attacks by pro-Iran militias, who in turn have suffered military reprisals launched by Washington.

Some 2,500 US troops still remain in Iraq as part of an anti-IS coalition — a number on top of which there are likely additional special forces, whose numbers are not publicly known.

Kadhemi, whose country has been ravaged by a trifecta of violence, poverty and corruption, would like the United States to commit, at least formally, to a reassessment of its presence in his country.

With three months to go before legislative elections, the head of the Iraqi government is hoping to regain a bit of ground with his country’s powerful pro-Iran factions, which are overtly hostile to the US presence.

Technically, there are no actual combat troops on the ground in Iraq, where the US military has officially only deployed advisors or trainers.

Iraq is an important strategic link for the United States, which leads the international coalition fighting the IS group next-door in Syria.

Abandoning Iraq to Iranian influence is out of the question for the United States, with Washington and Tehran mired in renewed tensions — even if Biden has signaled his readiness to return to the 2015 Iran nuclear deal.

In the context of this tug-of-war “it doesn’t seem likely that the number of US troops in Iraq will be reduced dramatically,” said Hamdi Malik of the Washington Institute think tank.

Ramzy Mardini, an Iraq specialist at the University of Chicago’s Pearson Institute, believes the Biden-Kadhemi meeting may cosmetically be “shaped” to help the Iraqi premier alleviate domestic pressures, “but the reality on the ground will reflect the status quo and an enduring US presence.”

What regional specialists fear most, however, is a continuation or even intensification of the attacks perpetrated by the pro-Iran factions.

Again on Friday, a drone attack was carried out on a military base in Iraqi Kurdistan that hosts American troops, but did not cause any casualties.

The Iraqi Resistance Coordination Committee, a group of militia factions, on Friday threatened to continue the attacks unless the United States withdraws all its forces and ends the “occupation.”

France Warned the US About the Wuhan Lab Often

Will this Biden ordered investigation within 100 days include anything from the past including what France warned us about regarding the Wuhan Lab? You be the judge…read on.

In part:

The U.S. federal government should have stopped funding research at the Wuhan Institute of Virology in 2015 when China reduced its cooperation with the French in building and operating the lab, according to the leader of an investigation into COVID-19’s origins by the State Department under the Trump administration.

In 2015, French intelligence officials warned the U.S. State Department and their own foreign ministry that China was cutting back on agreed collaboration at the lab, former State official David Asher, now a senior fellow at the Hudson Institute think tank, told the Daily Caller News Foundation.

By 2017, the French “were kicked out” of the lab and cooperation ceased, leading French officials to warn the State Department that they had grave concerns as to Chinese motivations, according to Asher.

The State Department alleged in January 2021, at the end of the Trump administration, that the Wuhan lab had engaged in classified research on behalf of the Chinese military since at least 2017.

Between October 2009 and May 2019, the U.S. Agency for International Development provided $1.1 million to the U.S.-based EcoHealth Alliance for a sub-agreement with the Wuhan Institute of Virology, according to USAID. EcoHealth Alliance also received funding from the Department of Defense’s Defense Threat Reduction Agency that was subcontracted to the Wuhan lab, New York magazine reported. National Institutes of Health grants to EcoHealth Alliance totaling $600,000 between 2014 and 2019 were subcontracted to the Wuhan Institute of Virology.

The NIH, Defense Department and USAID should have stopped sending U.S. federal funding to the Wuhan lab back when the French warned the State Department in 2015, Asher said. More here.

***

Stephen Mosher, a REAL China expert and previous radio guest on my radio show (several times) had this piece in the NY Post in part:

  • China had only one Level 4 lab that can “handle deadly coronaviruses,” and that lab just happened to be located in Wuhan at the very “epicenter of the epidemic.”
  • Underlining China’s shoddy lab-safety record, Xi Jinping himself had, in the early days of the crisis, warned about “lab safety” as a national-security priority.
  • Following Xi’s guidance, “the Chinese Ministry of Science and Technology released a new directive titled: ‘Instructions on strengthening biosecurity management in ­microbiology labs that handle advanced viruses like the novel coronavirus.’ ”
  • As soon as the outbreak began, China’s military was put in charge, with the PLA’s top biowar expert, General Chen Wei, dispatched to Wuhan to deal with it.

Even at the time there was other evidence available, which likewise pointed to the lab — and to the PLA’s involvement:

  • The authorities ordered all of the early samples of the coronavirus collected by private and university labs in China — vital for tracing the origin and early spread of the disease — to be destroyed.
  • China’s civilian Center for Disease Control was completely shut out of the picture in favor of the PLA, suggesting a classified military program was involved.
  • Military academies and installations in and around Wuhan were closed around January 1, well before the Chinese public was notified that there was a problem.
  • China lied about human-to-human transmission, leaving the US and other countries unprepared for the rapid spread of the virus, ensuring that more lives would be lost.

The evidence was circumstantial, to be sure, but I was fairly certain by that point that I could have convinced a jury of China’s culpability. Even so, while I waited for more facts to surface, I was careful to call the “lab origin” just a possibility.

Facebook, however, didn’t wait. It quickly moved to suppress the column as “False Information,” refusing to unblock it until April 17. The mainstream media likewise piled on, slamming The Post for publishing the writings of a “conspiracy theorist.” Others who raised questions about the pandemic’s origins were heavily censored as well — if not “canceled” entirely.

 Security personnel keep watch outside the Wuhan Institute of Virology.
Security personnel keep watch outside the Wuhan Institute of Virology.
Thomas Peter/REUTERS

China locked down the Wuhan lab, and the US virology establishment closed ranks, both denying that gain-of-function research — or a PLA bioweapons research program — had anything to do with the pandemic.

It has taken over a year, but the attempted cover-ups on both sides of the Pacific have gradually unraveled.

During that time China has burned through a half-dozen increasingly implausible cover stories. After the collapse of the Wuhan Wet Market fable, China tried to pin the blame on a wild succession of animals — bats and pangolins and raccoon-dogs, oh my! — for harboring the virus. We seem now to be back to bats, and are being told that many years ago, in a cave far away from the Wuhan lab, minors fell ill from being peed upon, pooped upon, and even bitten by those same nasty, virus-harboring creatures.

But the wildest tale by far being bandied about by the Chinese authorities is that CoV-2 was a US bioweapon, created in the U. Army’s research labs in Fort Detrick, Maryland. As to how the “American Virus” — as they unabashedly call it — got to China, they have an answer for that too: it was secretly released on the unsuspecting Chinese population of Wuhan by the American soldier-athletes who participated in the October 2019 Military World Games in that city.

Biological science specialists, background, wear biosafety protective clothing for handling viral diseases at U.S. Army Medical Research and Development Command at Fort Detrick in Frederick, Md.
Biological science specialists, background, wear biosafety protective clothing for handling viral diseases at US Army Medical Research and Development Command at Fort Detrick in Frederick, Maryland.
Andrew Harnik/AP

Who makes up such bat-sh*t crazy stories about secret bioweapons and superspreading soldiers? The same people, it seems, whose fever dream for decades has been to do exactly the same thing. There are numerous scientific publications that prove Chinese labs were engaged in dangerous gain-of-function research, along with new evidence that these techniques were being used in an active bioweapons program that included the Wuhan lab. As China defector Dr. Yan Limeng has taught us, the PLA itself isolated the original bat coronavirus that served as the “backbone” or “template” for CoV-2. Additional genetic material was then spliced into this virus to make it more infectious and deadly to humans. This is not speculation.

Those doing the splicing left “signatures” behind in the genome itself. To boost a virus’ lethality, for example, those doing gain-of-function research customarily insert a snippet of RNA that codes for two arginine amino acids. This snippet — called double CGG — has never been found in any other coronaviruses, but is present in CoV-2. Besides this damning evidence, there are other indications of tampering as well.

The dwindling ranks of lab “deniers” continue to insist that the vast laboratory of nature is capable of infinite surprises. Of course that’s true. And it’s also true that if you have enough monkeys typing the four DNA bases A, C, G, and T on enough computer keyboards they will eventually produce a complete and accurate copy of the human genome, which is 6.4 billion such bases long. But what are the odds?

And what are the odds that the virus passed naturally from animals to humans?

Volunteers in protective suits disinfect a factory with sanitizing equipment, as the country is hit by an outbreak of the novel coronavirus, in Huzhou, Zhejiang province, China February 18, 2020.
Volunteers in protective suits disinfect a factory with sanitizing equipment in China on Feb. 18, 2020.
China Daily via REUTERS

Dr. David Asher, who headed the now-canceled State Department investigation, put that very question to a biostatistician, and was told that the odds were roughly … 1 in 13 billion. In the face of that vanishingly small probability, Asher remarked, “to say this came out of a zoonotic situation is sort of ridiculous.”

What we do know, as former Deputy National Security Advisor (DNSA) Mathew Pottinger pointed out in a February interview, is that the PLA had been “doing secret classified animal experiments in that same laboratory [Wuhan Institute of Virology]” as early as 2017. While the Wuhan lab poses as a “civilian institution,” Pottinger said, US intelligence has determined that the lab has collaborated with China’s military on publications and secret bioweapons projects.

That’s David Asher’s opinion as well. “The Wuhan Institute of Virology is not the National Institute of Health,” he says. “It was operating a secret, classified program. In my view, and I’m just one person, my view is it was a biological weapons program.”

Dr. David Asher
Dr. David Asher believes the Wuhan Institute of Virology was running a biological weapons program.
Rod Lamkey/CNP

A Chinese book that recently fell into the hands of the Australian Strategic Policy Institute (ASPI) further confirms that Chinese military scientists have been focused on what they called the “new era of genetic weapons” since at least 2015. They begin by asserting that World War III would be fought with biological weapons, and go on to describe how viruses can be collected from nature and “artificially manipulated into an emerging human disease virus, then weaponized and unleashed.”

Sound familiar?

In fact, the scientists even singled out coronaviruses as a class of viruses that can be readily weaponized, and they suggest that the ideal candidate for a bioweapon would be something like the coronavirus that causes Severe Acute Respiratory Syndrome, or SARS. It is worth noting that the virus that causes COVID-19 is a type of SARS virus, which is why the World Health Organization insists that we call it SARS-CoV-2. As in, the “second” SARS virus.

Peter Jennings, the executive director of ASPI, said the new document “clearly shows that Chinese scientists were thinking about military application for different strains of the coronavirus and thinking about how it could be deployed. It begins to firm up the possibility that what we have here is the accidental release of a pathogen for military use.”

Wuhan Huanan Wholesale Seafood Market before its closure in Hankou, Wuhan city, central China's Hubei province, 31 December 2019.
After the collapse of the Wuhan Wet Market fable, China tried to pin the blame on a wild succession of animals — bats and pangolin.
Alamy

The document, he went on to say, is the closest thing to a “smoking gun as we’ve got.”

Is it really that surprising that the same murderous regime that has brought us forced abortion and sterilization, forced organ harvesting, and genocide in real time would also be developing deadly bioweapons to release upon the world?

China had both the intention and the capability to take a harmless bat virus, turn it into a deadly pathogen, and then release it upon the world. And the evidence suggests that it did just that.

More than half of all Americans — including 59 percent of Republicans and 52 percent of Democrats — now believe the virus was made in a lab and released either accidentally or intentionally. Indeed, there has been a massive hardening of public opinion against the communist giant across the board, with 89 percent of adults now seeing the country as hostile or dangerous.

By killing 600,000 Americans, China has proven that it is both.

But whether the Biden administration makes China pay for its crimes is another question.

Steven W. Mosher is the author of the forthcoming “Politically Incorrect Guide to Pandemics” (Regnery Press).

 

More Evidence of the Persistent China Threat to the US

Exactly how much is the United States going to tolerate?

Not only is the United States and the Western world concerned about the constant military threat of China in the South China Sea but the cyber war continues.

Just read through this Department of Justice report for context –>

Four Chinese Nationals Working with the Ministry of State Security Charged with Global Computer Intrusion Campaign Targeting Intellectual Property and Confidential Business Information, Including Infectious Disease Research

Indictment Alleges Three Defendants Were Officers in the Hainan State Security Department (HSSD), a provincial arm of China’s Ministry of State Security (MSS)

A federal grand jury in San Diego, California, returned an indictment in May charging four nationals and residents of the People’s Republic of China with a campaign to hack into the computer systems of dozens of victim companies, universities and government entities in the United States and abroad between 2011 and 2018. The indictment, which was unsealed on Friday, alleges that much of the conspiracy’s theft was focused on information that was of significant economic benefit to China’s companies and commercial sectors, including information that would allow the circumvention of lengthy and resource-intensive research and development processes. The defendants and their Hainan State Security Department (HSSD) conspirators sought to obfuscate the Chinese government’s role in such theft by establishing a front company, Hainan Xiandun Technology Development Co., Ltd. (海南仙盾) (Hainan Xiandun), since disbanded, to operate out of Haikou, Hainan Province.

The two-count indictment alleges that Ding Xiaoyang (丁晓阳), Cheng Qingmin (程庆民) and Zhu Yunmin (朱允敏), were HSSD officers responsible for coordinating, facilitating and managing computer hackers and linguists at Hainan Xiandun and other MSS front companies to conduct hacking for the benefit of China and its state-owned and sponsored instrumentalities. The indictment alleges that Wu Shurong (吴淑荣) was a computer hacker who, as part of his job duties at Hainan Xiandun, created malware, hacked into computer systems operated by foreign governments, companies and universities, and supervised other Hainan Xiandun hackers.

The conspiracy’s hacking campaign targeted victims in the United States, Austria, Cambodia, Canada, Germany, Indonesia, Malaysia, Norway, Saudi Arabia, South Africa, Switzerland and the United Kingdom. Targeted industries included, among others, aviation, defense, education, government, health care, biopharmaceutical and maritime. Stolen trade secrets and confidential business information included, among other things, sensitive technologies used for submersibles and autonomous vehicles, specialty chemical formulas, commercial aircraft servicing, proprietary genetic-sequencing technology and data, and foreign information to support China’s efforts to secure contracts for state-owned enterprises within the targeted country (e.g., large-scale high-speed railway development projects). At research institutes and universities, the conspiracy targeted infectious-disease research related to Ebola, MERS, HIV/AIDS, Marburg and tularemia.

As alleged, the charged MSS officers coordinated with staff and professors at various universities in Hainan and elsewhere in China to further the conspiracy’s goals. Not only did such universities assist the MSS in identifying and recruiting hackers and linguists to penetrate and steal from the computer networks of targeted entities, including peers at many foreign universities, but personnel at one identified Hainan-based university also helped support and manage Hainan Xiandun as a front company, including through payroll, benefits and a mailing address.

“These criminal charges once again highlight that China continues to use cyber-enabled attacks to steal what other countries make, in flagrant disregard of its bilateral and multilateral commitments,” said Deputy Attorney General Lisa O. Monaco. “The breadth and duration of China’s hacking campaigns, including these efforts targeting a dozen countries across sectors ranging from healthcare and biomedical research to aviation and defense, remind us that no country or industry is safe. Today’s international condemnation shows that the world wants fair rules, where countries invest in innovation, not theft.”

“The FBI, alongside our federal and international partners, remains committed to imposing risk and consequences on these malicious cyber actors here in the U.S. and abroad,” said Deputy Director Paul M. Abbate of the FBI. “We will not allow the Chinese government to continue to use these tactics to obtain unfair economic advantage for its companies and commercial sectors through criminal intrusion and theft. With these types of actions, the Chinese government continues to undercut its own claims of being a trusted and effective partner in the international community.”

“This indictment alleges a worldwide hacking and economic espionage campaign led by the government of China,” said Acting U.S. Attorney Randy Grossman for the Southern District of California. “The defendants include foreign intelligence officials who orchestrated the alleged offenses, and the indictment demonstrates how China’s government made a deliberate choice to cheat and steal instead of innovate. These offenses threaten our economy and national security, and this prosecution reflects the Department of Justice’s commitment and ability to hold individuals and nations accountable for stealing the ideas and intellectual achievements of our nation’s best and brightest people.”

“The FBI’s San Diego Field Office is committed to protecting the people of the United States and the community of San Diego, to include our universities, health care systems, research institutes, and defense contractors,” said Special Agent in Charge Suzanne Turner of the FBI’s San Diego Field Office. “The charges outlined today demonstrate China’s continued, persistent computer intrusion efforts, which will not be tolerated here or abroad. We stand steadfast with our law enforcement partners in the United States and around the world and will continue to hold accountable those who commit economic espionage and theft of intellectual property.”

The defendants’ activity had been previously identified by private sector security researchers, who have referred to the group as Advanced Persistent Threat (APT) 40, BRONZE, MOHAWK, FEVERDREAM, G0065, Gadolinium, GreenCrash, Hellsing, Kryptonite Panda, Leviathan, Mudcarp, Periscope, Temp.Periscope and Temp.Jumper.

According to the indictment, to gain initial access to victim networks, the conspiracy sent fraudulent spearphishing emails, that were buttressed by fictitious online profiles and contained links to doppelgänger domain names, which were created to mimic or resemble the domains of legitimate companies. In some instances, the conspiracy used hijacked credentials, and the access they provided, to launch spearphishing campaigns against other users within the same victim entity or at other targeted entities. The conspiracy also used multiple and evolving sets of sophisticated malware, including both publicly available and customized malware, to obtain, expand and maintain unauthorized access to victim computers and networks. The conspiracy’s malware included those identified by security researchers as BADFLICK, aka GreenCrash; PHOTO, aka Derusbi; MURKYTOP, aka mt.exe; and HOMEFRY, aka dp.dll. Such malware allowed for initial and continued intrusions into victim systems, lateral movement within a system, and theft of credentials, including administrator passwords.

The conspiracy often used anonymizer services, such as The Onion Router (TOR), to access malware on victim networks and manage their hacking infrastructure, including servers, domains and email accounts. The conspiracy further attempted to obscure its hacking activities through other third-party services. For example, the conspiracy used GitHub to both store malware and stolen data, which was concealed using steganography. The conspiracy also used Dropbox Application Programming Interface (API) keys in commands to upload stolen data directly to conspiracy-controlled Dropbox accounts to make it appear to network defenders that such data exfiltration was an employee’s legitimate use of the Dropbox service.

Coinciding with today’s announcement, to enhance private sector network defense efforts against the conspirators, the FBI and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) released a Joint Cybersecurity Advisory containing these and further technical details, indicators of compromise and mitigation measures.

The defendants are each charged with one count of conspiracy to commit computer fraud, which carries a maximum sentence of five years in prison, and one count of conspiracy to commit economic espionage, which carries a maximum sentence of 15 years in prison. The maximum potential sentences in this case are prescribed by Congress and are provided here for informational purposes only, as any sentencings of the defendants will be determined by the assigned judge.

The investigation was conducted jointly by the U.S. Attorney’s Office for the Southern District of California, the National Security Division’s Counterintelligence and Export Controls Section, and the FBI’s San Diego Field Office. The FBI’s Cyber Division, Cyber Assistant Legal Attachés and Legal Attachés in countries around the world provided essential support. Numerous victims cooperated and provided valuable assistance in the investigation.

Assistant U.S. Attorneys Fred Sheppard and Sabrina Feve of the Southern District of California and Trial Attorney Matthew McKenzie of the National Security Division’s Counterintelligence and Export Control Section are prosecuting this case.

***   source

The threat however does not end in the cyber realm, there is the matter of nuclear weapons. Just days ago, China threatened Japan, an ally of the United States with a nuclear attack over the matter of Taiwan.

“We will use nuclear bombs first. We will use nuclear bombs continuously. We will do this until Japan declares unconditional surrender for the second time,” a threatening video circulated among official Chinese Communist Party channels warns.

“When we liberate Taiwan, if Japan dares to intervene by force – even if it only deploys one soldier, one plane or one ship – we will not only return fire but also wage full-scale war against Japan itself.”

Tensions between Tokyo and Beijing have spiked high in recent weeks.

Deputy Prime Minister Taro Aso said: “We must defend Taiwan, under our alliance with the US”.

Defence Minister Yasuhide Nakayama added Japan and the US must “protect Taiwan as a democratic country”.

This was not what Beijing wanted to hear.

 

“We will never allow anyone to intervene in the Taiwan question in any way,” retorted Chinese foreign ministry spokesman Zhao Lijian at a press briefing last week.

But a Chinese Communist Party approved video channel with close ties to the People’s Liberation Army (PLA) took the anger to the next level.

*** Is the Biden administration taking anything seriously? Rather Kamala? Recently Foreign Policy magazine published in part the following:

For the past couple of months, a rumor has been going around Washington that China might be dramatically expanding its arsenal of nuclear-armed intercontinental ballistic missiles (ICBMs) that can strike the United States. I had heard that rumor and so had many of my colleagues.

According to a report released by the U.S. Defense Department last September, China had about 100 of those missiles but was expected to double that number in the coming years. Read in full here.

The Feds Have Hired Moonshot CVE, Be Worried

There was a time when CVE, first used by the Obama administration to describe terrorists such as the Haqqani Network, al Qaeda or Islamic State. Now, it is used to classify anyone the Federal government actually just thinks it should and that could mean you just based on your various internet searches. Your searches to find out patterns, various reports, names and dates and other detail is captured by Google (that is if you are still using Google and should not be) and then you are scored.

Sound crazy? This is a long read so hang on through it all as this post is an effort to give you full context, well as much as possible.

Ready?

Let’s begin here:

From February of 2021, a little more than a month since the J6 event in DC, The Hill reported the following:

When armed insurrectionists stormed the Capitol on Jan. 6, Vidhya Ramalingam wasn’t surprised.

A day earlier, her company Moonshot CVE, which monitors and combats online extremism, set up a crisis team in response to a flood of indications that the pro-Trump rally scheduled for Washington could turn violent.

Moonshot works to pull back from the brink people who have been inculcated into white supremacist movements, conspiracy theories and radical ideologies, and it offered crisis intervention to some 270,000 high-risk users around the time of the Capitol breach.

“For organizations like ours that have been working on domestic violent extremism for many years, and in the run up to the election and the months that followed, this was not a surprise, that this attack happened,” Ramalingam said.

But even the 33-year-old Ramalingam, who has spent her entire career focused on the issue both domestically and abroad, says the widespread nature of radicalization in the U.S. is alarming.

“It’s a very scary moment in America right now. I mean, the implications are so wide-reaching,” she told The Hill in a recent interview. “There’s just the potential for so much more violence right now.”

Ramalingam got her start embedding herself with white nationalist groups in Sweden for two years as part of her graduate studies.

“It was really tough. I spent a lot of time around people saying and spouting lies about people of color and about immigrants and people like me, so there were moments that were really horrible to sit and listen to,” she said.

But the experience helped open a window into their world and how people become radicalized.

“Some of them had life experiences that had led them here. And for me, it was really important to see that in order to then start to piece together, well, how could you get someone out?” she said.

When far-right extremist Anders Behring Breivik murdered 77 people in Norway in July 2011, the European Union tapped Ramalingam to lead its first intergovernmental initiative to respond to right-wing terrorism, a job she held for three years.

She worked on deradicalizing initiatives such as Exit Germany and Exit Sweden that included efforts setting up counseling interventions and training family members and loved ones.

She also sits on the board of Life After Hate, a U.S.-based group that provides similar interventions along with building a network of former extremists to push back on extremist content.

But Ramalingam says the problem needs larger-scale responses, something that became clear with the rise of ISIS and its use of social media to radicalize people.

“There was this sense of defeat, that the terrorists were winning and that they were just better than we were, they were able to use technology better,” she said.

The London-based Moonshot, which opened its D.C. office this week, seeks to scale up monitoring and intervention using the kinds of targeting that have become commonplace in business to build personalized responses.

The company counts a slew of governments, the United Nations and major tech companies such as Facebook and Google among its funders, and groups including the Anti-Defamation League among its partners.

“Technology can actually have the power to scale up really deeply personalized interactions the same way that every single advertisement we see is personalized towards me, my gender, my behavior online, my identity, where I live,” said Ramalingam.

“It really is literally the same thing that Coca-Cola is doing to sell us more Coke. We’re using those same tools to reach people and try and offer them safer alternatives, and either save their lives or save other people’s lives.”

Those efforts, which range from widely used platforms such as Google and Facebook to more niche ones such as Gab and Telegram, have led to some surprising results.

While countering facts and ideological debates seldom work to engage people online, a more empathic approach seems to yield gains. In a recent round of tests, Moonshot’s target audience was 17 percent more likely to engage with posts featuring the simple message that “anger and grief can be isolating” compared to other tested messages.

Other content focused on deescalating anger and even breathing exercises also found fertile ground.

But Ramalingam says the threat is also evolving.

“We’ve seen this kind of blending and metastasization of various once-distinct ideologies, groups and movements. You know, everything from white supremacist and neo-Nazis with armed groups and anti-vaxxers and election conspiracies,” she says.

“These groups weren’t always coordinating, and now we’re suddenly seeing this mess online come together.”

There are a slew of factors at play, including what Ramalingam says is a tepid response from technology companies that have “systematically overlooked and been unwilling to respond” to the threat, though the Capitol insurrection last month could be changing that. Tech platforms, she notes, were far more aggressive when dealing with ISIS and have proven tools on issues such as suicide prevention that show how much more they could be doing.

Another major contributor to the problem has been the willingness of people in positions of power to bolster conspiracy theories and misinformation, whether through full-throated endorsements or more subtle means, such as winking claims that questions remain in actual clear-cut cases or that certain facts are unknowable.

“Political leaders and people in that level of power should absolutely not be lending any credence to conspiracy theories and disinformation. Lending even the tiniest inkling of credence to those conspiracy theories is hugely dangerous because of the position of power that they’re in,” she said.

Ramalingam is no stranger to Washington, having grown up just a few hours away and later testifying before Congress on the threat of white nationalism.

She says she has been in touch with senior members of the Biden administration on how to take a whole-of-government approach to combatting right-wing extremism, which FBI Director Christopher Wray says is the top terrorism threat the country faces.

She worries that the country will assume that the events of Jan. 6 were the apex of a movement, rather than simply the latest in a series of deadly attacks ranging from Charlottesville, Va., to Pittsburgh to El Paso, Texas.

“For those of us that have been working on this form of extremism for 10 plus years now, it would be misleading to say that this is the — kind of the crescendo and now it’s going to dissipate,” she said.

“I think there’s a risk for the U.S. government, that the response following the Jan. 6 events focuses on public statements and on Band-Aids and not on the changes and the real shifts that need to take place in the entire system to deal with domestic violent extremism,” she said.

Got it? Hold on here comes the terrifying part….

From Fast Company:

How do you pull people out of the rabbit holes that lead to violent extremism, or keep them from falling in? If conspiracy-laced hate is another kind of pandemic pushed by online superspreaders, could we build something like a cure or a vaccine?

The deadly Capitol riot on January 6 has set off a fresh scramble to answer these questions, and prompted experts like Vidhya Ramalingam to look for new ways to reach extremists—like search ads for mindfulness.

“It’s so counterintuitive, you would just think that those audiences would be turned off by that messaging,” says Ramalingam, cofounder and CEO of Moonshot CVE, a digital counter-extremism company that counts governments like the U.S. and Canada and groups like the Anti-Defamation League (ADL) and Life After Hate among its clients. But Moonshot’s researchers recently found that Americans searching for information about armed groups online were more likely than typical audiences to click on messages that encourage calmness and mindful thinking.

“Our team tried it, and it seems to be working,” Ramalingam says. The finding echoes previous evidence suggesting that some violent extremists tend to be more receptive to messages offering mental health support. “And that’s an opening to a conversation with them.”

It’s a promising idea in a growing multimillion-dollar war—an effort that, even decades after 9/11 and especially after 1/6, is still hungry for tools to reach extremists. Old currents of violence and hate, amplified by a virtuous cycle of platforms and propagandists, are straining relationships and communities, draining wallets, and putting new pressure on the U.S. government to steer its anti-terror focus toward homegrown threats. Last month, the Department of Homeland Security said it was granting at least $77 million toward ideas for stopping what the agency says now represents the biggest danger to Americans’ safety: “small groups of individuals who commit acts of violence motivated by domestic extremist ideological beliefs.” 

The risk of violence is buoyed by a rising tide of conspiracy theories and extremist interest, which Ramalingam says has reached levels comparable to other “high risk” countries like Brazil, Sri Lanka, India, and Myanmar. In terms of indicators of extremism in the U.S., “the numbers are skyrocketing.”

How to reach people—and redirect them

To get those numbers, Moonshot goes to where the toxicity tends to spread, and where violent far-right groups do much of their recruiting: Twitter, YouTube, Instagram, and Facebook, but also niche platforms like MyMilitia, Zello, and Gab. But core to its strategy is the place where many of us start seeking answers—the most trafficked website of all. “We all live our lives by search engines,” Ramalingam says.

 

From an analysis of U.S. social media and search data by Moonshot and the ADL [Image: courtesy of Moonshot]

Social media tends to get the bulk of the attention when it comes to radicalization, but Google is also integral to the extremism on-ramp. And unlike social media, with its posts and shares and filters, a search can feel like a more private, largely unmoderated, experience. “We tell Google our deepest, darkest thoughts,” Ramalingam says. “We turn to Google and ask the things that we won’t ask our family members or partners or our brothers or sisters.”

Search can also convey to users an illusory sense of objectivity and authority in a way that social media doesn’t. “It’s important that we keep our eye on search engines as much, if not more than we do social media,” Safiya Noble, associate professor at the University of California, Los Angeles, and cofounder and codirector of the UCLA Center for Critical Internet Inquiry, recently wrote on Twitter. “The subjective nature of social media is much more obvious. With search, people truly believe they are experiencing credible, vetted information. Google is an ad platform, the end.”

Moonshot began in 2015 with a simple, insurgent strategy: Use Google’s ad platform—and the personal data it collects—to redirect people away from extremist movements and toward more constructive content. The idea, called the Redirect Method, was developed in partnership with Google, and widely touted as a way to reach people searching for jihadist content, targeting young men who were just getting into ISIS propaganda, or more radicalized people who might be Googling for information on how to sneak across the border into Syria. The idea is to steer potential extremists away—known as counterradicalization—or to help people who are deep down a rabbit hole find their way out through deradicalization. That might mean connecting them with a mentor or counselor, possibly a former extremist.

 

[Image: courtesy of Moonshot]

Ramalingam has seen these methods work up close. A decade ago, as part of her graduate studies, she embedded herself among neo-Nazis in Scandinavia, where a system of counseling and exit programs was helping bring people back to sanity and family. In 2015, she and another counter-extremism researcher named Ross Frenett started Moonshot to drive that approach using search ads, with a name that described their far-reaching goal. “If we knew that that worked offline,” she says, “couldn’t we test whether this would work online?” 

What began with a focus on jihadism and European white supremacy is now part of an effort to track a nexus of extremism, conspiracy theories, and disinformation—from QAnon to child exploitation content—from Canada to Sri Lanka. But for Moonshot, the U.S. is a new priority. Last month, Ramalingam, who grew up in the states, returned to open the company’s second office in D.C., where it can be closer to policy makers and practitioners. The company is also dropping the acronym from its birth name, Moonshot CVE: “Countering violent extremism” has become nearly synonymous with a misguided overemphasis on Muslim communities, Ramalingam points out, and in any case, old tactics aren’t sufficient. As extremist ideas have stretched into the mainstream, Moonshot’s once tiny target audiences now number in the millions.

“We can’t rely on what we knew worked when we were dealing with the dozens and the tens of people that were really on the fringes,” she says. “We need to be testing all sorts of new messaging.”

Understanding the data

If you were among the thousands of Americans who Googled for certain extremist-related keywords in the months around the election—phrases like “Join Oath Keepers Militia,” “I want to shoot Ron Wyden,” and “How to make C4″—you may have been targeted by the Redirect Method. It could have been a vague, nonjudgmental message at the top of your search results, like “Don’t do something you’ll regret.” Click, and you could end up at a playlist of YouTube videos with violence-prevention content, like a TED Talk by a would-be school shooter or testimonies from former neo-Nazis. Or you might encounter videos promoting calmness, or a page directing you to mental health resources. Around January 6 alone, Ramalingam says more than 270,000 Americans clicked on Moonshot’s crisis-counseling ads.

To do this, Google has given Moonshot special permission to target ads against extremist keywords that are typically banned. But while Moonshot launched the Redirect Method with Google’s help, these days it typically pays the ad giant to run its campaigns, just like any other advertiser. And now, given the sheer scale of the audiences Moonshot is reaching in the U.S., “the costs are off the charts,” Ramalingam says. Regarding its recent ADL-backed campaign, she says, “We’ve never paid this much for advertising in any one country on a monthly basis.”

This ad data comes with caveats. When looking at extremist search terms, for instance, Moonshot can’t be certain it’s measuring individual people or the same person searching multiple times. It also can’t know if it’s targeting an extremist or a journalist who’s simply writing about extremism.

 

Sample of U.S. Google search data during the three months around Election Day [Image: courtesy of Moonshot]

Still, the company is bringing more empirical evidence and scientific rigor to a field that sorely needs it, says Colin Clarke, the director of policy and research at the Soufan Center, an independent non-profit group that studies extremism. Moonshot’s data is even more concerning, Clarke says, because of another statistic that’s not exactly captured in Google analytics.
“At a time when people have been locked in their homes and consuming disinformation, with record levels of domestic violence, anxiety, depression, substance abuse, what’s the antidote? People have bought guns and ammunition in record numbers. So they’re anxious, they’re angry, isolated, and they’re well-armed,” he says. “It’s a perfect storm.”

In a recent analysis, done in partnership with the ADL and gathered in a report titled “From Shitposting to Sedition,” Moonshot tracked tens of thousands of extremist Google searches by Americans across all 50 states during the three months around Election Day. It saw searches spike around big political events, but also along geographic and political lines. In states where pandemic stay-at-home orders lasted 9 or fewer days, white-supremacist-related searches grew by only 1%; in states where stay-at-home orders were 10 days or longer, the increase was 21%.

The politics of the pandemic fomented domestic extremist interest, but also helped unite disparate fringe movements, from militias to climate denialists to anti-maskers and anti-vaxxers. “We started to see this worrying blending and metastasization of all these different ideologies in the U.S.—far-right groups blending and reaching across the aisle to work with anti-vax movements,” Ramalingam says. And it’s during times of crisis, she notes, “when we see these actors just grasping to turn fear and anxiety in society into an opportunity for them to grow.”

But Ramalingam isn’t just concerned about the most hard-core armed believers. After the election and the events of January 6, she worries now about splintered far-right groups and disaffected conspiracy theorists who are grappling for meaning. That puts them at risk of further radicalization, or worse.

“There are a lot of people who basically just feel misled, who feel like they’ve lost a lot because they followed these conspiracy theories,” she says. QAnon channels filled up with anxiety, self-harm, and talk of suicide, “like a father saying, ‘My son won’t speak to me,’ people who have lost their jobs, people who said, ‘I lost my family because of this,’ ” Ramalingam says. “And so there’s a real moment now where we need to be thinking about the mental health needs of people who, at scale, bought into these conspiracy theories and lies.”

What to say 

To reach violent radicals or conspiracy theorists to begin with, Ramalingam urges caution with ideological arguments. Shaming, ridiculing, and fact-based arguing can prove counterproductive. In some cases, it can be more effective to use nonjudgmental and nonideological messages that don’t directly threaten people’s beliefs or tastes but that try to meet them where they are. For instance, as Frenett suggests, if someone is searching for Nazi death metal, don’t show them a lecture; instead, show them a video with a death metal score, but without the racism.

Simple reminders to be mindful, and to think about how one’s actions impact others, may help. In its recent campaign, some of Moonshot’s most effective messaging asked people to “reflect and think on their neighbors, their loved ones, the people in their immediate community around them, and just to reflect on how their actions might be harmful to their loved ones,” Ramalingam says.

People interested in armed groups were most receptive to messages of “calm” offering mindfulness exercises. For all audiences, Moonshot found particularly high traction with an ad that said, “Anger and grief can be isolating.” When people clicked through, to meditation content or mental health resources, Ramalingam notes that “they seem to be watching it, or listening to it, or engaging with it for a long time.”

To reach QAnon supporters, Moonshot found the most success with messages that seek to empathize with their need for psychological and social support. “Are you feeling angry? Learn how to escape the anger and move forward,” said one Moonshot ad directed at QAnon keywords, which saw a click-through rate around 6%, twice that of other types of redirect messages. Clicking on that took some users to r/Qult_Headquarters, a subreddit that includes posts by former adherents.

Preventing the spread of violent extremist ideas involves a broader set of strategies. To bolster trust and a shared reality among the general public—people who haven’t yet gone down the rabbit hole—researchers are exploring other countermeasures like “attitudinal inoculation,” alerting people to emerging conspiracy theories and warning of extremists groups’ attempts at manipulation.

Experts also urge enhancing public media literacy through education and fact-checking systems. Governments may not be trusted messengers themselves, but they could help in other ways, through a public health model for countering violent extremism. That could mean funding for local community activities that can keep people engaged, and for mental health and social programs, an idea that then-Vice President Joe Biden endorsed at a 2015 White House summit on countering violent extremism.

Speaking of the White House, Ramalingam emphasizes that extremist ideologies warrant stern condemnation from public figures. Companies should deplatform the superspreaders of racism and disinformation, and political, cultural, and religious leaders should vehemently denounce them.

“Rhetoric that’s shaming of those ideologies can be really important and powerful from people in positions of power,” Ramalingam says. That’s for an already skeptical audience “that needs to hear it reinforced, but also the audience that is in the middle and doesn’t really know or doesn’t care that much. And that audience really needs to hear, ‘This is not okay. This is not acceptable. This is not a social norm.’ ”

But when addressing more extremist-minded individuals, Ramalingam suggests a gentler approach. “If someone is coming at you with an attack, you kind of pull yourself back into a corner and stand your ground and defend it,” she says. “And so if that’s our approach with the most extreme of society, that will actually worsen the problem.”

Does this work?

In the face of the domestic terror threat, mindfulness and compassion might sound like entering a space-laser fight with a water pistol or a hug.

But to Brad Galloway, who helps people exit right-wing extremist groups, Moonshot’s messaging makes sense. In a previous life, he used chat rooms and message boards to recruit people into a neo-Nazi group. After he joined—drawn in largely by camaraderie and music—what had been a U.S.-only organization eventually grew to 12 countries, thanks largely to the internet. Now Galloway is a coordinator at the Center on Hate, Bias and Extremism at Ontario Tech University, where he often urges his mentees to be more mindful, especially online.

“I ask people to think, Do I really need to watch this video of a school shooting?” Instead he encourages “positive content” to displace the stuff that can accelerate or even provoke radicalization.

Galloway, who has worked with Moonshot, Life After Hate, the Organization for the Prevention of Violence, and other groups, says the same principle of positive content applies to real life, too: Connecting with old friends and finding fun new activities can help people leave corrosive extremist communities. “What’s positive to that user, and how do we make that more prominent to them?”

 

Sample of U.S. Google search data around Election Day [Image: courtesy of Moonshot]

That’s not just a rhetorical question. What content works with which audience? Who is reachable? What counts as success? And how do strategies like the Redirect Method influence extremists? 

A 2018 Rand Corp. report on digital deradicalization tactics found that extremist audiences targeted with Redirect “clicked on these ads at a rate on par with industry standards.” Still, they couldn’t say what eventual impact it had on their behavior. As new funding flows in, and as experts throw up an arsenal of counter-radicalization ideas, there’s still scant evidence of what works.

For its part, Moonshot says its data suggests that some of its target audiences have viewed less extremist content, and points to the thousands of people it has connected to exit counseling and mental health resources. Still, Ramalingam says that the company sees “greater potential for us to assess whether our digital campaigns can lead to longer-term engagement with users, and longer-term change.”

There are other serious concerns as well. The missteps of previous digital wars on terror haunt Moonshot’s work: secret and extralegal surveillance systems, big data political warfare by military counter-radicalization contractors-turned-conspiracy mongers, untold violations of privacy and other civil rights. If Moonshot is tracking what messaging influences who, what data does it collect about “at risk” users, and where does that end up, and why? And who is at risk to begin with?

Ramalingam worries about the privacy concerns; she acknowledges that thanks to ad platforms and brokers, Moonshot can tap into “actually a heck of a lot of data.” But, she stresses, Moonshot isn’t accessing people’s private messages, and its work is bound by the stricter European personal data protections of the GDPR, as well as by an ethics panel that helps evaluate impacts. In any case, she argues, Moonshot is simply taking advantage of the multibillion-dollar digital platforms that drive most of the internet, not to mention the markets.

“As long as Nike and Coca-Cola are able to use personal data to understand how best to sell us Coke and sneakers, I’m quite comfortable using personal data to make sure that I can try and convince people not to do violent things,” Ramalingam says. Should that system of influence exist at all? “I’m totally up for that debate,” she says. “But while we’re in a context where that’s happening, I think it’s perfectly reasonable for us to use that sort of data for public safety purposes.”

What about the platforms?

The tech giants have run their own redirect and counter-speech programs as part of ongoing efforts to stem the toxicity that flourishes on their platforms. Google touts its work with Moonshot battling ISIS, its research on extremism, and its efforts to remove objectionable content and reduce recommendations to “borderline” content on YouTube. In December, its rights group Jigsaw published its findings on the digital spread of violent white supremacy.

Facebook tested the Redirect Method in a 2019 pilot in Australia aimed at nudging extremist users toward educational resources and off-platform support, a system that echoes its suicide-prevention efforts, which use pop-ups to redirect at-risk users to prevention hotlines. In an evaluation commissioned by Facebook last year, Moonshot called the program “broadly successful,” and recommended changes for future iterations. Facebook has also tested the program in Indonesia and Germany.

Ramalingam praises the tech platforms for their efforts, and supports their decisions to deplatform vast numbers of far-right and QAnon-related accounts, even if that’s made researching online extremism harder. Still, she says, Big Tech is doing “not nearly enough.”

Extremist content continues to slip through the platforms’ moderation filters, and then gets rewarded by the algorithms. Facebook’s own researchers have repeatedly shown how its growth-focused algorithms favor extremist content. Despite YouTube’s moderation efforts, political scientist Brendan Nyhan recently reported, the site’s design can still “reinforce exposure patterns” among extremist-curious people.

“The tech companies have an obligation to use their great privilege . . . of being a conduit of information, to get information and helpful resources to people that might be trapped in violent movements,” Ramalingam says.

As companies and lawmakers and law enforcement scramble for solutions in the wake of the events of January 6, Ramalingam also cautions against rash decisions and short-term thinking. “There’s an imperative to act now, and I have seen in the past mistakes get made by governments and by the tech companies just delivering on knee-jerk responses,” she says. “And then once the conversation dies down, they go back to essentially the way things were.”

Emotional reactions are understandable, given the shock of January 6, or of a family member who’s fallen down a rabbit hole, but they tend to be counterproductive. What works for battling violent extremism on a personal, one-on-one level, Ramalingam says, can also help fight it on a national scale: Avoid assumptions, be mindful, and consider the actual evidence.

“The way counselors and social workers do their work is they start by asking questions, by trying to understand,” she says. “It’s about asking questions so those people can reflect on themselves.”

Not finished yet….it gets worse.

From CSP:

The Defense Department, led by controversial diversity chief Bishop Garrison, has commissioned a study to investigate “extremism” in its ranks. But the chosen contractor may raise additional questions for a DOD that is already facing increasing Congressional scrutiny over accusations of politicization.

The U.S. Military Academy reportedly is working with a London, England based firm, Moonshot CVE [Countering Violent Extremism], whose CEO is Vidhya Ramalingam, a former Obama Foundation leader. Ramalingam is also the author of a 2013 paper on immigration in Europe funded by a grant from George Soros’ Open Society Foundations.

Ramalingam told Defense One she spoke with Garrison personally last month about how the Pentagon could use technology developed by her company to “find and eliminate extremism in the ranks.”

Why would the Pentagon hire a U.K.-based company to study allegations of extremism in the U.S. military? Why hire a politically connected group like Ramalingam’s?

It suggests that Garrison and Secretary of Defense Lloyd Austin may be looking for a predetermined answer. A deeper dive into Moonshot CVE might help unravel what they have in mind.

Moonshot CVE co-founder Ross Frenett expressed his support for Critical Race Theory (CRT) on Twitter last month, calling the opposition “Horrifying.” Joint Chiefs Chairman Mark Milley recently faced stiff criticism from congressional Republicans over the military’s recent moves to incorporate CRT elements into their training.

Moonshot CVE’s website dismisses Antifa’s and Black Lives Matter’s Marxist leanings and claims that those who assert its Marxism have engaged in a “white supremacist disinformation” campaign “as a means of delegitimizing it.”

“These sources echo far-right extremist disinformation narratives about BLM protesters trying to overthrow the republic and harm American citizens in a Marxist coup,” Moonshot CVE wrote in a paper jointly published with the Anti-Defamation League (ADL).

Of course, Antifa and BLM groups haven’t been shy about identifying themselves as Marxists. A popular graphic that circulated on pro-Antifa websites and Telegram accounts during the so-called “George Floyd Rebellion” of June 2020 claimed, “Militant networks will defend our revolutionary communities. Liberation begins where America dies” and the status of BLM founders as self-identified “trained Marxists” has been only discussed in the press.

Ramalingam and her organization claim that Antifa is unorganized, ignoring evidence of significant local, regional and international Antifa networks, and substantial material support from an extensive far-left network (including, as noted above, the Rosa Luxemburg Stiftung.) An extensive social media network including utilizing peer-to-peer encryption apps also exist, where BLM and Antifa activists share propaganda and techniques.

Why does Moonshot CVE fixate exclusively on “far-right” extremism, and work to minimize or deny the evidence of left-wing extremism?

One reason might be Moonshot’s apparent association with a German far-Left organization which is overtly pro-Marxist and pro-Antifa, and whose leaders have historical ties to Russian intelligence.

Ramalingam is a regular contributor to programs for an initiative at American University in Washington, D.C. called The Polarization and Extremism Research and Innovation Lab (PERIL). She participated in PERIL-sponsored seminars in October 2020, in April, and last month.

PERIL has partnered  with The Rosa Luxemburg Stiftung (RLS), the think tank of the German political party Die Linke (The Left). Die Linke is the successor of the former East German communist party. The think tank is named for Rosa Luxemburg, a German Communist revolutionary whose ideas pioneered the Marxist examination of race and gender, and was killed during the 1919 German communist uprising. A 2008 report by the German Federal Office for the Protection of the Constitution calls “the memory” of Luxemburg a “traditional element of Left-wing extremism.”

This alliance could be revealing about Ramalingam’s and PERIL’s ideological orientation.

PERIL’s description of the RSL is misinformation and raised questions about what else it glosses over.

PERIL unsurprisingly omits the fact the organization’s top leaders belonged to East Germany’s ruling party, the Socialist Unity Party (SED) and/or were either employees or informants of the Soviet KGB-run STASI. Many former STASI members shifted their allegiance to the KGB following its disbanding, a defector told “The Washington Post” in 1990. Die Linke is a pro-Russia stalwart. RLS’s representative in Moscow is a woman named Kerstin Kaiser, a former STASI employee who provided reports that were given to the KGB.

Kaiser belongs to the Petersburger Dialogue, along with Andre Brie another RLS leader and former STASI employee. Vladimir Putin and former German Chancellor Gerhard Schroeder, an important figure in Russia’s controversial Nordstream 2 pipeline, created the group in 2001 to foster closer Russian-German relations.

“It stands in the tradition of the workers’ and women’s movements, as well as anti-fascism and anti-racism,” PERIL says on its website.

Given that The Rosa Luxemburg Stiftung was founded in 1990 after the fall of the Berlin Wall, known officially as the “Antifascist Protection Barrier” one might have questions about what “traditions” of antifascism the group actually stands for.

PERIL’s head Cynthia Miller-Idriss wrote a blog for the RLS’s New York office on “radicalization” during COVID last year. She thanked RLS for the opportunity to write for it on Twitter.

Miller-Idriss and Ramalingam both participated in a conference in Jena, Germany called “Hate Not Found” sponsored by the Institute for Democracy and Civil Society last December where Miller-Idriss was the keynote speaker. Rosa Luxemburg Foundation member Maik Fleilitz was on a panel at the conference that discussed “deplatforming the far-Right.”

Ramalingam and Miller-Idriss both contributed articles to a journal on “radicalization” on the Far-Right in November of 2020.

RLS’s global head Dagmar Enkelmann belonged to the SED and the East German parliament before the wall fell. Gregor Gysi, who helped open the RLS’s New York office in 2012 and who visited last month, headed the SED when it rebranded itself as the “Party of Democratic Socialism” in December 1989. Gysi allegedly informed on his legal clients to the STASI. A bloc in the German Bundestag expelled him in 1992 for seeming to defend the STASI.

STASI informants played a key role in promoting the climate of fear that kept East German society under control. RLS hosted former East German spy chief Werner Grossmann in 2010 for a talk on his book.

East Germany’s last Premier Hans Modrow is an RLS member, and the RLS manages his foundation, The Hans Modrow Stiftung. Modrow had close KGB ties, including to KGB Chairman Vladimir Kryuchkov, who ran the Soviet spy agency     his tenure as Dresden Communist Party boss. Modrow supervised the dismantling of the STASI together with Grossmann. Today, Modrow received the Order of Friendship from the Vladimir Putin in 2017. He remains embittered toward Mikhail Gorbachev for allowing the collapse of the East German regime.

As a young KGB major, Putin supervised a local STASI office in Dresden, while Modrow was the local party boss.

The STASI trained the Red Army Faction (RAF), a predecessor of today’s Antifa.

RLS funded Antifa activities in Germany, and Die Linke openly supports Antifa. The Hamburg, Germany Antifa chapter even promoted a Rosa Luxemburg Stiftung panel on its Facebook page. Friedrich Burschel, editor of “Antifascitisiches Info Blatt, advises the foundation on subjects related to right-wing extremism and fascism at the Rosa Luxemburg Foundation. “Antifascitisiches Info Blatt”  ̶  the oldest ANTIFA publication, having first entered publication in 1987 in East Berlin  ̶  publishes articles on the Rosa Luxemburg Stiftung-funded website Linksnet, a collaboration of far-Left magazines.

The RLS hosted two BLM founders, Alicia Garza and Opal Tometi in 2014 and 2015 respectively. Garza attended the RLS-sponsored “Mapping Socialist Strategies” seminar in August 2014. RLS leader and former “unofficial STASI employee” Michael Brie spoke at this event. His brother Andre Brie spoke at a 1994 “Committees of Correspondence for Liberation and Socialism” conference along with Angela Davis, who has become influential in BLM. Davis worked closely with the East German regime in the 1970s, and she was a guest of honor at an event sponsored by Die Linke a decade ago. RLS’s New York office hosted BLM propagandist Shaun King in 2017.

The Southern Poverty Law Center (SPLC) is another PERIL partner who Ramalingam has worked with. The SPLC also has received money from the Rosa Luxemburg Stiftung. The SPLC is an extremely controversial organization which has been accused by its own former employees of bias and deliberately overinflating supposed far right threats for fundraising.  SPLC has defended Antifa. Former SPLC Intelligence Project Director Heidi Beirich and SPLC Intelligence Project Senior Analyst Evelyn Schlatter participated in a June 2017 RLS-sponsored session in New York called “Strategies Against the Far Right.” Ramalingam and Beirich are both advisory group members of a pan-European “anti-radicalization” project called The DARE Consortium.  In October, Ramalingam, Beirich and Miller-Idriss collaborated on a podcast on countering extremism sponsored by the ADL.

Moonshot CVE’s alliance with RLS-backed PERIL reinforces the perception that the Biden Pentagon’s hunt for extremism actually is an excuse for classifying dissenting view as “extremist.” And the pro-Russian/ex-STASI controlled RLS’s endorsement of the same talking points as Moonshot CVE shows it comes from a far-Left extremist perspective. U.S. troops shouldn’t be subjected to ideological warfare.

The fact Moonshot CVE equates opposing Antifa with extremism reminds us that this company doesn’t deserve taxpayer money or the Pentagon’s cooperation.

You’re already guilty just by the research you do while so many other cases are not prosecuted at all. Take caution reader…..

Even Federal contracts have gone to universities….

George Washington University School of Law’s Program on Extremism has created an online resource for tracking the hundreds of criminal cases filed by the Biden Justice Department against United States citizens for their alleged actions on January 6th. The Administration has charged people from all 50 states, and as is reflected in the“Capitol Hill Siege” project archive, every case has been filed in the District of Columbia. Read more here.

 

 

 

REvil, the Ransomware Hackers System Identified

Ahead of the three-day Fourth of July weekend, the REvil gang is suspected to be behind a new ransomware attack Friday that affected at least 200 companies in the U.S.

REvil, based in Russia, was likely behind the JBS Meat Packing attack in May, according to the FBI. The Flashpoint Intelligence Platform has suggested that former REvil members were involved in the recent Colonial Pipeline attack earlier this year as well, allegedly done by the DarkSide ransomware group. More here from Newsweek.

Per the FBI’s most recent statement:

Updated July 4, 2021: 

If you feel your systems have been compromised as a result of the Kaseya ransomware incident, we encourage you to employ all recommended mitigations, follow guidance from Kaseya and the Cybersecurity and Infrastructure Security Agency (CISA) to shut down your VSA servers immediately, and report your compromise to the FBI at ic3.gov. Please include as much information as possible to assist the FBI and CISA in determining prioritization for victim outreach. Due to the potential scale of this incident, the FBI and CISA may be unable to respond to each victim individually, but all information we receive will be useful in countering this threat.


Original statement:

The FBI is investigating this situation and working with Kaseya, in coordination with CISA, to conduct outreach to possibly impacted victims. We encourage all who might be affected to employ the recommended mitigations and for users to follow Kaseya’s guidance to shut down VSA servers immediately. As always, we stand ready to assist any impacted entities.

Additionally:

Kaseya had expected that it would be able to patch and restore its VSA software-as-a-service product by today, but technical problems its developers encountered have blocked the rollout. As of 8:00 AM EDT today, the company was still working to resolve the issues it encountered.

Reuters quotes US President Biden as offering, yesterday, a relatively upbeat preliminary assessment of the consequences of the ransomware campaign: “It appears to have caused minimal damage to U.S. businesses, but we’re still gathering information,” Mr. Biden said, adding “I feel good about our ability to be able to respond.”

That said, the US Government is continuing its investigation and is signalling an intention to do something about REvil and other gangs or privateers. Among other things, the US Administration said that it has communicated very clearly to Russian authorities that the US wants the REvil operators brought to book. CBS News reported yesterday that White House press secretary Psaki said that the US had been in touch with Russian officials about the REvil operation, and that if Russia doesn’t take action against its ransomware gangs, “we will” TASS is, of course, authorized to disclose that Russia not only had nothing to do with the attack, and that it knew nothing about it, and that in fact Moscow had heard nothing from Washington about the matter.

But, outside government cyber experts have uncovered the following:

Hat tip source

Resecurity® HUNTER, cyber threat intelligence and R&D unit, identified a strong connection to a cloud hosting and IoT company servicing the domain belonging to cybercriminals.

According to the recent research published by ReSecurity on Twitter, starting January 2021 REVil leveraged a new domain ‘decoder[.]re’ in addition to a ransomware page available in the TOR network.

***

The domain was included within the ransom notes dropped by the recent version of REVil, it came in the form of a text file containing contact and payment instructions.

revil map

Typically, the collaboration between the victim and REVil was organized via a page in TOR, but in the case their victim is not able to access the Onion Network, the group prepared domains available in Clearnet (WWW) acting as a ‘mirror’.

revil
TOR host

 

revil
WWW host (decoder[.]re)

To access the page in WWW or TOR – the victim needs to provide a valid UID (e.g.,”9343467A488841AC”). The researchers acquired a significant number of UIDs and private keys as a result of ransomware samples detonated and through the collaboration with victims globally. The private keys determine if the same functional process is available on both resources confirming, they’re delivering exactly the same content.

Like decryptor[.]cc and decryptor[.]top in previous REvil / Sodinokibi versions, decoder[.]re is used to grant the victims access to the threat actors WEB-site for further negotiations. The application hosted on it contains ‘chat’ functionality enabling interactive close to real-time communications between the victim and REVil.

The threat actors also used a disposable temporary e-mail address created via https://guerrillamail.com to anonymously register the domain name, which was later used for name servers too, this also allowed them to park other elements of their infrastructure. Such e-mails could only be used a limited number of times, for example all communications with them would be automatically deleted within 1 hour.

Resecurity was able to collect the available and historical DNS records, then create a visual graph representing the current network infrastructure used by REVil and shared it with the cybersecurity community. According to experts, such a step may facilitate proper legal action against ransomware, as well as outline parties responsible for such malicious activity, as the uncovered details raise significant questions regarding the reaction from hosting providers and law enforcement.

revil map

Based on the network and DNS intelligence collected by experts, the IPs associated with it have been rotated at least 3 times in Q1 2021 and were related to a particular cloud hosting and IoT solutions provider located in Eastern Europe, which continues to service them.

It’s hard to believe such malicious activity has gone unnoticed by certain governments resulting in damage to thousands of enterprises globally.” – said Gene Yoo, Chief Executive Officer of Resecurity.

President Joe Biden has ordered U.S. intelligence agencies to investigate the sophisticated ransomware attack on Kaseya presumably conducted by REVil, a notorious cybercriminal syndicate believed to have ties to Russian-speaking actors that’s previously gone after high-profile targets such as Apple and Acer.

The group is also believed to be behind last month’s successful attack on the world’s largest meat processing company, JBS, that extorted $11 million in ransom. REvil took official responsibility for the attack and released an announcement in their blog which is available in TOR network asking for $70 million payment from Kaseya – the biggest ransom payment demand known in the industry today.

The attack has already affected over 1,000 businesses globally disrupting their operations. One suspected victim of the breach, the Sweden-based retailer Coop, closed at least 800 stores over the weekend after its systems were taken offline.

The White House Press Secretary Jen Psaki said the US will take action against the cybercriminal groups from Russia if the Russian government refuses to do so.

The investigation is still ongoing.

About the author: Gene Yoo, Chief Executive Officer (Resecurity, Inc.)