The Harbinger of the Colonial Pipeline Ransomware

Posted on May 10, 2021May 10, 2021 by Denise Simon

The harbinger is what protections against hacks and ransomware are underway? Stopping oil and gas flow and delivery is how to stop life and economies. Apply some critical thinking here…it goes way beyond cost as supply is crucial. If the FBI was well aware of the DarkSide in 2020….we need to rethink the Bureau completely.

PC Magazine provides this update in part:

The FBI today confirmed that the cyberattack that forced Colonial Pipeline to take its network offline over the weekend is due to ransomware known as DarkSide.

“The FBI confirms that the DarkSide ransomware is responsible for the compromise of the Colonial Pipeline networks,” the agency says. “We continue to work with the company and our government partners on the investigation.”

During a Monday White House press briefing, Anne Neuberger, Deputy National Security Advisor for Cyber and Emerging Technology, said the FBI has been investigating the DarkSide variant since October 2020, and has determined that it’s a ransomware-as-a-service attack, meaning “criminal affiliates conduct attacks and then share the proceeds with ransomware developers,” she said.

Though news reports have tied DarkSide to Russian operatives, President Biden said Monday that “so far, there’s no evidence…from our intelligence people that Russia is involved, although there is evidence that the actors [behind the ransomware are] in Russia, [so] they have some responsibility to deal with this.”

Colonial Pipeline cyberattack shuts down pipeline that ...

The Chicago Tribune along with other media sources post the notion that this should not last long:

The operator of a major U.S. pipeline hit by a cyberattack said Monday it hopes to have service mostly restored by the end of the week.

Colonial Pipeline offered the update after revealing that it had halted operations because of a ransomware attack the FBI has linked to a criminal gang.

The ransomware attack on the pipeline, which the company says delivers roughly 45% of fuel consumed on the U.S. East Coast, raised concerns that supplies of gasoline, jet fuel and diesel could be disrupted in parts of the region if the disruption continues.

At the moment, though, officials said there is no fuel shortage.

The Colonial Pipeline transports gasoline and other fuel through 10 states between Texas and New Jersey, according to the company.

Colonial is in the process of restarting portions of its network. It said Sunday that its main pipeline remained offline, but that some smaller lines were operational. The company has not said when it would completely restart the pipeline.

“The time of the outage is now approaching critical levels and if it continues to remain down we do expect an increase in East Coast gasoline and diesel prices,” said Debnil Chowdhury, IHS Markit Executive Director. The last time there was an outage of this magnitude was in 2016, he said, when gas prices rose 15 to 20 cents per gallon. But the Northeast had significantly more local refining capacity at that time, potentially intensifying any impact.

The FBI and others got the attribution right on this one and did so very quickly.

The group behind the ransomware that took down Colonial Pipeline late last week has apologized for the “social consequences,” claiming that its goal is to make money, not cause societal problems.

According to Vice, the group’s apology was posted to its dark web site. It reads:

We are apolitical, we do not participate in geopolitics, do not need to tie us with a defined government and look for other our motives.

Our goal is to make money and not creating problems for society.

From today, we introduce moderation and check each company that our partners want to encrypt to avoid social consequences in the future.

According to NYT cybersecurity reporter Nicole Perlroth, DarkSide isn’t necessarily associated with a specific nationstate, but it does tend to avoid holding victims for ransom if their systems are running in certain Russian and Eastern European languages (see embedded tweet below). Bloomberg reports that the group is known to speak Russian.

Source:

The assumption is that Darkside is not nation state affiliated, but like oh-so-many ransomware groups it uses tools like “GetUserDefaultLangID” to perform language checks. If the victim uses any languages below, DarkSide moves on. https://t.co/atMjKSPAJl pic.twitter.com/LNJ0CBDdBo

— Nicole Perlroth (@nicoleperlroth) May 10, 2021

Imagine the other worldwide pipeline systems and their respective responses such as all of Europe.

Natural gas pipelines of Europe and surrounding regions ...

Audio Proves John Kerry is a Traitor

Posted on April 27, 2021April 27, 2021 by Denise Simon

Mohammad Javad Zarif, the Iranian Foreign Minister and long time friend of John Kerry, had an interview recording with an economist Saeed Leylaz in March. The call was recorded and leaked to a London based Persian news outlet called Iran International.

Inside the call, Zarif revealed that the Iranian Revolutionary Guard Corps actually runs the country and often is at odds with Zarif. Additionally admitted was the death of Qassim Suleimani, the commander of the Guard’s elite force known as the Quds Force has damaged the country. Suleimani exploited his power in the nuclear deal, the war plans in Syria as well as ground operations.

US senator tells John Kerry to resign from Biden ...

Based on how the New York Times twists the facts and alters the full truth, there are some details spelled out that are interesting, found here.

There are already calls in Washington DC for John Kerry to resign and there is justification for that however not before there is a full hearing in the Senate. Why you ask? Also included in the Zarif interview was the admission that John Kerry often spoke to Zarif and in a particular case shared the highly classified fact(s) that Israel was behind at least 200 airstrikes in Syria. Zarif says he was shocked that Kerry would reveal such protected information and betray Israel.

I can tell you that this story and these allegations are unequivocally false. This never happened – either when I was Secretary of State or since. https://t.co/BTOdFE1khW

— John Kerry (@JohnKerry) April 26, 2021

It cannot be understated that John Kerry has split loyalties and his advocacy for Iran continues to be extraordinary. Kerry does in fact maintain security clearance and does sit on the Biden National Security Council as the climate czar. Frankly that position is likely to be just an official cover to continue his foreign policy work with U.S. adversaries including China and Russia.

It is hardly as surprise that the Biden White House refuses to comment, stating they do not respond to leaked tape(s) or the authenticity. Well, hey Biden people, you opened communications channels with Iran to restart the nuclear deal talks, so pick up the phone and call Zarif to gain authenticity. Yeesh.

It should be noted that when one has security clearance, a signature is required that includes a major stipulation that the candidate is subject to Federal prosecution if classified material is divulged and not approved for release. Perhaps it is time to use the FISA court for a real intended purpose and issue subpoenas for John Kerry’s communication(s) records including enlisting the NSA for the validation of emails, phone calls, encrypted text messages or written documents. John Kerry should be suspended from all official government positions and activity until a full hearing is performed.

The next question is what will Israel do in this case? It is interesting that Israel did send an envoy to the U.S. just a few days ago including those from the Mossad for discussion at the Department of Defense. It should also be noted that Secretary of Defense Lloyd Austin visited Israel on April 12/13th for discussions regarding the mysterious Natanz explosion where enriching uranium was advancing as a faster pace. There were likely many other items discussed during this confab, quite possibly the Zarif interview, John Kerry and sanctions.

This is a brewing scandal and the Biden White House needs to come clean.

Biden Ends Remain in Mexico, 25,000 Migrants Coming to U.S.

Posted on February 19, 2021February 19, 2021 by Denise Simon

The plan offers one of the fastest pathways to citizenship of any proposed measure in recent years, it does so without offering any enhanced border security, which past immigration negotiations have used as a way to win Republican votes. Without enhanced security, it faces tough odds in a closely divided Congress.

The migrants are first in line to receive the Covid vaccine and the Biden immigration plan has no real chance to pass but in a comprehensive form but the president’s Executive Orders on immigration are forcing other other measures. ICE is not prepared and neither is Border Patrol. Further, schools, the medical systems along with housing, transportation, general employment are not prepared either. So, big taxpayer money will go to refugee resettlement along with free legal assistance to the migrant population. The plan includes $4 billion spread over four years to try to boost economic development and tackle corruption in Latin American countries.

Joe Biden's immigration reform plans must address enforcement

While the number of 11 million illegals has been broadcasted for years, that is hardly the real number. No one really knows how many are here, but various estimates from studies and agency reviews report the real number is closer to 20 million and could be as high as 30 million.

Meanwhile, there is no foreign policy discussions or plans to solve the issues in the failing countries such as Honduras, El Salvador, Mexico or Guatemala to list a few, just throwing money at those countries.

Biden's work cut out for him in plan to undo Trump ...

The first real mission is to challenge the exact number of how many illegals are in the United States and what the cost will be to taxpayers before any immigration legislation can move through Congress.

Biden’s plan includes the following:

An 8 year pathway to citizenship
Immediate green cards for agriculture workers
Green cards for Deferred Action for Childhood Arrivals (DACA)
No additional money for Border Patrol
$ billion over 4 years to confront corruption and foster prosperity (whatever that is)
Three 3 years to apply for citizenship
Re-unify children separated from parents (about 400 and most entered with mules and not parents as proven by DNA)
Reduce the time for citizenship from 13 years to 8 years.
For domestic arrests of illegals for criminal activity will require a phone call to Washington to get approval before the arrest.
Green cards for family members, how far within the family unit is unclear.
Changing word use including no more applying ‘alien’.
No consideration for visa over-stays or for E-Verify.
Increase diversity visas.

The Biden White House has posted a Immigration Bill Fact sheet

In part it includes:

Promote immigrant and refugee integration and citizenship. The bill provides new funding to state and local governments, private organizations, educational institutions, community-based organizations, and not-for-profit organizations to expand programs to promote integration and inclusion, increase English-language instruction, and provide assistance to individuals seeking to become citizens.

Grow our economy. This bill clears employment-based visa backlogs, recaptures unused visas, reduces lengthy wait times, and eliminates per-country visa caps. The bill makes it easier for graduates of U.S. universities with advanced STEM degrees to stay in the United States; improves access to green cards for workers in lower-wage sectors; and eliminates other unnecessary hurdles for employment-based green cards. The bill provides dependents of H-1B visa holders work authorization, and children are prevented from “aging out” of the system. The bill also creates a pilot program to stimulate regional economic development, gives DHS the authority to adjust green cards based on macroeconomic conditions, and incentivizes higher wages for non-immigrant, high-skilled visas to prevent unfair competition with American workers.

Grow the economy? Overload schools where many of them are not open?

Manage the border and protect border communities. The bill provides funding for training and continuing education to promote agent and officer safety and professionalism. It also creates a Border Community Stakeholder Advisory Committee, provides more special agents at the DHS Office of Professional Responsibility to investigate criminal and administrative misconduct, and requires the issuance of department-wide policies governing the use of force. The bill directs the Government Accountability Office (GAO) to study the impact of DHS’s authority to waive environmental and state and federal laws to expedite the construction of barriers and roads near U.S. borders and provides for additional rescue beacons to prevent needless deaths along the border. The bill authorizes and provides funding for DHS, in coordination with the Department of Health and Human Services (HHS) and nongovernmental experts, to develop guidelines and protocols for standards of care for individuals, families, and children in CBP custody.

Manage Border Patrol? The real brain trust is already in the Border Patrol. Has President Joe even visited the border?

US Seeks Forfeiture of the Oil from IRGC Tanker

Posted on February 3, 2021February 3, 2021 by Denise Simon

A civil forfeiture complaint is merely an allegation. The United States bears the burden of proving that the oil in question is subject to forfeiture in a civil forfeiture proceeding. Funds successfully forfeited with a connection to a state sponsor of terrorism may in whole or in part be directed to the United States Victims of State Sponsored Terrorism Fund (http://www.usvsst.com/) after the conclusion of the case.

NEW YORK – The United States filed a forfeiture complaint in the U.S. District Court for the District of Columbia alleging that all oil aboard a Liberian-flagged vessel, the M/T Achilleas (Achilleas), is subject to forfeiture based on U.S. terrorism forfeiture laws. This investigation was led by Homeland Security Investigations (HSI) New York and the FBI’s Minneapolis office.

U.S. Looks to Courts to Seize 2 Million Barrels of Alleged ...

The complaint alleges a scheme involving multiple entities affiliated with Iran’s Islamic Revolutionary Guard Corps (IRGC) and the IRGC-Qods Force (IRGC-QF) to covertly ship Iranian oil to a customer abroad. Participants in the scheme attempted to disguise the origin of the oil using ship-to-ship transfers, falsified documents and other means, and provided a fraudulent bill of lading to deceive the owners of the Achilleas into loading the oil in question.

The complaint alleges in part that the oil constitutes the property of, or a “source of influence” over, the IRGC and the IRGC-QF, both of which have been designated by the United States as foreign terrorist organizations. The documents allege that profits from oil sales support the IRGC’s full range of nefarious activities, including the proliferation of weapons of mass destruction and their means of delivery, support for terrorism, and a variety of human rights abuses, at home and abroad.

“This latest civil forfeiture action exemplifies the remarkable work of this multi-agency task force that works tirelessly toward furthering our shared goal of protecting the homeland from regimes that threaten our national security,” said Special Agent in Charge Peter C. Fitzhugh for HSI New York. “This investigation sends a message that the attempted circumvention of U.S. sanctions by the IRGC-QF will not be tolerated. HSI will continue to work with our partners and utilize the full scope of our authorities to disrupt the attempts of hostile countries and regimes to generate profits from oil sales used to support terrorism and the proliferation and delivery of weapons of mass destruction.”

“Iran uses profits from its petroleum sector to fund the malign activities of the IRGC-QF, a designated terrorist group,” said Special Agent in Charge Michael F. Paul of the FBI’s Minneapolis Field Office. “The FBI will continue to prioritize the enforcement of sanctions, and we applaud the efforts of our agents and partners on this investigation.”

“The U.S. Attorney’s Office for the District of Columbia will continue working with our law enforcement partners to stem the flow of illicit oil from Iran’s Islamic Revolutionary Guard Corps and Qods Force,” said Acting U.S. Attorney Michael R. Sherwin. “We will use all available tools, including our jurisdiction to seize and forfeit assets located abroad, to combat funding for terrorists and those who would do harm to the United States.”

“The forfeiture complaint filed today serves as a reminder that the IRGC and IRGC-QF continue to exert significant control over the sale of Iranian oil,” said Assistant Attorney General John C. Demers for the National Security Division. “As we have demonstrated in the past, the department will deploy all tools at its disposal to ensure that the IRGC and IRGC-QF cannot use profits from the sale of Iranian oil to fund terrorism and other activities that threaten the safety and security of all Americans.”

HSI New York and the FBI’s Minneapolis Field Office are leading the investigation of Iranian petroleum shipments. Assistant U.S. Attorneys Michael P. Grady and Brian P. Hudak of the U.S. Attorney’s Office for the District of Columbia and Trial Attorney David Lim of the Counterintelligence and Export Control Section of the National Security Division are prosecuting the case, with support from Paralegal Specialist Brian Rickers and Legal Assistant Jessica McCormick of the U.S. Attorney’s Office for the District of Columbia. The Money Laundering and Asset Recovery Section’s Program Operations Staff of the Justice Department’s Criminal Division has provided extensive assistance throughout the investigation.

Biden Leaving Troops in Afghanistan Past the May Deadline

Posted on February 1, 2021February 1, 2021 by Denise Simon

For many many months, the Trump administration was negotiating a peace deal with the Taliban. Frankly, all that the Taliban has agreed to, they have violated. Trump also issued a schedule to lower troop levels in Afghanistan to only a small tight residual number in May of 2021 along with contractors. With the new possible threat(s) of the Taliban and their growing connection to al Qaeda, Biden has decided to leave troop levels in the region at the present level with an increase in Syria and possibly Iraq. All the while, Iran just hosted a Taliban leader for talks where the topic(s) are unknown. Further, Taliban officials have been meeting in Moscow with Russian officials. Those details are found here.

President Biden also has another immediate issue before him and that is the release of a U.S. contractor that went missing in Afghanistan about a year ago. Mark Frerichs, a navy veteran went missing about a year ago while he was working as a contractor on an engineering project. It is thought he is in the custody of the Haqqani network. The U.S. State Department is offering a $5 million reward that leads to Frerichs’ return.

So, it is rather fitting that just this week, a very old FOIA request for former Defense Secretary Donald Rumsfeld documents have been released. Frankly, the questions which were referred to at the Pentagon as ‘snowflakes’ reflects his frustration of the layers of bureaucracy within the Department of Defense and his anger at getting real answers and challenging the quality of intelligence reports. Sound familiar? It is clearly a problem that after 20+ years has not found a quality solution. Just read a few of his snowflakes and judge for your self.

*** Donald H. Rumsfeld - U.S. PRESIDENTIAL HISTORY

35 of the most notable items from the new collection is below from the National Archives.

A follow-on DNSA publication covering the rest of Rumsfeld’s tenure as secretary will appear through ProQuest later in 2021.

One such snowflake was written on March 3, 2003. At 8:16 AM, Rumsfeld wrote to Senior Military Assistant LTG Bantz J. Craddock and Department of Defense General Counsel William Haynes with the subject “KSM”. He wanted to know, “Do we know where the information to find Khalid Sheikh Mohammed came from? Was it from GTMO detainees?” There is no response from either Craddock or Haynes in the DOD release to the Archive, though Rumsfeld’s question is likely a push back to the false claims made by CIA Director George Tenet that the Agency’s resort to torture of Abu Zubaydah led to the capture of Khalid Sheikh Mohammed.

The Senate Select Committee on Intelligence torture report would later reveal that key intelligence on KSM as the mastermind of the 9/11 attacks came from the FBI’s non-coercive, rapport-building interrogation of Abu Zubaydah.[1] This success was prior to the CIA’s contract psychologists, James Mitchell and Bruce Jessen, taking over the interrogation at the CIA “Detention Site Green” in Thailand, which was created to house Zubaydah in 2002. Their approach to Zubaydah would include 83 water board sessions yet fail to produce any valuable intelligence. CIA clandestine services chief Jose Rodriguez (and perhaps Gina Haspel, who would later become DCI, though CIA redactions of documents continue to obscure her role) ordered the destruction of the torture videotapes, commenting that “the heat from destoying [sic] is nothing compared to what it would be if the tapes ever got into public domain.”

Later on March 3, under the subject “Contingencies”, Rumsfeld wrote to Under Secretary of Defense for Policy Doug Feith, stating, “We need to plan what we will do if Saddam Hussein is captured. We need to plan what we will do if we catch an imposter.” There is no record of Feith’s answer in the DOD release to the Archive.

Throughout Rumsfeld’s tenure, his snowflakes circulated daily through the highest levels of the Pentagon. With scant limitations on their subject matter, the all-encompassing documents are sometimes an hourly paper trail inside the Office of the Secretary of Defense during six years of tremendous consequence for U.S. foreign policy. The declassified documents also provide an account that at times contradicts DOD public statements. For example, The Washington Post published a selection of the memos in the six part series “The Afghanistan Papers” in September 2019 revealing that officials misled the American public about the war in Afghanistan.

The entire corpus of snowflakes also details many aspects of the day-to-day operations of the Pentagon, the modernization of the U.S. armed forces, and Rumsfeld’s personal agenda against bureaucracy. “Bureaucracy is driving people nuts,” he wrote in an April 8, 2002, memo at 7:41AM. “If we can take two or three layers out of this place, we will be a lot better off.” In a separate April 8 letter, the secretary suggested cutting all major Pentagon programs by at least 20 percent. (The DOD budget increased by 37.54 percent between FY2001 and FY2006.) On March 11, 2002, Rumsfeld wrote to colleagues, “I am getting tired of seeing the word ‘joint’ everywhere.”

Rumsfeld, Snowflake by Snowflake - Open Source with ...