Category Archives: Trump Administration

2 Congressmen Watched Voting Machines Being Hacked

Posted on by

Primer

33 states accepted DHS aid to secure elections

The Department of Homeland Security (DHS) provided cybersecurity assistance to 33 state election offices and 36 local election offices leading up to the 2016 presidential election, according to information released by Democratic congressional staff.

During the final weeks of the Obama administration, the DHS announced that it would designate election infrastructure as critical, following revelations about Russian interference in the 2016 election.

Since January, two states and six local governments have requested cyber hygiene scanning from the DHS, according to a memo and DHS correspondence disclosed Wednesday by the Democratic staff of the Senate Homeland Security and Governmental Affairs Committee.

The information is related to the committee’s ongoing oversight of the DHS decision to designate election infrastructure.

The intelligence community said back in January that in addition to directing cyberattacks on the Democratic National Committee and top Democratic officials, Russia also targeted state and local electoral systems not involved in vote tabulating.

In June, DHS officials told senators investigating Russian interference that there was evidence that Russia targeted election-related systems in 21 states, none of them involved in vote tallying.

Officials have previously confirmed breaches in Arizona and Illinois, though it remains unclear whether other systems were successfully breached. Lawmakers such as Sen. Mark Warner (D-Va.) have demanded more information on the specific states targeted.

Homeland Security and Government Affairs ranking member Claire McCaskill (D-Mo.) wrote then-Secretary of Homeland Security John Kelly back in March, asking for more information on his plans for the critical infrastructure designation. The information released Wednesday is drawn from his response on June 13. Kelly has since left his post to serve as President Trump’s chief of staff.

“Prior to the election, DHS offered voluntary, no-cost cybersecurity services and assistance to election officials across all 50 states. By Election Day, 33 state election offices and 36 local election offices requested and received these cyber hygiene assessments of their internet-facing infrastructure,” Kelly wrote.

“In addition, one state election office requested and received a more in-depth risk and vulnerability assessment of their election infrastructure.”

Given the critical infrastructure designation, the DHS is providing cyber hygiene assessments, which include vulnerability scanning of election-related systems excluding voting machines and tallying systems, which the department recommends being disconnected from the internet.

The department also offers risk and vulnerability assessments, which include penetration testing, social engineering, wireless discovery and identification, and database and operating systems scanning. The DHS is also responsible for sharing threat information with owners and operators of critical infrastructure, which now include state and local election officials.

“Following the establishment of election infrastructure as critical infrastructure, several state and local governments requested new or expanded cybersecurity services from DHS,” Kelly disclosed in June, according to the letter. “Specifically, an additional two states and six local governments requested to begin cyber hygiene scanning (one state has, however, ended its service agreement). DHS also received one request for the risk and vulnerability assessment service.”

Many state and local election officials have opposed the designation, saying that the DHS has not offered enough information about what it means. The department has insisted that assistance will be given only to states that request it.

In the letter, Kelly, who has acknowledged objections, said there are “no plans to make any changes to the designation of election infrastructure as a critical infrastructure subsector.”

All of the Democratic members of the Senate Homeland Security and Governmental Affairs Committee have called for a full investigation into Russian election interference. The matter is already under investigation by the House and Senate Intelligence committees. The memo issued by Democratic staff on Wednesday was sent to the full committee.

Background at a Las Vegas Convention:

LAS VEGAS—For the first time in the 25 years of the world’s largest hacker convention, DefCon, two sitting U.S. Congressmen trekked here from Washington, D.C., to discuss their cybersecurity expertise on stage.

Rep. Will Hurd, a Texas Republican, and Rep. Jim Langevin, a Rhode Island Democrat, visited hacking villages investigating vulnerabilities in cars, medical devices, and voting machines; learned about how security researchers plan to defend quantum computers from hacks; and met children learning how to hack for good.

On Sunday, the last day of the conference, Hurd and Langevin delivered their own message: We come in peace. Please help us.

During a fireside chat-style conversation moderated by Joshua Corman, director of the Cyber Statecraft Initiative at the Atlantic Council, Hurd, chairman of the House Subcommittee on Information Technology, and Langevin, co-founder and co-chair of the Congressional Cybersecurity Caucus, called for the more than 2,000 hackers in the audience to “develop a dialogue” with their local representative in Congress.

“Never underestimate the value that you can bring to the table in helping to educate members and staff of what the best policies are, what’s going to work, and what’s not going to work,” Langevin said, pointing to Luta Security CEO and bug bounty expert Katie Moussouris’ ongoing advocacy for changes to the Wassenaar Arrangement, a decades-old international accord on how countries can transport “intrusion software” and other weapons across international borders.

Moussouris and Iain Mulholland of VMware have effectively convinced Wassenaar member countries to delay their adoption of proposed revisions to the agreement, as they’ve pushed for new language to better protect security researchers’ work.

The conversation between hackers and Congress has never been monosyllabic. But it has been frosty for decades, as federal prosecutors have used American antihacking laws such as the Computer Fraud and Abuse Act and Electronic Communication Privacy Act to punish people conducting legitimate security research.

As many security researchers continue to worry about how these laws might affect them, some have begun to use their expertise to influence the laws—and the lawmakers behind them.

Langevin and Hurd’s plea for hacker-legislator collaboration follows calls by hackers at last year’s DefCon for greater government regulation of software security.

“We don’t have voluntary minimum safety standards for cars; we have a mandatory minimum,” Corman told The Parallax at the time. “What tips the equation [for software] is the Internet of Things, because we now have bits and bytes meeting flesh and blood.”

Hurd said security researchers could play an important role in addressing increasingly alarming vulnerabilities in the nation’s voting apparatus. DefCon’s first voting machine-hacking village this weekend hosted a voting machine from Shelby County, Tenn., that unexpectedly contained personal information related to more than 600,000 voters. Village visitors managed to hack the machine, along with 29 others.

“We have to ensure that the American people can trust the vote-tabulating process,” Hurd said, acknowledging that DefCon attendees were able to hack each machine in the village. “The work that has been done out here is important in educating the secretaries of state all around the country, as well as the election administrators,” about secure technologies and practices.

Langevin and Hurd’s comments seemed to strike the right notes with hackers in attendance. Following Edward Snowden’s leaking of NSA documents and Apple’s refusal to create an encryption backdoor for law enforcement to the iPhone, relations between the hacking community and Washington have been strained at best, notes Herb Lin, a computer security policy expert and research fellow at Stanford University’s Center for International Security and Cooperation. But markedly improving the relationship will require more than a plea for collaboration, he warns.

“It’s better than what’s happened in the past, which is both nothing and active hostility,” he says. “One act by itself is not a game changer.”

The chat ended with assurances of more action from both sides. Corman said he’d like to see members of Congress attend more hacker conferences, such as ShmooCon in Washington, and Hurd promised that he wouldn’t let his experiences this past weekend go to waste.

“These conversations are going to lead me to hold hearings on many of these topics in the subcommittee that I chair,” Hurd said.

***  More details that were recorded at the convention:

DEF CON 2017 –  Are voting systems secure? In August 2016, the FBI issued a “flash” alert to election officials across the country confirming that foreign hackers have compromised state election systems in two states.

Although the US largely invested in electronic voting systems their level of security appears still not sufficient against a wide range of cyber attacks.

During an interesting session at the DEF CON hacking conference in Las Vegas, experts set up 30 computer-powered ballot boxes used in American elections simulating the Presidential election.  Welcome in the DEF CON Voting Village!

At the 1st ever Voting Village at , attendees tinker w/ election systems to find vulnerabilities. I’m told they found some new flaws

The organization asked the participant to physically compromise the system and hack into them, and the results were disconcerting.

“We encourage you to do stuff that if you did on election day they would probably arrest you.” John Hopkins computer scientist Matt Blaze said,

Most of the voting machines in the DEF CON Voting Village were purchased via eBay (Diebold, Sequoia and Winvote equipment), others were bought from government auctions.

voting machines hacking

In less than 90 minutes hackers succeeded in compromising the voting machines, one of them was hacker wirelessly.

“Without question, our voting systems are weak and susceptible. Thanks to the contributions of the hacker community today, we’ve uncovered even more about exactly how,” said Jake Braun, cybersecurity lecturer at the University of Chicago.

The analysis of the voting machines revealed that some of them were running outdated OS like Windows XP and Windows CE and flawed software such as unpatched versions of OpenSSL.

Some of them had physical ports open that could be used by attackers to install malicious applications to tamper with votes.

Even if physical attacks are easy to spot and stop, some voting machines were using poorly secured Wi-Fi connectivity.

The experts Carsten Schurmann at the DEF CON Voting Village hacked a WinVote system used in previous county elections via Wi-Fi, he exploited the MS03-026 vulnerability in Windows XP to access the voting machine using RDP.

Greetings from the Defcon voting village where it took 1:40 for Carsten Schurmann to get remote access to this WinVote machine.

Another system could be potentially cracked remotely via OpenSSL bug CVE-2011-4109, it is claimed.

huge cheer just went up in @votingvilllagedc as hackers managed to load Rick Astley video onto a voting machine

The good news is that most of the hacked equipment is no longer used in today’s election.

 

The 2 New AF1’s for POTUS are Coming From the Boneyard

Posted on by

Transaero was owned primarily by Aleksandr Pleshakov and his wife Olga Pleshakova, who was the CEO of the airline for most of its existence. In 2105, Dmitry Medvedev gave the green light to begin bankruptcy proceedings for Transaero airlines, according to sources cited by online newspaper Gazeta.ru. Negotiations on a takeover of Russia’s second-biggest carrier by Aeroflot have been deadlocked. According to sources, Aeroflot took a hard line refusing the Transaero consolidation. Later that same year,

Aeroflot said it intended to acquire a 75 percent stake in Transaero, which has about a $4 billion debt. Aeroflot’s main shareholder is the Russian state, which owns 51 percent stake in the carrier.

With the hundreds of millions of dollars the Obama gave to Iran due to a resolving outstanding issues with Iran, many of those dollars have done to bolster Iran’s aircraft industry where Boeing is part of the contractor list.

Further for Boeing and Iran, at list prices, the order is worth in the neighborhood of $17.6 billion, and even applying a standard discount of 45%, Boeing is still walking away with $9.5-10 billion in actual revenue. This represents by far the largest deal between Iran and a U.S. company, and it was inevitable as a result of the relaxed restrictions on Iran’s economy. The Islamic country is certainly aware that its position amongst U.S. politicians, particularly Republicans, is precarious. Accordingly, this order was almost a certainty — as it immensely increases the cost and pain of resuscitating sanctions were the Republicans to attempt such a gambit. Still, a win is a win, and Boeing has won more orders to fill its production gap on the current generation 777 (especially powerful given the rate cut), as well as more orders for the 737 MAX, 777-9X, and critically for the 747-8 (adding a few months of additional production to the backlog).

There are still some outstanding questions, including how Iran Air will finance these aircraft (export financing has been an issue even in Europe), and whether the 747-8 orders are new build or those planned for Transaero. But irrespective of some uncertainty, this is nothing but a win for Boeing.

Trump Wanted a Cheaper Air Force One. So the USAF Is Buying a Bankrupt Russian Firm’s Undelivered 747s

The service is reportedly getting a good deal on the jets, which list for around $390 million and are now sitting in the Mojave Desert.

President Donald Trump said the projected cost of new Air Force One aircraft was too high, so the U.S. Air Force found a way to lower it: by buying a pair of Boeing 747 jetliners abandoned by a bankrupt Russian airline.

Air Force officials are now finalizing a contract with Boeing for the two planes, according to three defense officials with knowledge of the deal. The Pentagon could publicly announce the deal as soon as this week.

We’re working through the final stages of coordination to purchase two commercial 747-8 aircraft and expect to award a contract soon,” Air Force spokeswoman Ann Stefanek said in a statement.

The Air Force is not expected to disclose the specific value of the contract, but officials said that the military is getting a good deal on the planes. Boeing lists the average sticker price of a 747-8 as $386.8 million; the actual amount paid by airlines and other customers varies with quantities, configurations, and so forth.

“We’re still working toward a deal to provide two 747-8s to the Air Force — this deal is focused on providing a great value for the Air Force and the best price for the taxpayer,” Boeing spokeswoman Caroline Hutcheson said in a statement.

The 747s that will be transformed for Presidential transport were originally ordered in 2013 by Transaero, which was Russia’s second-largest airline until it went bankrupt in 2015. Boeing built two of the four jets in the order, but the airline never took ownership of them.

Typically, an airline makes a 1 percent down payment when it orders a plane, then pays the balance in installments. Transaero did not fulfill its scheduled payments, according to an industry source.

“Aeroflot absorbed most of Transaero’s existing fleet, but declined to pick up Transaero’s 747-8I orders worth $1.5 billion at list prices,” FlightGlobalreported last month.

So Boeing flight-tested the two completed jets and put them in storage. Flight tracking data shows that the aircraft, numbered N894BA and N895BA, were last flown in February, to the Southern California Logistics Airport in Victorville, a sprawling facility in the Mojave Desert whose hot, dry air prevents corrosion. This “boneyard” is largely occupied by retired commercial jets that still bear the liveries of Delta, FedEx, British Airways, and Cathay Pacific. Other planes, unmarked, sit with their engines shrinkwrapped in anticipation of one day returning to flight.

Boeing has been paying to store the two 747s in new condition while searching for a buyer, which allowed the Air Force to negotiate a good deal for them, sources said. It’s similar to the way car dealers discount new vehicles from the previous year when new models hit the lot.

Turning a standard 747 into a flying White House requires more than a blue-and-white paint job. After the Air Force takes ownership of the planes, contractors will give them a state-of-the-art communications system, defensive countermeasures, and hardening to withstand an electromagnetic pulse caused by a nuclear explosion. New custom interiors will have conference rooms, offices and seating for White House staff, guests and journalists.

The Pentagon’s 2018 budget request, sent to Congress in February, shows that the Air Force plans to spend nearly $3.2 billion between 2018 and 2022 on two new Air Force One jets. Trump would likely fly on the new planes if he is elected to a second term.

The 747s currently flown as Air Force One are 747-200s, older models that started flying presidents in the early 1990s.

Nicknamed the “Queen of the Skies,” the four-engined 747 has been a tough sell in recent years. Airlines instead have opted for cheaper-to-fly two-engine planes like the 777. Boeing has likely built the last passenger 747; any future orders are likely to be for cargo versions.

United and Delta, the last two American carriers to fly older models of the 747, plan to retire the plane from service by year’s end. Just last week, the iconic aircraft made its last planned domestic revenue flight, a United trip from Chicago to San Francisco.

But, President Trump Hosted Saad Hariri at the White House

Posted on by

So…surely President Trump knew who Hezbollah was and their history right? Oh..perhaps Hariri brought it up in the conversation that the ordnance for the next major battle against Israel has 150,000 missiles under ground in Lebanon, right?

Okay, how about how Iran and Hezbollah are one in the same in Lebanon..surely this was covered in that meeting….uh?

Did President Trump ask Prime Minister Hariri about what he knew regarding Iran’s missile launch and that satellite that failed? Did he ask Hariri why Iran needed a space program?

Anything? Well yes, Hariri asked the President Trump for money to control Hezbollah. The whole country is controlled by Hezbollah…what the heck?

Alright, more facts here.

Iran’s space program has emerged from a three-year dormancy initiated by Rouhani but probably issuing from technical and budgetary constraints as well. Further launches can be expected in the near future, likely renewing concerns over the nature of Iran’s missile and SLV programs. The scenario is especially worrisome when considering assessments that a ballistic-missile derivative of the Simorgh could potentially achieve intercontinental range. Iran insists its inherently military-run space program is for peaceful purposes only and that its ballistic missiles are for conventional deterrence at a range no greater than 2,000 kilometers. Such rhetoric and Iran’s technical limitations notwithstanding, the mere possibility of diverted know-how from an SLV to an ICBM program will unsettle many Western capitals. Previous close cooperation between Tehran and Pyongyang will provide no further solace. Detailed summary here.

photo

Then we have those pesky missiles that seem to get ignored until the WSJ posted a chilling summary:

In a rare moment of disagreement between Benjamin Netanyahu and Donald Trump, Israel’s prime minister last month rejected a U.S.-Russia cease-fire agreement that he said could cement the buildup of Hezbollah and Iranian forces along Israel’s border with Syria.

Mr. Netanyahu has good reason to be concerned. Israel’s head of military intelligence, Maj. Gen. Herzl Halevi, confirmed in June a Kuwaiti newspaper report that largely went unnoticed: Iran’s Islamic Revolutionary Guard Corps, in cooperation with Hezbollah, has been constructing missile-production facilities in Lebanon.

Buried more than 50 meters below ground and protected from aerial attack, these facilities could produce highly sophisticated rockets with ranges of more than 300 miles and equipped with advanced guidance systems.

Israeli officials now say that pre-emptive strikes may be necessary to destroy these missile capabilities before they’re operational. The result could be a bloody war that would see thousands of Hezbollah missiles hurled into Israeli airspace, with punishing Israeli reprisals and hundreds—if not thousands—of civilian deaths on both sides. It would be more chaos for Washington policy makers scrambling to manage a region already in flames.

Iran has long transferred missiles by ground and air through Syria to Hezbollah in Lebanon. In recent years, Israel repeatedly struck these transfers of what their officials call “game-changing” weaponry—weapons that could challenge Israel’s military superiority and pose severe threats to its civilians.

Despite significant success against many of these transfers, Hezbollah’s inventory has expanded to more than 150,000 missiles today from an estimated 50,000 missiles at the beginning of the second Lebanon War in 2006. And while many of these projectiles are crude, an increasing number are highly accurate, capable of delivering a massive payload to anywhere in Israel.

Israel, of course, has advanced short-, medium- and long-range missile defenses: the Iron Dome, David’s Sling and Arrow systems. But Iran and Hezbollah are now seeking an arsenal that can overwhelm these systems. More of the story here.

***

A top North Korean politician recently left Pyongyang for a 10-day trip to Iran, a country that may still be cooperating militarily with the Kim Jong Un regime.

Workers’ Party newspaper Rodong Sinmun reported Tuesday chairman of the Presidium of the Supreme Assembly of North Korea Kim Yong Nam left Pyongyang on Monday to attend the inauguration ceremony for President Hassan Rouhani.

Lastly, the U.S. is detecting significant North Korean submarine activity. And from VANDENBERG AIR FORCE BASE, Calif. –  The U.S. Air Force was preparing Tuesday to test an unarmed Minuteman 3 intercontinental ballistic missile with a launch from California, the fourth such test this year.

The 30th Space Wing says the missile was to be launched between 12:01 a.m. and 6:01 a.m. Wednesday from Vandenberg Air Force Base, about 130 miles (209 kilometers) northwest of Los Angeles.

An Air Force statement said the test would show the effectiveness, readiness, and accuracy of the weapon system.

Minuteman missiles are regularly tested with launches from Vandenberg that send unarmed re-entry vehicles 4,200 miles (6,800 kilometers) across the Pacific to a target area at Kwajalein Atoll.

North Korea Kim Jung un, Cyber Theft of Currency

Posted on by

Going back to the 1970’s, North Korea was counterfeiting U.S. currency. In 2006, it was the super note, a perfect $100 dollar bill.

Training for such skills as counterfeiting, illicit drugs, weapons, cyber warfare and bootleg merchandise comes out of Office 39. Clandestine and fraudulent transactions including management operations flowing through Office 39 is estimate in the $6-8 billion range.

In 2014, one defector fleeing to Russia had $5 million of the Office 39 funds money with him.

Those highly selected North Koreans assigned to Office 39 arrive from having received an education in these specialties from elite universities or academies in China and Russia. Other highly selected North Koreans are also required to attend an in country school known as Mirim College. This school was founded by Kim Jong Il in 1986.

According to a defector:

this college has a highly confidential mission—education of world-class IT warriors—its security is so exhaustively kept that individual guard units are dispatched to the college solely for security. The security manual distributed to guards indicates that, “Without the permission of the college commander, no car should be allowed entrance to college grounds except for that of Kim Jong Il.”

Students of the college wear the same uniform as military officials, but on their shoulders they brandish special stars, on which hak (meaning is learning) is printed. A “Kim Il Political Military University” badge is worn on the left side of the chest.

Kim Jung Il lived the high life while his own people suffered to not only beatings but to death by starvation. His son, Kim Jung Un, taking over the country lives much the same yet due to sanctions and isolation by the international community, illicit activities continue.

Counterfeiting of currency is not so much a common practice in North Korea and the country has been dabbling in bitcoin fraud and now through cyber activity, they steal currency.

Just recently, Reuters published an item referring to a report analyzed suspected cyber attacks between 2015 and 2017 on South Korean government and commercial institutions, identified another Lazarus spinoff named Andariel.

“Bluenoroff and Andariel share their common root, but they have different targets and motives,” the report said. “Andariel focuses on attacking South Korean businesses and government agencies using methods tailored for the country.”

Pyongyang has been stepping up its online hacking capabilities as one way of earning hard currency under the chokehold of international sanctions imposed to stop the development of its nuclear weapons program.

North Korea has cooperated with China, Russia and Iran to improve their cyber capabilities. China is especially complicit in that cooperation by providing the communications network inside the DPRK and inside China. Additionally, China has provided hardware, servers, routers. Russia is not without major blame and shares the guilt by dispatching Russian professors from Frunze Military Academy to train North Koreans to be professional hackers.

Additionally, Russia has sold to North Korea GPS jamming equipment in the area of sea navigation and also provides financial aid to North Korea supporting it’s abilities to interfere and disrupt command and control systems.

North Korea operates yet another location known as Office 91. It has four units:

110= Technology Reconnaissance Team for DDoS attacks

35= External Offensive Cyber Operations

121= Strictly assigned for cyber attacks on South Korea

204= Enemy Secret Cyber Psychological Warfare Unit

In total, it is estimated that North Korea has close to 10,000 people assigned the the cyber and hacking operations in country. Additionally, North Korea maintains a force of up to 1000 in China performing cyber warfare.

While it is common for headlines to refer to Kim Jung Un as a nutcase, that is hardly a fitting description for him. While he may be militant and spontaneous, he is well educated. He attended Liebefeld-Steinhölzli Schule, a Swiss state school gaining access to Western culture, but had lousy grades. He has two degrees, one in physics from Kim il Sung University and another as an Army officer obtained from the Kim Il Sung Military University.

He does maintain an asymmetrical military strategy that has astounded the West and countries in the region with his advanced missile systems and launch abilities. All this is funded by cyber theft of currency and information and cooperation with Iran, China and Russia. North Korea does have IP proxy locations for operations that include New Zealand, Malaysia, Indonesia an several others. The ‘darknet’ is full of countries co-opting servers and jump points all doing the same thing.

 

 

 

The Frunze Military Academy Panorama

Putin’s Expulsion of Americans in Moscow, St. Petersburg, Yekaterinburg and Vladivostok

Posted on by

After Tuesday, they will be locked out.

The order — which affects the US Embassy in Moscow and consulates in St. Petersburg, Yekaterinburg and Vladivostok — would reduce US diplomatic and technical staff to 455, the same number Russia has in the United States, by September 1.
Russia’s state television, First Channel, reported Saturday that 745 of 1,200 people employed at the US embassy and consulates would have to leave the country.
US embassy dacha, Serebryany Bor, 28 Jul 17
 Image copyrightEPAImage captionRussia has banned US diplomats from this dacha at Serebryany Bor on Moscow’s outskirts  
A US diplomatic source told CNN on Saturday they are seeking to clarify who will be affected by the order.
“We’re evaluating the Russian notification and considering various options at this time,” a State Department official told CNN.
Russia also is suspending the use of a US storage facility in Moscow and a country house, or dacha, outside Moscow by Tuesday.

In December of 2016, Obama expelled more than three dozen Russians and closed two dachas from the United States due to Russian intrusion into the U.S.election system. Further, Obama set a limit of 455 Russians as the cap allowed in the United States.

During the G20, Trump and Putin covered the topic of returning the two dachas to Russian possession where the response was fine but with conditions. Those conditions are unknown. Russia has sent a delegation to the State Department to resolve the matter and to date there has been no solution.

Meanwhile, Congress had been in committee drafting a sanctions architecture legislative process that included not only Russia but Iran and North Korea were also contained in the legislation which passed with overwhelming approval in both houses.

Putin watched this cautiously and due to the bill sitting on the Trump desk in the Oval Office waiting for his signature, Putin took action over the weekend with closing at least three facilities. They include a home, a country retreat and a warehouse. 25 U.S. Marines also stand guard at the U.S. embassy.

Warehouse used by US embassy in Moscow, 28 Jul 17Image copyrightEPAImage captionAnd Russia is seizing this US diplomatic warehouse in Moscow

The State Department refuses to list or quantify how many Americans or local employees are on the U.S. diplomatic payroll, the number is close to 2000 including an estimate 80 working for USAID.

  Informationng

MOSCOW (Reuters) – The U.S. embassy in Moscow accused Russian authorities on Monday of barring diplomatic staff from a property on the outskirts of Moscow, after having earlier granted access until midday on Tuesday for them to retrieve belongings.

The Russian foreign ministry did not immediately respond to requests for comment.

The property, in a picturesque spot on a bend in the Moskva river north-west of the Russian capital, is leased by the U.S. embassy for its staff to use for recreation.

Moscow has said it is taking it back as part of retaliatory measures after Washington approved a fresh round of sanctions against Russia.

A Reuters TV cameraman outside the country residence, known in Russian as a dacha, saw five vehicles with diplomatic license plates, including a truck, arrive at the site. He said they were denied entry.

An embassy spokeswoman said: “In line with the Russian government notification, the U.S. Mission to Russia was supposed to have access to our dacha until noon on Aug. 1.

“We have not had access all day today or yesterday,” she said. “We refer you to the Russian government to explain why not.”