The Post now reports that the Vermont utility hack was just an employee connecting to a flagged IP address… https://www.washingtonpost.com/world/national-security/russian-government-hackers-do-not-appear-to-have-targeted-vermont-utility-say-people-close-to-investigation/2017/01/02/70c25956-d12c-11e6-945a-76f69a399dd5_story.html …
Home » Posts tagged 'hacking' (Page 3)
Tag Archives: hacking
China Slams US Hacking Accusation As “Groundless Smear Campaign”, Demands Washington Explain Its Own Spying
China Slams US Hacking Accusation As “Groundless Smear Campaign”, Demands Washington Explain Its Own Spying
While Russia continues to mostly mock and ridicule, and generally take in good humor, the constant allegations by the Obama administration that it “hacked the election”, without actually hacking the election – as in actually rigging or changing the votes – but merely exposing the corruption of the DNC and the cronyism of the Clinton Family Foundation, even if so far the highly confident US “intelligence agencies” have yet to demonstrate a shred of proof substantiating such allegations, China’s reaction to a similar accusation has demonstrated far less sense of humor.
That may explain why Beijing quickly slammed Washington’s claims it engaged in mass spying, and demanded an explanation from the US about its own global spying activities, after a US report accused China of using two Chinese hotels as spy centres, an allegation Beijing dubbed a “groundless” smear attempt.
Last Wednesday, the Washington Times accused the 4PLA, a unit attached to the Chinese Defence Ministry, of using the Jintang and Seasons hotels in the capital Beijing to conduct espionage. As evidence publication cited an open-source intelligence dossier produced by the Army’s Asian Studies Detachment, as the source of its report. The document does not explain why and how the hotels were allegedly used by the Chinese for hacking.
In any case China was displeased, and on Friday the Ministry of National Defense angrily denied that hotels in the Haidian District of Beijing served as a base for any cyber-espionage operations.
“The Chinese military has never supported any hacking activities, and the Chinese government has always been firmly opposed to and cracking down on relevant criminal activities in accordance with law, including network attacks,” China’s Defence Ministry said.
“Relevant accusation is totally groundless and a bad act of smearing China,” the statement added, calling on Washington to stop making “groundless accusation against China.”
…click on the above link to read the rest of the article…
Washington Post Admits Its ‘Russians Hacked A US Utility’ Story Was ‘Fake News’
Washington Post Admits Its ‘Russians Hacked A US Utility’ Story Was ‘Fake News’
Over the weekend we noted that the Washington Post was caught spreading “fake news” about an alleged attempt by “Russian hackers” to take over a Vermont Utility (see “Washington Post Caught Spreading More Fake News About ‘Russian Hackers’“). Within hours of reporting that the “Russian hackers” had gained access to the electrical grid, the Burlington Electric Department in Vermont had to issue a statement confirming that the provocative Wapo story simply wasn’t true and that a laptop found to be infected with malware was never actually connected to the grid. An embarrassed Wapo was subsequently forced to change it’s sensationalized headline and publish a retraction.
Now, as they often do, it appears this Wapo “fake news” rabbit holes gets even deeper. Not only are “federal officials” now confirming that “Russian hackers” never targeted the Vermont electrical grid, but the whole mishap was derived from an employee’s attempt to check his Yahoo email account which, as Wapo reports, resulted in his computer connecting to a “suspicious IP address” that is “found elsewhere in the country suggesting the company wasn’t being targeted by Russians.”
The Russian Hacking Frenzy (Summed Up In 200 Words)
The Russian Hacking Frenzy (Summed Up In 200 Words)
Authored by BelowGotham.com’s Bill Blunden,
The New York Times has published an interactive piece which encapsulates, in all of 200 words, the alleged campaign by Russian hackers to influence the outcome of the 2016 election. Yet the media’s framing of events eschews basic facts – the actual content of the leaks – in favor of screaming “thief” at the top of its lungs.
And so the following 200-word summary is presented as an antidote to the establishment’s clumsy post-election messaging…
Someone delivers exact copies of emails written by Democratic Party mandarins into the public record. These messages are subsequently posted online. Thank you WikiLeaks!
Several email threads demonstrate that the Democratic National Committee (DNC) secretly ganged up on Bernie Sandersto undermine his campaign.
Hillary Clinton, who made over a hundred million in speaking fees with her husband, furtively reassures American oligarchs that her “private position” on economic issues won’t threaten their bottom line. In one related email which highlights big money in politics, a wealthy donor jokes “I guess it takes a study to point out the obvious.”
Voters learn that the DNC leveraged its extensive contacts with the media to manipulate coverage in an effort to elevate Trump. The DNC’s strategy document includes a list of Republican “Pied Pipers” which the media was told to “take seriously.”
The Democratic elites become desperate. Rather than accept their party’s role in Trump’s victory and their betrayal of the working class, they decide to blame Russian Hackers.
The Washington Post hyperventilates about Russian Hackers “penetrating” a utility in Vermont. The headline is exposed as a shameless distortion.
Department of Homeland Security / FBI Claim of Russian Hacking is Fake News
On December 29, 2016, the Hill posted an article discussing a 13 page report by the FBI and DHS claiming that their 13 page report was “evidence” of Russian hacking in US elections.
http://thehill.com/policy/national-security/312132-fbi-dhs-release-report-on-russia-hacking
http://thehill.com/policy/national-security/312132-fbi-dhs-release-report-on-russia-hacking
Wikileaks has repeatedly stated that the source of its leaks was a disgruntled Democratic Party insider.
http://www.dailymail.co.uk/news/article-4034038/Ex-British-ambassador-WikiLeaks-operative-claims-Russia-did-NOT-provide-Clinton-emails-handed-D-C-park-intermediary-disgusted-Democratic-insiders.html
However, President Obama issued a press release on December 29 2016 using the DHS-FBI report to justify increasing sanctions against Russia.
https://www.whitehouse.gov/the-press-office/2016/12/29/statement-president-actions-response-russian-malicious-cyber-activity
I therefore decided to see what the evidence was of Russian involvement in US Elections. The Hill article linked to this 13 page government press release as its proof of Russian hacking.
https://www.us-cert.gov/sites/default/files/publications/JAR_16-20296.pdf
The government press release written by DHS-FBI did not mention Wikileaks in its report. Nor did the report provide any evidence of Russian hacking in the US elections. Instead, the press release stated that “technical indicators” of Russian hacking were in the “CSV file and XML file attached with the PDF.” However, there was no CSV or XML file or link attached with the PDF. I was eventually able to find these two files at this link.
https://www.us-cert.gov/security-publications/GRIZZLY-STEPPE-Russian-Malicious-Cyber-Activity
To see the evidence of Russian hacking first hand, I downloaded the CSV file and converted it into a spreadsheet. The CSV file and the XML file both contained the same data. Here is the XML link to this data which can be viewed online in a web browser.
https://www.us-cert.gov/sites/default/files/publications/JAR-16-20296.xml
Both files provide a list of 895 “indicators” of Russian Hacking. Unfortunately, nearly all of these indicators are simply IP addresses. In other words, it is a list of 895 servers from from more than 40 countries around the world. But the list also includes a few website domain names. (Domain names are simply the name of the website such as Youtube.com). I looked up these website domain names with the the following tool which tells us who owns the domain names and where they are located:
https://www.whois.net/
…click on the above link to read the rest of the article…
Creator of NSA’s Global Surveillance System Calls B.S. On Russian Hacking Report
Creator of NSA’s Global Surveillance System Calls B.S. On Russian Hacking Report
We’ve previously documented that the hacking evidence against Russia is extremely weak, and the new report on Russian hacking doesn’t say much.
Indeed – if Russia hacked the Democratic party emails (from the DNC and top Clinton aide John Podesta) – the NSA would have all of the records showing exactly who did it.
We asked Bill Binney what he thought of the new report.
Binney is the NSA executive who created the agency’s mass surveillance program for digital information, who served as the senior technical director within the agency, who managed six thousand NSA employees, the 36-year NSA veteran widely regarded as a “legend” within the agency and the NSA’s best-ever analyst and code-breaker, who mapped out the Soviet command-and-control structure before anyone else knew how, and so predicted Soviet invasions before they happened (“in the 1970s, he decrypted the Soviet Union’s command system, which provided the US and its allies with real-time surveillance of all Soviet troop movements and Russian atomic weapons”).
Binney is the real McCoy. As we noted in 2013, Binney has been interviewed by virtually all of the mainstream media, including CBS, ABC, CNN, New York Times, USA Today, Fox News, PBS and many others.
Binney tells Washington’s Blog:
I expected to see the IP’s or other signatures of APT’s 28/29 [the entities which the U.S. claims hacked the Democratic emails] and where they were located and how/when the data got transferred to them from DNC/HRC [i.e. Hillary Rodham Clinton]/etc. They seem to have been following APT 28/29 since at least 2015, so, where are they?
Further, once we see the data being transferred to them, when and how did they transfer that data to Wikileaks? This would be evidence of trying to influence our election by getting the truth of our corrupt system out.
…click on the above link to read the rest of the article…
Like Iraq WMD Fiasco, Russia Story Doesn’t Add Up
Like Iraq WMD Fiasco, Russia Story Doesn’t Add Up
Yesterday, President Obama expelled 35 Russian “Operatives” from the Russian Embassy.
Is there any evidence those expelled are “intelligence operatives”? Any hard evidence Russia was behind the Hillary hacks? Any credible evidence that Putin himself is to blame?
The answers are No, No, and No. Yet, once again the American press is again asked to co-sign a dubious intelligence assessment.
Rush to Judgment
Something Stinks
The Rolling Stone comments Something About This Russia Story Stinks
In an extraordinary development Thursday, the Obama administration announced a series of sanctions against Russia. Thirty-five Russian nationals will be expelled from the country. President Obama issued a terse statement seeming to blame Russia for the hack of the Democratic National Committee emails.
“These data theft and disclosure activities could only have been directed by the highest levels of the Russian government,” he wrote.
The problem with this story is that, like the Iraq-WMD mess, it takes place in the middle of a highly politicized environment during which the motives of all the relevant actors are suspect. Nothing quite adds up.
If the American security agencies had smoking-gun evidence that the Russians had an organized campaign to derail the U.S. presidential election and deliver the White House to Trump, then expelling a few dozen diplomats after the election seems like an oddly weak and ill-timed response. Voices in both parties are saying this now.
Republican Sens. John McCain and Lindsey Graham noted the “small price” Russia paid for its “brazen attack.” The Democratic National Committee, meanwhile, said Thursday that taken alone, the Obama response is “insufficient” as a response to “attacks on the United States by a foreign power.”
…click on the above link to read the rest of the article…
The Deep State Blues
Lest you wonder, not only did I not vote for Mr. Trump (or Hillary), but I relished heaping opprobrium on him during the election campaign. Just so you know, I’m not advocating for him, but I’m alarmed that the Deep State (the White House + the Intel Agency gang) now appears to be trying to hack the electoral college vote against him.
The headline deployed everywhere last week, “Russia Hacks Election,” was designed by the Deep State players to deviously lead the broadly dim public to think that Russia somehow interfered with the balloting process, which was not possible since voting machines are not hooked up to the internet. And then it was repeated endlessly by the cable news networks and the newspapers, under the number one rule of propaganda: that if you repeat something often enough, the public will swallow it.
This dishonest meme was also designed to distract the public from the substance of the emails disclosed by WikiLeaks — namely, the scamming and trickery of the Democratic National Committee (DNC), and the influence-peddling of Hillary Clinton and the Clinton Foundation, which had her flirting with indictment last summer, and only reinforced her already-established public image as an unscrupulous person.
The New York Times especially worked the “Russia Hacks Election” story to a fare-the-well, saying in its Sunday edition:
The Central Intelligence Agency has concluded that Moscow put its thumb on the scale for Mr. Trump through the release of hacked Democratic emails, which provided fodder for many of the most pernicious false attacks on Mrs. Clinton on social media.
False attacks? What, that Hillary’s cronies put the DNC’s “thumb on the scale” against Bernie Sanders? That Donna Brazille gave Hillary debate questions beforehand? That as Secretary of State Hillary gave more face-time to foreign supplicants based on their contributions to the Clinton Foundation, and expedited arms deals for especially big givers?
…click on the above link to read the rest of the article…
Ex-White House Officials Criticize Vague Rules Around Disclosure of Hacking Tools
WHEN U.S. GOVERNMENT officials discover a new vulnerability they can use to hack into people’s computers, they have a decision to make: Should they keep it to themselves? Or should they warn the world?
Exactly how they make that decision is a mystery.
Now, two top former White House cybersecurity officials are recommending in a report that the administration be more transparent about how it deals with those vulnerabilities when it discovers them or buys tools to exploit them from the private sector.
“The principles guiding these decisions, as well as a high-level map of the process that will be used to make such decisions, can and should be public,” wrote Ari Schwartz and Robert Knake in a new report for Harvard’s Belfer Center for Science and International Affairs.
Members of the intelligence community have an obvious incentive to hold on to undiscovered cyber flaws so they can keep using them to hack their targets. But failing to tell a company about a flaw in its product — so it can be fixed — puts users at risk from other hackers.
The White House’s continued refusal to explain how it balances the priorities of intelligence versus cybersecurity for Americans is leading to a lack of public trust, the authors suggest.
In 2015, White House officials begrudgingly released heavily redacted guidelines for disclosing cyber threats, which they call the Vulnerabilities Equities Process, to the Electronic Frontier Foundation. They also issued a vague White House blog post.
But as the public becomes more aware of the government’s ability to go on the technological offensive — hacking against adversaries — consumer advocates are asking how that capability is regulated.
…click on the above link to read the rest of the article…
Oregon Senator Warns – The U.S. Government is Dramatically Expanding its Hacking and Surveillance Authority
Oregon Senator Warns – The U.S. Government is Dramatically Expanding its Hacking and Surveillance Authority
The Patriot Act continues to wreak its havoc on civil liberties. Section 213 was included in the Patriot Act over the protests of privacy advocates and granted law enforcement the power to conduct a search while delaying notice to the suspect of the search. Known as a “sneak and peek” warrant, law enforcement was adamant Section 213 was needed to protect against terrorism. But the latest government report detailing the numbers of “sneak and peek” warrants reveals that out of a total of over 11,000 sneak and peek requests, only 51 were used for terrorism. Yet again, terrorism concerns appear to be trampling our civil liberties.
– From the post: More “War on Terror” Abuses – Spying Powers Are Used for Terrorism Only 0.5% of the Time
Ron Wyden, a Senator from Oregon, has been one of the most influential and significant champions of Americans’ embattled 4th Amendment rights in the digital age. Recall that it was Sen. Wyden who caught Director of National Intelligence, James Clapper, lying under oath about government surveillance of U.S. citizens.
Mr. Wyden continues to be a courageous voice for the public when it comes to pushing back against Big Brother spying. His latest post at Medium is a perfect example.
Here it is in full:
Shaking My Head
The government will dramatically expand surveillance powers unless Congress acts
Last month, at the request of the Department of Justice, the Courts approved changes to the obscure Rule 41 of the Federal Rules of Criminal Procedure, which governs search and seizure. By the nature of this obscure bureaucratic process, these rules become law unless Congress rejects the changes before December 1, 2016.
…click on the above link to read the rest of the article…
US Hacking, Spyware Targets Include Mass Media, Phone, and Energy Companies
US Hacking, Spyware Targets Include Mass Media, Phone, and Energy Companies
US corporate government wants to control and drain as much of the world as possible. Reuters, The Register, and others summarize some of its methods:
“The U.S. National Security Agency has figured out how to hide spying software deep within hard drives …. giving the agency the means to eavesdrop on the majority of the world’s computers, according to cyber researchers and former operatives.
That long-sought and closely guarded ability was part of a cluster of spying programs discovered by Kaspersky Lab, the Moscow-based security software maker that has exposed a series of Western cyberespionage operations.
Kaspersky said it found personal computers in 30 countries infected with one or more of the spying programs, with the most infections seen in Iran [a US corporate target since 1953], followed by Russia, Pakistan, Afghanistan, China, Mali, Syria, Yemen and Algeria. The targets included government and military institutions, telecommunication companies, banks, energy companies, nuclear researchers, media, and Islamic activists, Kaspersky said.”
These hacking and spyware operations date back “at least 14 years and possibly up to two decades”.
Other outlets note:
NSA Hackers Infected Hard Drives with Impossible-to-Remove Spyware
Spyware Linked To NSA Discovered In Hard Drives Across The World
The Only Way You Can Delete This NSA Malware Is to Smash Your Hard Drive to Bits
There’s no way of knowing if the NSA’s spyware is on your hard drive
How To Hack A Presidential Election
How To Hack A Presidential Election
There is a growing recognition of the increasing tail wagging the dog nature of the internet’s control over election outcomes. We recently detailed “the hidden persuaders” at work showing how the internet has spawned subtle forms of influence that can flip elections and manipulate everything we say, think and do. Confirming all of this to be chillingly true is Andrés Sepúlveda, who rigged elections throughout Latin America for almost a decade. On the question of whether the U.S. presidential campaign is being tampered with, he is unequivocal – “I’m 100 percent sure it is.”
Liberty Blitzkrieg’s Mike Krieger excerpts a must-read Bloomberg article,
In July 2015, Sepúlveda sat in the small courtyard of the Bunker, poured himself a cup of coffee from a thermos, and took out a pack of Marlboro cigarettes. He says he wants to tell his story because the public doesn’t grasp the power hackers exert over modern elections or the specialized skills needed to stop them. “I worked with presidents, public figures with great power, and did many things with absolutely no regrets because I did it with full conviction and under a clear objective, to end dictatorship and socialist governments in Latin America,” he says. “I have always said that there are two types of politics—what people see and what really makes things happen. I worked in politics that are not seen.”Rendón, says Sepúlveda, saw that hackers could be completely integrated into a modern political operation, running attack ads, researching the opposition, and finding ways to suppress a foe’s turnout. As for Sepúlveda, his insight was to understand that voters trusted what they thought were spontaneous expressions of real people on social media more than they did experts on television and in newspapers. He knew that accounts could be faked and social media trends fabricated, all relatively cheaply.
…click on the above link to read the rest of the article…
The Big Secret That Makes the FBI’s Anti-Encryption Campaign a Big Lie
The Big Secret That Makes the FBI’s Anti-Encryption Campaign a Big Lie
To hear FBI Director James Comey tell it, strong encryption stops law enforcement dead in its tracks by letting terrorists, kidnappers and rapists communicate in complete secrecy.
But that’s just not true.
In the rare cases in which an investigation may initially appear to be blocked by encryption — and so far, the FBI has yet to identify a single one — the government has a Plan B: it’s called hacking.
Hacking — just like kicking down a door and looking through someone’s stuff — is a perfectly legal tactic for law enforcement officers, provided they have a warrant.
And law enforcement officials have, over the years, learned many ways to install viruses, Trojan horses, and other forms of malicious code onto suspects’ devices. Doing so gives them the same access the suspects have to communications — before they’ve been encrypted, or after they’ve been unencrypted.
Government officials don’t like talking about it — quite possibly because hacking takes considerably more effort than simply asking a telecom provider for records. Robert Litt, general counsel to the Director of National Intelligence, recently referred to potential government hacking as a process of “slow uncertain one-offs.”
But they don’t deny it, either. Hacking is “an avenue to consider and discuss,” Amy Hess, the assistant executive director of the FBI’s Science and Technology branch, said at an encryption debate earlier this month.
The FBI “routinely identifies, evaluates, and tests potential exploits in the interest of cyber security,” bureau spokesperson Christopher Allen wrote in an email.
Hacking In Action
There are still only a few publicly known cases of government hacking, but they include examples of phishing, “watering hole” websites, and physical tampering.
Phishing involves an attacker masquerading as a trustworthy website or service and luring a victim with an email message asking the person to click on a link or update sensitive information.
…click on the above link to read the rest of the article…
Op-Ed: U.S. should think twice before retaliating against China over unfounded hacking charges
Op-Ed: U.S. should think twice before retaliating against China over unfounded hacking charges
The United States is on the brink of making another grave mistake under the name of protecting cyber security, as it is reportedly considering retaliatory measures against China for unfounded hacking accusations.
Senior U.S. government and intelligence officials were quoted by a U.S. newspaper as saying Friday that President Barack Obama’s administration has determined to retaliate against China for its alleged theft of personnel information of more than 20 million Americans from the database of the Office of Personnel Management (OPM), but the forms and specific measures of the retaliation have not been decided.
The report added that Obama has allegedly ordered his staff to come up with “a more creative set of responses,” while a U.S. official hinted that the United States will employ “a full range of tools to tailor a response.”
The decision came amid a growing chorus in the United States demonizing China as the culprit behind the massive breach of the OPM computer networks. As witnessed by most past similar cases, the U.S. government, Congress and media once again called for punishing China for this after a top U.S. intelligence official indirectly pointed a finger at China.
Obviously, cyber security has become another tool for Washington to exert pressure on China and another barrier that restrains the further development of China-U.S. relations.
Washington will be blamed for any adverse effects this might have on its ties with China, as all the U.S. accusations against China were made without providing concrete evidence.
The U.S. government was also self-contradictory for declining to directly name China as the attacker on the one hand, while deciding to target China for retaliation on the other.
…click on the above link to read the rest of the article…
The Terrorism Pretext: Mass Surveillance is About Money and Power
The Terrorism Pretext: Mass Surveillance is About Money and Power
“We are under pressure from the Treasury to justify our budget, and commercial espionage is one way of making a direct contribution to the nation’s balance of payments”
-Sir Colin McColl, former MI6 Chief
For years public figures have condemned cyber espionage committed against the United States by intruders launching their attacks out of China. These same officials then turn around and justify America’s far-reaching surveillance apparatus in terms of preventing terrorist attacks. Yet classified documents published by WikiLeaks reveal just how empty these talking points are. Specifically, top-secret intercepts prove that economic spying by the United States is pervasive, that not even allies are safe, and that it’s wielded to benefit powerful corporate interests.
At a recent campaign event in New Hampshire Hillary Clinton accusedChina of “trying to hack into everything that doesn’t move in America.” Clinton’s hyperbole is redolent of similar claims from the American Deep State. For example, who could forget the statement made by former NSA director Keith Alexander that Chinese cyber espionage represents the greatest transfer of wealth in history? Alexander has obviously never heard of quantitative easing (QE) or the self-perpetuating “global war on terror” which has likewise eaten throughtrillions of dollars. Losses due to cyber espionage are a rounding error compared to the tidal wave of money channeled through QE and the war on terror.
When discussing the NSA’s surveillance programs Keith Alexander boldly asserted that they played a vital role with regard to preventing dozens of terrorist attacks, an argument that fell apart rapidly under scrutiny. Likewise, in the days preceding the passage of the USA Freedom Act of 2015 President Obama advised that bulk phone metadata collection was essential “to keep the American people safe and secure.” Never mind that decision makers have failed to provideany evidence that bulk collection of telephone records has prevented terrorist attacks.
…click on the above link to read the rest of the article…
FBI warned Year Ago of impending Malware Attacks—But Didn’t Share Info with Sony – The Intercept
FBI warned Year Ago of impending Malware Attacks—But Didn’t Share Info with Sony – The Intercept.
Nearly one year before Sony was hacked, the FBI warned that U.S. companies were facing potentially crippling data destruction malware attacks, and predicted that such a hack could cause irreparable harm to a firm’s reputation, or even spell the end of the company entirely. The FBI also detailed specific guidance for U.S. companies to follow to prepare and plan for such an attack.
But the FBI never sent Sony the report.
The Dec. 13, 2013 FBI Intelligence Assessment, “Potential Impacts of a Data-Destruction Malware Attack on a U.S. Critical Infrastructure Company’s Network,” warned that companies “must become prepared for the increasing possibility they could become victim to a data destruction cyber attack.”
The 16-page report includes details on previous malware attacks on South Korea banking and media companies—the same incidents and characteristics the FBI said Dec. 19th that it had used to conclude that North Korea was behind the Sony attack.
The report, a copy of which was obtained by The Intercept, was based on discussions with private industry representatives and was prepared after the 2012 cyber attack on Saudi Aramco. The report was marked For Official Use Only, and has not been previously released.
