US EXPELS 35 Russian diplomats, closes two compounds.

[aris2chat]

If Trump tries to cover up his involvement with Putin or bury information about the hacking, he will end up going the same way Nixon did. Republicans in congress would be perfectly happy with Pence as president, he would be far easier to deal with than Trump and lot less likely to do something really stupid that would hurt the party in the midterms.

I wonder when we can have some indication that an actual secret report even exists? Maybe we could get at least one of the seventeen intelligence agencies to provide the public with a secret summery of the secret report. Some kind of verification of at least that much would be nice. Or are we just supposed to take their word for it?

It is posted jointly by the Dept of Homeland Security's National Cybersecurity and Communications Integration Center (NCCIC) and the FBI. Since it's a joint report it may be available from other participating agencies. If that's not good enough for you, I suspect nothing would be.

The joint report is a summary. Although it does contain an example of code and names common to both the current hacking and previous know Russian hacking, it does not contain details of the underlying analysis. Such details are not and should not be made available to the public.

https://www.us-cert.gov/sites/default/files/publications/JAR_16-20296A_GRIZZLY STEPPE-2016-1229.pdf

So in other words: The Russians have been hacking US government communications for years; as have the North Koreans, the Iranians, the Israelis, ect. I wonder when we get to see something definitive regarding the election?

I'm not sure what you mean by something definitive.

We may see some additional information before Obama leaves office but I doubt it. Probably the next major release will come from Trump after the inauguration. He may reverse course in regard to Putin after he sees the details of the hack or he may bury it. If he buries it, there will probably be a Senate investigation committee. It's already being discussed.

I believe Obama stated they were going to release more information prior to Trump Inauguration. I think they're going to try & take him down before he's sworn in.

The Russians have been very busy this year.

1. Hacking the Pentagon to get into the Joint Chiefs of Staffs emails.
Russian hack almost brought the U.S. military to its knees

2. Hacking into the DNC databases, putting tons of FAKE news on social media outlets to elect Comrade Trump.

AND NOW THE LATEST--our electric power grids--they have found the same Russian malware.

Apparently the FBI has sent out a message to all power grids in this country to look for this Russian malware they've been using and one (so far) has been found in Vermont. They refer to this malware as the GRISSLEY STEEP MALWARE. This is the same malware that was used to hack DNC databases.

"The indicators from the malicious software found on a Burlington Electric Company laptop match those on malware found in the Democratic National Committee computers that the US government has blamed on Russians, the Department of Homeland Security said Saturday.

DHS spokesman Todd Breasseale said the department's investigation into the cyber intrusion on the computer is ongoing and he couldn't comment further.

The DHS's acknowledgment is the first such confirmation by the government that the malware is the same as the code used in malicious cyber activity that the US government has blamed on Russian hackers attempting to influence November's election.

It comes a day after Burlington Electric announced it found the malicious software on a computer that was not connected to its grid control systems. Both the Department of Homeland Security and the utility said Saturday there are no indications that the electric grid was breached.

The DHS and the FBI made a 13-page report public Thursday with information about the malware code -- which was found on Democratic National Committee computers -- and urged all entities to check for it.
Alleged Russian malware found on Vermont utility's laptop - CNN.com

What does Comrade Trump say about all this--as of tonight December 31, 2016. "President-elect Donald Trump reiterated his doubts Saturday that Russia was behind cyber-meddling in the US election, saying such a crime would be difficult to prove."
Trump casts hacking doubts again - CNNPolitics.com

Maybe not so hard to prove
http://www.nytimes.com/2016/11/11/world/europe/trump-campaign-russia.html?_r=1

not

media got hooked again

 

[flacaltenn]

Where was this outrage when Sony Pictures was hacked by North Korea because of the movie, "The Interview" about Kim Jong un?

Or when the Federal Employee database containing my 20 page security file with my life history was stolen by the Chinese??? Along with MILLIONS of other sensitive Govt employees ??

Where were the snarly investigations and sanctions and demonization then??

You know what - those are very good questions. But you are approaching it from the wrong end.

There WAS outrage and anger. The Sony hack was big time in the news.

The question to ask is: where were all the outraged claims demanding EVIDENCE before doing anything? We ACCEPTED what the intelligence agencies determined, and we allowed our president to react.

And keep in mind two additional things:
- the reaction, this time, was not the first time the White House has reacted to Russia's hacking, Russia has been warned several times, leading to this - not a knee jerk reaction, but a measured response after we have had an intelligence consensus on it.

- secondly, it targeted our electoral process, I think the timing of the released information ( compared to when the hack occurred) supports this - the motivations (ie - wanting a Trump win) maybe be less supported, but claiming it had nothing to do with our elections is weak. Shouldn't we be outraged that a foreign entity is so blatently attempting to disrupt our elections? Regardless of which candidate was the target I find it mindboggling that people are not angry about it. the same people who are denanding stringent voter ID laws, pass this off - excuse it - demand more "proof". I simply don't understand it.

Where were the visible sanctions on the CHinese for stealing the life data of damn near every Federal employee or security contractor for decades? I musta missed them. No demonizing of the ChiComs for that act.

In these 3 "election" cases you have arrogant people IGNORING security protocols and alerts and then whining about being compromised. The DNC had a VERY hard time accepting the FBI advice to tighten up. They are complicit in the result. And Ms Clinton is DEFINITELY guilty of circumventing all the REQUIRED secure communications channels in favor of her convenience. And Podesta? Who the hell knows. I heard he LOST a phone prior to all this news. And THAT very well might have made it extremely easy by itself.

And here's the problem I have. The media and the partisan whiners are conflating Russia with THE Russian govt. The traces that were found on the DNC snoop job were described as having been analyzed by an Independent company. (Because the DNC didn't TRUST the Intel people to determine ?) And that public report traces the entries back to KNOWN Russian hackers (Cozy Bear and Fancy Bear) but there is NOTHING that connects these outside guys to Russian intelligence in this particular case.

If Cozy and Fancy ARE contractors to the Kremlin -- then WHY would the Kremlin release information that would burn these valuable assets? That's NOT the way it's done. Protecting assets and methods is ALWAYS #1 consideration in the spy biz. Sounds more like the leak was a "Snowden type".. Or the "bears" themselves SELLING the information. In that case, Russians did the hacking, but NOT the Kremlin, who is probably also mad at the fall-out and is largely innocent.

Out of ALL of these 3 attacks -- only the DNC hack has been publicly analyzed. And THAT ONE -- had very little to do with "influencing" the general election. It was Podesta's phone and the katty comments about controlling and managing Clinton's temperament and message that was the damaging stuff. And I for one, am gonna look at EACH CASE individually, with a priority on the Podesta phone to determine whether this is a big poo flinging expedition or whether that phone has traces of the RUSSIAN GOVT (or others) on it.

Know what else I think? I think after this that Trump is a moron if he refuses to put down his tweeter. Or at least they pry it out of his tiny hands and force him to dictate tweets for someone else to send out. He's giving up information every time he types a brainfart. And I also believe that the Dems are fishing to see who BOUGHT that Podesta information -- IF it went up for sale. Might turn out that the Kremlin didn't turn it over to Wikileaks, but some big GOP donor might have.

HOW and by WHOM it got released is the question. Not just who hacked it.

 

[flacaltenn]

If Trump tries to cover up his involvement with Putin or bury information about the hacking, he will end up going the same way Nixon did. Republicans in congress would be perfectly happy with Pence as president, he would be far easier to deal with than Trump and lot less likely to do something really stupid that would hurt the party in the midterms.

I wonder when we can have some indication that an actual secret report even exists? Maybe we could get at least one of the seventeen intelligence agencies to provide the public with a secret summery of the secret report. Some kind of verification of at least that much would be nice. Or are we just supposed to take their word for it?

It is posted jointly by the Dept of Homeland Security's National Cybersecurity and Communications Integration Center (NCCIC) and the FBI. Since it's a joint report it may be available from other participating agencies. If that's not good enough for you, I suspect nothing would be.

The joint report is a summary. Although it does contain an example of code and names common to both the current hacking and previous know Russian hacking, it does not contain details of the underlying analysis. Such details are not and should not be made available to the public.

https://www.us-cert.gov/sites/default/files/publications/JAR_16-20296A_GRIZZLY STEPPE-2016-1229.pdf

So in other words: The Russians have been hacking US government communications for years; as have the North Koreans, the Iranians, the Israelis, ect. I wonder when we get to see something definitive regarding the election?

I'm not sure what you mean by something definitive.

We may see some additional information before Obama leaves office but I doubt it. Probably the next major release will come from Trump after the inauguration. He may reverse course in regard to Putin after he sees the details of the hack or he may bury it. If he buries it, there will probably be a Senate investigation committee. It's already being discussed.

I believe Obama stated they were going to release more information prior to Trump Inauguration. I think they're going to try & take him down before he's sworn in.

The Russians have been very busy this year.

1. Hacking the Pentagon to get into the Joint Chiefs of Staffs emails.
Russian hack almost brought the U.S. military to its knees

2. Hacking into the DNC databases, putting tons of FAKE news on social media outlets to elect Comrade Trump.

AND NOW THE LATEST--our electric power grids--they have found the same Russian malware.

Apparently the FBI has sent out a message to all power grids in this country to look for this Russian malware they've been using and one (so far) has been found in Vermont. They refer to this malware as the GRISSLEY STEEP MALWARE. This is the same malware that was used to hack DNC databases.

"The indicators from the malicious software found on a Burlington Electric Company laptop match those on malware found in the Democratic National Committee computers that the US government has blamed on Russians, the Department of Homeland Security said Saturday.

DHS spokesman Todd Breasseale said the department's investigation into the cyber intrusion on the computer is ongoing and he couldn't comment further.

The DHS's acknowledgment is the first such confirmation by the government that the malware is the same as the code used in malicious cyber activity that the US government has blamed on Russian hackers attempting to influence November's election.

It comes a day after Burlington Electric announced it found the malicious software on a computer that was not connected to its grid control systems. Both the Department of Homeland Security and the utility said Saturday there are no indications that the electric grid was breached.

The DHS and the FBI made a 13-page report public Thursday with information about the malware code -- which was found on Democratic National Committee computers -- and urged all entities to check for it.
Alleged Russian malware found on Vermont utility's laptop - CNN.com

What does Comrade Trump say about all this--as of tonight December 31, 2016. "President-elect Donald Trump reiterated his doubts Saturday that Russia was behind cyber-meddling in the US election, saying such a crime would be difficult to prove."
Trump casts hacking doubts again - CNNPolitics.com

Maybe not so hard to prove
http://www.nytimes.com/2016/11/11/world/europe/trump-campaign-russia.html?_r=1

Russian malware that is available on the dark market to 1000s of hackers does not equal Russian GOVERNMENT hacking. Intel agencies rarely LOSE their tools and leave them behind. And if THEY DO -- they make new ones...

 

[aris2chat]

Obama's insanity does not quit

No US carrier at sea leaves gap in Middle East

 

[Coyote]

Where was this outrage when Sony Pictures was hacked by North Korea because of the movie, "The Interview" about Kim Jong un?

Or when the Federal Employee database containing my 20 page security file with my life history was stolen by the Chinese??? Along with MILLIONS of other sensitive Govt employees ??

Where were the snarly investigations and sanctions and demonization then??

You know what - those are very good questions. But you are approaching it from the wrong end.

There WAS outrage and anger. The Sony hack was big time in the news.

The question to ask is: where were all the outraged claims demanding EVIDENCE before doing anything? We ACCEPTED what the intelligence agencies determined, and we allowed our president to react.

And keep in mind two additional things:
- the reaction, this time, was not the first time the White House has reacted to Russia's hacking, Russia has been warned several times, leading to this - not a knee jerk reaction, but a measured response after we have had an intelligence consensus on it.

- secondly, it targeted our electoral process, I think the timing of the released information ( compared to when the hack occurred) supports this - the motivations (ie - wanting a Trump win) maybe be less supported, but claiming it had nothing to do with our elections is weak. Shouldn't we be outraged that a foreign entity is so blatently attempting to disrupt our elections? Regardless of which candidate was the target I find it mindboggling that people are not angry about it. the same people who are denanding stringent voter ID laws, pass this off - excuse it - demand more "proof". I simply don't understand it.

Where were the visible sanctions on the CHinese for stealing the life data of damn near every Federal employee or security contractor for decades? I musta missed them. No demonizing of the ChiComs for that act.

The most recent hacking represents an ongoing escalation in state-sponsored hacking, which is something the administration was concerned about in how to respond to the Chinese and the North Koreans and now the Russians. Response isn't a "one size fits all" solution. The visible sanctions and public response to Russia were enacted after other attempts to halt it proved ineffective. We retaliated against NK, but the same response wouldn't work against China or Russia, as outlined in the article below.

http://www.nytimes.com/2015/08/01/world/asia/us-decides-to-retaliate-against-chinas-hacking.html

But over recent days, both Mr. Clapper and Adm. Michael S. Rogers, director of the National Security Agency and commander of the military’s Cyber Command, have hinted at the internal debate by noting that unless the United States finds a way to respond to the attacks, they are bound to escalate.

Mr. Clapper predicted that the number and sophistication of hacking aimed at the United States would worsen “until such time as we create both the substance and psychology of deterrence.”

Admiral Rogers made clear in a public presentation to the meeting of the Aspen Security Forum last week that he had advised President Obama to strike back against North Korea for the earlier attack on Sony Pictures Entertainment. Since then, evidence that hackers associated with the Chinese government were responsible for the Office of Personnel Management theft has been gathered by personnel under Admiral Rogers’s command, officials said.

Admiral Rogers stressed the need for “creating costs” for attackers responsible for the intrusion, although he acknowledged that it differed in important ways from the Sony case. In the Sony attack, the theft of emails was secondary to the destruction of much of the company’s computer systems, part of an effort to intimidate the studio to keep it from releasing a comedy that portrayed the assassination of Kim Jong-un, the North Korean leader.

According to officials involved in the internal debates over responses to the personnel office attack, Mr. Obama’s aides explored applying economic sanctions against China, based on the precedent of sanctions the president approved against North Korea in January.

“The analogy simply didn’t work,” said one senior economic official, who spoke on the condition of anonymity to discuss internal White House deliberations. North Korea is so isolated that there was no risk it could retaliate in kind. But in considering sanctions against China, officials from the Commerce Department and the Treasury offered a long list of countersanctions the Chinese could impose against American firms that are already struggling to deal with China.​

So sanctions would be less effective with China (and more likely to damage us) but that is not the case with Russia, there isn't much Russia can sanction us for that would do much damage. However the Obama administration applied a different approach with China that HAS caused a decline in Chinese hacking attacks:

Obama Curbed Chinese Hacking, But Russia Won’t Be So Easy

That decline was achieved through two major moves by the US government since 2014. First, the US Department of Justice identified five Chinese men by name—all members of China’s People’s Liberation Army—and accused them of taking part in a series of intrusions of American companies, going so far as to issue criminal charges against them in absentia. Additionally, after the US threatened new trade sanctions against China for its hacking activities in 2015, Chinese President Xi Jinping and President Obama signed an agreement in that September in which both countries agreed not to hack the other’s private sector targets. With a few exceptions, China has since abided by that agreement, Alperovitch says.​

No demonizing? They were openly and publically identified, and an agreement was reached after threatening trade sanctions. But Russia is not China. from the same article I quoted above:

A Russian Puzzle

...Despite that intelligence community concurrence, no course of action has been publicly set. While the White House is rumored to have considered economic sanctions, that measure may not work as well in Russia’s case, says FireEye’s Director of Global Intelligence Laura Galante. The US recently sanctioned Russia following its invasion of Ukraine’s Crimea, and needs to preserve what relationship it has left to work toward peace in Syria, limitings its ability to play the sanctions card again. And unlike the case of China’s economic espionage, financial sanctions would be seen as an “asymmetric” financial response to a fundamentally political crime, Galante says. “For China, it made sense to say,’you’re stealing our IP so you can’t sell in our market,'” she says. “With Russia, sanctions don’t align with the actual activity taking place now.”

Obama himself told reporters Friday that additional sanctions may not be the answer. “We already have enormous numbers of sanctions against Russia,” he said. “How we approach an appropriate response that increases costs for them for behavior like this in the future but doesn’t create problems for us is worth taking the time to think through and figure out.”

Naming and indicting individual culprits, as the US Justice Department did with Chinese hackers in 2014, may not be the right approach to Russia either, Galante says. “The Russians are less affected by shame,” she says. “The Chinese felt incredibly demeaned by what happened with the indictment and that made it powerful. The Russians will just see it as continued Russophobia.”​

The article does suggest that highly targeted sanctions might work with Russia:

Applying the China model to Russia can still work, says Georgetown professor and ex-CIA counsel Catherine Lotrionte, in the sense that the US needs to find the legal and diplomatic buttons it can push to reach Russia’s leadership. “You have to make their lives unpleasant in some way,” she says. “You have to do something to show them this is not worth it.”


Lotrionte suggests highly targeted sanctions designed to hurt not the Russian economy but Putin himself, or his direct associates. And targeted trade sanctions could be combined with freezing Russian assets in American banks and denying travel to Putin’s inner circle. “Targeted sanctions can have positive results,” she says. “You’re not targeting companies. You’re targeting individuals. It could be people in government, it could be CEOs of companies…We have the legal authority to freeze assets and prohibit travel.”​

And that is basically what Obama did along with the public throwing out of spies. Is that demonizing and if so, how is it any more demonizing than publically accusing (and shaming) Chinese officials behind the Chinese hacks? The only difference is the context of the debate - a context that involves a highly irregular election season, and allegations of electoral interference. The contextual difference is that like the NK hack, like the Chinese hack, these Russian hacks have taken place on Obama's watch and it's his responsibility to find the best way to deal with them in a way that will hopefully decrease or end them. Unlike with China, he doesn't have years to put pressure on and negotiate for a solution. Softer diplomatic approaches have utterly failed with Russia. What was needed was an appropriate response, that made a strong point and did not leave us looking weak. Pretending that there is no "proof" (which we did not demand for the Chinese) - pretending that we want warm and fuzzy relations with Russia so we'll let bygones be bygones and ignore the latest in an escelating series of hacks isn't a wise solution either.

In these 3 "election" cases you have arrogant people IGNORING security protocols and alerts and then whining about being compromised. The DNC had a VERY hard time accepting the FBI advice to tighten up. They are complicit in the result. And Ms Clinton is DEFINITELY guilty of circumventing all the REQUIRED secure communications channels in favor of her convenience. And Podesta? Who the hell knows. I heard he LOST a phone prior to all this news. And THAT very well might have made it extremely easy by itself.

In those cases - Mrs. Clinton may or may not have been hacked (no proof either way) - but that is not the material that was leaked to wikileaks. There is no way of verifying anything about Podesta's phone. I think those two things should be left out of the occassion. It IS known that the DNC was hacked, and yes they were stupid about security, but to use an analogy - does that mean a scantily dressed girl in a rough bar is complicit in the crime if she is raped and, does that mean that we should not go after her attacker decisively?

And here's the problem I have. The media and the partisan whiners are conflating Russia with THE Russian govt. The traces that were found on the DNC snoop job were described as having been analyzed by an Independent company. (Because the DNC didn't TRUST the Intel people to determine ?) And that public report traces the entries back to KNOWN Russian hackers (Cozy Bear and Fancy Bear) but there is NOTHING that connects these outside guys to Russian intelligence in this particular case.

The intelligence agencies have been saying that a hack of this scope and nature, not to mention the carefully timed releases a year later....indicate involvement at a state level. Now we can choose to believe or disbelieve our own agencies. But if we choose to disbelieve them, then I have to ask why we chose to believe that the Chinese hacks were orchestrated at a state level (no "direct" evidence there either and no one whining about the need for it)? Same with North Korea I think.

So WHY are some insisting Russia be treated as more innocent then China? I think that is a good question to ask.

If Cozy and Fancy ARE contractors to the Kremlin -- then WHY would the Kremlin release information that would burn these valuable assets? That's NOT the way it's done. Protecting assets and methods is ALWAYS #1 consideration in the spy biz. Sounds more like the leak was a "Snowden type".. Or the "bears" themselves SELLING the information. In that case, Russians did the hacking, but NOT the Kremlin, who is probably also mad at the fall-out and is largely innocent.

I can't answer that because I am not involved in intelligence, and don't know the ins and outs of the Russians, nor do I as a private citizen have access to the information they do - so I do trust our agencies in this regard - particularly when more than one are drawing the same conclusions.

Out of ALL of these 3 attacks -- only the DNC hack has been publicly analyzed. And THAT ONE -- had very little to do with "influencing" the general election. It was Podesta's phone and the katty comments about controlling and managing Clinton's temperament and message that was the damaging stuff. And I for one, am gonna look at EACH CASE individually, with a priority on the Podesta phone to determine whether this is a big poo flinging expedition or whether that phone has traces of the RUSSIAN GOVT (or others) on it.

Know what else I think? I think after this that Trump is a moron if he refuses to put down his tweeter. Or at least they pry it out of his tiny hands and force him to dictate tweets for someone else to send out. He's giving up information every time he types a brainfart. And I also believe that the Dems are fishing to see who BOUGHT that Podesta information -- IF it went up for sale. Might turn out that the Kremlin didn't turn it over to Wikileaks, but some big GOP donor might have.

HOW and by WHOM it got released is the question. Not just who hacked it.

The Trump and the Tweet shalt not be parted. No parteth sayeth the Lord for the Tweet shall be the message and the Tweeter shall be the Messenger.

 

[Constructive Anarchy]

See also, my post here: No evidence has been submitted that the Russians hacked the DNC

Submit evidence to who? It's foolish to think that security agencies or the administration would or should reveal information often acquired clandestinely from human or technical sources or information that would compromise current operations.

Damaging current operations, connections with valuable sources, or revealing technical capabilities for the sake of satisfying critics would be truly unwise. Supporters of the administration need only assurance from the president. Those that oppose the administration would never have enough information.

Who could possibly imagine anyone being skeptical about the veracity of an anonymous secret report that can't be verified.

If you bothered to look at the report, you would see two seals at the top, FBI and Homeland Security. I suppose you consider these organizations lacking in any creditably. You will also see at the end of the report who to contact with questions.

What do you suppose is the meaning of the disclaimer: "As Is" For Informational Purposes Only. ?

 

[flacaltenn]

fter the US threatened new trade sanctions against China for its hacking activities in 2015, Chinese President Xi Jinping and President Obama signed an agreement in that September in which both countries agreed not to hack the other’s private sector targets. With a few exceptions, China has since abided by that agreement, Alperovitch says.

Did ya catch the key word there? "Private Sector Targets".. Hacking govt and political orgs is always open season for State Intel Agencies.. Not illegal thru treaty. AND -- the info gained from those operations doesn't EVER leave the highest security.

And my colleagues in Silicon Valley will tell you -- they are not hacked less by China since that agreement.

The intelligence agencies have been saying that a hack of this scope and nature, not to mention the carefully timed releases a year later....indicate involvement at a state level. Now we can choose to believe or disbelieve our own agencies. But if we choose to disbelieve them, then I have to ask why we chose to believe that the Chinese hacks were orchestrated at a state level (no "direct" evidence there either and no one whining about the need for it)? Same with North Korea I think.

I don't think the releases were DELAYED by a year. Certainly not the Podesta and DNC ones. That was fresh red meat.

"of that nature and scope".. . Holy cow.. If you knew how good these folks were at accessing the HARD targets, Hillary's server, the DNC and Podesta's phone would be child's play.. Any of THOUSANDS of hackers who happened to use Russian malware and tools (not Russian Intel Agency tools) could have done this on a lark. These devices were WIDE open. Commercial spyhunter s/w protection doesn't even bother them with the type of phishing attacks that Podesta's phone was. In fact, the spear-fishing attack that opened up his phone was discussed publicly. He inquired to IT as to a memo that SEEMED to come from them. But in the reply, (the story goes), The IT person said that his "spell-checker" changed a word that told Podesta (or assistant) that it was OK to open the malicious file. Damn spellheckers !!!!

THAT --- is considered "sophisticated"??? of "it's nature and scope"?? It happens a couple 1,000 times all around the world -- every day... That's baloney. The malware which was delivered in that phishing attack is on the dark market across the world. I could probably get the price of it if you have enough BitCoin credits. That's not a PayPal type deal..

What the Intel agencies are NOT saying really --- is why and who leaked it. That's STILL the bigger question. And the one that doesn't seem to indicate an Intel Op of a state actor.

 

[Coyote]

fter the US threatened new trade sanctions against China for its hacking activities in 2015, Chinese President Xi Jinping and President Obama signed an agreement in that September in which both countries agreed not to hack the other’s private sector targets. With a few exceptions, China has since abided by that agreement, Alperovitch says.

Did ya catch the key word there? "Private Sector Targets".. Hacking govt and political orgs is always open season for State Intel Agencies.. Not illegal thru treaty. AND -- the info gained from those operations doesn't EVER leave the highest security.

And my colleagues in Silicon Valley will tell you -- they are not hacked less by China since that agreement.

The intelligence agencies have been saying that a hack of this scope and nature, not to mention the carefully timed releases a year later....indicate involvement at a state level. Now we can choose to believe or disbelieve our own agencies. But if we choose to disbelieve them, then I have to ask why we chose to believe that the Chinese hacks were orchestrated at a state level (no "direct" evidence there either and no one whining about the need for it)? Same with North Korea I think.

I don't think the releases were DELAYED by a year. Certainly not the Podesta and DNC ones. That was fresh red meat.

"of that nature and scope".. . Holy cow.. If you knew how good these folks were at accessing the HARD targets, Hillary's server, the DNC and Podesta's phone would be child's play.. Any of THOUSANDS of hackers who happened to use Russian malware and tools (not Russian Intel Agency tools) could have done this on a lark. These devices were WIDE open. Commercial spyhunters don't even bother them with the type of phishing attacks that Podesta's phone was. In fact, the spear-fishing attack that opened up his phone was discussed publicly. He enquired to IT as to a memo that SEEMED to come from them. But in the reply, (the story goes), The IT person said that his "spell-checker" changed a word that told Podesta (or assistant) that it was OK to open the malicious file.

THAT --- is considered "sophisticated"??? of "it's nature and scope"?? It happens a couple 1,000 times all around the world -- every day... That's baloney. The malware which was delivered in that phishing attack is on the dark market across the world. I could probably get the price of it if you have enough BitCoin credits. That's not a PayPal type deal..

What the Intel agencies are NOT saying really --- is why and who leaked it. That's STILL the bigger question. And the one that doesn't seem to indicate an Intel Op of a state actor.

The "why" is pretty easy - to throw a wrench into the elections. Ya, I was wrong about timing - the hack was in May but the timing of the releases was certainly strategic. If the Russians hacked it, and that is what the Intel agencies are saying - then I'm sure they leaked it. Assange is close with the Russians.

 

[aris2chat]

fter the US threatened new trade sanctions against China for its hacking activities in 2015, Chinese President Xi Jinping and President Obama signed an agreement in that September in which both countries agreed not to hack the other’s private sector targets. With a few exceptions, China has since abided by that agreement, Alperovitch says.

Did ya catch the key word there? "Private Sector Targets".. Hacking govt and political orgs is always open season for State Intel Agencies.. Not illegal thru treaty. AND -- the info gained from those operations doesn't EVER leave the highest security.

And my colleagues in Silicon Valley will tell you -- they are not hacked less by China since that agreement.

The intelligence agencies have been saying that a hack of this scope and nature, not to mention the carefully timed releases a year later....indicate involvement at a state level. Now we can choose to believe or disbelieve our own agencies. But if we choose to disbelieve them, then I have to ask why we chose to believe that the Chinese hacks were orchestrated at a state level (no "direct" evidence there either and no one whining about the need for it)? Same with North Korea I think.

I don't think the releases were DELAYED by a year. Certainly not the Podesta and DNC ones. That was fresh red meat.

"of that nature and scope".. . Holy cow.. If you knew how good these folks were at accessing the HARD targets, Hillary's server, the DNC and Podesta's phone would be child's play.. Any of THOUSANDS of hackers who happened to use Russian malware and tools (not Russian Intel Agency tools) could have done this on a lark. These devices were WIDE open. Commercial spyhunters don't even bother them with the type of phishing attacks that Podesta's phone was. In fact, the spear-fishing attack that opened up his phone was discussed publicly. He enquired to IT as to a memo that SEEMED to come from them. But in the reply, (the story goes), The IT person said that his "spell-checker" changed a word that told Podesta (or assistant) that it was OK to open the malicious file.

THAT --- is considered "sophisticated"??? of "it's nature and scope"?? It happens a couple 1,000 times all around the world -- every day... That's baloney. The malware which was delivered in that phishing attack is on the dark market across the world. I could probably get the price of it if you have enough BitCoin credits. That's not a PayPal type deal..

What the Intel agencies are NOT saying really --- is why and who leaked it. That's STILL the bigger question. And the one that doesn't seem to indicate an Intel Op of a state actor.

The "why" is pretty easy - to throw a wrench into the elections. Ya, I was wrong about timing - the hack was in May but the timing of the releases was certainly strategic. If the Russians hacked it, and that is what the Intel agencies are saying - then I'm sure they leaked it. Assange is close with the Russians.

It has already been stated it was leaked from the inside the DNC and not from Russians.

The press could have found out the truth about Clinton and the DNC, but they intentionally avoided such things and tried to besmirch Trump over the most unreliable things instead.

Now they try to convince people russia are somehow to blame but neglect all the times Obama hacked other countries or interfered at taxpayer expense in foreign elections. Now He wants to intentionally fabricate a war on his last days to drop in Trump's lap on top of a mountain of billions in more regulations and red tape to entangle Trump in legal stumbling blocks.

Anything but a peaceful handover of power.

 

[Flopper]

Where was this outrage when Sony Pictures was hacked by North Korea because of the movie, "The Interview" about Kim Jong un?

Or when the Federal Employee database containing my 20 page security file with my life history was stolen by the Chinese??? Along with MILLIONS of other sensitive Govt employees ??

Where were the snarly investigations and sanctions and demonization then??

You know what - those are very good questions. But you are approaching it from the wrong end.

There WAS outrage and anger. The Sony hack was big time in the news.

The question to ask is: where were all the outraged claims demanding EVIDENCE before doing anything? We ACCEPTED what the intelligence agencies determined, and we allowed our president to react.

And keep in mind two additional things:
- the reaction, this time, was not the first time the White House has reacted to Russia's hacking, Russia has been warned several times, leading to this - not a knee jerk reaction, but a measured response after we have had an intelligence consensus on it.

- secondly, it targeted our electoral process, I think the timing of the released information ( compared to when the hack occurred) supports this - the motivations (ie - wanting a Trump win) maybe be less supported, but claiming it had nothing to do with our elections is weak. Shouldn't we be outraged that a foreign entity is so blatently attempting to disrupt our elections? Regardless of which candidate was the target I find it mindboggling that people are not angry about it. the same people who are denanding stringent voter ID laws, pass this off - excuse it - demand more "proof". I simply don't understand it.

Y'all keep saying that Putin wanted Trump to win as if he is a weak lame duck President right out of the gate, but you people are so wrong about it all, and it all leads back to the Democrats in the end, and how they are behind this whole debacle that is going on here in all of this.

Putin wanted Trump to win for several reason:

• First, he spoke against NATO and suggested the US should reduce support. Putin hates NATO and considers it a major threat to Russia.
• Second, having a business man with no experience in international diplomacy leading the only nation strong enough to rival Russia is just too good to be true.
• Lastly, Clinton has spoke against Putin's military expansion, opposed his actions in Syria, encourage Russian protest against his election. Any president but Clinton would preferable for Putin.

Practically all of Trump's campaign promises such as building walls between the US and Mexico, limiting immigration, confronting China and other countries on trade are indications that the US will be moving in directions less likely to challenge Russian expansion in the Ukraine and Middle East.

 

[Flopper]

See also, my post here: No evidence has been submitted that the Russians hacked the DNC

Submit evidence to who? It's foolish to think that security agencies or the administration would or should reveal information often acquired clandestinely from human or technical sources or information that would compromise current operations.

Damaging current operations, connections with valuable sources, or revealing technical capabilities for the sake of satisfying critics would be truly unwise. Supporters of the administration need only assurance from the president. Those that oppose the administration would never have enough information.

Who could possibly imagine anyone being skeptical about the veracity of an anonymous secret report that can't be verified.

If you bothered to look at the report, you would see two seals at the top, FBI and Homeland Security. I suppose you consider these organizations lacking in any creditably. You will also see at the end of the report who to contact with questions.

What do you suppose is the meaning of the disclaimer: "As Is" For Informational Purposes Only. ?

It appears to be same disclaimer on all JAR's. Since this like most JAR's contain mostly recommendations on security as well as product names, such a disclaimer seems reasonable.

 

[beagle9]

Where was this outrage when Sony Pictures was hacked by North Korea because of the movie, "The Interview" about Kim Jong un?

Or when the Federal Employee database containing my 20 page security file with my life history was stolen by the Chinese??? Along with MILLIONS of other sensitive Govt employees ??

Where were the snarly investigations and sanctions and demonization then??

You know what - those are very good questions. But you are approaching it from the wrong end.

There WAS outrage and anger. The Sony hack was big time in the news.

The question to ask is: where were all the outraged claims demanding EVIDENCE before doing anything? We ACCEPTED what the intelligence agencies determined, and we allowed our president to react.

And keep in mind two additional things:
- the reaction, this time, was not the first time the White House has reacted to Russia's hacking, Russia has been warned several times, leading to this - not a knee jerk reaction, but a measured response after we have had an intelligence consensus on it.

- secondly, it targeted our electoral process, I think the timing of the released information ( compared to when the hack occurred) supports this - the motivations (ie - wanting a Trump win) maybe be less supported, but claiming it had nothing to do with our elections is weak. Shouldn't we be outraged that a foreign entity is so blatently attempting to disrupt our elections? Regardless of which candidate was the target I find it mindboggling that people are not angry about it. the same people who are denanding stringent voter ID laws, pass this off - excuse it - demand more "proof". I simply don't understand it.

Where were the visible sanctions on the CHinese for stealing the life data of damn near every Federal employee or security contractor for decades? I musta missed them. No demonizing of the ChiComs for that act.

The most recent hacking represents an ongoing escalation in state-sponsored hacking, which is something the administration was concerned about in how to respond to the Chinese and the North Koreans and now the Russians. Response isn't a "one size fits all" solution. The visible sanctions and public response to Russia were enacted after other attempts to halt it proved ineffective. We retaliated against NK, but the same response wouldn't work against China or Russia, as outlined in the article below.

http://www.nytimes.com/2015/08/01/world/asia/us-decides-to-retaliate-against-chinas-hacking.html

But over recent days, both Mr. Clapper and Adm. Michael S. Rogers, director of the National Security Agency and commander of the military’s Cyber Command, have hinted at the internal debate by noting that unless the United States finds a way to respond to the attacks, they are bound to escalate.

Mr. Clapper predicted that the number and sophistication of hacking aimed at the United States would worsen “until such time as we create both the substance and psychology of deterrence.”

Admiral Rogers made clear in a public presentation to the meeting of the Aspen Security Forum last week that he had advised President Obama to strike back against North Korea for the earlier attack on Sony Pictures Entertainment. Since then, evidence that hackers associated with the Chinese government were responsible for the Office of Personnel Management theft has been gathered by personnel under Admiral Rogers’s command, officials said.

Admiral Rogers stressed the need for “creating costs” for attackers responsible for the intrusion, although he acknowledged that it differed in important ways from the Sony case. In the Sony attack, the theft of emails was secondary to the destruction of much of the company’s computer systems, part of an effort to intimidate the studio to keep it from releasing a comedy that portrayed the assassination of Kim Jong-un, the North Korean leader.

According to officials involved in the internal debates over responses to the personnel office attack, Mr. Obama’s aides explored applying economic sanctions against China, based on the precedent of sanctions the president approved against North Korea in January.

“The analogy simply didn’t work,” said one senior economic official, who spoke on the condition of anonymity to discuss internal White House deliberations. North Korea is so isolated that there was no risk it could retaliate in kind. But in considering sanctions against China, officials from the Commerce Department and the Treasury offered a long list of countersanctions the Chinese could impose against American firms that are already struggling to deal with China.​

So sanctions would be less effective with China (and more likely to damage us) but that is not the case with Russia, there isn't much Russia can sanction us for that would do much damage. However the Obama administration applied a different approach with China that HAS caused a decline in Chinese hacking attacks:

Obama Curbed Chinese Hacking, But Russia Won’t Be So Easy

That decline was achieved through two major moves by the US government since 2014. First, the US Department of Justice identified five Chinese men by name—all members of China’s People’s Liberation Army—and accused them of taking part in a series of intrusions of American companies, going so far as to issue criminal charges against them in absentia. Additionally, after the US threatened new trade sanctions against China for its hacking activities in 2015, Chinese President Xi Jinping and President Obama signed an agreement in that September in which both countries agreed not to hack the other’s private sector targets. With a few exceptions, China has since abided by that agreement, Alperovitch says.​

No demonizing? They were openly and publically identified, and an agreement was reached after threatening trade sanctions. But Russia is not China. from the same article I quoted above:

A Russian Puzzle

...Despite that intelligence community concurrence, no course of action has been publicly set. While the White House is rumored to have considered economic sanctions, that measure may not work as well in Russia’s case, says FireEye’s Director of Global Intelligence Laura Galante. The US recently sanctioned Russia following its invasion of Ukraine’s Crimea, and needs to preserve what relationship it has left to work toward peace in Syria, limitings its ability to play the sanctions card again. And unlike the case of China’s economic espionage, financial sanctions would be seen as an “asymmetric” financial response to a fundamentally political crime, Galante says. “For China, it made sense to say,’you’re stealing our IP so you can’t sell in our market,'” she says. “With Russia, sanctions don’t align with the actual activity taking place now.”

Obama himself told reporters Friday that additional sanctions may not be the answer. “We already have enormous numbers of sanctions against Russia,” he said. “How we approach an appropriate response that increases costs for them for behavior like this in the future but doesn’t create problems for us is worth taking the time to think through and figure out.”

Naming and indicting individual culprits, as the US Justice Department did with Chinese hackers in 2014, may not be the right approach to Russia either, Galante says. “The Russians are less affected by shame,” she says. “The Chinese felt incredibly demeaned by what happened with the indictment and that made it powerful. The Russians will just see it as continued Russophobia.”​

The article does suggest that highly targeted sanctions might work with Russia:

Applying the China model to Russia can still work, says Georgetown professor and ex-CIA counsel Catherine Lotrionte, in the sense that the US needs to find the legal and diplomatic buttons it can push to reach Russia’s leadership. “You have to make their lives unpleasant in some way,” she says. “You have to do something to show them this is not worth it.”


Lotrionte suggests highly targeted sanctions designed to hurt not the Russian economy but Putin himself, or his direct associates. And targeted trade sanctions could be combined with freezing Russian assets in American banks and denying travel to Putin’s inner circle. “Targeted sanctions can have positive results,” she says. “You’re not targeting companies. You’re targeting individuals. It could be people in government, it could be CEOs of companies…We have the legal authority to freeze assets and prohibit travel.”​

And that is basically what Obama did along with the public throwing out of spies. Is that demonizing and if so, how is it any more demonizing than publically accusing (and shaming) Chinese officials behind the Chinese hacks? The only difference is the context of the debate - a context that involves a highly irregular election season, and allegations of electoral interference. The contextual difference is that like the NK hack, like the Chinese hack, these Russian hacks have taken place on Obama's watch and it's his responsibility to find the best way to deal with them in a way that will hopefully decrease or end them. Unlike with China, he doesn't have years to put pressure on and negotiate for a solution. Softer diplomatic approaches have utterly failed with Russia. What was needed was an appropriate response, that made a strong point and did not leave us looking weak. Pretending that there is no "proof" (which we did not demand for the Chinese) - pretending that we want warm and fuzzy relations with Russia so we'll let bygones be bygones and ignore the latest in an escelating series of hacks isn't a wise solution either.

In these 3 "election" cases you have arrogant people IGNORING security protocols and alerts and then whining about being compromised. The DNC had a VERY hard time accepting the FBI advice to tighten up. They are complicit in the result. And Ms Clinton is DEFINITELY guilty of circumventing all the REQUIRED secure communications channels in favor of her convenience. And Podesta? Who the hell knows. I heard he LOST a phone prior to all this news. And THAT very well might have made it extremely easy by itself.

In those cases - Mrs. Clinton may or may not have been hacked (no proof either way) - but that is not the material that was leaked to wikileaks. There is no way of verifying anything about Podesta's phone. I think those two things should be left out of the occassion. It IS known that the DNC was hacked, and yes they were stupid about security, but to use an analogy - does that mean a scantily dressed girl in a rough bar is complicit in the crime if she is raped and, does that mean that we should not go after her attacker decisively?

And here's the problem I have. The media and the partisan whiners are conflating Russia with THE Russian govt. The traces that were found on the DNC snoop job were described as having been analyzed by an Independent company. (Because the DNC didn't TRUST the Intel people to determine ?) And that public report traces the entries back to KNOWN Russian hackers (Cozy Bear and Fancy Bear) but there is NOTHING that connects these outside guys to Russian intelligence in this particular case.

The intelligence agencies have been saying that a hack of this scope and nature, not to mention the carefully timed releases a year later....indicate involvement at a state level. Now we can choose to believe or disbelieve our own agencies. But if we choose to disbelieve them, then I have to ask why we chose to believe that the Chinese hacks were orchestrated at a state level (no "direct" evidence there either and no one whining about the need for it)? Same with North Korea I think.

So WHY are some insisting Russia be treated as more innocent then China? I think that is a good question to ask.

If Cozy and Fancy ARE contractors to the Kremlin -- then WHY would the Kremlin release information that would burn these valuable assets? That's NOT the way it's done. Protecting assets and methods is ALWAYS #1 consideration in the spy biz. Sounds more like the leak was a "Snowden type".. Or the "bears" themselves SELLING the information. In that case, Russians did the hacking, but NOT the Kremlin, who is probably also mad at the fall-out and is largely innocent.

I can't answer that because I am not involved in intelligence, and don't know the ins and outs of the Russians, nor do I as a private citizen have access to the information they do - so I do trust our agencies in this regard - particularly when more than one are drawing the same conclusions.

Out of ALL of these 3 attacks -- only the DNC hack has been publicly analyzed. And THAT ONE -- had very little to do with "influencing" the general election. It was Podesta's phone and the katty comments about controlling and managing Clinton's temperament and message that was the damaging stuff. And I for one, am gonna look at EACH CASE individually, with a priority on the Podesta phone to determine whether this is a big poo flinging expedition or whether that phone has traces of the RUSSIAN GOVT (or others) on it.

Know what else I think? I think after this that Trump is a moron if he refuses to put down his tweeter. Or at least they pry it out of his tiny hands and force him to dictate tweets for someone else to send out. He's giving up information every time he types a brainfart. And I also believe that the Dems are fishing to see who BOUGHT that Podesta information -- IF it went up for sale. Might turn out that the Kremlin didn't turn it over to Wikileaks, but some big GOP donor might have.

HOW and by WHOM it got released is the question. Not just who hacked it.

The Trump and the Tweet shalt not be parted. No parteth sayeth the Lord for the Tweet shall be the message and the Tweeter shall be the Messenger.

. You would write a thousand page essay if you thought it would convince someone, but it ain't working. Save your data.

 

[oreo]

I wonder when we can have some indication that an actual secret report even exists? Maybe we could get at least one of the seventeen intelligence agencies to provide the public with a secret summery of the secret report. Some kind of verification of at least that much would be nice. Or are we just supposed to take their word for it?

It is posted jointly by the Dept of Homeland Security's National Cybersecurity and Communications Integration Center (NCCIC) and the FBI. Since it's a joint report it may be available from other participating agencies. If that's not good enough for you, I suspect nothing would be.

The joint report is a summary. Although it does contain an example of code and names common to both the current hacking and previous know Russian hacking, it does not contain details of the underlying analysis. Such details are not and should not be made available to the public.

https://www.us-cert.gov/sites/default/files/publications/JAR_16-20296A_GRIZZLY STEPPE-2016-1229.pdf

So in other words: The Russians have been hacking US government communications for years; as have the North Koreans, the Iranians, the Israelis, ect. I wonder when we get to see something definitive regarding the election?

I'm not sure what you mean by something definitive.

We may see some additional information before Obama leaves office but I doubt it. Probably the next major release will come from Trump after the inauguration. He may reverse course in regard to Putin after he sees the details of the hack or he may bury it. If he buries it, there will probably be a Senate investigation committee. It's already being discussed.

I believe Obama stated they were going to release more information prior to Trump Inauguration. I think they're going to try & take him down before he's sworn in.

The Russians have been very busy this year.

1. Hacking the Pentagon to get into the Joint Chiefs of Staffs emails.
Russian hack almost brought the U.S. military to its knees

2. Hacking into the DNC databases, putting tons of FAKE news on social media outlets to elect Comrade Trump.

AND NOW THE LATEST--our electric power grids--they have found the same Russian malware.

Apparently the FBI has sent out a message to all power grids in this country to look for this Russian malware they've been using and one (so far) has been found in Vermont. They refer to this malware as the GRISSLEY STEEP MALWARE. This is the same malware that was used to hack DNC databases.

"The indicators from the malicious software found on a Burlington Electric Company laptop match those on malware found in the Democratic National Committee computers that the US government has blamed on Russians, the Department of Homeland Security said Saturday.

DHS spokesman Todd Breasseale said the department's investigation into the cyber intrusion on the computer is ongoing and he couldn't comment further.

The DHS's acknowledgment is the first such confirmation by the government that the malware is the same as the code used in malicious cyber activity that the US government has blamed on Russian hackers attempting to influence November's election.

It comes a day after Burlington Electric announced it found the malicious software on a computer that was not connected to its grid control systems. Both the Department of Homeland Security and the utility said Saturday there are no indications that the electric grid was breached.

The DHS and the FBI made a 13-page report public Thursday with information about the malware code -- which was found on Democratic National Committee computers -- and urged all entities to check for it.
Alleged Russian malware found on Vermont utility's laptop - CNN.com

What does Comrade Trump say about all this--as of tonight December 31, 2016. "President-elect Donald Trump reiterated his doubts Saturday that Russia was behind cyber-meddling in the US election, saying such a crime would be difficult to prove."
Trump casts hacking doubts again - CNNPolitics.com

Maybe not so hard to prove
http://www.nytimes.com/2016/11/11/world/europe/trump-campaign-russia.html?_r=1

Russian malware that is available on the dark market to 1000s of hackers does not equal Russian GOVERNMENT hacking. Intel agencies rarely LOSE their tools and leave them behind. And if THEY DO -- they make new ones...

Sweet Baby Jesus: NO YOU CANNOT BUY RUSSIAN MALWARE: If it could be bought, the CIA/FBI, McCafee, Norton and every other high tech security firm would know about it, and be able to stop it from doing any damage or being used to hack. It would be totally useless dumbass.

I am certain that will be Comrade Trump's story when-and if he announces one--LOL After all he stated last night: "And I also know things that other people don't know, and so they cannot be sure of the situation," he said." Now he'll make certain he puts his 154 character Tweeter account to use on this statement. Because the last thing he is going to do, is get in front of reporters, asking him a ton of questions on how he really knows more than other people do. Including 17 intelligence agencies, the CIA, the FBI, Homeland Security, and Republican intelligence committee members who are having a conniption fit over this.


The fact still remains that the FBI and the Department of Homeland Security have sent out a 13 page report stating that the same RUSSIAN malware that was found in the DNC database aka Grissley steppe has also been found in a power plant in Vermont. They sent out an urgent warning to all power plants in this country, with instructions on how to find it.
Alleged Russian malware found on Vermont utility's laptop - CNN.com

This is not some 400 lb. fat guy sitting on his bed doing this.

It is beyond anyone's wildest imagination that Donald Trump will actually be the Commander & Chief of this country.

After his tweet, his physco-babble interpreters will be circling the wagons, (if and when he puts this out on his tweeter account) all in full support, you can definitely count on that. So make certain you stayed tuned in.

 

[EverCurious]

You mean the malware I have repeatedly posted the link where it is available to download? That malware oreo? Yes, I'm quite sure it's been used in hundreds of thousands of hacks all over the planet.

Do you think that if the Russian government was creating a Malware for use in their espionage, they would throw it up on the web for white hackers to de-compile and add to their anti-virus definitions? I'm afraid I'm not that stupid.

Even /if/ you believe that level of stupid, when something is available to download via GOOGLE (aka how we found out it was PAS 3.1.0) that means that almost anyone could then use it to hack anyone else, military or civilian, North Korean, Chinese, Russian, Ukrainian, Romanian, American, European, Middle East, /anyone/ on the planet could be using it.

In order to tie the /specific/ attacks to Russia one would have to show some evidence that it was used at least from the country. Our stupid government can't even do that in their "evidence"! The US Government's OWN REPORT INDICATES OTHER COUNTRIES: ~ GRIZZLY STEPPE – Russian Malicious Cyber Activity

This is their CVS File on Indicators (aka "The JAR package offers technical details regarding the tools and infrastructure used by Russian civilian and military intelligence services (RIS). Accompanying CSV and STIX format files of the indicators are available here:

GRIZZLY STEPPE Indicators (CSV)")

Here are screenshots of the first three pages worth of IPs and their countries of origin in the CSV file OUR GOVERNMENT put out which shows pretty much every country on the planet, (if you have MS Excel or a text editor I encourage you to look at it yourself and verify it. [to view it with text you'd have to "open with" a text editor; notepad or similar])

Again, see - US Govt Data Shows Russia Used Outdated Ukrainian PHP Malware

DHS provided us with 876 IP addresses as part of the package of indicators of compromise. [aka the CSV I showed some of above] Lets look at where they are located. The chart below shows the distribution of IP addresses by country.

As you can see they are globally distributed with most of them in the USA.

Lets look at who the top ISP’s are who own the IP addresses:

There are several hosting companies in the mix including OVH SAS, Digital Ocean, Linode and Hetzner. These are hosting companies that provide low cost hosting to WordPress customers and customers who use other PHP applications. A common pattern that we see in the industry is that accounts at these hosts are compromised and those hacked sites are used to launch attacks around the web.

Out of the 876 IP addresses that DHS provided, 134 or about 15% are Tor exit nodes, based on a reverse DNS lookup that we did on each IP address. These are anonymous gateways that are used by anyone using the Tor anonymous browsing service.

https://www.wordfence.com/wp-content/uploads/2016/12/Screen-Shot-2016-12-30-at-3.41.37-AM.png

---

Do you not understand TOR? - Tor Project: Overview

Tor helps to reduce the risks of both simple and sophisticated traffic analysis by distributing your transactions over several places on the Internet, so no single point can link you to your destination. The idea is similar to using a twisty, hard-to-follow route in order to throw off somebody who is tailing you — and then periodically erasing your footprints. Instead of taking a direct route from source to destination, data packets on the Tor network take a random pathway through several relays that cover your tracks so no observer at any single point can tell where the data came from or where it's going.


Do you not understand IP masking? - How to Hide Your IP Address - 3 Easy Ways

Top 4 reasons why people want to hide their IP address:

Hide their geographical location
Prevent Web tracking
Avoid leaving a digital footprint
Bypass any bans or blacklisting of their IP address


Do you not understand virtual IPs? - Virtual IP address - Wikipedia

A virtual IP address (VIP or VIPA) is an IP address that doesn't correspond to an actual physical network interface (port). Uses for VIPs include network address translation (especially, one-to-many NAT), fault-tolerance, and mobility.

See also -
Tor - Free downloads and reviews - CNET Download.com
Ip Mask - Free downloads and reviews - CNET Download.com
Virtual Ip - Free downloads and reviews - CNET Download.com

 

[Constructive Anarchy]

See also, my post here: No evidence has been submitted that the Russians hacked the DNC

Submit evidence to who? It's foolish to think that security agencies or the administration would or should reveal information often acquired clandestinely from human or technical sources or information that would compromise current operations.

Damaging current operations, connections with valuable sources, or revealing technical capabilities for the sake of satisfying critics would be truly unwise. Supporters of the administration need only assurance from the president. Those that oppose the administration would never have enough information.

Who could possibly imagine anyone being skeptical about the veracity of an anonymous secret report that can't be verified.

If you bothered to look at the report, you would see two seals at the top, FBI and Homeland Security. I suppose you consider these organizations lacking in any creditably. You will also see at the end of the report who to contact with questions.

What do you suppose is the meaning of the disclaimer: "As Is" For Informational Purposes Only. ?

It appears to be same disclaimer on all JAR's. Since this like most JAR's contain mostly recommendations on security as well as product names, such a disclaimer seems reasonable.

If President Obama has no evidence that he can make public then why say anything at all? This whole thing looks like it's motivated by petty domestic political considerations. It would certainly be more compelling if he could do something like this.

 

[beagle9]

The democrats at this point remind of the episode of the High Chapperal called "The Last Hundred Miles". In the current play it should be called "The Last Eighteen Days", where Obama is Chero, Trump is John Cannon, Cochise is Putin.

 

[beagle9]

 

[oreo]

You mean the malware I have repeatedly posted the link where it is available to download? That malware oreo? Yes, I'm quite sure it's been used in hundreds of thousands of hacks all over the planet.

Do you think that if the Russian government was creating a Malware for use in their espionage, they would throw it up on the web for white hackers to de-compile and add to their anti-virus definitions? I'm afraid I'm not that stupid.

Even /if/ you believe that level of stupid, when something is available to download via GOOGLE (aka how we found out it was PAS 3.1.0) that means that almost anyone could then use it to hack anyone else, military or civilian, North Korean, Chinese, Russian, Ukrainian, Romanian, American, European, Middle East, /anyone/ on the planet could be using it.

In order to tie the /specific/ attacks to Russia one would have to show some evidence that it was used at least from the country. Our stupid government can't even do that in their "evidence"! The US Government's OWN REPORT INDICATES OTHER COUNTRIES: ~ GRIZZLY STEPPE – Russian Malicious Cyber Activity

This is their CVS File on Indicators (aka "The JAR package offers technical details regarding the tools and infrastructure used by Russian civilian and military intelligence services (RIS). Accompanying CSV and STIX format files of the indicators are available here:

GRIZZLY STEPPE Indicators (CSV)")

Here are screenshots of the first three pages worth of IPs and their countries of origin in the CSV file OUR GOVERNMENT put out which shows pretty much every country on the planet, (if you have MS Excel or a text editor I encourage you to look at it yourself and verify it. [to view it with text you'd have to "open with" a text editor; notepad or similar])

Again, see - US Govt Data Shows Russia Used Outdated Ukrainian PHP Malware

DHS provided us with 876 IP addresses as part of the package of indicators of compromise. [aka the CSV I showed some of above] Lets look at where they are located. The chart below shows the distribution of IP addresses by country.

As you can see they are globally distributed with most of them in the USA.

Lets look at who the top ISP’s are who own the IP addresses:

There are several hosting companies in the mix including OVH SAS, Digital Ocean, Linode and Hetzner. These are hosting companies that provide low cost hosting to WordPress customers and customers who use other PHP applications. A common pattern that we see in the industry is that accounts at these hosts are compromised and those hacked sites are used to launch attacks around the web.

Out of the 876 IP addresses that DHS provided, 134 or about 15% are Tor exit nodes, based on a reverse DNS lookup that we did on each IP address. These are anonymous gateways that are used by anyone using the Tor anonymous browsing service.

https://www.wordfence.com/wp-content/uploads/2016/12/Screen-Shot-2016-12-30-at-3.41.37-AM.png

---

Do you not understand TOR? - Tor Project: Overview

Tor helps to reduce the risks of both simple and sophisticated traffic analysis by distributing your transactions over several places on the Internet, so no single point can link you to your destination. The idea is similar to using a twisty, hard-to-follow route in order to throw off somebody who is tailing you — and then periodically erasing your footprints. Instead of taking a direct route from source to destination, data packets on the Tor network take a random pathway through several relays that cover your tracks so no observer at any single point can tell where the data came from or where it's going.


Do you not understand IP masking? - How to Hide Your IP Address - 3 Easy Ways

Top 4 reasons why people want to hide their IP address:

Hide their geographical location
Prevent Web tracking
Avoid leaving a digital footprint
Bypass any bans or blacklisting of their IP address


Do you not understand virtual IPs? - Virtual IP address - Wikipedia

A virtual IP address (VIP or VIPA) is an IP address that doesn't correspond to an actual physical network interface (port). Uses for VIPs include network address translation (especially, one-to-many NAT), fault-tolerance, and mobility.

See also -
Tor - Free downloads and reviews - CNET Download.com
Ip Mask - Free downloads and reviews - CNET Download.com
Virtual Ip - Free downloads and reviews - CNET Download.com

You can babble on all day long--but 17 intelligence agencies, including the CIA, the FBI--Republican senate committee members are ALL stating these hacks came from Russia. They have identified it hs installed into the DNC database as Grissley Steepe. They have found it again in a power plant in Vermont and have sent out a 13 page report on it, signed off by the FBI and Department of Homeland Security.
How Russians may have hacked U.S. computer systems
https://www.us-cert.gov/sites/default/files/publications/JAR_16-20296A_GRIZZLY STEPPE-2016-1229.pdf

The New York Times reported before Obama kicked them out that Russian diplomats were in contact with the Trump campaign.
http://www.nytimes.com/2016/11/11/world/europe/trump-campaign-russia.html?_r=0

I have a brother-in-law that works at a major power plant in Colorado Springs. We have military bases all over the place, including NORAD and their biggest fear are the Russians who are continually trying to hack into their electric grid databases.

Trump has conflicts of interest coming out of every door, including Russia & China. He has praised Putin throughout this campain. The Kremlin broke out the champagne bottles on the announcement of his win.
Trump's Hotels In China Could Be A Conflict For The President-Elect
Donald Trump's Many, Many, Many, Many Ties to Russia
US election 2016: Why Russia is celebrating Trump win - BBC News

Now you and Comrade Trump's phyco-babble interpreters can do all you want to support this ASS clown as Commander and Chief, who has refused to attend National Security briefings that are held every morning at 9 a.m. but it won't be long before you're standing alone.

I know that 17 intelligence agencies, Republican Senators, the CIA, FBI, the Department of Homeland security along with Barack Obama are not going to fucking kick Putin in the teeth for no dam reason, dumbass.
Lindsey Graham Says 99 Percent Of Senate Agrees On Russian Hacks

This is NOT some 400 lb. fat guy sitting on his bed doing this. It is a FELONY in this country to hack into private or public computer databases that comes with PRISON TIME.
Russian hack almost brought the U.S. military to its knees

 

[Constructive Anarchy]

You mean the malware I have repeatedly posted the link where it is available to download? That malware oreo? Yes, I'm quite sure it's been used in hundreds of thousands of hacks all over the planet.

Do you think that if the Russian government was creating a Malware for use in their espionage, they would throw it up on the web for white hackers to de-compile and add to their anti-virus definitions? I'm afraid I'm not that stupid.

Even /if/ you believe that level of stupid, when something is available to download via GOOGLE (aka how we found out it was PAS 3.1.0) that means that almost anyone could then use it to hack anyone else, military or civilian, North Korean, Chinese, Russian, Ukrainian, Romanian, American, European, Middle East, /anyone/ on the planet could be using it.

In order to tie the /specific/ attacks to Russia one would have to show some evidence that it was used at least from the country. Our stupid government can't even do that in their "evidence"! The US Government's OWN REPORT INDICATES OTHER COUNTRIES: ~ GRIZZLY STEPPE – Russian Malicious Cyber Activity

This is their CVS File on Indicators (aka "The JAR package offers technical details regarding the tools and infrastructure used by Russian civilian and military intelligence services (RIS). Accompanying CSV and STIX format files of the indicators are available here:

GRIZZLY STEPPE Indicators (CSV)")

Here are screenshots of the first three pages worth of IPs and their countries of origin in the CSV file OUR GOVERNMENT put out which shows pretty much every country on the planet, (if you have MS Excel or a text editor I encourage you to look at it yourself and verify it. [to view it with text you'd have to "open with" a text editor; notepad or similar])

Again, see - US Govt Data Shows Russia Used Outdated Ukrainian PHP Malware

DHS provided us with 876 IP addresses as part of the package of indicators of compromise. [aka the CSV I showed some of above] Lets look at where they are located. The chart below shows the distribution of IP addresses by country.

As you can see they are globally distributed with most of them in the USA.

Lets look at who the top ISP’s are who own the IP addresses:

There are several hosting companies in the mix including OVH SAS, Digital Ocean, Linode and Hetzner. These are hosting companies that provide low cost hosting to WordPress customers and customers who use other PHP applications. A common pattern that we see in the industry is that accounts at these hosts are compromised and those hacked sites are used to launch attacks around the web.

Out of the 876 IP addresses that DHS provided, 134 or about 15% are Tor exit nodes, based on a reverse DNS lookup that we did on each IP address. These are anonymous gateways that are used by anyone using the Tor anonymous browsing service.

https://www.wordfence.com/wp-content/uploads/2016/12/Screen-Shot-2016-12-30-at-3.41.37-AM.png

---

Do you not understand TOR? - Tor Project: Overview

Tor helps to reduce the risks of both simple and sophisticated traffic analysis by distributing your transactions over several places on the Internet, so no single point can link you to your destination. The idea is similar to using a twisty, hard-to-follow route in order to throw off somebody who is tailing you — and then periodically erasing your footprints. Instead of taking a direct route from source to destination, data packets on the Tor network take a random pathway through several relays that cover your tracks so no observer at any single point can tell where the data came from or where it's going.


Do you not understand IP masking? - How to Hide Your IP Address - 3 Easy Ways

Top 4 reasons why people want to hide their IP address:

Hide their geographical location
Prevent Web tracking
Avoid leaving a digital footprint
Bypass any bans or blacklisting of their IP address


Do you not understand virtual IPs? - Virtual IP address - Wikipedia

A virtual IP address (VIP or VIPA) is an IP address that doesn't correspond to an actual physical network interface (port). Uses for VIPs include network address translation (especially, one-to-many NAT), fault-tolerance, and mobility.

See also -
Tor - Free downloads and reviews - CNET Download.com
Ip Mask - Free downloads and reviews - CNET Download.com
Virtual Ip - Free downloads and reviews - CNET Download.com

You can babble on all day long--but 17 intelligence agencies, including the CIA, the FBI--Republican senate committee members are ALL stating these hacks came from Russia. They have identified it has installed into the DNC as Grissley Steepe. They have found it again in a power plant in Vermont and have sent out a 13 page report on it, signed off by the FBI and Department of Homeland Security.

The New York Times reported before Obama kicked them out that Russian diplomats were in contact with the Trump campaign.
http://www.nytimes.com/2016/11/11/world/europe/trump-campaign-russia.html?_r=0

i have a brother-in-law that works at a major power plant. We have military bases all over the place, including NORAD and their biggest fear are the Russians who are continually trying to hack into their databases.

Trump has conflicts of interest coming out of every door, including Russia & China. He has praised Putin throughout this campain. The Kremlin broke out the champagne bottles on the announcement of his win.
Trump's Hotels In China Could Be A Conflict For The President-Elect
Donald Trump's Many, Many, Many, Many Ties to Russia
US election 2016: Why Russia is celebrating Trump win - BBC News

Now you and Comrade Trump's phyco-babble interpreters can do all you want to support this ASS clown as Commander and Chief, who has refused to attend National Security briefings that are held every morning at 9 a.m. but it won't be long before you're standing alone.

I know that 17 intelligence agencies, Republican Senators, the CIA, FBI, the Department of Homeland security along with Barack Obama are not going to fucking kick Putin in the teeth for no dam reason, dumbass.

This is NOT some 400 lb. fat guy sitting on his bed doing this. It is a FELONY in this country to hack into private or public computer databases that comes with PRISON TIME.
Russian hack almost brought the U.S. military to its knees

I wonder who'd be dumb enough to believe that seventeen intelligence agencies investigated an e-mail hack?

 

[Flopper]

Submit evidence to who? It's foolish to think that security agencies or the administration would or should reveal information often acquired clandestinely from human or technical sources or information that would compromise current operations.

Damaging current operations, connections with valuable sources, or revealing technical capabilities for the sake of satisfying critics would be truly unwise. Supporters of the administration need only assurance from the president. Those that oppose the administration would never have enough information.

Who could possibly imagine anyone being skeptical about the veracity of an anonymous secret report that can't be verified.

If you bothered to look at the report, you would see two seals at the top, FBI and Homeland Security. I suppose you consider these organizations lacking in any creditably. You will also see at the end of the report who to contact with questions.

What do you suppose is the meaning of the disclaimer: "As Is" For Informational Purposes Only. ?

It appears to be same disclaimer on all JAR's. Since this like most JAR's contain mostly recommendations on security as well as product names, such a disclaimer seems reasonable.

If President Obama has no evidence that he can make public then why say anything at all? This whole thing looks like it's motivated by petty domestic political considerations. It would certainly be more compelling if he could do something like this.

The more information released the more difficult it would be for Trump to bury it.

I think the question no one seems to be asking is why is Trump trying to make an ally out of Putin? Russia has little interest in trade deals with the US. They are not a major trading partner. In fact, we share very little common interest with Russia except nuclear arms reduction. Their goals in the Middle East, Eastern Europe, and Asian are just about the opposite on ours.

Political, Trump own party is more closely aligned with Obama's actions toward Russian. In fact, the biggest complaint about Obama's foreign policy is his lack of retaliation in response to Russian aggression. Which brings up another question, at a time when Trump is going to be asking congress for a slew of confirmations of appointments, help with immigration and his wall, tax cuts, spending increases and a dozen other domestic issues, why is he setting himself up for a battle with his own party in congress over Russia?