Cybersecurity – Balloon Juice

This Morning’s Big Hacking Stories

by Cheryl Roferat4:19 pm on October 4, 2018. It has 94 Comments.

The stories actually go beyond hacking, but that’s an adequate title for a placeholder post until Adam or Major Major Major Major can weigh in.

There are two stories, one about China and one about Russia’s GRU, their military intelligence agency.

Bloomberg has, for reasons I can’t imagine, gone with a white typeface on black background, which I find painful to read, so I’ll work from the Washington Post’s summary.

Bloomberg has just published an explosive article claiming that a secret unit in the Chinese military has compromised the motherboards (the systems of chips and electronics that allow computers to work) of servers used by Apple, a bank and various government contractors.
China’s exploit was discovered when Amazon did due diligence on a company that it was acquiring, which used servers with the compromised motherboards. Both Apple and Amazon have issued statements denying the Bloomberg claims, but Bloomberg seems confident that it’s correct, saying it has multiple sources inside Amazon and the intelligence community. (Amazon chief executive Jeffrey P. Bezos owns The Washington Post.)

We have long depended on China for essential electronic components. That’s seemed dangerous to me, but nobody listens to me on such things.

Also this morning, Vice President Mike Pence gave a speech at the rightwing Hudson Institute and said that China was the biggest threat to the United States. It’s hard not to see these events as being coordinated. Pence claimed, as did President Donald Trump at the United Nations, that China was trying to hack the US elections. Which probably means that they will call any Democratic wins a Chinese plot. Also, too, when you are making googly eyes at Vladimir Putin, you have to have an enemy to gin up support at home.

Also this morning, the United States, UK, and the Netherlands announced indictments against Russian members of the GRU for hacking a great many agencies, including the Organisation for the Prohibition of Chemical Weapons and anti-doping organizations. Russia, of course, denies everything. I am also seeing bits and pieces coming across my Twitter feed from open-source investigators pointing to obvious tells from Russian agents, like using consecutively numbered passports and US $100 bills.

It looks like the GRU has gotten sloppy in their spycraft, or that Russia would like the world to know it operates with impunity.

It is the US that is bringing the indictments. It looks like parts of our government have not signed on to the googly eyes strategy and are continuing to prosecute conspiracies against our country. That’s an interesting development. Its implications for Trump are not clear, although one might think that this investigation has shared information with Robert Mueller’s staff.

Both these stories are developing.

This post is in All we want is life beyond the thunderdome, Cybersecurity, Election 2018, Information warfare and has 94 Comments.

AP News Open Thread: Julian Assange, the Biter Bit?

by Anne Laurieat6:33 pm on September 17, 2018. It has 135 Comments.

The petard hoisting of GRU asset Julian Assange by a leak is never going to get old. https://t.co/kdFBWUDEkg
— Rick Wilson (@TheRickWilson) September 17, 2018

This is the AP, not some blog with a history of overreaction, so… cui bono, at this particular moment?

LONDON (AP) — Julian Assange had just pulled off one of the biggest scoops in journalistic history, splaying the innards of American diplomacy across the web. But technology firms were cutting ties to his WikiLeaks website, cable news pundits were calling for his head and a Swedish sex crime case was threatening to put him behind bars.
Caught in a vise, the silver-haired Australian wrote to the Russian Consulate in London.
“I, Julian Assange, hereby grant full authority to my friend, Israel Shamir, to both drop off and collect my passport, in order to get a visa,” said the letter, which was obtained exclusively by The Associated Press.
The Nov. 30, 2010, missive is part of a much larger trove of WikiLeaks emails, chat logs, financial records, secretly recorded footage and other documents leaked to the AP. The files provide both an intimate look at the radical transparency organization and an early hint of Assange’s budding relationship with Moscow.…
WikiLeaks has repeatedly been hit by unauthorized disclosures, but the tens of thousands of files obtained by the AP may be the biggest leak yet.
The AP has confirmed the authenticity of many of the documents by running them by five former WikiLeaks associates or by verifying non-public details such as bank accounts, telephone numbers or airline tickets.
One of the former associates, an ex-employee, identified two of the names that frequently appeared in the documents’ metadata, “Jessica Longley” and “Jim Evans Mowing,” as pseudonyms assigned to two WikiLeaks laptops.
All five former associates spoke to the AP on condition of anonymity, in some cases because they didn’t want their past association with WikiLeaks to become public, and in others because they feared legal retaliation or harassment from the group’s supporters…
Metadata suggests that it was on Nov. 29, the day after the release of the first batch of U.S. State Department files, that the letter to the Russian Consulate was drafted on the Jessica Longley computer…

This post is in Assholes, Cybersecurity, Election 2016, Foreign Affairs, Open Thread, Republican Venality, Russiagate and has 135 Comments.

The US Attorney’s Office for the Southern District of New York Strikes Again

by Adam L Silvermanat9:21 pm on September 11, 2018. It has 44 Comments.

They got him! They finally got him!!!!

You guys. They got him. THE FEDS GOT HIM. pic.twitter.com/eOTjnpfhtw
— Phil Ewing (@philewing) September 11, 2018

I guess I’m not getting that $25 dollar electronic funds transfer though…

Open thread.

This post is in America, Criminal Justice, Cybersecurity, Open Thread and has 44 Comments.

Info Ops – Staying Alert

by Cheryl Roferat6:57 pm on August 30, 2018. It has 9 Comments.

I said in a post last week that I’m going to try to keep you all current on what we know about information operations, as we approach November’s elections and the 2020 presidential election. I’ll post short summaries or longer commentaries if they are warranted. We’ve all got to stay alert for malign influencers.

The FBI has launched two websites, Protected Voices and Combating Foreign Influence. Protected Voices offers advice on cyberhygiene – they have a set of short videos on things like passwords, browser safety, wi-fi, and router hardening. Looks like they might be useful for internal corporation training or just anyone who has questions about the various topics. Combating Foreign Influence is newer and intends “to educate the public about the threats faced from disinformation campaigns, cyber attacks, and the overall impact of foreign influence on society.”

I’m a little dubious about government initiatives of this sort, but it was the FBI and others who went to President Obama in summer 2016 to tell him that the Russians were doing damage. So I’ll keep an eye on these sites. I also hope that the jackal computer nerds will chime in too.

BuzzFeed has a big article on Russian propaganda operations in the Baltic states. Three news outlets set up in Estonia, Latvia, and Lithuania to spread the Russian point of view without saying that’s what they were doing.

The websites presented themselves as independent news outlets, but in fact, editorial lines were dictated directly by Moscow.

The purpose was to turn Russian speakers in those three countries toward Russia and away from the countries they live in. The article is very detailed, working from Skype calls among the managers of the news outlets. I kept thinking about Fox News as something of an analogy in the United States.

This post is in Cybersecurity, Election 2018, Election 2020, Excellent Links, Information warfare and has 9 Comments.

Dark Hours Open Thread: Is Julian Assange “the Left” Version of Donald Trump?

by Anne Laurieat2:56 am on August 14, 2018. It has 13 Comments.

NEW: Julian Assange pulled a power play to retaliate against @BarrettBrown_'s criticism of @wikileaks. It fractured a key whistleblower organization, leaving Assange more isolated than ever amongst his former transparency-activist community. https://t.co/xkBukQ779C
— Spencer Ackerman (@attackerman) August 13, 2018

Were “we” so enamored with our “core virtues” of transparency and populism that a professional narcissist could manage the supreme coup of his serial grifting career? Does Julian Assange have the true Reverse-Midas everything he touches dies… gift?

Gareth Corfield, at The Register (“biting the hand that feeds IT”):

The director of whistleblower support outfit the Courage Foundation has quit after being told to pull support from Barrett Brown following some barbed comments he made about Julian Assange.
Naomi Colvin walked out of the foundation after “three of Courage’s trustees wrote to me demanding that I inform Barrett Brown that he could no longer be a Courage beneficiary, on the basis of ‘nasty adversarial remarks’ about WikiLeaks,” she wrote in a blog post.
Courage works by picking people in legal trouble who it deems worthy of support and then giving them help in a variety of ways, including financially. Those eight “beneficiaries”, as Courage calls them, include Anonymous-linked FBI-baiter Barrett Brown and everyone’s go-to website for ~~Russian-influenced propaganda~~ the embarrassing contents of American governmental messages, Wikileaks.
Nonetheless, Brown’s growing antipathy towards Assange/Wikileaks as the increasingly isolated Wikileaker goes steadily more stir crazy in Ecuador’s London embassy earned him Assange’s ire. So it was that Colvin received missives from Courage trustees ordering her to cut Brown loose, something she would not do…
Courage’s trustees are named on its website as: Assange himself; legal activist Barbara Bukovska; left-wing activist and film-maker John Pilger; Spanish human rights lawyer Renata Avila; Scottish arts organiser Susan Benn; and clothes designer Vivienne Westwood, who modestly bills herself as “co-created punk in the 70s”.
Colvin declined to name the three who demanded she pull the foundation’s support from Brown…

Spencer Ackermann, at the Daily Beast (see tweet at top):

… Brown told The Daily Beast: “I’m afraid I cannot agree with the stance, presented by the Courage board to me yesterday via a poorly written email, that I am somehow obligated to not only defend Assange’s rights, as I’m happy to do, but also to refrain from speaking out about the problems facing a movement that I risked a hundred years of prison time in order to defend.”
The short-term result of Assange’s behavior may be to consolidate control over Courage. But it has come at the expense of broken ties with two heavily respected and influential figures within the hacktivist circles from which Assange emerged. At this point, it leaves Assange with more solid support from the extreme right and its media organs than from his original community…
Colvin’s departure from Courage is especially ironic for Assange and speaks to the botched manner in which his allies retaliated against Brown. Colvin led and recently won a fight to prevent the U.K. from extraditing the computer scientist and activist Lauri Love to the United States to face hacking charges. With Assange ostensibly fearing his own prospective extradition, his desire to silence Brown has cost him a key legal asset…

This post is in C.R.E.A.M., Cybersecurity, Ever Get The Feeling You've Been Cheated?, Foreign Affairs, Open Thread, Russiagate and has 13 Comments.

Russian Interference Open Thread: Sen. Claire McCaskill Earns A “Prize”

by Anne Laurieat7:18 pm on July 26, 2018. It has 41 Comments.

Claire McCaskill was targetted by Russian hackers shortly after Trump encouraged folks to vote her out https://t.co/uiFvxPJ5Ix
— Sam Stein (@samstein) July 26, 2018

And I do believe Sen. McCaskill is canny enough to turn this attempt into a weapon against the perennially dissatisfied Never-Dem “true progressives” who bitch more about her than her Repub opponents:

The Russian intelligence agency behind the 2016 election cyberattacks targeted Sen. Claire McCaskill as she began her 2018 re-election campaign in earnest, a Daily Beast forensic analysis reveals. That makes the Missouri Democrat the first identified target of the Kremlin’s 2018 election interference.
McCaskill, who has been highly critical of Russia over the years, is widely considered to be among the most vulnerable Senate Democrats facing re-election this year as Republicans hope to hold their slim majority in the Senate. In 2016, President Donald Trump defeated Hillary Clinton by almost 20 points in the senator’s home state of Missouri.
There’s no evidence to suggest that this particular attack was successful. Asked about the hack attempt by Russia’s GRU intelligence agency, McCaskill told The Daily Beast on Thursday that she wasn’t yet prepared to discuss it…
On Friday, Trump is scheduled to chair a meeting of the National Security Council on election vulnerabilities facing the midterm elections—amid persistent criticism, particularly after his Helsinki meeting with Russian President Vladimir Putin, that he isn’t taking Russian interference seriously…
McCaskill is one of 10 Senate Democrats facing re-election this year in states that Trump won in 2016. Her likely Republican challenger is Josh Hawley, who currently serves as the state’s attorney general. Outside groups and campaign committees have spent more than $15.5 million against McCaskill so far…

I also assume we can count on Hawley to make a bad situation worse for himself, yes?

Much more, including details of the hacking methods, at the link.

This post is in All Too Normal, Cybersecurity, Election 2018, Open Thread, Proud to Be A Democrat, Republican Venality and has 41 Comments.

Russiagate Open Thread: Clown Car Rogues Gallery, Top to Bottom, Recent & Vintage

by Anne Laurieat6:10 pm on July 13, 2018. It has 310 Comments.

DOJ's criminal charges provide hard evidence that Russian intel agents attacked America to boost their favorite candidates, undermine others, and influence our elections. @realDonaldTrump, cancel your ridiculous Putin summit and get your butt on a plane back to the United States.
— Elizabeth Warren (@SenWarren) July 13, 2018

There doesn’t seem to have been a single nationally-known Republican above the level of coffee boy who wasn’t part of the Russiagate treason squad…

….but it’s also peppered with blinking neon signs pointing to domestic loose ends left to tie up. Basically, it’s impossible to frame this indictment as “witch hunt,” but also impossible to read it & say “well, now they’re done & the Mueller probe should wrap up."
— Julian Sanchez (@normative) July 13, 2018

If this is how much the Mueller team knows about a Russian intelligence operation, I can only imagine what it's learned about the American part of the picture.
— Kate Brannen (@K8brannen) July 13, 2018

Rosenstein said he briefed Trump days ago on the indictments of Russian military intel officers hacking into the DNC and others. Since then, Trump has said flattering things about Putin, knowing the indictments were pending and the evidence the US had about Russian meddling.
— Shane Harris (@shaneharris) July 13, 2018

Trump and his campaign tried to claim he was kidding. He was not. At that same press conference, minutes later, I asked if it gave him "pause" to ask a foreign government to hack into the emails of any American citizen. He said no and then accused me of trying to "save" Clinton. https://t.co/q0AoC404qV
— Katy Tur (@KatyTurNBC) July 13, 2018

Obligatory: Mitch McConnell's behavior before the election just looks worse and worse.
— Jonathan Bernstein (@jbview) July 13, 2018

And now, a reminder of how Mike Pompeo, current Secretary of State, responded to this attack when it occurred: https://t.co/Cmf4XPhPzr pic.twitter.com/XBiZXesjCo
— Dafna Linzer (@DafnaLinzer) July 13, 2018