Russian Hackers Breach US Government Trying To Steal Information From Government Clients

 If you look up "government hacking" on Wikipedia, this is the first paragraph:

"Government hacking permits the exploitation of vulnerabilities in electronic products, such as software, to gain remote access to information of interest. This information allows government investigators to monitor user activity and interfere with device operation. Government attacks on security may include malware and encryption backdoors. The National Security Agency's PRISM program and Ethiopia's use of FinSpy are notable examples."

This has been a constant issue for many years, and will be for many years to come. The question is, exactly how secure is any county's data? How protected is my own data? Should we trust that our provider is securing our data properly?

Who do/can you trust?

Betsy Combier, betsy.combier@gmail.com
Editor, ADVOCATZ.com
Editor, ADVOCATZ Blog
Editor, NYC Rubber Room Reporter
Editor, Parentadvocates.org
Editor, New York Court Corruption
Editor, National Public Voice
Editor, NYC Public Voice
Editor, Inside 3020-a Teacher Trials

Russian hackers breach U.S. government, targeting agencies, private companies

The CEO of cybersecurity company FireEye said they appeared to be trying to steal information from government clients.

Dec. 13, 2020 Updated Dec. 14, 2020

By Ken Dilanian, Josh Lederman, Tim Stelloh and Kevin Collier

Hackers who targeted the federal government appear to be part of a Russian intelligence campaign aimed at multiple U.S. agencies and companies, including the cybersecurity company FireEye, officials said Sunday.

A Commerce Department spokesman confirmed a breach, saying it occurred at an unidentified bureau.

Department officials alerted the FBI and a cybersecurity agency within the Department of Homeland Security, the spokesman said, declining to comment further.

The White House National Security Council also confirmed that it was looking into another potential intrusion at the Treasury Department after Reuters reported that foreign government-backed hackers accessed internal government emails.

The hackers appear to have gotten access by first breaking into SolarWinds, an Austin-based company that provides remote information technology services to an long list of clients around the world, including a number of U.S. government agencies and major corporations.

The U.S. Cybersecurity and Infrastructure Security Agency issued a rare emergency directive Sunday night, instructing federal agencies to immediately stop using the version of SolarWinds products.

The company’s president and CEO, Kevin Thompson, said in an emailed statement: “We believe that this vulnerability is the result of a highly-sophisticated, targeted and manual supply chain attack by a nation state. We are acting in close coordination with FireEye, the Federal Bureau of Investigation, the intelligence community, and other law enforcement to investigate these matters. As such, we are limited as to what we can share at this time.”

In a filing to the Securities and Exchange Commission, SolarWinds reported that it had informed 33,000 customers that they may have been affected, and estimated that "fewer than 18,000" could have potentially been compromised.

The Washington Post first reported that the Russia's Foreign Intelligence Service, or SVR, carried out the attack by hacking SolarWinds.

Among the SVR's targets was FireEye, a major U.S. cybersecurity company with extensive government contracts, The Post reported. The company's CEO said last week that it had been hacked "by a nation with top-tier offensive capabilities."

A private cybersecurity official briefed on the matter confirmed the SVR's involvement to NBC News.

FireEye CEO Kevin Mandia said the hackers' primary goal appeared to be to steal information from the company's government clients.

The Russian Embassy in Washington called news of the breach "groundless attempts by the American media to accuse Russia of hacking attacks on U.S. government bodies."

"Attacks in the information space do not correspond to the foreign policy principles of our country, its national interests and understanding of how relations between states are built," the statement continued, adding that Russia does not conduct "offensive operations in the virtual environment."

It wasn't clear how much information the hackers accessed, although the company said they obtained tools used by FireEye's Red Team, the section tasked with defending against new cyberattacks.

The Post reported that the Commerce Department breach targeted Solar Winds, an information technology system used by tens of thousands of organizations. NBC News hasn't independently confirmed the report.

The FBI and the National Security Agency declined to comment Sunday.

In a statement, the Homeland Security Department's cybersecurity agency said it was investigating "recently discovered activity on government networks."

The agency said it was providing technical assistance to help blunt potential compromises.

Ken Dilanian is a correspondent covering intelligence and national security for the NBC News Investigative Unit; Josh Lederman is a national political reporter for NBC News.; Tim Stelloh is a reporter for NBC News based in California; Kevin Collier is a reporter covering cybersecurity, privacy and technology policy for NBC News.

US investigating computer hacks of government agencies

Buffalo News, By BEN FOX and FRANK BAJAK Associated Press, Dec 13, 2020

U.S. government agencies and private companies rushed Monday to secure their computer networks following the disclosure of a sophisticated and long-running cyber-espionage intrusion suspected of being carried out by Russian hackers.

The full extent of the damage is not yet clear. But the potential threat was significant enough that the Department of Homeland Security's cybersecurity unit directed all federal agencies to remove compromised network management software and thousands of companies were expected to do the same.

What was striking about the operation was its potential scope as well as the manner in which the perpetrators managed to pierce cyber defenses and gain access to email and internal files at the Treasury and Commerce departments and potentially elsewhere.

The intrusion was stark evidence of the vulnerability of even supposedly secure government networks, even after well-known previous attacks.

"It's a reminder that offense is easier than defense and we still have a lot of work to do," said Suzanne Spaulding, a former U.S. cybersecurity official who is now a senior adviser at the Center for Strategic and International Studies.

The identity of the perpetrator remained unclear. A U.S. official, speaking on condition of anonymity because of an ongoing investigation, told The Associated Press on Monday that Russian hackers are suspected.

The Washington Post, citing unnamed sources, said the attack was carried out by Russian government hackers who go by the nicknames APT29 or Cozy Bear and are part of that nation's foreign intelligence service.

The intrusion came to light after a prominent cybersecurity firm, FireEye, learned it had been breached and alerted that foreign governments and major corporations were also compromised. The company did not say who it suspected, though many experts believed Russia was responsible given the level of skill involved.

U.S. authorities acknowledged that federal agencies were affected by the breach on Sunday, providing few details. The Cybersecurity and Infrastructure Security Agency, known as CISA, said in an unusual directive that the widely used network software SolarWinds had been compromised and should be removed from any system using it.

SolarWinds is used by hundreds of thousands of organizations around the world, including most Fortune 500 companies and multiple U.S. federal agencies. The perpetrators were able to embed malware in a security update issued by the company, based in Austin, Texas. Once inside, they could impersonate system administrators and have total access to the infected networks, experts said.

"Quite honestly, my heart sank when I saw some of the details, just the amount of information they could potentially have if they are reading everyone's emails and they are accessing sensitive files within places like Treasury or Commerce," said Ben Johnson, a former National Security Agency cyber-engineer who is now chief technology officer of software security firm Obsidian.

A Comprehensive Overview of Government Hacking Worldwide

Conrad Black On Clinton Political Mischief and Robert Mueller's Russian Drama

Special Counsel Robert Mueller

Clinton Political Mischief
Emerges as Key Tale
In an Astounding Drama

By CONRAD BLACK, Special to the Sun | February 21, 2018

 

 

It is both dismal and amusing to see the rationalizations of the diehard Kremlin collusionists after Robert Mueller’s spurious indictment of the 13 Russians who will never encounter the vagaries of United States justice. The charge of conspiring against the United States is nonsense, and the whole ambiance of the investigation now is that of a phantom consolation prize for the absence of a crime, a victim, or a culprit, all amplified by the hollow sanctimony of an official America that has meddled countless times in the elections of other countries (usually for the general good of the Western alliance).

 

The desperation of the Trump impeachers is piquant: This indictment doesn’t cover hacking — where might that lead? And the fact that Deputy Attorney General Rosenstein said, “This indictment refers to no Americans,” and that it contains no allegation of affecting the election result or of collusion by Americans, may mean that perhaps another indictment will. It is to this pathetic wisp that the New York Times’ Tom Friedman’s claim of a Russian assault on American sovereignty equivalent to Pearl Harbor and 9/11, and Senator Mark Warner’s thousand Russian agents delivering Wisconsin to Mr. Trump on election night, have been reduced.

 

It is all, and always has been, nonsense. The Russian activities Mr. Mueller has attacked began before Mr. Trump had announced his candidacy, were favorable to Senator Sanders and the Green candidate, Dr. Jill Stein, as well as to Mr. Trump, and were almost entirely Internet advertisements decrying the state of the country in terms many Americans would sadly endorse — violence, corruption, poverty, crime, racism, etc. — in a presidential campaign in which the major candidates spent $2.5 billion, and Mrs. Clinton spent the unheard-of sum of $250 million on attack ads.

 

This was her version of “going high when they go low”: She was obviously speaking of money spent, not moral tone. And that was without counting the 10 to 12 million dollars the Clinton campaign contributed to assembling the outrageous Steele dossier, which Mrs. Clinton cites in her book as evidence of the ”treason” Trump committed with Russia to cheat her of the election. Trump critics are correct to say that this piffling pseudo-prosecution is not “a complete vindication,” in that it is not an explicit exculpation, but it is a stark confession of the extent of the collusion fiction.

 

When the rabidly Americophobic British newspaper the Guardian is reduced to finding evidence of collusion in Trump’s supposed generosity to Russia, the Red Queen is made to sound like Louis Brandeis. We must be fairly close to the point where it is impartially recorded that Trump-Kremlin collusion was a nasty fairy tale commissioned and paid for and carpet-bombed on the press by the Clinton campaign, and used to infect and mislead the Justice Department and the FBI, by senior Clinton-campaign and Obama-administration officials.

Peter Strzok

The Steele dossier remains the only visible justification for a false Foreign Intelligence Surveillance Act warrant against Carter Page and, incidentally, the Trump campaign; and for the Mueller investigation itself, even though that investigation was prompted by fired FBI director James Comey with an illegal leak to the New York Times of a memo of contested accuracy that was probably illegally removed government property. Mr. Mueller arrived after Mr. Comey had dismissed the Steele dossier as “malicious and unverified” and after the Trump-hating Clinton-helper Peter Strzok, whom Mr. Mueller inexplicably recruited, had reluctantly concluded that there was “no there there.”

 

With this Russian indictment and whatever flailing about Mr. Mueller may commit over hacking and WikiLeaks, Mr. Mueller can make his gesture to the fact that the Russians nibbled ineffectually at the edges of the 2016 election, and use that as his cover to withdraw from the whole misconceived collusion foolishness in which the United States is being reduced to a laughingstock for the whole world. Or, Mr. Mueller can exercise the plenitude of his mandate and unearth the proportions of the chaos caused by the Steele dossier (which the egregious Senator Warner assured us “is taken seriously by the British, our ally”).

 

It is an astounding tale that is emerging of Clinton political mischief tainting the entire justice system and misleading tens of millions of Americans to imagine their political system was being manipulated by foreigners and might have produced an illicit presidential-election result. This is the exposure that must be made, and while I would not necessarily favor prosecuting them all, Mrs. Clinton, Mr. Comey, deputy FBI director McCabe, and quite possibly former senior Justice Department officials including Loretta Lynch and Sally Yates, have committed offenses that put them in the danger zone of indictable acts.

 

Instead of Keystone Kops charges against untouchable Russians and shock-and-awe intimidation of prior bit-players for alleged tax offenses and minor indiscretions, Mr. Mueller should lay this immense, scandalous rotten egg before the country. If he can’t face that challenge and service, he should shut down this charade so that Attorney General Sessions can end his recusal and we can bring on the main event and identify the authors of this monstrous farce.

 

As his greatest problem melts, President Trump has an opportunity to build on the new need of Democrats to be more cooperative than their mindless obstructionism until recently has permitted. To build on the historic success of his tax reform, Mr. Trump should cut across party lines and do the right and surprising thing, as President Lyndon Johnson did with civil rights, President Nixon did with China, and President Reagan did with arms control.

 

He should reaffirm the right of all qualified people to own handguns and rifles, but sharply tighten access to automatic weapons, require licenses to carry concealed weapons, fund substantial security in all schools and for public meetings, including religious services and concerts, and intensify the collection of relevant behavioral information and response to it (an area bungled by the FBI and local authorities in the Parkland, Fla., massacre last week).

 

Gun supporters cannot justify a laissez-faire legal framework, but will continue to be able to collect and enjoy guns if they meet high but reasonable criteria. This might not have interdicted the Las Vegas murderer, but would have flagged the Parkland misfit. All unauthorized firearms should be seized.

 

The other march the president could usefully steal legislatively, and bring the Democrats into formation with him, would be to increase the infrastructure proposal to the $4.5 trillion that is generally recognized to be needed, and fund the increase from anticipated reductions in the gasoline price resulting from increased U.S. production, by maintaining the present price and applying the differential to this program. The anti-Trump resistance is collapsing and we are almost back to normal political blocking and tackling.

 

With these notches in his belt, Mr. Trump would have a chance of complete immigration and health-care reform in the second half of his term. There will be plenty of opportunity for the president to gloat about the collusion idiocy; now is the time to make Washington work and build credentials as a negotiator and champion of the system, and not just the great outsider.

Mr. Trump has brought down the walls like Joshua at Jericho; now is the time to bury gridlock and rebuild public confidence that America’s legislators are not just the corrupt, ineffectual lobbyists-in-waiting that a great many Americans, with some reason, think they are.

 

CBLetters@gmail.com. From the National Review.

 

Robert Mueller's Indictment Could Be a Win for Russia's Trolls

By Simon Shuster , TIME 

February 21, 2018

It turns out you don’t need much to meddle in a U.S. election. Some cheap cell phones. An Internet connection. Maybe a few airline tickets and a good grasp of the English language. That was enough for the Russian troll farm to get started on their U.S. operation back in 2015. And they achieved what they set out to do.

Thirteen of them, mostly errand runners for the group known as the Internet Research Agency, have been charged for allegedly trying to skew the U.S. electoral process. The indictment against them, handed down on Friday by Special Counsel Robert Mueller, reads both like a warning and a potboiler. But it could also serve as an instruction manual, one that any determined group could use to replicate the operation. This is clearly not what the Special Counsel intended.

 When it comes to catching criminals and deterring copycats, the indictment may yet succeed. It might at least become harder for the Internet Research Agency to recruit new trolls around its home base in St. Petersburg, especially now that some of them are wanted by the FBI and unable to travel outside Russia without fear of arrest and extradition. Their summer holidays may now be limited to the beaches of Sochi and Crimea.

But for the broader aims of the troll factory and its investors, the indictment could serve as a victory in disguise. Apart from providing a blueprint for their methods, it may further diminish public trust in the platforms people use to receive information, share ideas, and to engage in civic discourse. Disseminating those kind of doubts has been the aim of Russian propaganda for years.

“It does not function like traditional propaganda,” says David Patrikarakos, the author of War in 140 Characters, a recent book on modern information warfare. It doesn’t seek to promote any ideology or convince people to join any single cause. Instead, says Patrikarakos, “It tries to muddy the waters. It tries to sow as much confusion and as much misinformation as possible, so that when people see the truth, they find it harder to recognize.”

Take, for example, one of the troll factory‘s earlier campaigns in Russia, the one that followed the murder of Boris Nemtsov. On February 27, 2015, the Russian dissident and former Deputy Prime Minister was shot in the back while walking home a few steps from the Kremlin walls. Suspicion among his allies soon fell on the man he had spent his career trying to unseat: President Vladimir Putin, who denied any involvement.

The day after the killing, the staff at the Internet Research Agency received detailed instructions on how to spin the news. Their orders were to flood Russian news websites and social media with comments about Nemtsov’s killing, all in the hope of confusing the online discussion about who was responsible. “Technical instructions for Feb. 28,” the orders began, according to a copy that was later leaked to local journalists. “Create the opinion that Ukrainians could have been mixed up in the death of the Russian opposition figure.”

Other theories spouted that week by the Agency’s trolls put the blame on Nemtsov’s girlfriend, his fellow dissidents, his American allies and his former business partners. They did not focus on dispelling the notion that Putin or his allies could have been involved. They simply crowded the debate with so many theories and alternative facts that everything about the case began to seem suspicious. “Next they’ll say that space aliens did it,” Nemtsov’s personal assistant, Olga Shorina, told me after watching these theories spread on social media at the time. “I can’t even look at it anymore.”

About three weeks after Nemtsov’s death – when a decorated veteran of the Russian security services had already been arrested for pulling the trigger – an independent polling agency in Moscow found that only 15% of respondents believed the Russian authorities had been involved. Perhaps even more surprising, the same survey found that only 10% of respondents were even paying close attention to the highest profile political murder of the Putin era. A far larger number had simply tuned out.

The Kremlin’s main propaganda outlets – the television news – no doubt played a more powerful role in shaping public opinion around that case. But the role played by the Internet Research Agency suggested a shift in strategy. Long before Nemtsov’s killing, in 2011, Russia had overtaken Germany as the nation with the highest number of Internet users in Europe. Even then the public was beginning to turn off state TV and going online for uncensored news.

Across Russia, and especially in the big cities, the political debate was also migrating to the Web around that time, especially to the blogging platform known as LiveJournal, whose audience in Russia around 2011 had come to rival some of the state-run news networks – it had 5 million Russian accounts with 30 million monthly readers. It wasn’t long before that space also came under attack. In April 2011, hackers targeted not just the blogs of the dissidents and opposition figures who were writing on LiveJournal; they took down the entire service.

“There’s no ideology at play here, unless you want to talk about an anti-blogging ideology,” Alexander Plushchev, one of Russia’s leading tech journalists, told me at the time. “These are clearly just Internet hit men who got the order to take out LiveJournal.” The aim, in other words, was to stop the conversation. And for a little while it worked. The raucous debates on LiveJournal ground to a halt as the site remained inaccessible for days, and many of its users began migrating to Facebook, which is a lot more difficult for hackers to knock offline.

The rise of the Internet Research Agency in 2013 was, at least in part, a reaction to that shift. Its managers recognized that trying to shut down the means of political debate was no longer enough. In the age of social media, people would just find another place to exchange ideas. The best way to stop them would be to infiltrate the discourse itself — and, whenever possible, to fill it with nonsense, conspiracies and lies.

The indictment of the Internet Research Agency shows in minute detail how easily this can be done. Reading through the schemes it describes – the fake accounts the suspects created on social media, the fake activist groups they formed, the fake causes they claimed to champion, and the phony protests they were able to organize in American cities – it is hard to avoid the tug of paranoia, the feeling that the civic discourse in any democracy is vulnerable to sabotage, and that every political statement is worthy of suspicion.

The reaction to such doubts could, in many cases, be a healthy sort of skepticism. It could remind people to check their sources of information and to question the voices that reach them online. But that sort of vigilance is hard to maintain. For many people, the easier option would be to withdraw from the debate for fear of being fooled again. And as the efforts of the Agency’s trolls have shown in the past, that outcome would serve their interests perfectly well.

With reporting by Sandra Ifraimova / New York