Category Archives: Cyberwarfare & Hacktivism

How Russia and WikiLeaks Became Allies Against the West

Matthew Kupfer writes for The Moscow Times:

[…] If Russia has ties with WikiLeaks today, that certainly wasn’t the case seven years ago, says Mika Velikovsky, a Russian journalist who worked extensively with WikiLeaks and interviewed Assange three times.

While working for the magazine Russian Reporter, WikiLeaks’ main partner in Russia, Velikovsky received packets of U.S. diplomatic cables from Shamir, sorted through the documents and published articles based upon them. He also worked on the 2012 leak of emails from the intelligence company Stratfor and collaborated with WikiLeaks on the 2013 documentary film Mediastan.

In 2010, Velikovsky defended WikiLeaks on Russian state television’s political talk shows — programs that often reflect the positions of the Kremlin. There, he clashed with pro-Kremlin experts who claimed that WikiLeaks was the anti-Russian project of American spies.

“At the time, it seemed the authorities were worried about WikiLeaks and didn’t know what it was,” he says. “So the Russian mainstream media was very anti-WikiLeaks.”

Then, in 2012, Julian Assange got a show on RT, a Russian state-funded propaganda channel. The development came amid a worldwide financial blockade of WikiLeaks, when the organization desperately needed money. Velikovsky thinks Assange’s appearance on RT marked WikiLeaks’ transformation from a threat to an ally in the eyes of the Russian authorities.

However, he suggests that WikiLeaks’ seeming alliance with Russia stems from Assange’s own personal predicament. Hiding in the Ecuadorian Embassy for over 4 years has robbed Assange of “a lot of the joy [of life] that you and I have,” Velikovsky says. “If someone did that to us, it would be very personal.”

READ MORE…

Valut 7: John Kiriakou and James Bamford on What the Wikileaks Dump Tells Us

Thom Hartmann speaks to former CIA analyst and whistleblower John Kiriakou and journalist James Bamford, author of Body of Secrets and The Shadow Factory, about the recent Wikileaks ‘Vault 7’ dump and what it reveals about hacking and surveillance techniques used by the CIA. (The Big Picture)

New Cyber Czar Rudy Giuliani’s Website Full of Security Flaws

Tim Johnson reports for McClatchy:

[…] The Trump transition office announced Thursday morning that Giuliani, part of a core group of Republican Trump loyalists during the campaign, had been tapped to “lend expertise to cybersecurity efforts.” The announcement didn’t offer many details about how Giuliani would fulfill his role, noting simply that hacks are rampant.

“Cyber intrusion is the fastest growing crime in the United States and much of the world,” the statement said.

The announcement prompted a few programmers to conduct their own free website analysis of giulianipartners.com. Their verdict? Pathetic. Sad.

Indeed, some may have tried their hand at a little mischief. “Service temporarily unavailable,” flashed the screen when one visitor sought to browse there in the afternoon.

“Seems Rudy may need a cybersecurity chief for himself,” tweeted Jeremiah Grossman, whose profile said he is chief of security strategy for SentinelOne, a cybersecurity company.

Others came to Giuliani’s defense.

READ MORE…

Rudy Giuliani Is an Absurd Choice to Defend the U.S. From Hackers

Trevor Timm writes for The Guardian:

Related imageAt Donald Trump’s now-notorious press conference on Tuesday, lost amidst his threats to news organizations and denunciations of his enemies, the president-elect claimed he would soon assemble “some of the greatest computer minds anywhere in the world” to tackle the US government’s cybersecurity problem. On Thursday, he went the opposite route instead and hired Rudy Giuliani.

Giuliani, Trump election surrogate and the disgraced former mayor of New York, is apparently going to head up Trump’s efforts to coordinate “cybersecurity” issues between the federal government and the private sector, the transition team announced Tuesday. But what does Giuliani, last seen on the campaign trail claiming the president can break whatever law he likes in a time of war, know about cybersecurity? From the look and sound of it, not much.

Giuliani does head a consulting firm in New York called Giuliani Partners that supposedly focuses on cybersecurity, but Vice’s Motherboard reported yesterday, it’s tough to tell what they actually do, and it’s even tougher to tell what Giuliani does for them, besides being the face of the operation while saying outrageous things on television.

READ MORE…

The Washington Post Is Richly Rewarded for False News About Russia Threat While Public Is Deceived

Glenn Greenwald writes for The Intercept:

In the past six weeks, the Washington Post published two blockbuster stories about the Russian threat that went viral: one on how Russia is behind a massive explosion of “fake news,” the other on how it invaded the U.S. electric grid. Both articles were fundamentally false. Each now bears a humiliating editor’s note grudgingly acknowledging that the core claims of the story were fiction: The first note was posted a full two weeks later to the top of the original article; the other was buried the following day at the bottom.

The second story on the electric grid turned out to be far worse than I realized when I wrote about it on Saturday, when it became clear that there was no “penetration of the U.S. electricity grid” as the Post had claimed. In addition to the editor’s note, the Russia-hacked-our-electric-grid story now has a full-scale retraction in the form of a separate article admitting that “the incident is not linked to any Russian government effort to target or hack the utility” and there may not even have been malware at all on this laptop.

But while these debacles are embarrassing for the paper, they are also richly rewarding. That’s because journalists — including those at the Post — aggressively hype and promote the original, sensationalistic false stories, ensuring that they go viral, generating massive traffic for the Post (the paper’s executive editor, Marty Baron, recently boasted about how profitable the paper has become).

After spreading the falsehoods far and wide, raising fear levels and manipulating U.S. political discourse in the process (both Russia stories were widely hyped on cable news), journalists who spread the false claims subsequently note the retraction or corrections only in the most muted way possible, and often not at all. As a result, only a tiny fraction of people who were exposed to the original false story end up learning of the retractions.

READ MORE…

Should The American Public Be Thankful For Russian ‘Interference’?

Michael Tracey argues for Medium:

[…] If the state-sponsored Russian hackers did something truly malignant, like messing with election results, then yes — that’d be a severe breach and warrant substantial retaliation. But as it stands, the sinister Russians are accused of illuminating American voters as to the activities of the country’s most powerful political actors. The revelations made via WikiLeaks shined a light on all manner of fraud, deceit, and malfeasance. Would it have been better had voters not received access to this information? Who did it harm, other than a small group of political functionaries like Podesta and Wasserman-Schultz? Didn’t the American polity actually profit as a result of these hacks, given that they were provided important information about a presidential candidate that would have been otherwise suppressed?

When people use the word “interfered” to characterize what the Russian government is supposed to have done here, they give whole matter a needlessly nefarious gloss. “Russian interference in the election” connotes some kind of elaborate, intensive subversion plot. But that’s not what happened at all — voters weren’t harmed as a result of this “interference.” They were benefitted.

READ MORE…

Fake News: Russian Hacking of US Electricity Grid Never Took Place as Claimed by the Washington Post

Agamoni Ghosh reports for the International Business Times:

A news report last week had claimed that Russia-based hackers had successfully penetrated the US electricity grid through a facility in Vermont. But, such a thing never really happened as the alleged malware code that was thought to be injected into the grid system was only present on a single laptop that has no connection to the grid.

The report published by the Washington Post has been discarded as being misleading and false and the company has issued a note saying their key claim in the story was false.

“An earlier version of this story incorrectly said that Russian hackers had penetrated the US electric grid. Authorities say there is no indication of that so far. The computer at Burlington Electric that was hacked was not attached to the grid,” said an editor’s note on the copy.

READ MORE…

Top-Secret Snowden Document Reveals What the NSA Knew About Previous Russian Hacking

Sam Biddle reports for The Intercept:

To date, the only public evidence that the Russian government was responsible for hacks of the DNC and key Democratic figures has been circumstantial and far short of conclusive, courtesy of private research firms with a financial stake in such claims. Multiple federal agencies now claim certainty about the Kremlin connection, but they have yet to make public the basis for their beliefs.

Now, a never-before-published top-secret document provided by whistleblower Edward Snowden suggests the NSA has a way of collecting evidence of Russian hacks, because the agency tracked a similar hack before in the case of a prominent Russian journalist, who was also a U.S. citizen.

In 2006, longtime Kremlin critic Anna Politkovskaya was gunned down in her apartment, the victim of an apparent contract killing. Although five individuals, including the gunman, were convicted for the crime, whoever ordered the murder remains unknown. Information about Politkovskaya’s journalism career, murder, and the investigation of that crime was compiled by the NSA in the form of an internal wiki entry. Most of the wiki’s information is biographical, public, and unclassified, save for a brief passage marked top secret.

READ MORE…

Russia Hysteria Infects The Washington Post Again: False Story About Hacking U.S. Electric Grid

Glenn Greenwald writes for The Intercept:

Image result for Russia Hysteria Infects The Washington Post Again: False Story About Hacking U.S. Electric Grid[…] What’s the problem here? It did not happen.

There was no “penetration of the U.S. electricity grid.” The truth was undramatic and banal. Burlington Electric, after receiving a Homeland Security notice sent to all U.S. utility companies about the malware code found in the DNC system, searched all their computers and found the code in a single laptop that was not connected to the electric grid.

Apparently, the Post did not even bother to contact the company before running its wildly sensationalistic claims, so they had to issue their own statement to the Burlington Free Press which debunked the Post’s central claim (emphasis in original): “We detected the malware in a single Burlington Electric Department laptop NOT connected to our organization’s grid systems.”

So the key scary claim of the Post story – that Russian hackers had penetrated the U.S. electric grid – was false. All the alarmist tough-guy statements issued by political officials who believed the Post’s claim were based on fiction.

READ MORE…

Cybersecurity Expert Bruce Schneier: American Elections Will Be Hacked

Amy Goodman speaks to Bruce Schneier, cybersecurity expert and author of Data and Goliath, who warns that America’s “newly computerised voting systems are vulnerable to attack by both individual hackers and government-sponsored cyberwarriors. It is only a matter of time before such an attack happens”. He latest article for the New York Times is titled ‘American Elections Will Be Hacked‘. (Democracy Now!)

The New Red Scare: Reviving the Art of Threat Inflation

Andrew Cockburn writes for Harper’s Magazine:

Image result for The New Red Scare[…] Despite some esoteric aspects, the so-called Russian hacks, as promoted by interested parties in politics and industry, are firmly in the tradition of Cold War threat inflation. Admittedly, practitioners had an easier task in Selin’s day. The Cold War was at its height, America was deep in a bloody struggle against the communist foe in Vietnam, and Europe was divided by an Iron Curtain, behind which millions chafed under Soviet occupation.

Half a century later, the Soviet Union is long gone, along with the international communist movement it championed. Given that Russia’s defense budget is roughly one tenth of America’s, and that its military often cannot afford the latest weapons Russian manufacturers offer for export, resurrecting this old enemy might seem to pose a challenge to even the brightest minds in the Pentagon. Yet the Russian menace, we are informed, once again looms large. According to Defense Secretary Ashton Carter, Russia “has clear ambition to erode the principled international order” and poses “an existential threat to the United States” — a proclamation endorsed by a host of military eminences, including General Joseph Dunford, the chairman of the Joint Chiefs of Staff, his vice-chairman General Paul Selva, and NATO’s former Supreme Allied Commander, General Philip Breedlove.

True, relations with Moscow have been disintegrating since the Bush Administration. Yet Russia achieved formal restoration to threat status only after Putin’s takeover of Crimea in February 2014 (which followed the forcible ejection, with U.S. encouragement, of Ukraine’s pro-Russian government just a few days earlier). Russia’s intervention in Syria, in the fall of 2015, turned the chill into a deep freeze. Still, the recent accusation that Putin has been working to destabilize our democratic system has taken matters to a whole new level, evoking the Red Scare of the 1950s.

READ MORE…

Spies For Hire: How the UAE Is Recruiting Hackers to Create the Perfect Surveillance State

Jenna McLaughlin reports for The Intercept:

DUBAI, UNITED ARAB EMIRATES - JANUARY 03: View from the observation deck "At The Top" located on the 124th floor of Burj Khalifa tower on January 3, 2010 in Dubai, United Arab Emirates. The tower, designed by Chicago architect Adrian Smith, is the tallest free-standing structure on Earth. (Photo by Kuni Takahashi/Getty Images)[…] The idea of a UAE-based company recruiting an army of cyberwarriors from abroad to conduct mass surveillance aimed at the country’s own citizens may sound like something out of a bad Bond movie, but based on several months of interviews and research conducted by The Intercept, it appears DarkMatter has been doing precisely that.

Most of those who spoke with The Intercept asked to remain anonymous, citing nondisclosure agreements, fear of potential political persecution in the UAE, professional reprisals, and loss of current and future employment opportunities. Those quoted anonymously were speaking about events based on their direct experience with DarkMatter.

Margaritelli isn’t the only one who insists that DarkMatter isn’t being truthful about its operations and recruitment. More than five sources with knowledge of different parts of the company told The Intercept that sometime after its public debut last November, DarkMatter or a subsidiary began aggressively seeking skilled hackers, including some from the United States, to help it accomplish a wide range of offensive cybersecurity goals. Its work is aimed at exploiting hardware probes installed across major cities for surveillance, hunting down never-before-seen vulnerabilities in software, and building stealth malware implants to track, locate, and hack basically any person at any time in the UAE, several sources explained. As Margaritelli described it in an email to me, “Basically it’s big brother on steroids.”

READ MORE…

Is the Disclosure of John Podesta’s Emails a Step Too Far? Glenn Greenwald In Conversation With Naomi Klein

Glenn Greenwald of The Intercept recently spoke to author and activity Naomi Klein about the latest email hacks revolving around the Clinton campaign chairman John Podesta. (The Intercept)

US Hacking Russia for Revenge Could Lead to Cyberwar

Trevor Timm writes for The Guardian:

Image result for russia america cyberwarWhat’s the CIA’s brilliant plan for stopping Russian cyber-attacks on the US and their alleged interference with the US election? Apparently, some in the agency want to escalate tensions between the two superpowers even more and possibly do the same thing right back to them.

NBC News reported late last week that the CIA is working up blueprints for an “unprecedented cyber covert action against Russia”, and it sounds a lot like they’re planning on leaking documents on Vladimir Putin, just as the Russians are accused of doing to the Democratic National Committee and the Clinton campaign.

NBC reported that former intelligence officials said “the agency had gathered reams of documents that could expose unsavory tactics by Russian President Vladimir Putin” and another former official said the US “should … expose the financial dealings of Putin and his associates”.

READ MORE…

The Internet of Things Sucks So Bad Even ‘Amateurish’ Malware Is Enough

Lorenzo Franceschi-Bicchierai reports for Wired:

Over the last few weeks, unknown hackers have launched some of the largest cyberattacks the internet has ever seen. These attacks weren’t notable just by their unprecedented size and power, but also because they were powered by a large zombie army of hacked cameras and other devices that fit into the category of Internet of Things, or IoT.

On Friday, the hacker who claims to have created the malware that was powering this massive “Botnet Of Things” published its source code, which appears to be legitimate.

“It looks like this release is the real deal,” according to Marshal Webb, the chief technology officer of BackConnect, an anti-DDoS firm, who has been collecting samples of the malware in the last few weeks.

However legitimate, the malicious code isn’t actually that sophisticated, according to security researchers who have been studying it.

READ MORE…

Russian Hackers Expose ‘Double Standards’ at World Anti-Doping Agency (WADA)

Georgi Gotev reports for EurActiv:

The World Anti-Doping Agency (WADA) confirmed yesterday (13 September) that hackers accessed a database of confidential medical data and released the drug regimens of gymnast Simone Biles and three other top US Olympians. The Russian government was behind the move, WADA claimed.

The hackers penetrated the WADA’s athlete database and publicly revealed private medical information about three of the United States’ most famous athletes: Serena Williams, Venus Williams and Simone Biles.

The documents show that Biles, who won four gold medals in gymnastics at the Rio Olympics last month, and the Williams sisters received medical exemptions to use banned drugs.

“While it is an evolving situation, at present, we believe that access to ADAMS was obtained through spear phishing of email accounts,” WADA said in a statement.

The antidoping agency attributed the hack to Fancy Bear, a Russian cyberespionage group that forensics specialists have tied to breaches against government agencies, nonprofit organisations and corporations.

READ MORE…

Almost no chance U.S. elections can get hacked by the Russians

Philip Bump and Amber Phillips report for The Washington Post:

[…] Could hackers change the numbers to change our elections? The Fix spoke by phone and email with Merle King, executive director of the Center for Election Systems at Kennesaw State University to get an answer. In summary: It would be harder than we think — in part because we tend to conflate a number of very different election systems.

“One of the challenges the public has in sorting through the various threads of the current election cycle’s stories is understanding the differences between a campaign system, an election system and a voting system,” King told us.

The campaign system is the tool set used by candidates or parties to get people elected. The election system covers voter registration systems and other data centralization and is specific to jurisdictions. The voting system is the actual process of voting: the machines, the ballots and the designations of who votes where and on what. Information flows between these systems, but not always in two directions: Campaigns, for example, use voter registration data from the elections system but don’t send information back to it. So if a campaign is hacked (or if the Democratic National Committee is), there’s no risk to the voter registration database.

Confusing these systems can mean misunderstanding the threat — and the intent of the hackers.

READ MORE…

FBI says foreign hackers penetrated U.S. state election systems

Michael Isikoff reports for Yahoo! News:

The FBI has uncovered evidence that foreign hackers penetrated two state election databases in recent weeks, prompting the bureau to warn election officials across the country to take new steps to enhance the security of their computer systems, according to federal and state law enforcement officials.

The FBI warning, contained in a “flash” alert from the FBI’s Cyber Division, a copy of which was obtained by Yahoo News, comes amid heightened concerns among U.S. intelligence officials about the possibility of cyberintrusions, potentially by Russian state-sponsored hackers, aimed at disrupting the November elections.

Those concerns prompted Homeland Security Secretary Jeh Johnson to convene a conference call with state election officials on Aug. 15, in which he offered his department’s help to make state voting systems more secure, including providing federal cybersecurity experts to scan for vulnerabilities, according to a “readout” of the call released by the department.

READ MORE…

The NSA Is Putting Us All at Risk to be Hacked

Bruce Schneier, author of Data and Goliath, writes for Vox:

The National Security Agency is lying to us. We know that because of data stolen from an NSA server was dumped on the internet. The agency is hoarding information about security vulnerabilities in the products you use, because it wants to use it to hack others’ computers. Those vulnerabilities aren’t being reported, and aren’t getting fixed, making your computers and networks unsafe.

On August 13, a group calling itself the Shadow Brokers released 300 megabytes of NSA cyberweapon code on the internet. Near as we experts can tell, the NSA network itself wasn’t hacked; what probably happened was that a “staging server” for NSA cyberweapons — that is, a server the NSA was making use of to mask its surveillance activities — was hacked in 2013.

The NSA inadvertently resecured itself in what was coincidentally the early weeks of the Snowden document release. The people behind the link used casual hacker lingo, and made a weird, implausible proposal involving holding a bitcoin auction for the rest of the data: “!!! Attention government sponsors of cyber warfare and those who profit from it !!!! How much you pay for enemies cyber weapons?”

READ MORE…

Evidence Points to Another Snowden at the NSA

James Bamford, author of The Shadow Factory, writes for Reuters:

In the summer of 1972, state-of-the-art campaign spying consisted of amateur burglars, armed with duct tape and microphones, penetrating the headquarters of the Democratic National Committee. Today, amateur burglars have been replaced by cyberspies, who penetrated the DNC armed with computers and sophisticated hacking tools.

Where the Watergate burglars came away empty-handed and in handcuffs, the modern- day cyber thieves walked away with tens of thousands of sensitive political documents and are still unidentified.

Now, in the latest twist, hacking tools themselves, likely stolen from the National Security Agency, are on the digital auction block. Once again, the usual suspects start with Russia – though there seems little evidence backing up the accusation.

In addition, if Russia had stolen the hacking tools, it would be senseless to publicize the theft, let alone put them up for sale. It would be like a safecracker stealing the combination to a bank vault and putting it on Facebook. Once revealed, companies and governments would patch their firewalls, just as the bank would change its combination.

A more logical explanation could also be insider theft. If that’s the case, it’s one more reason to question the usefulness of an agency that secretly collects private information on millions of Americans but can’t keep its most valuable data from being stolen, or as it appears in this case, being used against us.

READ MORE…

The NSA Leak Is Real, Snowden Documents Confirm

Sam Biddle reports for The Intercept:

On Monday, a hacking group calling itself the “ShadowBrokers” announced an auction for what it claimed were “cyber weapons” made by the NSA. Based on never-before-published documents provided by the whistleblower Edward Snowden, The Intercept can confirm that the arsenal contains authentic NSA software, part of a powerful constellation of tools used to covertly infect computers worldwide.

The provenance of the code has been a matter of heated debate this week among cybersecurity experts, and while it remains unclear how the software leaked, one thing is now beyond speculation: The malware is covered with the NSA’s virtual fingerprints and clearly originates from the agency.

The evidence that ties the ShadowBrokers dump to the NSA comes in an agency manual for implanting malware, classified top secret, provided by Snowden, and not previously available to the public. The draft manual instructs NSA operators to track their use of one malware program using a specific 16-character string, “ace02468bdf13579.” That exact same string appears throughout the ShadowBrokers leak in code associated with the same program, SECONDDATE.

SECONDDATE plays a specialized role inside a complex global system built by the U.S. government to infect and monitor what one document estimated to be millions of computers around the world. Its release by ShadowBrokers, alongside dozens of other malicious tools, marks the first time any full copies of the NSA’s offensive software have been available to the public, providing a glimpse at how an elaborate system outlined in the Snowden documents looks when deployed in the real world, as well as concrete evidence that NSA hackers don’t always have the last word when it comes to computer exploitation.

READ MORE…

What Julian Assange’s War on Hillary Clinton Says About WikiLeaks

Robert Mackay writes for The Intercept:

[…] It should come as no surprise to anyone who looks back at the founding principles of WikiLeaks that Assange — who has clearly stated his distaste for the idea of the former secretary of state becoming president — would make aggressive use of leaked documents to try to undermine her.

As Raffi Khatchadourian explained in a New Yorker profile of the WikiLeaks founder in 2010, “Assange, despite his claims to scientific journalism, emphasized to me that his mission is to expose injustice, not to provide an even-handed record of events.” To Assange, Khatchadourian wrote, “Leaks were an instrument of information warfare.”

In other words, Assange’s project has been from the start more like opposition research than dispassionate reporting. His goal is to find dirt in the servers of powerful individuals or organizations he sees as corrupt or dangerous, and bring them down by exposing it. As he memorably told Der Spiegel in 2010, “I enjoy crushing bastards.”

His recent focus on “crushing” Clinton but not Trump has led some to ask Assange if he is worried about helping to elect someone who might be even more hostile to him — let alone to the causes of justice and peace that have motivated Wikileaks’ previous disclosures. Asked recently by Amy Goodman of “Democracy Now” if he does prefer Trump over Clinton, Assange replied, “You’re asking me, do I prefer cholera or gonorrhea?”

READ MORE…

Hack the Vote: Could Cyberattackers Disrupt the U.S. Election?

Laura Hautala reports for CNET:

Stealing votes with software. It may have been a plot in the political thriller TV show “Scandal,” but it could happen in real life, too. In fact, Homeland Security Secretary Jeh Johnson said Wednesday that it’s a major concern.

In light of the hacking attacks on the Democratic National Committee and another fundraising organization for the Democrats, the US government should ask whether to treat elections as “critical infrastructure,” Johnson said at a breakfast in Washington, DC, sponsored by the Christian Science Monitor.

That official designation often refers to physical infrastructure, like the power grid and dams. But elections are critical to democracy, Johnson said, which could justify adding the voting system to the US government’s list of 16 critical infrastructure sectors. “There’s a vital national interest in our election process,” he told reporters at the event.

READ MORE…

The World’s Best Cyber Army Doesn’t Belong to Russia

James Bamford, author of The Shadow Factory, writes for Reuters:

A National Security Agency data gathering facility in Bluffdale, about 25 miles (40 km) south of Salt Lake City, Utah, December 16, 2013. REUTERS/Jim Urquhart

[…] Unlike the Defense Department’s Pentagon, the headquarters of the cyberspies fills an entire secret city. Located in Fort Meade, Maryland, halfway between Washington and Baltimore, Maryland, NSA’s headquarters consists of scores of heavily guarded buildings. The site even boasts its own police force and post office.

And it is about to grow considerably bigger, now that the NSA cyberspies have merged with the cyberwarriors of U.S. Cyber Command, which controls its own Cyber Army, Cyber Navy, Cyber Air Force and Cyber Marine Corps, all armed with state-of-the-art cyberweapons. In charge of it all is a four-star admiral, Michael S. Rogers.

Now under construction inside NSA’s secret city, Cyber Command’s new $3.2- billion headquarters is to include 14 buildings, 11 parking garages and an enormous cyberbrain — a 600,000-square-foot, $896.5-million supercomputer facility that will eat up an enormous amount of power, about 60 megawatts. This is enough electricity to power a city of more than 40,000 homes.

In 2014, for a cover story in Wired and a PBS documentary, I spent three days in Moscow with Snowden, whose last NSA job was as a contract cyberwarrior. I was also granted rare access to his archive of documents. “Cyber Command itself has always been branded in a sort of misleading way from its very inception,” Snowden told me. “It’s an attack agency. … It’s all about computer-network attack and computer-network exploitation at Cyber Command.”

READ MORE…

Edward Snowden Is Not Down With WikiLeaks’ Methods

David Meyer reports for Fortune:

WikiLeaks is on a bit of a roll at the moment, most notoriously with its release of thousands of emails and even voicemail recordings from the U.S. Democratic National Committee (DNC) and the Democratic party’s donors.

It has also recently released emails from Turkey’s ruling party, prompting WikiLeaks’ blockage in that country, and tweeted out a link to an unredacted database of most female Turkish voters.

And Edward Snowden, the famous National Security Agency (NSA) whistleblower, thinks Julian Assange’s whistleblowing pipeline is taking things too far.

“Democratizing information has never been more vital, and WikiLeaks has helped,” he tweeted. “But their hostility to even modest curation is a mistake.”

WikiLeaks lashed back, accusing Snowden of opportunism in the hope of winning a pardon from Hillary Clinton, the Democratic candidate. It also said that curation should not include “censorship of ruling party cash flows.”

READ MORE…

Trump, Putin and the DNC Hack: Interview with Jeffrey Carr

Scott Horton recently spoke to Jeffrey Carr, a cyber intelligence expert and CEO of Taia Global, Inc., about his fact-checking of Josh Marshall’s TalkingPointsMemo article that claims a close alliance between Trump and Putin, and why the individuals blaming Russia for the DNC email hack are more motivated by politics than solid evidence. (Scott Horton Show)

LISTEN TO THE INTERVIEW…

Donald Trump Calls on Russia to Find Hillary Clinton’s Missing Emails

Ashley Parker reports for The New York Times:

Donald J. Trump said Wednesday that he hoped Russia had hacked Hillary Clinton’s email, essentially encouraging an adversarial foreign power’s cyberspying on a secretary of state’s correspondence.

“Russia, if you’re listening, I hope you’re able to find the 30,000 emails that are missing,” Mr. Trump said, staring directly into the cameras during a press conference. “I think you will probably be rewarded mightily by our press.”

Mr. Trump’s call was an extraordinary moment at a time when Russia is being accused of meddling in the U.S. presidential election. His comments came amid questions about the hacking of the Democratic National Committee’s computer servers, which American intelligence agencies have told the White House they have “high confidence” was the work of the Russian government.

READ MORE…

Assange, Avowed Foe of Clinton, Timed Email Release for Democratic Convention

Charlie Savage writes for The New York Times:

Six weeks before the anti-secrecy organization WikiLeaks published an archive of hacked Democratic National Committee emails ahead of the Democratic convention, the organization’s founder, Julian Assange, foreshadowed the release — and made it clear that he hoped to harm Hillary Clinton’s chances of winning the presidency.

Mr. Assange’s remarks in a June 12 interview underscored that for all the drama of the discord that the disclosures have sown among supporters of Bernie Sanders — and of the unproven speculation that the Russian government provided the hacked data to WikiLeaks in order to help Donald J. Trump — the disclosures are also the latest chapter in the long-running tale of Mr. Assange’s battles with the Obama administration.

In the interview, Mr. Assange told a British television host, Robert Peston of the ITV network, that his organization had obtained “emails related to Hillary Clinton which are pending publication,” which he pronounced “great.” He also suggested that he not only opposed her candidacy on policy grounds, but also saw her as a personal foe.

READ MORE…

If Russian Intelligence Did Hack the DNC, the NSA Would Know, Snowden Says

Robert Mackey writes for The Intercept:

[…] Since very few of us are cybersecurity experts, and the Iraq debacle is a reminder of how dangerous it can be to put blind faith in experts whose claims might reinforce our own political positions, there is also the question of who we can trust to provide reliable evidence.

One expert in the field, who is well aware of the evidence-gathering capabilities of the U.S. government, is Edward Snowden, the former Central Intelligence Agency technician and National Security Agency whistleblower who exposed the extent of mass surveillance and has been given temporary asylum in Russia.

“If Russia hacked the #DNC, they should be condemned for it,” Snowden wrote on Twitter on Monday, with a link to a 2015 report on the U.S. government’s response to the hacking of Sony Pictures. In that case, he noted, “the FBI presented evidence” for its conclusion that North Korea was responsible for the hacking and subsequent release of internal emails. (The FBI is now investigating the breach of the DNC’s network, which officials told the Daily Beast they first made the committee aware of in April.)

What’s more, Snowden added, the NSA has tools that should make it possible to trace the source of the hack. Even though the Director of National Intelligence usually opposes making such evidence public, he argued, this is a case in which the agency should do so, if only to discourage future attacks.

READ MORE…

All Signs Point to Russia Being Behind the DNC Hack

Thomas Rid writes for VICE Motherboard:

The forensic evidence linking the DNC breach to known Russian operations is very strong. On June 20, two competing cybersecurity companies, Mandiant (part of FireEye) and Fidelis, confirmed CrowdStrike’s initial findings that Russian intelligence indeed hacked Clinton’s campaign. The forensic evidence that links network breaches to known groups is solid: used and reused tools, methods, infrastructure, even unique encryption keys. For example: in late March the attackers registered a domain with a typo—misdepatrment[.]com—to look suspiciously like the company hired by the DNC to manage its network, MIS Department. They then linked this deceptive domain to a long-known APT 28 so-called X-Tunnel command-and-control IP address, 45.32.129[.]185.

One of the strongest pieces of evidence linking GRU to the DNC hack is the equivalent of identical fingerprints found in two burglarized buildings: a reused command-and-control address—176.31.112[.]10—that was hard coded in a piece of malware found both in the German parliament as well as on the DNC’s servers. Russian military intelligence was identified by the German domestic security agency BfV as the actor responsible for the Bundestag breach. The infrastructure behind the fake MIS Department domain was also linked to the Berlin intrusion through at least one other element, a shared SSL certificate.

The evidence linking the Guccifer 2.0 account to the same Russian operators is not as solid, yet a deception operation—a GRU false flag, in technical jargon—is still highly likely. Intelligence operatives and cybersecurity professionals long knew that such false flags were becoming more common. One noteworthy example was the sabotage of France’s TV5 Monde station on 9/10 April 2015, initially claimed by the mysterious “CyberCaliphate,” a group allegedly linked to ISIS. Then, in June, the French authorities suspected the same infamous APT 28 group behind the TV5 Monde breach, in preparation since January of that year. But the DNC deception is the most detailed and most significant case study so far. The technical details are as remarkable as its strategic context.

READ MORE…