The New York Times reports that American spies are essentially clueless with regard to who stole their malware arsenal:
"Fifteen months into a wide-ranging investigation by the agency’s counterintelligence arm, known as Q Group, and the F.B.I., officials still do not know whether the N.S.A. is the victim of a brilliantly executed hack, with Russia as the most likely perpetrator, an insider’s leak, or both. Three employees have been arrested since 2015 for taking classified files, but there is fear that one or more leakers may still be in place. And there is broad agreement that the damage from the Shadow Brokers already far exceeds the harm to American intelligence done by Edward J. Snowden, the former N.S.A. contractor who fled with four laptops of classified material in 2013."
The presence of David Sanger on the article's byline is an indicator of sorts. Cryptome aptly describes the game being played:
"Shadow Brokers pilfering NSA/CIA's TS malware guns reminds of 'going deaf.' 'cyber Pearl Harbor,' Snowden's '1.4M' dump. 'insider threats,' TS budget jumps, fat-funded CT coms by 'ex-spies.' Quotation marks apt for ever proliferating natsec PR leaks."
The recipe is simple and age-old. Declare ominous threats to the Homeland and then clutch pearls shamelessly on behalf of NATSEC. The Deep State and its vast patronage networks no doubt send season greetings to all their friends at the New York Times editorial board for publishing such breathless drama. -BB(2017-11-12)
This is why, when it comes to nation-states, attribution is wishful thinking. Spy masters have invested the resources in technology and operational planning necessary to thwart investigators. Witness the CIA's Hive software:
"Hive provides a covert communications platform for a whole range of CIA malware to send exfiltrated information to CIA servers and to receive new instructions from operators at the CIA..."
"Digital certificates for the authentication of implants are generated by the CIA impersonating existing entities. The three examples included in the source code build a fake certificate for the anti-virus company Kaspersky Laboratory, Moscow pretending to be signed by Thawte Premium Server CA, Cape Town. In this way, if the target organization looks at the network traffic coming out of its network, it is likely to misattribute the CIA exfiltration of data to uninvolved entities whose identities have been impersonated."
What? The CIA is masquerading as Kaspersky to launch attacks? Who would've guessed?... -BB(2017-11-09)
A campaign involving hundreds of journalists has spent the better part of a year wading through 13.4 million files acquired by the German newspaper Süddeutsche Zeitung. Here's a nutshell summary:
"[The investigation] reveals offshore interests and activities of more than 120 politicians and world leaders, including Queen Elizabeth II, and 13 advisers, major donors and members of U.S. President Donald J. Trump"
"One of the Kremlin-owned firms, VTB Bank, quietly directed $191 million into an investment fund, DST Global, that used the money to buy a large stake in Twitter in 2011. They also show that a subsidiary of the Kremlin-controlled energy giant Gazprom heavily funded an offshore company that partnered with DST Global in a large investment in Facebook."
Think of these documents every time you hear the political class mention "shared sacrifice". -BB(2017-11-05)
Thanks to WikiLeaks we have an idea of how business leaders feel about a unified Korea. Recall how Hillary Clinton pandered to the natural inclinations of bankers behind closed doors at Goldman Sachs:
"There it is in black and white. The US does not want a unified Korea. ('for obvious economic and political reasons') The US wants to keep the country split up so it can keep the North isolated and underdeveloped, maintain the South's colonial dependence on the US, and perpetuate the occupation. That's what Washington wants. The goal is not security, but power, greed and geopolitical positioning."
On a related note, there are fairly obvious reasons why people in South Korea shrug off the American media's frenzy regarding recent developments in North Korea:
"Within South Korea, the ICBM is not such big news because the ICBM is not for South Korea... South Koreans have been living with the thousands of North Korean artillery pieces and chemical and biological weapons and the rockets along the border"
The media hysterics arise because certain factions of the Deep State absolutely refuse to contemplate a future in which a smaller country might a develop a nuclear deterrent and thereby inoculate itself against U.S. military intervention. -BB(2017-09-01)
Update: North Korea conducted its sixth nuclear test this morning. Scientists in the United States observed an earthquake with a magnitude of 6.3 on the Richter scale, indicating an explosion on the order of 100 kilotons. North Korea claims to have achieved a two-stage Teller–Ulam weapon that's small enough to be mounted on an ICBM. As expected, bluster arises from the White House. Just keep in mind that a state-run Chinese media outlet has suggested that China will defend North Korea in the event of a first strike by the United States. In this manner the United States could, as William Perry put it, blunder its way into nuclear extinction. In the background, POTUS threatens to put the kibosh on a trade deal with South Korea. Interesting...
Update : a solid background piece on the 1994 Agreement Framework.
"A careful review of the 1994 agreement and interviews with former US officials with extensive experience negotiating with Pyongyang reveals that blame for its demise should be equally shared by the United States and North Korea. Because that's not a popular view, and the risks are so high, it's important to get the story straight."
"The US already has the arrangement it wants on the Peninsula. The South remains under US military occupation, the economic and banking systems have been successfully integrated into the US-dominated western system, and the strategically-located landmass in northeast Asia provides an essential platform for critical weapons systems that will be used to encircle and control fast-emerging rivals, China and Russia."
Update :"China has also told administration officials that if the U.S. strikes North Korea first, Beijing would back Pyongyang, a senior military official said."
Trump doubles down on the war in Afghanistan. Talk about a 180-degree turn. Defense industry, banking, and fossil fuel execs no doubt are cracking open the champagne. The self-perpetuating global war on terror churns on as the United States lumbers further into the graveyard of empires. Reminds me of a line from War Machine:
"You are fighting 1,000 separate battles with locals whose principal ideological position would seem to be simply that they don't want foreign soldiers in their village, and that, General, you must know, is a war you will *never* win."
Do you suppose the Russians are having a good laugh? -BB(2017-08-22)
Here's shocking a story that's currently not receiving much coverage in the United States. South Korea's National Intelligence Service, which is like an amalgam of the CIA and FBI, conducted a series of illegal operations during the 2012 Presidential election in support of former President Park Geun-hye.
"Elements of the NIS' anti-North Korea psychological warfare division also posted messages criticizing then-opposition candidate Moon Jae-in on social networks... Measures included press manipulation and surveillance of opposition politicians."
Puts this report in a whole new light, huh? Don't think for a minute that the CIA et al don't take sides. They are firmly entrenched tools of the establishment. The tip of big money's spear. -BB(2017-08-07)
Update : Former NIS spy master Won Sei-hoon gets four years for election meddling:
"The close confidant of former President Lee Myung-bak was indicted in 2013 for running an illicit smear campaign to sway voters in favor of then ruling party candidate Park Geun-hye. NIS officials hired hundreds of civilians to post Internet comments against her liberal rival Moon Jae-in. Park, who won the election, was ousted over a corruption scandal in March."
This is an important story and notice how the American press is avoiding it like the plague...
This is worth reading:
- Imperfect human beings are incapable of creating perfectly-secure computers.
- Corrupt human beings will create security flaws on purpose in order to gain power over others.
- Flawed computer security is a political and economic problem, not a technical problem.
- The human race no longer lives 'in the real world.' we now live online, in the cyber domain.
- Two columns of power dominate the cyber domain: mass surveillance and targeted hacking.
- Given a large enough set of people and a long enough span of time, power always corrupts
As I wrote to Nation magazine back in July of 2014: "The United States is now a surveillance state where corporate and government spies collaborate to monitor citizens. If academic researchers like Emmanuel Saez and Thomas Piketty are correct in their groundbreaking analysis of growing economic inequality, the end game for society will be pretty grim. As our social fabric disintegrates and the climate becomes less hospitable, the immiseration of the average person will lead to widespread mobilization. The US elite are well aware of what happened to French aristocrats in the eighteenth century. To save themselves from a similar fate, they will switch the cogs of the surveillance state into high gear, and the United States will witness the sort of oppression that is the hallmark of a police state." -BB(2017-07-16)
Back-to-back reports from Seymour Hersh in Die Welt indicate that the recent cruise missile strike in Syria was based on the false premise of a nerve gas attack by Assad's forces. President Trump, thinking with his gut, ordered the attack despite explicit warnings from advisors and open source analysis. As one insider put it:
"He doesn't read anything and has no real historical knowledge. He wants verbal briefings and photographs. He's a risk-taker. He can accept the consequences of a bad decision in the business world; he will just lose money. But in our world, lives will be lost and there will be long-term damage to our national security if he guesses wrong. He was told we did not have evidence of Syrian involvement and yet Trump says: 'Do it.'"
Hersh also provides a series of conversations between an American soldier and a security advisor. The security advisor explains Trump's willful ignorance:
"There has been a hidden agenda all along. This is about trying to ultimately go after Iran."
The American soldier in turn makes a truly astute comment:
"I guess it really didn't matter whether we elected Clinton or Trump."
One thing is certain: throughout all of this Russian leaders come across as the adults in the room. Remaining calm and seeking to de-escalate. On the other side the American Deep State relies on fabrications to justify military action and pursue full spectrum dominance. -BB(2017-06-25)
Posted today by WikiLeaks:
"Marble is used to hamper forensic investigators and anti-virus companies from attributing viruses, trojans and hacking attacks to the CIA. Marble does this by hiding ('obfuscating') text fragments used in CIA malware from visual inspection. This is the digital equivallent of a specalized CIA tool to place covers over the english language text on U.S. produced weapons systems before giving them to insurgents secretly backed by the CIA."
"Across the federal government, about 90 percent of all spending on cyber programs is dedicated to offensive efforts, including penetrating the computer systems of adversaries, listening to communications and developing the means to disable or degrade infrastructure, senior intelligence officials told Reuters."
This is why attribution is a lost cause despite the assurances of security vendors and government spies. Operational signatures can be mimicked, attacks staged, and forensic artifacts forged. Welcome to the wilderness of mirrors. -BB(2017-03-31)
A WikiLeaks press release describes the CIA's efforts to develop firmware-level rootkits:
"Included in this release is the manual for the CIA's 'NightSkies 1.2' a 'beacon/loader/implant tool' for the Apple iPhone. Noteworthy is that NightSkies had reached 1.2 by 2008, and is expressly designed to be physically installed onto factory fresh iPhones. i.e the CIA has been infecting the iPhone supply chain of its targets since at least 2008.
"While CIA assets are sometimes used to physically infect systems in the custody of a target it is likely that many CIA physical access attacks have infected the targeted organization's supply chain including by interdicting mail orders and other shipments (opening, infecting, and resending) leaving the United States or otherwise."
The notion that all of Silicon Valley's secret deals somehow ended in 2013 is delusional. In a recent interview Julian Assange calls out the usual suspects:
"Other companies affected by the CIA's hacking tools, such as Google, Microsoft and Apple, in contrast, simply forwarded WikiLeaks' offer to provide further information to their legal departments. Assange claims that this was done because these companies work with US intelligence agencies. It is also the reason that so many employees at such companies have US government security clearance, especially those who work in cybersecurity departments."
The bitter pill is this: you cannot have your cake and eat it too regardless of how much money the C-suites in the Bay Area throw at public relations and overt gestures of defiance. -BB(2017-03-23)
"By the end of 2016, the CIA's hacking division, which formally falls under the agency's Center for Cyber Intelligence (CCI), had over 5000 registered users and had produced more than a thousand hacking systems, trojans, viruses, and other "weaponized" malware. Such is the scale of the CIA's undertaking that by 2016, its hackers had utilized more code than that used to run Facebook. The CIA had created, in effect, its "own NSA" with even less accountability and without publicly answering the question as to whether such a massive budgetary spend on duplicating the capacities of a rival agency could be justified."
Cryptome has a history of being correct about spies and their ops. And so I'll repeat a prescient observation from John Young:
"The last thing CIA and its supporters want is a revelation of its manipulation of civilian leaders institutionalized by the 1947 National Security Act (also opposed by the military)."
Note the mention of anti-forensic techniques. Does this raise a few questions about allegations of Russian hacking? There's a reason why President Truman regretted the cloak and dagger authorization he granted the CIA. -BB(2017-03-07)
Update: The CIA has responded with an official statement. Which is essentially a pack of lies. The CIA's job is to implement policy which is mandated primarily by economic elites and organized groups representing business interests. It exists to assist in opening up markets and providing access to resources on behalf of oligarchic factions. Executive Order 12333 enables CIA operations within our borders. As Dennis Kucinich correctly notes "we are sliding down the slippery slope toward totalitarianism."
Several weeks ago, an exec at Microsoft called for a "Digital Geneva Convention." This may be interpreted as a public relations gesture by a documented NSA partner. Arms control in the cyber realm is nothing more than pleasant fiction.