SCW RUSSIAWIRE TRANSCRIPT, LINKS, WANTED POSTER: “U.S. Charges Russian GRU Officers with International Hacking and Related Influence and Disinformation Operations” – DOJ

U.S. District Court for the Western District of Pennsylvania, adapted form image at uscourts.gov by Steven C. Welsh :: www.stevencwelsh.info ve :: www.stevencwelsh.com

FBI wanted poster and DOJ news release follow further below

Click here for:


In the latest round of U.S. indictments of Russian figures in connection with espionage, hacking, or other covert activities, the U.S. Department of Justice, on Thursday, Oct. 4, 2018, announced an indictment, in the U.S. District Court for the Western District of Pennsylvania, of Russian GRU military intelligence officers Leksei Sergeyevich Morenets, Evgenii Mikhaylovich Serebriakov, Ivan Sergeyevich Yermakov, Artem Andreyevich Malyshev, Dmitriy Sergeyevich Badin, Oleg Mikhaylovich Sotnikov and Alexey Valerevich Minin, for conspiracy, wire fraud, conspiracy to commit wire fraud, aggravated identity theft and conspiracy to launder money.

The Russian hacking and other covert activities were alleged to included activities targeting: international efforts against Russia’s state-sponsored program athletic doping; international efforts to enforce international norms regarding chemical weapons; and Westinghouse in western Pennsylvania.




[TRANSCRIPT OF DOJ NEWS RELEASE FOLLOWS]

Department of Justice
Office of Public Affairs
FOR IMMEDIATE RELEASE
Thursday, October 4, 2018
[justice.gov/opa/pr/us-charges-russian-gru-officers-international-hacking-and-related-influence-and]

U.S. Charges Russian GRU Officers with International Hacking and Related Influence and Disinformation Operations

Conspirators Included a Russian Intelligence “Close Access” Hacking Team that Traveled Abroad to Compromise Computer Networks Used by Anti-Doping and Sporting Officials and Organizations Investigating Russia’s Use of Chemical Weapons

A grand jury in the Western District of Pennsylvania has indicted seven defendants, all officers in the Russian Main Intelligence Directorate (GRU), a military intelligence agency of the General Staff of the Armed Forces of the Russian Federation, for computer hacking, wire fraud, aggravated identity theft, and money laundering.

According to the indictment, beginning in or around December 2014 and continuing until at least May 2018, the conspiracy conducted persistent and sophisticated computer intrusions affecting U.S. persons, corporate entities, international organizations, and their respective employees located around the world, based on their strategic interest to the Russian government.

Among the goals of the conspiracy was to publicize stolen information as part of an influence and disinformation campaign designed to undermine, retaliate against, and otherwise delegitimize the efforts of international anti-doping organizations and officials who had publicly exposed a Russian state-sponsored athlete doping program and to damage the reputations of athletes around the world by falsely claiming that such athletes were using banned or performance-enhancing drugs.

The charges were announced at a press conference by Assistant Attorney General for National Security John C. Demers, United States Attorney for the Western District of Pennsylvania Scott W. Brady, FBI Deputy Assistant Director for Cyber Division, Eric Welling, and Director General Mark Flynn for the Royal Canadian Mounted Police.

“State-sponsored hacking and disinformation campaigns pose serious threats to our security and to our open society, but the Department of Justice is defending against them,” Attorney General Jeff Sessions said. “Today we are indicting seven GRU officers for multiple felonies each, including the use of hacking to spread the personal information of hundreds of anti-doping officials and athletes as part of an effort to distract from Russia’s state-sponsored doping program. The defendants in this case allegedly targeted multiple Americans and American entities for hacking, from our national anti-doping agency to the Westinghouse Electric Company near Pittsburgh. We are determined to achieve justice in these cases and we will continue to protect the American people from hackers and disinformation.”

“The investigation leading to the indictments announced t (link is external)oday is the FBI at its best,” said FBI Director Christopher Wray. “The actions of these seven hackers, all working as officials for the Russian government, were criminal, retaliatory, and damaging to innocent victims and the United States’ economy, as well as to world organizations. Their actions extended beyond borders, but so did the FBI’s investigation. We worked closely with our international partners to identify the actors and disrupt their criminal campaign – and today, we are sending this message: The FBI will not permit any government, group, or individual to threaten our people, our country, or our partners. We will work tirelessly to find them, stop them, and bring them to justice.”

“We want the hundreds of victims of these Russian hackers to know that we will do everything we can to hold these criminals accountable for their crimes,” said U.S. Attorney Brady.  State actors who target U.S. citizens and companies are no different than any other common criminal:  they will be investigated and prosecuted to the fullest extent of the law.”

The defendants, all Russian nationals and residents, are Aleksei Sergeyevich Morenets, 41, Evgenii Mikhaylovich, Serebriakov, 37, Ivan Sergeyevich Yermakov, 32, Artem Andreyevich Malyshev, 30, and Dmitriy Sergeyevich Badin, 27, who were each assigned to Military Unit 26165, and Oleg Mikhaylovich Sotnikov, 46, and Alexey Valerevich Minin, 46, who were also GRU officers.

The indictment alleges that defendants Yermakov, Malyshev, Badin, and unidentified conspirators, often using fictitious personas and proxy servers, researched victims, sent spearphishing emails, and compiled, used, and monitored malware command and control servers.

When the conspirators’ remote hacking efforts failed to capture log-in credentials, or if the accounts that were successfully compromised did not have the necessary access privileges for the sought-after information, teams of GRU technical intelligence officers, including Morenets, Serebriakov, Sotnikov, and Minin, traveled to locations around the world where targets were physically located.  Using specialized equipment, and with the remote support of conspirators in Russia, including Yermakov, these close access teams hacked computer networks used by victim organizations or their personnel through Wi-Fi connections, including hotel Wi-Fi networks.  After a successful hacking operation, the close access team transferred such access to conspirators in Russia for exploitation.

Among other instances, the indictment alleges that following a series of high-profile independent investigations starting in 2015, which publicly exposed Russia’s systematic state-sponsored subversion of the drug testing processes prior to, during, and subsequent to the 2014 Sochi Winter Olympics (according to one report, known as the “McLaren Report”), the conspirators began targeting systems used by international anti-doping organizations and officials.  After compromising those systems, the defendants stole credentials, medical records, and other data, including information regarding therapeutic use exemptions (TUEs), which allow athletes to use otherwise prohibited substances.

Using social media accounts and other infrastructure acquired and maintained by GRU Unit 74455 in Russia, the conspiracy thereafter publicly released selected items of stolen information, in many cases in a manner that did not accurately reflect their original form, under the false auspices of a hacktivist group calling itself the “Fancy Bears’ Hack Team.”  As part of its influence and disinformation efforts, the Fancy Bears’ Hack Team engaged in a concerted effort to draw media attention to the leaks through a proactive outreach campaign.  The conspirators exchanged e-mails and private messages with approximately 186 reporters in an apparent attempt to amplify the exposure and effect of their message.

Each defendant is charged with one count of conspiracy to commit computer fraud and abuse, which carries a maximum sentence of five years in prison, one count each of conspiracy to commit wire fraud and conspiracy to commit money laundering, both of which carry a maximum sentence of 20 years.  Defendants Morenets, Serebriakov, Yermakov, Malyshev, and Badin are each also charged with two counts of aggravated identity theft, which carries a consecutive sentence of two years in prison.  Defendant Yermakov is also charged with five counts of wire fraud, which carries a maximum sentence of 20 years.

Defendants Yermakov, Malyshev, and Badin are also charged defendants in federal indictment number CR 18-215 in the District of Columbia, and accused of conspiring to gain unauthorized access into the computers of U.S. persons and entities involved in the 2016 U.S. presidential election, steal documents from those computers, and stage releases of the stolen documents to interfere with the 2016 U.S. presidential election.

According to the indictment:

Context of the Hacking and Related Influence and Disinformation Efforts

In July 2016, the World Anti-Doping Agency’s (WADA) Independent Person Report (the “First McLaren Report”) was released, describing Russia’s systematic state-sponsored subversion of the drug testing process prior to, during, and subsequent to the 2014 Sochi Winter Olympics.  This investigation had the support of advocates for clean sports, including the United States Anti-Doping Agency (USADA), the Canadian Centre for Ethics in Sport (CCES, Canada’s anti-doping agency). Eventually, in some instances only after arbitration rulings by the International Court of Arbitration for Sport (TAS/CAS), approximately 111 Russian athletes were excluded from the 2016 Summer Olympic Games, in Rio de Janeiro, Brazil, by a number of international athletics federations, including track-and-field’s International Association of Athletics Federations (IAAF).  The International Paralympic Committee (IPC) further imposed a blanket ban of Russian athletes from the 2016 Paralympic Games, which were also held in Rio.

Intrusion Activities in Rio de Janeiro, Brazil

Days after the release of the First McLaren Report and the International Olympic Committee’s and IPC’s subsequent decisions regarding the exclusion of  Russian athletes, the conspirators prepared to hack into the networks of WADA, the United States Anti-Doping Agency (USADA), and TAS/CAS.   The conspirators, including specifically defendants Yermakov and Malyshev, procured spoofed domains (which mimicked legitimate WADA and TAS/CAS domains) and other infrastructure, probed such entities’ networks, and spearphished WADA and USADA employees.  Although Yermakov and Malyshev are both alleged to have prepared to send spearphishing e-mails to TAS/CAS, the indictment does not allege that organization was compromised.

Likely as a result of the conspirators’ failure to capture necessary log-in credentials, or because those victim accounts that were successfully compromised did not have the necessary access privileges for the sought-after information, defendants Morenets and Serebriakov, in at least one instance with the remote support of Yermakov, deployed to Rio to conduct hacking operations targeting and maintaining persistent access to Wi-Fi networks used by anti-doping officials.  As a result of these efforts, in August 2016, the conspirators captured that IOC official’s credentials and thereafter used them, and another set of credentials belonging to the same official to gain unauthorized access to an account in WADA’s ADAMS database and medical and anti-doping related information contained therein. (The broader ADAMS database was not compromised in the intrusion.)

Also in 2016, a senior USADA anti-doping official traveled to Rio de Janeiro for the Olympics and Paralympic games.  While there, the USADA official used Wi-Fi at the hotel and other Wi-Fi access points in Rio to remotely access USADA’s computer systems and conduct official business.  While the USADA official was in Rio, conspirators successfully compromised the credentials for his or her USADA email account, which included summaries of athlete test results and prescribed medications.

Intrusion Activities in Lausanne, Switzerland

In mid-September 2016, WADA hosted an anti-doping conference in Lausanne, Switzerland.  On September 18, 2016, defendants Morenets and Serebriakov traveled to Lausanne with equipment used in close access Wi-Fi compromises.  On or about September 19, 2016, Morenets and Serebriakov compromised the Wi-Fi network of a hotel hosting the conference and leveraged that access to compromise the laptop and credentials of a senior CCES official staying at the hotel. Other conspirators thereafter used the stolen credentials to compromise CCES’s networks in Canada, using a tool used to extract hashed passwords, the metadata of which indicated it was compiled by Badin.

Intrusion Targeting Anti-Doping Officials at Sporting Federations

In December 2016 and January 2017, conspirators successfully compromised the networks of IAAF and the Fédération Internationale de Football Association (“FIFA”) and targeted computers and accounts used by each organization’s top anti-doping official.  Among the data stolen from such officials were keylogs, file directories, anti-doping policies and strategies, lab results, medical reports, contracts with doctors and medical testing labs, information about medical testing procedures, and TUEs.

Related GRU Influence and Disinformation Operations

On September 12, 2016, shortly after the compromise of the IOC official’s ADAMS credentials, but before the compromise of USADA’s and CCES’s networks, conspirators claiming to be the hacktivist group Fancy Bears’ Hack Team used online accounts and other infrastructure procured and managed by Unit 74455, as well as the website fancybears.net, to publicly release TUEs, other medical information, and emails stolen from anti-doping officials at WADA, USADA, CCES, IAAF, FIFA, and approximately 35 other anti-doping agencies or sporting organizations.  In some instances, the WADA documents were modified from their original form.  Ultimately, the Fancy Bears’ Hack Team released stolen information that included private or medical information of approximately 250 athletes from almost 30 countries.

The conspirators’ release of the stolen information was, in some instances, accompanied by posts and other communications that parroted or supported themes that the Russian government had used in its official narrative regarding the anti-doping agencies’ investigative findings.  From 2016 through 2018, the conspirators engaged in a proactive outreach campaign, using Twitter and e-mail to communicate with approximately 186 reporters about the stolen information.  After articles were published, conspirators used the Fancy Bears’ Hack Team social media accounts to draw attention to the articles in an attempt to amplify the exposure and effect of their message.

Other Targets of the Conspiracy

The conspiracy is also alleged to have targeted other entities in the Western District of Pennsylvania and abroad that were of interest to the Russian government.  For example, as early as November 20, 2014, Yermakov performed reconnaissance of Westinghouse Electric Company’s (WEC) networks and personnel.  In the following months, Yermakov and conspirators created a fake WEC domain and sent spearphishing emails to WEC employees’ work and personal email accounts, which were designed to harvest the employees’ log-in credentials.

More recently, in April 2018, Morenets, Serebriakov, Sotnikov, and Minin, all using diplomatic passports, traveled to The Hague in the Netherlands in furtherance of another close access operation targeting the Organisation for the Prohibition of Chemical Weapons (OPCW) computer networks through Wi-Fi connections.  All four GRU officers intended to travel thereafter to Spiez, Switzerland, to target the Spiez Swiss Chemical Laboratory, an accredited laboratory of the OPCW which was analyzing military chemical agents, including the chemical agent that the United Kingdom authorities connected to the poisoning of a former GRU officer in that country.  However, Morenets, Serebriakov, Sotnikov, and Minin were disrupted during their OPCW hacking operation by the Militaire Inlichtingen- en Veiligheidsdienst (MIVD), the Dutch defense intelligence service.  As part of this disruption, Morenet’s and Serebriakov’s abandoned the Wi-Fi compromise equipment, which they had placed in the trunk of a rental car parked adjacent to the OPCW property.  Data obtained from at least one item of this equipment confirmed its operational use at multiple locations around the world, including connections to the Wi-Fi network of the CCES official’s hotel in Switzerland (the dates the conspirators conducted the Wi-Fi compromise of the senior CCES official’s laptop at the same hotel), and at another hotel in Kuala Lumpur, Malaysia in December 2017.

***

In connection with the unsealing of the indictment, and in an effort to limit further exposure of the private lives of victim athletes, the FBI seized the fancybears.net and fancybears.org domains pursuant to court orders issued on October 3, 2018, in the Western District of Pennsylvania.

The charges contained in the indictment are merely accusations, and the defendants are presumed innocent unless and until proven guilty.  Moreover, the maximum potential sentences in this case are prescribed by Congress and are provided here for informational purposes only, as any sentence of a defendant will be determined by the assigned judge.

The FBI, led by the Pittsburgh and Philadelphia Field Offices, conducted the investigation that resulted in charges announced today.  The FBI’s investigation was assisted by a parallel, independent Royal Canadian Mounted Police investigation. This case is being prosecuted by the U.S. Attorney’s Office for the Western District of Pennsylvania and the National Security Division’s Counterintelligence and Export Control Section.  The Criminal Division’s Office of International Affairs provided assistance throughout this investigation, as did the MIVD, the Government of the Netherlands, Switzerland’s Office of the Attorney General, the U.K.’s National Security and Intelligence Agencies, and many of the FBI’s Legal Attachés and other foreign authorities around the world.

Note: More information can be found at [justice.gov/opa/documents-and-resources-october-4-2018-press-conference]

National Security Division (NSD)
Press Release Number:
18 – 1296






 

 

SCW RUSSIAWIRE: “Russian spies accused of targeting watchdog investigating UK chemical attacks, probe into MH17 crash[; U.S. indicts Russian military intelligence figures” – Fox News

File Image of Stylized Eye Surrounded by Binary Code, adapted from image at ornl.gov

“Russia’s military spy service has been behind a wave of massive cyber attacks … with targets ranging from the international chemical weapons watchdog group to the probe into the downing of a Malaysian Airlines plane over Ukraine, officials said Thursday. … the [UK] National Cyber Security Centre … [indicated] that Russia’s GRU has engaged in ‘indiscriminate and reckless’ cyber attacks … target[ing] ‘political institutions, businesses, media, and sport.’ * * * ‘… demonstrat[ing] their desire to operate without regard to international law or established norms … with a feeling of impunity and without consequences,’ U.K. Foreign Secretary Jeremy Hunt said. … [T]he cyber attacks … [are said to] include the 2016 hack of the [DNC] … published … by WikiLeaks, and the leaking of top athletes’ medical records. Also on Thursday, the U.S. Justice Department charged seven Russian military intelligence officers with hacking anti-doping agencies and other organizations either remotely or … ‘on-site’ ….

[The] indictment … said that the GRU targeted … hacking victims … [for] support[ing] a ban on Russian athletes … and … condemn[ing] Russia’s state-sponsored … doping …. Prosecutors said the Russian spies also targeted a Pennsylvania-based nuclear energy company and an international organization … investigating chemical weapons in Syria and the poisoning of a former GRU officer.”

Click here for: “Russian spies accused of targeting watchdog investigating UK chemical attacks, probe into MH17 crash” – Fox News



Kremlin and St. Basil's at Night





SCW RUSSIAWIRE: “A Dossier Debunking; His lawyer says the Steele claims about Michael Cohen are false” – Wall Street Journal Editorial

Maps of Czech Republic and Environs, adapted from images at CIA.gov by Steven C. Welsh :: stevencwelsh.com :: stevencwelsh.info

“Michael Cohen’s accusations have replaced Russian collusion as Washington’s reason-du-jour to impeach Donald Trump …. Cohen’s lawyer, Lanny Davis, confirmed last week that Cohen has never been to Prague in the Czech Republic. … the Steele dossier … commissioned by oppo-research firm Fusion GPS, paid for by the Clinton campaign and used by the FBI in its Trump investigation. … claims … Cohen traveled to Prague in August or September of 2016 to discuss with Kremlin officials how to make ‘cash payments’ to hackers of the Clinton campaign. … Cohen has … offered his passport as proof. …”

Click here for: “A Dossier Debunking; His lawyer says the Steele claims about Michael Cohen are false” – Wall Street Journal Editorial







SCW RUSSIAWIRE VIDEO: “U.S.-Russian Relations – State and Treasury Department Officials Testimony Before Senate Foreign Relations Committee 7.21.18” – C-SPAN

U.S. Capitol file photo

“[July 21, 2018, Senate Foreign Relations Committee Hearing]… Topics included new reports of Russian interference in American democracy, the current state of sanctions against Russian government officials and companies, and clarifying details into the July 2018 Helsinki meeting between … Trump and … Putin. Several members referenced a recent Microsoft claim alleging a Russian plot targeting conservative think tanks and institutions.

… the second in a [series] of Senate Foreign Relations Committee hearings on … the Trump administration’s ‘overall posture on Russia.’ ….”





First time buyer SPECIAL - Free Shipping + Free Gifts

NEWSWATCH: House Intelligence Committee Report on Russia Investigation; Excerpt: Introduction and Overview

Kremlin and St. Basil's at Night

The U.S. House of Representatives Permanent Select Committee on Intelligence has issued a redacted version of a March 22, 2018, report on its investigation of Russia’s activities surrounding the 2016 U.S. election.  PDF versions are available at intelligence.house.gov/UploadedFiles/HPSCI_-_Declassified_Committee_Report_Redacted_FINAL_Redacted.pdf and docs.house.gov/meetings/IG/IG00/20180322/108023/HRPT-115-1.pdf.

U.S. Capitol file photoThe Committee found no collusion between the Trump campaign and the Russian government, yet was critical of both major presidential campaigns:

“While the Committee found no evidence that the Trump campaign colluded, coordinated, or conspired with the Russian government, the investigation did find poor judgment and ill-considered actions by the Trump and Clinton campaigns. …”



An excerpt follows:

House Permanent Select Committee on Intelligence
Report on Russian Active Measures
March 22, 2018

* * *

Introduction and Overview

(U) Russia’s interference in the 2016 U.S. presidential election was nothing novel for the Kremlin. The Kremlin aspires to sow chaos and discord and advance its agenda in targeted nations, particularly in Europe and former Soviet republics such as the Baltics and Ukraine. To do this, Russia effectively combines decades of experience in propaganda and psychological warfare techniques with its vast media apparatus, a strata of well-educated and proficient technicians, and a robust intelligence and security corps.

(U} In the United States, Russian cyberattacks related to the 2016 elections starkly highlighted technical vulnerabilities in U.S. digital infrastructure and bureaucratic shortcomings that were exploited by the Kremlin. Russia’s active measures campaign achieved its primary goal of inciting division and discord among Americans. For more than a year, U.S. politics have been consumed by bitter recriminations, charges, and counter-charges about the attacks. The reliability of the democratic vote-the bedrock of the U.S. republic-was widely and repeatedly questioned.

(U) At the time of the 2016 U.S. presidential election cycle, the Committee was already concerned with Russian malfeasance and aggression in levels that had not been seen since the Cold War. In fact, the IAA for fiscal years 2016 and 2017 included multiple provisions to improve the United States’ ability to counter Russian aggression. However, the Kremlin’s malicious activities during the 2016 U.S. presidential election triggered the Committee to announce a specific inquiry into Russia’s campaign (see Appendix B). The bipartisan parameters focused the investigation and this report-this Committee examined:

(1) Russian cyber activity and other active measures that were directed against the United States and its allies;

(2) whether the Russian active measures include links between Russia and individuals associated with presidential campaigns;

(3) the U.S. government response to these Russian active measures and what we need to do to protect ourselves and our allies in the future; and

(4) what possible leaks of classified information took place related to the Intelligence Community’s assessment of these matters.1 The Committee interviewed 73 witnesses, conducted 9 hearings and briefings, reviewed approximately 307,900 documents, and issued 20 subpoenas. This allowed the Committee to find answers crucial for identifying and addressing institutional weaknesses to assist the United States with identifying and
responding to inevitable hostile acts in the future.



(U) While the 2016 U.S. presidential election helped focus American attention on Russian cyber and information operations, the Russian government has conducted active measure campaigns in Europe for years. Believing it is engaged in an information war with the West, Russia’s influence activities employ an array of tactics-usually tailored to the target country’s population and environment-in an effort to accomplish the Kremlin’s goals. These goals generally include influencing an opponent’s leadership and population, advancing a narrative, or inducing a behavior change. The factors that make these campaigns successful also make them hard to counter. However, governments, non-governmental organizations, and media organizations in Europe have begun taking actions to address and mitigate the threat that Russian influence campaigns pose.

(U) The Russian active measures campaign against the United States was multifaceted. It leveraged cyberattacks, covert platforms, social media, third-party intermediaries, and state-run media. Hacked material was disseminated through this myriad network of actors with the objective of undermining the effectiveness of the future administration. This dissemination worked in conjunction with derisive messages posted on social media to undermine confidence in the election and sow fear and division in American society.

(U) The U.S. government’s subsequent response to the Russian active measures campaign during the 2016 election was slow [REDACTED] As that picture evolved, the FBl’s notification to victims and oversight committees was inconsistent in timeliness and quality, which contributed to the victims’ failure to both recognize the threat and defend their systems. State and local governments were slow to grasp the seriousness of the threat and when notified of breaches continued to resist any action that implied federal direction or control. Some states opted not to cooperate with important defensive measures offered by the DHS. While no tabulation systems, or systems that count votes, were impacted, the overall security posture of the U.S. federal, state, and local governments was demonstrated to be inadequate and vulnerable.

(U) The Committee’s investigation also reviewed the opening, in summer 2016, of a FBI enterprise counterintelligence investigation into [REDACTED] Trump campaign associates:
[REDACTED] Carter Page [REDACTED] Because of “the sensitivity of the matter,” the FBI did not notify congressional leadership about this investigation during the FBl’s regular counterintelligence briefings.

Three of [REDACTED] original subjects of the FBI investigation have been charged with crimes and the Committee’s review of these cases covers the period prior to the appointment of Special Counsel in May 2017.

(U) While the Committee found no evidence that the Trump campaign colluded, coordinated, or conspired with the Russian government, the investigation did find poor judgment and ill-considered actions by the Trump and Clinton campaigns. For example, the June 2016 meeting at Trump Tower between members of the Trump campaign and a Russian lawyer who falsely purported to have damaging information on the Clinton campaign demonstrated poor judgement. The Committee also found the Trump campaign’s periodic praise for and communications with Wikileaks – a hostile foreign organization-to be highly objectionable and inconsistent with U.S. national security interests. The Committee also found that the Clinton campaign and the DNC, using a series of cutouts and intermediaries to obscure their roles, paid for opposition research on Trump obtained from Russian sources, including a litany of claims by high-ranking current and former Russian government officials. Some of this opposition research was used to produce sixteen memos, which comprise what has become known as the Steele dossier.

(U) The effectiveness and relatively low cost of information operations, such as the dissemination of propaganda, make it an attractive tool for foreign adversaries. Unless the cost-benefit equation of such operations changes significantly, the Putin regime and other hostile governments will continue to pursue these attacks against the United States and its allies. Based on the investigation, the Committee recommends several solutions to help safeguard U.S. and allies’ political processes from nefarious actors, such as the Russians. …





 

NEWSWATCH [Symantec 10.20.17]: “Dragonfly: Western energy sector targeted by sophisticated attack group; Resurgence in energy sector attacks, with the potential for sabotage, linked to re-emergence of Dragonfly cyber espionage group.” – SCW RUSSIA WIRE

File Photo of Electrical Power Lines in Countryside with Sunset in Background, adapted from image at energy.gov

“The energy sector in Europe and North America is being targeted by a … wave of cyber attacks that could provide attackers with the means to severely disrupt affected operations. The group behind these attacks is known as Dragonfly. … in operation since at least 2011 … [they have] re-emerged over the past two years from a quiet period following exposure by Symantec and a number of other researchers in 2014. … ‘Dragonfly 2.0’ campaign … appears to have begun in late 2015 [and] shares tactics and tools used in earlier campaigns …. disruptions to Ukraine’s power system in 2015 and 2016 were attributed to a cyber attack …. there have also been media reports of attempted attacks on the electricity grids in some European countries, as well as reports of companies that manage nuclear facilities in the U.S. being compromised by hackers. The Dragonfly group appears to be interested in … learning how energy facilities operate and … gaining access to operational systems themselves … the group now potentially has the ability to sabotage or gain control of these systems should it decide to do so. …”

Click here for: “Dragonfly: Western energy sector targeted by sophisticated attack group Resurgence in energy sector attacks, with the potential for sabotage, linked to re-emergence of Dragonfly cyber espionage group.” – Symantec 10.20.17







NEWSWATCH: “In a first, U.S. blames Russia for cyber attacks on energy grid” – Reuters – SCW RUSSIA WIRE

File Image of Stylized Eye Surrounded by Binary Code, adapted from image at ornl.gov

“The Trump administration … blamed the Russian government for … cyber attacks stretching back at least two years that targeted the U.S. power grid … the first time the United States has publicly accused Moscow of hacking into American energy infrastructure. … Russian government hackers sought to penetrate multiple U.S. critical infrastructure sectors, including energy, nuclear, commercial facilities, water, aviation and manufacturing …. a ‘multi-stage intrusion campaign by Russian government cyber actors’ had targeted the networks of small commercial facilities ‘where they staged malware, conducted spear phishing, and gained remote access into energy sector networks.’  * * *  … Thursday’s alert provided a link to an analysis by … Symantec last fall that said a group it had dubbed Dragonfly had targeted energy companies in the United States and Europe and in some cases broke into the core systems that control the companies’ operations. …”

Click here for: “In a first, U.S. blames Russia for cyber attacks on energy grid” – Reuters







SCW RUSSIA WIRE NEWSWATCH: “Britain says former Russian spy poisoned with nerve agent” – Reuters/Toby Melville, Estelle Shirbon, Kate Kelland, Guy Faulconbridge, Michael Holden, Gareth Jones

“A nerve agent was used to deliberately poison a former Russian double agent and his daughter, Britain’s top counter-terrorism officer said …. Sergei Skripal, once a colonel in Russia’s GRU military intelligence service, and his 33-year-old daughter, Yulia, were found slumped unconscious on a bench … in the southern English city of Salisbury … Both remain critically ill and a police officer who attended the scene is also in a serious condition in hospital. * * * … a U.S. security source, speaking on condition of anonymity, said the main line of police inquiry was that Russians may have used the substance against Skripal in revenge …. Skripal betrayed dozens of Russian agents to British intelligence before his arrest by Russian authorities in 2004. … given refuge in Britain after being exchanged for Russian spies caught in the West as part of a Cold War-style spy swap ….”

Click here for: “Britain says former Russian spy poisoned with nerve agent” – Reuters/Toby Melville, Estelle Shirbon, Kate Kelland, Guy Faulconbridge, Michael Holden, Gareth Jones







NEWSWATCH: “Trump fires FBI Director Comey” – Fox News

FBI Building file photo

“… Trump on Tuesday fired FBI Director James Comey … ending a rocky year-long stretch for the top law enforcement officer who came under fire for his handling of the Clinton email probe — and whose agency has been investigating whether Trump’s campaign had ties to Russia. …

The president told Comey in a brief letter that he could not ‘effectively lead’ the bureau and called for ‘new leadership that restores public trust and confidence’ in law enforcement.

White House Press Secretary Sean Spicer said the president’s decision was based on ‘the clear recommendations’ of Attorney General Jeff Sessions and Deputy Attorney General Rod Rosenstein. …”

Click here for: “Trump fires FBI Director Comey” – Fox News





 

NEWSLINK: “U.S. general in #Afghanistan says there is no doubt #Russia is providing weapons to #Taliban” – Telegraph

Afghanistan and Environs Ethnic Map

“America’s top general in #Afghanistan has said there was no doubt that #Russia was providing weapons to the #Taliban. In the strongest statement yet over Russia’s apparent re-engagement in the Afghanistan war, Gen. John #Nicholson said he would “not refute” that #Moscow’s involvement included giving weapons to the Taliban.
He was speaking in Kabul alongside James #Mattis, the US defence secretary, who said that America needed to confront Russia over its actions in Afghanistan, where the Soviet Union fought and lost a bloody war in the 1980s.