“Russian investigators … opened a criminal probe into a failed rocket launch that caused a two-man crew to make an emergency landing shortly after blast-off to the [International Space Station] …. U.S. astronaut Nick Hague and Russian cosmonaut Aleksey Ovchinin were rescued without injuries …. An ‘anomaly’ with the booster led to the voyage … being aborted two minutes in, NASA said. The Russian space industry has suffered a series of problems in recent years, including the loss of a number of satellites and cargo spacecraft. [Roscosmo is headed by] Dmitry Rogozin … appointed by … Putin ….”
“… Accused by a number of Western nations and their Middle Eastern allies of war crimes, Assad has managed to largely overcome a 2011 rebel and jihadi uprising with the support of Russia and Iran. * * * The United States, Israel, Qatar, Saudi Arabia and Turkey were among the countries to fund efforts to overthrow the Syrian leader. The rise of ultraconservative Sunni Muslim organizations such as the Islamic State … and a sweeping Syrian military comeback … have changed the dynamics ….Defense Secretary James Mattis [said] in August that the U.S. goal was to ‘move the Syria civil war into the Geneva process so the Syrian people can establish a new government … not led by Assad and give them a chance for a future that Assad has denied them, with overt Russian and Iranian support.’ A document submitted by Secretary of State Mike Pompeo and other top diplomats … stressed that their countries would not support Syrian reconstruction efforts ‘before the beginning of political process led by the United Nations to achieve a comprehensive, honest and true political transition that cannot be reversed,’ according to Saudi Arabia’s Asharq Al-Awsat newspaper. …”
SCW RUSSIAWIRE TRANSCRIPT, LINKS, WANTED POSTER: “U.S. Charges Russian GRU Officers with International Hacking and Related Influence and Disinformation Operations” – DOJ
FBI wanted poster and DOJ news release follow further below
Click here for:
- PDF of the 41-page indictment
- DOJ links hub for related materials
- DOJ news release
- FBI Wanted Poster
In the latest round of U.S. indictments of Russian figures in connection with espionage, hacking, or other covert activities, the U.S. Department of Justice, on Thursday, Oct. 4, 2018, announced an indictment, in the U.S. District Court for the Western District of Pennsylvania, of Russian GRU military intelligence officers Leksei Sergeyevich Morenets, Evgenii Mikhaylovich Serebriakov, Ivan Sergeyevich Yermakov, Artem Andreyevich Malyshev, Dmitriy Sergeyevich Badin, Oleg Mikhaylovich Sotnikov and Alexey Valerevich Minin, for conspiracy, wire fraud, conspiracy to commit wire fraud, aggravated identity theft and conspiracy to launder money.
The Russian hacking and other covert activities were alleged to included activities targeting: international efforts against Russia’s state-sponsored program athletic doping; international efforts to enforce international norms regarding chemical weapons; and Westinghouse in western Pennsylvania.
[TRANSCRIPT OF DOJ NEWS RELEASE FOLLOWS]
Department of Justice
Office of Public Affairs
FOR IMMEDIATE RELEASE
Thursday, October 4, 2018
U.S. Charges Russian GRU Officers with International Hacking and Related Influence and Disinformation Operations
Conspirators Included a Russian Intelligence “Close Access” Hacking Team that Traveled Abroad to Compromise Computer Networks Used by Anti-Doping and Sporting Officials and Organizations Investigating Russia’s Use of Chemical Weapons
A grand jury in the Western District of Pennsylvania has indicted seven defendants, all officers in the Russian Main Intelligence Directorate (GRU), a military intelligence agency of the General Staff of the Armed Forces of the Russian Federation, for computer hacking, wire fraud, aggravated identity theft, and money laundering.
According to the indictment, beginning in or around December 2014 and continuing until at least May 2018, the conspiracy conducted persistent and sophisticated computer intrusions affecting U.S. persons, corporate entities, international organizations, and their respective employees located around the world, based on their strategic interest to the Russian government.
Among the goals of the conspiracy was to publicize stolen information as part of an influence and disinformation campaign designed to undermine, retaliate against, and otherwise delegitimize the efforts of international anti-doping organizations and officials who had publicly exposed a Russian state-sponsored athlete doping program and to damage the reputations of athletes around the world by falsely claiming that such athletes were using banned or performance-enhancing drugs.
The charges were announced at a press conference by Assistant Attorney General for National Security John C. Demers, United States Attorney for the Western District of Pennsylvania Scott W. Brady, FBI Deputy Assistant Director for Cyber Division, Eric Welling, and Director General Mark Flynn for the Royal Canadian Mounted Police.
“State-sponsored hacking and disinformation campaigns pose serious threats to our security and to our open society, but the Department of Justice is defending against them,” Attorney General Jeff Sessions said. “Today we are indicting seven GRU officers for multiple felonies each, including the use of hacking to spread the personal information of hundreds of anti-doping officials and athletes as part of an effort to distract from Russia’s state-sponsored doping program. The defendants in this case allegedly targeted multiple Americans and American entities for hacking, from our national anti-doping agency to the Westinghouse Electric Company near Pittsburgh. We are determined to achieve justice in these cases and we will continue to protect the American people from hackers and disinformation.”
“The investigation leading to the indictments announced t (link is external)oday is the FBI at its best,” said FBI Director Christopher Wray. “The actions of these seven hackers, all working as officials for the Russian government, were criminal, retaliatory, and damaging to innocent victims and the United States’ economy, as well as to world organizations. Their actions extended beyond borders, but so did the FBI’s investigation. We worked closely with our international partners to identify the actors and disrupt their criminal campaign – and today, we are sending this message: The FBI will not permit any government, group, or individual to threaten our people, our country, or our partners. We will work tirelessly to find them, stop them, and bring them to justice.”
“We want the hundreds of victims of these Russian hackers to know that we will do everything we can to hold these criminals accountable for their crimes,” said U.S. Attorney Brady. State actors who target U.S. citizens and companies are no different than any other common criminal: they will be investigated and prosecuted to the fullest extent of the law.”
The defendants, all Russian nationals and residents, are Aleksei Sergeyevich Morenets, 41, Evgenii Mikhaylovich, Serebriakov, 37, Ivan Sergeyevich Yermakov, 32, Artem Andreyevich Malyshev, 30, and Dmitriy Sergeyevich Badin, 27, who were each assigned to Military Unit 26165, and Oleg Mikhaylovich Sotnikov, 46, and Alexey Valerevich Minin, 46, who were also GRU officers.
The indictment alleges that defendants Yermakov, Malyshev, Badin, and unidentified conspirators, often using fictitious personas and proxy servers, researched victims, sent spearphishing emails, and compiled, used, and monitored malware command and control servers.
When the conspirators’ remote hacking efforts failed to capture log-in credentials, or if the accounts that were successfully compromised did not have the necessary access privileges for the sought-after information, teams of GRU technical intelligence officers, including Morenets, Serebriakov, Sotnikov, and Minin, traveled to locations around the world where targets were physically located. Using specialized equipment, and with the remote support of conspirators in Russia, including Yermakov, these close access teams hacked computer networks used by victim organizations or their personnel through Wi-Fi connections, including hotel Wi-Fi networks. After a successful hacking operation, the close access team transferred such access to conspirators in Russia for exploitation.
Among other instances, the indictment alleges that following a series of high-profile independent investigations starting in 2015, which publicly exposed Russia’s systematic state-sponsored subversion of the drug testing processes prior to, during, and subsequent to the 2014 Sochi Winter Olympics (according to one report, known as the “McLaren Report”), the conspirators began targeting systems used by international anti-doping organizations and officials. After compromising those systems, the defendants stole credentials, medical records, and other data, including information regarding therapeutic use exemptions (TUEs), which allow athletes to use otherwise prohibited substances.
Using social media accounts and other infrastructure acquired and maintained by GRU Unit 74455 in Russia, the conspiracy thereafter publicly released selected items of stolen information, in many cases in a manner that did not accurately reflect their original form, under the false auspices of a hacktivist group calling itself the “Fancy Bears’ Hack Team.” As part of its influence and disinformation efforts, the Fancy Bears’ Hack Team engaged in a concerted effort to draw media attention to the leaks through a proactive outreach campaign. The conspirators exchanged e-mails and private messages with approximately 186 reporters in an apparent attempt to amplify the exposure and effect of their message.
Each defendant is charged with one count of conspiracy to commit computer fraud and abuse, which carries a maximum sentence of five years in prison, one count each of conspiracy to commit wire fraud and conspiracy to commit money laundering, both of which carry a maximum sentence of 20 years. Defendants Morenets, Serebriakov, Yermakov, Malyshev, and Badin are each also charged with two counts of aggravated identity theft, which carries a consecutive sentence of two years in prison. Defendant Yermakov is also charged with five counts of wire fraud, which carries a maximum sentence of 20 years.
Defendants Yermakov, Malyshev, and Badin are also charged defendants in federal indictment number CR 18-215 in the District of Columbia, and accused of conspiring to gain unauthorized access into the computers of U.S. persons and entities involved in the 2016 U.S. presidential election, steal documents from those computers, and stage releases of the stolen documents to interfere with the 2016 U.S. presidential election.
According to the indictment:
Context of the Hacking and Related Influence and Disinformation Efforts
In July 2016, the World Anti-Doping Agency’s (WADA) Independent Person Report (the “First McLaren Report”) was released, describing Russia’s systematic state-sponsored subversion of the drug testing process prior to, during, and subsequent to the 2014 Sochi Winter Olympics. This investigation had the support of advocates for clean sports, including the United States Anti-Doping Agency (USADA), the Canadian Centre for Ethics in Sport (CCES, Canada’s anti-doping agency). Eventually, in some instances only after arbitration rulings by the International Court of Arbitration for Sport (TAS/CAS), approximately 111 Russian athletes were excluded from the 2016 Summer Olympic Games, in Rio de Janeiro, Brazil, by a number of international athletics federations, including track-and-field’s International Association of Athletics Federations (IAAF). The International Paralympic Committee (IPC) further imposed a blanket ban of Russian athletes from the 2016 Paralympic Games, which were also held in Rio.
Intrusion Activities in Rio de Janeiro, Brazil
Days after the release of the First McLaren Report and the International Olympic Committee’s and IPC’s subsequent decisions regarding the exclusion of Russian athletes, the conspirators prepared to hack into the networks of WADA, the United States Anti-Doping Agency (USADA), and TAS/CAS. The conspirators, including specifically defendants Yermakov and Malyshev, procured spoofed domains (which mimicked legitimate WADA and TAS/CAS domains) and other infrastructure, probed such entities’ networks, and spearphished WADA and USADA employees. Although Yermakov and Malyshev are both alleged to have prepared to send spearphishing e-mails to TAS/CAS, the indictment does not allege that organization was compromised.
Likely as a result of the conspirators’ failure to capture necessary log-in credentials, or because those victim accounts that were successfully compromised did not have the necessary access privileges for the sought-after information, defendants Morenets and Serebriakov, in at least one instance with the remote support of Yermakov, deployed to Rio to conduct hacking operations targeting and maintaining persistent access to Wi-Fi networks used by anti-doping officials. As a result of these efforts, in August 2016, the conspirators captured that IOC official’s credentials and thereafter used them, and another set of credentials belonging to the same official to gain unauthorized access to an account in WADA’s ADAMS database and medical and anti-doping related information contained therein. (The broader ADAMS database was not compromised in the intrusion.)
Also in 2016, a senior USADA anti-doping official traveled to Rio de Janeiro for the Olympics and Paralympic games. While there, the USADA official used Wi-Fi at the hotel and other Wi-Fi access points in Rio to remotely access USADA’s computer systems and conduct official business. While the USADA official was in Rio, conspirators successfully compromised the credentials for his or her USADA email account, which included summaries of athlete test results and prescribed medications.
Intrusion Activities in Lausanne, Switzerland
In mid-September 2016, WADA hosted an anti-doping conference in Lausanne, Switzerland. On September 18, 2016, defendants Morenets and Serebriakov traveled to Lausanne with equipment used in close access Wi-Fi compromises. On or about September 19, 2016, Morenets and Serebriakov compromised the Wi-Fi network of a hotel hosting the conference and leveraged that access to compromise the laptop and credentials of a senior CCES official staying at the hotel. Other conspirators thereafter used the stolen credentials to compromise CCES’s networks in Canada, using a tool used to extract hashed passwords, the metadata of which indicated it was compiled by Badin.
Intrusion Targeting Anti-Doping Officials at Sporting Federations
In December 2016 and January 2017, conspirators successfully compromised the networks of IAAF and the Fédération Internationale de Football Association (“FIFA”) and targeted computers and accounts used by each organization’s top anti-doping official. Among the data stolen from such officials were keylogs, file directories, anti-doping policies and strategies, lab results, medical reports, contracts with doctors and medical testing labs, information about medical testing procedures, and TUEs.
Related GRU Influence and Disinformation Operations
On September 12, 2016, shortly after the compromise of the IOC official’s ADAMS credentials, but before the compromise of USADA’s and CCES’s networks, conspirators claiming to be the hacktivist group Fancy Bears’ Hack Team used online accounts and other infrastructure procured and managed by Unit 74455, as well as the website fancybears.net, to publicly release TUEs, other medical information, and emails stolen from anti-doping officials at WADA, USADA, CCES, IAAF, FIFA, and approximately 35 other anti-doping agencies or sporting organizations. In some instances, the WADA documents were modified from their original form. Ultimately, the Fancy Bears’ Hack Team released stolen information that included private or medical information of approximately 250 athletes from almost 30 countries.
The conspirators’ release of the stolen information was, in some instances, accompanied by posts and other communications that parroted or supported themes that the Russian government had used in its official narrative regarding the anti-doping agencies’ investigative findings. From 2016 through 2018, the conspirators engaged in a proactive outreach campaign, using Twitter and e-mail to communicate with approximately 186 reporters about the stolen information. After articles were published, conspirators used the Fancy Bears’ Hack Team social media accounts to draw attention to the articles in an attempt to amplify the exposure and effect of their message.
Other Targets of the Conspiracy
The conspiracy is also alleged to have targeted other entities in the Western District of Pennsylvania and abroad that were of interest to the Russian government. For example, as early as November 20, 2014, Yermakov performed reconnaissance of Westinghouse Electric Company’s (WEC) networks and personnel. In the following months, Yermakov and conspirators created a fake WEC domain and sent spearphishing emails to WEC employees’ work and personal email accounts, which were designed to harvest the employees’ log-in credentials.
More recently, in April 2018, Morenets, Serebriakov, Sotnikov, and Minin, all using diplomatic passports, traveled to The Hague in the Netherlands in furtherance of another close access operation targeting the Organisation for the Prohibition of Chemical Weapons (OPCW) computer networks through Wi-Fi connections. All four GRU officers intended to travel thereafter to Spiez, Switzerland, to target the Spiez Swiss Chemical Laboratory, an accredited laboratory of the OPCW which was analyzing military chemical agents, including the chemical agent that the United Kingdom authorities connected to the poisoning of a former GRU officer in that country. However, Morenets, Serebriakov, Sotnikov, and Minin were disrupted during their OPCW hacking operation by the Militaire Inlichtingen- en Veiligheidsdienst (MIVD), the Dutch defense intelligence service. As part of this disruption, Morenet’s and Serebriakov’s abandoned the Wi-Fi compromise equipment, which they had placed in the trunk of a rental car parked adjacent to the OPCW property. Data obtained from at least one item of this equipment confirmed its operational use at multiple locations around the world, including connections to the Wi-Fi network of the CCES official’s hotel in Switzerland (the dates the conspirators conducted the Wi-Fi compromise of the senior CCES official’s laptop at the same hotel), and at another hotel in Kuala Lumpur, Malaysia in December 2017.
In connection with the unsealing of the indictment, and in an effort to limit further exposure of the private lives of victim athletes, the FBI seized the fancybears.net and fancybears.org domains pursuant to court orders issued on October 3, 2018, in the Western District of Pennsylvania.
The charges contained in the indictment are merely accusations, and the defendants are presumed innocent unless and until proven guilty. Moreover, the maximum potential sentences in this case are prescribed by Congress and are provided here for informational purposes only, as any sentence of a defendant will be determined by the assigned judge.
The FBI, led by the Pittsburgh and Philadelphia Field Offices, conducted the investigation that resulted in charges announced today. The FBI’s investigation was assisted by a parallel, independent Royal Canadian Mounted Police investigation. This case is being prosecuted by the U.S. Attorney’s Office for the Western District of Pennsylvania and the National Security Division’s Counterintelligence and Export Control Section. The Criminal Division’s Office of International Affairs provided assistance throughout this investigation, as did the MIVD, the Government of the Netherlands, Switzerland’s Office of the Attorney General, the U.K.’s National Security and Intelligence Agencies, and many of the FBI’s Legal Attachés and other foreign authorities around the world.
Note: More information can be found at [justice.gov/opa/documents-and-resources-october-4-2018-press-conference]
National Security Division (NSD)
Press Release Number:
18 – 1296
SCW RUSSIAWIRE: “Russia Inc. Isn’t Waiting for Central Bank to Brave a Rate Hike” – Bloomberg/Anna Andrianova
“The cost of money is rising for Russians well ahead of any potential central bank move to lift interest rates for the first time in almost four years amid concern the U.S. may impose fresh sanctions. State-run Sberbank PJSC, which holds almost half of all Russian savings, is increasing rates for ruble accounts for the first time since 2014. … [and] pay[ing] consumers more to keep dollars on deposit to stanch an outflow …. One of the country’s five largest mortgage lenders, Raiffeisenbank JSC, is charging more for home loans …. From sausages to gasoline, inflation is on the march …. with the central bank’s benchmark on hold at 7.25 percent since a quarter-point cut in March, rates adjusted for inflation remain among Europe’s highest …. “
Click here for: “Russia Inc. Isn’t Waiting for Central Bank to Brave a Rate Hike” – Bloomberg/Anna Andrianova
SCW RUSSIAWIRE VIDEO: “U.S.-Russian Relations – State and Treasury Department Officials Testimony Before Senate Foreign Relations Committee 7.21.18” – C-SPAN
“[July 21, 2018, Senate Foreign Relations Committee Hearing]… Topics included new reports of Russian interference in American democracy, the current state of sanctions against Russian government officials and companies, and clarifying details into the July 2018 Helsinki meeting between … Trump and … Putin. Several members referenced a recent Microsoft claim alleging a Russian plot targeting conservative think tanks and institutions.
… the second in a [series] of Senate Foreign Relations Committee hearings on … the Trump administration’s ‘overall posture on Russia.’ ….”
NEWSWATCH: “U.S. judge says Mueller should not have ‘unfettered power’ in Russia probe” – Reuters/Sarah N. Lynch
“A federal judge said Special Counsel Robert Mueller should not have ‘unfettered power’ in probing ties between … Trump’s campaign and Russia … accus[ing] Mueller of using criminal cases to pressure Trump’s allies to turn against him. At a tense hearing in a federal court in Virginia … U.S. District Judge T.S. Ellis III sharply questioned whether Mueller exceeded his authority in filing tax and bank fraud charges against Trump’s former campaign manager, Paul Manafort. … ‘I’ve been saying that for a long time. It’s a witch hunt,’ [Trump] said of Mueller’s probe ….”
Click here for: “U.S. judge says Mueller should not have ‘unfettered power’ in Russia probe” – Reuters/Sarah N. Lynch
NEWSWATCH: House Intelligence Committee Report on Russia Investigation; Excerpt: Introduction and Overview
The U.S. House of Representatives Permanent Select Committee on Intelligence has issued a redacted version of a March 22, 2018, report on its investigation of Russia’s activities surrounding the 2016 U.S. election. PDF versions are available at intelligence.house.gov/UploadedFiles/HPSCI_-_Declassified_Committee_Report_Redacted_FINAL_Redacted.pdf and docs.house.gov/meetings/IG/IG00/20180322/108023/HRPT-115-1.pdf.
“While the Committee found no evidence that the Trump campaign colluded, coordinated, or conspired with the Russian government, the investigation did find poor judgment and ill-considered actions by the Trump and Clinton campaigns. …”
An excerpt follows:
House Permanent Select Committee on Intelligence
Report on Russian Active Measures
March 22, 2018
* * *
Introduction and Overview
(U) Russia’s interference in the 2016 U.S. presidential election was nothing novel for the Kremlin. The Kremlin aspires to sow chaos and discord and advance its agenda in targeted nations, particularly in Europe and former Soviet republics such as the Baltics and Ukraine. To do this, Russia effectively combines decades of experience in propaganda and psychological warfare techniques with its vast media apparatus, a strata of well-educated and proficient technicians, and a robust intelligence and security corps.
(U} In the United States, Russian cyberattacks related to the 2016 elections starkly highlighted technical vulnerabilities in U.S. digital infrastructure and bureaucratic shortcomings that were exploited by the Kremlin. Russia’s active measures campaign achieved its primary goal of inciting division and discord among Americans. For more than a year, U.S. politics have been consumed by bitter recriminations, charges, and counter-charges about the attacks. The reliability of the democratic vote-the bedrock of the U.S. republic-was widely and repeatedly questioned.
(U) At the time of the 2016 U.S. presidential election cycle, the Committee was already concerned with Russian malfeasance and aggression in levels that had not been seen since the Cold War. In fact, the IAA for fiscal years 2016 and 2017 included multiple provisions to improve the United States’ ability to counter Russian aggression. However, the Kremlin’s malicious activities during the 2016 U.S. presidential election triggered the Committee to announce a specific inquiry into Russia’s campaign (see Appendix B). The bipartisan parameters focused the investigation and this report-this Committee examined:
(1) Russian cyber activity and other active measures that were directed against the United States and its allies;
(2) whether the Russian active measures include links between Russia and individuals associated with presidential campaigns;
(3) the U.S. government response to these Russian active measures and what we need to do to protect ourselves and our allies in the future; and
(4) what possible leaks of classified information took place related to the Intelligence Community’s assessment of these matters.1 The Committee interviewed 73 witnesses, conducted 9 hearings and briefings, reviewed approximately 307,900 documents, and issued 20 subpoenas. This allowed the Committee to find answers crucial for identifying and addressing institutional weaknesses to assist the United States with identifying and
responding to inevitable hostile acts in the future.
(U) While the 2016 U.S. presidential election helped focus American attention on Russian cyber and information operations, the Russian government has conducted active measure campaigns in Europe for years. Believing it is engaged in an information war with the West, Russia’s influence activities employ an array of tactics-usually tailored to the target country’s population and environment-in an effort to accomplish the Kremlin’s goals. These goals generally include influencing an opponent’s leadership and population, advancing a narrative, or inducing a behavior change. The factors that make these campaigns successful also make them hard to counter. However, governments, non-governmental organizations, and media organizations in Europe have begun taking actions to address and mitigate the threat that Russian influence campaigns pose.
(U) The Russian active measures campaign against the United States was multifaceted. It leveraged cyberattacks, covert platforms, social media, third-party intermediaries, and state-run media. Hacked material was disseminated through this myriad network of actors with the objective of undermining the effectiveness of the future administration. This dissemination worked in conjunction with derisive messages posted on social media to undermine confidence in the election and sow fear and division in American society.
(U) The U.S. government’s subsequent response to the Russian active measures campaign during the 2016 election was slow [REDACTED] As that picture evolved, the FBl’s notification to victims and oversight committees was inconsistent in timeliness and quality, which contributed to the victims’ failure to both recognize the threat and defend their systems. State and local governments were slow to grasp the seriousness of the threat and when notified of breaches continued to resist any action that implied federal direction or control. Some states opted not to cooperate with important defensive measures offered by the DHS. While no tabulation systems, or systems that count votes, were impacted, the overall security posture of the U.S. federal, state, and local governments was demonstrated to be inadequate and vulnerable.
(U) The Committee’s investigation also reviewed the opening, in summer 2016, of a FBI enterprise counterintelligence investigation into [REDACTED] Trump campaign associates:
[REDACTED] Carter Page [REDACTED] Because of “the sensitivity of the matter,” the FBI did not notify congressional leadership about this investigation during the FBl’s regular counterintelligence briefings.
Three of [REDACTED] original subjects of the FBI investigation have been charged with crimes and the Committee’s review of these cases covers the period prior to the appointment of Special Counsel in May 2017.
(U) While the Committee found no evidence that the Trump campaign colluded, coordinated, or conspired with the Russian government, the investigation did find poor judgment and ill-considered actions by the Trump and Clinton campaigns. For example, the June 2016 meeting at Trump Tower between members of the Trump campaign and a Russian lawyer who falsely purported to have damaging information on the Clinton campaign demonstrated poor judgement. The Committee also found the Trump campaign’s periodic praise for and communications with Wikileaks – a hostile foreign organization-to be highly objectionable and inconsistent with U.S. national security interests. The Committee also found that the Clinton campaign and the DNC, using a series of cutouts and intermediaries to obscure their roles, paid for opposition research on Trump obtained from Russian sources, including a litany of claims by high-ranking current and former Russian government officials. Some of this opposition research was used to produce sixteen memos, which comprise what has become known as the Steele dossier.
(U) The effectiveness and relatively low cost of information operations, such as the dissemination of propaganda, make it an attractive tool for foreign adversaries. Unless the cost-benefit equation of such operations changes significantly, the Putin regime and other hostile governments will continue to pursue these attacks against the United States and its allies. Based on the investigation, the Committee recommends several solutions to help safeguard U.S. and allies’ political processes from nefarious actors, such as the Russians. …
NEWSWATCH [Symantec 10.20.17]: “Dragonfly: Western energy sector targeted by sophisticated attack group; Resurgence in energy sector attacks, with the potential for sabotage, linked to re-emergence of Dragonfly cyber espionage group.” – SCW RUSSIA WIRE
“The energy sector in Europe and North America is being targeted by a … wave of cyber attacks that could provide attackers with the means to severely disrupt affected operations. The group behind these attacks is known as Dragonfly. … in operation since at least 2011 … [they have] re-emerged over the past two years from a quiet period following exposure by Symantec and a number of other researchers in 2014. … ‘Dragonfly 2.0’ campaign … appears to have begun in late 2015 [and] shares tactics and tools used in earlier campaigns …. disruptions to Ukraine’s power system in 2015 and 2016 were attributed to a cyber attack …. there have also been media reports of attempted attacks on the electricity grids in some European countries, as well as reports of companies that manage nuclear facilities in the U.S. being compromised by hackers. The Dragonfly group appears to be interested in … learning how energy facilities operate and … gaining access to operational systems themselves … the group now potentially has the ability to sabotage or gain control of these systems should it decide to do so. …”
Click here for: “Dragonfly: Western energy sector targeted by sophisticated attack group Resurgence in energy sector attacks, with the potential for sabotage, linked to re-emergence of Dragonfly cyber espionage group.” – Symantec 10.20.17
NEWSWATCH: “In a first, U.S. blames Russia for cyber attacks on energy grid” – Reuters – SCW RUSSIA WIRE
“The Trump administration … blamed the Russian government for … cyber attacks stretching back at least two years that targeted the U.S. power grid … the first time the United States has publicly accused Moscow of hacking into American energy infrastructure. … Russian government hackers sought to penetrate multiple U.S. critical infrastructure sectors, including energy, nuclear, commercial facilities, water, aviation and manufacturing …. a ‘multi-stage intrusion campaign by Russian government cyber actors’ had targeted the networks of small commercial facilities ‘where they staged malware, conducted spear phishing, and gained remote access into energy sector networks.’ * * * … Thursday’s alert provided a link to an analysis by … Symantec last fall that said a group it had dubbed Dragonfly had targeted energy companies in the United States and Europe and in some cases broke into the core systems that control the companies’ operations. …”
SCW RUSSIA WIRE NEWSWATCH: “Strategic Warning on NATO’s Eastern Flank Pitfalls, Prospects, and Limits” – RAND/Mark R. Cozad
“Since 2008, Russia’s military has embarked on an extensive modernization program designed to overcome shortfalls in readiness, competence, sustainability, and deployability. These and changes in logistics and operational capability have raised concerns about the Intelligence Community’s (IC’s) ability to warn of future Russian aggression. Achieving timely warning has proven extremely difficult, for a variety of reasons, in large part because of a lack of insight into Russian leadership intentions.”
Click here for Introductory Summary: “Strategic Warning on NATO’s Eastern Flank Pitfalls, Prospects, and Limits” – RAND/Mark R. Cozad
Click here for Full PDF of Report: “Strategic Warning on NATO’s Eastern Flank Pitfalls, Prospects, and Limits” – RAND/Mark R. Cozad
“President Vladimir #Putin is pushing a plan with U.S. President Donald #Trump to create security zones and deploy peacekeepers in #Syria — possibly including #Russian forces — to enforce a faltering cease-fire as he tries to find a resolution to the more than six-year conflict. …”
NEWSLINK: “#Russian Military Planes Crowd the U.S. for a Fourth Day; U.S., Canadian fighters intercept long-range bombers” – Wall Street Journal 4.21.17
“#Russia flew long-range combat aircraft near American airspace for the fourth consecutive day, the Pentagon said Friday, marking the first such string of incursions since 2014, but prompting little concern from the White House. American and Canadian jet fighters intercepted a pair of Russian “Bear” long-range bombers in international airspace near #Alaska on Thursday, said … a spokesman for North American Aerospace Defense Command, or #Norad. …”
“#Russia has protested the U.S.’ refusal to allow its inspectors to participate in a formal investigation into a chemical weapons attack that struck the rebel-held town of Khan Sheikhan in northern Idlib, #Syria, earlier this month.”
VIDEO NEWSWATCH: “Syria, Russia Would Be ‘Insane’ to Retaliate Over U.S. Airstrikes, Former U.S. Ambassador Says” – Fox News
“… In the wake of the airstrikes on a military base in Syria after a deadly chemical attack on civilians, Russia announced it was suspending cooperation of its communication link with the U.S. that protects pilots flying missions over the war-torn country. ‘I think that is a major mistake on the part of Moscow… they’re actually putting their own forces in greater jeopardy,’ Crocker said. ‘It would be to Moscow’s benefit to have these basic lines of communication. So they will lose more than we will.’ …”
Click here for: “Syria, Russia Would Be ‘Insane’ to Retaliate Over US Airstrikes, Former US Ambassador Says” – Fox News
“Moscow on Monday backed national security adviser Mike Flynn, saying he never improperly discussed sanctions with the Russian ambassador. ‘We have already said there have not been any such talks,” insisted Kremlin spokesman Dmitry Peskov, when asked whether Flynn and envoy Sergey Kislyak talked about rolling back tough sanctions imposed by President Obama, once President Trump had assumed office, TASS reported.”
“… What is illegal is leaking highly sensitive classified information about signals intelligence from spying on the Russian ambassador. And what also is illegal is the CIA spying, even incidentally, on Americans. This is not a maybe, or an if, or a sorta. It is ILLEGAL. The aforementioned nine officials should be found, prosecuted, and, if found guilty, imprisoned for leaking classified information. That they did so for political reasons is all the more despicable. …”
“#GOP leaders reject suggestion of a moral equivalence between U.S., #Putin; #Pence sees path to end #sanctions”
NEWSLINK: “#Kasparov: Comparing USA to #Russia like comparing surgeon to Jack the Ripper” – The Hill/Garry Kasparov
“The chairman of the Human Rights Foundation, Russian chess master Garry #Kasparov, criticized President Donald #Trump Sunday for implying this weekend that the United States isn’t so pure when it comes to condemning #Russia’s human rights record. ‘Comparing the USA to Putin’s Russia is like comparing a surgeon to Jack the Ripper because they both cut people with knives,’ Kasparov tweeted, referencing Russian President Vladimir Putin and the 19th century London serial killer who slashed his victims.”
“… #Trump pledged to work with both #Russia and #Ukraine to restore peace on the border, in a Saturday interview with Fox News. Trump’s comments come amid intense fighting in eastern Ukraine between the military and Russian-backed separatists. Russia illegally annexed Crimea in 2014, and is under international sanction by the U.S. and European Union. Russian President Vladimir Putin traveled to Crimea in August to reportedly ‘mull anti-terror measures.’ The uptick in violence may be Putin’s first test of Trump. Trump told Fox News, ‘we will work with Ukraine, Russia and all other parties involved to help them restore peace along the border.'”
The #Trump administration on Thursday altered #sanctions against companies doing business with #Russia’s domestic intelligence agency. The Treasury Department said it will allow American companies to make limited transactions with the #FSB, the successor to the #KGB, if it needs them to get approval to import or distribute technology products in Russia. The exception will also apply to situations in which companies need to comply with rules administered by the FSB. The implications of the move were not immediately clear, but the U.S. has taken similar steps in the past to help businesses avoid unintended consequences on cross-border transactions.
NEWSLINK: “Team #Trump: Flynn called #Russia ambassador, no sanction talk ‘plain and simple'” – Fox News
“The Donald #Trump transition team has acknowledged that its incoming national security adviser has been in contact with #Russia’s ambassador but denies reports they were plotting over recently imposed #sanctions on Moscow. … a call on Dec. 29, the day President #Obama hit Russia for election-related #hacking … was about ‘logistics’ for a call between … #Putin and #Trump, who on Friday is sworn-in as president. …”
“President-elect Donald #Trump’s nominees for defence secretary and spy chief have been talking tough on #Russia at their Senate confirmation hearings.”
“… #Trump and … #Putin spent some time on the telephone Monday, as the pair discussed hopes that the two nations can thaw icy relations …. The #Kremlin confirmed … both Trump and Putin agreed that U.S.-#Russian relations are presently at an ‘unsatisfactory’ level.
Trump’s campaign said Putin had called to offer his congratulations on winning the election and the two began discussing a range of issues. ….
Syria and global terrorism also reportedly were among the topics of discussion.
… In a telegram sent to Trump on Wednesday, Putin expressed hope that the incoming U.S. president would prove a constructive partner in pulling U.S.-Russia relations back from the brink. Trump’s election, the telegram read, should ‘lead to constructive dialogue between Moscow and Washington based on equality and respect.’ … at a ceremony at the Kremlin for foreign ambassadors, Putin spoke of Trump’s promises on the campaign trail to restore relations with Russia.
Click here for Defense News: “From Moscow: Russian Politicians and Pundits Shocked by Trump Election”
NEWSWATCH: “Russian Propaganda Is Pervasive, and America Is Behind the Power Curve in Countering It” – RAND
RAND reports on Russian propaganda efforts utilizing the newest technologies, including RT and a host of others. One key tactic is to repeat false and manipulative messages across multiple tracks:
… Russian propagandists are … at work across a wide front, aiming a firehose of falsehoods at ill-informed audiences, foreign and domestic. … this disinformation — intentionally false — leverages psychological vulnerabilities to sway audiences. U.S. leaders should raise public consciousness about its nature and dangers. … The explosion of new media is a boon for propagandists. RT, formerly Russia Today, spends over $300 million per year purveying a toxic mixture of entertainment, real news and disinformation across cable, satellite and online media. Dozens of Kremlin-backed proxy news sites blast propaganda while hiding or downplaying their affiliation. Russian trolls and hackers manipulate thousands of fake accounts on Twitter, Facebook and other social media. This volume and multiplicity of media and modes has an effect; research in psychology shows that multiple sources are more persuasive than a single source.
Russian propaganda also employs the tactics of first impressions and repetition, including the malign Ukrainian political transformation and concoct revisionist history seeking to mute awareness of Russian government culpability in international athletic doping:
Russia’s approach to propaganda emphasizes creating first impressions, which tend to be resilient, and then reinforcing them through repetition. In this way Kremlin propagandists have persuaded some of the less informed that Ukraine’s post-Maidan government is fascist. Contrary to credible findings of pervasive state-sponsored Russian doping at the 2014 Winter Olympics in Sochi, Moscow’s early and repeated denials have confused some audiences.
Much of Russian propaganda is wholly false, yet can build a false “credibility” based upon repeated manipulation of an audience with limited information access, such as the Russian people. The U.S. government has not responded robustly enough to Russian propaganda efforts.
While some Russian propaganda stories build around a kernel of truth, others are wholly manufactured and spun. … People are often poor judges of the credibility of both information and its sources, psychology research has found, and over time familiar messages or those previously identified as false can become more persuasive. … some audiences are not turned off by inconsistent or implausible expectations. … Polls last year found that about half of Russians believed they received ‘objective information’ from television, their main source of news. … America is behind the power curve in countering Russian disinformation. … Russian disinformation is a global threat, much of it targeted against democracies. … The Kremlin’s obsession with propaganda and disinformation persists ….
Click here for RAND: “Russian Propaganda Is Pervasive, and America Is Behind the Power Curve in Countering It”
… administration officials reportedly are at odds over a newly announced agreement with Russia to curb the violence in Syria … Confusion remains over the terms and aims of the deal. …. [there are] new questions about what level of violence will be accepted by the Obama administration in determining whether to go ahead with the proposed joint venture with Russia after a week-long ceasefire, which includes the sharing of intelligence at a joint intelligence center. … [After seven days of calm] the U.S. and Russia would then cooperate on how to jointly combat the Al Qaeda-linked group … Nusra Front … now known as Jabhat Fatah al-Sham. … militants backed by the U.S. and its Arab allies coordinate and even sometimes fight alongside Al Qaeda-linked militants. … The new cease-fire is supposed to end such ambiguities, and Washington has been urging rebel groups to break ranks with extremists.
(VOA – voanews.com – article also appeared at voanews.com/a/us-russia-yet-to-reach-syria-cease-fire-deal/3494498.html – Sept. 5, 2016)
Secretary of State John Kerry has returned home empty handed, failing to have reached an accord with his Russian counterpart on a cease-fire in Syria after an intensive period of diplomacy.
The two countries still need to resolve what are described as “technical issues,” and discussions between American and Russian negotiators are set to continue this week, State Department officials said Monday.
Off to the side of the G-20 Summit in Hangzhou, China, the U.S. and Russian presidents held talks about Syria that Barack Obama described as “businesslike” and “constructive, but not conclusive.”
“Given the gaps of trust that exist, that’s a tough negotiation and we haven’t yet closed the gaps in a way where we think it would actually work,” the U.S. president told reporters at the conclusion of the G-20 summit.
Obama added he had instructed Kerry, while Russian President Vladimir Putin had told his foreign minister, Sergey Lavrov, “to keep working at it over the next several days” in hopes an agreement could lead “to a serious conversation about a political solution to this problem” with all parties directly or indirectly involved in the Syrian conflict.
Putin told reporters at a separate news conference that talks with the United States and Turkey were continuing concerning Syria and negotiators had made a step forward.
During the past 10 days, a peripatetic secretary of state kept in touch with Russian Foreign Minister Lavrov through face-to-face meetings in Geneva and Hangzhou and telephone conversations in between, while the American senior envoy made stops in Bangladesh and India.
Kerry and senior aides have reiterated they do not want to make a tenuous deal for the sake of an announcement, but rather want Washington and Moscow to agree upon something realistic to achieve a sustainable nationwide cessation of hostilities in Syria.
There is a growing perception among some senior U.S. officials, however, that the Russians are gaming the Americans in the talks.
In private, U.S. diplomats have characterized the negotiations with their Russian counterparts as a litmus test on whether there is a seriousness by Moscow to reach an accord, or if the Russians are buying time that results in Obama and Kerry being portrayed as hapless negotiators.
“The Russians walked back on some of the areas we thought we were agreed on,” a senior State Department official said Saturday, revealing the level of frustration.
Russia is a long-time backer of Syria, and is seen as desiring President Bashar al-Assad remain in power in Damascus to maintain Moscow’s influence in the region.
Diplomats have no illusion that bringing an end to five years of intense misery for the Syrian people will be easy. They describe the battlefield as complex, with shifting alliances among the many militias involved.
“There are five different wars being waged” in Syria is a characterization expressed by more than one person involved in the cease-fire talks.
President Tayyip Erdogan of Turkey, which hosts 3 million Syrian refugees, said he had reiterated to Obama and Putin at the G-20 talks in China the need for a “no-fly zone” over Syria and a “safe zone” where there would be no fighting, in hopes of stemming the human migration.
A half decade of war has fractured Syria. More than 250,000 people are believed to have died from shootings, mortar fire and air strikes. Millions have fled the country. And 18 million more people remain to face an uncertain fate, most of them in need of humanitarian assistance, according to UN relief agencies.
In the latest disturbing account of Russian hacking, the #FBI is reportedly investigating a series of #cyber-attacks targeted at journalists from the New York Times and other U.S. media outlets. … [that] could allow hackers to obtain confidential communications between reporters and …sources in the government. It could also potentially allow Russia to release information, which would embarrass key political leaders as well as obtain insight into U.S. diplomatic or military strategies. … Russia is also the mostly likely suspect behind last week’s ‘Shadow Brokers’ incident … [exposing] a top-secret set of cyber-weapons developed by the #NSA.
NEWSWATCH: “How to Counter Russia’s Subversive War on the West” – RAND/William Courtney, Martin C. Libicki
Russia’s apparent cyberespionage against the Democratic Party … and its state-sponsored doping of Olympic athletes show an obsession with disruptive behavior as a tool of statecraft. … Cyberwar and sports doping are among the arrows in Moscow’s quiver of “active measures,” a triple threat of propaganda, deception and subversion that dates to the Soviet era.
Russia’s subversive and corrupt behavior should have a negative impact on its international stature and perceived suitability for investment.
Moscow’s provocative active measures cause foreign investors and international lenders to see higher risks in doing business with Russia. … it should not be surprised if disregard for others’ interests diminishes the international regard it seeks as an influential great power.