Russian Cyberattack on National Defense

Trump's diversion of billions of dollars from cybersecurity agencies to help fund his Mexican fence is largely responsible for the Russian success in overwhelming our defense across the DHS and Nuclear resources. It is already being regarded as the worst security failure in American history, representing unknown peril to our country's ability to defend itself from hot war attacks.

As yet the penetration and the extent of "damage" is unknown. It's not likely to begin to be known for several weeks. There is no ability to determine whether Russians have control over vital defense programs and databases. There is no ability to determine if they have only infiltrated and can just observe. Why? One reason is the Trump Administration is literally without anyone in control. No response has been made, nor is any forthcoming by Trump. Not even Twitterings. He will "respond" in the same way he did to the Russian bounties on American soldiers. Trump has not even acknowledged this is a Russian operation, much less directly blamed them.

The Cybersecurity Agency says the US. Government is now at "grave risk." This is a massive intelligence failure.

No emergency war-footing has been invoked to what has been described by the DHS head as an "ongoing attack." It has already been "ongoing for 6-9 months. That means the Russians have breached sensitive areas the government wants guarded from such intrusions, and it means they are continuing to breach more offices and departments. So far, the number is already in the hundreds.

Our Cyber Pearl Harbor Attack Includes Penetration Of:

The Dept. of Energy (houses country's nuclear warhead capability)
Treasury, State, Commerce, Health, and Homeland Security
The Pentagon

Is this the final move in Trump's idea of a game to stay in the White House? Possible total destruction of a defensive response to enemies foreign or domestic by sowing discord, chaos, and cyber destruction? It would suit both Trump and Putin.

Welcome to the Age of New Warfare.

President Biden DOES React

In a statement released this evening, Biden responded to the unprecedented breach of American security and nuclear cyber infrastructure.

. . .declaring that he and Vice President-elect Kamala Harris “will make dealing with this breach a top priority from the moment we take office.”

“We need to disrupt and deter our adversaries from undertaking significant cyberattacks in the first place,” he said. “We will do that by, among other things, imposing substantial costs on those responsible for such malicious attacks, including in coordination with our allies and partners.”

“There’s a lot we don’t yet know, but what we do know is a matter of great concern,” Biden said. He thanked administration “public servants” who he said were “working around-the-clock to respond to this attack.”

Those that Trump hasn't fired, of course.

Response from administration sources is nowhere to be found.

CISA previously said the perpetrators had used network management software from Texas-based SolarWinds to infiltrate computer networks. Its new alert said the attackers may have used other methods, as well.

Tech giant Microsoft, which has helped respond to the breach, revealed late Thursday that it’s been working to notify more than 40 organizations that were compromised using “additional and sophisticated measures” beyond the back door into SolarWinds systems. Microsoft said most of the compromised customers are in the United States, with victims also in Canada, Mexico, Belgium, Spain, the United Kingdom, Israel and the United Arab Emirates.

NATO and US allies that receive defense monies and materiel from us. CISA notified all civilian entities working for Treasury and Commerce have been instructed to remove the software from their computers. The cybersecurity agencies of Britain and Ireland issued similar alerts.

Another U.S. official, speaking Thursday on condition of anonymity to discuss a matter that is under investigation, said. . .“This is looking like it’s the worst hacking case in the history of America,” the official said. “They got into everything.”

DOE said its initial investigation revealed

. . .that malware injected into its networks via a SolarWinds update has been found only on its business networks and has not affected national security operations, including the agency that manages the nation’s nuclear weapons stockpile.

It makes NO mention of any other possible breach sources, however.

While there is no evidence of destruction, only "spying," the true danger of the security breakdown lies in the future.

Tom Kellermann, cybersecurity strategy chief of the software company VMware, said the hackers are now “omniscient to the operations” of federal agencies they’ve infiltrated “and there is viable concern that they might leverage destructive attacks within these agencies” now that they’ve been discovered.

Among the business sectors scrambling to protect their systems and assess potential theft of information are defense contractors, technology companies and providers of telecommunications and the electric grid.

The Helix Water District, which provides drinking water to the suburbs of San Diego, California, said it provided a patch to its SolarWinds software after it got an advisory the IT company sent out about the hack to about 33,000 customers Sunday.

Expect more details from the private sector to be forthcoming until the Trump Administration muzzles them with bullying threats. What information Microsoft releases regarding the breach, could be telling, but probably not as telling as what they don't release as I expect "national security" will be the excuse used to keep the uncomfortable facts from reaching the American public. Regarding the endangerment of the government's most "sensitive areas," I predict DJT will scapegoat people he's fired and blame "deep state" operators that don't exist. Never could any fault lay at the doors of cut funding and personnel purges that he's responsible for. Bank on that.

America is broken. The present administration failed to protect us from Covid-19 and a major Russian hack. Tens of millions of Americans voted for a lunatic and his GOP enablers in 2016 and 2020. Germans attended Hitler's rallies but they never voted for him.

>3 Molly3028: they never voted for him

Might be worth nuancing that. I believe that in the 1932 election about 37% of the German electorate, more than 13 million people, voted for Hitler for the presidency, but it wasn't enough to beat Paul von Hindenburg. But you're right that Hitler was not elected but was appointed to the chancellorship in 1933, and assumed the presidency, which he combined with the chancellorship to become Fuhrer, in 1934 upon Hindenburg's death (Wikipedia).

>3 Molly3028: Not a peep from Trump, last I heard, about Russian bounties on our soldiers...

WHY? Pentagon Halts Biden Transition Briefings

Acting Defense Secretary Chris Miller ordered a Pentagon-wide halt to cooperation with the transition of President-elect Biden, shocking officials across the Defense Department, senior administration officials tell Axios.
Latest
Biden transition director Yohannes Abraham contradicted the Pentagon's official response to this story on Friday afternoon, telling reporters, "Let me be clear: there was no mutually agreed upon holiday break."

Miller had said in a statement following the publication of this story: "At no time has the Department cancelled or declined any interview. ... After the mutually-agreed upon holiday, which begins tomorrow, we will continue with the transition and rescheduled meetings from today."

Miller's move, which stunned officials throughout the Pentagon, was the biggest eruption yet of animus and mistrust toward the Biden team from the top level of the Trump administration.

Of course Christmas vacation time is very important, especially when the Nation has been cyber-attacked by an adversary. What possible use is shared military readiness intelligence and counter-espionage efforts that should be underway among the present administration and the ("we're all Americans here") incoming administration?

Perhaps the need for Trump to preserve our national security by continuing to do absolutely nothing is so vital that his idleness can not be witnessed by the Biden team for fear the Russians might learn something about what we're not doing to recover and retaliate, due to leaks from the Democratic transition team.

Got that last para "Newsmax"?

There is, of course, this shit here.
https://www.businessinsider.com/trump-reportedly-threatened-not-to-leave-white-h...

President Donald Trump is said to be in denial about his election loss and has told some of his advisors he won't leave the White House on Inauguration Day, according to CNN.

Few believe Trump would actually follow through on threats to squat at the White House, according to CNN's report, published Wednesday.

"He's throwing a f---ing temper tantrum," one advisor told CNN. "He's going to leave. He's just lashing out."

>5 margd: What Russian bounty on our soldiers?

https://responsiblestatecraft.org/2020/09/29/the-explosive-russian-bounty-story-...

The Russian government paying bounties to Taliban militants to kill American soldiers in Afghanistan blasted through the COVID dominated headlines this summer as lawmakers and pundits demanded to know why President Trump wasn’t taking the intelligence seriously.

But months later, news that the intelligence has remained unconfirmed by military officials on the ground in Afghanistan has barely made a blip on the radar, suggesting that the story was never more than a disputed, unsubstantiated bit of raw intelligence whose only purpose was to provide rhetorical cannon fodder for Trump’s critics and the worst elements of the foreign policy blob.

The allegation first appeared on the front page of The New York Times on June 26, and within 48 hours was repeated by The Wall Street Journal and The Washington Post. From the original Times report, “The United States concluded months ago that the Russian intelligence unit…had covertly offered rewards for successful attacks last year.” The Post treated “the existence of the bounty program” as flat fact, while the Journal used affirming language toward “a classified American intelligence assessment” that reached that conclusion.

From the beginning, the story lacked legs. None of the outlets had been provided this “report,” and only been told of its existence. They were informed by “officials familiar with the matter,” without specifying which branch of intelligence the officials represented, if any. The Post speculated how many U.S. soldiers could have been the victim of such a bounty program, without referencing any specific attacks. The only light shined on the origins of the claim was that it was the result of human intelligence gathered from captured Taliban fighters.

Three days after its initial report, the Journal had to walk back its assuredness after receiving significant pushback from the National Security Agency. Evidently the U.S. government agency charged with collecting and monitoring every phone call, digital communication, and cyber transaction on Earth could provide no corroboration for the bounty story. Likewise, the Defense Intelligence Agency and the Pentagon at-large had low confidence that the information was accurate. The report, it turned out, had been a contrived CIA product that possessed no sourcing besides an unknown number of Taliban prisoners.

Following a two-month Defense Department investigation overturning every Afghan rock, there remains no reason to believe Russia ever instituted such a bounty program. “It just has not been proved to a level of certainty that satisfies me,” General Frank McKenzie, commander of U.S. Central Command, said earlier this month. “We continue to look for that evidence…I just haven’t seen it yet.”

The reason the American media latched onto an unverified bit of raw intelligence isn’t difficult to discern. The report fit the narrative of Trump’s seemingly cozy relationship with Vladimir Putin. It also became leverage against the Trump administration’s plans to withdraw completely from the U.S. war in Afghanistan. And it didn’t help Trump’s cause when he immediately reacted defensively to the initial reports as “fake news” and did not seem to have a well coordinated response with other White House officials.

So for two-weeks the public was subjected to a news cycle where cable hosts and contributors fearmongered about Putin collecting the scalps of U.S. soldiers.

Why, it's as if some are whipping up a russophobic frenzy to deny the structural problems in the land. Can't bother about the inequality when the Red Scare is upon us again--best to leave it to the "righteous Republicans" (CHORTLE) and their jingo drums to lead you.

Once again some war or another is supposed to feed hungry Americans.

>8 davidgn: A conservative think tank is echoing Trump's officials denial of the evidence of a bounty that Trump refused to speak out against, even as a theoretical situation.

Gee, is that a surprise?

>9 LolaWalser: Putin's government is a threat. The Russian election interference barely blipped in media coverage, but the Congressional documentation of it in 2016 is a big f'ing deal.

All the times President Trump was expected to speak out for the USA against civil rights abuses by Russia also seems to have slid out of notice; although, reports from Chechnya and Ukraine have stuck in my memory.

I personally know people who have been holding the line against Russian cyberattacks every day for years, and that's only one ongoing issue that's downplayed by conservatives who obviously care more about excusing racism than about actual security concerns.

That's a problem, too, as further evidence that the GOP endangers not our national security.

Acknowledging attacks and threats isn't fearmongering. Acknowledging hostility is an appropriate response. Ignoring it leaves vulnerable people without support they might need to survive.

Acknowledgment is leadership. Following that up with appropriate response is greater leadership. Restoring our international relations with former cooperating allies and getting them to ALSO respond appropriately is the greatest leadership.

Biden's initial written acknowledgment of Russian penetration of our security and commercial interests with its inclusion of an appropriate response makes him, IMO, the de facto leader of the country and the actual functioning president.

He has let the world know who's holding the reigns of actual power -- the power that devolves from the voice of the people.

Trump be damned.

>10 aspirit:

The Russian election interference barely blipped in media coverage, but the Congressional documentation of it in 2016 is a big f'ing deal.

That's something to take up with your fellow citizens; I'm in no need of this persuasion. I've personally expressed more alarm and concern over Trump's appearance and public invitation to Russia than the liberal and "Killarian" scum who treated him as a joke and/or a well-deserved punch in the face to the Democrats. Go back to 2015 and 2016 and you might discover just what surprising turnabouts some have performed here since.

Second, if I cared that much albeit a foreigner, it's because I have personal connections to the US. Other foreigners are much cooler about American paranoia and point with reason to America's own cruel interference in the politics of other countries. And they have a point. You're not special. What is done to you is what you too are doing to others and have been for a long time. Except American interference isn't limited to espionage but extends to actual warfare--only Americans in the whole wide world take it for granted that they have the "right" to invade and bomb up other countries in the name of American national security. Or do you believe you'd accept with the same equanimity Vietnam, Laos, Cambodia, Iraq, to name just a few, bringing war to the US the way the US brought war to them? In the name of their "national security"? It would really be salutary if you could see your country the way the rest of the world sees it.

Of course it's logical to identify actual attacks and respond to them. No one can sanely expect anything else no matter who the actors are. But please don't pretend that there isn't a concerted effort to present Russia as America's major problem in the midst of a global environmental and economic crisis, or that that attempt isn't calqued on on America's traditional rabid anti-leftism. The rhetoric stinks of McCarthyism and like that iteration of the Red Scare, serves only to paralyze your own progressive wing and much-needed social reforms.

>12 LolaWalser: I don't know what you're hearing in Canada, but down here, no, there hasn't been a concentrated effort to bring back Red Scare propaganda. Top Republicans have more frequently praised Putin and excused Russian military acts these past few years where I can see, watching various forms of news and taking to people within goverment.

Getting people of any political lean to pay attention to the disturbing alliances of the Trump administration has been a pain.

Anyway, equating acknowledging something happens with bloodlust for a military bombing campaign makes no sense. I can't honestly say I know anyone like that, despite all the wackos around here. If your personal connections can't figure out the difference, however, I can sympathize.

You're not special. What is done to you is what you too are doing to others and have been for a long time.

I do not represent the USA. You do not know anything of what I have done as a government employee or US citizen. Blaming a random individual for generations of international conflicts seems like an extremely ineffective use of anger.

>13 aspirit:

It was a collective "you". I'm done with this now.

>10 aspirit: I wouldn't characterize it as a "conservative" think tank.
https://www.thenation.com/article/archive/quincy-institute-responsible-statecraf...

Trita Parsi, Quincy’s executive vice president and the founder of the National Iranian American Council, says he’s proud to have the support of both the Charles Koch Foundation and Soros’s Open Society Foundations. To explain Quincy’s ideological orientation, Parsi emphasizes “transpartisanship,” which he distinguishes from the much-derided term “bipartisanship.” Bipartisanship, he says, is when “you have two sides, they disagree, and then they come to an agreement with some sort of a compromise that neither side is really happy with.” Transpartisanship, on the other hand, means “you have two sides, they disagree on a whole bunch of issues, but they have overlapping views. Neither side compromises. They’re just collaborating on issues they already are in agreement over.” He argues that the Blob’s status quo is maintained by the mainstream policy-makers in both parties who support military intervention and that challenging it will require an alliance of politicians on the left and right who agree on the need for restraint, even if they do so for different reasons.

But if you'd prefer another...
https://masspeaceaction.org/event/the-great-russian-bounty-hoax-bureaucratic-int...

>15 davidgn: Responsible Statecraft characterizes itself as a conservative think tank. I don't see a reason to argue against its staff's self-proclaimed identities.

>16 aspirit: Haven't seen that, but would be interested to see a citation. In any event, as explained above, that's necessarily going to be an oversimplification at best. e.g. Never considered Jim Lobe or the Inter Press Service to be particularly "conservative." Nor Steven Kinzer (or, more broadly, Brown's Watson Institute, of which I'm personally rather fond, and which has board overlap). https://www.bostonglobe.com/opinion/2019/06/30/soros-and-koch-brothers-team-end-...

"Up To No Good," Gen'l. McCaffrey about Acting Secretary of Defense Chris Miller

Miller, you may recall, forbade Pentagon officials from further briefings of Biden transition team immediately following the Russian cyber-attack. McCaffrey, you may recall is a calm assessor and interpreter of military and security matters. But this is his tweet reproduced as is.

Barry R McCaffrey
@mccaffreyr3
Pentagon abruptly halts Biden transition—- MAKES NO SENSE. CLAIM THEY ARE OVERWHELMED. DOD GOES OPAQUE. TRUMP-MILLER UP TO NO GOOD. DANGER.

You may also recall his opinion when Trump began purging the military leadership last month and putting his loyalists in their place.

"If I was a CIA officer trying to understand what was going on in a third-world country and I saw this pattern of behavior, I would say the strongman's trying to take over the government and defy an election.

"Mark me down as alarmed"

Mark me down with the general. Especially since the only item on Trump's official schedule today was a meeting with acting Defense Secretary Miller.

The chances they were discussing an appropriate response to the Russian hack that we should take in conjunction with our allies is -- I would bet -- nil. The chance that Trump is single-mindedly determined to attempt every anti-American scheme he can wheedle out of his slimy sycophants, even if it means trying an armed coup, I'd put at 100%. Besides, you heard him. Trump says it's China, not Russia, and -- "Gee! It wasn't that bad, anyway."

Trump, though, in his first public comments on the hack initially reported on Dec. 13, said the incident was “far greater in the Fake News Media than in actuality.

The Cyber Hack is far greater in the Fake News Media than in actuality. I have been fully briefed and everything is well under control. Russia, Russia, Russia is the priority chant when anything happens because Lamestream is, for mostly financial reasons, petrified of....— Donald J. Trump (@realDonaldTrump) December 19, 2020

"It's all about ME! The Great and Terrible Oz!"

All we have to do is survive another month. And elect two Democratic senators from Georgia. Is that possible?

Twitter report Sidney Powell has visited White House several times in three days. Rep Jim Jordan and the like met with the Prez. Let's hope wishing each other Merry Christmas?

Nuclear Weapons Agency Updates Congress on Hacking Attempt

I don't know enough about cyber intruders' ability to set up many back doors once they breach a network, nor do I know enough about detecting and neutralizing such acts, to assess how good this news is. Officials from the Department of Energy told Hill staffers this week that they don't believe their systems were compromised. The Department of Energy and the National Nuclear Security Administration, which maintains the U.S. nuclear weapons stockpile said that 'there is currently no known impact to its classified systems.'

The officials told staffers, however, that the incident has proven how difficult it is to monitor the Energy Department’s unclassified systems, and acknowledged that an issue with a network extension within the Office of Secure Transportation — which specializes in the secure transportation of nuclear weapons and materials — had been discovered.

They also admitted that "there was an attempt to breach Los Alamos National Laboratory and the nuclear administration’s field office in Nevada" through the SolarWinds s/w. They don't consider either the lab or the field office to have been compromised and all SW s/w has been removed. Campione, told DOE officials last week that, in addition to the labs and the Office of Secure Transportation, suspicious activity had also been found in networks belonging to the Federal Energy Regulatory Commission (FERC), which stores sensitive data on the nation's bulk electric grid. In the face of these and other breach announcements, DOE insists that 'ongoing investigation into the hack had found that the perpetrators did not get into critical defense systems.'

. . .the malware has been isolated to business networks only, and has not impacted the mission essential national security functions of the department, including the National Nuclear Security Administration.

Tired of all that winning?

Like I say, I don't know much about how much time it takes an intruder to discover additional vulnerabilities -- like dormant passwords easily cracked -- and established additional "ports of ingress and egress," or Trojan horses, or hibernating malware, or piggy back sub routines, or. . . . .as yet undetected, un-neutralized, un-secured against.

But don't worry America. The first job of our president is to protect us from enemies domestic and foreign. Trump's got this!

"The Cyber Hack is far greater in the Fake News Media than in actuality. I have been fully briefed and everything is well under control. (wag, wag, woof woof)

EDIT I forgot to note President-Elect Biden's answer to a press question yesterday,

"The Defense Department won't even brief us on many things. ... I know of nothing that suggests it's under control."

Is librarything impacted ? There's precedent.

Microsoft Says 'SolarWinds' Hackers viewed Internal Code

Attackers who spearheaded a massive hack of government and private computer networks gained access to its internal "source code," a key building block for its software. The US tech giant said the Russian-led hackers were unable to compromise or modify any of its software.

"We detected unusual activity with a small number of internal accounts and upon review, we discovered one account had been used to view source code in a number of source code repositories," Microsoft said on its security blog.

"The account did not have permissions to modify any code or engineering systems and our investigation further confirmed no changes were made. These accounts were investigated and remediated."

Good news/ bad news? "Look what we found. Don't look at how long it took us to find it. Don't even think about what we may not have found yet."

So far, dead silence from government agencies also compromised by the hackers' intrusion. That seems like no news/bad news.

https://www.nakedcapitalism.com/2020/12/larry-wilkerson-no-evidence-of-massive-r...

Larry Wilkerson: No Evidence of Massive Russian Hack
Posted on December 31, 2020 by Yves Smith
Yves here. For this Christmas-New Year period, we’ve been working out way through worthy pieces that warrant the extra time and attention it takes to digest them properly. One is this Thenalysis.news interview with Larry Wilkerson that gives a long form debunking of the latest Russian scare story taken up uncritically by just about every media outlet. Both tech experts and Russia beat watchers like Aaron Mate have challenged it, but it’s useful to have Wilkerson take the it apart.
------
NB: Paul Jay and frequent contributor Col. Wilkerson are now refugees from The Real News, which Jay founded with Sharmini Peres.

cf. https://www.nakedcapitalism.com/2019/11/paul-jay-and-sharmini-peries-ousted-from...

https://theanalysis.news/about/
"theAnalysis.news was founded by Paul Jay and Sharmini Peries. Along with close friends, they created this site to carry on the work of independent, in-depth, uncompromising journalism."