Friday Reads: The Russian Cyber InvasionPosted: March 16, 2018
Good Afternoon Sky Dancers!
Two stories have been haunting me and both deal with Russian Attacks on the West. The first is the ongoing murder and poisonings of folks who have crossed Putin. The second is the ongoing Russian cyber attacks. These are widespread to include nearly all aspects of western life. They are manipulating our Social Media Sites, they are hacking our election systems, and they have entered our energy grids.
There are entire books written and being written on these various forms of cyber manipulation and invasion entering that realm between serious concerns, actual impact, and extreme threat. The test case for the many weapons in the Russian Cyber War arsenal was the Ukraine. We’ve learned within the last 24 hours that this could be us. Here is the lead up to a very informative read from last December’s Wired. In our frenetic news feeds where we chase the chaos emanating from an insane man making huge decisions, we oggle porn stars and subpoenas. Whirring in the back is the growing evidence that we’re under attack. We’re under attack in a way that most of us cannot fully grok.
The clocks read zero when the lights went out.
It was a Saturday night last December, and Oleksii Yasinsky was sitting on the couch with his wife and teenage son in the living room of their Kiev apartment. The 40-year-old Ukrainian cybersecurity researcher and his family were an hour into Oliver Stone’s film Snowden when their building abruptly lost power.
“The hackers don’t want us to finish the movie,” Yasinsky’s wife joked. She was referring to an event that had occurred a year earlier, a cyberattack that had cut electricity to nearly a quarter-million Ukrainians two days before Christmas in 2015. Yasinsky, a chief forensic analyst at a Kiev digital security firm, didn’t laugh. He looked over at a portable clock on his desk: The time was 00:00. Precisely midnight.
Yasinsky’s television was plugged into a surge protector with a battery backup, so only the flicker of images onscreen lit the room now. The power strip started beeping plaintively. Yasinsky got up and switched it off to save its charge, leaving the room suddenly silent.
He went to the kitchen, pulled out a handful of candles and lit them. Then he stepped to the kitchen window. The thin, sandy-blond engineer looked out on a view of the city as he’d never seen it before: The entire skyline around his apartment building was dark. Only the gray glow of distant lights reflected off the clouded sky, outlining blackened hulks of modern condos and Soviet high-rises.
Noting the precise time and the date, almost exactly a year since the December 2015 grid attack, Yasinsky felt sure that this was no normal blackout. He thought of the cold outside—close to zero degrees Fahrenheit—the slowly sinking temperatures in thousands of homes, and the countdown until dead water pumps led to frozen pipes.
That’s when another paranoid thought began to work its way through his mind: For the past 14 months, Yasinsky had found himself at the center of an enveloping crisis. A growing roster of Ukrainian companies and government agencies had come to him to analyze a plague of cyberattacks that were hitting them in rapid, remorseless succession. A single group of hackers seemed to be behind all of it. Now he couldn’t suppress the sense that those same phantoms, whose fingerprints he had traced for more than a year, had reached back, out through the internet’s ether, into his home.
The reach into Western and US culture has been ongoing and has only really been noticed the last few years. It’s only now we’re beginning to see the institutions that have been influenced.
The nation’s leading gun rights lobby was the biggest backer of Trump’s presidential campaign, spending $30 million to help propel him to his upset victory over Democrat Hillary Clinton, a strong advocate of gun control laws. But in January, the NRA was drawn into the furor over Russian interference in the election when McClatchy reported that the FBI was investigating whether Russian banker and “lifetime” NRA member Alexander Torshin, who hosted a high-level NRA delegation in Moscow in late 2015, funneled funds to the NRA to help Trump.
It’s illegal for foreign funds to be spent in American elections.
“Whether there was an effort by Russia to create a back channel or assist the Trump campaign through the NRA or gun-rights groups is an open question the committee’s minority has endeavored to answer for the past year,” California Rep. Adam Schiff, the top Democrat on the House Intelligence Committee, said in a statement to McClatchy. “Much work remains to be done concerning that thread of our investigation, including conducting witness interviews and receiving relevant documents from several organizations and individuals.”
Mitchell’s name surfaced after House Republicans announced this week they were ending the panel’s year-old investigation into Russia’s meddling, which had been plagued by months of partisan friction. They issued a 150-page report that concluded there was no “collusion” between Trump’s campaign and Russia. Angry Democrats responded by issuing a wide-ranging, 21-page status report on Tuesday laying out areas of inquiry that were short-circuited by the majority’s decision, vowing to pursue them independently.
Mitchell was among more than two dozen people the Democrats said they would like to interview, including two other figures with connections to Torshin and the NRA. The report said Democratic investigators want to know if Mitchell “can shed light on the NRA’s relationship with Alexander Torshin” or other Russians and also want to see financial records from a South Dakota company and a Russian gun rights group..
Neither the FBI, which is working with Special Counsel Robert Mueller to investigate Russian meddling in the election, nor the congressional committees have provided details of potentially improper Russian involvement with the NRA.
It seems like it’s been recent but there’s more history than most of us realize. It’s deeper into places than we thought possible. We just haven’t been paying attention because, until now, it hasn’t perceptibly influenced our lives. It’s also complex and difficult to cover in a TV minute.
In the past decade the Russian government has mounted more than a dozen significant cyber attacks against foreign countries, sometimes to help or harm a specific political candidate, sometimes to sow chaos, but always to project Russian power.
Starting in 2007, the Russians attacked former Soviet satellites like Estonia, Georgia, and Ukraine, and then branched out to Western nations like the U.S. and Germany. U.S. intelligence officials and cyber experts say a strategy that pairs cyber attacks with on-line propaganda was launched by Russian intelligence a decade ago and has been refined and expanded ever since, with Putin’s blessing. Russia has shut down whole segments of cyber space to punish or threaten countries.
Mike McFaul, the former U.S. ambassador to Russia, says there is a bottom line to the pattern of hacking.
“For years now, the Kremlin has looked for ways to disrupt democracies, to help the people that they like to come to power and to undermine the credibility of the democratic process,” said McFaul. Russia also seeks to weaken the European Union and NATO.
There’s a 10 year history outlined there. Attacks by Russian hackers on other countries are well documented. One of Putin’s cronies is funding troll farms and a mercenary arm for the Russian strategy. As I read more about this, I truly understand why Paul Manaford would possibly feel–but may not absolutely be–safer in a Federal Prison.
Yevgeny Prigozhin, the man widely referred to as “Putin’s chef,” doesn’t actually prepare food. Instead, he cooks up international plots — like Russia’s campaign to use social media to undermine Hillary Clinton’s 2016 campaign and promote Donald Trump’s.
Prigozhin was among the 13 Russian nationals indicted by special counsel Robert Mueller in February and is by far the most well-known. His ties to Putin go back to at least 2001: He’s worked on everything from election interference to setting up pro-Putin newspapers to sending Russian mercenaries to Syria to fight on behalf of Bashar al-Assad’s regime.
A recent Washington Post report says that he personally approved a Russian mercenary attack on US forces stationed in eastern Syria in early February; US intelligence, per the Post, intercepted a conversation where he promoted the idea.
“Putin’s chef” would be better described as Putin’s fixer: someone who does the Russian leader’s dirty work, while giving Putin plausible deniability if things go wrong.
“Prigozhin has managed to make himself useful on both the [covert and military] sides of Putin’s efforts to reassert Russia on the international stage,” Hannah Thoburn, an expert on Russia at the Hudson Institute, tells me. “[That’s] no small accomplishment for a guy who spent nine years in a Soviet prison and began his business career in restaurants.”
And Prigozhin’s rise, while deeply strange in its details, isn’t just a one-off. It speaks to a fundamental truth about the way the Putin regime operates — not just as a traditional government, but also as a kind of criminal cartel in cahoots with its wealthiest private citizens.
Most of this information has been floating out there in the cyber security world, but it’s pretty shocking to find the results of an actual Russian Troll Farm twitter storm outlined in the Milwaukee Journal Sentinel.
The fires of the Sherman Park unrest in Milwaukee had barely burned out in August 2016 before Russian Twitter trolls sought political gain by stoking the flames of racial division.
A Milwaukee Journal Sentinel review found that Russia-linked accounts — including one named in a recent federal indictment — sent more than 30 tweets to spread racial animus, blame Democrats for the chaos and amplify the voices of conservatives like former Milwaukee County Sheriff David A. Clarke Jr. who were commenting on Sherman Park.
These foreign accounts started posting only hours after the unrest, getting more than 5,000 retweets at a time when residents of the neighborhood were trying to clean up and overcome fears of a renewed outbreak. This came three months before the 2016 election in which President Donald Trump was elected, thanks in part to his surprise victory in Wisconsin.
The news was an unwelcome surprise for Rep. Evan Goyke (D-Milwaukee), who represents Sherman Park and was present the morning after the unrest.
“To think that halfway around the world people are using this tragic series of events for partisan gain … it’s daunting. It’s heartbreaking,” Goyke said.
In its review, the newspaper found that Twitter accounts linked to Russia sought to boost Trump’s chances in Wisconsin and spread fake news to help a primary challenger to U.S. Speaker Paul Ryan of Janesville. Their efforts ranged from amplifying a statement by Kenosha native and former White House Chief of staff Reince Priebus to spreading a false claim that U.S. Sen. Lindsey Graham had taught at the University of Wisconsin-Milwaukee.
Milwaukee Mayor Tom Barrett said the findings showed that Trump and Congress need to prevent further Russian meddling, saying it was “beyond belief” that America hadn’t done more.
“These are enemies of the United States who are trying to sow dissension in our country and on the streets of Milwaukee,” Barrett said in a statement.
Trump and allies such as U.S. Rep. Sean Duffy (R-Wis.) have retorted by saying that President Barack Obama’s administration did relatively little during the 2016 campaign and didn’t seek to impose tough sanctions until December 2016.
The Trump administration on Thursday accused Russian government hackers of carrying out a deliberate, ongoing operation to penetrate vital U.S. industries, including the energy grid — a major ratcheting up of tensions between the two countries over cybersecurity.
It says the hackers penetrated targeted companies to a surprising degree, including copying information that could be used to gain access to the computer systems that control power plants. It’s the kind of access that experts say would have given Moscow the ability to turn off the power if it wanted to.
The alert came eight months after leaked documents revealed that federal authorities had found evidence of foreign hackers breaching computer networks in U.S. power companies, including the operator of the Wolf Creek nuclear plant in Kansas.
“Since at least March 2016, Russian government cyber actors … targeted government entities and multiple U.S. critical infrastructure sectors, including the energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors,” according to Thursday’s joint alert, issued by the Homeland Security Department and the FBI.
While the reveal isn’t a surprise to cyber watchers — researchers have been noting such digital espionage for years — it’s rare for the U.S. government to be so blunt about a foreign adversary’s cyber spying. Because the U.S. conducts its own similar online espionage campaigns around the world, intelligence officials have traditionally been loath to openly point fingers at other governments for doing the same thing.
After the alert, Energy Secretary Rick Perry warned members of a House Appropriations subcommittee Thursday that he’s “not confident” the federal government has an adequate strategy in place to address the “hundreds of thousands” of cybersecurity attacks directed at the U.S. every day.
Yup. Please remember it’s Texas’ dim bulb Rick Perry in charge of safeguarding all this. Russian hackers have attacked our energy grid.
Officials in Washington say that Russian hackers are in the midst of a widespread attack on crucial components of U.S. infrastructure, according to a Department of Homeland Security (DHS) report released Thursday.
The targets of these attacks include the country’s electric grid, including its nuclear power system, as well as “commercial facilities, water, aviation, and critical manufacturing sectors,” the statement said.
The report is damning confirmation of what has for months been suspected: that hackers in Russia are capable of infiltrating and compromising vital systems relied on by millions of Americans. According to the new report, the attacks began at least as early as March 2016, thriving on vulnerabilities in these systems’ online operations.
“In some cases, information posted to company websites, especially information that may appear to be innocuous, may contain operationally sensitive information,” the report reads. “As an example, the threat actors downloaded a small photo from a publicly accessible human resources page. The image, when expanded, was a high-resolution photo that displayed control systems equipment models and status information in the background.”
A Russian government hacking operation aimed at the U.S. power grid did not compromise operations at any of the nation’s commercial nuclear power plants, federal regulators and the nuclear industry said Friday.
Corporate networks at some of the 99 plants licensed by the Nuclear Regulatory Commission were affected by the 2017 hack aimed at the energy grid and other infrastructure, but no safety, security or emergency preparedness functions were impacted, the NRC said in a statement.U.S. nuclear plants are designed as operational “islands” that are not connected to the internet and other networks. Nuclear power provides about 20 percent of the nation’s electricity.The Nuclear Energy Institute, an industry lobbying group, said the Russian hacking campaign targeting U.S. infrastructure “demonstrated that America’s nuclear plants can withstand a nation-state sponsored attack.”The Trump administration accused Moscow on Thursday of an elaborate plot to penetrate America’s electric grid, factories, water supply and even air travel through cyber hacking.U.S. national security officials said the FBI, Department of Homeland Security and intelligence agencies determined Russian intelligence and others were behind a broad range of cyberattacks starting a year ago. Russian hackers infiltrated the networks that run the basic services Americans rely on each day: nuclear power, water and manufacturing plants.U.S. officials said the hackers chose their targets methodically, obtained access to computer systems, conducted “network reconnaissance” and then attempted to cover their tracks by deleting evidence of the intrusions. The U.S. government has helped the industries expel the Russians from all systems known to have been penetrated, but additional breaches could be discovered, officials said.The NRC, in its statement Friday, said the five-member commission and the nuclear industry “are vigilant in cybersecurity. Every nuclear power facility must meet the NRC’s regulations for an approved cybersecurity program, which includes separation of critical and non-critical systems.”Energy Secretary Rick Perry said his department worked closely with other agencies and energy providers to help ensure that hacking attempts “failed or were stopped.”Perry said he is creating an Office of Cyber Security and Emergency Response to consolidate and strengthen efforts to “combat the growing nefarious cyber threats we face.”
Well, the Trump administration does want us back to the 19th century. Successfully bringing down our grid would certainly do it. We can assume that our elections will be hacked this year too. Aren’t you glad that West Wing chaos and Stormy Daniels are the focus of attention? Is it too late to demand paper ballots?
The first ballots of the 2018 mid-term elections will soon be cast, but many Americans will exercise this constitutional right without much confidence that their votes will be fairly and securely counted. Partisanship in Congress and bureaucratic delays have left voting even more vulnerable to the attacks that top intelligence officials say will accelerate in 2018. Meanwhile, irrefutable evidence has revealed that Russia engaged in a multifaceted attack on the 2016 election through information warfare, and that hackers also scanned or penetrated state election infrastructure in ways that could lead to manipulation of voter registration data — and possibly change vote totals in 2018. We propose two stopgap measures that can be immediately implemented without waiting for funding or new legislation.
Cybersecurity experts have repeatedly warned that none of our current voting technologies was designed to withstand the cyberattacks expected in the coming months. This national emergency calls for Americans to act immediately before the voters’ faith in democratic elections is severely undermined. Experts agree there’s time to contain major threats to this year’s elections, but we must rapidly convert from paperless touch-screen voting machines to paper ballots, and upgrade states’ and counties’ verification practices to conduct public post-election ballot audits before local election boards certify the 2018 elections. A post-election audit involves simply checking the computer-generated tabulations against paper ballots to be sure the machine hasn’t been compromised.
Well, I’ve gotten this post twice as long as you’ll likely read but read you should. There are many things that are threatening us today but none as consequential as all of this and if you believe last month’s panel of national security leaders testimony, we’re not doing much about it.
What’s on your reading and blogging list today?