Russian Info, Cyber and Disinformation (Jan-June 2017).

[OUTLAW 09]

Just in the initial reading of the WL CIA data bump ...have myself have spotted 14 statements/sentences that are blatantly FSB/GRU planted disinformation.....

NOTICE just how this flanking WL support attempts to tie CIA to the Russian hacking tools THUS the DNC hacking was not Russia but a CIA false flag attack.....ALL DESIGNED to hurt Trump.....

NOTICE now the so called "Deep State" conspiracy myth gets it support...

In the Trump/Breitbart.com/Bannon world "Deep State" is being led by Obama....

zerohedge‏#
@zerohedge
The CIA has stolen malware produced by Russia, and can misdirect attribution to Moscow
http://www.zerohedge.com/news/2017-0...astern#…

BUT WAIT......
Live Monitor‏#@amlivemon 2h
2 hours ago
Pure Russian disinformation

Live Monitor‏#@amlivemon 18m
18 minutes ago
I know both CIA & NSA well..the manipulative info mixed with disinformation selectively leaked by @Wikileaks is pure FSB propaganda #Vault7

REALLY not much to see in this data dump....exploits will be read about......necessary patches patched...hands washed and onto a new day...and a new cycle of exploits and zero days...

[OUTLAW 09]

Comments reference the WL CIA data dump from yesterday attempting to tie CIA to the Russian DNC hack and support the Trump and company thesis of being attacked by the "Deep State"....

Tuesday, March 07, 2017
Some comments on the Wikileaks CIA/#vault7 leak

I thought I'd write up some notes about the Wikileaks CIA "#vault7" leak. This post will be updated frequently over the next 24 hours.


The CIA didn't remotely hack a TV. The docs are clear that they can update the software running on the TV using a USB drive. There's no evidence of them doing so remotely over the Internet. If you aren't afraid of the CIA breaking in an installing a listening device, then you should't be afraid of the CIA installing listening software.


The CIA didn't defeat Signal/WhattsApp encryption. The CIA has some exploits for Android/iPhone. If they can get on your phone, then of course they can record audio and screenshots. Technically, this bypasses/defeats encryption -- but such phrases used by Wikileaks arehighly misleading, since nothing related to Signal/WhatsApp is happening. What's happening is the CIA is bypassing/defeating the phone. Sometimes. If they've got an exploit for it, or can trick you into installing their software.


There's no overlap or turf war with the NSA. The NSA does "signals intelligence", so they hack radios and remotely across the Internet. The CIA does "humans intelligence", so they hack locally, with a human. The sort of thing they do is bribe, blackmail, or bedazzle some human "asset" (like a technician in a nuclear plant) to stick a USB drive into a slot. All the various military, law enforcement, and intelligence agencies have hacking groups to help them do their own missions.


The CIA isn't more advanced than the NSA. Most of this dump is child's play, simply malware/trojans cobbled together from bits found on the Internet. Sometimes they buy more advanced stuff from contractors, or get stuff shared from the NSA. Technologically, they are far#behind the NSA in sophistication and technical expertise.


The CIA isn't hoarding 0days. For one thing, few 0days were mentioned at all. The CIA's techniques rely upon straightforward hacking, not super secret 0day hacking Second of all, they aren't keeping 0days back in a vault somewhere -- if they have 0days, they are using them.


The VEP process is nonsense.#Activists keep mentioning the "vulnerability equities process", in which all those interested in 0days within the government has a say in what happens to them, with the eventual goal that they be disclosed to vendors. The VEP is nonsense. The activist argument is nonsense. As far as I can tell, the VEP is designed as busy work to keep people away from those who really use 0days, such as the NSA and the CIA. If they spend millions of dollars buying 0days because it has that value in intelligence operations, they aren't going to destroy that value by disclosing to a vendor. If VEP forces disclosure, disclosure still won't happen, the NSA will simply stop buying vulns.


There's no false flags. In several places, the CIA talks about making sure that what they do isn't so unique, so it can't be attributed to them. However, Wikileaks's press release hints that the "UMBRAGE" program is deliberately stealing techniques from Russia to use as a false-flag operation. This is nonsense. For example, the DNC hack attribution was live command-and-control servers simultaneously used against different Russian targets -- not a few snippets of code.


This hurts the CIA a lot. Already, one AV researcher has told me that a virus they once suspected came from the Russians or Chinese can now be attributed to the CIA, as it matches the description perfectly to something in the leak. We can develop anti-virus and intrusion-detection signatures based on this information that will defeat much of what we read in these documents. This would put a multi-year delay in the CIA's development efforts. Plus, it'll now go on a witch-hunt looking for the leaker, which will erode morale. Update:#Three extremely smart and knowledgeable people who I respect disagree, claiming it won't hurt the CIA a lot. I suppose I'm focusing on "hurting the cyber abilities" of the CIA, not the CIA as a whole, which mostly is non-cyber in function.


The CIA is not cutting edge.#A few days ago, Hak5 started selling "BashBunny", a USB hacking tool more advanced than the USB tools in the leak. The CIA seems to get most of their USB techniques from open-source projects, such Travis Goodpseeds "GoodFET" project.


The CIA isn't spying on us.#Snowden revealed how the NSA was surveilling all Americans. Nothing like that appears in the CIA dump. It's all legitimate spy stuff (assuming you think spying on foreign adversaries is legitimate).


Update #2: How is hacking cars and phones not SIGINT (which is the NSA's turf)?[*]#The answer is via physical access. For example, they might have a device that plugs into the ODBII port on the car that quickly updates the firmware of the brakes. Think of it as normal spy activity (e.g. cutting a victim's brakes), but now with cyber.

[OUTLAW 09]

Stop Fake @StopFakingNews

Tracking a Mysterious Missile Launcher Inside an Information War

http://www.stopfake.org/en/tracking-...ormation-war/#

[OUTLAW 09]

Kremlin bots instantly pounced on WikiLeaks dump, pushing false narrative that CIA framed Russia for hacking the DNC
http://thebea.st/2neCyPG

WikiLeaks' CIA dump came with a huge dezinformatsiya campaign that seemed poised and ready to exploit it.

“That narrative emerged far too quickly to have been organic...That usually speaks to some sort of automation or coordination.”

[OUTLAW 09]

BREAKING: U.S. intel, law enforcement officials have known of CIA security breach that led to latest WikiLeaks dump since end of last year.

Same timeframe as the Russian hacking in the US election...BUT they are assuming leakage came from a Contractor much like Snowdon was....

[OUTLAW 09]

"Here’s Why You Should Worry About Russian Propaganda"
http://buff.ly/2nfgOmF

[OUTLAW 09]

It appears many in Washington have known about the DNC/DCCC documents stolen by Russians at least in August.
http://www.bluedotdaily.com/paul-rya...sian-scandal/#

The presidential election victory of Donald Trump may not be the only thing made illegitimate by Russian tampering.# It seems that the GOP congressional majority may also be called into question thanks to our Russian friends (?).
According to the New York Times:
The impact of the information released by the hackers on candidates like Ms. Taddeo in Florida and others in nearly a dozen House races around the country was largely lost in the focus on the hacking attacks against the Democratic National Committee and Hillary Clinton’s presidential campaign. But this untold story underscores the effect the Russian operation had on the American electoral system.[…]
The intrusions in House races in states including Pennsylvania, New Hampshire, Ohio, Illinois, New Mexico and North Carolina can be traced to tens of thousands of pages of documents taken from the D.C.C.C., which shares a Capitol Hill office building with the Democratic National Committee.
“This is not a traditional ###-for-tat on a partisan political campaign, where one side hits the other and then you respond,” said Kelly Ward, executive director of the D.C.C.C. “This is an attack by a foreign actor that had the intent to disrupt our election, and we were the victims of it.”
The information gathered in this cyber attack was then fed to a Florida PAC supporting Paul Ryan, according to a Salon report:
After Florida Democratic House candidate Joe Garcia appeared at a primary debate against opponent Annette Taddeo with a printout of some of the hacked DCCC documents to attack Taddeo, the National Republican Campaign Committee and The Congressional Leadership Fund, a super PAC with close ties to House Speaker Paul Ryan, used the hacked documents to defeat him in the general.
And it appears many in Washington have known about the attacks for a while:
After Guccifer 2.0 targeted the chair of the DCCC, New Mexico’s Ray Lujan, the Democrats sent a letter to his Republican counterpart on Aug. 29 arguing that “the NRCC’s use of documents stolen by the Russians plays right into the hands of one of the United States’ most dangerous adversaries,” and if the National Republican Campaign Committee continued using the materials, the GOP “will be complicit in aiding the Russian government in its effort to influence American elections.”