Russian Info, Cyber and Disinformation (July 2017 to end '17)

[OUTLAW 09]

Reference Russian hack of Ukraine.....

New: the hackers linked to #NotPetya ransomware decrypted a file for us, proving they can unlock at least some files
https://motherboard.vice.com/en_us/a...-decrypt-file#

BUT still largely unable to decrypt all files that it encrypted....

They still sidestep why they wiped the MBF on a large number of computers which is viewed as a destructive attack and why they are saying they will return all ransom payments when they did not make much to begin with....

IMHO they are trying to act like an beginner hack not a state sponsored attack....KEY the deliberate MBF wipe and the use of LSADump to record passwords and domain servers...and then the exfil of that data...for future hacking use.....NOR using a backdoor installed on a key updated software product.....

[OUTLAW 09]

Russian FM is apparently in "an altered info warfare state of reality" on their bombing of Aleppo......

MFA Russia #
Verified account
#@mfa_russia 5m

#Zakharova: We have requested that @CNN accurately cover the case of Syrian boy Omran Daqneesh

Zakharova: The lack of a clear response from @CNN makes us think that CNN journalists consciously distorted the facts

#Zakharova: We still expect @CNN to openly admit its mistake and prepare a retraction

CNN...we stand by the report and request Russian FM to prove they did not drop the bombs on his home even with existing video footage of Russian aircraft flying overhead at the time of the bombing and no other AF in the area other than RUAF.....on that particular day RUAF flew five strike missions over Aleppo....

[OUTLAW 09]

Not relevant to thread, refer to non-Russian matters and as per notice elsewhere removed.

[OUTLAW 09]

Deleted

[OUTLAW 09]

This thread title is as follows....

Russian Info, Cyber and Disinformation

To ignore and delete information that indicates that a large number of Americans are actively working in that Russian effort for whatever reasons and then push that Russian info warfare, cyber and disinformation on to other Americans in order to influence their decisions and actions using all forms of media is an interesting development....even for SWJ.

BTW...info posted here was provided to Twitter Support which has since deleted specific accounts that were proven to have been Russian even though they claimed to be US accounts....and were using perfect US English....

[OUTLAW 09]

Media report that #Russia has ~150 intelligence operatives deployed in the US:
http://edition.cnn.com/2017/07/06/po...on0610PMStory#


Alleged largest increase in over 20 years.....matches the massive increase in Europe where in Prague you can run into one every mile or so....as Prague has become the central Russian spy capital....

[OUTLAW 09]

I am getting tired of reposting this critical article done by one of the best Russian researchers....

Crimintern: How the Kremlin uses Russia’s criminal networks in Europe

By Mark Galeotti
18th April, 2017
http://www.ecfr.eu/publications/summ...orks_in_europe

AND the US Russian crime gang connections just keep on keeping on....

Russia-born dealmaker linked to Trump assists FBI money laundering probe
https://www.ft.com/content/159eb2d8-...-0ac7eb84e5f1#

BTW in the last year FT has done some really good investigative journalism on this topic...sad is that a lot of it is behind a paywall....

[OUTLAW 09]

Someone's phishing US nuke power stations. So far, no boom.....

German Federal Security Services are taking this as a serious Russian APT28 warning to the West after their four attacks on the Baltics and Ukraine power grids....they see it as a not so subtle form of escalation....

BTW...the recent again from Russia malware hacking attack against Ukraine focused on power plants, power grid, fuel (gas) stations, and water/natural gas supply infrastructure and anything that basically used a computer...

https://www.theregister.co.uk/2017/0...=1499413546138

Also from NYTs....
https://www.nytimes.com/2017/07/06/t...ck-report.html

Don't panic, but attackers are trying to phish their way into machines in various US power facilities, including nuclear power station operators.
It seems so far whoever behind the campaign has tried phishing and watering-hole attacks, but haven't got beyond corporate networks (which in critical infrastructure should be on separate networks from the operational systems).
The New York Times got wind of the intrusion attempts, getting a look at a joint Department of Homeland Security/FBI report.
The money quote from the story appears to be this:
There is no indication that hackers were able to jump from their victims’ computers into the control systems of the facilities, nor is it clear how many facilities were breached.
Spokespeople for one of the targets, the Wolf Creek Nuclear Operating Corporation (in charge of a facility near Burlington in Kansas) said it maintained separate networks for corporate and operations systems, so there was no risk to its power stations.

BTW....what is not being talked about is that in two US nuclear sites the recent malware attack unleashed on Ukraine actually made it into the business computers of the two nuclear power companies....

BUT here is the problem not talked about...the malware contained a LSADump hack tool designed to collect all passwords and domain controllers allowing for later successful hacks unless ALL passwords were immediately changed and ALL domain servers reconfigured....

AND where is again that Trump promised US cyber defense plan he stated would be available in 90 days....nowhere to be seen ...we are now 160 days in and still nothing to be seen AND yet he is worried about alleged voter fraud that happens less than the number of Americans hit yearly by lighting........