Friday, April 29, 2022

To Celebrate National Crime Victims’ Rights Week, can FBI be proactive?


Since 1981, National Crime Victims’ Rights Week is celebrated every year in April. This week is dedicated to learn about victimization, the effect victimization has on individuals, families, friends and the community, and to promote laws, policies, and programs to help victims of crime.  Every year, thousands of communities across the nation honor the dedication of those before us that established victim rights and renew commitment to guarantee that all victims have the rights and services they need to recover from crime.  This year NCVRW is observed April 24-30.  Victim Support Services participates in marches, tree-planting ceremonies, and many other activities that are held each year to promote victims’ rights and to honor crime victims and those who advocate on their behalf. A much better way to honor the victims is to make sure the crime does not happen in the first place


The FBI’s Victim Services Division (VSD) informs, supports, and assists victims in navigating the aftermath of crime and the criminal justice process. There are 94 full-time VSD staff at headquarters, who manage the day-to-day operational aspects of the Victim Assistance Program across the FBI’s 56 field offices and international offices. Across the field, there are 172 victim specialists and 21 child/adolescent forensic interviewers, all providing assistance across numerous case types, including violent crimes against children, Indian Country, human trafficking, bank robberies, identity theft, and so on.  According to a FBI Las Vegas press release dated April 29, 2022, even when perpetrators of crimes are brought to justice, the cases do not end. Our victim specialists work to provide each individual with various emotional support, services, and resources to assist during and after their cases.

The FBI also has a multi-disciplinary team called the Victim Services Response Team, consisting of agents, analysts, and victim specialists that provide operational support in crisis and mass casualty events and play key role in supporting victim/family crisis assistance for state and local agencies following active shooter and other crisis incidents.  Specific to the Las Vegas Field Fffice, it has two victim specialists within the state, one in both southern and northern Nevada. 

The importance of celebrating National Crime Rights Week cannot be denied. However, as the celebration focuses on " the effect victimization has on individuals, families, friends and the community, and to promote laws, policies, and programs to help victims of crime." the evidence shows that the battle has been unmitigated failure.  For example, last week, United States Attorney Roger B. Handberg announced  the first quarter results of the Middle District of Florida’s Project Safe Neighborhoods (PSN) strategy as the FBI statistics show a 30% increase in violent crime in 2020 compared to the previous year. This is heartbreaking. For years, America had been experiencing steadily falling crime rates. But now, our country is heading back to a level of urban criminality not witnessed since the early 1990s.

A business axiom says "don't ask for data you won't use. Yet All 56 FBI field offices regularly run "report hate crime announcements. Its own Hate Crime Statistics Report show who is more likely to commit a hate crime. It shows that parents who show up at school board meetings to defend parental rights,  are not likely to be terrorists.  It knows which public officials spew hate and  call for violence. It knows that Soros-backed prosecutors and district attorneys are way too soft on crime. For example: Mr Anh Le was savagely beaten with a bat by two people in Chinatown, but despite the high hate crime rate in the city, San Francisco DA plea-deal so the  perpetrators did not get jail time - Mr Le had to sue to get justice. A much better way to honor the victims is to make sure the crime does not happen in the first place


Anh LĂȘ files suit against the San Francisco DA's Office - Screenshot courtesy of KTVU on YouTube


If Mayor Giuliani was running law enforcement he would re-instate  Stop-And-Frisk - yes, we know it was ruled unconstitutional, which supports our argument.


For more information about the FBI victim specialist program, visit https://www.fbi.gov/resources/victim-services. 


Thursday, April 28, 2022

FBI Addresses China Threat at DSAC Conference - Finally Refers to Inside Threat

In remarks prepared April 27, 2022 for delivery to the Domestic Security Alliance Council, FBI Director Christopher Wray made it clear the counterintelligence threat posed by China is top of mind and " nothing presents a broader, more severe threat to our ideas, our innovation, and our economic security than the People’s Republic of China." according to Wray's remarks. The Domestic Security Alliance Council (DSAC) is a strategic partnership that formed in December 2005 between the U.S. government and the U.S. private industry, seeking to bridge the information divide between America’s private and public sectors. Or as Citizens For Truth's Jack Xiong, writes:  "DSAC, the Secret Alliance Between Corporations and the FBI to Monitor Activists"  Xiong writes that "The most high-profile case of DSAC’s work was revealed in 2012. Following successful freedom of information requests by the Partnership for Civil Justice Fund, the FBI releasedredacted documents in December 2012 showing that the FBI had spied on Occupy Wall Street (OWS) organizers and passed OWS information to financial firms via DSAC before the first OWS protests in Zuccotti Park in New York City."



Wray asserts that the  PRC is leading a generational fight for China to surpass the U.S. as a global superpower, and it’s pursuing those goals with little regard for international norms and laws and  not through fair and lawful competition and that the Chinese government has shown its willingness to steal its way up the ladder, as the scale of China’s theft of U.S. innovation is unprecedented. And as a result, U.S. companies are facing a greater, more complex danger than they have ever faced before.

To illustrate the extent of the Chinese threat, Wray says that of the 56 field offices the FBI has across the country, every single one has cases on the Chinese government’s attempts to steal U.S.-based information and technology,  use intelligence officers, hackers, front companies, seemingly benign joint ventures or research partnerships  and recruiting employees who use their legitimate access to steal corporate secrets, what we all refer to as “insider threats.”  This is breaking news:  While we have been urging the FBI to address the insidious Inside Threat for years, this is the first time we see Director Wray discuss it.  The Inside Threat was conspicuously absent in the FBI 2021 Internet Crime, for instance, even though   Rachel Rojas, heads up the Bureau’s Insider Threat Office. To be cleat, we are not talking about the case where the DOJ dispatched the FBI to school board meetings to reign in parents who protested against schools overreach 




Director Wray's remarks describe in detail the case of Shan Shi, who sentenced to federal prison in 2020 for stealing trade secrets from a company in Texas regarding a technology called syntactic foam, export-controlled because it has military applications that allows submarines to evade detection underwater. This technology,  China’s government agencies and state-owned enterprises hadn’t been able to manufacture themselves. So to get around it, the Chinese government gave Shi three million dollars to incorporate a company in Houston and get what they needed to make syntactic foam in China. To obtain the technology, he targeted the American victim company’s employees on social media using cash incentives and cushy job offers to entice two former employees, two former insiders, to help with this effort in exchange for the company’s trade secrets and technical data.Once he had the information, Shi sent it to China, where they started manufacturing a key component of syntactic foam.

To add insult to injury, Shi and his co-conspirators patented in China the very manufacturing process they stole from the American company. Shi then contacted the victim company and offered it a joint venture using its own stolen technology with the idea of  obtaining the company’s cooperatio and then put it out of business. While the  Chinese government could not replicate the technology, it paid to have it stolen.  The victim company’s CEO fully cooperated with the FBI resulting in indictments and arrests and the FBI was able to disrupted a planned purchase of millions of dollars’ worth of manufacturing equipment destined for China. Four defendants, including the two insiders pleaded guilty. Shi was convicted at trial and the Chinese government’s attempts to dominate that particular industry were thwarted.

Besides the Insider Threat describe in Wray's remarks, the also addressed cyberthreats, as staying near the top of the FBI's  list as long as nation-states and cybercriminal syndicates keep innovating. According to the remarks.  Like any security threat, it is a cat and mouse game:  The Chinese government is constantly developing new ways to compromise victims' networks. Today’s cyber threats are more pervasive, hit a wider variety of victims, and carry the potential for greater damage than ever before.  The rest of Director Wray's remarks were a general overview of  the FBI 2021 Internet Crime Report and extoling the virtue of partnerships such as the one with Domestic Security Alliance Council, which the Partnership for Civil Justice Fund, a non-profit, said that espionage facilitated by DSAC treated “protests against the corporate and banking structure of America as potential criminal and terrorist activity,” and said that DSAC was “functioning as a de facto intelligence arm of Wall Street and corporate America.”



Tuesday, April 26, 2022

Big Tech mourns the sale of Twitter to Elon Musk.


 BigTech mourns the sale of Twitter to Elon Musk..  Will Musk be able to put Twitter back together again? 

Not according to Pew Research.  Big Tech monetizes hate & division.  Covertly leans ProChina & AntiUSA, its algorithms reflect such bias.  In short, Bigh Tech and Twitter are diametrically opposed to Musk's desire for a free speech digital square free of bots & SNOs & open source algorithms.  According to Musk:  “Free speech is the bedrock of a functioning democracy, and Twitter is the digital town square where matters vital to the future of humanity are debated”




BigTech promised to democratize the world by offering free Internet. But it quickly carved out silos. According to Pew Research,  a small minority of users create the vast majority of tweets to drown out the opposition.  Some 70% of these prolific tweeters are democrat and 70% of their retweets contain misinformation - the bigger the lie, the more retweets. 


Twitter promotes Silo building as a safety measure - aka Intellectual Inbreeding, uses flags as call to action & deep scanning  to throttle the the opposition, including  coordinated inauthentic. 



Big Tech censor and suppress conservative ideas. For example, approaching the 2020 election, according to a report by the Guardian, internal documents from Facebook suggest that the platform intentionally restricted the distribution of a New York Post report that allegedly revealed ties between Democratic presidential candidate Joe Biden and a Ukrainian energy company. The suppression was not automatic or based on Facebook’s AI and algorithmic approach to content, but rather done by hand by Facebook moderators.


According to the Daily Mail, YouTube has been accused of censorship after it was reveal that it has been removing the ability for users to make money from their videos if they express politically incorrect or offensive views. "And the latest video to fall victim to the site's new censorship rules is, ironically, one on left wing censorship."

We know for instance that Microsoft has a working relationship with a number of CCP-run organizations.  The Daily Wire reports that recently, Bill Gates has been complimentary of current CCP Chairman Xi Jinping. "The area of science, where China is now leading a lot of ways and willing to invest," Gates said, before boasting to a Chinese state-run media outlet, "that's been something I discussed with President Xi."   The National Pulse published an in-depth exposĂ© into the partnership, revealing that the People’s Liberation Army (PLA) has been conducting research on bat coronaviruses alongside the Bill & Melinda Gates Foundation at the infamous Wuhan Institute of Virology, which is where the Wuhan coronavirus (Covid-19) is believed to have “escaped” after being sent there by Ralph Baric from the University of North Carolina at Chapel Hill. While Trade Spokesperson Peter Navarro has cited Microsoft's Bing search engine and Skype platform, saying they "effectively are enablers of Chinese censorship, surveillance and monitoring." Is this why the  FBI Christopher Wray on threats posed by Chinese Government was compelled to single out #LinkedIn

Pew Research also found that most people have multiple social media accounts. 90% of LinkedIn users, for example, use Facebook. 94% use YouTube, while 57% use Instagram.  While Edison  found that 64% of whites in the US use LinkedIn more than 16% of Hispanics. African Americans were at 6% while others were at 14%.  But Wray  fails to mention Tweeter, Facebook, Google, politicians or the media.. Consider that 1000s of Google employees walked out to protest the company working with the US government, but the same people  remained apathetic as Google continues to do work with company which directly benefits the Chinese Communist


 


Heritage’s own online team still has posts about election integrity, religious freedom, conservative principles, and more throttled online—with no clear explanation why. 

 


By now it’s clear that Big Tech’s ideological bias targets and censors conservative voices, shrinks the marketplace of ideas, and undermines the foundation of our republic.

 


At least through email, I’m pretty sure my voice will reach you. And that’s why I’m asking you to stand with us.

 


Right now, Heritage is strategically taking action to counter Big Tech’s bullying tactics.

All this says that Elon Musk's purchase of Twitter is a major disruption for Big Tech. It would not be surprising to see a massive exodus of progressive users away from Twitter toward the more conventional social media.




Friday, April 22, 2022

US Attorney Touts Success of PSN Strategy - Not Convincing

Today, United States Attorney Roger B. Handberg announced  the first quarter results of the Middle District of Florida’s Project Safe Neighborhoods (PSN) strategy as the FBI statistics show a 30% increase in violent crime in 2020 compared to the previous year. This is heartbreaking. For years, America had been experiencing steadily falling crime rates. But now, our country is heading back to a level of urban criminality not witnessed since the early 1990s. 


CHP Responding to traffic accident - File Photo


Predictably, the left is trying to place the blame on anyone but themselves. They want to say that the problem is due to the pandemic, the economy, and guns.  The PSN reports shows a focus on the latter.  According to Handberg,  " Over the past three months, PSN prosecutors in the Middle District of Florida have prosecuted 130 defendants for federal firearms and violent crime offenses.  Those prosecutions have removed more than 300 firearms from our streets. " 

Handberg says that PSN is the centerpiece of the Department of Justice’s violent crime reduction efforts and characterizes it as  "an evidence-based program which has proven to be effective at reducing violent crime by engaging a broad spectrum of stakeholders working together to identify the most pressing violent crime problems in communities and developing comprehensive solutions that reduce crime. As part of this strategy, PSN focuses on prevention and intervention efforts through community engagement and problem-solving partnerships, strategic enforcement of the most violent offenders, and locally based reentry programs to reduce recidivism." - Yet, while not all the numbers are compiled yet, it appears the trend actually accelerated in some cities.  CNN reports that "Major crimes in New York City spiked nearly 60% in February compared to the same month in 2021 -- a large majority occurring in a small swath of the metropolis -- as Mayor Eric Adams rolled out his plan to combat gun violence and crime in the city:

Handberg adds that as part of its PSN strategy, each of the five divisions of the United States Attorney’s Office for the Middle District of Florida (USAO-MDFL) have engaged in violent crime reduction strategies in 2022, including:

Orlando – Five Assistant United States Attorneys (AUSAs) have been assigned to exclusively prosecute violent crime, narcotics, and firearms cases. Each AUSA also serves as a liaison to a specific law enforcement agency that investigates violent crimes.

Jacksonville – AUSAs meet weekly with fellow Crime Gun Intelligence Center (CGIC) partners (Jacksonville Sheriff’s Office, Clay County Sheriff’s Office, State Attorney’s Office - Fourth Judicial Circuit, ATF, DEA and FBI) to develop investigations. Staff members also participate in local reentry programs (Baker, Lawtey, and Columbia Correctional) and school outreach presentations.

Ocala – AUSAs have teamed up with the State Attorney’s Office for the Fifth Judicial Circuit, ATF, DEA, FBI, the Ocala Police Department, and the Marion, Lake, and Citrus County Sheriff’s Offices to locate, seize, and prosecute individuals who unlawfully possess firearms. 

Tampa – The number of dedicated violent crime prosecutors has increased to 11.  In addition, as part of an ongoing partnership with the Hillsborough County Sheriff’s Office, two defendants have recently been charged in a drug-related homicide case (United States v. Grable, et al).

Ft. Myers – Relationships with local, state, and federal law enforcement agencies have been enhanced through the USAO-MDFL Violent Crime Working Group in an effort to identify offenders and coordinate investigations and prosecutions involving firearms-related offenses.

Districtwide – An increase in our proactive community outreach strategy has allowed staff to further engage community-based organizations, educational institutions, and service agencies in an effort to prevent and decrease future gun-related incidents. 

While it is always good to remove violent criminals off the streets, the PSN is short of details and lacks the evidence Handberg alluded to:  Stop and Frisk in NYC was very simple to understand and was extremely effective, for example.  PSN is not simple to break down and not enough detail is provided to conclude it's effectiveness

The US Attorney's announcement  happens to coincide with Crime Survivors Awareness Month, but while awareness is important, it may be more important to call out the enablers:  A business axiom says "don't ask for data you won't use." Yet All #FBI field offices around the country regularly run "report hate crime" PSAs. Its own 2021 Hate Crime Statistics Report show who is more likely to commit a hate crime so that a Stop and Frisk-type of approach could be implemented 

It shows for example that parents who show up at school board meetings are not likely to be terrorists. But MSN reports that "for the past few months, outbursts, screaming, and yelling have become commonplace at CCSD Board of Trustees meetings. Issues like mask and vaccine mandates and discussions of race in public schools are igniting anger nationwide and causing divides to deepen, framing the issue from the mandate's advocate's perspective and not the parents'

The FBI also knows which public officials spew hate & call for violence: 

It knows that Soros-backed DAs are way too soft on crime. For example: Mr Anh Le was savagely beaten with a bat by two people in Chinatown, San Francisco. Despite the high hate crime rate in the city,  The San Francisco DA plea-deal so the  perpetrators did not  get jail time - Mr Le had to sue to get justice

While todays PSN announcement is positive, its a small step in trying to reduce violent crime, not only in Florida, but all across America.

 For additional information on Project Safe Neighborhoods, please visit the website: https://www.justice.gov/usao-mdfl/project-safe-neighborhoods-0.

Tuesday, April 19, 2022

Waltz & Keeler Plead Guilty to Illegal Campaign Contribution - links casinos to political corruption

Today, The DOJ and FBI announced John Keeler, a former Indianapolis-based casino executive pleaded guilty to causing false statements on the casino’s corporate tax return by concealing contributions to a local political party as deductible business expenses. In addition, Darryl Brent Waltz, a former Indiana State Senator and a 2016 candidate for U.S. Congress, charged in the same indictment, pleaded guilty last week to making and receiving illegal conduit contributions through sham donors and making false statements to the FBI.


Native American Totem as seen by 3rd grader


According to court documents, Keeler, 72, of Indianapolis, former vice president and general counsel of gaming company New Centaur LLC, funneled $41,000 in New Centaur corporate funds to Maryland-based political consultant Kelley Rogers and an entity under his control for the purpose of contributing the funds to the Greater Indianapolis Republican Finance Committee to benefit the Marion County Republican Central Committee. Keeler then caused New Centaur to falsely report the political contribution to the IRS as a deductible business expense.  

In addition, Waltz, 48, of Greenwood, a former Indiana State Senator and 2016 candidate for U.S. Congress, pleaded guilty last week to funneling $40,500 in illegal conduit contributions to his 2016 congressional campaign. Waltz and Rogers directed corporate funds from New Centaur into the Brent Waltz for Congress campaign through several straw contributors and through Waltz himself. Waltz also lied to and misled federal authorities who were investigating the illegal contributions.  

Douglas M. Walkera  and Peter T. Calcagno studied casinos and political corruption in the United States using a causality analysis to conclude that there is "evidence that predicted casino adoptions Granger cause corruption convictions. This finding is suggestive of a scenario of regulatory capture and may help explain why state-level gaming regulatory agencies have a history of softening gaming regulations after the initial introduction of casinos. Our study provides the first empirical evidence linking casinos to political corruption."  While Ken Poirot concludes: "Wherever there is power, greed and money, there is corruption"

Both defendants are scheduled to be sentenced at a later date. Waltz faces up to 10 years in prison and Keeler faces up to three years in prison. The FBI and IRS-Criminal Investigation investigated the cases.



RELATED

Monday, April 18, 2022

Its Official, Rocket Man is also Cyber Man

The FBI made if official.  the FBI reported Thursday on Malicious Cyber Activity Posed by the Democratic People's Republic of Korea: It confirmed Lazarus Group and APT38, cyber actors associated with the DPRK,  are responsible for the theft of $620 million in Ethereum reported on March 29 which might be the biggest crypto hack to date.  Roughly $622 million were stolen from a blockchain-based gaming network. The Ronin Network, which powers the Axie Infinity game, confirmed the security breach . According to the network’s Substack post, Ronin was exploited for 173,600 Ethereum and 25.5 million USDC. 




To approve any withdrawal or deposit, Ronin requires five of its nine validators to sign off on transactions to ensure funds are not moved by anyone with malicious intent. The attacker was able to control four Ronin validators and one validator linked to the Axie DAO–the decentralized autonomous organization associated with Axie Infinity. The attacker used hacked private keys in order to forge fake from the charges brought against Mark Robert Unkenholz of Hanover Maryland for the willful transmission and retention of National Defense Information (NDI).  




A couple of days earlier from the reported FBI attribution, Operation Tourniquets forced RaidForums to shut down and its infrastructure was seized.  The Operation is described as  a complex law enforcement effort coordinated by Europol to support independent investigations of the United States, United Kingdom, Sweden, Portugal, and Romania. The forum’s administrator and two of his accomplices were arrested


Thursday, April 07, 2022

DOJ Charges Russian National Malofeyev With Financing Ukraine Separatist

Damian Williams, the United States Attorney for the Southern District of New York, and Michael J. Driscoll, the Assistant Director-in-Charge of the New York Office of the Federal Bureau of Investigation, announced yesterday the unsealing of a criminal indictment charging Konstantin Malofeyeye with conspiracy to violate United States sanctions and violations of United States sanctions in connection with his hiring of an American citizen, Jack Hanick, to work for him in operating television networks in Russia and Greece and attempting to acquire a television network in Bulgaria. Malofeyey also conspired with Hanick and others to illegally transfer a $10 million investment that Malofeyey had made in a United States bank to a business associate in Greece, in violation of the sanctions blocking Malofeyey's assets from being transferred. Along with the Indictment, the United States Attorney announced the seizure of Malofeyey's United States



 investment.

According to the Indictment unsealed today in Manhattan federal court: 

On December 19, 2014, the Department of Treasury’s Office of Foreign Assets Control (“OFAC”) designated Konstantin Malofeyev as a Specially Designated National (“SDN”),  one of the main sources of financing for Russians promoting separatism in Crimea, and has materially assisted, sponsored, and provided financial, material, or technological support for, or goods and services to or in support of the so-called Donetsk People’s Republic, a separatist organization in the Ukrainian region of Donetsk, Malofeyev hired a United States citizen named Jack Hanick in 2013 to work on a new Russian cable television news network (the “Russian TV Network”) that Malofeyev was creating. Malofeyev negotiated directly with Hanick regarding Hanick’s salary, payment for Hanick’s housing in Moscow, and Hanick’s Russian work visa, and Malofeyev paid Hanick through two separate Russian entities through the end of 2018.

After OFAC designated Malofeyev as a SDN in December 2014, Malofeyev continued to employ Hanick on the Russian TV Network,  dispatched Hanick to work on a project to establish and run a Greek television network and on efforts to acquire a Bulgarian television network. At Malofeyev’s direction, Hanick traveled to Greece and to Bulgaria on multiple occasions in 2015 and 2016 to work on these initiatives, and reported directly back to Malofeyev on his work. 

Malofeyev  also employed Hanick to assist him in transferring a $10 million investment in a Texas-based bank holding company (the “Texas Bank”) to the Greek Business. In 2014, Malofeyev  had used a shell company to make the investment, and beginning in or about March 2015, he began making plans to transfer ownership of the shell company to the Greek Business Associate as a means to transfer the investment in the Texas Bank. In or about May 2015, Malofeyev ’s attorney drafted a Sale and Purchase Agreement that purported to transfer the shell company to the Greek Business Associate in exchange for one U.S. dollar. In June 2015 Malofeyev  had Hanick physically transport a copy of Malofeyev ’s certificate of shares in the Texas Bank from Moscow to Athens to be given to the Greek Business Associate. Malofeyev  signed the Sale and Purchase Agreement in June 2015, but the agreement was fraudulently backdated to July 2014 to make it appear that the transfer had taken place prior to the imposition of United States sanctions. Malofeyev V’s attorney then falsely represented to the Texas Bank that the transfer had taken place in July 2014, even though Malofeyev  and his attorney well knew that the transfer of the shell company was executed in June 2015.

Along with the unsealed Indictment, the United States Attorney announced the issuance of a seizure warrant for Malofeyev ’s Texas Bank investment, which had been converted by the Texas Bank in 2016 to cash held in a blocked United States bank account. The United States recovered those funds pursuant to the warrant and will seek forfeiture of those funds as property that constitutes or is derived from proceeds traceable to the commission of the offenses alleged in the Indictment.


DOJ Attempts To Disrupt Russian Botnet

 The Justice Department  announced yesterday a court-authorized operation, conducted in March 2022, to disrupt a two-tiered global botnet of thousands of infected network hardware devices under the control of  Sandworm, which the U.S. government has previously attributed to the Main Intelligence Directorate of the General Staff of the Armed Forces of the Russian Federation (the GRU). The operation copied and removed malware known  as Cyclops Blink, from vulnerable internet-connected firewall devices that Sandworm used for command and control (C2) of the underlying botnet. Although the operation did not involve access to the Sandworm malware on the thousands of underlying victim devices worldwide, referred to as “bots,” the disabling of the C2 mechanism severed those bots from the Sandworm C2 devices’ control. Victims must still take additional steps to remediate the vulnerability and prevent malicious actors from further exploiting unpatched devices.

Digital Universe, Public Domain


According to Assistant Attorney General Matthew G. Olsen of the Justice Department’s National Security Division, the DOJ worked closely with WatchGuard and other government agencies in this country and the United Kingdom to analyze the malware and to develop detection and remediation tools. “Through close collaboration with WatchGuard and our law enforcement partners, we identified, disrupted and exposed yet another example of the Russian GRU’s hacking of innocent victims in the United States and around the world,” said U.S. Attorney Cindy K. Chung for the Western District of Pennsylvania. “Such activities are not only criminal but also threaten the national security of the United States and its allies." She said. 


“This operation is an example of the FBI’s commitment to combatting cyber threats through  our unique authorities, capabilities, and coordination with our partners,” said Assistant Director Bryan Vorndran of the FBI’s Cyber Division. “As the lead domestic law enforcement and intelligence agency, we will continue pursuing cyber actors that threaten the national security and public safety of the American people, our private sector partners and our international partners.”

On Feb. 23, the United Kingdom’s National Cyber Security Centre, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, the FBI and the National Security Agency released an advisory identifying the Cyclops Blink malware, which targets network devices manufactured by WatchGuard Technologies Inc. (WatchGuard) and ASUSTek Computer Inc. (ASUS). These network devices are often located on the perimeter of a victim’s computer network, thereby providing Sandworm with the potential ability to conduct malicious activities against all computers within those networks. As explained in the advisory, the malware appeared to have emerged as early as June 2019, and was the apparent successor to another Sandworm botnet called VPNFilter, which the Department of Justice disrupted through a court-authorized operation in 2018.

The same day as the advisory, WatchGuard released detection and remediation tools for users of WatchGuard devices. The advisory and WatchGuard’s guidance both recommended that device owners deploy WatchGuard’s tools to remove any malware infection and patch their devices to the latest versions of available firmware. Later, ASUS released its own guidance to help compromised ASUS device owners mitigate the threat posed by Cyclops Blink malware. The public and private sector efforts were effective, resulting in the successful remediation of thousands of compromised devices. However, by mid-March, a majority of the originally compromised devices remained infected.

Following the initial court authorization on March 18, the department’s operation was successful in copying and removing the malware from all remaining identified C2 devices. It also closed the external management ports that Sandworm was using to access those C2 devices, as recommended in WatchGuard’s remediation guidance (a non-persistent change that the owner of an affected device can reverse through a device restart). These steps had the immediate effect of preventing Sandworm from accessing these C2 devices, thereby disrupting Sandworm’s control of the infected bot devices controlled by the remediated C2 devices. However, WatchGuard and ASUS devices that acted as bots may remain vulnerable to Sandworm if device owners do not take the WatchGuard and ASUS recommended detection and remediation steps. The department strongly encourages network defenders and device owners to review the Feb. 23 advisory and WatchGuard and ASUS releases.

The operation announced yesterday leveraged direct communications with the Sandworm malware on the identified C2 devices and, other than collecting the underlying C2 devices’ serial numbers through an automated script and copying the C2 malware, it did not search for or collect other information from the relevant victim networks. Further, the operation did not involve any FBI communications with bot devices.

Prior to the Feb. 23 advisory, the FBI has been attempting to provide notice to owners of infected WatchGuard devices in the United States and, through foreign law enforcement partners, abroad. For those domestic victims whose contact information was not publicly available, the FBI has contacted providers (such as a victim’s internet service provider) and has asked those providers to provide notice to the victims.  As required by the terms of the court authorization, the FBI has provided notice to the owners of the domestic C2 devices from which the FBI copied and removed the Cyclops Blink malware.


RELATED






FBI 2021 Internet Crime Report Void of Actionable Info, Ignore Occam's Razor

The  Federal Bureau of Investigation's (FBI)  2021 Internet Crime Complaint Center (IC3) Internet Crime Report shows a loss of $6.9 billion in Internet-enabled crimes, the highest in the last five years. The top three cyber crimes reported by victims in 2021 were phishing scams, non-payment/non-delivery scams, and personal data breach.  


Overview: FBI statement on HBCUs at Risk

Today, Ryan T. Young, FBI's Executive Assistant Director, Intelligence Branch Statement Before the House Oversight and Reform Committee titled:  HBCUs at Risk: Examining Federal Support for Historically Black Colleges and Universities reviews the threats to members of faith-based communities across the United States, houses of worship, and schools noting that these threats have been rising in recent years, as evidenced by the hostage-taking at Congregation Beth Israel, a synagogue in Colleyville, Texas, and the bomb threats against HBCUs that continue today.  





FBI and CISA Warns about Russian State-Sponsored Cyber Actors’ Exploitation of Vulnerability

Today, the FBI issued a warning titled “Mitigating Threats Posed by Russian State-Sponsored Cyber Actors’ Exploitation of Default Multifactor Authentication…

Read More »






Monday, April 04, 2022

Palestinian Wasp agrees with Susan Collins on Ketanji Brown Jackson’s Supreme Court nomination

On Monday, members of the US Senate Judiciary Committee meet to discuss Judge Ketanji Brown Jackson’s nomination to the US Supreme Court., after the committee’s four-day hearings that touched on Jackson’s career and education, judicial approach, potential recusals if she is confirmed, family life and more. The committee will then hold a vote on her nomination and send its recommendation to the full Senate for consideration. Senate rules allow Majority Leader Chuck Schumer to file a motion to discharge and move Jackson’s nomination for consideration before the full Senate in the event of a deadlocked committee recommendation.




Last week week, Maine Sen. Susan Collins announced she decided to vote to confirm Ketanji Brown Jackson to the Supreme Court: "After reviewing Judge Ketanji Brown Jackson's extensive record, watching much of her hearing testimony, and meeting with her twice in person, I have concluded that she possesses the experience, qualifications, and integrity to serve as an Associate Justice on the Supreme Court, I will, therefore, vote to confirm her to this position." Collins said.  It is expected that Utah Sen. Mitt Romney,  Alaska Sen. Lisa Murkowski  and at least two other Republicans have announced their support for Brown, more than likely assuring that Brown will be confirmed.  

Since Brown's confirmation is a done deal the Palestinian Wasp decided to take Collins' lead to " review Brown Jackson's extensive record,  to  concluded that she possesses the experience, qualifications, and integrity to serve as an Associate Justice on the Supreme Court" as follows;" as follows

Brown stated she will recuse herself from the Harvard Admissions cases, since he high court agreed to revisit the use of race in college and university admissions policies. But given her role at Harvard, Brown and more than likely the case will involve women, and since she is not a biologist,  said she plans to step aside if on the bench.

More than likely Brown will recuse herself form passing judgment on sex offenders and pedophiles because she is not a psychologist:  In the 2003 Hawkins' case Brown issued a sentence lower than the ones recommended by both the probation office and the nonbinding federal guidelines. She also agreed with the defense’s claim that Mr. Hawkins should not be thought of as a pedophile because he was fairly close in age to the children depicted in the images he had.

Brown said she cannot pass judgment on abortion because she is not a gynecologist. While Brown, her supporters and  CNN's anchor Sara Sidner commiserate over self obliteration after Will Smith's confrontation with Chris Rock at the Academy Awards, because according to Sidner, it  "drew attention away from the other Oscar winners and from serious news affecting people around the world." They all however support # Black Genocide  - the killing of millions of preborns, mostly African American. They also support the progressive policies that have placed the African American Family in the endangered species right next to Sea Turtles.  While at the same time charging Elon Musk with trying to kill baby Sea Turtles

The Palestinian Wasp agrees with Senator Collins.  Brown is highly qualified and will continue to support the  Fauuci-like War on Minorities; The same policies, which along with Tribal Leaders & corrupt politicians and corporate greed have failed Native Americas & Alaska Natives. and Middle Class America

 

Sunday, April 03, 2022

Another Agent Charged in PRC-sponsored Operation Fox Hunt

Sun Hoi Ying, aka Sun Haiying a Chinese national, is charged in a criminal complaint, which was unsealed Wednesday March 30, 202 in the Southern District of New York, with conspiring to act in the United States as an illegal agent of the People’s Republic of China (PRC).

According to court documents, Haiying, 45, of the PRC, from at least February 2017 through February 2022, acted in the United States as an agent of the PRC government, without notifying the U.S. Attorney General as required by law


Public Domain:   Byron E. Schumaker, ca. 1935-, Photographer (NARA record: 8451340U.S. National Archives and Records Administration


U.S. Attorney Damian Williams for the Southern District of New York said: “The PRC government launched a campaign dubbed ‘Operation Fox Hunt,’ a global plot to repress dissent and to forcibly repatriate so-called ‘fugitives’ – including citizens living legally in the United States – through the use of unsanctioned, unilateral and illegal practices,”  He added: “We allege Mr. Sun, as part of that campaign, attempted to threaten and coerce a victim into bending to the PRC’s will, even using a co-conspirator who is a member of U.S. law enforcement to reinforce that the victim had no choice but to comply with the PRC government’s demands. Today’s charges reflect this office’s continued commitment, working hand in hand with our partners at the FBI, to combat transnational repression and bringing to justice those who perpetrate it.”

According to court documents, the FBI has been involved in an investigation of individuals who, working at the direction of the PRC government, have engaged in an international campaign, known alternatively as “Operation Fox Hunt” and “Operation Skynet,” to pressure individuals located in the United States and elsewhere to return to the PRC to face charges or to otherwise reach financial settlements with the PRC government.  On March 17, 2022  five CCP agents were indicted on charges related to CCP Spying on Chinese Nationals in  the US and Abroad



Hacking 101

Originally published April 19, 2016





It continues to be relevant given the FBI 2021  Internet Crime Complaint Center (IC3) Internet Crime Report and the state-sponsored cyberactivity these past few days, including:









Learn to Hack Pentagon Computers Legally and Get Paid $150K


Posted By CotoBlogzz

Rancho Santa Margarita, CA – As evidenced by the recent spat between the FBI and Apple Computer and contrary to what Apple may claim, computer protection is not simply the best proprietary algorithm, but a series of carefully planned steps not unlike the Lockheed Martin Cyber Kill Chain®

Not too surprising then, the Pentagon announced a Hack-a-DOD program that runs through May 12, 2016 where contestants (would be hackers) will try to find vulnerabilities in the Department of Defense’s public websites for the ultimate price of $150,00, without going to jail!

Arguably, a major challenge in the initial stages of learning how to hack, is to legally use a network to try the various methods.  So, now you can learn how to hack legally and get paid for it.  The catch?   You have to agree to a background check before participating in the program.
In any case, you can still learn to hack as long as you have a MOM – motive, Opportunity and means.

We will briefly review what it takes to launch an attack, including different types of attacks and tools and techniques used in such an attack, with the following warning:



 NOTE:  Go directly to jail. Do not pass GO. Do not collect $200.

Various hacking activities may be punishable by law: Make sure you do not do anything that will land you in jail. Good intentions do not suffice - breaking in, or even probing, may still be a transgression even if it is done just in order to detect weaknesses and tell the system administrator about it.


Background

On march 24, 2016 the US Department of Justice charged seven Iranian individuals who were employed by two Iran-based computer companies, ITSecTeam (ITSEC) and Mersad Company (MERSAD), that performed work on behalf of the Iranian Government, including the Islamic Revolutionary Guard Corps, on computer hacking charges related to their involvement in an extensive campaign of over 176 days of distributed denial of service (DDoS) attacks: 

The attacks disabled victim bank websites, prevented customers from accessing their accounts online and collectively cost the victims tens of millions of dollars in remediation costs as they worked to neutralize and mitigate the attacks on their servers:  http://cotobuzz.blogspot.com/2016/03/seven-working-for-iranian-government.html

On March 23, 2016, Stephen Su, a Chinese national pleaded guilty today to participating in a years-long conspiracy to hack into the computer networks of major U.S. defense contractors, steal sensitive military and export-controlled data and send the stolen data to China: http://cotobuzz.blogspot.com/2016/03/stephen-su-chinese-guilty-in-cyber-hack.html

On March 24, 2016, Sprouts Farmers Market a phising attack exposed employee payroll data:  http://www.computerweekly.com/news/450279834/Phishing-attack-at-US-retailer-underlines-need-for-proactive-security
Hollywood Presbyterian Medical Center’s computer network was attacked Feb. 5 2016 when malware locked access to certain computer systems and prevented communicating electronically - http://money.cnn.com/2016/02/17/technology/hospital-bitcoin-ransom/

Police Department Pays Cybercriminals Following Ransomware Infection - The Tewksbury, Massachusetts Police Department recently paid a $500 ransom to decrypt its files following an infection with KEYHolder ransomware, according to the Boston Globe:  http://www.esecurityplanet.com/malware/police-department-pays-cybercriminals-following-ransomware-infection.html


The Attack Process

Individuals with MOM, including those above and those who may want to harm the Pentahgon, may want to use a combination of tools to implement an attack using a process such as the one below:
  1. Perform reconnaissance /profiling) on the target /Scan the target organization’s network.
  2. Research vulnerabilities.
  3. Perform the attack.
    1. snoop / decrypt
    2. spoof
    3. break in
    4. deny service
    5. Create a backdoor.
  4. Cover tracks

Tools:  There are a number of tools that can be used in the process,  including ping, phising simulators, password cracking tools and tools such as NMAP, Wireshark, Metasploit, Nessus, Aircrack, Snort and so on


Scan/Research Vulnerabilities Activity


  • Download the NMAP tool from www.nmap.org.
  • Install the tool on your computer.
  • Start the NMAP tool and select Ping scan.
  • Select an IP address for a known system on the network and use NMAP to send pings to the device. Click Scan. NMAP will scan target systems.
  • On the NMAP tool, select Regular scan and then click Scan. NMAP will scan commonly used ports and display what open ports were found.

What open ports are shown? What is the function of these ports? Are there any security implications on account of these ports being open?


The Attack – Password cracking

If you determine that the best way to crack a Pentagon computer is through password crackingselect a password cracking tool and  examine what it takes to crack passwords on Window and UNIX-based systems.  See for example
·         New Password Cracking software tries 8 Million Times Per Second To Crack Passwordhttp://hackersnewsbulletin.com/2013/09/new-password-cracking-software-tries-8-million-times-per-second-crack-password.html
·         Ten Most Popular Password cracking tools http://resources.infosecinstitute.com/10-popular-password-cracking-tools/
·         password cracking simulator:  http://www.password-online.com/password_simulator.php

Attack - DoS  

You can launch a DoD attack using a number of tools, such as ping or Swithcblade

The utility ping sends one or more ICMP ECHO packets to a given host and times how long it takes before the echo arrives. Uses:
  • Find out whether the host is reachable (and, in particular, up); if one does something bad to a host, and ping reply stops, then the host may have crashed.
  • Study the details of the reply in order to fingerprint the remote IP stack (e.g. via ping -c 1 host: send a single packet only). In particular the TTL (time-to-live) field in ping replies is often used to distinguish between systems. (Windows 95 uses TTL=32. Most other Windows systems use 128. Various Unix-like systems use 64 or 255. For each hop the TTL value is decreased by one.)
  • Flood ping: ping -f host: send a hundred packets per second to the remote host, probably to see how it keeps up under load, or to contribute to a DDoS attack.
  • Smurf : A stronger version is the smurf attack, where one pings the broadcast address of a large network, giving as spoofed sender address the address of the victim - now a single packet sent will cause several hundred (or thousand) packets to be received by the victim. An effective denial-of-service attack. (Cf. rfc919, rfc2644.)
For Switchblade, refer to:   https://www.owasp.org/index.php/OWASP_HTTP_Post_Tool

Attack – Ransomware

For ransomware attack, review the following:

  • CryptoLocker ransomware – see how it works, learn about prevention, cleanup and recovery
Attacks – Phishing


Develop a phising imitative targeting the Pentagon using Phising Simulators or use the one at Infosecinstitue.com. You may be surprised to know that a top Russian hacker was identified and caught, not because any weaknesses in his work, but because his wife, an avid Facebook user, led investigators to the hacker.  Leading to the Crypto MOM below.




In a test, using the Infosecinstitute.com simulators, individuals who should have known better, fell for the scam more than once!


Attack - Surface Area Minimization

Since the Pentagon Challenge refer to Department of Defense’s public websites, you may want to refer to OWASP's Surface Area Minimization Cheat Sheets.



Conclusion


Addressing the human-as-a--security Paradox, in its 2016 Human Factor Report, finds that the number one reason why attacks are successful is that attackers infected computers by tricking people into doing it themselves.  At the number three spot, if found that attackers timed email and social media campaigns to align with the times that people are most engaged. At number nine, the report lists low-volume campaigns of highly targeted phising emails focused on one or two people within and organization to transfer funds directly to attackers.

Happy exploits and keep us posted on what works or does not work.