web analytics
a

Facebook

Twitter

Copyright 2015 Libero Themes.
All Rights Reserved.

8:30 - 6:00

Our Office Hours Mon. - Fri.

703-406-7616

Call For Free 15/M Consultation

Facebook

Twitter

Search
Menu
Westlake Legal Group > Cyberwarfare and Defense

Same Goal, Different Playbook: Why Russia Would Support Trump and Sanders

Westlake Legal Group 22dc-cyber-facebookJumbo Same Goal, Different Playbook: Why Russia Would Support Trump and Sanders Trump, Donald J Sanders, Bernard Russian Interference in 2016 US Elections and Ties to Trump Associates Russia Putin, Vladimir V Presidential Election of 2020 House Committee on Intelligence democratic national committee Cyberwarfare and Defense Clinton, Hillary Rodham central intelligence agency

At first glance, it may seem contradictory that the nation’s intelligence agencies were telling Congress that President Vladimir V. Putin is presumably striving to get President Trump re-elected, while also warning Senator Bernie Sanders of evidence that he is the Russian president’s favorite Democrat.

But to the intelligence analysts and outside experts who have spent the past three years dissecting Russian motives in the 2016 election, and who tried to limit the effect of Moscow’s meddling in the 2018 midterms, what is unfolding in 2020 makes perfect sense.

Mr. Trump and Mr. Sanders represent the most divergent ends of their respective parties, and both are backed by supporters known more for their passion than their policy rigor, which makes them ripe for exploitation by Russian trolls, disinformation specialists and hackers for hire seeking to widen divisions in American society.

While the two candidates disagree on almost everything, both share an instinct that the United States is overcommitted abroad: Neither is likely to pursue policies that push back aggressively on Mr. Putin’s plan to restore Moscow’s influence around the world, from the former Soviet states to the Middle East.

And if you are trying to sow chaos in an already chaotic, vitriolic election, Mr. Putin could hardly hope for better than a face-off between an incumbent with a history of race-baiting who is shouting “America First” at rallies — while darkly suggesting the coming election is rigged — and a democratic socialist from Vermont advocating a drastic expansion of taxes and government programs like Medicare.

“Any figures that radicalize politics and do harm to center views and unity in the United States are good for Putin’s Russia,” said Victoria Nuland, who served as ambassador to NATO and assistant secretary of state for European affairs, and had her phone calls intercepted and broadcast by Russian intelligence services.

The intelligence reports provided to the House Intelligence Committee, inciting Mr. Trump’s ire, may make the American understanding of Mr. Putin’s plans sound more certain than they really are, according to intelligence officials who contributed to the assessment. Those officials caution that such reports are as much art as science, a mixture of informants, intercepted conversations and intuition, as analysts in the nation’s 17 intelligence agencies try to get into the heads of foreign leaders.

Though intelligence officials have disputed that the officer who delivered the main briefing said Russia was actively aiding the president’s re-election, people in the room said that intelligence officers’ responses to lawmakers’ follow-up questions made clear that Russia was trying to get Mr. Trump re-elected.

Intelligence is hardly a perfect process, as Americans learned when the nation went to war in Iraq based in part on an estimate that Saddam Hussein was once again in search of a nuclear weapon.

But in this election, the broad strategy — as opposed to the specific tactics — are not exactly a mystery. Mr. Putin, the analysts agree, mostly seeks anything that would further take the sheen off American democracy and make presidential elections in the United States seem no more credible than his own. After that, he is eager for a compliant counterpart in the White House, one unlikely to challenge his territorial and nuclear ambitions.

Not surprisingly, the Kremlin says this is all an American fantasy, aimed at demonizing Russia for the United States’ own failings. “These are more paranoid announcements which, to our regret, will multiply as we get closer to the election,” Mr. Putin’s confidant and spokesman, Dmitry S. Peskov, was quoted by Reuters as telling reporters on Friday. “They have nothing to do with the truth.”

No matter who is elected, Mr. Putin has likely undermined one of his own primary goals: getting the United States and its allies to lift sanctions that were imposed after he annexed Crimea and accelerated a hybrid war against Ukraine.

“By actively exploiting divisions within American society and having its activities revealed, the Kremlin has ensured that its longer-term goal of having the U.S. remove sanctions and return to a less confrontational relationship so far has been thwarted,” Angela E. Stent, a former national intelligence officer for Russia and now a professor at Georgetown University, wrote in her book “Putin’s World: Russia Against the West and With the Rest.”

On Saturday, Ms. Stent noted that if the Russians are in fact interfering in this election, “it could bring about new energy sanctions.’’ She noted that one piece of legislation in the Senate, the DETER bill, would require new sanctions if evidence of Russian meddling emerges from intelligence agencies. Ms. Stent noted that, so far, Mr. Putin may have concluded that the penalties are a small price to pay if he can bring his geopolitical rival down a few more notches. And the early intelligence analyses suggest that, by backing Mr. Sanders in the primary and Mr. Trump in the general election, he would probably have a good chance of maximizing the electoral tumult.

Mr. Sanders is hardly a new target for the Russians. The 2018 indictment of 12 Russian intelligence officers for their activities in the last presidential election — issued by the Justice Department under the Trump administration — claimed that the officers “engaged in operations primarily intended to communicate derogatory information about Hillary Clinton, to denigrate other candidates such as Ted Cruz and Marco Rubio, and to support Bernie Sanders and then-candidate Donald Trump.”

Robert S. Mueller III, in the report on his investigation into Russian operations, concluded that the release of memos hacked from the Democratic National Committee were meant to inflame Mr. Sanders’s supporters by revealing that the committee was funneling assets to Mrs. Clinton.

The more recent public reports emerging from the Department of Homeland Security and the F.B.I., and classified reports generated by the C.I.A. and others suggest that while the Russian objectives have remained the same, the techniques have shifted.

“The Russians aren’t going to use the old playbook, we know that,” said Christopher C. Krebs, who runs the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency.

His organization, along with the National Security Agency and British intelligence, has been steadily documenting how Russian operatives are becoming stealthier, learning from the mistakes they made in 2016.

As they focus on evading more vigilant government agencies and technology companies trying to identify and counter malicious online activity, the Russians are boring into Iranian cyberoffense units, apparently so that they can initiate attacks that look as if they originate in Iran — which itself has shown interest in messing with the American electoral process. Russians are putting more of their attack operations on computer servers in the United States, where the National Security Agency and other intelligence agencies — but not the F.B.I. and homeland security — are prohibited from operating.

And, in one of the most effective twists, they are feeding disinformation to unsuspecting Americans on Facebook and other social media. By seeding conspiracy theories and baseless claims on the platforms, Russians hope everyday Americans will retransmit those falsehoods from their own accounts. That is an attempt to elude Facebook’s efforts to remove disinformation, which it can do more easily when it flags “inauthentic activity,” like Russians posing as Americans. It is much harder to ban the words of real Americans, who may be parroting a Russian story line, even unintentionally.

Mr. Krebs noted that this was why the Department of Homeland Security had to focus on educating Americans about where their information was coming from. “How do you explain,” he asked last year, “‘This is how you’re being manipulated, this is how they’re hacking your brain?’”

In 2018, the United States Cyber Command and the National Security Agency mounted a new and more public campaign to push back at the Russians, attacking and blocking their Internet Research Agency for a few days around the November elections and texted warnings to Russian intelligence officers that they were being watched. The N.S.A. is preparing for similar counterattacks this year: On Thursday, the United States cited intelligence and blamed Russia for a cyberattack last fall on the republic of Georgia, another place where Mr. Putin seems to be holding dress rehearsals.

Now American intelligence agencies face a new question: How do they run such operations, and warn Congress and Americans, at a moment when the president is declaring the intelligence on Russian election meddling is “another misinformation campaign” that is “launched by Democrats in Congress?”

The intelligence agencies are loath to cross him. The acting director of national intelligence at the time, Joseph Maguire, resisted appearing in public to provide the “Worldwide Threat Assessment” that is usually given to Congress before the president’s State of the Union address. (He was dismissed last week before he had to testify.) Because Mr. Trump was so angered by how his predecessor’s testimony contradicted his own statements last year — particularly on Iran, North Korea and the Islamic State — Mr. Maguire was in no hurry to repeat the experience.

His successor, Richard Grenell, the current American ambassador to Germany, is known for his political allegiance to Mr. Trump, not for his knowledge of the American intelligence agencies. He is widely viewed by career officials as more interested in making sure public intelligence reports do not embarrass Mr. Trump than sounding the clarion call that the Russians are coming, again.

Real Estate, and Personal Injury Lawyers. Contact us at: https://westlakelegal.com 

Russia Is Said to Be Interfering to Aid Bernie Sanders in 2020 Election

Westlake Legal Group 21dc-sanders-sub-facebookJumbo Russia Is Said to Be Interfering to Aid Bernie Sanders in 2020 Election United States Politics and Government Trump, Donald J Sanders, Bernard Russian Interference in 2016 US Elections and Ties to Trump Associates Republican Party Putin, Vladimir V Primaries and Caucuses Presidential Election of 2020 Internet Research Agency (Russia) Democratic Party Cyberwarfare and Defense

WASHINGTON — Russia has been trying to intervene in the Democratic primaries to aid Senator Bernie Sanders, according to people familiar with the matter, and intelligence officials recently briefed him about Russian interference in the election, Mr. Sanders said on Friday.

In a statement on Friday, Mr. Sanders denounced Russia, calling President Vladimir V. Putin an “autocratic thug” and warning Moscow to stay out of the election.

“Let’s be clear, the Russians want to undermine American democracy by dividing us up and, unlike the current president, I stand firmly against their efforts and any other foreign power that wants to interfere in our election,” Mr. Sanders said.

He also told reporters that he was briefed about a month ago.

“The intelligence community is telling us Russia is interfering in this campaign right now in 2020,” Mr. Sanders said on Friday in Bakersfield, Calif., where he was to hold a rally ahead of Saturday’s Nevada caucuses. “And what I say to Mr. Putin, ‘If I am elected president, trust me you will not be interfering in American elections.’”

Senior intelligence officials told members of the House Intelligence Committee last week that Russia was continuing its election sabotage campaign, including intervening in the Democratic primaries.

Intelligence officials also warned House lawmakers that Russia was interfering in the campaign to try to get President Trump re-elected, according to people familiar with the matter. They said that the disclosure to Congress angered Mr. Trump, who complained that Democrats would use it against him.

Republicans have taken issue with the idea that Russia supports Mr. Trump, insisting that Mr. Putin simply wants to broadly spread chaos and undermine the democratic system. But some current and former officials say that a Russian campaign to support Mr. Sanders may ultimately be aimed at aiding Mr. Trump, with Moscow potentially considering Mr. Sanders a weaker opponent to the president than a more moderate Democratic nominee.

The Washington Post first reported the briefing of the Sanders campaign.

Mr. Sanders said it was his understanding that the Russians were again trying to interfere in the campaign. Some “ugly stuff on the internet” had been attributed to his campaign that could be coming from falsified accounts, he said.

The Russians also worked to support — or at least not harm — Mr. Sanders in 2016. Operatives at a Russian intelligence-backed troll factory were instructed to avoid attacking Mr. Sanders or Mr. Trump, according to the report by the special counsel, Robert S. Mueller III. The report quoted internal documents from the Internet Research Agency ordering operatives to attack Hillary Clinton’s campaign. “Use any opportunity to criticize Hillary and the rest except for Sanders and Trump — we support them,” the document said.

This is a developing story. Check back for updates.

Real Estate, and Personal Injury Lawyers. Contact us at: https://westlakelegal.com 

Russia Is Said to Be Interfering to Aid Bernie Sanders in 2020 Election

Westlake Legal Group 21dc-sanders-sub-facebookJumbo Russia Is Said to Be Interfering to Aid Bernie Sanders in 2020 Election United States Politics and Government Trump, Donald J Sanders, Bernard Russian Interference in 2016 US Elections and Ties to Trump Associates Republican Party Putin, Vladimir V Primaries and Caucuses Presidential Election of 2020 Internet Research Agency (Russia) Democratic Party Cyberwarfare and Defense

WASHINGTON — Russia has been trying to intervene in the Democratic primaries to aid Senator Bernie Sanders, according to people familiar with the matter, and intelligence officials recently briefed him about Russian interference in the election, Mr. Sanders said on Friday.

In a statement on Friday, Mr. Sanders denounced Russia, calling President Vladimir V. Putin an “autocratic thug” and warning Moscow to stay out of the election.

“Let’s be clear, the Russians want to undermine American democracy by dividing us up and, unlike the current president, I stand firmly against their efforts and any other foreign power that wants to interfere in our election,” Mr. Sanders said.

He also told reporters that he was briefed about a month ago.

“The intelligence community is telling us Russia is interfering in this campaign right now in 2020,” Mr. Sanders said on Friday in Bakersfield, Calif., where he was to hold a rally ahead of Saturday’s Nevada caucuses. “And what I say to Mr. Putin, ‘If I am elected president, trust me you will not be interfering in American elections.’”

Senior intelligence officials told members of the House Intelligence Committee last week that Russia was continuing its election sabotage campaign, including intervening in the Democratic primaries.

Intelligence officials also warned House lawmakers that Russia was interfering in the campaign to try to get President Trump re-elected, according to people familiar with the matter. They said that the disclosure to Congress angered Mr. Trump, who complained that Democrats would use it against him.

Republicans have taken issue with the idea that Russia supports Mr. Trump, insisting that Mr. Putin simply wants to broadly spread chaos and undermine the democratic system. But some current and former officials say that a Russian campaign to support Mr. Sanders may ultimately be aimed at aiding Mr. Trump, with Moscow potentially considering Mr. Sanders a weaker opponent to the president than a more moderate Democratic nominee.

The Washington Post first reported the briefing of the Sanders campaign.

Mr. Sanders said it was his understanding that the Russians were again trying to interfere in the campaign. Some “ugly stuff on the internet” had been attributed to his campaign that could be coming from falsified accounts, he said.

The Russians also worked to support — or at least not harm — Mr. Sanders in 2016. Operatives at a Russian intelligence-backed troll factory were instructed to avoid attacking Mr. Sanders or Mr. Trump, according to the report by the special counsel, Robert S. Mueller III. The report quoted internal documents from the Internet Research Agency ordering operatives to attack Hillary Clinton’s campaign. “Use any opportunity to criticize Hillary and the rest except for Sanders and Trump — we support them,” the document said.

This is a developing story. Check back for updates.

Real Estate, and Personal Injury Lawyers. Contact us at: https://westlakelegal.com 

Russia Is Said to Be Interfering to Aid Bernie Sanders in 2020 Election

Westlake Legal Group 21dc-sanders-sub-facebookJumbo Russia Is Said to Be Interfering to Aid Bernie Sanders in 2020 Election United States Politics and Government Trump, Donald J Sanders, Bernard Russian Interference in 2016 US Elections and Ties to Trump Associates Republican Party Putin, Vladimir V Primaries and Caucuses Presidential Election of 2020 Internet Research Agency (Russia) Democratic Party Cyberwarfare and Defense

WASHINGTON — Russia has been trying to intervene in the Democratic primaries to aid Senator Bernie Sanders, according to people familiar with the matter, and intelligence officials recently briefed him about Russian interference in the election, Mr. Sanders said on Friday.

In a statement on Friday, Mr. Sanders denounced Russia, calling President Vladimir V. Putin an “autocratic thug” and warning Moscow to stay out of the election.

“Let’s be clear, the Russians want to undermine American democracy by dividing us up and, unlike the current president, I stand firmly against their efforts and any other foreign power that wants to interfere in our election,” Mr. Sanders said.

He also told reporters that he was briefed about a month ago.

“The intelligence community is telling us Russia is interfering in this campaign right now in 2020,” Mr. Sanders said on Friday in Bakersfield, Calif., where he was to hold a rally ahead of Saturday’s Nevada caucuses. “And what I say to Mr. Putin, ‘If I am elected president, trust me you will not be interfering in American elections.’”

Senior intelligence officials told members of the House Intelligence Committee last week that Russia was continuing its election sabotage campaign, including intervening in the Democratic primaries.

Intelligence officials also warned House lawmakers that Russia was interfering in the campaign to try to get President Trump re-elected, according to people familiar with the matter. They said that the disclosure to Congress angered Mr. Trump, who complained that Democrats would use it against him.

Republicans have taken issue with the idea that Russia supports Mr. Trump, insisting that Mr. Putin simply wants to broadly spread chaos and undermine the democratic system. But some current and former officials say that a Russian campaign to support Mr. Sanders may ultimately be aimed at aiding Mr. Trump, with Moscow potentially considering Mr. Sanders a weaker opponent to the president than a more moderate Democratic nominee.

The Washington Post first reported the briefing of the Sanders campaign.

Mr. Sanders said it was his understanding that the Russians were again trying to interfere in the campaign. Some “ugly stuff on the internet” had been attributed to his campaign that could be coming from falsified accounts, he said.

The Russians also worked to support — or at least not harm — Mr. Sanders in 2016. Operatives at a Russian intelligence-backed troll factory were instructed to avoid attacking Mr. Sanders or Mr. Trump, according to the report by the special counsel, Robert S. Mueller III. The report quoted internal documents from the Internet Research Agency ordering operatives to attack Hillary Clinton’s campaign. “Use any opportunity to criticize Hillary and the rest except for Sanders and Trump — we support them,” the document said.

This is a developing story. Check back for updates.

Real Estate, and Personal Injury Lawyers. Contact us at: https://westlakelegal.com 

Russia Backs Trump’s Re-election, and He Fears Democrats Will Exploit Its Support

Westlake Legal Group 20dc-intel-facebookJumbo-v2 Russia Backs Trump’s Re-election, and He Fears Democrats Will Exploit Its Support United States Politics and Government Trump, Donald J Schiff, Adam B Russian Interference in 2016 US Elections and Ties to Trump Associates Presidential Election of 2020 Office of the Director of National Intelligence Maguire, Joseph (1952- ) House Committee on Intelligence Grenell, Richard Espionage and Intelligence Services Democratic Party Cyberwarfare and Defense Classified Information and State Secrets

WASHINGTON — Intelligence officials warned House lawmakers last week that Russia was interfering in the 2020 campaign to try to get President Trump re-elected, five people familiar with the matter said, in a disclosure that angered Mr. Trump, who complained that Democrats would use it against him.

The day after the Feb. 13 briefing to lawmakers, Mr. Trump berated Joseph Maguire, the outgoing acting director of national intelligence, for allowing it to take place, people familiar with the exchange said. Mr. Trump cited the presence in the briefing of Representative Adam B. Schiff, the California Democrat who led the impeachment proceedings against him, as a particular irritant.

During the briefing to the House Intelligence Committee, Mr. Trump’s allies challenged the conclusions, arguing that Mr. Trump has been tough on Russia and strengthened European security. Some intelligence officials viewed the briefing as a tactical error, saying that had the official who delivered the conclusion spoken less pointedly or left it out, they would have avoided angering the Republicans.

That intelligence official, Shelby Pierson, is an aide to Mr. Maguire who has a reputation of delivering intelligence in somewhat blunt terms. The president announced on Wednesday that he was replacing Mr. Maguire with Richard Grenell, the ambassador to Germany and long an aggressively vocal Trump supporter.

Though some current and former officials speculated that the briefing may have played a role in the removal of Mr. Maguire, who had told people in recent days that he believed he would remain in the job, two administration officials said the timing was coincidental. Mr. Grenell had been in discussions with the administration about taking on new roles, they said, and Mr. Trump had never felt a personal kinship with Mr. Maguire.

Spokeswomen for the Office of the Director of National Intelligence and its election security office declined to comment. A White House spokesman did not immediately respond to requests for comment.

A House intelligence committee official called the Feb. 13 briefing an important update about “the integrity of our upcoming elections” and said that members of both parties attended, including Representative Devin Nunes of California, the top Republican on the committee.

The Washington Post first reported the Oval Office confrontation between Mr. Trump and Mr. Maguire.

This is a developing story. Check back for updates.

Eric Schmitt and Elisabeth Bumiller contributed reporting.

Real Estate, and Personal Injury Lawyers. Contact us at: https://westlakelegal.com 

With Harsh Words, China’s Military Denies It Hacked Equifax

Westlake Legal Group 13china-hack-1-facebookJumbo With Harsh Words, China’s Military Denies It Hacked Equifax United States International Relations Industrial Espionage Espionage and Intelligence Services Equifax Inc Defense and Military Forces Cyberwarfare and Defense Cyberattacks and Hackers Credit Scores China

SHANGHAI — China’s military on Thursday denied accusations that it hacked Equifax, one of the largest credit reporting companies in the United States.

In a harshly worded release, Wu Qian, a spokesman for China’s Ministry of National Defense, said that the American charges against four of its members were “without a basis in fact.”

“This behavior is completely hegemonic and amounts to legal bullying,” said Mr. Wu.

On Monday, American officials issued indictments that accused hackers in China’s military of stealing trade secrets and the personal data of about 145 million Americans in 2017 from Equifax. The Department of Justice suggested the data theft was part of an organized effort by China’s military and intelligence services to assemble caches of personal information on Americans to better target intelligence officers and other officials.

Hacking has re-emerged as a sore point between Washington and Beijing amid a broader worsening of relations. The two countries reached an interim pact in January that cooled but did not end their trade war. The United States has increasingly stopped Chinese investors from taking stakes in companies in sensitive industries, and it has warned American allies not to use equipment made by Huawei, the Chinese maker of telecommunications gear.

Last month, Secretary of State Mike Pompeo called the Chinese Communist Party “the central threat of our times.”

The indictments underscored the increasing irrelevance of a 2015 agreement between the two countries to refrain from hacking and cyberattacks targeting intellectual property for commercial gain. As both countries continue to squabble about attacks, both will also probably continue to carry them out, cybersecurity experts say.

In the statement, Mr. Wu mentioned revelations from WikiLeaks and the former National Security Agency contractor Edward Snowden that showed the United States had targeted China with cyberattacks.

“When it comes to online security, the United States has flagrant double standards,” said Mr. Wu, according to Chinese state media. “Its conduct and deeds are incredibly hypocritical.”

“We demand the United States immediately correct this mistake and repeal the charges in order to avoid another destructive step in the relationship between the two countries and militaries,” he said.

Real Estate, and Personal Injury Lawyers. Contact us at: https://westlakelegal.com 

Ransomware Attacks Grow, Crippling Cities and Businesses

Westlake Legal Group 00ransomeware1-facebookJumbo Ransomware Attacks Grow, Crippling Cities and Businesses United States Coast Guard Travelex ransomware Extortion and Blackmail Cyberwarfare and Defense Cyberattacks and Hackers Computers and the Internet Computer Security

SAN FRANCISCO — New Orleans’s city government crippled. A maritime cargo facility temporarily closed. Hospitals forced to turn away patients. Small businesses shuttered.

The cause in each of these incidents: ransomware attacks. In recent years, hackers have taken to locking down entire computer networks and demanding payments to let users back into their systems.

The frequency of ransomware attacks — among the scariest and most costly online assaults — has been hard to pinpoint because many victims quietly pay off their attackers without notifying the authorities.

Now, an array of new data provides perhaps the best available picture of the problem. In 2019, 205,280 organizations submitted files that had been hacked in a ransomware attack — a 41 percent increase from the year before, according to information provided to The New York Times by Emsisoft, a security firm that helps companies hit by ransomware.

The average payment to release files spiked to $84,116 in the last quarter of 2019, more than double what it was the previous quarter, according to data from Coveware, another security firm. In the last month of 2019, that jumped to $190,946, with several organizations facing ransom demands in the millions of dollars.

Security experts say that even these numbers underestimate the true cost of ransomware attacks, which have disrupted factories and basic infrastructure and forced businesses to shut down.

“Anything of value that is smart and connected can be compromised and held for ransom,” said Steve Grobman, the chief technology officer at McAfee. “If critical infrastructure systems are held for ransom, what is our policy going to be for dealing with those?”

The data from the security companies and the number of recent ransomware incidents show a dramatic escalation for a type of attack that, just a few years ago, was mostly directed at individuals, who had to pay only a few hundred dollars to get their files back.

The Coast Guard said in December that ransomware had forced a cargo transfer facility to shut for more than 30 hours after attackers took control of “the industrial control systems that monitor and control cargo transfer and encrypted files critical to process operations.” The Coast Guard did not reveal the location of the facility.

The city of New Orleans, one of dozens of cities hit by ransomware over the last year, was attacked with similar ransomware late last year and is still conducting many operations on paper, with police officers recording incidents manually.

Cities appeared to be high on the target list because they are among the only victims who have to report the attacks. In reality, public sector organizations represented only around 10 percent of all victims last year, Coveware said.

Barclays and several other banks are still unable to make foreign currency conversions for customers more than a month after Travelex, the company that provides them with cash, was targeted by ransomware known as Sodinokibi, or REvil. The BBC reported that the hackers demanded $6 million.

Ransomware attacks have also caused a number of small and medium businesses to shut altogether, like Colorado Timberline, a printing company with a few hundred employees near Denver, and Brookside ENT and Hearing Services in Battle Creek, Mich., a 10-person medical office.

“I was suddenly retired and I didn’t want to be,” said Dr. William Scalf, one of two doctors at Brookside, which closed in April after failing to recover its medical files from hackers who demanded $6,500.

American authorities have not released statistics on the broad changes in ransomware attacks, but the F.B.I. noted in its latest warning that the attacks were becoming “more targeted, sophisticated, and costly.”

The agency said an online portal for reporting incidents received 1,493 reports in 2018. But officials think that number was likely “artificially low” because it did not include reports from field offices or agents or any number of other sources.

“What we find most concerning is that it causes not just direct costs, but also indirect costs of lost operations,” said Herbert Stapleton, cybersection chief at the F.B.I. “We certainly view it as one of the most serious cybercriminal problems we face right now.”

Europol, the European Union’s law enforcement agency, has gone further, calling ransomware the “most widespread and financially damaging form of cyberattack.”

“We have had success stories, but to be honest, it is becoming more and more complicated,” said Fernando Ruiz, acting head of Europol’s European Cybercrime Center. “This is a garden for them, and we need to change that.”

Government authorities and security experts say the problem will get worse before it gets any better. In the last month, two security firms have identified a new form of ransomware, known as Snake or Ekans, that appears to be focused on freezing the software responsible for industrial processes at big oil and petroleum companies.

The assailants carrying out ransomware attacks have proved hard to identify because the technology they use, like Bitcoin and anonymous messaging platforms, allows them to communicate and transact with victims without being easily tracked.

Many of the criminals operate from countries outside the reach of American law. The Justice Department has indicted hackers in Iran, North Korea and Russia, but none appear to face any threat of extradition.

American authorities have suggested that several of these attackers have operated with the protection of their governments, and have helped their governments by passing along hacked files.

Security experts said ransomware has evolved into an industry, with hundreds of gangs vying for the most lucrative victims. Some hackers have specialized in “ransomware as a service,” writing the victim-facing software and selling it to others through the so-called dark web. They have even built out customer-service centers to deal with victims and their payments.

In recent attacks, the hackers often spent months quietly scouting out the innards of the computer networks of potential victims to ensure they have every important file tied up.

They are often eager to prove to victims that they will return the files when they are paid, to ensure a prompt transaction. When victims don’t pay, some gangs have begun publicly releasing private files to ratchet up the pressure — as was the case with Southwire, one of the world’s largest electrical wire and cable manufacturers that operates out of Georgia.

Southwire filed a lawsuit against its attackers, unknown hackers, asking for the site where the company’s files had been published be taken down. But the hackers soon moved their operations to a new site and released even more files.

Some businesses and city governments are taking out insurance to be ready for ransomware demands. Bryan Sartin, head of global security services at Verizon, said he encourages clients to create a slush fund with Bitcoin.

“Almost everyone says we will never pay the ransomware, but when push comes to shove, probably two out of three will,” Mr. Sartin said.

Law enforcement officials have warned against giving attackers more confidence that they will get paid. But the attacks have become widespread enough — and the ransom payments frequent enough — that cybersecurity insurance rates are rising.

Ransom costs aside, the worst outcomes can come when dealing with gangs that wipe the files they locked down.

The medical practice that Dr. Shayla Kasel had built over 20 years in Simi Valley, Calif., was hit last August by ransomware. After her malpractice insurance connected her with a ransom negotiator and a forensic expert, she was told that even if she paid $50,000 for each of the digital keys that could unlock her different servers, there was only a 15 percent chance she would get her files back.

Dr. Kasel said she limped along for a few weeks, seeing the patients who happened to come through her door and recording everything on paper. But she ultimately decided it wasn’t worth trying to rebuild her files and business from scratch and risk facing lawsuits and fines. She shuttered her practice in December after incurring around $55,000 in expenses.

“The hardest part after 20 years was to suddenly tell patients ‘Yep, I’m quitting,’ ” Dr. Kasel said. “It was an agonizing decision.”

Real Estate, and Personal Injury Lawyers. Contact us at: https://westlakelegal.com 

Ransomware Attacks Grow, Crippling Cities and Businesses

Westlake Legal Group 00ransomeware1-facebookJumbo Ransomware Attacks Grow, Crippling Cities and Businesses United States Coast Guard Travelex ransomware Extortion and Blackmail Cyberwarfare and Defense Cyberattacks and Hackers Computers and the Internet Computer Security

SAN FRANCISCO — New Orleans’s city government crippled. A maritime cargo facility temporarily closed. Hospitals forced to turn away patients. Small businesses shuttered.

The cause in each of these incidents: ransomware attacks. In recent years, hackers have taken to locking down entire computer networks and demanding payments to let users back into their systems.

The frequency of ransomware attacks — among the scariest and most costly online assaults — has been hard to pinpoint because many victims quietly pay off their attackers without notifying the authorities.

Now, an array of new data provides perhaps the best available picture of the problem. In 2019, 205,280 organizations submitted files that had been hacked in a ransomware attack — a 41 percent increase from the year before, according to information provided to The New York Times by Emsisoft, a security firm that helps companies hit by ransomware.

The average payment to release files spiked to $84,116 in the last quarter of 2019, more than double what it was the previous quarter, according to data from Coveware, another security firm. In the last month of 2019, that jumped to $190,946, with several organizations facing ransom demands in the millions of dollars.

Security experts say that even these numbers underestimate the true cost of ransomware attacks, which have disrupted factories and basic infrastructure and forced businesses to shut down.

“Anything of value that is smart and connected can be compromised and held for ransom,” said Steve Grobman, the chief technology officer at McAfee. “If critical infrastructure systems are held for ransom, what is our policy going to be for dealing with those?”

The data from the security companies and the number of recent ransomware incidents show a dramatic escalation for a type of attack that, just a few years ago, was mostly directed at individuals, who had to pay only a few hundred dollars to get their files back.

The Coast Guard said in December that ransomware had forced a cargo transfer facility to shut for more than 30 hours after attackers took control of “the industrial control systems that monitor and control cargo transfer and encrypted files critical to process operations.” The Coast Guard did not reveal the location of the facility.

The city of New Orleans, one of dozens of cities hit by ransomware over the last year, was attacked with similar ransomware late last year and is still conducting many operations on paper, with police officers recording incidents manually.

Cities appeared to be high on the target list because they are among the only victims who have to report the attacks. In reality, public sector organizations represented only around 10 percent of all victims last year, Coveware said.

Barclays and several other banks are still unable to make foreign currency conversions for customers more than a month after Travelex, the company that provides them with cash, was targeted by ransomware known as Sodinokibi, or REvil. The BBC reported that the hackers demanded $6 million.

Ransomware attacks have also caused a number of small and medium businesses to shut altogether, like Colorado Timberline, a printing company with a few hundred employees near Denver, and Brookside ENT and Hearing Services in Battle Creek, Mich., a 10-person medical office.

“I was suddenly retired and I didn’t want to be,” said Dr. William Scalf, one of two doctors at Brookside, which closed in April after failing to recover its medical files from hackers who demanded $6,500.

American authorities have not released statistics on the broad changes in ransomware attacks, but the F.B.I. noted in its latest warning that the attacks were becoming “more targeted, sophisticated, and costly.”

The agency said an online portal for reporting incidents received 1,493 reports in 2018. But officials think that number was likely “artificially low” because it did not include reports from field offices or agents or any number of other sources.

“What we find most concerning is that it causes not just direct costs, but also indirect costs of lost operations,” said Herbert Stapleton, cybersection chief at the F.B.I. “We certainly view it as one of the most serious cybercriminal problems we face right now.”

Europol, the European Union’s law enforcement agency, has gone further, calling ransomware the “most widespread and financially damaging form of cyberattack.”

“We have had success stories, but to be honest, it is becoming more and more complicated,” said Fernando Ruiz, acting head of Europol’s European Cybercrime Center. “This is a garden for them, and we need to change that.”

Government authorities and security experts say the problem will get worse before it gets any better. In the last month, two security firms have identified a new form of ransomware, known as Snake or Ekans, that appears to be focused on freezing the software responsible for industrial processes at big oil and petroleum companies.

The assailants carrying out ransomware attacks have proved hard to identify because the technology they use, like Bitcoin and anonymous messaging platforms, allows them to communicate and transact with victims without being easily tracked.

Many of the criminals operate from countries outside the reach of American law. The Justice Department has indicted hackers in Iran, North Korea and Russia, but none appear to face any threat of extradition.

American authorities have suggested that several of these attackers have operated with the protection of their governments, and have helped their governments by passing along hacked files.

Security experts said ransomware has evolved into an industry, with hundreds of gangs vying for the most lucrative victims. Some hackers have specialized in “ransomware as a service,” writing the victim-facing software and selling it to others through the so-called dark web. They have even built out customer-service centers to deal with victims and their payments.

In recent attacks, the hackers often spent months quietly scouting out the innards of the computer networks of potential victims to ensure they have every important file tied up.

They are often eager to prove to victims that they will return the files when they are paid, to ensure a prompt transaction. When victims don’t pay, some gangs have begun publicly releasing private files to ratchet up the pressure — as was the case with Southwire, one of the world’s largest electrical wire and cable manufacturers that operates out of Georgia.

Southwire filed a lawsuit against its attackers, unknown hackers, asking for the site where the company’s files had been published be taken down. But the hackers soon moved their operations to a new site and released even more files.

Some businesses and city governments are taking out insurance to be ready for ransomware demands. Bryan Sartin, head of global security services at Verizon, said he encourages clients to create a slush fund with Bitcoin.

“Almost everyone says we will never pay the ransomware, but when push comes to shove, probably two out of three will,” Mr. Sartin said.

Law enforcement officials have warned against giving attackers more confidence that they will get paid. But the attacks have become widespread enough — and the ransom payments frequent enough — that cybersecurity insurance rates are rising.

Ransom costs aside, the worst outcomes can come when dealing with gangs that wipe the files they locked down.

The medical practice that Dr. Shayla Kasel had built over 20 years in Simi Valley, Calif., was hit last August by ransomware. After her malpractice insurance connected her with a ransom negotiator and a forensic expert, she was told that even if she paid $50,000 for each of the digital keys that could unlock her different servers, there was only a 15 percent chance she would get her files back.

Dr. Kasel said she limped along for a few weeks, seeing the patients who happened to come through her door and recording everything on paper. But she ultimately decided it wasn’t worth trying to rebuild her files and business from scratch and risk facing lawsuits and fines. She shuttered her practice in December after incurring around $55,000 in expenses.

“The hardest part after 20 years was to suddenly tell patients ‘Yep, I’m quitting,’ ” Dr. Kasel said. “It was an agonizing decision.”

Real Estate, and Personal Injury Lawyers. Contact us at: https://westlakelegal.com 

He Combs the Web for Russian Bots. That Makes Him a Target.

Westlake Legal Group 00disinfo-nimmo-facebookJumbo He Combs the Web for Russian Bots. That Makes Him a Target. YouTube.com twitter Social Media Russian Interference in 2016 US Elections and Ties to Trump Associates Rumors and Misinformation Presidential Election of 2016 Politics and Government Facebook Inc elections Cyberwarfare and Defense Computers and the Internet Ben Nimmo

HADDINGTON, Scotland — In August 2017, Ben Nimmo was declared dead by 13,000 Russian bots on Twitter.

“Our beloved friend and colleague Ben Nimmo passed away this morning,” read the epitaph, which was manipulated to look as if it were from a co-worker’s Twitter account. “Ben, we will never forget you.”

The message was immediately shared thousands of times by the network of automated accounts. Notes began pouring in from worried friends and colleagues — even though Mr. Nimmo was very much alive.

It didn’t take long for Mr. Nimmo, who helped pioneer investigations into online disinformation, to figure out what was going on: He had been targeted by a shadowy group after reporting, along with others, that American far-right groups had adopted pro-Kremlin messages on social media about Ukraine. His fake death notice was a sinister attempt at disinformation, which is the spreading of falsehoods with the deliberate intent to mislead.

“That made it personal,” said Mr. Nimmo, 47, whose home address in a town near Edinburgh and other personal data, like bank details, have also been posted online.

For the last five years, Mr. Nimmo, a founder of the Atlantic Council’s Digital Forensic Research Lab, has been a leader of a small but growing community of online sleuths. These researchers serve as an informal internet police force that combats malicious attempts to use false information to sway public opinion, sow political discord and foment distrust in traditional institutions like the news media and the government.

Mr. Nimmo’s work came to the fore after the 2016 American presidential election, when intelligence agencies concluded that Russia had used Facebook and other internet platforms to influence voters. His research has since caused Facebook and other companies to ban thousands of disinformation-related accounts; he has also been tapped as an expert by governments studying foreign interference.

Now his skills are needed more than ever, as the 2020 presidential election approaches and the tactics of internet trickery have been adopted by governments, activist groups and clickbait farms in at least 70 countries. In tandem, a disinformation-for-hire industry has emerged. And domestic disinformation efforts in the United States are also on the rise.

“It doesn’t matter how much money you throw at the problem, or how many technological advances you have,” said Jenni Sargent, managing director of First Draft, a London group that tracks disinformation and trains journalists. “Without the human layer of someone like Ben dissecting the way that people use the internet, then we wouldn’t be as far ahead as we are in terms of understanding the problem and the scale.”

Mr. Nimmo’s goal is to spot disinformation early — essentially, to stamp out the fire before it spreads.

His techniques have changed as his adversaries have become more cunning. Because Facebook, Twitter and YouTube are now policing their platforms more aggressively, he is less able to rely on obvious clues like masses of automated Twitter posts and fake Facebook accounts.

So Mr. Nimmo has started looking for clues in obscure areas of the internet, like German news sites that accept unverified user-generated content and Iranian video-sharing services. Websites like Reddit, Medium and Quora are becoming popular places to create fake accounts and plant disinformation and leaks.

“Every time we catch a threat actor, you can bet that the other ones will change their tactics to try and keep ahead,” he said.

More interference is coming in the 2020 campaigns, Mr. Nimmo said. He said he was particularly worried about a “hack-and-leak” operation like the one in 2016 when Russian operatives took information from the Democratic National Committee’s servers and got it published online. Loaded with juicy and accurate information, such leaks go viral on social media and can be irresistible to the news media.

Mr. Nimmo’s path to disinformation research was not an obvious one. An Englishman who studied literature at Cambridge University, he worked as a scuba diving instructor in Egypt, as well as a travel writer and journalist in Europe. In 2007, while reporting on violent demonstrations in Estonia for Deutsche Presse-Agentur, he was head-butted by a protester, breaking his nose and leaving it off center still today.

In 2011, he began working at the North Atlantic Treaty Organization as a press officer. While there in 2014, he saw how Russia had worked to muddy perceptions of its invasion of Crimea that year, including misrepresenting Russian soldiers as “local self-defense forces.”

“There was this constant drumbeat of Russian disinformation,” he said.

Inspired to dig deeper, he became an independent researcher that same year. He moved to Scotland to be closer to family and began doing contract work on Russia for pro-democracy think tanks like the Institute for Statecraft.

During the 2016 American election campaign, Mr. Nimmo helped found the Atlantic Council’s Digital Forensic Research Lab, a Washington-based group that studies online disinformation. Facebook made him and the lab among the first outsiders allowed to study disinformation networks on its site before the company shut the networks down.

Last year, Mr. Nimmo became the head of investigations for the social-media monitoring company Graphika.

“He was there well before this was a trendy thing to do,” said Alex Stamos, who is conducting similar disinformation research work at Stanford University and was previously Facebook’s chief security officer. Both Graphika and the Digital Forensic Research Lab have received funding from Facebook.

Mr. Nimmo works from his home atop a hill and next to a grain farm in the small Scottish town of Haddington. To ferret out disinformation networks, he relies on open-source digital tools: the Wayback Machine to find internet pages that have been deleted; Amnesty International’s Citizen Evidence Lab, which provides information about YouTube videos; and Sysomos for spotting social media trends.

What is hard, he said, is determining when material is coming from regular people expressing a point of view or from a coordinated system linked to a government. One giveaway is when the same material is posted at the same time, or when it can be traced to an original post — “patient zero,” he said — known to be a website or social media account used by a government.

“The magic of the internet is there is always another clue to find,” he said.

Mr. Nimmo speaks fluent Russian, French, German and Latvian — and is conversant in several other languages — teaching himself by buying books in the “Lord of the Rings” trilogy in languages he is trying to learn. That makes it easier for him to spot clues like mistakes a native Russian speaker makes when writing in English in disinformation posts.

The amount of disinformation has increased recently. In October, Mr. Nimmo’s team at Graphika explained how pro-China propaganda accounts targeted Hong Kong demonstrators. In November, he helped expose an operation that used fringe platforms to leak a sensitive British trade document before Britain’s general election. And in December, he analyzed Facebook’s first big takedown of fake accounts with profile pictures generated by artificial intelligence.

Most recently, he has investigated Iranian disinformation after the United States killed the head of Iran’s security machinery, Maj. Gen. Qassim Suleimani, last month. Mr. Nimmo is also tracing Russia-linked campaigns, including an effort to blame the United States for the downing of Ukraine International Airlines Flight 752, which Iran said it mistakenly shot down last month, killing 176 people.

This past week, after technical problems delayed the reporting of results from the Iowa caucuses, Mr. Nimmo was on alert for disinformation. There was little, he said, and he mainly found gleeful trolling from Republican supporters and right-wing groups.

Mr. Nimmo has sometimes made mistakes in identifying culprits. In 2018, he pinpointed a number of Twitter accounts as “Russian trolls,” when one of them was a British citizen sympathetic to Russia.

One recent evening, he started work at 7, chasing leads on Iranian disinformation related to the killing of General Suleimani. One suspicious Twitter account provided clues that led to various YouTube videos. From there, Mr. Nimmo found links to Facebook and Instagram pages. After a few hours, he had traced how memes from a suspicious pro-government Iranian website had traveled elsewhere on the web.

By the time Mr. Nimmo went to bed after 2 a.m., he had more than 50 tabs open on his browser, but no definitive evidence of an Iranian government campaign.

“He’s very careful,” said Camille François, the chief innovation officer at Graphika, who hired Mr. Nimmo. “It’s important to detect them, and to study them, but it’s also important not to overreact to the threat.”

That’s especially true now that foundations, universities and companies have poured money into efforts to examine disinformation, luring new researchers eager to spot such activity. Mr. Nimmo said he was concerned that investigators could have an incentive to sensationalize material that cannot be accurately attributed and argued that new standards were needed.

“When we look back on 2020, I hope we’ll see it as the year when disinformation research passed the tipping point and really started becoming a mainstream discipline,” he said. “We need to make that happen, because the threat actors aren’t going away.”

Real Estate, and Personal Injury Lawyers. Contact us at: https://westlakelegal.com 

Analysis Ties Hacking of Bezos’ Phone to Saudi Leader’s Account

Westlake Legal Group 21bezoshack-facebookJumbo Analysis Ties Hacking of Bezos’ Phone to Saudi Leader’s Account Text Messaging national enquirer Mohammed bin Salman (1985- ) Khashoggi, Jamal Instant Messaging FTI Consulting Inc Cyberwarfare and Defense Classified Information and State Secrets Bezos, Jeffrey P Assassinations and Attempted Assassinations American Media Inc Amazon.com Inc

SEATTLE — A forensic analysis of Jeff Bezos’ cellphone found with “medium to high confidence” that the Amazon chief’s device was hacked after he received a video from a WhatsApp account reportedly belonging to Crown Prince Mohammed bin Salman of Saudi Arabia.

After Mr. Bezos, who also owns The Washington Post, got the video over the WhatsApp messaging platform in 2018, his phone began sending unusually large volumes of data, according to a report summing up investigators’ findings, which was reviewed by The New York Times.

The investigators believed Prince Mohammed was used as a conduit because the message would not raise suspicions if it came from him, said a person familiar with the investigation, who declined to be identified because they were not authorized to discuss the matter.

According to the report, Mr. Bezos received a message from the crown prince’s account in late 2018 that suggested that the prince had intimate knowledge of Mr. Bezos’ private life.

The forensics investigation was completed on behalf of Mr. Bezos by Anthony Ferrante at the business advisory firm FTI Consulting. Mr. Ferrante declined to comment through a FTI spokesman.

After the findings were reported by The Guardian and The Financial Times, the Saudi Embassy denied that the Saudi government was involved.

“Recent media reports that suggest the Kingdom is behind a hacking of Mr. Jeff Bezos’ phone are absurd,” the Saudi Embassy said on Twitter. “We call for an investigation on these claims so that we can have all the facts out.”

Mr. Bezos’ security consultant, Gavin de Becker, had previously accused the Saudi government of hacking Mr. Bezos’ phone, saying the Saudi authorities targeted him because he owned The Washington Post. The Post has aggressively reported on the murder of Jamal Khashoggi, one of its columnists, who was a critic of the Saudi government. The Central Intelligence Agency has concluded that Prince Mohammed ordered the killing.

According to FTI’s report, Mr. Bezos and Prince Mohammed exchanged phone numbers at a dinner in Los Angeles in April 2018. The crown prince initiated a messaging conversation with Mr. Bezos that same day over WhatsApp.

About a month later, Mr. Bezos received an unexpected message from the crown prince that contained a video attachment, the report said.

The report did not say whether Mr. Bezos opened the video attachment, which had an image of Saudi and Swedish flags overlaid with Arabic text. But immediately after he received the file, the amount of data exiting his phone increased almost three hundredfold, according to the investigators’ analysis of Mr. Bezos’s data.

On two later occasions, according to the report, the crown prince appeared to send Mr. Bezos messages that suggested he had knowledge of the tech mogul’s private communications.

On Nov. 8, 2018, the report said, Mr. Bezos received a message from the account that included a single photo of a woman who strongly resembled Lauren Sanchez, with whom Mr. Bezos was having an affair that had not been made public. The photo was captioned, “Arguing with a woman is like reading the software license agreement. In the end you have to ignore everything and click I agree.”

At the time, Mr. Bezos and his wife were discussing a divorce, which would have been apparent to someone reading his text messages.

The second occasion, on Feb. 16 of last year, came two days after Mr. Bezos took part in phone conversations about the Saudis’ alleged online campaign against him. The message he received read, in part, that “there is nothing against you or Amazon from me or Saudi Arabia.”

The report concluded that advanced mobile spyware could have been used to compromise Mr. Bezos’ phone.

Two United Nations experts plan to release a public statement Wednesday morning “addressing serious allegations” that Mr. Bezos was hacked by receiving a WhatsApp message “reportedly from an account belonging to the crown prince of Saudi Arabia,” one of the experts, Agnes Callamard, said in an email.

Ms. Callamard, a specialist in extrajudicial killings, has been investigating Mr. Khashoggi’s murder, and David Kaye, an expert in human rights law, has been gathering information about violations of freedom of the press.

In its statement, the United Nations plans to say that it is raising concerns over the hacking of Mr. Bezos’s phone directly with the Saudi government, said a person familiar with the statement. The United Nations did not conduct its own investigation into the hack and is basing its statement on the FTI report, the person said.

The United Nations began looking into the situation in June 2019 when someone close to Mr. Bezos shared the forensic analysis with them, the person added.

Amazon and Mr. de Becker declined to comment. William Isaacson, Mr. Bezos’ lawyer at Boies Schiller Flexner, declined to comment beyond saying that Mr. Bezos was cooperating with continuing investigations.

The questions about who has had access to Mr. Bezos’ phone erupted a year ago, after The National Enquirer reported that the tech executive was romantically involved with Ms. Sanchez, a former TV anchor. At the time, The Enquirer published photos of the couple together, as well as intimate text messages.

Mr. Bezos later published emails from American Media, the parent company of The National Enquirer, which he said amounted to “extortion and blackmail.” He suggested that the leaks of photos and details of his private life could have been politically motivated to harm him because of his ownership of The Post.

In March, Mr. de Becker accused the Saudi government of hacking Mr. Bezos’s phone. In an opinion article in The Daily Beast, Mr. de Becker wrote that his “investigators and several experts concluded with high confidence” that the Saudis got private information from Mr. Bezos’ phone and that he turned the evidence they had uncovered over to law enforcement authorities.

Mr. de Becker did not detail specific evidence they uncovered, nor did he detail whether the leaked information was published by The Enquirer. American Media denied any Saudi involvement, saying Ms. Sanchez’s brother was the tabloid’s sole source.

Karen Weise reported from Seattle, Matthew Rosenberg from Washington and Sheera Frenkel from San Francisco. Rick Gladstone contributed reporting from New York.

Real Estate, and Personal Injury Lawyers. Contact us at: https://westlakelegal.com