web analytics
a

Facebook

Twitter

Copyright 2015 Libero Themes.
All Rights Reserved.

8:30 - 6:00

Our Office Hours Mon. - Fri.

703-406-7616

Call For Free 15/M Consultation

Facebook

Twitter

Search
Menu
Westlake Legal Group > Cyberwarfare and Defense

How Not to Plot Secret Foreign Policy: On a Cellphone and WhatsApp

Westlake Legal Group 18dc-rudycyber1-facebookJumbo How Not to Plot Secret Foreign Policy: On a Cellphone and WhatsApp United States International Relations Ukraine Trump, Donald J Trump-Ukraine Whistle-Blower Complaint and Impeachment Inquiry Taylor, William B Jr Sondland, Gordon D (1957- ) Russian Interference in 2016 US Elections and Ties to Trump Associates Russia Nuland, Victoria J National Security Council Morrison, Timothy A (1978- ) Giuliani, Rudolph W Cyberwarfare and Defense

Rudolph W. Giuliani, the former New York mayor at the center of the impeachment investigation into the conduct of Ukraine policy, makes a living selling cybersecurity advice through his companies. President Trump even named him the administration’s first informal “cybersecurity adviser.”

But inside the National Security Council, officials expressed wonderment that Mr. Giuliani was running his “irregular channel” of Ukraine diplomacy over open cell lines and communications apps in Ukraine that the Russians have deeply penetrated.

In his testimony to the House impeachment inquiry, Tim Morrison, who is leaving as the National Security Council’s head of Europe and Russia, recalled expressing astonishment to William B. Taylor Jr., who was sitting in as the chief American diplomat in Ukraine, that the leaders of the “irregular channel” seemed to have little concern about revealing their conversations to Moscow.

“He and I discussed a lack of, shall we say, OPSEC, that much of Rudy’s discussions were happening over an unclassified cellphone or, perhaps as bad, WhatsApp messages, and therefore you can only imagine who else knew about them,” Mr. Morrison testified. OPSEC is the government’s shorthand for operational security.

He added: “I remember being focused on the fact that there were text messages, the fact that Rudy was having all of these phone calls over unclassified media,” he added. “And I found that to be highly problematic and indicative of someone who didn’t really understand how national security processes are run.”

WhatsApp notes that its traffic is encrypted, meaning that even if it is intercepted in transit, it is of little use — which is why intelligence agencies, including the Russians, are working diligently to get inside phones to read the messages after they are deciphered.

But far less challenging is figuring out the message of Mr. Giuliani’s partner, Gordon D. Sondland, the American ambassador to the European Union, who held an open cellphone conversation with Mr. Trump from a restaurant in Ukraine, apparently loud enough for his table mates to overhear. And Mr. Trump’s own cellphone use has led American intelligence officials to conclude that the Chinese — with whom he is negotiating a huge trade deal, among other sensitive topics — are doubtless privy to the president’s conversations.

But Ukraine is a particularly acute case. It is the country where the Russians have so deeply compromised the communications network that in 2014 they posted on the internet conversations between a top Obama administration diplomat, Victoria Nuland, and the United States ambassador to Ukraine at the time, Geoffrey R. Pyatt. Their intent was to portray the Americans — not entirely inaccurately — as trying to manage the ouster of a corrupt, pro-Russian president of Ukraine.

The incident made Ms. Nuland, who left the State Department soon after Mr. Trump’s election, “Patient Zero” in the Russian information-warfare campaign against the United States, before Moscow’s interference in the American presidential election.

But it also served as a warning that if you go to Ukraine, stay off communications networks that Moscow wired.

That advice would seem to apply especially to Mr. Giuliani, who speaks around the world on cybersecurity issues. Ukraine was the petri dish for President Vladimir V. Putin of Russia, the place where he practiced the art of trying to change vote counts, initiating information warfare and, in two celebrated incidents, turning out the lights in parts of the country.

Mr. Giuliani, impeachment investigators were told, was Mr. Trump’s interlocutor with the new Ukrainian government about opening investigations into the president’s political opponents. The simultaneous suspension of $391 million in military aid to Ukraine, which some have testified was on Mr. Trump’s orders, fulfilled Moscow’s deepest wish at a moment of ground war in eastern Ukraine, and a daily, grinding cyberwar in the capital.

It remains unknown why the Russians have not made any of these conversations public, assuming they possess them. But inside the intelligence agencies, the motives of Russian intelligence officers is a subject of heated speculation.

A former senior American intelligence official speculated that one explanation is that Mr. Giuliani and Mr. Sondland were essentially doing the Russians’ work for them. Holding up military aid — for whatever reason — assists the Russian “gray war” in eastern Ukraine and sows doubts in Kyiv, also known as Kiev in the Russian transliteration, that the United States is wholly supportive of Ukraine, a fear that many State Department and National Security Council officials have expressed in testimony.

But Mr. Giuliani also was stoking an unsubstantiated conspiracy theory that Mr. Putin has engaged in, suggesting that someone besides Russia — in this telling, Ukrainian hackers who now supposedly possess a server that once belonged to the Democratic National Committee — was responsible for the hacking that ran from 2015 to 2016.

Mr. Trump raised this possibility in his July 25 phone call with the new Ukrainian president, Volodymyr Zelensky. It was not the first time he had cast doubt on Russia’s involvement: In a call to a New York Times reporter moments after meeting Mr. Putin for the first time in Hamburg, Germany, in 2017, Mr. Trump endorsed Mr. Putin’s view that Russia is so good at cyberoperations that it would have never been caught. “That makes sense, doesn’t it?” he asked.

He expressed doubts again in 2018, in a news conference with Mr. Putin in Helsinki, Finland. That was only days after the Justice Department indicted a dozen Russian intelligence officers for their role in the hack; the administration will not say if it now believes that indictment was flawed because there is evidence that Ukranians were responsible.

Whether or not he believes Ukraine was involved, Mr. Giuliani certainly understood the risks of talking on open lines, particularly in a country with an active cyberwar. As a former prosecutor, he knows what the United States and its adversaries can intercept. In more recent years, he has spoken around the world on cybersecurity challenges. And as the president’s lawyer, he was a clear target.

Mr. Giuliani said in a phone interview Monday that nothing he talked about on the phone or in texts was classified. “All of my conversations, I can say uniformly, were on an unclassified basis,” he said.

His findings about what happened in Ukraine were “generated from my own investigations” and had nothing to do with the United States government, he said, until he was asked to talk with Kurt D. Volker, then the special envoy for Ukraine, in a conversation that is now part of the impeachment investigation. Mr. Volker will testify in public on Tuesday.

Mr. Giuliani said that he never “conducted a shadow foreign policy, I conducted a defense of my client,” Mr. Trump. “The State Department apparatchiks are all upset that I intervened at all,” he said, adding that he was the victim of “wild accusations.”

Mr. Sondland is almost as complex a case. While he is new to diplomacy, he is the owner of a boutique set of hotels and certainly is not unaware of cybersecurity threats, since the hotel industry is a major target, as Marriott learned a year ago.

But Mr. Sondland held a conversation with Mr. Trump last summer in a busy restaurant in Kyiv, surrounded by other American officials. Testimony indicates Mr. Trump’s voice was loud enough for others at the table to hear.

But in testimony released Monday night, David Holmes, a veteran Foreign Service officer who is posted to the American Embassy in Kyiv, and who witnessed the phone call between the president and Mr. Sondland, suggested that the Russians heard it even if they were not out on the town that night.

Asked if there was a risk of the Russians listening in, Mr. Holmes said, “I believe at least two of the three, if not all three of the mobile networks are owned by Russian companies, or have significant stakes in those.”

“We generally assume that mobile communications in Ukraine are being monitored,” he said.

Real Estate, and Personal Injury Lawyers. Contact us at: https://westlakelegal.com 

How Not to Plot Secret Foreign Policy: On a Cellphone and WhatsApp

Westlake Legal Group 18dc-rudycyber1-facebookJumbo How Not to Plot Secret Foreign Policy: On a Cellphone and WhatsApp United States International Relations Ukraine Trump, Donald J Trump-Ukraine Whistle-Blower Complaint and Impeachment Inquiry Taylor, William B Jr Sondland, Gordon D (1957- ) Russian Interference in 2016 US Elections and Ties to Trump Associates Russia Nuland, Victoria J National Security Council Morrison, Timothy A (1978- ) Giuliani, Rudolph W Cyberwarfare and Defense

Rudolph W. Giuliani, the former New York mayor at the center of the impeachment investigation into the conduct of Ukraine policy, makes a living selling cybersecurity advice through his companies. President Trump even named him the administration’s first informal “cybersecurity adviser.”

But inside the National Security Council, officials expressed wonderment that Mr. Giuliani was running his “irregular channel” of Ukraine diplomacy over open cell lines and communications apps in Ukraine that the Russians have deeply penetrated.

In his testimony to the House impeachment inquiry, Tim Morrison, who is leaving as the National Security Council’s head of Europe and Russia, recalled expressing astonishment to William B. Taylor Jr., who was sitting in as the chief American diplomat in Ukraine, that the leaders of the “irregular channel” seemed to have little concern about revealing their conversations to Moscow.

“He and I discussed a lack of, shall we say, OPSEC, that much of Rudy’s discussions were happening over an unclassified cellphone or, perhaps as bad, WhatsApp messages, and therefore you can only imagine who else knew about them,” Mr. Morrison testified. OPSEC is the government’s shorthand for operational security.

He added: “I remember being focused on the fact that there were text messages, the fact that Rudy was having all of these phone calls over unclassified media,” he added. “And I found that to be highly problematic and indicative of someone who didn’t really understand how national security processes are run.”

WhatsApp notes that its traffic is encrypted, meaning that even if it is intercepted in transit, it is of little use — which is why intelligence agencies, including the Russians, are working diligently to get inside phones to read the messages after they are deciphered.

But far less challenging is figuring out the message of Mr. Giuliani’s partner, Gordon D. Sondland, the American ambassador to the European Union, who held an open cellphone conversation with Mr. Trump from a restaurant in Ukraine, apparently loud enough for his table mates to overhear. And Mr. Trump’s own cellphone use has led American intelligence officials to conclude that the Chinese — with whom he is negotiating a huge trade deal, among other sensitive topics — are doubtless privy to the president’s conversations.

But Ukraine is a particularly acute case. It is the country where the Russians have so deeply compromised the communications network that in 2014 they posted on the internet conversations between a top Obama administration diplomat, Victoria Nuland, and the United States ambassador to Ukraine at the time, Geoffrey R. Pyatt. Their intent was to portray the Americans — not entirely inaccurately — as trying to manage the ouster of a corrupt, pro-Russian president of Ukraine.

The incident made Ms. Nuland, who left the State Department soon after Mr. Trump’s election, “Patient Zero” in the Russian information-warfare campaign against the United States, before Moscow’s interference in the American presidential election.

But it also served as a warning that if you go to Ukraine, stay off communications networks that Moscow wired.

That advice would seem to apply especially to Mr. Giuliani, who speaks around the world on cybersecurity issues. Ukraine was the petri dish for President Vladimir V. Putin of Russia, the place where he practiced the art of trying to change vote counts, initiating information warfare and, in two celebrated incidents, turning out the lights in parts of the country.

Mr. Giuliani, impeachment investigators were told, was Mr. Trump’s interlocutor with the new Ukrainian government about opening investigations into the president’s political opponents. The simultaneous suspension of $391 million in military aid to Ukraine, which some have testified was on Mr. Trump’s orders, fulfilled Moscow’s deepest wish at a moment of ground war in eastern Ukraine, and a daily, grinding cyberwar in the capital.

It remains unknown why the Russians have not made any of these conversations public, assuming they possess them. But inside the intelligence agencies, the motives of Russian intelligence officers is a subject of heated speculation.

A former senior American intelligence official speculated that one explanation is that Mr. Giuliani and Mr. Sondland were essentially doing the Russians’ work for them. Holding up military aid — for whatever reason — assists the Russian “gray war” in eastern Ukraine and sows doubts in Kyiv, also known as Kiev in the Russian transliteration, that the United States is wholly supportive of Ukraine, a fear that many State Department and National Security Council officials have expressed in testimony.

But Mr. Giuliani also was stoking an unsubstantiated conspiracy theory that Mr. Putin has engaged in, suggesting that someone besides Russia — in this telling, Ukrainian hackers who now supposedly possess a server that once belonged to the Democratic National Committee — was responsible for the hacking that ran from 2015 to 2016.

Mr. Trump raised this possibility in his July 25 phone call with the new Ukrainian president, Volodymyr Zelensky. It was not the first time he had cast doubt on Russia’s involvement: In a call to a New York Times reporter moments after meeting Mr. Putin for the first time in Hamburg, Germany, in 2017, Mr. Trump endorsed Mr. Putin’s view that Russia is so good at cyberoperations that it would have never been caught. “That makes sense, doesn’t it?” he asked.

He expressed doubts again in 2018, in a news conference with Mr. Putin in Helsinki, Finland. That was only days after the Justice Department indicted a dozen Russian intelligence officers for their role in the hack; the administration will not say if it now believes that indictment was flawed because there is evidence that Ukranians were responsible.

Whether or not he believes Ukraine was involved, Mr. Giuliani certainly understood the risks of talking on open lines, particularly in a country with an active cyberwar. As a former prosecutor, he knows what the United States and its adversaries can intercept. In more recent years, he has spoken around the world on cybersecurity challenges. And as the president’s lawyer, he was a clear target.

Mr. Giuliani said in a phone interview Monday that nothing he talked about on the phone or in texts was classified. “All of my conversations, I can say uniformly, were on an unclassified basis,” he said.

His findings about what happened in Ukraine were “generated from my own investigations” and had nothing to do with the United States government, he said, until he was asked to talk with Kurt D. Volker, then the special envoy for Ukraine, in a conversation that is now part of the impeachment investigation. Mr. Volker will testify in public on Tuesday.

Mr. Giuliani said that he never “conducted a shadow foreign policy, I conducted a defense of my client,” Mr. Trump. “The State Department apparatchiks are all upset that I intervened at all,” he said, adding that he was the victim of “wild accusations.”

Mr. Sondland is almost as complex a case. While he is new to diplomacy, he is the owner of a boutique set of hotels and certainly is not unaware of cybersecurity threats, since the hotel industry is a major target, as Marriott learned a year ago.

But Mr. Sondland held a conversation with Mr. Trump last summer in a busy restaurant in Kyiv, surrounded by other American officials. Testimony indicates Mr. Trump’s voice was loud enough for others at the table to hear.

But in testimony released Monday night, David Holmes, a veteran Foreign Service officer who is posted to the American Embassy in Kyiv, and who witnessed the phone call between the president and Mr. Sondland, suggested that the Russians heard it even if they were not out on the town that night.

Asked if there was a risk of the Russians listening in, Mr. Holmes said, “I believe at least two of the three, if not all three of the mobile networks are owned by Russian companies, or have significant stakes in those.”

“We generally assume that mobile communications in Ukraine are being monitored,” he said.

Real Estate, and Personal Injury Lawyers. Contact us at: https://westlakelegal.com 

China Sharpens Hacking to Hound Its Minorities, Far and Wide

Westlake Legal Group 19chinahack1-promo-facebookJumbo-v2 China Sharpens Hacking to Hound Its Minorities, Far and Wide Xinjiang (China) Xi Jinping Uighurs (Chinese Ethnic Group) Tibet Surveillance of Citizens by Government Smartphones People's Liberation Army (China) Mobile Applications Ministry of State Security of the People's Republic of China Hong Kong Protests (2019) Hong Kong Google Inc FireEye Inc facial recognition software Cyberwarfare and Defense Computers and the Internet Computer Security Citizen Lab China Apple Inc Android (Operating System)

SAN FRANCISCO — China’s state-sponsored hackers have drastically changed how they operate over the last three years, substituting selectivity for what had been a scattershot approach to their targets and showing a new determination by Beijing to push its surveillance state beyond its borders.

The government has poured considerable resources into the change, which is part of a reorganization of the national People’s Liberation Army that President Xi Jinping initiated in 2016, security researchers and intelligence officials said.

China’s hackers have since built up a new arsenal of techniques, such as elaborate hacks of iPhone and Android software, pushing them beyond email attacks and the other, more basic tactics that they had previously employed.

The primary targets for these more sophisticated attacks: China’s ethnic minorities and their diaspora in other countries, the researchers said. In several instances, hackers targeted the cellphones of a minority known as Uighurs, whose home region, Xinjiang, has been the site of a vast build-out of surveillance tech in recent years.

“The Chinese use their best tools against their own people first because that is who they’re most afraid of,” said James A. Lewis, a former United States government official who writes on cybersecurity and espionage for the Center for Strategic Studies in Washington. “Then they turn those tools on foreign targets.”

China’s willingness to extend the reach of its surveillance and censorship was on display after an executive for the National Basketball Association’s Houston Rockets tweeted support for protesters in Hong Kong this month. The response from China was swift, threatening a range of business relationships the N.B.A. had forged in the country.

In August, Facebook and Twitter said they had taken down a large network of Chinese bots that was spreading disinformation around the protests. And in recent weeks, a security firm traced a monthslong attack on Hong Kong media companies to Chinese hackers. Security experts say Chinese hackers are very likely targeting protesters’ phones, but they have yet to publish any evidence.

Some security researchers said the improved abilities of the Chinese hackers had put them on a par with elite Russian cyberunits. And the attacks on cellphones of Uighurs offered a rare glimpse of how some of China’s most advanced hacking tools are now being used to silence or punish critics.

Google researchers who tracked the attacks against iPhones said details about the software flaws that the hackers had preyed on would have been worth tens of millions of dollars on black market sites where information about software vulnerabilities is sold.

On the streets in Xinjiang, huge numbers of high-end surveillance cameras run facial recognition software to identify and track people. Specially designed apps have been used to screen Uighurs’ phones, monitor their communications and register their whereabouts.

Gaining access to the phones of Uighurs who have fled China — a diaspora that has grown as many have been locked away at home — would be a logical extension of those total surveillance efforts. Such communities in other countries have long been a concern to Beijing, and many in Xinjiang have been sent to camps because relatives traveled or live abroad.

The Chinese police have also made less sophisticated efforts to control Uighurs who have fled, using the chat app WeChat to entice them to return home or to threaten their families.

China’s Ministry of Foreign Affairs did not respond to a request for comment. China has denied past claims that it conducts cyberespionage, adding that it, too, is often a target.

Security researchers recently discovered that the Chinese used National Security Agency hacking tools after apparently discovering an N.S.A. cyberattack on their own systems. And several weeks ago, a Chinese security firm, Qianxin, published an analysis tying the Central Intelligence Agency to a hack of China’s aviation industry.

Breaking into iPhones has long been considered the Holy Grail of cyberespionage. “If you can get inside an iPhone, you have yourself a spy phone,” said John Hultquist, director of intelligence analysis at FireEye, a cybersecurity firm.

The F.B.I. couldn’t do it without help during a showdown with Apple in 2016. The bureau paid more than $1 million to an anonymous third party to hack an iPhone used by a gunman involved in the killing of 14 people in San Bernardino, Calif.

Google researchers said they had discovered that iPhone vulnerabilities were being exploited to infect visitors to a set of websites. Although Google did not release the names of the targets, Apple said they had been found on about a dozen websites focused on Uighurs.

“You can hit a high school student from Japan who is visiting the site to write a research report, but you are also going to hit Uighurs who have family members back in China and are supporting the cause,” said Steven Adair, the president and founder of the security firm Volexity in Virginia.

The technology news site TechCrunch first reported the Uighur connection. A software update from Apple fixed the flaw.

In recent weeks, security researchers at Volexity uncovered Chinese hacking campaigns that exploited vulnerabilities in Google’s Android software as well. Volexity found that several websites that focused on Uighur issues had been infected with Android malware. It traced the attacks to two Chinese hacking groups.

Because the hacks targeted Android and iPhone users — even though Uighurs in Xinjiang don’t commonly use iPhones — Mr. Adair said he believed that they had been aimed in part at Uighurs living abroad.

“China is expanding their digital surveillance outside their borders,” he said. “It seems like it really is going after the diaspora.”

Another group of researchers, at the Citizen Lab at the Munk School of Global Affairs at the University of Toronto, recently uncovered an overlapping effort, using some of the same code discovered by Google and Volexity. It attacked the iPhones and Android phones of Tibetans until as recently as May.

Using WhatsApp messages, Chinese hackers posing as New York Times reporters and representatives of Amnesty International and other organizations targeted the private office of the Dalai Lama, members of the Tibetan Parliament and Tibetan nongovernmental organizations, among others.

Lobsang Gyatso, the secretary of TibCERT, an organization that works with Tibetan organizations on cybersecurity threats, said in an interview that the recent attacks were a notable escalation from previous Chinese surveillance attempts.

For a decade, Chinese hackers blasted Tibetans with emails containing malicious attachments, Mr. Lobsang said. If they hacked one person’s computer, they hit everyone in the victim’s address books, casting as wide a net as possible. But in the last three years, Mr. Lobsang said, there has been a big shift.

“The recent targeting was something we haven’t seen in the community before,” he said. “It was a huge shift in resources. They were targeting mobile phones, and there was a lot more reconnaissance involved. They had private phone numbers of individuals, even those that were not online. They knew who they were, where their offices were located, what they did.”

Adam Meyers, the vice president of intelligence at CrowdStrike, said these operations were notably more sophisticated than five years ago, when security firms discovered that Chinese hackers were targeting the phones of Hong Kong protesters in the so-called Umbrella Revolution.

At the time, Chinese hackers could break only into phones that had been “jailbroken,” or altered in some way to allow the installation of apps not vetted by Apple’s official store. The recent attacks against the Uighurs broke into up-to-date iPhones without tipping off the owner.

“In terms of how the Chinese rank threats, the highest threats are domestic,” Mr. Lewis said. “The No. 1 threat, as the Chinese see it, is the loss of information control on their own population. But the United States is firmly No. 2.”

Chinese hackers have also used their improved skills to attack the computer networks of foreign governments and companies. They have targeted internet and telecommunications companies and have broken into the computer networks of foreign tech, chemical, manufacturing and mining companies. Airbus recently said China had hacked it through a supplier.

In 2016, Mr. Xi consolidated several army hacking divisions under a new Strategic Support Force, similar to the United States’ Cyber Command, and moved much of the country’s foreign hacking operation from the army to the more advanced Ministry of State Security, China’s main spy agency.

The restructuring coincided with a lull in Chinese cyberattacks after a 2015 agreement between Mr. Xi and President Barack Obama to cease cyberespionage operations for commercial gain.

“The deal gave the Chinese the time and space to focus on professionalizing their cyberespionage capabilities,” Mr. Lewis said. “We didn’t expect that.”

Chinese officials also cracked down on moonlighting in moneymaking schemes by its state-sponsored hackers — a “corruption” issue that Mr. Xi concluded had sometimes compromised the hackers’ identities and tools, according to security researchers.

While China was revamping its operations, security experts said, it was also clamping down on security research in order to keep advanced hacking methods in house. The Chinese police recently said they planned to enforce national laws against unauthorized vulnerability disclosure, and Chinese researchers were recently banned from competing in Western hacking conferences.

“They are circling the wagons,” Mr. Hultquist of FireEye said. “They’ve recognized that they could use these resources to aid their offensive and defensive cyberoperations.”

Real Estate, and Personal Injury Lawyers. Contact us at: https://westlakelegal.com 

G.O.P.-Led Senate Panel Affirms Russia Attacked Election, and Urges Action

Westlake Legal Group 08dc-socialmedia-facebookJumbo G.O.P.-Led Senate Panel Affirms Russia Attacked Election, and Urges Action Warner, Mark R United States Politics and Government Trump, Donald J Social Media Senate Committee on Intelligence Russian Interference in 2016 US Elections and Ties to Trump Associates Russia elections Cyberwarfare and Defense Computers and the Internet Burr, Richard M

WASHINGTON — As President Trump amplifies unsubstantiated claims of Ukrainian interference in the 2016 election, the Republican-led Senate Intelligence Committee reaffirmed on Tuesday that Russian operatives engaged in a widespread social media campaign to improve his chances in the race.

In a report, the committee backed up the conclusions of the intelligence community, the special counsel and researchers that Russia mounted a broad campaign to interfere in the election. A Russian troll farm central to the election campaign supported “Donald Trump at the direction of the Kremlin,” the committee said.

The panel said Congress should consider new disclosure requirements for political ads online, which unlike television or radio ads do not need to carry information about who paid for them. A bill introduced in 2017 by the top Democrat on the committee, Senator Mark Warner of Virginia, to put into effect new rules for online ads has failed to gain much momentum.

The report is nonetheless the latest call for lawmakers to reconsider the lax system of regulations that governs Silicon Valley, as Americans have learned more about the way platforms like Facebook, Twitter and YouTube can be used to make money off users’ personal information and to spread disinformation.

“Issues such as privacy rules, identity validation, transparency in how data is collected and used, and monitoring for inauthentic or malign content, among others, deserve continued examination,” the committee said.

But lawmakers have little time to advance legislation meant to stem election interference on social media — or to check Silicon Valley more broadly — before the 2020 election. Capitol Hill has been seized in recent weeks by an impeachment inquiry into Mr. Trump, making the normally difficult task of forging bipartisan consensus on other issues even more challenging.

The lawmakers also called for the Trump administration to take steps to respond to the threat, including setting up a task force of federal agencies to monitor attempts by foreign governments to interfere with democratic processes on social media.

“The committee recommends that the executive branch should, in the run-up to the 2020 election, reinforce with the public the danger of attempted foreign interference in the 2020 election,” the panel said.

But Mr. Trump has long tried to play down or deny Russia’s role in the 2016 election. On a call with President Volodymyr Zelensky of Ukraine that is at the core of the impeachment inquiry, Mr. Trump suggested that Ukraine might have played a part in efforts to sway the race.

That conspiracy theory runs counter to the conclusion published Tuesday by the Intelligence Committee: Operatives at the Russian troll farm, the Internet Research Agency, used a wide range of online platforms to share content they felt could drive a wedge through the American electorate to influence the presidential election.

“The bipartisan work that this committee has done to uncover and detail the extent of that effort has significantly advanced the public’s understanding of how, in 2016, Russia took advantage of our openness and innovation, exploiting American-bred social media platforms to spread disinformation, divide the public and undermine our democracy,” Mr. Warner said in a statement.

Russian operatives running the campaign used a wide variety of platforms, from giants like Facebook and Instagram to smaller players like LiveJournal, a once-popular American blogging service now owned by a Russian firm.

The committee’s report backed the conclusion of outside researchers that African-Americans had been a significant target of Russia’s persuasion efforts. Its report said the “committee found that no single group of Americans was targeted by I.R.A. information operatives more than African-Americans.”

It also highlighted that Russian activity had actually increased after Election Day 2016. Internet Research Agency activity went up 59 percent on Facebook, 238 percent on its subsidiary Instagram, 84 percent on YouTube and 52 percent on Twitter after the election, it said.

“Russia is waging an information warfare campaign against the U.S. that didn’t start and didn’t end with the 2016 election,” said Senator Richard M. Burr, Republican of North Carolina and the chairman of the committee.

Tech companies have taken additional steps since 2016 to weed out attempts at foreign interference using illicit accounts. Their dragnet has spread far beyond Russia: Facebook and Twitter recently took down accounts originating in China that had pushed messages meant to discredit protesters in Hong Kong.

The committee said major tech companies should work together and with government officials to share information crucial to combating disinformation.

“We’re working closely with governments, outside experts and other companies to identify threats and share information,” Andy Stone, a Facebook spokesman, said in a statement. “We have also invested in technology and people to block and remove fake accounts; find and remove coordinated manipulation campaigns; and bring unprecedented transparency to political advertising.”

Real Estate, and Personal Injury Lawyers. Contact us at: https://westlakelegal.com 

Top Secret Russian Unit Seeks to Destabilize Europe, Security Officials Say

Westlake Legal Group xxunit1-facebookJumbo Top Secret Russian Unit Seeks to Destabilize Europe, Security Officials Say Skripal, Sergei V Russian Interference in 2016 US Elections and Ties to Trump Associates Putin, Vladimir V GRU (Russia) Fedorov, Sergei Europe elections democratic national committee Cyberwarfare and Defense

First came a destabilization campaign in Moldova, followed by the poisoning of an arms dealer in Bulgaria and then a thwarted coup in Montenegro. Last year, there was an attempt to assassinate a former Russian spy in Britain using a nerve agent. Though the operations bore the fingerprints of Russia’s intelligence services, the authorities initially saw them as isolated, unconnected attacks.

Western security officials have now concluded that these operations, and potentially many others, are part of a coordinated and ongoing campaign to destabilize Europe, executed by an elite unit inside the Russian intelligence system skilled in subversion, sabotage and assassination.

The group, known as Unit 29155, has operated for at least a decade, yet Western officials only recently discovered it. Intelligence officials in four Western countries say it is unclear how often the unit is mobilized and warn that it is impossible to know when and where its operatives will strike.

The purpose of Unit 29155, which has not been previously reported, underscores the degree to which the Russian president, Vladimir V. Putin, is actively fighting the West with his brand of so-called hybrid warfare — a blend of propaganda, hacking attacks and disinformation — as well as open military confrontation.

“I think we had forgotten how organically ruthless the Russians could be,” said Peter Zwack, a retired military intelligence officer and former defense attaché at the United States Embassy in Moscow, who said he was not aware of the unit’s existence.

In a text message, Dmitri S. Peskov, Mr. Putin’s spokesman, directed questions about the unit to the Russian Defense Ministry. The ministry did not respond to requests for comment.

Hidden behind concrete walls at the headquarters of the 161st Special Purpose Specialist Training Center in eastern Moscow, the unit sits within the command hierarchy of the Russian military intelligence agency, widely known as the G.R.U.

Though much about G.R.U. operations remains a mystery, Western intelligence agencies have begun to get a clearer picture of its underlying architecture. In the months before the 2016 presidential election, American officials say two G.R.U. cyber units, known as 26165 and 74455, hacked into the servers of the Democratic National Committee and the Clinton campaign, and then published embarrassing internal communications.

Last year, Robert S. Mueller III, the special counsel overseeing the inquiry into Russian interference in the 2016 elections, indicted more than a dozen officers from those units, though all still remain at large. The hacking teams mostly operate from Moscow, thousands of miles from their targets.

By contrast, officers from Unit 29155 travel to and from European countries. Some are decorated veterans of Russia’s bloodiest wars, including in Afghanistan, Chechnya and Ukraine. Its operations are so secret, according to assessments by Western intelligence services, that the unit’s existence is most likely unknown even to other G.R.U. operatives.

The unit appears to be a tight-knit community. A photograph taken in 2017 shows the unit’s commander, Maj. Gen. Andrei V. Averyanov, at his daughter’s wedding in a gray suit and bow tie. He is posing with Col. Anatoly V. Chepiga, one of two officers indicted in Britain over the poisoning of a former spy, Sergei V. Skripal.

“This is a unit of the G.R.U. that has been active over the years across Europe,” said one European security official, who spoke on condition of anonymity to describe classified intelligence matters. “It’s been a surprise that the Russians, the G.R.U., this unit, have felt free to go ahead and carry out this extreme malign activity in friendly countries. That’s been a shock.”

To varying degrees, each of the four operations linked to the unit attracted public attention, even as it took time for the authorities to confirm that they were connected. Western intelligence agencies first identified the unit after the failed 2016 coup in Montenegro, which involved a plot by two unit officers to kill the country’s prime minister and seize the Parliament building.

But officials began to grasp the unit’s specific agenda of disruption only after the March 2018 poisoning of Mr. Skripal, a former G.R.U. officer who had betrayed Russia by spying for the British. Mr. Skripal and his daughter, Yulia, fell grievously ill after exposure to a highly toxic nerve agent, but survived.

(Three other people were sickened, including a police officer and a man who found a small bottle that British officials believe was used to carry the nerve agent and gave it to his girlfriend. The girlfriend, Dawn Sturgess, died after spraying the nerve agent on her skin, mistaking the bottle for perfume.)

The poisoning led to a geopolitical standoff, with more than 20 nations, including the United States, expelling 150 Russian diplomats in a show of solidarity with Britain.

Ultimately, the British authorities exposed two suspects, who had traveled under aliases but were later identified by the investigative site Bellingcat as Colonel Chepiga and Alexander Mishkin. Six months after the poisoning, British prosecutors charged both men with transporting the nerve agent to Mr. Skripal’s home in Salisbury, England, and smearing it on his front door.

But the operation was more complex than officials revealed at the time.

Exactly a year before the poisoning, three Unit 29155 operatives traveled to Britain, possibly for a practice run, two European officials said. One was Mr. Mishkin. A second man used the alias Sergei Pavlov. Intelligence officials believe the third operative, who used the alias Sergei Fedotov, oversaw the mission.

Soon, officials established that two of these officers — the men using the names Fedotov and Pavlov — had been part of a team that attempted to poison the Bulgarian arms dealer Emilian Gebrev in 2015. (The other operatives, also known only by their aliases, according to European intelligence officials, were Ivan Lebedev, Nikolai Kononikhin, Alexey Nikitin and Danil Stepanov.)

The team would twice try to kill Mr. Gebrev, once in Sofia, the capital, and again a month later at his home on the Black Sea.

Speaking to reporters in February at the Munich Security Conference, Alex Younger, the chief of MI6, Britain’s foreign intelligence service, spoke out against the growing Russian threat and hinted at coordination, without mentioning a specific unit.

“You can see there is a concerted program of activity — and, yes, it does often involve the same people,” Mr. Younger said, pointing specifically to the Skripal poisoning and the Montenegro coup attempt. He added: “We assess there is a standing threat from the G.R.U. and the other Russian intelligence services and that very little is off limits.”

The Kremlin sees Russia as being at war with a Western liberal order that it views as an existential threat.

At a ceremony in November for the G.R.U.’s centenary, Mr. Putin stood beneath a glowing backdrop of the agency’s logo — a red carnation and an exploding grenade — and described it as “legendary.” A former intelligence officer himself, Mr. Putin drew a direct line between the Red Army spies who helped defeat the Nazis in World War II and officers of the G.R.U., whose “unique capabilities” are now deployed against a different kind of enemy.

“Unfortunately, the potential for conflict is on the rise in the world,” Mr. Putin said during the ceremony. “Provocations and outright lies are being used and attempts are being made to disrupt strategic parity.”

In 2006, Mr. Putin signed a law legalizing targeted killings abroad, the same year a team of Russian assassins used a radioactive isotope to murder Aleksander V. Litvinenko, another former Russian spy, in London.

Unit 29155 is not the only group authorized to carry out such operations, officials said. The British authorities have attributed Mr. Litvinenko’s killing to the Federal Security Service, the intelligence agency once headed by Mr. Putin that often competes with the G.R.U.

Although little is known about Unit 29155 itself, there are clues in public Russian records that suggest links to the Kremlin’s broader hybrid strategy.

A 2012 directive from the Russian Defense Ministry assigned bonuses to three units for “special achievements in military service.” One was Unit 29155. Another was Unit 74455, which was involved in the 2016 election interference. The third was Unit 99450, whose officers are believed to have been involved in the annexation of the Crimean Peninsula in 2014.

A retired G.R.U. officer with knowledge of Unit 29155 said that it specialized in preparing for “diversionary” missions, “in groups or individually — bombings, murders, anything.”

“They were serious guys who served there,” the retired officer said. “They were officers who worked undercover and as international agents.”

Photographs of the unit’s dilapidated former headquarters, which has since been abandoned, show myriad gun racks with labels for an assortment of weapons, including Belgian FN-30 sniper rifles, German G3A3s, Austrian Steyr AUGs and American M16s. There was also a form outlining a training regimen, including exercises for hand-to-hand combat. The retired G.R.U. officer confirmed the authenticity of the photographs, which were published by a Russian blogger.

The current commander, General Averyanov, graduated in 1988 from the Tashkent Military Academy in what was then the Soviet Republic of Uzbekistan. It is likely that he would have fought in both the first and second Chechen wars, and he was awarded a Hero of Russia medal, the country’s highest honor, in January 2015. The two officers charged with the Skripal poisoning also received the same award.

Though an elite force, the unit appears to operate on a shoestring budget. According to Russian records, General Averyanov lives in a run-down Soviet-era building a few blocks from the unit’s headquarters and drives a 1996 VAZ 21053, a rattletrap Russia-made sedan. Operatives often share cheap accommodation to economize while on the road. British investigators say the suspects in the Skripal poisoning stayed in a low-cost hotel in Bow, a downtrodden neighborhood in East London.

But European security officials are also perplexed by the apparent sloppiness in the unit’s operations. Mr. Skripal survived the assassination attempt, as did Mr. Gebrev, the Bulgarian arms dealer. The attempted coup in Montenegro drew an enormous amount of attention, but ultimately failed. A year later, Montenegro joined NATO. It is possible, security officials say, that they have yet to discover other, more successful operations.

It is difficult to know if the messiness has bothered the Kremlin. Perhaps, intelligence experts say, it is part of the point.

“That kind of intelligence operation has become part of the psychological warfare,” said Eerik-Niiles Kross, a former intelligence chief in Estonia. “It’s not that they have become that much more aggressive. They want to be felt. It’s part of the game.”

Real Estate, and Personal Injury Lawyers. Contact us at: https://westlakelegal.com 

Iranian Hackers Target Trump Campaign as Threats to 2020 Mount

Westlake Legal Group 04microsoft3-facebookJumbo Iranian Hackers Target Trump Campaign as Threats to 2020 Mount United States Politics and Government United States Presidential Election of 2020 Politics and Government Iran Cyberwarfare and Defense

SAN FRANCISCO — The 2020 presidential election is still 13 months away, but already Iranians are following in the footsteps of Russia and have begun cyberattacks aimed at disrupting the campaigns.

Microsoft said on Friday that Iranian hackers, with apparent backing from the government, had made more than 2,700 attempts to identify the email accounts of current and former United States government officials, journalists covering political campaigns and accounts associated with a presidential campaign.

Though the company would not identify the presidential campaign involved, two people with knowledge of the hacking, who were not allowed to discuss it publicly, said it was President Trump’s.

In addition to Iran, hackers from Russia and North Korea have started targeting organizations that work closely with presidential candidates, according to security researchers and intelligence officials.

“We’ve already seen attacks on several campaigns and believe the volume and intensity of these attacks will only increase as the election cycle advances toward Election Day,” said Oren Falkowitz, the chief executive of the cybersecurity company Area 1, in an interview.

Microsoft’s report is the latest indication that cyberattacks and influence campaigns against political candidates are likely to accelerate heading into 2020. In 2016, Russian hackers infiltrated the computer networks of Democrats and Republicans, then selectively disseminated Democrats’ emails, including those of John D. Podesta, Hillary Clinton’s campaign chairman, in an effort to harm Mrs. Clinton’s campaign.

Microsoft said the attacks occurred over a 30-day period in August and September. That was roughly after the Trump administration announced additional sanctions against Iran, more than a year following the president’s withdrawal from the 2015 nuclear deal with Tehran. Iranian officials concede that the sanctions, intended to chock off the country’s oil revenue, have plunged the economy into a recession.

More recently, the administration has considered a cyberstrike to punish Tehran for what officials charge was an Iranian attack on Saudi oil facilities last month. It is all part of a low-level, daily cyberconflict between the two countries.

Iranian hackers have been engaged in a broad campaign against United States targets, according to Microsoft. The company found that hackers had tried to attack 241 accounts, using fairly unsophisticated means. The hackers appeared to have used information available about their victims online to discover their passwords. It was unclear what information they had stolen.

While the Microsoft report did not name Iran’s targets, it found evidence that hackers had infiltrated email inboxes in at least four cases. But the four successful hacks did not belong to a presidential campaign.

Tim Murtaugh, the Trump campaign’s communications director, said in a statement that “we have no indication that any of our campaign infrastructure was targeted.” Representatives for other presidential candidates said on Friday that their campaigns had not been targeted.

For weeks, officials from the F.B.I., the Department of Homeland Security and the National Security Agency have said they are particularly concerned about Iranian-backed attacks. Their worries stemmed from rising tensions over new sanctions on Iran and nascent Iranian activity in the 2018 midterm elections.

While the officials said they believed that all the presidential campaigns were likely targets, Mr. Trump’s has long been considered a prime one.

It was Mr. Trump who abandoned the nuclear deal and ramped up sanctions. The United States has also designated the Islamic Revolutionary Guard Corps a terrorist group. The guard corps oversees the nuclear program and, by some accounts, Iran’s best hacking group, its Cyber Corps.

But it is not clear whether the group that Microsoft identified reports to the Cyber Corps or is made up, deliberately, of freelancers and others whose affiliations are harder to trace.

When Iranian officials are asked about cyberattacks, they admit nothing but note that attacks have been two-way. Three times in the past decade, the United States has directed cyberweapons against Iranian targets. The most famous attack, code-named Olympic Games, wiped out about 1,000 centrifuges at the Natanz nuclear enrichment site.

In recent weeks, United States Cyber Command was asked to develop options for retaliating against the missile and drone attacks on Saudi Arabia’s oil fields. Officials reported that a cyberstrike against Iran was emerging as the most attractive option, in an effort to avoid the kind of escalation that might result from a more conventional strike.

So far, there is no evidence of such action, but it might take a while to gain access to Iranian computer networks, and the results might be subtle.

Security executives at the Democratic National Committee warned staff members in an email this week that Iranian hackers might be targeting their email accounts with so-called spearphishing attacks, in which hackers try to lure their target into clicking on a malicious link or attachment. That link or attachment can give attackers a foothold into a computer network.

The hackers were also believed to be interfering with an additional security feature known as two-factor authentication — a common security method that asks for credentials beyond a password — and were creating fake LinkedIn personas to make their email lures more believable.

After Russia’s interference in 2016, Democrats have repeatedly warned their Republican counterparts that election interference cuts both ways, and that state-sponsored hackers may not always seek to help the Republican candidate.

But to date, Senator Mitch McConnell of Kentucky, the majority leader, has refused to bring any election security bills to the floor. And Mr. Trump has yet to acknowledge Russian interference in the 2016 election, even as cybersecurity experts collect evidence that Russian hacking of organizations close to the 2020 campaigns is again underway.

James A. Lewis, a former government official and cybersecurity expert at the Center for Strategic and International Studies in Washington, said in a recent interview that cyberinterference, even from Russia, might not necessarily benefit Mr. Trump in 2020.

“The Russians have come to the conclusion that, so long as President Trump is in office, U.S.-Russian relations will remain at a standstill,” Mr. Lewis said.

Cybersecurity experts that specialize in disinformation say they have witnessed several coordinated disinformation campaigns aimed at influencing the 2020 campaign.

The bulk of that disinformation has originated domestically, said Cindy Otis, the director of analysis at Nisos, a cybersecurity firm in Alexandria, Va. She said other nation-states were closely watching these domestic operations but appeared to be holding back.

“We’ve seen a lot of disinformation on the domestic front, but nation-states are likely to amplify those narratives, as we saw Russia do in 2016,” Ms. Otis said. “But with so many candidates still in the running, nation-states seem to be waiting before they put all their efforts into one basket.”

Some cybersecurity firms said they were also witnessing what appeared to be the beginning stages of several different nation-state cyberattacks on American political campaigns.

In July, Tom Burt, Microsoft’s corporate vice president, told an audience at the Aspen Security Conference that Microsoft had evidence that Russia, Iran and North Korea had been the most active nations conducting cyberattacks.

With funding tight, only a handful of Democratic presidential campaigns have invested in a full-time cybersecurity officer. Instead, they have relied on advice from the Democratic National Committee and DigiDems, a Democratic technology firm founded after the 2016 presidential campaign.

The Democratic National Committee’s chief security officer, Bob Lord, holds occasional video conferences with members of presidential campaign staffs to keep them abreast of the latest threats. The committee has also mandated that each campaign have a point of contact for cybersecurity, and sends out both regular and emergency newsletters.

Every campaign, no matter how many millions of dollars it has raised, faces a difficult decision when building out a cybersecurity team: Such technology and expertise is expensive, but so is an expansive ground game.

“Campaigns only last until Election Day or when your candidate drops out,” said Tad Devine, a former senior adviser to the 2016 Bernie Sanders campaign. “If you spend too much on cybersecurity and not enough on voter contact, you’ll end your campaign by not making enough voter contact. So that’s the conundrum that campaigns are in.”

“Politics is a risk business,” Mr. Devine said. “You have to decide what risk you’re going to take.”

Real Estate, and Personal Injury Lawyers. Contact us at: https://westlakelegal.com 

Iranian Hackers Targeted Trump’s Re-election Campaign

Westlake Legal Group 04microsoft-facebookJumbo Iranian Hackers Targeted Trump’s Re-election Campaign United States Politics and Government United States Presidential Election of 2020 Politics and Government Iran Cyberwarfare and Defense

SAN FRANCISCO — Iranian hackers targeted President Trump’s re-election campaign, two people with knowledge of the attacks said on Friday, in a sign of how cyberattacks could become a fixture of the 2020 presidential election.

News that Mr. Trump’s campaign was an Iranian target came just hours after Microsoft said in a report that hackers, with apparent backing from Iran’s government, had made more than 2,700 attempts to identify the email accounts of current and former United States government officials, journalists covering political campaigns and accounts associated with a presidential campaign.

The two people, who were not allowed to publicly discuss the investigation into the hacks, said it was not clear what information was taken in the attack on the Trump campaign. While Microsoft did not name Iran’s targets in its report, it found evidence that hackers successfully infiltrated email inboxes in at least four cases.

Tim Murtaugh, the Trump campaign’s communications director, said in a statement that “we have no indication that any of our campaign infrastructure was targeted.”

The Iranian attack is the latest indication that cyberattacks and disinformation are likely to play a major role in the 2020 presidential campaign, as they did four years ago.

But the incentives to influence the election are likely to be very different than they were in 2016 when Russian hackers infiltrated the computer networks of Democrats and Republicans, then selectively leaked and disseminated Democrats’ emails, including those of John Podesta, chair of Hillary Clinton’s 2016 campaign, in an effort to harm Mrs. Clinton’s campaign.

In addition to Iran, hackers from North Korea and Russia have already started actively targeting organizations that work closely with 2020 presidential candidates.

No representatives for other presidential candidates said on Friday that their campaigns had been targeted.

The news that Iranian hackers targeted Mr. Trump came as his administration continues to weigh a cyberstrike against Iran to punish Tehran for what White House officials charge was an Iranian attack on Saudi oil facilities last month.

Iran’s targeting of Mr. Trump is part of a much broader Iranian campaign, according to the Microsoft report, which found that hackers had tried to attack 241 accounts, using fairly unsophisticated means. The hackers appeared to have used information available about their victims online to discover their passwords. It was unclear what information they stole.

For weeks, officials from the F.B.I., the Department of Homeland Security and the National Security Agency have said they are particularly concerned about Iranian-backed attacks. Their worries stemmed from rising tensions over new sanctions on Iran and nascent Iranian activity in the 2018 midterm elections.

While the officials said they believed that all the American presidential candidates were likely targets, President Trump’s campaign has long been considered a prime target.

It was Mr. Trump who abandoned the 2015 nuclear deal with Iran last year, and who has ramped up sanctions to the point that Iran’s oil revenues have dropped sharply. The United States has also designated the Islamic Revolutionary Guard Corps a terrorist group. The I.R.G. oversees the nuclear program and, by some accounts, Iran’s best hacking group, its Cyber Corps.

But it is not clear whether the group Microsoft identified reports to the Cyber Corps or is made up, deliberately, of freelancers and others whose affiliations are harder to trace.

This is a developing story. It will be updated.

Real Estate, and Personal Injury Lawyers. Contact us at: https://westlakelegal.com 

Iranian Hackers Targeted Presidential Campaign, Microsoft Says

Westlake Legal Group 04microsoft1-facebookJumbo Iranian Hackers Targeted Presidential Campaign, Microsoft Says United States Politics and Government United States Politics and Government Iran Cyberwarfare and Defense

SAN FRANCISCO — Iranian hackers have been targeting the email accounts of at least one presidential campaign, as well as those of American journalists and current and former United States government officials, according to Microsoft.

In a report released on Friday, Microsoft said the hackers, with apparent backing from Iran’s government, made more than 2,700 attempts to identify the email accounts of current and former government officials, journalists covering political campaigns and accounts associated with one major presidential campaign.

Microsoft would not name the campaign.

The researchers said the hackers tried to attack 241 accounts and were successful in four cases, using fairly unsophisticated means. In those cases, the hackers appear to have used information available about their victims online to discover their passwords.

The disclosure is the latest evidence that adversaries are stealing a page from Russia’s interference in the 2016 United States presidential election.

In July, Tom Burt, Microsoft’s corporate vice president, told an audience at the Aspen Security Conference that Microsoft had evidence that Russian, Iranian and North Korean hackers have been the most active nations conducting cyberattacks.

Mr. Burt said Russian, Iranian and North Korean hackers had been targeting nongovernmental organizations and think tanks that work closely with U.S. political campaigns.

This is a breaking story and will be updated.

Real Estate, and Personal Injury Lawyers. Contact us at: https://westlakelegal.com 

Iranian Hackers Targeted Presidential Campaign, Microsoft Says

Westlake Legal Group 04microsoft1-facebookJumbo Iranian Hackers Targeted Presidential Campaign, Microsoft Says United States Politics and Government United States Politics and Government Iran Cyberwarfare and Defense

SAN FRANCISCO — Iranian hackers have been targeting the email accounts of at least one presidential campaign, as well as those of American journalists and current and former United States government officials, according to Microsoft.

In a report released on Friday, Microsoft said the hackers, with apparent backing from Iran’s government, made more than 2,700 attempts to identify the email accounts of current and former government officials, journalists covering political campaigns and accounts associated with one major presidential campaign.

Microsoft would not name the campaign.

The researchers said the hackers tried to attack 241 accounts and were successful in four cases, using fairly unsophisticated means. In those cases, the hackers appear to have used information available about their victims online to discover their passwords.

The disclosure is the latest evidence that adversaries are stealing a page from Russia’s interference in the 2016 United States presidential election.

In July, Tom Burt, Microsoft’s corporate vice president, told an audience at the Aspen Security Conference that Microsoft had evidence that Russian, Iranian and North Korean hackers have been the most active nations conducting cyberattacks.

Mr. Burt said Russian, Iranian and North Korean hackers had been targeting nongovernmental organizations and think tanks that work closely with U.S. political campaigns.

This is a breaking story and will be updated.

Real Estate, and Personal Injury Lawyers. Contact us at: https://westlakelegal.com 

How a Fringe Theory About Ukraine Took Root in the White House

Westlake Legal Group 03conspiracy-01-facebookJumbo How a Fringe Theory About Ukraine Took Root in the White House Zelensky, Volodymyr Yovanovitch, Marie L United States Ukraine Trump, Donald J Trump-Ukraine Whistle-Blower Complaint and Impeachment Inquiry Russian Interference in 2016 US Elections and Ties to Trump Associates Russia Rumors and Misinformation Reddit Inc Presidential Election of 2016 Mueller, Robert S III Giuliani, Rudolph W Federal Bureau of Investigation Facebook Inc Democratic Party democratic national committee Democratic Congressional Campaign Committee Cyberwarfare and Defense CrowdStrike Inc Clinton, Hillary Rodham Biden, Joseph R Jr Biden, Hunter Atlantic Council 4chan

In an April 2017 interview with The Associated Press, President Trump suddenly began talking about the hack of the Democratic National Committee a year earlier, complaining that the F.B.I. had not physically examined the compromised server.

“They brought in another company that I hear is Ukrainian-based,” the president said.

“CrowdStrike?” the surprised reporter asked, referring to the California cybersecurity company that investigated how Russian government hackers had stolen and leaked Democratic emails, disrupting Hillary Clinton’s campaign.

“That’s what I heard,” Mr. Trump resumed. “I heard it’s owned by a very rich Ukrainian; that’s what I heard.”

More than two years later, Mr. Trump was still holding on to this false conspiracy theory. In his July call with President Volodymyr Zelensky of Ukraine, he summed it up in a sort of shorthand — at least according to the White House memorandum, labeled “not a verbatim transcript.”

“I would like you to find out what happened with this whole situation with Ukraine, they say CrowdStrike … I guess you have one of your wealthy people …,” the president said. It is unclear whether the ellipses indicate that words were omitted or that Mr. Trump’s voice was trailing off.

Then he added one novel detail: “The server, they say Ukraine has it.”

Now, Mr. Trump’s call for Ukraine to look into his CrowdStrike story forms the background to the House impeachment inquiry, which is focused on the second request he made: that Mr. Zelensky investigate Mr. Trump’s possible 2020 opponent, former Vice President Joseph R. Biden Jr. Mr. Trump has placed a concoction of disprovable claims, of the kind usually found on the fringes of the web, squarely in the middle of American politics and diplomacy.

The tale of the supposedly hidden server may have appealed to Mr. Trump because it undercut a well-established fact that he has resented and resisted for three years: The Russian government interfered in the 2016 election to help him win, an effort thoroughly documented by American intelligence agencies and amply supported by public evidence.

By contrast, there is no evidence to support the president’s vague suggestion that Ukraine, not Russia, might be responsible for the hacking, or that CrowdStrike somehow connived in it. But his alternate history has provided a psychological shield for the president against facts that he believes tarnish his electoral victory.

Mr. Trump has long called for better relations with Vladimir V. Putin’s Russia and brushed aside complaints about its conduct. So there is a certain symmetry to his suggestion that Ukraine, Russia’s opponent and the victim of its territorial grab, may somehow have framed Russia for the 2016 election activity.

“Ukraine is the perfect scapegoat for him, because it’s the enemy of Russia,” said Nina Jankowicz, a fellow at the Wilson Center in Washington who regularly visits Ukraine and is writing a book called “How to Lose the Information War.”

She noted that a number of Ukraine-linked stories, some of them distorted or exaggerated, have been pulled together by Mr. Trump’s supporters into a single narrative.

For example, there is the idea, promoted by the president’s lawyer Rudolph W. Giuliani, that Ukraine’s government actively sabotaged Mr. Trump’s 2016 campaign. A Ukrainian-American lawyer who consulted for the D.N.C. looked into the finances of Paul Manafort and spoke with Ukrainian embassy officials. But there appears to have been no organized Ukrainian government effort to intervene — certainly nothing comparable to the activities of Russian intelligence agencies ordered by Mr. Putin.

It is true that a Ukrainian legislator helped publicize documents on Mr. Manafort’s multimillion-dollar payments from a Ukrainian political party, leading to his resignation as Mr. Trump’s campaign chairman. But the claim of Mr. Manafort’s wrongdoing turned out to be justified. He is now serving seven and a half years in prison for financial fraud and other crimes.

In May, Mr. Trump recalled the American ambassador to Kiev, Marie L. Yovanovitch, appointed by President Barack Obama in 2016, telling others she was scheming against his administration. She has denied it.

And Mr. Trump has repeatedly charged that Mr. Biden, who handled Ukrainian affairs as vice president, tried to get a prosecutor fired for investigating a Ukrainian energy company that paid his son, Hunter, handsomely as a board member despite a lack of experience in Ukraine. In fact, multiple countries were pressing for the firing of the prosecutor, who they thought was turning a blind eye to corruption.

“Now it seems like all of these conspiracy theories are merging into one,” Ms. Jankowicz said. She studies disinformation, she said, but Mr. Trump produced one claim she’d never come across.

“I do this for a living, and I’d never heard anyone say the servers were in Ukraine,” she said.

Twitter removed a video posted by Mr. Trump that showed a meme of Nickelbacker’s lead singer, edited as an attack on Joe Biden.

In the 27 months between Mr. Trump’s two citations of the CrowdStrike-Ukraine conspiracy theory, it has survived despite many denials from CrowdStrike, the F.B.I. and people directly involved in the investigations. It has survived despite the fact that the D.N.C. put one of its hacked servers on display — not in Ukraine but in its Washington offices beside the filing cabinet pried open in 1972 by the Watergate burglars (and a photo of the two artifacts ran on The Times’s front page). It has survived despite the indictment prepared last year by Robert S. Mueller III, the special counsel, laying out in extraordinary detail the actions of 12 named Russian military intelligence officers who hacked the D.N.C. and other election targets.

The speculation springs from what Mr. Trump has called a “big Dem scam” — the false notion that the F.B.I. never really investigated the D.N.C. hack. In fact, according to people directly involved, CrowdStrike was in regular contact with the bureau in spring 2016 as it examined dozens of servers used by both the D.N.C. and the Democratic Congressional Campaign Committee.

It is true, as Mr. Trump has often tweeted, that F.B.I. agents never took physical possession of the Democrats’ servers. But CrowdStrike supplied the F.B.I. with digital copies of the servers so that the bureau could assess the Russian malware infecting them. The Mueller investigation later confirmed CrowdStrike’s findings.

Still, the president has clung to the theory linking CrowdStrike, Ukraine and the D.N.C. servers despite the repeated efforts of his aides to dissuade him, Thomas Bossert, his former homeland security adviser, said on Sunday on ABC’s “This Week.” “The D.N.C. server and that conspiracy theory has got to go,” he said. “If he continues to focus on that white whale, it’s going to bring him down.”

To go in search of the roots of Mr. Trump’s CrowdStrike-Ukraine conspiracy theory is to travel the internet’s most peculiar provinces and the darkest threads on Twitter and Facebook. On 4chan and pro-Trump spaces on Reddit, on websites like ZeroHedge.com and Washington’s Blog, you can find plenty of speculation about evil manipulation by CrowdStrike and secret maneuvers by Ukrainians — often inflamed by Mr. Trump’s own statements.

Until the president’s statements, however, even internet speculation did not attribute CrowdStrike’s ownership to a rich Ukrainian or suggest that the D.N.C. servers were hidden in Ukraine.

George Eliason, an American journalist who lives in eastern Ukraine, where pro-Russian separatists fought Ukrainian forces, has written extensively about what he considers to be a “coup attempt” against President Trump involving American and Ukrainian intelligence agencies and CrowdStrike. He said he did not know if his writings for obscure websites might have influenced the president.

“CrowdStrike and Ukrainian Intel are working hand in glove,” he wrote in an email. “Is Ukrainian Intelligence trying to invent a reason for the U.S. to take a hardline stance against Russia? Are they using CrowdStrike to carry this out?”

Mr. Eliason and other purveyors of Ukraine conspiracies often point to the Atlantic Council, a research group in Washington, as the locus of the schemes. The Ukrainian oligarch Viktor Pinchuk has made donations to the council and serves on its international advisory board; Dmitri Alperovitch, CrowdStrike’s co-founder, who was born in Russia and came to the United States as a child, is an Atlantic Council senior fellow.

That connection seems slender, but it may be the origin of Mr. Trump’s association of a wealthy Ukrainian with CrowdStrike.

Pro-Trump media leaped last week to defend the president’s Ukraine theories. Rush Limbaugh said on his radio show that Mr. Trump’s “reference to CrowdStrike, mark my words, is momentous,” though he did not say why.

And Russian state news outlets are always ready to cheer on Mr. Trump’s efforts to point the blame for the 2016 hack away from Moscow. On Sept. 25, after the White House released its memo on the Zelensky call, Russia’s Sputnik news website ran a story supporting Mr. Trump’s remarks.

The Sputnik article cited Mr. Eliason’s writings and suggested that CrowdStrike might have framed Russia for the D.N.C. hack — if it occurred at all. It quoted a Twitter account called “The Last Refuge” declaring: “The D.N.C. servers were never hacked.”

All this mythmaking about the 2016 hack frustrates Robert Johnston, who was the lead investigator for CrowdStrike on the D.N.C. inquiry. Mr. Johnston, a former Marine and Cyber Command operator, said he could make no sense of Mr. Trump’s assertions.

“It doesn’t connect with anything in my experience,” he said. “I’d be interested in the president of Ukraine’s impression.”

Mr. Johnston, now chief executive of the cybersecurity company Adlumin, said he was weary of the conspiracies surrounding what he considered a straightforward conclusion. Having seen the digital fingerprints of Russian intelligence in earlier hacking cases, he felt there was little doubt about the identity of the perpetrators.

“I don’t know how you get to this point,” Mr. Johnston said of the fantasies Mr. Trump has promoted. “This is a story that just won’t die.”

Real Estate, and Personal Injury Lawyers. Contact us at: https://westlakelegal.com