web analytics
a

Facebook

Twitter

Copyright 2015 Libero Themes.
All Rights Reserved.

8:30 - 6:00

Our Office Hours Mon. - Fri.

703-406-7616

Call For Free 15/M Consultation

Facebook

Twitter

Search
Menu
Westlake Legal Group > Posts tagged "Cyberwarfare and Defense"

G.O.P.-Led Senate Panel Affirms Russia Attacked Election, and Urges Action

Westlake Legal Group 08dc-socialmedia-facebookJumbo G.O.P.-Led Senate Panel Affirms Russia Attacked Election, and Urges Action Warner, Mark R United States Politics and Government Trump, Donald J Social Media Senate Committee on Intelligence Russian Interference in 2016 US Elections and Ties to Trump Associates Russia elections Cyberwarfare and Defense Computers and the Internet Burr, Richard M

WASHINGTON — As President Trump amplifies unsubstantiated claims of Ukrainian interference in the 2016 election, the Republican-led Senate Intelligence Committee reaffirmed on Tuesday that Russian operatives engaged in a widespread social media campaign to improve his chances in the race.

In a report, the committee backed up the conclusions of the intelligence community, the special counsel and researchers that Russia mounted a broad campaign to interfere in the election. A Russian troll farm central to the election campaign supported “Donald Trump at the direction of the Kremlin,” the committee said.

The panel said Congress should consider new disclosure requirements for political ads online, which unlike television or radio ads do not need to carry information about who paid for them. A bill introduced in 2017 by the top Democrat on the committee, Senator Mark Warner of Virginia, to put into effect new rules for online ads has failed to gain much momentum.

The report is nonetheless the latest call for lawmakers to reconsider the lax system of regulations that governs Silicon Valley, as Americans have learned more about the way platforms like Facebook, Twitter and YouTube can be used to make money off users’ personal information and to spread disinformation.

“Issues such as privacy rules, identity validation, transparency in how data is collected and used, and monitoring for inauthentic or malign content, among others, deserve continued examination,” the committee said.

But lawmakers have little time to advance legislation meant to stem election interference on social media — or to check Silicon Valley more broadly — before the 2020 election. Capitol Hill has been seized in recent weeks by an impeachment inquiry into Mr. Trump, making the normally difficult task of forging bipartisan consensus on other issues even more challenging.

The lawmakers also called for the Trump administration to take steps to respond to the threat, including setting up a task force of federal agencies to monitor attempts by foreign governments to interfere with democratic processes on social media.

“The committee recommends that the executive branch should, in the run-up to the 2020 election, reinforce with the public the danger of attempted foreign interference in the 2020 election,” the panel said.

But Mr. Trump has long tried to play down or deny Russia’s role in the 2016 election. On a call with President Volodymyr Zelensky of Ukraine that is at the core of the impeachment inquiry, Mr. Trump suggested that Ukraine might have played a part in efforts to sway the race.

That conspiracy theory runs counter to the conclusion published Tuesday by the Intelligence Committee: Operatives at the Russian troll farm, the Internet Research Agency, used a wide range of online platforms to share content they felt could drive a wedge through the American electorate to influence the presidential election.

“The bipartisan work that this committee has done to uncover and detail the extent of that effort has significantly advanced the public’s understanding of how, in 2016, Russia took advantage of our openness and innovation, exploiting American-bred social media platforms to spread disinformation, divide the public and undermine our democracy,” Mr. Warner said in a statement.

Russian operatives running the campaign used a wide variety of platforms, from giants like Facebook and Instagram to smaller players like LiveJournal, a once-popular American blogging service now owned by a Russian firm.

The committee’s report backed the conclusion of outside researchers that African-Americans had been a significant target of Russia’s persuasion efforts. Its report said the “committee found that no single group of Americans was targeted by I.R.A. information operatives more than African-Americans.”

It also highlighted that Russian activity had actually increased after Election Day 2016. Internet Research Agency activity went up 59 percent on Facebook, 238 percent on its subsidiary Instagram, 84 percent on YouTube and 52 percent on Twitter after the election, it said.

“Russia is waging an information warfare campaign against the U.S. that didn’t start and didn’t end with the 2016 election,” said Senator Richard M. Burr, Republican of North Carolina and the chairman of the committee.

Tech companies have taken additional steps since 2016 to weed out attempts at foreign interference using illicit accounts. Their dragnet has spread far beyond Russia: Facebook and Twitter recently took down accounts originating in China that had pushed messages meant to discredit protesters in Hong Kong.

The committee said major tech companies should work together and with government officials to share information crucial to combating disinformation.

“We’re working closely with governments, outside experts and other companies to identify threats and share information,” Andy Stone, a Facebook spokesman, said in a statement. “We have also invested in technology and people to block and remove fake accounts; find and remove coordinated manipulation campaigns; and bring unprecedented transparency to political advertising.”

Real Estate, and Personal Injury Lawyers. Contact us at: https://westlakelegal.com 

Top Secret Russian Unit Seeks to Destabilize Europe, Security Officials Say

Westlake Legal Group xxunit1-facebookJumbo Top Secret Russian Unit Seeks to Destabilize Europe, Security Officials Say Skripal, Sergei V Russian Interference in 2016 US Elections and Ties to Trump Associates Putin, Vladimir V GRU (Russia) Fedorov, Sergei Europe elections democratic national committee Cyberwarfare and Defense

First came a destabilization campaign in Moldova, followed by the poisoning of an arms dealer in Bulgaria and then a thwarted coup in Montenegro. Last year, there was an attempt to assassinate a former Russian spy in Britain using a nerve agent. Though the operations bore the fingerprints of Russia’s intelligence services, the authorities initially saw them as isolated, unconnected attacks.

Western security officials have now concluded that these operations, and potentially many others, are part of a coordinated and ongoing campaign to destabilize Europe, executed by an elite unit inside the Russian intelligence system skilled in subversion, sabotage and assassination.

The group, known as Unit 29155, has operated for at least a decade, yet Western officials only recently discovered it. Intelligence officials in four Western countries say it is unclear how often the unit is mobilized and warn that it is impossible to know when and where its operatives will strike.

The purpose of Unit 29155, which has not been previously reported, underscores the degree to which the Russian president, Vladimir V. Putin, is actively fighting the West with his brand of so-called hybrid warfare — a blend of propaganda, hacking attacks and disinformation — as well as open military confrontation.

“I think we had forgotten how organically ruthless the Russians could be,” said Peter Zwack, a retired military intelligence officer and former defense attaché at the United States Embassy in Moscow, who said he was not aware of the unit’s existence.

In a text message, Dmitri S. Peskov, Mr. Putin’s spokesman, directed questions about the unit to the Russian Defense Ministry. The ministry did not respond to requests for comment.

Hidden behind concrete walls at the headquarters of the 161st Special Purpose Specialist Training Center in eastern Moscow, the unit sits within the command hierarchy of the Russian military intelligence agency, widely known as the G.R.U.

Though much about G.R.U. operations remains a mystery, Western intelligence agencies have begun to get a clearer picture of its underlying architecture. In the months before the 2016 presidential election, American officials say two G.R.U. cyber units, known as 26165 and 74455, hacked into the servers of the Democratic National Committee and the Clinton campaign, and then published embarrassing internal communications.

Last year, Robert S. Mueller III, the special counsel overseeing the inquiry into Russian interference in the 2016 elections, indicted more than a dozen officers from those units, though all still remain at large. The hacking teams mostly operate from Moscow, thousands of miles from their targets.

By contrast, officers from Unit 29155 travel to and from European countries. Some are decorated veterans of Russia’s bloodiest wars, including in Afghanistan, Chechnya and Ukraine. Its operations are so secret, according to assessments by Western intelligence services, that the unit’s existence is most likely unknown even to other G.R.U. operatives.

The unit appears to be a tight-knit community. A photograph taken in 2017 shows the unit’s commander, Maj. Gen. Andrei V. Averyanov, at his daughter’s wedding in a gray suit and bow tie. He is posing with Col. Anatoly V. Chepiga, one of two officers indicted in Britain over the poisoning of a former spy, Sergei V. Skripal.

“This is a unit of the G.R.U. that has been active over the years across Europe,” said one European security official, who spoke on condition of anonymity to describe classified intelligence matters. “It’s been a surprise that the Russians, the G.R.U., this unit, have felt free to go ahead and carry out this extreme malign activity in friendly countries. That’s been a shock.”

To varying degrees, each of the four operations linked to the unit attracted public attention, even as it took time for the authorities to confirm that they were connected. Western intelligence agencies first identified the unit after the failed 2016 coup in Montenegro, which involved a plot by two unit officers to kill the country’s prime minister and seize the Parliament building.

But officials began to grasp the unit’s specific agenda of disruption only after the March 2018 poisoning of Mr. Skripal, a former G.R.U. officer who had betrayed Russia by spying for the British. Mr. Skripal and his daughter, Yulia, fell grievously ill after exposure to a highly toxic nerve agent, but survived.

(Three other people were sickened, including a police officer and a man who found a small bottle that British officials believe was used to carry the nerve agent and gave it to his girlfriend. The girlfriend, Dawn Sturgess, died after spraying the nerve agent on her skin, mistaking the bottle for perfume.)

The poisoning led to a geopolitical standoff, with more than 20 nations, including the United States, expelling 150 Russian diplomats in a show of solidarity with Britain.

Ultimately, the British authorities exposed two suspects, who had traveled under aliases but were later identified by the investigative site Bellingcat as Colonel Chepiga and Alexander Mishkin. Six months after the poisoning, British prosecutors charged both men with transporting the nerve agent to Mr. Skripal’s home in Salisbury, England, and smearing it on his front door.

But the operation was more complex than officials revealed at the time.

Exactly a year before the poisoning, three Unit 29155 operatives traveled to Britain, possibly for a practice run, two European officials said. One was Mr. Mishkin. A second man used the alias Sergei Pavlov. Intelligence officials believe the third operative, who used the alias Sergei Fedotov, oversaw the mission.

Soon, officials established that two of these officers — the men using the names Fedotov and Pavlov — had been part of a team that attempted to poison the Bulgarian arms dealer Emilian Gebrev in 2015. (The other operatives, also known only by their aliases, according to European intelligence officials, were Ivan Lebedev, Nikolai Kononikhin, Alexey Nikitin and Danil Stepanov.)

The team would twice try to kill Mr. Gebrev, once in Sofia, the capital, and again a month later at his home on the Black Sea.

Speaking to reporters in February at the Munich Security Conference, Alex Younger, the chief of MI6, Britain’s foreign intelligence service, spoke out against the growing Russian threat and hinted at coordination, without mentioning a specific unit.

“You can see there is a concerted program of activity — and, yes, it does often involve the same people,” Mr. Younger said, pointing specifically to the Skripal poisoning and the Montenegro coup attempt. He added: “We assess there is a standing threat from the G.R.U. and the other Russian intelligence services and that very little is off limits.”

The Kremlin sees Russia as being at war with a Western liberal order that it views as an existential threat.

At a ceremony in November for the G.R.U.’s centenary, Mr. Putin stood beneath a glowing backdrop of the agency’s logo — a red carnation and an exploding grenade — and described it as “legendary.” A former intelligence officer himself, Mr. Putin drew a direct line between the Red Army spies who helped defeat the Nazis in World War II and officers of the G.R.U., whose “unique capabilities” are now deployed against a different kind of enemy.

“Unfortunately, the potential for conflict is on the rise in the world,” Mr. Putin said during the ceremony. “Provocations and outright lies are being used and attempts are being made to disrupt strategic parity.”

In 2006, Mr. Putin signed a law legalizing targeted killings abroad, the same year a team of Russian assassins used a radioactive isotope to murder Aleksander V. Litvinenko, another former Russian spy, in London.

Unit 29155 is not the only group authorized to carry out such operations, officials said. The British authorities have attributed Mr. Litvinenko’s killing to the Federal Security Service, the intelligence agency once headed by Mr. Putin that often competes with the G.R.U.

Although little is known about Unit 29155 itself, there are clues in public Russian records that suggest links to the Kremlin’s broader hybrid strategy.

A 2012 directive from the Russian Defense Ministry assigned bonuses to three units for “special achievements in military service.” One was Unit 29155. Another was Unit 74455, which was involved in the 2016 election interference. The third was Unit 99450, whose officers are believed to have been involved in the annexation of the Crimean Peninsula in 2014.

A retired G.R.U. officer with knowledge of Unit 29155 said that it specialized in preparing for “diversionary” missions, “in groups or individually — bombings, murders, anything.”

“They were serious guys who served there,” the retired officer said. “They were officers who worked undercover and as international agents.”

Photographs of the unit’s dilapidated former headquarters, which has since been abandoned, show myriad gun racks with labels for an assortment of weapons, including Belgian FN-30 sniper rifles, German G3A3s, Austrian Steyr AUGs and American M16s. There was also a form outlining a training regimen, including exercises for hand-to-hand combat. The retired G.R.U. officer confirmed the authenticity of the photographs, which were published by a Russian blogger.

The current commander, General Averyanov, graduated in 1988 from the Tashkent Military Academy in what was then the Soviet Republic of Uzbekistan. It is likely that he would have fought in both the first and second Chechen wars, and he was awarded a Hero of Russia medal, the country’s highest honor, in January 2015. The two officers charged with the Skripal poisoning also received the same award.

Though an elite force, the unit appears to operate on a shoestring budget. According to Russian records, General Averyanov lives in a run-down Soviet-era building a few blocks from the unit’s headquarters and drives a 1996 VAZ 21053, a rattletrap Russia-made sedan. Operatives often share cheap accommodation to economize while on the road. British investigators say the suspects in the Skripal poisoning stayed in a low-cost hotel in Bow, a downtrodden neighborhood in East London.

But European security officials are also perplexed by the apparent sloppiness in the unit’s operations. Mr. Skripal survived the assassination attempt, as did Mr. Gebrev, the Bulgarian arms dealer. The attempted coup in Montenegro drew an enormous amount of attention, but ultimately failed. A year later, Montenegro joined NATO. It is possible, security officials say, that they have yet to discover other, more successful operations.

It is difficult to know if the messiness has bothered the Kremlin. Perhaps, intelligence experts say, it is part of the point.

“That kind of intelligence operation has become part of the psychological warfare,” said Eerik-Niiles Kross, a former intelligence chief in Estonia. “It’s not that they have become that much more aggressive. They want to be felt. It’s part of the game.”

Real Estate, and Personal Injury Lawyers. Contact us at: https://westlakelegal.com 

Iranian Hackers Target Trump Campaign as Threats to 2020 Mount

Westlake Legal Group 04microsoft3-facebookJumbo Iranian Hackers Target Trump Campaign as Threats to 2020 Mount United States Politics and Government United States Presidential Election of 2020 Politics and Government Iran Cyberwarfare and Defense

SAN FRANCISCO — The 2020 presidential election is still 13 months away, but already Iranians are following in the footsteps of Russia and have begun cyberattacks aimed at disrupting the campaigns.

Microsoft said on Friday that Iranian hackers, with apparent backing from the government, had made more than 2,700 attempts to identify the email accounts of current and former United States government officials, journalists covering political campaigns and accounts associated with a presidential campaign.

Though the company would not identify the presidential campaign involved, two people with knowledge of the hacking, who were not allowed to discuss it publicly, said it was President Trump’s.

In addition to Iran, hackers from Russia and North Korea have started targeting organizations that work closely with presidential candidates, according to security researchers and intelligence officials.

“We’ve already seen attacks on several campaigns and believe the volume and intensity of these attacks will only increase as the election cycle advances toward Election Day,” said Oren Falkowitz, the chief executive of the cybersecurity company Area 1, in an interview.

Microsoft’s report is the latest indication that cyberattacks and influence campaigns against political candidates are likely to accelerate heading into 2020. In 2016, Russian hackers infiltrated the computer networks of Democrats and Republicans, then selectively disseminated Democrats’ emails, including those of John D. Podesta, Hillary Clinton’s campaign chairman, in an effort to harm Mrs. Clinton’s campaign.

Microsoft said the attacks occurred over a 30-day period in August and September. That was roughly after the Trump administration announced additional sanctions against Iran, more than a year following the president’s withdrawal from the 2015 nuclear deal with Tehran. Iranian officials concede that the sanctions, intended to chock off the country’s oil revenue, have plunged the economy into a recession.

More recently, the administration has considered a cyberstrike to punish Tehran for what officials charge was an Iranian attack on Saudi oil facilities last month. It is all part of a low-level, daily cyberconflict between the two countries.

Iranian hackers have been engaged in a broad campaign against United States targets, according to Microsoft. The company found that hackers had tried to attack 241 accounts, using fairly unsophisticated means. The hackers appeared to have used information available about their victims online to discover their passwords. It was unclear what information they had stolen.

While the Microsoft report did not name Iran’s targets, it found evidence that hackers had infiltrated email inboxes in at least four cases. But the four successful hacks did not belong to a presidential campaign.

Tim Murtaugh, the Trump campaign’s communications director, said in a statement that “we have no indication that any of our campaign infrastructure was targeted.” Representatives for other presidential candidates said on Friday that their campaigns had not been targeted.

For weeks, officials from the F.B.I., the Department of Homeland Security and the National Security Agency have said they are particularly concerned about Iranian-backed attacks. Their worries stemmed from rising tensions over new sanctions on Iran and nascent Iranian activity in the 2018 midterm elections.

While the officials said they believed that all the presidential campaigns were likely targets, Mr. Trump’s has long been considered a prime one.

It was Mr. Trump who abandoned the nuclear deal and ramped up sanctions. The United States has also designated the Islamic Revolutionary Guard Corps a terrorist group. The guard corps oversees the nuclear program and, by some accounts, Iran’s best hacking group, its Cyber Corps.

But it is not clear whether the group that Microsoft identified reports to the Cyber Corps or is made up, deliberately, of freelancers and others whose affiliations are harder to trace.

When Iranian officials are asked about cyberattacks, they admit nothing but note that attacks have been two-way. Three times in the past decade, the United States has directed cyberweapons against Iranian targets. The most famous attack, code-named Olympic Games, wiped out about 1,000 centrifuges at the Natanz nuclear enrichment site.

In recent weeks, United States Cyber Command was asked to develop options for retaliating against the missile and drone attacks on Saudi Arabia’s oil fields. Officials reported that a cyberstrike against Iran was emerging as the most attractive option, in an effort to avoid the kind of escalation that might result from a more conventional strike.

So far, there is no evidence of such action, but it might take a while to gain access to Iranian computer networks, and the results might be subtle.

Security executives at the Democratic National Committee warned staff members in an email this week that Iranian hackers might be targeting their email accounts with so-called spearphishing attacks, in which hackers try to lure their target into clicking on a malicious link or attachment. That link or attachment can give attackers a foothold into a computer network.

The hackers were also believed to be interfering with an additional security feature known as two-factor authentication — a common security method that asks for credentials beyond a password — and were creating fake LinkedIn personas to make their email lures more believable.

After Russia’s interference in 2016, Democrats have repeatedly warned their Republican counterparts that election interference cuts both ways, and that state-sponsored hackers may not always seek to help the Republican candidate.

But to date, Senator Mitch McConnell of Kentucky, the majority leader, has refused to bring any election security bills to the floor. And Mr. Trump has yet to acknowledge Russian interference in the 2016 election, even as cybersecurity experts collect evidence that Russian hacking of organizations close to the 2020 campaigns is again underway.

James A. Lewis, a former government official and cybersecurity expert at the Center for Strategic and International Studies in Washington, said in a recent interview that cyberinterference, even from Russia, might not necessarily benefit Mr. Trump in 2020.

“The Russians have come to the conclusion that, so long as President Trump is in office, U.S.-Russian relations will remain at a standstill,” Mr. Lewis said.

Cybersecurity experts that specialize in disinformation say they have witnessed several coordinated disinformation campaigns aimed at influencing the 2020 campaign.

The bulk of that disinformation has originated domestically, said Cindy Otis, the director of analysis at Nisos, a cybersecurity firm in Alexandria, Va. She said other nation-states were closely watching these domestic operations but appeared to be holding back.

“We’ve seen a lot of disinformation on the domestic front, but nation-states are likely to amplify those narratives, as we saw Russia do in 2016,” Ms. Otis said. “But with so many candidates still in the running, nation-states seem to be waiting before they put all their efforts into one basket.”

Some cybersecurity firms said they were also witnessing what appeared to be the beginning stages of several different nation-state cyberattacks on American political campaigns.

In July, Tom Burt, Microsoft’s corporate vice president, told an audience at the Aspen Security Conference that Microsoft had evidence that Russia, Iran and North Korea had been the most active nations conducting cyberattacks.

With funding tight, only a handful of Democratic presidential campaigns have invested in a full-time cybersecurity officer. Instead, they have relied on advice from the Democratic National Committee and DigiDems, a Democratic technology firm founded after the 2016 presidential campaign.

The Democratic National Committee’s chief security officer, Bob Lord, holds occasional video conferences with members of presidential campaign staffs to keep them abreast of the latest threats. The committee has also mandated that each campaign have a point of contact for cybersecurity, and sends out both regular and emergency newsletters.

Every campaign, no matter how many millions of dollars it has raised, faces a difficult decision when building out a cybersecurity team: Such technology and expertise is expensive, but so is an expansive ground game.

“Campaigns only last until Election Day or when your candidate drops out,” said Tad Devine, a former senior adviser to the 2016 Bernie Sanders campaign. “If you spend too much on cybersecurity and not enough on voter contact, you’ll end your campaign by not making enough voter contact. So that’s the conundrum that campaigns are in.”

“Politics is a risk business,” Mr. Devine said. “You have to decide what risk you’re going to take.”

Real Estate, and Personal Injury Lawyers. Contact us at: https://westlakelegal.com 

Iranian Hackers Targeted Trump’s Re-election Campaign

Westlake Legal Group 04microsoft-facebookJumbo Iranian Hackers Targeted Trump’s Re-election Campaign United States Politics and Government United States Presidential Election of 2020 Politics and Government Iran Cyberwarfare and Defense

SAN FRANCISCO — Iranian hackers targeted President Trump’s re-election campaign, two people with knowledge of the attacks said on Friday, in a sign of how cyberattacks could become a fixture of the 2020 presidential election.

News that Mr. Trump’s campaign was an Iranian target came just hours after Microsoft said in a report that hackers, with apparent backing from Iran’s government, had made more than 2,700 attempts to identify the email accounts of current and former United States government officials, journalists covering political campaigns and accounts associated with a presidential campaign.

The two people, who were not allowed to publicly discuss the investigation into the hacks, said it was not clear what information was taken in the attack on the Trump campaign. While Microsoft did not name Iran’s targets in its report, it found evidence that hackers successfully infiltrated email inboxes in at least four cases.

Tim Murtaugh, the Trump campaign’s communications director, said in a statement that “we have no indication that any of our campaign infrastructure was targeted.”

The Iranian attack is the latest indication that cyberattacks and disinformation are likely to play a major role in the 2020 presidential campaign, as they did four years ago.

But the incentives to influence the election are likely to be very different than they were in 2016 when Russian hackers infiltrated the computer networks of Democrats and Republicans, then selectively leaked and disseminated Democrats’ emails, including those of John Podesta, chair of Hillary Clinton’s 2016 campaign, in an effort to harm Mrs. Clinton’s campaign.

In addition to Iran, hackers from North Korea and Russia have already started actively targeting organizations that work closely with 2020 presidential candidates.

No representatives for other presidential candidates said on Friday that their campaigns had been targeted.

The news that Iranian hackers targeted Mr. Trump came as his administration continues to weigh a cyberstrike against Iran to punish Tehran for what White House officials charge was an Iranian attack on Saudi oil facilities last month.

Iran’s targeting of Mr. Trump is part of a much broader Iranian campaign, according to the Microsoft report, which found that hackers had tried to attack 241 accounts, using fairly unsophisticated means. The hackers appeared to have used information available about their victims online to discover their passwords. It was unclear what information they stole.

For weeks, officials from the F.B.I., the Department of Homeland Security and the National Security Agency have said they are particularly concerned about Iranian-backed attacks. Their worries stemmed from rising tensions over new sanctions on Iran and nascent Iranian activity in the 2018 midterm elections.

While the officials said they believed that all the American presidential candidates were likely targets, President Trump’s campaign has long been considered a prime target.

It was Mr. Trump who abandoned the 2015 nuclear deal with Iran last year, and who has ramped up sanctions to the point that Iran’s oil revenues have dropped sharply. The United States has also designated the Islamic Revolutionary Guard Corps a terrorist group. The I.R.G. oversees the nuclear program and, by some accounts, Iran’s best hacking group, its Cyber Corps.

But it is not clear whether the group Microsoft identified reports to the Cyber Corps or is made up, deliberately, of freelancers and others whose affiliations are harder to trace.

This is a developing story. It will be updated.

Real Estate, and Personal Injury Lawyers. Contact us at: https://westlakelegal.com 

Iranian Hackers Targeted Presidential Campaign, Microsoft Says

Westlake Legal Group 04microsoft1-facebookJumbo Iranian Hackers Targeted Presidential Campaign, Microsoft Says United States Politics and Government United States Politics and Government Iran Cyberwarfare and Defense

SAN FRANCISCO — Iranian hackers have been targeting the email accounts of at least one presidential campaign, as well as those of American journalists and current and former United States government officials, according to Microsoft.

In a report released on Friday, Microsoft said the hackers, with apparent backing from Iran’s government, made more than 2,700 attempts to identify the email accounts of current and former government officials, journalists covering political campaigns and accounts associated with one major presidential campaign.

Microsoft would not name the campaign.

The researchers said the hackers tried to attack 241 accounts and were successful in four cases, using fairly unsophisticated means. In those cases, the hackers appear to have used information available about their victims online to discover their passwords.

The disclosure is the latest evidence that adversaries are stealing a page from Russia’s interference in the 2016 United States presidential election.

In July, Tom Burt, Microsoft’s corporate vice president, told an audience at the Aspen Security Conference that Microsoft had evidence that Russian, Iranian and North Korean hackers have been the most active nations conducting cyberattacks.

Mr. Burt said Russian, Iranian and North Korean hackers had been targeting nongovernmental organizations and think tanks that work closely with U.S. political campaigns.

This is a breaking story and will be updated.

Real Estate, and Personal Injury Lawyers. Contact us at: https://westlakelegal.com 

Iranian Hackers Targeted Presidential Campaign, Microsoft Says

Westlake Legal Group 04microsoft1-facebookJumbo Iranian Hackers Targeted Presidential Campaign, Microsoft Says United States Politics and Government United States Politics and Government Iran Cyberwarfare and Defense

SAN FRANCISCO — Iranian hackers have been targeting the email accounts of at least one presidential campaign, as well as those of American journalists and current and former United States government officials, according to Microsoft.

In a report released on Friday, Microsoft said the hackers, with apparent backing from Iran’s government, made more than 2,700 attempts to identify the email accounts of current and former government officials, journalists covering political campaigns and accounts associated with one major presidential campaign.

Microsoft would not name the campaign.

The researchers said the hackers tried to attack 241 accounts and were successful in four cases, using fairly unsophisticated means. In those cases, the hackers appear to have used information available about their victims online to discover their passwords.

The disclosure is the latest evidence that adversaries are stealing a page from Russia’s interference in the 2016 United States presidential election.

In July, Tom Burt, Microsoft’s corporate vice president, told an audience at the Aspen Security Conference that Microsoft had evidence that Russian, Iranian and North Korean hackers have been the most active nations conducting cyberattacks.

Mr. Burt said Russian, Iranian and North Korean hackers had been targeting nongovernmental organizations and think tanks that work closely with U.S. political campaigns.

This is a breaking story and will be updated.

Real Estate, and Personal Injury Lawyers. Contact us at: https://westlakelegal.com 

How a Fringe Theory About Ukraine Took Root in the White House

Westlake Legal Group 03conspiracy-01-facebookJumbo How a Fringe Theory About Ukraine Took Root in the White House Zelensky, Volodymyr Yovanovitch, Marie L United States Ukraine Trump, Donald J Trump-Ukraine Whistle-Blower Complaint and Impeachment Inquiry Russian Interference in 2016 US Elections and Ties to Trump Associates Russia Rumors and Misinformation Reddit Inc Presidential Election of 2016 Mueller, Robert S III Giuliani, Rudolph W Federal Bureau of Investigation Facebook Inc Democratic Party democratic national committee Democratic Congressional Campaign Committee Cyberwarfare and Defense CrowdStrike Inc Clinton, Hillary Rodham Biden, Joseph R Jr Biden, Hunter Atlantic Council 4chan

In an April 2017 interview with The Associated Press, President Trump suddenly began talking about the hack of the Democratic National Committee a year earlier, complaining that the F.B.I. had not physically examined the compromised server.

“They brought in another company that I hear is Ukrainian-based,” the president said.

“CrowdStrike?” the surprised reporter asked, referring to the California cybersecurity company that investigated how Russian government hackers had stolen and leaked Democratic emails, disrupting Hillary Clinton’s campaign.

“That’s what I heard,” Mr. Trump resumed. “I heard it’s owned by a very rich Ukrainian; that’s what I heard.”

More than two years later, Mr. Trump was still holding on to this false conspiracy theory. In his July call with President Volodymyr Zelensky of Ukraine, he summed it up in a sort of shorthand — at least according to the White House memorandum, labeled “not a verbatim transcript.”

“I would like you to find out what happened with this whole situation with Ukraine, they say CrowdStrike … I guess you have one of your wealthy people …,” the president said. It is unclear whether the ellipses indicate that words were omitted or that Mr. Trump’s voice was trailing off.

Then he added one novel detail: “The server, they say Ukraine has it.”

Now, Mr. Trump’s call for Ukraine to look into his CrowdStrike story forms the background to the House impeachment inquiry, which is focused on the second request he made: that Mr. Zelensky investigate Mr. Trump’s possible 2020 opponent, former Vice President Joseph R. Biden Jr. Mr. Trump has placed a concoction of disprovable claims, of the kind usually found on the fringes of the web, squarely in the middle of American politics and diplomacy.

The tale of the supposedly hidden server may have appealed to Mr. Trump because it undercut a well-established fact that he has resented and resisted for three years: The Russian government interfered in the 2016 election to help him win, an effort thoroughly documented by American intelligence agencies and amply supported by public evidence.

By contrast, there is no evidence to support the president’s vague suggestion that Ukraine, not Russia, might be responsible for the hacking, or that CrowdStrike somehow connived in it. But his alternate history has provided a psychological shield for the president against facts that he believes tarnish his electoral victory.

Mr. Trump has long called for better relations with Vladimir V. Putin’s Russia and brushed aside complaints about its conduct. So there is a certain symmetry to his suggestion that Ukraine, Russia’s opponent and the victim of its territorial grab, may somehow have framed Russia for the 2016 election activity.

“Ukraine is the perfect scapegoat for him, because it’s the enemy of Russia,” said Nina Jankowicz, a fellow at the Wilson Center in Washington who regularly visits Ukraine and is writing a book called “How to Lose the Information War.”

She noted that a number of Ukraine-linked stories, some of them distorted or exaggerated, have been pulled together by Mr. Trump’s supporters into a single narrative.

For example, there is the idea, promoted by the president’s lawyer Rudolph W. Giuliani, that Ukraine’s government actively sabotaged Mr. Trump’s 2016 campaign. A Ukrainian-American lawyer who consulted for the D.N.C. looked into the finances of Paul Manafort and spoke with Ukrainian embassy officials. But there appears to have been no organized Ukrainian government effort to intervene — certainly nothing comparable to the activities of Russian intelligence agencies ordered by Mr. Putin.

It is true that a Ukrainian legislator helped publicize documents on Mr. Manafort’s multimillion-dollar payments from a Ukrainian political party, leading to his resignation as Mr. Trump’s campaign chairman. But the claim of Mr. Manafort’s wrongdoing turned out to be justified. He is now serving seven and a half years in prison for financial fraud and other crimes.

In May, Mr. Trump recalled the American ambassador to Kiev, Marie L. Yovanovitch, appointed by President Barack Obama in 2016, telling others she was scheming against his administration. She has denied it.

And Mr. Trump has repeatedly charged that Mr. Biden, who handled Ukrainian affairs as vice president, tried to get a prosecutor fired for investigating a Ukrainian energy company that paid his son, Hunter, handsomely as a board member despite a lack of experience in Ukraine. In fact, multiple countries were pressing for the firing of the prosecutor, who they thought was turning a blind eye to corruption.

“Now it seems like all of these conspiracy theories are merging into one,” Ms. Jankowicz said. She studies disinformation, she said, but Mr. Trump produced one claim she’d never come across.

“I do this for a living, and I’d never heard anyone say the servers were in Ukraine,” she said.

Twitter removed a video posted by Mr. Trump that showed a meme of Nickelbacker’s lead singer, edited as an attack on Joe Biden.

In the 27 months between Mr. Trump’s two citations of the CrowdStrike-Ukraine conspiracy theory, it has survived despite many denials from CrowdStrike, the F.B.I. and people directly involved in the investigations. It has survived despite the fact that the D.N.C. put one of its hacked servers on display — not in Ukraine but in its Washington offices beside the filing cabinet pried open in 1972 by the Watergate burglars (and a photo of the two artifacts ran on The Times’s front page). It has survived despite the indictment prepared last year by Robert S. Mueller III, the special counsel, laying out in extraordinary detail the actions of 12 named Russian military intelligence officers who hacked the D.N.C. and other election targets.

The speculation springs from what Mr. Trump has called a “big Dem scam” — the false notion that the F.B.I. never really investigated the D.N.C. hack. In fact, according to people directly involved, CrowdStrike was in regular contact with the bureau in spring 2016 as it examined dozens of servers used by both the D.N.C. and the Democratic Congressional Campaign Committee.

It is true, as Mr. Trump has often tweeted, that F.B.I. agents never took physical possession of the Democrats’ servers. But CrowdStrike supplied the F.B.I. with digital copies of the servers so that the bureau could assess the Russian malware infecting them. The Mueller investigation later confirmed CrowdStrike’s findings.

Still, the president has clung to the theory linking CrowdStrike, Ukraine and the D.N.C. servers despite the repeated efforts of his aides to dissuade him, Thomas Bossert, his former homeland security adviser, said on Sunday on ABC’s “This Week.” “The D.N.C. server and that conspiracy theory has got to go,” he said. “If he continues to focus on that white whale, it’s going to bring him down.”

To go in search of the roots of Mr. Trump’s CrowdStrike-Ukraine conspiracy theory is to travel the internet’s most peculiar provinces and the darkest threads on Twitter and Facebook. On 4chan and pro-Trump spaces on Reddit, on websites like ZeroHedge.com and Washington’s Blog, you can find plenty of speculation about evil manipulation by CrowdStrike and secret maneuvers by Ukrainians — often inflamed by Mr. Trump’s own statements.

Until the president’s statements, however, even internet speculation did not attribute CrowdStrike’s ownership to a rich Ukrainian or suggest that the D.N.C. servers were hidden in Ukraine.

George Eliason, an American journalist who lives in eastern Ukraine, where pro-Russian separatists fought Ukrainian forces, has written extensively about what he considers to be a “coup attempt” against President Trump involving American and Ukrainian intelligence agencies and CrowdStrike. He said he did not know if his writings for obscure websites might have influenced the president.

“CrowdStrike and Ukrainian Intel are working hand in glove,” he wrote in an email. “Is Ukrainian Intelligence trying to invent a reason for the U.S. to take a hardline stance against Russia? Are they using CrowdStrike to carry this out?”

Mr. Eliason and other purveyors of Ukraine conspiracies often point to the Atlantic Council, a research group in Washington, as the locus of the schemes. The Ukrainian oligarch Viktor Pinchuk has made donations to the council and serves on its international advisory board; Dmitri Alperovitch, CrowdStrike’s co-founder, who was born in Russia and came to the United States as a child, is an Atlantic Council senior fellow.

That connection seems slender, but it may be the origin of Mr. Trump’s association of a wealthy Ukrainian with CrowdStrike.

Pro-Trump media leaped last week to defend the president’s Ukraine theories. Rush Limbaugh said on his radio show that Mr. Trump’s “reference to CrowdStrike, mark my words, is momentous,” though he did not say why.

And Russian state news outlets are always ready to cheer on Mr. Trump’s efforts to point the blame for the 2016 hack away from Moscow. On Sept. 25, after the White House released its memo on the Zelensky call, Russia’s Sputnik news website ran a story supporting Mr. Trump’s remarks.

The Sputnik article cited Mr. Eliason’s writings and suggested that CrowdStrike might have framed Russia for the D.N.C. hack — if it occurred at all. It quoted a Twitter account called “The Last Refuge” declaring: “The D.N.C. servers were never hacked.”

All this mythmaking about the 2016 hack frustrates Robert Johnston, who was the lead investigator for CrowdStrike on the D.N.C. inquiry. Mr. Johnston, a former Marine and Cyber Command operator, said he could make no sense of Mr. Trump’s assertions.

“It doesn’t connect with anything in my experience,” he said. “I’d be interested in the president of Ukraine’s impression.”

Mr. Johnston, now chief executive of the cybersecurity company Adlumin, said he was weary of the conspiracies surrounding what he considered a straightforward conclusion. Having seen the digital fingerprints of Russian intelligence in earlier hacking cases, he felt there was little doubt about the identity of the perpetrators.

“I don’t know how you get to this point,” Mr. Johnston said of the fantasies Mr. Trump has promoted. “This is a story that just won’t die.”

Real Estate, and Personal Injury Lawyers. Contact us at: https://westlakelegal.com 

How a Fringe Theory About CrowdStrike Took Root in the White House

In an April 2017 interview with The Associated Press, President Trump suddenly began talking about the hack of the Democratic National Committee a year earlier, complaining that the F.B.I. had not physically examined the compromised server.

“They brought in another company that I hear is Ukrainian-based,” the president said.

“CrowdStrike?” the surprised reporter asked, referring to the California cybersecurity company that investigated how Russian government hackers had stolen and leaked Democratic emails, disrupting Hillary Clinton’s campaign.

“That’s what I heard,” Mr. Trump resumed. “I heard it’s owned by a very rich Ukrainian; that’s what I heard.”

More than two years later, Mr. Trump was still holding on to this false conspiracy theory. In his July call with President Volodymyr Zelensky of Ukraine, he summed it up in a sort of shorthand — at least according to the White House memorandum, labeled “not a verbatim transcript.”

“I would like you to find out what happened with this whole situation with Ukraine, they say CrowdStrike … I guess you have one of your wealthy people …,” the president said. It is unclear whether the ellipses indicate that words were omitted or that Mr. Trump’s voice was trailing off.

Then he added one novel detail: “The server, they say Ukraine has it.”

Now, Mr. Trump’s call for Ukraine to look into his CrowdStrike story forms the background to the House impeachment inquiry, which is focused on the second request he made: that Mr. Zelensky investigate Mr. Trump’s possible 2020 opponent, former Vice President Joseph R. Biden Jr. Mr. Trump has placed a concoction of disprovable claims, of the kind usually found on the fringes of the web, squarely in the middle of American politics and diplomacy.

The tale of the supposedly hidden server may have appealed to Mr. Trump because it undercut a well-established fact that he has resented and resisted for three years: The Russian government interfered in the 2016 election to help him win, an effort thoroughly documented by American intelligence agencies and amply supported by public evidence.

By contrast, there is no evidence to support the president’s vague suggestion that Ukraine, not Russia, might be responsible for the hacking, or that CrowdStrike somehow connived in it. But his alternate history has provided a psychological shield for the president against facts that he believes tarnish his electoral victory.

Mr. Trump has long called for better relations with Vladimir V. Putin’s Russia and brushed aside complaints about its conduct. So there is a certain symmetry to his suggestion that Ukraine, Russia’s opponent and the victim of its territorial grab, may somehow have framed Russia for the 2016 election activity.

“Ukraine is the perfect scapegoat for him, because it’s the enemy of Russia,” said Nina Jankowicz, a fellow at the Wilson Center in Washington who regularly visits Ukraine and is writing a book called “How to Lose the Information War.”

She noted that a number of Ukraine-linked stories, some of them distorted or exaggerated, have been pulled together by Mr. Trump’s supporters into a single narrative.

For example, there is the idea, promoted by the president’s lawyer Rudolph W. Giuliani, that Ukraine’s government actively sabotaged Mr. Trump’s 2016 campaign. A Ukrainian-American lawyer who consulted for the D.N.C. looked into the finances of Paul Manafort and spoke with Ukrainian embassy officials. But there appears to have been no organized Ukrainian government effort to intervene — certainly nothing comparable to the activities of Russian intelligence agencies ordered by Mr. Putin.

It is true that a Ukrainian legislator helped publicize documents on Mr. Manafort’s multimillion-dollar payments from a Ukrainian political party, leading to his resignation as Mr. Trump’s campaign chairman. But the claim of Mr. Manafort’s wrongdoing turned out to be justified. He is now serving seven and a half years in prison for financial fraud and other crimes.

In May, Mr. Trump recalled the American ambassador to Kiev, Marie L. Yovanovitch, appointed by President Barack Obama in 2016, telling others she was scheming against his administration. She has denied it.

And Mr. Trump has repeatedly charged that Mr. Biden, who handled Ukrainian affairs as vice president, tried to get a prosecutor fired for investigating a Ukrainian energy company that paid his son, Hunter, handsomely as a board member despite a lack of experience in Ukraine. In fact, multiple countries were pressing for the firing of the prosecutor, who they thought was turning a blind eye to corruption.

“Now it seems like all of these conspiracy theories are merging into one,” Ms. Jankowicz said. She studies disinformation, she said, but Mr. Trump produced one claim she’d never come across.

ImageWestlake Legal Group merlin_161614164_ab1b1ada-cb55-4a9c-8ffb-6c95b22c2b1e-articleLarge How a Fringe Theory About CrowdStrike Took Root in the White House Zelensky, Volodymyr Yovanovitch, Marie L United States Ukraine Trump, Donald J Trump-Ukraine Whistle-Blower Complaint and Impeachment Inquiry Russian Interference in 2016 US Elections and Ties to Trump Associates Russia Rumors and Misinformation Reddit Inc Presidential Election of 2016 Mueller, Robert S III Giuliani, Rudolph W Federal Bureau of Investigation Facebook Inc Democratic Party democratic national committee Democratic Congressional Campaign Committee Cyberwarfare and Defense CrowdStrike Inc Clinton, Hillary Rodham Biden, Joseph R Jr Biden, Hunter Atlantic Council 4chan

The Democratic National Committee’s servers came under attack by Russian hackers in 2016.CreditPaul Holston/Associated Press

“I do this for a living, and I’d never heard anyone say the servers were in Ukraine,” she said.

In the 27 months between Mr. Trump’s two citations of the CrowdStrike-Ukraine conspiracy theory, it has survived despite many denials from CrowdStrike, the F.B.I. and people directly involved in the investigations. It has survived despite the fact that the D.N.C. put one of its hacked servers on display — not in Ukraine but in its Washington offices beside the filing cabinet pried open in 1972 by the Watergate burglars (and a photo of the two artifacts ran on The Times’s front page). It has survived despite the indictment prepared last year by Robert S. Mueller III, the special counsel, laying out in extraordinary detail the actions of 12 named Russian military intelligence officers who hacked the D.N.C. and other election targets.

The speculation springs from what Mr. Trump has called a “big Dem scam” — the false notion that the F.B.I. never really investigated the D.N.C. hack. In fact, according to people directly involved, CrowdStrike was in regular contact with the bureau in spring 2016 as it examined dozens of servers used by both the D.N.C. and the Democratic Congressional Campaign Committee.

It is true, as Mr. Trump has often tweeted, that F.B.I. agents never took physical possession of the Democrats’ servers. But CrowdStrike supplied the F.B.I. with digital copies of the servers so that the bureau could assess the Russian malware infecting them. The Mueller investigation later confirmed CrowdStrike’s findings.

Still, the president has clung to the theory linking CrowdStrike, Ukraine and the D.N.C. servers despite the repeated efforts of his aides to dissuade him, Thomas Bossert, his former homeland security adviser, said on Sunday on ABC’s “This Week.” “The D.N.C. server and that conspiracy theory has got to go,” he said. “If he continues to focus on that white whale, it’s going to bring him down.”

To go in search of the roots of Mr. Trump’s CrowdStrike-Ukraine conspiracy theory is to travel the internet’s most peculiar provinces and the darkest threads on Twitter and Facebook. On 4chan and pro-Trump spaces on Reddit, on websites like ZeroHedge.com and Washington’s Blog, you can find plenty of speculation about evil manipulation by CrowdStrike and secret maneuvers by Ukrainians — often inflamed by Mr. Trump’s own statements.

Until the president’s statements, however, even internet speculation did not attribute CrowdStrike’s ownership to a rich Ukrainian or suggest that the D.N.C. servers were hidden in Ukraine.

George Eliason, an American journalist who lives in eastern Ukraine, where pro-Russian separatists fought Ukrainian forces, has written extensively about what he considers to be a “coup attempt” against President Trump involving American and Ukrainian intelligence agencies and CrowdStrike. He said he did not know if his writings for obscure websites might have influenced the president.

“CrowdStrike and Ukrainian Intel are working hand in glove,” he wrote in an email. “Is Ukrainian Intelligence trying to invent a reason for the U.S. to take a hardline stance against Russia? Are they using CrowdStrike to carry this out?”

Mr. Eliason and other purveyors of Ukraine conspiracies often point to the Atlantic Council, a research group in Washington, as the locus of the schemes. The Ukrainian oligarch Viktor Pinchuk has made donations to the council and serves on its international advisory board; Dmitri Alperovitch, CrowdStrike’s co-founder, who was born in Russia and came to the United States as a child, is an Atlantic Council senior fellow.

That connection seems slender, but it may be the origin of Mr. Trump’s association of a wealthy Ukrainian with CrowdStrike.

Pro-Trump media leaped last week to defend the president’s Ukraine theories. Rush Limbaugh said on his radio show that Mr. Trump’s “reference to CrowdStrike, mark my words, is momentous,” though he did not say why.

And Russian state news outlets are always ready to cheer on Mr. Trump’s efforts to point the blame for the 2016 hack away from Moscow. On Sept. 25, after the White House released its memo on the Zelensky call, Russia’s Sputnik news website ran a story supporting Mr. Trump’s remarks.

The Sputnik article cited Mr. Eliason’s writings and suggested that CrowdStrike might have framed Russia for the D.N.C. hack — if it occurred at all. It quoted a Twitter account called “The Last Refuge” declaring: “The D.N.C. servers were never hacked.”

All this mythmaking about the 2016 hack frustrates Robert Johnston, who was the lead investigator for CrowdStrike on the D.N.C. inquiry. Mr. Johnston, a former Marine and Cyber Command operator, said he could make no sense of Mr. Trump’s assertions.

“It doesn’t connect with anything in my experience,” he said. “I’d be interested in the president of Ukraine’s impression.”

Mr. Johnston, now chief executive of the cybersecurity company Adlumin, said he was weary of the conspiracies surrounding what he considered a straightforward conclusion. Having seen the digital fingerprints of Russian intelligence in earlier hacking cases, he felt there was little doubt about the identity of the perpetrators.

“I don’t know how you get to this point,” Mr. Johnston said of the fantasies Mr. Trump has promoted. “This is a story that just won’t die.”

Real Estate, and Personal Injury Lawyers. Contact us at: https://westlakelegal.com 

The CrowdStrike Plot: How a Fringe Theory Took Root in the White House

In an April 2017 interview with The Associated Press, President Trump suddenly began talking about the hack of the Democratic National Committee a year earlier, complaining that the F.B.I. had not physically examined the compromised server.

“They brought in another company that I hear is Ukrainian-based,” the president said.

“CrowdStrike?” the surprised reporter asked, referring to the California cybersecurity company that investigated how Russian government hackers had stolen and leaked Democratic emails, disrupting Hillary Clinton’s campaign.

“That’s what I heard,” Mr. Trump resumed. “I heard it’s owned by a very rich Ukrainian; that’s what I heard.”

More than two years later, Mr. Trump was still holding on to this false conspiracy theory. In his July call with President Volodymyr Zelensky of Ukraine, he summed it up in a sort of shorthand — at least according to the White House memorandum, labeled “not a verbatim transcript.”

“I would like you to find out what happened with this whole situation with Ukraine, they say CrowdStrike … I guess you have one of your wealthy people …,” the president said. It is unclear whether the ellipses indicate that words were omitted or that Mr. Trump’s voice was trailing off.

Then he added one novel detail: “The server, they say Ukraine has it.”

Now, Mr. Trump’s call for Ukraine to look into his CrowdStrike story forms the background to the House impeachment inquiry, which is focused on the second request he made: that Mr. Zelensky investigate Mr. Trump’s possible 2020 opponent, former Vice President Joseph R. Biden Jr. Mr. Trump has placed a concoction of disprovable claims, of the kind usually found on the fringes of the web, squarely in the middle of American politics and diplomacy.

The tale of the supposedly hidden server may have appealed to Mr. Trump because it undercut a well-established fact that he has resented and resisted for three years: The Russian government interfered in the 2016 election to help him win, an effort thoroughly documented by American intelligence agencies and amply supported by public evidence.

By contrast, there is no evidence to support the president’s vague suggestion that Ukraine, not Russia, might be responsible for the hacking, or that CrowdStrike somehow connived in it. But his alternate history has provided a psychological shield for the president against facts that he believes tarnish his electoral victory.

Mr. Trump has long called for better relations with Vladimir V. Putin’s Russia and brushed aside complaints about its conduct. So there is a certain symmetry to his suggestion that Ukraine, Russia’s opponent and the victim of its territorial grab, may somehow have framed Russia for the 2016 election activity.

“Ukraine is the perfect scapegoat for him, because it’s the enemy of Russia,” said Nina Jankowicz, a fellow at the Wilson Center in Washington who regularly visits Ukraine and is writing a book called “How to Lose the Information War.”

She noted that a number of Ukraine-linked stories, some of them distorted or exaggerated, have been pulled together by Mr. Trump’s supporters into a single narrative.

For example, there is the idea, promoted by the president’s lawyer Rudolph W. Giuliani, that Ukraine’s government actively sabotaged Mr. Trump’s 2016 campaign. A Ukrainian-American lawyer who consulted for the D.N.C. looked into the finances of Paul Manafort and spoke with Ukrainian embassy officials. But there appears to have been no organized Ukrainian government effort to intervene — certainly nothing comparable to the activities of Russian intelligence agencies ordered by Mr. Putin.

It is true that a Ukrainian legislator helped publicize documents on Mr. Manafort’s multimillion-dollar payments from a Ukrainian political party, leading to his resignation as Mr. Trump’s campaign chairman. But the claim of Mr. Manafort’s wrongdoing turned out to be justified. He is now serving seven and a half years in prison for financial fraud and other crimes.

In May, Mr. Trump recalled the American ambassador to Kiev, Marie L. Yovanovitch, appointed by President Barack Obama in 2016, telling others she was scheming against his administration. She has denied it.

And Mr. Trump has repeatedly charged that Mr. Biden, who handled Ukrainian affairs as vice president, tried to get a prosecutor fired for investigating a Ukrainian energy company that paid his son, Hunter, handsomely as a board member despite a lack of experience in Ukraine. In fact, multiple countries were pressing for the firing of the prosecutor, who they thought was turning a blind eye to corruption.

“Now it seems like all of these conspiracy theories are merging into one,” Ms. Jankowicz said. She studies disinformation, she said, but Mr. Trump produced one claim she’d never come across.

ImageWestlake Legal Group merlin_161614164_ab1b1ada-cb55-4a9c-8ffb-6c95b22c2b1e-articleLarge The CrowdStrike Plot: How a Fringe Theory Took Root in the White House Zelensky, Volodymyr Yovanovitch, Marie L United States Ukraine Trump, Donald J Trump-Ukraine Whistle-Blower Complaint and Impeachment Inquiry Russian Interference in 2016 US Elections and Ties to Trump Associates Russia Rumors and Misinformation Reddit Inc Presidential Election of 2016 Mueller, Robert S III Giuliani, Rudolph W Federal Bureau of Investigation Facebook Inc Democratic Party democratic national committee Democratic Congressional Campaign Committee Cyberwarfare and Defense CrowdStrike Inc Clinton, Hillary Rodham Biden, Joseph R Jr Biden, Hunter Atlantic Council 4chan

The Democratic National Committee’s servers came under attack by Russian hackers in 2016.CreditPaul Holston/Associated Press

“I do this for a living, and I’d never heard anyone say the servers were in Ukraine,” she said.

In the 27 months between Mr. Trump’s two citations of the CrowdStrike-Ukraine conspiracy theory, it has survived despite many denials from CrowdStrike, the F.B.I. and people directly involved in the investigations. It has survived despite the fact that the D.N.C. put one of its hacked servers on display — not in Ukraine but in its Washington offices beside the filing cabinet pried open in 1972 by the Watergate burglars (and a photo of the two artifacts ran on The Times’s front page). It has survived despite the indictment prepared last year by Robert S. Mueller III, the special counsel, laying out in extraordinary detail the actions of 12 named Russian military intelligence officers who hacked the D.N.C. and other election targets.

The speculation springs from what Mr. Trump has called a “big Dem scam” — the false notion that the F.B.I. never really investigated the D.N.C. hack. In fact, according to people directly involved, CrowdStrike was in regular contact with the bureau in spring 2016 as it examined dozens of servers used by both the D.N.C. and the Democratic Congressional Campaign Committee.

It is true, as Mr. Trump has often tweeted, that F.B.I. agents never took physical possession of the Democrats’ servers. But CrowdStrike supplied the F.B.I. with digital copies of the servers so that the bureau could assess the Russian malware infecting them. The Mueller investigation later confirmed CrowdStrike’s findings.

Still, the president has clung to the theory linking CrowdStrike, Ukraine and the D.N.C. servers despite the repeated efforts of his aides to dissuade him, Thomas Bossert, his former homeland security adviser, said on Sunday on ABC’s “This Week.” “The D.N.C. server and that conspiracy theory has got to go,” he said. “If he continues to focus on that white whale, it’s going to bring him down.”

To go in search of the roots of Mr. Trump’s CrowdStrike-Ukraine conspiracy theory is to travel the internet’s most peculiar provinces and the darkest threads on Twitter and Facebook. On 4chan and pro-Trump spaces on Reddit, on websites like ZeroHedge.com and Washington’s Blog, you can find plenty of speculation about evil manipulation by CrowdStrike and secret maneuvers by Ukrainians — often inflamed by Mr. Trump’s own statements.

Until the president’s statements, however, even internet speculation did not attribute CrowdStrike’s ownership to a rich Ukrainian or suggest that the D.N.C. servers were hidden in Ukraine.

George Eliason, an American journalist who lives in eastern Ukraine, where pro-Russian separatists fought Ukrainian forces, has written extensively about what he considers to be a “coup attempt” against President Trump involving American and Ukrainian intelligence agencies and CrowdStrike. He said he did not know if his writings for obscure websites might have influenced the president.

“CrowdStrike and Ukrainian Intel are working hand in glove,” he wrote in an email. “Is Ukrainian Intelligence trying to invent a reason for the U.S. to take a hardline stance against Russia? Are they using CrowdStrike to carry this out?”

Mr. Eliason and other purveyors of Ukraine conspiracies often point to the Atlantic Council, a research group in Washington, as the locus of the schemes. The Ukrainian oligarch Viktor Pinchuk has made donations to the council and serves on its international advisory board; Dmitri Alperovitch, CrowdStrike’s co-founder, who was born in Russia and came to the United States as a child, is an Atlantic Council senior fellow.

That connection seems slender, but it may be the origin of Mr. Trump’s association of a wealthy Ukrainian with CrowdStrike.

Pro-Trump media leaped last week to defend the president’s Ukraine theories. Rush Limbaugh said on his radio show that Mr. Trump’s “reference to CrowdStrike, mark my words, is momentous,” though he did not say why.

And Russian state news outlets are always ready to cheer on Mr. Trump’s efforts to point the blame for the 2016 hack away from Moscow. On Sept. 25, after the White House released its memo on the Zelensky call, Russia’s Sputnik news website ran a story supporting Mr. Trump’s remarks.

The Sputnik article cited Mr. Eliason’s writings and suggested that CrowdStrike might have framed Russia for the D.N.C. hack — if it occurred at all. It quoted a Twitter account called “The Last Refuge” declaring: “The D.N.C. servers were never hacked.”

All this mythmaking about the 2016 hack frustrates Robert Johnston, who was the lead investigator for CrowdStrike on the D.N.C. inquiry. Mr. Johnston, a former Marine and Cyber Command operator, said he could make no sense of Mr. Trump’s assertions.

“It doesn’t connect with anything in my experience,” he said. “I’d be interested in the president of Ukraine’s impression.”

Mr. Johnston, now chief executive of the cybersecurity company Adlumin, said he was weary of the conspiracies surrounding what he considered a straightforward conclusion. Having seen the digital fingerprints of Russian intelligence in earlier hacking cases, he felt there was little doubt about the identity of the perpetrators.

“I don’t know how you get to this point,” Mr. Johnston said of the fantasies Mr. Trump has promoted. “This is a story that just won’t die.”

Real Estate, and Personal Injury Lawyers. Contact us at: https://westlakelegal.com 

The Urgent Search for a Cyber Silver Bullet Against Iran

WASHINGTON — After spending billions of dollars to assemble the world’s most potent arsenal of cyberweapons and plant them in networks around the world, United States Cyber Command — and the new era of warfighting it has come to represent — may face a critical test in the coming weeks.

President Trump is considering a range of options to punish Iran for this month’s attack on Saudi oil facilities, and has toughened sanctions on Iran and ordered the deployment of additional troops to the region. But a second cyberstrike — after one launched against Iran just three months ago — has emerged as the most appealing course of action for Mr. Trump, who is reluctant to widen the conflict in a region he has said the United States should leave, according to senior American officials.

But even as the Pentagon considers specific targets — an attempt to shut down Iran’s oil fields and refineries has been one of the “proportionate responses” under review — a broader debate is taking place inside and outside the administration over whether a cyberattack alone will be enough to alter Iran’s calculations, and what kind of retaliation a particularly damaging cyberstrike might provoke.

“The president talked about our use of those previously, but I’m certainly not going to forecast what we’ll do as we move forward,” Secretary of State Mike Pompeo said Sunday on CBS’s “Face the Nation” when asked whether a cyberattack might be an artful, non-escalatory response to this month’s drone or missile strikes on two of Saudi Arabia’s most important facilities. “This was Iran true and true, and the United States will respond in a way that reflects that act of war by this Iranian revolutionary regime.”

Mr. Pompeo noted that the American military was already sending additional troops to Saudi Arabia and the United Arab Emirates, largely to bolster air defenses. But those moves alone are viewed as unlikely to be enough to prevent further Iranian actions.

The question circulating now through the White House, the Pentagon and Cyber Command’s operations room is whether it is possible to send a strong message of deterrence with a cyberattack without doing so much damage that it would prompt an even larger Iranian counterstrike.

At least three times over the past decade, the United States has staged major cyberattacks against Iran, intended to halt its nuclear or missile programs, punish the country or send a clear message to its leadership that it should end its support for proxy militant groups.

In each case, the damage to Iranian systems could be repaired over time. And in each case, the effort to deter Iran was at best only partly successful. If the American charge that Iran was behind the attack in Saudi Arabia proves accurate, it would constitute the latest example of Tehran shaking off a cyberattack and continuing to engage in the kind of behavior the United States had hoped to deter.

The most famous and complex effort was a sophisticated sabotage campaign a decade ago to blow up Iran’s nuclear enrichment center using code, not bombs. The Obama administration later began a program, accelerated by Mr. Trump, to try to use cyberattacks to slow Iran’s missile development. And this past June, Mr. Trump approved a clandestine operation to destroy a key database used by the Iranian military to target oil-carrying ships — and canceled a traditional missile strike he had ordered to respond to the downing of an American surveillance drone.

The June cyberattack, according to two American officials, also did damage that Iran has not yet detected.

“Cyber can certainly be a deterrent, it can be a very powerful weapon,” said Senator Angus King, the Maine independent who is a chairman of the Cyberspace Solarium Commission, created by Congress, that is examining American offensive cyberstrategy. “It is an option that can cause real damage.”

ImageWestlake Legal Group merlin_161011344_fb46845c-6f82-4935-937c-bd1b2058e16a-articleLarge The Urgent Search for a Cyber Silver Bullet Against Iran United States Defense and Military Forces United States Cyber Command Trump, Donald J Saudi Arabia refineries Nuclear Weapons National Security Agency Iran Drones (Pilotless Planes) Defense Department Cyberwarfare and Defense Computers and the Internet

A Saudi military spokesman during a recent news conference in Riyadh displaying what he said were pieces of Iranian cruise missiles that hit the kingdom’s oil fields.CreditFayez Nureldine/Agence France-Presse — Getty Images

Mr. King and other experts said Iran would most likely respond to a cyberattack with one of its own, given the vulnerabilities that exist in the United States and the hyper-connected nature of American life.

But current and former intelligence officials say a cycle of retaliation need not be confined to one military domain. Just as the United States responded in June to the Iranian downing of a drone and sabotage of oil tankers with a cyberattack, Iran could respond to an American cyberoperation with a terrorist attack by a proxy force or a missile strike.

The Pentagon has long held that a cyberattack could constitute an act of war that requires a physical response, and there is no reason to think that Iran would not pursue the same policy.

One senior administration official recently acknowledged that even Gen. Paul M. Nakasone, the commander of Cyber Command and the director of the National Security Agency, has warned Mr. Trump and his aides that the cyberarsenal is “no magic bullet” for deterring Iranian aggression in the Middle East.

In war games — essentially online simulations — held before the attack on the Saudi oil fields, officials have tried to figure out how Iran’s increasingly skillful “cyber corps” would respond to an American cyberattack. These Iranian fighters have already racked up a significant record: wiping out 30,000 computers at Saudi Aramco, freezing operations at American banks with a “denial of service” attack, and crippling a Las Vegas casino. Last year, they began to study the ins and outs of election interference, according to private experts and government studies of the 2018 midterms.

When General Nakasone was nominated for his job, he acknowledged that one of the biggest problems facing Cyber Command was that it had not cracked the deterrence problem. Nations that are attacking the United States via cyber “do not think much will happen to them,” he told Senator Dan Sullivan, Republican of Alaska. “They don’t fear us.”

In his first 18 months in office, General Nakasone has raced to bolster Cyber Command’s authority to act preemptively — and its preparations to respond to attacks. New, classified directives given to him by Mr. Trump, and built upon by Congress, allow Cyber Command to place “implants” of malicious software inside foreign networks without lengthy approval processes that run up to the president. Congress has called such efforts part of “traditional military authority.”

Iran has reportedly been a major target — no surprise, since General Nakasone was a key player in designing a plan called “Nitro Zeus” to shut down Tehran and other Iranian cities in the event of a war. The idea was to put together an attack so devastating that Iran might surrender without a shot being fired.

The 2015 nuclear agreement between the Iranian leadership and President Barack Obama eased the threat of war, and the American cyberoperations plan was put back on the shelf, at least until recently.

At the Pentagon, and even at Cyber Command, many senior officers are cautious about cyberwarfare, arguing that it is difficult for such weapons alone to deter an enemy.

The attack using the “Stuxnet” virus that crippled Iranian nuclear-enrichment centrifuges a decade ago was successful in a narrow sense: It blew up 1,000 of the 5,000 centrifuges up and running at the time. But when it recovered, Iran built upward of 14,000 more, and counterattacked by crippling Saudi Aramco’s computer systems.

Iran’s Salman oil field. Shutting down Iran’s oil fields and refineries would not be easy, and even if it worked, there is no assurance that conflict with Iran would not escalate.CreditAli Mohammedi/Bloomberg

A long-running series of cyberattacks has slowed but not stopped Iran’s missile program — and Iran has continued to provide thousands of short-range rockets to Hamas and other terrorist groups. The Saudis are studying whether a new generation of Iranian-made missiles were central to this month’s attack on its oil facilities.

The Pentagon and other military officials have told the White House that neither another cyberattack nor the new deployment announced Friday will likely prove robust enough to re-establish deterrence and prevent another attack by Iran on United States allies.

Part of the problem is that most cyberactivity is clandestine, so it is easy for a government to play down the consequences of an attack or deny it even took place.

But some people who favor stepping up cyberoperations suggest that officials are simply thinking too small. If a cyberstrike is damaging enough — taking a refinery offline or shutting down an electric grid, for example — it would be hard to hide. That might have a much more deterrent effect than the smaller bore operations the United States has undertaken so far, they argue.

But such a devastating cyberoperation would also increase the risk of escalation — just as a bombing run on the oil refineries would. Iran, or any other adversary, could claim that people were killed or injured, and that might be difficult to disprove.

A key element of deterrence is ensuring that an adversary understands the other side’s basic capabilities. Unlike nuclear weapons, though, which are widely understood, the American cyberarsenal is shrouded in secrecy, for fear adversaries will develop counter measures if even basic capabilities are known.

General Nakasone has argued that his cyberwarriors must be roaming cyberspace “persistently engaging” enemies — a euphemism for skirmishing with adversaries inside their networks.

“We must ‘defend forward’ in cyberspace, as we do in the physical domains,” he wrote in a Defense Department publication in January. “Our naval forces do not defend by staying in port, and our air power does not remain at airfields. They patrol the seas and skies to ensure they are positioned to defend our country before our borders are crossed. The same logic applies in cyberspace.”

But there is a growing consensus within Cyber Command that if cyberweapons are going to shape the actions of adversaries, they must be used in combination with other elements of power, including economic sanctions, diplomacy or traditional military strikes.

Mr. King, the Maine senator, sees the decisions over the next few weeks on Iran as a test case. “The president’s instinct is not to get in a shooting war, and I think he is right about that,” he said. “So the question is how do we respond?”

He argued that there was no urgency. “This was not a strike on New York City,” Mr. King said. “This was not even a strike on Riyadh. There needs to be a response. But there is time to pause and take a deep breath and consider all of the options — one of which is cyber — but also to think about how we de-escalate the situation.”

Real Estate, and Personal Injury Lawyers. Contact us at: https://westlakelegal.com