Opinion: The new U.S. Intelligence Report following ‘Grizzly Steppe’ as ICA Assessing report reveals little, but the conspiracy and motive is explained!

russian-hack

Today, The Intelligence Community Assessment Report of 6th January 2017 was released, which has been delivered and now is in the public. There we’re already one report out ‘Grizzly Steppe’ of 26th December 2016 that we’re released jointly together Federal Bureau of Investigation (FBI) and  National Cybersecurity & Communications Integration Center (NCCIC) where the key aspect we’re this:

“This document provides technical details regarding the tools and infrastructure used by the Russian civilian and military intelligence Services (RIS) to compromise and exploit networks and endpoints associated with the U.S. election, as well as a range of U.S. Government, political, and private sector entities. The U.S. Government is referring to this malicious cyber activity by RIS as GRIZZLY STEPPE” (…) “This activity by RIS is part of an ongoing campaign of cyber-enabled operations directed at the U.S. government and its citizens. These cyber operations have included spearphishing campaigns targeting government organizations, critical infrastructure entities, think tanks, universities, political organizations, and corporations leading to the theft of information. In foreign countries, RIS actors conducted damaging and/or disruptive cyber-attacks, including attacks on critical infrastructure networks. In some cases, RIS actors masqueraded as third parties, hiding behind false online personas designed to cause the victim to misattribute the source of the attack. This JAR provides technical indicators related to many of these operations, recommended mitigations, suggested actions to take in response to the indicators provided, and information on how to report such incidents to the U.S. Government” (Grizzly Steppe, 2016).

With this in mind the newly made report which is 10 pages longer or little more than the Joint Report from FBI & NCCIC in December 2016. Therefore a new report made in January 2017 should have more indications than that one, as it is also given to the President-Elect.

“Moscow’s influence campaign followed a Russian messaging strategy that blends covert intelligence operations—such as cyber activity—with overt efforts by Russian Government agencies, state-funded media, third-party intermediaries, and paid social media users or “trolls.” Russia, like its Soviet predecessor, has a history of conducting covert influence campaigns focused on US presidential elections that have used intelligence officers and agents and press placements to disparage candidates perceived as hostile to the Kremlin” (ICA, P: 7,  2017)

“We assess with high confidence that Russian military intelligence (General Staff Main Intelligence Directorate or GRU) used the Guccifer 2.0 persona and DCLeaks.com to release US victim data obtained in cyber operations publicly and in exclusives to media outlets and relayed material to WikiLeaks” (ICA, P: 8-9, 2016).

“By their nature, Russian influence campaigns are multifaceted and designed to be deniable because they use a mix of agents of influence, cutouts, front organizations, and false-flag operations. Moscow demonstrated this during the Ukraine crisis in 2014, when Russia deployed forces and advisers to eastern Ukraine and denied it publicly” (…) “The General Staff Main Intelligence Directorate (GRU) probably began cyber operations aimed at the US election by March 2016. We assess that the GRU operations resulted in the compromise of the personal e-mail accounts of Democratic Party officials and political figures. By May, the GRU had exfiltrated large volumes of data from the DNC” (ICA, P: 12, 2017).

“We assess with high confidence that the GRU used the Guccifer 2.0 persona, DCLeaks.com, and WikiLeaks to release US victim data obtained in cyber operations publicly and in exclusives to media outlets” (ICA, P: 12-13, 2017).

“Putin’s public views of the disclosures suggest the Kremlin and the intelligence services will continue to consider using cyber-enabled disclosure operations because of their belief that these can accomplish Russian goals relatively easily without significant damage to Russian interests” (ICA, P: 15, 2017).

If the National Intelligence Organizations of United States together says it has been interference, than it more than one chief and one mind behind the investigations. As the reports are piled up with more assessments of the Presidential Election of 2016 and the end-game that we’re in favour of Putin. Since it ended in favour and to the Russia friendly President Candidate, the DNC and now the Security Organizations are blaming the Russian Intelligence Services (RIS) instead we’re now seeing a full blow-out of information and circulated reports made by serious authorities.

These ones doesn’t drop intelligence with ease, they dislike being open to the press and keeps things hidden in the shadow is their business, therefore even smallest drops proves that it isn’t longer conspiracy. Assange of WikiLeaks has claimed it we’re private persons and not Russian Agents giving the documents to WikiLeaks. The public dumping of loads upon loads of DNC e-mails has had to hurt the confidence in Democratic National Committee and the Democratic Party Presidential Nominee Hillary Clinton. Which the releases of E-Mails did with the uncovering of all kind of bad behaviour and the operations behind a Presidential Candidate in the midst of it. Something we have not really seen before and the ability to see how a Presidential Candidate really operates and how the operation has PACs to fuel monies to keep commercial, corporate media and all the other pieces of the puzzles are dancing after a Presidential Candidate in the United States. The best way to learn that is to read the mails and put it in order, to see to how they build organizations to get people elected. Therefore the DNC leak has given lots of knowledge that usually would have been in shadow and not on the sidewalk.

The acts have malicious, but also eye-opening, sure Podesta must hate WikiLeaks, as much as the others like WADA must hate FancyBears. There are others who has dropped intelligence that we’re mentioned, what was strange was that none of the connected to Anonymous or Anonymous who has operated in the United States.

What was weird that in the other one, there we’re clearly indicated operatives and nicknamed hackers mentioned in the December 2016 report, but none in the January 2017. Like they are hidden in the sphere and not known, because they could been more direct about the origin, as the other report isn’t clear about the origin, but the existence of some operatives who has hacked pages. The key of missing information is where the ones who is known is really from and why isn’t that revealed, as it would give more credibility to the report. Because when the direct actors isn’t actually portrayed, but assessed, therefore next time they could reveal more flesh on the bone. There are lose ends to between the bidding and the end-game.

There are motive and there are indicated acts of malice. But what is sure how the DNC documents went online could be more than what these reports are saying. They have not been showing the whole trip of the process of shadowing or even fishing documents of servers. What they have done is showing is the means of what it really took to hack it.

You have a motive, means for a conspiracy and possible outlets for the hacked information, you have some well-known hackers who might have hacked, but their origin is not revealed. Therefore the reports are in the flawed, they are eye-opening, but certain aspects are left in the dark, from the same dark the hackers came from and open the world to how the DNC did their work. Peace.

Reference:

Intelligence Community Assessment – ‘Assessing Russian Activities and Intentions in Recent US Elections’ – ICA 2017-01D | 6 January 2017

NCCIC & FBI ‘TLP White’ – ‘GRIZZLY STEPPE – Russian Malicious Cyber Activity’ (29.12.2016)

The Joint Security Report shows how the hacking of Clinton campaign and Democratic Party happen, as the leaks hurts her campaign and interfered with US Presidential Election of 2016!

wikileaks-assange-promises-leaks-on-us-election-google

We all knew that the Democratic Party where under siege during the Election 2016. That can be known by the DC Leaks, WikiLeaks and Guccifer2.0. Then you have FancyBears who dropped knowledge on athletes who we’re allowed to use questionable substances while still being allowed to be competing in world cups and at the Olympics.

President Obama Executive Order of 29.12.2016:

“Section 1. (a) All property and interests in property that are in the United States, that hereafter come within the United States, or that are or hereafter come within the possession or control of any United States person of the following persons are blocked and may not be transferred, paid, exported, withdrawn, or otherwise dealt in: (i) the persons listed in the Annex to this order; (ii) any person determined by the Secretary of the Treasury, in consultation with the Attorney General and the Secretary of State, to be responsible for or complicit in, or to have engaged in, directly or indirectly, cyber-enabled activities originating from, or directed by persons located, in whole or in substantial part, outside the United States that are reasonably likely to result in, or have materially contributed to, a significant threat to the national security, foreign policy, or economic health or financial stability of the United States and that have the purpose or effect of: (A) harming, or otherwise significantly compromising the provision of services by, a computer or network of computers that support one or more entities in a critical infrastructure sector” (Obama, 2016).

We couldn’t know who all dropped knowledge and documents about Hillary Clinton and the Democratic National Party. Even if there we’re indications we couldn’t’ directly know who was behind the documents. That were on the pages that I have mentioned. Me myself has downloaded the hacked document and read through a bunch of e-mails released on WikiLeaks. It had to come from somewhere and somebody else had to hack or to do some whistleblowing this information. So that the public and me could collect and analyse the intelligence that the DNC themselves wanted to keep inside their own chambers.

We could now see how a major American party did their practices of fundraising and party works in general towards an election. Like we have never seen how a campaign manager has worked and travelled, how they have gotten fundraising for a bigger political foundation as the Clinton Foundation as now. That is because of the release of e-mails and documents on a scale we haven’t seen. Before those documents has landed in one pile at one journalist or one paper and they have released piece by piece or a cover story. The WikiLeaks drop of the DNC E-Mails of Podesta was not only interesting, but revealing how the internal works of the Democratic Party works.

Therefore the release of FBI, NCCIC and Department of Homeland Security documents shows how they did this and what technic they used to get into the DNC party or WADA to take out the documents that we’re released during the 2016. This shows the power in going into other people’s and organizations computers and computer systems to gain intelligence… That cannot be spared in the conversation as the knowledge of the DNC and other organization that has intelligence that the public could have interest of knowing.

Clinton Campaign TV

Let’s take a brief look at what the State Security Organizations said now in December and before that in October on the matter!

State Actors:

Most capable, active, and dangerous cyber adversaries

Advanced tradecraft and technical expertise

Indigenously developed exploitation tools

Well resourced

Social engineering (spear phishing), extensive research and target profiling, DDoSattacks” (U.S. Department of Homeland Security, P: 3, 2016).

“This document provides technical details regarding the tools and infrastructure used by the Russian civilian and military intelligence Services (RIS) to compromise and exploit networks and endpoints associated with the U.S. election, as well as a range of U.S. Government, political, and private sector entities. The U.S. Government is referring to this malicious cyber activity by RIS as GRIZZLY STEPPE” (…) “This activity by RIS is part of an ongoing campaign of cyber-enabled operations directed at the U.S. government and its citizens. These cyber operations have included spearphishing campaigns targeting government organizations, critical infrastructure entities, think tanks, universities, political organizations, and corporations leading to the theft of information. In foreign countries, RIS actors conducted damaging and/or disruptive cyber-attacks, including attacks on critical infrastructure networks. In some cases, RIS actors masqueraded as third parties, hiding behind false online personas designed to cause the victim to misattribute the source of the attack. This JAR provides technical indicators related to many of these operations, recommended mitigations, suggested actions to take in response to the indicators provided, and information on how to report such incidents to the U.S. Government” (TLP White, P: 1, 2016).

Spearfishing a Political Party:

“Once APT28 and APT29 have access to victims, both groups exfiltrate and analyze information to gain intelligence value. These groups use this information to craft highly targeted spearphishing campaigns. These actors set up operational infrastructure to obfuscate their source infrastructure, host domains and malware for targeting organizations, establish command and control nodes, and harvest credentials and other valuable information from their targets. In summer 2015, an APT29 spearphishing campaign directed emails containing a malicious link to over 1,000 recipients, including multiple U.S. Government victims. APT29 used legitimate domains, to include domains associated with U.S. organizations and educational institutions, to host malware and send spearphishing emails. In the course of that campaign, APT29 successfully compromised a U.S. political party. At least one targeted individual activated links to malware hosted on operational infrastructure of opened attachments containing malware. APT29 delivered malware to the political party’s systems, established persistence, escalated privileges, enumerated active directory accounts, and exfiltrated email from several accounts through encrypted connections back through operational infrastructure” (TLP White, P: 2-3, 2016).

“Phishing and Spearphishing

  • Implement a Sender Policy Framework (SPF) record for your organization’s Domain Name System (DNS) zone file to minimize risks relating to the receipt of spoofed messages.
  • Educate users to be suspicious of unsolicited phone calls, social media interactions, or email messages from individuals asking about employees or other internal information. If an unknown individual claims to be from a legitimate organization, try to verify his or her identity directly with the company.
  • Do not provide personal information or information about your organization, including its structure or networks, unless you are certain of a person’s authority to have the information.
  • Do not reveal personal or financial information in social media or email, and do not respond to solicitations for this information. This includes following links sent in email.
  • Pay attention to the URL of a website. Malicious websites may look identical to a legitimate site, but the URL often includes a variation in spelling or a different domain than the valid website (e.g., .com vs. .net).
  • If you are unsure whether an email request is legitimate, try to verify it by contacting the company directly. Do not use contact information provided on a website connected to the request; instead, check previous statements for contact information. Information about known phishing attacks is also available online from groups such as the Anti-Phishing Working Group (http://www.antiphishing.org).
  • Take advantage of anti-phishing features offered by your email client and web browser.
  • Patch all systems for critical vulnerabilities, prioritizing timely patching of software that processes Internet data, such as web browsers, browser plugins, and document readers” (TLP White, P: 13, 2016).

cnn-election-hack

With this all in mind, we can see that the Russians allegedly interfered with one specific technic to gain intelligence from their American counterparts in this perspective the U.S. Democratic National Party. The DNC and their Presidential Candidate Hillary Clinton; so their effort to install and get a more Russian friendly candidate could be effective with release of certain details of her conducts and her history… that no other candidate has ever gotten more scrutiny as Clinton ever done.

We can surely remember the massive overload of e-mails, documents and also internal memo’s that could boggle political interested minds while Trump where harsh critic and also a right-wing migration biased uprising who couldn’t care less about his own moral defects, while addressing Clinton like the worst politician ever. That can be shown in history. These hacks and release of documents we’re surely important when considering how voters could be swayed away from voting the Democratic Party and their Candidate.

They did in the report site very many different hackers who even I know them and know about their works, without knowing their sources or methods of work. I only know of their pages where they drop the documentation and E-Mails, which showed internal facts I could only wish to see in the past. That I couldn’t have made articles and quick-journalism like pieces without! These hackers and these drops of intelligence we’re vital for me to know more about the DNC and Hillary Clinton. Trump told all his lies and deception in public. Clinton kept it cool, while the droppings of documents, memos and e-mails put it all online. She couldn’t hide the facts or the ways of her party since it was all out there!

I have never seen something similar and if it was done by the method told in the report, than the men or woman behind the hack is sophisticated and also smart. They knew how to get the users to lure their Intel and get it into their own servers. This by any means is a quick theft of sensitive information, which weakens the DNC and Clinton in the public eye. The Public Eye and public perception is vital to ever win an election. Peace.

Reference:

U.S. Department of Homeland Security – ‘Cyber Threats to the Homeland’ (October 2016)

NCCIC & FBI ‘TLP White’ – ‘GRIZZLY STEPPE – Russian Malicious Cyber Activity’ (29.12.2016)

Obama, Barrack – Executive Order – ‘TAKING ADDITIONAL STEPS TO ADDRESS THE NATIONAL EMERGENCY WITH RESPECT TO SIGNIFICANT MALICIOUS CYBER-ENABLED ACTIVITIES’ (29.12.2016)