Assuming that this is an exercise on who has the best surveillance technology on the planet, we’d love to see what technologies these spy planes carry.
An unarmed Russian Air Force aircraft overflew the US Capitol, the Pentagon, Central Intelligence Agency and Joint Base Andrews at low altitude as part of a longstanding treaty that allows US and Russian militaries to observe one another from the air, according to two people familiar with the flight.
Source: This Mysterious Military Spy Plane Has Been Flying Circles Over Seattle For Days | Zero Hedge
Authored by Tyler Rogoway and Joseph Trevithick via TheDrive.com
Aug 5, 2017
The aircraft, which goes by the callsign “SPUD21” and wears a nondescript flat gray paint job with the only visible markings being a USAF serial on its tail, is a CASA CN-235-300 transport aircraft that has been extensively modified for the surveillance mission. You can see more pictures of the aircraft here.
It is covered in a dizzying array of blisters, protrusions, humps and bumps. These include missile approach warning detectors and large fairings on its empennage for buckets of forward-firing decoy flares, as well as both microwave—the dome antenna behind the wing and flat antenna modification in front of the wing—and ultra high-frequency satellite communications—the platter-like antenna behind the dome antenna. A communications intelligence suite also appears to be installed on the aircraft, with the antenna farm on the bottom of its fuselage being a clear indication of such a capability.
But what’s most interesting is the aircraft’s apparent visual intelligence gathering installation. It is placed in a fixed position, on the left side of the aircraft, below the plane’s forward emergency door. The rectangle structure has a sliding door that covers the system’s sensors when not in use.
On the lower end of the capabilities spectrum, the system installed could be similar to the DB110 reconnaissance system, which can provide very high fidelity imagery of a target area from standoff “slant” ranges. The system, which is popular among F-16 operators in a podded version, can be acquired in varying configurations. Some have multi-spectral fusion capability, where electro-optical and infrared imagery is combined to bring out unique details that neither can see alone. An additional wider angle camera is also available as well, along with an assortment of data-link options that can send the system’s imagery to analysts and “customers” on the ground for rapid exploitation. In this case, the analysts could fly inside the aircraft, eliminating the requirement—or at least the outright need—for such a feature.
On the higher end of the capability spectrum, the aperture could be filled with a wide area aerial surveillance (WAAS) camera system that can view a large area—the size of a town—continuously at one time. This technology, which allows for tagging of vehicles and other moving objects, and can even be used retroactively to trace someone’s movements over time, is among the biggest surveillance game-changers of our time. You can read all about how it works and its great potential to change everything from how we survey the battlefield to how we solve crimes here at home in this past feature.
WAAS camera systems have rapidly evolved over the last decade and have gone from the battlefield to the commercial market here at home. They also now come in all different sizes and capability classes—as well as a variety of interesting sounding names to go with them such as “Gorgon Stare,” “Hawkeye” and “ARGUS” to name a few. In fact, WAAS payloads, which were once the domain of larger aircraft like the MQ-9 Reaper drone and King Air twin turboprop, are now deployable on small tactical drones, such as the “Red Kite” sensor mounted on RQ-21 Blackjack used by Insitu, a Pacific Northwest company that is now owned by Boeing.
RQ-21 fitted with WAAS “Red Kite” sensor.
Some WAAS sensors require the aircraft to fly tight overhead orbits, while others work at a slant angle in relation to the ground. Considering the mounting location and aperture size on the CN-235 in question, this kind of “slant” setup would likely be the case. Also, the counterclockwise orbits the aircraft flies, between roughly six and twelve miles across, at altitudes from 17,000 to 22,000 feet, also indicate such a setup.
A sampling of tracks from SPUD21 missions around the Seattle area.
Above all else, these types of surveillance systems are especially good at capturing and monitoring so called “patterns of life” over and around a target area. This is an especially useful tool when collecting intelligence on an enemy target or group of targets over time and can open up new possibilities when it comes to the process of finding, fixing and finishing the enemy.
Simply put, instead of recording a snapshot in time such as what a satellite can furnish, persistent airborne surveillance sensors capture massive amounts of exploitable information over hours and days. So if a picture is akin to a thousand words, this persistent type of wide area aerial surveillance is equivalent to an entire novel or even a series of novels.
When paired with communications intelligence gathering, such as intercepting radio communications and mobile and satellite phone chatter, a high fidelity “picture” of a targeted area and how specific targets in that area operate can be compiled in a relatively short period of time, all using a single relatively economical asset. Also, the aircraft’s extensive communications suite can take this information, including streaming video, and send it to a command center around the world or relay it to regional ground stations. As such, it can likely provide high-fidelity overwatch of ongoing special operations mission, and relay that video and/or audio to commanders in real time.
Now that we have at least some idea of what this aircraft is likely capable of, the big question is what is it doing over Seattle and its suburbs? And maybe even more important—who is operating it?
Aside from what appears to be a weekend off in Portland, Oregon, the aircraft flies its missions out of Boeing Field, and it is operating out of Clay Lacy Aviation, the local fixed based operator (FBO) at Boeing Field, not from Boeing’s military ramp. It is totally common for military aircraft—from fighters to transports—to use local FBOs when traveling away from home. In fact, aircrews often prefer the amenities and ease of access of a high-end private jet center over a nearby military base.
Clay Lacy Aviation in relation to the Boeing military flight test ramp at KBFI.
In Seattle at Boeing Field, Clay Lacy Aviation is famous for its seemingly constant stream of visiting military aircraft—but those aircraft aren’t usually executing highly peculiar surveillance missions over nearby urban areas for days on end. And the fact that the aircraft is not operating from the Boeing military ramp is a very good indication that its mission does not involve the aerospace giant. As such, this also largely eliminates the possibility of Boeing doing some sort of systems integration testing on the aircraft which could have explained some of its strange behavior.
As to who sent the aircraft and who even takes ownership of it, those details have turned out to be incredibly tough to pin down. Though it seems indisputable that the aircraft is or at least was U.S. government property at one point based on its Air Force-style serial number, none of the obvious U.S. military organizations claim they are aware of the CN-235 or its activities.
Public affairs officers at U.S. Northern Command (NORTHCOM), which oversees American military activities in North America, and its subordinate Joint Task Force-North (JTF-N), both said they weren’t tracking the aircraft or its mission. JTF-N is responsible for handling requests from domestic civilian agencies, such as Customs and Border Patrol, for military support, including contractor-operated surveillance aircraft.
The U.S. Air Force Special Operations Command (AFSOC) had similarly not been able to determine if the aircraft belonged to one of its units. U.S. Special Operations Command (SOCOM) forwarded yet another query on the issue back to AFSOC.
In an attempt to simply establish basic ownership, we reached out to the public affairs office at Wright-Patterson Air Force Base, home of the Air Force Life Cycle Management Center, which keeps tabs on all of the service’s aircraft. After speaking with a number of individuals by phone and email on the subject, they decided to send our query to the Pentagon’s main public affairs office.
The CASA CN-235 is a favorite of militaries and mercenaries around the world. This example was operated in Afghanistan by the US mercenary firm popularly known as Blackwater.
Taken together, these responses would seem to point to what many observers might have already speculated immediately, that this was a mission or training exercise in support of the secretive Joint Special Operations Command (JSOC) or a civilian agency such as the Central Intelligence Agency. This particular CN-235, with the serial 96-6042, is one of six that researchers commonly associated with the Air Force’s top secret 427th Special Operations Squadron. Recent pictures of the other aircraft show they are all in relatively similar configurations at present.
The 427th occupies the same space with a host of other “black” U.S. military aviation elements, most of which are affiliated to some degree with JSOC and the Intelligence Community. The War Zone has previously explored what is publicly known about these units in great detail.
Of course, the idea of the federal government employing a military aircraft to conduct surveillance within the United States would involve very complex and often controversial legal requirements. Far too complicated to go into detail here, we recommend taking a dive into Lawfare’s extensive writings on the National Security Agency’s domestic surveillance activities and related issues, which are tangential and touch on many of the same debates, though are not necessarily directly related to aerial spying. In 2016, BuzzFeed News also wrote an in-depth feature about airborne surveillance programs within the Department of Homeland Security and the Federal Bureau of Investigation that gets into many of these questions.
In short, if the military placed the aircraft under civilian control to some degree and with an appropriate legal justification, the U.S. military could possibly fly it in support of a domestic operation or one focused on a foreign suspect or organization operating within the United States. SOCOM and JSOC both have had connections to an “alphabet soup” of counter-terrorism elements that may have domestic components since at least 2008.
Official documents refer to organizations like SOCOM-National Capital Region (SOCOM-NCR), the Joint Interagency Task Force-National Capital Region (JIATF-NCR), or simply the Interagency Task Force (IATF), which may or may not be related to each other. Just what these organizations do or whether they are just staffs that coordinate with other U.S. government agencies in Washington or an actual operational headquarters has been unclear—and not just to us.
The National Defense Authorization Act for the 2014 fiscal year specifically withheld funding from SOCOM-NCR until the Secretary of Defense submitted a report to the House and Senate Armed Services Committees that explained, among other things, “the purpose of” and “the activities to be performed by USSOCOM-NCR,” according to a Congressional Research Service report. The official $10 million budget request to establish this particular entity said it would send “liaison officers and Special Operations Support Teams to other federal agencies.”
It’s also entirely possible, if not probable, that the aircraft could be involved in a realistic training exercise rather than an actual operation, akin to the annual JADE HELM special operations drill. The special operations community in general has a unique interest in being able to operate in complex urban terrain. Some think these areas will be the primary battlefields of the future. Still, the public is at least tacitly informed about these drills before they begin. NORTHCOM runs its own complex multinational and interagency counter-terrorism exercise each year called Vital Archer. In 2015, the scenario reportedly involved a nuclear or radiological attack.
With all this in mind, maybe the CN-235 is part of a secretive set of drills involving terrorists smuggling themselves and their weaponry into the United States via Seattle’s sea or airport facilities.
The area could have simply provided a suitable urban area to test existing or new surveillance technologies, too, though this could spark serious privacy concerns if true.
Whatever the aircraft has been doing in the Seattle skies, it seems curious that it’s been using civilian airports for the job. But so far, the plane does appear to be doing a good job of hiding in plain sight with no one able to say who even owns it.
We will keep you updated if we find out more on this mystery plane and its mission.
No wonder the CIA does not like Wikileaks. It keeps exposing what that rogue agency is doing so the world can see what they are up to. (See previous post).
Source: WikiLeaks Release Documents on How CIA Uses 5 Different Malware
July 22, 2017
WikiLeaks has released a trove of data belong to the American intelligence agency CIA (Central Intelligence Agency) – The latest batch shows how CIA uses five different malware to target unsuspecting users.
These malware are called HammerLoss, Regin, HTTPBrowser, NfLog, and Gamker – The documents also show how CIA used Raytheon Blackbird Technologies, a contractor for the Remote Development Branch (RDB) of the CIA.
The nightmarish revelations from Julian Assange are from over, and the latest batch of documents after the release of Vault 7 has startling new information about the CIA’s ability of hacking and infiltrating its targets. The data includes reports from experts about the way various malware programs owned and used by the CIA are used and the way these programs function. In total, there are five files.
This new batch of files is dubbed as UCL/Raytheon and contains documents maintained by Raytheon Blackbird Technologies. The firm is a contractor for the Remote Development Branch (RDB) of the CIA and believed to be its Technology Scout.
Source: CIA Chief Warns of WikiLeaks Plotting to “Take Down America”
theantimedia.org
Written by Jason Ditz
(ANTIWAR.COM) — CIA Director Mike Pompeo remains inconsolably hostile toward whistleblower organization WikiLeaks, insisting they are a “non-state hostile intelligence service” and are plotting to “take down America any way they can and find any willing partner to achieve that end.”
Hostility to WikiLeaks has been a mainstay in the US government, as every administration faces the prospect of their covert misdeeds becoming a matter of public record, to their general embarrassment albeit rarely to the end of any meaningful reform.
Pompeo argued that the US needs to use the Espionage Act much more in going after leakers who aren’t actually foreign spies, though he stopped short of openly endorsing Espionage prosecutions against journalists for reporting on the leaks.
President Trump had a positive attitude toward WikiLeaks during last year’s campaign, declaring “I love WikiLeaks.” Pompeo insists he doesn’t feel the same way, and that US intelligence agencies need to find ways to fight the organization.
Source: Two Israeli Companies: Spying on the World
I’m reprinting my article from 2013 below. But first, a quick bit of recent history concerning two little known Israeli companies, Narus and Verint. They have helped the NSA spy on the planet.
Narus, in 2010, was folded into Boeing, one of the largest defense contractors in the world. Then, in 2014, Boeing sold Narus to Symantec. In 2016, Symantec sold half of itself to the Carlyle Group. So Narus, a little engine that could, has been keeping very high-priced company.
Verint has managed to retain its independence, after buying out the majority stake of Comverse Technology, its former owner, in 2013.
Okay, here we go—from this point on, everything was written in 2013:
2013. Boom. Explosive revelations. The NSA is using telecom giants to spy on anybody and everybody, in a program called PRISM.
But the information is not new.
Three books have been written about the super-secret NSA, and James Bamford has written them all.
In 2008, Amy Goodman of Democracy Now interviewed Bamford as his latest book, The Shadow Factory, was being released.
Bamford explained that, in the 1990s, everything changed for NSA. Previously, they’d been able to intercept electronic communications by using big dishes to capture what was coming down to Earth from telecom satellites.
But with the shift to fiber-optic cables, NSA was shut out. So they devised new methods.
For example, they set up a secret spy room at an AT&T office in San Francisco. NSA installed new equipment that enabled them to tap into the fiber-optic cables and suck up all traffic.
How Bamford describes this, in 2008, tells you exactly where the PRISM program came from:
“NSA began making these agreements with AT&T and other companies, and that in order to get access to the actual cables, they had to build these secret rooms in these buildings.
“So what would happen would be the communications on the cables would come into the building, and then the cable would go to this thing called a splitter box, which was a box that had something that was similar to a prism, a glass prism.
“And the prism was shaped like a prism, and the light signals would come in, and they’d be split by the prism. And one copy of the light signal would go off to where it was supposed to be going in the telecom system, and the other half, this new cloned copy of the cables, would actually go one floor below to NSA’s secret room.
“… And in the secret room was equipment by a private company called Narus, the very small company hardly anybody has ever heard of that created the hardware and the software to analyze these cables and then pick out the targets NSA is looking for and then forward the targeted communications onto NSA headquarters.”
In James Bamford’s 2008 interview, he mentions two Israeli companies, Narus and Verint, that almost nobody knew about. They played a key role in developing and selling the technology that allowed NSA to deploy its PRISM spying program:
Bamford: “Yeah. There’s two major — or not major, they’re small companies, but they service the two major telecom companies. This company, Narus, which was founded in Israel and has large Israel connections, does the — basically the tapping of the communications on AT&T. And Verizon chose another company, ironically also founded in Israel and largely controlled by and developed by people in Israel called Verint.
“So these two companies specialize in what’s known as mass surveillance. Their literature — I read this literature from Verint, for example — is supposed to only go to intelligence agencies and so forth, and it says, ‘We specialize in mass surveillance,’ and that’s what they do.
“They put [this] mass surveillance equipment in these facilities. So you have AT&T, for example, that, you know, considers it’s their job to get messages from one person to another, not tapping into messages, and you get the NSA that says, we want, you know, copies of all this. So that’s where these [two Israeli] companies come in. These companies act as the intermediary basically between the telecom companies and the NSA.”
AMY GOODMAN: “Now, Jim Bamford, take this a step further, because you say the founder and former CEO of one of these companies [Verint] is now a fugitive from the United States somewhere in Africa?”
JAMES BAMFORD: “…the company that Verizon uses, Verint, the founder of the company, the former head of the company, is now a fugitive in — hiding out in Africa in the country of Namibia, because he’s wanted on a number of felony warrants for fraud and other charges. And then, two other top executives of the company, the general counsel and another top official of the parent company, have also pled guilty to these charges.
“So, you know, you’ve got companies — these [two] companies have foreign connections with potential ties to foreign intelligence agencies, and you have problems of credibility, problems of honesty and all that. And these companies — through these two companies pass probably 80 percent or more of all US communications at one point or another.
“And it’s even — gets even worse in the fact that these companies also supply their equipment all around the world to other countries, to countries that don’t have a lot of respect for individual rights —- Vietnam, China, Libya, other countries like that. And so, these countries use this equipment to filter out dissident communications and people trying to protest the government. It gives them the ability to eavesdrop on communications and monitor dissident email communications. And as a result of that, people are put in jail, and so forth…”
AMY GOODMAN: “And despite all of this…these telecom companies still have access to the most private communications of people all over America and actually, it ends up, around the world. And at the beginning of the summer [2008], the Democrats and Republicans joined together in granting retroactive immunity to these companies for spying on American citizens.”
The fugitive CEO of Verint, whom Bamford mentions, is Jacob “Kobi” Alexander. In 2006, the US Dept. of Justice charged him with conspiring to commit securities and wire and mail fraud. The SEC weighed in and filed similar civil charges.
Alexander fled to Namibia, where he finally settled with the SEC for $46 million. [Update: In 2017, he returned to the US, where he was sentenced to the 30 months in prison.]
He is no longer the CEO of Verint.
It’s obvious that these two Israeli companies, Narus and Verint, working for NSA, have been able to divert mega-tons of data to Israeli intelligence.
The recent media stories on this NSA PRISM spying system indicate that NSA is tapping into the servers of huge tech companies; Google, AOL, Microsoft, Skype, Apple, Yahoo. The methods of data theft may have expanded, but the result and intent remain the same.
The government-corporate juggernaut moves ahead. Their rationale—catching terrorists—is, in great part, a cover story to obscure the fact that the State wants control over the lives of all citizens, as it ratchets up the very conditions that provoke rebellion.
It’s a classic pincer movement.
As far as the current NSA PRISM spying is concerned, look for limited hangouts. These are partial admissions and excuses, offered to conceal greater crimes and stop investigations.
The giant tech companies already have their limited hangout in place: “We didn’t know it was happening, we would never have allowed it to happen, and we’ll be much more careful in the future.”
Obama is saying: Yes, let’s have dialogue on this matter…there’s a fine line between national security needs and overweening intrusion into citizens’ privacy.
The NSA is saying: We do spy, but we don’t read content of emails and phone calls. We just keep ‘records’ of the communications.
The lies lying liars tell. The NSA has multiple and redundant methods of spying. If they have to cut back, for a while, on directly accessing the servers of the giant tech firms, they can do it without losing a step.
After all, as James Bamford revealed five years ago [now nine years ago], NSA cuts directly into fiber-optic cables and splits the data into two copies, one of which it keeps for itself. They can access Google and Yahoo in other ways.
Most easily, they can say to these willing tech partners, “Give us all your data.” And it will be done.
Firms like Google are already spying on their customers, putting together extensive profiles to craft better targeted ads. Google knows spying. Doing it for commercial purposes, or for “national security” purposes? They don’t need to make those distinctions.
The author of three explosive collections, THE MATRIX REVEALED, EXIT FROM THE MATRIX, and POWER OUTSIDE THE MATRIX, Jon was a candidate for a US Congressional seat in the 29th District of California. He maintains a consulting practice for private clients, the purpose of which is the expansion of personal creative power. Nominated for a Pulitzer Prize, he has worked as an investigative reporter for 30 years, writing articles on politics, medicine, and health for CBS Healthwatch, LA Weekly, Spin Magazine, Stern, and other newspapers and magazines in the US and Europe. Jon has delivered lectures and seminars on global politics, health, logic, and creative power to audiences around the world. You can sign up for his free NoMoreFakeNews emails here or his free OutsideTheRealityMachine emails here.
“These agents had been sent to work in the United States over a 50 year period of time.”
Source: Chinese Billionaire Warns America: China Has 25,000 Spies Who Are “Ready To Destroy The U.S.”
Mac Slavo
July 11th, 2017
Since the 1980’s, the US has caught and imprisoned over a dozen people who were spying on American government agencies and corporations. So we catch Chinese spies once every few years. With that kind of frequency, you’d probably assume that China doesn’t have that many intelligence assets in America at any given time. Based on those numbers, a safe estimate would be in the hundreds, or perhaps thousands.
But it turns out that those estimates would be incredible low. According to Guo Wengui, a billionaire investor who has fled China and moved to New York since becoming a major critic of the Chinese regime, there are probably 25,000 spies in America who are working for Beijing.
Those numbers are derived from what he claims, are his close ties to multiple Chinese intelligence agencies. That may sound far fetched to most Americans, but in China the public and private sectors are closely aligned. They’re practically the same entity. So we should take his warnings very seriously, which were brought up in a recent interview with The Freebeacon.
Guo said that Chinese intelligence operations in the United States sharply increased after the 2012 Communist Party Congress that brought current leader Xi Jinping to power.
“Before 2012, cumulatively China had around 10,000 to 20,000 agents working in the United States,” he said. “These agents had been sent to work in the United States over a 50 year period of time, and they were working in a defensive mode.”
According to the businessman, defensive intelligence was mainly focused on learning about the United States. The operations then shifted in 2012 to “offensive” spying, he said.
“By offensive [operations], I mean to be ready to destroy the U.S. in ways they can,” Guo said.
And these spies don’t just consist of Chinese immigrants. According to Guo, many of them are treasonous Americans who have sold their country out for a paycheck, and they can be ruthless.
China’s budget for intelligence gathering before 2012 was around $600 million annually.
Around 2012, a decision was made by Chinese leaders to dispatch another 5,000 spies to the United States. “Some of them were sent as students, some as businessmen, and some as immigrants, but all together, 5,000,” Guo said.
“In addition to that, they developed between 15,000 to 18,000 other spies, and these are not directly sent but these are developed within the United States.”
The recruited agents are not limited to Asians and Chinese-Americans but include all ethnic groups, including Hispanics, Blacks, and Caucasians.
“And now the budget is between $3 billion to $4 billion annually, and this is information up to one month ago,” he said.
Guo said American counterintelligence agencies face several problems, mainly a lack of knowledge about Chinese intelligence agencies.
“You don’t know which organizations in China are responsible for sending these spies, how they are managed, and to what purpose,” he said. “And the U.S. adopts a very legalistic perspective to look at the question of spying. Yet, for China their methods are not what the United States understands.”
“These spies, when they come to the United States, they could sleep around, they could put poison in your glass of wine to kill you; completely unscrupulous,” he said.
As for their goals, Guo claims that the spies are mainly here to steal military technologies. But they’re also here to “buy” high level government officials, as well as political and corporate elites who can give China favorable business deals. And most what’s most frightening, is that these spies have implanted malicious software in our most critical infrastructure systems, and have thoroughly infiltrated our government’s major weapons suppliers.
Which raises an important question. How did our government let this happen? Isn’t the all powerful NSA surveillance grid capable of catching these people?
Apparently not. It appears that we’ve traded our freedom for security, but somewhere along the line we didn’t receive any security. While our government was busy funding and training the terrorists that would later inspire the acceptance of widespread government surveillance and the destruction of our civil liberties, they overlooked the flood of Chinese spies who have infiltrated every level of our society.
You could call it incompetence, but it could also be something far more sinister. As Joel Skousen has pointed out many times, our government is riddled with globalists who have a hidden agenda. They want to usher in another world war between the US, China, and Russia, which will bring about the destruction of America, and make way for a global government. As part of that plan, they have been undermining America at every turn in the hopes that our country will lose the war against China; a war which they are orchestrating. Perhaps as a part of that effort, they’ve been looking the other way as the Chinese government steals and compromises our infrastructure and advanced military technologies.
Whatever the case may be, if Guo is correct then America is a severely compromised nation that is in no position to fight another world war.
I was one of those that perhaps looked to the Intercept as possibly one of the beacons of truth in the new media, than this comes out. Human behavior is human behavior. We should never ever trust anyone when it comes down to the truth. We have to figure it out ourselves. I wonder what Snowden thinks about these people. Mind you, this has nothing to do with him. But these fools are hurting the whatever passes for the left media these days.
Source: The Intercept Profits and Burns its Own Whistleblower | Covert Geopolitics
There’s a twin problem with the pseudo-patriots in America today, i.e. pseudo-alternative media. Tracing its roots from The Guardian, Gleen Glenwald gained popularity when the NSA whistleblower Ed Snowden gave him and other mainstream journalists the Scoop of the Century, i.e. NSA massive surveillance.
Profiting heavily from the Edward Snowden NSA leak, the overlords at the pseudo alternative media The Intercept, which have made it a big business luring would be whistleblowers to leak everything they know through its own platform and enjoy subsequent stardom, has done it again. It burns its own leaker just so it could prove Russia is really hacking the US agencies with another worldwide exclusive release.
Russian military intelligence executed a cyberattack on at least one U.S. voting software supplier and sent spear-phishing emails to more than 100 local election officials just days before last November’s presidential election, according to a highly classified intelligence report obtained by The Intercept.
The top-secret National Security Agency document, which was provided anonymously to The Intercept and independently authenticated, analyzes intelligence very recently acquired by the agency about a months-long Russian intelligence cyber effort against elements of the U.S. election and voting infrastructure. The report, dated May 5, 2017, is the most detailed U.S. government account of Russian interference in the election that has yet come to light.
While the document provides a rare window into the NSA’s understanding of the mechanics of Russian hacking, it does not show the underlying “raw” intelligence on which the analysis is based. A U.S. intelligence officer who declined to be identified cautioned against drawing too big a conclusion from the document because a single analysis is not necessarily definitive.
There are only two key phrases which any investigator would like to focus on from the above Intercept article:
.. and the specific intelligence officer, which is sometimes called an intelligence analyst, is identified because there is only one specific person assigned to a specific task, which in turn is a security measure by itself.
But despite the “not necessarily definitive” clause which the NSA intelligence analyst has arrived at, the Intercept went on and published the leaked NSA document because it mentioned about Russian hacking, to the detriment of its source.
The Intercept article continues:
The report indicates that Russian hacking may have penetrated further into U.S. voting systems than was previously understood. It states unequivocally in its summary statement that it was Russian military intelligence, specifically the Russian General Staff Main Intelligence Directorate, or GRU, that conducted the cyber attacks described in the document:
Russian General Staff Main Intelligence Directorate actors … executed cyber espionage operations against a named U.S. company in August 2016, evidently to obtain information on elections-related software and hardware solutions. … The actors likely used data obtained from that operation to … launch a voter registration-themed spear-phishing campaign targeting U.S. local government organizations.
This NSA summary judgment is sharply at odds with Russian President Vladimir Putin’s denial last week that Russia had interfered in foreign elections: “We never engaged in that on a state level, and have no intention of doing so.” Putin, who had previously issued blanket denials that any such Russian meddling occurred, for the first time floated the possibility that freelance Russian hackers with “patriotic leanings” may have been responsible. The NSA report, on the contrary, displays no doubt that the cyber assault was carried out by the GRU.
We are not saying here that there are no Russian hackers, government employed or civilians, who are doing these activities because all governments that are currently engaged in a hybrid war against each other actually do. But it is only the NATO member states, and other Khazarian alliances, which are proven to be spying on each other.
There is also a big difference between snooping and hacking. Monitoring and tampering of data like what the Deep State operatives did to a Qatari website is more aggressive. The Russians did not manipulate the results of last year’s presidential election, like Google did with its Clinton-biased search results.
In fact, some of these “patriot” hackers have leaked about the preparatory manipulations done by Soros affiliated electoral systems prior to the said election, and it did not take a Russian hacker to inform the world what had actually occurred within the DNC camp to the detriment of the Bernie Sanders’ campaign.
The Intercept is working closely with its twin platform, Democracy Now, and with its sister site Rappler in the Philippines is spreading dangerous leaks,
… just so it could live up to its name, The Intercept.
But not for long…
Moon of Alabama | June 06, 2017
Yesterday The Intercept published a leaked five page NSA analysis about alleged Russian interference in the 2016 U.S. elections. Its reporting outed the leaker of the NSA documents. That person, R.L. Winner, has now been arrested and is likely to be jailed for years if not for the rest of her life.
FBI search (pdf) and arrest warrant (pdf) applications unveil irresponsible behavior by the Intercept‘s reporters and editors which neglected all operational security trade-craft that might have prevented the revealing of the source. It leaves one scratching one’s head if this was intentional or just sheer incompetence. Either way – the incident confirms what skeptics had long determined: The Intercept is not a trustworthy outlet for leaking state secrets of public interests.
The Intercept was created to privatize the National Security Agency documents leaked by NSA contractor Edward Snowden. The documents proved that the NSA is hacking and copying nearly all electronic communication on this planet, that it was breaking laws that prohibited spying on U.S. citizen and that it sabotages on a large scale various kinds of commercial electronic equipment. Snowden gave copies of the NSA documents to a small number of journalists. One of them was Glenn Greenwald who now works at The Intercept. Only some 5% of the pages Snowden allegedly acquired and gave to reporters have been published. We have no idea what the unpublished pages would provide.
The Intercept, a subdivision of First Look Media, was founded by Pierre Omidyar, a major owner of the auctioning site eBay and its PayPal banking division. Omidyar is a billionaire and “philanthropist” who’s (tax avoiding) Omidyar Network foundation is “investing” for “returns”. Its microcredit project for farmers in India, in cooperation with people from the fascists RSS party, ended in an epidemic of suicides when the farmers were unable to pay back. The Omidyar Network also funded (fascist) regime change groups in Ukraine in cooperation with USAID. Omidyar had cozy relations with the Obama White House. Some of the held back NSA documents likely implicate Omidyar’s PayPal.
The Intercept was funded with some $50 million from Omidyar. Its first hires were Greenwald, Jeremy Scahill and Laura Poitras – all involved in publishing the Snowden papers and other leaks. Its first piece was based on documents from the leaked NSA stack. It has since published on this or that but not in a regular media way. The Intercept pieces are usually heavily editorialized and tend to have a mainstream “liberal” to libertarian slant. Some were highly partisan anti-Syrian/pro-regime change propaganda. The website seems to have no regular publishing schedule at all. Between one and five piece per day get pushed out, only a few of them make public waves. Some of its later prominent hires (Ken Silverstein, Matt Taibbi) soon left and alleged that the place was run in a chaotic atmosphere and with improper and highly politicized editing. Despite its rich backing and allegedly high pay for its main journalists (Greenwald is said to receive between 250k and 1 million per year) the Intercept is begging for reader donations.
Yesterday’s published story (with bylines of four(!) reporters) begins:
Russian military intelligence executed a cyberattack on at least one U.S. voting software supplier and sent spear-phishing emails to more than 100 local election officials just days before last November’s presidential election, according to a highly classified intelligence report obtained by The Intercept.
The NSA “intelligence report” the Intercept publishes alongside the piece does NOT show that “Russian military intelligence executed a cyberattack“. The document speaks of “cyber espionage operations” – i.e someone looked and maybe copied data but did not manipulate anything. Espionage via computer networks is something every nation in this world (and various private entities) do all the time. It is simply the collection of information. It is different from a “cyberattack” like Stuxnet which are intended to create large damage,
The “attack” by someone was standard spearfishing and some visual basic scripts to gain access to accounts of local election officials. Thee is no proof that any account was compromised. Any minor criminal hacker uses similar means. No damage is mentioned in the NSA analysis. The elections were not compromised by this operation. The document notes explicitly (p.5) that the operation used some techniques that distinguish it from other known Russian military intelligence operations. It was probably -if at all- done by someone else.
The reporters note that the document does not provide any raw intelligence. It is an analysis based on totally unknown material. It does not include any evidence for the claims it makes. The Intercept piece describes how the document was received and “verified”:
The top-secret National Security Agency document, which was provided anonymously to The Intercept and independently authenticated, …
…
The NSA and the Office of the Director of National Intelligence were both contacted for this article. Officials requested that we not publish or report on the top secret document and declined to comment on it. When informed that we intended to go ahead with this story, the NSA requested a number of redactions. The Intercept agreed to some of the redaction requests.
The piece quotes at length the well known cyber security expert Bruce Schneier. It neglects to reveal that Schneier is a major partisan for Clinton who very early on, in July 2016, jumped on her “Russia hacked the Democratic National Council” claim for which there is still no evidence whatsoever.
The Intercept story was published on June 5. On June 3 the FBI already received a search warrant (pdf) by the U.S. District court of southern Georgia for the home, car and computers of one Reality Leigh Winner, a 25 year old former military language specialist (Pashto, Dari, Farsi) who worked for a government contractor. In its application for the warrant the FBI asserted:
- On or about May 24, 2017, a reporter for the News Outlet (the “Reporter”) contacted another U.S. Government Agency affiliate with whom he has a prior relationship. This individual works for a contractor for the U.S. Government (the “Contractor”). The Reporter contacted the Contractor via text message and asked him to review certain documents. The Reporter told the Contractor that the Reporter had received the documents through the mail, and they were postmarked “Augusta. Georgia.” WINNER resides in Augusta, Georgia. The Reporter believed that the documents were sent to him from someone working at the location where WINNER works. The Reporter took pictures of the documents and sent them to the Contractor. The Reporter asked the Contractor to determine the veracity of the documents. The Contractor informed the Reporter that he thought that the documents were fake. Nonetheless, the Contractor contacted the U.S. Government Agency on or about June 1, 2017, to inform the U.S. Government Agency of his interaction with the Reporter. Also on June I. 2017, the Reporter texted the Contractor and said that a U.S Government Agency official had verified that the document was real. …
To verify the leaked document the reporter contacted a person working for the government. He used insecure communication channels (SMS) that are known to be tapped. He provided additional meta-information about the leaker that was not necessary at all for the person asked to verify the documents.
It got worse:
- On June I, 2017, the FBI was notified by the U.S. Government Agency that the U.S. Government Agency had been contacted by the News Outlet on May 30, 2017, regarding an upcoming story. The News Outlet informed the U.S Government Agency that it was in possession of what it believed to be a classified document authored by the U.S Government Agency. The News Outlet provided the U.S. Government Agency with a copy of this document. Subsequent analysis by the U.S. Government Agency confirmed that the document in the News Outlet’s possession is intelligence reporting dated on or about May 5. 2017 (the “intelligence reporting”). This intelligence reporting is classified at the Top Secret level, … … 14. The U.S. Government Agency examined the document shared by the News Outlet and determined the pages of the intelligence reporting appeared to be folded and/or creased,suggesting they had been printed and hand-carried out of a secured space.
- The U.S. Government Agency conducted an internal audit to determine who accessed the intelligence reporting since its publication. The U.S. Government Agency determined that six individuals printed this reporting. These six individuals included WINNER. A further audit of the six individuals’ desk computers revealed that WINNER had e-mail contact with the News Outlet. The audit did not reveal that any of the other individuals had e-mail contact with the News Outlet.
The source that provided the document had no operational security at all. She printed the document on a government printer. All (color) printers and photo copiers print nearly invisible (yellow) patters on each page that allow to identify the printer used by its serial number. The source used email from her workplace to communicate. Ms. Winner is young, inexperienced and probably not very bright. (She is also said to be Clinton partisan.) She may not have known better.
But a reporter at The Intercept should know a bit or two about operational security. Sending (and publishing) the leaked documents as finely scanned PDF’s (which include (de) the printer code) to the NSA to let the NSA verify them was incredibly stupid. Typically one only summarize these or at least converts them into a neutral, none traceable form. Instead the reporters provided at several points and without any need the evidence that led to the unmasking of their source. Wikileaks is offering $10,000 for the exposure and firing of the person responsible for this.
It is also highly questionable why the Intercept contacted the NSA seven days(!) before publishing its piece. Giving the government such a long reaction time may lead to preemptive selective leaks by the government to other news outlets to defuse the not yet published damaging one. It may give the government time to delete evidence or to unveil leakers. The Intercept certainly knows this. It had been burned by such behavior when the National Counterterrorism Center spoiled an Intercept scoop by giving a polished version to the Associate Press. Back then the Intercept editor John Cook promised to give government agencies no longer than 30 minutes for future replies. In this case it gave the NSA seven days!
Besides the failure(?) of The Intercept there are other concerns to note.
@mattblaze
Simple way to hack elections: Compromise some county offices & systems. Do nothing. If election doesn’t go your way, reveal that you hacked.
10:52 PM – 5 Jun 2017
More additional question are asked in this thread.
The lessons learned from this catastrophic -for the source- leak:
And last but certainly not least:
Posted by b on June 6, 2017 at 06:09 AM | Permalink
