- The Russians
- Active Measures
- Big Data
- The Timeline
It’s become clear that Putin intends to sway elections in the Western world. The US, France and UK have been hacked and the US election was influenced by the combined efforts of hackers, American voices of the Alt-Right and the trolls from the US and abroad. Actual interference into voter rolls and machine vote tallies is being investigated…but not by the agency designed to investigate. Trump’s shutting that down…and instead suggesting a Cyber Security Taskforce with Putin himself at the G20 summit. Many speculate that Putin’s trying to win the war without firing a bullet, so to speak… taking over one free country at a time and encouraging authoritarian, far-right regimes which restrict women’s rights and freedoms of all kinds.
- TEA PAIN on Spectrum Health’s Role in the Trump-Russia Server Scandal
- TEA PAIN on Debunking Trump Tower’s Alfa Bank Server Scandal “Explanation”
- TEA PAIN on Data Patterns Reveal Trump Tower/Spectrum Health Ran a “Stealth Data Machine” With Russia. We pull back the curtain on Jared Kushner’s “Stealth Data Machine.”
- TEA PAIN on New Analysis Supports Database Replication Theory Between Trump Tower and Alfa Bank
- TEA PAIN on WikiLeaks Moves Two Servers to Russia
Foreign governments hacking US elections is a real threat. We need to be ready. “According to the NSA, the Russian government began its hacking efforts by attempting to infiltrate an American election technology vendor that the Intercept says is a Florida-based company called VR Systems. The attackers used a “spear phishing” technique, sending personalized emails to several employees of the company to try to trick the employees into entering their passwords into a fake Google login form. Next, the attackers posed as employees of the voting technology company to attack election officials in jurisdictions that used the company’s products. Using real documentation stolen from VR Systems, the hackers created malicious Microsoft Word documents that compromise a victim’s computer when they are opened. The documentation was for EVid, software that manages the voter checkin process at a polling place. We don’t know how many of those 122 election officials clicked on the malicious link and had their computers compromised. We don’t know if Russian spies did anything malicious once they gained access. The attackers sent out malicious emails to 122 election officials around the country” —Vox News
DNC HACK Spring 2016
February 16, 2018: Mueller Issues indictment against 13 Russian Nationals with working for the Russian Internet Research Agency to foment discord in the US. CNN These people impersonated Americans and held rallies for and against Trump issues, resulting in the count for Identity Theft.
June 14, 2016 – The Washington Post reports hackers working for the Russian government accessed the Democratic National Committee’s computer system, stealing oppositional research on Donald Trump and viewing staffers’ emails and chat exchanges. The Kremlin, however, denies that the government was linked to the hack, and a US official tells CNN that investigators have not yet concluded that the cyberattack was directed by the Russian government.
- June 15, 2016 – A cybersecurity firm hired by the DNC posts a public notice on its website describing an attack on the political committee’s computer network by two groups associated with Russian intelligence. According to the post, two Russian-backed groups called “Cozy Bear” and “Fancy Bear” tunneled into the committee’s computer system. In response, a blogger called Guccifer 2.0 claims that he alone conducted the hack, not the Russians. As proof, he posts internal DNC memos and opposition research on Trump. Furthermore, Guccifer 2.0 claims to have passed along thousands of files to WikiLeaks. Trump offers his own theory on the origins of the attack: suggesting in a statement that the DNC hacked itself to distract from Hillary Clinton’s email scandal.
- July 22, 2016 – Days before the Democratic National Convention, WikiLeaks posts nearly 20,000 emails hacked from the DNC server. The documents include notes in which DNC chair Debbie Wasserman Schultz insults staffers from the Bernie Sanders campaign and messages that suggest the organization was favoring Clinton rather than remaining neutral. Wasserman Schultz resigns in the aftermath of the leak.
- July 25, 2016 – The FBI announces it has launched an investigation into the DNC hack. Although the statement doesn’t indicate that the agency has a particular suspect or suspects in mind, US officials tell CNN they think the cyberattack is linked to Russia.
- July 27, 2016 – During a press conference, Trump declares Russia may have hacked the State Department. He connects the suspected Russian cyberattack on the DNC to Clinton’s use of a private email server while she was Secretary of State. “Russia, if you’re listening, I hope you’re able to find the 30,000 emails that are missing,” says Trump. Newt Gingrich, a Trump surrogate, defends Trump in a Tweet, dismissing the comment as a “joke.”
- August 12, 2016 – Hackers publish cell phone numbers and personal email addresses for Nancy Pelosi and other members of the Democratic Congressional Campaign Committee. Pelosi says she has received “obscene and sick calls” from strangers. She advises targeted colleagues not to allow children or family members to answer the phone or read text messages.
- September 1, 2016 – During an interview with Bloomberg News, President Vladimir Putin says that he and the Russian government have no ties to the hackers. He says that the identity of the culprit or culprits is not as important as the content of the leaks, and ultimately the hackers revealed important information for voters.
- September 22, 2016 – Democrats Dianne Feinstein and Adam Schiff, ranking members of the Senate and House Intelligence Committees, issue a joint statement declaring that based on information they received during congressional briefings, they believe that Russian intelligence agencies are carrying out a plan to interfere with the election. They call on Putin to order a halt to the activities.
- September 26, 2016 – During a presidential debate with Clinton, Trump questions whether the DNC cyberattack was carried out by a state-sponsored group or a lone hacker. “It could be Russia, but it could also be China. It could also be lots of other people. It also could be somebody sitting on their bed that weighs 400 pounds.”
- October-November 2016 – Over the course of a month, WikiLeaks publishes more than 58,000 messages hacked from the account of John Podesta, Clinton’s campaign chairman.
- October 6, 2016 – DCLeaks, a self-described collective of “hacktivists” seeking to expose the influence of special interests on elected officials, publishes a batch of documents stolen from Clinton ally Capricia Marshall.
- October 7, 2016 – The Department of Homeland Security and the Office of National Intelligence on Election Security issues a statement declaring that the intelligence community is “confident that the Russian Government directed the recent compromises of emails from US persons and institutions.” According to the statement, document releases on websites WikiLeaks and DC Leaks mirror the methods and motivations of past Russian-directed cyberattacks.
- November 29, 2016 – A group of Democratic senators sends a letter to President Barack Obama calling on intelligence agencies to declassify information about “the Russian Government and the US election.” Sources later tell CNN that new intelligence has been shared with lawmakers suggesting that Russia’s purpose for meddling in the election was to sway voters towards Trump, rather than broadly undermining confidence in the system.
- December 9, 2016 – The Washington Post reports the CIA has determined that Russian hacking was conducted to boost Trump and hurt Clinton during the presidential campaign. The Trump transition team dismisses the CIA’s findings, releasing a statement, “These are the same people that said Saddam Hussein had weapons of mass destruction.” President Obama asks intelligence agencies to review the hacking incidents in 2016 and other cyberattacks on political campaigns dating back to 2008. The agencies are asked to deliver their findings before Obama leaves office on January 20. A Russian foreign ministry spokesman expresses skepticism about the review and asks US investigators to share their evidence of government-sponsored cyber espionage. Meanwhile, media critics question the Post’s reliance on anonymous sources for the CIA report and advise readers to be wary of claims in the article due to the lack of publicly available evidence to support the spy agency’s conclusions.
- December 10, 2016 – John McCain, Chuck Schumer, Lindsey Graham and Jack Reed issue a joint statement calling on Congressional Republicans and Democrats to work cooperatively on securing future elections and stopping cyber attacks.
- December 11, 2016 – Sources tell CNN that although US intelligence agencies share the belief that Russia played a role in the computer hacks, there is disagreement between the CIA and the FBI about the intent of the meddling. While the CIA assessment shows that the Russians may have sought to damage Clinton and help Trump, the FBI has yet to find proof that the attacks were orchestrated to elect the Republican candidate, according to unnamed officials. Furthermore, some sources say the hackers also infiltrated the Republican National Committee’s computers.
- December 12, 2016 – CNN reports that Russian hackers accessed computer accounts of Republican lawmakers and GOP organizations. A source with knowledge of the investigation says that even though hackers breached the GOP computers, they opted not to release documents en masse.
- December 13, 2016 – The New York Times publishes a detailed account of the DNC’s delayed response to initial warnings in September of 2015 that its network had been infiltrated by hackers. The report outlines how phishing emails and communication failures led to a sweeping cyberattack. The story also lays out evidence that Guccifer 2.0 and DCLeaks were linked to Russia. A second article in the Times chronicles the hacking of Democratic Congressional Campaign Committee, housed in the same building as the DNC. According to the report, Guccifer 2.0 stole tens of thousands of documents and offered them to reporters in districts where Democratic candidates were engaged in competitive races for House seats.
- December 29, 2016 – President Obama issues an executive order with sanctions against Russia. The order names six Russian individuals who allegedly took part in the presidential campaign hacking. Additionally, 35 Russian diplomats are ordered to leave the US within 72 hours.
- January 3, 2017 – Julian Assange of WikiLeaks says that the Russian government did not provide him with the hacked DNC emails during an interview with Sean Hannity on the Fox News Channel.
- January 3-4, 2017 – In a series of tweets, Trump questions the US intelligence community’s claims that the Russian government interfered with the election. He alleges that intelligence officials have delayed a scheduled meeting with him but sources tell CNN that there has been no change to the schedule. Trump also cites Assange’s interview to back his assertion that a rogue hacker, not the Russian government, may have meddled in the election.
- January 5-6, 2017 – Intelligence officials meet separately with Obama and Trump to present the results of their probe into cyber espionage during the presidential campaign. After the president and the president-elect are briefed, the Office of the Director of National Intelligence releases a declassified version of the report. According to the report, hackers did not breach voting machines or computers that tallied election results but Russians meddled in other ways. Among the findings: Putin ordered a multifaceted influence campaign that included hacking and pro-Trump propaganda; bracing for a possible Clinton win, Russian bloggers were prepared to spread a hashtag #DemocracyRIP on Election Night; paid social media users, aka “trolls,” shared stories about Clinton controversies to create a cloud of scandal around her campaign.
- January 6-7, 2017 – Trump issues a statement after his meeting with intelligence officials. In the statement, he acknowledges that the Russian government may have been linked to the DNC hacking but declares that cyberattacks did not impact the outcome of the election because voting machines were not breached. In a series of tweets, he repeats that hacking did not affect election results and says that he wants to improve relations with Russia.
- February 9, 2017 – The Washington Post reports that Trump’s national security adviser, Michael Flynn discussed sanctions with Russian ambassador Sergey Kislyak during the presidential transition. Vice President Mike Pence and other Trump administration officials said in January that Flynn did not talk about policy when he spoke to the ambassador. The Washington Post story is based on interviews with nine officials who spoke on the condition of anonymity. One day after the report is published, Trump tells reporters that he has not read the story and says he will look into it.
- February 13, 2017 – Flynn resigns. In his resignation letter, he explains that, “because of the fast pace of events, I inadvertently briefed the Vice President Elect and others with incomplete information regarding my phone calls with the Russian ambassador.”
- February 17, 2017 – Members of the Senate Intelligence Committee meet with FBI Director James Comey in a closed-door session. One attendee tells CNN that Russia was the topic of the briefing and after the meeting, committee member Marco Rubio says in a tweet that the Senate will conduct a bipartisan investigation into alleged meddling by Putin.
- March 10, 2017 – In an interview with the Washington Times, Trump ally Roger Stone says that he had limited interactions via Twitter with Guccifer 2.0 during the campaign. He says the exchanges were “completely innocuous.” The following day, the New York Times publishes its own interview with Stone, in which he says that his communication with Guccifer 2.0 took place after the DNC hack, proving there was no collusion with the Trump campaign to arrange the cyber attack.
- March 20, 2017 – During a hearing on Capitol Hill, Comey confirms that the FBI is investigating links between Russia and members of the Trump campaign.
- May 9, 2017 – President Trump fires Comey days after the FBI director testified before the Senate Judiciary Committee.
- June 1, 2017 – In public remarks, Putin says that hacking during the presidential election campaign may have been carried out by patriotic Russian citizens who felt compelled to respond to perceived slights against Russia from America. Putin says, however, that the Russian government played no role in the cyber attacks. During an interview days later, Putin says that a child could have easily hacked the American presidential campaign.
- June 5, 2017 – An investigative website, the Intercept posts a report that the Russian government coordinated a spear-phishing attack on computers at an American voting machine company and compromised at least one email account. The article is based on an NSA memo that was leaked to the Intercept. Hours after the story is published, the source of the leak is identified as a government contractor named Reality Leigh Winner, 25. She is charged with transmitting classified information.
- June 19, 2017: UpGuard revealed from June 1 to June 14, 2017 Read the Report, Data of nearly all registered US voters left unsecured for weeks in RNC trove Personal data, including names, addresses, voter registration details and social media posts, made vulnerable because of improper security settings The Guardian personal details of nearly every registered voter in the US
- June 21, 2017 – During a Senate hearing, a Department of Homeland Security official says that hackers linked to the Russian government targeted voting systems in up to 21 states.”
Quoting the Steele Dossier about planting malware in cheap Russian IT games: “In terms of the FSB’s recruitment of capable cyber operatives to carry out its, ideally deniable, offensive cyber operations, a Russian IT specialist with direct knowledge reported in June 2016 that this was often done using coercion and blackmail. In terms of ‘foreign’ agents, the FSB was approaching US citizens of Russian (Jewish) origin on business trips to Russia. In one case a US citizen of Russian ethnicity had been visiting Moscow to attract investors in his new information technology program.
The FSB clearly knew this and had offered to provide seed capital to this person in return for them being able to access and modify his IP, with a view to targeting priority foreign targets by planting a Trojan virus in the software. The US visitor was told this was common practice. The FSB also had implied significant operational success as a result of installing cheap Russian IT games containing their own malware unwittingly by targets on their PCs and other platforms.
In a more advanced and successful FSB operation, an IT operator inside a leading Russian SOE, who previously had been employed on conventional (defensive) IT work there, had been under instruction for the last year to conduct an offensive cyber operation against a foreign director of the company. Although the latter was apparently an infrequent visitor to Russia, the FSB now successfully had penetrated his personal IT and through this had managed to access various important institutions in the West through the back door.
6. The senior Russian government figure cited above also reported that non-state sponsored cyber crime was becoming an increasing problem inside Russia for the government and authorities there. The Central Bank of Russia claimed that in 2015 alone there had been more than 20 attempts at serious cyber embezzlement of money from corresponding accounts held there, comprising several billions Roubles. More generally, s/he understood there were circa 15 major organised crime groups in the country involved in cyber crime, all of which continued to operate largely outside state and FSB control. These included the so-called ‘Anunak’, ‘Buktrap‘ and ‘Metel’ organisations.
– Further evidence of extensive conspiracy between campaign team and Kremlin, sanctioned at highest levels and involving Russian diplomatic staff based in the US
– TRUMP associate admits Kremlin behind recent appearance of DNC e-mails on WikiLeaks, as means of maintaining plausible deniability
– Agreed exchange of information established in both directions.
Team using moles within DNC and hackers in the US as well as outside in Russia. PUTIN motivated by fear and hatred of Hillary CLINTON. Russians receiving intel from team on Russian oligarchs and their families in US
– Mechanism for transmitting this intelligence involves ‘pension’ disbursements to Russian emigres living in US as cover, using consular officials in New York, DC and Miami
– Suggestion from source close to TRUMP and MANAFORT that Republican campaign team happy to have Russia as media bogeyman to mask more extensive corrupt business ties to China and other emerging countries”
Top-Secret NSA Report Details Russian Hacking Effort Days Before 2016 Election June 5, 2017 The Intercept: “Russian General Staff Main Intelligence Directorate actors … executed cyber espionage operations against a named U.S. company in August 2016, evidently to obtain information on elections-related software and hardware solutions. … The actors likely used data obtained from that operation to … launch a voter registration-themed spear-phishing campaign targeting U.S. local government organizations.”
Federal contractor Reality Leigh Winner arrested for sending classified NSA intelligence to news outlet “A 25-year-old federal contractor is facing charges she leaked a classified National Security Agency document to a news outlet in May.The charges against Reality Leigh Winner came about an hour after the publication of a story based on an NSA document detailing Russian attempts to hack American voting systems in 2016.” Washington Examiner
* * *
Tea Leaves and his colleagues plotted the data from the logs on a timeline. What it illustrated was suggestive: The conversation between the Trump and Alfa servers appeared to follow the contours of political happenings in the United States. “At election-related moments, the traffic peaked,” according to Camp. There were considerably more DNS lookups, for instance, during the two conventions.
In September, the scientists tried to get the public to pay attention to their data. One of them posted a link to the logs in a Reddit thread. Around the same time, the New York Times’ Eric Lichtblau and Steven Lee Myers began chasing the story.* (They are still pursuing it.) Lichtblau met with a Washington representative of Alfa Bank on Sept. 21, and the bank denied having any connection to Trump. (Lichtblau told me that Times policy prevents him from commenting on his reporting.) Slate
The spike in August was at the same time the Mercer camp and their SuperPac money publicly joined Trump, with Kellyanne Conway replacing Paul Manafort as Campaign Director and Steve Bannon getting more heavily involved in the Campaign.
4/3/17 Keith Olberman on Trump’s panic over the Russian election hack, which may be about Cambridge Analytica getting the official voter information rolls from about 20 States. Cambridge Analytica has been run by Steve Bannon and owned by Trump’s savior donors, Robert and Rebekah Mercer. Mikhael Kalugin identified as the Steele Dossier Russian spy under surveillance at the US Embassy, and the key player in the election scheme, suddenly pulled back to Moscow.
Trump gave a speech in New York City on June 22, which was written to be delivered on June 9, the same day as the Campaign was anticipating receiving Kompromat, or a Blackmail File, on Clinton’s campaign. The press conference was delayed until the 22nd because of the Pulse nightclub shooting in Orlando. The same day as this speech was delivered, the Trump Tower – Alfa Bank Pings began. Full Transcript and Video on Politico. “Because it’s not just the political system that’s rigged. It’s the whole economy. It’s rigged by big donors who want to keep down wages. It’s rigged by big businesses who want to leave our country, fire our workers, and sell their products back into the U.S. with absolutely no consequences for them. It’s rigged by bureaucrats who are trapping kids in failing schools. It’s rigged against you, the American people. Hillary Clinton has perfected the politics of personal profit and theft. She ran the State Department like her own personal hedge fund – doing favors for oppressive regimes, and many others, in exchange for cash. Then there are the 33,000 emails she deleted. While we may not know what is in those deleted emails, our enemies probably do. So they probably now have a blackmail file over someone who wants to be President of the United States. This fact alone disqualifies her from the Presidency. We can’t hand over our government to someone whose deepest, darkest secrets may be in the hands of our enemies.”
June 22, 2016:
(5) FWIW. June 22: 10 days after Trump’s Reddit gets a big spike in members, less than 2 weeks post-Jr.’s meeting, TT-Alfa Bank pings begin. pic.twitter.com/lO2nViMitX
— Seth Abramson (@SethAbramson) July 10, 2017
June 12, 2016
(h/t DM) 72 hours after Don Jr met with a Russian agent at Trump Tower, the top Trump fan-site had its largest-ever membership spike by FAR. pic.twitter.com/3ntfZ6USfi
— Seth Abramson (@SethAbramson) July 10, 2017
“An alleged computer hacker being held in the Czech Republic is at the centre of an international legal tussle between the United States and Russia amid lingering disquiet over Moscow’s alleged interference in the recent US presidential election.
Yevgeniy Nikulin, 29, faces extradition requests from both countries after being detained by Czech police on an Interpol arrest warrant issued by US authorities.
Nikulin, a Russian citizen, was arrested in a restaurant in Prague on 5 October shortly after arriving in the city during a holiday with his girlfriend.
He faces a maximum 30 years in prison and up to $1m in fines if convicted on charges including computer intrusion, aggravated identity theft, conspiracy, damaging computers and trafficking in illegal access devices.
There is no acknowledged link between Nikulin’s alleged offences and the hacking of Hillary Clinton’s presidential campaign, but his arrest came just three days before the Obama administration formally accused Russia of stealing emails from the Democratic National Committee and disclosing them through WikiLeaks.
Formspring, one of the sites he allegedly hacked, was the platform used for sexting by Anthony Weiner, the former New York mayoral candidate and husband of Huma Abedin, Clinton’s closest aide. The discovery of emails linked to Clinton on Weiner’s laptop damaged her campaign in its final two weeks after the FBI director, James Comey, revealed their existence.
Meanwhile, Russia has responded to the American extradition request against Nikulin by tabling one of its own, demanding that he be returned to face allegations dating back to 2009 that he hacked another person’s bank account and stole 111,000 roubles (£1,465).
“He was never formally accused at that time. I think the reason is that he was recruited [by the Russian security services],” said Ondrej Kundra, political editor with the Czech weekly magazine Respekt, which has reported that the Russian services offer alleged offenders immunity from prosecution in exchange for collaboration.
“There’s intense lobbying in this case. People from the US and Russian side are talking to the Czech authorities because both really want Nikulin in their countries.”
Fuelling speculation is the existence of sealed US court documents, tabled six days after the original indictment against Nikulin on 20 October but whose contents have not been revealed.
“A number of documents were filed under seal, which means you cannot talk about them,” a US justice department spokesman told the Guardian.
Adam Kopecky, Nikulin’s Czech lawyer, said his client denied both the US and Russian charges and suggested he had become a political pawn. “My client and myself think it’s a political affair,” Kopecky said.
“Given the international situation, when one superpower accuses a citizen of the other of hacking their computers and then the other superpower accuses the same citizen of another crime, it’s kind of strange.”
Nikulin has suffered health problems since his arrest, his lawyer said.
Kopecky lodged an official complaint after prison authorities put his client under high-level supervision that included monitoring his communications with the lawyer.
“He is unhappy about being detained for a long time in a foreign country and about the accusations against him. He wants to return to Russia – but as a free man,” Kopecky said.
The case is currently in the hands of Prague’s chief prosecutor, who is expected to issue a decision on the twin extradition requests at the end of this month or early in February, a spokeswoman for the city’s municipal court said.
Russia’s embassy in Prague declined to comment but cited a previous foreign ministry statement in which a spokeswoman compared the affair to other incidents and called it “another proof that the US law enforcement agencies are hunting for Russian citizens across the world”.
A 32-year-old Russian computer programmer named only as Lisov was arrested by Spanish police at Barcelona airport this month on another US arrest warrant. Police in Spain said he was suspected of leading a financial fraud network and having designed and used software to steal account details from banks and individuals.
Another Russian citizen, Roman Valerevich Seleznev, was convicted last year of 38 hacking-related charges by a US court after he was arrested and extradited from Guam in 2014. Russia said Seleznev’s arrest amounted to “kidnapping”.” The Guardian
Yandex raided for Treason in Kiev, Ukraine
Russian search engine Yandex’s Ukraine offices raided for ‘treason’ Sending data home to Putin, puffs president Poroshenko 30 May 2017 The Register.co.uk “Already under sanctions by the Ukrainian government, Russian search giant Yandex has been raided by the country’s security services. The raids, in capital Kiev and the southern city Odessa, were conducted under the treason articles of the country’s criminal code, according to Russian state newsagency TASS. Reuters says the basis of the complaint is that the company is collecting user data on Ukrainians and sending it back to Russia. The SBU has posted a statement saying the information sent to Russia was “for use in reconnaissance and acts of sabotage”. The Register Poroshenko requesting people cut off Yandex from access.
President of Ukraine Poroshenko, Translated from VK Social Media:
“Hybrid warfare requires adequate responses to the challenges. Therefore, in order to influence the game and my team has used counter-top in some Russian social networks.
But the massive Russian cyber attacks around the world, in particular – the recent intervention in the election campaign in France, suggest that it is time to do things differently and more strongly.
Ukrainian ISPs should stop providing access to “facebook”, “Classmates”, “Yandex” and other Russian services. All official pages of the President in these services will be closed. I urge all fellow citizens to immediately leave from Russian servers for security reasons.”
“Ransom Hackers Who Hit Hospitals Dealt Setback; May Return,” by Bloomberg’s Jordan Robertson: “The cyber-attack that spread rapidly around the globe was stifled when a security researcher disabled a key mechanism used by the worm to spread, but experts said the hackers were likely to return as many computers remain at risk. Hackers can still gain easy access to personal computers that lack a security update issued in March by Microsoft Corp. to fix the vulnerability in its Windows operating system. … More than 75,000 computers in 99 countries were compromised in Friday’s attack, with a heavy concentration of infections in Russia and Ukraine.”
Russia has actual spy college, wherein people get trained in a variety of legitimate careers and then placed in strategic companies and organizations for espionage. They acually employ hackers, as the investigations have shown.
THE DNC EMAIL HACK
Hacked from March 2015-June 2016
THE PODESTA EMAILS
Hacked in March 2016 and released October 2016