Pompeo Points the Finger
Pompeo’s finger point is in regards to the disclosure that Hackers Broke Into the US Treasury, Nuclear Agency, Microsoft, and 18,000 Companies.
Security Breaches
- US Treasury
- Energy Department
- Department of Homeland Security
- State Department
- Health and Human Services
- At least 18,000 corporations who downloaded SolarWinds updates
- While 80% of the victim companies were based in the U.S., Microsoft said that targets were also hit in the U.K., Canada, Mexico, Belgium, Spain, Israel and the United Arab Emirates.
Pretty Clearly the Russians
‘We can say pretty clearly that it was the Russians,’ says Pompeo in a radio interview.
“This was a very significant effort, and I think it’s the case that now we can say pretty clearly that it was the Russians that engaged in this activity,” Mr. Pompeo said in a Friday night interview with radio host Mark Levin.
“There was a significant effort to use a piece of third-party software to essentially embed code inside of U.S. government systems and it now appears systems of private companies and companies and governments across the world as well,” Mr. Pompeo said.
Government officials and cybersecurity experts have concluded that Russia is likely responsible for the hack in part due to the extreme skill involved as well as other classified clues, according to people familiar with the matter. A handful of senators who have received briefings in recent days have openly referred to it as a Russian operation.
Mr. Pompeo gave no indication of how President Trump, who leaves office on Jan. 20, might respond. Mr. Trump hasn’t addressed the hack publicly, drawing criticism from Democratic lawmakers and some cybersecurity experts.
“There are many things that you’d very much love to say, ‘Boy, I’m going to call that out,’ but a wiser course of action to protect the American people is to calmly go about your business and defend freedom,” Mr. Pompeo said.
What Does Trump Say?
Russia, Russia, Russia
Hackers broke into the US Treasury
, Energy Department, Department of Homeland Security, State Department, Health and Human Services, and at least 18,000 corporations.
We do not know how long this has been going on other than at least 4 years, and we do not know what corporate business the hackers stole.
Yet, Trump downplays this as did Pompeo.
Voting Machines
The reference to voting machines came up on Twitter yesterday.
Tin Foil Hats
Questions Abound
- With Trump’s preposterous comments out of the way, is it “clear” Russia did it?
- How about “pretty clear”?
- Is “pretty clear” good enough to openly place blame?
- Could it be China?
- Could it be the NSA?
- What about the “handful of senators who have received briefings in recent days who have openly referred to it as a Russian operation”?
In regards to point number 5, please recall the NSA tapping into German Chancellor Angela Merkel’s phone.
Also recall the NSA breaking into Iranian nuclear operations turning on Iran’s centrifuges to such a high rate that it it destroyed them.
We know about the centrifuges because the US bragged about it. We only know about Merkel’s phone because of Edward Snowden.
Denial
The US was spying on US citizens and global leaders alike while openly denying such operations.
Mistrust
The US intelligence tell us what they want us to believe as opposed to what is actually taking place.
Let that sink in because it happens time and time again. The NSA openly lies to Congress as well.
Hiding Evidence
We have no evidence. Ironically, we do have a clear evidence of hiding evidence.
“There are many things that you’d very much love to say, ‘Boy, I’m going to call that out,’ but a wiser course of action to protect the American people is to calmly go about your business and defend freedom,” Mr. Pompeo said.
What the hell does that mean?
- We have no evidence but we pretend we do so you will have more confidence in us
- We believe it is in out best interest to not let you know what is going on. If so, who are they protecting and why?
So when a pack of Senators tells us they were briefed “Russia Did It”, what do we really know?
What We Really Know
There are only three things we really know about this security disaster.
- US officials, except for Trump, want us to believe Russia did it.
- Trump wants us to believe China may have done it.
- We cannot genuinely trust what anyone says.
In short, we do not know what they know or even what they believe. We only know what they want us to believe.
That does not mean Russia did it. Nor does it mean Russia did not do it.
The preponderance of evidence may very well point to Russia, but no one seems willing to disclose the evidence.
The NSA was caught spying on allies and foreign corporations, then lied to Congress about it.
That does not inspire faith in what we are being told now.
Mish
How did the Russians get so computer savvy? Bill Gates hanging out with Epstein too much?
Occam’s razor dictates that you choose the simplest explanation: Russia. Russian has the means, the motive, and the opportunity. All Libertarian explanations are useless and unproductive. Except for Trump and Other Loonies, I trust my government. Trump is irrelevant. The Trump supporters in my Cigar Lounge never mention him anymore. T
There is a large difference in listening in on other countries and waging a cyber war. The first is traditional spying done by everyone, even Germany, the Russian operation is an attack. We need to tighten down our cyber defenses. Any cyber strikes against Iran, Russia, and China are moral and justified against totalitarian regimes who are dangerous adversaries. No moral equivalence here. We are now in the Post Modern Cold War. It is necessary for President Biden to organize a coherent policy that will begin to take the battle to these evil regimes.
I recommend reading the series of tweets above by people who’ve been following SVR and GRU for years. SVR is the normal civilian government of Russia that conducted what in effect was a reconnaissance mission. We spy on their networks and they spy on ours. If this was GRU, there would be way more concern. Remember Russia cannot afford the US government to be in complete chaos because eventually that means the dollar will become worth less. It also violates all norms.
From a technical perspective, I am surprised that any of these important computers are on a live network for any longer than they need to be. Years ago, we had the Federal Reserve as a customer in a previous job and they were the customer that didn’t want an ethernet interface on the product we were selling them. They asked for a modem. We asked them why. They said they don’t leave their computers connected to the network for anything other than necessary transactions and and that having a modem and no network was the best security feature they could have. In essence, they take their computers off the network so they cannot be hacked and only use dialup connections for transactions at the end of each day. It makes you wonder why corporations and more units of government allow their networks to be open for so long. I’ve gotten in the habit of taking my network interface down at the end of each day on my home computers and disabling WiFi on my cell phone at night.
now comes reporting that Trump diverted funds away from the DHS unit charged with guarding against such hacks toward funding his wall.
Donald Trump will never allow his government to blame Putin for anything.
But, it has been confirmed by those who do know, it was the russians, and an official statement to that effect was drafted and set for release and Trump stopped it in order to cast doubt and blame the Chinese.
This hack makes 2016 look like a little girl’s tea party for her dolls.
This is an act of war.
Trump will soon be gone (no matter what that entails) and it will be up to Biden to craft a response that shows Putin that his years of getting away with war on the Americans is over.
….you do need help….like many other deluded minds….Go figure, the world’s n° 1 warmonger is blaming Russia, a nation showing remarkable restraint despite continuous attacks against its legitimate geopolitical interests, of unproven cyber attacks…. Biden should bomb Moscow, right ? …or what about some counter cyber attacks? ..but then the CIA has already been doing that for ages ….
China made a clever move by hacking and let it fall on Russia so they could enjoy
their economy booming.
Remember China released the COVID-19 virus so they could sell medical supplies
throughout the world.
China has an extreme interests in controlling US, made it weak because the following reasons:
1. Trump killed it with trade policies, Trump treated Russia better
2. China paid Hunter Biden, Putin paid Hunter nothing
3. There are a lot of frictions between China and US and much less between US and Russia.
4. China and North Korea are well known in Cyber Security strength and hacking especially with AI-based security tools. China is leading the world in AI !
5. Trump foreign policies will be hostile toward China if he will have another 4 years.
6. US/Trump protects Taiwan and it is No. 1 issue fir China as it wants to take back Taiwan but face the strong resistance from Trump.
7. China has the ambition to be No. 1 in world economy, and in 5 years, it will double the no. of middle class Chinese, so US needs to be defeated economically. In order to be leader, it will need to destroy dollar or US currency as world currency, and yuan will replace dollars. Hence, US needs to be destroyed once Democrat politicians step up to run US with massive debts added, bigger growth in poverty.
Russia is at much smaller size in terms of population, economic power, and Russia has more interest in Middke-East via Iran route.
This has to be the most bonkers weekend in the white house in a while. Rudy wants to impound the voting machines. Sidney Powell wants to be declared special counsel, Mike Flynn wants to declare martial law and Donald Trump has the theory that it wasn’t Russia but China that hacked the U.S. gov’t
Hi Sechel, nice to see you again dude! What you say is a nice little scratch on the surface of what perfidy these clowns are up to, they should all be en route to Guantanamo right now to face treason and sedition charges by military tribunal as any other terrorists would be. And if the right objects sent them all to FEMA camps in the desert, I understand there will be a few emptied out of little brown kids come January 20.
Who gives a damn about a hack when an election was stolen by the wrong people…
Jonathan Swan
@jonathanvswan
I’ve been covering Donald Trump for a while. I can’t recall hearing more intense concern from senior officials who are actually Trump people. The Sidney Powell / Michael Flynn ideas are finding an enthusiastic audience at the top.
Officials increasingly alarmed about Trump’s power grab
Officials say Trump is spending too much time with people they consider crackpots or conspiracy theorists.
axios.com
2:24 PM · Dec 19, 2020·Twitter Web App
6.2K
Retweets
1.2K
Quote Tweets
17.2K
Likes
I think the blame rests squarely with the idjit that made their password SolarWinds123, with secondary blame for the people that trusted him.
That was to get to the update server and download the software build. Meaningless, just like I can download Chrome without a password. That does not mean I can get to Google’s version control and modify Chrome so it sends me your credit card numbers. The actual hack was modified code in SolarWinds version control system weaponizing the software. Completely different systems.
Mish you have overstated – planning for the attack may have begun four years ago but the actual compromise took place during the past year.
As to the Ruskies, attribution of any cyberattack is incredibly difficult. Certainly the GRU has such capabilities. The only way you can definitely pin it down beyond a confidence interval is if you catch said foreign agency with some of your documents, say by NSA intercept. And even then, did they get them or did they steal them from another party who actually did the hack?
Lawrence there are many times the intel is absolutely certain of the attribution. This is one of those times.
To give you an idea of the capabilities please check out Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin’s Most Dangerous Hackers, or go all the way back to the Apt1 release Mandiant did way back then.
It doesn’t mean all things can be attributed but many can – because we have thoroughly penetrated their networks.
As to why we would not always interrupt attacks in progress we will need some bourbon to discuss game theory. 🙂
Happy holidays.
You are still asking the public to believe you know, and frankly you could not present real proof as any presentation could be invented. I think very few who work say for NSA would feel confident in their appraisal, that only due to the fact that they are very familiar with the quality and source of information they receive, the physical attributes of networks they monitor. Even there, where “we have thoroughly penetrated their networks” also means that the ability to spoof them or information as provided by them also exists.
Therefore it really will only stay as a match of reputation, confidence, or propaganda ability, as far as most people are concerned… ok not most people, most people already have decided who they choose to trust and don’t compare, but you understand what I am saying.
So from a different side , for the sake of argument if nothing else
” Security researcher Vinoth Kumar told Reuters that, last year, he alerted the company that anyone could access SolarWinds’ update server by using the password “solarwinds123”
“This could have been done by any attacker, easily,” Kumar said.”
Kumar is a moron that has no idea how systems are built and distributed. See my response to Zardoz.
I take that back, Kumar is not a moron. The people who wrote the article in question are though. He was careful to say that access to the update server alone would not be capable of a hack, you would also need the signing certs as well as access to the build servers. So the article is crap.
“Kumar is not saying alleged exposed server credentials played a role in the compromise of SolarWinds’ Orion platform, though he acknowledges that’s a possibility. If anything, it’s an indicator SolarWinds’ security prowess.
“I think it would be possible the attackers could have used the same FTP credentials initially before they acquired a signing certificate,” he said.
“If they had accessed the build servers, they wouldn’t need FTP credentials. But if they just got hold of a signing certificate and FTP credentials, they could modify the .dll, sign it, and upload it to the FTP server.”
It was the SVR.
I would have liked Trump much better if he didn’t reflexively replace the Russia, Russia, Russia narrative with his own China, China, China hysteria. He’s just as bad as the blue team Russiagate people, he just wants a different bogeyman.
Fortunately Trump didn’t go the Sidney Powell route and also try to blame Iran and Venezuela.
That’s only because he’s forgotten about Iran and can’t pronounce Venezuela.
Sidney Powell’s insane claims about the election being stolen have left judges across the country shaking and scratching their heads. But during a bonkers Oval Office meeting with her on Friday night, President Trump floated the idea of appointing her as a special counsel investigating voter fraud.
Two sources familiar with the matter confirmed to The Daily Beast that Trump and Powell held the Friday meeting to discuss their baseless theories of mass election fraud.
According to The New York Times, which first reported the meeting, some aides were left in shock at Trump’s suggestion of making Powell a special counsel. Even Rudy Giuliani, Trump’s most loyal foot soldier in his election fraud crusade, was against the idea.
Powell was reportedly accompanied in the Oval Office by her former client, Michael Flynn, the ex-national security adviser who recently suggested that Trump should invoke martial law to allow the military to “re-run” the election. During the meeting, Trump asked about Flynn’s suggestion, the Times reported.
Powell, who has espoused QAnon beliefs, has spouted numerous convoluted and bizarre election conspiracy theories, too. She has claimed that the 2020 election was rigged by forces from Venezuela, China, and the company that makes voting machines, among others.
Faced with repeated legal losses and no real evidence of massive voter fraud, Powell nonetheless accused other aides of being quitters during the meeting, according to the Times.
A source quoted by CNN on Saturday described the meeting as “ugly” after Powell and Flynn lashed out at others. “It was heated, people were really fighting it out in the Oval,” the source was quoted saying.
Even some of the president’s closest allies vocally opposed some of the insane ideas floated in the meeting. Along with Giuliani, White House counsel Pat Cipollone was against the special counsel idea. Flynn’s idea of invoking martial law was similarly shot down, as was an extraordinary idea for an executive order to seize voting machines, according to the Times, which described the meeting as “raucous.”
Even though Trump’s official legal team and campaign had to disavow Powell weeks ago, the president hasn’t been as eager to cut ties with the conspiracy-theory-spreading MAGA lawyer.
According to multiple sources with knowledge of the matter, in the time since Powell’s ejection from Trump’s legal “strike force,” the president has continued to stay in repeated, direct contact, including over the phone, with Trumpist attorneys Powell and Lin Wood, who have been running their own flailing legal blitzes separate from the legal team. (Powell and Wood’s legal efforts to overturn the 2020 election are in part funded by Trump friend and MyPillow CEO Mike Lindell’s large donations, as The Daily Beast reported Friday night.)
At this point we can state that Trump is a Russian agent selling out the US for his ill gotten Douche Bank loans. He should get exactly what all traitors deserve!
He and his cabal planning a coup should get exactly what any other terrorists get, a one way trip to Guantanamo.
I don’t think 4 years is accurate. They hacked an update to some software that has been rolling out for about 6 months.
Yeah, my understanding was that it was in the spring, which would be about 7 to 10 months.
I think we need to be prepared that Trump will try something truly unprecedented to stay in power. He’s not accepting his defeat and his attempt to claim Russia didn’t hack the U.S. but China did is off the rails looney
Ah, epistemology … how do we know what we know?
In matters of State, it’s faith all the way down.
Relying on putting all your important data on the cloud is one of the stupidest things one could do. It was only a matter of time before we got hacked, and now getting it fixed will be a nightmare.
Not if it is encrypted and the keys are only in your own physical possession.
Then what is the point? Saving a few nickels on admin?
Many of the solarwinds deployments were in traditional privately operated data centers.
This has nothing to do with the cloud.
Not only did Trump try to downplay the hacking but he’s suggested without proof its China. He’s not only contradicting Pompeo but the entire U.S. government and all reporting and once again not offering any proof of the assertion that is very likely to be false. Trump never to a stand on the Navalny poisoning. He pushed back on Russian bounties against U.S. servicemen, he refused to accept the conclusion of U.S. intelligence on Russian activities in the 2016 election and beyond in the United States and now we have this. Just repeating that at this point we have to conclude Donald Trump is compromised when it comes to Russia even if we lack the documentation as to how or why it happened.
We really need the POTUS on Twitter trying to use this major hack as fuel for his bullshit allegations of election fraud. Pathetic.
What an absolutely perfect example of Trump leadership in action.
The only surprise is that Pompeo didn’t back him up.
And….I’d surmise Pompeo is trying to make himself more relevant in the world that is about to matter more than Trump’s world…and that is the world of the Neo-liberal war party that was in power before Trump and is about to be in power again.
They are as as crazy anti-Russia as Trump is pro-Russia…..and that’s a fact.
I’m no lover of Putin, who is clearly the world’s most successful gangster…but I think the Russia threat would be better solved diplomatically. At one point we were on the verge of peace in the world….not surprising we blew it.
He’s going to get worse over the next 30 days. We have to assume he’s going to try anything
You are a silly man.
We ‘have to’ conclude he’s compromised with no evidence to back p that claim but biden isn’t with a truckload of evidence to back up claim?! Funny how the solarwinds thing just came out to put a damper on any thoughts of entertaining the notion of voter fraud that may remain and to also make sure the vaccine accomplishment is downplayed or drowned out by more russian collusion b.s.
If the russians could hack the election 4 yrs ago why could it not be hacked by anyone else today? like the chinese?!
The fact is that any Network Performance Monitor vendor is exposed to having hackers or friends of hackers on their support staff. Any cloudbased NPM solution and vendor is at risk for the same type of ‘hack’.
Trump won’t baselessly blame anyone because that’s what’s been done to him for 4 yrs. But I am sure there are plenty of ‘unknown sources’ aka non existent claimed sources that will continue to push this russian hack hoax to take the scrutiny away from the bidens(where was this $%^&*( scrutiny for the past year?!!!!)
And everyone should wake to the fact that ALL NATIONS HACK EACH OTHER!!!!!! and stop acting shocked that it happens or that the U.S. is morally superior in this respect.
Trump’s tweet is not out of context. At this point we have to assume Donald Trump is compromised even if we don’t know exactly how he became compromised. It’s simply the cleanest explanation at this point
A few things I think are true.
All governments in countries that have adequate resources have state-agency hackers who engage in cyber-warfare.
There are plenty of cyber criminals who do plenty of hacking to steal secrets and money..nothing necessarily to do with state players.
Being able to hack into and take over major government systems could potentially be work of either kind of hacker.
As at least two techies here pointed out, it could be an inside job. I doubt that tells us much now. Maybe it might help if we knew for sure.
I also think the takeaway should be that it isn’t that hard to do this kind of thing if the players involved are smart, patient, well-funded, and can carry out a long term plot that takes a fair amount of time to pay off.
Maybe some things should be insulated from the internet completely. You can’t hack what you can’t access.
Iran’s centrifuges weren’t on the internet…they got hacked.
But they were accessed somehow……I’d be interested in hearing a plausible way that might have happened. I would guess it was some great Israeli spy craft. Carried out by actual humans who put themselves at risk inside foreign borders.
This is old school…it can happen……but it’s harder, right?
This other thing….you just plant somebody inside a company…and they work hard, show up, get promoted……and write a few lines of special code and hide it very well.
Or maybe they just exploited the lack of security in the updates and did it remotely. Either way…it really probably wasn’t that hard….and they took little risk. It just took some good planning and execution.
Other people would eventually exploit it with a mouse click.
We need to learn a big lesson here. But I doubt that happens. People are so lazy. People are the ones who pick easy passwords and get phished and so forth. Just human laziness, exploited by anybody with enough brains and determination.
What does it matter whether it was Russia or China…..or Iran…..or Canada? Probably those Canadians again.
The centrifuge malware (Stuxnet) was injected by USB memory sticks. It later became a plague (worm) all over the PC world, even though the pay load could accomplish nothing on them. The pay load was code specially written to drive the Siemens controllers on the centrifuges. Such controllers are such a small slice of the chips around that they are a completely unattractive target except, in this case, for America/Israel. We still don’t know the complete story.
USB devices remain an open threat. If you change the firmware (not easy) there is not much a computer system can do to know something is going on. From the Vault7 revelations we know that the CIA had specific firmware for all the major hard drives around, to get access to the system. A computer system or virus program cannot access the firmware in the device, and can at most identify suspect behavior, if observable.
There is another possibility, and that is that there were various parties involved: insiders colluding with commercial or intelligence interests. Probably not criminal, because keeping this quiet so long shows discipline and long-term goals. Most computer security breaches involve insiders, and are usually embarrassing to confess to. The odds that we will ever know the truth are vanishingly small.
If you have encrypted data, you never want the key anywhere but on devices of which you have physical custody. ALL Cloud solutions are therefore less than 100% secure, if your encryption keys are being used on their processors.
Thank you.
Security isn’t just hard, it’s impossible. One of these days we’ll find out there’s been a massive ongoing penetration inside of AWS. It will not be pretty.