Russian APT could mean USA Collapse. In-Depth Report
Trump’s COVID failure, which has caused more than 415,000 excess deaths in America with another 600,000 anticipated by next spring or thereabouts, is no longer the single greatest leadership failure in US history. Giving away America’s and its allies’ information technology networks to the Kremlin is worse.
The United States is a declared enemy of Russia. The two nations have been at war of one kind or another since WWII. The type of caper the world is looking at now is not much different from what the US has done to Russia in the past. Today it looks as if America will now suffer as much as Russia has suffered until now. The exploits of Russia cannot be said to be better than the American exploits in Russia. It’s what some might call payback.
“Looking at the past connections of Donald Trump, Rudy Giuliani and the pair’s acquaintances including the GOP leadership, America elected a group of treacherous clowns and got what it deserved,” says Simon Baldock, an Israeli security consultant.
In plain language, America is screwed.
Note: Micheal John is a former President of an Armed Forces Communications and Electronics Association (AFCEA) Chapter (8 years), and a high-level IT contractor to NATO-nation governments for secure data collection software-design including within the OASIS security regime.
Explaining an advanced persistent threat.
Once the system security breach takes place, the cyber criminal may never look back again at the third-party software that allowed the system access because the cyber criminal already has total access and considerable at a high-level of privilege.
This allows the ability to enhance and extend access to more applications and more networks.
The Kremlin has taken command of thousands of network nodes on UNIX, UNIX-like operating system platforms, and MS Windows platforms.
The true heavy lifters are UNIX systems, but much of the government mail chatter today is from MS Windows systems.
Far fewer people today understand the older more robust and more secure UNIX which is normally used for massive data management and general server functions. Windows, by comparison, is a puppy dog, the Kremlin being the master as it is the expanding master of America’s heavy lift systems. Windows seems to be the entry point. But the playground is on UNIX nodes.
General media reports talk about a security breach through a network management software package called SolarWinds. But what really has happened is that the software in question, is just one of several breaches, dating back over a year.
The Security Assertion Markup Language (SAML), that is being reported as the key element of the Russian breach was developed by the Security Services Technical Committee of OASIS, as an XML-based framework for communicating user authentication, entitlement, and attribute information. (Executive Overview | Technical Overview| SAML Specifications | Knowledgebase).
Now that the intruder is inside so many systems, none of this matters.
Here is the growth potential of the Advanced Persistent Threat
Donald Trump tried to divert blame from Kremlin to Beijing for calamitous Advanced Persistent Threat (APT) which in other words is a takeover of America.
The United States Secretary of State Mike Pompeo claimed yesterday that Russia is behind the advanced persistent threat that FPMag has determined began in late 2019 with an obvious implantation in spring 2020. That seems to be an unequivocal fact based on recent years of observations of the actual actors involved. They never went away. As they dug deeper and exposed more, they brought in the big guns—the super geeks.
Donald Trump has said that China was responsible. That is a problem and moreover adds to the thread of evidence suggesting Trump, as he was in the killing of Jamal Khashoggi, complicit to some degree.
In a previous article, FPMag has suggested that Trump should be arrested immediately on this matter. He claimed in 2018 to be the author of America’s cyber security regime following his tete-a-tetes with Vladimir Putin in July 2018. Trump then set all new dictates for the conduct of cyber security. It was like the rearrangement of the deck chairs on the Titanic.
Today Putin is looking at Trump like dog dirt. Putin did not need Trump to win the election. He doesn’t need Trump for anything.
The article is not about arresting Donald Trump, it is in lay terms (as best as that can be done given the subject) an explanation of the crime: USA Government not Trustworthy. Disengage networks. Editorial
The US Cybersecurity and Infrastructure Security Agency (CISA) explains the general security problem in bureaucratic doublespeak, but it actually does a good job if one understands the internal language.
Trump’s COVID failure, which has caused more than 415,000 excess deaths in America is no longer the single greatest failure in US history. Giving away America’s and its allies’ information technology to the Kremlin is worse.
— Rosa Yamomoto (@YamaJapPrincess) December 20, 2020
CISA on 17 December with an updated precis on 19 December 2020 says it is now aware of compromises of U.S. Government agencies, critical infrastructure entities, and private sector organizations by an advanced persistent threat (APT) actor beginning in at least March 2020.
“This APT actor has demonstrated patience, operational security, and complex tradecraft in these intrusions. CISA expects that removing this threat actor from compromised environments will be highly complex and challenging for organizations. One of the initial access vectors for this activity is a supply chain compromise of a DLL in the following SolarWinds Orion products: –
- Orion Platform 2019.4 HF5, version 2019.4.5200.9083
- Orion Platform 2020.2 RC1, version 2020.2.100.12219
- Orion Platform 2020.2 RC2, version 2020.2.5200.12394
- Orion Platform 2020.2, 2020.2 HF1, version 2020.2.5300.12432
“CISA has evidence of initial access vectors other than the SolarWinds Orion platform. We are investigating incidents in which activity indicating abuse of SAML tokens is present, yet where impacted SolarWinds instances have not been identified. CISA is working to confirm initial access vectors and identify any changes to the TTPs. CISA will update the Alert as new information becomes available.
“CISA has determined that this threat poses a grave risk to the Federal Government and state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations.
“CISA advises stakeholders to read the Alert and review the associated indicators. For more information about this activity, to include detection and mitigation recommendations, please see the CISA Activity Alert, AA20-352A – Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations.”—Citing CISA latest update.
Here’s the problem. The Kremlin has a better picture of the entire integrated Information Technology network of America, and many NATO allies, than does any single entity in the United States, or anywhere, at any level.
The Trump administration has screwed up worse than any government in history.
In 2019 a new activity began from Russia to either access or injure the United States’ IT framework, authored by some of the same people indicted by the Robert Mueller investigation. The goal was influence of the 2020 election and much of the work was about creating social unrest and general chaos within the social media sphere. Today that includes anyone who can purchase a computing device.
In a number of articles, FPMag sources accused the Kremlin of interference in American and other elections around the world. Those sources have also accused the Kremlin of murder and attempted murder.
Meanwhile, Trump, who gives the appearance of being a Kremlin asset, has been spinning any allegation of Russian malfeasance as hogwash or fake news. That includes escapades of novachok poisoning and corrupting US Government processes.
- Full (redacted) Mueller Report
- From In-depth FPMag Report
Discussions of the current advanced persistent threat, imply the Kremlin is likely inside everything everywhere, or is about to be, including the US advanced research projects agency and all of its working networks. That is worrisome.
The Defence Advanced Research Projects Agency (DARPA) basically created the internet which is really no more than a collection of computers connected together.
In those early days, computers of Universities and Military branches connected together for quick data sharing and massive quantums and general communications.
This arguably goes back to the time of the Manhattan project when computers were arrays of glass tubes in matrixed logic modules.
In fact the Atomic Heritage Foundation claims that, “The development of early computing benefited enormously from the Manhattan Project’s innovation, especially with the Los Alamos laboratory’s developments in the field both during and after the war.”
All the old and new secrets are there. Everything Russia ever wanted to know and has yet to know if it wants to know, are there for the searching.
DARPA is a research and development agency of the United States Department of Defense responsible for development of emerging technologies for use by military users, academia users, and eventually some deices will be and have been migrated to commercial use. Conceptual elements of 5G technology is one example. Another is the flat screen displays in the F-16 Freedom Fighter.
DARPA infrastructure put the flat panel display into older military aircraft long before anyone saw a flat screen TV.
Later that technology emerged on watches, calculators, smartphones and better televisions.
That’s the rear view mirror look at DARPA.
What’s coming next is in DARPA’s windscreen. What’s next might knock your socks off, just thinking about it.
It’s now in the Kremlin’s windscreen.
That’s not good.
Above, Trump’s 16 July meeting with Vladimir Putin. Then in September came this:
Once the door is open, the penetrators will never leave.
In one instance, a US official told a supplier to buy the Russian-infected software. The supplier took this to mean, “do it or be disqualified for future contracts”. The reach of the exploit expanded to many different networks all over the world.
Read the article: USA Government not Trustworthy. Disengage networks. Editorial