News that doesn't receive the necessary attention.

Monday, May 22, 2017

Negligence by Democrat National Committee is sufficient cause for lawsuit. When a company, in this the DNC, knowingly disregards professional computer security warnings, customers and shareholders have cause to sue-Bloomberg, July 2016

7/27/2016, "Democrats Ignored Cybersecurity Warnings Before Theft," Bloomberg, Michael Riley

"The Democratic National Committee was warned last fall (2015) that its computer network was susceptible to attacks but didn’t follow the security advice it was given, according to three people familiar with the matter....

Computer security consultants hired by the DNC made dozens of recommendations after a two-month review, the people said. Following the advice, which would typically include having specialists hunt for intruders on the network, might have alerted party officials that hackers had been lurking in their network for weeks--hackers who would stay for nearly a year. 


Instead, officials didn’t discover the breach until April (2016). The theft ultimately led to the release of almost 20,000 internal e-mails through WikiLeaks last week on the eve of the convention....
  
Cyber-security assessments can be a mixed blessing. Legal experts say some general counsels advise organizations against doing such assessments if they don’t have the ability to quickly fix any problems the auditors find, because customers and shareholders could have cause to sue if an organization knowingly disregards such warnings....


The security review commissioned by the DNC (in 2015) was perhaps the most detailed of a series of missed warnings....

The consultants briefed senior DNC leaders on the security problems they found, the people familiar with the matter said. It’s unclear whether Wasserman Schultz was present. Now, she is likely to face criticism over not only the content of the e-mails -- including one in which a party official proposes pushing stories in the news media questioning Sanders’s Jewish faith -- but also the failure to take steps to stop the theft in the first place.

Shame on them. It looks like they just did the review to check a box but didn’t do anything with it,” said Ann Barron-DiCamillo, who was director of US-Cert, the primary agency protecting U.S. government networks, until last February. If they had acted last fall, instead of those thousands of e-mails exposed it might have been much less.”...

The review found problems ranging from an out-of-date firewall to a lack of advanced malware detection technology on individual computers, according to two of the people familiar with the matter.

The firm recommended taking special precautions to protect any financial information related to donors and internal communications including e-mails, these people said.

The DNC paid $60,000 for the assessment, according to federal filings."...
 





.............. 

Sunday, May 21, 2017

Here we go. Illegal and painful mutilation of little girls' genitals to suppress sexual feeling to be argued as a religious right in Detroit, Michigan-Detroit Free Press

May 20, 2017, "Religious defense planned in landmark Detroit genital mutilation case," Detroit Free Press, Tresa Baldas

"Millions of little girls and young women have been subjected to a painful rite of passage that involves cutting their genitals — often without anesthesia — for centuries in parts of Asia, Africa and the Middle East.

Lawyers plan to claim genital cutting is allowed as a religious right. But legal experts say the First Amendment doesn't bend that far.

On paper, the law seems clear: Cutting any part of a young girl's genitalia is illegal — and no custom or ritual can be used to justify it. The law has been on the books for 21 years, unchallenged.

But in a federal courtroom in Detroit, a landmark case involving the centuries-old taboo ritual is about to put that law to the test for the first time.

And perhaps more historic, a question will be raised in the American legal system that has never been raised before: Does the U.S. Constitution allow for genital cutting, even if it's just a minor nick or scraping, in the name of religion?

Defense lawyers plan to argue that religious freedom is at the core of the case in which two physicians and one of their wives are charged with subjecting young girls to genital cutting. All three are members of the Dawoodi Bohra, a small Indian-Muslim sect that has a mosque in Farmington Hills....

Prosecutors have argued that the federal genital mutilation law is clear: It prohibits "knowingly circumcis(ing), excis(ing) or infibulat(ing) the whole or any part of the labia majora or labia minora or clitoris of any other person who has not attained the age of 18 years."

Assistant U.S. Attorney Sara Woodward has argued repeatedly in court that the defendants knew what they were doing was illegal, but did it anyway. She has called their crimes "heinous" and argues the harm was severe.

According to court documents, in interviews with authorities, the two Minnesota victims described the genital cutting procedures as painful.

One girl said that she got a shot, screamed, and "could barely walk after the procedure, and that she felt pain all the way down to her ankle." The other said she was "laid on an examining table with her knees near her chest and legs spread apart," that she was "pinched" in the genital area, that it "hurted a lot" and that there was "pain and burning."

Both girls were told to keep the procedures a secret, court records show. One said "the doctor made her (friend) cry."

"According to some members of the community who have spoken out against the practice, the purpose of this cutting is to suppress female sexuality in an attempt to reduce sexual pleasure and promiscuity," a Homeland Security Investigations special agent wrote in an April 20 court filing.

Especially egregious, authorities have argued, is that this procedure was carried out by a doctor who took an oath to do no harm.

"She knew that this was illegal but did it anyway," Woodward has said of Nagarwala, stressing: "As a medical doctor, she is aware that female genital mutilation has no medical purpose.""






.............

Egypt Pres. al-Sisi, Saudi King Salman, and Pres. Trump open Global Center for Combating Extremist Ideology

May 21, 2017, "President Trump and King Salman Open “Global Center for Combating Extremist Ideology”," tcth, sundance

Egypt Pres. al-Sisi, Saudi King Salman, and Pres. Trump announce global center for combating extremism:
























































images from The Conservative Treehouse

Per US Treasury press release, Hezbollah, Taliban, and Haqqani Network are among terrorist threats to be addressed: 


5/21/17, "With today’s announcements, the United States, Saudi Arabia, and other strategic partners in the Gulf are confronting new and evolving terrorist networks including ISIS, al Qa'ida, Hizballah, Lashkar–e-Tayyiba, the Taliban, and the Haqqani Network. This collaboration will also address a host of other transnational threats emanating throughout the Middle East, including from Iran, the Assad regime, and the situation in Yemen."...





.....................................

Goodfellas: Paulie (Paul Sorvino) says, what do I know about the restaurant business?



Among favorite Goodfellas scenes: Paulie (Paul Sorvino) says, What do I know about the restaurant business? All I know is how to order a meal. You Tube

"Goodfellas,
" 1990 






..............

California Democrat Party Chair Burton told protesting nurses to 'shut the f*uck up and go outside.' Speaker at earlier Bernie rally said party needs to address working class issues but 'only wants to talk about Russia'-Observer, 5/20/17

5/20/17,"Tom Perez Bombs Speech, California Dem Chair Tells Protesters ‘Shut the F**k Up’," Observer.com, Michael Sainato (This could be Observer in NYC, maybe not. Also couldn't locate story's dateline. Website would be fully legible only if I canceled Ad Blocker. I copied the following text from Free Republic)

"The rift within the Democratic Party was on full display at the California Democratic Party Convention on May 19 in Sacramento, California. Progressives joined members of National Nurses United, protesting the Democratic Party establishment’s refusal to support single payer healthcare system. Rather than follow through with Democratic rhetoric that healthcare is a human right, establishment Democrats have responded to voters by scolding and attacking them. [Exactly like Establishment Republicans]. 

During the first day of the convention, California Democratic Party chair John Burton yelled at protesting nurses to “shut the f*ck up and go outside.” Burton condescendingly told the protesters, “There’s [sic] some people who have been fighting for that issue before you guys were born.”

The California Democratic establishment, like the national party leadership, has favored corporate and wealthy donors, undermining pushes for a single payer healthcare system that would provide Americans with healthcare—not just health insurance. Eric Bauman, the California Democratic Party vice chair and candidate to succeed Burton as the Party’s chair, received $12,500 a month from the pharmaceutical industry to fight proposition 61, which would “cap the price that any state agency or care program could spend on prescription drugs at what the federal Department of Veterans Affairs pays.” Bauman received these payments while earning a six-figure salary as an adviser to California Assembly Speaker Anthony Rendon. Proposition 61 failed to pass in November 2016 after the pharmaceutical industry spent millions of dollars opposing it.

During a rally at the state capitol, National Nurses United Director RoseAnn Demoro told supporters not to wait for establishment Democrats to take the lead on healthcare and making medicare for all a reality. “They cannot be in denial anymore that this is a movement that can primary them.” 

DNC Chair Tom Perez spoke at the California Democratic Party Convention, offering the same meaningless rhetoric and platitudes that have incited boos, protests, and criticisms of his ability to lead. 

“We make sure that healthcare is a right for everyone,” Perez claimed. “And not a privilege for a few.” 

Despite his claim, Perez and the Democratic Party leadership refuse to support Medicare for All, insisting Obamacare just needs a few improvements. Obamacare does not ensure healthcare as a right, but rather serves to maximize benefits to the pharmaceutical and health industries. Perez claims the Democratic Party supports providing healthcare to all Americans, but is unwilling to support the policies that will actually do so. 

After pandering to protesters on the issue and jokingly comparing their presence to infighting at Thanksgiving dinner—a stark change from his constant affirmations that the party is united—Perez reverted to the Democratic go-to in lieu of championing stances on actual issues. 

“We have a president….I don’t know who it is, Putin, or Trump,” Perez said to an uninspired crowd. “They’re in a bromance. This is really weird.” On May 20, House Minority Leader Nancy Pelosi, who also doesn’t support single payer healthcare, focused her speech at the California Democratic Party Convention on Russia as well. 

In contrast, at a rally for Bernie Sanders supporters at the State Convention hosted by the National Nurses United on May 19, former Ohio State Senator Nina Turner explained the need for the Democratic Party to address the issues impacting working, middle class, and low income Americans. “We need to deal with income inequality, racial justice, but Dems only want to talk about Russia!” she said. “We need a party that stands up for people and doesn’t fake it. In the words of Janet Jackson ‘What have you done for me lately?'”"






.....................

Trump tweet displayed on billboard in downtown Riyadh, Saudi Arabia: 'Great to be in Riyadh, Saudi Arabia'-The Hill

May 20, 2017, "Trump tweet projected on billboard in Saudi capital," The Hill, Brandon Carter

 








"A tweet of President Trump’s is being displayed on a billboard in downtown Riyadh, Saudi Arabia during Trump’s visit to the country.

A Bloomberg TV reporter tweeted a photo of the billboard in Riyadh.




































The tweet being displayed was Trump’s first tweet sent during his trip to Saudi Arabia.






















Trump’s first day in Saudi Arabia has been a busy beginning to his nine-day trip to five countries. Leaders of the two countries signed a $110 billion dollar arms deal that would see the U.S. selling Saudi Arabia tanks, helicopters and a THAAD antimissile system. 

“Hundreds of billions of dollars of investments into the United States and jobs, jobs, jobs,” Trump said after signing the deal. "That was a tremendous day. Tremendous investments in the United States.

Saudi Arabia has pulled out all the stops for Trump’s visit to the country, planning a concert from country singer Toby Keith and holding a conference Sunday where Trump will deliver a major speech on Islam."

........................

Below, May 20, 2017, Among billboards on Riyadh highway from airport to hotel: "15+ miles of billboards en route to the hotel. Billboards," Dan Scavino twitter 






















Below, May 20, 2017, Front pages in Riyadh: " - leading the local news cvg here in Kathryn Glass, Bloomberg TV producer






















Below, May 20, 2017, Another front page in Riyadh, Saudi Arabia (in Arabic) (Trump and King photo insert), via Kevin Cirilli, Bloomberg:




Added: Re: Translation of above headlines, a twitter user (below) offered a translation, which may or may not be accurate. I couldn't confirm this translation:





















...........

Saturday, May 20, 2017

Big Three, FDR, Stalin, and Churchill, pledge to work together to defeat Nazi Germany, Nov. 28, 1943. FDR excited to meet Stalin



















"President Franklin D. Roosevelt joined British Prime Minister Winston Churchill and Soviet leader Josef Stalin at a conference in Tehran. AP Photo," via Politico

"FDR attends Tehran conference: Nov. 28, 1943," Politico, Andrew Glass

"On this day in 1943, President Franklin D. Roosevelt joined British Prime Minister Winston Churchill and Soviet leader Josef Stalin at a conference in Tehran that cemented the pledge of an Allied second front against Nazi Germany in Western Europe.

The leaders, known as the Big Three, chose the Iranian capital as the site for their parley, largely at Stalin’s behest. When first lady Eleanor Roosevelt and Roosevelt's daughter Anna voiced a desire to accompany the president, he said no women would be present. Subsequently, they were incensed to learn that Churchill’s wife, Clementine, and Madame Chiang Kai-shek of China had made the trip. 

FDR biographer Doris Kearns Goodwin wrote that rather than feeling any trepidation about the dangers of a secret trip through war zones, Roosevelt was not only eager to meet again with his friend Churchill but also excited at the prospect of meeting Stalin for the first time.

Roosevelt promised Stalin that the Americans and the British would invade Nazi-occupied France, crossing the English Channel, in the spring of 1944. Until that point, Churchill favored a joint strike through the Mediterranean, pushing eastward through the Balkans. That strategy would have presumably secured British interests in the Middle East and India while curbing the Soviet advance into Eastern Europe. For his part, FDR, with the advent of an Allied victory, sought to break up the British Empire; his concessions to Stalin served that goal....

The leaders agreed that the Soviet Union would fight against Japan once the Nazis were beaten. They also promised to offer postwar economic assistance to Iran and guaranteed the host nation’s independence and territorial integrity."







...............

Not previously reported, new dead bodies emerge in Obama's wake: Communist China murdered or imprisoned 18-20 CIA personnel from 2010 to 2012, rendering CIA impotent in China for years to come. Either a mole or 'sloppy American tradecraft' suspected-NY Times (Sloppiness and dead bodies were entirely predictable. The effete slob mentality that shut down college campuses in the 60s now runs US government)

In 2015 Communist China hacked files of US gov. Office of Personnel Mgmt. In 2016, a longtime FBI employee was found guilty of spying for China for many years. In March 2017, a longtime State Dept. employee was arrested for receiving cash and lavish gifts from the Chinese government and lying about it to investigators.

May 20, 2017, "Killing C.I.A. Informants, China Crippled U.S. Spying Operations," NY Times, Mark Mazzetti, Adam Goldman, Michael S. Schmidt, Matt Apuzzo



Current and former American officials described the intelligence breach as one of the worst in decades. It set off a scramble in Washington’s intelligence and law enforcement agencies to contain the fallout, but investigators were bitterly divided over the cause. Some were convinced that a mole within the C.I.A. had betrayed the United States. Others believed that the Chinese had hacked the covert system the C.I.A. used to communicate with its foreign sources. Years later, that debate remains unresolved.

But there was no disagreement about the damage. From the final weeks of 2010 through the end of 2012, according to former American officials, the Chinese killed at least a dozen of the C.I.A.’s sources. According to three of the officials, one was shot in front of his colleagues in the courtyard of a government building — a message to others who might have been working for the C.I.A.

Still others were put in jail. All told, the Chinese killed or imprisoned 18 to 20 of the C.I.A.’s sources in China, according to two former senior American officials, effectively unraveling a network that had taken years to build.

Assessing the fallout from an exposed spy operation can be difficult, but the episode was considered particularly damaging. 

The number of American assets lost in China, officials said, rivaled those lost in the Soviet Union and Russia during the betrayals of both Aldrich Ames and Robert Hanssen, formerly of the C.I.A. and the F.B.I., who divulged intelligence operations to Moscow for years. 

The previously unreported episode shows how successful the Chinese were in disrupting American spying efforts and stealing secrets years before a well-publicized breach in 2015 gave Beijing access to thousands of government personnel records, including intelligence contractors. The C.I.A. considers spying in China one of its top priorities, but the country’s extensive security apparatus makes it exceptionally hard for Western spy services to develop sources there.

At a time when the C.I.A. is trying to figure out how some of its most sensitive documents were leaked onto the internet two months ago by WikiLeaks, and the F.B.I. investigates possible ties between President Trump’s campaign and Russia, the unsettled nature of the China investigation demonstrates the difficulty of conducting counterespionage investigations into sophisticated spy services like those in Russia and China.

The C.I.A. and the F.B.I. both declined to comment.

Details about the investigation have been tightly held. Ten current and former American officials described the investigation on the condition of anonymity because they did not want to be identified discussing the information.

The first signs of trouble emerged in 2010. At the time, the quality of the C.I.A.’s information about the inner workings of the Chinese government was the best it had been for years, the result of recruiting sources deep inside the bureaucracy in Beijing, four former officials said. Some were Chinese nationals who the C.I.A. believed had become disillusioned with the Chinese government’s corruption. 

But by the end of the year, the flow of information began to dry up. By early 2011, senior agency officers realized they had a problem: Assets in China, one of their most precious resources, were disappearing. 

The F.B.I. and the C.I.A. opened a joint investigation run by top counterintelligence officials at both agencies. Working out of a secret office in Northern Virginia, they began analyzing every operation being run in Beijing. One former senior American official said the investigation had been code-named Honey Badger.

As more and more sources vanished, the operation took on increased urgency. Nearly every employee at the American Embassy was scrutinized, no matter how high ranking. Some investigators believed the Chinese had cracked the encrypted method that the C.I.A. used to communicate with its assets. Others suspected a traitor in the C.I.A., a theory that agency officials were at first reluctant to embrace — and that some in both agencies still do not believe.

Their debates were punctuated with macabre phone calls — “We lost another one” — and urgent questions from the Obama administration wondering why intelligence about the Chinese had slowed. 

The mole hunt eventually zeroed in on a former agency operative who had worked in the C.I.A.’s division overseeing China, believing he was most likely responsible for the crippling disclosures. But efforts to gather enough evidence to arrest him failed, and he is now living in another Asian country, current and former officials said. 

There was good reason to suspect an insider, some former officials say. Around that time, Chinese spies compromised National Security Agency surveillance in Taiwan — an island Beijing claims is part of China — by infiltrating Taiwanese intelligence, an American partner, according to two former officials. And the C.I.A. had discovered Chinese operatives in the agency’s hiring pipeline, according to officials and court documents. 

But the C.I.A.’s top spy hunter, Mark Kelton, resisted the mole theory, at least initially, former officials say. Mr. Kelton had been close friends with Brian J. Kelley, a C.I.A. officer who in the 1990s was wrongly suspected by the F.B.I. of being a Russian spy. The real traitor, it turned out, was Mr. Hanssen. Mr. Kelton often mentioned Mr. Kelley’s mistreatment in meetings during the China episode, former colleagues say, and said he would not accuse someone without ironclad evidence. 

Those who rejected the mole theory attributed the losses to sloppy American tradecraft at a time when the Chinese were becoming better at monitoring American espionage activities in the country. Some F.B.I. agents became convinced that C.I.A. handlers in Beijing too often traveled the same routes to the same meeting points, which would have helped China’s vast surveillance network identify the spies in its midst. 

Some officers met their sources at a restaurant where Chinese agents had planted listening devices, former officials said, and even the waiters worked for Chinese intelligence. 

This carelessness, coupled with the possibility that the Chinese had hacked the covert communications channel, would explain many, if not all, of the disappearances and deaths, some former officials said. Some in the agency, particularly those who had helped build the spy network, resisted this theory and believed they had been caught in the middle of a turf war within the C.I.A.

Still, the Chinese picked off more and more of the agency’s spies, continuing through 2011 and into 2012. As investigators narrowed the list of suspects with access to the information, they started focusing on a Chinese-American who had left the C.I.A. shortly before the intelligence losses began. Some investigators believed he had become disgruntled and had begun spying for China. One official said the man had access to the identities of C.I.A. informants and fit all the indicators on a matrix used to identify espionage threats.

After leaving the C.I.A., the man decided to remain in Asia with his family and pursue a business opportunity, which some officials suspect that Chinese intelligence agents had arranged. 

Officials said the F.B.I. and the C.I.A. lured the man back to the United States around 2012 with a ruse about a possible contract with the agency, an arrangement common among former officers. Agents questioned the man, asking why he had decided to stay in Asia, concerned that he possessed a number of secrets that would be valuable to the Chinese. It’s not clear whether agents confronted the man about whether he had spied for China. 

The man defended his reasons for living in Asia and did not admit any wrongdoing, an official said. He then returned to Asia.

By 2013, the F.B.I. and the C.I.A. concluded that China’s success in identifying C.I.A. agents had been blunted — it is not clear how — but the damage had been done.

The C.I.A. has tried to rebuild its network of spies in China, officials said, an expensive and time-consuming effort led at one time by the former chief of the East Asia Division. A former intelligence official said the former chief was particularly bitter because he had worked with the suspected mole and recruited some of the spies in China who were ultimately executed. 

China has been particularly aggressive in its espionage in recent years, beyond the breach of the Office of Personnel Management records in 2015, American officials said. Last year, an F.B.I. employee pleaded guilty to acting as a Chinese agent for years, passing sensitive technology information to Beijing in exchange for cash, lavish hotel rooms during foreign travel and prostitutes. 

In March (2017), prosecutors announced the arrest of a longtime State Department employee, Candace Marie Claiborne, accused of lying to investigators about her contacts with Chinese officials. According to the criminal complaint against Ms. Claiborne, who pleaded not guilty, Chinese agents wired cash into her bank account and showered her with gifts that included an iPhone, a laptop and tuition at a Chinese fashion school. In addition, according to the complaint, she received a fully furnished apartment and a stipend."

..........................

Comment: If you want to soft-pedal a NY Times story, running it on Saturday (such as Saturday, May 20, 2017) is your best bet. Saturday is likely NY Times' lowest circulation day of the week.
 


...........


Trump arrives in Riyadh, Saudi Arabia, May 20, 2017

























Above, 5/20/17, AP photo, Trump arrives in Saudi Arabia, "Trumps on tour: Donald and Melania (plus Ivanka) are greeted by the Saudi king as they land in Riyadh for his crucial first test abroad," Daily Mail, David Martosko, Scott Campbell, and David Burke

Added: Saudi sand storm:






















Above, 5/20/17, "Our Saudi sandstorm. High winds swept our live location and took out some TV gear. NBC News, Kelly O'Donnell

.......................

Trump White House staff leaks now a legal matter says NY Times David Brooks. If senior White House official with top secret clearance reads notes of a White House meeing to a reporter, that's breaking the law-May 19, 2017

May 19, 2017, "Networks: The White House Leaks We're Receiving Are Aimed at Undermining the President, 'It’s a loyalty problem inside the White House'," grabien.com 

"The New York Times's David Brooks, whose paper published the most recent anti-Trump scoop, is also acknowledging the role Trump's own staff is playing in his undoing.
 
"The most interesting thing is that the White House staff and the people under Donald Trump at least some portion of them, seem to have turned against Donald Trump," Brooks said Friday night on PBS NewsHour. [Watch the clip] "I have not talked to the reporters that broke this story, but if I read it correctly, some senior White House official with top secret clearance read the readout to a reporter. That's breaking the law, that means you need to be Deep Throat, you need to undermine this guy, you need to get the truth out about this guy."

And in the Nixon administration, there were a couple of deep throats, there was a guy off in the FBI, who was willing to leak," the columnist continued. "But in this administration, they seem to be in every closet, and behind every desk, I'm exaggerating a little -- but there are squads of deep throats. And so that means this story's not only a legal investigation it is a dissolution of an administration.""





...........................

Friday, May 19, 2017

Despite CrowdStrike's extremely casual treatment of infected DNC computers, waiting over a month to remove hackers, the entire world is forced to rely on CrowdStrike as the sole source of alleged explosive information on DNC email hacking. Not even FBI was allowed access. CrowdStrike on May 5 said it's Russian hackers, then waited over a month before removing the malware-Daily Mail, Washington Post

FBI was forced to rely on CrowdStrike's word for what happened to DNC computers and DNC emails, though CrowdStrike had knowingly allowed hackers to remain on DNC computers for over a month:

1/10/17, "Comey: DNC denied FBI's requests for access to hacked servers," The Hill, Katie Bo Williams 

"The bureau made "multiple requests at different levels,” according to Comey....

“We’d always prefer to have access hands-on ourselves if that’s possible,” Comey said, noting that he didn’t know why the DNC rebuffed the FBI’s request....

[A senior law enforcement official said],This left the FBI no choice but to rely upon a third party for information. These actions caused significant delays and inhibited the FBI from addressing the intrusion earlier.”"... 

.................... 

4 key dates: April-June 2016, involving Crowdstrike and DNC computers, April 29, May 5, May 21, and June 10. Daily Mail (4/5/17) and Washington Post (6/14/2016): 

April 29, 2016- Conclusion of CrowdStrike's 5 week investigation into whether Bernie Sanders campaign staffers had breached DNC computers: "According to internal emails, CrowdStrike was already working for the DNC to investigate whether Bernie Sanders campaign staffers had gained unauthorized access to its voter database. That five-week investigation appeared to have wrapped up on April 29, 2016." Daily Mail, 4/5/17 (Comment: During the Bernie investigation, why didn't CrowdStrike remove malware that had been on DNC computers since 2015?) 

.................... 

May 5, 2016-Crowdstrike called back to the DNC for a malware job, hooked up monitoring software to the DNC system on May 5, 2016. During its May 5 hookup, CrowdStrike says it noticed malware right away (it 'lit up'). But no mention is made of actually removing the malware: "Alperovitch said the company hooked up monitoring software to the DNC system on May 5, 2016 and it 'lit up,' indicating a breach."...(A few days earlier, on April 29, 2016, CrowdStrike had concluded a 5 week job for the DNC investigating whether the Bernie Sanders campaign had gained unauthorized access to its computers. Daily Mail, 4/5/17
...................

May 21, 2016: "DNC Chair Debbie Wasserman Schultz, wrote in one May 21 email that Bernie Sanders would 'never be president.'" 

This May 21 email smearing Bernie Sanders was among those eventually made public: 

*"The vast majority of the email theft appears to have occurred during" the time CrowdStrike was monitoring malware activity on DNC computers (May 5-June 10, 2016). Crowdstrike "monitored the hackers as they pilfered emails and research files," for 5 weeks watched DNC emails walk out the door,  WOULD NOT REMOVE THE MALWARE until June 10, 2016.  Daily Mail 4/5/17

.......................... 

June 10, 2016-"Over a month passed before CrowdStrike finally booted the hackers out of the system on June 10, 2016." Between May 5 and June 10, 2016, CrowdStrike said "it built an entirely new computer and phone system for the DNC and monitored the hackers as they pilfered emails and research files:"...Daily Mail, 4/5/17 

Second source: 6/14/16, Washington Post also reports that DNC malware wasn't removed until the second weekend in June ("over the past weekend") in a "major computer cleanup campaign:" 

June 14, 2016, "Some of the hackers had access to the DNC network for about a year, but all were expelled over the past weekend in a major computer cleanup campaign, the committee officials and experts said." Washington Post (June 10, 2016 was a Friday) 

Washington Post confirms that CrowdStrike quickly ("within 24 hours") installed software on DNC computers to analyze data. But Crowdstrike didn't begin removing the malware "within 24 hours," instead waited until the second weekend in June (as stated above):

"Within 24 hours, CrowdStrike had installed software on the DNC’s computers so that it could analyze data that could indicate who had gained access, when and how." 

From Washington Post, 6/14/2016: 

DNC says it acted "immediately"and "as quickly as possible to kick out the intruders."

They waited 6 weeks "to kick out the intruders."  (Late April 2016- second weekend in June 2016)


 


"DNC leaders were tipped to the hack in late April (2016)."...

"DNC leadership acted quickly after the intrusion’s discovery to contain the damage."...

Rep. Debbie Wasserman Schultz (Fla.), DNC chairwoman: 

"When we discovered the intrusion, we treated this like the serious incident it is and reached out to CrowdStrike immediately. Our team moved as quickly as possible to kick out the intruders and secure our network.”"...[The "intruders" weren't "kicked out" until 6 weeks after DNC learned they were there (Knew they were there in late April 2016, knew they weren't removed until second weekend in June 2016)].

.........................

Link to Washington Post article:

6/14/2016, "Russian government hackers penetrated DNC, stole opposition research on Trump," Washington Post, Ellen Nakashima  
............................

Link to Daily Mail article:

4/5/17, "Exclusive: Cybersecurity experts who were first to conclude that Putin hacked presidential election ABANDON some of their claims against Russia - and refuse to co-operate with Congress," Daily Mail, Alana Goodman

............................

Added:  All US "intelligence community" reports, all global media coverage of an alleged DNC email-Russia event are based on the opinion of a single source, CrowdStrike. "Not even the FBI has been granted access" to DNC computers--despite that CrowdStrike knowingly allowed hackers to remain on DNC computers for over a month, as noted above. CrowdStrike should have no voice whatsoever in this matter: 

"Not even the FBI has been granted access to the (DNC) servers. U.S. agencies have instead relied on CrowdStrike's work. There is no other known forensic evidence which has been publicly disclosed to link the Kremlin to the attacks, including in a series of intelligence community statements and reports." Daily Mail, 4/5/17
.......................

Added: "Democrats Ignored Cybersecurity Warnings Before Theft." Bloomberg reported in July 2016 that FBI is investigating the DNC email theft--but, unfortunately the FBI was denied access to DNC computers, was forced to rely entirely on CrowdStrike's opinion: "The bureau made "multiple requests at different levels,according to Comey."...

"The Federal Bureau of Investigation is examining the attack, which law enforcement officials and private security experts say may be linked to the Russian government."...
 
7/27/2016, "Democrats Ignored Cybersecurity Warnings Before Theft," Bloomberg, Michael Riley

"The Democratic National Committee was warned last fall (2015) that its computer network was susceptible to attacks but didn’t follow the security advice it was given, according to three people familiar with the matter.

The missed opportunity is another blow to party officials already embarrassed by the theft and public disclosure of e-mails that have disrupted their presidential nominating convention in Philadelphia and led their chairwoman to resign.

Computer security consultants hired by the DNC made dozens of recommendations after a two-month review, the people said. Following the advice, which would typically include having specialists hunt for intruders on the network, might have alerted party officials that hackers had been lurking in their network for weeks -- hackers who would stay for nearly a year. 

Instead, officials didn’t discover the breach until April (2016). The theft ultimately led to the release of almost 20,000 internal e-mails through WikiLeaks last week on the eve of the convention. 

The e-mails have devastated party leaders. Representative Debbie Wasserman Schultz, the DNC chairwoman, has agreed to resign at the end of this week’s convention. She was booed off the stage on opening day after the leaked e-mails showed that party officials tried to undermine the presidential campaign of Senator Bernie Sanders in favor of Hillary Clinton, who was formally nominated on Tuesday evening. Party officials are supposed to remain neutral on presidential nominations.

The Federal Bureau of Investigation is examining the attack, which law enforcement officials and private security experts say may be linked to the Russian government. President Barack Obama suggested on Tuesday that Russia might be trying to interfere with the presidential race. Russian officials deny any involvement in the hacking and say they’re not trying to influence the election....

The consultants briefed senior DNC leaders on the security problems they found, the people familiar with the matter said. It’s unclear whether Wasserman Schultz was present. Now, she is likely to face criticism over not only the content of the e-mails -- including one in which a party official proposes pushing stories in the news media questioning Sanders’s Jewish faith -- but also the failure to take steps to stop the theft in the first place.

Shame on them. It looks like they just did the review to check a box but didn’t do anything with it,” said Ann Barron-DiCamillo, who was director of US-Cert, the primary agency protecting U.S. government networks, until last February. If they had acted last fall, instead of those thousands of e-mails exposed it might have been much less.

The assessment by Good Harbor Security Risk Management, headed by the former Clinton and Bush administration official Richard Clarke, occurred over two months beginning in September 2015, the people said. It included interviews with key staff members and a detailed review of the security measures in place on the organization’s network, they said.

The review found problems ranging from an out-of-date firewall to a lack of advanced malware detection technology on individual computers, according to two of the people familiar with the matter.

The firm recommended taking special precautions to protect any financial information related to donors and internal communications including e-mails, these people said.

The DNC paid $60,000 for the assessment, according to federal filings.

Mark Paustenbach, a spokesman for the DNC, declined to comment on the Good Harbor report. Emilian Papadopoulos, president of Washington-based Good Harbor, said he couldn’t comment on work done for a specific client.

Missed Warnings 

The security review commissioned by the DNC was perhaps the most detailed of a series of missed warnings. Officials at both the Republican National Committee and the DNC received government briefings on espionage and hacking threats beginning last year, and then received a more specific briefing this spring, according to another person familiar with the matter. 

Cyber-security assessments can be a mixed blessing. Legal experts say some general counsels advise organizations against doing such assessments if they don’t have the ability to quickly fix any problems the auditors find, because customers and shareholders could have cause to sue if an organization knowingly disregards such warnings. 

Papadopoulos said a risk analysis by his firm is designed to “help an organization’s senior leadership answer the questions, ‘What are our unique and most significant cyber security risks, how are we doing managing them, and what should we improve?’”

The firm typically recommends that clients conduct a so-called breach assessment to determine whether hackers are already lurking in the network, Papadopoulos said. He wouldn’t confirm whether such a recommendation was among those delivered to the DNC.

“We give recommendations on governance, policies, technologies and crisis management,” he said. “For organizations that have not had a compromise assessment done, that is one of the things we often recommend.” 

It isn’t certain a breach assessment would have spotted the hackers, according to Barron-DiCamillo, but it would have increased the chances. "Why spend the money to have Good Harbor come in and do the recommendations and then not act on them?” she asked."


................................

Added: FBI was denied access to DNC computers, was forced to rely on Crowdstrike opinion about alleged Russia access to DNC emails:

1/10/17, "Comey: DNC denied FBI's requests for access to [allegedly] hacked servers," The Hill, Katie Bo Williams 

"The bureau made "multiple requests at different levels,” according to Comey, but ultimately struck an agreement with the DNC that a “highly respected private company” would get access and share what it found with investigators. 

“We’d always prefer to have access hands-on ourselves if that’s possible,” Comey said, noting that he didn’t know why the DNC rebuffed the FBI’s request.... 

The DNC told BuzzFeed in a statement published last week [Jan. 2017] that the FBI never requested access to its servers after they were breached. 

But a senior law enforcement official disputed that characterization the following day.

“The FBI repeatedly stressed to DNC officials the necessity of obtaining direct access to servers and data, only to be rebuffed until well after the initial compromise had been mitigated,” the official said. 

This left the FBI no choice but to rely upon a third party for information. These actions caused significant delays and inhibited the FBI from addressing the intrusion earlier.” 

CrowdStrike, the private security firm in question, has published extensive forensic analysis backing up its assessment that the threat groups that infiltrated the DNC were associated with Russian intelligence."
........................
 

Added: Re: "Threat groups," (The Hill, above) aren't groups of people despite what the term may suggest. "Threat groups" are a set of software and related network infrastructure:

"A common misconception of “threat group” is that it refers to a group of people. It doesn’t. Here’s how ESET [link goes to general site] describes SEDNIT, one of the names for the threat group known as APT28, Fancy Bear, etc. This definition is found on p.12 of part two “En Route with Sednit: Observing the Comings and Goings”:

"As security researchers, what we call “the Sednit group” is merely a set of software and the related network infrastructure, which we can hardly correlate with any specific organization." 

Unlike Crowdstrike, ESET doesn’t assign APT28/Fancy Bear/Sednit to a Russian Intelligence Service or anyone else for a very simple reason. Once malware is deployed, it is no longer under the control of the hacker who deployed it or the developer who created it. It can be reverse-engineered, copied, modified, shared and redeployed again and again by anyone. In other words — malware deployed is malware enjoyed!... 

It is both foolish and baseless to claim, as Crowdstrike does, that X-Agent is used solely by the Russian government when the source code is there for anyone to find and use at will."...
 
.............. 









................

Followers

Blog Archive

About Me

My photo
I'm the daughter of an Eagle Scout (fan of the Brooklyn Dodgers and Mets) and a Beauty Queen.