Tuesday, November 01, 2016

If it walks like a duck and talks like a duck, it must be a very slick duck.

October 31, 2016
By Franklin Foer

Registration of site (click here and enter any code, the registration is there) 

...In late July, (click here) one of these scientists—who asked to be referred to as Tea Leaves, a pseudonym that would protect his relationship with the networks and banks that employ him to sift their data—found what looked like malware emanating from Russia. The destination domain had Trump in its name, which of course attracted Tea Leaves’ attention. But his discovery of the data was pure happenstance—a surprising needle in a large haystack of DNS lookups on his screen. “I have an outlier here that connects to Russia in a strange way,” he wrote in his notes. He couldn’t quite figure it out at first. But what he saw was a bank in Moscow that kept irregularly pinging a server registered to the Trump Organization on Fifth Avenue....

...The researchers quickly dismissed their initial fear that the logs represented a malware attack. The communication wasn’t the work of bots. The irregular pattern of server lookups actually resembled the pattern of human conversation—conversations that began during office hours in New York and continued during office hours in Moscow. It dawned on the researchers that this wasn’t an attack, but a sustained relationship between a server registered to the Trump Organization and two servers registered to an entity called Alfa Bank....

...That wasn’t the only oddity. When the researchers pinged the server, they received error messages. They concluded that the server was set to accept only incoming communication from a very small handful of IP addresses. A small portion of the logs showed communication with a server belonging to Michigan-based Spectrum Health. (The company said in a statement: “Spectrum Health does not have a relationship with Alfa Bank or any of the Trump organizations. We have concluded a rigorous investigation with both our internal IT security specialists and expert cyber security firms. Our experts have conducted a detailed analysis of the alleged internet traffic and did not find any evidence that it included any actual communications (no emails, chat, text, etc.) between Spectrum Health and Alfa Bank or any of the Trump organizations. While we did find a small number of incoming spam marketing emails, they originated from a digital marketing company, Cendyn, advertising Trump Hotels.”)

Spectrum accounted for a relatively trivial portion of the traffic. Eighty-seven percent of the DNS lookups involved the two Alfa Bank servers. “It’s pretty clear that it’s not an open mail server,” Camp told me...

...“The parties were communicating in a secretive fashion. The operative word is secretive. This is more akin to what criminal syndicates do if they are putting together a project.”...

The color is to delineate the different sources of information.

05 March 2014
By Our Foreign Staff


...20th February 2014
More than 100 people (click here) reportedly die in 48 hours as protesters and police clash in Kiev, with government snipers opening fire...

OFAC (Office of Foreign Assets Control) (click here)

The Ukraine/Russia-related sanctions program implemented by the Office of Foreign Assets Control (OFAC) began on March 6, 2014, when the President, in Executive Order (E.O.) 13660, declared a national emergency to deal with the threat posed by the actions and policies of certain persons who had undermined democratic processes and institutions in Ukraine; threatened the peace, security, stability, sovereignty, and territorial integrity of Ukraine; and contributed to the misappropriation of Ukraine’s assets. In further response to the actions and polices of the Government of the Russian Federation, including the purported annexation of the Crimea region of Ukraine, the President issued three subsequent Executive orders that expanded the scope of the national emergency declared in E.O. 13660. Together, these orders authorize, among other things, the imposition of sanctions against persons responsible for or complicit in certain activities with respect to Ukraine; against officials of the Government of the Russian Federation; against persons operating in the arms or related materiel sector of the Russian Federation; and against individuals and entities operating in the Crimea region of Ukraine. E.O. 13662 also authorizes the imposition of sanctions on certain entities operating in specified sectors of the Russian Federation economy. Finally, E.O. 13685 also prohibits the importation or exportation of goods, services, or technology to or from the Crimea region of Ukraine, as well as new investment in the Crimea region of Ukraine by a United States person, wherever located...

...While the researchers went about their work, the conventional wisdom about Russian interference in the campaign began to shift. There were reports that the Trump campaign had ordered the Republican Party to rewrite its platform position on Ukraine, maneuvering the GOP toward a policy preferred by Russia, though the Trump campaign denied having a hand in the change. Then Trump announced in an interview with the New York Times his unwillingness to spring to the defense of NATO allies in the face of a Russian invasion. Trump even invited Russian hackers to go hunting for Clinton’s emails, then passed the comment off as a joke. (I wrote about Trump’s relationship with Russia in early July.)...

All Russian oligarchs of Alpha Bank needed was a front man.

Where is the FBI? 

Where is the NSA? 

Where is Edward Snowdon? Edward needs to be brought home with a degree of immunity. I think it is very foolish to leave him in Russia.

There is no such thing as a secure cyber space.