Aletho News

ΑΛΗΘΩΣ

‘Kaspersky Lab in crosshairs since exposing US & Israeli spy agencies behind Stuxnet attack on Iran’

RT | November 10, 2017

The campaign to discredit Kaspersky Lab dates back to 2010 when the Russian based cybersecurity firm uncovered the origin of the Stuxnet malicious computer worm which ruined Iran’s civilian nuclear centrifuges, experts in the field told RT.

Kaspersky Lab, founded in Moscow in 1997, has been a world leader in cybersecurity for decades. The private company takes pride in working outside of any government’s sphere of influence when it comes to cyber espionage. Americans believe that US intelligence agencies consider the Russian firm a competitive challenge, the experts pointed out.

“Kaspersky is highly reputable. It has been operating for a couple of decades. It has 400 million users around the world, including until very recently the American government,” former MI5 analyst Annie Machon told RT. “So of course if they are doing it, other countries are going to do it to a competitor corporation around the world too. Obviously, the CIA would be interested in a very successful Russian based company that offers protection on the internet.”

“Kaspersky [has] one of the most successful security teams worldwide. Don’t forget that Kaspersky was the security firm that first of all discovered the NSA linked group of activities involved in cyber espionage activities worldwide,” Pierluigi Paganini, the head of cybersecurity at Grant Thornton Consultants, told RT.

The Russian company became one of the targets amidst the ongoing anti-Russian hysteria in the US, which centers around the unproven allegations of Russian meddling in the 2016 US presidential elections. In September, the US Department of Homeland Security (DHS) ordered all government agencies to stop using Kaspersky products and remove them from computers, citing “security risks.”

And while Kaspersky Lab is actively cooperating with the US authorities, on Thursday, WikiLeaks published a source code for the CIA hacking tool ‘Hive,’ which was used by US intelligence agencies to imitate the Kaspersky Lab code and leave behind false digital fingerprints. Exposing the CIA’s impersonation of Kaspersky Lab is just a part of WikiLeaks’ Vault 7 and 8 revelations which shed light on the CIA’s electronic surveillance methods and cyber warfare tools.

“What is important in this specific story is the complexity, the effort spent by the US intelligence to make hard the attribution. Kaspersky is the actual victim of these activities. There is a government agency, the CIA that conducted cyber espionage activities to also use false flag in its operation in order to make harder the attribution,” Paganini explained.

Kaspersky Lab remains one of the few companies in the world that can expose the CIA’s scheming, and that is why the Russian company is facing so much backlash, Machon believes.

“We have Kaspersky saying ‘We can do this-we can prove some of these hacks are not Russian, they are American’ when it comes to the presidential elections. And so they needed to discredit them, and I think that this new application of a virus at state level, a very aggressive virus that would discredit a very proven brand around the world it’s exactly what the Americans would want and the Israelis also would want,” the former MI5 operative pointed out.

The campaign against the Russian cybersecurity firm goes back to 2010; when Kaspersky Lab revealed the origin of the Stuxnet virus which the company said likely came from American and Israeli intelligence services, Machon told RT. The alleged American/Israeli cyber espionage operation was designed to target industrial control systems used in infrastructure facilities to affect their automated processes. Stuxnet reportedly ruined almost one-fifth of Iran’s nuclear centrifuges Tehran had been using to develop civilian atomic power.

“Stuxnet was deployed against the centrifuges that enriched the uranium and nobody knew where it came from. It seemed to be very weaponized at the state level. And it was actually Kaspersky that unveiled who had developed it. And it was American and the Israeli intelligence agencies,” Machon told RT. “So ever since then, it has sort of been daggers drawn between these two competing sides [Kaspersky vs CIA]. Kaspersky has been very much in crosshairs of both American and Israeli intelligence agencies.”

SEE ALSO:

November 9, 2017 Posted by | False Flag Terrorism, Russophobia, Timeless or most popular, Wars for Israel | , , , | 1 Comment

Iran rejects US hacking charges

Press TV – March 26, 2016

Iran has rejected recent US charges that alleged Iranian hackers conducted cyber attacks against American targets, saying Washington is not in a position to level such accusations.

“The Islamic Republic of Iran, which itself has suffered extensive damage from complex cyber attacks supported by certain governments, has always been the front-runner in collective international efforts to counter cyber crimes,” Foreign Ministry spokesman Hossein Jaberi Ansari said on Saturday.

“The Islamic Republic has never had dangerous measures in the cyber space on its agenda and does not support such activities,” he added.

On Thursday, the US government charged several alleged Iranian hackers in absentia with coordinating a campaign of cyber assaults on dozens of American banks and a dam in New York State between 2011 and 2013.

The US Justice Department announced the indictment of seven allegedly Iranian hackers, which was filed in a federal court in New York City.

The indictment described the suspects as “experienced computer hackers” and accused them of conspiracy to commit computer hacking while employed by two Iran-based private computer companies.

In his Saturday remarks, Jaberi Ansari said “the US government, which put millions of innocent people at the risk of an environmental disaster through cyber attacks against Iran’s peaceful nuclear facilities, is not in a position to level accusations against the citizens of other countries, including those of Iran, without substantiated evidence.”

He was referring to the 2010 cyber attacks on Iran’s nuclear energy facilities with the Stuxnet computer malware, jointly developed by the US and the Israeli regime.

Iran has always underlined the need for regulating the cyber space with the supervision of all governments, the Iranian official said.

March 26, 2016 Posted by | Deception, Mainstream Media, Warmongering, War Crimes | , , , , | 1 Comment

Iran never responded to cyber attacks with counter raids: Foreign Ministry

Press TV – November 27, 2015

Iran says it has never reciprocated cyber attacks with counter raids, although it has been a victim of such illegal attacks in the past years.

“Iran has never responded to these illegal attacks with reciprocal cyber attacks,” Iran’s Foreign Ministry spokesman Hossein Jaberi Ansari said on Friday.

He also noted that the Islamic Republic has been the victim of serious cyber attacks, such as the Stuxnet case, in recent years.

The spokesman was referring to the 2010 cyber attacks on Iran’s nuclear energy facilities by the Stuxnet computer worm, built jointly by the US and the Israeli regime.

He made the remarks in response to a recent New York Times report, which cited unnamed US officials as claiming that there has been a surge in cyber attacks by Iran against US State Department officials over the past month.

Jaberi Ansari went on to say that the lack of an efficient legal system in the international arena to prevent and prohibit cyber attacks is one of the serious shortcomings in countering cyber raids.

Pointing to Iran’s rotating presidency of the Non-Aligned Movement (NAM), the top diplomat said Tehran has always been committed to adopting and strengthening international deterrent mechanisms to prevent cyber attacks, urging all countries, especially the West, to cooperate and prevent such destructive measures.

November 27, 2015 Posted by | Deception, Mainstream Media, Warmongering, Timeless or most popular, War Crimes, Wars for Israel | , , , | Leave a comment

Chinese Hackers? US Propagandists Should Look in the Mirror

By Eric Draitser |New Eastern Outlook | November 4, 2015

Like millions of Americans, this past week I was sitting on my couch, drinking a cold beer, watching Game 1 of the World Series – professional baseball’s hallowed championship. Suddenly the satellite feed went out, the screen went dark. Naturally, as FOX Sports scrambled to get their live feed fixed, many of my fellow Americans took to twitter to speculate as to what had caused the outage. I was, sadly, unsurprised to see that the most common joke people were making was that China must have hacked the World Series.

On the one hand, it is understandable given the barrage of propaganda about Chinese hackers as a threat to corporate and national security; seemingly every week there is a new news item highlighting the great red cyber-menace. On the other hand, it is a perfect illustration of the hypocrisy and ignorant arrogance of Americans who, despite being citizens of unquestionably the most aggressive nation when it comes to both cyber espionage and surveillance, see fit to cast China as the real villain. It is a testament to the power of both propaganda and imperial triumphalism that a proposition so disconnected from reality, and bordering on Orwellian Doublethink, is not only accepted, but is ipso facto true.

But there is a deeper political and sociological phenomenon at play here, one that begs further exploration. How is it that despite all the revelations of Edward Snowden regarding US intelligence and military snooping capabilities across the globe, Americans still cannot accept the culpability of their own government and corporate interests – the two work hand in hand – in global cyber-espionage? Even if they explicitly or implicitly know about the NSA, CIA, DIA, and Pentagon programs (among many others), their instinctive reaction is to blame China. Why? The answer lies in the complexity and effectiveness of the anti-China propaganda.

In his landmark book Public Opinion, the renowned writer, commentator, and theoretician of propaganda, Walter Lipmann, defined the term “stereotype” in the modern psychological sense as a “distorted picture or image in a person’s mind, not based on personal experience, but derived culturally.” In other words, the stereotype is an image in our mind’s eye, one that is constructed by outside forces; it is information filtered through a particular societal or cultural framework that then creates a picture of how something is to be understood. Lipmann went further, noting that carefully constructed propaganda could be used to shape stereotypes, thereby allowing the powers that be the ability to construct and manipulate information and narratives.

And this is precisely the phenomenon at work here. By repeating it endlessly, the US political and corporate media establishment have successfully convinced Americans that China is the real threat when it comes to cyberspace, playing on the stereotype of Chinese people in general, and the People’s Republic of China specifically. But, I would argue something far different: rather than seeing China as a threat, perhaps Americans, and westerners generally, should shine a light on what their own countries are doing, thereby gaining a broader perspective on the issue. For China’s moves in this field pale in comparison to those of the US, and are clearly a response to them.

China and the US: Comparing the Rap Sheets

The corporate media is replete with stories of Chinese hacking of US institutions. From alleged Chinese hacking of the University of Virginia employees connected with US government programs directed at China, to the infamous breach of the federal government’s Office of Personnel Management which resulted in the theft of the personal information of more than 20 million Americans, such stories help to construct an image of China as the world’s leading hacker-state. This week it is Chinese hackers targeting health care providers, last year it was stealing the secrets of Westinghouse and US Steel, and literally dozens of other such examples.

The purpose of this article is not to deny the veracity of these reports; I’m not a computer expert, nor do I have access to the information that an expert would need in making a determination. Instead, my purpose here is to show the grossly unbalanced, and utterly dishonest, way in which the issue is presented to Americans especially, and to probe why that might be. For any fair and balanced approach to the issue would present the simple fact that the US is the world leader in cyber-warfare, having actually conducted what are to date the only recorded live uses of cyberweapons.

Take for instance the joint US-Israel developed Stuxnet virus, a pair of highly complex and severely destructive, computer viruses launched at Iran’s nuclear facilities. According to a group of independent legal experts assembled at the request of NATO’s Cooperative Cyber Defense Center of Excellence, the Stuxnet cyberattack was “an act of force.” Their report noted that “Acts that kill or injure persons or destroy or damage objects are unambiguously uses of force [and likely violate international law].”

Indeed, the US and its Israeli partners launched the very first true cyberweapon. As cyber security expert Ralph Langer wrote in Foreign Policy in 2013:

Stuxnet is not really one weapon, but two. The vast majority of the attention has been paid to Stuxnet’s smaller and simpler attack routine — the one that changes the speeds of the rotors in a centrifuge, which is used to enrich uranium. But the second and “forgotten” routine is about an order of magnitude more complex and stealthy. It qualifies as a nightmare for those who understand industrial control system security… The “original” payload… attempted to overpressurize Natanz’s centrifuges by sabotaging the system meant to keep the cascades of centrifuges safe.

Essentially, the US and Israel employed the world’s first cyberweapon without even fully knowing the potentially destructive consequences. As the virus migrated out of the Iranian nuclear facility at Natanz and onto the internet, innumerable variables could have come into play, with the potential for disastrous outcomes.

But of course Stuxnet was not alone. The US and Israel also deployed both the Gauss and Flame viruses, two more sophisticated cyberweapons designed to cause major damage to online infrastructure. The Gauss virus, discovered by Kaspersky labs, one of the world’s most highly respected cyber-security firms, was designed to steal sensitive data such as financial records. According to the US officials who spoke with the Washington Post, the Flame virus was a: massive piece of malware [which] secretly mapped and monitored Iran’s computer networks, sending back a steady stream of intelligence to prepare for a cyberwarfare campaign… “This is about preparing the battlefield for another type of covert action… Cyber-collection against the Iranian program is way further down the road than this.” said one former high-ranking U.S. intelligence official, who added that Flame and Stuxnet were elements of a broader assault that continues today.

Clearly the US and Israel were not merely interested in surveillance and information-gathering, but actually having the ability to manipulate and destroy vital computer infrastructure in Iran. Any reasonable reading of international law should hold that such actions are, in fact, an act of war, though of course war with Iran has not come to pass. But just the very use of such sophisticated weapons, far more elaborate, technical, and dangerous than mere hacking by humans, should call into question the weepy-eyed condemnations of China for its alleged stealing of corporate and government information.

And then of course there is the seemingly endless supply of revelations from Edward Snowden regarding the US surveillance infrastructure, how all-encompassing it truly is, how it is used to manipulate political outcomes, how it is used as a weapon against foreign governments, and much more.

Just to name a few of the countless programs and initiatives of the NSA and the surveillance state designed to capture information for political purposes:

PRISM – allows “The National Security Agency and the FBI [to tap] directly into the central servers of nine leading U.S. internet companies, extracting audio and video chats, photographs, emails, documents, and connection logs.”

BLARNEY – “Gathers up metadata from choke points along the backbone of the internet as part of an ongoing collection program the leverages IC (intelligence community) and commercial partnerships to gain access and exploit foreign intelligence obtained from global networks.”

Boundless Informant – “Details and even maps by country the voluminous amount of information it collects from computer and telephone networks.”

US & UK Target G20 Leaders – “The documents suggest that the operation was sanctioned in principle at a senior level in the government.”

US Spied on EU Offices – “America’s National Security Agency (NSA) not only conducted online surveillance of European citizens, but also appears to have specifically targeted buildings housing European Union institutions… in addition to installing bugs in the building in downtown Washington, DC, the European Union representation’s computer network was also infiltrated.”

But of course, the US has also specifically, and successfully, trained its cyber-espionage and cyber-warfare sights on China itself. Thanks to Snowden, we now know that US intelligence repeatedly hacked into Beijing’s Tsinghua University, China’s top education and research institute. As revealed in the South China Morning Post:

The information also showed that the attacks on Tsinghua University were intensive and concerted efforts. In one single day of January, at least 63 computers and servers in Tsinghua University have been hacked by the NSA… The university is home to one of the mainland’s six major backbone networks, the China Education and Research Network (CERNET) from where internet data from millions of Chinese citizens could be mined. The network was the country’s first internet backbone network and has evolved into the world’s largest national research hub.

But it wasn’t only Tsinghua University that was targeted. Snowden also revealed that Chinese University in Hong Kong was the victim of US hacking; the university is home to the Hong Kong Internet Exchange, the city’s central hub for all internet traffic. In addition, it came out that US intelligence has repeatedly hacked into Chinese mobile phone companies, spied on users, and stolen data, including text messages. These are, of course, only what we know about thus far from the Snowden revelations. The scope of US hacking operations against China is not known, but could be safely assumed to be far-reaching.

In fact, the depth of US hacking and other intelligence operations targeting China, including those taking place inside China itself, has been alluded to repeatedly. The New York Times noted in August 2015 that the Obama administration was cautious about any retaliation against China for the breach of the Office of Personnel Management because “Intelligence officials say that any legal case could result in exposing American intelligence operations inside China — including the placement of thousands of implants in Chinese computer networks to warn of impending attacks.”

It is clear that what we do know about US cyberwar programs and tactics is really only the tip of the iceberg. It is likely that Washington has myriad other China-specific hacking programs and initiatives, including the much discussed attempts to subvert the oft referenced “Great Firewall of China.” Put simply, the US is engaged in the most sophisticated forms of hacking and cyber-subversion, and much of it is directed at China (and Russia and Iran). This should now be beyond question.

Keep this information in mind the next time another story about Chinese hackers attacking US interests runs in the corporate media. While the hack may or may not be true, it is the context within which such actions take place that really needs to be understood.

There is a cyberwar going on, of this there can be no doubt. But who’s got the biggest guns? And who fired the first shot?

November 6, 2015 Posted by | Deception, Mainstream Media, Warmongering, Timeless or most popular | , , , , , , , , , | 1 Comment

Zionist Columnist Calls for Economic Sabotage and Cyber Warfare Against Iran

By Brandon Martinez | Non-Aligned Media | July 19, 2015

In an insane Machiavellian screed, American-Jewish archaeologist and Zionist propagandist Alex Joffe has suggested that the nascent West-Iran rapprochement in the form of the nuclear deal be used as an opportunity for criminal subversion and sabotage now that Tehran will ostensibly open up its economy to Western business investment.

In a July 14, 2015, column for the Times of Israel titled “The Deal with Iran: How to Make Lemonade out of Lemons,” the Zionist extremist outlines a plethora of ways that Iran can be undermined and destabilized. Joffe called upon “those interested in the two goals of an Iran free of nuclear weapons and free of religious fascism” to heed his words, insisting that the West-Iran nuclear deal is perhaps “a moment of opportunity” to infiltrate and destroy the Persian nation from within.

Joffe explained that the P5+1-Iran nuclear accord recently signed in Vienna would result in Iran “undergo[ing] a kind of opening to the world. Taking advantage of that is now a vital goal for Western intelligence and public diplomacy. It is the art of the making lemonade out of lemons.”

Joffe’s “making lemonade out of lemons” scheme to overthrow the Iranian government entails using business investment prospects as a cover for “Western intelligence agencies to gather information and to subvert the Iranian regime.” He specifically encourages an intense campaign of cyber and psychological warfare:

“One simple method are thumb drives, containing viruses to disrupt computer networks, encryption tools to evade official Iranian surveillance and firewalls, and perhaps even Western music, literature, and movies to subvert repressive traditional values, and classics of Western political thought to inspire Iranian society toward a liberal democratic future. Jazz and rock, blue jeans and samizdat literature played roles in the collapse of communism; their 21st century analogs should be enlisted to help Iranian society reform itself.”

On top of those subterfuges Joffe champions the introduction of “cyberweapons such as Stuxnet into Iran’s strategic computer systems. Stuxnet and its variants were designed to slow and damage computer controlled systems in Iran’s nuclear centrifuges, apparently with success.” He goes on:

“New cyberweapons aimed at Iran’s nuclear program, along with missiles, military radars and aviation, regime communications and record-keeping, and much more, are all likely under development in the West — or should be. Certainly Iran is developing its own cyberweapons, and has virtually unlimited access points to introduce them. But its weapons are aimed Western banks and critical infrastructure, such as electric grids. It is in everyone’s interest that more targeted cyberattacks on the Iranian regime and its weapons systems succeed first.”

“Openness should have a high price for Iran, both real and imagined,” writes the deranged Zionist. He calls for Western (read: Zionist) spies to front as businessmen and stir unrest in the Islamic Republic. “Access to Iran’s people also raises the potential to eventually inspire them to overthrow the repressive theocratic fascist regime,” he ponders with glee. Additionally he advocates stoking up ethnic minorities in Iran such as the “Ahwaz Arab tribes in the southwest, ethnic Baluch and Pashtun in the east, and Azeris and Kurds in the northwest” to revolt against Tehran.

“But putting the regime under stress is an important means to bring about its transformation or demise,” Joffe proclaims, openly inciting for sabotage and crimes within a sovereign state. Increasing alienation between Iranian youth and the Islamic government should be a “paramount strategic goal” for the Zionist-led West, he concludes.

Joffe’s provocative screed seems to mimic a little-known 2009 strategy paper produced by the Brookings Institution (a US-based neocon, pro-Israel think tank) entitled “Which Path to Persia?” That paper, co-authored by former high-level American Israel Public Affairs Committee (AIPAC) member Martin Indyk, likewise outlined duplicitous strategies for out-and-out regime change in Iran including cyber warfare, terrorism, inciting internal ethnic and religious strife, provoking rebellion among minority groups, a military coup, and overt military invasion. The Brookings neocons weighed the pros and cons of each “option” and even went so far as to call for “goading” Iran into retaliating to US covert operations as a pretext for war.

Copyright 2015 Non-Aligned Media

July 19, 2015 Posted by | Economics, Ethnic Cleansing, Racism, Zionism, Timeless or most popular, Wars for Israel | , , , , , , , | 4 Comments

US and Israel did create Stuxnet attack code

Mehr News Agency | July 9, 2013

TEHRAN – NSA whistleblower Edward Snowden has confirmed that the Stuxnet malware used to attack Iranian nuclear facilities was created as part of a joint operation between the Israelis and the NSA’s Foreign Affairs Directorate (FAD).

“The NSA and Israel cowrote it,” he told Der Spiegel in an email interview conducted before he publicly outed himself as the NSA mole. Snowden is currently in Russia and a “free man” according to Vladimir Putin – as long as there are no further NSA leaks.

The Stuxnet code, which has been deployed since 2005, is thought to be the first malware aimed specifically at damaging specific physical infrastructure*, and was inserted into the computer networks of the Iranian nuclear fuel factory in Natanz shortly after it opened.

Early variants attempted to contaminate uranium supplies by interfering with the flow of gas to the fuel being processed, potentially causing explosive results in the processing factory. Later a more advanced variant attacked the centrifuges themselves, burning out motors by rapidly starting and stopping the units and contaminating fuel production, although it may actually have encouraged the Iranians.

Last year an unnamed US official said that Stuxnet was part of a program called Operation Olympic Games, started under President Bush and continued under the current administration, aimed at slowing down the Iranian nuclear effort without having to resort to risky airstrikes. General James Cartwright, a former vice-chairman of the Joint Chiefs of Staff, is currently under investigation by the US government for allegedly leaking details of Operation Olympic Games.

July 9, 2013 Posted by | Militarism, Timeless or most popular, War Crimes, Wars for Israel | , , , , , , , , , , , | 1 Comment

U.S. Caught Creating Three New Computer Viruses

Obama administration touts cybersecurity while conducting cyber warfare

By Paul Joseph Watson | Infowars | September 18, 2012

While routinely touting the necessity for tighter controls over the Internet in the name of cybersecurity, the U.S. government has again been caught creating computer viruses to wage cyber warfare in the Middle East.

Researchers working for both Kaspersky and Symantec have separately discovered that the United States is almost certainly responsible for three new viruses that are being used in Lebanon and Iran to conduct espionage, having already been identified as the culprits behind the 2010 Stuxnet virus and this year’s closely related Flame virus.

Kaspersky and Symantec experts are still unsure as to what the newly discovered viruses are designed to do, but have confirmed that they are operating in the Middle East, including Iran and Lebanon, and that the, “approach to uploading packages and downloading data fits the profile of military and/or intelligence operations.”

The new viruses, programs code-named SP, SPE and IP, use malware packages that try to “communicate with command and control servers.” The new viruses could be offshoots of the Flame virus or completely different pieces of software.

“The findings are likely to bolster a growing view that the U.S. government is using cyber technology more widely than previously believed to further its interests in the Middle East,” reports Haaretz.

“The United States has already been linked to the Stuxnet Trojan that attacked Iran’s nuclear program in 2010 and the sophisticated Flame cyber surveillance tool that was uncovered in May.”

As the Washington Post reported earlier this year, the United States and Israel were also responsible for jointly developing the Flame virus, a huge malware assault that monitored Iran’s computer networks.

Despite months of inaccurate speculation blaming Russia or China for the outbreak of the 2010 Stuxnet virus, it was eventually admitted by the New York Times that, “US and Israeli intelligence services collaborated to develop a destructive computer worm to sabotage Iran’s efforts to make a nuclear bomb.”

The U.S. government’s continual efforts to develop computer viruses as a tool of cyber warfare might be more palatable were it not for the constant push by the executive and legislative branches to censor and regulate the Internet domestically in the name of cybersecurity.

Urging President Obama last month to pass an executive order that critics have denounced as another federal power grab over the Internet, Senator Jay Rockefeller justified the EO by claiming it was needed “to protect this country from the cyber threat,” even as the U.S. simultaneously launches aggressive cyber warfare campaigns against other countries.

Indeed, viruses created by the United States and Israel have even been cited as proof that restrictive cyber security legislation needs to be rubber stamped – by the very same government allied with the intelligence networks creating the viruses.

As we reported back in 2011, despite initial evidence clearly indicating the U.S. and Israel were behind the Stuxnet attack, a fact that was subsequently confirmed, major news websites still parroted the official narrative that Russia or China were to blame, even going to the lengths of ridiculing anyone who suggested otherwise as paranoid conspiracy theorists.

While claiming that it needs more power over the world wide web to prevent the spread of hostile computer viruses that could cripple U.S. infrastructure and sensitive networks, the U.S. government itself is creating those very same computer viruses to spy on and attack infrastructure and sensitive networks in other countries.

September 18, 2012 Posted by | Civil Liberties, Deception, False Flag Terrorism, Progressive Hypocrite, Timeless or most popular | , , | Leave a comment

Stuxnet, Flame… Gauss: New spy virus found in Middle East

RT | August 9, 2012

A new virus dubbed Gauss has attacked computers in the Middle East spying on financial transactions, emails and picking passwords to all kind of pages. The virus resembles Stuxnet and Flame malware which was used to target Iran, Kaspersky Lab says.

­Gauss has infected hundreds of personal computers across the Middle East – most of them in Lebanon, but also in Israel and Palestinian territories. Kaspersky Lab has classified the virus, named after one of its major components, as “a cyber-espionage toolkit”.

The malicious malware spies on transactions in banking systems and steals passwords and credentials to social networks, emails and instant messaging accounts. It can also collect system configurations.

Though Gauss seems to be specifically designed for several Lebanese online banking systems, it can also go after Citibank and PayPal users.

It is not immediately clear who may be behind the new Trojan virus, but Kaspersky Lab says the “nation-state sponsored” toolkit has features characteristic of Flame, DuQu and Stuxnet malware, which targeted machines in Iran.

After looking at Stuxnet, DuQu and Flame, we can say with a high degree of certainty that Gauss comes from the same ‘factory’ or ‘factories,‘” Kaspersky Lab said in their report on Thursday. “All these attack toolkits represent the high end of nation-state-sponsored cyber-espionage and cyber war operations.”

The researchers cannot say whether Gauss was meant to simply spy on account transactions, or to steal money from targets. But given the high probability of a nation-state actor behind it, the virus may be a counterintelligence tool, which could be used to trace funding of various groups or individuals.

Gauss has attacked over 2,500 personal computers in the Middle East. Only one attack has so far been reported in Iran (image from http://www.securelist.com)
Gauss has attacked over 2,500 personal computers in the Middle East. Only one attack has so far been reported in Iran (image from http://www.securelist.com)

The virus is yet to be fully exposed, as the Moscow-based internet security company is still trying to crack its payload, a section that sends and receives instructions from an outside source once it has infiltrated a system. The company is asking for assistance from any cryptographers since the payload is highly encrypted and its purposes remain unclear.

The virus was first spotted in June this year while Kaspersky Lab was looking for variants of Flame. Gauss appears to have been most active from May to July 2012, until its control and command infrastructure stopped functioning. Now the virus is in a dormant state.

Still, the malware, apparently created back in 2011, managed to spread much farther than Flame, which attacked around 700 PCs across the Middle East this spring.

Flame and Stuxnet are widely speculated to have been ordered by the US and Israel to hit Iran’s nuclear program. Western officials gave a tentative confirmation the CIA, the National Security Agency and the Israeli military were all involved in developing the Flame spying toolkit.

As for the Stuxnet attack, which in 2010 damaged uranium enrichment centrifuges in Iran, Washington has so far declined to comment on if it was behind the sabotage.

Now Gauss, which shares parts of its code with Flame, appears to add to the US and Israel’s presumed cyber arsenals.

August 10, 2012 Posted by | War Crimes | , , , , , , , | 1 Comment

Do Americans “Need to Know” We’ve All But Declared War on Iran?

By Scott Shackford | Reason | June 7, 2012

While lawmakers work themselves up into a tizzy that the White House might be leaking classified information to make President Barack Obama look good (and wouldn’t it just be the living end if true, given Obama’s habit of prosecuting leakers?), Sen. John Kerry asks whether it’s appropriate for the media to actually let the public know what’s going on. Via Politico:

Sen. John Kerry on Wednesday questioned whether The New York Times should have published explosive stories last week about President Obama ordering cyberattacks against Iran’s nuclear program.

“I personally think there is a serious question whether or not that served our interest and whether the public had to know,” Kerry, the Foreign Relations Committee chairman, told reporters. “To me it was such a nitty-gritty fundamental national security issue. And I don’t see how the public interest is well served by it. I do see how other interests outside the United States are well served by it.” …

Earlier, Kerry said he was “disturbed” by the leaking of classified information cited in the Times story, saying it endangers U.S. national security and “begs retaliation” from America’s enemies. The chairman said he couldn’t understand how an American citizen could leak classified information that could potentially put the country at risk.

It’s not the act itself that “begs retaliation,” you see, it’s the reporting of it. The fact that there could be blowback for targeting a foreign nation’s nuclear program with a computer virus doesn’t mean you possibly shouldn’t do it. It means you should make sure you don’t tell your own public. After all, how would Iran ever conclude that the United States and Israel could be working together to design a virus to shut down their nuclear ambitions? Anybody could be the culprit! Anybody at all! They would never have figured it out had The New York Times kept their big traps shut.

Or, perhaps, they might have gotten a clue from this 2010 story from The Guardian that suggests Israel was responsible for it and that Stuxnet was pretty obviously designed to target Iran. Or maybe this story from Forbes.com from 2010 that talks about the suspicions and various theories that the United States and Israel were the sources of the virus.  Or perhaps this lengthy Vanity Fair investigative report from from last year that says, “[T]here is vanishingly little doubt that the United States played a role in creating the worm.” The fact is, The New York Times story merely revealed the truth that anybody who followed computer security news already suspected, and Iran doesn’t seem like the kind of nation that needs a metaphorical smoking gun before casting blame.

More to the point, launching the virus itself could ultimately give Iran (or others, because Stuxnet, like every other government venture, immediately got out of hand and ended up in places where it wasn’t meant to be) the tools to bring about that blowback Kerry is so worried about.  Via The Christian Science Monitor:

Although Stuxnet is estimated to have eventually destroyed as many as 1,000 high-speed Iranian gas centrifuges designed to enrich uranium, its importance was far larger than that, [German cybersecurity expert Ralph] Langner warned. It demonstrated that a cyberweapon could physically destroy critical infrastructure, and that process could also work in reverse.

“One important difference between a cyber offensive weapon and some kind of advanced bomb, for example, is that when the bomb blows up you can’t examine or reverse-engineer it,” says Joel Brenner, a former national counterintelligence executive in the Office of the Director of National Intelligence.

“Once you find the malware, on the other hand, once you find the code, you can see how it was done,” he says. “So we are going to see more operations of this kind – and the US’s critical infrastructure is undoubtedly going to be targeted. I still don’t think that the owners and operators of most of that infrastructure understand the gravity of this threat.”

The possibility that Stuxnet could come back to haunt us does seem to meet a certain “need to know” threshold. The New York Times Managing Editor Dean Baquet responded to Kerry via Politico:

“Our job is to report issues in the public interest, and this piece certainly meets that standard,” Dean Baquet, the Times managing editor, said in a statement to POLITICO. “As always with sensitive stories, we described the piece to the government before publication. No one suggested we not publish. There was a request to omit some highly technical details. We complied with the request after concluding it was not a significant part of the piece.”

Well, that ought to add more ammo to those who believe the White House is actually causing the leaks.

June 8, 2012 Posted by | False Flag Terrorism, War Crimes, Wars for Israel | , , , | 1 Comment

Obama’s Secret War Against Iran Dooms Diplomacy and Imperils American Interests

By  Flynt Leverett and Hillary Mann Leverett | Race for Iran | June 1st, 2012

In May 2009, we published an op-ed in The New York Times, see here, in which we argued that “President Obama’s Iran policy has, in all likelihood already failed”—largely because “Obama is backing away from the bold steps required to achieve strategic, Nixon-to-China type rapprochement with Tehran.”  Indeed,

“The Obama Administration has done nothing to cancel or repudiate an ostensibly covert but well-publicized program begun in George W. Bush’s second term, to spend hundreds of millions of dollars to destabilize the Islamic Republic.  Under these circumstances, the Iranian government—regardless of who wins the presidential elections on June12—will continue to suspect that American intentions toward the Islamic Republic remain, ultimately, hostile.”

Now, in an article by David Sanger, “Obama Order Sped Up Wave of Cyberattacks Against Iran,” see here, The New York Times informs that

“From his first months in office, President Obama secretly ordered increasingly sophisticated attacks on the computer systems that run Iran’s main nuclear enrichment facilities, significantly expanding America’s first sustained use of cyberweapons, according to participants in the program.

Mr. Obama decided to accelerate the attacks—begun in the Bush administration and code-named Olympic Games—even after an element of the program accidentally became public in the summer of 2010 because of a programming error that allowed it to escape Iran’s Natanz plant and sent it around the world on the Internet.  Computer security experts who began studying the worm, which had been developed by the United States and Israel, gave it a name:  Stuxnet.”

The article goes on to describe multiple details about Stuxnet and the President’s decision-making as to its use.  We, however, are most interested in the report for what it confirms about Obama’s approach to Iran—in particular, that Obama’s aggressiveness toward the Islamic Republic extended to a significant expansion of “America’s first sustained use of cyberweapons.  Consider what Sanger writes about the motives for Obama’s decision-making in this regard:

“Mr. Obama, according to participants in the many Situation Room meetings on Olympic Games, was acutely aware that with every attack he was pushing the United States into new territory, much as his predecessors had with the first use of atomic weapons in the 1940s, of intercontinental missiles in the 1950s and of drones in the past decade.  He repeatedly expressed concerns that any American acknowledgment that it was using cyberweapons—even under the most careful and limited circumstances—could enable other countries, terrorists or hackers to justify their own attacks.

‘We discussed the irony, more than once,’ one of his aides said.  Another said that the administration was resistant to developing a ‘grand theory for a weapon whose possibilities they were still discovering.’  Yet Mr. Obama concluded that when it came to stopping Iran, the United States had no other choice.

If Olympic Games failed, he told aides, there would be no time for sanctions and diplomacy with Iran to work.  Israel could carry out a conventional military attack, prompting a conflict that could spread throughout the region.”

The perceived imperative “to dissuade the Israelis from carrying out their own preemptive strike against the Iranian nuclear facilities” also reportedly motivated the Administration to have Israel “deeply involved in every aspect” of Olympic Games.

Two things strike us as significant here.  First, our May 2009 analysis was right on the money.  If anything, we may have underestimated the degree to which Obama was prepared to let half-baked schemes undermine any chance he might have had, at least in theory, to pursue serious diplomacy with Iran.  Obama apologists, see for example here, want us to believe that the President meant well on engaging Tehran, but that what they describe (with no evidence whatsoever) as the Islamic Republic’s “fraudulent” 2009 presidential election and the resulting “disarray” within the Iranian leadership stymied Obama’s benevolent efforts.  This is utterly false.

Second, the Sanger article makes undeniably clear—if it were not sufficiently evident already—that the reason for the President’s hostility toward Iran has nothing to do with American security.  Rather, Obama’s aggressiveness—which carries with it a willingness to put significant long-term American interests at risk—is motivated by a perceived imperative to prevent the Israelis from doing something that they cannot credibly do in the first place:  namely, strike and destroy Iran’s nuclear program.

June 1, 2012 Posted by | Deception, Timeless or most popular, War Crimes, Wars for Israel | , , , , | Comments Off on Obama’s Secret War Against Iran Dooms Diplomacy and Imperils American Interests

Israel hints it created Flame malware

Press TV – May 30, 2012

Israeli Deputy Prime Minister Moshe Ya’alon has strongly hinted that Israel was involved in creating the computer virus Flame — a new Stuxnet-like espionage malware — to sabotage Iran’s nuclear plans.

Speaking in an interview with Israel’s Army Radio on Tuesday, Ya’alon expressed support for the creation of the virus and similar tools, saying it “opens up all kinds of possibilities.”

He also noted that it is reasonable for anyone who sees Iran as a threat to take such steps, saying that “whoever sees the Iranian threat as a serious threat would be likely to take different steps, including these, in order to hurt them.”

Ya’alon made the remarks only hours after a Russian lab discovered the new virus.

The computer security firm Kaspersky Lab, one of the world’s top virus-hunting agencies, said the virus is being used as a cyber weapon to attack entities in several countries.

The Kaspersky Lab has also announced that the worm is the most malicious ever and is designed to gather intelligence, adding that it can turn on PC microphones to record conversations taking place near the computer, take screenshots, log instant messaging chats, gather data files, and remotely change settings on computers.

“The complexity and functionality of the newly discovered malicious program exceed those of all other cyber menaces known to date,” said the Moscow-based Kaspersky Lab, adding that a government or a coalition of states must be behind it.

Stuxnet — discovered in 2010 — was also a computer worm. It targeted Siemens industrial software and equipment in several countries.

May 29, 2012 Posted by | Wars for Israel | , , , , | 1 Comment