Aletho News

ΑΛΗΘΩΣ

UK Labour’s recent hire shows ‘complete submission to Zionist lobby’, rights group says

MEMO | January 25, 2021

The UK Labour Party’s decision to appoint a former Israel spy to work in his social media team demonstrates its leaders “complete submission to the Zionist lobby”, a UK-based human rights group has said.

The Arab Organisation for Human Rights in the UK (AOHR UK) criticised the appointment of Assaf Kaplan, who worked as an analyst and officer in Unit 8200 of the Israeli Military Intelligence between 2009-2013, where he monitored, collected, and analysed information on all Palestinians, regardless of their status.

“Unit 8200 constantly breaches international laws and conventions, as it dates back to the period before the establishment of Israel when it was known as Shin Mem 2, which worked on collecting information for Zionist gangs that committed massacres against the Palestinians,” AOHR UK said.

“In September 2014, 43 officers published a letter revealing the filthy role of this unit and how the information it gathered led to the killing of thousands of innocent Palestinians, especially during the wars on the Gaza Strip.”

AOHR UK confirmed that Kaplan’s CV, as well as the past and present of this unit, are known to officials in the British Labour Party, thus raising many questions about the reasons behind his employment given the risks he poses to the security of the party

AOHR UK explained that as a result of his work, Kaplan should be in “prison, not the British Labour Party.”

The rights group went on to call on the leaders of the Labour Party and its supporters to reject this appointment.

January 25, 2021 Posted by | Aletho News | , , | 2 Comments

Another Mega Group Spy Scandal? Samanage, Sabotage, And The SolarWinds Hack

By Whitney Webb | The Last American Vagabond | January 21, 2021

The devastating hack on SolarWinds was quickly pinned on Russia by US intelligence. A more likely culprit, Samanage, a company whose software was integrated into SolarWinds’ software just as the “back door” was inserted, is deeply tied to Israeli intelligence and intelligence-linked families such as the Maxwells.

In mid-December of 2020, a massive hack compromised the networks of numerous US federal agencies, major corporations, the top five accounting firms in the country, and the military, among others. Despite most US media attention now focusing on election-related chaos, the fallout from the hack continues to make headlines day after day.

The hack, which affected Texas-based software provider SolarWinds, was blamed on Russia on January 5 by the US government’s Cyber Unified Coordination Group. Their statement asserted that the attackers were “likely Russian in origin,” but they failed to provide evidence to back up that claim.

Since then, numerous developments in the official investigation have been reported, but no actual evidence pointing to Russia has yet to be released. Rather, mainstream media outlets began reporting the intelligence community’s “likely” conclusion as fact right away, with the New York Times subsequently reporting that US investigators were examining a product used by SolarWinds that was sold by a Czech Republic–based company, as the possible entry point for the “Russian hackers.” Interest in that company, however, comes from the fact that the attackers most likely had access to the systems of a contractor or subsidiary of SolarWinds. This, combined with the evidence-free report from US intelligence on “likely” Russian involvement, is said to be the reason investigators are focusing on the Czech company, though any of SolarWinds’ contractors/subsidiaries could have been the entry point.

Such narratives clearly echo those that became prominent in the wake of the 2016 election, when now-debunked claims were made that Russian hackers were responsible for leaked emails published by WikiLeaks. Parallels are obvious when one considers that SolarWinds quickly brought on the discredited firm CrowdStrike to aid them in securing their networks and investigating the hack. CrowdStrike had also been brought on by the DNC after the 2016 WikiLeaks publication, and subsequently it was central in developing the false declarations regarding the involvement of “Russian hackers” in that event.

There are also other parallels. As Russiagate played out, it became apparent that there was collusion between the Trump campaign and a foreign power, but the nation was Israel, not Russia. Indeed, many of the reports that came out of Russiagate revealed collusion with Israel, yet those instances received little coverage and generated little media outrage. This has led some to suggest that Russiagate may have been a cover for what was in fact Israelgate.

Similarly, in the case of the SolarWinds hack, there is the odd case and timing of SolarWinds’ acquisition of a company called Samanage in 2019. As this report will explore, Samanage’s deep ties to Israeli intelligence, venture-capital firms connected to both intelligence and Isabel Maxwell, as well as Samange’s integration with the Orion software at the time of the back door’s insertion warrant investigation every bit as much as SolarWinds’ Czech-based contractor. 

Orion’s Fall

In the month since the hack, evidence has emerged detailing the extent of the damage, with the Justice Department quietly announcing, the same day as the Capitol riots (January 6), that their email system had been breached in the hack—a “major incident” according to the department. This terminology means that the attack “is likely to result in demonstrable harm to the national security interests, foreign relations, or the economy of the United States or to the public confidence, civil liberties, or public health and safety of the American people,” per NextGov.

The Justice Department was the fourth US government agency to publicly acknowledge a breach in connection to the hack, with the others being the Departments of Commerce and Energy and the Treasury. Yet, while only four agencies have publicly acknowledged fallout from the hack, SolarWinds software is also used by the Department of Defense, the State Department, NASA, the NSA, and the Executive Office. Given that the Cyber Unified Coordination Group stated that “fewer than ten” US government agencies had been affected, it’s likely that some of these agencies were compromised, and some press reports have asserted that the State Department and Pentagon were affected.

In addition to government agencies, SolarWinds Orion software was in use by the top ten US telecommunications corporations, the top five US accounting firms, the New York Power Authority, and numerous US government contractors such as Booz Allen Hamilton, General Dynamics, and the Federal Reserve. Other notable SolarWinds clients include the Bill & Melinda Gates Foundation, Microsoft, Credit Suisse, and several mainstream news outlets including the Economist and the New York Times. 

Based on what is officially known so far, the hackers appeared to have been highly sophisticated, with FireEye, the cybersecurity company that first discovered the implanted code used to conduct the hack, stating that the hackers “routinely removed their tools, including the backdoors, once legitimate remote access was achieved—implying a high degree of technical sophistication and attention to operational security.” In addition, top security experts have noted that the hack was “very very carefully orchestrated,” leading to a consensus that the hack was state sponsored.

FireEye stated that they first identified the compromise of SolarWinds after the version of the Orion software they were using contained a back door that was used to gain access to its “red team” suite of hacking tools. Not long after the disclosure of the SolarWinds hack, on December 31, the hackers were able to partially access Microsoft’s source code, raising concerns that the act was preparation for future and equally devastating attacks. 

FireEye’s account can be taken with a grain of salt, however, as the CIA is one of FireEye’s clients, and FireEye was launched with funding from the CIA’s venture capital arm In-Q-tel. It is also worth being skeptical of the “free tool” FireEye has made available in the hack’s aftermath for “spotting and keeping suspected Russians out of systems.” 

In addition, Microsoft, another key source in the SolarWinds story, is a military contractor with close ties to Israel’s intelligence apparatus, especially Unit 8200, and their reports of events also deserve scrutiny. Notably, it was Unit 8200 alumnus and executive at Israeli cybersecurity firm Cycode, Ronen Slavin, who told Reuters in a widely quoted article that he “was worried by the possibility that the SolarWinds hackers were poring over Microsoft’s source code as prelude to a much more ambitious offensive.” “To me the biggest question is, ‘Was this recon for the next big operation?’” Slavin stated.

Also odd about the actors involved in the response to the hack is the decision to bring on not only the discredited firm CrowdStrike but also the new consultancy firm of Chris Krebs and Alex Stamos, former chief information security officer of Facebook and Yahoo, to investigate the hack. Chris Krebs is the former head of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) and was previously a top Microsoft executive. Krebs was fired by Donald Trump after repeatedly and publicly challenging Trump on the issue of election fraud in the 2020 election. 

As head of CISA, Krebs gave access to networks of critical infrastructure throughout the US, with a focus on the health-care industry, to the CTI League, a suspicious outfit of anonymous volunteers working “for free” and led by a former Unit 8200 officer. “We have brought in the expertise of Chris Krebs and Alex Stamos to assist in this review and provide best-in-class guidance on our journey to evolve into an industry leading secure software development company,” a SolarWinds spokesperson said in an email cited by Reuters.

It is also worth noting that the SolarWinds hack did benefit a few actors aside from the attackers themselves. For instance, Israeli cybersecurity firms CheckPoint and CyberArk, which have close ties to Israeli intelligence Unit 8200, have seen their stocks soar in the weeks since the SolarWinds compromise was announced. Notably, in 2017, CyberArk was the company that “discovered” one of the main tactics used in an attack, a form of SAML token manipulation called GoldenSAML. CyberArk does not specify how they discovered this method of attack and, at the time they announced the tactic’s existence, released a free tool to identify systems vulnerable to GoldenSAML manipulation. 

In addition, the other main mode of attack, a back door program nicknamed Sunburst, was found by Kaspersky researchers to be similar to a piece of malware called Kazuar that was also first discovered by another Unit 8200-linked company, Palo Alto Networks, also in 2017. The similarities only suggest that those who developed the Sunburst backdoor may have been inspired by Kazuar and “they may have common members between them or a shared software developer building their malware.” Kaspersky stressed that Sunburst and Kazuar are not likely to be one and the same. It is worth noting, as an aside, that Unit 8200 is known to have previously hacked Kaspersky and attempted to insert a back door into their products, per Kaspersky employees.

Crowdstrike claimed that this finding confirmed “the attribution at least to Russian intelligence,” only because an allegedly Russian hacking group is believed to have used Kazuar before. No technical evidence linking Russia to the SolarWinds hacking has yet been presented.

Samanage and Sabotage

The implanted code used to execute the hack was directly injected into the source code of SolarWinds Orion. Then, the modified and bugged version of the software was “compiled, signed and delivered through the existing software patch release management system,” per reports. This has led US investigators and observers to conclude that the perpetrators had direct access to SolarWinds code as they had “a high degree of familiarity with the software.” While the way the attackers gained access to Orion’s code base has yet to be determined, one possibility being pursued by investigators is that the attackers were working with employee(s) of a SolarWinds contractor or subsidiary. 

US investigators have been focusing on offices of SolarWinds that are based abroad, suggesting that—in addition to the above—the attackers were likely working for SolarWinds or were given access by someone working for the company. That investigation has focused on offices in eastern Europe, allegedly because “Russian intelligence operatives are deeply rooted” in those countries.

It is worth pointing out, however, that Israeli intelligence is similarly “deeply rooted” in eastern European states both before and after the fall of the Soviet Union, ties well illustrated by Israeli superspy and media tycoon Robert Maxwell’s frequent and close associations with Eastern European and Russian intelligence agencies as well as the leaders of many of those countries. Israeli intelligence operatives like Maxwell also had cozy ties with Russian organized crime. For instance, Maxwell enabled the access of the Russian organized crime network headed by Semion Mogilevich into the US financial system and was also Mogilevich’s business partner. In addition, the cross-pollination between Israeli and Russian organized crime networks (networks which also share ties to their respective intelligence agencies) and such links should be considered if the cybercriminals do prove to be Russian in origin, as US intelligence has claimed.

Though some contractors and subsidiaries of SolarWinds are now being investigated, one that has yet to be investigated, but should be, is Samanage. Samanage, acquired by SolarWinds in 2019, not only gained automatic access to Orion just as the malicious code was first inserted, but it has deep ties to Israeli intelligence and a web of venture-capital firms associated with numerous Israeli espionage scandals that have targeted the US government. Israel is deemed by the NSA to be one of the top spy threats facing US government agencies and Israel’s list of espionage scandals in the US is arguably the longest, and includes the Jonathan Pollard and PROMIS software scandals of the 1980s to the Larry Franklin/AIPAC espionage scandal in 2009. 

Though much reporting has since been done on the recent compromise of SolarWinds Orion software, little attention has been paid to Samanage. Samanage offers what it describes as “an IT Service Desk solution.” It was acquired by SolarWinds so Samanage’s products could be added to SolarWinds’ IT Operations Management portfolio. Though US reporting and SolarWinds press releases state that Samanage is based in Cary, North Carolina, implying that it is an American company, Samanage is actually an Israeli firm. It was founded in 2007 by Doron Gordon, who previously worked for several years at MAMRAM, the Israeli military’s central computing unit.

Samanage was SolarWinds’ first acquisition of an Israeli company, and, at the time, Israeli media reported that SolarWinds was expected to set up its first development center in Israel. It appears, however, that SolarWinds, rather than setting up a new center, merely began using Samanage’s research and development center located in Netanya, Israel.

Several months after the acquisition was announced, in November 2019, Samanage, renamed SolarWinds Service Desk, became listed as a standard feature of SolarWinds Orion software, whereas the integration of Samanage and Orion had previously been optional since the acquisition’s announcement in April of that year. This means that complete integration was likely made standard in either October or November. It has since been reported that the perpetrators of the recent hack gained access to the networks of US federal agencies and major corporations at around the same time. Samanage’s automatic integration into Orion was a major modification made to the now-compromised software during that period. 

Samanage appears to have had access to Orion following the announcement of the acquisition in April 2019. Integration first began with Orion version 2019.4, the earliest version believed to contain the malicious code that enabled the hack. In addition, the integrated Samanage component of Orion was responsible for “ensuring the appropriate teams are quickly notified when critical events or performance issues [with Orion] are detected,” which was meant to allow “service agents to react faster and resolve issues before . . . employees are impacted.” 

In other words, the Samanage component that was integrated into Orion at the same time the compromise took place was also responsible for Orion’s alert system for critical events or performance issues. The code that was inserted into Orion by hackers in late 2019 nevertheless went undetected by this Samanage-made component for over a year, giving the “hackers” access to millions of devices critical to both US government and corporate networks. Furthermore, it is this Samanage-produced component of the affected Orion software that advises end users to exempt the software from antivirus scans and group policy object (GPO) restrictions by providing a warning that Orion may not work properly unless those exemptions are granted.

Samanage, Salesforce, and the World Economic Forum

Around the time of Samange’s acquisition by SolarWinds, it was reported that one of Samanage’s top backers was the company Salesforce, with Salesforce being both a major investor in Samanage as well as a partner of the company.

Salesforce is run by Marc Benioff, a billionaire who got his start at the tech giant Oracle. Oracle was originally created as a CIA spin-off and has deep ties to Israel’s government and the outgoing Trump administration. Salesforce also has a large presence in Israel, with much of its global research and development based there. Salesforce also recently partnered with the Unit 8200-linked Israeli firm Diagnostic Robotics to “predictively” diagnose COVID-19 cases using Artificial Intelligence.

Aside from leading Salesforce, Benioff is a member of the Vatican’s Council for Inclusive Capitalism alongside Lynn Forester de Rothschild, a close associate of Jeffrey Epstein and the Clintons, and members of the Lauder family, who have deep ties to the Mega Group and Israeli politics. 

Benioff is also a prominent member of the board of trustees of the World Economic Forum and the inaugural chair of the WEF’s Centre for the Fourth Industrial Revolution (C4IR), making him one of the most critical players in the unfolding of the WEF-backed Great Reset. Other WEF leaders, including the organization’s founder Klaus Schwab, have openly discussed how massive cyberattacks such as befell SolarWinds will soon result in “even more significant economic and social implications than COVID-19.”

Last year, the WEF’s Centre for Cybersecurity, of which Salesforce is part, simulated a “digital pandemic” cyberattack in an exercise entitled Cyber Polygon. Cyber Polygon’s speakers in 2020 included former UK Prime Minister Tony Blair, the Prime Minister of Russia Mikhail Mishustin, WEF founder Klaus Schwab, and IBM executive Wendi Whitmore, who previously held top posts at both Crowdstrike and a FireEye subsidiary. Notably, just months before the COVID-19 crisis, the WEF had held Event 201, which simulated a global coronavirus pandemic that crippled the world’s economy.

In addition to Samanage’s ties to WEF big shots such as Marc Benioff, the other main investors behind Samanage’s rise have ties to major Israeli espionage scandals, including the Jonathan Pollard affair and the PROMIS software scandal. There are also ties to one of the WEF’s founding “technology pioneers,” Isabel Maxwell (the daughter of Robert Maxwell and sister of Ghislaine), who has long-standing ties to Israel’s intelligence apparatus and the country’s hi-tech sector.

The Bronfmans, the Maxwells, and Viola Ventures

At the time of its acquisition by SolarWinds, Samanage’s top investor was Viola Ventures, a major Israeli venture-capital firm. Viola’s investment in Samanage, until its acquisition, was managed by Ronen Nir, who was also on Samanage’s board before it became part of SolarWinds.

Prior to working at Viola, Ronen Nir was a vice president at Verint, formerly Converse Infosys. Verint, whose other alumni have gone on to found Israeli intelligence-front companies such as Cybereason. Verint has a history of aggressively spying on US government facilities, including the White Houseand created the backdoors into all US telecommunications systems and major tech companies, including Microsoft, Google and Facebook, on behalf of the US’ NSA.

In addition to his background at Verint, Ronen Nir is an Israeli spy, having served for thirteen years in an elite IDF intelligence unit, and he remains a lieutenant colonel on reserve duty. His biography also notes that he worked for two years at the Israeli embassy in Washington, DC, which is fitting given his background in espionage and the major role that Israeli embassy has played in several major espionage scandals.

As an aside, Nir has stated that “thought leader” Henry Kissinger is his “favorite historical character.” Notably, Kissinger was instrumental in allowing Robert Maxwell, Israeli superspy and father of Ghislaine and Isabel Maxwell, to sell software with a back door for Israeli intelligence to US national laboratories, where it was used to spy on the US nuclear program. Kissinger had told Maxwell to connect with Senator John Tower in order to gain access to US national laboratories, which directly enabled this action, part of the larger PROMIS software scandal.

In addition, Viola’s stake was managed through a firm known as Carmel Ventures, which is part of the Viola Group. At the time, Carmel Ventures was advised by Isabel Maxwell, whose father had previously been directly involved in the operation of the front company used to sell bugged software to US national laboratories. As noted in a previous article at Unlimited Hangout, Isabel “inherited” her father’s circle of Israeli government and intelligence contacts after his death and has been instrumental in building the “bridge” between Israel’s intelligence and military-linked hi-tech sector to Silicon Valley.

Isabel also has ties to the Viola Group itself through Jonathan Kolber, a general partner at Viola. Kolber previously cofounded and led the Bronfman family’s private-equity fund, Claridge Israel (based in Israel). Kolber then led Koor Industries, which he had acquired alongside the Bronfmans via Claridge. Kolber is closely associated with Stephen Bronfman, the son of Charles Bronfman who created Claridge and also cofounded the Mega Group with Leslie Wexner in the early 1990s.

Kolber, like Isabel Maxwell, is a founding director of the Peres Center for Peace and Innovation. Maxwell, who used to chair the center’s board, stepped down following the Epstein scandal, though it’s not exactly clear when. Other directors of the center include Tamir Pardo, former head of Mossad. Kolber’s area of expertise, like that of Isabel Maxwell, is “structuring complex, cross-border and cross industry business and financial transactions,” that is, arranging acquisitions and partnerships of Israeli firms by US companies. Incidentally, this is also a major focus of the Peres Center.

Other connections to Isabel Maxwell, aside from her espionage ties, are worth noting, given that she is a “technology pioneer” of the World Economic Forum. As previously mentioned, Salesforce—a major investor in Samanage—is deeply involved with the WEF and its Great Reset. 

The links of Israeli intelligence and Salesforce to Samanage, and thus to SolarWinds, is particularly relevant given the WEF’s “prediction” of a coming “pandemic” of cyberattacks and the early hints from former Unit 8200 officers that the SolarWinds hack is just the beginning. It is also worth mentioning the Israeli government’s considerable ties to the WEF over the years, particularly last year when it joined the Benioff-chaired C4IR and participated in the October 2020 WEF panel entitled “The Great Reset: Harnessing the Fourth Industrial Revolution.”

Start Up Nation Central, an organization aimed at integrating Israeli start-ups with US firms set up by Netanyahu’s longtime economic adviser Eugene Kandel and American Zionist billionaire Paul Singer, have asserted that Israel will serve a “key role” globally in the 4th Industrial Revolution following the implementation of the Great Reset.

Gemini, the BIRD Foundation, and Jonathan Pollard

In addition to Viola, another of Samange’s leading investors is Gemini Israel Ventures. Gemini is one of Israel’s oldest venture-capital firms, dating back to the Israeli government’s 1993 Yozma program.

The first firm created by Yozma, Gemini was put under the control of Ed Mlavsky, who Israel’s government had chosen specifically for this position. As previously reported by Unlimited Hangout, Mlavsky was then serving as the executive director of the Israel-US Binational Industrial Research and Development (BIRD) Foundation, where “he was responsible for investments of $100 million in more than 300 joint projects between US and Israeli high-tech companies.”

A few years before Gemini was created, while Mlavsky still headed BIRD, the foundation became embroiled in one of the worst espionage scandals in US history, the Jonathan Pollard affair.

In the indictment of US citizen Pollard for espionage on Israel’s behalf, it was noted that Pollard delivered the documents he stole to agents of Israel at two locations, one of which was an apartment owned by Harold Katz, the then legal counsel of the BIRD Foundation and an adviser to Israel’s military, which oversaw Israel’s scientific intelligence-gathering agency, Lekem. US officials told the New York Times at the time that they believed Katz “has detailed knowledge about the [Pollard] spy ring and could implicate senior Israeli officials.”

Subsequent reporting by journalist Claudia Wright pointed the finger at the Mlavsky-run BIRD Foundation as one of the ways Israeli intelligence funneled money to Pollard before his capture by US authorities.

One of the first companies Gemini invested in was CommTouch (now Cyren), which was founded by ex-IDF officers and later led by Isabel Maxwell. Under Maxwell’s leadership, CommTouch developed close ties to Microsoft, partially due to Maxwell’s relationship with its cofounder Bill Gates.

A Coming “Hack” of Microsoft?

If the SolarWinds hack is as serious as has been reported, it’s difficult to understand why a company like Samanage would not be looked into as part of a legitimate investigation into the attack. The timing of Samanage employees gaining access to the Orion software and the company’s investors including Israeli spies and those with ties to past espionage scandals where Israel used back doors to spy on the US and beyond raises obvious red flags. Yet, any meaningful investigation of the incident is unlikely to take place, especially given the considerable involvement of discredited firms like CrowdStrike, CIA fronts like FireEye and a consultancy firm led by former Silicon Valley executives with their own government/intelligence ties.

There is also the added fact that both of the main methods used in the attack were analogous or bore similarities to hacking tools that were both discovered by Unit 8200-linked companies in 2017. Unit 8200-founded cybersecurity firms are among the few “winners” from the SolarWinds hack, as their stocks have skyrocketed and demand for their services has increased globally. 

While some may argue that Unit 8200 alumni are not necessarily connected to the Israeli intelligence apparatus, numerous reports have pointed out the admitted fusion of Israeli military intelligence with Israel’s hi-tech sector and its tech-focused venture capital networks, with Israeli military and intelligence officials themselves noting that the line between the private cybersecurity sector and Israel’s intelligence apparatus is so blurred, it’s difficult to know where one begins and the other ends. There is also the Israeli government policy, formally launched in 2012, whereby Israel’s intelligence and military intelligence agencies began outsourcing “activities that were previously managed in-house, with a focus on software and cyber technologies.”

Samanage certainly appears to be such a company, not only because it was founded by a former IDF officer in the military’s central computing unit, but because its main investors include spies on “reserve duty” and venture capital firms linked to the Pollard scandal as well as the Bronfman and Maxwell families, both of whom have been tied to espionage and sexual blackmail scandals over the years.

Yet, as the Epstein scandal has recently indicated, major espionage scandals involving Israel receive little coverage and investigations into these events rarely lead anywhere. PROMIS was covered up largely thanks to Bill Barr during his first term as Attorney General and even the Pollard affair has all been swept under the rug with Donald Trump allowing Pollard to move to Israel and, more recently, pardoning the Israeli spy who recruited Pollard during his final day as President. Also under Trump, there was the discovery of “stingray” surveillance devices placed by Israel’s government throughout Washington DC, including next to the White House, which were quickly memory holed and oddly not investigated by authorities. Israel had previously wiretapped the White House’s phone lines during the Clinton years.

Another cover up is likely in the case of SolarWinds, particularly if the entry point was in fact Samanage. Though a cover up would certainly be more of the same, the SolarWinds case is different as major tech companies and cybersecurity firms with ties to US and Israeli intelligence now insist that Microsoft is soon to be targeted in what would clearly be a much more devastating event than SolarWinds due to the ubiquity of Microsoft’s products. 

On Tuesday, CIA-linked firm FireEye, which apparently has a leadership role in investigating the hack, claimed that the perpetrators are still gathering data from US government agencies and that “the hackers are moving into Microsoft 365 cloud applications from physical, on-premises servers,” meaning that changes to fix Orion’s vulnerabilities will not necessarily deny hacker access to previously compromised systems as they allegedly maintain access to those systems via Microsoft cloud applications. In addition to Microsoft’s own claims that some of its source code was accessed by the hackers, this builds the narrative that Microsoft products are poised to be targeted in the next high-profile hack.

Microsoft’s cloud security infrastructure, set to be the next target of the SolarWinds hackers, was largely developed and later managed by Assaf Rappaport, a former Unit 8200 officer who was most recently the head of Microsoft’s Research and Development and Security teams at its massive Israel branch. Rappaport left Microsoft right before the COVID-19 crisis began last year to found a new cybersecurity company called Wiz.

Microsoft, like some of Samanage’s main backers, is part of the World Economic Forum and is an enthusiastic supporter of and participant in the Great Reset agenda, so much so that Microsoft CEO Satya Nadella wrote the foreword to Klaus Schwab’s book “Shaping the Fourth Industrial Revolution.” With the WEF simulating a cyber “pandemic” and both the WEF and Israel’s head of Israel’s National Cyber Directorate warning of an imminent “cyber winter”, SolarWinds does indeed appear to be just the beginning, though perhaps a scripted one to create the foundation for something much more severe. A cyberattack on Microsoft products globally would certainly upend most of the global economy and likely have economic effects more severe than the COVID-19 crisis, just as the WEF has been warning. Yet, if such a hack does occur, it will inevitably serve the aims of the Great Reset to “reset” and then rebuild electronic infrastructure. 

January 23, 2021 Posted by | Deception, Russophobia, Timeless or most popular | , , , , , , | Leave a comment

Meet the IDF-Linked Cybersecurity Group “Protecting” US Hospitals ‘Pro Bono’

By Whitney Webb – UNLIMITED HANGOUT – August 27, 2020

Since the Coronavirus crisis began in earnest earlier this year, the strain on hospitals in the US and around the world has been the subject of a considerable number of media reports. However, hardly any media attention has been given to the dramatic and unsettling changes that have been made to hospital and healthcare information technology (IT) systems and infrastructure under the guise of helping the US healthcare system “cope” with the surge in data as well as an unsettling uptick in cyberattacks.

Over the past several months, 80% of healthcare institutions in the US have reported being targeted by some sort of cyberattack, ranging from minor to severe, with an uptick in phishing attempts and spam specifically. Most of these attempts have been aimed at illegally acquiring troves of patient data, including the recent hacks of hospitals in Chicago and Utah. About 20% of the hacks and cyberattacks reported by hospitals and medical facilities since March directly affected the facilities’ capacity to function optimally, with a much smaller percentage of those including ransomware attacks.

One of the reasons for the increase in the success of these attacks has been the fact that more healthcare IT workers are working remotely as well as the fact that many IT staffers have been laid off or let go completely. In several recent instances, the removal of entire hospital system IT staffs have been tied to a larger effort by the Department of Health and Human Services (HHS) to consolidate control over patient data, including Coronavirus-related data, with the assistance of secretive government contractors with longstanding ties to HHS.

The surge of cyberattacks combined with major budget cuts has made hospitals even more vulnerable as many are compelled to do more with less. As a result, there has been a renewed push for the improvement of cybersecurity at hospitals, clinics and other healthcare institutions throughout the country over the course of the Coronavirus (Covid-19) crisis.

Amid this backdrop, an odd group of “cyber threat intelligence” analysts with ties to the US government, Israeli intelligence and tech giant Microsoft have “volunteered” to protect US healthcare institutions for free and have even directly partnered with US federal agencies to do so. They have also recently expanded to offer their services to governments and social media platforms to target, analyze and “neutralize” alleged “disinformation campaigns” related to the Coronavirus crisis.

While these analysts have claimed to have altruistic motives, its members who have identified themselves publicly have notably dedicated much of their private sector careers to blaming nation states, namely Iran but also China, for hacking and, most recently, for cyberattacks related to the Coronavirus crisis, as well as the 2020 presidential campaign. These individuals and their employers rarely, if ever, make their reasons for assigning blame to state actors available to public scrutiny and also have close ties to the very governments, namely the US and Israel, that have been attempting to gin up hostilities with those countries in recent years, particularly Iran, suggesting a potential conflict of interest.

The Cyber Justice League?

Calling themselves the cyber version of “Justice League,” the Covid-19 Cyber Threat Intelligence (CTI) League was created earlier this year in March and has described itself as “the first Global Volunteer Emergency Response Community, defending and neutralizing cybersecurity threats and vulnerabilities to the life-saving sectors related to the current Covid-19 pandemic.” They now claim to have over 1,400 members hailing from 76 different countries.

According to their website, they seek “to protect medical organizations, public healthcare facilities, and emergency organizations from threats from the cyber domain” and offer their services “pro-bono” to major hospitals, healthcare and pharmaceutical companies as well as U.S. law enforcement and federal agencies. Upon their creation, they sent an “open letter to the healthcare community,” offering to volunteer “their time and efforts to mitigate [cyber] threats and protect our healthcare system.”

However, since its creation, the CTI League has offered its services to sectors entirely unrelated to healthcare systems, companies and institutions. For instance, they now offer their services to critical infrastructure systems throughout the US, including dams, nuclear reactors, chemical plants and others, according to their inaugural report and their contact form. This is particularly concerning given that there is no oversight regarding who can become a member of the League, as one must merely be approved for entrance or “vetted” by the league’s four founding members, whose conflicts of interests and ties to the US and Israeli national security states are detailed later on in this report.

In addition, the league’s team of “expert” volunteers also tackle alleged disinformation campaigns related to Covid-19. Some examples of the “disinformation” campaigns the CTI league has been investigating on behalf of its private sector and federal partners include those that “associate Covid-19 spread with the distribution of 5G equipment,” “encourage citizens to break quarantine”, and one that “incited” a “1st and 2nd amendment rally” in Texas.

Regarding their disinformation “workstream,” the CTI league states the following:

“The CTI League neutralizes any threat in the cyber domain regarding the current pandemic, including disinformation. The mission of this effort is to find, analyze, and coordinate responses to the current pandemic disinformation incidents as they happen, and where our specialist skills and connections are most useful.”

The CTI League has offered its services “pro bono” to a variety of groups in the private and public sector, which has allowed the League’s members access to the critical systems of each. For instance, they work closely with the Health Information Sharing and Analysis Center (H-ISAC), whose members include Johnson & Johnson, Pfizer, Merck, Amgen, Blue Cross Blue Shield and Athenahealth, among others. H-ISAC’s president, Denise Anderson, works closely with the National Cybersecurity and Communications Integration Center, part of the Department of Homeland Security (DHS). According to H-ISAC’s Chief Security Officer (CSO), Errol Weiss, the organization has been partnered with the CTI League since “very early on” in the Coronavirus crisis.

The CTI League also works with unspecified law enforcement partners in the US and works particularly closely with the US Cybersecurity and Infrastructure Security Agency (CISA), an independent federal agency overseen by DHS. The current CISA director, Christopher Krebs – who was previously the Director of Cybersecurity for Microsoft, told CSO Online in April that “CISA is working around the clock with our public and private sector partners to combat this threat. This includes longstanding partnerships, as well as new ones that have formed as a direct result of Covid-19, including the Covid-19 Cyber Threat Intelligence (CTI) League.”

Since they began “working with US authorities,” the CTI League has increasingly taken to assigning blame to nation states, specifically Russia, China and Iran, for various cyber-intrusions just as the US federal authorities began to do the same. In late April, for instance, the Justice Department began claiming Chinese hackers planned to target “US hospitals and labs to steal research related to coronavirus” and anonymous US officials blamed China for a hack of the Department of Health and Human Services (HHS) and COVID-19 research. Yet, no evidence tying China to the hacks was provided and only anonymous government officials were willing to imply blame in statements given to the press, suggesting that there was not enough evidence to justify going public with the accusation or to even open an official investigation against specific foreign entities.

Notably, that same week in April, CTI League’s founder Ohad Zaidenberg claimed that China, Iran and Russia “are trying to steal everything,” telling CBS News that they “can steal information regarding the coronavirus information that they don’t have, (if) they believe someone is creating a vaccine and they want to steal information about it. Or they can use the pandemic as leverage so they (can) to steal any other type of information.”

Yet, upon looking more closely at the CTI league’s membership and co-founders, particularly Mr. Zaidenberg, much of the league’s leadership has a rather dubious track record regarding past claims linking state actors to cyberattacks. In addition, they also possess rather glaring conflicts of interests that undermine the CTI League’s professed desire to protect critical health and other infrastructure “free of charge” as well as ties to foreign governments with a history of espionage targeting the United States.

ClearSky and the manufactured Iranian threat

The public face of the CTI League and its original founder is a young Israeli named Ohad Zaidenberg, who was previously an “award-winning” commander in Israeli military intelligence’s Unit 8200, a key component of Israel’s military intelligence apparatus that is often compared to the U.S.’ National Security Agency (NSA). While serving in Unit 8200, Zaidenberg specialized in acts of cyberwarfare targeting the Iranian state, serving first as a Persian analyst in the Unit before becoming commander. His current biography states that he continues to remain “focused on Iran as a strategic intelligence target” and describes him as “an authority in the operations of key Iranian APTs [Advanced Persistent Threats].”

In addition to his leading role at the CTI League, Zaidenberg is also the lead cyber intelligence researcher at ClearSky Cybersecurity, an Israeli company directly partnered with the Unit 8200-linked Checkpoint and Verint Inc., formerly known as Comverse Infosys – a company with a long history of fraud and espionage targeting the US federal government. ClearSky also collaborates “daily” with Elta Systems, an Israeli state-owned subsidiary of Israel Aerospace Industries (IAI), and was founded by Boaz Dolev, the former head of the Israeli government’s “e-Government” platform.

Aside from his work at CTI League and ClearSky, Zaidenberg is also a researcher for Tel Aviv University’s Institute for National Security Studies (INSS). Zaidenberg is specifically affiliated with the INSS’ Lipkin-Shahak Program, which is named after the former head of Israeli military intelligence and which focuses on “national security and democracy in an era of Post-Truth and Fake News.” According to the INSS website, the program works directly with the Israeli government and the IDF and is currently headed by Brigadier General (Ret.) Itai Brun, the former head of the Israel Defense Intelligence (IDI) Analysis Division.

Prior to the creation of CTI League, ClearSky – and Zaidenberg, specifically – were often cited by US mainstream media outlets as the sole source for dubious claims that “Iranian hackers” were responsible for a series of high-profile hacks and “disinformation” campaigns. In every mainstream media report that has covered ClearSky’s and Zaidenberg’s claims regarding “Iranian hackers” to date, their connections to the Israeli government and Israeli intelligence services have been left unmentioned. Also unmentioned was the fact that the only state actor that ClearSky has ever blamed for hacks or other online attacks has been Iran, suggesting that the government-linked cybersecurity firm has a rather myopic focus on the Islamic Republic.

Ohad Zaidenberg

For instance, in February 2018, Forbes reported on ClearSky’s claim, citing only Zaidenberg by name, that an individual linked to Iran’s government had been responsible for an “Iranian propaganda machine” producing “fake news” and attempting to imitate BBC Persian. Zaidenberg claimed that the individual behind the three “fake news” websites, which largely published criticisms of the BBC as opposed to false news stories, is “believed to have worked for [Iran’s] National Ministry of Communications.” Based merely on the Iranian national’s “believed” (i.e. unconfirmed) work history, Zaidenberg then asserts with “medium-high certainty that the operation was funded by the Iranian government.” Zaidenberg’s history as a commander in Unit 8200 targeting Iran and his continued, self-admitted work in pursuing Iran as a “strategic intelligence target” while working at the Israeli government-affiliated ClearSky are left unmentioned by Forbes.

More recently, right before the founding of the CTI League, Zaidenberg and ClearSky were the sole source of claims that “Iranian hackers” were “exploiting VPN servers to plan backdoors” in companies around the world as well as targeting the networks of certain governments, mainly in the U.S. and Israel. ClearSky’s assertion that the hackers in question were tied to Iran’s government was solely based on their finding of “medium-high probability” that the hackers’ activities overlapped with the past “activity of an [unspecified] Iranian offensive group.” They declined to specify what the nature of the overlap was or its extent.

A clear conflict of interest

Notably, ClearSky’s February report on “Iranian hackers” targeting governments and major international companies in the US and elsewhere came right on the heels of speculation that Iran would target the US with a cyberattack following the US’ January assassination of Iranian general Qassem Soleimani, an act that was greatly influenced and allegedly prompted by Israeli intelligence. In the aftermath of the Soleimani assassination, mainstream media outlets in the US had heavily promoted the claim that Iran’s government would soon respond with a “cyberattack” as retaliation and that “financial institutions and major American corporations may be in the crosshairs.”

President Trump and Secretary of State Mike Pompeo had both threatened, at the time, to dramatically respond to any Iran-launched attack, including one launched in the cyber domain, presumably with military force. While Iran’s much-hyped “cyber retaliation” failed to materialize, ClearSky, with its dubious claims that “Iranian hackers” were targeting major corporations and governments, created the impression that Iran’s government was involved in cyberattacks against U.S. interests at this sensitive time.

ClearSky and Zaidenberg’s claims regarding Iran only intensified after the CTI League was founded, with ClearSky and Zaidenberg being the only source for the claim made earlier this year in May that Iran had been responsible for the hacking of US biopharmaceutical company Gilead (a company which boasts close links to the Pentagon). The hack itself, which was widely reported by US media, is said to have consisted of a Gilead executive receiving a single “fake email login page designed to steal passwords” and it is unknown if the attack was even successful, per Reuters, which first broke the story in May. ClearSky subsequently claimed to have single-handedly “foiled” the Gilead hack. Notably, Gilead is part of H-ISAC, which had been partnered with Zaidenberg’s CTI League weeks prior to the alleged hack.

The alleged Iranian-led hack received considerable media attention as the cyberattack was said to have targeted Gilead’s antiviral medication remdesivir, which had received a Covid-19-related emergency use authorization from the U.S. Food and Drug Administration (FDA) just a week before the hack allegedly took place. Only Zaidenberg is cited by name in the report on Iran’s alleged links to the Gilead hack, with Reuters citing two other, yet anonymous, cybersecurity researchers who told the outlet that they concurred with Zaidenberg’s assertion “that the web domains and hosting servers used in the hacking attempts were linked to Iran.”

Then, earlier this month, the FBI sent out a security alert claiming that Iranian government-aligned hackers were targeting F5 networking devices in the US public and private sector, with some media outlets citing anonymous sources tying the hackers in question to those previously identified by ClearSky. The FBI alert was issued right after an alert from CISA (which works directly with the CTI League and Zaidenberg) regarding vulnerabilities in F5 devices that did not mention the involvement of any state actors. Just a few days before the FBI alert, the director of the US intelligence community’s National Counterintelligence and Security Center, William Evanina, had alleged that Iran was “likely” to use online tactics to “discredit U.S. institutions” and “to stir up U.S. voters’ discontent.”

Aside from citing only ClearSky and Zaidenberg for claims linking Iran’s government to cyberattacks, it is also worth noting that the media reports that accused Iranian government-linked groups of committing those attacks declined to even mention the extreme extent to which Iran itself has been the subject of cyberattacks over the course of 2020. For instance, in February, a cyberattack took down an estimated 25% of Iran’s internet, with some alleging US involvement in a similar attack that had targeted Iran just months prior. More recently, a series of several mysterious fires and other acts of industrial sabotage across Iran over the past few months have been linked to Israeli intelligence operations. In some cases, Israeli officials have acknowledged the Zionist state’s role in these events.

In addition, there is the fact that top Israeli intelligence officials have attempted for years to goad the US into making the “first move” against Iran, both covertly and overtly. Indeed, for much of the last twenty years, Mossad has had access to “virtually unlimited funds and powers” for a “five-front strategy,” involving “political pressure, covert measures, proliferation, sanctions and regime change” in order to target Iran. Some Mossad officials have openly stated that part of this “five-front” strategy involves directly influencing the US’ Iran policy, including lobbying the U.S. to conduct a military strike on Iran. For instance, former Mossad director Meir Dagan, who pushed the US State Department to pursue “covert measures” and “urged more attention on regime change” in Iran while head of Mossad, is on record in 2012 stating that, in his view, the US needs to strike Iran first so Israel doesn’t have to.

Currently, Israeli officials have been relatively candid about their role in several of the recent cyberattacks that have befallen Iran as well as the fact that powerful elements of the Israeli state are trying to get the US to join a conflict against Iran before the 2020 presidential election while Trump remains in power. The effort has reportedly led to concern among EU officials that Israel’s government may be seeking to provoke an event whereby the US would engage Iran militarily.

This context highlights why solely citing a firm like ClearSky and an individual like Ohad Zaidenberg in linking a cyber attack to the Iranian government is dangerous, given that ClearSky and Zaidenberg’s ties to the Israeli national security state presents a conflict of interest. This is especially true given that Zaidenberg’s old unit in Unit 8200 is directly involved in conducting cyber attacks on Iran, like those that have been recently taking place as part of the strategy to provoke a military engagement between the US and Iran prior to the November elections.

While Iran’s government could have been involved in recent cyberattacks, especially considering the extent to which Iran has been recently targeted by cyberwarfare, using a firm tied to the very government and military intelligence apparatus actively seeking to embroil the US in a war with Iran as the sole source linking Iran to a cyberattack is not only ill advised, but dangerous and reckless.

Furthermore, given Zaidenberg’s key role in the CTI League, allowing faceless “volunteers” vetted by Zaidenberg and the league’s three other founding members (whose affiliations are discussed below) onto critical private and public networks under the guise of “aiding” their security amid the Covid-19 crisis is similarly reckless.

CTI, Microsoft & 2020

While Zaidenberg has made himself the public face and spokesperson of the CTI League, it is worth examining the other three individuals that are listed as founding members on the League’s website, if only because only these four individuals “vet” those who join the CTI League.

One of these other founding members is Marc Rogers, who began his career as a hacker and later “hacktivist” before deciding that “ethical hacking” was “more likely to have a positive outcome.” For Rogers, “ethical hacking” meant pursuing a cybersecurity career with multi-national corporations like Vodafone and Cloudfare as well as asset management firms like Asian Investment & Asset Management (AIAM).

Rogers is currently the Vice President of Cybersecurity Strategy at Okta, an enterprise identity solution platform, co-founded by former Salesforce executives and largely funded by venture capital firm Andreessen Horowitz. Andreessen Horowitz is advised by former Secretary of the Treasury and Jeffery Epstein friend Larry Summers and is also a major investor in Toka, a company closely tied to Israel’s military intelligence apparatus and led by former Israeli Prime Minister (and a close friend of Epstein’s), Ehud Barak.

Aside from Rogers and Zaidenberg, the other founding members of the CTI League are Nate Warfield and Chris Mills. Warfield is a former self-described “Grey Hat” hacker (defined as “a hacker or cybersecurity professional who violates laws or common ethical standards but without malicious intent”) who now works as a senior program manager for the Microsoft Security Response Center (MSRC). Mills also currently works for the MSRC as a senior program manager and he previously created the US Navy Computer Forensics Lab while serving in the Navy’s Cyber Defense Operations Command.

The MSRC “proactively builds a collective defense working with industry and government security organizations to fend off cyberattacks” and works within the Cyber Defense Operations Center and Microsoft’s other cybersecurity teams, including that previously overseen by Chris Krebs when he was in charge of “Microsoft’s US policy work on cybersecurity and technology issues.” Krebs, as previously mentioned, is now the head of the federal agency CISA, which oversees the protection of critical electronic infrastructure in the US, including the voting system. In addition to the above, MSRC is heavily focused on pursuing the cybersecurity needs of Microsoft customers, which includes the US government, specifically the US Department of Defense.

It is worth noting that the MSRC is also directly affiliated with Microsoft’s ElectionGuard, a voting machine software program that was developed by companies closely tied to the Pentagon’s infamous research branch DARPA and Israeli military intelligence Unit 8200 and creates several risks to voting security despite claiming to make it “safer.” The push for the adoption of ElectionGuard software in the US has been largely spearheaded by the Chris Krebs-led CISA.

Perhaps more telling, however, is that Microsoft and the MSRC have been at the center, alongside ClearSky, of claims linking Iran’s government to recent hacking events and assertions that Iranian government-linked hackers will soon target the US power grid and other critical infrastructure with cyberattacks. For instance, last year, Microsoft penned a blog post about a “threat group” it named Phosphorus, sometimes also called APT35 or “Charming Kitten”, and Microsoft claimed that they “believe [the group] originates from Iran and is linked to the Iranian government.” Microsoft did not provide more details as to why they hold that “belief,” despite the implications of the claim.

Microsoft went on to assert that the “Iranian” Phosphorus group attempted to target a US presidential campaign, which subsequent media reports revealed was President Trump’s re-election campaign. Microsoft concluded that the attempt was “not technically sophisticated” and was ultimately unsuccessful, but the company felt compelled, not only to disclose the event, but to attempt to link it to Iran’s government. Notably, the Trump campaign was later identified as the only major presidential campaign using Microsoft’s “AccountGuard” software, part of its suspect “Defending Democracy” program that also spawned NewsGuard and ElectionGuard. AccountGuard claims to protect campaign-linked emails and data from hackers.

Though it provided no evidence for the hack or its reasons for “believing” that the attack originated from Iran, media reports treated Microsoft’s declaration as proof that Iran had begun actively meddling in the US’ 2020 presidential election. Headlines such as “Iranian Hackers Target Trump Campaign as 2020 Threats Mount,” “Iran-linked Hackers Target Trump 2020 Campaign, Microsoft says”, “Microsoft: Iran government-linked hacker targeted 2020 presidential campaign” and “Microsoft Says Iranians Tried To Hack U.S. Presidential Campaign,” were commonplace following Microsoft’s statements. None of those reports scrutinized Microsoft’s claims or noted the clear conflict of interest Microsoft had in making such claims due to its efforts to see its own ElectionGuard Software adopted nationwide or the fact that the company has close ties to Israel’s Unit 8200 and 8200-linked Israeli tech start-ups.

Coincidentally, Phosphorus, as Microsoft calls them, is also the group at the center of the “Iranian hacker” allegations promoted by ClearSky and Zaidenberg, which refers to this same group by the name “Charming Kitten.” The overlap is not very surprising given Microsoft’s long-standing ties to Israel’s Unit 8200 as well as the fact that Microsoft as a company and its two co-founders, Paul Allen and Bill Gates, personally ensured the success of an Israeli intelligence-linked tech company then-led by Isabel Maxwell, Ghislaine Maxwell’s sister who boasts close ties to Israel’s national security state. It is certainly interesting that the four founding members of CTI League share ties to the same military intelligence agencies and associated corporations as well as an interest in the same group of alleged “Iranian hackers.”

While CTI League only publicly identifies the names of its four founding members, further investigation reveals that another member of the league is its program lead for combating Covid-19-related “disinformation” — Sara-Jayne Terp. Terp is a former computer scientist for the UK military and the United Nations and, in addition to her role at the CTI League, she currently co-leads the “misinfosec” (i.e. a combination of misinformation analysis and information security) working group for an organization known as the Credibility Coalition.

The Credibility Coalition describes itself as an effort to “address online misinformation by defining factors that communicate information reliability to readers” and is backed by Google’s News Lab, Facebook’s Journalism Project as well as Craig Newmark Philanthropies and the Knight Foundation. The latter two organizations also back the Orwellian anti-“fake news” initiatives called the Trust Project and the Microsoft-affiliated Newsguard, respectively.

Questionable access granted

Through claims of altruism and partnerships with powerful corporations and government agencies, the CTI League has been able to position itself within the critical infrastructure of hospitals and the U.S. healthcare system as well as attempting to expand into other key networks, such as those tied to dams and even nuclear reactors. It is truly stunning that a group whose unnamed members are “vetted” only by Zaidenberg, Warfield, Mills and Rogers, has been cleared to access critical private and public networks all because of the pandemonium caused by the Coronavirus crisis and the league’s offering of their services “pro bono.”

Notably, a considerable part of the strain that led hospitals and healthcare institutions to request the league’s services, such as budget cuts or the firings of IT staffers, were actually the result of government policy, either due to state or federal budget cuts for healthcare systems or HHS’ efforts to consolidate control over patient data flows into the hands of a few. In other words, these government policies directly led to a situation where hospitals and healthcare institutions would, out of desperation, be more likely to accept the “pro bono” offer of the CTI League than they otherwise would have been under more “normal” conditions.

Another critical fact worth pointing out is that the U.S. and Israeli intelligence communities have been seeding the narrative for over a year regarding the upcoming hacks of critical U.S. infrastructure on or around the US 2020 election, scheduled for November 3rd, by groups affiliated with the governments of Iran, Russia and/or China. As described above, many of the same groups and individuals behind the CTI League have played key roles in seeding aspects of that narrative.

Despite its massive conflict of interest, this opaque group is now nestled within much of the US’ critical infrastructure enjoying little, if any, oversight – ostensibly justified by the league’s “altruism.” As a consequence, the group’s opaqueness could easily lend itself to be used as the springboard for a “false flag” cyberattack to fit the very narrative pushed by Zaidenberg and his affiliates. From a national security perspective, allowing CTI League to operate in this capacity would normally be unthinkable. Yet, instead, this suspect organization is openly partnered with the US government and US law enforcement.

With US intelligence already having conducted such “false flag” cyberattacks through its UMBRAGE program, which allows them to place the “fingerprints” of Chinese, Russian and Iranian-affiliated hackers on cyberattacks that the U.S. actually conducts, any forthcoming cyberattack should be thoroughly investigated before blame is assigned to any state actor. Any such investigation would do well to first look at whether the CTI League was given access to the targets.

August 28, 2020 Posted by | Deception, Russophobia, Wars for Israel | , , | Leave a comment

Cybereason Announces New Plans to “Accelerate” Access to US Govt Networks Ahead of 2020 Election

By Whitney Webb | The Last American Vagabond | July 27, 2020

A cybersecurity firm tied to Israeli intelligence’s Unit 8200 that simulated a series of terrorist attacks occurring on the U.S. 2020 election has announced a new hire with deep ties to the U.S. intelligence and defense communities with the goal of gaining greater access to U.S. government networks.

A cybersecurity company tied to Israeli intelligence and a series of unnerving simulations regarding cyber-terrorist attacks on the upcoming U.S. elections has recently announced a new hire who plans to aid the company in further penetrating the U.S. public sector. Last Wednesday, the company Cybereason announced that it had hired Andrew Borene as its Managing Director for its recently launched U.S. public sector business. Borene, who boasts longstanding ties to the U.S. intelligence community and the Pentagon, “will accelerate Cybereason’s partner and customer presence in the U.S. public sector,” according to a Cybereason press release.

“My goal is to build a strong business for Cybereason within the U.S. public sector and I am planning to recruit a group of direct support executives, veterans and alumni of the elite [U.S.] military units and agencies that have defended our nation in the information age. I’ll also work to establish a network of the best channel and delivery partners for federal, state and local governments,” Borene said per the press release.

Eric Appel, Cybereason’s General Manager for North American Sales, stated that “We’re excited about Andrew joining Cybereason and the opportunity in the U.S. public sector for Cybereason to make a profound impact on helping the nation’s federal civilian, military, state and local government agencies…”

Borene will likely be successful in his ability to recruit a sales team of prominent alumni from the U.S. intelligence and defense communities to market Cybereason’s products throughout the U.S. government. Prior to joining Cybereason, Borene was a senior advisor to the Intelligence Advanced Research Projects Activity (IARPA), the intelligence community’s “DARPA” equivalent that is housed within the Office of the Director of National Intelligence (ODNI). He served in that capacity on behalf of intelligence contractor Booz Allen Hamilton. Prior to that, Borene served as Associate Deputy General Counsel to the Pentagon and was previously a military intelligence officer for the U.S. Marine Corps.

Borene’s private sector experience is also significant, as he was a senior executive at IBM. Notably, the current Chief Information Officer for the CIA, Juliane Gallina, had served alongside Borene as a top IBM executive prior to taking her current position at the agency. In addition, Borene also boasts ties to Wall Street as a veteran of Wells Fargo’s investment banking division.

In addition, Borene has deep ties to Washington’s foreign policy establishment as a “life member” of the Council on Foreign Relations (CFR) and to the national security-think tank nexus through his senior fellowship at the National Security Institute (NSI). NSI’s board includes former NSA directors, Keith Alexander and Michael Hayden (also a former CIA director); former Deputy Defense Secretary and “architect” of the Iraq War, Paul Wolfowitz; former director of the Defense Intelligence Agency, David Shedd; and a variety of other former top intelligence and defense officials as well as Silicon Valley executives and venture capitalists.

Notably, Borene is the latest addition to Cybereason with ties to the U.S. intelligence and defense communities as the company’s advisors include Robert Bigman, former Chief Information Security Officer for the CIA as well as Peter Sherlock, the former Chief Operating Officer of MITRE corporation, a major intelligence and defense contractor connected to the Ptech-9/11 controversy.

Cybereason: a front for Israeli Military Intelligence

Cybereason’s announcement of its hire of Andrew Borene coincided with its launch of its new “U.S. public sector business,” meaning that Cybereason now seeks to have its cybersecurity software running on even more of the U.S. government’s most classified networks. Cybereason, for years, has already been running on several sensitive U.S. government networks through its partnerships with IT contractors for intelligence and defense, such as Lockheed Martin (also a Cybereason investor), WWT and Leidos. However, Borene’s hire and this new publicly announced pivot towards the U.S. public sector clearly demonstrates the company’s interest in further deepening its presence on U.S. government networks.

Cybereason’s pivot is concerning for several reasons. First, its co-founders are alumni of Israel’s Unit 8200, an elite unit of the Israeli Intelligence corps that is part of the IDF’s Directorate of Military Intelligence and is involved mainly in signal intelligence, surveillance, cyberwarfare and code decryption. It is also well-known for its surveillance of Palestinian civilians and for using intercepted communications as blackmail in order to procure informants among Palestinians living under occupation in the West Bank.

In addition, all three Cybereason co-founders, after leaving Unit 8200, went on to work for two private Israel-based tech/telecom companies with a notorious history of aggressive espionage against the U.S. government: Amdocs and Comverse Infosys (the latter is now known as Verint Systems Inc.). This raises the possibility that Cybereason software could potentially be used as a backdoor by unauthorized actors, given that the company’s co-founders all previously worked for firms that have a history of placing backdoors into U.S. telecommunications and electronic infrastructure as well as aggressively spying on U.S. federal agencies.

Also notable is the fact that the company’s current CEO and co-founder Lior Div was much more than the average Unit 8200 officer during his time in the unit, as he “served as a commander [in Unit 8200] and carried out some of the world’s largest cyber offensive campaigns against nations and cybercrime groups. For his achievements, he received the Medal of Honor, the highest honor bestowed upon Unit 8200 members,” according to his biography. Troublingly, in an interview that Div gave to TechCrunch last year, Div stated that his work at Cybereason is “the continuation of the six years of training and service he spent working with the Israeli army’s 8200 Unit.”

This is particularly noteworthy given that Israel’s government has openly admitted that an on-going intelligence operation, first initiated in 2012 – the year Cybereason was founded, involves Israeli military intelligence and intelligence operations that had previously done “in house” (i.e. as part of Unit 8200, Mossad, etc.) being spun off into private companies, specifically start-ups in the “cyber” realm.

This operation is part of Israeli Prime Minister Benjamin Netanyahu’s “deliberate policy” to have former members of Israel’s “military and intelligence units … merge into companies with local partners and foreign partners” in order to make it all but impossible for major corporations and foreign governments to boycott Israel and to also to ensure that Israel becomes the world’s dominant “cyber power.”

One notable report on this policy, published by Israeli outlet Calcalist Tech, interviewed dozens of Israeli military, intelligence and government officials and noted that “since 2012, cyber-related and intelligence projects that were previously carried out in-house in the Israeli military and Israel’s main intelligence arms are transferred to companies that in some cases were built for this exact purpose.” The article also states that beginning in 2012, Israel’s intelligence and military intelligence agencies began to outsource “activities that were previously managed in-house, with a focus on software and cyber technologies.”

“Simulating” the Cancellation of the 2020 Election

In light of Cybereason’s background and the “acceleration” of their presence on U.S. government networks, the timing of their redoubled efforts to court the U.S. public sector add additional layers of concern given that it precedes the U.S. 2020 election by a matter of months. Since last year, Cybereason has conducted multiple simulations focused on the 2020 election, which were attended by federal officials from the FBI, DHS and the U.S. Secret Service and all of which ended in disaster. In those simulations, the 2020 election was ultimately canceled and martial law was then declared due to the chaos created by a group of hackers led by Cybereason employees.

Notably, Cybereason stood to gain nothing financially from the simulations given that their software could not have prevented the attacks waged against the U.S.’ electoral infrastructure in the exercise and the company framed their hosting of the simulations as merely “altruistic” because of their professed desire to help “protect” U.S. election infrastructure. The attacks conducted in the simulations by Cybereason employees included creating power grid blackouts, the use of deep fakes to sow confusion, creating havoc with municipal sewage systems and crashing self-driving cars into voters waiting in line to cast their ballots, killing 32 and injuring over a hundred people.

In the months since I first wrote about Cybereason and their 2020 “doomsday” simulations back in January, U.S. government officials and mass media alike have been warning that these same types of attacks that Cybereason simulated are likely to come to pass on this upcoming election day, scheduled for November 3rd of this year. More recently, in less than a week, headlines like “Election Security Experts Expect ‘Chaos’ Unless Action Taken,” “New York’s Pandemic Voting ‘Chaos’ Set to Go Nationwide in November,” and “Foreign adversaries ‘seeking to compromise’ presidential campaigns, intel warns,” among others, have been published in major U.S. media outlets.

While these narratives have asserted that China, Russia and/or Iran will be to blame for such attacks, it is worth noting that a tight-knit web of Israeli state-owned and private companies tied to Israeli military intelligence now run the software controlling key parts of the power grid in New York, California and elsewhere in the U.S.; are the main global producers of deep fakes; and the main providers of “security” software for self-driving and semi-self-driving cars, the quantity of which on U.S. streets has grown dramatically as a result of the coronavirus crisis.

With Cybereason’s newly announced push to run its software on critical U.S. government networks at both the federal and state levels, the company’s history of simulating terror attacks on critical U.S. infrastructure and their openly admitted and on-going ties to Israeli military intelligence deserve more scrutiny than ever as the U.S. election draws closer.

July 27, 2020 Posted by | Deception, False Flag Terrorism | , , , , , | Leave a comment

NYC Taxpayers Spending Millions on Cyber Center with Controversial Ties to Israeli Intelligence

Graphic by Claudio Cabrera
By Whitney Webb | MintPress News | February 14, 2020

Early last week, the city of New York launched — with little media scrutiny — one of two new massive cybersecurity centers that will be run by private Israeli firms with close ties to Israel’s government, the so-called “Mega Group” tied to the Jeffrey Epstein scandal and prominent pro-Israel lobby organizations operating in the United States. The centers were first announced in 2018 as was the identity of the firms who would run them: Israel-based Jerusalem Venture Partners and SOSA.

As MintPress has reported on several occasions, all three of these entities have a history of aggressively spying on the U.S. federal government and/or blackmailing top American politicians, raising concerns regarding why these companies were chosen to run the new centers in the heart of Manhattan. The news also comes as Israeli cybersecurity companies tied to Israeli military intelligence Unit 8200 were revealed to have access to the U.S. government’s most classified systems and simulating the cancellation of the upcoming 2020 presidential election.

The new cybersecurity centers are part of a new New York City public-private partnership called “CyberNYC” that is valued at over $100 million and officially aims to “spur the creation of 10,000 cybersecurity jobs and make New York City a global leader in cyber innovation.” CyberNYC is an initiative of New York City’s Economic Development Corporation.

However, the companies that will be responsible for creating those cybersecurity jobs will benefit foreign companies, namely Israeli and most of the jobs to be created will go to foreigners as well, as media reports on the partnership have quietly noted. Those reports also stated that, while the stated purpose of the centers is to create new jobs, the Israeli firms chosen to run them — Jerusalem Venture Partners (JVP) and SOSA — view it as an opportunity to provide Israeli cybersecurity companies with a foothold into the American market and to see Israeli cybersecurity products adopted by both small and medium-sized American businesses, not just large corporations and government agencies.

For example, the founder of JVP and former Knesset member, Erel Margalit, told the Jerusalem Post that “the center we are setting up [in New York] will assist Israeli hi-tech companies in collaborating with customers and companies in the US and around the world.” More recently, ahead of the opening of the cybersecurity center that Margalit’s firm will manage, he told the Times of Israel that “New York is about something else, it’s about the drama of taking investors from Israel and Spain or Paris and other places and taking them to the next business level.” In other words, the companies set to benefit from these new centers will be foreign and mainly Israeli, as JVP invests the vast majority of its funds in Israeli start-ups.

Given that Wilson Lin, the head of CyberNYC, explained the reason behind the initiative is the fact that “there are not enough well-trained people in cyber security to fill the jobs that are required for a safer, more thriving commercial sector,” the statements of JVP’s founder strongly suggests that those “well-trained people” will not be Americans in New York, but will be brought in from abroad, namely Israel’s cybersecurity sector.

Of the companies chosen by CyberNYC to run its new cybersecurity centers, both have clear and demonstrable ties to Israel’s government and military intelligence as well as controversial groups of pro-Israel donors with considerable political clout in the United States.

For instance, Jerusalem Venture Partners was founded by Erel Margalit in 1993, with funding from the Yozma Program, an Israeli government program to “incentivize venture capital investment” in Israel. Since then, it has been a driving force in the development of Israel’s hi-tech sector and regularly collaborates with the Israeli Ministry of Economy and Industry and the EISP (Entrepreneurship and Innovation Support Program) alumni organization of Unit 8200. Today, it is the second largest venture capital fund in Israel.

JVP was also the sole venture capital fund chosen to partner with Israel’s government and military to establish the public-private “cyber hub” in Beersheba. This “hub” not only houses the IDF’s technology campus, but also the Israel National Cyber Directorate, which reports directly to Israel’s Prime Minister, as well as a high-tech corporate park that mostly houses tech companies with ties to Israel’s military intelligence apparatus. The area has been cited in several media reports as a visible indicator of the public-private merger between Israeli technology companies, many of them started by Unit 8200 alumni, and the Israeli government and its intelligence services.

A composite image of the future JVP-funded New York City cyber center. Photo | JVP Press Release

In addition to JVP’s close ties to Israel’s government and its key role in the merging of Israel’s private cybersecurity sector with Israeli military intelligence, JVP also has close ties to the Bronfman family through its Chief Operating Officer and general partner, Fiona Darmon. Prior to working with JVP, Darmon worked for Claridge Israel, the investment arm of the Bronfman family that was founded by Charles Bronfman in 1987.

Charles Bronfman was a one-time business partner of Mossad agent Robert Maxwell, father of Jeffrey Epstein’s alleged madam Ghislaine Maxwell, and co-founded the “Mega Group”, a group of pro-Israel oligarchs with clear and direct ties to organized crime, alongside Leslie Wexner, the main financier of Jeffrey Epstein’s operation that involved the sex trafficking of minors on behalf of Israeli military intelligence.

SOSA was founded much more recently than JVP, yet also has close ties to Israel’s government and military. Created in 2014, SOSA has grown rapidly by connecting mostly Israeli start-ups with investors and through its partnerships with the IDF. This partnership first became clear in 2018, when SOSA created the Homeland Security (HLST) Innovation Hub, which the Times of Israel described as “a first of its kind program that aims to create a defense and security innovation community that will match homeland security and defense industry firms with startups, to help industry giants maintain their leading edge.”

Last year, SOSA became one of two companies to manage the Israeli Ministry of Defense’s program INNOFENSE, an innovation program for civilian tech start-ups in the country’s defense industry. SOSA’s collaboration with the IDF also involves the creation of “joint business activities between international companies, [government] security organizations, investors and startups,” making SOSA a key player in the blurring of the line between Israeli military intelligence and its private tech sector.

SOSA is also directly partnered with two of Israel’s top weapons manufacturers, Rafael Advanced Defense Systems, as well as defense electronics companies ELTA Systems and Elron Electronics, the former parent company of another Israeli weapons manufacturer Elbit Systems. It is also partnered with the Unit 8200 alumni-founded tech company CheckPoint Systems and Leumi Tech, the hi-tech subsidiary of one of Israel’s largest banks, Leumi. Leumi Tech exists only in the U.S. and specifically aims to “provide a comprehensive suite of products and services to Israeli high-tech companies operating in the US.” The bank was recently forced to pay $400 million to the U.S. government for assisting U.S. citizens, most of them dual U.S.-Israeli citizens, in preparing false tax returns and hiding their assets in offshore accounts.

SOSA’s General Manager Guy Franklin is of particular interest, due to his close ties to the Israeli American Council (IAC), a pro-Israel lobby group created by convicted felon and ultra-Zionist millionaire Adam Milstein and largely funded by Sheldon and Miriam Adelson. The Adelsons are also the largest donors to both President Trump and the Republican Party in the United States.

In this photo posted on SOSA’s Facebook page, SOSA execs Uzi Scheffer and Guy Franklin pose in New York’s Time Square

Of the $100 million in funding for the CyberNYC initiative, $30 million comes from New York taxpayers and the remaining funds coming from the program’s partners, which includes Goldman Sachs and the Israeli military intelligence Unit 8200 incubator Team8, a start-up accelerator which has been discussed at length in several past MintPress News reports, including the recent MintPress investigation into the Israeli company Cybereason — a partner of Team8.

Team8, particularly its presence in New York, has long been associated with the push by pro-Israel political donor and American hedge fund manager Paul Singer and Israel’s government to make Israel the global cybersecurity leader as a means of preventing countries from boycotting Israel over human rights violations and war crimes. Team8’s role in CyberNYC will see them not only finance part of the initiative but also training cybersecurity workers who will be hired as part of the partnership.

Singer, who is based in Manhattan, created Start Up Nation Central in 2012 to specifically outsource American tech jobs to Israel in collaboration with top AIPAC officials and Israel’s government. Meanwhile, in parallel, Israel’s government and intelligence apparatus began a policy that same year that involved outsourcing intelligence and military intelligence operations to private companies created for that very purpose, particularly in the field of cybersecurity.

Thus, much as Israel’s cybersecurity industry has long been fused to Israel’s military and intelligence apparati, the Paul Singer-funded and Israel-backed policy has openly sought to bring American companies and government agencies into the fold in order to prevent boycotts of Israel. Though the so-called “anti-BDS laws” that have been passed in several U.S. states are one facet of this push, the use of Israeli tech, namely cybersecurity, sector to pursue this same end has received decidedly less coverage.

New York City has long been a major focus on this policy, with the growth of Israel hi-tech start-ups present in New York and run by former members of Unit 8200 exploding since this policy officially began in 2012. Indeed, Haaretz noted that, between 2013 and 2017 alone, the number of Israeli tech start-ups in New York City grew by fivefold and the number of Unit 8200 alumni working in NYC tech start-ups has also spiked in that same time frame.

The number of Unit 8200 alumni working in NYC’s tech sector has grown so much that they host an annual gala closed to the press where the goal, per Haaretz, is “to try to connect startups and early stage entrepreneurs from 8200 EISP (the Israeli accelerator for Unit 8200 alumni) with clients and venture capital funds in the United States.” One of the main players at that gala is Guy Franklin, the CEO of SOSA, which was chosen to run the other NYC cybersecurity sector.

The decision to create expensive, new cybersecurity centers run by JVP and SOSA, two Israeli firms with clear ties to controversial pro-Israel lobby organization and donors as well as Israel’s government and intelligence apparatus, reveals that not only is this Singer and Israel-backed policy continuing to develop and expand at a rapid pace, but now the money of New York City taxpayers is now being used to propel it to new heights even though that very policy benefits Israel’s economy at the U.S.’ expense.

Whitney Webb is a MintPress News journalist based in Chile. She has contributed to several independent media outlets including Global Research, EcoWatch, the Ron Paul Institute and 21st Century Wire, among others. She has made several radio and television appearances and is the 2019 winner of the Serena Shim Award for Uncompromised Integrity in Journalism.

February 14, 2020 Posted by | Deception, Full Spectrum Dominance | , , , | 7 Comments

How Government and Media Are Prepping America for a Failed 2020 Election

Feature photo | Graphic by Claudio Cabrera for MintPress News
By Whitney Webb | MintPress News | January 28, 2020

As World War II drew to a close in Europe, British philosopher Bertrand Russell wrote that “neither a man nor a crowd nor a nation can be trusted to act humanely or to think sanely under the influence of a great fear.”

Though numerous examples in the post-World War II era have proven Russell’s point, perhaps one of the best examples was the U.S. public’s willingness to swallow lie after lie about Saddam Hussein’s Iraq due to the climate of fear that followed the September 11 attacks. Those lies, propagated by dubious intelligence, government officials and a compliant media, resulted in catastrophes – large and small, both abroad and at home.

Today, an analogous narrative is being crafted by many of the same players – both in media and government – yet it has avoided scrutiny, even from independent media.

Over the past several months and with a renewed zeal in just the last few weeks, anonymous intelligence officials, dubious “experts” and establishment media outlets have crafted a narrative about the coming “chaos” of the 2020 election, months before it takes place. Per that narrative, certain state actors will use specific technologies to target the “American mind” in order to undermine the coming presidential election. The narrative holds that those efforts will be so successful that the U.S. will never recover as a democracy.

Though these anonymous government sources and their stenographers have already named the countries who will be responsible and the technologies they will use, they also admit that no evidence yet exists to back up these claims, meaning they are — at best — pure speculation.

Headlines such as “Hackers Are Coming for the 2020 Election — And We’re Not Ready,” “Basically Every US National Security Leader Is Warning About Foreign Interference In The 2020 Election,” and “U.S. intel agencies: Russia and China plotting to interfere in 2020 election” have become increasingly common, despite no available evidence, as have warnings that the American public is defenseless against the old scourge of “fake news” and the new scourge of “deep fakes.” Some media reports have gone so far to say that actual foreign meddling isn’t even necessary as merely the fear of foreign meddling could be enough to upend the American political system beyond repair.

Historically, the goal of such fear-inducing narratives has been the trading of civil liberties for increased security, or rather, the appearance of increased security. Yet, when the need for security is felt due to a fear that is based on government-driven speculation and not on evidence, the goal of that narrative is not about protecting the public from a real, tangible threat but instead about the consolidation of power by the very groups responsible for crafting it — in this case, the intelligence community and other key players in the national security state.

However, what is particularly odd about this narrative surrounding imminent “chaos” and meddling in the upcoming 2020 election is the fact that, not only have the instruments of said meddling been named and described in detail, but their use in the election was recently simulated by a company with deep ties to both U.S. and Israeli intelligence. That simulation, organized and run by the Israeli-American company Cybereason, ended with scores of Americans dead, the cancellation of the 2020 election, the imposition of martial law and a spike in fear among the American populace.

Many of the technologies used to create that chaotic and horrific scenario in the Cybereason simulation are the very same technologies that U.S. federal officials and corporate media outlets have promoted as the core of the very toolkit that they claim will be used to undermine the coming election, such as deep fakes and hacks of critical infrastructure, consumer devices and even vehicles.

While the narrative in place has already laid the blame at the feet of U.S. rival states China, Russia and Iran, these very technologies are instead dominated by companies that are tied to the very same intelligence agencies as Cybereason, specifically Israeli military intelligence.

With intelligence agencies in the U.S. and Israel not only crafting the narrative about 2020 foreign meddling, but also dominating these technologies and simulating their use to upend the coming election, it becomes crucial to consider the motivations behind this narrative and if these intelligence agencies have ulterior motives in promoting and simulating such outcomes that would effectively end American democracy and hand almost total power to the national security state.

Media, intelligence foreshadow tech-powered doom for 2020

Even though the 2020 U.S. election is still months away, a plethora of media reports over the past six months (and even before then) have been raising concern after concern about how the U.S. election is still so vulnerable to foreign meddling that such meddling is essentially an inevitability.

Part of the reason for the recent pick-up in fear mongering appears to have been the release of a joint statement issued by key members of the Trump administration last November. That statement, authored by Attorney General Bill Barr, Defense Secretary Mark Esper, acting DHS Secretary Kevin McAleenan, acting Director of National Intelligence Joseph Maguire, FBI Director Christopher Wray, NSA Director Gen. Paul Nakasone, and Cybersecurity and Infrastructure Security Agency (CISA) Director Christopher Krebs, claimed that foreign interference in 2020 was imminent despite admitting that there is no evidence of interference having taken place:

Our adversaries want to undermine our democratic institutions, influence public sentiment and affect government policies. Russia, China, Iran, and other foreign malicious actors all will seek to interfere in the voting process or influence voter perceptions. Adversaries may try to accomplish their goals through a variety of means, including social media campaigns, directing disinformation operations or conducting disruptive or destructive cyber-attacks on state and local infrastructure.

While at this time we have no evidence of a compromise or disruption to election infrastructure that would enable adversaries to prevent voting, change vote counts or disrupt the ability to tally votes, we continue to vigilantly monitor any threats to U.S. elections (emphasis added).”

Despite the key caveat of there being no evidence at the time the statement was issued, media reports used the statement to claim that foreign interference in 2020 was imminent, such as in these reports from BuzzFeed, ABC News, and Newsweek.

In addition to the reports that have cast the involvement of state actors — namely Russia, Iran and China — as assured despite no evidence, other reports have made the claim that this allegedly imminent interference will inevitably be successful, largely due to claims that the tactics used will rely heavily on technology that the U.S. can’t hope to successfully counter. CSO Online, an online news outlets that provides news, analysis and research on security and risk management, recently warned that “fixing America’s voting and election infrastructure problems is a long-term proposition, one that won’t be fixed in time for the election in November” while the New York Times warned of imminent chaos and that “stealthier” malevolent foreign actors had already created the foundation for “an ugly campaign season marred by hacking and disinformation.” Wired claimed last year that U.S. election security “is still hurting at every level.”

In another example, Rolling Stone published an article earlier this month with the headline “Hackers Are Coming for the 2020 Election — And We’re Not Ready,” which claims that “the reality is that: “We’ve made progress since the last election — but we’re much less secure than we should be.” The article goes on to say that claim that the goal isn’t necessarily to hack voting machines or change results, but “to merely create the impression of an attack as a way to undermine our faith in the electoral process.”

It continues:

The target is the minds of the American people,” says Joshua Geltzer, a former counterterrorism director on the National Security Council. “In some ways, we’re less vulnerable than we were in 2016. In other ways, it’s more.” Nearly every expert agrees on this: The worst-case scenario, the one we need to prepare for, is a situation that causes Americans to question the bedrock of our democracy — free and fair elections.”

Well before this type of rhetoric made its way into the U.S. media, Israeli intelligence-linked tech firm Cybereason claimed, in a release on its website that “messing with a voter’s mind” would have a bigger impact than changing vote totals, even before the 2016 election. That release, published by Cybereason prior to the last presidential election, was authored by the company’s CEO, Lior Div, who used to lead offensive hacking operations against nation-states for Israeli military intelligence.

Notably, of all of these media reports, there is a clear consensus that one of the main tactics that will soon be used to meddle in the coming U.S. election will be the use of so-called “deep fakes.” Deriving its name from a combination of “deep learning” and “fake,” deep fakes involve video and audio that has been manipulated using artificial intelligence (AI) to create media that appears to be authentic, but is not. Concern about its use in the upcoming election has spurred not only a wealth of media reports on the matter but has prompted both the U.S. military and Congress to take action to limit its potential misuse.

One thing that stands out about the media narrative regarding election meddling and deep fakes is that several news organizations have published articles that state that deep fakes will be used to undermine the 2020 election, as opposed to stating that they could be used or that they are a phenomenon worthy of attention (though some reports have taken this more measured approach).

The reason for this level of confidence may owe to statements made by prominent U.S. intelligence officials last year, including those made by Dan Coats, the former Director of National Intelligence (DNI), who claimed in the 2019 Worldwide Threat Assessment for the U.S. Intelligence Community that deep fakes and other hi-tech forms of fake media would be used to disrupt the 2020 election. Coats specifically stated:

Adversaries and strategic competitors probably will attempt to use deep fakes or similar machine-learning technologies to create convincing—but false—image, audio, and video files to augment influence campaigns directed against the United States and our allies and partners.”

Since Coats made the warning, numerous media reports have promoted the concern with little scrutiny, representing just one of the numerous times in U.S. history where narratives first authored by U.S. intelligence are subsequently promoted heavily by U.S. media, even when the claim made by intelligence officials is speculative, as it is in this case. Indeed, the narratives being promoted with respect to the 2020 election involve many of the same intelligence agencies (American and Israeli) and media outlets who promoted claims that were later proven false about “weapons of mass destruction” in Iraq prior to the 2003 invasion, among other pertinent examples.

Notably, deep fakes figured prominently and was the tool most used by malevolent hackers in Cybereason’s 2020 election simulation, which saw both video and audio-only deep fakes used to spread misinformation on national and local TV channels in order to impersonate police officers and election officials and to create fake bomb threats by posing as the terror group Daesh (ISIS). Cybereason also happens to be a partner of the organization funding the most well-known creator and producer of deep fakes in the world, an organization that — much like Cybereason itself — is openly tied to Israeli intelligence.

Aside from deep fakes, other technologies weaponized in Cybereason’s election simulation have also been the subject of several media reports, such as the hacking of Internet of Things (IoT) devices and appliances and even the hacking of vehicles that have some form of internet connectivity. In the Cybereason simulation, IoT hacks were used to cut power to polling stations and disseminate disinformation while vehicles were hacked to conduct terror attacks against civilians waiting in line to vote, killing several and injuring hundreds.

Most media reports have claimed that these technologies will be part of the coming “explosion” in cyber warfare in 2020 and do not specifically link them to imminent election meddling. Others, however, have made the link to the election explicit.

Naming the culprits in advance

In addition to the apparent consensus on how foreign meddling will occur during the 2020 election, there is also agreement regarding which countries will be responsible. Again, this is largely based on statements made by U.S. national security officials. For instance, the joint statement issued last November by the DOJ, DOD, DHS, DNI, FBI, NSA, and CISA regarding 2020 election security, states that “Russia, China, Iran, and other foreign malicious actors all will seek to interfere in the voting process or influence voter perceptions” before adding “at this time we have no evidence.”

Similarly, the 2019 Worldwide Threat Assessment for the U.S. Intelligence Community, written by then-Director of National Intelligence Dan Coats, names these same three countries in relation to imminent 2020 election interference and states that their interference in the 2020 election is “almost certain.” The assessment adds the following about each nation:

  • Russia: “Russia’s social media efforts will continue to focus on aggravating social and racial tensions, undermining trust in authorities, and criticizing perceived anti-Russia politicians.”
  • China: “China will continue to use legal, political, and economic levers—such as the lure of Chinese markets—to shape the information environment. It is also capable of using cyber attacks against systems in the United States to censor or suppress viewpoints it deems politically sensitive.”
  • Iran: “Iran, which has used social media campaigns to target audiences in both the United States and allied nations with messages aligned with Iranian interests, will continue to use online influence operations to try to advance its interests.”

Coats’ assessment was enough to spawn numerous stories on the imminent threat that these three nations pose to the 2020 election, with headlines such as “U.S. intel agencies: Russia and China plotting to interfere in 2020 election.”

The vast majority of warnings regarding future election interference have come from U.S. intelligence officials with a dubious record of trustworthiness and a history of using the media to spread propaganda and disinformation, most famously through Operation Mockingbird. Most — if not all — of the recent and numerous articles on imminent interference rely heavily on claims made by the two aforementioned government documents, documents crafted by U.S. intelligence agencies for public consumption, as well as claims made by anonymous U.S. officials.

A screenshot from the 2019 National Threat Assessment lists Russia, China and Iran as primary threats to the United States

A recent New York Times article, for example, titled “Chaos Is the Point’: Russian Hackers and Trolls Grow Stealthier in 2020,” is based almost entirely on “interviews with dozens of officials and experts,” though the only government official named in the article is Shelby Pierson, the intelligence community’s election threats executive. The most quoted experts named in the article are Ben Nimmo, formerly of the hawkish, NATO-funded Atlantic Council and now with Graphika, and Laura Rosenberger, director of the neoconservative-created Alliance for Securing Democracy. The article nonetheless cites “American officials” and “current and former officials” several times to make claims about imminent election interference that paint a bleak picture of the current election season.

A recent article from The Hill relies on the acting head of DHS, Chad Wolf, as its only source, citing Wolf’s claim that “we fully expect Russia to attempt to interfere in the 2020 elections to sow public discord and undermine our democratic institutions” amid other warnings that Wolf gave about Chinese and Iranian cyber threats to U.S. elections. Other articles, including one titled “Russia, China plan to adjust their tactics to hack, influence 2020 elections” cite only Shelby Pierson of the U.S. intelligence community as its source for that headline’s claim. Another titled “Russia isn’t the only threat to 2020 elections, says U.S. intel” cites only anonymous U.S. intelligence officials, as the headline suggests.

Though Russia and China have consistently been named as the most likely election meddlers, reports have also been drumming up the likelihood that Iran will emerge as 2020’s foreign meddler of choice, especially in the months prior to and weeks after the killing of Iranian General Qassem Soleimani by the Trump administration. A recent “informal poll” conducted by the Washington Post asked hawkish think tank fellows, employees at companies like Raytheon and current and former federal officials if Iran would likely retaliate against the U.S. via cyberattack. The Post ran the results of the poll under the headline “Get ready for serious cyberattacks from Iran, experts say.”

Despite the media’s numerous warnings of imminent and “serious” cyber-retaliation from Iran, the only cyberattack attributed to the country after Soleimani’s death was the vandalism of the Federal Depository Library Program website, a rather benign act that was nevertheless blasted across headlines such as “US government website hacked with pro-Iranian messages, image of bloodied Trump.” The U.S. government is quoted in that article as saying that “At this time, there is no confirmation that this was the action of Iranian state-sponsored actors.”

Also notably absent from media reports is the fact that WikiLeaks revealed in 2017 that the CIA had stockpiled a library of “stolen” cyberattack techniques produced in other nations, including Russia and Iran. Those revelations, part of the Vault 7 release, revealed that the CIA’s UMBRAGE group was capable of “misdirect[ing] attribution [for cyberattacks actually done by the CIA] by leaving behind the ‘fingerprints’ of the groups that the attack techniques were stolen from.” In other words, the CIA was more than capable of conducting “false flag” cyber attacks and blaming them on foreign actors.

Notably, one of the viruses being blamed on Iran for cyberattacks targeting the U.S. ahead of the 2020 election — called Shamoon — was “stolen” by the CIA’s UMBRAGE and cited in the WikiLeaks release.

Conflict of interest-ridden Microsoft “defends democracy”

Last year saw the tech behemoth Microsoft join the effort to blame foreign state actors, specifically Iran, for cyberattacks against the U.S. This helped to bolster assertions that had largely originated with a handful of U.S. intelligence officials and hawkish, neoconservative-aligned think tanks as media reports on Microsoft’s related claims treated the company as an independent private sector observer.

Yet, as MintPress investigations have revealed, Microsoft has clear conflicts of interest with respect to election interference. Its “Defending Democracy” program has spawned tools like “NewsGuard” and “ElectionGuard” that it claims will help protect U.S. democracy, but — upon closer examination — instead have the opposite effect.

Last January, MintPress exposed NewsGuard’s neoconservative backers and how special interest groups were backing the program in an effort to censor independent journalism under the guise of the fight against “fake news.” Subsequent investigations revealed the risk that Microsoft’s ElectionGuard poses to U.S. voting machines, which it claims to make more secure and how the platform was developed by companies closely tied to the Pentagon’s infamous research branch DARPA and Israeli military intelligence Unit 8200.

ElecionGuard software has since been adopted by numerous voting machine manufacturers and is slated to be used in some Democratic Primary votes. Notably, the push for the adoption of ElectionGuard software has been spearheaded by the recently created Cybersecurity and Infrastructure Security Agency (CISA), which is the federal agency tasked with overseeing election security and is headed by Christopher Krebs, a former high level Microsoft executive.

In recent months, Microsoft has also been at the center of claims that Iran attempted to hack U.S. presidential campaigns ahead of 2020 as well as claims that Iran plans to target the U.S. power grid and other critical infrastructure with cyberattacks.

Last October, Microsoft penned a blog post discussing a “threat group” it named Phosphorus that they “believe originates from Iran and is linked to the Iranian government.” The post went on to claim that Phosphorus attempted to target a U.S. presidential campaign, which later media reports claimed was President Trump’s re-election campaign. Microsoft concluded that the attempt was “not technically sophisticated” and ultimately unsuccessful, but felt compelled to disclose it and link it to Iran’s government.

Though it provided no evidence for the hack or its reasons for “believing” that the attack originated from Iran, media reports treated Microsoft’s declaration as proof that Iran had begun actively meddling in the 2020 election. Headlines such as “Iranian Hackers Target Trump Campaign as 2020 Threats Mount,” “Iran-linked Hackers Target Trump 2020 Campaign, Microsoft says”, “Microsoft: Iran government-linked hacker targeted 2020 presidential campaign” and “Microsoft Says Iranians Tried To Hack U.S. Presidential Campaign,” were blasted across the front pages of American media. None of the reports scrutinized Microsoft’s claims or noted the clear conflict of interest Microsoft had in making such claims due to its efforts to see its own ElectionGuard Software adopted nationwide.

Media reports also left out the fact that Microsoft is a major government contractor for the U.S. intelligence community and the Pentagon. Notably, the Trump campaign, which Microsoft said was the target of this attack, was later identified as the only major presidential campaign using Microsoft’s “AccountGuard” software, part of its dubious “Defending Democracy” program that also spawned NewsGuard and ElectionGuard. AccountGuard claims to protect campaign-linked emails and data from hackers.

Microsoft surfaced not long after, again claiming that Iran was maliciously targeting the United States’ civilian infrastructure. This subsequent claim was first published by Wired and later covered by other outlets. Those reports cite a single person, Microsoft security researcher Ned Moran, who claimed that an Iran-backed hacking group called APT33 was targeting the U.S. “physical control systems used in electric utilities, manufacturing, and oil refineries.”

“They’re trying to deliver messages to their adversaries and trying to compel and change their adversaries’ behavior,” Moran told Wired. Moran also stated that “Microsoft hasn’t seen direct evidence of APT33 carrying out a disruptive cyberattack rather than mere espionage or reconnaissance, it’s seen incidents where the group has at least laid the groundwork for those attacks (emphasis added).”

Cybereason helps craft the narrative

While U.S. intelligence officials and media outlets alike have been largely responsible for setting the narrative that imminent meddling will be conducted by Russia, China and Iran, key components of that narrative, particularly with respect to China and Iran, have been laid by Cybereason, a company that recently ran 2020 doomsday election simulations and that has close ties to the intelligence communities of both the U.S. and Israel.

Shortly after the killing of Iranian General Qassem Soleimani earlier this month, an operation conducted in concert with Israeli intelligence, Cybereason warned that Iran could imminently retaliate with a cyber threat and quoted its own employees who explained what and how Iran would likely target in retaliation. Cybereason’s CSO Sam Curry, who actively participated in the firm’s 2020 doomsday election simulations, stated:

 This means that Iran’s “forceful revenge” response is likely to be less about the flash and all about the bang. If you have connected systems that are responsible for kinetic world effects, like ICS systems and critical infrastructure around water, energy or vital services, it’s time to pay attention. Iran and the US are engaged in Cyber brinksmanship, which means that the gloves are off as Iran picks it’s targets (emphasis added).”

Cybereason also quoted visiting fellow for the National Security Institute and former advisor to the U.S. Secret Service (which participated in Cyberaeson’s election simulations), Anne Marie Zettlemoyer, who claimed that Iran could soon target Wall Street and critical U.S. infrastructure like the power grid:

 An attack against the financial systems can be devastating economically and weaken the confidence and viability of markets. However, we cannot ignore the physical consequences and manifestations that can come from a cyberattack, particularly against critical infrastructure like energy and industry control systems.”

Cybereason’s claims regarding Iran’s interest in “critical infrastructure” systems likely originated with Microsoft, the claims were then parroted by the media in several reports, many of which quoted Cybereason’s Sam Curry. Curry is also a contributor to major news outlets like Forbes where he writes about Iran’s cyber warfare capabilities.

Notably, in Cybereason’s recent allegations against Iran, it states that “it’s clear that Iran has been preparing for future geopolitical conflict by gaining access to critical infrastructure and other important operations in the United States.” It backs these claims by citing an article authored by Curry for Forbes. Following Soleimani’s death, numerous media reports, including in the UK’s The Independent and ABC News, have cited Curry as an “expert” source in claiming that Iran would retaliate with cyberattacks.

Microsoft’s claims about foreign hackers and meddling — the evidence for which have never been made public but has been parroted as fact nonetheless — are frequently supported by Cybereason.

Last August, Microsoft claimed to have foiled Russian attempts at hacking two Republican-affiliated think tanks and, despite providing no evidence, Cybereason’s then-senior director of intelligence services Ross Rustici was quoted as an expert in several media reports as saying that such behavior was to be expected from Russia. In one such report, Rustici stated:

We’re very good at fighting the last war, but the Russians are very good at evolving their game. I suspect if they’re going to do a psychological operation around the elections, the way they do it will be different than what they did in 2016. How effective the defenses we’ve built for what they did in 2016 will be for those attacks is yet to be seen.”

None of the media reports quoting Rustici mentioned Cybereason’s ties to Israeli intelligence, referring to tech firms only a “Boston-based cybersecurity company” and similar variants. Cybereason’s Intelligence Group is stuffed with former and active members of U.S. and Israeli intelligence services and has released several reports about nation-state hacking with a focus on Russia and China.

Cybereason has also been at the forefront of claims that China has been engaged in aggressive cyberattacks against multinational companies that have also seen widespread coverage in U.S. media, despite the untransparent nature of the evidence for Cybereason’s claims. 

In a story that received major coverage from outlets such as Fox News, Reuters, CNBC and others, Cybereason unveiled what it called “Operation Soft Cell,” an operation that stole mass troves of data from several global telecommunications companies. In each story, Cybereason is the sole source of the claim and declined to provide the name or location of any of the affected companies. The firm also claimed to have determined that the attack was likely perpetrated by someone “backed by a nation state, and is affiliated with China.” It further claimed to have debriefed and coordinated responses with U.S. intelligence. 

In an article for Reuters, Cybereason stated that “this time as opposed to in the past we are sure enough to say that the attack originated in China” while Cybereason separately told CyberScoop that it had “found hacking tools such as a modified web shell and a remote access trojan that are commonly associated with, but not unique to, Chinese hackers.” Despite the incongruity, media reports laid the blame squarely on China, as seen in headlines such as “Chinese spies have been sucking up call records at multinational telecoms, researchers say.”

Prior to uncovering Operation Soft Cell, Cybereason had warned on its blogs in the months and years prior that China would imminently target U.S. companies. The revelation of Operation Soft Cell — which originated exclusively with Cybereason — has been used to build the case that China is openly engaged in cyberwarfare against its rival states, like the United States, and targeting “democracy itself.”

Best Known Deep Fake Creator is Funded by Israeli Intelligence

While the media, and even Cybereason itself, have helped lay the foundation to blame specific state actors for 2020 election meddling well ahead of the fact, it is worth revisiting Cybereason’s “Operation Blackout” election simulation and the tactics used by the “bad actors” in that scenario. 

That simulation, discussed in detail in the first installment of this series, saw the weaponization of specific technologies, namely deep fakes, hacks of Internet of Things (IoT) devices and hacks of vehicles, in order to target the 2020 U.S. election, resulting in the cancellation of the election and the imposition of martial law.

Given the current narrative regarding what state actors are likely to meddle in the 2020 election — namely Russia, China and Iran — and the tactics they will allegedly use, it is important to explore the sources of the technologies weaponized per that narrative as well as in “Operation Blackout.” 

Indeed, if there is any clear overlap between the creators of those technologies and the state actors being blamed in advance for their imminent use, it would certainly lend credibility to the claims promoted by U.S. intelligence, the media and companies like Microsoft and Cybereason.

Yet, upon closer examination, it becomes clear that the companies and state actors most involved in developing these technologies are the very ones claiming that Russia, China and Iran will use them to undermine the 2020 election.

Take for instance the use of deep fakes. Not only have numerous media reports focused on how deep fakes will be used to meddle in the 2020 elections, but Cybereason’s doomsday election simulation saw “bad actors” rely heavily on their use to spread disinformation and even make fake bomb threats. While much has been said of the coming election and deep fakes, remarkably few reports have bothered to look at the company best known for creating viral deep fakes. 

Canny AI has garnered considerable media attention over the past few years for its persuasive deep fake videos that have frequently gone viral. In the last year alone, the tech firm’s viral deep fakes have included a controversial video of Mark Zuckerberg where the Facebook co-founder appears to be saying “Imagine this for a second: One man, with total control of billions of people’s stolen data, all their secrets, their lives, their futures,” as well as a video showing Richard Nixon giving a speech he never actually gave. More recently, Canny AI was behind the viral videos immediately prior to the 2019 U.K. general election that appeared to show Jeremy Corbyn and his rival Boris Johnson endorsing each other and another video that showed world leaders singing John Lennon’s “Imagine”:

Oddly, many of the media reports that discuss these viral videos fail to mention the role of Canny AI in creating these viral deep fakes and instead only mention the organization or artists with whom Canny AI partnered to create them. For instance, the Corbyn-Johnson videos were reported to have been produced by the group Future Advocacy and artist Bill Posters, but it was actually Canny AI that created those videos for that group. Similarly, the Nixon Speech deep fake was reported by several outlets as having been solely created by MIT’s Center for Advanced Virtuality. However, the Boston Globe noted that “the [MIT] team worked with Canny AI, an Israeli company that does Video Dialogue Replacement, and Respeecher, a Ukrainian startup specializing in speech-to-speech synthetic voice production” to create the video.

The Zuckerberg deep fake that Canny AI created led to lots of positive press for the company, with several media reports dubbing them as the company using “deep fakes for good” and that uses the controversial technology “responsibly.” The Zuckerberg deep fake has been cited as one of the main drivers behind Facebook’s new “deep fake” policy, which only bans some deep fake videos and has been criticized by U.S. lawmakers as insufficient. Notably, neither Facebook nor Facebook-owned Instagram ever took down Canny AI’s deep fake of Zuckerburg.

Given the concern over deep fakes in relation to the coming election and Canny AI standing out as the main producer of deep fakes that have gone viral over the past year, it is important to point out that Canny AI has ties to a state actor with a history of election meddling: the state of Israel. 

Indeed, Canny AI is 100 percent funded by an Israeli start-up accelerator called Xcelerator, a joint venture between Tel Aviv University and Israeli intelligence agency Shin Bet (sometimes called Shabak). According to Start Up Nation Central, the Paul Singer-created organization that promotes Israeli technology start ups, Xcelerator-funded “start-ups participating in the program benefit from close mentoring from content and technology experts from the Shabak, experts from Tel Aviv University, and industry leaders. The connection to the Shabak also provides the entrepreneurs with ways to test the capabilities of their technologies and cooperation opportunities (emphasis added).”

In addition, Xcelerator is partnered not only with Israeli intelligence directly, but also with Cybereason, the very company that explored the use of deep fakes in the 2020 U.S. presidential election that saw the election cancelled and martial law declared as well as a company that itself has deep ties to Israeli intelligence. Other notable partners of Xcelerator include NEC Corp, which has intimate ties to top Cybereason investor Softbank; Check Point Technologies, which has ties to Israeli military intelligence Unit 8200; and the Israeli start-up accelerator Team8. In previous reports published by MintPress, Team8 was discussed in detail, particularly their recent hire of former director of the NSA and former head of U.S. Cyber Command Mike Rogers, and their close ties to Paul Singer’s Start Up Nation Central, which itself has deep ties to U.S. neoconservatives.

It is also worth noting that Xcelerator also backs an “anti-fake news” start-up called Cyabra, which has direct ties to Israel’s Mossad and offers its AI-driven “disinformation protection” to government agencies as well as politicians, particularly during election seasons. Two of Cyabra’s co-founders previously co-founded Psy-Group, which attempted to interfere in the 2016 U.S. election by weaponizing “fake news” and social media and later closed down its operations after U.S. government scrutiny into its activities began as part of the Mueller investigation. 

Psy-Group also engaged in doxxing campaigns targeting Palesintian rights activists in the U.S. which were planned in conjunction with Ram Ben-Barak, the former deputy director of the Mossad who now advises Cyabra. Given that much of the concern ahead of the next election is related not only to deep fakes but also “fake news,” Cyabra’s rise and its clear ties to Mossad and the now defunct Psy-Group are important to note.

Furthermore, in examining the other technologies weaponized during Cybereason’s 2020 election simulation and cited in the aforementioned media narrative regarding 2020 meddling, a pattern similar to that of Canny AI emerges. 

Indeed, the other technologies linked to these “bad actors” and foreign meddlers — namely hacking IoT devices and hacking vehicles — are also pioneered by companies with deep ties to Israeli military intelligence, specifically Unit 8200, and Israeli tech companies that have aggressively spied on U.S. government institutions in collusion with Israeli intelligence in the past, namely Comverse (now Verint) and Amdocs.

Hacking the Internet of Things

In Cybereason’s doomsday election simulation, another of the tactics used was the hacking of devices and appliances connected to the internet, often referred to as the Internet of Things (IoT) and which includes everything from smartphones to power grid infrastructure to city traffic lights.

While most reports on IoT hacks to date have focused on “lone wolf” or non-state-aligned actors, one company has stood out for its efforts to create a tool that would allow governments and intelligence agencies to hack these devices with ease. That company, called Toka, announced in 2018 that it planned to offer “a one-stop hacking shop for governments that require extra capability to fight terrorists and other threats to national security in the digital domain,” with “a special focus on [hacking] the so-called Internet of Things (IoT), covering tech like Amazon Echo, Nest connected home products, as well as connected fridges, thermostats and alarms.”

The Israel-based company, which raised $12.5 million within months of launching, has since been busy marketing its services to governments around the world, most recently France where it described its product portfolio as “empower[ing] governments, Intelligence, and law enforcement agencies to enhance Homeland Security with groundbreaking cyber-intelligence and operational capabilities” during an exposition in Paris last November

Even though Toka openly markets the ability to hack private consumer devices to governments and law enforcement agencies around the world, the clear threat to privacy has gone ignored by media outlets as the company has garnered nearly no media attention since it launched nearly two years ago.

Yet, Toka is not only notable for what it offers but also for its founders and investors. Indeed, the co-founders of Toka have been described as an “all-star” team, largely because of the role of former Israeli Prime Minister and former head of Israeli military intelligence, Ehud Barak. Barak, in addition to co-founding the company, serves as its director and is also the chairman of the board of the controversial Israeli company Carbyne911, which markets software to emergency call centers in the United States. Interestingly, Cybereason’s 2020 doomsday election simulation also dealt with the hacking and weaponization of 911 call centers. Also of note is the fact that another of Carbyne911’s leadership team, former Unit 8200 commander Pinchas Buchris, is an adviser to Cybereason.

Toka’s top brass is a who’s who of former Israeli military and intelligence officials

In addition to Barak, Toka was co-founded by retired Brigadier General Yaron Rosen, former Chief of the IDF’s cyber staff, where he was “the lead architect of all [IDF] cyber activities” including those executed by Israeli military intelligence Unit 8200. Rosen, who now serves as Toka’s CEO, has stated that Toka’s technology will only be sold to countries allied with the U.S. and Israel, telling Forbes that “Russia, China and ‘other enemy countries’ would never be customers.”

Toka’s leadership and software architects are similarly tied into Israel’s national security state. Several — including the “architect” of its hacking software — previously worked for Israel’s Prime Minister’s Office and developed “offensive technologies” for Israel’s head of state and other top Toka employees and executives share numerous connections to Unit 8200, other divisions of Israeli military intelligence and Unit 8200-connected tech companies like Check Point Technologies.

Though Toka’s leadership team makes its ties to Israeli military intelligence abundantly clear, important connections also appear in examining Toka’s investors. One of the major investors in Toka is Dell technologies, one of the world’s largest technology companies that was founded by Michael Dell, a well-known pro-Israel partisan who has donated millions of dollars to the Friends of the IDF and one of the top supporters of the so-called “anti-BDS” bills that prevent publicly employed individuals or public institutions from supporting non-violent boycotts of Israel, even on humanitarian grounds. It goes without saying that a major technology company investing in a company that markets the hacking of that very technology (computers, IoT, smartphones, etc.) should be a red flag.

With a major foot in the door through its connections to Dell, whose products are used by the private and public sectors around the world, other investors in Toka again reveal its ties to Israel’s military intelligence and the same controversial Israeli tech companies that have aggressively spied on the U.S. government in the past — Amdocs and Comverse. For instance, Entrèe Capital, a venture capital fund that is one of Toka’s main investors, is managed by Aviad Eyal and Ran Achituv. The latter, who manages Entrée’s investment in Toka and sits on Toka’s board of directors, is the founder of the IDF’s satellite-based signals intelligence unit and also a former senior Vice President at both Amdocs and Comverse Infosys (Verint).

Another notable investor in Toka is the venture capital firm Andreesen Horowitz, which is advised by former Secretary of the Treasury Larry Summers, a close friend of the infamous pedophile Jeffery Epstein, whose own ties to Israeli military intelligence have been discussed in several MintPress reports. Epstein was also a close friend of Ehud Barak, co-founder and director of Toka, and invested at least $1 million in another company with close ties to Barak, Carbyne911. The remaining investors in Toka are Launch Capital, which is deeply tied to the Pritzker family — one of the wealthiest families in the U.S. with close ties to the Clintons and Obamas as well as the U.S.’ pro-Israel lobby, and Ray Rothrock, a venture capitalist who spent nearly three decades at VenRock, the Rockefeller family venture capital fund

Unit 8200 – From Hacking Cars to Protecting Them?

Arguably the most disturbing aspect of Cybereason’s “Operation Blackout” election simulation was the hacking of vehicles that were then rammed into civilians waiting in line to vote at polling stations. In the simulation, this led to scores of dead Americans and hundreds of injuries.

As was the case with other technologies used to undermine the 2020 election in the simulation, this technology — the hacking of vehicles — is the bread and butter of an Israeli cybersecurity firm called Upstream Security that specializes in automobiles and boasts deep ties to the country’s military intelligence service. 

Though vehicle hacking seemed out of left field when the 2020 election simulation took place last November, media reports about the imminent dangers of “car hacking” began to emerge just a month after the exercise took place, most of which cited a December 2019 report created by Upstream. Some of those reports have warned that car hacking could be used to undermine the coming U.S. election.

One report titled “Car Hacking Hits the Streets,” cites only Upstream’s report to claim that “In 2020, the connected-car market will reach a tipping point, with the majority of vehicles already connected to the Internet when sold in the United States, representing a large base of potential targets for attacks.” Another report, titled “New study shows just how bad vehicle hacking has gotten,” uses Upstream’s report (i.e. study) to claim that hacks of regular vehicles have exploded since 2016 and that most of the cars on U.S. roads today are vulnerable to hackers and that over 80 percent of those hacks occur remotely. 

Neither report noted Upstream’s ties to Israeli military intelligence. Equally notable is the fact that both reports that covered the Upstream-written study say that only manufacturers can address the problem by partnering with a company like Upstream.

A screenshot from an Upstream promotional video

Lucky for Upstream, they have already partnered with a slew of auto manufacturers, including Hyundai, Volvo, Renault and even U.S. auto insurance giants like Nationwide, who now number among Upstream’s most important investors. The company’s original investors are Charles River Ventures, one of Cybereason’s first investors, and Israeli venture capital firm Glilot Capital.

Glilot Capital’s interest in Upstream is telling given the firm’s deep ties to Israel’s Unit 8200. Glilot was founded by two former Israeli military intelligence officers and has “a heavy focus on the cyber sector and the entrepreneurs who emerge from the elite Unit 8200,” according to the Jerusalem Post. Even the name of the firm is an homage to Unit 8200, as the unit’s main base is located in Glilot, near Herzliya.

“It’s as if Americans called a VC Fort Meade Capital [the US Army base in Maryland where the National Security Agency and the United States Cyber Command are headquartered], some VC names are meant to be symbolic, as in our case. Glilot is the home of several of the best intelligence and technology units in the IDF, it’s where we came from and it is where we find our best entrepreneurs,” Glilot Capital co-founder Arik Kleinstein told the Jerusalem Post in 2016.

Upstream is certainly the type of company that Glilot Capital is used to investing in. It was founded by two Israelis who both served in the IDF, with one of them serving in an elite intelligence unit. Upstream’s co-founders, Yoav Levy and Yonathan Appel, met while working at Check Point Technologies, the Unit 8200 alumni-founded company with deep ties to Israel’s military intelligence and military-industrial complex as well as the IoT hacking company Toka. Notably, Upstream recently partnered with the Japanese company Fujitsu, a longtime partner with Softbank — Cybereason’s main investor.

Softbank has also invested heavily in another Unit 8200-founded vehicle security start-up called Argus Cyber Security, a firm known for its numerous demonstrations showing how easy it is to hack vehicles. Argus is also backed by Nadav Zafrir, the former Unit 8200 commander who now runs Team8. Argus’ CEO Ofer Ben-Noon, a former captain in Unit 8200, told Forbes in 2014 that “Everything will be hacked in every single [car] brand. It will take time, it might be weeks, months, or a couple of years, but eventually it will happen.”

Since then, Unit 8200 alumni from Argus, Upstream and other Israeli automobile cybersecurity firms have shown media outlets around the world how much easier hacking vehicles has become in the years since Ben-Noon first made the claim. One such report from VICE includes a vehicle hacking demonstration, courtesy of a Unit 8200 alumni, and notes that “most cars today are susceptible to hacker attacks.”

Of course, Unit 8200 isn’t the only intelligence agency known to be experts at hacking vehicles. Indeed, in 2017, WikiLeaks revealed that the CIA was capable of hacking vehicles and exploring their use in committing “undetectable assassinations.”

“Bring down nations to their knees”

At the Tel Aviv Cybertech Conference in 2017, Israeli Prime Minister Benjamin Netanyahu stated the following:

Today warfare has changed dramatically…With a click of a button, you can bring down nations to their knees very rapidly if you so desire and if you’re willing to take the risks, because every system can be hacked. Our hospitals, our airplanes, our cars, our banks. The most important word here is our data banks, they can be hacked.”

Media reports and even members of the Israeli public and private sector have openly acknowledged that Israel’s intelligence apparatus — from Unit 8200 to the Mossad — remains directly linked to many of the private technology companies founded by its former members, especially in the field of cybersecurity. Though reports on the matter often praise this merging of Israel’s public and private spheres, they rarely acknowledge the documented corruption within Unit 8200, the unit’s dark past in recruiting felons and even pedophiles to join its ranks, or the danger posed by having companies directly linked to foreign intelligence being given access to the U.S. government’s most classified and sensitive systems and data

The last omission is particularly troubling given that Israeli intelligence has not only been caught aggressively using private tech companies to spy on U.S. federal agencies and networks, but also intercepting the private communications of at least two U.S. presidents and using a notorious pedophile to sexually blackmail American politicians. 

As was mentioned in the first installment of this series, Cybereason’s CEO Lior Div offers a clear example of this worrisome bridge between Israel’s public and private sector, as Div has openly stated that he views his work at Cybereason as a “continuation” of his service to Israeli military intelligence, where he led offensive cyberattacks against other nations. 

Given Div’s past statements and his company’s clear ties to both Israeli and U.S. intelligence, Cybereason’s simulation of the 2020 U.S. election — which involved terrorist attacks and led to the election’s cancellation and the imposition of martial law — is highly concerning. This is particularly so considering that Cybereason’s investors have direct ties to individuals who would benefit from the election’s cancellation and also considering the clear narrative that has emerged in recent months regarding how the coming election will inevitably fall victim to tech-driven “chaos” in coming months. 

The clear overlap between Cybereason’s simulation and the intelligence-driven media narrative is clear cause for concern, especially considering that the technologies that they highlight as ultimately upending the election are dominated by the very same intelligence agencies simulating and crafting that narrative. 

The keyword that has been used to describe the end result of both Cybereason’s simulation and the prevailing media narrative regarding the 2020 election is “chaos,” chaos so imminent, widespread and unruly that it will shake American democracy to its core. 

What has been left unsaid, however, is that a government’s solution to “chaos” is always the imposition of “order.” This means that — whatever “chaos” ultimately ensues prior to or on election day — will result in a government response that will do much more to crush freedom and undermine democracy than any act of foreign meddling has, be it real or imagined.

Whitney Webb is a MintPress News journalist based in Chile. She has contributed to several independent media outlets including Global Research, EcoWatch, the Ron Paul Institute and 21st Century Wire, among others. She has made several radio and television appearances and is the 2019 winner of the Serena Shim Award for Uncompromised Integrity in Journalism.

January 28, 2020 Posted by | Deception, False Flag Terrorism, Mainstream Media, Warmongering, Russophobia, Timeless or most popular | , , , , , | 1 Comment

How an Israeli Spy-Linked Tech Firm Gained Access to the US Gov’t’s Most Classified Networks

Graphic by Claudio Cabrera
By Whitney Webb | MintPress News | January 14, 2020

If the networks of the U.S. military, the U.S. intelligence community and a slew of other U.S. federal agencies were running the software of a company with deep ties, not only to foreign companies with a history of espionage against the U.S. but also foreign military intelligence, it would — at the very least — garner substantial media attention. Yet, no media reports to date have noted that such a scenario exists on a massive scale and that the company making such software recently simulated the cancellation of the 2020 election and the declaration of martial law in the United States.

Earlier this month, MintPress News reported on the simulations for the U.S. 2020 election organized by the company Cybereason, a firm led by former members of Israel’s military intelligence Unit 8200 and advised by former top and current officials in both Israeli military intelligence and the CIA. Those simulations, attended by federal officials from the FBI, DHS and the U.S. Secret Service, ended in disaster, with the elections ultimately canceled and martial law declared due to the chaos created by a group of hackers led by Cybereason employees.

The first installment of this three part series delved deeply into Cybereason’s ties to the intelligence community of Israel and also other agencies, including the CIA, as well as the fact that Cybereason stood to gain little financially from the simulations given that their software could not have prevented the attacks waged against the U.S.’ electoral infrastructure in the exercise.

Also noted was the fact that Cybereason software could be potentially used as a backdoor by unauthorized actors, a possibility strengthened by the fact that the company’s co-founders all previously worked for firms that have a history of placing backdoors into U.S. telecommunications and electronic infrastructure as well as aggressive espionage targeting U.S. federal agencies.

The latter issue is crucial in the context of this installment of this exclusive MintPress series, as Cybereason’s main investors turned partners have integrated Cybereason’s software into their product offerings. This means that the clients of these Cybereason partner companies, the U.S. intelligence community and military among them, are now part of Cybereason’s network of more than 6 million endpoints that this private company constantly monitors using a combination of staff comprised largely of former intelligence operatives and an AI algorithm first developed by Israeli military intelligence.

Cybereason, thus far, has disclosed the following groups as lead investors in the company: Charles River Ventures (CRV), Spark Capital, Lockheed Martin and SoftBank. Charles River Ventures (CRV) was among the first to invest in Cybereason and has been frequently investing in other Israeli tech start-ups that were founded by former members of the elite Israeli military intelligence Unit 8200 over the last few years. Spark Capital, based in California, appears to have followed CRV’s interest in Cybereason since the venture capitalist who co-founded Spark and led its investment in Cybereason is a former CRV partner who still has close ties to the firm.

While CRV and Spark Capital seem like just the type of investors a company like Cybereason would attract given their clear interest in similar tech start-ups coming out of Israel’s cyber sector, Cybereason’s other lead investors — Lockheed Martin and SoftBank — deserve much more attention and scrutiny.

Cybereason widely used by US Government, thanks to Lockheed

“A match made in heaven,” trumpeted Forbes at the news of the Lockheed Martin-Cybereason partnership, first forged in 2015. The partnership involved not only Lockheed Martin becoming a major investor in the cybersecurity company but also in Lockheed Martin becoming the largest conduit providing Cybereason’s software to U.S. federal and military agencies.

Indeed, as Forbes noted at the time, not only did Lockheed invest in the company, it decided to integrate Cybereason’s software completely into its product portfolio, resulting in a “model of both using Cybereason internally, and selling it to both public and private customers.”

Cybereason CEO and former offensive hacker for Israeli military intelligence — Lior Div — said the following of the partnership:

Lockheed Martin invested in Cybereason’s protection system after they compared our solution against a dozen others from the top industry players. The US firm was so impressed with the results they got from Cybereason that they began offering it to their own customers – among them most of the top Fortune 100 companies, and the US federal government. Cybereason is now the security system recommended by LM to its customers for protection from a wide (sic) malware and hack attacks.”

Rich Mahler, then-director of Commercial Cyber Services at Lockheed Martin, told Defense Daily that the company’s decision to invest in Cybereason, internally use its software, and include the technology as part of Lockheed Martin’s cyber solutions portfolio were all “independent business decisions but were all coordinated and timed with the transaction.”

How independent each of those decisions actually was is unclear, especially given the timing of Lockheed Martin’s investment in Cybereason, whose close and troubling ties to Israeli intelligence as well as the CIA were noted in the previous installment of this investigative series. Indeed, about a year prior to their investment in the Israeli military intelligence-linked Cybereason, Lockheed Martin opened an office in Beersheba, Israel, where the IDF has its “cyberhub”. The office is focused not on the sales of armaments, but instead on technology.

Marilyn Hewson, Lockheed Martin’s CEO, said the following during her speech that inaugurated the company’s Beersheba office:

The consolidation of IDF Technical Units to new bases in the Negev Desert region is an important transformation of Israel’s information technology capability… We understand the challenges of this move. Which is why we are investing in the facilities and people that will ensure we are prepared to support for these critical projects. By locating our new office in the capital of the Negev we are well positioned to work closely with our Israeli partners and stand ready to: accelerate project execution, reduce program risk and share our technical expertise by training and developing in-country talent.”

Beersheba not only houses the IDF’s technology campus, but also the Israel National Cyber Directorate, which reports directly to Israel’s Prime Minister, as well as a high-tech corporate park that mostly houses tech companies with ties to Israel’s military intelligence apparatus. The area has been cited in several media reports as a visible indicator of the public-private merger between Israeli technology companies, many of them started by Unit 8200 alumni, and the Israeli government and its intelligence services. Lockheed Martin quickly became a key fixture in the Beersheba-based cyberhub.

Not long before Lockheed began exploring the possibility of opening an office in Beersheba, the company was hacked by individuals who used tokens tied to the company, RSA Security, whose founders have ties to Israel’s defense establishment and which is now owned by Dell, a company also deeply tied to the Israeli government and tech sector. The hack, perpetrated by still unknown actors, may have sparked Lockheed’s subsequent interest in Israel’s cybersecurity sector.

Soon after opening its Beersheba office, Lockheed Martin created its Israel subsidiary, Lockheed Martin Israel. Unlike many of the company’s other subsidiaries, this one is focused exclusively on “cybersecurity, enterprise information technology, data centers, mobile, analytics and cloud” as opposed to the manufacture and design of armaments.

Marillyn Hewson, center, poses with Israeli gov. officials at the opening of Lockheed Martin’s facility in Beersheba. Photo | Diego Mittleberg

Haden Land, then-vice president of research and technology for Lockheed Martin, told the Wall Street Journal that the creation of the subsidiary was largely aimed at securing contracts with the IDF and that the company’s Israel subsidiary would soon be seeking partnership and investments in pursuit of that end. Land oversaw the local roll-out of the company’s Israel subsidiary while concurrently meeting with Israeli government officials. According to the Journal, Land “oversees all of Lockheed Martin’s information-systems businesses, including defense and civilian commercial units” for the United States and elsewhere.

Just a few months later, Lockheed Martin partnered and invested in Cybereason, suggesting that Lockheed’s decision to do so was aimed at securing closer ties with the IDF. This further suggests that Cybereason still maintains close ties to Israeli military intelligence, a point expounded upon in great detail in the previous installment of this series.

Thus, it appears that not only does Lockheed Martin use Cybereason’s software on its own devices and on those it manages for its private and public sector clients, but it also decided to use the company’s software in this way out of a desire to more closely collaborate with the Israeli military in matters related to technology and cybersecurity.

The cozy ties between Lockheed Martin, one of the U.S. government’s largest private contractors, and the IDF set off alarm bells, then and now, for those concerned with U.S. national security. Such concern makes it important to look at the extent of Cybereason’s use by federal and military agencies in the United States through their contracting of Lockheed Martin’s Information Technology (IT) division. This is especially important considering Israeli military intelligence’s history of using espionage, blackmail and private tech companies against the U.S. government, as detailed here.

While the exact number of U.S. federal and military agencies using Cybereason’s software is unknown, it is widespread, with Lockheed Martin’s IT division as the conduit. Indeed, Lockheed Martin was the number one IT solutions provider to the U.S. federal government up until its IT division was spun off and merged with Leidos Holdings. As a consequence, Leidos is now the largest IT provider to the U.S. government and is also directly partnered with Cybereason in the same way Lockheed Martin was. Even after its IT division was spun off, Lockheed Martin continues to use Cybereason’s software in its cybersecurity work for the Pentagon and still maintains a stake in the company.

The Leidos-Lockheed Martin IT hybrid provides a litany of services to the U.S. military and U.S. intelligence. As investigative journalist Tim Shorrock noted for The Nation, the company does “everything from analyzing signals for the NSA to tracking down suspected enemy fighters for US Special Forces in the Middle East and Africa” and, following its merger with Lockheed and consequential partnership with Cybereason, became “the largest of five corporations that together employ nearly 80 percent of the private-sector employees contracted to work for US spy and surveillance agencies.” Shorrock also notes that these private-sector contractors now dominate the mammoth U.S. surveillance apparatus, many of them working for Leidos and — by extension — using Cybereason’s software.

Leidos’ exclusive use of Cybereason software for cybersecurity is also relevant for the U.S. military since Leidos runs a number of sensitive systems for the Pentagon, including its recently inked contract to manage the entire military telecommunications infrastructure for Defense Information Systems Agency (DISA). In addition to maintaining the military telecom network, Cybereason is also directly partnered with World Wide Technologies (WWT) as of this past October. WWT manages cybersecurity for the U.S. Army, maintains DISA’s firewalls and data storage as well as the U.S. Air Force’s biometric identification system. WWT also manages contracts for NASA, itself a frequent target of Israeli government espionage, and the U.S. Navy. WWT’s partnership is similar to the Lockheed/Leidos partnership in that Cybereason’s software is now completely integrated into its portfolio, giving the company full access to the devices on all of these highly classified networks.

Many of these new partnerships with Cybereason, including its partnership with WWT, followed claims made by members of Israel’s Unit 8200 in 2017 that the popular antivirus software of Kaspersky Labs contained a backdoor for Russian intelligence, thereby compromising U.S. systems. The Wall Street Journal was the first to report on the alleged backdoor but did not mention the involvement of Unit 8200 in identifying it, a fact revealed by the New York Times a week later.

Notably, none of the evidence Unit 8200 used to blame Kaspersky has been made public and Kaspersky noted that it was actually Israeli hackers that had been discovered planting backdoors into its platform prior to the accusation levied against Kaspersky by Unit 8200. As the New York Times noted:

Investigators later discovered that the Israeli hackers had implanted multiple back doors into Kaspersky’s systems, employing sophisticated tools to steal passwords, take screenshots, and vacuum up emails and documents.”

Unit 8200’s claims ultimately led the U.S. government to abandon Kaspersky’s products entirely in 2018, allowing companies like Cybereason (with its own close ties to Unit 8200) to fill the void. Indeed, the very agencies that banned Kaspersky now use cybersecurity software that employs Cybereason’s EDR system. No flags have been raised about Cybereason’s own collaboration with the very foreign intelligence service that first pointed the finger at Kaspersky and that previously sold software with backdoors to sensitive U.S. facilities.

SoftBank, Cybereason and the Vision Fund

While its entry into the U.S. market and U.S. government networks is substantial, Cybereason’s software is also run throughout the world on a massive scale through partnerships that have seen it enter into Latin American and European markets in major ways in just the last few months. It has also seen its software become prominent in Asia following a partnership with the company Trustwave. Much of this rapid expansion followed a major injection of cash courtesy of one of the company’s biggest clients and now its largest investor, Japan’s SoftBank.

SoftBank first invested in Cybereason in 2015, the same year Lockheed Martin initially invested and partnered with the firm. It was also the year that SoftBank announced its intention to invest in Israeli tech start-ups. SoftBank first injected $50 million into Cybereason, followed by an additional $100 million in 2017 and $200 million last August. SoftBank’s investments account for most of the money raised by the company since it was founded in 2012 ($350 million out of $400 million total).

Cybereason CEO Lior Div speaks at a SoftBank event in Japan, July 21, 2017. Photo | Cybereason

Prior to investing, Softbank was a client of Cybereason, which Ken Miyauchi, president of SoftBank, noted when making the following statement after Softbank’s initial investment in Cybereason:

SoftBank works to obtain cutting edge technology and outstanding business models to lead the Information Revolution. Our deployment of the Cybereason platform internally gave us firsthand knowledge of the value it provides, and led to our decision to invest. I’m confident Cybereason and SoftBank’s new product offering will bring a new level of security to Japanese organizations.”

SoftBank — one of Japan’s largest telecommunications companies — not only began to deploy Cybereason internally but directly partnered with it after investing, much like Lockheed Martin had done around the same time. This partnership resulted in SoftBank and Cybereason creating a joint venture in Japan and Cybereason creating partnerships with other tech companies acquired by SoftBank, including the U.K.’s Arm, which specializes in making chips and management platforms for Internet of Things (IoT) devices.

SoftBank’s interest in Cybereason is significant, particularly in light of Cybereason’s interest in the 2020 U.S. election, given that SoftBank has significant ties to key allies of President Trump and even the president himself.

Indeed, SoftBank’s Masayoshi Son was among the first wave of international business leaders who sought to woo then-president-elect Trump soon after the 2016 election. Son first visited Trump Tower in December 2016 and announced, with Trump by his side in the building’s lobby, that SoftBank would invest $50 billion in the U.S. and create 50,000 jobs. Trump subsequently claimed on Twitter that Son had only decided to make this investment because Trump had won the election.

Son told reporters at the time that the investment would come from a $100 billion fund that would be created in partnership with Saudi Arabia’s sovereign wealth fund as well as other investors. “I just came to celebrate his new job. I said, ‘This is great. The US will become great again,’” Son said, according to reports.

Then, in March of 2017, Son sent top SoftBank executives to meet with senior members of Trump’s economic team and, according to the New York Times, “the SoftBank executives said that because of a lack of advanced digital investments, the competitiveness of the United States economy was at risk. And the executives made the case, quite strongly, that Mr. Son was committed to playing a major role in addressing this issue through a spate of job-creating investments.” Many of SoftBank’s investments and acquisitions in the U.S. since then have focused mainly on artificial intelligence and technology with military applications, such as “killer robot” firm Boston Dynamics, suggesting Son’s interest lies more in dominating futuristic military-industrial technologies than creating jobs for the average American.

After their initial meeting, Trump and Son met again a year later in June 2018, with Trump stating that “His [Son’s] $50 billion turned out to be $72 billion so far, he’s not finished yet.” Several media reports have claimed that Son’s moves since Trump’s election have sought to “curry favor” with the President.

Through the creation of this fund alongside the Saudis, SoftBank has since become increasingly intertwined with Saudi Crown Prince Muhammad bin Salman (MBS), a key ally of President Trump in the Middle East known for his authoritarian crackdowns on Saudi elites and dissidents alike. The ties between Saudi Arabia and SoftBank became ever tighter when MBS took the reins in the oil kingdom and after SoftBank announced the launch of the Vision Fund in 2016. SoftBank’s Vision Fund is a vehicle for investing in hi-tech companies and start-ups and its largest shareholder is the Public Investment Fund of Saudi Arabia. Notably, Son decided to launch the Vision Fund in Riyadh during President Trump’s first official visit to the Gulf Kingdom.

Masayoshi Son, left, signs a deal related to the Vision Fund with Bin Salman in March 2018. Photo | SPA

In addition, the Mubadala Investment Company, a government fund of the United Arab Emirates (UAE), gave $15 billion to the Vision Fund. UAE leadership also share close ties to the Trump administration and MBS in Saudi Arabia.

As a consequence, SoftBank’s Vision Fund is majority funded by two Middle Eastern authoritarian governments with close ties to the U.S. government, specifically the Trump administration. In addition, both countries have enjoyed the rapid growth and normalization of ties with the state of Israel in recent years, particularly following the rise of current Saudi Crown Prince Muhammad bin Salman and Jared Kushner’s rise to prominence in his father-in-law’s administration. Other investments in the Vision Fund have come from Apple, Qualcomm and Oracle’s Larry Ellison, all tech companies with strong ties to Israel’s government.

The Saudi and Emirati governments’ links to the Vision Fund are so obvious that even mainstream outlets like the New York Times have described them as a “front for Saudi Arabia and perhaps other countries in the Middle East.”

SoftBank also enjoys close ties to Jared Kushner, with Fortress Investment Group lending $57 million to Kushner Companies in October 2017 while it was under contract to be acquired by SoftBank. As Barron’s noted at the time:

When SoftBank Group bought Fortress Investment Group last year, the Japanese company was buying access to a corps of seasoned investors. What SoftBank also got is a financial tie to the family of President Donald Trump’s senior advisor and son-in-law, Jared Kushner.”

According to The Real Deal, Kushner Companies obtained the financing from Fortress only after its attempts to obtain funding through the EB-5 visa program for a specific real estate venture were abandoned after the U.S. Attorney and the Securities and Exchange Commission began to investigate how Kushner Companies used the EB-5 investor visa program. A key factor in the opening of that investigation was Kushner Companies’ representatives touting Jared Kushner’s position at the White House when talking to prospective investors and lenders.

SoftBank also recently came to the aid of a friend of Jared Kushner, former CEO of WeWork Adam Neumann. Neumann made shocking claims about his ties to both Kushner and Saudi Arabia’s MBS, even asserting that he had worked with both in creating Kushner’s long-awaited and controversial Middle East “peace plan” and claimed that he, Kushner and MBS would together “save the world.” Neumann previously called Kushner his “mentor.” MBS has also discussed on several occasions his close ties with Kushner and U.S. media reports have noted the frequent correspondence between the two “princelings.”

Notably, SoftBank invested in Neumann’s WeWork using money from the Saudi-dominated Vision Fund and later went on to essentially bail the company out after its IPO collapse and Neumann was pushed out. SoftBank’s founder, Masayoshi Son, had an odd yet very close relationship with Neumann, perhaps explaining why Neumann was allowed to walk with $1.7 billion after bringing WeWork to the brink of collapse. Notably, nearly half of SoftBank’s approximately $47 billion investments in the U.S. economy since Trump’s election, went to acquiring and then bailing out WeWork. It is unlikely that such a disastrous investment resulted in the level of job creation that Son had promised Trump in 2016.

Given that it is Cybereason’s top investor and shareholder by a large margin, SoftBank’s ties to the Trump administration and key allies of that administration are significant in light of Cybereason’s odd interest in 2020 U.S. election scenarios that end with the cancellation of this year’s upcoming presidential election. It goes without saying that the cancellation of the election would mean a continuation of the Trump administration until new elections would take place.

Furthermore, with Cybereason’s close and enduring ties to Israeli military intelligence now well-documented, it is worth asking if Israeli military intelligence would consider intervening in 2020 if the still-to-be-decided Democratic contender was strongly opposed to Israeli government policy, particularly Israel’s military occupation of Palestine. This is especially worth considering given revelations that sexual blackmailer and pedophile Jeffrey Epstein, who targeted prominent U.S. politicians, mostly Democrats, was in the employ of Israeli military intelligence.

Notably, Cybereason’s doomsday election scenarios involved the weaponization of deep fakes, self-driving cars and the hacking Internet of Things devices, with all of those technologies being pioneered and perfected — not by Russia, China or Iran — but by companies directly tied to Israeli intelligence, much like Cybereason itself. These companies, their technology and Cybereason’s own work creating the narrative that U.S. rival states seek to undermine the U.S. election in this way, will all be discussed in the conclusion of MintPress’ series on Cybereason and its outsized interest in the U.S. democratic process.

Whitney Webb is a MintPress News journalist based in Chile. She has contributed to several independent media outlets including Global Research, EcoWatch, the Ron Paul Institute and 21st Century Wire, among others. She has made several radio and television appearances and is the 2019 winner of the Serena Shim Award for Uncompromised Integrity in Journalism.

January 14, 2020 Posted by | Deception, Russophobia | , , , , , , , , , , | 4 Comments

Why a Shadowy Tech Firm With Ties to Israeli Intelligence Is Running Doomsday Election Simulations

Graphic by Claudio Cabrera for MintPress News
By Whitney Webb | MintPress News | January 4, 2020

Election Day 2020: 32 Americans dead, over 200 injured, martial law declared and the election itself is canceled. While this horrific scenario seems more like the plot of a Hollywood film, such was the end result of a recent simulation examining the preparedness of U.S. officials from the Federal Bureau of Investigation (FBI), the Department of Homeland Security (DHS) and the U.S. Secret Service against “bad actors” seeking to undermine the upcoming presidential election.

Yet, this simulation was not a government-organized exercise but was instead orchestrated by a private company with deep ties to foreign and domestic intelligence services, a company that is also funded by investors with clear connections to individuals who would stand to benefit if such a catastrophic election outcome were to become reality.

Much of the rhetoric since the last presidential election in 2016 has focused on the issue of foreign meddling by U.S. rival states like Russia, while China has emerged as the new “meddler” of choice in American corporate media as the 2020 election approaches. Though time has revealed that many of the post-2016 election meddling claims were not as significant as initially claimed, the constant media discussion of foreign threats to U.S. democracy and electoral processes – whether real or imagined – has undeniably created a climate of fear. 

Those fears have since been preyed upon by neoconservative groups and the U.S. military-industrial complex, both of which are hardly known for their love of democratic processes, to offer a series of ready-made solutions to these threats that actually undermine key pillars of American democracy, including independent reporting and voting machine software.

However, many of the very same media outlets and groups that frequently fretted about Russia, China or another rival state meddling in U.S. democracy have largely ignored the role of other nation states, such as Israel, in efforts to sway the last U.S. election in 2016 and meddle in numerous elections in Africa, Latin America and Asia in the years since.

As a consequence of this climate of fear, it should be hardly surprising that the corporate media lauded the recent 2020 election simulation that ended in an abysmal failure for U.S. officials, the cancellation of the U.S. election and the imposition of martial law. Yet, none of those reports on the exercise noted that the company that hosted the simulation, called Cybereason, is led by ex-members of Israel’s military intelligence unit 8200, advised by former top and current officials in both Israeli military intelligence and the CIA. In addition, it is funded by and partnered with top U.S. weapons manufacturer and government contractor Lockheed Martin and financial institutions with clear and direct ties to Saudi Crown Prince Mohammed bin Salman and White House adviser and the president’s son-in-law Jared Kushner. Also left unmentioned in media reports on Cybereason’s election simulations is the fact that Cybereason’s CEO, Lior Div, has openly admitted that he views his work at Cybereason as a “continuation” of his service to Israel’s intelligence apparatus.

With Cybereason planning to host more simulations in cooperation with federal agencies as the U.S. election inches closer, a deeper exploration of this company, its ties to intelligence and military contractors in the U.S. and Israel and its financial ties to key Trump allies both domestically and abroad warrants further investigation.

In this two part series, MintPress will not only explore these aspects but also how many of the technologies wielded by the “bad actors” in the Cybereason election simulation have been pioneered and perfected, not by U.S. rival states, but by Israeli companies and start-ups with clear ties to that country’s intelligence apparatus.

Also notable is the fact that Cybereason itself has covertly become a major software provider to the U.S. government and military through its direct partnership with Lockheed Martin, which followed the defense company’s decision to open an office at the Israeli military’s new cyber operations hub in the Negev desert. In examining all of these interlocking pieces, a picture emerges of a potentially sinister motive for Cybereason’s simulations aimed at gauging how U.S. federal officials respond to crisis situations on Election Day.

Understanding “Operation Blackout”

In early November, a team of “hackers” working for the private U.S.-based, Israeli-founded company Cybereason conducted a 2020 election simulation with members of various U.S. agencies, namely the DHS, FBI and the U.S. Secret Service. The simulation was organized by Cybereason and the law firm Venable and the U.S. agencies in attendance were invited and appear to not have been charged to participate.

The simulation, titled “Operation Blackout,” was set in a fictional swing state called “Adversaria” and pitted “ethical hackers” from Cybereason against a team of federal and local law enforcement officials. The opposing teams were supervised by a “white team” composed of members of Cybereason’s staff and Ari Schwartz — a former member of the White House’s National Security Council and the National Institute of Standards and Technology (NIST) — who set the rules of the simulation and would ultimately decide its outcome. Schwartz also used to work for the Center for Democracy and Technology (CDT), a major backer of Microsoft’s ElectionGuard software.

Operation Blackout did not involve hackers targeting election software or voting machines, instead, it focused on civilian infrastructure and psychological operations against the American citizens in the fictitious “Adversaria” on election day. The hacker team was led by Cybereason co-founder Yonathan Striem-Amit, a former contractor for Israeli government agencies and a former operative for the elite Israeli military intelligence Unit 8200, best known for its cyber offensives against other governments.

“In a country as fragmented as the US, the number of people needed to influence an election is surprisingly small,” Striem-Amit told Quartz of the exercise. “We attempted to create havoc and show law enforcement that protecting the electoral process is much more than the machine.”

Streim-Amit’s team completely devastated the U.S. law enforcement team in Operation Blackout by not only causing chaos but murdering numerous civilians. Hackers took control of city buses, ramming them into civilians waiting in line at polling stations, killing 32 and injuring over 200. They also took control of city traffic lights in order to cause traffic accidents, used so-called “deepfakes” to conduct psychological operations on the populace and created fake bomb threats posing as the terror group ISIS, which incidentally has its own ties to Israeli intelligence. Telecom networks and news outlets within the fictitious states were also hacked and flooded with deepfakes aimed at spreading disinformation and panic among U.S. citizens.

A map of targets in Adverseria is shown during Operation Blackout in Boston’s John Hancock Tower. Mark Albert | Twitter

The supervising team, composed of Cybereason employees and former NSC member Ari Schwartz, decided that the outcome of the face-off between the hacker and law enforcement teams was the outright cancellation of the 2020 election, the declaration of martial law by authorities, the growth of public fear regarding terrorism and allegations of U.S. government collusion with a foreign actor. Cybereason has stated that they will soon conduct another 2020 election simulation with federal authorities as the election draws closer.

Given how the simulation played out, it is quite clear that it is a far cry from the actual scope of alleged foreign meddling during the 2016 election, meddling which was allegedly the motivation behind Operation Blackout. Indeed, the extent of Russian interference in the 2016 election amounted to $100,000 worth of Facebook ads over three years, 25 percent of which were never seen by the public, and claims that Russian state actors were responsible for leaking emails from the then-Democratic presidential nominee Hillary Clinton and the Democratic National Committee (DNC). In contrast, Operation Blackout went well beyond any observed or even imagined “foreign meddling” related to the 2016 election and appears more like a terror attack targeting elections than a covert means of manipulating their outcomes.

Several mainstream publications have covered Operation Blackout but have failed to note that the company behind them has deep ties to foreign intelligence outfits and governments with a documented history of manipulating elections around the world, including the 2016 U.S. election.

Quartz framed the exercise as important for “preparing for any and all possibilities in 2020,” which “has become an urgent task for US regulators and law enforcement.” Similarly, CyberScoop treated the simulation as a “sophisticated exercise to help secure the vote.” Other articles took the same stance.

A series of simulations

In the weeks after the Washington area election simulation, Cybereason repeated the same exercise in London, this time with members of the U.K. Intelligence agency GCHQ, the U.K. Foreign Office and the Metropolitan Police. The law enforcement team in the exercise, which included the U.K. officials, was headed by a Cybereason employee — Alessandro Telami, who formerly worked for the NATO Communications and Information Agency (NCI). Like the prior simulation conducted in the U.S., Cybereason did not appear to charge U.K. government agencies for their participation in the exercise.

Cybereason has — with little fanfare — been promoting extreme election day scenarios since before the 2016 election. Cybereason’s first mention of these tactics appears in a September 2016 blog post written by the company’s CEO and former Israeli government contractor Lior Div — a former leader of offensive cyberattacks for the IDF’s elite Unit 8200 and a former development group leader at the controversial Israeli-American corporation Amdocs.

Div wrote that hackers may target U.S. elections by “breaking into the computers that operate traffic lighting systems and interfering with the ones around polling stations to create massive traffic jams, “hacking polling companies,” and “targeting live election coverage on cable or network television stations.” A follow-up post by Div from October 2016 added further meddling tactics such as “cut power to polling stations” and “mess with a voter’s mind.”

Two years later, Cybereason held its first election meddling simulation, touting many of these same tactics, in Boston. The simulation focused on local and state responses to such attacks and saw Boston-based Cybereason invite Massachusetts state and local officials as well as Boston police officers and a former police commissioner to participate. “Twitter accounts spreading fake news,” “turning off a city’s closed-circuit cameras,” “hacking self-driving cars and navigation apps,” and “targeting a city’s 911 call center with a DDoS attack” were all used in the simulation, which saw Cybereason’s “ethical hackers” attempt to disrupt election day. Media coverage of the simulation at the time framed it as a necessary preparation for countering “Russian” threats to U.S. democracy. Like the more recent simulations, the mock election was canceled and voter confidence in the electoral process was devastated.

This past July, Cybereason conducted a similar simulation with officials from the FBI, DHS and the Secret Service for the first time. That simulation, which also took place in Boston, was remarkably similar to that which occurred in November. One intelligence officer from DHS who participated in the July exercise called the simulation “very realistic.” Another claimed that the simulation was a way of applying “lessons learned from 9/11” by preventing the government’s “failure of imagination” that officials have long alleged was the reason for the government’s inability to thwart the September 11 attacks. Notably, The U.S. military simulated a scenario in which terrorists flew airplanes into the Pentagon less than a year before the September 11 attacks.

In this undated photo from Cybereason’s website, a faux ballot box is shown in the company’s Boston office.

Participating government officials, Cybereason staff and the media have consistently touted the importance of these simulations in securing elections against extreme threats, threats which — to date — have never materialized due to the efforts of foreign or domestic actors on election day. After all, these exercises are only simulations of possibilities and, even if those possibilities seem implausible or unlikely, it is important to be prepared for any eventuality.

But what if the very figures behind these simulations and the investors that fund them had a history of election meddling themselves? Cybereason’s deep ties to Israeli intelligence, which has a documented history of aggressive espionage and election meddling in the United States and in several nations worldwide, warrant a deeper look into the firms’ possible motives and the myriad conflicts of interest that arise in giving it such unprecedented access to the heart of America’s democracy.

What Does Cybereason Do?

Cybereason’s interest in terror events during elections seems out of place given that the company itself is focused on selling technological cybersecurity solutions like antivirus and ransomware protection software, software products that would be minimally effective against the type of threat encountered in the company’s election day simulations.

Cybereason is often described as offering a comprehensive technological defense platform to companies and governments that combines a next-generation antivirus with endpoint detection and response (EDR), which enables the company to respond to typical viruses and malware as well as sophisticated, complex attacks. The platform makes heavy use of artificial intelligence (AI) and cloud computing and specifically uses Amazon Web Services (AWS), which is used by a litany of private companies as well as U.S. intelligence agencies.

While many cybersecurity platforms combine antivirus and antimalware with EDR and AI, Cybereason claims that their military background is what sets them apart. They have marketed themselves as offering “a combination of military-acquired skills and cloud-powered machine learning to endpoint detection and response” and actively cite the fact that most of their employees are former members of Unit 8200 as proof that they are “applying the military’s perspective on cybersecurity to enterprise security.”

In 2018, Cybereason’s former senior director for intelligence, Ross Rustici, described the platform to CBR as follows:

Our founders are ex-Israeli intelligence who worked on the offensive side. They basically wanted to build a tool that would catch themselves. We follow the kill chain model started by Lockheed Martin [now a major investor in Cybereason] and try to interrupt every stage once an intruder’s inside a target network.”

Lior Div, Cybereason’s CEO described the difference between his company’s platform and that of past market leaders in this way to Forbes :

The old guard of antivirus companies like Symantec and McAfee would install something to block endpoints and you needed to do a lot [of monitoring] to make sure you weren’t under attack. We came with a different approach to see the whole enterprise and leverage AI to be able to fully autonomously identify where attackers are and what they’re doing.”

Thus, in looking at Cybereason’s product and its marketing objectively, it seems that the only innovative component of the company’s system is the large number of ex-military intelligence officers it employs and its tweaking of a previously developed and automated model for threat engagement, elimination and prevention.

Instead, Cybereason’s success seems to owe to its prominent connections to the private and public sectors, especially in Israel, and its investors who have funneled millions into the company’s operations, allowing them to expand rapidly and quickly claim a dominant position in emerging technology markets, such as the Internet of Things (IoT) and advanced healthcare systems.

A screenshot from a live stream of a 2019 Cybereason cyber-attack simulation

Their considerable funding from the likes of Lockheed Martin and Softbank, among others, has also helped them to expand their international presence from the U.S., Europe and Israel into Asia and Latin America, among other places. Notably, while Cybereason is open about their investors and how much funding they receive from each, they are extremely secretive about their financial performance as a company and decline to disclose their annual revenue, among other indicators. The significance of Cybereason’s main investors in the context of the company’s election simulations and its ties to Israeli and U.S. intelligence (the focus of this article) will be discussed in Part 2.

Cybereason also includes a security research arm called Nocturnus, currently headed by a former Unit 8200 officer. Nocturnus will be explored further in Part 2 of this series, as it essentially functions as a private intelligence company in the tech sector and has been behind several recent claims that have attributed alleged hacks to state actors, namely China and North Korea. For now, it is important to keep in mind that Nocturnus utilizes Cybereason’s “global network of millions of endpoints” for its intelligence gathering and research, meaning the endpoints of every device to which Cybereason’s software has access.

Given what Cybereason provides as a company, their interest in offering election simulations to government officials free of charge seems odd. Indeed, in the simulations hosted by Cybereason for U.S. officials, there is little opportunity for the company to market their software products given that the simulation did not involve electronic voting infrastructure at all and, instead, the malevolent actors used deep fakes, disinformation and terror attacks to accomplish their goals. Why then would this company be so interested in gauging the response of U.S. law enforcement to such crises on election day if there is no sales pitch to be made? While some may argue that these simulations are an altruistic effort by the company, an investigation into the company’s founders and the company’s ties to intelligence agencies suggests that this is unlikely to be the case.

The People Behind Cybereason

Cybereason was created in 2012 by three Israelis, all of whom served together as officers in the Israel Defense Force’s elite technological and signals intelligence unit, which is most often referred to as Unit 8200. Unit 8200 has been the subject of several MintPress investigative reports over the past year focusing on its ties to the tech industry.

Unit 8200 is an elite unit of the Israeli Intelligence corps that is part of the IDF’s Directorate of Military Intelligence and is involved mainly in signal intelligence, surveillance, cyberwarfare and code decryption. It is also well-known for its surveillance of Palestinian civilians and for using intercepted communications as blackmail in order to procure informants among Palestinians living under occupation in the West Bank.

The unit is frequently described as the Israeli equivalent of the NSA and Peter Roberts, a senior research fellow at Britain’s Royal United Services Institute, characterized the unit in an interview with the Financial Times as “probably the foremost technical intelligence agency in the world and stand[ing] on a par with the NSA in everything except scale.” Notably, the NSA and Unit 8200 have collaborated on numerous projects, most infamously on the Stuxnet virus as well as the Duqu malware.

Given the secrecy of the work conducted by Unit 8200, it is hard to know exactly what Cybereason’s co-founders did while serving in the controversial unit, however, a brief biography of the company’s current CEO and co-founder Lior Div states that “Div served as a commander [in Unit 8200] and carried out some of the world’s largest cyber offensive campaigns against nations and cybercrime groups. For his achievements, he received the Medal of Honor, the highest honor bestowed upon Unit 8200 members (emphasis added).”

Lior Div speaks during the Cyber Week conference in Tel Aviv, Israel, June 25, 2019. Corinna Kern | Reuters

After having served in leadership positions within Unit 8200, all three Cybereason co-founders went on to work for private Israel-based tech or telecom companies with a history of aggressive espionage against the U.S. government.

Cybereason co-founders Yonathan Striem Amit (Cybereason’s Chief Technology Officer) and Yossi Naar (Cybereason Chief Visionary Officer) both worked for Gita Technologies shortly before founding Cybereason with fellow Unit 8200 alumnus Lior Div. Gita, according to public records, is a subsidiary of Verint Systems, formerly known as Comverse Infosys.

Verint/Comverse was initially funded by the Israeli government and was founded by Jacob “Kobi” Alexander, a former Israeli intelligence officer who was wanted by the FBI on nearly three dozen charges of fraud, theft, lying, bribery, money laundering and other crimes for over a decade until he was finally extradited to the United States and pled guilty to some of those charges in 2016.

Despite its history of corruption and foreign intelligence connections, Verint/Comverse was hired by the National Security Agency (NSA) to create backdoors into all the major U.S. telecommunications systems and major tech companies, including Facebook, Microsoft and Google. An article on Verint’s access to U.S. tech infrastructure in Wired noted the following about Verint:

In a rare and candid admission to Forbes, Retired Brig. Gen. Hanan Gefen, a former commander of the highly secret Unit 8200, Israel’s NSA, noted his former organization’s influence on Comverse, which owns Verint, as well as other Israeli companies that dominate the U.S. eavesdropping and surveillance market. ‘Take NICE, Comverse and Check Point for example, three of the largest high-tech companies, which were all directly influenced by 8200 technology,’ said Gefen.”

Federal agents have reported systemic breaches at the Department of Justice, FBI, DEA, the State Department, and the White House going all the way back to the 1990s, breaches they claimed could all be traced back to two companies: Comverse/Verint and Amdocs. Cybereason’s other co-founder and current CEO, Lior Div, used to work for Amdocs as the company’s development group leader.

After leaving Amdocs, Div founded a company called Alfatech. Alfatech publicly claims to specialize in “professional Head Hunting and Quality Recruiting services,” yet it has no functional website. Despite its publicly stated mission statement, Israeli media reports that mention Alfatech describe it as “a cybersecurity services company for Israeli government agencies.” No reason for the obvious disconnect between the company’s own claims and those made by the media has been given.

Div left Alfatech in 2012 to found Cybereason alongside Striem-Amit and Naar. According to an interview that Div gave to TechCrunch earlier this year, he stated that his work at Cybereason is “the continuation of the six years of training and service he spent working with the Israeli army’s 8200 Unit (emphasis added).” Div was a high-level commander in Unit 8200 and “carried out some of the world’s largest cyber offensive campaigns against nations and cybercrime groups” during his time there. TechCrunch noted that “After his time in the military, Div worked for the Israeli government as a private contractor reverse-engineering hacking operations,” an apparent reference to his work at Alfatech.

Even deeper ties to intelligence

Not only do Cybereason’s own co-founders have considerable links to the Israeli government, Israeli intelligence and intelligence-connected private companies, but it also appears that the work of Cybereason itself is directly involved with Israeli intelligence.

The company periodically publishes reports by a secretive faction of the company called the Cybereason Intelligence Group or CIG. The only description of CIG’s composition available on Cybereason’s website is as follows:

The Cybereason Intelligence Group was formed with the unique mission of providing context to the most sophisticated threat actors. The group’s members include experts in cyber security and international security from various government agencies, including the Israel Defense Forces’ Unit 8200, which is dedicated to conducting offensive cyber operations. Their primary purpose is to examine and explain the Who and the Why behind cyber attacks, so that companies and individuals can better protect themselves (emphasis added).”

It is unclear how many members comprise CIG and if its members are employees of only Israeli government agencies, or if it includes officials from the U.S. government/Intelligence or other governments. However, what is clear is that it is composed entirely of government officials, which include active members of Unit 8200, and that the purpose of the group is to issue reports that place blame for cyberattacks on state and non-state actors. Perhaps unsurprisingly, the vast majority of CIG’s reports published by Cybereason focus exclusively on Russia and China. When discussing nation-state cyber threats in general, Cybereason’s website only mentions China, North Korea, Iran and Russia by name, all of which are incidentally rival states of the U.S. government. Notably, Israel’s government — listed as a “leading espionage threat” to U.S. financial institutions and federal agencies by the U.S.’ NSA — is absent from Cybereason’s discussions of state actors.

In addition to CIG, Cybereason’s cybersecurity research arm, Nocturnus, includes several Unit 8200 alumni and former Israeli military intelligence and government contractors and has assigned blame to state actors for several recent hacks. It also has claimed to have discovered more such hacks but has declined to publicly disclose them due to the “sensitive” nature of the hacks and companies affected.

Other hints at Cybereason’s connections to state intelligence can be seen in its advisory board. Robert Bigman, the former Chief Information Security Officer (CISO) for the Central Intelligence Agency (CIA) who oversaw the spy agency’s “commercial partner engagement” program (i.e. alliances with the private tech sector), is a key figure on the company’s advisory board. According to his biography, Bigman “ contributed to almost every Intelligence Community information security policy/technical standard and has provided numerous briefings to the National Security Council, Congress and presidential commissions. In recognition of his expertise and contributions, Bigman has received numerous CIA and Director of National Intelligence Awards.”

Cybereason’s leadership team features a who’s who of Israeli and US intel officials

Unmentioned in his biography published on his own website, or on Cybereason’s website, is that Bigman is also an advisor to another Israeli tech company, Sepio Systems. The chairman of Sepio, Tamir Pardo, is a self-described “leader” in the cybersecurity industry and former director of Israel’s Mossad. Sepio is funded by a venture capital firm founded by the creators of the controversial Israeli spy tech company NSO Group, which has received a slew of negative press coverage after its software was sold to several governments who used it to spy on dissidents and human rights activists.

In addition to Bigman, Cybereason’s advisory board includes Pinchas Buchris, the former head of Unit 8200 and former managing director of the IDF. Not unlike Bigman, Buchris’ bio fails to mention that he sits on the board of directors of Carbyne911, alongside former Israeli Prime Minister Ehud Barak and Nicole Junkerman, both well-known associates of intelligence-linked sex trafficker Jeffery Epstein. Epstein himself poured at least $1 million into Carbyne, an Israeli company that seeks to run all 911 call centers in the U.S. at the national level and has close ties to the Trump administration. More information on Carbyne and its ties to Israeli and U.S. intelligence as well as its connection to coming pre-crime policies to be enacted in 2020 by the U.S. Department of Justice can be found in this MintPress report from earlier this year. Given that Cybereason’s election day simulations involve the simulated collapse of 911 call center functionality, Buchris’ ties to both Cybereason and Carbyne911 are notable.

Another notable Cybereason advisor is the former commissioner of the Boston Police Department, Edward Davis. Davis heavily promoted Cybereason’s disturbing election day simulations and even participated directly in one of them. He was also police commissioner of the Boston PD at the time of the Boston Marathon bombing and oversaw the near-martial law conditions imposed on the city during the manhunt for the alleged perpetrators of that bombing (who themselves had a rather odd relationship with the FBI). This is notable given that Cybereason’s election day simulations ended with martial law being imposed on the fictional city used in the exercise

Cybereason also has several advisors who hold top positions at powerful U.S. companies that are also — incidentally — U.S. government contractors. These include the Vice President Security and Privacy Engineering at Google, Deputy Chief Information Security Officer (CISO) of Lockheed Martin and CISO at Motorola. Both Motorola and Lockheed Martin use Cybereason’s software and the latter is also a major investor in the company. Furthermore, as will be explained in Part 2 of this article, Lockheed Martin has used its privileged position as the top private contractor to the U.S. government to promote the widespread use of Cybereason’s software among U.S. government agencies, including the Pentagon.

Much more than a cybersecurity company

Given Cybereason’s deep and enduring ties to Israeli intelligence and its growing connections to the U.S. military and U.S. intelligence through its hiring of top CIA officials and partnership with Lockheed Martin, it’s worth asking if these disturbing election simulations could serve an ulterior purpose and, if so, who would benefit. While some aspects regarding clear conflicts of interest in relation to the 2020 election and Cybereason will be discussed in Part 2, this article will conclude by examining the possibility that Cybereason is acting as a front company for Israeli intelligence based on that country’s history of targeting the U.S. through private tech companies and on Cybereason’s own questionable characteristics.

First, Cybereason as a company presents several oddities. Its co-founder and CEO openly states that he views Cybereason’s work as a continuation of his service for Israeli military intelligence. In addition, he and the company’s other founders — after they left Unit 8200 — went to work for Israeli tech companies that have been known to spy on U.S. federal agencies for the Israeli government.

In addition, as previously mentioned, Cybereason has sought out former intelligence officers from the CIA and Unit 8200 for its management team and board of advisors. The company itself also functions as a private intelligence firm through CIG and Nocturnus, both of which employ former and current intelligence officials, and have made significant claims regarding the attribution of specific cybercrimes to state actors. It appears highly likely that these claims are influenced by those same intelligence agencies that boast close ties to Cybereason. Furthermore, Nocturnus’ access to Cybereason’s “global” network of endpoints makes it a private intelligence gathering company as it gathers and analyzes data from all devices that run Cybereason’s software.

Yet, even more telling is the fact that Israel’s government has an open policy of outsourcing intelligence-related activity to the private sector, specifically the country’s tech sector. As MintPress previously reported, this trend was first publicly acknowledged by Israel in 2012, the same year that Cybereason was founded by former Israeli military intelligence officers then-working for private contractors for Israel’s government (Alfatech) or private companies known to have ties to Israeli intelligence, including Verint/Comverse.

As noted in an article on the phenomenon from the Israeli media outlet The Calcalist:

Israel is siphoning cyber-related activities from its national defense apparatus to privately held companies. Since 2012, cyber-related and intelligence projects that were previously carried out in-house in the Israeli military and Israel’s main intelligence arms are transferred to companies that in some cases were built for this exact purpose.”

Mention of Israel’s policy of blurring the lines between the public and private sector when it comes to cybersecurity and intelligence gathering has even garnered the occasional mention in mainstream media, such as in a 2018 Foreign Policy article:

Israel, for one, has chosen to combat the problem on a statewide level by linking the public and private spheres, sometimes literally. The country’s cyberhub in the southern city of Beersheba is home not just to the Israeli military’s new technology campus but also to a high-tech corporate park, Ben-Gurion University of the Negev’s cyber-research center, and the Israel National Cyber Directorate, which reports directly to the prime minister’s office. “There’s a bridge between them—physically,” [Gabriel] Avner, the security consultant, said by way of emphasis.”

Notably, a year before Lockheed Martin invested in and partnered with Cybereason, the U.S.-based weapons company opened an office at the IDF’s public-private cyber hub in Beersheba. At the inauguration ceremony for Lockheed’s Beersheba office, company CEO Marilyn Hewson stated:

The consolidation of IDF Technical Units to new bases in the Negev Desert region is an important transformation of Israel’s information technology capability… By locating our new office in the capital of the Negev we are well positioned to work closely with our Israeli partners and stand ready to: accelerate project execution, reduce program risk and share our technical expertise by training and developing in-country talent.”

Lockheed Martin CEO Marillyn Hewson, inaugurates the Lockheed Martin Israel Demonstration Center in Tel Aviv.

Further evidence of this public-private merger can be seen in how two of Israel’s intelligence agencies, Shin Bet and Mossad, have both recently launched a private start-up accelerator and a hi-tech venture capital fund, respectively. The Shin Bet’s accelerator, called Xcelerator, usually makes its investments in private companies public, while Mossad’s Libertad Ventures refuses to disclose the tech companies and start-ups in which it invests. Former directors of both Mossad and Shin Bet have described these intelligence agencies themselves of being like start-ups, clearly showing how much the line between intelligence apparatus and private company has been blurred within the context of Israel’s tech industry and specifically its cybersecurity industry.

The advantages of outsourcing cyber intelligence operations to private companies have been noted by several analysts, including Sasha Romanosky, a former Cyber Policy Advisor at the Department of Defense and current analyst at RAND Corporation. Romanosky noted in 2017 that private intelligence and cybersecurity firms “do not necessarily face the same constraints or potential repercussions” as their public counterparts when it comes to designating blame for a cyberattack, for example. In addition, outsourcing intelligence objectives or missions to private companies provides a government with plausible deniability if that private company’s espionage-related activities or ties are made public.

Furthermore, Israeli intelligence has a long history of using private tech companies for the purposes of espionage, including against the United States. While Amdocs and Verint/Comverse were already mentioned as having been used by the state of Israel in this way, other private companies have also been used to market software backdoored by Israeli intelligence to countries around the world, both within the U.S. and elsewhere. The most well-known example of this is arguably the mass sale and distribution of the bugged PROMIS software, which was discussed at length in several recent MintPress News reports.

Given Cybereason’s ties to intelligence and Israeli intelligence’s history of placing backdoors in its software, it is worth pointing out that Cybereason’s main product, its antivirus and network defense platform, offers a major espionage opportunity. Blake Darché, a former N.S.A. operator, told the New York Times in 2017 that antivirus programs, which Cybereason’s defense platform includes, is “the ultimate backdoor,” adding that it “provides consistent, reliable and remote access that can be used for any purpose, from launching a destructive attack to conducting espionage on thousands or even millions of users.” Whether a company like Cybereason would use its software for such ends is unknown, though the company does acknowledge that its cybersecurity arm does gather intelligence from all systems that use the company’s software and currently employs and works with active duty Unit 8200 officials through CIG. This is notable because Unit 8200’s main task for Israeli military intelligence is signals intelligence, i.e. surveillance.

More of a mystery, however, is why a company like Cybereason is so interested in U.S. election security, particularly when Israeli intelligence and Israeli intelligence-connected private companies have been caught in recent years meddling in elections around the world, including the United States.

Whitney Webb is a MintPress News journalist based in Chile. She has contributed to several independent media outlets including Global Research, EcoWatch, the Ron Paul Institute and 21st Century Wire, among others. She has made several radio and television appearances and is the 2019 winner of the Serena Shim Award for Uncompromised Integrity in Journalism.

January 4, 2020 Posted by | Civil Liberties, Deception, False Flag Terrorism | , , , , , , , , , , , | 4 Comments

NSA, Israel, GVEs, Hasbara, and Gun Massacres in the USA and Beyond

By Michael Gillespie | Dissident Voice | January 25, 2014 

Why would US leaders, lawmakers, intelligence and law enforcement agency administrators allow foreign intelligence and espionage agencies and their front companies unfettered, unexamined, long-term access to vast audiences of American children and young adults? And does not that question represent legitimate and vital concerns regarding privacy, public health, public safety, and national security?

It is a matter of public record that, through its intelligence agencies and their spin-offs and many front companies, Israel is actively and deeply involved with the NSA in collecting and organizing data on Americans. The information thus collected by the NSA is shared with Britain, Australia, Canada, and New Zealand as well as Israel, but Israel is the major threat to legitimate US interests. Israel’s equivalent of the NSA, Unit 8200, or Israel SIGINT National Unit (ISNU), is notorious for its spin-off companies that become private intelligence gathering and espionage operations under Israeli control, in much the same way that Mossad has long been known to use front companies for its operations. In 2010, the investigation of a Mossad assassination team that used fraudulently obtained and falsified European and Australian passports and funding provided via US-issued bank cards revealed that the corporation that arranged the funding of the kidon team, Payoneer, was itself funded by venture capital firms linked to Israeli intelligence organizations.

One of the firms, Greylock Partners, founded in 1965, “operates in a number of global centers of innovation, including Boston, China (Beijing), India (Bangalore), Israel (Herzliya) and Silicon Valley. … Current Greylock portfolio companies include Data Robotics, Digg, Facebook, Imperva, LinkedIn, Palo Alto Networks, Pandora, Picarro, Redfin, Workday and ZipCar,” according to the firm’s website. Greylock’s investment activities in Israel were launched in 2002 by partner Moshe Mor, who “served six years in the Israeli Army as a Captain in the Military Intelligence branch.” Unlike the CIA, which has an unfortunate history of ineffective and failed business operation covers, Mossad- and Unit 8200-controlled business operations are known for lucrative success.

That record is not unblemished. According to numerous published reports, one of Mossad’s most important early software trap-door sales operatives, Robert Maxwell, a media magnate who owned several major Mossad-controlled media outlets, came to a rather spectacularly embarrassing bad end when a Mossad kidon team assassinated him on his yacht off the Canary Islands on October 31, 1991. More recently, one Israeli spy working on US soil, Hollywood movie producer Arnon Milchan, is reported to have run as many as “30 companies in 17 countries on behalf of Israel” at one point. That Milchan was actively involved in espionage and arms dealing appears to have been an open secret in Hollywood, according to his own public statements.

A 2007 NSA secret report published by the Guardian (UK) on September 11, 2013, noted NSA’s “only true Third Party [counter-terrorism] relationship being driven almost totally by the needs of the partner [Israel].” The same Guardian article reported on a 2007 NSA document quoting a senior NSA official: “One of NSA’s biggest threats is actually from friendly intelligence services, like Israel. There are parameters on what NSA shares with them, but the exchange is so robust, we sometimes share more than we intended.”

If restrictions placed on the NSA negatively impact US counter-intelligence operations directed against foreign intelligence agencies, like Israel’s, those agencies will be quick to take advantage of any void created by those restrictions or by the withdrawal of US intelligence assets. Experienced observers and analysts have seen this happen before, and not so very long ago, when the Anti-Defamation League (ADL) became a front organization for Israel’s Mossad and began funneling confidential information about Americans to the Israeli government.

“After COINTELPRO, a still-controversial FBI operation to destabilize black nationalist and other groups in the ’60s and ’70s, the FBI, state and local law enforcement authorities were ordered out of the business of gathering information about legitimate political activity by American citizens. But in some major American cities, law enforcement files relating to legitimate and Constitutionally protected political activities that had been ordered destroyed instead found their way to the offices of the ADL, which quickly became a clearinghouse for such illegally obtained and illegally retained information.

“The absence of the FBI, state, and local police investigators in the field created a void the ADL rushed to fill, with remarkable success, by increasing its in-house ‘fact-finding’ assets and capabilities and developing enhanced working relationships with ‘official friends’—government officials, investigators, and intelligence officers. … The ADL favored many of its ‘official friends’ with expense-paid trips to Israel, where they met with and were entertained by friendly officers of Israel’s espionage and counter-intelligence organizations, Mossad and Shin Bet, thus creating a major conduit for the flow of sensitive and useful U.S. domestic political intelligence to Israel’s spymasters in Tel Aviv,” wrote this reporter in a Special Report published by the Washington Report on Middle East Affairs in December 1999.

Because broadcast media news outlets in the USA seldom if ever mention Israeli espionage in their news coverage or in their ever more rare investigative reports related to matters of public interest, most Americans are unaware of and unconcerned about Israel as an espionage threat. Nevertheless, Israel has long been at or near the top of the list of nations with active and robust intelligence and espionage programs aimed at the USA and is by far the single worst offender among nations with propaganda campaigns directed at American audiences. Israel calls its public diplomacy efforts hasbara, and it is well-nigh impossible to overstate the influence of Israeli propaganda on American audiences. Likewise, because Israeli leaders and their political and media operatives exercise truly extraordinary influence over them, the vast majority of US elected officials seldom if ever mention the Israeli espionage threat or criticize Israel in any way. Rather, currying favor with Israeli leaders, media operatives, and spies is seen by many as a fast lane to success in government service and longevity of tenure in Congress. The grilling of former Republican senator Chuck Hagel of Nebraska by Republican members of the Senate Armed Services Committee who filibustered his nomination in February 2013 is illustrative. Hagel, who “volunteered to join the United States Army during the Vietnam War, rejecting a draft board recommendation that he go to college instead,” received two Purple Hearts among other commendations during his service in Vietnam. The filibuster of a nominee for Secretary of Defense was unprecedented in American history. Hagel was eventually confirmed by a vote of 58 to 41. His nomination was controversial only because he was viewed by Israeli leaders and their political and media operatives in the USA, their lobby, as being insufficiently subservient to Israel and, on rare occasions, publicly unenthusiastic about pro-Israel US policy and legislation.

Few Americans recognize the breadth, depth, and scope of Israel’s hasbara or propaganda campaign directed at Americans through media corporations, their products, and media outlets. Newsweek‘s Jeff Stein reported in a December article titled, “Former NSA Boss Michael Hayden Can’t Stop Talking” on the close relationship between Michael Hayden, former Director of the NSA (1999-2005) and former Director of the CIA (2006-2009), and former Mossad chief Maer Dagan, writing that, “They were so close when Hayden ran the CIA, a well-placed source says, that the Israelis were afforded the unique privilege of bringing cell phones and laptops into the spy agency’s headquarters. Nobody but nobody gets to do that.”

Today, reports Stein, Hayden is, “comfortable in his expansive corner office in downtown Washington, with big windows overlooking a busy intersection only a few blocks from the White House. Along with other big guns at the Chertoff Group, the consulting firm headed by another all-everything, Michael Chertoff, the former homeland security secretary, he’s cashing in and having a ball.”

How should Americans evaluate their government’s counter-intelligence efforts against such an insidious, pervasive Israeli threat? Files released by whistle blower Edward Snowden have shed new light on a particularly troubling and under-explored aspect of that question. Among those files is an NSA document titled, “Exploiting Terrorists Use of Games and Virtual Environments” dated “20070108” but described by the Guardian (UK) as having been “written in 2008.” The document, published on December 9, 2013, limns a brave new world of espionage in the era of on-line video gaming. Taking the document at face value, it appears that seven years ago someone in or closely associated with the NSA became concerned that terrorists could exploit and were exploiting on-line video games and virtual environments (GVEs) that allow like-minded individuals to gather and communicate privately on-line. The unnamed author notes that video games offer “realistic weapons training (what weapon to use against what target, what ranges can be achieved, even aiming and firing), military operations and tactics, photorealistic land navigation and terrain familiarization, and leadership skills”; that GVE’s can “reinforce prejudices and cultural stereotypes while imparting a targeted message or a lesson,” and that, “one cannot discount the ‘fun factor’ involved – it is important to hold your target audience’s attention – and makes ingesting the message not even noticeable”.

The great danger inherent in such technologies, of course, and the aspect of these technologies that makes them so valuable to intelligence/espionage organizations, is their usefulness as means of covert messaging and manipulation of the behavior of individuals and groups of individuals who can be tracked and targeted on-line over time for espionage purposes, including the creation and direction of unwitting or Manchurian Candidate operatives and assassins. Think operant conditioning on steroids or behavior modification perverted by intelligence/espionage agency psychological operations (psy-ops) teams and taken to the deepest, darkest corners of the human psyche. This is work for which spook shop psy-ops teams once relied on short-range, low power FM radio broadcasts in order to covertly transmit programming created to manipulate their mentally unstable targets, work in which first-person-shooter video games represent a major technological advancement.

The author of the 2007 NSA paper on GVEs wrote, “We know that terrorists use many feature-rich Internet communications media for operational purposes such as email, VoIP, chat, proxies, and web forums, and it is highly likely they will be making wide use of the many communications features offered by Games and Visual Environments (GVE) by 2010,” and warned that the “NSA can’t even recognize the traffic, and therefore it is impossible to even say what percentage of the environment is GVE; let alone how targets are using the communications features of GVEs. However, GVEs offer a SIGINT/HUMINT opportunity space and more research is needed to figure out effective exploitation.”

Readers conversant with the history of video game technology will know that the technologies in use in today’s first-person-shooter video games, games that many mass murderers have used as training aids, have been in development since the 1990s. “By the late 1990s most [real time strategy] RTS games had native Internet support, allowing players from all over the globe to play with each other.” This, of course, puts the NSA document’s revelations regarding the NSA’s posture and policies regarding GVEs in a rather embarrassing light that should raise some serious questions about Gen. Michael Hayden’s leadership at the NSA. Apparently, Gen. Hayden was not much interested and perhaps not even aware of a need to be interested in GVEs while he was the Director of NSA, the primary producer and manager of signals intelligence (SIGINT) for the US government. Given that in 2007, NSA could not recognize the traffic, determine what percentage of internet traffic was devoted to GVEs, or see how [NSA] targets – terrorists or other intelligence/espionage agencies or their front companies – were utilizing the communications features of GVEs, Hayden’s and his successor Gen. Keith Alexander’s apparent indifference and ignorance with regard to these technologies prior to 2007 would appear to be well-nigh incomprehensible.

One might also ask why, today, Hayden is so popular among major broadcast and print news organizations as explainer- and defender-in-chief of the NSA. The answer, of course, is that currying favor with Israeli leaders, media operatives, and spooks in the USA is a fast track to success in the defense and security industries and associated media outlets following a career in government service – for those who view public service as a casino and retirement as an opportunity to cash in their chips and have a ball.

It is noteworthy that the NSA did not block the Guardian’s release of the GVE document, which Washington Post reporter Barton Gellman’s subsequent comments suggest it might have done on national security grounds. With regard to their government’s relationship with Israel, there is much about which their elected representatives and the vast majority of honest bureaucrats are unable to speak to the American people directly and plainly for fear of reprisal by Israeli leaders and their political and media operatives, aka the pro-Israel lobby. Those US officials who have been thoroughly corrupted by the powerful and influential pro-Israel machine, and many of those who might be described as duped and co-opted, are, of course, committed to keeping their own secrets as well as Israel’s secrets by adhering to a public narrative that is distinctly Israel-friendly.

So uncharacteristic of former CIA and NSA chiefs is Hayden’s media act that in his December Newsweek article Stein characterized Hayden’s public post-government-service defense of the NSA as, “So very un-spook-like.” Obviously, Hayden feels he has “a lot of ‘splainin to do.” Is the former NSA and CIA director worried that, should the truth become known, he might come to be widely viewed as the most feckless spy chief in American history, a figure of fun and ridicule, the Pillsbury Doughboy of espionage?

More information about on-line video games came to Americans courtesy of National Public Radio (NPR) on October 29, 2013, in an All Tech Considered segment, “How Video Games are Getting Inside Your Head – and Your Wallet,” by Steve Henn.

While the author of the 2007 NSA secret report on GVEs was concerned about terrorists who exploit video game technologies, Henn, who won an Edward R. Murrow Award for national investigative reporting on his way to becoming NPR’s technology correspondent, focuses on the effects of today’s video game technology on American children and their parents.

Henn writes, “… being connected to the internet … means that kids … can play with people spread across the globe. It also means that gaming companies can analyze how gamers play — each and every decision they make.

So when kids sit down with a game, they are actually sitting across a screen from adults who are studying them — and, in some cases, trying to influence their behavior in powerful ways.

Researchers in game companies tweak games to get players to stay on longer, or to encourage them to spend money on digital goods. They study gamers’ reactions. It’s become a science. And parents … often feel out-gunned.

In millions of families, video games are a source of intense love and intense hate because they can be so incredibly compelling. You might not believe that if you don’t play them, but you can get lost in a great game. They make you feel good.

And it’s no accident, says Ramin Shokrizade, the game economist for Wargaming America.

“The technology for this has gotten quite sophisticated,” says Shokrizade, who began his career in neuroscience and behavioral economics. “At this point, every major gaming company worldwide either has in place a fully developed business intelligence unit, or they’re in the process of building one.”

Today’s game design is dominated by research, he says. As we play games, game developers are tracking every click, running tests and analyzing data.

They are trying to find out: What can they tweak to make us play just a bit longer? What would make the game more fun? What can get us to spend some money inside a game and buy something?

“So as millions of people play, designers introduce little changes and get answers to all of these questions in real time [covertly, without the gamer’s knowledge – emphasis supplied]. And games evolve,” wrote Henn.

This reporter, who does not allow his son to play violent video games for the same reasons he would not hand any child a loaded revolver with the suggestion that he play Russian roulette, is astonished that so many American parents are apparently willing to allow their children to play violent video games widely known to have been used by gun massacre murderers for training purposes. Does not the enormous popularity of first-person-shooter video games, in and of itself, serve as compelling evidence that the flood of violent media product sluicing through screens large and small, a raging river of murder and mayhem, has desensitized large numbers of Americans to violence? Moreover, is the frantic, paranoid zealotry that so often characterizes the reactions of many American gun enthusiasts to proposals for background checks and restrictions on the sale of assault rifles and high-capacity magazines not persuasive evidence of a dangerous gun mania abroad in the land, yet another of the many negative effects of the surfeit of violent media product?

Here, one might pause to speculate that the media corporations responsible for creating and mass marketing GVEs knew in 2007 and, still today, know far more about the capabilities of their products than does the NSA. It would seem to be in the public interest for Americans and their elected officials to look closely at those corporations, take note who owns them, and to examine where their owners’ and managers’ political loyalties lie. We are, after all, talking about the most significant and alarming technological developments in the field of covert behavior modification and behavior manipulation in human history, the most lucrative — video games now generate more profits than do motion pictures — and the most dangerous of such technological developments. Are many of these companies using technologies developed by Israel’s spook shops? Might many of these companies be spin-offs of Israel’s Unit 8200 or Mossad front companies? Among the hundreds of gun massacres carried out by apparently deranged adolescents and young adult men in recent decades, is it possible to differentiate between those in which an obsession with violent media product was incidentally causal and those in which intelligence/espionage organizations covertly tracked and targeted individual gamers and influenced their behavior using GVEs for political purposes, such as inciting fear and animosity across political, social, racial, and religious dividing lines? Or instilling and maintaining in a significant number of Americans a pervasive sense of anxiety, fear, and anger? Should not every politically-related shooting by a mentally-ill individual be thoroughly scrutinized with regard to the shooter’s on-line GVE use? Why would US leaders, legislators, intelligence and law enforcement agency administrators allow foreign intelligence and espionage agencies and their front companies unfettered, unexamined, long-term access to vast audiences of American young people? And does not that question represent legitimate and vitally important concerns about privacy as well as public health, public safety, and national security?

Though few are asking publicly, these would seem to be important questions. To fail to ask and answer them would represent a grave counter-intelligence lapse, given that just one particular series of violent video games, Call of Duty, is reported by news organizations to have been used for training by at least three mass murders. Mohamed Merah, who shot dead seven people in France in March 2012; Anders Breivik, who murdered 77 people in Norway in August 2012; and Adam Lanza, who gunned down 20 first-graders and six educators at the Sandy Hook Elementary School in Newtown, CT in December 2012, all trained for their killing sprees using Call of Duty series video games.

The casual observer might have assumed that Merah acted out of political, religious, or racial animus, given his background and his choice of targets, four of whom were Jews, including three children, but his wife told investigators that he was obsessed with violent video games rather than politics or religion.

“Miriam, who was married to Merah for 17 days before his death, said: ‘We had many religious conversations, but we spent our time playing PlayStation, including ‘Call of Duty’ and ‘Need for Speed,’” reported Richard Hartley-Parkinson, in an article published by the Daily Mail Online (UK) on December 15, 2012.

Breivik testified in open court at his trial that his motives were political, and he told the court that he trained for his killing spree with first-person-shooter video games.

“Breivik said he spent up to 16 hours a day playing the game in preparation for the attack. He said he became a deadly marksman by honing his gun skills on the Modern Warfare part of the [Call of Duty] series. He even bought a special gun sight used on the game, attaching it to the hunting rifle he used for his deadly rampage…” wrote Hartley-Parkinson.

Lanza’s mental health issues have been documented and widely reported along with his obsessive use of violent video games. A March 17, 2013 New York Daily News article by Mike Lupica draws heavily on an officer’s comments about a presentation by Col. Danny Stebbins of the Connecticut State Police at an April 2013 conference of International Association of Police Chiefs and Colonels in New Orleans.

Stebbins spoke for a long time about the morning of Dec. 14 at Sandy Hook Elementary. Those in the room were told of first responders in Newtown who have since quit their jobs, so shattered were they by what they found when they got to the school that morning, when they saw dead teachers with their arms wrapped around the children they had tried in vain to save.

“The man to whom I spoke, a tough career cop who did not wish to see his name in the newspaper, was in the room when the state cop from Connecticut spoke,” said the man was well into his presentation when he began to talk of the spreadsheets that had been found at “the shooter’s” home.

“They don’t believe this was just a spreadsheet. They believe it was a score sheet,” he continued. “This was the work of a video gamer, and that it was his intent to put his own name at the very top of that list. They believe that he picked an elementary school because he felt it was a point of least resistance, where he could rack up the greatest number of kills. That’s what (the Connecticut police) believe.”

The man paused and said, “They believe that (Lanza) believed that it was the way to pick up the easiest points. It’s why he didn’t want to be killed by law enforcement. In the code of a gamer, even a deranged gamer like this little bastard, if somebody else kills you, they get your points. They believe that’s why he killed himself.” …

The fascination (Lanza) had with this subject matter, the complete and total concentration. There really was no other subject matter inside his head. Just this: Kill, kill, kill. It really was like he was lost in one of his own sick games. That’s what we heard. That he learned something from his game that you learn in (police) school, about how if you’re moving from room to room — the way he was in that school — you have to reload before you get to the next room. Maybe he has a 30-round magazine clip, and he’s only used half of it. But he’s willing to dump 15 rounds and have a new clip before he arrives in the next room.

The career law enforcement veteran paused again, and when he started speaking again his voice was shaking, like a wind had blown through it.

They believe he learned the principles of this — the tactical reload — from his game. Reload before you’re completely out. Keep going. When the strap broke on his first weapon (the AR-15), he went to his handgun at the end. Classic police training. Or something you learn playing [first-person-shooter video] kill games.

Despite the impressions of the Connecticut officers, the voluminous final, official report identified no particular motive for Lanza’s actions, according to a November 25, 2013 article in the New York Times, a publication that has long claimed to be the nation’s newspaper of record, but one which did not find it necessary to publish a news article about revelations that the NSA shares intelligence data on Americans with Israeli spy agencies. That news was not “surprising” enough to cover, in the opinion of the editors and publisher of the New York Times.

In a September 2013 interview, Eric Hirshberg, CEO of Activision Publishing, which publishes and mass markets Call of Duty and other first-person-shooter video games, told Rob Crossley that he was pleased with a business strategy that the nation’s most accomplished consumer protection advocate, Ralph Nader, has accurately if bluntly described as electronic child molestation.

Yeah I don’t see that strategy changing, it’s been one we’ve had for a while and I think our slate has always been relatively small and narrower than most of our competitors. We’re getting good results with this strategy too, and I think that kind of focus is good for us creatively. It allows us to focus on the choices we make very carefully, and to ensure you’re working with the best development talent, and you’re making the right investments from a marketing standpoint in order to succeed.

I look at the continued momentum of Call of Duty, the explosive success of Skylanders, the potential of Destiny and I see this as the right strategy for us.

Asked by Crossley if his strategy lacked diversity and he was, perhaps, relying too heavily on first-person-shooter games, Hirshberg responded:

First-person-shooters have been stable for a number of generations now, and I don’t think that just because Destiny and Call of Duty are in the same genre that they are not diverse. I think they couldn’t be more different from one another. One is a deep, mythological sci-fi epic opera in space, the other is a gritty action movie that’s come to life. The games are very different from a pacing and design standpoint too, so I think there is diversity there, you just might not see it at face value.

Following the Sandy Hook Elementary School massacre, Hirshberg’s Activision hired a high-powered Washington, DC lobbying firm to counter a potential legislative response to its lucrative business strategy and socially-destabilizing, violence-inciting products.

There can be no doubt that gun massacres and other violence attendant upon the widespread availability and use of violent, first-person-shooter video games as entertainment represent, at the very least, a major public safety challenge, one that US intelligence and law enforcement agencies and lawmakers have failed to identify for what it is and are apparently powerless to address effectively. Whether the larger entertainment industry and its subsidiary news organizations are complicit in the continuing epidemic of gun massacres across the USA is not a question – they are. The question is, What can be done to reduce the deluge of violent media product these industries pump into American popular culture with criminal abandon?

In two countries, Venezuela and Switzerland, governments have acted to ban completely the sale and distribution of violent video games on the basis of violent content posing an unacceptable threat to public health and safety. With regard to gun violence and crime, Venezuela and Switzerland are a study in contrasts. Venezuela experiences high rates of crime and gun violence, while Switzerland, despite the Swiss owning more assault rifles per capita than, for instance, Americans, and competitive marksmanship being the national sport, enjoys remarkably low rates of both crime and gun violence. Many other countries have banned some games, most for violent content but also for a variety to other causes including pornographic content. It is noteworthy that video game industry flaks and gamer site writers typically sneer at bans on violent content and blatantly misrepresent the nature of the problem that violent video games represent.

In the USA, those who attempt to start or encourage a substantive public discussion in television news venues about the horrific effects of violent media product find themselves silenced in short order. Less than 48 hours after the shooting at Sandy Hook Elementary School, former Pennsylvania governor Tom Ridge raised the issue on NBC’s Sunday morning news program, Meet the Press. Ridge, a former Secretary of Homeland Security and a member of the panel that investigated the April 16, 2007 Virginia Tech gun massacre, the nation’s worst, which left 32 victims dead and 17 wounded, is eminently well-qualified to speak on these matters. That did not prevent well-heeled corporate media operatives David Gregory and David Brooks shutting Ridge down almost immediately and dismissing his concerns. Brooks, taking on the role of propagandist for the video game industry, in defiance of decades of social science research flatly contradicted Ridge’s observation that young and impressionable viewers are put at serious risk by exposure to “the corrosive influence of a violence-oriented world, TV, video games, shoot-to-kill video games,” causative factors in gun massacres.

Attempts to restrict the manufacture, sale, and distribution of violent video games that all too frequently incite children, typically boys, young men, and mentally unstable adults to devastating acts of gun violence have been unsuccessful. In 2011, a California law was nixed by the US Supreme Court on free speech grounds [43].

“Leland Yee, a California state senator who wrote the law, said in a statement that ‘the Supreme Court once again put the interests of corporate America before the interests of our children,’ adding: ‘It is simply wrong that the video game industry can be allowed to put their profit margins over the rights of parents and the well-being of children,’” reported Adam Liptak for the New York Times on June 27, 2011.

“The video game industry, with annual domestic sales of more than $10 billion, welcomed Monday’s ruling,” wrote Liptak.

In the months after the Sandy Hook Elementary School massacre, the entertainment industry fought back against a small number of news stories apparently crafted to persuade Americans that some in Hollywood recognize a sense of responsibility for the violence their products all too frequently incite. To address the potentially problematic public awareness of the entertainment industry’s causative role in gun massacres, Variety, the entertainment industry’s major trade publication since its founding in 1905, published a special edition titled Special Report: Violence & Entertainment (Winter Edition, Vol. 429, No. 10). The visually-impressive, glossy, 79-page report attempts to put an industry-friendly spin on violent media product and to place it in a larger, violent, but seemingly disconnected social context so as to effectively absolve Hollywood’s media moguls of culpability in societal violence.

Perhaps the report’s single most interesting and unintentionally revealing article is one authored by Variety’s Israel correspondent, Debra Kamin.

“Israel, well versed in terror attacks, has never had a U.S.-style mass shooting,” writes Kamin.

Apparently Kamin does not consider American-born Israeli physician and mass murderer Baruch Goldstein’s February 25, 1994 massacre of 29 Palestinian Muslim worshipers at the Cave of the Patriarchs in Hebron to be a “U.S.-style mass shooting.” Goldstein, who used his Israeli government-issued, IMI Galil assault rifle to commit the murders, was an admirer of Rabbi Meir Kahane and active in the Israeli far-right political party founded by Kahane, Kach, a group classified by the United States and Israeli governments as a terrorist organization.

Kamin quotes an Israeli-American writer, editor, and cultural commentator, David Hazony, at some length. Hazony, too, is at pains to differentiate American and Israeli attitudes about guns, gun violence, and media violence.

“Israelis,” declares Hazony, “draw a very sharp line between cartoonish, U.S.-made TV violence and reality.”

But just who is responsible for most if not all of that “cartoonish, U.S.-made TV violence”? There is no mention in Variety’s Special Report: Violence & Entertainment that, according to a widely-respected Jewish-American author who among his many other accomplishments served as “a sharpshooter with the Israeli Border Police Civil Guard,” the industries that create, produce, market, advertise, promote, and defend lucrative, socially-destabilizing, violent US media product are heavily influenced or largely controlled by Jews.

It is true that Jews are represented in the media in numbers far out of proportion to their share of the population. … they make up one-fourth or more of the writers, editors, and producers in America’s ‘elite media,’ including network news divisions, top news weeklies and the four leading daily newspapers (New York Times, Los Angeles Times, Washington Post, and Wall Street Journal).

In the fast-moving world of media mega-corporations, Jews are even more numerous. In an October 1994 Vanity Fair [magazine] feature profiling the kingpins of the new media elite, titled ‘The New Establishment,’ just under half of the two dozen entrepreneurs profiled were Jews. In the view of the magazine’s editors, these are America’s true power elite, ‘men and women from the entertainment, communications, and computer industries whose ambitions and influence have made America the one true superpower of the Information Age.’

“And in a few key sectors of the media, notably among Hollywood studio executives, Jews are so numerically dominant that calling these businesses Jewish-controlled is little more than a statistical observation,” wrote JJ Goldberg, in his book, Jewish Power: Inside the American Jewish Establishment (Addison-Wesley, Reading, MA, 1996).

Variety is, after all, a propaganda organ for a much larger propaganda organ, an industry that year after year lavished its most prestigious awards and award nominations on 24, a long-running popular prime time American television series that ever so persistently attempted to “normalize torture in the public consciousness.” That particular effort by Hollywood producers to legitimize torture was so successful that, “in February 2007, the New Yorker magazine reported that U.S. Army Brigadier General Patrick Finnegan (dean of the United States Military Academy at West Point), accompanied by three of the most experienced military and FBI interrogators in the country, met with the producers of 24 to criticize the show for misrepresenting the effectiveness of torture as an interrogation technique, saying it encouraged soldiers to see torture as a useful and justified tactic in the War on Terror, and damaged the international image of the United States.”

Violent media product and its many various and well-documented pernicious effects on vast audiences, particularly young, naïve, and impressionable viewers, across human society represent an increasingly serious public health and public safety challenge. Research studies indicate that first-person-shooter video games are likely the worst offenders. There was gun violence in an American school every two weeks on average in 2013. And, on September 16, 2013, a shotgun-wielding video game addict entered the Washington Navy Yard, a restricted access military facility in the nation’s capital, where he gunned down 15 people, killing 12. This year has already seen three shootings in American schools. An eleven-year old boy firing a shotgun injured two fellow students on January 14 at Berrendo Middle School in Roswell, NM. Two students were wounded in a shooting on January 17 at Delaware Valley Charter High School in Philadelphia, PA. A teaching assistant was shot dead on January 21 at Purdue University in West Lafayette, IN. Also on January 21, a student was shot while sitting in a car near the Widener University athletic center in Chester, PA.

America’s continuing epidemic of gun violence and gun massacres, a result in part of a massive counter-intelligence failure, is but the tip of an iceberg of espionage-related-and-facilitated, socially-destabilizing gun violence, death, and destruction, violence that is attendant upon and to some extent caused by the U.S. entertainment industry’s lucrative obsession with violent media product. The entertainment industry’s deadly focus on violent media product, much of it freighted with political and social messaging crafted to further the social, economic, political, and military agendas of industry moguls and Israeli leaders, is in large part a function of Israel’s robust overt hasbara and covert psychological operations campaigns aimed directly at credulous US audiences.

Israel’s long history of espionage against the United States government on Unites States soil, Israel’s long history of spying on Americans and listening in on Americans’ private conversations – even the communications of FBI counter-intelligence units and the telephone conversations of president of the United States – is largely absent from the thus distorted but crucial public debate about the NSA’s overreaching surveillance programs only because Israel-friendly US politicians and media organizations typically cover up or down play those crimes.

As long as the Israeli political and media machine wields such wildly inordinate and inappropriate influence over US politicians, political institutions, and what passes for popular culture and a public discussion in America, it is very difficult to imagine that the NSA, CIA, FBI and other US law enforcement agencies will find the guidance and political support necessary to address effectively these increasingly problematic espionage-related-and-driven public health, public safety, and national security challenges.

The single greatest danger in restricting the ability of the National Security Administration (NSA) to collect information broadly is that no foreign intelligence agency will necessarily be similarly impacted by such restrictions. Foreign intelligence agencies, especially Israeli intelligence and espionage agencies and their front companies, may well find their ability to act against the USA and its interests, and to act with impunity, substantially enhanced by restrictions placed on US intelligence agencies.

~

Michael Gillespie, in addition to his regular freelance work for Washington Report on Middle East Affairs, is also a contributing editor and the Des Moines, IA correspondent for The Independent Monitor, the national newspaper of Arab Americans, published by Sami Mashney in Anaheim, CA.

January 25, 2014 Posted by | Deception, Ethnic Cleansing, Racism, Zionism, Timeless or most popular | , , , , , | 1 Comment

Mossad Infiltrated French Presidential Computer Systems

By Richard Silverstein  ·  Tikun Olam  · October 26, 2013

Glenn Greenwald has published in LeMonde, yet another eye-popping story about the NSA.  But in this case, it turns out the NSA was not the culprit.  Look no farther than the Mossad for the presumably guilty party.  In 2012, during the French presidential elections, which Nicolas Sarkozy would go on to lose to Francois Hollande, French counter-intelligence discovered that a foreign intelligence agency had penetrated the computer systems of the Elysee Palace, the French White House.  A French magazine blared that it was an NSA job.  French intelligence apparently believed this and took the NSA to the woodshed.  Relations were very tense between these otherwise strong allies.

But given Snowden’s recent revelations about the all-seeing NSA, this case was different.  The NSA began investigating and discovered that none of its operatives had been responsible (at least in this particular case).  Because the case threatened to endanger relations with a U.S. ally, they went so far as to query the intelligence agencies of twenty U.S. allies, who all professed ignorance of the operation.  In meetings with their French counterparts, NSA officials revealed all this and swore they were not the culprits.  But they tellingly noted that among the nations they had not queried was Israel because, in their words, discussion of matters related to France was not within the purview of the NSA-Mossad relationship.  This is the equivalent of what Monty Python called, “Wink-wink, nudge-nudge.”

What specifically did Unit 8200 want to learn about French policy from such an intrusion?  According to my own Israeli source, there was no specific mission.  Spying was indiscriminate and opportunistic.  He would not speaking directly to this particular incident because he did not want to expose a specific operation if there was one.  But he would say this:

Unit 8200 and Mossad hack everyone they technically can. You can never know what interesting intelligence will come from a phone call/email of any foreign leader or official – so they spy on anyone possible.

In other words, Israeli intelligence has no restraints, unlike (we hope) spy agencies of other western nations.  Where the NSA got into trouble (after Snowden’s revelations were published) was that it was operating as if it were Unit 8200, rather than an American agency restrained by American laws and constitutional practice.  At least until recently, the NSA and Israeli cyber-intelligence could’ve been twins.

That is why the recently revealed agreement between the NSA and Unit 8200 to share intelligence (even about U.S. citizens) was no surprise at all.  And what 8200 didn’t learn directly from data supplied to them by the NSA it could derive from its own intelligence operations here in the U.S., where the FBI finds Israel to the be the third-most active spy operation of all foreign countries active here.

Mossad’s intelligence method of “flooding the zone” to get whatever information it can from whatever sources it can, further cements the notion that it is not an agency of a truly democratic nation with checks and balances and protections for citizens and non-citizens.  There are, or should be, things that allies just don’t do to each other.  But for Israel, there is no such thing as an ally.  There are nations that further its interests (known in most other countries as ‘allies’) and nations which oppose its interests (enemies).   Israel spies on its greatest ally (as we’ve seen) and its greatest enemy.  There is hardly a distinction made except that the nature of the information sought is different.

October 26, 2013 Posted by | Corruption, Deception, Full Spectrum Dominance, Timeless or most popular | , , , , , , | Leave a comment