Two for Tuesday
Reply
Tag Archives: Edward Snowden
Unaccounted Power is Dragging Global Society Into An Orwellian Dystopia
By Dr Nozomi Hayase
WikiLeaks dropped a bombshell on the U.S. Central Intelligence Agency. Code-named “Vault 7”, the whistleblowing site began releasing the largest publication of confidential documents, that have come from the top secret security network at the Cyber Intelligence Center.
Long before the Edward Snowden revelations, Julian Assange noted how “The Internet, our greatest tool of emancipation, has been transformed into the most dangerous facilitator of totalitarianism we have ever seen.” He decried the militarisation of the Internet with the penetration by the intelligence agencies like NSA and GCHQ, which created “a military occupation of civilian space”.
Now, WikiLeaks’ latest disclosures shed further light on this cyber-warfare, exposing the role of the CIA.
At a recent press conference from the Ecuadorian embassy in London, Assange explained how the CIA developed its own cyber-weapons arsenal and lost it after storing it all in one place. What is alarming is that the CIA became aware of this loss and didn’t warn the public about it. As a result, this pervasive technology that was designed to hide all traces, can now be used by cyber-mafias, foreign agents, hackers and by anyone for malicious purposes.
Part one of this WikiLeaks publication dubbed “Year Zero”, revealed the CIA’s global hacking force from 2013 to 2016. The thousands of documents released contain visceral revelations of the CIA’s own version of an NSA. With an ability to hack any Android or iPhone, as well as Samsung TVs and even cars, they spy on citizens, bypassing encrypted messaging apps like Signal and Telegram. The Vault 7 leaks that exposed the CIA’s excessive power is of great importance from a point of view of security for individual privacy. But it has larger significance tied to the mission of WikiLeaks.
Opening Government into the Deep State
Describing itself on its site as “a multi-national media organisation and associated library”, WikiLeaks aims to open governments in order to bring justice. In the speech at the SWSX conference in Texas, delivered via Skype in 2014, Assange described the particular environment that spawned the culture of disclosure this organisation helped to create.
He noted how “we were living in some fictitious representation of what we thought was the world” and that the “true history of the world” is “all obscured by some kind of fog”. This founder and editor in chief of innovative journalism explained how disclosures made though their publications break this fog.
The magnitude of this Vault 7 cache, which some say may be bigger than the Snowden revelations, perhaps lies in its effect of clearing the fog to let people around the world see the ground upon which the narratives of true history are written.
Since coming online in 2007, WikiLeaks has published more than 10 million documents. Each groundbreaking disclosure got us closer to where the real power of the world resides. In 2010, WikiLeaks rose to prominence with the publication of the Collateral Murder video. With the release of documents concerning U.S. Wars in Iraq and Afghanistan, they hit on the nerves of the Pentagon —the central nervous system of the Military Industrial Complex. With the release of the U.S. Diplomatic Cables, they angered the State Department and came head to head with this global superpower.
Last year, this unprecedented publisher with its perfect record of document authentication, began to blow the cover off American democracy a step further to clear the fog. WikiLeaks played an important role in the 2016 U.S. Presidential election. The DNC leaks disrupted the prescribed script of corporate sponsored lesser of two evils charade politics. The publication of the Podesta emails that revealed internal workings of the Clinton campaign, gave the American people an opportunity to learn in real time about the function of the electoral arena as a mechanism of control.
With the demise of the Democratic Party, led by its own internal corruption, the cracks in this façade widened, unveiling the existence of a government within a government.
People are beginning to glimpse those who seek to control behind the scenes – anonymous unelected actors who exercise enduring power in Washington by manipulating public perception.
This unraveling that has been slowly unfolding, appeared to have reached a peak last month when Trump’s former National Security Adviser, Michael Flynn resigned. He was forced to do this on the grounds that leaked classified information revealed he was lying about his phone conversation discussing sanctions with the Russian Ambassador.
WikiLeaks now entered its 10th year. The momentum continues, bringing us to a new pinnacle of disclosure. At the end of last year, in anticipation of this new release, WikiLeaks tweeted, “If you thought 2016 was a big WikiLeaks year, 2017 will blow you away.” During the dramatic takedown of General Flynn, the media created a frenzy around unconfirmed claims that Russia was meddling with the U.S. election and Putin’s alleged ties with Trump, creating another fog of obfuscation. It was in this climate that WikiLeaks published documents showing CIA espionage in the last French presidential election.
History Awakening
The idea of a shadow government has been the focus of political activists, while it has also been a subject of ridicule as conspiracy theories. Now, WikiLeaks’ pristine documents provide irrefutable evidence about this hidden sector of society. The term ‘deep state’ that is referenced in the mainstream media, first hit the major airwaves in 2014, in Bill Moyers’ interview with Mike Lofgren. This former congressional staff member discussed his essay titled “Anatomy of the Deep State” and explained it as the congruence of power emerging as a “hybrid of corporate America and national security state”.
We are now watching a deep state sword-fight against the elected Caesar of American plutocracy in this gladiator ring, surrounded by the cheers of liberal intelligentsia, who are maddened with McCarthy era hysteria. As the Republic is falling with its crumbling infrastructure and anemic debt economy, far away from the coliseum, crazed with the out-of-tune national anthem, the silent pulse of hope begins to whisper.
WikiLeaks unlocked the vaults that had swallowed the stolen past. As the doors open into this hidden America, history awakens with dripping blood that runs deep inside the castle. As part of the release of this encrypted treasure-trove of documents, WikiLeaks posted on Twitter the following passphrase; “SplinterItIntoAThousandPiecesAndScatterItIntoTheWinds.” These were actually words spoken by President John F. Kennedy, a month before his assassination. His exact words were “I will splinter the CIA into a thousands pieces and scatter it into the wind” – which shows his attitude toward the CIA as an arm of the deep state and what many believe to be the real reason for his assassination.
The secret stream of history continues, taking control over every aspect of civil life and infecting the heart of democracy. The U.S. has long since lost its way. We have been living in a fictitious representation of the flag and the White House. It is not judicial boundaries drawn by the Constitution or even the enlightenment ideals that once inspired the founders of this country that now guide the course of our lives. Tyranny of the old world casts its shadow, binding Congress, the Supreme Court and the President into a rule of oligarchy. CIA documents revealed that the U.S. Consulate in Frankfurt was used as a covert hacking base, while CIA officers work under the cover of the State Department to penetrate with these intelligence operations. The Wall Street Journal now reports that President Trump has given the CIA expanded authority to carry out drone attacks, which was power that prior to that had only been given to the Pentagon.
Decisions that radically alter the direction of our society are not made in a fair democratic election, a public hearing or the senate floor. They are made in the FISA Court and secret grand juries, bypassing judicial warrants and democratic accountability. This hidden network of power that exists above the law entangles legislators, judges and the press into a web of deception through dirty money and corrupt influence. It controls perception of the past, present and future.
The Internet Generation
As the deep state comes to the surface, we are able to see the real battle on the horizon. What is revealed here is a clash of values and two radically different visions of a future civilization. In his response to the Vault 7 publication, Michael Hayden, the former CIA director was quick to lay blame on the millennials. He said, “This group of millennials and related groups simply have different understandings of the words loyalty, secrecy and transparency than certainly my generation did”. To him, these young people are the problem, as if their different cultural approach and instincts must be tempered and indoctrinated into this hierarchical system, so they know who their masters are.
Who are these people that are treated as a plague on society? This is the Internet generation, immersed with the culture of the free-net, freedom of speech and association. They believe in privacy for individuals, while demanding transparency for those in power. Peter Ludlow, a philosopher who writes under the pseudonym Urizenus Sklar, shared his observation of a cultural shift that happened in 2011. He noted that WikiLeaks had become a catalyst for an underground subculture of hackers that burst into the mainstream as a vital political force.
Assange recognised this development in recent years as a “politicisation of the youth connected to Internet” and acknowledged it as “the most significant thing that happened in the world since the 1960s”.
This new generation ran into the deep state and those who confront it are met with intense hostility. Despite his promise of becoming the most transparent government, Obama engaged in unprecedented persecution of whistleblowers. Now this dark legacy seems to be continuing with the present administration. Vice president Mike Pence vowed to “use the full force of the law” to hunt down those who released the Intelligence Agency’s secret material.
As these conflicts heat up, resistance continues in the Internet that has now become a battleground. Despite crackdowns on truthtellers, these whistleblowers won’t go away. From Manning to Snowden, people inside institutions who have come to see subversion of government toward insidious control and want change, have shown extraordinary courage.
According to a statement given to WikiLeaks, the source behind the CIA documents is following the steps of these predecessors. They want this information to be publicly debated and for people to understand the fact that the CIA created its own NSA without any oversight. The CIA claims its mission is to “aggressively collect foreign intelligence overseas to protect America from terrorists, hostile nation states and other adversaries”. With these documents that have now been brought back to the historical archive, the public can examine whether this agency has itself lost control and whose interests they truly serve.
The Future of Civilisation
As the world’s first stateless 4th estate, WikiLeaks has opened up new territory where people can touch the ground of uncensored reality and claim creative power to participate in the history that is happening. In a press conference on Periscope, Assange made reference to a statement by the President of Microsoft, who called for the creation of a digital Geneva Convention to provide protection against nation-states and cyber-attacks. He then affirmed WikiLeaks’s role as a neutral digital Switzerland for people all over the world.
WikiLeaks is taking the first step toward this vision. After they carefully redacted the actual codes of CIA hacking tools, anonymised names and email addresses that were targeted, they announced that they will work with tech companies by giving them some exclusive access to the material. Assange explained that this could help them understand vulnerabilities and produce security fixes, to create a possible antidote to the CIA’s breach of security and offer countermeasures. WikiLeaks tweeted notifying the public that they now have contacted Apple, Microsoft, Google, Mozilla and MicroTik to help protect users against CIA malware.
The Internet unleashed the beast that grows its force in the dark. Unaccounted power is dragging global society down into an Orwellian dystopia. Yet, from this same Internet, a new force is arising. Courage of the common people is breaking through the firewall of secrecy, creating a fortress that becomes ever more resilient, as the network of people around the world fighting for freedom expands.
When democracy dies in darkness, it can be reborn in the light of transparency. The deep state stretches across borders, sucking people into an abyss of totalitarian control. At the same time, the epic publication of Vault 7 that has just begun, reminds us that the greatness in each of us can awaken to take back the power of emancipation and participate in this battle for democracy, the outcome of which could not only determine the future of the Internet, but of our civilisation.
Nozomi Hayase, Ph.D., a native of Japan, is a columnist, researcher, and the First Amendment advocate. She is member of The Indicter‘s Editorial Board and a former contributing writer to WL Central and has been covering issues of free speech, transparency and the vital role of whistleblowers in global society.
The Misguided ‘Vault 7’ Whodunit
Vault 7: CIA Hacking Tools Revealed
Source: WikiLeaks
Press Release
Today, Tuesday 7 March 2017, WikiLeaks begins its new series of leaks on the U.S. Central Intelligence Agency. Code-named “Vault 7” by WikiLeaks, it is the largest ever publication of confidential documents on the agency.
The first full part of the series, “Year Zero”, comprises 8,761 documents and files from an isolated, high-security network situated inside the CIA’s Center for Cyber Intelligence in Langley, Virgina. It follows an introductory disclosure last month of CIA targeting French political parties and candidates in the lead up to the 2012 presidential election.
Recently, the CIA lost control of the majority of its hacking arsenal including malware, viruses, trojans, weaponized “zero day” exploits, malware remote control systems and associated documentation. This extraordinary collection, which amounts to more than several hundred million lines of code, gives its possessor the entire hacking capacity of the CIA. The archive appears to have been circulated among former U.S. government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive.
“Year Zero” introduces the scope and direction of the CIA’s global covert hacking program, its malware arsenal and dozens of “zero day” weaponized exploits against a wide range of U.S. and European company products, include Apple’s iPhone, Google’s Android and Microsoft’s Windows and even Samsung TVs, which are turned into covert microphones.
Since 2001 the CIA has gained political and budgetary preeminence over the U.S. National Security Agency (NSA). The CIA found itself building not just its now infamous drone fleet, but a very different type of covert, globe-spanning force — its own substantial fleet of hackers. The agency’s hacking division freed it from having to disclose its often controversial operations to the NSA (its primary bureaucratic rival) in order to draw on the NSA’s hacking capacities.
By the end of 2016, the CIA’s hacking division, which formally falls under the agency’s Center for Cyber Intelligence (CCI), had over 5000 registered users and had produced more than a thousand hacking systems, trojans, viruses, and other “weaponized” malware. Such is the scale of the CIA’s undertaking that by 2016, its hackers had utilized more code than that used to run Facebook. The CIA had created, in effect, its “own NSA” with even less accountability and without publicly answering the question as to whether such a massive budgetary spend on duplicating the capacities of a rival agency could be justified.
In a statement to WikiLeaks the source details policy questions that they say urgently need to be debated in public, including whether the CIA’s hacking capabilities exceed its mandated powers and the problem of public oversight of the agency. The source wishes to initiate a public debate about the security, creation, use, proliferation and democratic control of cyberweapons.
Once a single cyber ‘weapon’ is ‘loose’ it can spread around the world in seconds, to be used by rival states, cyber mafia and teenage hackers alike.
Julian Assange, WikiLeaks editor stated that “There is an extreme proliferation risk in the development of cyber ‘weapons’. Comparisons can be drawn between the uncontrolled proliferation of such ‘weapons’, which results from the inability to contain them combined with their high market value, and the global arms trade. But the significance of “Year Zero” goes well beyond the choice between cyberwar and cyberpeace. The disclosure is also exceptional from a political, legal and forensic perspective.”
Wikileaks has carefully reviewed the “Year Zero” disclosure and published substantive CIA documentation while avoiding the distribution of ‘armed’ cyberweapons until a consensus emerges on the technical and political nature of the CIA’s program and how such ‘weapons’ should analyzed, disarmed and published.
Wikileaks has also decided to redact and anonymise some identifying information in “Year Zero” for in depth analysis. These redactions include ten of thousands of CIA targets and attack machines throughout Latin America, Europe and the United States. While we are aware of the imperfect results of any approach chosen, we remain committed to our publishing model and note that the quantity of published pages in “Vault 7” part one (“Year Zero”) already eclipses the total number of pages published over the first three years of the Edward Snowden NSA leaks.
Analysis
CIA malware targets iPhone, Android, smart TVs
CIA malware and hacking tools are built by EDG (Engineering Development Group), a software development group within CCI (Center for Cyber Intelligence), a department belonging to the CIA’s DDI (Directorate for Digital Innovation). The DDI is one of the five major directorates of the CIA (see this organizational chart of the CIA for more details).
The EDG is responsible for the development, testing and operational support of all backdoors, exploits, malicious payloads, trojans, viruses and any other kind of malware used by the CIA in its covert operations world-wide.
The increasing sophistication of surveillance techniques has drawn comparisons with George Orwell’s 1984, but “Weeping Angel”, developed by the CIA’s Embedded Devices Branch (EDB), which infests smart TVs, transforming them into covert microphones, is surely its most emblematic realization.
The attack against Samsung smart TVs was developed in cooperation with the United Kingdom’s MI5/BTSS. After infestation, Weeping Angel places the target TV in a ‘Fake-Off’ mode, so that the owner falsely believes the TV is off when it is on. In ‘Fake-Off’ mode the TV operates as a bug, recording conversations in the room and sending them over the Internet to a covert CIA server.
As of October 2014 the CIA was also looking at infecting the vehicle control systems used by modern cars and trucks. The purpose of such control is not specified, but it would permit the CIA to engage in nearly undetectable assassinations.
The CIA’s Mobile Devices Branch (MDB) developed numerous attacks to remotely hack and control popular smart phones. Infected phones can be instructed to send the CIA the user’s geolocation, audio and text communications as well as covertly activate the phone’s camera and microphone.
Despite iPhone’s minority share (14.5%) of the global smart phone market in 2016, a specialized unit in the CIA’s Mobile Development Branch produces malware to infest, control and exfiltrate data from iPhones and other Apple products running iOS, such as iPads. CIA’s arsenal includes numerous local and remote “zero days” developed by CIA or obtained from GCHQ, NSA, FBI or purchased from cyber arms contractors such as Baitshop. The disproportionate focus on iOS may be explained by the popularity of the iPhone among social, political, diplomatic and business elites.
A similar unit targets Google’s Android which is used to run the majority of the world’s smart phones (~85%) including Samsung, HTC and Sony. 1.15 billion Android powered phones were sold last year. “Year Zero” shows that as of 2016 the CIA had 24 “weaponized” Android “zero days” which it has developed itself and obtained from GCHQ, NSA and cyber arms contractors.
These techniques permit the CIA to bypass the encryption of WhatsApp, Signal, Telegram, Wiebo, Confide and Cloackman by hacking the “smart” phones that they run on and collecting audio and message traffic before encryption is applied.
CIA malware targets Windows, OSx, Linux, routers
The CIA also runs a very substantial effort to infect and control Microsoft Windows users with its malware. This includes multiple local and remote weaponized “zero days”, air gap jumping viruses such as “Hammer Drill” which infects software distributed on CD/DVDs, infectors for removable media such as USBs, systems to hide data in images or in covert disk areas ( “Brutal Kangaroo”) and to keep its malware infestations going.
Many of these infection efforts are pulled together by the CIA’s Automated Implant Branch (AIB), which has developed several attack systems for automated infestation and control of CIA malware, such as “Assassin” and “Medusa”.
Attacks against Internet infrastructure and webservers are developed by the CIA’s Network Devices Branch (NDB).
The CIA has developed automated multi-platform malware attack and control systems covering Windows, Mac OS X, Solaris, Linux and more, such as EDB’s “HIVE” and the related “Cutthroat” and “Swindle” tools, which are described in the examples section below.
CIA ‘hoarded’ vulnerabilities (“zero days”)
In the wake of Edward Snowden’s leaks about the NSA, the U.S. technology industry secured a commitment from the Obama administration that the executive would disclose on an ongoing basis — rather than hoard — serious vulnerabilities, exploits, bugs or “zero days” to Apple, Google, Microsoft, and other US-based manufacturers.
Serious vulnerabilities not disclosed to the manufacturers places huge swathes of the population and critical infrastructure at risk to foreign intelligence or cyber criminals who independently discover or hear rumors of the vulnerability. If the CIA can discover such vulnerabilities so can others.
The U.S. government’s commitment to the Vulnerabilities Equities Process came after significant lobbying by US technology companies, who risk losing their share of the global market over real and perceived hidden vulnerabilities. The government stated that it would disclose all pervasive vulnerabilities discovered after 2010 on an ongoing basis.
“Year Zero” documents show that the CIA breached the Obama administration’s commitments. Many of the vulnerabilities used in the CIA’s cyber arsenal are pervasive and some may already have been found by rival intelligence agencies or cyber criminals.
As an example, specific CIA malware revealed in “Year Zero” is able to penetrate, infest and control both the Android phone and iPhone software that runs or has run presidential Twitter accounts. The CIA attacks this software by using undisclosed security vulnerabilities (“zero days”) possessed by the CIA but if the CIA can hack these phones then so can everyone else who has obtained or discovered the vulnerability. As long as the CIA keeps these vulnerabilities concealed from Apple and Google (who make the phones) they will not be fixed, and the phones will remain hackable.
The same vulnerabilities exist for the population at large, including the U.S. Cabinet, Congress, top CEOs, system administrators, security officers and engineers. By hiding these security flaws from manufacturers like Apple and Google the CIA ensures that it can hack everyone &mdsh; at the expense of leaving everyone hackable.
‘Cyberwar’ programs are a serious proliferation risk
Cyber ‘weapons’ are not possible to keep under effective control.
While nuclear proliferation has been restrained by the enormous costs and visible infrastructure involved in assembling enough fissile material to produce a critical nuclear mass, cyber ‘weapons’, once developed, are very hard to retain.
Cyber ‘weapons’ are in fact just computer programs which can be pirated like any other. Since they are entirely comprised of information they can be copied quickly with no marginal cost.
Securing such ‘weapons’ is particularly difficult since the same people who develop and use them have the skills to exfiltrate copies without leaving traces — sometimes by using the very same ‘weapons’ against the organizations that contain them. There are substantial price incentives for government hackers and consultants to obtain copies since there is a global “vulnerability market” that will pay hundreds of thousands to millions of dollars for copies of such ‘weapons’. Similarly, contractors and companies who obtain such ‘weapons’ sometimes use them for their own purposes, obtaining advantage over their competitors in selling ‘hacking’ services.
Over the last three years the United States intelligence sector, which consists of government agencies such as the CIA and NSA and their contractors, such as Booz Allan Hamilton, has been subject to unprecedented series of data exfiltrations by its own workers.
A number of intelligence community members not yet publicly named have been arrested or subject to federal criminal investigations in separate incidents.
Most visibly, on February 8, 2017 a U.S. federal grand jury indicted Harold T. Martin III with 20 counts of mishandling classified information. The Department of Justice alleged that it seized some 50,000 gigabytes of information from Harold T. Martin III that he had obtained from classified programs at NSA and CIA, including the source code for numerous hacking tools.
Once a single cyber ‘weapon’ is ‘loose’ it can spread around the world in seconds, to be used by peer states, cyber mafia and teenage hackers alike.
U.S. Consulate in Frankfurt is a covert CIA hacker base
In addition to its operations in Langley, Virginia the CIA also uses the U.S. consulate in Frankfurt as a covert base for its hackers covering Europe, the Middle East and Africa.
CIA hackers operating out of the Frankfurt consulate ( “Center for Cyber Intelligence Europe” or CCIE) are given diplomatic (“black”) passports and State Department cover. The instructions for incoming CIA hackers make Germany’s counter-intelligence efforts appear inconsequential: “Breeze through German Customs because you have your cover-for-action story down pat, and all they did was stamp your passport”
Your Cover Story (for this trip)
Q: Why are you here?
A: Supporting technical consultations at the Consulate.
Two earlier WikiLeaks publications give further detail on CIA approaches to customs and secondary screening procedures.
Once in Frankfurt CIA hackers can travel without further border checks to the 25 European countries that are part of the Shengen open border area — including France, Italy and Switzerland.
A number of the CIA’s electronic attack methods are designed for physical proximity. These attack methods are able to penetrate high security networks that are disconnected from the internet, such as police record database. In these cases, a CIA officer, agent or allied intelligence officer acting under instructions, physically infiltrates the targeted workplace. The attacker is provided with a USB containing malware developed for the CIA for this purpose, which is inserted into the targeted computer. The attacker then infects and exfiltrates data to removable media. For example, the CIA attack system Fine Dining, provides 24 decoy applications for CIA spies to use. To witnesses, the spy appears to be running a program showing videos (e.g VLC), presenting slides (Prezi), playing a computer game (Breakout2, 2048) or even running a fake virus scanner (Kaspersky, McAfee, Sophos). But while the decoy application is on the screen, the underlaying system is automatically infected and ransacked.
How the CIA dramatically increased proliferation risks
In what is surely one of the most astounding intelligence own goals in living memory, the CIA structured its classification regime such that for the most market valuable part of “Vault 7” — the CIA’s weaponized malware (implants + zero days), Listening Posts (LP), and Command and Control (C2) systems — the agency has little legal recourse.
The CIA made these systems unclassified.
Why the CIA chose to make its cyberarsenal unclassified reveals how concepts developed for military use do not easily crossover to the ‘battlefield’ of cyber ‘war’.
To attack its targets, the CIA usually requires that its implants communicate with their control programs over the internet. If CIA implants, Command & Control and Listening Post software were classified, then CIA officers could be prosecuted or dismissed for violating rules that prohibit placing classified information onto the Internet. Consequently the CIA has secretly made most of its cyber spying/war code unclassified. The U.S. government is not able to assert copyright either, due to restrictions in the U.S. Constitution. This means that cyber ‘arms’ manufactures and computer hackers can freely “pirate” these ‘weapons’ if they are obtained. The CIA has primarily had to rely on obfuscation to protect its malware secrets.
Conventional weapons such as missiles may be fired at the enemy (i.e into an unsecured area). Proximity to or impact with the target detonates the ordnance including its classified parts. Hence military personnel do not violate classification rules by firing ordnance with classified parts. Ordnance will likely explode. If it does not, that is not the operator’s intent.
Over the last decade U.S. hacking operations have been increasingly dressed up in military jargon to tap into Department of Defense funding streams. For instance, attempted “malware injections” (commercial jargon) or “implant drops” (NSA jargon) are being called “fires” as if a weapon was being fired. However the analogy is questionable.
Unlike bullets, bombs or missiles, most CIA malware is designed to live for days or even years after it has reached its ‘target’. CIA malware does not “explode on impact” but rather permanently infests its target. In order to infect target’s device, copies of the malware must be placed on the target’s devices, giving physical possession of the malware to the target. To exfiltrate data back to the CIA or to await further instructions the malware must communicate with CIA Command & Control (C2) systems placed on internet connected servers. But such servers are typically not approved to hold classified information, so CIA command and control systems are also made unclassified.
A successful ‘attack’ on a target’s computer system is more like a series of complex stock maneuvers in a hostile take-over bid or the careful planting of rumors in order to gain control over an organization’s leadership rather than the firing of a weapons system. If there is a military analogy to be made, the infestation of a target is perhaps akin to the execution of a whole series of military maneuvers against the target’s territory including observation, infiltration, occupation and exploitation.
Evading forensics and anti-virus
A series of standards lay out CIA malware infestation patterns which are likely to assist forensic crime scene investigators as well as Apple, Microsoft, Google, Samsung, Nokia, Blackberry, Siemens and anti-virus companies attribute and defend against attacks.
“Tradecraft DO’s and DON’Ts” contains CIA rules on how its malware should be written to avoid fingerprints implicating the “CIA, US government, or its witting partner companies” in “forensic review”. Similar secret standards cover the use of encryption to hide CIA hacker and malware communication (pdf), describing targets & exfiltrated data (pdf) as well as executing payloads (pdf) and persisting (pdf) in the target’s machines over time.
CIA hackers developed successful attacks against most well known anti-virus programs. These are documented in AV defeats, Personal Security Products, Detecting and defeating PSPs and PSP/Debugger/RE Avoidance. For example, Comodo was defeated by CIA malware placing itself in the Window’s “Recycle Bin”. While Comodo 6.x has a “Gaping Hole of DOOM”.
CIA hackers discussed what the NSA’s “Equation Group” hackers did wrong and how the CIA’s malware makers could avoid similar exposure.
Examples
The CIA’s Engineering Development Group (EDG) management system contains around 500 different projects (only some of which are documented by “Year Zero”) each with their own sub-projects, malware and hacker tools.
The majority of these projects relate to tools that are used for penetration, infestation (“implanting”), control, and exfiltration.
Another branch of development focuses on the development and operation of Listening Posts (LP) and Command and Control (C2) systems used to communicate with and control CIA implants; special projects are used to target specific hardware from routers to smart TVs.
Some example projects are described below, but see the table of contents for the full list of projects described by WikiLeaks’ “Year Zero”.
UMBRAGE
The CIA’s hand crafted hacking techniques pose a problem for the agency. Each technique it has created forms a “fingerprint” that can be used by forensic investigators to attribute multiple different attacks to the same entity.
This is analogous to finding the same distinctive knife wound on multiple separate murder victims. The unique wounding style creates suspicion that a single murderer is responsible. As soon one murder in the set is solved then the other murders also find likely attribution.
The CIA’s Remote Devices Branch‘s UMBRAGE group collects and maintains a substantial library of attack techniques ‘stolen’ from malware produced in other states including the Russian Federation.
With UMBRAGE and related projects the CIA cannot only increase its total number of attack types but also misdirect attribution by leaving behind the “fingerprints” of the groups that the attack techniques were stolen from.
UMBRAGE components cover keyloggers, password collection, webcam capture, data destruction, persistence, privilege escalation, stealth, anti-virus (PSP) avoidance and survey techniques.
Fine Dining
Fine Dining comes with a standardized questionnaire i.e menu that CIA case officers fill out. The questionnaire is used by the agency’s OSB (Operational Support Branch) to transform the requests of case officers into technical requirements for hacking attacks (typically “exfiltrating” information from computer systems) for specific operations. The questionnaire allows the OSB to identify how to adapt existing tools for the operation, and communicate this to CIA malware configuration staff. The OSB functions as the interface between CIA operational staff and the relevant technical support staff.
Among the list of possible targets of the collection are ‘Asset’, ‘Liason Asset’, ‘System Administrator’, ‘Foreign Information Operations’, ‘Foreign Intelligence Agencies’ and ‘Foreign Government Entities’. Notably absent is any reference to extremists or transnational criminals. The ‘Case Officer’ is also asked to specify the environment of the target like the type of computer, operating system used, Internet connectivity and installed anti-virus utilities (PSPs) as well as a list of file types to be exfiltrated like Office documents, audio, video, images or custom file types. The ‘menu’ also asks for information if recurring access to the target is possible and how long unobserved access to the computer can be maintained. This information is used by the CIA’s ‘JQJIMPROVISE’ software (see below) to configure a set of CIA malware suited to the specific needs of an operation.
Improvise (JQJIMPROVISE)
‘Improvise’ is a toolset for configuration, post-processing, payload setup and execution vector selection for survey/exfiltration tools supporting all major operating systems like Windows (Bartender), MacOS (JukeBox) and Linux (DanceFloor). Its configuration utilities like Margarita allows the NOC (Network Operation Center) to customize tools based on requirements from ‘Fine Dining’ questionairies.
HIVE
HIVE is a multi-platform CIA malware suite and its associated control software. The project provides customizable implants for Windows, Solaris, MikroTik (used in internet routers) and Linux platforms and a Listening Post (LP)/Command and Control (C2) infrastructure to communicate with these implants.
The implants are configured to communicate via HTTPS with the webserver of a cover domain; each operation utilizing these implants has a separate cover domain and the infrastructure can handle any number of cover domains.
Each cover domain resolves to an IP address that is located at a commercial VPS (Virtual Private Server) provider. The public-facing server forwards all incoming traffic via a VPN to a ‘Blot’ server that handles actual connection requests from clients. It is setup for optional SSL client authentication: if a client sends a valid client certificate (only implants can do that), the connection is forwarded to the ‘Honeycomb’ toolserver that communicates with the implant; if a valid certificate is missing (which is the case if someone tries to open the cover domain website by accident), the traffic is forwarded to a cover server that delivers an unsuspicious looking website.
The Honeycomb toolserver receives exfiltrated information from the implant; an operator can also task the implant to execute jobs on the target computer, so the toolserver acts as a C2 (command and control) server for the implant.
Similar functionality (though limited to Windows) is provided by the RickBobby project.
See the classified user and developer guides for HIVE.
Frequently Asked Questions
Why now?
WikiLeaks published as soon as its verification and analysis were ready.
In Febuary the Trump administration has issued an Executive Order calling for a “Cyberwar” review to be prepared within 30 days.
While the review increases the timeliness and relevance of the publication it did not play a role in setting the publication date.
Redactions
Names, email addresses and external IP addresses have been redacted in the released pages (70,875 redactions in total) until further analysis is complete.
- Over-redaction: Some items may have been redacted that are not employees, contractors, targets or otherwise related to the agency, but are, for example, authors of documentation for otherwise public projects that are used by the agency.
- Identity vs. person: the redacted names are replaced by user IDs (numbers) to allow readers to assign multiple pages to a single author. Given the redaction process used a single person may be represented by more than one assigned identifier but no identifier refers to more than one real person.
- Archive attachments (zip, tar.gz, …) are replaced with a PDF listing all the file names in the archive. As the archive content is assessed it may be made available; until then the archive is redacted.
- Attachments with other binary content are replaced by a hex dump of the content to prevent accidental invocation of binaries that may have been infected with weaponized CIA malware. As the content is assessed it may be made available; until then the content is redacted.
- The tens of thousands of routable IP addresses references (including more than 22 thousand within the United States) that correspond to possible targets, CIA covert listening post servers, intermediary and test systems, are redacted for further exclusive investigation.
- Binary files of non-public origin are only available as dumps to prevent accidental invocation of CIA malware infected binaries.
Organizational Chart
The organizational chart corresponds to the material published by WikiLeaks so far.
Since the organizational structure of the CIA below the level of Directorates is not public, the placement of the EDG and its branches within the org chart of the agency is reconstructed from information contained in the documents released so far. It is intended to be used as a rough outline of the internal organization; please be aware that the reconstructed org chart is incomplete and that internal reorganizations occur frequently.
Wiki pages
“Year Zero” contains 7818 web pages with 943 attachments from the internal development groupware. The software used for this purpose is called Confluence, a proprietary software from Atlassian. Webpages in this system (like in Wikipedia) have a version history that can provide interesting insights on how a document evolved over time; the 7818 documents include these page histories for 1136 latest versions.
The order of named pages within each level is determined by date (oldest first). Page content is not present if it was originally dynamically created by the Confluence software (as indicated on the re-constructed page).
What time period is covered?
The years 2013 to 2016. The sort order of the pages within each level is determined by date (oldest first).
WikiLeaks has obtained the CIA’s creation/last modification date for each page but these do not yet appear for technical reasons. Usually the date can be discerned or approximated from the content and the page order. If it is critical to know the exact time/date contact WikiLeaks.
What is “Vault 7”
“Vault 7” is a substantial collection of material about CIA activities obtained by WikiLeaks.
When was each part of “Vault 7” obtained?
Part one was obtained recently and covers through 2016. Details on the other parts will be available at the time of publication.
Is each part of “Vault 7” from a different source?
Details on the other parts will be available at the time of publication.
What is the total size of “Vault 7”?
The series is the largest intelligence publication in history.
How did WikiLeaks obtain each part of “Vault 7”?
Sources trust WikiLeaks to not reveal information that might help identify them.
Isn’t WikiLeaks worried that the CIA will act against its staff to stop the series?
No. That would be certainly counter-productive.
Has WikiLeaks already ‘mined’ all the best stories?
No. WikiLeaks has intentionally not written up hundreds of impactful stories to encourage others to find them and so create expertise in the area for subsequent parts in the series. They’re there. Look. Those who demonstrate journalistic excellence may be considered for early access to future parts.
Won’t other journalists find all the best stories before me?
Unlikely. There are very considerably more stories than there are journalists or academics who are in a position to write them.
Evidence points to another Snowden at the NSA
By James Bamford
Source: Reuters
In the summer of 1972, state-of-the-art campaign spying consisted of amateur burglars, armed with duct tape and microphones, penetrating the headquarters of the Democratic National Committee. Today, amateur burglars have been replaced by cyberspies, who penetrated the DNC armed with computers and sophisticated hacking tools.
Where the Watergate burglars came away empty-handed and in handcuffs, the modern- day cyber thieves walked away with tens of thousands of sensitive political documents and are still unidentified.
Now, in the latest twist, hacking tools themselves, likely stolen from the National Security Agency, are on the digital auction block. Once again, the usual suspects start with Russia – though there seems little evidence backing up the accusation.
In addition, if Russia had stolen the hacking tools, it would be senseless to publicize the theft, let alone put them up for sale. It would be like a safecracker stealing the combination to a bank vault and putting it on Facebook. Once revealed, companies and governments would patch their firewalls, just as the bank would change its combination.
A more logical explanation could also be insider theft. If that’s the case, it’s one more reason to question the usefulness of an agency that secretly collects private information on millions of Americans but can’t keep its most valuable data from being stolen, or as it appears in this case, being used against us.
In what appeared more like a Saturday Night Live skit than an act of cybercrime, a group calling itself the Shadow Brokers put up for bid on the Internet what it called a “full state-sponsored toolset” of “cyberweapons.” “!!! Attention government sponsors of cyberwarfare and those who profit from it !!!! How much would you pay for enemies cyberweapons?” said the announcement.
The group said it was releasing some NSA files for “free” and promised “better” ones to the highest bidder. However, those with loosing bids “Lose Lose,” it said, because they would not receive their money back. And should the total sum of the bids, in bitcoins, reach the equivalent of half a billion dollars, the group would make the whole lot public.
While the “auction” seemed tongue in cheek, more like hacktivists than Russian high command, the sample documents were almost certainly real. The draft of a top-secret NSA manual for implanting offensive malware, released by Edward Snowden, contains code for a program codenamed SECONDDATE. That same 16-character string of numbers and characters is in the code released by the Shadow Brokers. The details from the manual were first released by The Intercept last Friday.
The authenticity of the NSA hacking tools were also confirmed by several ex-NSA officials who spoke to the media, including former members of the agency’s Tailored Access Operations (TAO) unit, the home of hacking specialists.
“Without a doubt, they’re the keys to the kingdom,” one former TAO employee told the Washington Post. “The stuff you’re talking about would undermine the security of a lot of major government and corporate networks both here and abroad.” Another added, “From what I saw, there was no doubt in my mind that it was legitimate.”
Like a bank robber’s tool kit for breaking into a vault, cyber exploitation tools, with codenames like EPICBANANA and BUZZDIRECTION, are designed to break into computer systems and networks. Just as the bank robber hopes to find a crack in the vault that has never been discovered, hackers search for digital cracks, or “exploits,” in computer programs like Windows.
The most valuable are “zero day” exploits, meaning there have been zero days since Windows has discovered the “crack” in their programs. Through this crack, the hacker would be able to get into a system and exploit it, by stealing information, until the breach is eventually discovered and patched. According to the former NSA officials who viewed the Shadow Broker files, they contained a number of exploits, including zero-day exploits that the NSA often pays thousands of dollars for to private hacking groups.
The reasons given for laying the blame on Russia appear less convincing, however. “This is probably some Russian mind game, down to the bogus accent,” James A. Lewis, a computer expert at the Center for Strategic and International Studies, a Washington think tank, told the New York Times. Why the Russians would engage in such a mind game, he never explained.
Rather than the NSA hacking tools being snatched as a result of a sophisticated cyber operation by Russia or some other nation, it seems more likely that an employee stole them. Experts who have analyzed the files suspect that they date to October 2013, five months after Edward Snowden left his contractor position with the NSA and fled to Hong Kong carrying flash drives containing hundreds of thousands of pages of NSA documents.
So, if Snowden could not have stolen the hacking tools, there are indications that after he departed in May 2013, someone else did, possibly someone assigned to the agency’s highly sensitive Tailored Access Operations.
In December 2013, another highly secret NSA document quietly became public. It was a top secret TAO catalog of NSA hacking tools. Known as the Advanced Network Technology (ANT) catalog, it consisted of 50 pages of extensive pictures, diagrams and descriptions of tools for every kind of hack, mostly targeted at devices manufactured by U.S. companies, including Apple, Cisco, Dell and many others.
Like the hacking tools, the catalog used similar codenames. Among the tools targeting Apple was one codenamed DROPOUTJEEP, which gives NSA total control of iPhones. “A software implant for the Apple iPhone,” says the ANT catalog, “includes the ability to remotely push/pull files from the device. SMS retrieval, contact-list retrieval, voicemail, geolocation, hot mic, camera capture, cell-tower location, etc.”
Another, codenamed IRATEMONK, is, “Technology that can infiltrate the firmware of hard drives manufactured by Maxtor, Samsung, Seagate and Western Digital.”
In 2014, I spent three days in Moscow with Snowden for a magazine assignment and a PBS documentary. During our on-the-record conversations, he would not talk about the ANT catalog, perhaps not wanting to bring attention to another possible NSA whistleblower.
I was, however, given unrestricted access to his cache of documents. These included both the entire British, or GCHQ, files and the entire NSA files.
But going through this archive using a sophisticated digital search tool, I could not find a single reference to the ANT catalog. This confirmed for me that it had likely been released by a second leaker. And if that person could have downloaded and removed the catalog of hacking tools, it’s also likely he or she could have also downloaded and removed the digital tools now being leaked.
In fact, a number of the same hacking implants and tools released by the Shadow Brokers are also in the ANT catalog, including those with codenames BANANAGLEE and JETPLOW. These can be used to create “a persistent back-door capability” into widely used Cisco firewalls, says the catalog.
Consisting of about 300 megabytes of code, the tools could easily and quickly be transferred to a flash drive. But unlike the catalog, the tools themselves – thousands of ones and zeros – would have been useless if leaked to a publication. This could be one reason why they have not emerged until now.
Enter WikiLeaks. Just two days after the first Shadow Brokers message, Julian Assange, the founder of WikiLeaks, sent out a Twitter message. “We had already obtained the archive of NSA cyberweapons released earlier today,” Assange wrote, “and will release our own pristine copy in due course.”
The month before, Assange was responsible for releasing the tens of thousands of hacked DNC emails that led to the resignation of the four top committee officials.
There also seems to be a link between Assange and the leaker who stole the ANT catalog, and the possible hacking tools. Among Assange’s close associates is Jacob Appelbaum, a celebrated hacktivist and the only publicly known WikiLeaks staffer in the United States – until he moved to Berlin in 2013 in what he called a “political exile” because of what he said was repeated harassment by U.S. law enforcement personnel. In 2010, a Rolling Stone magazine profile labeled him “the most dangerous man in cyberspace.”
In December 2013, Appelbaum was the first person to reveal the existence of the ANT catalog, at a conference in Berlin, without identifying the source. That same month he said he suspected the U.S. government of breaking into his Berlin apartment. He also co-wrote an article about the catalog in Der Spiegel. But again, he never named a source, which led many to assume, mistakenly, that it was Snowden.
In addition to WikiLeaks, for years Appelbaum worked for Tor, an organization focused on providing its customers anonymity on the Internet. But last May, he stepped down as a result of “serious, public allegations of sexual mistreatment” made by unnamed victims, according to a statement put out by Tor. Appelbaum has denied the charges.
Shortly thereafter, he turned his attention to Hillary Clinton. At a screening of a documentary about Assange in Cannes, France, Appelbaum accused her of having a grudge against him and Assange, and that if she were elected president, she would make their lives difficult. “It’s a situation that will possibly get worse” if she is elected to the White House, he said, according to Yahoo News.
It was only a few months later that Assange released the 20,000 DNC emails. Intelligence agencies have again pointed the finger at Russia for hacking into these emails.
Yet there has been no explanation as to how Assange obtained them. He told NBC News, “There is no proof whatsoever” that he obtained the emails from Russian intelligence. Moscow has also denied involvement.
There are, of course, many sophisticated hackers in Russia, some with close government ties and some without. And planting false and misleading indicators in messages is an old trick. Now Assange has promised to release many more emails before the election, while apparently ignoring email involving Trump. (Trump opposition research was also stolen.)
In hacktivist style, and in what appears to be phony broken English, this new release of cyberweapons also seems to be targeting Clinton. It ends with a long and angry “final message” against “Wealthy Elites . . . breaking laws” but “Elites top friends announce, no law broken, no crime commit[ed]. . . Then Elites run for president. Why run for president when already control country like dictatorship?”
Then after what they call the “fun Cyber Weapons Auction” comes the real message, a serious threat. “We want make sure Wealthy Elite recognizes the danger [of] cyberweapons. Let us spell out for Elites. Your wealth and control depends on electronic data.” Now, they warned, they have control of the NSA’s cyber hacking tools that can take that wealth away. “You see attacks on banks and SWIFT [a worldwide network for financial services] in news. If electronic data go bye-bye where leave Wealthy Elites? Maybe with dumb cattle?”
Snowden’s leaks served a public good. He alerted Americans to illegal eavesdropping on their telephone records and other privacy violations, and Congress changed the law as a result. The DNC leaks exposed corrupt policies within the Democratic Party.
But we now have entered a period many have warned about, when NSA’s cyber weapons could be stolen like loose nukes and used against us. It opens the door to criminal hackers, cyber anarchists and hostile foreign governments that can use the tools to gain access to thousands of computers in order to steal data, plant malware and cause chaos.
It’s one more reason why NSA may prove to be one of Washington’s greatest liabilities rather than assets.
Hillary Clinton’s Damning Emails
By Ray McGovern
Source: Consortium News
A few weeks after leaving office, former Secretary of State Hillary Clinton may have breathed a sigh of relief and reassurance when Director of National Intelligence James Clapper denied reports of the National Security Agency eavesdropping on Americans. After all, Clinton had been handling official business at the State Department like many Americans do with their personal business, on an unsecured server.
In sworn testimony before the Senate Intelligence Committee on March 12, 2013, Clapper said the NSA was not collecting, wittingly, “any type of data at all on millions or hundreds of millions of Americans,” which presumably would have covered Clinton’s unsecured emails.
But NSA contractor Edward Snowden’s revelations — starting on June 5, 2013 — gave the lie to Clapper’s testimony, which Clapper then retracted on June 21 – coincidentally, Snowden’s 30th birthday – when Clapper sent a letter to the Senators to whom he had, well, lied. Clapper admitted his “response was clearly erroneous – for which I apologize.” (On the chance you are wondering what became of Clapper, he is still DNI.)
I would guess that Clapper’s confession may have come as a shock to then ex-Secretary Clinton, as she became aware that her own emails might be among the trillions of communications that NSA was vacuuming up. Nevertheless, she found Snowden’s truth-telling a safer target for her fury than Clapper’s dishonesty and NSA’s dragnet.
In April 2014, Clinton suggested that Snowden had helped terrorists by giving “all kinds of information, not only to big countries, but to networks and terrorist groups and the like.” Clinton was particularly hard on Snowden for going to China (Hong Kong) and Russia to escape a vengeful prosecution by the U.S. government.
Clinton even explained what extraordinary lengths she and her people went to in safeguarding government secrets: “When I would go to China or would go to Russia, we would leave all my electronic equipment on the plane with the batteries out, because … they’re trying to find out not just about what we do in our government, they’re … going after the personal emails of people who worked in the State Department.” Yes, she said that. (emphasis added)
Hoisted on Her Own Petard
Alas, nearly a year later, in March 2015, it became known that during her tenure as Secretary of State she had not been as diligent as she led the American people to believe. She had used a private server for official communications, rather than the usual official State Department email accounts maintained on federal servers. Thousands of those emails would retroactively be marked classified – some at the TOP SECRET/Codeword level – by the department.
During an interview last September, Snowden was asked to respond to the revelations about highly classified material showing up on Clinton’s personal server: “When the unclassified systems of the United States government, which has a full-time information security staff, regularly gets hacked, the idea that someone keeping a private server in the renovated bathroom of a server farm in Colorado is more secure is completely ridiculous.”
Asked if Clinton “intentionally endangered US international security by being so careless with her email,” Snowden said it was not his place to say. Nor, it would seem, is it President Barack Obama’s place to say, especially considering that the FBI is actively investigating Clinton’s security breach. But Obama has said it anyway.
“She would never intentionally put America in any kind of jeopardy,” the President said on April 10. In the same interview, Obama told Chris Wallace, “I guarantee that there is no political influence in any investigation conducted by the Justice Department, or the FBI – not just in this case, but in any case. Full stop. Period.”
But, although a former professor of Constitutional law, the President sports a checkered history when it comes to prejudicing investigations and even trials, conducted by those ultimately reporting to him. For example, more than two years before Bradley (Chelsea) Manning was brought to trial, the President stated publicly: “We are a nation of laws. We don’t let individuals make decisions about how the law operates. He [Bradley Manning] broke the law!”
Not surprisingly, the ensuing court martial found Manning guilty, just as the Commander in Chief had predicted. Though Manning’s purpose in disclosing mostly low-level classified information was to alert the American public about war crimes and other abuses by the U.S. government, Manning was sentenced to 35 years in prison.
On March 9, when presidential candidate Clinton was asked, impertinently during a debate, whether she would withdraw from the race if she were indicted for her cavalier handling of government secrets, she offered her own certain prediction: “Oh, for goodness sake! It’s not going to happen. I’m not even answering that question.”
Prosecutorial Double Standards
Merited or not, there is, sadly, some precedent for Clinton’s supreme confidence. Retired General and ex-CIA Director David Petraeus, after all, lied to the FBI (a felony for “lesser” folks) about giving his mistress/biographer highly classified information and got off with a slap on the wrist, a misdemeanor fine and probation, no jail time – a deal that Obama’s first Attorney General Eric Holder did on his way out the door.
We are likely to learn shortly whether Attorney General Loretta Lynch is as malleable as Holder or whether she will allow FBI Director James Comey, who held his nose in letting Petraeus cop a plea, to conduct an unfettered investigation this time – or simply whether Comey will be compelled to enforce Clinton’s assurance that “it’s not going to happen.”
Last week, Fox News TV legal commentator Andrew Napolitano said the FBI is in the final stages of its investigation into Clinton and her private email server. His sources tell him that “the evidence of her guilt is overwhelming,” and that the FBI has enough evidence to indict and convict.
Whether Napolitano has it right or not, it seems likely that Clinton is reading President Obama correctly – no profile in courage is he. Nor is Obama likely to kill the political fortunes of the now presumptive Democratic presidential nominee. Yet, if he orders Lynch and Comey not to hold Hillary Clinton accountable for what – in my opinion and that of most other veteran intelligence officials whom I’ve consulted – amounts to at least criminal negligence, another noxious precedent will be set.
Knowing Too Much
This time, however, the equities and interests of the powerful, secretive NSA, as well as the FBI and Justice, are deeply involved. And by now all of them know “where the bodies are buried,” as the smart folks inside the Beltway like to say. So the question becomes would a future President Hillary Clinton have total freedom of maneuver if she were beholden to those all well aware of her past infractions and the harm they have done to this country.
One very important, though as yet unmentioned, question is whether security lapses involving Clinton and her emails contributed to what Clinton has deemed her worst moment as Secretary of State, the killing of Ambassador Christopher Stevens and three other U.S. personnel at the lightly guarded U.S. “mission” (a very small, idiosyncratic, consulate-type complex not performing any consular affairs) in Benghazi, Libya, on Sept. 11, 2012.
Somehow the terrorists who mounted the assault were aware of the absence of meaningful security at the facility, though obviously there were other means for them to have made that determination, including the State Department’s reliance on unreliable local militias who might well have shared that inside information with the attackers.
However, if there is any indication that Clinton’s belatedly classified emails contained information about internal State Department discussions regarding the consulate’s security shortcomings, questions may be raised about whether that information was somehow compromised by a foreign intelligence agency and shared with the attackers.
We know that State Department bureaucrats under Secretary Clinton overruled repeated requests for additional security in Benghazi. We also know that Clinton disregarded NSA’s repeated warnings against the use of unencrypted communications. One of NSA’s core missions, after all, is to create and maintain secure communications for military, diplomatic, and other government users.
Clinton’s flouting of the rules, in NSA’s face, would have created additional incentive for NSA to keep an especially close watch on her emails and telephone calls. The NSA also might know whether some intelligence service successfully hacked into Clinton’s server, but there’s no reason to think that the NSA would share that sort of information with the FBI, given the NSA’s history of not sharing its data with other federal agencies even when doing so makes sense.
The NSA arrogates to itself the prerogative of deciding what information to keep within NSA walls and what to share with the other intelligence and law enforcement agencies like the FBI. (One bitter consequence of this jealously guarded parochialism was the NSA’s failure to share very precise information that could have thwarted the attacks of 9/11, as former NSA insiders have revealed.)
It is altogether likely that Gen. Keith Alexander, head of NSA from 2005 to 2014, neglected to tell the Secretary of State of NSA’s “collect it all” dragnet collection that included the emails and telephone calls of Americans – including Clinton’s. This need not have been simply the result of Alexander’s pique at her disdain for communications security requirements, but rather mostly a consequence of NSA’s modus operandi.
With the mindset at NSA, one could readily argue that the Secretary of State – and perhaps the President himself – had no “need-to-know.” And, needless to say, the fewer briefed on the NSA’s flagrant disregard for Fourth Amendment protections against unreasonable searches and seizures the better.
So, if there is something incriminating – or at least politically damaging – in Clinton’s emails, it’s a safe bet that at least the NSA and maybe the FBI, as well, knows. And that could make life difficult for a Clinton-45 presidency. Inside the Beltway, we don’t say the word “blackmail,” but the potential will be there. The whole thing needs to be cleaned up now before the choices for the next President are locked in.
Ray McGovern works with Tell the Word, a publishing arm of the ecumenical Church of the Saviour in inner-city Washington. He served as a CIA analyst for 27 years, during which he prepared and briefed the morning President’s Daily Brief for Presidents Nixon, Ford, and Reagan.
25 Signs That The Global Elite’s Ship Is About To Sink
By Lance Schuttler
Source: The Mind Unleashed
Make no mistake about it. The tide has turned on the global elite and there will be no going back. A new day is rising for humanity as those who have planned for complete control are now being exposed, cornered and investigated from many different angles. There is no need to buy into the fear-based propaganda the major media and even several alternative media outlets dispense. Very good things are happening and even better things are coming. Let’s take a look at some of the major stories that have occurred in the last 8 weeks alone. Piecing the puzzle together, we see that the jig is up and the events surrounding it are growing in size and speed.
1. 57 Nations approved as founding members of the China-led Asian Infrastructure Investment Bank. Notable countries who signed on June 29th, 2015 include Russia, India, Iran, Switzerland, Germany, France, Saudi Arabia, Australia, Indonesia, the UK, Italy and Austria. Notables who did not join are the U.S. and Japan.
2. May 12th, 2015: Russia asks Greece to join the BRICS Alliance. Notice the BRICS trend in the stories to follow.
3. May 24th, 2015: The Pentagon released documents to Judicial Watch, a government watchdog law firm,
proving that the US Government played a central role in creating ISIL. Interestingly, the mainstream media failed to cover this story. A few weeks later, ex US Intelligence officials confirm the report.
4. May 31st, 2015: Greece’s Prime Minister Alexis Tsipras writes an open letter, warns European leaders they are “making a grave mistake,” and suggests they re-read Hemingways’s “For Whom The Bell Tolls.”
5. June 2nd, 2015: The U.S. Federal Government was hacked as the personal data of 4 million current, former and prospective employees believed to have been breached. 3 weeks later FBI Director James Comey told US Senators the actual number could be 18 million. Some believe the hack was coordinated to gather further evidence
of crimes by certain government officials. More on that further down.
6. June 2nd, 2015: Kentucky Senator Rand Paul calls for the U.S. Government to declassify 28 pages in the 9/11 attack report that the Bush Administration blacked out.
7. June 3rd, 2015: Famous musician Akon announces his Solar Academy will bring solar power to over 600 million people in Africa. A major victory for clean energy and humanity.
8. June 4th, 2015: Whistle-blower Edward Snowden says a “profound difference” had occurred since releasing the NSA documents and that the balance of power has shifted in our world. Is he referring to the BRICS Alliance?
9. June 5th, 2015: “There Will Be A Reset of The Financial Industry.” The International Monetary Fund says the Chinese yuan is no longer undervalued. This sets the stage for the yuan to be recognized as a global reserve currency, something the U.S. Dollar (which is backed by war and oil) does not like.
10. June 7, 2015: Deutsche Bank, one of the world’s largest banks, co-CEO’s Jain and Fitschen resign. Two days later, German prosecutors raided the Bank’s headquarters in a criminal tax-fraud probe.
11. June 15, 2015: China says the G-7 Summit in Germany was a “gathering of debtors.” They mean this literally as the Bretton Woods western financial system is based on debt. And in fact, the entire western financial system has been running illegally and is technically bankrupt. For more on the real history of Bretton Woods and its connection to JFK, The Global Collateral Accounts and the gold standard, read here.
12. June 17th, 2015 is quite the day with the next four stories all being reported at that time. First, JP Morgan’s number 2, the Vice Chairman Jimmy Lee, suddenly and unexpectedly passes over. Since late 2013, the list of high-level banking officials to have passed over has grown to 70. Clearly, something is happening.
13. June 17, 2015: Russia and China announced that all natural gas and crude oil sales between
the two countries will now be done in Chinese yuan( formerly the U.S. Dollar) and will be convertible into Russian Rubles. The U.S. Dollar hegemony is waning.
14. June 17, 2015: The State of Texas has signed a bill that calls for the repatriation of their gold from the Federal Government. When asked what would happen if the government tried to steal back the gold, State Representative Giovanni Capriglione said this: There is a motto in the office of almost every state legislator in Texas, and it’s a flag that we have [from the Texas Revolution], it’s below a cannon and what the motto says is, “Come and Take it.”
15. June 17, 2015: Greece’s Hellenic Parliament’s Debt Truth Committee released a report stating that the debt Greece “owes” is illegal, illegitimate and odious, according to international law. Further, they stated the IMF and ECB ( European Central Bank) having illegally and knowingly imposed these illegitimate debts upon Greece and other nations. A direct call out to the global banking cartel.
16. June 18th, 2015: Baron David de Rothschild has been indicted by a French court over financial fraud. French police have been ordered by the court to track down Baron. The Rothschild family has long been viewed as the family sitting atop the global financial ponzi scheme. Lawyer Antonio Flores told reporters, ” it’s a real breakthrough moment for everyone involved.”
17. June 18, 2015: In a 2-1 ruling, the 2nd Circuit U.S. Court of Appeals says Bush era officials can be held liable for detaining innocent people after the 9/11 attack. Will this lead to some major arrests?
18. June 19, 2015: While European leaders try to save face on the debt crisis, Greek PM Alexis Tsipras was in Russia and gave a speech at the St. Petersburg Economic Forum, stating that “the economic center of the planet has already shifted” and that new powers are playing an “important role on an economic and geopolitical level.” * Reread story header number 8…BRICS, anyone? Oh, and Greece and Russia signed a €2 billion gas pipeline deal that day too…a strategic economic and geopolitical game-changer.
19. July 5th, 2015: Greece votes “NO” to the creditors’ bailout offer. This is a massive stance for humanity that Greece just took against the banking elite. As of this writing, a “deal” has been reached but is expected to fall apart in the coming days. Kicking the can down the road does not solve the issue, but rather speeds up the revolution mindset of many frustrated Greek citizens. September/October is when many financial experts are saying that some fireworks are to be expected.
20. July 7th, 2015: The BRICS Bank officially opens for business.
21. July 8th, 2015: On this day, several strange events occurred. The NYSE was taken down for multiple hours, the Wall Street Journal was taken offline just after the stock exchange went down, United Airlines was forced to ground all of its flights nationwide due to computer “issues,” and 2,500 people losing power in Washington D.C. This whistle-blower journalist just wrote that his Pentagon sources said the Pentagon/BRICS Alliance took it down as a “dry run.”
22. July 7th, 2015: Backing up one day we see that the hacking group Anonymous tweeted this on the evening prior to the stock exchange hack: Wonder if tomorrow is going to be bad for Wall Street….we can only hope.
David Wilcock has previously written a detailed document stating that Anonymous is working with certain patriotic US Military forces to legally take down the banking elite.. This aligns nicely with what the whistle-blower journalist, Benjamin Fulford, just wrote this week about the Pentagon and BRICS Alliance in the previous story.
23. July 14th, 2015: Iran, China, Russia, France, Germany, the U.K. and the U.S. reach a historic deal on Iran’s nuclear program. Entire books could be written on the geopolitical, financial and technological implications of this move. There are also reports that the reality of this situation is that Iran has free energy technology and will be using this to help bring down the banking/political/oil industry elite. This would make sense as the strongest opponents to this deal have been Israel and its Prime Minister and several American politicians like the Bushes, Marco Rubio and Ted Cruz.
24. July 15th, 2015: Santa Cruz County votes to stop doing business with 5 major banks, including JP Morgan Chase, Barclays, Citigroup, Royal Bank of Scotland and UBS. Watch this set off a chain reaction in those who will follow suit.
25. Now: You are here on the planet at this time to make a wonderful contribution. Please continue playing your role for the benefit of us all.
It is clear that something big is happening. Use this information to move forward with optimism and hope. Share with your friends. Discuss with your friends. Continue to search and dig for the truth. Two people I strongly suggest the reader looking into are Benjamin Fulford, the whistleblower who was the Asia Pacific Bureau Chief for Forbes Magazine and is listed in stories number 21 and 22, and Neil Keenan, who is working with many well connected sources to open up the global collateral accounts. These accounts are what President Kennedy was assassinated over and are what the banking elite does not want the public to know exists. This revolution WILL NOT be televised.
Podcast Roundup
6/8: Hosts Mickey Huff and Peter Phillips discuss the ongoing situation in the Ukraine with Dr. Michael Parenti, Prof. Michel Chossudovsky, and former Congresswomen and Green Party Presidential candidate Cynthia McKinney on “the Project Censored Show”. All of them are contributors to a new book by Clarity Press edited by Stephen Lendman, “Flashpoint Ukraine: How the US Drive for Hegemony Risks WWIII.”
https://s3.amazonaws.com/Pcradiodos/Project+Censored+060614.mp3
6/9: On “the Progressive Commentary Hour”, host Gary Null interviews Dr. Andrew Wakefield, a gastroenterologist and academician specializing in inflammatory bowel disease and the measles-mumps-rubella vaccine or MMR. They discuss how the US government uses corporations and universities to support policies, silence top scientists, jeopardize public health and protect corporate profits.
6/10: On “the Higherside Chats”, Adam Gorightly and Vyzygoth joins host Greg Carlwood for a freewheeling but illuminating conversation about the suppressed history of the United States hidden beneath lies and disinformation most have been led to believe.
http://thehighersidechats.com/wp-content/uploads/2014/06/112-Vyzygoth.mp3
6/12: KMO talks with Vincent Horn of Buddhist Geeks on the lastest C-Realm podcast. They discuss the use of mindfulness techniques in technological society and its connection to DIY, Quanitifed Self and Maker movements. KMO wraps up with commentary on the nature of individualism and community.
http://www.c-realm.com/wp-content/uploads/418_Adaptive_Comtemplation.mp3
After the Crash 
