Friends, I think this deserves a new thread of its own. As Constance presciently warned us back in April, Draw your sword, things are about to get real. (https://projectavalon.net/forum4/showthread.php?110530-Draw-your-sword-things-are-about-to-get-real.) It has to be possible that what we've all lived through so far in 2020 is just the beginning.


http://www.youtube.com/watch?v=oe3y-OdNSsw

Friends, I think this deserves a new thread of its own. As Constance presciently warned us back in April, Draw your sword, things are about to get real. (https://projectavalon.net/forum4/showthread.php?110530-Draw-your-sword-things-are-about-to-get-real.) It has to be possible that what we've all lived through so far in 2020 is just the beginning.


http://www.youtube.com/watch?v=oe3y-OdNSsw

BANZAI, BANZAI, BANZAI...(With apologies to the citizens of Japan.)

Focusing on the past year only, it's been one assault after another: Covid-19 (impacting the world), election steal in the USA (impacting the world), cyber attacks on 300,000 or so governmental and corporate computer systems (impacting the world), to name the most prominent attacks only in this war in recent time. We, the world, are at war. A cyber war that has gone, or is going, hot and that will become conventional in the sense that it will not just be a war in cyber space. It cannot be, nor is it intended to be, confined to cyber space only.

Cui bono?

What we are witnessing is diabolically sinister and evil, to say the least. Draw your sword, yes. Draw your weapons; sword or otherwise, yes. Be and get prepared, yes.

No pun intended - really - I am a patient person. I am surprised, that so many people are not fed up with all of this crap.

But I suppose that so many people just don't get it.

The media constantly reports "the rise in cases" but we know that the tests are faulty. But people get stuck at the number of cases and ignore the small number of deaths. (And we have to consider how many of those deaths reported were really due to covid.)

Now they are saying that even if you get the vaccine, it doesn't change things - you still need to wear a mask and social distance, and do not travel.

So now they have to throw something else at us. We knew they were going to, but most of the sheeple didn't.

Even so, when is enough going to be enough? Probably never. I expect that the people will allow themselves to be led to "wherever" they want to lead them.


It really is sad and pathetic that so many people are sheeple.

I have very little patience left for them. And that makes me sad.


If I had enough money, I would buy a large island somewhere and call it Avalon Island - you would all be welcome. And also any of the sheeple that are willing to open their eyes a bit. Of course, if they didn't they wouldn't come in the first place. :)

I have no doubt this will play out if Trump does not hold the Office, however I believe he will. If he he does I'm sure they know the plan just like we do and have put an operation in place to protect the US. I worry more about the rest of the world.

Friends, I think this deserves a new thread of its own. As Constance presciently warned us back in April, Draw your sword, things are about to get real. (https://projectavalon.net/forum4/showthread.php?110530-Draw-your-sword-things-are-about-to-get-real.) It has to be possible that what we've all lived through so far in 2020 is just the beginning.


http://www.youtube.com/watch?v=oe3y-OdNSsw

BANZAI, BANZAI, BANZAI...(With apologies to the citizens of Japan.)

Focusing on the past year only, it's been one assault after another: Covid-19 (impacting the world), election steal in the USA (impacting the world), cyber attacks on 300,000 or so governmental and corporate computer systems (impacting the world), to name the most prominent attacks only in this war in recent time. We, the world, are at war. A cyber war that has gone, or is going, hot and that will become conventional in the sense that it will not just be a war in cyber space. It cannot be, nor is it intended to be, confined to cyber space only.

Cui bono?

What we are witnessing is diabolically sinister and evil, to say the least. Draw your sword, yes. Draw your weapons; sword or otherwise, yes. Be and get prepared, yes.

Speaking as an average person, who are we fighting? With a cyber war it could be anything and everything.

They can cut off the power and say it was the bad guy. Take the money from the bank, say it was the bad guy.

To what end? Are they going to come out with a new internet that is armoured and 100% protected? Of course - they will have the system that you will access with your chip that is in your arm - so no one can steal it. You will need to go to their terminal to access a secure server.

Better yet, you can get special access to their city inside their gates where you will be protected.

...I came up with this right off the cuff - imagine how well thought out their system will be. (sorry, I didn't intend to create a negative scenario, but it just seems so easy to lead people that want to be led.)

¤=[Post Update]=¤


I have no doubt this will play out if Trump does not hold the Office, however I believe he will. If he he does I'm sure they know the plan just like we do and have put an operation in place to protect the US. I worry more about the rest of the world.

That is the answer of course - and Trump and the people need to make it so that the rest of the world can follow them.

I used solarwinds: Orion for years in the army, depending on how it was configured this could have been very damaging, but I doubt it was overly bad... we don't generally give administrative access to "keep alive" monitors (the NOC (network operation center) will have a few TV's with Solarwinds up, and solarwinds just monitors to ensure that certain servers or services are "green") But it is possible, and the internal "mapping" that this would allow is arguably just as bad as all the hype surrounding this incident.




They can cut off the power and say it was the bad guy. Take the money from the bank, say it was the bad guy.



there's always a forensic "digital trail"... it's actually both hard to tell who did something and hard to find out (through legal avenues) but it's very easy to perform attribution when the blinders are taken off.

It's happening right now if you know where to look.... (https://www.zerohedge.com/technology/new-report-alleges-chinas-mass-surveillance-americans-using-caribbean-cell-networks)

SolarWinds being tagged to the Dominion voting machines and now to this other phase of worldwide hacking is kind of expected in this day and age. I consider this a planned attack on the people (total control and chipping pathway) by the companies involved and who ever their cohorts may be.
I wanted to know who owns SolarWinds. The website does not clearly say. I came across an article which links them to Obama, the Clintons, China, Hong Kong and the US Election Process as the title says. Here is the link for more details and people involved.

https://newsla.localad.com/2020/12/16/breaking-exclusive-owners-of-solarwinds-have-links-to-obama-the-clintons-china-hong-kong-and-the-us-election-process-2/

45493 (https://www.facebook.com/johnn.kuhless/posts/401849017926036)


source (https://www.facebook.com/johnn.kuhless/posts/401849017926036)

1338868694215057408


source (https://twitter.com/Stop5G/status/1338868694215057408)

They want to make all freedom of movement a "privilege" not a basic human right ... Same for almost ALL "Government Services & Handouts" ... You have to prove you pose no (exaggerated) "health risk" to the new authoritarians connected to the A.I. #5G (https://twitter.com/hashtag/5G?src=hashtag_click) Mass Surveillance Smart Grid.

Thanks Bill! I had posted this video yesterday on "The Great Reset" - maybe move that here or delete? thanks!

this is all beyond me, but i know its serious. we are all living something everyday we have no control over.
years ago, your wheel barrel broke, you didnt even need to be mechanical to figure it out. to figure out that the wheel fell off and need to be put back on

today , no one has any idea how anything works. a computer? no, a modern car under the hood? no.
we are all lost in tech and at the mercy of things just working or not .

I did speak to someone today who told me that the recent pentagon hack was a trap. that their real info and intel was not stored where it seems it would be, thus setting the trap for the trail of the hacker. who knows.

To your comment Doug.

It is not even that we don't know how they work - they do not work and are unreliable. Engineering today is filled with clever and cunning manipulators who figure out ways to steal your money using defective parts that have a defined and short life, purposely poor engineering so certain parts will predictably break, built in obsolescence, and redesigns that 'accidentally' don't work as well as the original.

I've had to engineer so many things and parts in my time. I can fix anything - even DVD players that have been shattered to pieces. I know what I am talking about. I have seen the devices and appliances and the poor engineering of products. I have seen the savvy 'improvements' to tools that just make them less dependable - I mean, really, do I seriously need to use my phone to call my drill so I can turn it on - and then have to call again and again because it keeps resetting to factory defaults?

Is a fan that uses inferior wheels that have to continually be replaced because they cannot hold the weight the way forward in design? Is a filter on a vacuum that gets an upgrade and receives a third layer of filtering that does not release the dust and if knocked against the wall disintegrates so a new one is required at half the cost of the entire vacuum seem like an improvement?

So many inferior gadgets, poorly designed and engineered to fail, that it makes the head spin. Our throw-away society is wasting resources at an alarming rate. Soon we will have to begin mining our dumps as we run out of resources in the ground. The worst part is most of the stuff in the dumps, most of the crappy products we consume...we could have done without, and often times would have been better without.

The system we are heading towards is so dystopian that most cannot comprehend it or believe it. And we are only scant moments away from the point of no return.

Sophistication does not mean better, it merely means less people are authorities and experts and more people are helpless plebes. Remember Ann Rand's Atlas Shrugs, and never forget its elitist propaganda message.

Who is John Galt?

Outstanding video, since the introduction of Bitcoin when I first understood the ins and outs of Block chain, I knew something very ill intended was going to happen at some point.

I used to work for a contractor of a Mexican corporation in 2002 and our team was composed of 15 developers, our team leader said in one meeting that we should speed up the development of the ERP we were working on, because the corporation would have about 10 years to work with that system (contractor's system), when one developer in our team asked, why? Our contractor team leader said: In about 10 years all corporate system would be replaced by a global system. we are in 2020 now and we start to see it unfolding in front of our very eyes, of course my contractor was worried to milk as much as he could before new global systems taking place, he knew when that was going to happen his company would be out of work as well.

I decided to retire from the field years ago because I saw this coming, what before took about 15 developers to build a complex software to control all aspects of a corporation, including factory automation integrated with suppliers//customers/billing systems, now it barely take 1 or 2 developers due to the massive amount of automation we already got, specific AI algorithms can write code just fine as any human programmer can do and with little code review (by human) and automated tests it is ready for production, the entire thing is so huge and they need less and less people, in the other hand population is just growing, I can't see any good output of it and also I can't see how to stand in this new era of robotics and technology, that's why I decided to go off-grid anytime soon, I can't see myself living this new reality, it goes against my principles and beliefs in life.

Exactly 2 years ago, a friend said "the world has changed" after he return from a conference in Europe, I asked why and he said, all systems are being connected, we are going into full automation.

For good or bad here is where we all stand now.

today , no one has any idea how anything works. a computer?

Years ago not many people understood complex math.... but QUITE a few did....

Your mystery is my play ground...


they do not work and are unreliable.

this is vastly untrue... they are doing EXACTLY what they are designed todo... we are just being vastly lied to about that design.

If there is found to have been a 'malign actor' ie. China, behind the recent hacks and election fraud is a hot war with China on the cards?

This rumour is doing the rounds at the minute...

https://twitter.com/annvandersteel/status/1339425729952419840?s=20

Again, unsubstantiated..

https://twitter.com/thebias_news/status/1338978708489551872?s=20

Russia..?

https://twitter.com/SenBlumenthal/status/1338972186535727105?s=20

Probably nothing...

https://twitter.com/mil_ops/status/1339013482096848896?s=20

There used to be ( 6 months ago ) a lot of talk on line about a cyber crash/attack coming straight after the election.


I can't remember any of the sources now.

45496

it's been a few months since the whispers of a major cyber attack was something in the works to happen soon, as well as the usual warning of food prep but this time more than before generators on the list as blackouts too are discussed with more frequency.

then a couple of days ago, i came across this conversation that caught my eye as this individual seemed to know what he was talking about. i had planned on doing much more research before i posted, but i have a lot going on right now, and i'm thinking TargetT and some others here might be able to weigh in as to its veracity or not

so without polishing or further notes here is what i came across:

(in response to the reported to a CISPA bulletin put out on Sunday, the day before a massive Google outage. and rumors that this software was used to hack the US Treasury on Sunday)

HM238
"Jesus. The misinformation. I'm an actual security expert. The SolarWinds hack happened in the Spring. (Mar-June) and began when SolarWinds itself was infiltrated and the code was signed. That meant everyone got hit with the updates that contained it. It has been everywhere for months, while it is still a vulnerability for a lot of places with lax update schedules, the order was for all government agencies to be mitigated by 12 EST today. A lot of corporations were also reacting after the weekend and after guidance late yesterday and early today and were taking outages to fix it.

The reality is that the data has been compromised for months and there are going to be investigations and forensics that will take a very long time to even know what was breached and obtained. The Treasury was not hacked yesterday/Saturday, they were hacked months ago and potentially for months while data was streamed out via the Sunburst/Teardrop exploit."

QUESTION:

Interested to hear your take: My understanding is that this Sunburst backdoor used http connections to reach a command and control server. This should have been SUPER easy to find. Why 7 months to detect?
Quoting: Fe-fi-fo-fana

c2 servers should have been picked up as iOc's
Gov and fed servers should have ability to replay but TLA's and or courts will block that for sure

HM238

I could write a small novel. It was a pretty sophisticated attack on a few levels. They
were able to actually get the code signed, which means no one would have known they got it. It sits dormant for ~2 weeks, and then even though the traffic is HTTP and would appear to be easy to detect, it had a few tricks up its sleeve.

It detected and used hostnames that were the same or similar to existing hostnames on that specific network, it also buried the traffic in XML and .net traffic. It disguised itself further by spreading out the data across multiple GUIDs and HEX strings. If you look at the mitigation guide by CISA, it shows how deeply rooted it all is and across a lot of systems and services. There isn't one place to look or close down, there are dozens.

The code itself wasn't the most sophisticated, but the steps up to the point of the exploit were. Getting the code signed and integrated was the real trick. That means SolarWinds was infiltrated directly or via some contractor/third-party. It basically hit every one of their customers on the Orion platform. Which is basically every Fortune 500 company, every government agency, every major telecom provider, universities, accounting firms, banks, and more.

Now a funny thing. About 8-9 years ago I worked for a company closely associated with DoD/DHS and one of the projects I worked on was removing SolarWinds from the environment globally because of concerns way back then. We did highly classified work and also were under ITAR and some other restrictions/compliance rules. That cost a small fortune and was ordered right after we became partly overseen by DHS, and no one balked at all at the cost and I had an almost unlimited budget.

If the concern was there almost a decade ago, how is it possible that all of these other agencies and large corporations didn't follow suit? Some of them under the same or more severe regulations than we were. Another interesting part of that project was that they flew in some top SolarWinds techs to assist with the project... of removing their own software and transitioning to a competitor.

This particular hack has been discussed in some security channels for a while now. I actually dismissed a lot of it, knowing some of the big players and believing that surely it couldn't be as bad and widespread as they were saying or else it would have been caught and removed long ago. Remember, we're talking ~ 8 months.

Then the Fireeye stuff started to break a little while ago, and then the Treasury stuff hit the media but didn't make sense and was clearly not the full story to anyone in this field. Then the SolarWinds stuff starting flooding out.

I can't believe this was a honeypot situation because too many major companies and systems were impacted for real and it is still unknown how much data was stolen. If someone knew and it was being covered for by government agencies or even Fortune 500s, then our country is already lost the the Chinese.

If they didn't know, then the amount of failure across the board by the largest corporations and government agencies is unfathomable. In my former role, I would have been personally liable for something like this and already in jail. The fact that this is still being suppressed in the media and downplayed and underreported is also really fishy. Nothing about this makes sense or adds up. We're looking at potentially the largest data breach/cybersecurity event in history and barely anyone even knows beyond some weak stories about the Treasury.

COMMENT:

This is the truth. Watch the media spin.

nbc reported it as a russians

HM238

This is part of the spin. I don't doubt that Russia had a hand in it at some level, but if there isn't Chinese involvement, I'd be beyond shocked and surprised.

Much of the reporting so far is very superficial and lacking. A lot of focus is on the Teardrop/Sunburst aspect, but the real path to follow is how the code became signed and who's code that was? This isn't a small hack, it has global consequences for every government and corporation.

We likely won't know the extent for months, maybe years, and even then I have a feeling it will get buried long before anyone actually reports the full details. The problem is how many top IT departments and people are going to be working on this across every segment of the government and private sector. There is no way that it will stay a secret. The news may gloss over it and bury it, but thousands of IT and security people won't. It will come out eventually.

COMMENT:

very interesting. what you just described isn't doable
by a few hackers, that's why it got termed a "nation-state"
hack, that's very sophisticated work that takes a lot
of time, testing and testbeds to create.
if it is the "largest data breach/cybersecurity event in history"


QUESTION:

What would be the point of the cover up in the media?

Why would they try and spin it and for who? this has me wondering.

also i wonder what they got and what they are using or going to use it for?

HM238

At first my guess was to buy some time for mitigation but that wouldn't help since the exploit has been in the wild for so long. The damage was done, all it would do is buy the big players a little time before other actors would be aware, but again, that is largely useless. I'm not exaggerating when I say that it will be one of the largest ever.

The sole purpose was to siphon data out of the infected networks. If it was running for 6-8 months, that is a hell of a lot of data. SolarWinds is used to monitor entire networks, server infrastructure, and especially "crown jewel" servers. The environment I mentioned before was a global company with hundreds of data centers and tens of thousands of servers.

I personally have seen the media be told to print false stories to cover other operations or activity, and it is done without fail or pause. Of course it is always done under the guise of national security or protecting assets,

but seeing how easy and seamless it all was and how the channels already clearly long existed both between the company, the government, and the media was extremely concerning. In fact, while I had known about a lot of shady **** from working in ISPs that was going on, that one job is what made me begin to question everything and distrust absolutely everything. Not in a tinfoil way, but in the realest sense.

:shielddeflect:

C'est toute .. not really my area ... you be the judge ...

45496

it's been a few months since the whispers of a major cyber attack was something in the works to happen soon, as well as the usual warning of food prep but this time more than before generators on the list as blackouts too are discussed with more frequency.

then a couple of days ago, i came across this conversation that caught my eye as this individual seemed to know what he was talking about. i had planned on doing much more research before i posted, but i have a lot going on right now, and i'm thinking TargetT and some others here might be able to weigh in as to its veracity or not

so without polishing or further notes here is what i came across:

(in response to the reported to a CISPA bulletin put out on Sunday, the day before a massive Google outage. and rumors that this software was used to hack the US Treasury on Sunday)

HM238
"Jesus. The misinformation. I'm an actual security expert. The SolarWinds hack happened in the Spring. (Mar-June) and began when SolarWinds itself was infiltrated and the code was signed. That meant everyone got hit with the updates that contained it. It has been everywhere for months, while it is still a vulnerability for a lot of places with lax update schedules, the order was for all government agencies to be mitigated by 12 EST today. A lot of corporations were also reacting after the weekend and after guidance late yesterday and early today and were taking outages to fix it.

The reality is that the data has been compromised for months and there are going to be investigations and forensics that will take a very long time to even know what was breached and obtained. The Treasury was not hacked yesterday/Saturday, they were hacked months ago and potentially for months while data was streamed out via the Sunburst/Teardrop exploit."

QUESTION:

Interested to hear your take: My understanding is that this Sunburst backdoor used http connections to reach a command and control server. This should have been SUPER easy to find. Why 7 months to detect?
Quoting: Fe-fi-fo-fana

c2 servers should have been picked up as iOc's
Gov and fed servers should have ability to replay but TLA's and or courts will block that for sure

HM238

I could write a small novel. It was a pretty sophisticated attack on a few levels. They
were able to actually get the code signed, which means no one would have known they got it. It sits dormant for ~2 weeks, and then even though the traffic is HTTP and would appear to be easy to detect, it had a few tricks up its sleeve.

It detected and used hostnames that were the same or similar to existing hostnames on that specific network, it also buried the traffic in XML and .net traffic. It disguised itself further by spreading out the data across multiple GUIDs and HEX strings. If you look at the mitigation guide by CISA, it shows how deeply rooted it all is and across a lot of systems and services. There isn't one place to look or close down, there are dozens.

The code itself wasn't the most sophisticated, but the steps up to the point of the exploit were. Getting the code signed and integrated was the real trick. That means SolarWinds was infiltrated directly or via some contractor/third-party. It basically hit every one of their customers on the Orion platform. Which is basically every Fortune 500 company, every government agency, every major telecom provider, universities, accounting firms, banks, and more.

Now a funny thing. About 8-9 years ago I worked for a company closely associated with DoD/DHS and one of the projects I worked on was removing SolarWinds from the environment globally because of concerns way back then. We did highly classified work and also were under ITAR and some other restrictions/compliance rules. That cost a small fortune and was ordered right after we became partly overseen by DHS, and no one balked at all at the cost and I had an almost unlimited budget.

If the concern was there almost a decade ago, how is it possible that all of these other agencies and large corporations didn't follow suit? Some of them under the same or more severe regulations than we were. Another interesting part of that project was that they flew in some top SolarWinds techs to assist with the project... of removing their own software and transitioning to a competitor.

This particular hack has been discussed in some security channels for a while now. I actually dismissed a lot of it, knowing some of the big players and believing that surely it couldn't be as bad and widespread as they were saying or else it would have been caught and removed long ago. Remember, we're talking ~ 8 months.

Then the Fireeye stuff started to break a little while ago, and then the Treasury stuff hit the media but didn't make sense and was clearly not the full story to anyone in this field. Then the SolarWinds stuff starting flooding out.

I can't believe this was a honeypot situation because too many major companies and systems were impacted for real and it is still unknown how much data was stolen. If someone knew and it was being covered for by government agencies or even Fortune 500s, then our country is already lost the the Chinese.

If they didn't know, then the amount of failure across the board by the largest corporations and government agencies is unfathomable. In my former role, I would have been personally liable for something like this and already in jail. The fact that this is still being suppressed in the media and downplayed and underreported is also really fishy. Nothing about this makes sense or adds up. We're looking at potentially the largest data breach/cybersecurity event in history and barely anyone even knows beyond some weak stories about the Treasury.

COMMENT:

This is the truth. Watch the media spin.

nbc reported it as a russians

HM238

This is part of the spin. I don't doubt that Russia had a hand in it at some level, but if there isn't Chinese involvement, I'd be beyond shocked and surprised.

Much of the reporting so far is very superficial and lacking. A lot of focus is on the Teardrop/Sunburst aspect, but the real path to follow is how the code became signed and who's code that was? This isn't a small hack, it has global consequences for every government and corporation.

We likely won't know the extent for months, maybe years, and even then I have a feeling it will get buried long before anyone actually reports the full details. The problem is how many top IT departments and people are going to be working on this across every segment of the government and private sector. There is no way that it will stay a secret. The news may gloss over it and bury it, but thousands of IT and security people won't. It will come out eventually.

COMMENT:

very interesting. what you just described isn't doable
by a few hackers, that's why it got termed a "nation-state"
hack, that's very sophisticated work that takes a lot
of time, testing and testbeds to create.
if it is the "largest data breach/cybersecurity event in history"


QUESTION:

What would be the point of the cover up in the media?

Why would they try and spin it and for who? this has me wondering.

also i wonder what they got and what they are using or going to use it for?

HM238

At first my guess was to buy some time for mitigation but that wouldn't help since the exploit has been in the wild for so long. The damage was done, all it would do is buy the big players a little time before other actors would be aware, but again, that is largely useless. I'm not exaggerating when I say that it will be one of the largest ever.

The sole purpose was to siphon data out of the infected networks. If it was running for 6-8 months, that is a hell of a lot of data. SolarWinds is used to monitor entire networks, server infrastructure, and especially "crown jewel" servers. The environment I mentioned before was a global company with hundreds of data centers and tens of thousands of servers.

I personally have seen the media be told to print false stories to cover other operations or activity, and it is done without fail or pause. Of course it is always done under the guise of national security or protecting assets,

but seeing how easy and seamless it all was and how the channels already clearly long existed both between the company, the government, and the media was extremely concerning. In fact, while I had known about a lot of shady **** from working in ISPs that was going on, that one job is what made me begin to question everything and distrust absolutely everything. Not in a tinfoil way, but in the realest sense.

:shielddeflect:

C'est toute .. not really my area ... you be the judge ...


Even in this year of conspiracies and intrigue, that post has my mind reeling.

Can I ask where you picked up this conversation? If you can't say that's fine, but if so, it would be good to know how much weight you attach to the source?

We paid for a Mansion with our taxes.
They built us a house of cards.
Where's the money ?
What is money ?
I trust in Santa more !

"Dear Father Christmas,

I've been a good boy this year.
Please can I have a box of candles and a camping stove this Christmas.

Thank you."

...

1339568293561180160

As in the thread title....anything can happen now.

Bitcoin is spiking .... something is up?
45502

BREACHED: CISA orders every federal civilian agency using SolarWinds technology to shut it down immediately

https://www.naturalnews.com/2020-12-16-cisa-orders-federal-agencies-solarwinds-shut-down.html#

Quoted from ReversingLabs

"
ReversingLabs' research into the anatomy of this supply chain attack unveiled conclusive details showing that Orion software build and code signing infrastructure was compromised. The source code of the affected library was directly modified to include malicious backdoor code, which was compiled, signed and delivered through the existing software patch release management system.

While this type of attack on the software supply chain is by no means novel, what is different this time is the level of stealth the attackers used to remain undetected for as long as possible. The attackers blended in with the affected code base, mimicking the software developers’ coding style and naming standards. This was consistently demonstrated through a significant number of functions they added to turn Orion software into a backdoor for any organization that uses it.
"
ref.: https://blog.reversinglabs.com/blog/sunburst-the-next-level-of-stealth

Seems like the building system was somehow compromised in order to offer update/hotfix/bugfix (package updates with a trojan embedded) to the customers, whoever did that are real good and probably took long time to study the development environment in order to identify the vulnerabilities and infiltrate and act as part of the team OR it was just an "internal job".
It will need a full forensic work in order to track which machine compiled the patch released, maybe the developer was hacked, maybe someone broke into the building after midnight .. too many variables, hard to say.

There was identified some of the command & control domains (snort rules to mitigate here https://github.com/fireeye/sunburst_countermeasures/blob/main/all-snort.rules), but this alone is not enough to find out who is behind it, domains can be registered using some proxy like `domainsbyproxy[.]com` or using bogus data with godaddy, namecheap, etc.. to find the server is another huge pain in the ass, it could be hosted in the customer infra structure without anyone knowing or just somewhere else in the country of the attack to make things even more confused.

SolarWinds risk management process should be more cautious, such big company should run checks more often at least in all new patches or even all new compilations/builds, just to have 100% sure that anything was not intentionally injected. Supply-chain attacks are hard to identify because it is blended with legit software.

For those interested in the details https://www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html

subdomain & #DGA domain names , #SolarWinds, attacked by #UNC2452
https://pastebin.com/6EDgCKxd

From Intel471 Twitter account
https://twitter.com/Intel471Inc/status/1339233255741120513

Also this article about Chinese cybercrime underground from Intel471 may be of interest
https://intel471.com/blog/china-cybercrime-undergrond-deepmix-tea-horse-road-great-firewall/

That's pretty much what I found to be more relevant about this attack.

Again, unsubstantiated..

https://twitter.com/thebias_news/status/1338978708489551872?s=20


I can definitively tell you this is not the case, I work on that and higher clas networks every day... nothing is any different today, every system is nominal and has been since I accepted this position.

No pun intended - really - I am a patient person. I am surprised, that so many people are not fed up with all of this crap.

But I suppose that so many people just don't get it.

The media constantly reports "the rise in cases" but we know that the tests are faulty. But people get stuck at the number of cases and ignore the small number of deaths. (And we have to consider how many of those deaths reported were really due to covid.)

Now they are saying that even if you get the vaccine, it doesn't change things - you still need to wear a mask and social distance, and do not travel.

So now they have to throw something else at us. We knew they were going to, but most of the sheeple didn't.

Even so, when is enough going to be enough? Probably never. I expect that the people will allow themselves to be led to "wherever" they want to lead them.


It really is sad and pathetic that so many people are sheeple.

I have very little patience left for them. And that makes me sad.


If I had enough money, I would buy a large island somewhere and call it Avalon Island - you would all be welcome. And also any of the sheeple that are willing to open their eyes a bit. Of course, if they didn't they wouldn't come in the first place. :)

Hello Canada.
Stiff upper lip, keep the faith, press on Macduff and all that stuff. I had no intention of replying to this post because I share some of your sentiments and I felt very sad when I first read it. If I try to correct some of the programing among friends and family I am often called insane or stupid or any of the usual labels that we tend receive. I decided to make some tea and lo and behold, synchronicity. As I was passing my wife, there on her ipad was a picture of myself on Twitter. I asked her what it was about and she showed me the thread which read "People that most influenced my life". I remembered a kid who kept asking me questions twenty years ago and I did not realize that I had any impression on him. When I came back to my computer, your post was still there. I decided to reply to your post.
I think we must all strive to do our little bit, after all, eight bits make a Byte. LOL. I am reminded by the words of Francis Bacon (or was that Shakespeare) who said: "All the world's a stage and all the men and women merely players", etc.
Love to all and keep up the good work.

P.S. Remember to invite me to your island. I love to fish and will help to feed everyone.

WARNING! “Dark Winter” Begins! Next Phase is “Digital Pandemic” as Cyber Wars Start
December 16, 2020
https://healthimpactnews.com/2020/warning-dark-winter-begins-next-phase-is-digital-pandemic-as-cyber-wars-start/
https://healthimpactnews.com/wp-content/uploads/sites/2/2020/12/Cyber-Wars-Faceless-hacker.jpg

by Brian Shilhavy
Editor, Health Impact News

"Millions of people around the world got a very small taste of what can happen when technology fails on Monday this week when most of the Google network went down, and people could not access their Gmail email accounts, YouTube videos, and many other Google services.

For those who rely upon Google for home devices, it was a sobering wake-up call.

Early Monday morning, Joe Brown walked into his daughter’s room and delivered his usual greeting, “Hey, Google, turn on the lights.” He owns a Google smart speaker that lets him control the lights with his voice, and which, “when you’re holding a kid with a bottle or a diaper full of crap, is usually pretty good,” he said.

But that morning, nothing happened. With the lights out, Brown grabbed a lantern. Cradling his daughter in one hand and his phone in the other, he tweeted: “I’m sitting here in the dark in my toddler’s room because the light is controlled by @Google Home. Rethinking… a lot right now.”

Brown was in the dark because Alphabet Inc.’s Google had suffered a widespread outage, bricking not only internet staples like Gmail and YouTube but an array of home devices that increasingly rely on the largest technology platforms. Elsewhere, a London technologist reported his alarm at being unable to use his Nest thermostat, a Google product. “It’s when Google is down and you can’t heat your home that you realize how scarily reliant you are on Google,” he wrote. (Source.)

Here is Google’s official announcement over what went wrong:

Google Cloud Platform and Google Workspace experienced a global outage affecting all services which require Google account authentication for a duration of 50 minutes. The root cause was an issue in our automated quota management system which reduced capacity for Google’s central identity management system, causing it to return errors globally. As a result, we couldn’t verify that user requests were authenticated and served errors to our users.

But problems have persisted, and similar outages were reported yesterday with Gmail and other Google services.

These events happened in the midst of several reported cyber hacks among other technology companies, including the Pentagon servers yesterday, Tuesday, December 15th.

Jim Hoft of Gateway Pundit reported:

The Pentagon imposed an emergency shutdown of computer network handling classified material on Tuesday.

This follows the rare Emergency Directive 21-01 on Sunday night by the Cybersecurity and Infrastructure Security Agency (CISA), in response to a KNOWN COMPROMISE involving SolarWinds Orion products.

Sunday night’s directive was only the fifth Emergency Directive issued by CISA under the authorities granted by Congress in the Cybersecurity Act of 2015.

According to Just the News the Pentagon has imposed an emergency shutdown of its Secret Internet Protocol Router Network, which handles classified information up to the secret level.

One official said,”This has never happened in the middle of a work day.”

Just The News reported:

The Pentagon on Tuesday ordered the emergency shutdown of a classified internal communications network, three Defense Department sources confirmed.

The unprecedented daytime shutdown comes amid recent revelations that other federal agencies, including the Department of Homeland Security, were breached by hackers.

The Defense Department alerted employees that the SIPRNET system was being shut down in the late morning for emergency software updates, the sources told Just the News…

…The system, known as the Secret Internet Protocol Router Network, handles classified information, up to the secret level, and was shuttered for several hours.

Are You Prepared for an Internet Blackout and Disruptions to the Electrical Grid?
These inconveniences suffered this week with Google going down are NOTHING compared to what is probably coming down the road, and which could be imminent.

Imagine what life will be like with no Internet at all for an extended period of time, and where electrical service could become very unstable and also be down for an extended period of time.

For those who have been paying attention, the Globalists have actually been warning us that this is coming for sometime now.

Earlier this year Health Impact News reported about Event 201 which was hosted by the World Economic Forum and the Bill and Melinda Gates Foundation and was a simulation of a worldwide pandemic and the response to that pandemic in October of 2019, just weeks before the now infamous COVID19 virus was identified in Wuhan, China.

Almost everything predicted during that simulation has now actually happened, except for one thing: an Internet blackout.

See:

Did Bill Gates & World Economic Forum Predict Coronavirus Outbreak? Will There be an Internet Blackout to Control Information?
Earlier this year around the time the U.S. Presidential debates started, the media started using the term “Dark Winter.”

Derrick Broze of The Conscious Resistance created a 12-minute documentary covering the historical meaning of “Dark Winter” and how it has been used in the past for simulations, much like Event 201.

Dark Winter exercise took place in June 2001, only months before the 9/11 attacks. This exercise took place at Andrews Air Force Base in Camp Springs, Maryland, and involved several Congressmen, a former CIA director, a former FBI director, government insiders and privileged members of the press. The exercise simulated the use of smallpox as a biological weapon against the American public.

During the Dark Winter exercise authorities attempt to stop the spread of “dangerous misinformation” and “unverified” cures, just like with the Event 201 simulation. Dark Winter further discusses the suppression and removal of civil liberties, such as the possibility of the President to invoke “The Insurrection Act”, which would allow the military to act as law enforcement upon request by a State governor, as well as the possibility of “martial rule.”

The script says martial rule may “include, but are not limited to, prohibition of free assembly, national travel ban, quarantine of certain areas, suspension of the writ of habeas corpus [i.e. arrest without due process], and/or military trials in the event that the court system becomes dysfunctional.”

What is important to know is Dark Winter was largely written and designed by Tara O’Toole and Thomas Inglesby of the Johns Hopkins Center along with Randy Larsen and Mark DeMier of the Analytic Services (ANSER) Institute for Homeland Security. O’Toole, Inglesby, and Larsen were directly involved in the response to the alleged anthrax attacks which took place in the days after September 11, 2001. These individuals personally briefed Vice President Cheney on Dark Winter.

Coincidentally, Event 201 was co-hosted by the Johns Hopkins Center for Health Security, which is currently led by Dark Winter co-author Thomas Inglesby. Tara O’Toole was also a key player in the Clade X simulation.

Watch the full documentary here:

Why is the Corporate Media Predicting a “Dark Winter”?
On July 8, 2020, the World Economic Forum met and discussed a “Digital Pandemic” which they claimed would be far more disastrous than the COVID pandemic.

Jeremy Jurgens, the World Economic Forum Managing Director, stated:

I believe that there will be another crisis. It will be more significant. It will be faster than what we’ve seen with COVID. The impact will be greater, and as a result the economic and social implications will be even more significant.

Klaus Schwab, the founder and executive chairman of the World Economic Forum, stated:

We all know, but still pay insufficient attention, to the frightening scenario of a comprehensive cyber attack could bring a complete halt to the power supply, transportation, hospital services, our society as a whole. The COVID-19 crisis would be seen in this respect as a small disturbance in comparison to a major cyberattack.

Christian the “IceAge Farmer” has covered this in two recent broadcasts.

“Next Crisis Bigger than COVID” – Power Grid/Finance Down – WEF’s Cyber Polygon – Nov 15, 2020
tSuCuoQxI20

and The Cyberpandemic Has Begun: SolarWinds + FireEye
https://www.youtube.com/watch?time_continue=4&v=oe3y-OdNSsw&feature=emb_logo
(the video has already been embedded in this thread)

All Eyes on the U.S. and President Trump
Here in the U.S., the Right-wing alternative media is predicting that President Trump is not going to accept the election results, due to massive voter fraud.

Most reports are now saying that if he does not get the Supreme Court to over-turn the election results, that he will invoke the “Insurrection Act” and deploy the military domestically to allegedly start arresting people for “treason.”

President Trump has shaken up his Cabinet in recent weeks, seemingly to gain more control over the military and the Intelligence agencies.

But not only are we facing an internal civil war, it is expected that we will soon be attacked from outside the U.S., and indeed it appears as if the Cyber War may have already begun this week.

China is the most common enemy of the United States now that is blamed by both the Pharma-owned corporate media, and many in the alternative media as well, as planning to attack the U.S.

This appears to be mainly a Cyber attack, with potential attacks against our infrastructure here in the U.S., but China also seems to be involved with funding many of the Leftist/Marxist groups that will surely oppose President Trump and his efforts to remain in the White House.

There are also many other “hot-spots” around the world, especially with countries around the South China Sea such as Taiwan and the Philippines.

In the Middle East, Israel and Iran are basically already at war, including cyber warfare.

War, particularly cyber war, seems to have already been started, and everyone should absolutely prepare for the chaos that seems to be on our very doorstep, with the predictions of the World Economic Forum very likely coming true, since almost everything they originally predicted and planned for regarding COVID has come true."

Friends, I think this deserves a new thread of its own. As Constance presciently warned us back in April, Draw your sword, things are about to get real. (https://projectavalon.net/forum4/showthread.php?110530-Draw-your-sword-things-are-about-to-get-real.) It has to be possible that what we've all lived through so far in 2020 is just the beginning.


http://www.youtube.com/watch?v=oe3y-OdNSsw

agreed. comes to election i never think about Fraud/Court cases but more event of foreign influence/interfere such as what EO 2018 describe..this cyber thing is it.

https://twitter.com/disclosetv/status/1338477591125225473

45496



The reality is that the data has been compromised for months and there are going to be investigations and forensics that will take a very long time to even know what was breached and obtained. The Treasury was not hacked yesterday/Saturday, they were hacked months ago and potentially for months while data was streamed out via the Sunburst/Teardrop exploit."

HM238

I could write a small novel. It was a pretty sophisticated attack on a few levels. They
were able to actually get the code signed, which means no one would have known they got it. It sits dormant for ~2 weeks, and then even though the traffic is HTTP and would appear to be easy to detect, it had a few tricks up its sleeve.

It detected and used hostnames that were the same or similar to existing hostnames on that specific network, it also buried the traffic in XML and .net traffic. It disguised itself further by spreading out the data across multiple GUIDs and HEX strings. If you look at the mitigation guide by CISA, it shows how deeply rooted it all is and across a lot of systems and services. There isn't one place to look or close down, there are dozens.

The code itself wasn't the most sophisticated, but the steps up to the point of the exploit were. Getting the code signed and integrated was the real trick. That means SolarWinds was infiltrated directly or via some contractor/third-party. It basically hit every one of their customers on the Orion platform. Which is basically every Fortune 500 company, every government agency, every major telecom provider, universities, accounting firms, banks, and more.

Now a funny thing. About 8-9 years ago I worked for a company closely associated with DoD/DHS and one of the projects I worked on was removing SolarWinds from the environment globally because of concerns way back then. We did highly classified work and also were under ITAR and some other restrictions/compliance rules. That cost a small fortune and was ordered right after we became partly overseen by DHS, and no one balked at all at the cost and I had an almost unlimited budget.


This particular hack has been discussed in some security channels for a while now. I actually dismissed a lot of it, knowing some of the big players and believing that surely it couldn't be as bad and widespread as they were saying or else it would have been caught and removed long ago. Remember, we're talking ~ 8 months.

Then the Fireeye stuff started to break a little while ago, and then the Treasury stuff hit the media but didn't make sense and was clearly not the full story to anyone in this field. Then the SolarWinds stuff starting flooding out.

I can't believe this was a honeypot situation because too many major companies and systems were impacted for real and it is still unknown how much data was stolen. If someone knew and it was being covered for by government agencies or even Fortune 500s, then our country is already lost the the Chinese.

If they didn't know, then the amount of failure across the board by the largest corporations and government agencies is unfathomable. In my former role, I would have been personally liable for something like this and already in jail. The fact that this is still being suppressed in the media and downplayed and underreported is also really fishy. Nothing about this makes sense or adds up. We're looking at potentially the largest data breach/cybersecurity event in history and barely anyone even knows beyond some weak stories about the Treasury.

COMMENT:

This is the truth. Watch the media spin.

nbc reported it as a russians

HM238

This is part of the spin. I don't doubt that Russia had a hand in it at some level, but if there isn't Chinese involvement, I'd be beyond shocked and surprised.

Much of the reporting so far is very superficial and lacking. A lot of focus is on the Teardrop/Sunburst aspect, but the real path to follow is how the code became signed and who's code that was? This isn't a small hack, it has global consequences for every government and corporation.

We likely won't know the extent for months, maybe years, and even then I have a feeling it will get buried long before anyone actually reports the full details. The problem is how many top IT departments and people are going to be working on this across every segment of the government and private sector. There is no way that it will stay a secret. The news may gloss over it and bury it, but thousands of IT and security people won't. It will come out eventually.

COMMENT:

very interesting. what you just described isn't doable
by a few hackers, that's why it got termed a "nation-state"
hack, that's very sophisticated work that takes a lot
of time, testing and testbeds to create.
if it is the "largest data breach/cybersecurity event in history"


QUESTION:

What would be the point of the cover up in the media?

Why would they try and spin it and for who? this has me wondering.

also i wonder what they got and what they are using or going to use it for?

HM238

At first my guess was to buy some time for mitigation but that wouldn't help since the exploit has been in the wild for so long. The damage was done, all it would do is buy the big players a little time before other actors would be aware, but again, that is largely useless. I'm not exaggerating when I say that it will be one of the largest ever.

The sole purpose was to siphon data out of the infected networks. If it was running for 6-8 months, that is a hell of a lot of data. SolarWinds is used to monitor entire networks, server infrastructure, and especially "crown jewel" servers. The environment I mentioned before was a global company with hundreds of data centers and tens of thousands of servers.

I personally have seen the media be told to print false stories to cover other operations or activity, and it is done without fail or pause. Of course it is always done under the guise of national security or protecting assets,

but seeing how easy and seamless it all was and how the channels already clearly long existed both between the company, the government, and the media was extremely concerning. In fact, while I had known about a lot of shady **** from working in ISPs that was going on, that one job is what made me begin to question everything and distrust absolutely everything. Not in a tinfoil way, but in the realest sense.

:shielddeflect:

C'est toute .. not really my area ... you be the judge ...


Even in this year of conspiracies and intrigue, that post has my mind reeling.

Can I ask where you picked up this conversation? If you can't say that's fine, but if so, it would be good to know how much weight you attach to the source?

Journeyman i will PM you

as to the veracity of the information, it isn't my area, but i figured there were some here like TargetT who are very familiar and could easily dispel or verify




Again, unsubstantiated..

https://twitter.com/thebias_news/status/1338978708489551872?s=20


I can definitively tell you this is not the case, I work on that and higher clas networks every day... nothing is any different today, every system is nominal and has been since I accepted this position.


if not, i can look into it further. I have a friend who for whatever reason IT is his thing, even though he's part of Springstein's organization. many may not know Springstein had a direct line to Hussein as in relationship provided access ...

We bonded during the Occupy days and it was my friend who was the voice of reason when a group of us were OUTRAGED when Hussein passed Indefinite Detention and we were prepared to take action and actually file articles to impeach the (traitor) congressmen in the 9 or 18 states that permitted it. TREASON, was going to be specifically cited ....

Emotions ran high at the betrayal, it was momentous and would have been historically significant ... my friend also explained the personal ramifications for each of us, but we only backed down when Oathkeepers took center stage and there were reasons we wanted distance at the time

either way? WE the People, were NOT going to "quietly accept" nor be "compliant" and "obedient" ... and it's possible that got communicated ...

few realize how very narrowly we escaped martial law at THAT time, and the present scenario is giving me "flashbacks" and has me a bit on guard as i see a call go out for what i once opposed so vehemently ...

the difference is fewer then knew to be guarded, NOW? the call for FREEDOM is being demanded by MILLIONS ... 75 million i believe ...

still, this particular issue? is on my radar and most certainly they are upping the ante. .. and i suspect THIS will be brought to the spotlight in the very near future

it is an ideal candidate to be the next "excuse" for outages and all manner of distressing scenarios whose objective will be intrusive measures of control that would otherwise be unacceptable and considered reprehensible but the people will be prone to accept to alleviate the issues that will be manufactured ...

i'm looking for a tweet i saw last night that had a Senator tell the Senate, i believe, that 75 million people will NOT be silenced ...

such a comforting thought to fall asleep to! :Angel:

UPDATE ... found it!



https://twitter.com/TheSharpEdge1/status/1339274402018385920


if tweet does not show? here is the link, it is just a minute long, and i think we could all use hearing this right now ...

https://twitter.com/TheSharpEdge1/status/1339274402018385920

TargetT? your thoughts? (on the info the source provided)

this whole **** is weird and seems planned...for months there's talked about EO 2018 regarding foreign election interference, hunter biden stories got killed but recently after election especially recent week Chinese stories popup and those stories have known also Hunter Biden Popup agian, DNI came out saying Chinese/Russia/Iran ...i was expect something about foreigner popup and did occur what we seeing now Hacking from foreign countries.

i really don't know but whole event so perfectly fit together for their MAIN AGENDA whatever that is...the timing of it all.

My point is this cyber attack isn't surprise at all from all the things happening right now...

This is the No.1 news story on the BBC this morning...

US cyber-attack: US energy department confirms it was hit by Sunburst hack

The US energy department is the latest agency to confirm it has been breached in what is being described as the worst-ever hack on the US government.

The department is responsible for managing US nuclear weapons, but said the arsenal's security had not been compromised.

Tech giant Microsoft also said on Thursday that it had found malicious software in its systems.

Many suspect the Russian government is responsible. It has denied the claims.

The treasury and commerce departments are among the other agencies targeted in the sophisticated, months-long breach.

https://www.bbc.com/news/world-us-canada-55358332

“Next Crisis Bigger than COVID” – Power Grid/Finance Down – WEF’s Cyber Polygon – Nov 15, 2020
tSuCuoQxI20

Bumping this short 14 min video from Christian Westbrook, the Ice Age Farmer. He's very smart, articulate, concise, cogent, and dead right about what he sees.

A 'Cyberpandemic' is the perfect knockout punch to follow the pummeling from all the Covid lockdowns and small business bankruptcies. The remedy? Global government, with an iron fist. (Trump is in the way, of course, but that's not for this thread.)

And we're being TOLD what's being planned to happen.

A cyber attack of "grave, grave danger"... ."almost like a prelude to war"...

https://twitter.com/LouDobbs/status/1339699327799754752?s=20

TargetT? your thoughts? (on the info the source provided)

Grandstanding soapbox abuse...

there were no teeth in that speech.... just words.

The mainstream media already has a political spin on the : it's the Russians:


Suspected Russian hack is much worse than first feared: Here’s what you need to know

The U.S. Cybersecurity and Infrastructure Security Agency said the threat “poses a grave risk to the federal government.”
CISA has not said who it thinks is the “advanced persistent threat actor” behind the “significant and ongoing” campaign, but many experts are pointing to Russia.
It’s not clear exactly what the hackers have done beyond accessing top-secret U.S. government networks and monitoring data.

CISA has not said who it thinks is the “advanced persistent threat actor” behind the “significant and ongoing” campaign, but many experts are pointing to Russia.

“The magnitude of this ongoing attack is hard to overstate,” former Trump Homeland Security Advisor Thomas Bossert said in a piece for The New York Times on Thursday. “The Russians have had access to a considerable number of important and sensitive networks for six to nine months.”

Russian presidential spokesman Dmitry Peskov rejected the accusations, according to the Tass news agency.

“Even if it is true there have been some attacks over many months and the Americans managed to do nothing about them, possibly it is wrong to groundlessly blame Russians right away,” he told Tass. “We have nothing to do with this.”

from: https://www.cnbc.com/2020/12/18/suspected-russian-hack-on-us-is-much-worse-than-first-feared.html

And who does this news story point out is the big victim of the attack, you might ask??? Well, America's most beloved boy billionaire, Bill Gates:

Microsoft customers targeted

Microsoft was hacked in connection with the attack on SolarWinds’ widely used management software, Reuters reported Thursday.

Like with the cyberattack of SolarWinds, hackers infiltrated Microsoft products and then went after others, Reuters said, citing people familiar with the matter.

“We have been actively looking for indicators of this actor and can confirm that we detected malicious SolarWinds binaries in our environment, which we isolated and removed. We have not found evidence of access to production services or customer data,” a Microsoft spokesperson said in a statement shared with CNBC.

If our televisions will still work, it looks like we are going to be seeing a lot of Mr. Gates on the media.

Amazing how quickly the media has figured out that the Russians are behind this, just like they all had our attention turned to Osama bin Laden as the perpetrator behind the 9/11 attacks.

The mainstream media already has a political spin on the : it's the Russians:


Suspected Russian hack is much worse than first feared: Here’s what you need to know

The U.S. Cybersecurity and Infrastructure Security Agency said the threat “poses a grave risk to the federal government.”
CISA has not said who it thinks is the “advanced persistent threat actor” behind the “significant and ongoing” campaign, but many experts are pointing to Russia.
It’s not clear exactly what the hackers have done beyond accessing top-secret U.S. government networks and monitoring data.

CISA has not said who it thinks is the “advanced persistent threat actor” behind the “significant and ongoing” campaign, but many experts are pointing to Russia.

“The magnitude of this ongoing attack is hard to overstate,” former Trump Homeland Security Advisor Thomas Bossert said in a piece for The New York Times on Thursday. “The Russians have had access to a considerable number of important and sensitive networks for six to nine months.”

Russian presidential spokesman Dmitry Peskov rejected the accusations, according to the Tass news agency.

“Even if it is true there have been some attacks over many months and the Americans managed to do nothing about them, possibly it is wrong to groundlessly blame Russians right away,” he told Tass. “We have nothing to do with this.”

from: https://www.cnbc.com/2020/12/18/suspected-russian-hack-on-us-is-much-worse-than-first-feared.html

And who does this news story point out is the big victim of the attack, you might ask??? Well, America's most beloved boy billionaire, Bill Gates:

Microsoft customers targeted

Microsoft was hacked in connection with the attack on SolarWinds’ widely used management software, Reuters reported Thursday.

Like with the cyberattack of SolarWinds, hackers infiltrated Microsoft products and then went after others, Reuters said, citing people familiar with the matter.

“We have been actively looking for indicators of this actor and can confirm that we detected malicious SolarWinds binaries in our environment, which we isolated and removed. We have not found evidence of access to production services or customer data,” a Microsoft spokesperson said in a statement shared with CNBC.

If our televisions will still work, it looks like we are going to be seeing a lot of Mr. Gates on the media.

Amazing how quickly the media has figured out that the Russians are behind this, just like they all had our attention turned to Osama bin Laden as the perpetrator behind the 9/11 attacks.

Russians are always the culprit hahah. So funny and yet the populace eats this up.

Amazing how quickly the media has figured out that the Russians are behind this, just like they all had our attention turned to Osama bin Laden as the perpetrator behind the 9/11 attacks.

China must be terrified of russia to push them as the boogyman so hard in our media like this (I mean come on, we all know that's basically what's happening by now).

CozyBear strikes again!

From the Washington Post: https://www.washingtonpost.com/national-security/russian-government-spies-are-behind-a-broad-hacking-campaign-that-has-breached-us-agencies-and-a-top-cyber-firm/2020/12/13/d5a53b88-3d7d-11eb-9453-fc36ba051781_story.html

(Posting whole story since it is behind a paywall).



Russian government hackers are behind a broad espionage campaign that has compromised U.S. agencies, including Treasury and Commerce

Russian government hackers breached the Treasury and Commerce departments, along with other U.S. government agencies, as part of a global espionage campaign that stretches back months, according to people familiar with the matter.

Officials were scrambling over the weekend to assess the nature and extent of the intrusions and implement effective countermeasures, but initial signs suggested the breach was long-running and significant, the people familiar with the matter said.

The Russian hackers, known by the nicknames APT29 or Cozy Bear, are part of that nation’s foreign intelligence service, the SVR, and they breached email systems in some cases, said the people familiar with the intrusions, who spoke on the condition of anonymity because of the sensitivity of the matter. The same Russian group hacked the State Department and the White House email servers during the Obama administration.

The FBI is investigating the campaign, which may have begun as early as spring, and had no comment Sunday. The victims have included government, consulting, technology, telecom, and oil and gas companies in North America, Europe, Asia and the Middle East, according to FireEye, a cyber firm that itself was breached.

The Russian Embassy in Washington on Sunday called the reports of Russian hacking “baseless.” In a statement on Facebook it said, “attacks in the information space contradict” Russian foreign policy and national interests. “Russia does not conduct offensive operations” in the cyber domain.

All of the organizations were breached through the update server of a network management system made by the firm SolarWinds, FireEye said in a blog post Sunday.

The federal Cybersecurity and Infrastructure Security Agency issued an alert Sunday warning about an “active exploitation” of the SolarWinds Orion Platform, from versions of the software released in March and June. “CISA encourages affected organizations to read the SolarWinds and FireEye advisories for more information and FireEye’s GitHub page for detection countermeasures,” the alert said.

SolarWinds said Sunday in a statement that monitoring products it released in March and June of this year may have been surreptitiously weaponized in a “highly-sophisticated, targeted . . . attack by a nation state.”

The company filed a document Monday with the Securities and Exchange Commission saying that “fewer than 18,000” of its more than 300,000 customers may have installed a software patch enabling the Russian attack. It was not clear, the filing said, how many systems were actually hacked. The corporate filing also said that Microsoft’s Office 365 email may have been “an attack vector” used by the hackers.

Microsoft said in a blog post Sunday that it had not identified any Microsoft product or cloud service vulnerabilities in its investigation of the matter.

The scale of the Russian espionage operation appears to be large, said several individuals familiar with the matter. “This is looking very, very bad,” said one person. SolarWinds products are used by organizations across the world. They include all five branches of the U.S. military, the Pentagon, State Department, Justice Department, NASA, the Executive Office of the President and the National Security Agency, the world’s top electronic spy agency, according to the firm’s website.

Its clients also include the top 10 U.S. telecommunications companies.

“This is a big deal, and given what we now know about where breaches happened, I’m expecting the scope to grow as more logs are reviewed,” said John Scott-Railton, a senior researcher at Citizen Lab at the University of Toronto’s Munk School of Global Affairs and Public Policy. “When an aggressive group like this gets an open sesame to many desirable systems, they are going to use it widely.”

Russian spies believed to have hacked FireEye

FireEye reported last week that it was breached and that hacking tools it uses to test clients’ computer defenses were stolen. The Washington Post reported that APT29 was the group behind that hack. FireEye and Microsoft, which were investigating the breach, discovered the hackers were gaining access to victims through updates to SolarWinds’ Orion network monitoring software, FireEye said in its blog post, without publicly naming the Russians.

Reuters first reported the hacks of the Treasury and Commerce departments Sunday, saying they were carried out by a foreign government-backed group. The SVR link to the broader campaign was previously unreported.

The matter was so serious that it prompted an emergency National Security Council meeting on Saturday, Reuters reported.

“The United States government is aware of these reports, and we are taking all necessary steps to identify and remedy any possible issues related to this situation,” said National Security Council spokesman John Ullyot. He did not comment on the country or group responsible.

At Commerce, the Russians targeted the National Telecommunications and Information Administration, an agency that handles Internet and telecommunications policy, Reuters reported. They have also been linked to attempts to steal coronavirus vaccine research.

U.S., Britain and Canada say Russian spies are trying to steal coronavirus vaccine research

In 2014 and 2015, the same group carried out a wide-ranging espionage campaign that targeted thousands of organizations, including government agencies, foreign embassies, energy companies, telecommunications firms and universities.

As part of that operation, it hacked the unclassified email systems of the White House, the Pentagon’s Joint Chiefs of Staff and the State Department.

“That was the first time we saw the Russians become much more aggressive, and instead of simply fading away like ghosts when they were detected, they actually contested access to the networks,” said Michael Daniel, who was White House cybersecurity coordinator at the time.

One of its victims in 2015 was the Democratic National Committee. But unlike a rival Russian spy agency, the GRU, which also hacked the DNC, it did not leak the stolen material. In 2016, the GRU military spy agency leaked hacked emails to the online anti-secrecy organization WikiLeaks in an operation that disrupted the Democrats’ national convention in the midst of the presidential campaign.

The SVR, by contrast, generally steals information for traditional espionage purposes, seeking secrets that might help the Kremlin understand the plans and motives of politicians and policymakers. Its operators also have filched industrial data and hacked foreign ministries.

Because the Obama administration saw the APT29 operation as traditional espionage, it did not consider taking punitive measures, said Daniel, who is now president and chief executive of the Cyber Threat Alliance, an information-sharing group for ­cybersecurity companies.

“It was information collection, which is what nation states — including the United States — do,” he said. “From our perspective, it was more important to focus on shoring up defenses.”

But Chris Painter, State Department cyber coordinator in the Obama administration, said even if the Russian campaign is strictly about espionage and there’s no norm against spying, if the scope is broad there should be consequences. “We just don’t have to sit still for it and say ‘good job,’ ” he said.

Sanctions might be one answer, especially if done in concert with allies who were similarly affected, he said. “The problem is there’s not even been condemnation from the top. President Trump hasn’t wanted to say anything bad to Russia, which only encourages them to act irresponsibly across a wide range of activities.”

At the very least, he said, “you’d want to make clear to [Russian President Vladimir] Putin that this is unacceptable — the scope is unacceptable.”

So far there is no sign that the current campaign is being waged for purposes of leaking information or for disruption of critical infrastructure, such as electric grids.

SolarWinds’ monitoring tool has extremely deep “administrative” access to a network’s core functions, which means that hacking the tool would allow the Russians to freely root around victims’ systems.

APT29 compromised SolarWinds so that any time a customer checked in to request an update, the Russians could hitch a ride on the weaponized update to get into a victim’s system. FireEye dubbed the malware that the hackers used “Sunburst.”

“Monday may be a bad day for lots of security teams,” tweeted Dmitri Alperovitch, a cybersecurity expert and founder of the Silverado Policy Accelerator think tank.

TargetT? your thoughts? (on the info the source provided)

Grandstanding soapbox abuse...

there were no teeth in that speech.... just words.


so to be CLEAR you are saying the following points have NO merit? .. there were many points covered,] each having its own importance, if you don't mind expanding a tad bit more ... let's just go with paragraph #1 to start:




I'm an actual security expert. The SolarWinds hack happened in the Spring. (Mar-June) and began when SolarWinds itself was infiltrated and the code was signed. That meant everyone got hit with the updates that contained it. It has been everywhere for months, while it is still a vulnerability for a lot of places with lax update schedules, the order was for all government agencies to be mitigated by 12 EST today. A lot of corporations were also reacting after the weekend and after guidance late yesterday and early today and were taking outages to fix it.

...


I'm an actual security expert. The SolarWinds hack happened in the Spring. (Mar-June) and began when SolarWinds itself was infiltrated ,

1.) Timing (March) coinciding with announcement of COVID (announcement because many of us got it in January) (thankfully prepared for it in October of 2019)

2.) SolarWinds itself being infiltrated ~ it's going to make a HUGE difference in which rabbit hole to follow whether SolarWinds itself was an unknowing/uninvolved agent (victim) or the perpetrator itself.

i can go with victim ... why? ... the spin and focus of attention already pointing to its "connections" to Hussein and Hillary etc. pretty much where focus is directed? ... then that is what i ignore

are you familiar with SolarWinds? are they friendly? neutral? or suspect?


and the code was signed. That meant everyone got hit with the updates that contained it

the code signature IS of huge significance , so you're saying that's invalid? that it would NOT have gotten spread through the updates?


It has been everywhere for months,

months? we have not seen major OR even "minor" disruptions in months.. that being the case? if we start to see them now, AFTER their announcement? guess who is suspect now, (blaming the hack, of course) in my eyes ...

is that an erroneous conclusion to draw?


while it is still a vulnerabilityy for a lot of places with lax update schedules,

deduction: ONLY in a few places, the vast majority have been cleaned up

that being the case?
ALL major crap that follows? is manufactured and this is their scapegoat.


the order was for all government agencies to be mitigated by 12 EST today.

even this being HUGE latitude to "ix" a problem they were WELL aware of being a potential point of exploit and failing to take the necessary precautionary steps to avoid or having a sound plan in place to mitigate effects

much like the fact WE ALL KNEW fraud WOULD be attempted in the elections and failing to have even simple cameras in place (like 100 of them in case 1 was discovered) and have solid undeniable assurances in place, the situation could and WOULD be "handled". NO ONE was surprised it happened, the surprise is the failure in preparedness and response ... EXACTLY the SAME scenario HERE it would appear

it is PAST the deadline ... have you heard NOTHING of this TargetT? and deadline being past?
is it or is it not yet "handled"


A lot of corporations were also reacting after the weekend and after guidance late yesterday and early today and were taking outages to fix it.

for "guidance" to be "given"? one has to have mastered the situation, or at least come up with a viable solution.

i'm sorry, once again, the utter and complete failure to both PLAN and PREPARE for as well as have a SOLUTION to problems that are KNOWN to be PROBABILITIES (not just possibilities) makes the supposed experts involved look completely inept

actual morons

none should be at the position they are. not in charge of a play pen full of puppies, much less a nation

one is a mistake, THIS is turning into a PERPETUAL PATTERN

that was just first paragraph, so gonna need a bit more reason and explanation to blanket discount the WHOLE narrative ...

thanks in advance


PS and know this, if you cross me? i WILL go get your hat just fyi

so to be CLEAR you are saying the following points have NO merit?

I'm saying there's no clear outcome, there's no actionable items....I'm not discounting the veracity of the information; more the format of it...


This was a big "hack" but it only effected our unclassified networks.. which we almost don't even care about.

there's a lot of hype right now..



it is PAST the deadline ... have you heard NOTHING of this TargetT?

its a deadline with almost no consequences... there's nothing happening here but some talking; that's what I am trying to say.


we really need that report published.

so to be CLEAR you are saying the following points have NO merit?

I'm saying there's no clear outcome, there's no actionable items....I'm not discounting the veracity of the information; more the format of it...


This was a big "hack" but it only effected our unclassified networks.. which we almost don't even care about.

there's a lot of hype right now..



it is PAST the deadline ... have you heard NOTHING of this TargetT?

its a deadline with almost no consequences... there's nothing happening here but some talking; that's what I am trying to say.


we really need that report published.

ok ... got it

then you misunderstood the initial question

i was not asking about the format, i was specifically asking about the veracity of the information

so thanks for your response

:flower:

(and your hat remains safe .... for now ... (wink))

Questions:


If there is a cyberpandemic, what will be the new protocols? For example, during COVID, they are "Wear a Mask", "Shelter in Place", "Get the Vaccine", etc.


If the blame for the cyber attack is the Russians, what is the agenda (not the main one, but one of many agendas) against the Russians and how will it play out? Will there be war with Russia? Trade wars, sanctions, etc??? Will a large number of Amercans, especially those who aren't behind behind the Biden/CNN/Bilderberg agenda going to dissent, and will that lead to civil war? (In other words, our own opposition to the NWO will be come part of the NWO's desired chaos plan.)


If the internet, media broadcasting, and other forms of communication are disrupted (due to hacking or failure of the power grid), how do everyday humans communicate with each other? How does the media communicate with us (to give us our mind control and programming)?

so to be CLEAR you are saying the following points have NO merit?

I'm saying there's no clear outcome, there's no actionable items....I'm not discounting the veracity of the information; more the format of it...


This was a big "hack" but it only effected our unclassified networks.. which we almost don't even care about.

there's a lot of hype right now..



it is PAST the deadline ... have you heard NOTHING of this TargetT?

its a deadline with almost no consequences... there's nothing happening here but some talking; that's what I am trying to say.


we really need that report published.

TargetT, if i may please, just one more question i'd like to press you to answer:


are you familiar with SolarWinds? are they friendly? neutral? or suspect?

and if you could say whether this is based on facts you are aware of (whether or not you are at liberty to disclose) OR subjective feelings?

i do not discount subjective feelings, coming from someone expert in a field in particular, sometimes they are MUCH more accurate than what is put on paper and disclosed ... the opinion of people like you or Bill, for example, for me? holds much weight, so just wondering is all

i'm going to research, and knowing what your opinion is will save me much time and point me in right direction.

Secondly, the report ... you say we need it published ... does that mean you think they will tell us the truth when they do?

thanks, as always!

are you familiar with SolarWinds? are they friendly? neutral? or suspect?


I worked with that software for years, they appear to be a victim in this situation... the key point to all of this is HOW did the update patch get a signed certificate when it included malware, I'd guess infiltration of the company itself (which we know is a big part of the CCP strategy).


Focus on that IMO.. that's where / how this all started (or at least the major inflection point)


Solarwinds is not like Dominion, I don't think looking into their board etc will give you much (unlike looking into dominion's board... which gives a lot of interesting connections).


Questions:
If there is a cyberpandemic, what will be the new protocols? For example, during COVID, they are "Wear a Mask", "Shelter in Place", "Get the Vaccine", etc.


I don't see any information based on this current situation that indicates something "bad" will happen; even this (solarwinds compromise) was just "alarming" not super dangerous for the most part

Wall Street Journal headline today “US Cyberattack Suggests More Sophisticated Hack” (unfortunately behind paywall). Article blames Russia, with no evidence. Admits at least 18,000 companies involved. Second article “Senators Ask IRS for Briefing On Solar Winds Breach” not only as they concerned about taxpayer data, but article mentions “US Treasury department..was breached in the hack...also the State Department and Office of Homeland Security”

I find all this intriguing in light of the Ice Age Farmers video, and also Kerry Cassidy’s latest update ( no source given) about the Internet being taken down for 10 days to facilitate a Trump government takeover. Perhaps the hack is the pretext?

Perhaps the hack is the pretext?

i GUARANTEE you ...

the hack WILL BE the "pretext" for MUCH of the distraction we will be blasted with to come ...

I find all this intriguing in light of the Ice Age Farmers video, and also Kerry Cassidy’s latest update ( no source given) about the Internet being taken down for 10 days to facilitate a Trump government takeover. Perhaps the hack is the pretext?

"the internet" cannot be taken down.. that's ridiculous, it's not designed with any single point of failure and the US does not own the root DNS (https://securitytrails.com/blog/dns-root-servers) (domain name service, basically a phone book that translates www.prjectavalon.net to 10.10.10.11 (as an example)) as of a couple years ago... so we can't even "break the phone book".

The best that could be done is break the "phone book" but there are a ton of other DNS's out there etc....

saying "turn of the internet" is like saying "drain the oceans".... where would you even start?

Jeffrey Prather on Solar winds go to the 19.26 min mark https://www.youtube.com/watch?v=mfbxX_S7V3s

Thanks TargeT! I like hearing from Avalon members who can clarify some of the massive amounts of info and disinfo floating about.

Wall Street Journal headline today “US Cyberattack Suggests More Sophisticated Hack” (unfortunately behind paywall). Article blames Russia, with no evidence.

The article contains a nice big photo of Russia’s Foreign Intelligence Service in Moscow. Just putting the article there and making the accusation is enough for some people.

I may not be a hacker myself, but I can get behind the WSJ paywall, so here you are:

Hack Suggests New Scope, Sophistication for Cyberattacks
Suspected Russian hack involving SolarWinds software that compromised parts of the U.S. government was executed on a scale that has surprised even veteran security experts


By Dustin Volz and Robert McMillan
Updated Dec. 17, 2020 10:35 pm ET
Article found behind a paywall here https://www.wsj.com/articles/hack-suggests-new-scope-sophistication-for-cyberattacks-11608251360

The suspected Russian hack that compromised parts of the U.S. government was executed with a scope and sophistication that has surprised even veteran security experts and exposed a potentially critical vulnerability in America’s technology infrastructure, according to investigators.

As the probe continues into the massive hack—which cast a nearly invisible net across 18,000 companies and government agencies—security specialists are uncovering new evidence that indicates the operation is part of a broader, previously undetected cyber espionage campaign that may stretch back years.

The attack blended extraordinarily stealthy tradecraft, using cyber tools never before seen in a previous attack, with a strategy that zeroed in on a weak link in the software supply chain that all U.S. businesses and government institutions rely on—an approach security experts have long feared but one that has never been used on U.S. targets in such a concerted way.

Inside the Hack
The hackers used what’s called a supply chain attack, exploiting SolarWinds management software updates to put malicious code on the targets’ servers.

https://i.imgur.com/jaXnQL6.jpg

The hackers used the digital equivalent of a spy’s disguise to blend in with the flood of data flowing through government and corporate networks and remain undetected. They snatched up years-old but abandoned internet domains and repurposed them for hacking, and they named their software to mimic legitimate corporate tools. Most devastatingly, they sneaked their malicious code into the legitimate software of a trusted software maker—an Austin-based company called SolarWinds Corp. and its software called Orion.

The Cybersecurity and Infrastructure Security Agency tasked with protecting U.S. networks, in an alert Thursday, said it had evidence that the hackers have managed to break into computer networks using bugs other than the SolarWinds software. The alert labeled the hack a “grave threat” to compromised victims, which it said include multiple government agencies, critical infrastructure entities and private sector companies.

Hours later, the National Security Agency, America’s top cyberspy organization, issued a broader warning to defense agencies and contractors about vulnerabilities such as those exposed by the SolarWinds attack. Hackers, it said, were finding ways to forge computer credentials to gain wider access across networks and steal protected data stored on in-house servers and cloud data centers. The approach, the NSA said, may have been used in an attack on VMware Inc. software used in national security circles that the spy agency warned about earlier this month.

Government officials and cybersecurity experts have concluded that Russia is likely responsible for the hack, in part due to the extreme skill involved as well as other classified clues, according to people familiar with the matter. At least two senators who have received briefings in recent days have openly referred to it as a Russian operation. Moscow has denied responsibility.

Government officials and lawmakers are still working to understand the full consequences of the hack, which is viewed as a classic but highly successful attempt to spy on internal communications and steal information that could be valuable to Moscow’s intelligence agencies. It isn’t considered a destructive attack that damaged or shut down computer systems, as some major cyberattacks have done in the past

Cybersecurity company FireEye Inc. says private sector customers across the globe likely have been impacted. Investigators say that the bulk of the companies affected by the attack are based in the U.S. and Western Europe. No foreign governments have announced compromises of their own systems. A former senior British intelligence official said Western governments other than the U.S. expect to find evidence of compromises in their systems in the coming weeks.

The SolarWinds attack so eluded U.S. security measures that it was discovered not by intelligence officials but, almost accidentally, thanks to an automated security alert sent in recent weeks to an employee at FireEye, which itself had been quietly compromised.

The warning, which was also sent to the company’s security team, told the employee of FireEye that someone had used the employee’s credentials to log into the company’s virtual private network from an unrecognized device—the kind of security message that corporate workers routinely delete. Had it not triggered scrutiny from FireEye executives, the attack would likely still not be detected, officials say.

The stealth of the attack has slowed efforts to determine how far-reaching the cyber intrusion has been, and new revelations have emerged daily. On Thursday, the Energy Department said its business networks had been compromised. Mission critical national security functions, including those of the National Nuclear Security Administration, haven’t been impacted, a department spokeswoman said.

While U.S. government agencies were clearly a target, Microsoft Corp. released research Thursday showing that of the more than 40 customers it had identified as victims of the SolarWinds hack, 44% were IT services companies. While 80% of the victim companies were based in the U.S., Microsoft said that targets were also hit in the U.K., Canada, Mexico, Belgium, Spain, Israel and the United Arab Emirates.

Taken together, the information investigators have uncovered indicates the suspected Russia hacking operation is more widespread than even feared just days ago, with the hallmarks of a historic espionage campaign.

Some security experts now believe there are clues to suggest preparations for the attack may date back four years.

The hackers found their way into the Department of Homeland Security, the sprawling State Department, the Treasury and Commerce departments and others, according to people familiar with the matter. As many as 18,000 companies downloaded the malicious SolarWinds update. Investigators suspect the hackers likely burrowed into dozens or perhaps hundreds using the flaw, due to the resources and time required to quietly infiltrate a network.

But because it went undetected for so long and due to the expertise of the hackers, thousands of potential victims may never be able to know for sure whether they were compromised, security experts say.

“It’s very broad in scope, and potentially very damaging to our economic security,” said J. Michael Daniel, chief executive of the Cyber Threat Alliance, an industry information-sharing group, and the former White House cybersecurity coordinator in the Obama administration. “It’s going to take a long time to figure out the full scope and extent of the damage, and it’s probably going to cost a lot of money to fix.”

It’s also a black eye for the U.S. intelligence community, which spent much of the year worrying about a hack by Russia or others targeting the U.S. presidential election and was in a celebratory mood when that didn’t occur. The actual attack ended up with a different target—government and corporate networks—and went undetected and discovered almost by luck by FireEye and not government security agencies.

The warning about the login attempt set off a red alert at the cyber vendor, which is charged with helping to protect the networks of some of the biggest companies. FireEye put more than 100 cyber sleuths on the job out of its roughly 3,400 total staff. Trained to investigate breaches at other companies, they now found themselves scouring the company’s own networks.

“It came in crisp and clean,” FireEye Chief Executive Kevin Mandia said of the apparent intrusion. “After years of responding to breaches, years of just understanding the details, something felt different about this one.”

Charles Carmakal, senior vice president of FireEye’s incident response unit, led the company’s investigation. Early into the process, Mr. Carmakal said he realized the company was contending with one of the most advanced and disciplined hacking groups he had ever seen.

Among the worrying signs, the attacker seemed to have an understanding of the red flags that typically help companies like FireEye find intrusions, and they navigated around them: They used computer infrastructure entirely located in the U.S.; and they gave their systems the same names used by real FireEye employee systems, an unusually adept tactic designed to further conceal the hackers’ presence.

More alarmingly, FireEye, other security companies and partners in the intelligence community and law enforcement could find no evidence linking that infrastructure to attacks on other victims. Hackers, even good ones, often reuse their cyber tools because doing so is easier, cheaper and faster.

The laser focus made the attack harder to detect, FireEye and others said. Mr. Mandia likened the activity to “a sniper round through a bulletproof vest.”

Once they noticed suspicious activity emanating from SolarWinds’ Orion product, the company’s malware analysts scoured some 50,000 lines of code in search for “a needle in a stack of needles,” Mr. Carmakal said, eventually spotting a few dozen lines of suspicious code that didn’t appear to have any reason to be there. Further analysis confirmed it as the source of the hack.

On Saturday, the company notified SolarWinds, the software vendor that had unwittingly sent out contaminated software since March, about its discovery, and updated the U.S. government. “We mobilized our incident response team and quickly shifted significant internal resources to investigate and remediate the vulnerability,” SolarWinds said Thursday.

SolarWinds said it released a quick fix that patched the security issue for customers this week. But experts have warned that merely cutting off the access point for hackers won’t guarantee their removal, especially because they would have used their time inside those networks to further conceal their activity.

While intelligence officials and security experts generally agree Russia is responsible, and some believe it is the handiwork of Moscow’s foreign intelligence service, FireEye and Microsoft, as well as some government officials, believe the attack was perpetrated by a hacking group never seen before, one whose tools and techniques had been previously unknown.


https://i.imgur.com/PabkHkY.jpg?1
Satellite imagery of Russia’s Foreign Intelligence Service in Moscow, in 2019


“We were lucky to catch them when we did,” said Glenn Gerstell, the former general counsel of the National Security Agency. Despite powerful espionage capabilities and a commitment to persistently monitoring what foreign hackers are doing overseas, legal restrictions make U.S. intelligence agencies ill-suited to follow capable adversaries who set up camp on domestic computer infrastructure, as the SolarWinds hackers did, Mr. Gerstell said.

The complexity and broad success of the SolarWinds hack represents a new frontier for cybersecurity, but the technique of using a trusted software provider as a Trojan Horse to break into one of its customers has been used before. In 2017 hackers also linked to Russia put malicious software in an obscure Ukrainian tax program leading to a world-wide outbreak of the destructive software known as NotPetya. FedEx Corp. later said that the incident cost the company $400 million. Another victim, Merck & Co. put the cleanup price tag at $670 million.

With the SolarWinds attack, stealth and not destruction was the priority. This allowed it to go undetected for so long, and it also showed how far hackers could go by gaining access to the software development tools of a medium-size company with footholds in the networks of the U.S. government and Fortune 500 companies.

How the hackers gained access to SolarWinds systems to introduce the malicious code is still uncertain. The company said that its Microsoft email accounts had been compromised and that this access may have been used to glean more data from the company’s Office productivity tools.

Key building blocks for the SolarWinds hack were being put in place already last year when the hackers acquired internet domains that would serve as outside launching points for its attack, according to Joe Slowik, a researcher with threat intelligence company DomainTools LLC. Once installed, the malicious software connected to a server located on these domains that allowed them to launch further attacks against the SolarWinds customers and to steal data.

The cybersecurity firm Volexity Inc. has traced the actions of the SolarWinds hackers back at least four years, according to Steven Adair, the company’s president.

In July, he investigated a break in at a think tank, which he declined to name, that was using SolarWinds software. The think tank had been under attack for four years as hackers attempted to read the emails of specific employees, Mr. Adair said. The first time they gained access, they used an unknown method; the second time they took advantage of a bug in Microsoft Exchange software. When FireEye publicly released its SolarWinds findings on Sunday, Mr. Adair said he knew “within seconds” that it was related to the incident he had investigated in the summer.

FireEye has fielded calls in recent days from customers who believe they have been infiltrated by the same hackers even though they never installed SolarWinds software on their networks, according to Mr. Carmakal.

“It would be foolish for us to think that the only technique that they have to break in organizations is SolarWinds,” Mr. Carmakal said. “As we continue our investigation, we may find that there is a different avenue the attacker used to gain access to those organizations.”

Questions:
If there is a cyberpandemic, what will be the new protocols?

I don't see any information based on this current situation that indicates something "bad" will happen; even this (solarwinds compromise) was just "alarming" not super dangerous for the most part

I hope you are correct about that one Target. What the fear mongerers at The Washington Post and The Wall Street Journal are saying is that the update from SolarWinds has done is create a back door so that hackers can get into the system. While SolarWinds has shipped a patch that has fixed the problem, the time window in between has allowed hackers to make other changes to the system so that they can get into it later. I am not convinced that this isn't a catastrophe.

No pun intended - really - I am a patient person. I am surprised, that so many people are not fed up with all of this crap.

But I suppose that so many people just don't get it.

The media constantly reports "the rise in cases" but we know that the tests are faulty. But people get stuck at the number of cases and ignore the small number of deaths. (And we have to consider how many of those deaths reported were really due to covid.)

Now they are saying that even if you get the vaccine, it doesn't change things - you still need to wear a mask and social distance, and do not travel.

So now they have to throw something else at us. We knew they were going to, but most of the sheeple didn't.

Even so, when is enough going to be enough? Probably never. I expect that the people will allow themselves to be led to "wherever" they want to lead them.


It really is sad and pathetic that so many people are sheeple.

I have very little patience left for them. And that makes me sad.


If I had enough money, I would buy a large island somewhere and call it Avalon Island - you would all be welcome. And also any of the sheeple that are willing to open their eyes a bit. Of course, if they didn't they wouldn't come in the first place. :)

Hello Canada.
Stiff upper lip, keep the faith, press on Macduff and all that stuff. I had no intention of replying to this post because I share some of your sentiments and I felt very sad when I first read it. If I try to correct some of the programing among friends and family I am often called insane or stupid or any of the usual labels that we tend receive. I decided to make some tea and lo and behold, synchronicity. As I was passing my wife, there on her ipad was a picture of myself on Twitter. I asked her what it was about and she showed me the thread which read "People that most influenced my life". I remembered a kid who kept asking me questions twenty years ago and I did not realize that I had any impression on him. When I came back to my computer, your post was still there. I decided to reply to your post.
I think we must all strive to do our little bit, after all, eight bits make a Byte. LOL. I am reminded by the words of Francis Bacon (or was that Shakespeare) who said: "All the world's a stage and all the men and women merely players", etc.
Love to all and keep up the good work.

P.S. Remember to invite me to your island. I love to fish and will help to feed everyone.

When I first thought of an Island, I thought of the pacific northwest. The beauty of the trees and land never leaves you once you have experienced it.

But then I thought of how often it rains there and thought - to heck with that, it would have to be a southern tropical island for sure.

So keep your eyes and ears open for us! ;)

Questions:
If there is a cyberpandemic, what will be the new protocols?

I don't see any information based on this current situation that indicates something "bad" will happen; even this (solarwinds compromise) was just "alarming" not super dangerous for the most part

I hope you are correct about that one Target. What the fear mongerers at The Washington Post and The Wall Street Journal are saying is that the update from SolarWinds has done is create a back door so that hackers can get into the system. While SolarWinds has shipped a patch that has fixed the problem, the time window in between has allowed hackers to make other changes to the system so that they can get into it later. I am not convinced that this isn't a catastrophe.

Yes, there is always a back door. Built by ego.

I had written a larger post, but erased it because I realized that I could be contributing information to someone on the wrong team. I am not a programmer, but I have worked with them. They are human.

I once worked with a company that had eight walls (levels) of security to protect its intellectual property. It was good. But it could easily be walked through by one person on the inside. Programmers write the code that is on the inside - hacking will always be a threat.

I think this is a good example for people to realize that the more we rely on machines and tech, the more vulnerable we leave ourselves.

Questions:
If there is a cyberpandemic, what will be the new protocols?

I don't see any information based on this current situation that indicates something "bad" will happen; even this (solarwinds compromise) was just "alarming" not super dangerous for the most part

I hope you are correct about that one Target. What the fear mongerers at The Washington Post and The Wall Street Journal are saying is that the update from SolarWinds has done is create a back door so that hackers can get into the system. While SolarWinds has shipped a patch that has fixed the problem, the time window in between has allowed hackers to make other changes to the system so that they can get into it later. I am not convinced that this isn't a catastrophe.

Yes, there is always a back door. Built by ego.

I had written a larger post, but erased it because I realized that I could be contributing information to someone on the wrong team. I am not a programmer, but I have worked with them. They are human.

I once worked with a company that had eight walls (levels) of security to protect its intellectual property. It was good. But it could easily be walked through by one person on the inside. Programmers write the code that is on the inside - hacking will always be a threat.

I think this is a good example for people to realize that the more we rely on machines and tech, the more vulnerable we leave ourselves.

we are really good at what we do... I work on 4 networks... only 1 is unclass...

so expand from there and see how small this is?

we don't have levels of security... we have physical separation with advanced obfuscation … this is known and documented... so what happened with solarwinds should be easily understood as minimal... due to our compartmentalization...

we are being shown a fake boogyman... and I'm sure it's meant to be something political and to advance the fear propaganda.

No pun intended - really - I am a patient person. I am surprised, that so many people are not fed up with all of this crap.

But I suppose that so many people just don't get it.

The media constantly reports "the rise in cases" but we know that the tests are faulty. But people get stuck at the number of cases and ignore the small number of deaths. (And we have to consider how many of those deaths reported were really due to covid.)

Now they are saying that even if you get the vaccine, it doesn't change things - you still need to wear a mask and social distance, and do not travel.

So now they have to throw something else at us. We knew they were going to, but most of the sheeple didn't.

Even so, when is enough going to be enough? Probably never. I expect that the people will allow themselves to be led to "wherever" they want to lead them.


It really is sad and pathetic that so many people are sheeple.

I have very little patience left for them. And that makes me sad.


If I had enough money, I would buy a large island somewhere and call it Avalon Island - you would all be welcome. And also any of the sheeple that are willing to open their eyes a bit. Of course, if they didn't they wouldn't come in the first place. :)

Hello Canada.
Stiff upper lip, keep the faith, press on Macduff and all that stuff. I had no intention of replying to this post because I share some of your sentiments and I felt very sad when I first read it. If I try to correct some of the programing among friends and family I am often called insane or stupid or any of the usual labels that we tend receive. I decided to make some tea and lo and behold, synchronicity. As I was passing my wife, there on her ipad was a picture of myself on Twitter. I asked her what it was about and she showed me the thread which read "People that most influenced my life". I remembered a kid who kept asking me questions twenty years ago and I did not realize that I had any impression on him. When I came back to my computer, your post was still there. I decided to reply to your post.
I think we must all strive to do our little bit, after all, eight bits make a Byte. LOL. I am reminded by the words of Francis Bacon (or was that Shakespeare) who said: "All the world's a stage and all the men and women merely players", etc.
Love to all and keep up the good work.

P.S. Remember to invite me to your island. I love to fish and will help to feed everyone.

When I first thought of an Island, I thought of the pacific northwest. The beauty of the trees and land never leaves you once you have experienced it.

But then I thought of how often it rains there and thought - to heck with that, it would have to be a southern tropical island for sure.

So keep your eyes and ears open for us! ;)

i almost bought one, i found the absolute perfect place with a little 2 bedroom house furnished already and solar panels and water system, a tiny private beach, party shack and a little canoe too! the best part is it had lots of food growing on it too, including ... are you ready? .... COFFEE!!! yay!!

the ONLY drawback was what it was named after ... the dove ... and they were there .. the sound of the dove song haunts me for personal reasons ... birds are one of the means the universe likes to use to communicate with me ... and don't want to talk about it ....

it was totally affordable too ... the house i bought instead was not much less than what it sold for ... price of a shack in California ... so there ARE deals out there ...

anyway ... have a look

https://www.dailymail.co.uk/travel/travel_news/article-2932803/Own-private-island-oasis-Panama-Caribbean-Sea-400-000.html

someone did a pdf!


https://islepalomapanama.files.wordpress.com/2016/03/isla-paloma-1.pdf

we could always do a communal thing too, and set up our own charter that forbids any BIDEN from ever setting foot on the land!

I find all this intriguing in light of the Ice Age Farmers video, and also Kerry Cassidy’s latest update ( no source given) about the Internet being taken down for 10 days to facilitate a Trump government takeover. Perhaps the hack is the pretext?

"the internet" cannot be taken down.. that's ridiculous, it's not designed with any single point of failure and the US does not own the root DNS (https://securitytrails.com/blog/dns-root-servers) (domain name service, basically a phone book that translates www.prjectavalon.net to 10.10.10.11 (as an example)) as of a couple years ago... so we can't even "break the phone book".

The best that could be done is break the "phone book" but there are a ton of other DNS's out there etc....

saying "turn of the internet" is like saying "drain the oceans".... where would you even start?

Though a bill was tabled in the US with an internet 'kill switch' proposal..It didn't pass but would you trust them to not just go ahead and do it anyway?



Proposed Protecting Cyberspace as a National Asset Act of 2010

Main article: Protecting Cyberspace as a National Asset Act

On June 19, 2010, Senator Joe Lieberman (I-CT) introduced the Protecting Cyberspace as a National Asset Act,[4] which he co-wrote with Senator Susan Collins (R-ME) and Senator Thomas Carper (D-DE). If signed into law, this controversial bill, which the American media dubbed the kill switch bill, would have granted the President emergency powers over the Internet. Other parts of the bill focused on the establishment of an Office of Cyberspace Policy and on its missions, as well as on the coordination of cyberspace policy at the federal level.

The American Civil Liberties Union (ACLU) criticized the scope of the legislation in a letter to Senator Lieberman signed by several other civil liberty groups.[5] Particularly, they asked how the authorities would classify what is critical communications infrastructure (CCI) and what is not, and how the government would preserve the right of free speech in cybersecurity emergencies. An automatic renewal provision within the proposed legislation would keep it going beyond thirty days. The group recommended that the legislation follows a strict First Amendment scrutiny test.

All three co-authors of the bill subsequently issued a statement claiming that the bill "[narrowed] existing broad Presidential authority to take over telecommunications networks",[6] and Senator Lieberman contended that the bill did not seek to make a 'kill switch' option available ("the President will never take over – the government should never take over the Internet"),[6] but instead insisted that serious steps had to be taken in order to counter a potential mass scale cyber attack. The Protecting Cyberspace as a National Asset Act of 2010 expired at the end of the 2009–2010 Congress without receiving a vote from either chamber.[7]

https://en.wikipedia.org/wiki/Internet_kill_switch

I find all this intriguing in light of the Ice Age Farmers video, and also Kerry Cassidy’s latest update ( no source given) about the Internet being taken down for 10 days to facilitate a Trump government takeover. Perhaps the hack is the pretext?

"the internet" cannot be taken down.. that's ridiculous, it's not designed with any single point of failure and the US does not own the root DNS (https://securitytrails.com/blog/dns-root-servers) (domain name service, basically a phone book that translates www.prjectavalon.net to 10.10.10.11 (as an example)) as of a couple years ago... so we can't even "break the phone book".

The best that could be done is break the "phone book" but there are a ton of other DNS's out there etc....

saying "turn of the internet" is like saying "drain the oceans".... where would you even start?

Though a bill was tabled in the US with an internet 'kill switch' proposal..It didn't pass but would you trust them to not just go ahead and do it anyway?



Proposed Protecting Cyberspace as a National Asset Act of 2010

Main article: Protecting Cyberspace as a National Asset Act

On June 19, 2010, Senator Joe Lieberman (I-CT) introduced the Protecting Cyberspace as a National Asset Act,[4] which he co-wrote with Senator Susan Collins (R-ME) and Senator Thomas Carper (D-DE). If signed into law, this controversial bill, which the American media dubbed the kill switch bill, would have granted the President emergency powers over the Internet. Other parts of the bill focused on the establishment of an Office of Cyberspace Policy and on its missions, as well as on the coordination of cyberspace policy at the federal level.

The American Civil Liberties Union (ACLU) criticized the scope of the legislation in a letter to Senator Lieberman signed by several other civil liberty groups.[5] Particularly, they asked how the authorities would classify what is critical communications infrastructure (CCI) and what is not, and how the government would preserve the right of free speech in cybersecurity emergencies. An automatic renewal provision within the proposed legislation would keep it going beyond thirty days. The group recommended that the legislation follows a strict First Amendment scrutiny test.

All three co-authors of the bill subsequently issued a statement claiming that the bill "[narrowed] existing broad Presidential authority to take over telecommunications networks",[6] and Senator Lieberman contended that the bill did not seek to make a 'kill switch' option available ("the President will never take over – the government should never take over the Internet"),[6] but instead insisted that serious steps had to be taken in order to counter a potential mass scale cyber attack. The Protecting Cyberspace as a National Asset Act of 2010 expired at the end of the 2009–2010 Congress without receiving a vote from either chamber.[7]

https://en.wikipedia.org/wiki/Internet_kill_switch

This is an interesting issue, since nobody own the internet, how could possibly have a kill switch?

Take a look here https://www.submarinecablemap.com/
All these companies (more than 400) have their own physical infrastructure to provide communication through under sea cables.

To know in more details how this monster works, I suggest look into: Internet exchange points, network access points, interconnection agreements (peering agreements), Border Gateway Protocol (BGP), Tier 1 networks (e.g. Tata Communications and Telecom Italia, NTT, GTT, etc), Tier 2 (points of presence, large ISPs, purchase of some traffic), Tier 3 (purchase traffic to participate on the internet, include smaller ISPs).

The internet does not rely on central control, let's assume this US bill impact Tier 3 networks.. it would cut off access to general public (homes, business, schools, etc..), but anyone connecting directly to a Tier 1 or Tier 2 networks would have normal access. A business could purchase a Tier 1 access if necessary and business demand it.

For a global internet blackout, it would be necessary to all governments have a similar bill and act together, and what about all those tech companies that own the submarine cables? Would they agree to go broke? because some dude in the congress want to shutdown the internet?

I would take it with a pinch of salt.

Just pointing out, there is a lot at stake. I will say it once again "most politicians are IT illiterate."

Worst scenario: if it really happens (I doubt it), then mesh networks would be a very cool replacement, we already have hundreds of communities connected using it.

https://twitter.com/realDonaldTrump/status/1340333618691002368?s=20

Re: The Cyberpandemic has Begun: SolarWinds + FireEye... Anything can happen now

No pun intended - really - I am a patient person. I am surprised, that so many people are not fed up with all of this crap.

But I suppose that so many people just don't get it.

The media constantly reports "the rise in cases" but we know that the tests are faulty. But people get stuck at the number of cases and ignore the small number of deaths. (And we have to consider how many of those deaths reported were really due to covid.)

Now they are saying that even if you get the vaccine, it doesn't change things - you still need to wear a mask and social distance, and do not travel.

So now they have to throw something else at us. We knew they were going to, but most of the sheeple didn't.

Even so, when is enough going to be enough? Probably never. I expect that the people will allow themselves to be led to "wherever" they want to lead them.


It really is sad and pathetic that so many people are sheeple.

I have very little patience left for them. And that makes me sad.


If I had enough money, I would buy a large island somewhere and call it Avalon Island - you would all be welcome. And also any of the sheeple that are willing to open their eyes a bit. Of course, if they didn't they wouldn't come in the first place.


One thing I noticed is that whenever people in each of the democrat led states don't do what the governors want (or whatever), SUDDENLY the cases of covid goes up by the tens of thousands. Never fails. And then that locks everyone back down again. WITHOUT QUESTION! Why are they so obedient?

I disobey whenever I can... :becky:

https://twitter.com/realDonaldTrump/status/1340333618691002368?s=20


Hes speaking about an out right attack on the us gov by china... not the effectiveness of that attack... the real issue here is that we are very close to some sort of declared conflict due to nation state sponsored hacking...

This is big and its not Russia (well, not majorly Russia anyway)

and of course, biden is a china proxy, so thats a part of it too.

Mike Adams' latest Situation Update, just published. A few aspects of his speculation are almost certainly too extreme. But there's a lot of information in there, and some of the dots he joins are probably correct.

And of course, this is China, and not Russia.


https://brighteon.com/2d257921-0390-4cbb-92f8-b1eb09a8d301

And of course, this is China, and not Russia.



this video covers how china has been infiltrating the west for years now... from the "honey pot" sex spies to troop training in canada... it's pretty insane how far it's gone.

Es-J_LKFfRI

Miller Weaver of Shadowgate fame has some relevant insights in the last Dark Journalist interview:
https://www.youtube.com/watch?v=awMywOxvEB4&fbclid=IwAR3a9Q0Qz_QGE0FMIdt8aWkvD-RjdwkdKH95DOu7eGfkRQef4w7jwKahsCs
Also posted here: https://projectavalon.net/forum4/showthread.php?102135-Dark-Journalist-Joseph-Farrell-UFO-X-Factor-Black-Budget-Secret-Space-Network-16-March-2018&p=1397582&viewfull=1#post1397582

LIVE : Billionaire Exposes America's Hidden Trojan Horse; Trump to name Powell as special counsel?
32,325 views•Streamed live 2 hours ago
Wide Angle with Brendon Fallon
86.2K subscribers

"Patrick Byrne is an investigative journalist and also the billionaire founder of Overstock, one of America's well-known internet retailers. Through his research, he’s not only found that the Chinese Communist Party intervened in the election, but also emphasizes that the election fraud was the Chinese Communist Party’s "assassin's mace" to take out the United States with one stroke. His revelations run deeper though, to the pre-Trump White House, and if ultimately proved true, expose the highest reaching corruption and subversion of the U.S. Republic imaginable. You judge for yourself!
This week has produced deepening evidence of the Chinese Communist Party interference in the US election, including reporting and warnings from such official channels as the Director of National Intelligence and Homeland Security. Yet mainstream media, while largely deflecting these realities, went into overdrive coverage of Trump’s supposed meeting on martial law plans. For our second half, we give some thought to their motives and further coverage of the very real national security threats their focus would be better directed toward. "

EVyfhcYypHs