The Iranian threat that went unreported

First, the why:

Statue of Soleimani unveiled in Lebanon complete with drumroll

And the threat:

Chilling audio reveals threat to fly a plane into the Capitol building on the day Congress confirms Joe Biden’s win to ‘avenge’ the death of Iranian military commander Qassem Soleimani

A terrifying message threatening to fly a plane into the Capitol building to avenge the death of Iranian general Qassem Soleimani was broadcast on air traffic control frequencies on Monday afternoon.

The FBI and FAA are investigating the message that was heard by multiple air traffic controllers in New York, according to CBS

The threat, delivered via a digitized voice, said: ‘We are flying into the Capitol Wednesday. Soleimani will be avenged.’

Congress plans to confirm Joe Biden’s win at the Capitol on Wednesday. 

The threat was made almost one year to the day after the death of Soleimani, who was killed in a U.S. drone strike ordered by President Donald Trump.

It is not yet clear who sent the message and the threat is not believed to credible, CBS reports, but the Pentagon and other agencies were briefed on Tuesday. 

Yucki adds these links:

Besa centre: US and Israel prepare for Iranian ‘revenge’

Jewish Press: Dr. Kedar and preparations for ‘revenge’

 

 

Brad Johnson on China as the first second and third most existential threat to the USA (and the West)

(The connection was sub optimal that day so there was some drop outs and other issues which are not detracting from the message but make it a bit annoying at times.)

Nigel Farage adds a few words about China

Brad Johnson: “We are at war with China in all ways except actual shooting”

This interview was recorded on December 16, 2020 but was just edited and published now. There is not a word that is outdated however.

Here is the segment CBC posted back when it was not fully the voice of the COMINTERN and had some interests in the existence of Canada as a polity separate from communist China. A small part of this I edited into the Brad Johnson interview.

Below, China Uncensored video from December 28 2020 on Canada’s pro-China deep state (Anti-state is a much better word for it)

Curious article on arrests and NATO cyber-hacking in Italian news

Thank you Gary for the translation:

From the image below:

Defense in the Crosshairs

A hacker at Leonardo arrested . Worked for NATO and PM

D’Elia was consultant for the group. Removed 100,000 files. “Sensitive and military data saved” House arrest also for an employee
-by Claudio Antonelli

An “earthquake” in the world of cybersecurity. A raid by the Prosecutor’s (Office) in Naples has resulted in house arrest for an interim consultant and an employee of Leonardo directly employed at the CERT. (Cyber emergency readiness team), The division that is assigned to block hacker intrusions. The accusation by the Public Prosecutor is very serious. It is believed that for two consecutive years, he (penetrated) 33 computers used at the establishment of Pomigliano d’Arco, used by employees of Leonardo and approximately another 60 used from outside or other companies like Alcatel.

“It has emerged, in fact,
Inset: According to the prosecutor a trojan was used in the computers of Pomigliano d’Arco
……that the malicious software , in the statement released by Prosecutor Giovanni Melillo, for a year, the husband of English ambassador, Jill Morris, “acted like a true trojan of new engineering, inoculated through the insertion of a small USB key in the personal computers being spied on, in a way as to automatically forward each action of the operating system.”

In practice, it was possible for the hacker to intercept what was typed on the keyboard of the infected (computer) station and capture the frames, making a sort of screenshot.
The investigations finally have allowed the reconstruction of the “anti-forensic” activity of the attacker, who, connecting it to the command and control center of the website “fujinama”, after downloading the stolen data, remotely cancelled each trace on the compromised machines.

“The informatic attack, thus carried out, according to the reconstruction by the communications police is classified as extremely serious given the persistence and length of time, the statement continues. According to the charges, over 100,000 files are believed to have been taken from just 33 computers, equal to at least 10 gigabytes of data, chiefly from Leonardo.

The company, for its part, has released a statement pointing out that the activity relative to the site of Pomigliano is not of a military nature and that “ classified or strategic data is handled in segregated areas without connectivity, and therefore, not present in the establishment.” According to Verita, in the network of illegal fishing, there is no end of sensitive files for national security, so much that in these months of investigation, the Dis.* (Sistema di Informazione per la Sicurezza della Repubblica) would not have been alerted.

To understand, however, the exact contours of the matter will be difficult Giving the alert was the same giant (Leonardo) led by Alessandro Profumo, reporting (in January 2017) devious flows coming from computers in use at the establishment where they insist that Boeing, for over a year, was interested in a partnership with the Chinese of Comac. Verita is able to reveal that the representative of the company to conduct the investigation was reportedly Antonio Rossi, among the responsible persons at Cert. who, however, has ended up under house arrest charged with corrupting the tests.

Finally, to stir interest from a journalistic point of view, there is the name of another protagonist of the story, as of yesterday, under house arrest with the even heavier charge of illegal access, illegal intercepts, and illicit handling of data. This is Arturo D’Elia, certainly not a novice in the field of cybersecurity. Over the years, he is believed to have worked for several Italian prosecutors’ offices and for other sensitive companies. Like Alenia Aermachi and Alcatel. Now an injured party of the Naples case. In the curriculum of the expert, there are “spicier” jobs. From 2010-2015, he was a consultant for NCI, the government agency of NATO, concerned with cybersecurity, missile defense, and NATO information technology systems spread around the globe. Work that has brought him considerable expertise (or money?) given that he was reportedly tapped in the past with piercing the security of an Alliance site on Italian territory.
If that isn’t enough to comprehend the weight (importance) of D’Elia, it is helpful to take a further step back in his resume to the beginning of his activity.

He himself on Linkedin states that he has lent his consultant services to Afosi. The acronym will not say much to most (people). This is the Air Force Office of Special Investigation, with its base at Quantico. Translated: The counter espionage of American aviation. We don’t have knowledge if what is stated in Linkedin is true. For sure, if D’Elia decided to talk to investigators , he could say a lot about his cyber capacity.

It remains to be understood what caused the sudden acceleration of handcuffs (arrests) in a case initiated almost three years ago. And that it happened at a very delicate moment for the world of Defense and geopolitics in general. Change of presidents beyond the Ocean and Europe confronts a delicate transition destined to modify the (particulars) of numerous bi-lateral relations on four corners of the Continent.

[Some of this doesn’t make perfect sense. If anyone who speaks Italian wishes to add corrections to this, please post them in the comments. Thank you Gary for the work on this.]

Three authoritative articles on the massive attack on Western systems

1. From an excellent source:

2. The Strategic Implications of SolarWinds

(Article from left leaning site, but we are told, this is a good summation. Apparently, ONLY the Penatgon has not been hit.)

Recent reports of a widespread Russian cyber infiltration across U.S. government networks are a sign of how great power competition will play out in the 21st century. The new great power game is digital, with the shadowy alleys and cafes of Cold War spy games replaced by massive data breaches and compromising corporate security. Some strategies see this world as dominated by offensive operations—but the SolarWinds case suggests the opposite. The U.S. Cyber Solarium Commission, on which we served, found that the future of cybersecurity strategy will come to rely on layered cyber deterrence to enable defensive denial operations, international entanglement and cost imposition when aggressors defy the norms of the international system. The SolarWinds hack emphasizes the importance of implementing this strategy. 

It’s simpler to list the agencies that have not been caught up in the SolarWinds infiltration, which was run by Russian hacking group APT29 under the umbrella of the Russian intelligence services, the SVR. So far, only the intelligence community has not been reported to have been breached. 

3. Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations

Summary

This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) version 8 framework. See the ATT&CK for Enterprise version 8 for all referenced threat actor tactics and techniques.

The Cybersecurity and Infrastructure Security Agency (CISA) is aware of compromises of U.S. government agencies, critical infrastructure entities, and private sector organizations by an advanced persistent threat (APT) actor beginning in at least March 2020. This APT actor has demonstrated patience, operational security, and complex tradecraft in these intrusions. CISA expects that removing this threat actor from compromised environments will be highly complex and challenging for organizations.

One of the initial access vectors for this activity is a supply chain compromise of the following SolarWinds Orion products (see Appendix A).

  • Orion Platform 2019.4 HF5, version 2019.4.5200.9083
  • Orion Platform 2020.2 RC1, version 2020.2.100.12219
  • Orion Platform 2020.2 RC2, version 2020.2.5200.12394
  • Orion Platform 2020.2, 2020.2 HF1, version 2020.2.5300.12432

Note (updated December 19, 2020): CISA has evidence that there are initial access vectors other than the SolarWinds Orion platform. Specifically, we are investigating incidents in which activity indicating abuse of SAML tokens consistent with this adversary’s behavior is present, yet where impacted SolarWinds instances have not been identified. CISA is working to confirm initial access vectors and identify any changes to the TTPs. CISA will update this Alert as new information becomes available.

Thank you ML for these materials. 

Germany votes itself out of Democracy, effects felt immediately, as popular doctor is raided by police during Youtube Live stream

First watch this one carefully and pay attention, right to the end please.

Here is a short observation by Hellequin, the translator of the following clip:

This is how must have felt when peoples Home were raided during the Nazi Era.
I really did not expect to live in a time I only heard of from Family, School-teachers, Books and old Hollywood Movies.
I stand chastised……

And about this clip:

Dr. Andreas Noack is one of the most famous and popular experts when it comes to nutrition, nutrients and health.

Dr. Andreas Noack was rumored to be under investigation for not complying with German COVID-19 lockdown laws, but some speculate there could be more to it. The arrest came after the German Parliament passed the “Infection Protection Law’
http://www.shorenewsnetwork.com/2020/11/19/watch-german-anti-lockdown-activist-dr-andreas-noack-arrested-during-livestream/

The police raid during live Youtube broadcast: