Evidence that Russian State Hackers interfered in the US Elections of 2016 is irrefutable. The only real question left is whether the collusion between Chumph Campaign leadership and Putin’s FSB/KGB rises to the level of being a crime. At some point, probably later this year, Independent Counsel Robert Meuller will hopefully provide answers to that with detailed evidence on whatever conclusion his office makes as a result of that information. With the evidence that has been made public so far – there is little doubt that conclusion will be Treason, which is why Putin’s Bitch is so actively researching if he can pardon himself and his kids from criminal prosecution and jail.
The US is under constant attack by the Russians, most recently in Vermont where Russian FSB/KGB penetrated the power grid, and two weeks ago while Chumph and Putin palled around affectionately at the G20, Russian hackers went after US Nuclear Plants.
The US Government response to this? Not much, other than to bunker-up against the security flaws identified by the Russian attacks. Patch and defend. Chumph won’t allow any sort of retaliation and or crackdown against his Russian allies. Leaving America vulnerable and at the mercy of Russian spies and agents.
So what is left?
Shutting down Russian Cyber-spy operations by responsible American corporations. And yes, that option is limited by laws which Putin’s FSB/KGB doesn’t have to follow. So it is a bit like a one-armed boxer entering the ring.
Microsoft has taken the lead, and since December has been busily chopping away at the apparatus of one of the most egregious Russian Government spy operations – Fancy Bear.
Here is hoping other companies join the fight, because at this point our National Security infrastructure largely has their hands tied by politics in the New Cold War.
One would hope some patriotic corporation or entity would assist in developing an organization or effort by our non-governmental Black Hats to take these Putin fuckers down.
Microsoft is going after Fancy Bear, the Russian hacking group that targeted the DNC, by wresting control of domain names controlled by the foreign spies.
A new offensive by Microsoft has been making inroads against the Russian government hackers behind last year’s election meddling, identifying over 120 new targets of the Kremlin’s cyber spying, and control-alt-deleting segments of Putin’s hacking apparatus.
How are they doing it? It turns out Microsoft has something even more formidable than Moscow’s malware: Lawyers.
Last year attorneys for the software maker quietly sued the hacker group known as Fancy Bear in a federal court outside Washington DC, accusing it of computer intrusion, cybersquatting, and infringing on Microsoft’s trademarks. The action, though, is not about dragging the hackers into court. The lawsuit is a tool for Microsoft to target what it calls “the most vulnerable point” in Fancy Bear’s espionage operations: the command-and-control servers the hackers use to covertly direct malware on victim computers. These servers can be thought of as the spymasters in Russia’s cyber espionage, waiting patiently for contact from their malware agents in the field, then issuing encrypted instructions and accepting stolen documents.
Since August, Microsoft has used the lawsuit to wrest control of 70 different command-and-control points from Fancy Bear. The company’s approach is indirect, but effective. Rather than getting physical custody of the servers, which Fancy Bear rents from data centers around the world, Microsoft has been taking over the Internet domain names that route to them. These are addresses like “livemicrosoft[.]net” or “rsshotmail[.]com” that Fancy Bear registers under aliases for about $10 each. Once under Microsoft’s control, the domains get redirected from Russia’s servers to the company’s, cutting off the hackers from their victims, and giving Microsoft a omniscient view of that servers’ network of automated spies.
“In other words,” Microsoft outside counsel Sten Jenson explained in a court filing last year, “any time an infected computer attempts to contact a command-and-control server through one of the domains, it will instead be connected to a Microsoft-controlled, secure server.”
Historically, Fancy Bear has mostly targeted Windows with its malware, and has leaned heavily on Microsoft products when choosing domain names—thus giving Microsoft standing in the lawsuit. On Friday, after months of litigation and thousands of pages of filings, a judge in Alexandria, Virginia is scheduled to hear Microsoft’s motion for a final default judgment and permanent injunction against Fancy Bear.
Also known as APT28, Sofacy, Pawn Strorm and Strontium—Microsoft’s preferred moniker—Fancy Bear has been conducting cyber espionage since at least 2007, breaching NATO, Obama’s White House, a French television station, the World Anti-Doping Agency and countless NGOs, and militaries and civilian agencies in Europe, Central Asia and the Caucasus. Fancy Bear’s most notorious intrusions targeted the Democratic National Committee and the Hillary Clinton campaign last year, as part of Moscow’s efforts to help Donald Trump win the White House, according to U.S. intelligence findings.