Last week, the Cybersecurity and Infrastructure Security Agency issued an advisory bulletin about a threat from hackers who penetrated an undisclosed federal agency which is supposed to throw gas on the Russia election interference fire just in time to help Christopher Wray keep his last remaining shred of credibility. Instead it highlights how desperate the Deep State is to cover up Obamagate. The real threat is exposure that the 2016 Democrat National Committee hack was really an inside job.
Is the biggest threat Russia or the Democrats?
It’s strangely coincidental that the same group of Russian hackers who the Democrats have been trying to blame for their Democrat National Committee hack in 2016, which looks a lot more suspiciously like an inside job using a flash drive to exfiltrate the files, before they were selectively leaked, has now been linked to a new hack attack. A bulletin with a lot of convenient clues was released like the Wuhan Flu, just when the FBI wants to emphasize the Russian threat over the Chinese or North Koreans and distract from Hillary Clinton’s involvement with the Russians.
Last week, Director of National Intelligence John Ratcliffe declassified proof that the CIA busted Hillary Clinton. She specifically wanted both Donald Trump and the DNC hack tied to Russia. Now the Deep State FBI is after the same group which got selected to take the fall for the DNC hack. A lot of folks are wondering why. The biggest threat to Democrats is still Donald Trump. Andrew McCabe is pinning all his hopes on a November regime change to keep him off the Senate witness stand.
According to geeks at Wired magazine and some of their colleagues in the cyber-spy industry, the “unidentified intruders” alerted to in the threat bulletin “appear likely to be part of a notorious team of cyber-spies working in the service of Russia’s military intelligence agency, the GRU.” CISA gave them more than enough clues to piece it together without spelling it out. The report “did detail the hackers’ methods, use of a new and unique form of malware,” and showed it was used “in an operation that successfully stole target data.”
Fancy Bear blamed again
By following the clear trail of breadcrumbs meticulously laid down in the threat advisory, Joe Slowik at Dragos says they lead to “Fancy Bear, a team of hackers working for Russia’s GRU,” and they are also known as APT28. Slowik noticed that “a notification the FBI sent to targets of a hacking campaign in May” warned that “APT28 was broadly targeting US networks, including government agencies and educational institutions, and listed several IP addresses they were using in their operations.”
One IP address was a server in Hungary which APT28 used in both exploits. “That would suggest that APT28 used the same Hungarian server in the intrusion described by CISA—and that at least one of the attempted intrusions described by the FBI was successful.” Slowik is convinced, “based on the infrastructure overlap, the series of behaviors associated with the event, and the general timing and targeting of the US government, this seems to be something very similar to—if not a part of—the campaign linked to APT28 earlier this year.” A second overlapping Latvian IP address was confirmed, which matched a threat report last year from the Department of Energy. “Together, those matching IPs create a web of shared infrastructure that ties the operations together.”
Wired notes that the threat “looms” over the 2020 election, even though liberal fact checkers won’t let conservatives question election integrity. “Even aside from their 2016 breaches of the Democratic National Committee and the Clinton campaign, Russia’s APT28 hackers loom over the 2020 election. Earlier this month Microsoft warned that the group has been carrying out mass-scale, relatively simple techniques to breach election-related organizations and campaigns on both sides of the political aisle.”