12-30-2016, 01:08 PM
Page 1 (except for DHS and FBI logos which I have no desire to duplicate)
TLP:WHITE
JOINT ANALYSIS REPORT
DISCLAIMER:
This report is provided “as is” for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service referenced in this advisory or otherwise. This document is distributed as Subject to standard copyright rules, information may be distributed without restriction. For more information on the Traffic Light Protocol, see https://www.us-cert.gov/tlp.
(Comment: official publications of the federal government created by federal employees in official duties are not subject to copyright protection but may be denied in accordance with concerns for national security, judicial process, or law enforcement)
Reference Number: JAR-16-20296
December 29, 2016
GRIZZLY STEPPE – Russian Malicious Cyber Activity
Summary
This Joint Analysis Report (JAR) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). This document provides technical details regarding the tools and infrastructure used by the Russian civilian and military intelligence Services (RIS) to compromise and exploit networks and endpoints associated with the U.S. election, as well as a range of U.S. Government, political, and private sector entities. The U.S. Government is referring to this malicious cyber activity by RIS as GRIZZLY STEPPE.
Previous JARs have not attributed malicious cyber activity to specific countries or threat actors. However, public attribution of these activities to RIS is supported by technical indicators from the U.S. Intelligence Community, DHS, FBI, the private sector, and other entities. This determination expands upon the Joint Statement released October 7, 2016, from the Department of Homeland Security and the Director of National Intelligence on Election Security.
This activity by RIS is part of an ongoing campaign of cyber-enabled operations directed at U.S. government and its citizens. These cyber operations have included spearphishing campaigns targeting government organizations, critical infrastructure entities, think tanks, universities, political organizations, and corporations leading to the theft of information. In foreign countries, RIS actors conducted damaging and/or disruptive cyber-attacks, including attacks on critical infrastructure networks. In some cases, RIS actors masqueraded as third parties, hiding behind false online personas designed to cause the victim to misattribute the source of the attack. This JAR provides technical indicators related to many of these operations, recommended mitigations, suggested actions to take in response to the indicators provided, and information on how to report such incidents to the U.S. Government.
Page 1 of 13.
Read it and weep.
My comment:It is bad enough that foreign interests may have decided the electoral results for us. Just think of how bad things can be if the 2020 Presidential election turns into a contest between Chinese and Russian actors trying to manipulate the Presidential and Congressional elections with more concern for getting or keeping amenable stooges in power. In such a scenario the United States of America is no longer truly really independent.
This is not about Americans or about public policy as established by the President and Congress.
TLP:WHITE
JOINT ANALYSIS REPORT
DISCLAIMER:
This report is provided “as is” for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service referenced in this advisory or otherwise. This document is distributed as Subject to standard copyright rules, information may be distributed without restriction. For more information on the Traffic Light Protocol, see https://www.us-cert.gov/tlp.
(Comment: official publications of the federal government created by federal employees in official duties are not subject to copyright protection but may be denied in accordance with concerns for national security, judicial process, or law enforcement)
Reference Number: JAR-16-20296
December 29, 2016
GRIZZLY STEPPE – Russian Malicious Cyber Activity
Summary
This Joint Analysis Report (JAR) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). This document provides technical details regarding the tools and infrastructure used by the Russian civilian and military intelligence Services (RIS) to compromise and exploit networks and endpoints associated with the U.S. election, as well as a range of U.S. Government, political, and private sector entities. The U.S. Government is referring to this malicious cyber activity by RIS as GRIZZLY STEPPE.
Previous JARs have not attributed malicious cyber activity to specific countries or threat actors. However, public attribution of these activities to RIS is supported by technical indicators from the U.S. Intelligence Community, DHS, FBI, the private sector, and other entities. This determination expands upon the Joint Statement released October 7, 2016, from the Department of Homeland Security and the Director of National Intelligence on Election Security.
This activity by RIS is part of an ongoing campaign of cyber-enabled operations directed at U.S. government and its citizens. These cyber operations have included spearphishing campaigns targeting government organizations, critical infrastructure entities, think tanks, universities, political organizations, and corporations leading to the theft of information. In foreign countries, RIS actors conducted damaging and/or disruptive cyber-attacks, including attacks on critical infrastructure networks. In some cases, RIS actors masqueraded as third parties, hiding behind false online personas designed to cause the victim to misattribute the source of the attack. This JAR provides technical indicators related to many of these operations, recommended mitigations, suggested actions to take in response to the indicators provided, and information on how to report such incidents to the U.S. Government.
Page 1 of 13.
Read it and weep.
My comment:It is bad enough that foreign interests may have decided the electoral results for us. Just think of how bad things can be if the 2020 Presidential election turns into a contest between Chinese and Russian actors trying to manipulate the Presidential and Congressional elections with more concern for getting or keeping amenable stooges in power. In such a scenario the United States of America is no longer truly really independent.
This is not about Americans or about public policy as established by the President and Congress.
The ideal subject of totalitarian rule is not the convinced Nazi or the dedicated Communist but instead the people for whom the distinction between fact and fiction, true and false, no longer exists -- Hannah Arendt.