Share This

Showing posts with label CIA. Show all posts
Showing posts with label CIA. Show all posts

Tuesday, October 15, 2024

GT Exclusive: Latest report shows US cyber weapon can ‘frame other countries’ for its own espionage operations

China's National Computer Virus Emergency Response Center on Monday released its latest report on Volt Typhoon, once again exposing cyber espionage and disinformation operations conducted by US government agencies, including a US cyber weapon that can mislead investigation and frame other countries for its own cyber espionage activities. 

This is also the first time for the center to release the report in multiple languages, including Chinese, English, French, German and Japanese. 

The Monday report is the third report on Volt Typhoon released by National Computer Virus Emergency Response Center and National Engineering Laboratory for Computer Virus Prevention Technology. It further disclosed the cyber espionage operations targeting China, Germany and other countries which were launched by the US and other Five Eyes countries. 

On May 24, 2023, the cybersecurity authorities from The Five Eyes countries, 
the US, the UK, Australia, Canada and New Zealand, issued a joint cybersecurity advisory, claiming that they had discovered cluster of activity of interest associated with a "China state-sponsored cyber actor," known as Volt Typhoon, and these activities "affected networks across US critical infrastructure sectors."

On April 15 and July 8, the National Computer Virus Emergency Response Center, National Engineering Laboratory for Computer Virus Prevention Technology and 360 Digital Security Group jointly released two investigation reports disclosing the US government's narrative regarding Volt Typhoon is purely a fabrication crafted by the US. The two reports also expose how US government agencies, in order to maintain control over the so-called "warrantless surveillance rights," conduct indiscriminate monitoring of global telecommunications and internet users. This is done to enable related interest groups to gain greater political and economic benefits by fabricating nonexistent Chinese cyberattack threats. The nature of the event resembles a "house of cards" conspiratorial swindling campaign scheme targeting the US Congress and taxpayers.

"After we released the reports in April and July on Volt Typhoon, more than 50 cyber security experts from US, Europe, Asia and other countries and regions have contacted us through various ways. They believed that the US government and Microsoft have attributed Volt Typhoon to Chinese government without any concrete evidence, and they also expressed concern about the US government's fabrication of Volt Typhoon," a research fellow from the National Computer Virus Emergency Response Center told the Global Times on Monday. 

Secret weapons

The US is the world's largest arms dealer and its cyber weapon arsenal is not only large in scale, but also sophisticated in function. Previously, the National Computer Virus Emergency Response Center publicly disclosed multiple types of cyber weapons which were developed by the National Security Agency (NSA) and Central Intelligence Agency (CIA).

The Monday report unveiled information on a customized stealth "toolkit" codenamed "Marble" that the US agencies have developed to cover up their Computer Network Exploitation (CNE) operations, mislead attribution analysis and shift the blame on other countries. 

The toolkit is a framework that can be integrated with other cyber weapon development projects, assisting developers to obfuscate various identifiable strings in program code, effectively "erasing" the "fingerprints" of cyber weapon developers, according to the report.

For a long time, the US has kept pushing a "Defend Forward" strategy in cyberspace, and implement the "Hunt Forward" operations, which means to deploy cyber-war forces in the surrounding areas of adversary countries to conduct close-in reconnaissance and network penetration. In order to satisfy those tactical needs, the toolkit "Marble" was developed, said the anonymous researcher. 

The framework also has a "dirty" feature, which is the ability to insert strings in other languages at will, such as Chinese, Russian, Korean, Persian, and Arabic. This is intended to mislead investigators and defame China, Russia, North Korea, Iran, and Arab countries, said the researcher. 

By tracing and analyzing the source code and comments of "Marble" framework, researchers also found that it has been identified as a secret weapon development program, which is not allowed to share with any foreign country, starting no later than 2015. This secret weapon was tailored by US intelligence agencies for themselves, and was even kept a secret from the so-called ally countries. 

Recent findings in the report have once again highlighted who poses the greatest threat to global cyberspace security. The US government not only disregards the report but also continues to disseminate false information about Volt Typhoon, said Chinese Foreign Ministry spokesperson Mao Ning on Monday. China condemns US' irresponsible actions and urges it to immediately cease its global cyberattacks and stop using cybersecurity issues to slander and malign China, Mao said.

 'False flag' operation 

A "False Flag" is a deceptive act or operation carried out to make it appear as if it was conducted by another party. According to the report, the "Marble" framework fully exposes the indiscriminate and bottomless cyber espionage activities around the world carried out by US intelligence agencies, and their conspiracy to mislead investigators and researchers through "false flag" operations, so that to frame "adversary countries."

The anonymous researcher said that in conjunction with previous investigation findings, the hackers from US cyber forces and intelligence agencies disguise themselves like chameleons in cyberspace, pretend to come from other countries to carry out cyberattacks and espionage activities around the world, and pouring dirty water on non-ally countries of the US.

The report also noted that the "False Flag" operation is actually an important component of the US intelligence agency's "EFFECTS Operation," known as the "Online Covert Action" in the UK. The secret documents from the US and Five Eyes Alliance show that, the "EFFECTS Operation" includes two broad categories, "Information Operations" and "Technical Disruption Operations." 

The Internal documents of the US and Five Eyes Alliance clearly indicate that the implementation of this "EFFECTS Operation" must adhere to four main principles, which are "Deny," "Disrupt," "Degrade," "Deceive." And these four main principles precisely cover all the core elements of the Volt Typhoon operation, said the report.

Subsea cable tapping sites

According the top secret files of NSA, the US has been controlling the world's most important internet "choke points," such as the Atlantic and Pacific subsea cables, constructing at least seven full-traffic tapping sites. All these sites are operated by NSA, FBI and NCSC from UK. Each packet through the sites is being intercepted and deeply inspected indiscriminately, according to the report. 

The US National Security Agency is not content with merely focusing on the specific areas covered by submarine cables, and the data intercepted by these surveillance systems falls far short of meeting its intelligence needs. Therefore, the US has conducted CNE operations on specific targets located in the "blind spots" of its surveillance systems.

Top secret documents from the NSA show that the Office of Tailored Access Operation (TAO) of NSA has launched massive CNE operations around the world and implanted more than 50,000 spyware implants. Victims are mainly concentrated in Asia, Eastern Europe, Africa, the Middle East and South America. The internal documents of the NSA showed that almost all major cities in China are within the scope of NSA's operations, a large number of entities and their network assets have been compromised, said the report. 

Spying on 'allies'

The report also cites instances of the US conducting surveillance on countries such as France, Germany, and Japan. 

The anonymous researcher said US intelligence agencies have established a large-scale global Internet surveillance network, providing a large amount of high-value intelligence to the US government agencies, which offers the US government great advantage in the diplomatic, military, economic, scientific and technological fields. The US government and its intelligence agencies could put anyone on the "list" of monitoring. 

For example, from 2004 to 2012, the US carried out a long-term espionage operation against France, monitoring the movements of the French government on policy, diplomacy, finance, international exchanges, infrastructure construction, business and trade. Some important intelligence was authorized by the US to be shared with the other "Five Eyes" countries. This shows that the countries of the "Five Eyes" alliance are also beneficiaries of US espionage operations.

A 'snooper' in cyberspace

The report said that the US global Internet surveillance programs and stations are like ubiquitous "snoopers" in cyberspace and steal user data from the global internet in real time, and this eavesdropping capability has become an indispensable foundation of the US efforts to build the "Empire of Hacking" and the "Empire of Surveillance."

To maintain such a huge surveillance program, the annual funding budget is quite huge, and with the explosive growth of internet data, the demand for funding is bound to "rise." This is also one of the main reasons why the US government conspired with its intelligence agencies to plan and promote the Volt Typhoon operation, said the report.

Over the years, the US government has kept politicizing the issue of cyberattack attribution in a way that serves its own self-interests. Some companies, such as Microsoft and CrowdStrike, have been influenced by the desire to appeal to US politicians, government agencies and intelligence agencies, as well as to enhance commercial interests. They kept using a variety of names with geo-political features to describe the hacking groups in the absence of sufficient evidence and rigorous technical analyses, such as "Typhoon," "Panda" and "Dragon." 

In its last part, the report said that the international communications in cybersecurity industry is vital as the geopolitical landscape is growing increasingly complex and cybersecurity requires extensive international collaboration. 

"We look forward to seeing that all cybersecurity firms and research institutes will keep focusing on the research of cybersecurity threat prevention technology and how to provide users with higher-quality products and services, which will then keep the internet developing in a healthy way along with the progress of human society," said the report.


https://www.cverc.org.cn/head/zhaiyao/futetaifeng3_CN.pdf
https://www.cverc.org.cn/head/zhaiyao/futetaifeng3_EN.pdf
https://www.cverc.org.cn/head/zhaiyao/futetaifeng3_FR.pdf
https://www.cverc.org.cn/head/zhaiyao/futetaifeng3_JP.pdf
https://www.cverc.org.cn/head/zhaiyao/futetaifeng3_DE.pdfSource link

Related posts:

Saturday, March 16, 2024

The more thoroughly exposed the CIA's true face, the better

 

Mother of all disorder Illustration: Liu Rui/GT

Reuters exclusively reported on Thursday that, according to a former US official with direct knowledge of highly confidential operations, then-US president Donald Trump authorized the Central Intelligence Agency (CIA) to launch secret operations on Chinese social media aimed at "turning public opinion in China against its government." Many people don't find this information surprising or even consider it "news." The US is a habitual offender, using various covert means to foment "peaceful evolution" and "color revolutions" in other countries, with the CIA being the main force employed to this end. For other countries, the US' pervasive influence is everywhere, visible and tangible, so there is no need for exposés.

We are still unclear  what the specific purpose of the "former US official" was in leaking the information to Reuters. A CIA spokesperson declined to comment on the existence of the program, its goals or impact. A spokesperson for the Biden administration's National Security Council also declined to comment, which means it was neither confirmed nor denied. The US intelligence community often uses a mixture of false and true information to create confusion, a tactic that was used on Edward Snowden. The Reuters report is valuable, but needs to be further processed to filter out the true and useful parts.

Firstly, this report carries a strong defense of US penetration into China. It portrays the proactive offensive of the US' cognitive warfare against China as a passive counterattack against "cyber attacks" on the US from China and Russia. In reality, portraying themselves as the weak or victimized party and labeling their hegemonic actions as "justice" is a part of the US' cognitive warfare against foreign countries.

One US official interviewed by Reuters even said it felt like China was attacking the US with "steel baseball bats," while the US could only fight back with "wooden ones," showing his exaggerated and clumsy acting skills. The US has never used a "wooden stick." Over the past few decades, the CIA has overthrown or attempted to overthrow at least 50 legitimate international governments. There are also statistics showing that from 1946 to 2000, the US attempted to influence elections in 45 countries 81 times to achieve regime change. As a habitual offender of manipulating public opinions, the US has long established a series of tactics in its targeted propaganda, information dissemination, event creation, rumor fabrication, incitement of public opinion, and media manipulation. It constantly creates new tactics and uses new technologies according to changing circumstances. This is an open secret. The US dressing itself up as a "little lamb" only has a comedic effect, not a propaganda effect.

Next, as the US' intervention and infiltration in other countries are covert operations, this disclosure provides an opportunity for the outside world to glimpse into the specific methods used by the US. For example, the whistleblower admitted that the CIA had formed a small team of operatives, using bogus online identities to spread damaging stories about the Chinese government while simultaneously disseminating defamatory content to overseas news agencies. This corroborates with previous statements by CIA Director William Burns, indicating increased resources being allocated for intelligence activities against China, once again confirming the existence of the US "1450" (internet water army) team targeting China.

The whistleblower admitted that the CIA has targeted public opinion in Southeast Asia, Africa, and the South Pacific region, spreading negative narratives about the Belt and Road Initiative. This indicates that in the US-instigated propaganda war against China, the global public opinion arena, especially in "Global South" countries, is their main strategic target. Various "China threat" theories circulating in third-party countries, as consistently pointed out by China, are all being operated by the US intelligence agencies behind the scenes.

The US has never concealed its hegemonic aims, nor does it regard encroachment on other countries' sovereignty as something to be ashamed of, which is even more infuriating than the hegemonic behavior itself. American economist Jeffrey Sachs criticized the CIA's blatant violation of international law in his commentary last month, stating that it is "devastating to global stability and the US rule of law," leading to "an escalating regional war, hundreds of thousands of deaths, and millions of displaced people." He also criticized the mainstream American media for failing to question or investigate the CIA. In fact, far from acting as watchdogs, mainstream American media has served as an accomplice. How many rumors manufactured by the CIA have been spread through the mouths of mainstream American media? When did they reflect and correct themselves?

We also see that the intentions of the US intelligence agencies are even more sinister. As admitted in the revelations, they aim to force China to spend valuable resources in defending against "cognitive warfare," keeping us busy with "chasing ghosts," and disrupting our development pace. First of all, we appreciate their reminder. At the same time, we will not allow external factors to interfere with our strategic determination to manage our own affairs well. For China and the world, the more fully, clearly, and thoroughly the CIA exposes itself, the deeper people will understand its true nature, and the stronger their ability to discern the truth will become. Keeping the CIA busy to no end or failing in their attempts is the best preventive effect.

Source linkl

How the CIA Destabilizes the World


 

Friday, May 5, 2023

‘Empire of hackers’ uncovered


BEIJING: An investigation report was released on the Central Intelligence Agency (CIA) of the United States, one of the major intelligence agencies of the US federal government, revealing an “empire of hackers” under US manipulation.

Over a long period, the CIA has been secretly orchestrating “peaceful evolution” and “colour revolutions” around the world, continuously conducting espionage activities, said the report by China’s National Computer Virus Emergency Response Centre and internet security company 360.

The rapid development of the internet this century has presented new opportunities for the CIA to conduct its infiltration, subversion and trouble-making activities, the report said.

The report disclosed important details of the weapons the CIA used for cyberattacks and details of specific cybersecurity cases taking place in China and other countries, and revealed the agency’s harmful activities including cyberattacks and espionage.

The report said it was meant to provide references and suggestions for victims of cyberattacks around the world.

The CIA has been involved in overthrowing or attempting to overthrow more than 50 legal governments of other countries, though it only admitted involvement in seven, causing turmoil in relevant countries, the report said.

It said the involvement of some Western countries with the help of the internet can be detected in multiple “colour revolution” cases.

After the “Arab Spring” in West Asia and North Africa, certain large multinational internet enterprises of the United States vigorously engaged in sending an abundance of personnel, material and financial resources to the conflicting sides, drawing over and supporting the opposition parties, and publicly challenging the legal governments of foreign countries that were not in the US interests. Such enterprises were also involved in assisting in the disinformation campaign and fanning the flames of protests among the public, the report said.

The report further cited several measures of such operations, including “The Onion Router (TOR)” technology that enables anonymous communication, developed by a US company with a reportedly US military background. It was provided free of charge to anti-government personnel in countries such as Iran, Tunisia and Egypt to help them evade surveillance.

Also, Google and Twitter developed a special service called “Speak2Tweet” to enable users to communicate when they are disconnected. The technology was used by anti-government forces in Tunisia and Egypt, said the report.

The cyberspace hegemony under US manipulation is shadowing the entire world, with the CIA launching automated, systematic and intelligent attacks worldwide, the report said.

After analysing relevant cases, the technical team found that the reach of such attack weapons has covered almost all internet and Internet of Things assets, making a foreign country susceptible to US control or espionage, the report said, adding that the US is a genuine “empire of hackers.” — Xinhua 

Source link

 

'Empire of hacking' exposed: China Daily editorial

 

Although the Central Intelligence Agency had acquired exceptional experience in overthrowing governments by triggering "peaceful evolution" or instigating "color revolutions" in other countries before the emergence of the internet, it is the advancement of information and communication technology, in which the US enjoys huge advantages, that has greatly boosted the intelligence agency's capability to accomplish its goals in the new century.

The disintegration of the Soviet Union — the United States established the CIA in 1947 to counter Soviet intelligence wings — transformed the former socialist republics in Eastern and Central Europe, and created a golden opportunity for the CIA to trigger "color revolutions" in the region as well as in the Middle East and Central Asia.

The end of the Cold War gave the CIA the reason to help establish the US' global hegemony by exploiting its advantages in cyberspace to infiltrate, spy on and subvert other countries' governments.

A report "Empire of Hacking: the US Central Intelligence Agency — Part I" jointly published by China's National Computer Virus Emergency Response Center and the 360 Total Security, a Chinese cybersecurity company, on Thursday deserves credit for not only its systematic and professional approach to the ugly role of the CIA, but also its advice to the agency's "victims all around the world" in order to help them better respond to the US' cyberattacks and manipulations.

The report can also be seen as part of China's efforts to help build a community with a shared future in cyberspace, because it regards maintaining silence in the face of the CIA's dirty tricks as being complicit in the US' overall destructive strategy.

The report says that, working with US internet companies, the CIA provides encrypted network communication services, and reconnects service and on-site command communication tools directly for its proxies in targeted countries and regions. For instance, a software called RIOT, developed and promoted jointly by US companies and the CIA, helps the intelligence agency to remote control its pawns triggering demonstrations and riots in other countries, by ensuring they have reliable internet connection and channels of communication that are free from the local government's supervision.

"We lied, we cheated, we stole … we had entire training courses," said Mike Pompeo, former US secretary of state, on the nature of the CIA, an agency he led as director for years. This fact resonates with anyone who reads the NCVERC report.

The US is a country which pledges to help improve cyberspace governance and build a "clean internet" but actually spends all its expertise and high-tech advantages to further sharpen its cyber-espionage and cyber-attack weapons, while claiming to be the largest victim of cyberattacks. 

 

     Related news:


China's National Computer Virus Emergency Response Center and cybersecurity company 360 jointly released an investigation report on Thursday, revealing the long-standing use of cyber attacks by the US Central Intelligence Agency (CIA) against other countries. While this is an "eye-opener" for many people, the CIA's obsession and ability to create unrest disturb them significantly.

 Related posts:

China captures powerful US NSA cyberspy tool

 

 

 

 

 

 

 

U.S. intelligence leak, How extensive is the US surveillance network and how deep does it penetrate the world?

 

 

 

 

 

 

Ending the dollar dominance as USA Weaponising global money


The new Cold War heats up