Research links massive cyber spying ring to Russia

Foregoing crime, the group targets European, US governments in 7-year spree.

by Robert Lemos - Oct 28 2014,http://arstechnica.com/security/2014/10/research-links-massive-cyber-spying-ring-to-russia/

A professional espionage group has targeted a variety of Eastern European governments and security organizations with attacks aimed at stealing political and state secrets, security firm FireEye stated in a report released on Tuesday.
The group, dubbed APT28 by the company, has targeted high-level officials in Eastern European countries such as Georgia, and security organizations such as the North Atlantic Treaty Organization (NATO). While Russian and Ukrainian cybercriminal groups are known to conduct massive campaigns aimed at stealing money and financial information, APT28 focuses solely on political information and state secrets, according to FireEye.
The report argues that the group is closely tied to Russia and likely part of Moscow’s intelligence apparatus.
“This group, unlike the China-based threat actors we track, does not appear to conduct widespread intellectual property theft for economic gain,” FireEye stated in the report. “Nor have we observed the group steal and profit from financial account information.”
While linking specific actions on the Internet to people in the real world is difficult, FireEye used the report to make the case that a variety of espionage operations can be laid on the collective keyboards of APT28 and that the group is tightly linked to Russia.
This is not the first time the company has taken aim at nation-state cyber espionage. In 2013, Mandiant, now a subsidiary of FireEye, released a report on a Chinese group, APT1, which the company argued was part of the People's Liberation Army and which Mandiant researchers tied to attacks on more than 100 companies. The report has shaped much of the debate over online espionage between countries.
Attributing APT28’s efforts to Russia seems straightforward. More than half of the language setting in the compiled executable are Russian. Also, 96 percent of the malware samples analyzed by FireEye were compiled between Monday and Friday, from 8 am to 6 pm in the GMT+4 time zone, which matches Moscow. Such regularity suggests that the programmers were working during the regular work week in Moscow, the report argues.
The group behind the tools used by APT28 has frequently updated the software and focused on making the resulting binaries difficult for defenders to reverse engineer, according to the report. The technical components include a downloader, dubbed “SOURFACE” by FireEye, a program to give hackers remote access (“EVILTOSS”), and a group of modules to enhance functionality of the espionage software (“CHOPSTICK”). The modular nature of the program, similar to other espionage threats such as Flame and Duqu, allowing attackers to pick and choose the final functionality of any particular attack, as well as tailor the eventual malware to the target's environment.
The code’s sophistication and complexity suggests a professional development group, the company said.
“The coding practices evident in the group’s malware suggest both a high level of skill and an interest in complicating reverse engineering efforts,” the report stated.
For the most part, the analysis focuses on the group’s interests and how those interests are closely tied with the Russian government.

New Book Sheds Further Light on US Government Protection of Ex-Nazis   ~ Oops !

By Thomas Gaist

Global Research, October 29, 2014

World Socialist Web Site

Region: Europe, USA

Theme: Culture, Society & History, Intelligence

A new book published Tuesday, The Nazis Next Door: How America Became a Safe Haven for Hitler’s Men, by New York Times journalist Eric Lichtblau, details the close relations developed by the US government with Nazi war criminals during and after the Second World War.
Lichtblau’s work extends and deepens previous research demonstrating that the US government gave extensive support to top Nazi intelligence personnel as part of its efforts to create a new intelligence apparatus in West Germany, known as the BND. Former Nazis were especially valued by the US government for their experience conducting espionage and waging war against the Soviet Union.
Investigations carried out by the Nazi War Crimes and Japanese Imperial Government Records Interagency Working Group (IWG) during the late 1990s and early 2000s examined thousands of documents relating to US government collaboration with former Nazis.
The CIA documents provided the basis for a 2004 report, assembled by professional historians, titled US Intelligence and the Nazis, showing that the top Nazi intelligence officer on the Eastern Front, General Reinhard Gehlen, was recruited by the US military at the end of the war. Gehlen’s intelligence network, developed during the Nazi war of extermination against the Soviet Union, included at least 100 high-ranking Nazi military and intelligence personnel. It was to become the embryo of the new West German intelligence agency.
“The most important transmission belt for rehabilitating former Nazis was the West German intelligence service, which the US funded and helped create,” Timothy Naftali, historian and co-author of US Intelligence and the Nazis, told the World Socialist Web Site. “The US government wanted to develop the BND, understanding that a strong intelligence service was a necessary foundation for the new West German state.”
“Because of their experience in the war, they were seen as useful for collecting information about the Soviet bloc,” Naftali said.

“Former top Nazi Reinhard Gehlen recruited former SS officers and, although he did not reveal how many SS were serving in the BND ranks to his US patrons, the US did not push the issue. It is clear, however, that the West German intelligence service was honey-combed with former members of the SS.”

Documents stemming from the IWG’s work proved that at least five top associates of the holocaust organizer, Adolf Eichmann, were employed by the CIA after the war, and that the agency sought to establish relations with at least 23 other Nazi officials.
Lichtblau’s new book builds on the work of the IWG and the US Intelligence and the Nazis report, proving that officials at the highest levels of the American state went to great lengths to shield major war criminals from prosecution. The US government brought thousands of former Nazis to the US, where they lived in comfort while serving as spies, researchers and covert operatives for US military and intelligence agencies, Lichtblau’s research shows.
Lichtblau’s work provides ample evidence that scientists known to the US government to be involved in programs performing human experimentation and utilizing slave labor were recruited for leading research posts inside the US military.
Under Project Paperclip, authorized by President Harry Truman in 1945, the Office of Strategic Services (OSS), the precursor to the CIA, initiated plans that would bring at least 1,500 German scientists to the US. Scientists with Nazi Party affiliations were allowed to serve as scientists for the US government after providing a one-page statement explaining their reasons for membership, Lichtblau notes.
After heading a research program supported by tens of thousands of slave laborers, Wernher Von Braun, described by Lichtblau as “the boy wonder of Germany’s V-2 rocket program” with “deep ties to Hitler and to the Nazi Party,” was relocated by the US government to the US military base at Fort Bliss, Texas, along with his family and some 100 members of his V-2 production team.
The former Nazi paramilitary leader Emil Salmon, previously convicted of burning down a synagogue by a denazification court, was hired by the US Air Force after the war to work at an Ohio base as a jet engineer, Lichtblau shows.
Lichtblau also highlights the case of Doctor Hubertus Strughold, known as “the father of space medicine,” who became a top researcher for the US Air Force after the war despite ample evidence of his complicity in human experimentation.
Scientists at Dr. Strughold’s research clinic in Berlin conducted experiments on human subjects including children, Lichtblau’s research shows. In one case, epileptic children from a local asylum were placed in a high-altitude chamber and subject to sudden shifts in oxygen levels to determine whether such conditions would produce seizures, as they had during previous experiments on rabbits.
In another incident described by Lichtblau, scientists under Dr. Strughold’s direct authority forced groups of “social gypsy half-breeds” to consume large volumes of seawater infused with silver after being deprived of food for days.
In 1942, Dr. Strughold participated actively in a medical conference on “Medical Problems Arising from Distress at Sea and Winter Hardships,” focusing on the response of the human body to conditions of extreme cold.
Discussions during the conference were informed by ongoing experiments by doctors at the Dachau concentration camp, including prolonged submersion of subjects in tubs of ice and confinement of naked subjects outdoors in cold weather until death.
In his lecture to the conference, Dr. Strughold called for further research into human survivability in ice-cold ocean water. “With regard to the experimental scientific research … it is of interest to know what temperatures are to be counted on in the oceans conceded during the various seasons,” he told the conference.
Although Dr. Strughold’s name appeared fourth from the top on a roster of Nazi doctors involved in “Experimentation on Human Beings” drawn up by the Nuremberg tribunals, and he was initially interrogated by investigators associated with the Nuremberg war crimes tribunals who suspected him of involvement in human experimentation, investigation into Strughold was abruptly dropped in 1947. The doctor was then rapidly transferred to Texas by US authorities, where he was given a top research post with the US Air Force, according to Lichtblau’s research.
Recruitment and protection of former Nazis was carried out systematically by the US military and intelligence establishment. Internal military documents cited by Lichtblau show common usage of the phrase “beating a dead Nazi horse” to express contempt for any lingering opposition to the employment of former Nazis, who were seen as valuable assets by the US military and intelligence agencies.
As part of a deal struck by CIA Director Allen Dulles with a group of SS officers known as the Members of the Black Order during the final months of the war, Dulles personally arranged the release of Nazi Supreme Commander in Italy, General Karl Wolff, Lichtblau notes.
Wolff, formerly the SS liaison officer to Adolf Hitler and Chief of Personal Staff for Heinrich Himmler, was captured by anti-Nazi guerrillas on the Swiss-Italian border. After the war, Dulles went to great lengths to protect Wolff, who was listed as one of 20 some “major war criminals” by Nuremberg investigators. Dulles concealed evidence from Nuremberg prosecutors and prepared documents in Wolff’s defense.
General Wolff was subsequently dropped from the list of top war criminals, becoming a witness in support of the Nuremberg prosecutions before going on to a successful career in advertising.
Similar efforts by the US government to protect former Nazis continued over decades, Lichtblau shows.
During the 1970s, when asked by local reporters about a former Nazi with CIA ties working as a track coach in San Diego, then CIA Director George H. W. Bush stated openly, “If it were in my knowledge, I’m not sure I’d tell you,” Lichtblau notes.
In 1980, the FBI refused to share information on 16 suspected Nazis with the Justice Department, because the individuals in question were FBI assets who had provided the agency with reports about alleged “Communist sympathizers” inside the US. In 1994, the CIA sought to quash investigations into one of its former assets, who was directly involved in massacres of Jews in Lithuania during the war, according to Lichtblau.
Lichtblau’s research starkly illustrates the solidarity with Nazism on the part of the most powerful sections of the US ruling elite. As the Second World War drew to a close, terrified by the threat of world socialist revolution, the US ruling class and its military and intelligence henchmen eagerly embraced remnants of the Nazi regime as key components of imperialist policy.
In the process of documenting these relations, Lichtblau’s book provides a damning exposure of the propaganda claims that the Second World War was a “war for democracy” and a “war against fascism.” In fact, the American ruling class sought to exploit widespread popular opposition to the crimes of Nazism in pursuit of its own imperialist ambitions, in Europe and internationally.