Russian Saboteurs Were Just Caught
The US Department of Justice announced charges today against a Russian citizen who traveled to the US in order to recruit and convince an employee of “a Nevada company” to install malware on their “employer’s” network in exchange for $1,000,000.
According to court documents unsealed today, Egor Igorevich Kriuchkov, a 27-year-old Russian, was identified as a member of a larger criminal gang who planned to use the malware to gain access to the company’s network, steal sensitive documents, and then extort the victim company for a large ransom payment.
Oh, another computer ransom thing? Oh, okay.
But wait… Nevada? As in…
This caught my attention, in light of recent developments and the ongoing effort by the Russians in the last four years to disrupt our country, elections and society. The first thing I was curious about was, who was the company they were trying to penetrate? And was it really a ransom attempt?
More to the point, why would a Russian national establish contact with an American, travel to the US, risk exposure by recruiting the American into a plan to extort his own employer, in exchange for one million dollars? Why not just plant a malware bug, a Trojan horse, electronically like all serious state sponsored hackers do?
If they had established contact with the American already, they undoubtedly knew that he worked at the target “company” and logged into the company network everyday. They are spies after all, they found out things which often aren’t that hard to find out anyway in our free and open society.
It would not be hard to engineer, or human engineer, a trick to get a malware bug in that network. Something as simple as a spoofed email made to look like it was from his boss, asking his opinion on the information contained in an attachment or spreadsheet. When the employee clicked on the attachment, the malware would jump into the network, unbeknownst to the pawn.
Why travel to the US and take those risks when you could likely do it remotely?
I did some checking and, as you might expect, most of the 100 largest companies in Nevada are Entertainment Industry related with a smattering of health, finance and real estate interests mixed in.
But four companies do not fit that profile. Could one of them be a sufficiently attractive target for such an elaborate scheme? And, again, was ransom the real objective? Let’s take a look.
NV Energy is a public utility which generates, transmits and distributes electric service in northern and southern Nevada, including the Las Vegas Valley, and provides natural gas service in the Reno-Sparks metropolitan area of northern Nevada. Based in Las Vegas, Nevada, it serves about 1.3 million customers and over 40 million tourists annually.
Could that be the target? Maybe. Vegas and Nevada depend on electricity for their lives. Water, air conditioning and refrigeration all require it and support life in a desert environment that would otherwise be largely inhospitable if not uninhabitable. And what would power all the bright lights of the Strip and the Casinos? Millions of lives and billions of dollars depend on that electricity, so NV Energy would be an attractive ransom target, if that’s the goal.
Nevada’s Johnson Electric is a provider of motors, actuators, motion subsystems and related electro-mechanical components for automotive, industrial and medical applications.
Hmm. Like the stuff you need for, well, power stations and all number of manufacturing plants. If you could figure out how to, say, plant a little piece of code in their control software that could be manipulated remotely there’s no telling what kind of havoc you could wreak. Ask the Iranians how Stuxnet affected their Uranium enrichment centrifuges.
Ormat Technologies Inc. is a provider of alternative and renewable energy technology based in Reno, Nevada. The company built over 150 power plants and installed over 2,000 MW. As of February 2016 Ormat owns and operates 697 MW of geothermal and recovered energy based power plants.
Again, a real linch-pin kind of operation and an attractive target for someone wanting to install remote control malware in their products and installations or, just to extort them for a few million Rubles.
But them I found National Security Technologies, LLC, which also operates under the name Bechtel, manages and operates the Nevada Test Site which also operates under the name Nevada National Security Site (NNSS). You know, this place:
NNSS provides design and fabrication of remote and robotic sensing, management of multiple National Laboratories, such as Livermore and Los Alamos, where our best black projects are formulated. They are into engineering, construction, and mining operations and and remote field experiments for the Nevada test site.
Yeow!
NNSS provides emergency response services, including aerial radiological surveys; radiological monitoring and assessment; image exploitation and GIS including emergency management, emergency medical, fire protection, general facility safety, and radiation protection services.
The “company” also offers environmental operations, such as site remediation; drilling and investigations; management of radioactive, hazardous, and solid waste; sampling and radiological analysis; and environmental and ecological monitoring.
In addition, it provides experiment support and software exploitation; nuclear materials detection instruments; nuclear weapon science experimentation and testing of defense technologies as well as information services, including computer center operation and computer security program management.
In other words, this one very special, very big and very secret company holds the keys to vast numbers of secret projects, not to mention the capabilities to materialize some of our most advanced Nuclear Biological and Chemical (NBC) weapons systems and defenses against such weapons. They design and make the sensors and sensing systems that monitor the air, water, earth and space to detect the presence of things you and I can’t imagine.
At least as importantly, they have developed a large scale capability to mitigate and clean up the aftermath of any number of nuclear, dirty bomb, biological, chemical or other disasters or attacks that might occur on American soil.
They are a critical national resource of unimaginable importance. So, I’m guessing them to be The Target of the Putin’s latest little adventure in America. Russia’s not looking to rip off a few million bucks. Nope. They and the Russian Mafia do that every day of the year to American hospitals, one of their favorite, livers-in-the-balance targets and American universities, also hotbeds of advanced research. That’s not what they were doing in Nevada.
The Russians just got caught trying to penetrate the very heart of our defense industry.
There’s no way in hell they were intending to extort the federal government or one of its prime defense contractors for $4 million. They are seeking to gain access to systems, plans, projects, capabilities… any number of secrets that could launch them from an also-ran world power struggling to update its cold war era military into something on a par with the US. If there’s one thing they like about America, it’s our technology.
The gravity of this is astonishing, not just that they would want to do it, but because of the casual way in which they went about it and the fact they thought they could get away with it. And they might have, if not for one brave American that stood in the path of Vladimir Putin.
Social Media.
Make contact. Establish a rapport. Commiserate perhaps, tell some jokes, gripe about (whatever the recruit target has complained about before on social media), share music (Oh, you like Gary Moore too? Wow, I thought I was the only one still around!) and so forth. Make a pal. Then fly to the States, meet up, hang out for a few days, party, buy some drinks, meet come chicks… and start setting the hook.
It’s all standard spy craft, nothing particularly new or imaginative, except the use of social media as a conduit directly to people on the Inside of very important places.
When I was a civilian contractor at the Dept of Defense working with a Clearance and secret information pertaining to the daily status of every military unit and all personnel under our purview, we were regularly briefed by the Defense Intelligence Agency spooks on activities primarily, at that timer, by the Chinese against DOD and civilian-DOD personnel.
The Chinese are patient experts at working the fringes, watching places, the people that come in and out, what bus they toke every day, at what time, where they go to lunch, what bank they use. All sorts of seemingly unimportant tidbits about ever day people that happen to work in some very secret places.
All of this information gets reported by regularly to China by, often, Chinese American residents. It is drilled into them that, to come to America is an opportunity to do great things for the homeland, to pass along harmless information that will help their government, The People, and the beloved Chairman understand America better and be more productive as a result.
All that fragmented data, all those tidbits, get assembled into massive computer based mosaics that tell the People’s Liberation Army spymasters how our facilities operate, who works there, how much money they make and spend, their vices, their weaknesses, their family members… all sorts of valuable insight that can be used at the proper time, maybe years later, to leverage somebody into doing something or revealing something to avoid financial ruin, embarrassment or possible harm to a loved one.
There is no limit to what you can get from a person once you “own” them with sufficiently compromising material. And Vlad Putin is perhaps the world master of Kompramateurs.
Witness the Russian operative and asset, our American President struggling to satisfy the demands of Vladimir Putin while visibly bearing the weight of guilt for what he is doing and the very real fear he has for the Russian security apparatus and what they could do to him, his family and fortune.
So, the Russians are moving on us, aggressively and with impunity. Perhaps they feel emboldened by the leash they have on our president, that they can literally get away with actual murder, confident in the cover and denial, the looking away, the lies and obfuscation sure to come from the White House about any Russian culpability in nullification of our Election and terrible violation of our Constitution in the fall and winter of 2020.
They said they would bury us in 1956 and the Russians are not in the habit of bullshitting around. They never forget the humiliation of Reagan outspending the USSR into bankruptcy, unable to keep building the weapons they needed to match us. They are pragmatic, cold and brutally effective against seemingly larger and more sophisticated competitors. Just ask the Germans how that works. Or the many other countries, men, women, organizations and even private companies that have stood in the way of Russian objectives. Graveyards are swelling with Vlad’s enemies.
Vladimir Putin is their Hope, their Knight. The Avenger that will settle that score and so many others until the Rodina is the most powerful and feared of all nations.
The time is here to sharpen our wits, our eyesight and our intent. To assess the depth of our love for America and our tolerance for men that would betray her. We need an immediate effort to inform our citizenry what’s afoot and motivate other men and women to stand up for her, like that brave fellow in Nevada.
If you can look across the information landscape today and somehow not come to the conclusion that a silent war in underway with actual skirmishes being fought for the heart, soul, guts and gristle of our homeland, you have a very thick membrane of denial that needs some work.
Little time remains id we are to forestall their ambitions on our democracy. The Russians are on the move in their bid to hijack the election, penetrate our industries and defenses, while our leadership is still compromised and complacent. Congress is uncertain what to do — what to focus on — the pandemic, the economy, the stimulus, the election campaign and all its tawdry little business, the weather events, the fires… or The Russians, which they surely must know and must be getting briefed on every damn day, are in our towns and cities, in our White House, taking up positions, arming themselves with critical data and plans…
waiting for the signal.