LETTERS FROM AN AMERICAN

March 2, 2025

Heather Cox Richardson

Mar 03, 2025

On February 28, the same day that President Donald Trump and Vice President J.D. Vance took the side of Russian president Vladimir Putin against Ukraine president Volodymyr Zelensky in the Oval Office, Martin Matishak of The Record, a cybersecurity news publication, broke the story that Defense Secretary Pete Hegseth has ordered U.S. Cyber Command to stop all planning against Russia, including offensive digital actions.

Both the scope of the directive and its duration are unclear.

On Face the Nation this morning, Representative Mike Turner (R-OH), a strong supporter of the North Atlantic Treaty Organization (NATO) and Ukraine, contradicted that information. “Considering what I know, what Russia is currently doing against the United States, that would I’m certain not be an accurate statement of the current status of the United States operations,” he said. Well respected on both sides of the aisle, Turner was in line to be the chair of the House Intelligence Committee in this Congress until House speaker Mike Johnson (R-LA) removed him from that slot and from the intelligence committee altogether.

And yet, as Stephanie Kirchgaessner of The Guardian notes, the Trump administration has made clear that it no longer sees Russia as a cybersecurity threat. Last week, at a United Nations working group on cybersecurity, representatives from the European Union and the United Kingdom highlighted threats from Russia, while Liesyl Franz, the State Department’s deputy assistant secretary for international cybersecurity, did not mention Russia, saying the U.S. was concerned about threats from China and Iran.

Kirchgaessner also noted that under Trump, the Cybersecurity and Infrastructure Security Agency (CISA), which monitors cyberthreats against critical infrastructure, has set new priorities. Although Russian threats, especially those against U.S. election systems, were a top priority for the agency in the past, a source told Kirchgaessner that analysts were told not to follow or report on Russian threats.

“Russia and China are our biggest adversaries,” the source told Kirchgaessner. “With all the cuts being made to different agencies, a lot of cybersecurity personnel have been fired. Our systems are not going to be protected and our adversaries know this.” “People are saying Russia is winning,” the source said. “Putin is on the inside now.”

Another source noted that “There are dozens of discrete Russia state-sponsored hacker teams dedicated to either producing damage to US government, infrastructure and commercial interests or conducting information theft with a key goal of maintaining persistent access to computer systems.” “Russia is at least on par with China as the most significant cyber threat, the person added. Under those circumstances, the source said, ceasing to follow and report Russian threats is “truly shocking.”

Trump’s outburst in the Oval Office on Friday confirmed that Putin has been his partner in politics since at least 2016. “Putin went through a hell of a lot with me,” Trump said. “He went through a phony witch hunt where they used him and Russia… Russia, Russia, Russia—you ever hear of that deal?—that was a phony Hunter Biden, Joe Biden, scam. Hillary Clinton, shifty Adam Schiff, it was a Democrat scam. And he had to go through that. And he did go through it, and we didn’t end up in a war. And he went through it. He was accused of all that stuff. He had nothing to do with it. It came out of Hunter Biden’s bathroom.”

Putin went through a hell of a lot with Trump? It was an odd statement from a U.S. president, whose loyalty is supposed to be dedicated to the Constitution and the American people.

Trump has made dismissing as a hoax what he calls “Russia, Russia, Russia” central to his political narrative. But Russian operatives did, in fact, work to elect him in 2016. A 2020 report from the Republican-dominated Senate Intelligence Committee confirmed that Putin ordered hacks of Democratic computer networks, and at two crucial moments WikiLeaks, which the Senate committee concluded was allied with the Russians, dumped illegally obtained emails that were intended to hurt the candidacy of Democratic candidate Hillary Clinton. Trump openly called for Russia to hack Clinton’s emails.

Russian operatives also flooded social media with disinformation, not necessarily explicitly endorsing Trump, but spreading lies about Clinton to depress Democratic turnout, or to rile up those on the right by falsely claiming that Democrats intended to ban the Pledge of Allegiance, for example. The goal of the propaganda was not simply to elect Trump. It was to pit the far ends of the political spectrum against the middle, tearing the nation apart.

Fake accounts on Twitter, YouTube, Instagram, and Facebook drove wedges between Americans over issues of race, immigration, and gun rights. Craig Timberg and Tony Romm of the Washington Post reported in 2018 that Facebook officials told Congress that the Russian campaign reached 126 million people on Facebook and 20 million on Instagram.

That effort was not a one-shot deal: Russians worked to influence the 2020 presidential election, too. In 2021 the Office of the Director of National Intelligence concluded that Putin “authorized, and a range of Russian government organizations conducted, influence operations aimed at denigrating President [Joe] Biden’s candidacy and the Democratic Party, supporting former President Trump, undermining public confidence in the electoral process, and exacerbating sociopolitical division in the US.” But “[u]nlike in 2016,” the report said, “we did not see persistent Russian cyber efforts to gain access to election infrastructure.”

Moscow used “proxies linked to Russian intelligence to push influence narratives—including misleading or unsubstantiated allegations against President Biden—to US media organizations, US officials, and prominent US individuals, including some close to former President Trump and his administration,” the Office of the Director of National Intelligence concluded.

In October 2024, Matthew Olsen, head of the Justice Department’s National Security Division, warned in an interview with CBS News that Russia was bombarding voters with propaganda to divide Americans before that year’s election, as well. Operatives were not just posting fake stories and replying to posts, but were also using AI to manufacture fake videos and laundering Russian talking points through social media influencers. Just a month before, news had broken that Russia was funding Tenet Media, a company that hired right-wing personalities Tim Pool, Dave Rubin, Benny Johnson, Lauren Southern, Tayler Hansen, and Matt Christiansen, who repeated Russian talking points.

Now back in office, Trump and MAGA loyalists say that efforts to stop disinformation undermine their right to free speech. Project 2025, the extremist blueprint for the second Trump administration, denied that Russia had interfered in the 2016 election—calling it “a Clinton campaign dirty trick”—and called for ending government efforts to stop disinformation with “utmost urgency.” “The federal government cannot be the arbiter of truth,” it said.

On February 20, Steven Lee Myers, Julian E. Barnes, and Sheera Frenkel of the New York Times reported that the Trump administration is firing or reassigning officials at the FBI and CISA who had worked on protecting elections. That includes those trying to stop foreign propaganda and disinformation and those combating cyberattacks and attempts to disrupt voting systems.

Independent journalist Marisa Kabas broke the story that two members of the “Department of Government Efficiency” are now installed at CISA: Edward Coristine, a 19-year-old known as “Big Balls,” and Kyle Schutt, a 38-year-old software engineer. Kim Zetter of Wired reported that since 2018, CISA has “helped state and local election offices around the country assess vulnerabilities in their networks and help secure them.”

During the 2024 campaign, Trump said repeatedly that he would end the war in Ukraine. Shortly after the election, a newspaper reporter asked Nikolai Patrushev, who is close to Putin, if Trump’s election would mean “positive changes from Russia’s point of view.” Patrushev answered: “To achieve success in the elections, Donald Trump relied on certain forces to which he has corresponding obligations. And as a responsible person, he will be obliged to fulfill them.”

Today, Kremlin spokesperson Dmitry Peskov told a reporter: “The new administration is rapidly changing all foreign policy configurations. This largely aligns with our vision.”

LETTERS FROM AN AMERICAN

HEATHER COX RICHARDSON

Eight of Swords. Art by Suzanne Treister, from HEXEN 2.0.

US CYBERCOMMAND

LOVED THIS.

Head of NSA and Cybercommand Is Ousted

https://www.nytimes.com/2025/04/03/us/politics/nsa-cyber-command-chief-fired.html

About the Trump tweet where he clearly took a photo of a classified briefing with his cell camera:

So, obviously the satellite spotters sprang into action and came up with some estimates for the NRO’s current capabilities:

However, US-224 is 8 years old, part of the 4th generation of KH-11 hardware, a system that has been in use since the 70s. The NRO is in the process of launching the 5th generation to replace it, with USA-290/NROL-71 launching in January of this year with some very odd behaviour that suggests its capabilities are much different than its predecessors.

Marcy Wheeler, analyzing the apparent leak, suggests that it was actually approved of by the intelligence community:

First, the tweet was almost certainly not written by Trump. It has no grammatical errors or typographical anomalies. It uses technical terms and consists of full sentences.

In other words, the tweet has none of the hallmarks of Trump’s reflexive tweeting. Someone helped him tweet this out.

Then there’s the fact that, earlier this week, the US dick-wagged about another successful operation against Iran, a cyberattack that took out the IRGC database that they were using to target western shipping.

That story described the views of CyberCommand head General Nakasone, who did some dick-wagging in February over CyberCommand’s role in thwarting Russia’s efforts to tamper in the elections.

Whatever else Nakasone has done with his command, he seems to have made a conscious decision that taking credit for successful operations adds to its effectiveness. There certainly was some debate, both within the NYT story and in discussions of it, whether he’s right. But Nakasone is undoubtedly a professional who, when stories boasting of successful CyberCommand operations get released, has surely thought through the implications of it.

But as I said, last night NYT weighed in on the destroyed missile launch, with a story by long-standing scribes for the intelligence community, David Sanger and William Broad and — listed at the end in the actual story but given equal billing in Sanger’s tweet of it — Julian Barnes, the guy who broke Nakasone’s dick-wagging earlier in the week. It’s a funny story — as it was bound to be, given that virtually no one reported on the explosion itself and while this spends a line doing that, it’s really a story exploring what kind of denial this is....

Not everyone agrees with the claim that Trump would be required by law to deny a covert operation. He’s the President. He can do what he wants with classified information.

That said, the story may be an attempt to use official scribes to reframe this disclosure to make it closer to the way the intelligence community likes to engage in plausible deniability, with a lot of wink wink and smirking. Amid all the discussion of deny deny deny, after all, the NYT points to several pieces of evidence that this explosion was part of a successful program to sabotage Iran’s missile capabilities.

It could be that this tells us what the capabilities of the previous generation of spy satellites are to make us feel more comfortable, while the current generation is much more apt. After all, the holy grail of satellite imagery is real time automatic facial recognition:

Satellite technology has taken a creepy turn, with high-resolution images becoming so clear that they will soon be able to zoom in on your face and smartphone from outer space. The rapid advancement of the technology has refined the measurements of satellite image resolution from meters to mere centimeters. While these developments will potentially enable governments to better track down criminals and monitor suspicious behaviors, they could also bring a new era of privacy concerns.

Just last year, the US relaxed regulations on the commercial images that satellite companies can distribute, reducing the previous 50-centimeter resolution restriction by half. The new 25-centimeter restriction allows for an image that’s nearly four times clearer than before — precise enough to see a mailbox.

Now, DigitalGlobe, a leading global provider of commercial satellite images, is pushing for the restrictions to be lowered again, to just 10 centimeters this time. For reference, the BBC reports that the newest US spy satellites can make out objects less than 10 centimeters across — less than the length of someone’s smartphone. Enabling this kind of technology to be used at a commercial level is certainly somewhat worrisome.

Since you need about 32 pixels minimum to do facial recognition, a resolution of 5 to 10 cm per pixel doesn’t really work for that. However, if your enemies believe that that’s the best you have, while you have something better, then you’ve got a leg up on them.

I’d also like to note the patch for the mission that put USA-224 into space. The Latin is supposed to say “better the devil you know”.

US cyberdefense is AWOL

In security, attackers have an easier job than defenders: an attacker has to find a single mistake that a defender has made; a defender has to make no mistakes.

But the best defense is NOT a good offense. Neglecting defense means abandoning the people you're defending.

So guess how the US apportions its "cyber" budget.

It's all "deterrence" (i.e. offensive capability) and virtually no actual defense. As Jason Healey writes in Lawfare, this leaves Americans as "prey," not "predators."

https://www.lawfareblog.com/cyber-budget-shows-what-us-values

Healey is writing about the Cyberspace Solarium Commission's report "on a strategic approach to defending the United States in cyberspace against cyber attacks of significant consequences."

https://www.solarium.gov/

The report shows that the vast majority of information security spending in the US is though the military, not through defensive organizations like the DHS, a trend that began with Clinton and has been continued by every president since, with massive acceleration under Trump.

Ironically, Trump has criticized previous admins for neglecting defense and pledged to increase it as a priority, but all he did was redefine "defense" to mean "punishing those who use cyber tools for malicious purposes" and attaining "peace through strength."

Which is why the DoD's cyber budget is 25% higher than the total infosec budget of ALL defensive agencies, with US Cybercommand HQ getting 33% more to cover program ADMINISTRATION than the ENTIRE State Dept cyber budget, INCLUDING operations.

The DoD's cyber ops budget is 250% of the budget for then entire Cybersecurity and Infrastructure Security Agency, and 1000% of the budget for the National Cybersecurity and Communications Integration Center.

And that's just the part of the budget we know about; most of the DoD's budget is a secret. It's part of the trend Rosa Brooks spoke of: "everything became war and the military became everything."

Healey: "There are tremendous risks when a fearsome offense is paired with a weak defense," because "a more fearsome cyber offense makes it more likely they will get in a sucker punch on the U.S. before Cyber Command can bring its big guns to bear."

He's focused on the geopolitics, but we must attend to  human costs. When computer criminals steal trade secrets or kompromat, steal identities or clean out your bank account, they get away clean because your government has prioritized attacking rivals over defending YOU.

To take just one example: the NSA found a vulnerability in Windows that they codenamed "Eternalblue." Rather than report that bug to Microsoft so it could be fixed and everyone relying on Windows could be safer, the NSA kept the bug a secret so it could attack its enemies.

Then Eternalblue leaked. It got picked up by dumdums and spliced into some not-very-effective ransomware, supercharging in and giving birth to the Wannacry epidemic. Wannacry went on to shut down numerous businesses and hospitals around the world, including in the US.

But it did worse than that: Wannacry was used to shut down entire US CITIES. For MONTHS. Including, for example, Baltimore, a city that serves as a commuter town for Beltway Bandits, perhaps including some who decided not to fix Eternalblue.

https://www.nytimes.com/2019/05/25/us/nsa-hacking-tool-baltimore.html

It would be one thing if the only people who suffered as a result of this ghastly blunder was DoD personnel and their overpaid contractors - but the collateral damage here is staggering.

An offensive posture means you can make your enemy's rubble bounce after they slaughter your people. Only a general hoping for a consulting job with a defense contractor could view this as a good tradeoff for the casualties experienced by the people they've sworn to protect.

Now you understand why he was playing golf today 💥💥💥💥💥💥💥💣💣💣💣💣

On Election night, Trump and his campaign team assembled in the Eisenhower Building just west of the White House to watch the results come in.

Know what is there?

A SCIF.

Sensitive Compartmented Information Facility. (SCIF)

The kind used by Army intelligence cyber security division.

One of the first things you'll notice when you open this article is the red castle. Those who follow Q will recognize it immediately.

http://www.croftandassociates.com/work-blog/cybercommand-secure-communications-facility

They were monitoring the fraud in real time.

They knew which states were using the voting machines loaded with HAMMER & SCORECARD.

(Software developed for the CIA to manipulate voter tallies remotely in foreign elections.)

It was just deployed against the American people.

Tom Fitton & Sydney Powell put it right in your face

Dr Charlie Ward (Currency Broker & Hotel Contractor - Trump Insider) describes the deployment of this Sting Operation to trap those involved in election theft.

The Federalized National Guard were pulling around the clock duty in at least 16 states to trap these monsters.

All the swing states currently involved in the theft are on the list.

The SCOTUS ordered all ballots received after the deadline in PA be segregated from those received on time.

There will be a ballot audit.

Recounts are conducted by the same people/election boards as the first count.

Audits are conducted by armed fraud investigators.

State Legislators pick electors.

Republicans control both houses of the PA State Congress.

Guess who controls both Houses of State Legislatures in the other swing states?

You guessed it...

Republicans.

Check Mate.

If I were any of these Democrat officials involved in this colossal elecxtion fraud, I would be seeking asylum in a non-extradition country immediately.

Trust your President.

Trust God and Trust the Plan!

Tom Graham.

If you're wondering if what has been revealed above is true, I can tell you that the Twitter account for Tom Graham is followed by General Flynn, 😎

Food for thought 🤔🤔🤔🤔

“New intel from from a local friend always in the know:

Fwd:

Ok in a nutshell. This is going to the Supreme Court. Where they will rule that the election is invalid due to fraud or mistakes on a country wide scale. It will go one of two ways, either they will rule that all the unconstitutional

mail in ballots will be removed and the states ordered to recount without them or they will simply rule the election is invalid due to mass voter fraud and at that point it will be sent to the congress and senate for a vote. This is where it gets good. The house/congress votes on who the President will be. It has nothing to do with what party that has power. Every State gets one vote and 30 States are held by Republicans.and 19 by Democrats. They have to vote down party lines, they have no choice due to the 12th Amendment of the Constitution and the Senate votes for the Vice President where a similar even will take place. This is The law. This is why the Democrats are so mad at Nancy Pelosi. This will all happen in January. The only way President Trump won’t be President is if he concedes the election and that will never happen. So stop watching the fake news and don’t let your heart be troubled and live your life knowing this will all work out. President Trump will remain President. I have researched all of this and it is Fact!

Another fun fact, they called Gore the President Elect for 30 days in 2000 until the courts ruled against him and declared Bush the winner. And two people that were part of Bush’s legal team were none other that new Supreme Court Justices, Brett Kavanaugh and Amy Coney Barrett. Why do you think the Democrats tried so hard to keep them from being confirmed?”

XMA Header Image

US Army Intellegence and Security Command SCIF — Croft Architects & Engineers

croftandassociates.com

US Cybermilitary Force Details Its Support for Ukraine’s Digital Defense

US Cybermilitary Force Details Its Support for Ukraine’s Digital Defense

FORT MEADE, Md. — The Pentagon’s Cyber National Mission force has been supporting Ukraine’s digital defense with daily consultations, a collaboration that has helped unearth thousands of warning indicators of potentially compromised Ukrainian computer networks, a top U.S. cybercommander said on Monday. The United States had a team of nearly 40 people from the force in Ukraine to help the country…

View On WordPress

US Cybermilitary Force Details Its Support for Ukraine’s Digital Defense

US Cybermilitary Force Details Its Support for Ukraine’s Digital Defense

FORT MEADE, Md. — The Pentagon’s National Cyber ​​Mission force has been supporting Ukraine’s digital defense with daily consultations, a collaboration that has helped unearth 1,000 indicators of compromised Ukrainian computer networks, a top US cybercommander said on Monday. The United States had a team of nearly 40 people from the force in Ukraine to help the country shore up its defenses…

View On WordPress

Gen. Nakasone on US CyberCommand

http://i.securitythinkingcap.com/QzRqCm

Why do we need Cyber command when we already have NGAF?

The common questions about how to position the cyber command as an intelligent threat detection and response platform, is what is the difference between Cyber command with NGAF as next gen firewall?

And the answers :

1. The positioning is different, NGAF is a perimeter defense product, the NGAF is put in the customer's network to directly defense the threats, almost every company need NGAF to protect their business. The Cyber Command is an intelligent detection and response platform, it mirrors all traffic from the core-switch and analyzes it. Some large Enterprises can use it to build a SOC. Cyber Command won't directly block the threats but it can monitor both East-West traffic and South-North traffic;

2. Values: NGAF mostly focus on protection but Cyber Command focus on Detection and Response;

3. Cyber Command can work with NGAF, the threats found in Cyber Command can be directly block via correlate with NGAF.

#kayreach #cybercommand #ngaf

source https://www.kayreach.com/post/why-do-we-need-cyber-command-when-we-already-have-ngaf

The "Unmasked at Last" Edition

A Justice Department investigation into whether Obama-era officials improperly requested the identities of individuals from intelligence reports ends with a whimper. An investigation into the shooting of a protestor in Portland raises questions about the federal government’s use of force. And CyberCommand takes down a Russian botnet.

Parlo: Ascolta!

The "Unmasked at Last" Edition

A Justice Department investigation into whether Obama-era officials improperly requested the identities of individuals from intelligence reports ends with a whimper. An investigation into the shooting of a protestor in Portland raises questions about the federal government’s use of force. And CyberCommand takes down a Russian botnet.

New Episode of Rational Security

Russia confirms US cybercommand cyberattack; RAID controllers destroyed

https://blog.lukaszolejnik.com/target-confirming-an-offensive-cyber-operation-2/ Comments

Students assigned to cheat on exam use doctored Little Brother cover and many other clever methods #5yrsago

The IEEE's Computer and Reliability Societies recently published "Embracing the Kobayashi Maru," by James Caroland (US Navy/US Cybercommand) and Greg Conti (West Point) describing an exercise in which they assigned students to cheat on an exam -- either jointly or individually. The goal was to get students thinking about how to secure systems from adversaries who are willing to "cheat" to win. The article describes how the students all completed the exam (they all cheated successfully), which required them to provide the first 100 digits of pi, with only 24h to prepare. The students used many ingenious techniques as cribs, but my heart was warmed to learn that once student printed a false back-cover for my novel Little Brother with pi 1-100 on it (Little Brother is one of the course readings, so many copies of it were already lying around the classroom).

James and Greg have supplied a link to a pre-pub of the paper (the original is paywalled), and sent along a video of a presentation they gave at Shmoocon where they presented the work. The students' solutions are incredibly ingenious -- the audience is practically howling with laughter by the end of the presentation.

https://boingboing.net/2012/06/11/students-assigned-to-cheat-on.html

via Twitter https://twitter.com/PatrickCMiller