The Chinese report is released! The CIA used five means to plan a "color revolution" in more than 50 countries.
[Global Times-Global Network Report Special Reporter Yuan Hong] For a long time, the US Central Intelligence Agency (CIA) secretly implemented "peaceful evolution" and "color revolution" around the world, and continued to carry out espionage activities. The latest report released by the National Virus Emergency Response Center and 360 Company on the 4th revealed the main technical means of CIA planning and organizing a large number of "color revolutions" around the world, including a non-traditional regime change technology called "swarming" to promote young people connected through the Internet to join the mobile protest of "shooting a gun for a place".
The CIA is one of the main intelligence agencies of the US federal government. Headquartered in Langley, Virginia, the United States, it has four departments: Intelligence Department (DI), Secret Service (NCS), Science and Technology Department (DS&T) and Support Department (DS). Its main business scope involves: collecting intelligence information of foreign governments, companies and citizens; Comprehensive analysis and processing of intelligence information collected by other American intelligence agencies; Provide national security information and security risk assessment opinions to senior decision makers in the United States; Organize, implement, guide and supervise cross-border secret activities according to the requirements of the President of the United States.
The first part of this series of reports indicates that since the 21st century, the rapid development of the Internet has provided new opportunities for the CIA’s infiltration, subversion and sabotage activities. Organizations and individuals who use American Internet equipment and software products around the world have become the puppet "agents" of the CIA, helping the agency to quickly become a "star" in the cyber espionage war.
No matter the attempted "color revolution" in Ukraine in 2014, the "sun flower revolution" in Taiwan Province, China, the "saffron revolution" in Myanmar in 2007 and the "green revolution" in Iran in 2009, they can’t get rid of the influence of American intelligence agencies. According to statistics, for decades, the CIA has overthrown or attempted to overthrow at least more than 50 legitimate governments of other countries (while the CIA only admitted 7 of them), causing unrest in relevant countries.
Comprehensive analysis of all kinds of technologies in the above incidents, information communication and on-site command have become the decisive factors affecting the success or failure of the incident. These technologies in the United States are in a leading position in the world, which provides unprecedented technical possibilities for the American intelligence department to launch a "color revolution" abroad. Reports from the National Virus Emergency Response Center and Company 360 disclose five methods used by the CIA.
The first is to provide encrypted network communication services.In order to help protesters in some countries in the Middle East keep in touch and avoid being tracked and arrested, American companies (allegedly with American military background) have developed a TOR technology ("onion" routing technology) that can access the Internet and is untraceable. Related servers encrypt all the information that flows through them, thus helping specific users to access the Internet anonymously. After the project was launched by American enterprises, it was immediately provided free of charge to anti-government personnel in Iran, Tunisia, Egypt and other countries, so as to ensure that those "dissident youths who want to shake the rule of their own governments" can avoid the scrutiny and surveillance of the legitimate local governments when participating in the activities.
The second is to provide off-line communication services.In order to ensure that anti-government personnel in Tunisia, Egypt and other countries can still keep in touch with the outside world even when the Internet is disconnected, Google and Twitter companies in the United States quickly launched a special service called "Speak2Tweet", which allows users to dial and upload voice messages for free. These messages are automatically converted into tweets and then uploaded to the network, and released publicly through Twitter and other platforms to complete "real-time reporting" of the incident scene.
The third is to provide on-site command tools for assemblies and processions based on the Internet and wireless communication.The RAND Corporation of the United States spent several years developing a non-traditional regime change technology called "swarming", which was used to help a large number of young people connected through the Internet to join the mobile protest of "shooting one gun for another place", greatly improving the efficiency of the on-site command of the event.
Fourth, American companies developed a software called "Riot".The software supports 100% independent wireless broadband network, provides variable WiFi network, does not rely on any traditional physical access mode, does not need telephone, cable or satellite connection, and can easily avoid any form of government monitoring. With the help of the above powerful network technology and communication technology, the CIA has planned and organized a large number of "color revolution" events around the world.
Fifth, the State Council, USA, takes the research and development of anti-censorship information system as an important task.And invested more than $30 million in the project.
Specific to a number of typical cyber attacks in China, during the investigation, the National Virus Emergency Response Center and 360 Company captured and successfully extracted a large number of Trojan horse programs, functional plug-ins and attack platform samples closely related to the data of "Vault 7" of the Central Intelligence Agency (CIA). According to our reporter’s further understanding, the public security organs have followed up on this matter. This newspaper will continue to pay attention to the progress of this matter.
Through further technical analysis, the National Virus Emergency Response Center and 360 Company found that although the backdoor programs and attack components of CIA mostly run in the form of memory resident execution without physical files, it is extremely difficult to find and obtain evidence of relevant samples. Even so, the joint technical team successfully found an effective way to solve the problem of obtaining evidence, and found nine types of attack weapons used by the CIA, including attack module delivery, remote control, information collection and theft, and third-party open source tools.
Among them, the joint technical team accidentally extracted an information stealing tool used by the CIA, which belongs to one of the 48 advanced cyber weapons that exposed the confidential document Ant Catalog of the National Security Agency, and is a special information stealing tool of the National Security Agency. This situation shows that the CIA and the NSA will jointly attack the same victim, or share cyber attack weapons with each other, or provide relevant technical or human support. This adds new and important evidence to the attribution of the identity of APT-C-39 attacker. In 2020, 360 Company independently discovered an APT organization that had never been exposed by the outside world, and numbered it as APT-C-39. The organization specializes in cyber attacks and stealing secrets against China and its friendly countries, with victims all over the world.
In addition, the power and harm of CIA attack weapons can be seen from the third-party open source tools. This kind of attack means that the CIA often uses ready-made open source hacking tools to carry out attacks. The initial attack of CIA cyber attacks is usually carried out against the victim’s network equipment or server, and social engineering attacks are also carried out. After obtaining the target authority, it will further explore the network topology of the target organization and move horizontally to other networked devices in the intranet to steal more sensitive information and data. The controlled target computer will be monitored in real time for 24 hours, all the keyboard keystrokes of the victim will be recorded, the copy and paste information of the clipboard will be stolen, and the insertion status of USB devices (mainly mobile hard disks, U disks, etc.) will be monitored in real time. Once a USB device is connected, the private files in the victim’s USB device will be automatically stolen. When conditions permit, the camera, microphone and GPS positioning equipment on the user terminal will be remotely controlled and accessed.
Through empirical analysis, the latest report finds that CIA cyber weapons use extremely strict spy technical specifications, and all kinds of attack methods echo and interlock. Now it has covered almost all Internet and Internet of Things assets in the world, and can control other countries’ networks anytime and anywhere and steal important and sensitive data from other countries, which undoubtedly requires a lot of financial, technical and human resources support. American-style cyber hegemony can be seen, and the "matrix" deserves its name.
In view of the highly systematic, intelligent and covert cyber attacks launched by CIA on China, it is particularly important for domestic government agencies, research institutes, industrial enterprises and commercial institutions to quickly "see" and deal with them at the first time. The report suggests that in order to effectively deal with the imminent network and real threats, we should organize the self-inspection and self-inspection of APT attacks as soon as possible while adopting self-controlled domestic equipment, and gradually establish a long-term defense system to achieve comprehensive and systematic prevention and control and resist advanced threat attacks.