By George Eliason, an American journalist living in Ukraine.
In the first part of this article series, the post 9/11 rise of a private NSA was detailed. Some started in reaction to the twin tower attack. They aren’t connected with the government, intelligence, or homeland security. They are private citizens that have no security clearances in any western country.
They use the free OSINT [open-source intelligence] software found on the internet to find or decide who is a terrorist. Many of them enjoy the feeling of power they from getting people fired from their jobs and put on terrorist investigation lists.
They are freelancers with no oversight or rules. They are only accountable to themselves and their employers. These freelancers thrive on their ability to remain hidden from the public eye. In reality, they could be your socially inept, angry neighbor down the street who is afraid of their own shadow in person. But give them a keyboard and they’ll take your job, your bank account and your freedom.
These freelancers have carved a niche for themselves at the bottom of the OSINT and hacking professions. Today these people who feel so insignificant in their own lives are the cyber warriors for hire by anyone who has an ax to grind and the means to pay them.
They are Hate for Hire.
Freelance Cyber Soldiers
“Our view is that cyber is another operational domain, much as the seas are, much as the land is, much as space is.”Admiral Mike Rogers – Commander US Cyber Command, Director of the NSA, Chief of CSS
Cyber in this context goes way beyond hacker attacks aimed at taking down a website. It is meant to cause damage and even death as a military tool. Because this new frontier is so new, the laws governing “Cyber-war” have yet to drawn up. What has been done so far are a set of guidelines that define who and what can and can’t be targeted.
The Tallinn Manual [an academic, non-binding study on how international law applies to cyber conflicts and cyber warfare] sets out 95 black letter rules to apply international law to Cyber warfare. In the context of war, there are crimes against humanity that are unique to cyber. All the rules follow established laws of war including targeting civilians is a war crime. This will become very important by the time you get to the bottom of the article and make the remedy very simple to accomplish.
When you compare these rules to the conduct described in the first part of this article series detailing how people exercising 1st Amendment rights were treated by freelancers like Weisburd the pattern of abuse is clear. These rules are trying to describe Laws of War.
Weisburd doesn’t get paid to follow people. After stalking and collecting information his method hasn’t changed since the beginning. “Weisburd has not merely “dismantled” websites. He has harassed individuals engaged in perfectly legal online dissent, threatened their family members, harassed their employers, and harassed their web hosts. He regularly uses lies, disinformation and threats to accomplish these goals. Weisburd decides what is “threatening.”
If we no longer question who gets to spy, then who gets to decide who is a sanctionable enemy of the state? Who gets to run counter-terror operations against whom? What punishment can they meet out?
Non-state actors, just ordinary run of the mill citizens have both the means and the will to carry out (PRIVATE) foreign diplomacy, intelligence, military policy, and carry out military actions. If a freelancer is working for a foreign government doing this to citizens in their own country that are expressing legal free speech, are the freelancer’s actions legal?
“Peacemaker” the website to die for
Coinciding with the unveiling of the Peacemaker website which is a Ukrainian SBU, Ministry of Information, and Ukrainian Defense Ministry undertaking was the opening of a new web blog- Kremlintrolls.com by Andrew Aaron Weisburd (@webradius) which opened a few days earlier than the Ukrainian government site.
In a March 2015 article series I described the true reason for the “Peacemaker” website. It is meant to be a clearinghouse of information to target journalists, activists, people of influence, and people with any connection to them.
Weisburd is currently freelancing for the Ukrainian government and “Peacemaker” has all the earmarks of his involvement. Within a few days of the article peace activist, David Swanson was harassed by someone posing as a Russian embassy officer in WDC.
On January 11th, 2015(“Mirotvorets”) the peacemaker website went live with a mission to …“In the future the Peacemaker site will be similar to the site of the Viennese Simon Wiesenthal Center, which since the late 1940s has been focused on tracking and catching Nazi war criminals. In the case of Ukraine, these will be criminals who destroyed the Ukrainian people — the traitors,collaborators, Russian and other mercenaries, and military personnel taking part the undeclared and therefore illegal war by Russia, he concluded…Ukraine’s Ministry of Internal Affairs Advisor Herashchenko wrote. It is also noteworthy that foreign intelligence services have become interested in the Peacemaker site — the CIA, FBI, European intelligence and counterintelligence. The reason in simple. The civilized countries, drawing on information on the pro-Russian militants-terrorists, will be able to create their own databases of suspicious persons and individuals that must be neutralized and isolated from society, he said.”
Within one month after the article that stated journalists were going to be targeted offline, Oles Buzina was put on a cleansing list at Peacemaker, geo-located, and executed. Regrettably there is only so much you can do.
Weisburd began openly working for the Ukrainian government in January 2015. “Mirotvorets” has all the earmarks of his involvement from geo-location through OSINT to targeting people designated as political terrorists like Oles Buzina. Weisburd is currently one of the best-known freelancers specializing in this niche area of OSINT. Without trying too hard, we have the motive, means, and opportunity. Normally that could be enough to prompt a criminal investigation which in this case, will never happen.
Peacemaker’s future is meant to be Ukraine’s contribution to NATO and European security by working in conjunction with NATO COE [NATO’s Strategic Communications Centre of Excellence] Latvia. The Ukrainian war is just the starting point which is carrying on the work Aaron Weisburd has been perfecting for the last 14 years. They are to geo-locating and targeting people that read, write, or share something in social media that disturbs whatever entity or person the freelancer has a contract with.
Facebook took “Peacemaker” serious enough to ban the profile of the Ukrainian adviser to the Interior Minister Gerashenko who is opening another “cleansing” page for Russian citizens in Syria. “In accordance with the above, I invite all who have information about the Russian citizens taking part in the undeclared war of Russia against the Syrian people to report all the information to the website “Peacemaker” (“Mirotvorets”), where there will be a separate section “Putin’s crimes in Syria and in the Middle East.”
Where Ukraine can get away with it “cleansing” has meant murder, literally. Where that isn’t possible in western countries, Weisburds techniques to ruin the lives and livelihoods of his victims are being put into use.
According to Weisburd‘s February 26th definition of what he is doing- “I‘m just trying to do my part to help make bad things happen to bad people who are in the service of the Kremlin. And for the record, I’m not an army of one. I’m more like a one man intelligence service.”
In order to get paid freelancers like Weisburd needed to create Russian active measures agents. He’s going about this the same way he has for 14 years. He hacks the lives of normal people and paints them the way his employer needs to see them.
By doing this he is taking large swaths of the US and EU population and making them active Russian agents and soldiers according to Rule 26.7 of the Tallinn Manual-“belonging to” clause. This takes them out of protected civilian status and makes them targetable in the war. As long as no one looks into it, no one will ever know.
“Not all Kremlin Trolls are in Russia. Not only are they not all in Russia, they are not all in countries sympathetic to – let alone allied with – Russia. In fact, quite a few are in NATO countries. So, when I speak of efforts to combat Russian active measures campaigns as needing a robust counterintelligence component, this is what I’m getting at.”
Weisburd’s association with groups like “Peacekeeper” made it possible for him to scale up again. He’s gone from a few thousand people working for him to over 40,000 people just at Peacekeeper alone. The Ukrainian war isn’t the only project he is working on. Iran, Syria, Israel, Palestine, Russia, the Russian world, and American internal politics are some others. He has counter parts in every western country doing the same thing.
“Over the past week or two the Kremlin Trolls and their sundry fellow travelers became rather… agitated by previous entries on this site…The traffic generated by each URL provides a snapshot of who each troll’s engaged followers are, and where they appear to reside. Many of the trolls follow each other, so in all likelihood I’ve collected data on the Kremlin Trolls themselves, in addition to their engaged followers… How many of them were using proxy servers or VPNs? Not many. The Internet remains a great place to share, and a terrible place to try and hide.
Geolocation data is summarized in the table below. These countries account for 81% of all the Kremlin Trolls and their engaged followers. The top five countries alone account for 58%. That the USA is ranked first came as something of a surprise. Detailed analysis is ongoing, and I’m unlikely to share the findings publicly.”
If the people he was targeting were active Russian agents like he claims why wouldn’t they use virtual private networks (VPN) to shield themselves like he does? Is it surprising that none of his Kremlin Trolls were in Russia?
In mid-March 2015 I covered Joel Harding’s role in Ukraine’s rapidly developing info-war. Harding was one of the planners for the Iraq war, Afghanistan war, and the invasion of Haiti. He wrote the white papers that US cyber war doctrine is based in and was a part of setting up the NSA. He just discovered what he sees as a munition or real world “live round” to attack journalists and people that shared their views on social media.
“I was in a discussion today about information being used in social media as a possible weapon. The people I was talking with have a tool which scrapes social media sites, gauges their sentiment and gives the user the opportunity to automatically generate a persuasive response. Their tool is called a “Social Networking Influence Engine”. No, not related to the SMISC BAA from a few years ago. Better. ..Can this be categorized as a munition? I looked through and it does not seem to apply. The implications seem to be profound for the information environment.
The implications may have far-reaching impact beyond Department of Defense. The people who own this tool are in the civilian world and don’t even remotely touch the defense sector, so getting approval from the US Department of State might not even occur to them. If this does require ITAR approval, the corporate world that deals with information and influence will definitely be affected. ..So… my question is, who at the US Department of State must I coordinate with to get a ruling if this “Social Networking Influence Engine” must receive ITAR approval? “- Joel Harding
On May 16th, 2015 Joel Harding “publicly” discovered Aaron Weisburd for the first time.According to Harding THIS blog I will keep an eye on. It seems simply wonderful! It was man-love at first sight. Weisburd’s twitter account shows a standing relationship. On September 28th Weisburd retweeted Harding’s call for operators to scale up the info war.
On September 21st, Harding posted this advertisement to scale up the war against you.
“Ladies, Gentlemen, and everyone in between.
I am building a database of planners, operators, logisticians, hackers, and anyone wanting to be involved with special activities I will call ‘inform and influence activities’.
I have received a few different suggestions to help organize operations – of all sorts – against anti-Western elements. No government approval, assistance or funding. This skirts legalities. This is not explicitly illegal and it may not even be legal, at this point. That grey area extends a long way.
I am only trying to assess the availability of people willing to participate in such efforts. Technology, equipment and facility offers are also appreciated. If you would like to be included in my database, please send a tailored resume to joel_harding at yahoo.com. In your resume, I am more interested in actual skills and experience. If you have hands on experience of a less than legal nature, you might not want to admit illegal work. If need be, I will contact you for clarification of your skills.”- Joel Harding
Who is being Located?
When you understand that freelancers do this work for PAC’s, political parties, companies, or just people that pay; every person that reads, has an opinion or shares on social media is being targeted. Ukraine wants to be the clearing house for this work.
What they have found is except through direct hacking many of the news sites and journalists have strong reputations with their readers and remain directly outside their grasp. Instead, they turned to software that finds“influential people” to target through social media networks. Destroy those links and the website gets less social shares and if it is done enough the targets influence diminishes.
Imagine a world where local, state, or national political candidates use freelancers to target each other this way and promote their candidate or destroy their competition. No, wait, don’t imagine it. It’s happening today. “It doesn’t hurt that the Kremlin has an existing base of support in Texas in the form of Ron Paul & Co”. http://t.co/ub537ZsDu6 Mon May 11,2015 @webradius
“...turnabout is very definitely fair play. More than a few of the Kremlin’s trolls currently operating outside of Russia and or allied nations are likely acting as Russian agents in the strictly legal sense of the term (agent, not be confused with intelligence officers, the latter being those who recruit and run agents).”
Who are the people Weisburd calls Kremlin trolls and Russian agents? By the way he talks about them you would think they were directly employed by Vladimir Putin. Just ask Ron Paul or anyone that subscribes to the Ron Paul Institute for Peace and Prosperity.
If you are a libertarian, you’re on the lists as a Russian asset. Even Facebook which took down the profile of the Ukrainian Interior Ministry Adviser for soliciting murder is Russian troll owned and against Ukraine.
As a brief example, when you see a graph like this which looks like nothing and spend a few minutes investigating one of the people, it turns into this. In this case, we now have 100 people that potentially influence 52,000+. From there the geolocation work begins. In reality, they are targeting over 1 million people worldwide. Like the human rights activists he learned his trade on, most of these people cross lines on what he would call interests. The same people that support the Occupy Movement are also likely to support human rights around the world. In Weisburd’s words, this makes them good targets.
How is this done?
If we take a brief look at some of the tools you can see how invasive they are. On October 5th, 2015 Edward Snowden released information that the UK government could now hack your smartphone. I think it would be more shocking if they couldn’t. Using open source tools this has been going on for years in the private sector. For geolocation purposes, your smartphone is one of the greatest tools to use. Finding and following you has never been easier. Let’s face it if you are going to stalk someone, “street view” on a map is the next best thing to being there.
In the following video, the software hacks your modem. It’s only one step from your phone or computer.
Who Are They Working for?
In this case, it is directly for Ukraine and the Ukrainian emigre PACs like the UCCA. His social connections range across the Ukrainian government, the US OSCE, the Ukrainian Defense Ministry, Azov battalion’s Swedish Nationalist sniper-Mikael Skillt, and it wouldn’t be the same without the authentic Stepan Bandera III. Like his notorious grandfather before him Bandera III is working behind the scenes to destroy democracy and anyone’s life that gets in the way.
Is it Treachery or is it Treason?
It doesn’t matter if you don’t give a damn about the Ukrainian war, saving Donbass people, or anything about Russian culture or politics. It doesn’t matter that you don’t care about Syria and hope the good..?.. IGIL guys make it home for tea. It certainly doesn’t matter that the life you care about is what’s happening in front of you. In the USA or whichever western country you live in, your life is now a freelancer’s meal ticket.
In the first part of this article I detailed how in the UK, a partner of Weisburd’s Glen Jenvey fabricated stories in media about terror plots, falsified and planted evidence, falsified testimony of “terrorist activity” by using online sock puppets, hacking accounts and posting as the account owner, as well as setting up entrapment scams. That’s part of what is going on today.
The Tallinn Manual cyber war rules clearly show all these actions including just labeling normal people as targets is illegal. The “Peacemaker” project and Weisburd’s work are clearly listed as crimes against humanity. Harding’s new project even adds that element of conspiracy to commit crime into the mix.
Does Weisburd know he is committing crimes against his own people? Does he know what he is doing is against international law and is in the category of Crimes Against Humanity?
“I’m the guy who reckons one day he’ll get busted for playing bluegrass louder than the law allows on a Saturday night, & I’m okay w/that.” Sunday May 10, 2015 twitter @webradius
Cyber-war is Real War
The Tallinn Manual is important because if real States have limitations on what they can do, how much more limited should normal citizens be that are working as “freelancers.” To my knowledge no western country allows its citizens to make war on each other or citizens of other countries they are at peace with. The Black Letter Rules include: Rule 23.3 Cyber attacks against civilians is a war crime defined by rule 32.
- Rule 26.7 The concept of “belonging to” defines whether you can be targeted or not. This rule defines civilians as off limits unless they are “engaged” in real war duties. It includes undeclared relationships where behavior makes it clear which side a person is fighting for.
- rule 26.9 Virtual online communities and people expressing opinions do not qualify as combatants.
- Rule 30 defines a cyber attack as a non-kinetic attack reasonably expected to cause damage or death to persons resulting from the attack. If attacker mistakenly calls civilians lawful targets, the attack on civilians still occurred. It is a crime. This is an important consideration considering how interconnected the internet has made people.
- Rule 31 Psy-Ops including leaflets, mass emails is not prohibited behavior.
- Rule 33 If there is doubt to the status of a person, that person is to be considered a civilian and not targetable.
- Rule 35.5 Gathering information for the military makes you a combatant.
- Journalists are prohibited targets.
- Once an attack is made, the retribution is legal and does not necessarily need to be in kind. A cyber attack can be met with conventional weapons.
- Rule 41 Means and Methods describes cyber weapons broadly as the means to carry out cyber war by use, or intended use of cyber “munitions” designed to cause damage, destruction, or death to its targets. The breadth of the rule is required because of the wide array of possible attacks through cyber means.
Is it treason to target and destroy the lives of fellow citizens of your country while in the employ of a foreign government while working as a military asset? The manual is clear that a cyber attack is a use of force if it causes physical harm to people or property.
If in this case the number of people just in the US targeted by freelancers like Weisburd is potentially over 250,000 people, is that below the threshold of what is called an attack? Around the world it scales up to over 1 million. And this is just one area cyber war is being waged.The manual spells out the right to defend and even launch a preemptive attack if you know a cyberattack is imminent.
Your Safety Net
Cyber war is real war and the general public of the US and every western nation is being attacked. Safety starts with the realization that it is your life, livelihood, and status in your own country that is at stake.
In the US, start by calling your congressman and senator. Demand to know why the US is giving billions of dollars to Ukraine when it is attacking US citizens. Demand that this funding cease. Should Americans give tax dollars to a regime that hires Americans as “soldiers” to attack them?
Demand that OSINT tools be regulated and taken out of free public access. The process can still be done, but it becomes slow and costly. The OSINT field needs to be regulated like doctors and lawyers are. Both professions answer to a board for misconduct and can lose their license to practice if guilty.
Taking OSINT tools out of public reach is also the only way to reform the NSA practices. The legal argument is this simple.
If a seven-year-old can use software, freeware, or a Microsoft Excel plugin to follow mommy when she goes Christmas shopping in real time, we (the State) deserve State sized tools. As the public tools become more invasive, the State capability grows in kind. The tools should be licensed.
Call the Police
If your home was being burglarized, even a mild mannered person would call the police to arrest the criminal.
- Report this to the FBI. In Weisburd’s case, no one understood this in 2005. “Visit his local FBI field office online by clicking this link or telephone them at (816) 512-8200. Ask to speak with Special Agent Marshall Stone and ask them why they have not investigated Weisburd for online terrorism. Point out that their failure to prosecute Weisburd is an example of the FBI’s current practice of not providing equal protection under the law, a violation of the US Constitution. Request information on how to file a formal complaint against Weisburd and follow through with the information.”
- Report them to Homeland Security as a threat to national security and to the Internet.
- Report them to the Secret Service as a cyber threat to Americans.
- Ask the Carbondale, Illinois Police Department (Weisburd)to investigate his online crimes (hacking, unauthorized network intrusion, emailing viruses, etc).
Investigations into this need to be done. According to the Tallinn Manual its a matter of whether or not your country chooses to respond. In the US, motive, means, and opportunity to commit crimes and very close to accompanying confessions are already in the mix.
The CIA, FBI, Homeland Security, NSA, and every other acronym will thank you for taking the time to do this. Since 9/11 these freelancers have been ruining real investigations, flooding the pipe with bad intelligence, false information, false accusations, and entrapment scenarios that still take massive amounts of time to invalidate.
Understand your Footprint
Using simple online tools like geosocialfootprint will give you a basic understanding about your safety. In this case, it samples Twitter- generated data. While only a small beginning, it will give you an idea where to start.
Call in the Cowboys
Contact OSINT websites and ethical hackers. Most of the people in these sectors are solid professionals. For websites if there are problems you may want to get a PEN test done and find your network vulnerabilities. OSINT professionals and web sites can give great advice.
It is the responsibility of the government to protect the people. Barring this, the 1st Amendment is only one of a few that are designed to protect the civilian population.
Criminal and civil investigations must happen. Class action lawsuits based on them against the groups, PACs, and politicians that support this must be considered.
Considering how easy it is to stop this, will we?