China ‘hacked European government computers’ prior to G20 summit

G20 Summit participantsBy IAN ALLEN | intelNews.org
A group of hackers from China managed to compromise computer networks belonging to the foreign ministries of several European governments prior to last September’s G20 Summit, according to a private computer security firm. The Summit, which took place in St. Petersburg, Russia, on September 5 and 6 of this year, brought together the heads of state of 20 major economies, including the United States and many European Union countries. The meeting agenda was dominated by discussions concerning the response of the international community to the chemical attacks in Ghouta, Syria. According to the Reuters news agency, the hackers managed to infiltrate carefully targeted computer networks by sending emails containing infected attachments to employees of foreign ministries. The attached files bore titles such as “US_military_options_in_Syria”, which appeared designed to bear reference to the upcoming G20 Summit. The hacking revelations were made by FireEye, Inc., a California-based security firm, which says it has proof the hackers came from China. The firm says its confidence on the matters stems from “a variety of technical evidence”, such as the language used on the control server used by the hackers, as well as the types of machines that were used to test the virus before it was deployed. FireEye said its experts were able to keep tabs on the “inner workings” of the primary computer server that the hackers used to monitor the compromised computer networks. However, shortly before the Summit begun, the hackers migrated to another server, at which point the FireEye team lost contact with them. Read more of this post

About these ads

Report reveals secret US-India Cold War collaboration

U-2 surveillance aircraftBy JOSEPH FITSANAKIS | intelNews.org |
During much of the Cold War, India enjoyed a close diplomatic and military relationship with the Soviet Union. But a newly declassified document reveals that the South Asian country allowed the United States to spy on the Soviets using its airspace. The revelation is contained in a 400-page history of the American U-2 reconnaissance aircraft program authored on behalf of the US Central Intelligence Agency (CIA). The formerly classified document, written in 1992 by CIA historians Gregory Pedlow and Donald Welzenbach, is titled: The Central Intelligence Agency and Overhead Reconnaissance: The U-2 and OXCART Programs, 1954-1974. It was declassified last week in response to a 2005 Freedom of Information Act request filed by Jeffrey T. Richelson, Senior Fellow at George Washington University’s National Security Archive. The Central Intelligence Agency had been involved in U-2 reconnaissance missions since 1954, when the spy program began. Known officially as Project HOMERUN, the U-2 program was a joint effort by the CIA and the National Security Agency that surreptitiously gathered signals and photographic intelligence on Soviet military sites. The program, which has been described by some historians as one of the most successful intelligence projects in US history, relied on the U-2’s ability to fly beyond 70,000 feet over the Soviet Union, thus avoiding detection or attack by Soviet forces. That assumption, however, proved to have been false. In reality, Soviet radars had been able to detect nearly every U-2 flight over Soviet territory. Eventually, on May 1, 1960, Soviet forces managed to shoot down one of the U-2 flights using a surface-to-air missile. This led to the so-called ‘U-2 incident’, during which India sided firmly with the Soviet Union, criticizing the US for violating Soviet airspace. But New Delhi’s attitude to the U-2 program appears to have changed drastically following the Sino-Indian conflict on October 1962, when Chinese forces launched a series of armed incursions into Indian territory, killing over 1,000 soldiers. Read more of this post

UK to probe Chinese telecoms firm over security concerns

Huawei TechnologiesBy IAN ALLEN | intelNews.org |
The British government has confirmed that it will review the involvement of a Chinese telecommunications hardware manufacturer in a cybersecurity testing center in Oxfordshire, England. The facility, called Cyber Security Evaluations Centre, has been operating since 2010 in the town of Banbury, 64 miles northeast of London. Its establishment was part of a 2005 agreement between firm British Telecom and Chinese telecommunications hardware manufacturer Huawei. According to the stipulations of the agreement, British Telecom would purchase switches and other hardware equipment from the Chinese company, if the latter agreed to set up “the Cell”, as it is known, in Banbury, to test the equipment’s security features. However, last month, a report (.pdf)  by the British Parliament’s Intelligence and Security Committee (ISC) raised strong concerns about Huawei’s involvement at the Centre. The ISC report called the government’s attention to “the risks of Huawei effectively policing themselves” and stressed that Britain’s national security could potentially be compromised by Huawei’s alleged links to the Chinese military. The report based its concerns on the fact that virtually every member of staff at the Banbury testing facility is an employee of Huawei, barring its Director, who is a former deputy director of Britain’s General Communications Headquarters (GCHQ). The parliamentary report urged the government to overcome its “fear of jeopardizing trade links with Beijing” and pressure British Telecom to amend its agreement with Huawei. Instead of Huawei technicians, the ISC report suggested that the Banbury Centre should be staffed exclusively with personnel from GCHQ —Britain’s communications intelligence agency. Late last week, the UK Cabinet Office announced it was in agreement with the principal recommendations of the ISC report and said that a review of the Banbury testing facility will take place. Read more of this post

Australia fears Asia backlash over PRISM surveillance revelations

David IrvineBy JOSEPH FITSANAKIS | intelNews.org |
The government of Australia is concerned that American whistleblower Edward Snowden may leak classified information that could damage Australia’s relations with its Asian neighbors, including China and Malaysia. Early this month, Snowden, a former technical assistant for the United States Central Intelligence Agency (CIA), disclosed the existence of PRISM, a clandestine electronic surveillance program operated by the US National Security Agency (NSA). Information provided by Snowden to British newspaper The Guardian suggests that Washington routinely shares PRISM intelligence with Canada, New Zealand, the United Kingdom and Australia. These four countries, along with the United States, are signatories to the so-called UKUSA agreement, a multilateral accord for cooperation in signals intelligence (SIGINT) collection, which was established secretly in 1946. Australian media reported on Wednesday that the Australian Parliament’s Joint Committee on Intelligence and Security had been briefed by senior intelligence officials on Australia’s role in PRISM. The Sydney Morning Herald said that David Irvine, Director of the Australian Security Intelligence Organisation, and Ian McKenzie, who heads Australia’s Defence Signals Directorate, were among those who briefed the parliamentary Committee. Its members were reportedly told that the disclosures about PRISM were likely to damage Canberra’s relations with several Asian countries, in ways that are difficult to predict. One unidentified Australian intelligence official told The Herald that Snowden had “very wide access” to classified information held by the NSA, and that some of it probably includes “much detail of communications intelligence cooperation between the US and Australia”. One source went as far as to say that Snowden’s disclosures have already “damaged [...] Australia’s intelligence capabilities”. Read more of this post

Snowden flees to Russia despite US passport revocation

Edward SnowdenBy JOSEPH FITSANAKIS | intelNews.org |
An American former intelligence contractor, who leaked classified information about intelligence operations, was able to leave Hong Kong for Russia on Sunday, despite having his United States passport revoked. Earlier this month, Edward Snowden, a former technical assistant for the Central Intelligence Agency, disclosed the existence of PRISM, a clandestine electronic surveillance program operated by the US National Security Agency (NSA). Shortly before leaking information about US intelligence operations to the world’s media, Snowden traveled to Hong Kong, a territory under the control of the People’s Republic of China. Last week, Washington charged Snowden, a self-described whistleblower, under the Espionage Act, and revoked his American passport, in an attempt to prevent him from leaving Hong Kong. But reports emerged on Sunday that Snowden had boarded an Aeroflot flight from Honk Kong to Russian capital Moscow, despite the revocation of his American passport. US authorities claim that Snowden’s transfer to Moscow occurred after Washington revoked his American passport, which raises the question of how the former CIA employee was able to exit Chinese territory. Several reports suggest that Snowden was accompanied by “unidentified diplomats” as he left Hong Kong for Moscow. Previously, the US had applied considerable diplomatic pressure on China, requesting Snowden’s extradition. But Hong Kong allowed the American fugitive to board a plane to Moscow, saying it had been given “no legal basis to restrict Mr. Snowden from leaving”. Read more of this post

Secretive US cyber unit has been spying on China for 15 years

NSA headquartersBy JOSEPH FITSANAKIS | intelNews.org |
A secretive cyberattack unit within the United States National Security Agency (NSA) has been engaged in protracted offensive cyberespionage operations against China for nearly 15 years. The revelation, made this week by veteran NSA watcher Matthew M. Aid, appears to confirm recent allegations made by Chinese government officials that Beijing’s secrets come under regular attack by US government-sponsored hackers. It also agrees with claims made by several intelligence observers, including this blog, that America’s cyber-security posture is not purely defensive. According to Aid’s article, published this past Monday in Foreign Policy, China’s allegations that it has been the target of sustained cyberespionage attacks by the US “are essentially correct”. Citing “a number of highly confidential sources”, Aid alleges that the NSA maintains a substantial “hacker army”. These ‘cyberwarriors’ allegedly operate under the NSA’s Office of Tailored Access Operations, known inside NSA simply as TAO. Its personnel is said to have successfully penetrated the Chinese government’s telecommunications networks and servers since the late 1990s, generating “some of the best and most reliable intelligence information” gained by Washington. It does so through computer network exploitation (CNE) techniques, such as surreptitious hacking, password exploitation, and even by compromising Chinese network security technicians. Aid alleges that TAO works closely with the Central Intelligence Agency (CIA) and the Federal Bureau of Investigation (FBI), through a small “clandestine intelligence gathering unit”. The latter employs CIA and FBI operatives who perform what are known as “off-net operations”, a term that refers to physical break-ins of Chinese and other foreign diplomatic facilities, in order to compromise the security computer hardware. Read more of this post

News you may have missed #842 (world reaction to Snowden leak)

Edward SnowdenBy IAN ALLEN | intelNews.org |
►►Chinese media focus on Snowden leaks. The front pages of Chinese state media were covered Thursday with the allegations of ex-CIA employee Edward Snowden, who says the US government has been hacking computers in China for years. Speaking to media in Hong Kong, where he is currently staying, Snowden said the US has been hacking computers in Hong Kong and mainland China since 2009. He said targets include public officials, businesses and the Chinese University of Hong Kong. Those claims by Snowden were the top story on most of China’s major news portals on Thursday
►►Switzerland furious about Snowden’s charge that CIA spies on Swiss banks. One of the many lurid details in The Guardian’s remarkable interview with NSA whistleblower Edward Snowden was his account of what initially prompted him to leak: namely a CIA tour in Switzerland, where CIA officers recruited Swiss banking officials. The Snowden disclosure could not come at a worse time for the Swiss government, which is trying to convince parliament to back its emergency plan that would allow Swiss banks to turn over data on tax evaders to the US government.
►►Is Russia considering giving asylum to Snowden? Asked if the 29-year-old could claim asylum from Russia, a spokesman for President Vladimir Putin told the newspaper Kommersant: “If such a request is received, it will be considered”. Any attempt by the Kremlin to give refuge to Mr Snowden, amid calls for his prosecution under the US Espionage Act, is likely to infuriate the White House and provoke a major diplomatic standoff.

News you may have missed #841 (Snowden leak analysis)

Edward SnowdenBy IAN ALLEN | intelNews.org |
►►US officials defend spy programs as safeguards against terror. Intelligence officials sought to convince US House lawmakers in an unusual briefing that the government’s years-long collection of phone records and Internet usage is necessary for protecting Americans —and does not trample on their privacy rights. The parade of FBI and intelligence officials who briefed the entire House on Tuesday was the latest attempt to soothe outrage over NSA programs which collect billions of Americans’ phone and Internet records.
►►Some in US intelligence see Chinese behind Snowden leak. Former CIA officer Bob Baer told CNN that some US intelligence officials “are seriously looking at [the revelations made by Edward Snowden] as a potential Chinese covert action. Hong Kong is controlled by Chinese intelligence”, Baer told CNN Sunday evening. “It’s not an independent part of China at all. I’ve talked to a bunch of people in Washington today, in official positions, and they are looking at this as a potential Chinese espionage case”.
►►Leak highlights risk of outsourcing US spy work. The explosive leak uncovering America’s vast surveillance program highlights the risks Washington takes by entrusting so much of its defense and spy work to private firms, experts say. Edward Snowden, the 29-year-old man whose leak uncovered how spy agencies sift through phone records and Internet traffic, is among a legion of private contractors who make up nearly 30 percent of the workforce in intelligence agencies. From analyzing intelligence to training new spies, jobs that were once performed by government employees are now carried out by paid contractors, in a dramatic shift that began in the 1990s amid budget pressures.

Ex-CIA technician who leaked Verizon court order comes forward

Edward SnowdenBy JOSEPH FITSANAKIS | intelNews.org |
Last week, British newspaper The Guardian revealed a secret court order that enables the United States government to collect the telephone records of millions of customers of Verizon, one of America’s largest cellular phone service providers. On the morning of Sunday, June 9, the individual responsible for leaking the secret court order came forward on his own volition. He is Edward Snowden, a former technical assistant for the US Central Intelligence Agency (CIA). The 29-year-old computer expert, who has been working for the National Security Agency (NSA) for the last four years, told The Guardian that he decided to leak the injunction because he felt it posed “an existential threat to democracy”. He added that he was not motivated by money in disclosing the document. Were he after money, he said, he “could have sold these documents to any number of countries and gotten very rich”. In a video published on The Guardian’s website, Snowden told the paper that his disillusionment with America’s “federation of secret law, unequal pardon and irresistible executive powers” began even before 2007, when he was stationed under diplomatic cover at the CIA station in Geneva, Switzerland. He finally decided to act three weeks ago, he said, after careful consideration of the ramifications of his decision for his life and career.

Read more of this post

News you may have missed #838 (analysis edition)

Predator droneBy IAN ALLEN | intelNews.org |
►►Delisle spy case barely caused ripples between Canada and Russia. The arrest of Jeffrey Delisle, a Canadian naval officer spying for Russia, did little to discourage Canada from welcoming that country’s defense chief to a Newfoundland meeting of Arctic nations last year. The visit underscored the puzzling lengths to which the Canadian government went to carry on a business-as-usual relationship with the one-time Cold War adversary. Most other planned military contacts between the two nations last year —including participation in the anti-terrorism exercise Operation Vigilant Eagle— also remained curiously normal.
►►Don’t believe the hype on Chinese cyberespionage. Within a day of each other, The Washington Post published a shocking list of US defense programs whose designs have reportedly been stolen by Chinese cyberattacks, and ABC news said the plans for Australia’s spy headquarters were also stolen by Chinese hackers. It makes China sound like a secret-sucking cyber espionage machine, but is that really the case? The knee-jerk interpretation to this disclosure (and others) is that China is a powerhouse of cyber espionage capable of stealing whatever secrets they want and that the US is powerless to stop them. This seems very unlikely.
►►US Predator drone program quietly shifted from CIA to DoD. The White House has quietly shifted lead responsibility for its controversial armed drone program from the CIA to the Defense Department. In a landmark speech last week at National Defense University in Washington, US President Barack Obama offered some clues into the status of the program, opaquely signaling it will now primarily be conducted by the United States military.

Chinese hackers ‘stole blueprints’ of Australian spy agency’s new HQ

ASIO's new headquartersBy JOSEPH FITSANAKIS | intelNews.org |
Chinese government hackers allegedly stole the master blueprints and other highly classified technical information relating to the new headquarters of the Australian Security Intelligence Organisation (ASIO). The state-of-the-art building, which is located at the shore of Lake Burley Griffin in Australian capital Canberra, has so far cost taxpayers in excess of AUD $631 million (US $608 million). Although it remains under construction, the new headquarters is said to feature the most sophisticated security features of any government building in Canberra. But a report aired on May 28 by Australian television’s Four Corners investigative program, alleged that a Chinese government agency managed to steal the building’s blueprints. The program claimed that the highly classified blueprints were stolen when hackers mounted a sophisticated cyberattack on a private-sector contractor involved in constructing the ASIO’s new headquarters. Four Corners suggested that the cyberattack, which was “traced to a server in China”, also compromised the building’s communications diagram, server locations and physical security systems. The revelation will undoubtedly add to the stream of public criticism about the project, which has been severely plagued by budget increases and construction delays. As recently as 2010, the government was insisting that the project was “progressing on time and on budget, with completion scheduled for mid-2012”. Today, however, the building’s budget has gone over by AUD $171 million and the building is expected to open its doors no earlier than the fall of 2013, with some commentators suggesting that it could be 2014 before ASIO’s personnel are able to start moving in. Read more of this post

News you may have missed #828

Abdullah ÖcalanBy IAN ALLEN | intelNews.org |
Chinese researcher charged with stealing US drug. Chinese cancer researcher Huajun Zhao, 42, who has been working in the United States since 2006, has been charged with stealing data and an experimental compound from the Medical College of Wisconsin. The federal complaint accuses Zhao of stealing the compound, C-25, which could potentially assist in killing cancer cells without damaging normal cells. An FBI investigation turned up evidence that Zhao hoped to claim credit in China for discovering C-25. He had already claimed on a research website that he had discovered an unnamed compound he hoped to take to China.
Turkish intelligence to ‘oversee PKK retreat’. Turkey’s National Intelligence Agency, MİT, will oversee the withdrawal of Kurdistan Workers Party (PKK) militants, according to Turkey’s Deputy Prime Minister, Bülent Arınç. Last month, Abdullah Öcalan, the leader of the armed Kurdish group that has battled Turkey for 30 years, proclaimed an immediate ceasefire in PKK’s conflict with the Turkish state, which has claimed about 35,000 lives. Speaking on Turkey’s state-run broadcaster, TRT, Arınç said no legislation would be introduced to facilitate the withdrawal, but “certainly MİT will oversee it; security forces will take part in it, too”, he added.
Analysis: Controversial Bush programs continue under Obama. During the George W. Bush years, two of the most controversial elements of what was then called the Global War on Terrorism were the CIA’s rendition, detention and interrogation (RDI) program and the creation of the prison camps at Guantanamo Bay. Guantanamo Bay and the RDI program are both back in the news now, each for their own unsavory reasons. The Pentagon is requesting nearly $200 million for Guantanamo Bay infrastructure upgrades, including $49 million for a new unit for ‘special’ prisoners. Meanwhile, participation in the CIA’s controversial RDI program has resulted —for at least one person— not in prosecution or professional sanctions, but rather in a promotion.

Analysis: The Current State of the China-Taiwan Spy War

China and TaiwanBy JOSEPH FITSANAKIS | intelNews.org |
Last week I spoke about the current state of the espionage war between China and Taiwan with Tim Daiss, a Southeast Asia-based American journalist who has been covering the Asia-Pacific region for over a decade. Our discussion formed the basis of a comprehensive piece on the subject, published in British newspaper The Independent, in two parts (part one and part two). I told Daiss that the Ministry of State Security —China’s primary national intelligence agency— is not known for its technological prowess. However, the sheer size of Beijing’s intelligence apparatus is proving a good match for the more advanced automated systems used by its less populous regional rivals, including Taiwan. When it comes to traditional human intelligence, the Chinese have been known to employ time-tested methods such as sexual entrapment or blackmail, as was confirmed most recently in the case of Taiwanese Major-General Lo Hsien-che. Lo, who headed the Taiwanese military’s Office of Communications and Information, was convicted of sharing classified top-secret information with a female Chinese operative in her early 30s, who held an Australian passport. During his trial, which marked the culmination of Taiwan’s biggest spy scandal in over half a century, Lo admitted that the Chinese female spy “cajoled him with sex and money”. In addition to honey-trap techniques, Chinese spies collect intelligence by way of bribery, as do many of their foreign colleagues. In the case of China, however, a notable change in recent years has been the accumulation of unprecedented amounts of foreign currency, which make it easier for Chinese intelligence operatives to entice foreign assets, such as disgruntled or near-bankrupt state employees, to sell classified data. Read more of this post

German intelligence report sees US leading global energy contest

The Tengiz oil refinery in KazakhstanBy JOSEPH FITSANAKIS | intelNews.org |
A leaked geopolitical study authored by German intelligence sees the United States as the primary beneficiary of the world’s drastically changing energy balance. The report, which was produced by the German Federal Intelligence Service (Bundesnach- richtendienst, or BND) was leaked to the Reuters news agency and accessed by Germany’s Frankfurter Allgemeine Zeitung. It sides with other recent estimates, notably by the International Energy Agency, which suggest that the domestic oil production of the United States might exceed that of Russia and Saudi Arabia by the year 2020. The BND estimates that, through the technique popularly known as fracking (using pressurized fluid to cause horizontal fractures on underground rock layers), the US will be able to exploit oil and natural gas reserves on its territory that were previously considered inaccessible. This could transform the US from the world’s largest energy importer of energy to a net exporter of both oil and natural gas. According to the report, such a massive transformation of the global energy import-export balance could have “particularly dramatic consequences” in the realm of international relations. Most crucially, it could transform the existing balance of power between the US and China. Specifically, German intelligence analysts forecast that, as the US becomes increasingly self-sufficient in energy, it will limit its import of oil and natural gas to its neighboring countries, namely Canada and Mexico. This could potentially lead the US to gradually disengage from the Middle East, allowing Washington’s foreign policy “increased freedom of action” vis-à-vis energy-rich Arab nations and Israel. At the same time, more Middle Eastern oil will find its way to China, as the Far-Eastern country will emerge as the world’s largest importer of energy. Read more of this post

Freed Russian scientist convicted for spying maintains innocence

Valentin DanilovBy JOSEPH FITSANAKIS | intelNews.org |
A Russian scientist who was pardoned last week, after spending nearly a decade behind bars for allegedly spying for China, has dismissed the charges against him as “pure fantasy”. Physicist Valentin Danilov was arrested by the FSB, the Russian Federal Security Service, in February of 2001 and charged with conducting espionage in the service of the Chinese space program. At the time of his arrest, Danilov headed the Thermo-Physics Center at Russia’s Krasnoyarsk State Technical University (KSTU), located in Siberia’s third largest city. For several years leading up to his arrest, he conducted research on the impact of solar activity on the condition and performance of space satellites. During his lengthy trial, Danilov admitted selling to the Chinese information on satellite technology belonging to the Russian government. But his defense team argued that the information in question had already been declassified and available in public sources since the early 1990s. Eventually, in November of 2004, a Russian Federal court found Danilov guilty of treason and sentenced him to 14 years in prison. He was supposed to be released in 2017. Earlier this month, however, a court in Krasnoyarsk found that, since Danilov had served most of his prison sentence in good behavior, and since his health was weak, he would be released early. In his first public interview since his release, Danilov, 66, has said he intends to take his case against the Russian government to the European Court of Human Rights. Speaking to reporters as soon as he emerged from prison, the Russian scientist said: “I would truly appreciate it if someone finally told me what state secret I sold”. He went on to comment directly on Russian President Vladimir Putin: “Everybody would be the same as him in his place, because it is the court that makes the czar”, he said, employing a traditional Russian proverb. Read more of this post

Follow

Get every new post delivered to your Inbox.

Join 533 other followers