US spy agencies conclude China intentionally concealed COVID-19 data

Trump and XiThe United States Intelligence Community has concluded that the Chinese government intentionally withheld and even fabricated crucial data about infections and deaths from COVID-19, according to reports. Consequently, the official numbers relating to the novel coronavirus outbreak in China allegedly represent a considerable under-reporting of both total cases and total deaths.

This claim was published on Wednesday on the website of the American news agency Bloomberg. The news agency cited “three [anonymous] US officials” in its report. The officials said that a summary of the evidence against China had been communicated to the White House in a classified report. The classified report is believed to conclude that the official Chinese numbers about COVID-19 are “intentionally incomplete”.

The claims against China include the accusation that the government in Beijing repeatedly changed the methodology it used to record and track cases —for instance by excluding asymptomatic COVID-19 carriers from the list for several months. There are also claims that the number of deaths owing to the virus may be much higher than official statistics show. This could be especially true in the city of Wuhan, in China’s east-central Hubei province, where the novel coronavirus is believed to have originated.

The embassy of China in Washington DC and the White House did not respond to questions about Bloomberg’s report on Wednesday. However, a number of pro-government media executives in China expressed concern in a Business Insider report late on Wednesday that the White House would try to exploit the Bloomberg report in order to “divert attention” from its own failures in preventing a surge of COVID-19 in America. They also claimed that China mobilized its health sector in a far more effective way than the US has done so far.

Author: Ian Allen | Date: 02 April 2020 | Permalink

Saudi Arabia may be abusing global phone tracking system to spy on dissidents

Saudi TelecomThe government of Saudi Arabia may be exploiting a decades-old tracking system embedded in the global mobile telecommu- nications network in order to spy on its citizens as they travel abroad, a report suggests. The report was published on Sunday in the British broadsheet The Guardian, based on documents provided by an anonymous whistle-blower.

The alleged documents may implicate Saudi Arabia’s three largest cellular telecommuni- cations service providers, said The Guardian, namely Mobily, Zain and Saudi Telecom. The anonymous whistle-blower told the paper that these companies were “weaponizing mobile technologies”, allegedly under the direction of Saudi Arabia’s ruling monarchy, which is notorious for suppressing political dissent within and outside the oil kingdom.

The alleged method of surveillance relies on SS7, a decades-old feature of the global cellular telecommunications system, which allows cellular providers to provide service to mobile phone users as they travel internationally. The SS7 system allows a mobile phone registered in a specific country to be used from a different country, and its user to be charged for the service. But to do so with accuracy, the SS7 system enables the service provider to track the owner of the device being charged for the phone call. This is done through what is known in cellular telecommunications parlance as a Provide Subscriber Location, or PSL, request.

According to The Guardian, Saudi cellular telecommunications providers have been making “excessive use” of PSLs in recent years. This indicates possible attempts to track the physical movements of Saudi cell mobile phone users who are traveling to the United States, and possibly other countries. The paper said that millions of PSLs were filed by Saudi Arabia in a one-month period in November of 2019. There is no telling how long this alleged surveillance operation has been going on, and in how many countries.

The paper also said that Ron Wyden, a Democratic senator from the US state of Oregon, who is a member of the Senate’s powerful Committee on Intelligence, has written to the Federal Communications Commission (FCC) about the privacy vulnerabilities of the SS7 system. However, the FCC has taken no action on the matter.

Author: Ian Allen | Date: 30 March 2020 | Permalink

American white supremacists wanted to weaponize COVID-19 in early February

Coronavirus COVID-19In early February, when most Western governments were just beginning to wake up to the COVID-19 threat, some American white supremacists were already exploring ways to weaponize the new virus. This is disclosed in an intelligence report authored by analysts in the United States Department of Homeland Security’s Federal Protective Service (FPS). The FPS is a law enforcement agency whose mission includes the physical protection of buildings and facilities used by the federal government.

The revelation is included in the FPS Weekly Intelligence Brief, which covers the week of February 17-24. Federal investigators found the information while monitoring online exchanges between what the FPS analysts describe as White Racially Motivated Violent Extremists. These exchanges took place on Telegram, an encrypted social networking application that has become popular with white supremacist groups due to its strong encryption standards.

According to the FPS, white supremacists discussed methods of using COVID-19 as a weapon to target members of local and federal law enforcement, as well as “nonwhite” individuals. Methods of attack reportedly included “saliva” or “spray bottles” containing bodily fluids of COVID-19 patients. Some members of the Telegram forum suggested smearing “saliva on door handles” at FBI field offices or smearing other bodily fluids on elevator buttons of apartment buildings located in “nonwhite neighborhoods”. Some white supremacists suggested that, should one of them contract the virus, they had an “obligation” to pass it on to members of law enforcement or non-whites.

Author: Ian Allen | Date: 23 March 2020 | Permalink

Google removes Iranian government’s COVID-19 app amidst claims of espionage

Iran Ministry of Health and Medical EducationAn Android application developed by the Iranian government to assist in coordinating the country’s response to the COVID-19 epidemic has been removed by Google amidst accusations that it may be used to track Iranian dissidents. The application, named AC19, was released several days ago by Iran’s Ministry of Health and Medical Education. Its release was announced through a text message sent by the Iranian government to every mobile telephone subscriber in the country. The text message urged citizens to download the application through a dedicated website or third-party app stores, including the Google Play Store. Millions have since done so.

The purpose of AC19 is to help coordinate the nationwide response to COVID-19, known as coronavirus, in a country that is experiencing one of the world’s most prolific outbreaks of the disease. App users can register using their unique phone number and determine whether their flu-like symptoms resemble those of COVID-19. The app’s developers argue that it can help keep people from flooding local hospitals throughout the country, which are already overwhelmed.

But some users have raised concerns that the app also requests access to the real-time geolocation data of users, which it then stores in remote databases. As technology news website ZDNet reports, some have accused the government in Tehran of using the AC19 app in order to track the movements of citizens. An expert consulted by ZDNet to examine the app’s technical details said that it did not appear to contain unusually intrusive features or functions.

However, the company used to develop the app, called Smart Land Strategy, has previously built apps that, according to ZDNet, were used by the Iranian intelligence services and were subsequently removed from the Google Play Store. Some Iranians claim that, given the connection between AC19 and Smart Land Strategy, it is possible that the new app may be used in the future by the Iranian government to spy on citizens, despite the fact that it may be presently useful in efforts to contain the COVID-19 epidemic.

The app continues to be available through Iranian government websites and app sites other than Google’s.

Author: Ian Allen | Date: 10 March 2020 | Permalink

Chinese cybersecurity firm accuses CIA of 11-year cyberespionage campaign

CIA headquartersA leading Chinese cybersecurity firm has accused the United States Central Intelligence Agency of using sophisticated malicious software to hack into computers belonging to the Chinese government and private sector for over a decade.

The accusation against the CIA comes from Qihoo 360, a prominent cybersecurity firm headquartered in Beijing. On Monday, company published a report of its investigation on its website, written in both Chinese and English. The report identifies the hackers as “the CIA Hacking Group (APT-C-39)”, and says that the group has carried out activities against “China’s critical industries” for at least 11 years.

The report claims that APT-C-39 targets included China’s energy and civilian aviation sectors, Internet service providers, scientific research universities and organizations, and various government agencies —which it does not name. The majority of the hacker group’s targets were located in Beijing, and also in China’s Zhejiang and Guangdong provinces.

According to Qihoo 360, APT-C-39 must be a “state-level hacking organization”, judging by the hacking tools that it used. These tools, such malware named by forensics experts as Grasshopper and Fluxwire, are believed to have been designed by the CIA. They were leaked in 2017 by the international whistleblower website WikiLeaks. American authorities have charged a former CIA programmer, Joshua Schulte, with leaking the malware. Schulte denies the charges.

The Qihoo 360 report also claims that the hours during which APT-C-39 hackers appear to be active correspond to the working hours of the East Coast of the United States. It also suggests that one goal behind the hacking operations against airline industry targets was to access the travel itineraries of senior figures in China’s political and industrial circles.

Author: Ian Allen | Date: 04 March 2020 | Permalink

Russia sent spies to Ireland to check undersea fiber-optic cables: report

Undersea cableThe Russian government sent a team of spies to Ireland to monitor undersea fiber-optic cables, which enable communications traffic between North America and Western Europe, according to a new report. The spies were allegedly sent to Ireland by the Main Directorate of the General Staff of the Russian Armed Forces, which is known in Russia as GU, and formerly as GRU.

Due to its geographical proximity to both North America and Europe, Ireland constitutes a major hub for several of the more than 300 undersea cables that currently cross the world’s oceans. Totaling over 500,000 miles, these cables deliver Internet and telephone traffic across every continent. Nearly all transcontinental communications traffic is facilitated through these cables.

According to the London-based Sunday Times newspaper, the Irish security services believe that the GU spies were sent to Ireland to check the cables for weak points, in case Moscow decides to sabotage them in the future. Others claim that the Russian spies sought physical access to the cables in order to install wiretaps. The Times article also claims that Russian spies were detected by Irish security personnel monitoring the Dublin Port, which is Ireland’s primary seaport. This, said The Times, prompted a security alert in government facilities along the Irish coastline.

The same report claimed that the GU has been using Ireland as a base for operations in northwestern Europe, from where Russian spies can gather intelligence on European targets such as Belgium, the United Kingdom, Holland and France.

Author: Ian Allen | Date: 18 February 2020 | Permalink

Russian spy agency reveals identities of undercover officers in rare move

Sergei NaryshkinIn an extremely rare move, the head of Russia’s spy agency has disclosed the identities of several undercover officers during an event marking the centenary of the KGB and its modern-day successor, the Russian Foreign Intelligence Service, or SVR.

The identities of the officers —most of whom are now retired or dead— were disclosed on Tuesday by Sergei Naryshkin, head of the SVR. Speaking at a press conference in Moscow, Naryshkin revealed the names and read the brief biographical notes of seven non-official-cover officers, referred to in Russian as “pазведчики-нелегалы”, or ‘illegals’. The term refers to undercover intelligence officers who are secretly posted abroad without diplomatic cover. Accordingly, they have no official connection to a Russian diplomatic facility, while some even pose as citizens of third countries.

Since 1922, illegals have operated out of the KGB’s and (after 1991) the SVR’s “S” Directorate, whose formal title is First Main Directorate or First Chief Directorate. It is customary to keep the identities of illegals secret following their retirement and even after death. However, in December of last year Naryshkin surprised many by announcing that he would soon disclose the identities of a number of former members of what he described as the “special reserve staff”, at an event to mark the centenary of the KGB and SVR.

He did so on Tuesday, when he disclosed the names of seven individuals and described their work in broad terms. The names disclosed by Naryshkin were: Yury Anatolievich Shevchenko (born 1939), Yevgeny Ivanovich Kim (1932-1998), Mikhail Anatolyevich Vasenkov (born 1942), Vitaly Viacheslavovich Netyksa (1946-2011) and his spouse Tamara Ivanovna Netyksa (born 1949), Vladimir Iosifovich Lokhov (1924-2002) and Vitaly Alekseyevich Nuykin (1939-1998).

The accompanying biographies released by the SVR disclose no specifics about the countries in which these illegals operated, the type of work they carried out, and the specific dates in which they were active. Most of them operated between the late 1960s and the early 1990s.

Author: Ian Allen | Date: 29 January 2020 | Permalink