New report details one of history’s “largest ever” cyber espionage operations
April 5, 2017 Leave a comment
A new report authored by a consortium of government and private organizations in Britain has revealed the existence of a computer hacking operation, allegedly based in China, that is said to be “one of the largest ever” such campaigns globally. The operation is believed to have compromised sensitive information from an inestimable number of private companies in Southeast Asia, Europe and the United States. The report was produced by a consortium of public and private organizations, including BAE systems and the London-based National Cyber Security Centre, an office of the United Kingdom’s signals intelligence agency, the Government Communications Headquarters. It details the outcome of Operation CLOUD HOPPER, which was launched to uncover the cyber espionage activities.
According to the report, the attacks were first launched several years ago against targets in Japan’s government and private sector. But after 2016, they spread to at least 14 other countries, including France, the United Kingdom and the United States. It is claimed that the attacks are “highly likely” to originate from China, given that the targets selected appear to be “closely aligned with strategic Chinese interests”. The authors of the report have named the hacker group APT10, but provide limited information about its possible links —or lack thereof— with the Chinese government.
The report claims that APT10 uses specially designed malware that is customized for most of their targets, thus constituting what experts describe as “spear fishing”. Past successful attacks have already resulted in an “unprecedented web of victims” who have had their information compromised, say the authors. The victims’ losses range from intellectual property to personal data. One of the report’s authors, Dr. Adrian Nish, who is head of threat intelligence at BAE Systems, told the BBC that it is currently impossible to estimate the number of organizations and agencies that have been impacted by APT10’s activities.
► Author: Ian Allen | Date: 05 April 2017 | Permalink
An employee of the United States Department of State has been charged with lying to authorities about her contacts with Chinese intelligence operatives, who gave her money and gifts in return for information. Candace Claiborne, 60, joined the Department of State in 1999 as an office management specialist. She lives in Washington, DC, but has served overseas in American diplomatic facilities in Baghdad, Iraq, Khartoum, Sudan, and China, where she was stationed in Beijing and Shanghai. According to information provided by the Federal Bureau of Investigation, Claiborne had a top security clearance, which required her to report contacts with foreign nationals.
United States President Donald Trump has reportedly authorized the Central Intelligence Agency to bring back the routine use of lethal airstrikes by unmanned aerial vehicles (UAVs), which his predecessor, Barack Obama, curtailed in 2013. Washington began employing limited strikes by UAVs, otherwise known as drones, in the early 1990s, during the administration of President Bill Clinton. But it was under the Obama administration that the use of drone strikes reached an all-time high, with hundreds of such attacks documented after 2008. It is believed that Obama used this remote attack method to combat the Taliban and al-Qaeda, while at the same time keeping his promise of bringing back American troops from the Middle East and Central Asia. However, in 2013 the US president severely curtailed the controversial program, which some say damaged America’s image by inflicting civilian casualties.
Boris Johnson, the British foreign secretary has said in an interview that Russian spies may have orchestrated last year’s failed attempt to kill the then-prime minister of Montenegro, Milo Dukanović. Mr. Johnson, a senior figure in the Conservative Party of the United Kingdom, was a major contender for the prime minister’s position in 2016, after the administration of David Cameron collapsed under the weight of the Brexit vote result. Speaking on Sunday morning to reporter Robert Peston, of Britain’s ITV television network, Mr. Johnson said that the West should “engage” with Russia, but warned that it should also “beware” of Moscow’s “dirty tricks” in Europe and the United States.
The leader of the Islamic State has abandoned the city of Mosul and is hiding in the desert zone of western Iraq, according to intelligence sources. Meanwhile Mosul, once the most populous city under the Islamic State’s control, is now reportedly being defended by a diminishing cadre of fewer than 3,000 Sunni militants, who are facing a 110,000-strong invading army.
The military intelligence service of Sweden warned last week that there were increasing incidents of espionage perpetrated against Sweden by operatives identified “beyond doubt” as agents of foreign powers. In its 
The White House has instructed the Central Intelligence Agency to halt military support to armed groups that are associated with the Free Syrian Army (FSA), a group opposed to Syrian President Bashar al-Assad. Some believe that the move indicates a change in American policy under United States President Donald Trump. But Syrian rebel commanders say they believe the move is temporary, and that military aid will be restored. For several years, the CIA has 
A senior aide to Michael Flynn, National Security Adviser to United States President Donald Trump, will have to step down from his post because his application for a security clearance was rejected, say sources. Flynn had chosen Robin Townley, a former intelligence officer in the US Marine Corps, to serve as Senior Director for Africa on the National Security Council, a forum chaired by the president, which makes key decisions on domestic and foreign issues. Townley, who is described as “one of Flynn’s closest deputies”, held a top-secret security clearance for many years during his government career. But joining the National Security Council requires a so-called “sensitive compartmented information” clearance. This elite-status clearance allows designated individuals to access government programs and operations that are deemed highly sensitive.
An Iranian scientist who works at a university in Belgium has been sentenced to death in Iran, allegedly for spying. According to his family and his employer in Belgium, Dr. Ahmadreza Djalali is currently in prison in Tehran. Dr. Djalali, 45, is professor of disaster medicine at the Vrije Universiteit Brussel (VUB), a Dutch-speaking university located in the Belgian capital. For the past few years, Dr. Djalali has been based in Italy, where he teaches in the VUB’s European Master’s program in Disaster Medicine. According to an 
The White House announced on Monday a revised policy that reinstates the Central Intelligence Agency on the National Security Council. Chaired by the president, the NSC was established 70 years ago as a forum to provide the commander-in-chief with advice from senior civilian and military officials before making key decisions on domestic and foreign affairs. Principal attendees of the NSC include the US vice president, the secretaries of state, defense, and energy, the chair of the Joint Chiefs of Staff, and the director of national intelligence. Last week, the White House removed the chair of the Joint Chiefs of Staff and the director of national intelligence from the Principals Committee —the core participants— of the NSC. A 
The security services of Lebanon announced on Wednesday that they had arrested five foreign nationals who were allegedly spying of Israel. A brief statement issued by Lebanon’s General Directorate of General Security (GDGS, also known as the General Security Directorate) said the five individuals were members of a “spy ring” set up by the Mossad, Israel’s external intelligence agency. The five —three men and two women— are accused of contacting Israeli embassies in countries in the Middle East, Europe and Asia, with the aim of passing information about domestic Lebanese affairs.
The intelligence agency of New Zealand has issued a report warning that the country is being targeted by foreign spies who operate using fake covers. Many of them aim to infiltrate some of the highest levels of the government, according to the agency. The warning appeared in the annual report of the New Zealand Security Intelligence Service (NZSIS), the country’s main national intelligence organization, which is responsible for intelligence, counterintelligence and counter- terrorism. The NZSIS’ 
The Indonesian military has halted all forms of cooperation with the armed forces of Australia, with some media reports suggesting that the decision was prompted by fears of espionage. Indonesia and Australia have held joined military training sessions for many decades. In recent weeks, members of the Kopassus, the elite special forces of the Indonesian military, were training on a base in Perth, Australia, with their counterparts in the Australian Special Air Service. On Wednesday, however, the Indonesian government 
A man at the center of the first case of Chinese nuclear espionage in United States history will be pleading guilty on Friday, according to court documents. This could mean that the alleged spy has decided to give the Federal Bureau of Investigation (FBI) details of Chinese nuclear espionage in the US. The accused man is Szuhsiung ‘Allen’ Ho, a Taiwanese-born engineer and naturalized American citizen. Ho was arrested by the FBI in April on charges of sharing American nuclear secrets with the government of China.
intelNews.org 
Same hacker group is targeting French and German elections, says report
April 26, 2017 Leave a comment
The Trend Micro report focuses on a mysterious group that cyber-security experts have dubbed Pawn Storm —otherwise known as Sednit, Fancy Bear, APT28, Sofacy, and STRONTIUM. It says that the group has launched an aggressive phishing campaign against German political institutions, which has intensified in the past two months. The group allegedly set up fake computer servers in Germany and the Ukraine, and used them to try to infiltrate the computer networks of two elite German think-tanks, the Konrad Adenauer Foundation (KAF) and the Friedrich Ebert Foundation (FEF). The KAF is connected with the Christian Democratic Union party, which is led by Germany’s Chancellor, Angela Merkel. The FEF has strong ties with the centrist Social Democratic Party, which is part of Germany’s governing alliance.
The report’s leading author, cyber-security expert Feike Hacquebord, told the Reuters news agency that the hackers were possibly seeking to infiltrate the two think-tanks as a means of gaining access to the two political parties that are connected with them. Some cyber-security experts in Europe and the United States have said that the Russian Main Intelligence Directorate, the country’s military intelligence agency, known as GRU, is behind the cyber-attacks on France, Germany and the United States. But the Trend Micro report did not attempt to place blame on Moscow or any other country for the cyber-attacks. The Kremlin has denied involvement with the alleged hacking operations.
► Author: Ian Allen | Date: 26 April 2017 | Permalink
Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with APT28, computer hacking, cyberespionage, cybersecurity, Fancy Bear, Feike Hacquebord, France, Germany, GRU, News, Russia, Sednit, Sofacy, STRONTIUM, Trend Micro