North Korea is now robbing banks, says US intelligence official

North KoreaComments made by a senior American intelligence official on Tuesday appeared to suggest that the North Korean government was behind an attempt to steal nearly $1 billion from a Bangladeshi bank last year. The heist took place in February of 2016, when a computer malware was used to issue several requests to transfer funds from Bangladesh Bank —the state-owned central bank of Bangladesh— using the SWIFT network. The hackers were able to transfer five separate sums of $101 million each to a linked Bangladesh Bank account at New York’s Federal Reserve Bank. However, when further requests were issued, Federal Reserve Bank employees contacted Bangladesh Bank and blocked further transactions. Eventually, most of the transferred funds, which neared $1 billion, were recovered; but the hackers managed to get away with approximately $81 million worth of funds.

Forensic investigators described the heist as technically advanced. The antivirus company Symantec said it identified a piece of code in the malware that is known to have been used by North Korean government hackers in the past. Not everyone agreed with the claim that Pyongyang was behind the bank heist. But those who did, said that it was unprecedented in scope and aggressiveness. Some even said that the heist showed that North Korea’s cyber capabilities were among the most sophisticated and powerful in the world.

Meanwhile the United States government did not comment on the matter. However, this past Tuesday the deputy director of the National Security Agency appeared to confirm reports that North Korea was behind the Bangladesh Bank heist. Rick Ledgett, a 30-year veteran of the NSA, who is due to retire in 2018, was speaking at a public event hosted by the Aspen Institute in Washington, DC. He reminded the audience that private researchers had connected the malware code used in the Bangladesh Bank heist with that used in previous hacking attempts launched by North Korea. “If that linkage […] is accurate”, said Ledgett, it “means that a nation state is robbing banks”. When asked by the moderator whether he believes that to be the case, Ledgett responded “I do. And that’s a big deal”. Foreign Policy magazine reached out to Ledgett following his talk and asked him for clarification about his comments regarding the Bangladesh Bank heist. But the NSA official simply said that “the public case [about the heist] was well-made”. Foreign Policy also contacted the NSA, but the agency said it preferred not to comment on the matter.

Author: Joseph Fitsanakis | Date: 23 March 2017 | Permalink

Advertisements

Israel’s chief of staff says Hezbollah killed its own commander in Syria

Mustafa Amine BadreddineAn Israeli military official has repeated claims in the Arab media that the Lebanese Shiite group Hezbollah killed its own military commander in Syria, following a dispute with Iran. Mustafa Amine Badreddine, 55, an expert in explosives and former bomb-maker, was a senior military commander in the military wing of Hezbollah. He rose through the ranks of the organization to become a trusted adviser to Hezbollah’s Secretary General, Hassan Nasrallah. In 2011, the Special Tribunal for Lebanon, set up by the United Nations, charged Badreddine with organizing the assassination of Lebanese Prime Minister Rafik Hariri. Hariri was killed with over 20 other people in a massive bomb blast in Beirut, in February of 2005.

Soon after the outbreak of the Syrian Civil War, the leadership of Hezbollah dispatched Badreddine to the Syrian capital Damascus. His stated mission was to command thousands of Hezbollah troops, who fought under Iranian guidance in support of the Syrian President Bashar al-Assad. But on May 13, 2016, Badreddine was reportedly killed in Damascus, causing observers to describe his death as the biggest setback for the Shiite militant group since the 2008 assassination of its leading commander, Imad Mughniyeh. Initial reports in Hezbollah-controlled Lebanese media suggested that Badreddine might have been killed in an Israeli air attack. But a press statement issued later by Hezbollah said the commander had been killed as a result of an armed attack by Sunni rebels. However, on March 8 of this year, the Saudi-owned pan-Arab television network al-Arabiya said it had conducted its own investigation into Badreddine’s death, and had concluded that he was killed by Hezbollah itself. The network claimed that Hezbollah’s Secretary General Nasrallah had ordered Badreddine’s killing, after the Iranians demanded it. Apparently the Iranians wanted him killed because he disputed the authority of Major General Qasem Soleimani, commander of Iran’s Revolutionary Guard Corps, who is often credited with having saved the Syrian government from demise during the Civil War.

The claim that Badreddine was killed by Hezbollah was echoed on Tuesday by Lieutenant General Gadi Eisenkot, Chief of the General Staff of the Israel Defense Forces. Speaking to the Associated Press, Lt Gen Eisenkot said that reports from Arab media that Badreddine was killed by his own forces agreed “with intelligence we have”, referring to the Israeli military. It is worth noting that Israeli officials rarely comment on intelligence operations, including assassination operations, choosing instead to adhere to a “refuse to confirm or deny” policy.

Author: Joseph Fitsanakis | Date: 22 March 2017 | Permalink

US politics in uncharted waters as FBI announces probe into Russian activities

James ComeyMonday’s official announcement that an investigation is underway into alleged Russian involvement in the 2016 United States presidential election was an important moment in American political history. It exposed the chaotic state of American politics and added yet another layer of complexity in an already intricate affair, from which the country’s institutions will find it difficult to recover for years to come. This is regardless of the outcome of the investigation, which is being conducted by the Federal Bureau of Investigation. Even if it fails to produce a ‘smoking gun’, the very fact that the country’s chief counterintelligence agency is examining the possibility that a US president was elected with help from Russia, is an astonishing development without parallel in modern American history.

It is important to recognize that the FBI would never have initiated such a controversial and politically charged investigation without having concrete proof of Russia’s interference in last year’s presidential election. No agency of the US federal government would choose to dedicate enormous resources and personnel, and risk the political fallout that such a probe inevitably entails, without first having amassed indisputable evidence that necessitates it. Moreover, the FBI is not acting alone; its investigation almost certainly encompasses and incorporates similar probes carried out by other American security agencies, and possibly by agencies in allied countries, including the United Kingdom. It follows that the FBI investigation will undoubtedly confirm the existence of a systematic Russian intelligence operation that was aimed at influencing the outcome of last year’s American election.

As the present author has previously stated, it would be “extremely unusual and highly uncharacteristic of Russian spy agencies if they did not launch at least a rudimentary covert campaign to target the 2016 US presidential election […]. Indeed, the opposite would have been strange”. The central question, of course, is: what types of activities were part of the Kremlin’s covert campaign? Did it mostly involve the methodical production and dissemination of so-called ‘fake news’? Did it involve substantial funding of individual candidates or political parties? Or were there perhaps instances of extortion and blackmail of targeted individuals? These questions must be answered in full, and their inherent complexity explains fully why the FBI Director James Comey would not discuss details of the investigation on Monday.

Crucially, the FBI probe will have to answer conclusively the question of whether members of the administration of US President Donald Trump, or indeed the president himself, were implicated in the Kremlin’s actions. Did the president and his senior campaign team know that the Kremlin was —allegedly—assisting their efforts? If so, how did they know? And if not, did they deliberately ignore concrete warnings pointing to the contrary?

Every American, regardless of political persuasion, who genuinely cares about his or her nation’s political stability, hopes that the FBI probe finds no collusion between the Kremlin and the Trump campaign. However, there is an important sense in which, no matter the outcome of the investigation, serious damage has already been done. The reputation of American political institutions as a whole has been severely shaken, and mistrust between American civil society and its political institutions continues to rise exponentially. Meanwhile, it is safe to say that it will take months for the FBI’s probe to conclude. By then, the current chaotic state of American politics could be the a new permanently reality in Washington, a city that has witnessed much tumult in its history, though perhaps never as perplexing as the current crisis.

Author: Joseph Fitsanakis | Date: 21 March 2017 | Permalink

China has 5,000 spies in Taiwan, says official amidst espionage arrests

China and TaiwanA Taiwanese government official has alleged that China maintains an army of more than 5,000 spies in Taiwan, many of whom have infiltrated the highest levels of government and industry. The allegation came after two sensational arrests were made in Taiwan last week, of people accused of spying for Beijing. Taiwanese counterintelligence officers reportedly arrested a bodyguard of Annette Lu, Taiwan’s former vice president. The bodyguard, who has been identified in Taiwanese media as Wang Hong-ju, has been charged with receiving payments from his Chinese intelligence handler in return for providing information about Mrs. Lu. This incident followed another arrest, made earlier in the week, this time of a Chinese man who is believed to have initially come to Taiwan as a student. Zhou Hong-xu is accused of trying to recruit officials in the Taiwanese government by offering them money.

Following reports of the arrests, Taiwanese media quoted an official, who spoke on condition of anonymity, as saying that Beijing maintains “about 5,000 individuals” who spy in Taiwan. These agents are allegedly tasked with “collecting state secrets” in the island country, over which China claims ownership. The anonymous Taiwanese official said that authorities in Taipei had uncovered no fewer than 60 espionage plots linked to China since 2002. Less than a third of those were uncovered before 2009, said the official. The year is important, because it marks the time when communications and transportation systems between the two nations were reestablished after decades of mutual isolation. The ease with which people from the two countries can travel in each other’s territory has increased exponentially since 2009. But so have instances of espionage by China, said the Taiwanese official.

Asked about the alleged targets of Chinese espionage in Taiwan, the official said that nearly 80 percent of identified cases of espionage by Beijing’s agents were aimed at military targets, with only 20 percent focusing on the civilian sector. However, the apparent disparity in numbers does not mean that China shows more interest in Taiwanese military secrets. Rather, the Taiwanese military has better counterintelligence defenses and thus a higher detection rate than the country’s civilian sector, said the anonymous source.

Author: Joseph Fitsanakis | Date: 20 March 2017 | Permalink

Russian special forces troops seen in Egypt and Libya, say reports

Khalifa HaftarRussia may have become the latest country to deploy special forces soldiers in Libya, according to news reports citing anonymous United States officials. Late on Tuesday, the Reuters news agency reported that Russian special forces troops had been seen on the border between Libya and Egypt. The news agency said that the information came from “two US officials, who spoke on condition of anonymity”. The same article cited unnamed “Egyptian security forces”, who said that a 22-member Russian paramilitary team had set up an operations base in the Egyptian town of Sidi Barrani, which is located 60 miles from Libyan territory.

Libya has descended into a state of complete anarchy since the demise of the country’s dictator, Colonel Muammar Gaddafi. The Libyan strongman was killed in 2011, as a result of a popular uprising backed by Western powers and the North Atlantic Treaty Organization. Arguably the strongest faction in the ongoing Libyan Civil War is the so-called Tobruk-led Government, which is affiliated with the Libyan National Army. The commander of the Libyan National Army is Field Marshal Khalifa Haftar, an old adversary of Colonel Gaddafi, who lived in the US under Washington’s protection for many decades before returning to Libya in 2011 to participate in the war. The Tobruk-led Government is ostensibly supported by the US. However, its military wing, led by Haftar, operates semi-autonomously, and some believe that Haftar has aspirations to lead his own armed faction in Libya. Last November, Haftar visited Moscow, where he met with senior government officials, including Russian Foreign Minister Sergei Lavrov. There are reports that the Russian special forces troops alleged seen in Egypt are operating in support of Haftar.

Earlier this week, a spokesman for the Tobruk-led government told Russian media that Moscow had promised to provide it with funding and military aid. Earlier this year, it was confirmed that a number of Russian private security contractors were in Libya and were providing services to Haftar’s militias. But there are no confirmed reports of the presence of Russian government troops on the ground in Libya. On Tuesday, Moscow denied the Reuters report and accused “certain Western mass media” of “spreading false information from anonymous sources” in order to “smear Russia”.

Author: Joseph Fitsanakis | Date: 16 March 2017 | Permalink

FBI launches criminal investigation into WikiLeaks’ CIA disclosures

WikiLeaksThe United States federal government has launched a criminal investigation into the public disclosure of thousands of documents that purportedly belong to the Central Intelligence Agency. The documents were released on Tuesday by the anti-secrecy website WikiLeaks. They reveal what appear to be technical collection methods used by the CIA to extract information from digital applications and electronic devices, ranging from flash drives to smart screen televisions. WikiLeaks named the collection “Vault 7”, and said that it consists of nearly 8,000 web pages and 1,000 attachments. It also said that its editors redacted hundreds of pages of computer code, in order to prevent the public release of advanced cyberweapons allegedly used by the CIA to sabotage electronic devices and systems.

On Wednesday, former director of the CIA Michael Hayden told the BBC that the disclosure appeared “incredibly damaging”, because it revealed some of the methods that the CIA uses to acquire information. But some cybersecurity experts said that the techniques contained in the leaked documents did not appear to be uniquely advanced, and most focused on exploiting technical vulnerabilities that were generally known. Still, The New York Times reported on Wednesday that the CIA had begun to assess the damage caused by the release. The agency was also trying to contain the extent of the damage, and had even “halt[ed] work on some projects”, said The Times. Officials from the CIA are reportedly in communication with the Federal Bureau of Investigation, which on Wednesday launched a criminal investigation into the “Vault 7” release.

The main purpose of the FBI investigation is to find out how WikiLeaks acquired the files. The website said that the documents were leaked by a CIA contractor, which would imply that they were accessed from a server outside the CIA’s computer network. However, federal investigators are not excluding the possibility that the leaker of the information may be a full-time CIA employee. Reports suggest that the FBI is preparing to conduct hundreds, and possibly thousands, of interviews with individuals who are believed to have had access to the documents that were released by WikiLeaks. Meanwhile, neither the FBI nor the CIA have commented on the authenticity of the information contained in “Vault 7”. WikiLeaks said that Tuesday’s release, which it codenamed “Year Zero”, was the first part of several installments of documents that will be released under its Vault 7 program.

Author: Joseph Fitsanakis | Date: 09 March 2017 | Permalink

Files released by WikiLeaks show advanced CIA technical collection methods

Julian AssangeThousands of documents belonging to the United States Central Intelligence Agency, which were released on Tuesday by the international anti-secrecy website WikiLeaks, are almost certainly genuine. They reveal an entire universe of technical intelligence collection methods used by the CIA to extract information from digital applications and electronic devices, ranging from flash drives to smart screen televisions. WikiLeaks named the collection Vault 7, and said that it consists of nearly 8,000 web pages and 1,000 attachments. It also said that its editors redacted hundreds of pages of computer code, in order to prevent the public release of advanced cyberweapons that are allegedly used by the CIA to sabotage electronic devices and systems.

The information contained in the leaked documents is almost certainly genuine, and most likely belongs to the CIA —though many of the programs listed may be jointly run by the CIA and the National Security Agency (NSA). These programs, with names such as McNUGGET, CRUNCHYLIMESKIES, ELDERPIGGY, ANGERQUAKE and WRECKINGCREW, appear to be designed to compromise computer systems using a series of sophisticated methods that force entry or exploit built-in vulnerabilities or systems. Targets include popular communications systems like Skype and WhatsApp, smartphones produced by Google and Apple, commercial software like PDF and Microsoft Windows, and even so-called smart televisions that connect to the Internet.

The WikiLeaks revelations are most likely related to operations conducted under the auspices of the Special Collection Service (SCS), a joint CIA/NSA program that dates to the earliest days of the Cold War. The program was started by the United States Armed Forces but was eventually transferred to civilian hands and monitored by the CIA. It used advanced communications-interception facilities around the world to collect information. Over the years, the CIA collaborated with the NSA and developed many SCS projects targeting several foreign countries using technical and human means. In recent years the SCS has been primarily operated by the NSA, which oversees the program’s technical platforms.

WikiLeaks did not reveal the source of the documents. But it said that they had been “circulated [by the CIA] among former US government hackers and contractors” and that it was one of the latter that leaked them to the anti-secrecy website. A statement by WikiLeaks said that Tuesday’s release, which it codenamed “Year Zero”, was part one of several installments of documents that will be released under its Vault 7 program. The site also claimed that the information in “Year Zero” has “eclipsed the total number of pages published over the first three years of the Edward Snowden NSA leaks”. The CIA, the NSA and the White House have not commented on this development.

Author: Joseph Fitsanakis | Date: 08 March 2017 | Permalink