Analysis: Strasbourg attack raises serious security concerns in Europe

StrasbourgThe terrorist attack in the French city of Strasbourg on December 11 raises important security concerns for Europe’s ability to defend itself against a rapidly evolving Islamist insurgency. The attack lasted 10 minutes, from 7:50 to 8:00 p.m. on Tuesday evening, and targeted shoppers in Christkindelsmärik, a large Christmas market held annually in Strasbourg. The lone shooter, who has since been identified as Chérif Chekatt, a French citizen, was reportedly heard shouting “Allahu Akbar” (God is great) repeatedly as he opened fire on the unsuspecting shoppers. He also tried to stab some of them using a knife. Chekatt eventually exchanged fire with French soldiers and officers of the National Police before fleeing the scene of the attack in a taxi cab. Three people were declared dead at the scene, while 12 others were urgently transported to nearby hospitals. Six of them remain in critical condition. Chekatt remains at large.

It is important to stress that the choice of Strasbourg as the site of the terrorist strike was not accidental, nor was the attack spontaneous. A city and of nearly 500,000 inhabitants in its greater district, Strasbourg is one of the European Union’s de facto capitals. It hosts several European institutions, including the building of the European Parliament. Its geographical location on the French-German border epitomizes the crossroads of Franco-German cultural traditions. Its distinct character symbolizes the coexistence of Europe’s two leading powers, which forms the cornerstone of the European Union project. The majority of Strasbourg’s residents are bilingual and communicate in Alsacien, a peculiar mixture of French and German. The city also exemplifies a distinctive brand of 21st-century Christian unity through the balanced coexistence of Catholic and Protestant religious cultures. The Christkindelsmärik —the venue that was attacked on Tuesday— is Europe’s largest Christmas market and symbolizes precisely that coexistence. Providing that Tuesday’s attack was sanctioned and/or planned by the Islamic State or one of its affiliate organizations, its strong symbolism is apparent.

As Washington Examiner commentator Tom Rogan noted on Wednesday, it appears that the perpetrator of the attack was able to acquire a semi-automatic weapon, as well as grenades. Unlike the United States, accessing these types of weapons in Western Europe is exceedingly difficult. This is so especially in France, a country that has remained in a perpetual state of heightened security since the Paris attacks of November 2015. It is even more perplexing that Chekatt was able to acquire this type of weaponry, given that his name featured on the terrorism watch lists of France’s security and intelligence services. Additionally, says Rogan, one of the operational trademarks of the Islamic State centers on adhering to a sharp division between its arms procurement networks and the individuals who carry out terrorist attacks. This means that a wider Islamist network in France, Switzerland or Germany, was able to armed and possibly trained Chekatt in Europe, since the attacker is not believed to have visited the Middle East or North Africa.

Rogan also points out that Chekatt —a French-born 29-year-old petty criminal— was radicalized while serving time in prison. This raises important questions about Salafist-Jihadi radicalization networks inside Western European prison systems. The security implications of this realization inevitably widens the security considerations of Europe’s counterterrorism agencies. The latter have so far focused primarily on the danger posed by the return of European Islamic State volunteers from the Middle East. The problem, however, appears to be more complicated.

Ultimately, the Strasbourg attack demonstrates that, despite several years of concerted efforts, the ability of European counterterrorism agencies to prevent strikes by Islamist groups on European soil is limited. Meanwhile, European streets are busy during the Christmas season, with indoor and outdoor markets and festivals, concerts, as well as a host of religious observances taking place in thousands of different locations across the continent. Should Tuesday’s attack in Strasbourg mark the beginning of a sustained terrorism campaign by the Islamic State, December could prove to be a deadly month in Europe.

Author: Joseph Fitsanakis | Date: 13 December 2018 | Permalink

Advertisements

Russian spies ‘launched major cyber attack on Ukraine’ prior to naval incident

Strait of KerchRussia “paved the way” for last November’s seizure of Ukrainian Navy ships by launching a major cyber attack and disinformation campaign aimed at Ukraine, according to a cyber security firm and the European Union. In what has become known as the Kerch Strait incident of November 25, border service coast guard vessels belonging to the Russian Federal Security Service (FSB) opened fire on three Ukrainian Navy ships that were attempting to enter the Sea of Azov through the Kerch Strait. All three Ukrainian vessels, along with crews totaling 24 sailors, were captured by the Russian force and remain in detention. Ukraine condemned Russia’s action as an act of war and declared martial law in its eastern and southern provinces. But Moscow said the incident had been caused by a provocation by the Ukrainian government, in a desperate effort to increase its popularity at home. Meanwhile, the three Ukrainian ships and their crews remain in Russia.

But now a private cyber security firm has said that Moscow launched a series of cyber attacks on Ukrainian government servers, which were aimed at gathering intelligence that could be used for the ships’ capture. In a separate development, the European Union’s security commissioner has alleged that the Kremlin launched an elaborate “disinformation campaign” aiming to “soften up public opinion” before seizing the Ukrainian ships.

The American-based cyber security firm Stealthcare said this week that the cyber attacks were carried out by Carbanak and the Gamaredon Group, two hacker entities that are believed to be sponsored by the Russian intelligence services. The first wave of attacks, which occurred in October of this year, centered on a phishing campaign that targeted government agencies in Ukraine and other Eastern European countries. Victims of these attacks had “important functions” of their computers taken over by remote actors who stole and exfiltrated data, according to Stealthcare. Another attack installed back doors on computer servers belonging to Ukrainian government agencies in November, just days prior to the Kerch Strait crisis. The two attacks, said the company, provided the hackers with “information that would have been very […] relevant in planning” the November 25 naval crisis, said Stealthcare. The company added that there was “no doubt that this was a Kremlin-led reconnaissance effort to prepare for the Kerch Strait crisis”.

Meanwhile on Monday Julian King, a British diplomat who is currently the European Commissioner for the Security Union, said that Russia “paved the way for the Kerch Strait crisis” through a systematic fake news campaign that “lasted for more than a year”. The campaign, said King, included the use of social media to spread false rumors, such as claims that the Ukrainian government had infected the Black Sea with bacteria that cause cholera. Another report by Russian media allegedly claimed that Kiev had tried to secretly transport a nuclear device to Russian-annexed Crimea through the Kerch Strait. The EU security commissioner added that social media platforms and online search engines like Google had a responsibility “to identify and close down fake accounts that were spreading disinformation”.

Author: Joseph Fitsanakis | Date: 12 December 2018 | Research credit: D.V. | Permalink

CIA names first woman to lead Directorate of Operations

CIAIn a surprising departure from established practice, the United States Central Intelligence Agency has publicized the name of its incoming head of operations. Beth Kimber, a 34-year veteran of the Agency, will become the first woman in the CIA’s 70-year history to lead the Directorate of Operations. Officers in the Directorate of Operations, formerly known as the National Clandestine Service, spend their careers recruiting foreign agents to spy for the United States, while also carrying out covert operations around the world. This is also the first time that the CIA has chosen to publicly identify its Deputy Director for Operations —Kimber’s official title, abbreviated as DDO. Previous DDO have been undercover officers whose namse have remained undisclosed. Kimber’s promotion was announced on December 7 by Brittany Bramell, the CIA’s Director of Public Affairs.

Little is known about Kimber, who spent much of her career as a case officer before joining the CIA’s senior intelligence staff. She is a graduate of Hamilton College, a private, liberal arts college situated in upstate New York, and spent much of her early career with the CIA as a case officer in Western Europe. She is also believed to have led the “Russia Group”, a network of intelligence planners in the CIA’s Directorate of Operations that manage a broad spectrum of espionage operations targeting the Russian spy services. She has also served as deputy director of the National Clandestine Service, before it was renamed to Directorate of Operations. For a few months this year, Kimber served as the CIA’s acting deputy director while Congress considered President Donald Trump’s nomination of Gina Haspel’s for the Agency’s director position. Kimber’s most recent prior post in the CIA was head of the Agency’s Europe and Eurasia Mission Center.

Kimber is the third woman to assume a central role in the CIA in the past six months. In May of this year, Gina Haspel, a 33-year veteran of the CIA, became the Agency’s first female director. In August, Haspel picked Sonya Holt, a 34-year CIA veteran, to serve as the Agency’s chief diversity and inclusion officer. On Friday, the American news network CBS cited “people familiar with the shift”, who said that the outgoing DDO “will take another role within the agency” and is expected to remain undercover.

Author: Joseph Fitsanakis | Date: 11 December 2018 | Permalink

Jailed Russian who spied for CIA writes letter to Trump, asking to be freed

Russian Ministry of Internal AffairsA Russian former police officer, who is serving a prison sentence in Russia for having spied for the United States Central Intelligence Agency, has written an open letter to President Donald Trump, asking to be freed. Yevgeny A. Chistov was arrested by the Russian Federal Security Service (FSB) in 2014 on charges of spying for Washington. During his trial, he admitted having been recruited by the CIA when he worked as an officer in the police, Russia’s federal law-enforcement agency, which operates under the Ministry of Internal Affairs. Russian state prosecutors accused him of having established contact with the CIA in 2011. In 2015, he was sentenced to 13 years in prison, which he is currently serving at a labor camp in the Nizhny Novgorod town of Bor, located in central European Russia.

On Saturday, British newspaper The Guardian published a letter that was allegedly written by Chistov. In the letter, the jailed spy admits that he passed Russian state secrets to the CIA for three years, after deciding “to help the US as a friend”. He claims that he did it out of love for his country, and in order to help “overthrow […] the regime” of Russian President Vladimir Putin. Chistov goes on to accuse “Putin and his cronies” of having plundered Russia and of oppressing its people through “corruption and extortion”. He blames the Kremlin for Russia’s current economic state: “we have a resource-rich country yet our people are poor”, he says. The jailed spy adds that he told the CIA about the “secret plans” of the Ministry of Internal Affairs, that he provided “names of some people from the FSB”, and that he “revealed some objectives of Russia’s Ministry of Defense”. He does not provide details. He then claims that, even though he was paid by the CIA for his services, he did not act out of self-interest.

Chistov says that the conditions of his imprisonment are inhumane and that he and his family “are in great danger in Russia”. He also claims that his wife visited the US embassy in Ukraine in an attempt to secure a travel visa, but that her application was rejected and she was forced to return to Russia. The jailed spy adds that he “wrote two letters to the CIA asking them to help and received no response”. He then pleads with President Trump to help him, in two ways. First, by granting asylum in the US to his wife and mother. Second, by swapping him with someone “who worked for Russia” and is serving time in a US prison. “I want to appeal to the president to conduct the exchange”, he concludes.

The United States has participated in very few spy swaps in the post-Cold War era. In 2010, Washington and Moscow conducted one of history’s largest spy exchanges, as ten deep-cover Russian agents captured in the US earlier that year were swapped for four Russian citizens imprisoned by Moscow for spying for the US and Britain. Four years later, a Cuban intelligence officer who spied for the CIA was released as part of a wider exchange between Washington and Havana of persons held in each other’s prisons on espionage charges. The White House has not commented on Chistov’s letter.

Author: Joseph Fitsanakis | Date: 10 December 2018 | Permalink

ISIS evolving into ‘effective clandestine organization’ US Pentagon warns

ISIS forces in RamadiA report from the United States Department of Defense warns that the Islamic State is swiftly returning to its insurgent roots, as observers in Iraq and Syria caution that the group is witnessing a revival. It has been four years since the Islamic State —known then as the Islamic State of Iraq and Syria, or ISIS— conquered much of eastern Syria and more than a third of Iraq’s territory. But by the end of 2017, virtually the entirety of ISIS’ self-styled ‘caliphate’ had been obliterated by an ‘unholy alliance’ of US-backed Iraqi government forces, Iranian-supported Shiite militias, Kurdish guerillas and Western airpower.

However, experts warn that, despite its loss of territorial control, the Islamic State maintains an active force of as many as 30,000 armed fighters in Iraq and Syria. Additionally, a recent US government report argues that, having been driven out of nearly all of the territory that it once held, the Islamic State is promptly “returning to its insurgent roots”. The report, authored by analysts at the US Department of Defense, claims that the militant Sunni group is “re-emerging as a guerrilla force”. In the place of what used to be a de-facto state, an “effective clandestine ISIS organization appears to be taking hold”, it states. The Pentagon document, summarized in a Financial Times article on Thursday, appears to be backed by information from the ground in Iraq and Syria. Iraqi military sources told The Times that ISIS appears to have more fighters in its ranks than initially thought, and that the group’s organizational structure that helped it grow in the first place “has not been eliminated”.

Moreover, the group is “still well-funded” and its operations remain lethal, said the paper, especially in Iraq, where it continues to undermine the government’s efforts to improve the country’s security. Islamic State fighters are systematically targeting regional leaders, said The Times, in an effort to prevent the government from delivering economic development in Iraq’s Sunni-majority western regions. A similar pattern of activities is being observed in Syria, where a resurgence of ISIS activity has prolonged the deployment of around 2,000 US military personnel there. What is more, ISIS fighters frequently cross the Iraq-Syria border and spend much of their time in safe houses and other hideouts. The paper quotes Yahya Rasool, spokesperson for the Iraqi Army’s Joint Operations Command, who says that “our war on ISIS today is an intelligence war, not a military war. We are searching and raiding their hide-outs”.

Author: Joseph Fitsanakis | Date: 07 December 2018 | Permalink

Canada arrests daughter of Chinese telecom giant’s founder at US request

Meng WanzhouThe daughter of the founder of Huawei Technologies, one of the world’s leading telecommunications hardware manufacturers, has been arrested in Canada, reportedly at the request of the United States. Meng Wanzhou (pictured, also known as Sabrina Meng) serves as Huawei’s deputy chair and chief financial officer. She is the daughter of Ren Zhengfei a former officer in the Chinese People’s Liberation Army, who established the company in 1988 and has since amassed a personal fortune estimated at $3.5 billion. By virtue of her family background and position in Huawei, Meng is often referred to as “a member of China’s corporate royalty”.

Few details of Meng’s arrest have been publicized. On Wednesday, Canada’s Department of Justice confirmed that the Huawei CFO was detained on December 1 in Vancouver as she was transferring between flights. The Justice Department also confirmed that the arrest occurred at the request of American law enforcement officials. In a carefully worded statement, the Canadian government said Meng is “sought for extradition by the United States” and that her bail hearing will be taking place this coming Friday. On Wednesday, the Canadian newspaper The Globe and Mail cited an unnamed “Canadian law enforcement source with knowledge of the arrest”, who said that US authorities had evidence that Meng “tried to evade the American embargo against Iran”. This statement appears to refer to reports in Western media in April of this year, according to which the US Departments of Commerce and Treasury were probing suspected violations of Washington’s sanctions against Iran and North Korea by Huawei.

The embassy of China in Canada immediately protested news of Meng’s arrest, saying that the Huawei CFO had been detained despite “not violating any American or Canadian law”. In a statement issued on Wednesday, the embassy added that it had “lodged stern representations” to the Canadian government and “urged them to immediately […] restore the personal freedom of Ms. Meng Wanzhou”. Meanwhile, a representative at Huawei’s corporate headquarters in the southern Chinese city of Shenzhen told the BBC that the company is certain “the Canadian and US legal systems will ultimately reach a just conclusion” in the case.

Several officials in the United States, United Kingdom, Australia and other Western countries, have repeatedly flagged Huawei as a company that is uncomfortably close to the Chinese government and its intelligence agencies. In 2011, the US Open Source Center, which acts as the open-source intelligence arm of the Office of the Director of National Intelligence, became the first US government agency to openly link Huawei with the Chinese intelligence establishment. In 2013, the British government launched an official review of Huawei’s involvement in the UK Cyber Security Evaluations Centre in Oxfordshire, England, following a British Parliament report that raised strong concerns about the Chinese company’s links with the government in Beijing. And in 2017 the Australian government expressed concern about Huawei’s plan to provide high-speed Internet to the Solomon Islands, a small Pacific island nation with which Australia shares Internet resources.

Author: Joseph Fitsanakis | Date: 06 December 2018 | Permalink

Czechs accuse Moscow of ‘most serious wave of cyberespionage’ in years

Czech Security Information ServiceThe main domestic intelligence agency of the Czech Republic has accused Russia of “the most serious wave of cyberespionage” to target the country in recent years. The claim was made on Monday in Prague by the Security Information Service (BIS), the primary domestic national intelligence agency of the Czech Republic. Details of the alleged cyberespionage plot are included in the BIS’ annual report, a declassified version of which was released this week.

According to the document, the cyberespionage attacks were carried out by a hacker group known as APT28 or Fancy Bear, which is believed to operate under the command of Russian intelligence. The hacker group allegedly targeted the Czech Ministry of Defense, the Ministry of Foreign Affairs and the headquarters of the country’s Armed Forces. As a result, the electronic communication system of the Ministry of Foreign Affairs was compromised “at least since early 2016”, said the report (.pdf). More than 150 electronic mailboxes of ministry employees —including diplomats— were accessed, and a significant number of emails and attachments were copied by the hackers. The compromise was terminated a year later, when BIS security personnel detected the penetration. The BIS report goes on to say that a separate cyberespionage attack was carried out by a Russian-sponsored hacker group in December of 2016. An investigation into the attacks concluded that the hackers were not able to steal classified information, says the report. It adds, however, that they were able to access personal information about Czech government employees, which “may be used to launch subsequent attacks [or to] facilitate further illegitimate activities” by the hackers.

The BIS report concludes that the hacker campaign was part of “the most serious wave of cyberespionage” to target the Czech Republic in recent years. Its perpetrators appear to have targeted individuals in “virtually all the important institutions of the state” and will probably continue to do so in future attacks, it says. Moreover, other European countries probably faced similar cyberespionage breaches during the same period, though some of them may not be aware of it, according to the BIS. Czech Prime Minister Andrej Babis told parliament on Tuesday that his cabinet will discuss the BIS report findings and recommendations early in the new year.

Author: Joseph Fitsanakis | Date: 05 December 2018 | Permalink