Cybersecurity researchers uncover first-ever use of LinkedIn to spread malware

June 18, 2020 by Leave a comment

LinkedInCybersecurity researchers have uncovered what is believed to be the first-ever case of hackers using LinkedIn to infect the computers of targeted users with viruses, according to a new report. The hackers appear to have been sponsored by government and to have targeted employees of carefully selected military contractors in central Europe, according to sources.

The existence of the alleged cyberespionage operation was revealed on Wednesday by researchers at ESET, a cybersecurity firm based in Bratislava, Slovakia, which is known for its firewall and anti-virus products. The researchers said that the operation was carried out in 2019 by hackers who impersonated employees of General Dynamics and Collins Aerospace, two leading global suppliers of aerospace and defense hardware.

ESET researchers said that the hackers made use of the private messaging feature embedded in LinkedIn to reach out to their targets. After making initial contact with their intended victims, the hackers allegedly offered their targets lucrative job offers and used the LinkedIn private messenger service to send them documents that were infected with malware. In many cases, the targets opened the documents and infected their computers in the process.

The use of the LinkedIn social media platform by hackers to make contact with their unsuspecting victims is hardly new. In 2017, German intelligence officials issued a public warning about what they said were thousands of fake LinkedIn profiles created by Chinese spies to gather information about Western targets. Germany’s Federal Office for the Protection of the Constitution (BfV) said it had identified 10,000 German citizens who had been contacted by Chinese spy-run fake profiles on LinkedIn in a period of just nine months. And in 2018, a report by France’s two main intelligence agencies, the General Directorate for Internal Security (DGSI) and the General Directorate for External Security (DGSE), warned of an “unprecedented threat” to security after nearly 4,000 leading French civil servants, scientists and senior executives who were found to have been accosted by Chinese spies on LinkedIn.

Tricking a target into accessing a virus-infected document file is not a new method either. However, according to the researchers at ESET, this was the first case where LinkedIn was used to actually deliver the malware to the victims. As for the identity of the hackers, there appears to be no concluding information. However, ESET said the attacks appeared to have some connections to Lazarus, a group of hackers with North Korean links. Lazarus has been linked to the 2014 Sony Pictures hack and the 2016 Central Bank of Bangladesh cyber heist, which was an attempt to defraud the bank of $1 billion.

LinkedIn told the Reuters news agency that it had identified and terminated the user accounts behind the alleged cyberespionage campaign. Citing client confidentiality, ESET said it could not reveal information about the victims of the attacks. Meanwhile, General Dynamics and Raytheon Technologies, which owns Collins Aerospace, have not commented on this report.

Author: Joseph Fitsanakis | Date: 18 June 2020 | Permalink

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , , , ,

Lax security behind greatest data loss in CIA’s history, internal report concludes

June 17, 2020 by 1 Comment

WikiLeaksComplacency and substandard security by the United States Central Intelligence Agency were behind the Vault 7 leak of 2017, which ranks as the greatest data loss in the agency’s history, according to an internal report. The Vault 7 data loss was particularly shocking, given that the CIA should have taken precautions following numerous leaks of classified government information in years prior to 2017, according to the report.

The Vault 7 data leak occurred in the first half of 2017, when the anti-secrecy website WikiLeaks began publishing a series of technical documents belonging to the CIA. Once all documents had been uploaded to the WikiLeaks website, they amounted to 34 terabytes of information, which is equivalent to 2.2 billion pages of text. The information contained in the Vault 7 leak is believed to constitute the biggest leak of classified data in the history of the CIA.

The Vault 7 documents reveal the capabilities and operational details of some of the CIA’s cyber espionage arsenal. They detail nearly 100 different software tools that the agency developed and used between 2013 and 2016, in order to compromise targeted computers, computer servers, smartphones, cars, televisions, internet browsers, operating systems, etc. In 2017 the US government accused Joshua Adam Schulte, a former CIA software engineer, of giving the Vault 7 data to WikiLeaks. Schulte’s trial by jury was inconclusive, and a re-trial is believed to be in the works.

Now an internal report into the Vault 7 disclosure has been made public. The report was compiled by the CIA WikiLeaks Task Force, which the agency set up with the two-fold mission of assessing the damage from the leak and recommending security procedures designed to prevent similar leaks from occurring in the future. A heavily redacted copy of the report has been made available [.pdf] by Senator Ron Wyden (D-OR) who is a member of the US Senate Select Committee on Intelligence. An analysis of the report was published on Tuesday by The Washington Post.

The report recognizes that insider threats —a data leak perpetrated on purpose by a conscious and determined employee, or a group of employees— are especially difficult to stop. It adds, however, that the Vault 7 leak was made easier by “a culture of shadow IT” in which the CIA’s various units developed distinct IT security practices and their own widely different systems of safeguarding data. Many cyber units prioritized creative, out-of-the-box thinking, in order to develop cutting-edge cyber-tools. But they spent hardly any time thinking of ways to safeguard the secrecy of their projects, and failed to develop even basic counterintelligence standards —for instance keeping a log of which of their members had access to specific parts of the data— according to the report.

Such standards should have been prioritized, the report adds, given the numerous high-profile leaks that rocked the Intelligence Community in the years prior to the Vault 7 disclosure. It mentions the examples of Edward Snowden, a former contractor for the National Security Agency, who defected to Russia, as well as Chelsea Manning, an intelligence analyst for the US Army, who gave government secrets to WikiLeaks. Manning spent time in prison before being pardoned by President Barack Obama. Snowden remains in hiding in Russia.

The CIA has not commented on the release of the internal Vault 7 report. An agency spokesman, Timothy Barrett, told The New York Times that the CIA was committed to incorporating “best-in-class technologies to keep ahead of and defend against ever-evolving threats”. In a letter accompanying the release of the report, Senator Wyden warned that “the lax cybersecurity practices documented in the CIA’s WikiLeaks task force report do not appear limited to just one part of the intelligence community”.

Author: Joseph Fitsanakis | Date: 17 June 2020 | Permalink

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , , , ,

Russia accuses its top Arctic scientist of giving China submarine secrets

June 16, 2020 by Leave a comment

Valery MitkoRussian prosecutors have accused one of the country’s most respected hydroacoustics specialists, and globally recognized expert on the Arctic region, of spying for Chinese intelligence. This development highlights the competitive relationship between the two neighboring countries, who in recent years have tended to work together against what they perceive as a common threat coming from the United States.

The scientist in question is Dr. Valery Mitko, a St. Petersburgh-based hydroacoustics researcher, who is also president of Russia’s Arctic Academy of Sciences. Investigators with the Federal Security Service (FSB), Russia’s domestic security and counterintelligence agency, are accusing Dr. Mitko, 78, of having provided classified documents to Chinese intelligence.

The FSB first detained Dr. Mitko in February, when he returned from a stint as a visiting professor at Dalian Maritime University. Located in China’s northeastern Liaoning province, near the North Korean border, Dalian Maritime University is considered China’s foremost higher-education institution on maritime subjects, with many of its research projects funded directly by the Chinese Ministry of Transport. According to sources, Dr. Mitko gave a series of lectures at Dalian University in early 2018.

Upon arriving back to Russia from China, Dr. Mitko was detained and placed under house arrest. The FSB now claims that the Russian scientist gave the Chinese classified information relating to the underwater detection of submarines. The agency alleges that Dr. Mitko received payments in return for sharing this information with Chinese spies. However, Dr. Mitko’s lawyers argue that the information he shared with the Chinese “came from open sources”, and that he never knowingly came in contact with Chinese intelligence operatives.

There have been several arrests of Russian academics in recent years, who have been accused by the FSB of providing China with classified information. Last week saw the release from prison of Vladimir Lapygin, a 79-year-old avionics researchers, who was jailed in 2016 for allegedly giving China classified information on Russian hypersonic aircraft designs. In 2018, Russian authorities charged Viktor Kudryavtsev, a researcher at a Russian institute specializing in rocket- and spacecraft design, with passing secret information on spacecraft to researchers at the Von Karman Institute for Fluid Dynamics in Belgium. The FSB claimed that some of that information ended up in Chinese hands.

If convicted of the crime of espionage against the Russian state, Dr. Mitko faces a prison sentence of up to 20 years. He denies the charges against him.

Author: Joseph Fitsanakis | Date: 16 June 2020 | Permalink

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , , , ,

Researchers claim discovery of remote eavesdropping method using light bulbs

June 15, 2020 by 1 Comment

Black HatResearchers at a university in Israel claim to have discovered a new low-tech eavesdropping technique, which relies on sound vibrations on the glass surface of light bulbs and requires equipment costing less than $1,000. The researchers claim that the technique, which they call “lamphone”, enables eavesdroppers to intercept, in real time, audible conversations from a room located hundreds of feet away, simply by recording the vibrations that sounds create on the glass surface of a common light bulb present in the room.

The announcement was made by Ben Nassi, Yaron Pirutin and Boris Zadov, who work at the Ben-Gurion University of the Negev and the Weizmann Institute of Science, near Tel Aviv. The three researchers said they used a low-cost telescope, which they placed nearly 100 feet from a target room containing a commercially available standard light bulb. They then placed each telescope behind a $400 electro-optical sensor. The goal of the contraption was to measure the minuscule changes in light output from the bulb, which are caused by sound vibrations off the bulb’s surface.

The electrical signals captured by the telescopes were digitized using commercially available analog-to-digital converters, before being transferred onto a laptop. The researchers then used commercially available software to filter out noise, and were gradually able to reconstruct clearly audible recordings of the sounds inside the target room. They claim that the resulting recording is clearly audible and can even be transcribed using Google speech-to-text software.

The three Israeli researchers say they now plan to present their findings at the Black Hat security conference in August, which will be held virtually due to health concerns caused by the coronavirus pandemic. Speaking to Wired magazine last weekend, they said that their goal is “not to enable spies or law enforcement, but to make clear to those on both sides of surveillance what’s possible”. “We’re not in the game of providing tools”, they said.

Author: Joseph Fitsanakis | Date: 15 June 2020 | Permalink

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , ,

News you may have missed #905

June 14, 2020 by Leave a comment

Twitter IAFrench forces kill al-Qaeda head and capture ISIS leader in Mali. In the past few days, the French military successfully conducted two key operations in the Sahel, killing the emir of al-Qaeda in the Islamic Maghreb (AQMI), Abdelmalek Droukdal, and capturing Mohamed el Mrabat, a leader of the Islamic State in the Greater Sahara (EIGS) group. The US military assisted the French special operations forces by providing intelligence that helped locate the target.

Isis operations increase in Iraq as coalition withdraws. The Islamic State staged at least 566 attacks in Iraq in the first three months of the year and 1,669 during 2019, a 13 per cent increase from the previous year, according to security analysts who track the group’s activities. The jihadists have exploited a partial drawdown of the international anti-Isis coalition, analysts said, while tensions between the US and Iran, disruption caused by the coronavirus pandemic, and political paralysis in Baghdad, have also combined to provide an opportunity for the insurgents to regroup.

Twitter removes more than 170,000 pro-China accounts. Twitter has removed more than 170,000 accounts it says were tied to an operation to spread pro-China messages. Some of those posts were about the coronavirus outbreak, the social media platform has announced. The firm said the Chinese network, which was based in the People’s Republic of China, had links to an earlier state-backed operation it broke up alongside Facebook and YouTube last year.

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , , , , , , , , , , ,

News you may have missed #904

June 13, 2020 by Leave a comment

Al-Qaeda AfghanistanUN report says Afghan Taliban still maintain ties with al-Qaida. The Taliban in Afghanistan still maintain close ties with the al-Qaida terror network, despite signing a peace deal with the United States in which they committed to fight militant groups, a UN report said. The U.N. committee behind the report said several significant al-Qaida figures were killed over the past months but a number of prominent leaders of the group, once led by Osama bin Laden, remain in Afghanistan. The report said they maintain links with the feared Haqqani network, an ally of the Taliban, and still play a significant role in Taliban operations.

Britain’s SIGINT agency sees workload spike amid COVID-19 vaccine hunt. Britain is one of the leading countries developing a COVID-19 vaccine with Oxford University and Imperial College London at the forefront, along with Sinovac in China. Whoever develops it first will reap billions from global sales, making research information highly valuable. This is having a major impact on the workload of the Government Communications Headquarters (GCHQ), its director, Jeremy Fleming, said last week.

Indian IT firm spied on politicians and Investors around the world. New Delhi-based BellTroX InfoTech offered its hacking services to help clients spy on more than 10,000 email accounts over a period of seven years. During that time, the firm targeted government officials in Europe, gambling tycoons in the Bahamas, and well-known investors in the United States including private equity giant KKR and short seller Muddy Waters, according to three former employees, outside researchers, and a trail of online evidence.

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , , , , , ,

Austrian court finds unnamed retired Army colonel guilty of spying for Russia

June 11, 2020 by Leave a comment

Igor Egorovich ZaytsevA court in Austria has found a retired Army colonel guilty of providing classified military information to Russia, following a closed-door trial. Interestingly, the alleged spy’s name has not been made public. Some Austrian media have been referring to him as “Martin M.”.

The retired colonel was arrested in November of 2018, reportedly after having recently retired following a long military career. Austria’s Defense Ministry said at the time that the arrest came after a tip given to the Austrian government by an unnamed European intelligence agency from a “friendly country”. Martin M. reportedly served in peacekeeping missions in the Golan Heights and Cyprus before being posted at one of the Austrian Armed Forces’ two headquarters, located in the western city of Salzburg. It was around that time, say prosecutors, that the unnamed man began spying for Russia. Starting in 1992, he was in regular contact with his Russian handler, who was known to him only as “Yuri”.

“Yuri” was later identified by Austrian authorities as Igor Egorovich Zaytsev, who is allegedly an intelligence officer for the Main Directorate of the General Staff of the Russian Armed Forces. Known as GRU, the organization is Russia’s primary military-intelligence agency. The Austrian government has issued an international arrest warrant for a Zaytsev.

Zaytsev reportedly trained Martin M. in the use of “sophisticated equipment”, according to the Austrian prosecutor, which he used to communicate classified information to Moscow. He is thought to have given Russia information on a range of weapons systems used by the Austrian Army and Air Force, as well as the personal details of high-ranking officers in the Austrian Armed Forces. Austrian media initially reported that the alleged spy was paid nearly $350,000 for his services to Moscow.

During his trial, Martin M. reportedly admitted that he had received payments form the Russians to provide information. But he claimed that the information he gave them was already publicly available. His legal team compared his role to that of a “foreign correspondent” for a news service. The court, however, did not accept that argument and on Tuesday sentenced Martin M. to three years in prison.

Soon after his sentencing, the defendant was released on parole, after the court counted the 18 months he has served behind bars since his arrest as part of his prison sentence. His legal team said they plan to appeal the sentence.

Author: Joseph Fitsanakis | Date: 11 May 2020 | Permalink

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , , ,

European neo-Nazis attended paramilitary training camps in Russia, article claims

June 10, 2020 by 1 Comment

UkraineMembers of neo-Nazi groups in Germany attended paramilitary training camps in Russia, which were organized by a group that the United States has designated a global terrorist organization, but which the Russian government has not banned. If true, these claims add further credence to the view that Russian far-right groups are becoming increasingly central in the worldwide network of racially motivated radical organizations.

The report was published on Friday by the German magazine Focus, which cited German “intelligence sources”. It said that the training camp was known in far-right circles as “Camp Partizan”, and was organized by a group calling itself the Russian Imperial Movement (RIM). As intelNews has reported previously, most RIM members are believed to be based in St. Petersburg, which is also the base of the group’s armed wing, the Imperial Legion. Most active members of the Imperial Legion are believed to have served in the Russian military.

Although it has been in existence since the early 2000s, the RIM drew considerable attention to its political platform after 2014, when it began to train groups of volunteers who then joined Russian-backed separatist forces in the Donbass region of eastern Ukraine. In a surprising move last April, the United States added the RIM to its list of Specially Designated Global Terrorist (SDGT) groups. That designation marked the first time in history that the US Department of State formally applied the label of terrorist to a white supremacist organization. The Department of State said at the time that the RIM had “provided paramilitary-style training to white supremacists and neo-Nazis in Europe”. The statement cited two members of the far-right Swedish Resistance Movement (SMR), who were later convicted of carrying out a string of bombings targeting immigrants in the Swedish city of Gothenburg.

Now, according to Focus, there is evidence that among Camp Partizan trainees were German rightwing extremists, who were members of two banned groups, the National Democratic Party and The Third Path. Members of these groups traveled to the outskirts of St. Petersburg, where they were allegedly trained in combat and were taught how to use makeshift weapons and explosives. Members of far-right groups from Scandinavia were also trained in the camp, and were able to use their skills as members of pro-Russian separatist militias in eastern Ukraine, according to Focus. The magazine said that the RIM’s armed wing , the aforementioned Imperial Legion, has a group of fighters in Ukraine.

Vice News reported last week that no Americans are believed to have received training in Camp Partizan. However, the website claimed that one of the organizers of the infamous 2017 Unite the Right Rally in Charlottesville, Virginia, is believed to have developed ties with the group, and even welcomed a RIM delegation to the US in 2017. Vice News spoke to intelligence experts from the Soufan Group who said that the RIM is emerging as “a critical node in the transnational white supremacy extremist movement” and that the Russian group is “going beyond networking and ideology, and is actually providing paramilitary training”.

The RIM’s relationship with the Kremlin can be described as complicated, and at times adversarial. The organization is openly critical of the administration of Russian President Vladimir Putin, which it accuses of being too liberal and too lenient on non-white immigration. However, the government in Moscow did not prevent —some argue it even facilitated— the group’s role in training Russian volunteers to join separatist forces in eastern Ukraine. The Russian government has criticized RIM views as extremist, and has at times arrested RIM members. However, it has not banned the group as a whole.

Author: Ian Allen | Date: 10 June 2020 | Permalink

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , , , , , ,

Russia responds angrily to Czech expulsions of Russian diplomats in poison probe

June 9, 2020 by 2 Comments

Andrei KonchakovMoscow has reacted angrily to the Czech government’s decision to expel two Russian diplomats from the country, in response to allegations that the Kremlin plotted to assassinate three outspoken Czech politicians using a deadly poison. Russian officials pledged to respond in kind to Prague’s “indecent and unworthy deed”.

In April, the Czech weekly investigative magazine Respekt reported that a Russian assassination plot had been foiled by authorities in Prague. The magazine said a Russian citizen carrying a diplomatic passport had arrived in Prague in early April. The man allegedly had with him a suitcase with a concealed quantity of ricin —a deadly toxin. His alleged mission was to assassinate Prague mayor Zdeněk Hřib, as well as Pavel Novotny and Ondřej Kolář, two of Prague’s three district mayors. All three men are known as fervently anti-Russian. Earlier this year, Hřib led a nationwide effort to rename the square in front of the Russian Embassy in Prague after Boris Nemtsov, a Russian opposition activist who was gunned down in Moscow in 2015. Kolář has been advocating for years for the removal of Soviet-era statues from Prague’s public spaces.

A few weeks later, the Czech state television’s flagship investigative program 168 Hodin (168 Hours) claimed that the Russian diplomat who tried to smuggle poison into the country is Andrei Konchakov (pictured). Konchakov, 34, directs the Russian Center for Science and Culture in Prague, which is an extension of the Russian Embassy there. Citing “intelligence sources” 168 Hodin said Czech counterintelligence officials believed Konchakov was a actually an intelligence officer for Russia.

Now the Czech government has officially declared Konchakov and one of his colleagues at the Center for Science and Culture persona non grata (unwanted persons) and has ordered their expulsion from the country. In a statement issued on Friday, the Czech Ministry of Foreign Affairs accused the two diplomats of “trying to harm the relations of the two countries”. At a news conference in Prague, Czech foreign minister Tomas Petricek told reporters that Prague had “made efforts to settle the situation discreetly and diplomatically”. However, “Russia’s approach gives us no choice but to expel the diplomats”, said Petricek.

Speaking later that day, Russia’s Minister of Foreign Affairs, Sergey Lavrov, dismissed Prague’s allegations as “absurd”. The head of the Russian Foreign Intelligence Service (SVR), Sergey Naryshkin, called the expulsions “a very vile and mean provocation by the Czech authorities” and vowed that “retaliatory measures will be taken”. In a press statement issued in response to the expulsions, the Russian Ministry of Foreign Affairs said that the Czech authorities had “seriously damaged” bilateral relations between the two countries “without any basis”. The statement went on to state that “Prague’s actions will not only receive an adequate response, but will also be taken into account when forming the Russian policy on bilateral relations with the Czech Republic”.

Author: Joseph Fitsanakis | Date: 09 June 2020 | Permalink

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , , , , , ,

US Defense Intelligence Agency responds to claims it was asked to spy on protesters

June 8, 2020 by Leave a comment

Defense Intelligence Agency DIAThe United States Defense Intelligence Agency, a Pentagon organization tasked with collecting foreign military secrets, has rejected reports that it is spying on protestors inside the country. However, it confirmed that it has set up an “internal coordination group” to respond to “requests for information” by the Department of Defense. This development follows reports that some DIA employees communicated their concerns about being asked to spy domestically to the organization’s director last week.

Several government agencies are reportedly involved in monitoring the waves of protests that have reputed  throughout the United States in recent weeks, following the death of George Floyd. Floyd, 46, died on May 25 while in police custody in Minneapolis. His death, which was captured on video by a bystander, has prompted nationwide calls for police accountability and regulation of excessive force by police officers, especially against members of minority groups.

The administration of US President Donald Trump has responded to the demonstrations —some of which have turned violent— with a show of force involving a wide range of federal law enforcement agencies. This is especially true in the nation’s capital, where military personnel have been repeatedly deployed to help police monitor and control the protests. Earlier this month, BuzzFeed News reported that the Trump administration authorized the Drug Enforcement Administration to “conduct covert surveillance” and collect intelligence on individuals and groups participating in the protests.

Now Yahoo News reports that some DIA employees are wondering whether their agency might follow suit. The DIA operates under the US Department of Defense and collects foreign military intelligence. Like the Central Intelligence Agency, the DIA is prevented by law from spying domestically. However, its personnel can support domestic intelligence efforts, providing they are detailed to a domestic law enforcement agency for specific operations or tasks.

According to Yahoo News’s Jenna McLaughlin, the possibility that DIA personnel might be assigned to domestic intelligence tasks relating to the nationwide protests was discussed last week during an agency-forum. The unclassified forum —called a “virtual town hall” was led last Wednesday by DIA Director Lt. Gen. Robert Ashley. McLaughlin cites “two sources” who were “briefed on what happened during the town hall”. They said that Gen. Ashley was asked by a DIA employee about the agency’s position on domestic intelligence operations. “We have been told that DIA is setting up a task force on ‘unrest’ in our country”, said the employee. “Is this true? Is it legal given intelligence oversight? What options will there be for employees who are morally opposed to such an effort?”

According to McLaughlin, the DIA director responded that the agency’s “core mission is foreign intelligence” and that it is “focused on the foreign nexus”. Gen. Ashley’s words were interpreted to mean that the DIA had been asked to investigate possible interference in the protests by foreign intelligence agencies —possibly in a manner similar to the meddling by Russian spies in the 2016 US elections. He added that the DIA’s Office of the General Counsel had “reviewed the issue to ensure that [the agency] was in compliance with the law”. However, Gen. Ashley did not explain whether the DIA had proceeded to carry out such an investigation.

On Saturday, DIA spokesman James M. Kudla told Yahoo News that the agency had set up “an internal coordination group to respond to increased and appropriate Department requests for information”. However, he added that “the mission of the Defense Intelligence Agency is to provide intelligence on foreign militaries to prevent and win wars”. He went on to say that “any claims that DIA has taken on  a domestic mission are false”. The “DIA has not established any task force related to the current domestic situation”, he said.

Author: Joseph Fitsanakis | Date: 08 June 2020 | Permalink

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , ,

News you may have missed #903

June 7, 2020 by Leave a comment

Israel Lebanon borderState-level espionage on EU a ‘very high threat’ says report. The most successful attempts of espionage at a top EU institution are state sponsored, according to an internal document produced by a subcommittee of the European Council, which is composed of heads of state or government of all European Union member-states. The restricted document presents an analysis of threats to the security of information at the General Secretariat of the Council.
Man shot after crossing into Israel, apparently to spy, returned to Lebanon. A Syrian national who was shot after he crossed the border into Israel from Lebanon last month, apparently to perform reconnaissance for Hezbollah, was sent back to Lebanon on Tuesday, the Israel Defense Forces said. According to the IDF, the International Red Cross transported him back to Lebanon through the rarely used Rosh Hanikra border crossing.
As virus toll preoccupies US, rivals test limits of American power. The coronavirus may have changed almost everything, but it did not change this: global challenges to the United States spin ahead, with America’s adversaries testing the limits and seeing what gains they can make with minimal pushback. A New York Times analysis claims that COVID-19 has not created a new reality as much as it has widened divisions that existed before the pandemic. And with the United States looking inward, preoccupied by the fear of more viral waves, unemployment soaring over 20% and nationwide protests ignited by deadly police brutality, its competitors are moving to fill the vacuum, and quickly.

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , , , , , ,

News you may have missed #902

June 6, 2020 by Leave a comment

asio australiaAustralian spy agency seeks expanded powers. The Australian Security Intelligence Organisation (ASIO) says it needs expanded powers to question suspected foreign spies and their helpers, because there are more currently operating in the country than at the height of the Cold War. A bill introduced to parliament this month would expand ASIO’s existing powers to subject people to compulsory questioning, which it has used 16 times since 2003 but only for terrorism-related intelligence gathering. “The threats posed today by espionage and foreign interference operate at a scale, breadth and ambition that has not previously been seen in Australia”, ASIO says in its submission to parliament.
US Intelligence Community seeks new COIVD-19 tracking tools. In a call issued last week, the US Intelligence Advanced Research Projects Agency, or IARPA, said it is seeking new tools for rapidly diagnosing COVID in people with and without symptoms, via contact-less methods such as breath analysis. IARPA, which operates as the US Intelligence Community’s search lab, says it is also seeking tools for contact tracing among populations without mobile phones, via the Internet-of-things or other means -and do it while preserving privacy.
Why printers add secret tracking dots. These “microdots” are well known to security researchers and civil liberties campaigners. Many color printers add them to documents without people ever knowing they’re there. There is a long-running debate over whether it is ethical for printers to be attaching this information to documents without users knowing. In fact, there has even been a suggestion that it is a violation of human rights. Still, many believe that the use of covert measures to ensure the secrecy of classified documents remains necessary in some cases.

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , , ,

US embassy in UAE declined free COVID-19 tests due to Chinese spying concerns

June 4, 2020 by 1 Comment

Abu DhabiThe embassy of the United States in the United Arab Emirates declined free COVID-19 testing kits for its staff, because of concerns that the private labs offering the kits had ties to China, according to a new report. The testing kits were offered by a testing facility that was set up in March in Abu Dhabi, which is the capital of the oil-rich UAE —a close American ally in the Middle East.

The facility was built in record time, through a collaboration between two private companies. The main partner in the scheme is Group42, a privately owned artificial intelligence firm, which is based in the UAE and is believed to be partly owned by members of the kingdom’s royal family. Its partner in the venture is BGI Group, a Chinese company —formerly known as the Beijing Genomics Group— that specializes in genomics research. Since its establishment, the facility has reportedly delivered over 2 million COVID-19 testing kits —complete with reagents— for the population of the UAE, which numbers just over 9 million. Given these numbers, local officials have hailed the initiative as a success and credit it with having produced “one of the largest per capita testing rates in the world”. The oil-rich kingdom has so far reported about 36,000 confirmed coronavirus cases, which have resulted in 270 deaths —about 2.5 deaths per 100,000 UAE residents.

But, according to The Financial Times, the United States embassy in Abu Dhabi turned down an offer for free COVID-19 testing kits for its employees by Group42. The paper quoted an anonymous United States government official, who said that the offer was “politely declined” last month by the embassy leadership. American State Department officials were allegedly concerned that the DNA information of tested embassy employees could be compromised and “find its way to Beijing”, said the source. “Concerns were raised about patient privacy and the way that the tests could be used”, added the official, and described the involvement of BGI in the venture as “a red flag” for Washington.

BGI Group told the paper that it had no links to the government of China and no access to the data of patients, which were stored in Group42 facilities in the Emirates. The UAE-based company said that it followed “strict information security and data privacy protocols are in place” to protect sensitive information. The firm refused to divulge information about its owners, citing strict laws that are in place in the kingdom.

But the incident illustrates the growing suspicion in relations between the US and China. This poses difficult dilemmas for third countries, like the UAE. The oil-rich state is among several monarchies in the Gulf that have deepened their relations with China in recent years, in both the political and economic domains. Since 2000, the value of bilateral trade between Abu Dhabi and Beijing has grown from $2 billion to nearly $70 billion per year. At the same time, the UAE is one of the largest purchasers of US military technology in the world. The oil-rich monarchy spends on average $3 billion annually to acquire American weapons. Recently, however, Abu Dhabi has shown an increasing interest in Chinese-made weapons. Its armed forces and police departments now use several Chinese weapons and surveillance systems. At the same time, Huawei, a Chinese-owned telecommunications hardware producer, is scheduled to build the nation’s 5G cellular network. Washington has expressed serious concerns about that decision.

Speaking to The Financial Times, the anonymous US government official said that these steps by the UAE leadership, which are bringing it closer to China, “risk rupturing the long-term strategic relationship [the country has] with the US”.

Author: Joseph Fitsanakis | Date: 04 June 2020 | Permalink

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , , , ,

Islamic State’s new leader issues video vowing ‘not a single day without bloodshed’

June 3, 2020 by Leave a comment

ISIS SyriaIn a recent video message, the new head of the Islamic State calls COVID-19 a “great torment” from God against unbelievers, and vows that “not a single day will pass without bloodshed” due to attacks by his forces. The 39-minute video is entitled “The Crusaders Will Know Who Will Win in the End”, and began to circulate on the popular messaging application Telegram last Thursday.

The message in the video is delivered by Abu Hamza al-Qurashi, who last year succeeded Abu Bakr al-Baghdadi in the leadership of the Islamic State. The Sunni militant group announced al-Qurashi’s ascension to the leadership on October 31, 2019, lust days after its founder and spiritual leader was killed by American troops in Syria. The United States is offering up to $5 million reward for information leading to al-Qurashi’s capture or death.

The video is the third message issued by the Islamic State’s new leader, and the second one this year. In it, al-Qurashi refers to the coronavirus pandemic, recent political changes in Iraq, and the ongoing negotiations between the US and the Taliban in Afghanistan. The video also admonishes al-Qaeda’s branches in Africa, several of which are engaged in an increasingly bloody battle with forces allied to the Islamic State.

The majority of the video focuses on the coronavirus pandemic, which al-Qurashi describes as “a great torment” sent by God to non-Muslims, and says that he and his leadership “rejoice” in seeing the virus’ effects on the West. He adds that the enemies of the Islamic State will continue to be “struck down” by the pandemic like Egypt’s pharaohs were struck by the 10 plagues described in the Bible.

But al-Qurashi also focuses on Iraq, speaking with visible satisfaction about the apparent withdrawal of US troops from the country in recent months. Since the assassination of Qasem Soleimani by the US in January, American troops have withdrawn from at least six military bases throughout Iraq, which are now under the control of the Shi’a-dominated Iraq Security Forces. They include critical installations in the outskirts of Baghdad, in Kirkuk near the country’s Kurdish-dominated northern region, in Mosul, in western Iraq, and along the Syrian border. Additionally, Iraq now has a new Prime Minister, Mustafa al-Kadhimi, who has vowed to crush the remnants of the Islamic State throughout his country.

Without substantial military presence by the US, the Islamic State does not see the Iraq Security Forces as capable of defending those regions —after all it has defeated them before. It therefore views the US military’s withdrawal as an unexpected opportunity to reignite its insurgency and even take back the lands that it controlled until a few years ago. In the latest video, al-Qurashi directly addresses the Iraqi government, which it describes as the “government of infidels in Iraq” and as “the American government”. He warns that “not a single day will pass without bloodshed”, as “jihadists will start to increase their attacks against the crusaders”. These attacks he says, will be “only the start of bigger attacks in Iraq and Syria”.

Author: Joseph Fitsanakis | Date: 03 June 2020 | Permalink

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , , ,

Argentine former president and spy agency director indicted in wiretapping probe

June 2, 2020 by Leave a comment

kirchner fernandezThe former president of Argentina, Mauricio Macri, has been indicted as part of a widening investigation into a domestic spying program, which allegedly targeted opposition politicians, journalists and other public figures. The alleged espionage took place between 2015 and 2019, when Macri occupied the country’s highest office.

In 2015, Macri, a successful businessman and former mayor of Buenos Aires, became the first democratically-elected president of Argentina in 100 years that came from a party other than the populist brand described as ‘Peronist’ in the post-war era. His presidency was marked by a turn to the right, as well as numerous investigations into allegations of corruption against prior heads of state, notably Cristina Fernández de Kirchner, whom Macri succeeded in the presidency.

But Kirchner is now back, serving as vice-president under Argentina’s new president, Alberto Fernández. Fernández, a Peronist, took office in December of 2019, after defeating Macri in a hotly contested race. Among Fernández’s top agenda items is the reform of the country’s Federal Intelligence Agency (AFI). The agency used to be known as the Secretaría de Inteligencia del Estado (SIDE) until 2015, when then-President Kirchner dissolved the organization and replaced it with the AFI, in order to combat alleged human-rights abuses by SIDE agents. But Kirchner has always said that her work in reforming the old SIDE was left incomplete. Her running mate, Fernández, promised to complete her work if elected. In his first post-election speech, President Fernández said that the SIDE/AFI would be reformed. He famously told his jubilant supporters: “Never again, the secret state. Never again, the cellars of democracy”. Soon afterwards, Fernández appointed Cristina Caamaño, an attorney and government administrator with experience in the area of civil liberties, to lead the AFI.

Last week, Caamaño gave a federal court in Buenos Aires a deposition containing list of over 80 names of Argentine citizens, who were allegedly spied on by the AFI without a warrant during Macri’s administration. In her deposition, Caamaño alleges that the individuals had their emails “spied on without any court order”, from as early as June 2016 until the final days of Macri’s presidency. According to local media reports, the list of alleged victims includes political opponents of Macri, as well as investigative journalists, government officials, and notable members of Argentina’s business community. There are also police and military officers on the list as well as artists, intellectuals, and trade unionists. Caamaño asked the court to investigate, aside for Macri, Gustavo Arribas, who served as AFI director under the previous president, as well as his deputy director in the spy agency, Silvia Majdalani, and her brother-in-law, Darío Biorci. The names of other alleged culprits in Caamaño’s deposition remain secret, reportedly because these individuals are still serving as undercover agents in the AFI.

On Wednesday, Caamaño’s deposition was shared with the Argentine Congress, and are now being debated in various committees, including the intelligence committee. Congress members from President Fernández’s Partido Justicialista have expressed strong support for the probe. But the opposition is highly skeptical and has asked for more information from Caamaño’s office.

Author: Joseph Fitsanakis | Date: 02 June 2020 | Permalink

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , , , , , ,

Older posts

Newer posts