Attack by Chinese hacker group targeted high-profile individuals around the world
July 9, 2019 2 Comments
A hacker attack of impressive magnitude targeted specific individuals of interest to the Chinese government as they moved around the world, in what appears to be the first such operation in the history of cyberespionage. The attack was revealed late last month by Cybereason, an American cybersecurity firm based in Boston, Massachusetts. Company experts described the scope and length of the attack, dubbed Operation SOFTCELL, as a new phenomenon in state-sponsored cyberespionage. Cybereason said SOFTCELL has been in operation since at least 2017, and identified the culprit as APT10, a hacker group that is believed to operate on behalf of China’s Ministry of State Security.
The operation is thought to have compromised close to a dozen major global telecommunications carriers in four continents —the Middle East, Europe, Asia and Africa. According to Cybereason, the hackers launched persistent multi-wave attacks on their targets, which gave them “complete takeover” of the networks. However, they did not appear to be interested in financial gain, but instead focused their attention on the call detail records (CDRs) of just 20 network users. With the help of the CDRs, the hackers were able to track their targets’ movements around the world and map their contacts based on their telephone activity. According to The Wall Street Journal, which reported on Cybereason’s findings, the 20 targets consisted of senior business executives and government officials. Others were Chinese dissidents, military leaders, as well as law enforcement and intelligence officials.
An especially impressive feature of SOFTCELL was that the hackers attacked new telecommunications carriers as their targets moved around the world and made use of new service providers. The attacks thus followed the movements of specific targets around the world. Although this is not a new phenomenon in the world of cyberespionage, the geographical scope and persistence of the attacks are unprecedented, said The Wall Street Journal. Speaking last week at the 9th Annual International Cybersecurity Conference in Tel Aviv, Israel, Lior Div, Cybereason’s chief executive officer and co-founder, said SOFTCELL attacks occurred in waves over the course of several months. The hackers used a collection of techniques that are commonly associated with identified Chinese hacker groups. If detected and repelled, the hackers would retreat for a few weeks or months before returning and employing new methods. The Cybereason security experts said that they were unable to name the targeted telecommunications carriers and users “due to multiple and various limitations”.
► Author: Joseph Fitsanakis | Date: 09 July 2019 | Permalink
The son of a South Korean former cabinet minister has defected to North Korea, marking a rare instance of a citizen of South Korea switching his allegiance to the North. It is even rarer for such high-profile South Korean citizens to defect to North Korea. The defector is Choe In-guk, son of Choe Deok-sin, who served as South Korea’s minister of foreign affairs in the 1970s under the South Korean dictator Park Chung-hee. Choe was an American-trained army officer who served under United States command in the Korean War. He then served as a member of the cabinet and as South Korea’s ambassador to West Germany.
A private management consulting firm that was hired to streamline the United States Intelligence Community’s communication and decision-making process has made these practices worse, according to insiders. The news website Politico, which published the 
Tunisian authorities are investigating two Belarusian men who were found to be in possession of several forged passports and electronic surveillance equipment. The two men were 
An Islamic State militant who blew himself up in the Philippines last week was probably history’s first-ever Filipino suicide bomber, according to police officials. The man was one of two militants who 
In a rare public appearance, the director of the Mossad spy agency said that the Middle East is witnessing a historic shift of alliances as many Arab states are forming tacit pacts with Israel against Iran and its proxies. Yosef “Yossi” Cohen 
Foreign intelligence agencies are allegedly trying to acquire the medical file of German Chancellor Angela Merkel after she was seen trembling uncontrollably in public twice in as many weeks. Reports about foreign spy interest in Merkel’s health emerged in German and British newspapers last weekend, after the German chancellor was seen trembling during high-level meetings earlier this month. The first incident took place during an official meeting with Ukrainian President Volodymyr Zelensky on June 18. The German Chancellery said Merkel had suffered from dehydration and “felt like herself again after drinking a few cups of water”. But the tremors were back again on June 27 during the German leader’s visit to Japan for the G20 Summit. 
Hackers used a malware described by experts as the “crown jewel” of cyber-espionage tools to hack into Russia’s version of Google, in an effort to breach user accounts, according to the Reuters news agency. The hackers targeted Yandex (Яндекс), a Moscow-headquartered company that operates as the Russian version of Google. Yandex is the largest technology venture company in the Russian Federation and the fifth most popular search engine in the world. It also provides services such as mapping and email in Russia and several other countries in Central Asia and the Middle East. It claims that it serves more than 150 million monthly users worldwide.
The Islamic State is capable of make a sudden comeback in the Middle East that could be “faster and even more devastating” than 2014, when the group quickly conquered territory the size of Britain, according to a new report from the Institute for the Study of War (ISW). The Washington-based think-tank’s report is based on the most recent data about the presence in the Middle East of the militant Islamist group, which is also known as the Islamic State of Iraq and Syria. The 76-page 
The younger sister of North Korea’s Supreme Leader Kim Jong-un appears to have been promoted to the number two position in the country’s ruling apparatus, according to a South Korean intelligence assessment. Until recently, Kim Yo-jong (pictured), 30, was Director of the Propaganda and Agitation Department of the ruling Workers’ Party of Korea (WPK). She also served as an alternate member of the Political Bureau, which is the highest decision-making body within the WPK.
Iranian state media announced on Sunday the arrest of 16 officials in the country’s Ministry of Petroleum, allegedly for sabotaging Iranian energy policy. It is not known whether these arrests are in any way connected with Tehran’s announcement last week that it had dismantled “one of the most complicated” espionage operations by the United States Central Intelligence Agency in several countries. According to the state-owned Fars News Agency, the 16 officials were arrested over the weekend in synchronized pre-dawn raids. All of them had managerial positions in Iran’s oil industry —including in the areas of exploration, production and distribution of Iran’s oil and petrochemical products inside the country as well as abroad.
It is not at all clear that the Islamic State and its leader, Abu Bakr al-Baghdadi, who claimed responsibility of the Sri Lanka bombings in April, had foreknowledge of the attacks, according to a top official. The militant Sunni group claimed it was behind the nine suicide blasts that targeted Catholic churches and five-star hotels in Sri Lanka’s western and eastern coastal regions on April 21. The near-simultaneous bombings killed 258 people and injured over 500. They are believed to constitute the bloodiest terrorist attack in the country’s history. Interestingly, many questioned the authenticity of the Islamic State’s claim of responsibility, which came a full two days following the deadly blasts. The group typically issues statements immediately following attacks by its followers around the world. The 48-hour delay in the case of the Sri Lanka bombings, therefore, was deemed “uncharacteristic” by some experts.
Israeli authorities announced on Thursday the arrest of a deep-cover intelligence operative who allegedly attempted to establish a base for Iranian intelligence in Israel and the West Bank, according to news reports from Israel. Shin Bet, Israel’s domestic security and counterintelligence agency, 
Indian counterterrorism officials have alleged in court that four members of the Islamic State in Indian-administered Kashmir were guided by a handler from Pakistan. The court case involves four young men from Jammu and Kashmir who were arrested last November on terrorism charges. Court documents filed recently identify the four as members of the Islamic State. This development is significant because Indian officials have until recently dismissed as overstated claims that the Islamic State is present in Kashmir. The unfurling of Islamic State banners by anti-government rioters is a regular phenomenon in Indian Kashmir. But government officials dismiss those who wave such banners as impressionable youth who have no access to weaponry or logistical support from the Islamic State. Last November’s arrests, however, highlighted the fact that the Islamic State does in fact have an armed presence on the ground in India.
intelNews.org 
Poland frees on bail former intelligence officer arrested for spying for China
July 10, 2019 by Joseph Fitsanakis 2 Comments
However, at the time of his arrest on January 10, Durbajlo had left government service and was a mid-level executive at Orange Polska. The company operates as the Polish branch of a French multinational telecommunications carrier with sister companies in several European Union countries. Along with Durbajlo, Polish authorities arrested Wang Weijing, a Chinese national who worked for the Chinese telecommunications manufacturer Huawei. Orange Polska is Huawei’s main domestic partner in Poland. Wang reportedly learned Polish at the Beijing Foreign Studies University. In 2006 he was posted by the Chinese Ministry of Foreign Affairs at the Chinese consulate in Gdansk, Poland’s largest Baltic Sea port. In 2011 he left the Foreign Service and joined the Polish office of Huawei. Following his arrest on January 10, he was charged with espionage. Huawei denied it had any role in espionage against the Polish state, but fired Wang nonetheless. Both Wang and Durbajlo have been in pretrial detention since their arrest in January.
On Friday, July 5, Durbajlo’s legal team announced that he would be set free on July 7, on a $31,500 bail that must be paid within 30 days to secure his release. His lawyers explained that the charges against him had not been dropped, but did not explain why he was being released. It is worth noting that Durbajlo’s release on bail was announced during a visit to Poland by a high-level Chinese delegation, aimed at discussing economic and political ties between Warsaw and Beijing. Late on Tuesday it was announced that Wang would remain in pretrial detention for at least three more months.
► Author: Joseph Fitsanakis | Date: 10 July 2019 | Permalink
Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with China, espionage, Huawei Technologies, News, Orange, Piotr Durbajlo, Poland, Wang Weijing