Facebook shuts down suspected state effort to prop up Sudanese military regime

Sudan civil unrestFacebook has shut down a well-funded online campaign to support Sudan’s military regime, which some say is part of wider efforts by Egypt, the United Arab Emirates and Saudi Arabia to stop democratic reforms in Sudan. The northeast African country has experienced civil unrest for more than a year. In February Sudan’s longtime strongman, Omar Hassan al-Bashir, fell from power after 30 years, following prolonged popular protests. But the new military junta that succeeded him launched a violent campaign of suppression against the country’s pro-democracy movement. The junta’s leaders have relied heavily on ample support provided by three close American allies, namely Egypt, Saudi Arabia and the United Arab Emirates. Meanwhile, the student-led pro-democracy movement has taken to the Internet to mobilize the Sudanese population. The regime has at times shut down the Internet in an attempt to stop pro-democracy organizers from spreading their message online.

Now it has emerged that Facebook detected and terminated a systematic misinformation campaign to promote the views of the Sudanese regime while also slamming the pro-democracy movement as reckless and irresponsible. The campaign was reportedly carried out by two self-described “digital marketing” companies: New Waves, headquartered in Egypt, and Newave, which is based in the Emirates. According to Facebook, the two companies worked in parallel to establish hundreds of fake accounts on social media platforms such as Facebook and Instagram. They also spent nearly $170,000 to promote material that was posted online by an army of paid users. The latter were allegedly paid $180 a month to post disinformation and other forms of carefully directed propaganda on social media. A total of 13.7 million Facebook and Instagram users were reached in the course of the disinformation campaign, according to Facebook. Twitter and Telegram were also employed by the two companies to post messages in favor of the Sudanese military. Other messages extoled the Libyan warlord Khalifa Haftar, as well as Muse Bihi Abdi, president of the self-declared state of Somaliland. Egypt, Saudi Arabia and the Emirates are staunch supporters of both Haftar and Abdi.

Facebook said it had been unable to collect evidence of a direct link between the New Waves/Newave disinformation campaign and the governments of Egypt, Saudi Arabia and the United Arab Emirates. But it added that the features of the campaign bore the hallmarks of a state-run operation. The New York Times, which reported on the story last week, said the Emirati company, Newave, did not respond to several requests for a comment. Amr Hussein, an Egyptian former military officer who owns the Cairo-based New Wave, issued a public statement calling Facebook “liars” and denying he had any links to the Emirates.

Author: Joseph Fitsanakis | Date: 11 September 2019 | Permalink

Many countries, not just Russia, are trying to influence US elections, experts warn

TwitterSeveral countries are behind organized efforts to influence electoral politics in the United States, with Russia being one among a growing list of culprits, according to experts. Speaking to The Washington Post last week, cybersecurity experts issued what they described as “a wake-up call” to voters and warned that America’s information space is becoming “a free-for-all for foreign intelligence”. Foreign spy services that are utilizing information operations in order to influence US elections reportedly include —aside from Russia— Israel, Saudi Arabia, the United Arab Emirates, Venezuela and China.

The majority of foreign information operations take place on social-media platforms such as YouTube, Twitter, Instagram and Facebook. But there are also campaigns to influence more traditional American media, for instance by tricking newspapers into publishing letters to the editor that are in fact authored by foreign intelligence operatives. Analysts from FireEye, Graphika and other cybersecurity and network-analysis firms told The Post that some information operations are difficult to detect, because the presence of a state security service is not always apparent. However, the messages that are communicated in tweets, Facebook postings, online videos, etc., tend to echo —often word for word— the rhetoric of foreign governments, and promote their geopolitical objectives. As can be expected, these objectives vary. Thus, Russian, Israeli and Saudi information operations tend to express strong political support for US President Donald Trump, arguably because these governments see his potential re-election as a development that would further their national interest. In contrast, Iranian information operations tend to lambast Trump for his negative stance on the Iranian nuclear deal and for his support for Saudi Arabia’s intervention in the Yemeni Civil War.

The Washington Post article notes that all major social-media companies employ teams of screeners whose mission is to detect and eliminate disinformation campaigns by both state and non-state actors. However, experts remain skeptical about their ability to combat the phenomenon, given that the quantity and sophistication of disinformation campaigns is constantly increasing. Many countries —including Israel and the United States— now maintain advanced information operations targeting national elections on several continents. There are also many governments —such as Qatar, the Philippines and Turkey— that use these techniques on their own voters and could potentially use them in the near future to target foreign populations, including Americans. The 2020 presidential election in the US is expected to be the most hotly contested in many decades, so it is certain that numerous foreign spy agencies will try to influence it in numerous ways, says The Post.

Author: Joseph Fitsanakis | Date: 29 July 2019 | Permalink

Russian spies ‘launched major cyber attack on Ukraine’ prior to naval incident

Strait of KerchRussia “paved the way” for last November’s seizure of Ukrainian Navy ships by launching a major cyber attack and disinformation campaign aimed at Ukraine, according to a cyber security firm and the European Union. In what has become known as the Kerch Strait incident of November 25, border service coast guard vessels belonging to the Russian Federal Security Service (FSB) opened fire on three Ukrainian Navy ships that were attempting to enter the Sea of Azov through the Kerch Strait. All three Ukrainian vessels, along with crews totaling 24 sailors, were captured by the Russian force and remain in detention. Ukraine condemned Russia’s action as an act of war and declared martial law in its eastern and southern provinces. But Moscow said the incident had been caused by a provocation by the Ukrainian government, in a desperate effort to increase its popularity at home. Meanwhile, the three Ukrainian ships and their crews remain in Russia.

But now a private cyber security firm has said that Moscow launched a series of cyber attacks on Ukrainian government servers, which were aimed at gathering intelligence that could be used for the ships’ capture. In a separate development, the European Union’s security commissioner has alleged that the Kremlin launched an elaborate “disinformation campaign” aiming to “soften up public opinion” before seizing the Ukrainian ships.

The American-based cyber security firm Stealthcare said this week that the cyber attacks were carried out by Carbanak and the Gamaredon Group, two hacker entities that are believed to be sponsored by the Russian intelligence services. The first wave of attacks, which occurred in October of this year, centered on a phishing campaign that targeted government agencies in Ukraine and other Eastern European countries. Victims of these attacks had “important functions” of their computers taken over by remote actors who stole and exfiltrated data, according to Stealthcare. Another attack installed back doors on computer servers belonging to Ukrainian government agencies in November, just days prior to the Kerch Strait crisis. The two attacks, said the company, provided the hackers with “information that would have been very […] relevant in planning” the November 25 naval crisis, said Stealthcare. The company added that there was “no doubt that this was a Kremlin-led reconnaissance effort to prepare for the Kerch Strait crisis”.

Meanwhile on Monday Julian King, a British diplomat who is currently the European Commissioner for the Security Union, said that Russia “paved the way for the Kerch Strait crisis” through a systematic fake news campaign that “lasted for more than a year”. The campaign, said King, included the use of social media to spread false rumors, such as claims that the Ukrainian government had infected the Black Sea with bacteria that cause cholera. Another report by Russian media allegedly claimed that Kiev had tried to secretly transport a nuclear device to Russian-annexed Crimea through the Kerch Strait. The EU security commissioner added that social media platforms and online search engines like Google had a responsibility “to identify and close down fake accounts that were spreading disinformation”.

Author: Joseph Fitsanakis | Date: 12 December 2018 | Research credit: D.V. | Permalink

Latvia warns of ‘hybrid war’ as central bank corruption probe widens

Ilmars RimsevicsLatvian defense officials have hinted that Russia is trying to destabilize Latvia’s economy, as a Western-backed anti-corruption probe at the highest levels of the Baltic country’s banking sector deepens. Developments have progressed at a high speed since Monday of last week, when Latvia’s Corruption Prevention and Combating Bureau arrested Ilmars Rimsevics, the longtime Governor of the Bank of Latvia —the country’s central bank. Bureau investigators said Rimsevics’ arrest related to charges that he received bribes in order to facilitate money laundering from Russia.

Rimsevics became deputy governor of the Bank of Latvia in 1992, just months after the country seceded from the Soviet Union. In 2001 he was promoted to governor, a post that he has held onto ever since. When the small Baltic country joined the European Union, in January 2014, Rimsevics automatically became a member of the Governing Council of the European Central Bank (ECB), which directs the Eurozone’s monetary policy and monitors the performance of the euro. But last week the Latvian government rescinded Rimsevics’ security clearance and a scheduled meeting of the ECB in Frankfurt took place without him.

This dramatic development underscores the troubled state of Latvia’s banking sector, which is a notorious reputation as one of Europe’s most lucrative money-laundering hubs. Soon after it gained its independence, the small country of 2 million became an attractive conduit for Russia’s nouveau riche seeking to funnel their money westward. The country’s sizeable Russian-speaking minority allowed the local banking sector to offer highly sought-after services in the Russian language, which further-facilitated its contacts with wealthy Russian clients. This was further-enhanced by Latvia’s integration into the economic structure of the European Union in 2014. But Western countries began voicing concerns about close links between Latvia’s banking sector and Russian oligarchs in 1996. By 2011, the United States Department of the Treasury had identified numerous Latvian banks as serious violators of laws designed to prevent money laundering. In 2014, and again in 2017, the Organized Crime and Corruption Reporting Project identified Latvia as part of an extensive international money-laundering scheme dubbed “the Russian Laundromat”.

Notably, Rimsevics was arrested less than a week after Washington vowed to impose penalties on ABLV, Latvia’s third largest bank, for “institutionalizing money laundering” and violating a host of financial sanctions imposed by the United Nations, including sanctions against North Korea’s nuclear program. There is no question, therefore, that Rimsevics’ dramatic arrest was designed to combat what The Financial Times recently called “a banking scandal on the Baltic”. In the past few hours, reports from Riga indicate that ABLV may be on the brink of collapse, being unable to withstand the financial effects of the public scandal that emerged in recent days.

But things are never simple in the Baltic region. Soon after Rimsevics’ release on bail, reports in the Latvian media pointed to alleged efforts by Russia to defame him, in an effort to further-tarnish the already damaged reputation of Latvia’s banking sector. On Tuesday of last week, the Latvian Ministry of Defense said it had evidence that Rimsevics was targeted in a “disinformation operation” directed from abroad. It added that there was a “high probability that [a] massive information operation” had been launched for “foreign centers” aimed at destabilizing Latvia’s banks. No evidence or further information about the allegation was revealed. But the Defense Ministry’s allegations seemed to be supported by an analysis of the relevant news reporting by the Atlantic Council’s Digital Forensics Research Lab in Washington.

On February 23, Latvia’s Prime Minister, Maris Kucinskis, and President, Raimonds Vejonis, seemed to endorse the Defense Ministry’s allegations. Despite the fact that both politicians have urged Rimsevics to resign “for the sake of the financial system”, they also warned that Latvia was under attack in an information war. The two men did not make specific allegations, but said that the information attacks experienced by Latvia were “identical” to those seen in recent years in France, Germany, and the United States. Meanwhile, shortly after his release, Rimsevics held a press conference in Riga, where he denied all charges against him. He accused Latvia’s private banks of conspiring against him and said he was the victim of “death threats” to destabilize the country. On the same day Moscow, Kremlin spokesman Dmitry Peskov said that Russia had no comment on the situation in Latvia. “This is an internal political matter for our Latvian comrades [and] we wouldn’t want to get involved”, he said.

Author: Joseph Fitsanakis | Date: 26 February 2018 | Permalink

Colin Powell wants answers over fake Iraq intelligence

Rafid Ahmed Alwan al-Janabi

Alwan al-Janabi

By IAN ALLEN | intelNews.org |
Regular readers of this blog will not be surprised by recent news that the Iraqi defector whose information helped build the Bush Administration’s case for invading Iraq in 2003, has admitted he lied about Saddam Hussein’s alleged weapons of mass destruction. Rafid Ahmed Alwan al-Janabi, known in intelligence circles as ‘Curveball’, arrived in Germany in 1999, where he applied for asylum, saying he had been employed as a senior scientist in Iraq’s biological weapons program. Serious doubts about al-Janabi’s reliability were expressed at the time by Germany’s Federal Intelligence Service, the BND, and by some in the CIA. Yet his testimony became a major source of US Secretary of State Colin Powell’s February 2003 speech before the United Nations Security Council, in which he layed out Washington’s case for war. A year later, both the BND and the CIA concluded that al-Janabi had been lying about his alleged biological weapons role, and that he was in reality a taxi driver from Baghdad, who had used his undergraduate knowledge of engineering to fool Western intelligence. Now al-Janabi, who still lives in Germany, has spoken to British newspaper The Guardian, and openly admitted that his story was completely fabricated. He told the paper that he was an “opposition activist” and that he lied to his German and American intelligence handlers in order to help “topple” the regime of Saddam Hussein. Read more of this post