News you may have missed #895: Africa edition
February 20, 2018 Leave a comment
►►South African security contractor faces spy charges in South Sudan. William John Endley, a retired South African Army colonel, works as a security contractor for former South Sudanese Vice President Riek Machar, who is now the leader of a rebel faction fighting the government of President Salva Kiir. Endley, who has been working as Machar’s bodyguard, was arrested in August 2016 in Juba. He is now facing charges of espionage and conspiracy to overthrow the government of South Sudan.
►►Somalia appoints new police, intelligence chiefs. The Somali government announced Monday it has appointed new police and intelligence chiefs, nearly four months after their predecessors were sacked following the deadliest ever terror attack in the war-torn nation. Former deputy health minister Hussein Osman Hussein has been named head of Somalia’s intelligence service, while deputy head of police Bashir Abdi Mohamed has been promoted to police chief. Their predecessors were sacked on October 29, a day after an attack that left 27 people dead, and just two weeks after 512 people were murdered in a truck bombing in Mogadishu on October 14.
►►Ethiopia bans protests, media criticism, under state of emergency. The government of Ethiopia has declared a six-month state of emergency that includes a ban on protests and publications deemed to incite violence. The measure was announced on Friday, a day after Prime Minister Hailemariam Desalegn announced his surprise resignation in a televised speech. In his resignation address, Desalegn said he resigned to “smooth the path for political reform”. But critics say that the purpose of the state of emergency is “not to protect the constitutional order but to silence the voices calling for change”.
► Author: Ian Allen | Date: 20 February 2018 | Permalink
The government of Sweden has granted citizenship to an academic who is on death row in Iran for allegedly helping Israel kill Iranian nuclear scientists. Sweden’s Foreign Affairs Ministry confirmed on Saturday that Ahmadreza Djalali, who lives in Sweden and has lectured at Stockholm’s renowned Karolinska Institute, is now a Swedish citizen. IntelNews has 
The former chief of staff of Iran’s Armed Forces has said that foreign governments used different species of lizards, including chameleons, to spy on the Iranian nuclear program. The claim was made by Hassan Firuzabadi, a veteran Iranian military official, who from 1989 to 2016 served as the chief of staff of the Iranian Armed Forces —the most senior military post in the Islamic Republic. Since his retirement in 2016, Firuzabadi has served in a number of key consultancy roles and is currently a senior military advisor to Ayatollah Ali Khamenei, Iran’s reform-minded supreme leader.
A high-profile presidential candidate in Mexico accused the government of political policing after he caught an agent of the country’s intelligence agency trailing him during a campaign trip. The candidate, Ricardo Anaya, is a rising rightwing politician who previously served as president of Mexico’s Chamber of Deputies and leader of the largest opposition group in the country, the National Action Party. In December of last year, Anaya announced his candidacy for the presidency, for which he will compete in July. His primary opponents are the center-leftist Andres Manuel Lopez Obrador, and José Antonio Meade of the ruling Institutional Revolutionary Party (PRI).
There are conflicting reports of Russian and Ukrainian fighters having been killed by American forces in northeastern Syria, with some sources claiming that up to 200 Russians and Ukrainians, most of them private contractors working for the Syrian government, were left dead in clashes last week. If such reports are accurate, they could point to the most lethal American-Russian confrontation since the end of World War II.
The Latvian Security Police have announced the arrest of a man who is suspected of spying for a foreign country, with some reports claiming it is Russia. The Latvian state-owned news agency, LETA, 
Indian authorities have arrested an Indian Air Force officer for allegedly giving classified documents to two Pakistani spies on Facebook, who posed as women interested in him. The officer has been named as Arun Marwaha, a wing commander stationed at the Indian Air Force headquarters in Delhi. Marwaha, 51, is a para-jumping instructor who trains members of India’s Garud Commando Force —the Special Forces unit of the Indian Air Force. He was reportedly due to retire in 2019.
The former head of the Palestinian Authority’s spy agency claims that the Palestinian government in the West Bank worked with the United States Central Intelligence Agency to wiretap thousands without court authorization. Tawfiq Tirawi, who headed the Palestinian General Intelligence from its founding in 1994 to 2008, has filed an official complaint against the Palestinian Authority and is calling for a criminal investigation into the alleged wiretaps. The complaint has also been signed by Jawad Obeidat, who is the president of the West Bank’s Bar Association. It is based on a leaked 37-page document that surfaced last month on the social networking application WhatsApp. The document was leaked by an anonymous individual who claims to have worked for a surveillance unit in the Palestinian Preventive Security Service, the Palestinian Authority’s domestic security service.
Officials in Switzerland say new laws enacted in recent months will help them change their country’s image as one of Europe’s most active spy venues. For decades, the small alpine country has been a destination of choice for intelligence officers from all over the world, who use it as a place to meet assets from third countries. For example, a case officer from Britain’s Secret Intelligence Service (MI6) will travel to Switzerland to meet her Algerian agent. She will exchange money and documents with him before she returns to Britain and he to Algeria, presumably after depositing his earnings into a Swiss bank account.
North Korea used its embassy in Berlin to acquire technologies that were almost certainly used to advance its missile and nuclear weapons programs, according to the head of Germany’s counterintelligence agency. For many decades, Pyongyang has used a sophisticated international system of procurement to acquire technologies and material for its conventional and nuclear weapons programs. These secret methods have enabled the country to evade sanctions placed on it by the international community, which wants to foil North Korea’s nuclear aspirations.
Foreign intelligence collection and espionage threats against Australia are greater today than at any time during the Cold War, according to a senior Australian intelligence official. The claim was made on Wednesday by Peter Vickery, deputy director general of the Australian Security Intelligence Organisation (ASIO), the country’s primary counterintelligence agency. He was speaking before a parliamentary committee that is considering aspects of a proposed bill, which aims to combat foreign influence on Australian political and economic life. If enacted, the bill would require anyone who is professionally advocating or campaigning in favor of “foreign entities” to register with the government. Several opposition parties and groups, including the Catholic Church, have 
The Taliban have an open and constant presence in 70 percent of Afghanistan, according to an extensive study undertaken by the BBC, which was conducted over several months in every corner of the country. The report comes nearly 17 years after a military coalition led by the United States invaded Afghanistan in response to the attacks of September 11, 2001. Since then, Western forces, most of them members of the North Atlantic Treaty Organization, have spent countless lives and billions of dollars in an effort to defeat the Pashtun-led insurgency of the Taliban. American forces in the country, which at the end of 2009 numbered close to 100,000 troops, were reduced to a force of fewer than 8,000 by 2014, when US President Barack Obama declared the war over.
Chinese spies hacked the computer servers of the African Union headquarters in the Ethiopian capital Addis Ababa, which the Chinese government funded and built as a gift to the organization, a French newspaper has claimed. Beijing donated $200 million toward the project and hired the state-owned China State Construction Engineering Corporation to build the tower, which was 
Dutch spies identified a notorious Russian hacker group that compromised computer servers belonging to the Democratic Party of the United States and notified American authorities of the attack, according to reports. In 2016, US intelligence agencies determined that a Russian hacker group known as Cozy Bear, or APT29, led a concerted effort to interfere in the US presidential election. The effort, which according to US intelligence agencies was sponsored by the Russian government, involved cyber-attacks against computer systems in the White House and the Department of State, among other targets. It also involved the theft of thousands of emails from computer servers belonging to the Democratic National Committee, which is the governing body of the Democratic Party. The stolen emails were eventually leaked to WikiLeaks, DCLeaks, and other online outlets. Prior descriptions of the Russian hacking in the media have hinted that US intelligence agencies were notified of the Russian cyber-attacks by foreign spy agencies. But there was no mention of where the initial clues came from.
intelNews.org 
Previously obscure N. Korean hacker group is now stronger than ever, say experts
February 21, 2018 by Joseph Fitsanakis Leave a comment
For the past six years, a smaller hacker element within the Lazarus Group has engaged in intelligence collection and cyber espionage. Cyber security researchers have dubbed this sub-element “APT37”, “ScarCruft” or “Group123”. Historically, APT37 has focused on civilian and military targets with links to the South Korean government. The hacker group has also targeted human rights groups and individual North Korean defectors living in South Korea. However, a new report warns that APT37 has significantly expanded its activities in terms of both scope and sophistication in the past year. The report, published on Tuesday by the cyber security firm FireEye, suggests that APT37 has recently struck at targets in countries like Vietnam and Japan, and that its activities have disrupted telecommunications networks and commercial hubs in the Middle East.
According to the FireEye report, aerospace companies, financial institutions and telecom- munications service providers in at least three continents have been targeted by APT37 in recent months. What is even more worrying, says the report, is that the hacker group is now capable of exploiting so-called “zero-day” vulnerabilities. These are software bugs and glitches in commonly used software, which have not been detected by software providers and are therefore exploitable by malicious hackers. FireEye said in its report that the North Korean regime will be tempted to use APT37 increasingly often “in previously unfamiliar roles and regions”, as cyber security experts are catching up with some of Pyongyang’s more visible hacker groups, such as Lazarus.
► Author: Joseph Fitsanakis | Date: 21 February 2018 | Permalink
Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with APT37, computer hacking, computer security, cyberespionage, FireEye Inc., Group123, News, North Korea, ScarCruft