2015-02-27

And much more.

We begin the the latest round of the Great Game from the Washington Post:

Top U.S. intelligence official backs arming Ukraine forces against Russia

The top U.S. intelligence official said Thursday that he supports arming Ukrainian forces against Russian-backed separatists, as the Obama administration continues deliberations about whether to deepen involvement in a conflict pitting the West against Russian President Vladi-mir Putin.

James R. Clapper Jr., the director of national intelligence, said providing weapons to Ukraine would likely trigger a “negative reaction” from the Russian government, which Western officials are hoping will ensure that separatists stick to a European-brokered cease-fire that took effect this month.

“It could potentially further remove the very thin fig leaf of their position that they have not been involved in Ukraine,” Clapper told members of the Senate Armed Services Committee, adding that Russia could respond by sending more sophisticated weapons to separatist areas.

From RT, asserting a naval presence:

Russia secures military deal to use Cyprus’ ports despite EU concerns

Russian navy ships will keep having access to stop off at Cyprus’ ports in Mediterranean as the two countries have agreed to prolong the pre-existing deal on military cooperation.

The agreement, which applies to Russian vessels involved in counter-terrorism and anti-piracy efforts, was signed by President Vladimir Putin and his Cypriot counterpart, Nicos Anastasiades, in Moscow.

The signing came aimed heightened tensions and sanctions between Russia and the EU over the military conflict in Ukraine.

President Putin, however, stressed that the agreement, as well as Russia-Cypriot ”friendly ties aren’t aimed against anyone.”

From Agence France-Presse, how to keep them from droning on:



From Nextgov, what could possibly go wrong?:

CIA’s New Big Data Hub Will be Hosted in the Cloud

The CIA is preparing to take the next step in its quest to shake up the status quo of siloed agencies within the intelligence community.

CIA Chief Information Officer Doug Wolfe confirmed Wednesday the intelligence agency will start using Cloudera’s Enterprise Data Hub platform by April, a move he expects “to extend the innovation and push the envelope on a whole range of different solutions” for all 17 IC agencies.

The enterprise data hub, also known as a “data lake,” would presumably provide standardized data sets compiled by intelligence analysts across various agencies to decision-makers among many other features found in the company’s widely used open source big data platform.

From SINA English, a Chinese wall:

Some foreign tech brands removed from China government purchase list

CHINA has dropped some of the world’s leading technology brands from its approved state purchase lists, while approving thousands more locally made products.

Chief casualty is US network equipment maker Cisco Systems Inc, which in 2012 counted 60 products on the Central Government Procurement Center’s list, but by late 2014 had none, according to a Reuters analysis of official data.

Apple Inc has also been dropped over the period, along with Intel Corp’s security software firm McAfee and network and server software firm Citrix Systems.

An official at the procurement agency said there were many reasons why local makers might be preferred, including sheer weight of numbers and the fact that domestic security technology firms offered more product guarantees than overseas rivals.

From the Guardian, absence of evidence asserted:

No evidence of NSA and GCHQ Sim card hack, says allegedly compromised firm

Gemalto, the world’s largest Sim card manufacturer, denies claims intelligence services hacked into its servers and stole the keys to billions of mobile phones

The firm allegedly hacked by the NSA and GCHQ has stated that it cannot find any evidence that the US and UK security services breached and stole the encryption keys billions of Sim cards.

The alleged hack was revealed by documents from the NSA files provided by Edward Snowden, which detailed attacks on Gemalto – the world’s largest Sim card manufacturer – which allegedly saw them steal encryption keys that allowed them to secretly monitor voice calls and data from billions of mobile phones around the world.

But after an investigation, the Dutch security company, which supplies Sim cards to all of the major UK mobile phone networks and 450 operators globally, has said that no evidence of a theft of Sim card security details has been found.

From the Intercept, the sound of one hand clapping:

Gemalto Doesn’t Know What It Doesn’t Know

The company was eager to address the claims that its systems and encryption keys had been massively compromised. At one point in stock trading after publication of the report, Gemalto suffered a half billion dollar hit to its market capitalization. The stock only partially recovered in the following days.

After the brief investigation, Gemalto now says that the NSA and GCHQ operations in 2010-2011 would not allow the intelligence agencies to spy on 3G and 4G networks, and that theft would have been rare after 2010, when it deployed a “secure transfer system.” The company also said the spy agency hacks only affected “the outer parts of our networks — our office networks — which are in contact with the outside world.”

Security experts and cryptography specialists immediately challenged Gemalto’s claim to have done a “thorough” investigation into the state-sponsored attack in just six days, saying the company was greatly underestimating the abilities of the NSA and GCHQ to penetrate its systems without leaving detectable traces.

“Gemalto learned about this five-year-old hack by GCHQ when the The Intercept called them up for a comment last week. That doesn’t sound like they’re on top of things, and it certainly suggests they don’t have the in-house capability to detect and thwart sophisticated state-sponsored attacks,” says Christopher Soghoian, the chief technologist at the American Civil Liberties Union. He adds that Gemalto remains “a high-profile target for intelligence agencies.”

Target tally totaled, via SecurityWeek:

Target Data Breach Tally Hits $162 Million in Net Costs

The cost of the Target breach keeps on climbing.

According to the firm’s latest earnings report, the net expense of the breach stands at $162 million.

The actual total has now reached a gross expense of $191 million. That amount was partially offset by a $46 million insurance receivable in 2014. In 2013, the company’s gross expense related to the breach was $61 million, which was offset by a $44 million insurance payment. That brings the net expense of the breach for the retail giant to $162 million.

According to the Ponemon Institute’s ninth annual global study on data breach costs released last year, the average total price tag of a breach was $145 for every record stolen or lost – an increase of nine percent compared to the cost noted in the previous report. The study focused on 314 companies across 10 countries. All the companies that participated in the 2014 study had experienced a data breach ranging from a low of 2,400 compromised records to a high of slightly more than 100,000. The most expensive data breaches occurred in the U.S. and Germany, and cost $201 and $195 per compromised record, respectively.

From Threatpost, Anthem for more bad news:

Up to 18.8 Million Non-Anthem Customers Affected in Breach

In addition to roughly 80 million Anthem customers, nearly 20 million more individuals who aren’t customers of the health insurer could ultimately wind up implicated in this month’s massive data breach.

The company disclosed yesterday that between 8.8 million and 18.8 million Blue Cross Blue Shield customers’ records may have been storoed in the database that was hacked. Anthem is part of a network of independent BCBS plans, and the latest batch of affected customers may have used their BCBS insurance in states such as Texas or Florida where the company runs partnerships.

It’s the first time the company has disclosed information regarding the breach as it relates to data other than its own since the compromise was announced on Feb. 5.

From SecurityWeek, ad-hacking your wireless:

Researchers Spot Aggressive Android Adware on Google Play

Highly aggressive adware has been found hidden in ten Android applications hosted on Google Play, Bitdefender reported.

Adware is highly common on both desktop PCs and smartphones. However, the threats discovered by the security firm stand out not just because they are aggressive, but also because they employ clever tricks to stay hidden on the infected device.

Once installed, the apps redirect victims to a webpage, hosted at mobilsitelerim.com/anasayfa, which serves ads designed to trick users into installing other pieces of adware disguised as system or performace updates, or get them to sign up for premium services. The displayed ads differ depending on the user’s location, Bitdefender said.

“Although they’re not malicious per se, by broadcasting sensitive user information to third parties, they resemble aggressive adware found on desktop PCs. The resulting barrage of pop-ups, redirects and ads irks users and seriously damages both the user experience and the performance of Android devices,” Bitdefender security researcher Liviu Arsene explained in a blog post.

And from Threatpost, an enduring threat:

Ransomware Looming As Major Long-Term Threat

On May 30, 2014, law enforcement officials from the FBI and Europol seized a series of servers that were being used to help operate the GameOver Zeus botnet, an especially pernicious and troublesome piece of malware. The authorities also began an international manhunt for a Russian man they said was connected to operating the botnet, but the most significant piece of the operation was a side effect: the disruption of the infrastructure used to distribute the CryptoLocker ransomware.

The takedown was the result of months of investigation by law enforcement and security researchers, many of whom were collaborating as part of a working group that had come together to dig into CryptoLocker’s inner workings. The cadre of researchers included reverse engineers, mathematicians and botnet experts, and the group quickly discovered that the gang behind CryptoLocker, which emerged in 2013, knew what it was doing. Not only was the crew piggybacking on the GameOver Zeus infections to reach a broader audience, but it also was using a sophisticated domain-generation algorithm to generate fresh command-and-control domains quickly. That kept the CryptoLocker crew ahead of researchers and law enforcement for a time.

“The interesting thing is all the opsec involved in this. The architecture thought out with this was really clear. The people working on this really sat down and architected and then engineered something,” said Lance James of Deloitte & Touche, who spoke about the takedown effort at Black Hat last year. “It took a lot more people on our side to hit it harder.”

After the jump, Austria enacts an Islamic crackdown, on to the ISIS front, first with a spooky assessment, crowdsourcing an anti-ISIS army, and a ‘Jihadi John’ profile from Old Blighty its spooky origins, Yemeni Arab Spring activists see their hopes dim, a Boko Haram bombing body count, bomb-sniffing pachyderms deployed, on to Pakistan and an American blogger slain, thence to North Korea and Japanese sanctions threatened, Washington deploys its top airborne spycraft to the South China Sea, Japan’s already considerable military power, and Shinzo Abe engineers more overseas naval deployments, and eases more legal restrictions. . .

From Al Jazeera America, an Austrian crackdown:

Austria passes law requiring imams to speak German

Austria’s new ‘law on Islam’ bans requires imams to speak German, bans Muslim groups from accepting foreign financing

Austria’s parliament passed a law on Wednesday that bans Muslim organizations from accepting financing from foreign sources and requires imams to be able to speak German.

The “Law on Islam” law met with little opposition from the overwhelmingly Roman Catholic population. It was backed by Austria’s Catholic bishops, and was accepted by the main Muslim organization.

“We want an Islam of the Austrian kind, and not one that is dominated by other countries,” said Sebastian Kurz, the 28-year-old conservative foreign minister.

On to the ISIS front, first with a spooky assessment from Defense One Today:

Clapper Says People in Mosul May Be Getting Sick of ISIS

The nation’s top spy offered a bleak assessment of the nation’s threats.

Terrorism has reached a crisis point unseen in the 45 years that the Pentagon has been compiling such data, the nation’s top spy said on Thursday, giving Congress a grim analysis of the threats facing the nation. The clear leader among terrorist groups concerning the intelligence community, he indicated, remains the Islamic State, or ISIS.

While the intelligence community does not have “census bureau” accuracy of the size of ISIS, Director of National Intelligence James Clapper said that they estimate the group fluctuates between 20,000 to 32,000 fighters, echoing reports from September. Though he added that it was difficult to asses who was a “full-time” fighter and who was a supporting cast member.  “From my vantage, it’s unfortunate these numbers get out,” Clapper said.

Lt. Gen. Vincent Stewart, the new commander of the Defense Intelligence Agency, who accompanied Clapper to testify before the Senate Armed Services Committee, indicated that it would take Iraq an additional six to nine months to train three new brigades Iraq was bringing online to fight the Islamic State.

The size of ISIS and the U.S.-led coalition forces being amassed to fight the terrorist group has drawn new attention since last week when an official with U.S. Central Command said that up to 25,000 Iraqi and Kurdish troops were being trained to take back the city of Mosul from between 1,000 to 2,000 ISIS fighters.

From Al Jazeera America, crowdsourcing an anti-ISIS army:

Assyrian Christians crowdfund an army to reclaim homeland from ISIL

Financed by a vast diaspora and trained by US vets, the Nineveh Protection Unit wants to ‘cleanse’ homeland of ISIL

At a covert training camp just north of Mosul, ten miles from the front lines with the Islamic State in Iraq and the Levant (ISIL), the first wave of Assyrian Christian volunteers for the Nineveh Protection Unit (NPU) have just completed boot camp. Funded in part by an Assyrian-American telethon campaign and trained by a handful of freelance U.S. military veterans, around 500 men are set to deploy next week as part of an unorthodox — and unproven — project.

But as ISIL pillages what’s left of their ancestral homeland, and Iraqi government forces prove incapable of stopping them, some among the region’s dwindling Assyrian Christian minority have placed their hopes for self-preservation in the NPU, which plans to grow by the thousands in the coming months.

“Their morale and capabilities are higher than almost anything I’ve seen,” said Matthew VanDyke, an American filmmaker and former rebel fighter in Libya who organized training sessions over the past two months to whip the NPU into fighting shape. “The kidnapping of their people, the loss of their homeland, the use of their women as sex slaves — it’s really put a fire in them.”

A ‘Jihadi John’ profle from Old Blighty, via the Independent

‘Jihadi John’ profile: Mohammed Emwazi, from British computer programmer to Isis executioner

The masked executioner who as “Jihadi John” has come to embody the brutal violence of Isis has been identified as a British computer programmer who was known to MI5 and police for at least four years before he slipped away into Syria.

The revelation that Mohammed Emwazi, a Kuwait-born Briton who lived in London for 17 years, was the figure appearing in the succession of grim online videos in which Western hostages are beheaded has raised fresh questions about the ability of the security services to monitor extremists.

As the world’s media descended on the addresses where Emwazi was raised – ranging from an £800,000 mansion block apartment in Maida Vale to his last-known address on a gritty west London estate – debate raged  about how the well-dressed and pensive son of a minicab driver became the blood-soaked poster boy of Isis.

And its spooky roots, via Sky News:

UK Spooks Blamed For Turning ‘Jihadi John’

An advocacy group claims the life of the man known as Jihadi John changed course when a trip to Tanzania was thrown into chaos

A group calling itself an “independent advocacy organisation” has posted an essay on its website saying ‘Jihadi John’ was harrassed by UK spooks for four years.

Having apparently had extensive dealings with the man now identified as Mohammed Emwazi over several years, CAGE has attempted to lay the blame for his actions at the door of MI5.

In the 3,000-word article, excerpts of which are below, the group says a denied attempt to go to Tanzania – on safari – was a turning point in his life.

Yemeni Arab Spring activists see their hopes dim, via the Washington Post:

For Yemen’s Arab Spring activists, hope plummets as chaos deepens

For Faizah al-Sulimani, the hope stirred by Yemen’s Arab Spring uprising has long since faded.

Four years ago, she joined the wave of nonviolent demonstrations that rippled across the Middle East and led to the ouster of entrenched autocrats, including Yemen’s Ali Abdullah Saleh. Sulimani’s optimism, however, quickly turned to bitterness over what followed — a post-revolutionary order that she and many of her fellow Yemeni protesters consider as corrupt and inept as the one they had struggled to overturn.

Yet, even they never imagined that things would get this bad. A civil war looms after Shiite Houthi rebels deposed the government last month and dissolved parliament. Many Yemenis fear that the resulting political vacuum offers extremist groups, including the powerful local affiliate of al-Qaeda, an opportunity to exploit.

A Boko Haram bombing body count, from Reuters:

Bomb attacks kill at least 23 in north, central Nigeria

Boko Haram bombers killed 23 people on Thursday, authorities said, as the Islamist insurgents fight back against a military offensive launched by Nigeria and three neighbouring countries.

A suicide bomber at a bus station in Biu, a town in northeastern Borno state, killed at least 17 people, a military source and local vigilante Ibrahim Jaton said. A crowd beat a second bomber to death before he could detonate his device.

Shortly afterwards, two roadside bombs exploded in the city of Jos in the highly volatile Middle Belt where the largely Christian south meets the Muslim north, killing six people.

CCTV Africa covers bomb-sniffing pachyderms deployed:

South Africa Bomb Sniffing Elephants

Program notes:

We have all seen sniffer dogs – but what about sniffer elephants? Well, they’re being trained in South Africa to detect landmines and other explosives in the bush – as well as poachers. Susan Mwongeli reports.

On to Pakistan and an American blogger slain, via the Associated Press:

Unidentified attackers hack US blogger to death in Dhaka

A prominent U.S. blogger, known for his writing against religious fundamentalism, has been hacked to death by unidentified attackers in Bangladesh’s capital, police said Friday.

The attack on Avijit Roy, a Bangladesh-born U.S. citizen, took place late Thursday when he and his wife Rafida Ahmed, who was seriously injured in the attack, were returning from a book fair at Dhaka University.

It was not known who was behind the attack, but Roy’s family and friends say he was a prominent voice against religious fanatics and received threats in the past. No groups have claimed the responsibility.

The local police chief, Sirajul Islam, told The Associated Press that the assailants used cleavers to attack Roy and his wife, who is also a blogger.

On to North Korea and Japanese sanctions threatened, via Kyodo News:

Japan tells N. Korea about possible extension of sanctions

Japan has told North Korea that it is considering extending its unilateral sanctions against Pyongyang beyond April, sources familiar with bilateral relations said Thursday, a move apparently aimed at breaking an impasse over stalled talks on the North’s past abductions of Japanese nationals.

The sources said the Japanese government is making arrangements to extend the sanctions, possibly for two years, and a Cabinet decision could be made in April unless substantial progress is made on the abduction issue. The sanctions that are set to expire in April include a total ban on exports and imports.

The move has been studied as aging relatives of the abductees are frustrated with the slow progress since North Korea promised in May last year to reinvestigate the fate of Japanese nationals abducted decades ago, in return for the lifting of some of Japan’s sanctions.

Washington deploys its top airborne spycraft to the South China Sea, via Reuters:

U.S. flies most advanced surveillance plane from Philippines

The United States has begun flying its most advanced surveillance aircraft, the P-8A Poseidon, out of the Philippines for patrols over the South China Sea, the U.S. Navy said on Thursday, acknowledging the flights for the first time.

The United States, the Philippines’ oldest and closest ally, has promised to share “real time” information on what is happening in Philippine waters as China steps up its activities in the South China Sea.

China claims most of the potentially energy-rich South China Sea, through which $5 trillion in ship-borne trade passes every year. The Philippines, Vietnam, Malaysia, Brunei and Taiwan also have overlapping claims.

From Want China Times, Japan’s already considerable military power:

Japan’s defense capability should not be underestimated: expert

Japanese military expert Kazuhiko Inoue said that Japan’s self defense force is capable of taking on China’s People’s Liberation Army even without the assistance of the United States, Tokyo’s Sapio Magazine reports.

Inoue said that the ability of the Japan Maritime Self Defense Force to resist a potential PLA invasion should not be underestimated. He also questioned whether China’s warships, designed based on technologies purchased from Russia, Ukraine, Israel are really that reliable compared to their Japanese counterparts. Using Liaoning, China’s first aircraft carrier as an example, Inoue said there is no catapult aboard the flight deck to launch carrier-based aircraft.

Without sufficient anti-submarine warfare capability, Inoue argued that most of the PLA Navy’s surface combat vessels will become the victims of JMSDF’s Soryu-class diesel-electric attack submarines should a military conflict erupt between China and Japan over disputed islands in the East China sea which Japan administers as the Senkakus (Taiwan claims them as the Diaoyutai and China as the Diaoyu). Unlike Japan’s Atago-class destroyers, the performance of air defense systems aboard the Chinese destroyers are questionable as well.

Shinzo Abe engineers another overseas naval deployments, via Kyodo News:

Gov’t aims to expand ship inspections as support for foreign forces

The government is considering expanding the scope of ship inspections conducted by the Self-Defense Forces as Japan aims to increase its logistical support for foreign troops undertaking global peace missions, senior ruling party lawmakers said Thursday.

The proposed change, which would remove existing geographical restrictions, is designed to expand SDF operations beyond Japan to contribute to global peace and stability, as Prime Minister Shinzo Abe seeks to give them a greater role abroad.

Under the current legal framework, the SDF can inspect ships and their cargoes in times of contingencies “in areas around Japan,” and ask them to change course if necessary. But U.N. Security Council resolutions or approval by the flag state are required to conduct such operations, and foreign military ships are not included.

And from Jiji Press, and eases more legal restrictions:

Japan to Simplify Procedures for SDF Logistic Support

Japan is considering simplifying procedures for the country’s Self-Defense Forces to provide logistic support to foreign forces, officials said Thursday.

The government hopes to make it possible to extend such assistance without Diet approval or a bilateral acquisition and cross-servicing agreement, or ACSA.

The government is considering amending the SDF law to allow such logistic support to be extended under bilateral understandings between Japan and recipient countries, according to the officials.

Show more