Daily Archives: January 8, 2018

200,000 Salvadorians Face Termination of Protected Status Program

Posted on by

Back in November of 2017, the Trump administration began dismantling a longstanding humanitarian program known as temporary protected status, leaving hundreds of thousands of Central American immigrants living in heightened fear of deportation.

The program grants temporary visas that allow immigrants to live and work in the U.S. and protects them from being forced to return to their home countries. The U.S. has granted TPS to immigrants from 10 countries, mostly in Central America, for decades. The countries gain the designation after being ravaged by war or natural disasters.

DHS in coordination with the State Department and Health and Human Services is the agency of record in this matter. DHS designates the native country TPS-eligible. The initial period provided is not less than six months and not more than 18 months, but DHS can extend this time if country conditions warrant it.

*** For more information and details on TPS by DHS, go here.

Image result for temporary protective status immigrants photo

The Trump administration is ending special protections for Salvadoran immigrants, forcing nearly 200,000 to leave the country or face deportation, officials said Monday.

El Salvador is the fourth country whose citizens have lost Temporary Protected Status under President Donald Trump, and they have been, by far, the largest beneficiaries of the program, which provides humanitarian relief for foreigners whose countries are hit with natural disasters or other strife.

Two U.S. officials discussed the decision on condition of anonymity with The Associated Press because they were not authorized to speak publicly ahead of the announcement. One official said Salvadorans will have until September 2019 to leave the country or adjust their legal status.

Homeland Security Secretary Kirstjen Nielsen’s decision, while not surprising, will send shivers through parts of Washington, Los Angeles, New York, Houston and other metropolitan areas that are home to large numbers of Salvadorans, who have enjoyed special protection since earthquakes struck the Central American country in 2001. Many have established deep roots in the U.S., starting families and businesses over decades.

It also represents a serious challenge for El Salvador, a country of 6.2 million people whose economy depends on remittances from wage earners in the U.S. Over the last decade, growing numbers of Salvadorans — many coming as families or unaccompanied children — have entered the United States illegally through Mexico, fleeing violence and poverty.

In September 2016, the Obama administration extended protections for 18 months, saying El Salvador suffered lingering harm from the 2001 earthquakes that killed more than 1,000 people and was temporarily unable to absorb such a large number of people. Homeland Security Secretary Kirstjen Nielsen faced a Monday deadline to decide whether to grant another extension.

El Salvador President Salvador Sanchez Ceren spoke by phone Friday with Nielsen to renew his plea to extend status for 190,000 Salvadorans and allow more time for Congress to deliver a long-term fix for them to stay in the U.S.

The decision comes amid intensifying talks between the White House and Congress on an immigration package that may include protections for hundreds of thousands of young immigrants who came to the country as children and were temporarily shielded from deportation under an Obama-era program. Trump said in September that he was ending Deferred Action for Childhood Arrivals, or DACA, but gave Congress until March to act.

The U.S. created Temporary Protected Status in 1990 to provide a safe haven from countries affected by earthquakes, floods, hurricanes, war and other disasters, and it currently shields nearly 320,000 people from 10 countries. There are nearly 440,000 beneficiaries from the 10 countries, including 263,000 from El Salvador, but many have obtained legal status other ways.

The benefit, which includes work authorization, can be renewed up to 18 months at a time by the Homeland Security secretary. Critics say it has proved anything but temporary — with many beneficiaries staying years after the initial justification applies.

Nielsen said last week that short-term extensions are not the answer.

“Getting them to a permanent solution is a much better plan than having them live six months to 12 months to 18 months,” she told the AP.

In November, Nielsen’s predecessor, acting Secretary Elaine Duke, ended the protection for Haitians, requiring about 50,000 to leave or adjust their legal status by July 22, 2019, and for Nicaraguans, giving about 2,500 until Jan. 5, 2019. She delayed a decision affecting more than 50,000 Hondurans, foisting the decision onto Nielsen.

Last year, the Trump administration extended status for South Sudan and ended it for Sudan. Other countries covered are Nepal, Somalia, Syria and Yemen.

Singapore IP Address Hacking the Winter Olympics

Posted on by

BBC: Hackers have attempted to steal sensitive data from groups involved with next month’s Winter Olympics, cyber-security firm McAfee said.

The report found malware-infected emails were sent last month to organisations linked to the Pyeongchang Games.

It did not identify those responsible, but said more attacks tied to the upcoming Olympics were likely.

In similar past attacks, hackers tried to obtain passwords and financial data.

‘Casting net wide’

McAfee said a number of groups associated with the Olympics had received malicious emails – including several affiliated with ice hockey.

“The majority of these organisations had some association with the Olympics, either in providing infrastructure or in a supporting role,” the security firm said.

“The attackers appear to be casting a wide net with this campaign.”

The emails were sent from a Singapore IP address and told readers to open a text document in Korean.

McAfee said the hackers were trying to trick recipients into believing the emails had come from South Korea’s National Counter-Terrorism Center – which at the time was in the process of conducting anti-terror drills in the region.

In some cases the hackers used a technique in known as steganography which hides malware in text and images.

McAfee echoed recent warnings from University of California researchers to expect more cyber-attacks targeting major sporting events.

“With the upcoming Olympics, we expect to see an increase in cyber attacks using Olympics-related themes,” the security firm said.

It comes as Pyongyang prepares to hold official talks with South Korea for the first time in more than two years.

North Korea accepted an offer to attend the meeting on 9 January that will focus on finding a way for its athletes to attend the Games.

***

It uses a previously unseen form of malware designed to hand control of the victim’s machine over to the attackers. Among those sent the messages are individuals associated with the ice hockey tournament at the Games. The attack has been dubbed ‘Operation PowerShell Olympics’ by the researchers at McAfee Labs, who uncovered it taking place in late December.

winter-oympic-phishing.png

The lure document used in the cyber-attacks targeting the South Korea Winter Olympics.

Image: McAfee Labs

During the course of the investigation, researchers discovered a cached Apache server log which showed an IP address from South Korea connecting to the specific URL paths contained in the PowerShell implants, indicating that the intended targets were likely to have been infected.

Further investigation revealed the IP address from the PowerShell implant was connected to an anonymous domain provider based in Costa Rica, with the attacker using this domain to link up to the South Korean Ministry of Agriculture and Forestry, which the attacker has somehow managed to use parts of to carry out the attack.

Researchers are uncertain how many have been infected by the attack, but the campaign is thought to have targeted a wide range of South Korean organisations in the run up to the Winter Olympics. In similar campaigns in the past, victims were targeted for their passwords and financial information.

The phishing document was created on December 22, but rather than containing macros, it uses OLE (Objective Linking and Embedding) streams to carry out the attack. The document has been created by the same author, ‘John’, who created the malicious PowerShell script.

However, despite some evidence about how the attacks took place, researchers haven’t been able to identify the perpetrator — but they do note that whoever is behind the campaign must be fluent in the Korean language and the motive is to gather intelligence about organisations involved in the South Korea-hosted Winter Olympics.

“Technical details alone are often not enough to determine attribution. We are able to ascertain that the attackers have been trained in Korean language to ensure that the targets open the attachment, and the objective seems to be to gather information on the planning, direction and infrastructure related to the Olympics,” said Sherstobitoff.

Researchers warn that in the run up to the Winter Olympics, attackers will continue to use the event as a lure to carry out cyber-attacks.

To avoid falling victim to such attacks — including fileless malware distributed as part of Operation Powershell Olympics — organisations should educate their employees to be mindful of suspicious emails and unexpected attachments. More here from zdnet