Category Archives: Belgium Attack

How Terrorists use Encryption

Posted on by

 

How Terrorists Use Encryption

June 16, 2016

Author(s): Robert Graham

CTC: Abstract: As powerful encryption increasingly becomes embedded in electronic devices and online messaging apps, Islamist terrorists are exploiting the technology to communicate securely and store information. Legislative efforts to help law enforcement agencies wrestle with the phenomenon of “going dark” will never lead to a return to the status quo ante, however. With the code underlying end-to-end encryption now widely available, unbreakable encryption is here to stay. However, the picture is not wholly bleak. While end-to-end encryption itself often cannot be broken, intelligence agencies have been able to hack the software on the ends and take advantage of users’ mistakes.

Counterterrorism officials have grown increasingly concerned about terrorist groups using encryption in order to communicate securely. As encryption increasingly becomes a part of electronic devices and online messaging apps, a range of criminal actors including Islamist terrorists are exploiting the technology to communicate and store information, thus avoiding detection and incrimination, a phenomenon law enforcement officials refer to as “going dark.”

Despite a vociferous public debate on both sides of the Atlantic that has pitted government agencies against tech companies, civil liberties advocates, and even senior figures in the national security establishment who have argued that creation of “backdoors”[1] for law enforcement agencies to retrieve communications would do more harm than good, there remains widespread confusion about how encryption actually works.[a]

Technologists have long understood that regulatory measures stand little chance of rolling back the tide. Besides software being written in other countries (and beyond local laws), what has not been fully understood in the public debate is that the “source code” itself behind end-to-end encryption is now widely available online, which means that short of shutting down the internet, there is nothing that can be done to stop individuals, including terrorists, from creating and customizing their own encryption software.

The first part of this article provides a primer on the various forms of encryption, including end-to-end encryption, full device encryption, anonymization, and various secure communication (operational security or opsec) methods that are used on top of or instead of encryption. Part two then looks at some examples of how terrorist actors are using these methods.

Part 1: Encryption 101 

End-to-End Encryption
A cell phone already uses encryption to talk to the nearest cell tower. This is because hackers could otherwise eavesdrop on radio waves to listen in on phone calls. However, after the cell tower, phone calls are not encrypted as they traverse copper wires and fiber optic cables. It is considered too hard for nefarious actors to dig up these cables and tap into them.

In a similar manner, older chat apps only encrypted messages as far as the servers, using what is known as SSL.[b] That was to defeat hackers who would be able to eavesdrop on internet traffic to the servers going over the Wi-Fi at public places. But once the messages reached the servers, they were stored in an unencrypted format because at that point they were considered “safe” from hackers. Law enforcement could still obtain the messages with a court order.

Newer chat apps, instead of encrypting the messages only as far as the server, encrypt the message all the way to the other end, to the recipient’s phone. Only the recipients, with a private key, are able to decrypt the message. Service providers can still provide the “metadata” to police (who sent messages to whom), but they no longer have access to the content of the messages.

The online messaging app Telegram was one of the earliest systems to support end-to-end encryption, and terrorists groups such as the Islamic State took advantage.[2] These days, the feature has been added to most messaging apps, such as Signal, Wickr, and even Apple’s own iMessage. Recently, Facebook’s WhatsApp[3] and Google[4] announced they will be supporting Signal’s end-to-end encryption protocol.

On personal computers, the software known as PGP,[c] first created in the mid-1990s, reigns supreme for end-to-end encryption. It converts a message (or even entire files) into encrypted text that can be copy/pasted anywhere, such as email messages, Facebook posts, or forum posts. There is no difference between “military grade encryption” and the “consumer encryption” that is seen in PGP. That means individuals can post these encrypted messages publicly and even the NSA is unable to access them. There is a misconception that intelligence agencies like the NSA are able to crack any encryption. This is not true. Most encryption that is done correctly cannot be overcome unless the user makes a mistake.

Such end-to-end encryption relies upon something called public-key cryptography. Two mathematically related keys are created, such that a message encrypted by one key can only be decrypted by the other. This allows one key to be made public so that one’s interlocutor can use it to encrypt messages that the intended recipient can decrypt through the private-key.[d] Al-Qa`ida’s Inspire magazine, for example, publishes its public-key[5] so that anyone using PGP can use it to encrypt a message that only the publishers of the magazine can read.

Full Device Encryption
If an individual loses his iPhone, for example, his data should be safe from criminals.[e] Only governments are likely to have the resources to crack the phone by finding some strange vulnerability. The FBI reportedly paid a private contractor close to $1 million to unlock the iPhone of San Bernardino terrorist Syed Rizwan Farook.[6]

The reason an iPhone is secure from criminals is because of full device encryption, also full disk encryption. Not only is all of the data encrypted, it is done in a way that is combined or entangled[7] with the hardware. Thus, the police cannot clone the encrypted data, then crack it offline using supercomputers to “brute-force” guess all possible combinations of the passcode. Instead, they effectively have to ask the phone to decrypt itself, which it will do but slowly, defeating cracking.[f]

Android phones work in much the same manner. However, most manufacturers put less effort into securing their phones than Apple. Exceptions are companies like Blackphone, which explicitly took extra care to secure their devices.

Full disk encryption is also a feature of personal computers. Microsoft Windows comes with BitLocker, Macintosh comes with FileVault, and Linux comes with LUKS. The well-known disk encryption software TrueCrypt works with all three operating systems as does a variation of PGP called PGPdisk. Some computers come with a chip called a TPM[g] that can protect the password from cracking, but most owners do not use a TPM. This means that unless they use long/complex passwords, adversaries will be able to crack their passwords.

CIA Brennan’s Chilling Statements in Testimony

Posted on by

Update, Jo Cox died of her injuries from the terror attack. See below.

NYPost: CIA Director John Brennan told Congress on Thursday that the Islamic State remains “formidable” and “resilient,” is training and attempting to deploy operatives for further attacks on the West and will rely more on guerrilla-style tactics to compensate for its territorial losses in the Middle East.

Giving the Senate intelligence committee an update on the threat from extremists, Brennan said IS has been working to build an apparatus to direct and inspire attacks against its foreign enemies, as in the recent attacks in Paris and Brussels — ones the CIA believes were directed by IS leaders.

“ISIL has a large cadre of Western fighters who could potentially serve as operatives for attacks in the West,” Brennan said, using another acronym for the group. He said IS probably is working to smuggle them into countries, perhaps among refugee flows or through legitimate means of travel.

Brennan also noted the group’s call for followers to conduct so-called lone-wolf attacks in their home countries. He called the attack in Orlando a “heinous act of wanton violence” and an “assault on the values of openness and tolerance” that define the United States as a nation.

Brennan said the CIA is sharing intelligence with the FBI to help identify potential lone-wolf attackers, but the CIA’s responsibility is to gather information about operations overseas.

More Islamic State fighters worldwide than al Qaeda at its height: CIA director

Reuters: The director of the U.S. Central Intelligence Agency, John Brennan, said on Thursday there were tens of thousands of Islamic State fighters around the world, more than al Qaeda at its height.

He also told a Senate Intelligence Committee hearing that the agency was concerned about the growth of Libya as a base of operations for Islamic State militants, who had 5,000-8,000 fighters there, although the group’s fighters in Iraq and Syria had dropped to 18,000 to 22,000 from 19,000 to 25,000.

“I am concerned about the growth of Libya as another area that could serve as the basis for ISIL to carry out attacks inside of Europe… that is very concerning,” Brennan said, using an alternative acronym for the Islamic State militant group.

Questioned about the broader crisis, Brennan told lawmakers he believed the government of Syrian President Bashar al-Assad had been strengthened with Russia’s support.

“A year ago, (Assad) was on his back foot as the opposition forces were carrying out operations that were really degrading the Syrian military. He is in a stronger position than he was in June of last year” as a result of Russian support, Brennan said.

Just two days ago, Obama held a national security team meeting and then a presser stating the major gains being made against Islamic State. When the same day, MSNBC questions that statement from an on the ground in Turkey, we know we are being oversold on this national security threat.

***** Meanwhile, during this ridiculous gun control debate as a solution to terrorists, it seems that a knife and a gun was used in an attack on a member of the UK Parliament. Europe has exceptionally tight gun control laws.

Labour MP Jo Cox in critical condition after being shot and stabbed

Guardian: Jo Cox, the MP for Batley and Spen, is in a critical condition after being shot and stabbed multiple times in her West Yorkshire constituency.

Armed officers responded to the attack near a library in Birstall on Thursday afternoon, and a 52-year-old man was arrested in the area, police confirmed.

Jo Cox, the Labour MP for Batley and Spen.

They added that the Labour politician had suffered “serious injuries and is in a critical condition”. She has been taken by helicopter to Leeds general infirmary.

Police also confirmed a man in his late 40s to early 50s nearby suffered slight injuries in the incident.

Witnesses said the attack was launched after the MP became involved in an altercation involving two men near her weekly advice surgery. A Labour source confirmed Cox was shot and stabbed after she had concluded the drop-in session for constituents at around 1pm.

The scene pictures in Birstall, West Yorkshire.

The shopkeeper in a greengrocer opposite Birstall Library, Golden D’Licious, told the Guardian that he believed the attacker had been waiting for the MP outside the library.

“I was inside the shop and all I heard was a scream and then the gunshot,” he said, without giving his name. “I went out and everyone was dispersing. I couldn’t see because it happened behind a car.”

But witness Hithem Ben Abdallah, 56, who was in the cafe next door to the library shortly after 1pm, said he the MP involved in an altercation between two arguing men.

He told PA a man in a baseball cap “suddenly pulled a gun from his bag” and after a brief scuffle with another man the MP became involved.

He added: “He was fighting with her and wrestling with her and then the gun went off twice and then she fell between two cars and I came and saw her bleeding on the floor.”

 

Police close to the scene in Birstall, Yorkshire.

Belgium Warnings of Imminent Terror Attacks

Posted on by

      FBL-EURO-2016-SECURITY-FAN-ZONE

By AFP Belgium, France face ‘imminent’ terror attacks — report

A Belgian soldier patrols the shopping centre City2 in central Brussels, Belgium, on Wednesday (Reuters photo)

JordanTimes: BRUSSELS — A fresh wave of Daesh terror group’s militants has left Syria and could commit attacks imminently in France and Belgium, Belgian police have been warned, according to media reports on Wednesday.

“Fighters traveling without passports left Syria about a week and a half  ago in order to reach Europe by boat via Turkey and Greece,” a memo sent to police and security services across Belgium said, according to La Derniere Heure newspaper.

The militants were traveling armed and plan to carry out attacks in groups of two the memo is reported to have said.

Their action is imminent,” the memo added, without giving the total of suspected attackers.

Belgium’s OCAM national crisis centre in a statement did not deny the report, but said the information needed to be looked at further.

The information reported by the media “is non-contextualised and, as such, has not made a direct impact on the current level of threat” in Belgium.

Belgium’s terror alert is currently at the second-highest level of three, which means a threat is possible and likely.

Belgium is still reeling from Daesh suicide bombings at Brussels airport and on the city’s metro on March 22 which killed 32 people and wounded hundreds more.

They came five months after militants, many of them from Brussels, carried out gun and bombing attacks in Paris on November 13, killing 130 people and wounding hundreds more.

France, which is hosting the Euro 2016 football championships, is on maximum alert after an assailant previously convicted for jihadism killed a police officer and his partner on Monday.

The attacker told police negotiators before being gunned down that he had sworn loyalty to Daesh three weeks earlier.

It was not immediately clear how seriously French and Belgian authorities were treating the threat. French authorities told local newspapers that such warnings are relatively common.

“According to the information received, these people could already in be in possession of the necessary weapons and their action could be imminent,” the alert said, according to the Belgian Dernière Heure newspaper.

The attackers were expected to split into two groups, one heading toward France and the other toward Belgium, and to conduct attacks in pairs, the alert said. It offered no details on the basis of the information.

Belgian counterterrorism police declined to comment. Belgium’s security threat coordination center has not raised its threat level, which is currently set at three out of four levels, with the fourth being the expectation of an imminent attack.

The group was planning to travel from Syria into Europe via boat from Turkey to Greece, without passports, according to the alert.

Possible Belgian targets include a Brussels shopping center, an American fast-food chain and a police station, the newspaper reported.

On Monday, an attacker claiming loyalty to the Islamic State killed a police captain and his partner, who worked at a police department outside Paris. The assailant was killed in a police raid.

Amid numerous public memorials for the slain couple, President François Hollande called for international unity to face a “long war” against terrorism.

This battle, he said in an address at the Elysee Palace, is “not just in a few countries but in the world. Everyone can be concerned.”

In an interview on France Inter radio, French Prime Minister Manuel Valls predicted the fight could take decades.

“Other innocent people will die,” Valls said. “It is very hard to say. People can accuse me — and I completely understand — of making the society even more fearful than it already is today with these events. But, unfortunately, this is the reality. It will take a generation.”

Officials added that it was unclear whether there was any link to the murder of a senior policeman and his partner on Monday by a man who pledged allegiance to IS.

For DHS, Terror Attacks are Really Just Violent Extremism

Posted on by

  

Press Release

Statement By Secretary Johnson On The New NTAS Bulletin

June 15, 2016 — In December 2015, I announced the revision of the Department of Homeland Security’s National Terrorism Advisory System, or “NTAS,” to include an intermediate level NTAS “Bulletin.” We then issued a new NTAS Bulletin at the same time. The duration of the December Bulletin was six months, and expires tomorrow.

June 15, 2016

Statement By Secretary Johnson On The New NTAS Bulletin

National Terrorism Advisory System Bulletin

Date Issued:  Wednesday, June 15, 2016
View as PDF:  National Terrorism Advisory System Bulletin – June 15, 2016 (pdf, 1 page, 876.65KB)

Summary

In December, we described a new phase in the global threat environment, which has implications on the homeland. This basic assessment has not changed. In this environment, we are particularly concerned about homegrown violent extremists who could strike with little or no notice. The tragic events of Orlando several days ago reinforce this. Accordingly, increased public vigilance and awareness continue to be of utmost importance. This bulletin has a five-month duration and will expire just before the holiday season. We will reassess the threats of terrorism at that time.

Duration

Issued:  June 15, 2016
Expires:  November 15, 2016

Details

  • Since issuing the first Bulletin in December, our concerns that violent extremists could be inspired to conduct attacks inside the U.S. have not diminished.
  • Though we know of no intelligence that is both specific and credible at this time of a plot by terrorist organizations to attack the homeland, the reality is terrorist-inspired individuals have conducted, or attempted to conduct, attacks in the United States.
  • DHS is especially concerned that terrorist-inspired individuals and homegrown violent extremists may be encouraged or inspired to target public events or places.
  • As we saw in the attacks in San Bernardino, Paris, Brussels, and, most recently, Orlando, terrorists will consider a diverse and wide selection of targets for attacks.
  • Terrorist use of the Internet to inspire individuals to violence or join their ranks remains a major source of concern.
  • In the current environment, DHS is also concerned about threats and violence directed at particular communities and individuals across the country, based on perceived religion, ethnicity, nationality or sexual orientation.

U.S. Government Counterterrorism Efforts

  • DHS and the FBI continue to provide guidance to state and local partners on increased security measures.  The public may observe an increased law enforcement and security presence across communities, in public places and at events in the months ahead. This may include additional restrictions and searches on bags, more K-9 teams, and the use of screening technologies.
  • The FBI is investigating potential terrorism-related activities associated with this broad threat throughout the United States.  Federal, state, and local authorities are coordinating numerous law enforcement actions and conducting community outreach to address this evolving threat.

Types of Advisories

Bulletin

Describes current developments or general trends regarding threats of terrorism.

Elevated Alert

Warns of a credible terrorism threat against the United States.

Imminent Alert

Warns of a credible, specific and impending terrorism threat against the United States.

How You Can Help

  • Report suspicious activity to local law enforcement or public safety officials who are best positioned to respond and offer specific details on terroristic indicators.
  • Suspicious activity or information about a threat may also be reported to Fusion Centers and the FBI’s Field Offices – part of the Nationwide Suspicious Activity Reporting Initiative.
  • Learn how to recognize signs of pre-operational planning associated with terrorism or other criminal activity.

Be Prepared

  • Be prepared for increased security and plan ahead to anticipate delays and restricted/prohibited items.
  • In populated places, be responsible for your personal safety. Make a mental note of emergency exits and locations of the nearest security personnel. Keep cell phones in your pockets instead of bags or on tables so you don’t lose them during an incident. Carry emergency contact details and any special needs information with you at all times. For more visit Ready.

Stay Informed

  • The U.S. Government will provide additional information about any emerging threat as additional information is identified. The public is encouraged to listen to local law enforcement and public safety officials.
  • We urge Americans to continue to travel, attend public events, and freely associate with others but remain vigilant and aware of surroundings.
  • The Department of State issues international travel alerts and warnings.

If You See Something, Say Something™. Report suspicious activity to local law enforcement or call 911.

Orlando Jihadi was Known to FBI, Kill List

Posted on by

West LAArrest just made in Los Angeles. Why? ****

The shooter worked for G4S, a corrupt company this site wrote about last week.

Caliphate kill list was distributed via the app called Telegram and that is an encrypted platform. More data is here.

 

The ex-wife said she met Omar Mateen online about eight years ago and decided to move to Florida and marry him.

At first, the marriage was normal, she said, but then he became abusive. He has a 3 year old son.

“He was not a stable person,” said the ex-wife, who spoke on the condition of anonymity because she feared for her safety in the wake of the mass shooting. “He beat me. He would just come home and start beating me up because the laundry wasn’t finished or something like that.” More here from WaPo.

TCPalm: Mateen has multiple ties to the Treasure Coast. Here are the local connections:

  •  Mateen, born in New York, lived in an apartment complex in the 2500 block of South 19th Street in Fort Pierce. Law enforcement was at the complex Sunday.
  •  He also received mail at his parents’ home in the 900 block of Southwest Bayshore Boulevard in Port St. Lucie. Law enforcement remained at the home Sunday with his family.
  •  He received degrees in science in 2006 and 2007 from Indian River State College. However, further details about how long he attended the school were unavailable.
  • He attended his freshman year of high school at Martin County High School. It’s unclear whether he attended MCHS after that.
  •  Mateen married Sitora Yusufiy of Port St. Lucie in 2009, according to court documents. They divorced two years later in 2011, St. Lucie County court records show.
  •  Mateen has no state criminal record, according to Florida Department of Law Enforcement records.

Omar Mateen's freshman year high school yearbook photo at Martin County High School.

Omar Mateen’s freshman year high school yearbook photo at Martin County High School.

Omar Mateen’s father was an activist for the Taliban. Note the radio network that gave him airtime, Payem e Afghan, a radio show in California called Durand Jirga. (video link) Much more on the father being a full supporter of the Taliban here.

Omar worked security at a juvenile facility.

Islamic State (ISIS) has put out an official statement;

Pulse

Omar was investigated twice. He was a state licensed security guard and owned the weapon legally. Born in New York of Afghan parents. He was married to a woman from Uzbekistan.

Governor Scott declared a state of emergency.

Rep Schiff, top Dem on House Intel, says on CNN he was told shooter made pledge of allegiance to ISIL,cautions still early in investigation.

Omar Mateen Terrorist was 29-Year-Old Islamic Radical (PHOTO)

0612-omar-mateen-picture-01

The killer in the Orlando nightclub slaughter is 29-year-old Omar Mateen.  TMZ has done a records search and found he held a Florida security officer license and a state firearms license.

He’s an American citizen and he has family that are not — his parents are Afghan.  Authorities say he was a terrorist and was targeting gays.  They say in addition to terrorism this is a hate crime.

Authorities also believe he is part of the radical Islam movement, although they do not know if it was an organized attack or if he was a lone wolf.   Authorities also believe Mateen specifically targeted a gay club.

Mateen’s father told NBC News, “This has nothing to do with religion.”  He says his son became angry after seeing 2 men kissing a few months ago in Miami, and he speculates that could have triggered his decision to kill.

Law enforcement says Mateen was well prepared, with an assault weapon, a handgun and 2 suspicious devices.

The NYPD tells TMZ, Mateen has no association with the department, and that the shirts he was photographed in were unofficial garments that could be purchased at any store.

50 people were murdered and another 53 injured inside Pulse nightclub in Orlando.  It’s the biggest slaughter at the hands of a gunman in American history.

Take a look at the pic below … it’s a police helmet with a bullet hole.  The helmet saved the officer’s life, although he suffered facial injuries.

0612-orlando-shooting-officer-helmet-TWITTER-01Police descended on Mateen’s home to search shortly after the massacre. More here from TMZ

The gunman entered the crowded Pulse nightclub, a popular gay club, on Sunday night and opened fire before dying in a gunfight with SWAT officers. Orlando Police Chief John Mina said the suspect took hostages before law enforcement officials took out the shooter.

******

We were warned but who heard those warnings?

ISIS ‘kill list’ targets Palm Beach, Treasure Coast residents: Ex-FBI agent

WWMT: A pro-Isis group has released a hit list with the names of more than 8,000 peoplemostly Americans.

More than 600-people live in Florida, and one security expert believes that many of those targeted live in Palm Beach County and on the Treasure Coast.

The “United Cyber Caliphate” that hacked U.S. Central Command, 54,000 Twitter accounts and threatened President Barack Obama is the same pro-Isis group that’s reportedly created a “kill list” with the names, addresses and emails of thousands of civilian Americans.

Reports of the list came to light online when Vocativ reported the list was shared via the encrypted app, Telegram, and called on supporters to kill.

Former FBI agent-turned lawyer Stuart Kaplan says the threat is especially alarming, because the people on this list are civilians who don’t have the security necessary to protect themselves.

“It’s going to create some hysteria,” he said.

Kaplan believes civilians from our community are on the list.

“I would suspect a head of a hospital or, perhaps, a local community leader. Those are the individuals that may appear on the list–or just a local banker or local school teacher–someone who, for some reason, was in the public eye.”

Kaplan is concerned the list will inspire “lone wolf” style attacks.

“If in fact a sympathizer gets ahold of this list and is readily able to identify you as being his neighbor and, then, decides (because they’re a sympathizer) to go out and do something horrific to you, there is no way to calculate the potential or to prevent that.”

The list has not yet been made public.

We reached out to the FBI, the Palm Beach County Sheriff’s Office and Martin County Sheriff’s Office to see how credible they view the threat and what action they might be taking.

We are awaiting their response.

According to the Martin County Sheriffs office,the FBI is aware of this and the agency will work closely with the Joint-Terrorism Task Force to keep citizens safe.

Pulse1