Category Archives: Cyber War

ISIS Built Their Network in Front of Europe’s Face

Posted on by

How ISIS built the machinery of terror under Europe’s gaze

TimesofIndia: The day he left Syria with instructions to carry out a terrorist attack in France, Reda Hame, 29, a computer technician from Paris, had been a member of the Islamic State for just over a week.

His French passport and his background in information technology made him an ideal recruit for a rapidly expanding group within ISIS that was dedicated to terrorizing Europe. Over just a few days, he was rushed to a park, shown how to fire an assault rifle, handed a grenade and told to hurl it at a human silhouette. His accelerated course included how to use an encryption program called TrueCrypt, the first step in a process intended to mask communications with his ISIS handler back in Syria.

The handler, code-named Dad, drove Hame to the Turkish border and sent him off with advice to pick an easy target, shoot as many civilians as possible and hold hostages until the security forces made a martyr of him.

“Be brave,” Dad said, embracing him.

Hame was sent out by a body inside the Islamic State that was obsessed with striking Europe for at least two years before the deadly assaults in Paris last November and in Brussels this month. In that time, the group dispatched a string of operatives trained in Syria, aiming to carry out small attacks meant to test and stretch Europe’s security apparatus even as the most deadly assaults were in the works, according to court proceedings, interrogation transcripts and records of European wiretaps obtained by The New York Times.

Related reading: Terror in Europe: Safeguarding U.S. Citizens At Home And Abroad
Officials now say the signs of this focused terrorist machine were readable in Europe as far back as early 2014. Yet local authorities repeatedly discounted each successive plot, describing them as isolated or random acts, the connection to the Islamic State either overlooked or played down.

“This didn’t all of a sudden pop up in the last six months,” said Michael T Flynn, a retired Army lieutenant general who ran the Defense Intelligence Agency from 2012 to 2014. “They have been contemplating external attacks ever since the group moved into Syria in 2012.”

Hame was arrested in Paris last August, before he could strike, one of at least 21 trained operatives who succeeded in slipping back into Europe. Their interrogation records offer a window into the origins and evolution of an Islamic State branch responsible for killing hundreds of people in Paris, Brussels and beyond.

European officials now know that Dad, Hame’s handler, was none other than Abdelhamid Abaaoud, the Belgian operative who selected and trained fighters for plots in Europe and who returned himself to oversee the Paris attack, the deadliest terrorist strike on European soil in over a decade.

 

The people in Abaaoud’s external operations branch were also behind the Brussels attacks, as well as a foiled attack in a suburb of Paris last week, and others are urgently being sought, Belgian and French officials say.

“It’s a factory over there,” Hame warned his interlocutors from France’s intelligence service after his arrest. “They are doing everything possible to strike France, or else Europe.”

For much of 2012 and 2013, the jihadi group that eventually became the Islamic State was putting down roots in Syria. Even as the group began aggressively recruiting foreigners, especially Europeans, policymakers in the United States and Europe continued to see it as a lower-profile branch of al-Qaida that was mostly interested in gaining and governing territory.

One of the first clues that the Islamic State was getting into the business of international terrorism came at 12:10 p.m. on Jan. 3, 2014, when the Greek police pulled over a taxi in the town of Orestiada, less than four miles from the Turkish border. Inside was a 23-year-old French citizen named Ibrahim Boudina, who was returning from Syria. In his luggage, the officers found 1,500 euros, or almost $1,700, and a French document titled “How to Make Artisanal Bombs  in the Name of Allah.”

But there was no warrant for his arrest in Europe, so the Greeks let him go, according to court records detailing the French investigation.

Boudina was already on France’s watch list, part of a cell of 22 men radicalized at a mosque in the resort city of Cannes. When French officials were notified about the Greek traffic stop, they were already wiretapping his friends and relatives. Several weeks later, Boudina’s mother received a call from a number in Syria. Before hanging up, the unknown caller informed her that her son had been “sent on a mission,” according to a partial transcript of the call.

The police set up a perimeter around the family’s apartment near Cannes, arresting Boudina on February 11, 2014.

In a utility closet in the same building, they found three Red Bull soda cans filled with 600 grams of TATP, the temperamental peroxide-based explosive that would later be used to deadly effect in Paris and Brussels.

It was not until nearly two years later, on Page 278 of a 359-page sealed court filing, that investigators revealed an important detail: Boudina’s Facebook chats placed him in Syria in late 2013, at the scene of a major battle fought by a group calling itself the “Islamic State in Iraq and Syria.”

According to a brief by France’s domestic intelligence agency, he was the first European citizen known to have traveled to Syria, joined the Islamic State and returned with the aim of committing terrorism. Yet his ties to the group were buried in French paperwork and went unconnected to later cases.

Including Boudina, at least 21 fighters trained by the Islamic State in Syria have been dispatched back to Europe with the intention of causing mass murder, according to a Times count based on records from France’s domestic intelligence agency. The fighters arrived in a steady trickle, returning alone or in pairs at the rate of one every two to three months throughout 2014 and the first part of 2015.

Like the killers in Paris and Brussels, all of these earlier operatives were French speakers — mostly French and Belgian citizens, alongside a handful of immigrants from former French colonies, including Morocco.

They were arrested in Italy, Spain, Belgium, France, Greece, Turkey and Lebanon with plans to attack Jewish businesses, police stations and a carnival parade. They attempted to open fire on packed train cars and on church congregations. In their possession were box cutters and automatic weapons, walkie-talkies and disposable cellphones, as well as the chemicals to make TATP.

Most of them failed. And in each instance, officials failed to catch — or at least to flag to colleagues — the men’s ties to the nascent Islamic State.
In one of the highest-profile instances, Mehdi Nemmouche returned from Syria via Frankfurt, Germany, and made his way by car to Brussels, where on May 24, 2014, he opened fire inside the Jewish Museum of Belgium, killing four people. Even when the police found a video in his possession, in which he claims responsibility for the attack next to a flag bearing the words “Islamic State of Iraq and Syria,” Belgium’s deputy prosecutor, Ine Van Wymersch, dismissed any connection.

“He probably acted alone,” she told reporters at the time.
Among the clearest signs of the Islamic State’s growing capacity for terrorist attacks is its progress in making and deploying bombs containing triacetone triperoxide, or TATP.

 

 

Cyber Intrusions on U.S. Voter Databases Point to Russia

Posted on by

Read the 4 page report here: Russia hacks Voter Databases

NextGov: The FBI warned election officials to enhance the security of systems after it found evidence foreign hackers penetrated databases in two state systems, Yahoo reports.

An Aug. 18 bulletin from the FBI’s Cyber Division stated hackers were able to exploit a Structured Query Language injection vulnerability to exfiltrate data from one state’s Board of Election website in July and attempted intrusions on another’s in August. The FBI alert lists eight IP addresses for the perpetrators and one used in both incidents, indicating the attacks could be linked.

The methods, tools and a previously flagged IP address resemble other suspect Russian state-sponsored attacks, an expert told Yahoo News.

Election security has been a hot-button issue a series of suspected Russian-sponsored attacks compromised the Democratic Party and media organizations allegedly to sway voter opinion. Earlier this month, Homeland Security Secretary Jeh Johnson suggested the federal government label elections systems as critical infrastructure.

The FBI issued the bulletin three days after Johnson had a call with representatives from National Association of Secretaries of State and U.S. Election Assistance Commission to offer DHS assistance addressing cybersecurity risks within each state’s election systems.

At the time of the call, per Johnson, DHS was not aware of any credible cyberthreats related to 2016 general election systems. Some swing states declined DHS’ assistance, including Georgia and Pennsylvania, stating they will rely on in-house security crews.

The FBI bulletin asks states and election boards to review activity logs for similar tools and techniques, and report them to local FBI field offices.

****

Homeland Security Secretary Jeh Johnson has promised state election officials his department’s assistance addressing cybersecurity risks within each state’s election systems.

Johnson made the remarks in a conference call with representatives from National Association of Secretaries of State, U.S. Election Assistance Commission and representatives from various federal agencies, including the Justice Department and the National Institute of Standards and Technology.

In an Aug. 15 readout of the call published by DHS, Johnson encouraged state election officials to implement recommendations from NIST and other bodies, such as ensuring electronic voting machines are disconnected from the internet during voting. Johnson said DHS has been exploring whether to designate electoral systems as critical infrastructure—and thus elevating its priority for protecting—in its discussions.

Russia Helping Tehran Protect Fordow Nuclear Facility

Posted on by

This is rather old news until the actual deployment, yet John Kerry and Europe has not sanctioned Russia and Iran must be only doing peaceful activities at Fordow, which is built inside a mountain.

Iran began constructing the Fordow uranium enrichment facility in secret as early as 2006.  It was publicly revealed by U.S. President Barack Obama, French President Nicolas Sarkozy, and British Prime Minister Gordon Brown in September 2009, shortly after these nations presented evidence of the facility to the International Atomic Energy Agency (IAEA).  The facility appears to be a repurposed tunnel complex, with the main enrichment halls buried within a mountain in order to harden the facility against a potential military strike.  Satellite imagery dates the construction of the facility to a period between June 2006 and July 2007, while Iran has told the IAEA that it began to build the facility during the second half of 2007.  After the disclosure of the plant’s existence, Iran downplayed its role in its nuclear program, moving slowly to install the planned number of centrifuges at the site.  In mid-2011, it announced it would install advanced centrifuges at the FFEP rather than IR-1 centrifuges. The facility is designed to hold approximately 3,000 centrifuges. It never installed advanced centrifuges in the facility, but instead deployed the IR-1 model.

The Fordow site has two enrichment halls, Units 1 and 2, each designed to hold 8 cascades of 174 centrifuges per cascade. Iran fully outfitted the facility in late 2012 – early 2013.

On June 8, 2011, Iran announced that it planned to move its production of 19.75% enriched uranium from the Natanz Pilot Fuel Enrichment Plant (PFEP) to the FFEP, and that it would enrich 3.5% low-enriched uranium produced at the Fuel Enrichment Plant at Natanz. Since February 2013, Iran has produced 19.75 percent enriched uranium at the FFEP using sets of tandem cascades to enrich uranium to 19.75 percent and strip the tails to natural uranium (0.711 percent). Iran claims that the 19.75 percent enriched uranium produced in this facility will be used to produce medical isotopes in the Tehran Research Reactor.

TEHRAN, Aug. 29 (MNA) – The first footage showing the deployment of S-300 missile defense system at Fordow nuclear site was aired Sunday, August 28. The footage was shown following Ayat. Khamenei’s speech in which he stressed the defensive nature of the system and the necessity for upgrading the country’s defense capabilities.

Iran deploys long-range missiles to Fordo nuclear site

Iranian students form a human chain during a protest to defend their country’s nuclear program outside the Fordo Uranium Conversion Facility in Qom in 2013 (AFP Photo/Chavosh Homavandi)

Tehran (AFP) – Tehran has deployed a recently delivered Russian-made long-range missile system to central Iran to protect its Fordo nuclear facility, state television said Sunday.

Protecting nuclear facilities is paramount “in all circumstances” General Farzad Esmaili, the commander of Iran’s air defences, told the IRIB channel.

“Today, Iran’s sky is one of the most secure in the region,” he added.

A video showed an S-300 carrier truck in Fordo, raising its missile launchers toward the sky, next to other counter-strike weaponry.

The images were aired hours after supreme leader Ayatollah Ali Khamenei gave a speech to air force commanders, including Esmaili, in which he stressed that Iranian military power was for defensive purposes only.

“Continued opposition and hype on the S-300 or the Fordo site are examples of the viciousness of the enemy,” Khamenei said.

“The S-300 system is a defence system not an assault one, but the Americans did their best for Iran not to get hold of it.”

The Fordo site, built into a mountain near the city of Qom has stopped enriching uranium since the January implementation of a nuclear deal with world powers.

Under the historic accord, Iran dismantled most of its estimated 19,000 centrifuges — giant spinning machines that enrich uranium, keeping only 5,000 active for research purposes.

Iran and the United States, Britain, China, France, Germany and Russia negotiated for more than two years before signing a historic July 2015 agreement that removed some international sanctions in return for curbs on Tehran’s controversial atomic programme.

Iran Evaded Sanctions with Venezuela’s Help

Posted on by

New evidence Iran evaded sanctions, continued nuclear weapons development with Venezuela

ForeignNewsDesk: New evidence suggests Iran received help from Venezuela with its nuclear program despite a decade of U.N.-mandated sanctions aimed at curbing the rouge regime’s controversial nuclear and ballistic missile programs.

iran_venezuela_nuclear

A 2009 document obtained by Brazil’s leading weekly, Veja magazine, shows late dictator President Hugo Chavez signing off on the release of funds to help Iran with its nuclear ambitions.

Specifically, the document states the funds were to be designated for the import of equipment for a gunpowder factory and the development of production plants for nitroglycerin and nitrocellulose, elements used in rocket propulsion for Iran’s government. There is also the suggestion that Chavez may have helped Iran produce rocket motors.

The document provides written proof that Iran successfully continued with its weapons-building program, circumventing what were perceived as ‘watertight’ sanctions.

The revelation comes as Iran’s Foreign Minister Javad Zarif is currently touring South America visiting Bolivia, Chile, Cuba, Ecuador Nicaragua and Venezuela, in what Iranian officials have billed as a “new chapter” in strengthening political and economic ties between Iran and South American countries.

“In my line of work, I can’t believe in coincidences. I can’t believe that $400 million was given to Iran in cash and now Zarif is running through Latin America. The Iranian regime understands that in Latin America corruption can be used to their advantage,” said Joseph M. Humire, executive director of the Center for a Secure Free Society, who points to the long-standing relationship between Venezuela and Hezbollah, Iran’s terror proxy.

Humire is also the co-editor of Iran’s Strategic Penetration of Latin America.

“Latin America is Hezbollah’s biggest cash cow. It would make sense that this is a very strategic visit by Zarif to continue some of Iran’s previous activities which were challenged because of sanctions,” Humire said, adding that Hezbollah has been deeply involved in drug trafficking in Latin America to offset any financial hardship brought about by the sanctions.

As a member state of the United Nations, Venezuela was obliged to cooperate with United Nations Security Council Resolution 1747 that unanimously called for a ban on arm sales to the Islamic republic.

But uncertainties were already high in 2009 when Turkey intercepted a suspicious shipment from Iran to Venezuela containing 22 containers of lab equipment capable of producing explosives but was labelled as “tractor parts.”

Humire, who has long analyzed Iran’s involvement in Latin America has studied twenty different transactions between the two countries in several areas, finding that even those dealings considered legal, were problematic due to the “dual use” that they could present.

“Iran’s secretive military programs go far beyond violating sanctions. It has to do with providing military and industrial support in these countries,” Humire said.

“At the far end of that, you can begin to speculate they are beginning to develop military assets.”

In a 2011 hearing at the U.S. Senate Armed Services Committee, then head of U.S. Southern command General Douglas Fraser told the committee that the U.S. was concerned about weekly flights between Venezuela and Iran dubbed the “Axis of Evil Express,” that could potentially be used to transport terrorists and weapons.

“My concern, as I look at it, is the fact that there are flights between Iran and Venezuela on a weekly basis, and visas are not required for entrance into Venezuela or Bolivia or Nicaragua,” Fraser told the hearing.

Another discrepancy in Iran’s investments in Venezuela, according to Humire, is considering that if the Iranian regime was after economic growth, they would go to “viable countries like Brazil, Colombia, not the ones that are broke, particularly with the heavy instability in Venezuela.”

Congress knows:

Iran Latin America 1

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Iran Latin America 2

 

 

 

 

 

FBI is Holding Internet Class, Who Will Be There?

Posted on by

Related reading: Child Predators The Online Threat Continues to Grow

Take the Safe Online Surfing Internet Challenge

Available Soon for 2016-2017 School Year

What do more than 870,000 students across the nation have in common?

Since 2012, they have all completed the FBI’s Safe Online Surfing (SOS) Internet Challenge. Available through a free website at https://sos.fbi.gov, this initiative promotes cyber citizenship by teaching students in third through eighth grades how to recognize and respond to online dangers through a series of fun, interactive activities.

Anyone can visit the website and learn all about cyber safety, but teachers must sign up their school to enable their students to take the exam and participate in the national competition. Once enrolled, teachers are given access to a secure webpage to enroll their students (anonymously, by numeric test keys) and request their test scores. E-mail customer support is also provided. Top-scoring schools each month are recognized by their local FBI field office when possible. All public, private, and home schools with at least five students are welcome to participate.

Now entering its fifth season, the FBI-SOS program has seen increased participation each year. From September 2015 through May 2016, nearly a half-million students nationwide finished the activities and took the exam. We look forward to even more young people completing the program in the school year ahead. The challenge begins September 1.

Kids Gathered around laptop for Safe Online Surfing Challenge.

The FBI’s Safe Online Surfing (SOS) Internet Challenge for students in third through eighth grades is available at https://sos.fbi.gov.

 

ChicagoTribune: The smartphone is the teen’s conduit to the digital world. But it’s a conduit that runs both directions. Smartphones give bad people unfiltered access to good kids. Sexual predators, pornographers, cyberbullies and scammers can reach out to children without fear of parent intervention, because teens rarely tell their parents who they are talking to or what they are doing online.

But parents are no longer helpless to defend against these digital dangers. Over one million parents have turned to TeenSafe to help them monitor their child’s cell phone activity – without their child even knowing it. Now you can know if your child has been contacted by a sexual predator or has been duped into sexting. Here are five ways that TeenSafe can help you protect your children from digital dangers.

  1. Monitor their text messages – even deleted messages. TeenSafe allows you to read all sent, received and deleted SMS and iMessages without touching your teen’s phone. Just log into your TeenSafe account to access your child’s data.
  2. Track their incoming and outgoing calls. Your TeenSafe subscription gives you access to your teen’s call logs, including contact name, number, date and duration of the call.
  3. Monitor their social media. View your teen’s Instagram posts, read comments and see who’s following your teen with TeenSafe. You can also view their activity on Whatsapp, Kik and Tinder.
  4. Review their browser history. TeenSafe makes it easy for you to see what sites your teen has visited, which ones they’ve bookmarked and who their contacts are.
  5. Follow their phone. TeenSafe can help you monitor your teen in the real world as well as the digital world. You can see the cell phone’s current location on a map, as well as a history of the phone’s location.

USA Today is an advocate of TeenSafe, reporting that “TeenSafe has kept teens out of dangerous situations.” The Memphis affiliate of NBC calls TeenSafe “the ultimate app for preventing cyberbullying.” The TeenSafe app can be downloaded directly to your phone, and is free with your subscription.

Short of taking away your teen’s smartphone, TeenSafe is the best way for parents to protect their children from a growing number of digital dangers.