Category Archives: Cyber War

Lawsuits Against Facebook Growing

Posted on by

Lauren Price has been on Facebook (FB) for eight years and claims she frequently saw political ads on the social network during the 2016 election. She is suing the companies on behalf of other US Facebook members whose information was also collected by Cambridge Analytica, a data firm that worked with the Trump campaign.

The proposed class-action lawsuit was filed Tuesday at the US District Court in San Jose, California. Price is seeking unspecified damages.

This is the first lawsuit brought by a Facebook user over the Cambridge Analytica news, but others are likely to follow. The lawsuit is part of a growing backlash against both companies.

On Tuesday, Facebook (FB) investor Fan Yuan filed a lawsuit against the company in federal court on behalf of other investors. The suit claims Facebook made “misleading statements” and neglected to disclose details about third-party access to data, which caused the company’s stock price to fall significantly.

Price’s complaint adds that the companies have violated the privacy of million of people in the U.S. alone, and that users now have a higher risk of identity theft as a result.

“There’s going to be a lot of litigation flowing from this,” said attorney Jay Edelson of Edelson PC in Chicago. He is not involved with either case, but his firm does plan on filing related lawsuits in the near future.

“The most direct liability is against Cambridge Analytica. We believe they have violated a host of city, state, and federal laws,” said Edelson. “The case against Facebook is less direct. On the surface, many believe that Facebook acted, perhaps, negligently. We believe we will be able to provide more context to how Cambridge Analytica fits Facebook’s overall business model.” More here from CNN.

*** Facebook Hit with Lawsuit Alleging Privacy Wrongs | PCWorld photo

SAN FRANCISCO

Civil rights groups filed a federal lawsuit Tuesday against Facebook for enabling housing discrimination.

The housing rights activists, led by the National Fair Housing Alliance (NFHA), alleged that Facebook’s ad practices allow landlords and real estate agents to avoid serving housing ads to certain groups of people. The NFHA said landlords are able to avoid showing housing ads to women and families, for example.

“Amid growing public concern in the past weeks that Facebook has mishandled users’ data, our investigation shows that Facebook also allows and even encourages its paid advertisers to discriminate using its vast trove of personal data,” Lisa Rice, NFHA’s president and CEO, said in a statement.

“Facebook’s use and abuse of user data for discriminatory purposes needs to stop. It is already a challenge for women, families with children, people with disabilities and other under-served groups to find housing.”

Earlier this month, it was revealed that a political consultancy group was able to exploit Facebook user data on behalf of the 2016 presidential campaign for Donald Trump. Facebook chief executive Mark Zuckerberg personally apologized, but the social media giant has remained mired in controversy regarding how third parties can access user data.

Shares of Facebook dropped another 4.9 percent Tuesday to close at $152.22. Since the data breach was widely publicized on March 17, the stock has plummeted 18 percent.

The federal lawsuit filed by NFHA alleged that the way Facebook’s ad service is built allows for discrimination when it comes to housing. Landlords can choose not to show ads to certain groups of people based on gender, family status and a series of other qualities.

“Facebook’s platform that excludes these consumers from ever seeing certain ads to rent or buy housing must be changed immediately,” Rice continued.

“Facebook ought to be opening doors to housing opportunities instead of closing them.”

Facebook has not released any comments on the NFHA lawsuit.

Congress Calls for Hearing with Facebook, Twitter and Google

Posted on by

While Cambridge Analytica has a proven shady history as noted below, Facebook has already admitted guilt and offered apologies when it comes to safeguarding private user information and interactions. So, when it comes to social media Facebook, Google and Twitter hold the power. Instagram and SnapChat are quite popular but do not hold the volume of data in comparison.

Now the FTC comes knocking at the door of Facebook.

FTC is investigating Facebook over privacy practices ... photo

***

The stuff you share and the inferences Facebook makes about you are packaged together with similar people’s data, stripped of names and sold to companies. That allows businesses to put ads in front of people they’re certain they can influence.

On Facebook, you are the product. Advertisers are the customer.

Facebook’s not alone. Most advertiser-supported networks sell some of your information to third parties. Google, Microsoft, Yahoo, AOL, Amazon, Twitter and Yelp do the same.

Giving up our privacy is the price we pay for getting to use Facebook for free. Most of the time, that tradeoff works: People take advantage of free services by posting, searching and sharing. Most companies that collect our data use it for legitimate purposes and within the bounds that companies like Facebook permit.

That arrangement has turned Facebook (FB) and Google (GOOGL) into online advertising juggernauts. They have built massive audiences of billions of customers, and advertisers flock to them. Facebook and Google control three-quarters of the $83 billion digital advertising market in the United States, according to eMarketer.

But the customer-is-the-product deal doesn’t always work to the user’s advantage. This weekend, the public learned data company Cambridge Analytica improperly accessed 50 million Facebook users’ personal information to influence the 2016 election.

Internet companies have a financial disincentive to give users more control over their data. If people share less, social networks will earn less money. More here.

In part from Bloomberg:

Fake News

Bell Pottinger’s tactics included producing phony television news reports as well as fake terrorist propaganda videos containing computer code that allowed Western intelligence agencies to track anyone who watched, according to a 2016 report from the London-based Bureau of Investigative Journalism, a not-for-profit reporting organization.

The man who awarded Turnbull’s Bell Pottinger unit its first Iraq contract was Ian Tunnicliffe, then a British colonel who was running strategic communications for the U.K. defense ministry. Tunnicliffe, now retired, has been a member of SCL’s advisory board. He didn’t respond to emails seeking comment.

SCL also stoked ethnic tensions in Eastern Europe and sprayed fake graffiti in the Caribbean, according to the firm’s own sales documents. Its defense business claims in pitch documents to have worked for clients as wide-ranging as the Libyan National Transitional Council, NATO and the U.K. Foreign Office. It says it worked in Pakistan for the U.S. Department of Defense and the U.S. Pacific Command in India on countering radicalization.

SCL recently signed a contract with the U.S. State Department for market research and public-opinion polling, according to a federal procurement database. The one-year contract, signed last week, is worth $496,232, according to the database.

Deep Ties

The firm also has deep ties to the British defense establishment and Conservative Party. Its first chairman was Geoffrey Pattie, a defense minister under Margaret Thatcher. In addition to Tunnicliffe, the advisory board has included retired Rear Admiral John Tolhurst and Ivar Mountbatten, the great-nephew of Louis Mountbatten, the military hero and Queen Elizabeth’s cousin. Jonathan Marland, a former Conservative Party treasurer who served as a minister for business under former Prime Minister David Cameron, is a shareholder.

Marland told the Guardian newspaper he hadn’t had a role in running SCL following his initial investment and had refused requests to introduce the firm to Conservative Party officials.

Roger Gabb, a former British Army officer who later made his fortune as a wine distributor and wholesaler, is also a major SCL shareholder. A founding director who, with his family, still controls about 25 percent of the firm’s shares, Gabb has also been active in the Conservative Party and the campaign for the U.K. to leave the European Union. He donated 500,000 pounds ($705,300) to the party in 2006. In 2016, he was fined 1,000 pounds by the U.K.’s Electoral Commission for failing to disclose that he had helped purchase local newspaper advertisements supporting the leave side in the Brexit referendum. More here.

Trump and Allies Expel Russian Diplomats/Operatives

Posted on by

President Donald Trump ordered 60 Russian diplomats the U.S. considers spies to leave the country and closed Russia’s consulate in Seattle. The closure of the Russian consulate in Seattle due to its proximity to one of our submarine bases and Boeing.” The U.S. officials said more than 100 Russian intelligence agents work under cover as diplomats in the U.S. and described the number as unacceptable. They said the U.S. could take further action in the future. The 60 people expelled from the U.S. include 48 attached to the Russian embassy and 12 at the country’s mission to the United Nations. They have seven days to leave the country, the officials said. More here.

US expels 60 Russian diplomats, shutters Seattle consulate | Ap | tulsaworld.com Russian consulate, Seattle

London (CNN)It’s the biggest collective expulsion of alleged Russian intelligence officers in history, according to British Prime Minister Theresa May.

Diplomats are being kicked out of at least 21 countries16 European Union states, the United States, Canada, Ukraine, Norway and Albania in a coordinated effort that represents a significant diplomatic victory for the UK, which blames Russia for poisoning Sergei Skripal and his daughter, Yulia.
The UK has already expelled 23 Russian diplomats. Moscow retaliated by sending the same number of UK diplomats back, and by shuttering British cultural institutions in the country.
Here’s what each country is doing: 

European Union nations

Croatia: Prime Minister Andrej Plenkovic said Croatia will expel one diplomat.
Czech Republic: The Czech Republic will expel three diplomats, Prime Minister Andrej Babis and Foreign Minister Martin Stropnicky announced a press conference. The Czech Foreign Ministry tweeted that it declared the diplomats “personae non gratae.”
The UK had already expelled 23 Russian diplomats. People were seen hugging at the Russian Embassy in London on March 20.
Denmark: The Foreign Ministry announced two diplomats would be expelled. “We stand shoulder to shoulder with Britain and clearly say no to Russia at a time when Russia is also in threatening and seeking to undermine Western values and the rule-based international order in other areas,” Foreign Minister Anders Samuelsen said.
Estonia: Estonia Foreign Ministry told CNN one Russian diplomat, a Russian defense attaché, will be expelled.
Finland: Finland will expel one diplomat, the Foreign Ministry said.
France: French Foreign Minister Jean-Yves Le Drian announced the expulsion of four diplomats, who must leave the country within a week. He said that the decision followed the European Council’s conclusions that the attack “posed a serious threat to our collective security” and that France was acting “in solidarity with our British partners.”
Germany: The German Foreign Ministry said Monday it would expel four diplomats. “In close coordination within the European Union and with NATO allies, the Federal Government has decided to ask four Russian diplomats to leave Germany within seven days. The request was sent to the Russian Embassy today,” the ministry said in a statement.
Hungary: The Foreign Ministry said Hungary would expel one diplomat over “what has been discussed at the European Council meeting,” adding that the diplomat was “also conducting intelligence activities.”
Italy: The Italian Foreign Ministry says it will expel two Russian diplomats from the embassy in Rome “as a sign of solidarity with the United Kingdom and in coordination with the European partners and NATO.”
Latvia: The Foreign Ministry told CNN it would expel one diplomat and one private citizen who runs the office of a Russian company in the capital, Riga.
Lithuania: Foreign Affairs Minister Linas Linkevicius said on Twitter the country would expel three diplomats “in solidarity with the UK over #SalisburyAttack.” Lithuania would also sanction an additional 21 individuals and ban 23 more from entering the country.
Netherlands: Prime Minister Mark Rutte announced the expulsion of two diplomats, saying the use of chemical weapons was unacceptable.
Poland: Poland’s Ministry of Foreign Affairs said it would expel four diplomats and said the attack showed how “a similar immediate threat to the territory and citizens of EU and NATO member states can happen anywhere.”
Romania: Romania’s Foreign Ministry said on Twitter that one diplomat would be expelled.
Spain: The Foreign Ministry said Spain will expel two diplomats. “From the outset, we have considered the nerve agent attack in Salisbury to be an extremely serious development that represents a significant threat to our collective security and to international law,” the ministry said on Twitter.
Sweden: The Foreign Ministry told CNN it will expel one diplomat.

Non-EU countries

Albania: The Ministry of Foreign Affairs told CNN it will expel two Russian diplomats. In a statement, the ministry said called each diplomat a “persona non grata” and said the pair’s activities were “not compliant to their diplomatic status.”
Canada: Ottawa said it was expelling four Russian diplomats alleged to be intelligence officers “or individuals who have used their diplomatic status to undermine Canada’s security or interfere in our democracy.” Additionally it was refusing three applications by Moscow for additional diplomatic staff. “The nerve agent attack represents a clear threat to the rules-based international order and to the rules that were established by the international community to ensure chemical weapons would never again destroy human lives,” Foreign Minister Chrystia Freeland said.
Norway: The Ministry of Foreign Affairs told CNN it would expel one Russian diplomat in response to the attack. “The use of a nerve agent in Salisbury is a very serious matter,” Norwegian Foreign Minister Ine Eriksen Soreide said in a statement. “Such an incident must have consequences.”
Ukraine: President Petro Poroshenko said Ukraine, which has experienced years of hostility from Russia, including the annexation of Crimea, would expel 13 diplomats. “Russia has again reconfirmed its disdainful attitude to the sovereignty of independent states and the value of human life.”
United States: The White House said it was expelling 60 Russian diplomats identified as intelligence agents and also announced the closure of the Russian consulate in Seattle. It represents the most forceful action Trump has taken against Russia to date. Of those being expelled, 48 of the alleged intelligence agents work at the Russian embassy in Washington and 12 are posted at the United Nations in New York, senior administration officials said.

9 Iranians Charged in Hacking 176 Universities, Intellectual Property

Posted on by

Nine Iranians Charged With Conducting Massive Cyber Theft Campaign On Behalf Of The Islamic Revolutionary Guard Corps

Mabna Institute Hackers Penetrated Systems Belonging to Hundreds of Universities, Companies, and Other Victims to Steal Research, Academic Data, Proprietary Data, and Intellectual Property

Rod J. Rosenstein, the Deputy Attorney General of the United States, Geoffrey S. Berman, the United States Attorney for the Southern District of New York, William F. Sweeney Jr., the Assistant Director-in-Charge of the New York Field Division of the Federal Bureau of Investigation (“FBI”), and John C. Demers, Assistant Attorney General for National Security, announced today the unsealing of an indictment charging GHOLAMREZA RAFATNEJAD, EHSAN MOHAMMADI, ABDOLLAH KARIMA, a/k/a “Vahid Karima,” MOSTAFA SADEGHI, SEYED ALI MIRKARIMI, MOHAMMED REZA SABAHI, ROOZBEH SABAHI, ABUZAR GOHARI MOQADAM, and SAJJAD TAHMASEBI.  The defendants were each leaders, contractors, associates, hackers-for-hire, and affiliates of the Mabna Institute, an Iran-based company that was responsible for a coordinated campaign of cyber intrusions that began in at least 2013 into computer systems belonging to 144 U.S.-based universities, 176 universities across 21 foreign countries, 47 domestic and foreign private sector companies, the United States Department of Labor, the Federal Energy Regulatory Commission, the State of Hawaii, the State of Indiana, the United Nations, and the United Nations Children’s Fund.  Through the activities of the defendants, the Mabna Institute conducted these intrusions to steal over 30 terabytes of academic data and intellectual property from universities, and email inboxes from employees of victim private sector companies, government victims, and non-governmental organizations.  The defendants conducted many of these intrusions on behalf of the Islamic Republic of Iran’s (“Iran”) Islamic Revolutionary Guard Corps (“IRGC”), one of several entities within the government of Iran responsible for gathering intelligence, as well as other Iranian government clients.  In addition to these criminal charges, today the Department of Treasury’s Office of Foreign Assets Control (OFAC) designated the Mabna Institute and the nine defendants for sanctions for the malicious cyber-enabled activity outlined in the Indictment.

Deputy Attorney General Rod J. Rosenstein said:  “These nine Iranian nationals allegedly stole more than 31 terabytes of documents and data from more than 140 American universities, 30 American companies, five American government agencies, and also more than 176 universities in 21 foreign countries.  For many of these intrusions, the defendants acted at the behest of the Iranian government and, specifically, the Iranian Revolutionary Guard Corps.  The Department of Justice will aggressively investigate and prosecute hostile actors who attempt to profit from America’s ideas by infiltrating our computer systems and stealing intellectual property.  This case is important because it will disrupt the defendants’ hacking operations and deter similar crimes.”

Manhattan U.S. Attorney Geoffrey S. Berman said:  “Today, in one of the largest state-sponsored hacking campaigns ever prosecuted by the Department of Justice, we have unmasked criminals who normally hide behind the ones and zeros of computer code.  As alleged, this massive and brazen cyber-assault on the computer systems of hundreds of universities in 22 countries, including the United States, and dozens of private sector companies and governmental organizations was conducted on behalf of Iran’s Islamic Revolutionary Guard.  The hackers targeted innovations and intellectual property from our country’s greatest minds.  These defendants are now fugitives from American justice, no longer free to travel outside Iran without risk of arrest.  The only way they will see the outside world is through their computer screens, but stripped of their greatest asset – anonymity.”

FBI Assistant Director William F. Sweeney Jr. said:  “The numbers alone in this case are staggering, over 300 universities and 47 private sector companies both here in the United States and abroad were targeted to gain unauthorized access to online accounts and steal data.  An estimated 30 terabytes was removed from universities’ accounts since this attack began, which is roughly equivalent of 8 billion double-sided pages of text.  It is hard to quantify the value on the research and information that was taken from victims but it is estimated to be in the billions of dollars. The nine Iranians indicted today now find themselves wanted by the FBI and our partner law enforcement agencies around the globe – and like other cyber criminals they will soon learn their ability to freely move was just limited to the virtual world only.”

According to the allegations contained in the Indictment[1] unsealed today in Manhattan federal court:

Background on the Mabna Institute

GHOLAMREZA RAFATNEJAD and EHSAN MOHAMMADI, the defendants, founded the Mabna Institute in approximately 2013 to assist Iranian universities and scientific and research organizations in stealing access to non-Iranian scientific resources.  In furtherance of its mission, the Mabna Institute employed, contracted, and affiliated itself with hackers-for-hire and other contract personnel to conduct cyber intrusions to steal academic data, intellectual property, email inboxes and other proprietary data, including ABDOLLAH KARIMA, a/k/a “Vahid Karima,” MOSTAFA SADEGHI, SEYED ALI MIRKARIMI, MOHAMMED REZA SABAHI, ROOZBEH SABAHI, ABUZAR GOHARI MOQADAM, and SAJJAD TAHMASEBI.  The Mabna Institute contracted with both Iranian governmental and private entities to conduct hacking activities on their behalf, and specifically conducted the university spearphishing campaign on behalf of the IRGC.  The Mabna Institute is located at Tehran, Sheikh Bahaii Shomali, Koucheh Dawazdeh Metri Sevom, Plak 14, Vahed 2, Code Posti 1995873351.

University Hacking Campaign

The Mabna Institute, through the activities of the defendants, targeted over 100,000 accounts of professors around the world.  They successfully compromised approximately 8,000 professor email accounts across 144 U.S.-based universities, and 176 universities located in foreign countries, including Australia, Canada, China, Denmark, Finland, Germany, Ireland, Israel, Italy, Japan, Malaysia, Netherlands, Norway, Poland, Singapore, South Korea, Spain, Sweden, Switzerland, Turkey, and the United Kingdom.  The campaign started in approximately 2013, and has continued through at least December 2017, and broadly targeted all types of academic data and intellectual property from the systems of compromised universities, including, among other things, academic journals, theses, dissertations, and electronic books.  Through the course of the conspiracy, U.S.-based universities spent over approximately $3.4 billion to procure and access such data and intellectual property.

The hacking campaign against universities was conducted across multiple stages.  First, the defendants conducted online reconnaissance of university professors, including to determine these professors’ research interests and the academic articles they had published.  Second, using the information collected during the reconnaissance phase, the defendants created and sent spearphishing emails to targeted professors, which were personalized and created so as to appear to be sent from a professor at another university.  In general, those spearphishing emails indicated that the purported sender had read an article the victim professor had recently published, and expressed an interest in several other articles, with links to those additional articles included in the spearphishing email.  If the targeted professor clicked on certain links in the email, the professor would be directed to a malicious Internet domain named to appear confusingly similar to the authentic domain of the recipient professor’s university.  The malicious domain contained a webpage designed to appear to be the login webpage for the victim professor’s university.  It was the defendants’ intent that the victim professor would be led to believe that he or she had inadvertently been logged out of his or her university’s computer system, prompting the victim professor for his or her login credentials.  If a professor then entered his or her login credentials, those credentials were then logged and captured by the hackers.

Finally, the members of the conspiracy used stolen account credentials to obtain unauthorized access to victim professor accounts, through which they then exfiltrated intellectual property, research, and other academic data and documents from the systems of compromised universities, including, among other things, academic journals, theses, dissertations, and electronic books.  The defendants targeted data across all fields of research and academic disciplines, including science and technology, engineering, social sciences, medical, and other professional fields.  At least approximately 31.5 terabytes of academic data and intellectual property from compromised universities were stolen and exfiltrated to servers under the control of members of the conspiracy located in countries outside the United States.

In addition to stealing academic data and login credentials for university professors for the benefit of the Government of Iran, the defendants also sold the stolen data through two websites, Megapaper.ir (“Megapaper”) and Gigapaper.ir (“Gigapaper”).  Megapaper was operated by Falinoos Company (“Falinoos”), a company controlled by ABDOLLAH KARIMA, a/k/a “Vahid Karima,” the defendant, and Gigapaper was affiliated with KARIMA.  Megapaper sold stolen academic resources to customers within Iran, including Iran-based public universities and institutions, and Gigapaper sold a service to customers within Iran whereby purchasing customers could use compromised university professor accounts to directly access the online library systems of particular United States-based and foreign universities.

Prior to the unsealing of the Indictment, the FBI provided foreign law enforcement partners with detailed information regarding victims within their jurisdictions, so that victims in foreign countries could be notified and so that foreign partners could assist in remediation efforts.

Private Sector Hacking Victims

In addition to targeting and compromising universities, the Mabna Institute defendants targeted and compromised employee email accounts for at least approximately 36 United States-based private companies, and at least approximately 11 private companies based in Germany, Italy, Switzerland, Sweden, and the United Kingdom, and exfiltrated entire email mailboxes from compromised employees’ accounts.  Among the United States-based private sector victims were three academic publishers, two media and entertainment companies, one law firm, 11 technology companies, five consulting firms, four marketing firms, two banking and/or investment firms, two online car sales companies, one healthcare company, one employee benefits company, one industrial machinery company, one biotechnology company, one food and beverage company, and one stock images company.

In order to compromise accounts of private sector victims, members of the conspiracy used a technique known as “password spraying,” whereby they first collected lists of names and email accounts associated with the intended victim company through open source Internet searches.  Then, they attempted to gain access to those accounts with commonly-used passwords, such as frequently used default passwords, in order to attempt to obtain unauthorized access to as many accounts as possible.  Once they obtained access to the victim accounts, members of the conspiracy, among other things, exfiltrated entire email mailboxes from the victims.  In addition, in many cases, the defendants established automated forwarding rules for compromised accounts that would prospectively forward new outgoing and incoming email messages from the compromised accounts to email accounts controlled by the conspiracy.

In connection with the unsealing of the Indictment, today the FBI issued a FBI Liaison Alert System (FLASH) message, providing detailed information regarding the vulnerabilities targeted and the intrusion vectors used by the Mabna Institute in their campaign against private sector companies, to provide the public with information to assist in detecting and remediating the threat.

U.S. Government and NGO Hacking Victims

In the same time period as the university and private sector hacking campaigns described above, the Mabna Institute also conducted a computer hacking campaign against various governmental and non-governmental organizations within the United States.  During the course of that campaign, employee login credentials were stolen by members of the conspiracy through password spraying.  Among the victims were the following, all based in the United States:  the United States Department of Labor, the Federal Energy Regulatory Commission, the State of Hawaii, the State of Indiana, the State of Indiana Department of Education, the United Nations, and the United Nations Children’s Fund.  As with private sector victims, the defendants targeted for theft email inboxes of employees of these organizations.

*                *                *

GHOLAMREZA RAFATNEJAD, EHSAN MOHAMMADI, ABDOLLAH KARIMA, a/k/a “Vahid Karima,” MOSTAFA SADEGHI, SEYED ALI MIRKARIMI, MOHAMMED REZA SABAHI, ROOZBEH SABAHI, ABUZAR GOHARI MOQADAM, and SAJJAD TAHMASEBI, the defendants, are citizens and residents of Iran.  Each is charged with one count of conspiracy to commit computer intrusions, which carries a maximum sentence of five years in prison; one count of conspiracy to commit wire fraud, which carries a maximum sentence of 20 years in prison; two counts of unauthorized access of a computer, each of which carries a maximum sentence of five years in prison; two counts of wire fraud, each of which carries a maximum sentence of 20 years in prison; and one count of aggravated identity theft, which carries a mandatory sentence of two years in prison.  The maximum potential sentences in this case are prescribed by Congress and are provided here for informational purposes only, as any sentencings of the defendants will be determined by the assigned judge.

Mr. Berman praised the outstanding investigative work of the FBI, the assistance of the United Kingdom’s National Crime Agency (NCA), and the support of the OFAC.  The case is being handled by the Office’s Complex Frauds and Cybercrime Unit.  Assistant United States Attorneys Timothy T. Howard, Jonathan Cohen, and Richard Cooper are in charge of the prosecution, with assistance provided by Heather Alpino and Jason McCullough of the National Security Division’s Counterintelligence and Export Control Section.

The charges contained in the Indictment are merely accusations and the defendants are presumed innocent unless and until proven guilty.

[1] As the introductory phrase signifies, the entirety of the text of the Indictment, and the description of the Indictment set forth herein, constitute only allegations, and every fact described should be treated as an allegation.

Attachment(s):
Download U.S. v. Rafatnejad et al Indictment
Topic(s):
Cyber Crime
Component(s):
USAO – New York, Southern
Press Release Number:
18-089

Russia Investigation, Sanctions and Military Readiness

Posted on by

President Donald Trump may not have realized on Monday that his executive order would step on Russia’s toes. Its official target was Venezuela, specifically the country’s plan to create the world’s first state-backed cryptocurrency, the petro, which went on sale Tuesday.

But behind the scenes, the petro was in fact a collaboration—a half-hidden joint venture between Venezuelan and Russian officials and businessmen, whose aim was to erode the power of U.S. sanctions, sources familiar with the effort told TIME.

Trump’s executive order did not mention the petro’s Russian backers, whose role has not previously been reported. Citing economic sanctions that the U.S. imposed against Venezuela in August, the order simply made clear that anyone who buys or uses the new cryptocurrency would be in breach of those sanctions, as would anyone under U.S. jurisdiction who helps Venezuela develop the petro. “Any conspiracy formed to violate any of the prohibitions set forth in this order is prohibited,” the document states. More here.

***

Meanwhile the House Intelligence Committee released the Russia report.

https://intelligence.house.gov/uploadedfiles/russia_report_findings_and_recommendations.pdf?platform=hootsuite

 
Is the United States doing enough to respond to Russia? Still curious? Given the dramatic increase in military spending in the Omnibus, we are not prepared yet to take on the alleged star war weapons Putin advertises.

In his address to the parliament earlier this month the Russian president unveiled a small zoo of strategic programs that are supposed to counter U.S. missile defense (or make it “impotent and obsolete”). Some of these systems were not entirely new – we knew about the ejection test of the Sarmat missile, the Status-6 underwater drone, and, of course, about the Avangard hypersonic glider that was known as Project 4202 or Yu-71. A number of people pointed out that the Kinzhal “hypersonic” missile appears to be an air-launched modification of the Iskander ballistic missile and that there were reports about something like that in the past. The only genuinely new system seems to be the nuclear-powered cruise missile, which doesn’t have a name yet.

With the exception of Kinzhal, none of these systems appear to be close to operational capability. Yes, it’s been said that tests were successful, but for Sarmat it was only the first ejection test; Status-6 and the cruise missile seem to be at the point of proof-of-principle tests of their nuclear reactors and propulsion systems. As for Avangard, it probably had two successful test flights, but is not clear if it is fully ready for deployment. On the other hand, there is no reason to believe that these systems cannot become operational in the next few years, now that they are likely to be treated as priority programs.

It is not surprising that the defense industry used the specter of missile defense to get support for its programs. In fact, we have seen this before. In 1985, the Soviet defense industry put together a series of programs that were supposed to counter U.S. Strategic Defense Initiative. I described the history of these programs in my “Did Star Wars Helped End the Cold War?” paper last year. But I thought that the list of those programs may be of some interest as well. That list comes from Vitaly Katayev’s notes – he compiled a table of the programs that were included in the four anti-SDI programs at the time. Here is the document:

Программы противодействия ПРО

The table contains some interesting entries. For example, the hypersonic glider is there – it was known as Albatross then. A few other programs survived to this day as well, but most were abandoned. One word of caution – most of the anti-SDI systems existed before SDI, but of course the missile defense presented a perfect excuse for the industry to put everything in one package to ensure that they get the support they wanted. The current list of anti-missile defense programs seems to be much shorter, but the basic idea is the same.

*** Lots of questions are being asked in congressional hearings. The summary is such:

The nation’s nuclear deterrence enterprise remains as important as ever in light of the return of superpower competition and rogue nation threats presented by North Korea and Iran, senior Defense Department officials told the House Armed Services Committee’s strategic forces subcommittee here today.

The officials discussed national security policies with regard to DoD’s fiscal year 2019 budget request and within context of the country’s nuclear force posture.

John C. Rood, undersecretary of defense for policy; Air Force Gen. Robin Rand, commander of Air Force Global Strike Command; Navy Vice Adm. Terry Benedict, director of the Navy Strategic Systems Program; and Lisa Gordon-Hagerty, administrator of the Energy Department’s National Nuclear Security Administration, each presented testimony on the importance of the nuclear force.

Rood’s opening remarks quoted Defense Secretary James N. Mattis: “[The Nuclear Posture Review] rests on a bedrock truth. Nuclear weapons have, and will continue to play, a critical role in deterring a nuclear attack, and in preventing large-scale conventional warfare between nuclear armed states for the foreseeable future. U.S. nuclear weapons not only defend our allies against conventional nuclear threats, they also help them avoid the need to develop their own nuclear arsenals. This, in turn, furthers global security.”

Sustaining Modernization Efforts

According to Rood, the 2018 Nuclear Posture Review reflects DoD’s strategic priority to maintain a safe, secure, survivable and effective nuclear deterrent. While the diverse capabilities of the current nuclear triad provide necessary flexibility and resilience, each leg of the triad has surpassed its intended operating lifecycle.

While the U.S. remains the strongest military in the world, the advantages are eroding as adversaries continue to modernize conventional and nuclear forces, now fielding broad arsenals of nuclear missiles capable of reaching the American homeland, Rood said.

“Weakness invites challenge and provocation,” he said. “Our task at the Defense Department is to ensure that the U.S. military advantages endure, and in combination with other elements of national power, we are able to fully meet the increasing challenges to our national security.”

At the direction of U.S. Strategic Command, a recent reorganization of authority took place within Air Force Global Strike Command, Rood said. In September, Rand became dual-hatted, assuming the duties of Joint Force Air Component Command, Air Forces Strategic-Air, a position created to streamline authorizations for bomber and intercontinental ballistic missile forces under one line of authority. This, along with other current and future initiatives, are a priority for Rand and Global Strike Command in the continued defense of the nation.

“Modernization of [America’s] nuclear force is absolutely critical,” Rand said. “The key to Global Strike Command’s continued success will remain on our ability to modernize, sustain, and recapitalize our force.”

Looking Toward the Future

The Navy is currently in the process of implementing life-extension programs for defense weapons. Benedict said those programs are on track and within budget constraints. Benedict said existing efforts will ensure effective and credible sea-based deterrents until the 2040s, and the Navy is also taking steps to provide credible weapons systems beyond the 2040s.

The Nuclear Posture Review directs the Navy to begin studies in 2020 to define a cost-effective, credible and effective sea-launched ballistic missile that can be deployed beyond the life of the Columbia-class submarine nuclear weapons system, Benedict said. The first of the Columbia-class submarines, which are to replace the present Ohio-class Trident nuclear submarines, is slated to come into service in 2021.

Benedict added that budget requests included funding for modernization efforts in partnership with the National Nuclear Security Administration to bolster the U.S. deterrence posture.

The NNSA, according to Gordon-Hargerty, has three main objectives, to maintain the safety, security and reliability of the U.S. nuclear weapons stockpile, reduce the threat of nuclear proliferation and nuclear terrorism around the world and provide nuclear propulsion for the Navy’s fleet of aircraft carriers and submarines.

To meet those objectives, Gordon-Hargerty said the president’s fiscal year 19 budget request included increased spending in areas such as weapons activities, defense nuclear nonproliferation and naval reactors.

“This request moves us forward to a deterrent that is modern, robust, flexible, resilient, ready and appropriately tailored to meet current and future uncertainties as outlined in the 2018 Nuclear Posture Review,” she said.

Gordon-Hagerty said this added funding will also provide the resources required to ensure protection of the U.S. and its allies and partners.

“In an increasingly complex and threatening security environment, the DoD must sustain the capabilities needed to deter and defend against attacks on our homeland,” Rood said. “Along with our allies and partners, we must ensure we have the capabilities now, and into the future, to protect our people and the freedoms we so cherish, and are able to engage our adversaries, diplomatically, from a position of strength.”