NoKo’s Hwasong 15, the Unexpected ICBM Launch

SEOUL, South Korea — The intercontinental ballistic missile North Korea launched this week was a new type of missile bigger and more powerful than any the country had tested before, South Korean officials said on Thursday.

Photos from the North’s official Korean Central News Agency are providing valuable clues about the capabilities of the missile, named the Hwasong-15. North Korea said it carried a “super-large heavy warhead which is capable of striking the whole mainland of the U.S.”

North Korea’s Hwasong series represents the most successful and formidable part of its ballistic missile arsenal, and photographs of the test suggested improvements over the Hwasong-14, a missile first tested over the summer that showed the country’s capacity to strike the continental United States.

Private analysts agreed that the Hwasong-15 looked bigger and more powerful than the Hwasong-14.

NoneAP

South Korean defense officials say North Korea runs more than 160 mobile missile launching vehicles and is building more. Such vehicles make it easier to hide and transport missiles and harder for the United States and its allies to track signs of imminent missile attacks.

NoneAP

In a report published Thursday, Mr. Elleman said his “initial calculations indicate the new missile could deliver a moderately sized nuclear weapon to any city on the U.S. mainland.”

But he also said the North Koreans would need to conduct additional tests to establish the Hwasong-15’s reliability. And like other aerospace experts, Mr. Elleman pointed out that North Korea had yet to show it had mastered technology to ensure a missile warhead survives the rigors of violent re-entry into the Earth’s atmosphere.

Still, he said, “if low confidence in the missile’s reliability is acceptable, two or three test firings over the next four to six months may be all that is required before Kim Jong-un declares the Hwasong-15 combat ready.” More here.

 Construction work has been seen at a launch site near the North Korean capital

 The images seem to show Kim has no plans to curb his nuclear ambitions

According to the ImageSat analysts, who are closely following North Korean military activity, this is “the first time that they have decided to rebuild a site that they have used before.”

The photos, dated Nov. 23 and 24, appear to show the development of another launch pad just a few yards away from the one used during the July 4 Hwasong-14 ICBM launch, as well as a newly renovated access road.

***

North Korea has also continued work on its submarine-launched ballistic missile program, according to new analysis on Friday, also from 38 North. Satellite images show that the country is preparing to deploy one of its submersible test stand barges, presumably to work on or conduct an underwater ICBM launch. The country also continues to produce fissile material for its weapons.

***

While there is some dispute about the exact capabilities of the HS-15, it appears that the missile is so large—and indeed North Korean statements explicitly state the weapon is designed to carry a “super heavy” [3] warhead—that it might irrelevant if Pyongyang possesses warhead miniaturization technology or not. In fact, by some estimates, North Korea has intentionally overbuild the HS-15 so that future variants might be able to carry multiple independently targetable reentry vehicles (MIRV).

Other than the massive size of the HS-15—which appears to be comparable in size to the Soviet SS-19 Stiletto or SS-24 Scalpel—there are some visible technological advancements.

“The single biggest technological change I see in the missile is the absence of verniers (separate, small steering engines). It looks like they have gimbaled engines now,” Pollack said.

“That’s a significant advance. I wouldn’t rule out the involvement of foreign specialists there. We already know they’ve collaborated with Iran on some missile projects. Not that Iran has ever shown off this particular technology…”

The launch vehicle might have been developed with Chinese help however—or at least modified from Chinese supplied equipment.

“The chassis looks familiar – it’s a nine-axle version of the eight-axle chassis the Chinese supplied earlier. The NKs may have managed to modify one of the six or so chassis they have on hand,” Pollack said. “(The cab has been altered, too.) I doubt they have really learned to build these from scratch – they’ve been putting far too much effort into building big trucks instead for this purpose. If they’ve already got better technology, why bother doing that?” More here.

Deport Those Chinese Operatives Now

Have you read the newly released book titled ‘Bully of Asia’ by Steven W. Mosher? China is the single largest threat to global stability and Russia and Iran in second and third place.

Have you heard of the Thucydides Trap? China is an ascending power and just who is paying attention? Have you studied the fact that China is a major enabler of North Korea’s aggression behavior including the most recent launch of the intercontinental ballistic missile?

China is a thief. China has dispatched operatives throughout the West under the guise of cultural exchanges, students, temporary workers and journalists. It is all about espionage and cyberwar.

Image result for china spies photo

Hey State Department and DHS, get these operatives outta here. By the way, are there any sanctions on China with regard to PLA Unit 61398?

photo

Have you wondered what happened to that Obama Asia Pivot that he announced in 2011? The United States needs to pivot again and now.

Why?

This Beijing-Linked Billionaire Is Funding Policy Research at Washington’s Most Influential Institutions

The Chinese Communist Party is quietly reshaping public opinion and policy abroad.

FP: The Johns Hopkins University’s School of Advanced International Studies (SAIS), located just a short walk from Dupont Circle in Washington, D.C., is one of the top international relations schools in the United States. Its graduates feed into a variety of government agencies, from the State Department to the CIA, and the military. Its China studies program is especially well known; many graduates come away with expert knowledge of the language, culture, and politics of the United States’ most important strategic competitor.

In August, SAIS announced a new endowed professorship in the China Studies department as well as a new research project called the Pacific Community Initiative, which aims to examine “what China’s broader role in Asia and the world means for its neighbors and partners.”

What the SAIS press release did not say is that the money for the new initiatives came in part from the China-United States Exchange Foundation (CUSEF), a Hong Kong-based nonprofit. CUSEF is a registered foreign agent bankrolled by a high-ranking Chinese government official with close ties to a sprawling Chinese Communist Party apparatus that handles influence operations abroad, known as the “united front.”

The China-U.S. Exchange Foundation’s partnership with a premier U.S. academic institution comes amid a Chinese Communist Party push to strengthen its influence over policy debate around the globe. The Chinese government has sought to repress ideas it doesn’t like and to amplify those it does, and its efforts have met with growing success.

Even as Washington is embroiled in a debate over Russian influence in U.S. elections, it’s China that has proved adept at inserting itself in American politics.

“The Chinese approach to influence operation is a bit different than the Russian one,” said Peter Mattis, a fellow at the Jamestown Foundation. “The Russian one is much more about an operational objective and they work backward from that objective, saying, ‘How do we achieve that?’” But on the Chinese side, Mattis said, “they focus on relationships — and not on the relationships having specific takeaway value, but that someday, some way, those relationships might become valuable.”

The Chinese seek a kind of “ecological change,” he explained. “If they cultivate enough people in the right places, they start to change the debate without having to directly inject their own voice.”

The China-U.S. Exchange Foundation was founded in 2008 by Tung Chee-hwa, a Hong Kong shipping magnate who later served as the chief executive of the former British colony, where he championed the benefits of close ties to Beijing. Tung’s Hong Kong-based nonprofit conducts academic and professional exchanges, bringing U.S. journalists, scholars, and political and military leaders to mainland China. It also has funded research projects at numerous U.S. institutions, including the Brookings Institution, the Center for Strategic and International Studies, the Atlantic Council, the Center for American Progress, the East-West Institute, the Carter Center, and the Carnegie Endowment for Peace.

Tung’s foundation’s ties to the united front are indirect, but important. Tung currently serves as the vice chairman of one of the united front’s most important entities — the so-called Chinese People’s Political Consultative Conference, which is one of China’s two rubber-stamp assemblies.

The body is one of Beijing’s most crucial tentacles for extending influence.

In its newest project with SAIS, the foundation describes the Pacific Community Initiative as a “joint research project.” David Lampton, director of the university’s China Studies Program, said in an August press release that the new professor “will also be responsible for running our Pacific Community Initiative and work closely with the China-U.S. Exchange Foundation in Hong Kong.”

Lampton also confirmed that CUSEF funded the new programs. “Both the Initiative and the Professorship were made possible through the support of the China-U.S. Exchange Foundation,” he said in an emailed statement to Foreign Policy.

But he denied that CUSEF had attached any intellectual strings to its funding.

“There are absolutely no conditions or limitations imposed upon the Pacific Community Initiative or our faculty members by reason of a gift or otherwise,” Lampton told FP. “We have full confidence in the academic integrity and independence of these endeavors.”

CUSEF denies it acts as a vehicle for Beijing’s ideological agenda or has “any connections” to the united front. “We do not aim to promote or support the policies of any one government,” wrote a spokesperson for the foundation in an email.

This isn’t the first time SAIS and the foundation have worked together; they co-sponsored a conference on China’s economy in Hong Kong in March 2016, according to the school’s website. But a professorship and a major research project offer an opportunity for broader reach — the kind of global influence that Chinese President Xi Jinping has made a centerpiece of his policies. In October, at the meeting of the Communist Party that sets the national agenda for the next five years, Xi called for an expansion of the party’s overseas influence work, referring to the united front as a “magic weapon” of party power.

That quest to shape the global view of China isn’t the same thing as soft power, said James Leibold, a professor at La Trobe University in Melbourne who researches Chinese influence in Australia, where Beijing’s recent influence operations have sparked a national controversy.

China is an authoritarian state where the Communist Party rules with an iron fist, Leibold said — and that is what Beijing is trying to export.

“What we’re talking about here is not Chinese influence per se, but the influence of the Chinese Communist Party.”

In a joint project like the one at SAIS, that influence can be subtle rather than being heavy-handed, said Jamestown’s Mattis. “It’s the ability to privilege certain views over others, to create a platform for someone to speak,” he said. “When you have a role in selecting the platform and generating what I presume they hope are some of the bigger reports on U.S.-China relations in the next few years, that’s important.”

One goal of the joint research project is, in fact, to “yield a white paper to be submitted for endorsement by both the U.S. and Chinese governments,” a CUSEF spokesperson wrote in an emailed statement to FP.

While CUSEF representatives stress that it is not an agent of the Chinese Communist Party, the foundation has cooperated on projects with the the People’s Liberation Army and uses the same Washington public relations firm that the Chinese Embassy does.

One of those PLA projects is the Sanya Initiative, an exchange program that brings together U.S. and Chinese former high-ranking military leaders. On the Chinese side, the Sanya Initiative is led by a bureau of the PLA that engages in political warfare and influence operations, according to Mark Stokes, executive director of the Project 2049 Institute.

Sometimes the results of such high-level exchanges aren’t subtle. In February 2008, PLA participants in the Sanya Initiative asked their U.S. counterparts to persuade the Pentagon to delay publishing a forthcoming report about China’s military buildup, according to a segment excised from the 2011 annual report of the congressional U.S.-China Economic and Security Review Commission.

The U.S. members complied, though their request was not successful.

Exchanges and partnerships are not CUSEF’s only initiatives. As a registered foreign agent, in 2016 it spent just under $668,000 on lobbying, hiring the Podesta Group and other firms to lobby Congress on the topic of “China-U.S. relations.” The foundation has spent $510,000 on lobbying to date in 2017.

CUSEF also keeps on retainer the consulting and public relations firm BLJ Worldwide LTD, the same firm the Chinese Embassy in the United States uses. According to FARA filings, CUSEF currently pays the firm $29,700 a month to promote the foundation’s work and run a pro-Beijing website called China US Focus.

Whether through websites, partnerships, or endowments, China has learned to wrap its message in a palatable wrapper of U.S. academics and intellectuals, according to Mattis.

“Who better to influence Americans than other Americans?” he said.

Due to N Korea, Hawaii Goes to Nuclear Warning Systems

Image result for north korea ballistic missile test

photo

TOKYO/WASHINGTON (Reuters) – Japan has detected radio signals suggesting North Korea may be preparing for another ballistic missile launch, although such signals are not unusual and satellite images did not show fresh activity, a Japanese government source said on Tuesday.

After firing missiles at a pace of about two or three a month since April, North Korean missile launches paused in September, after Pyongyang fired a rocket that passed over Japan’s northern Hokkaido island.

“This is not enough to determine (if a launch is likely soon),” the source told Reuters.

Japan’s Kyodo news agency reported late on Monday that the Japanese government was on alert after catching such radio signals, suggesting a launch could come in a few days. The report also said the signals might be related to winter military training by the North Korean military.

South Korea’s Yonhap news agency, citing a South Korean government source, also reported that intelligence officials of the United States, South Korea and Japan had recently detected signs of a possible missile launch and have been on higher alert.

Image result for hi-ema photo

Hawaii reinstates Cold War-era nuclear attack warning signal amid North Korea tension

Hawaii is reinstating a statewide nuclear attack warning signal in December to prepare for a potential attack from North Korea.

The alarm, which has not been used since the Cold War, will be reinstated on Dec. 1 as part of a ballistic missile preparedness program, according to the Hawaii Emergency Management Agency (HI-EMA).

The agency instructed residents to immediately “Get inside, stay inside and stay tuned” if they hear the siren. Alerts will be sent to resident’s phones and broadcast on television and radio. “When [HI-EMA] started this campaign, there were concerns we would scare the public. What we are putting out is information based on the best science that we have on what would happen if that weapon hit Honolulu or the assumed targets,” said HI-EMA Administrator Vern Miyagi during an emergency preparedness presentation.

Since officials would have only 15 minutes or less of warning time before a North Korean missile’s impact, Hawaii residents are advised to have a designated place to go for shelter. “There will be no time to call our loved ones, pick up our kids and find a designated shelter. We should all prepare and exercise a plan ahead of time so we can take some comfort in knowing what our loved ones are doing,” said Miyagi in an interview with The Honolulu Star Advertiser.

Although the U.S. has conducted successful missile interception tests, there is no guarantee that the Navy would detect and intercept a target, the HI-EMA warns.

An HI-EMA fact sheet explains that, based on the estimated yield of North Korean missiles, there could be anywhere from 50,000 to 120,000 burn casualties and nearly 18,000 fatalities if an attack occurs.

After an attack, residents would have to stay sheltered in place until the HI-EMA has fully assessed the radiation and fallout, which could take a few hours or as long as 14 days, the agency says on its website.

State officials have been holding town halls to answer questions from residents.

North Korea and Iran Hint at Deeper Military Cooperation

WI: Pyongyang has emerged as a critical partner in Tehran’s ‘Axis of Resistance,’ and officials warn that their joint efforts may extend to weapons of mass destruction.

High-level meetings between North Korean and Iranian officials in recent months are stoking concerns inside the U.S. government about the depth of military ties between the two American adversaries. In September, President Trump ordered U.S. intelligence agencies to conduct a fresh review of any potential bilateral nuclear collaboration. Yet officials in Washington, Asia, and the Middle East who track the relationship indicate that Pyongyang and Tehran have already signaled a commitment to jointly develop their ballistic missile systems and other military/scientific programs.

North Korea has vastly expanded its nuclear and long-range missile capabilities over the past year, developing intercontinental ballistic missiles that could potentially target the western United States with nuclear warheads. Over the same period, U.S. intelligence agencies have spotted Iranian defense officials in Pyongyang, raising the specter that they might share dangerous technological advances with each other. “All of these contacts need to be better understood,” said one senior U.S. official working on the Middle East. “This will be one of our top priorities.”

SUSPICIOUS MEETINGS

In early August, Kim Yong-nam, North Korea’s number two political leader and head of its legislature, departed Pyongyang amid great fanfare for an extended visit to Iran. The official reason was to attend the inauguration of President Hassan Rouhani, but the length of the visit raised alarm bells in Washington and allied capitals. North Korean state media said the trip lasted four days, but Iranian state media said it was ten, and that Kim was accompanied by a large delegation of other top officials.

Kim had last visited Tehran in 2012 to attend a gathering of the Non-Aligned Movement, the Cold War-era body composed of developing nations that strived to be independent of Washington and the Kremlin. Yet he skipped most of the events associated with that conference, instead focusing on signing a bilateral scientific cooperation agreement with President Mahmoud Ahmadinejad. According to U.S. intelligence officials, that pact looked very similar to the one Pyongyang inked with Syria in 2002; five years later, Israeli jets destroyed a building in eastern Syria that the United States and UN believe was a nearly operational North Korean-built nuclear reactor. Notably, one of the Iranian officials who attended the 2012 gathering with Kim was Atomic Energy Organization chief Fereydoun Abbasi-Davani, who was sanctioned by Washington and the UN for his alleged role in nuclear weapons development.

Similarly, Kim’s latest trip focused on more than just lending support to Rouhani, according to North Korean and Iranian state media. Kim and Vice Foreign Minister Choe Hui-chol inaugurated their country’s new embassy in Tehran, a symbol of deepening ties between the two governments. They also held a string of bilateral meetings with foreign leaders, many from countries that have been significant buyers of North Korean weapons in recent decades (e.g., Zimbabwe, Cuba, Democratic Republic of the Congo, and Namibia). The Trump administration has been intensifying diplomatic pressure on all these countries to cut their economic and military ties with Pyongyang in response to the regime’s barrage of nuclear and missile tests this year.

Regarding missile development, Iran and North Korea presented a united front against Washington during Kim’s stay. Like Pyongyang, Tehran has moved forward with a string of ballistic missile tests in recent months, despite facing UN Security Council resolutions and condemnation by the Trump administration. After meeting with Speaker of Parliament Ali Larijani on August 4, Kim declared, “Iran and North Korea share a mutual enemy [the United States]. We firmly support Iran on its stance that missile development does not need to be authorized by any nation.”

COVERT CONTACTS

The meetings that have gone unreported in state media are even more worrisome for allied governments. In recent years, U.S. and South Korean intelligence services have tracked a steady stream of Iranian and North Korean officials visiting each other in a bid to jointly develop their defense systems. Many of the North Koreans are from defense industries or secretive financial bodies that report directly to dictator Kim Jong-un, including Offices 39 and 99 of the ruling Workers’ Party of Korea.

Last year, U.S. authorities reported that missile technicians from one of Iran’s most important defense companies, the Shahid Hemmat Industrial Group, had traveled to North Korea to help develop an eighty-ton rocket booster for ballistic missiles. One of the company’s top officials, Sayyed Javad Musavi, has allegedly worked in tandem with the Korea Mining Development Trading Corp. (KOMID), which the United States and UN have sanctioned for being a central player in procuring equipment for Pyongyang’s nuclear and ballistic missile programs. For example, Shahid Hemmat has illegally shipped valves, electronics, and measuring equipment to KOMID for use in ground testing of space-launch vehicles and liquid-propellant ballistic missiles.

POLICY IMPLICATIONS

North Korea has emerged as a critical partner in the alliance of states, militias, and political movements known as the “Axis of Resistance,” which Tehran developed to challenge U.S. power in the Middle East. Pyongyang has served as an important supplier of arms and equipment to Iran’s most important Arab ally, Syria’s Assad regime, during the country’s ongoing war. And Iranian-backed Houthi rebels have procured weapons from North Korea in their efforts to topple the internationally recognized government in Yemen, according to current and former U.S. officials.

Moreover, Kim Yong-nam’s August trip appeared to have official support from Russia and China. On his way to Iran, he first flew to Vladivostok on Air Koryo, the North Korean airline that the U.S. Treasury Department sanctioned in December 2016 for financially aiding the Kim regime and its ballistic missile program. He then flew on to Tehran via Russia’s state carrier, Aeroflot, passing through Chinese airspace.

Going forward, the most pressing question is whether a smoking gun will emerge proving direct nuclear cooperation between Iran and North Korea. The U.S. government and the International Atomic Energy Agency say they have yet to see such conclusive evidence. But Iranian opposition groups allege that senior regime officials have visited North Korea to observe some of its six nuclear weapons tests. Chief among these officials, they add, is Mohsen Fakhrizadeh, an Iranian general whom the UN has accused of working closely with Fereydoun Abbasi-Davani on secret nuclear weapons research. Current and former U.S. intelligence officials say these accusations cannot be ruled out, so all known contacts between the two regimes need to be scrutinized closely.

Related image Abbasi-Davani

***Going back in history with evidence:

In 2010, the Assad regime transferred Scud-D missiles,[7] as well as a number of M-600 missiles (that have a 250Km range and carry a 500Kg warhead) – a clone of the Iranian Fateh-110. Syria provided Hezbollah operatives with training on using the Scuds at a base near Damascus.[8]

The Assad regime procured systems from Russia, which were to be partially or fully transferred to Hezbollah. Those included advanced Russian anti-air defense systems– such as the Pantsir S1-E and SA-17 BUK systems – as well as sophisticated anti-ship systems, like the Yakhont P-800.[9] It was believed that Hezbollah was the end user for some of these systems, which were kept in the group’s weapons depots on the Syrian side of the border.[10] Prior to the 2006 war, Syria also transferred Russian-made Kornet anti-tank weapons to Hezbollah, which then used these weapons against Israel.[11] As the war in Syria has intensified, Hezbollah began moving some of these advanced systems out of Syria. In January, according to media reports,[12] the Israeli Air Force struck a convoy inside Syria that was likely attempting to transfer SA-17 anti-aircraft systems to Hezbollah.

Cutout Arms Purchases from Russia

Such Syrian straw purchases, as well as other arms deals with Russia for the Syrian military itself, appear to have been bankrolled by Iran.[13] As part of this deal, some of the weapons that Damascus procured were then passed on to Tehran. This is an old practice dating back to the Iraq-Iran war, when the Assad regime purchased weapons from the Soviet bloc on Iran’s behalf and Iranian planes transferred them to Tehran.

For instance, in 2007, Jane’s Defence Weekly reported that Syria agreed to send Iran at least 10 Pantsir air-defense systems that Damascus was buying from Russia. This deal was part of “the military and technological cooperation mechanism stipulated in a strategic accord signed by both countries in November 2005.”[14] Sources indicate that Syria may have received and installed the systems in August 2007, or one month before the Israeli attack on the Syrian nuclear facility at al-Kibar.[15]

Also in 2007, the Russian daily Kommersant revealed that Moscow’s Rosoboronexport arms export company was to deliver five MiG-31E fighter jets and an unspecified number of MiG-29M/M2 fighter bombers to Syria. Iran paid for the purchase may have been the intended end-user.[16] That particular deal seems never to have materialized. However it did reveal an important and dangerous aspect of the Iranian-Syrian partnership – one that extends well beyond cutout purchases of conventional weapons.

Aside from Russia, the principal strategic partner of the Iranian and Syrian regimes has been North Korea.

North Korean assistance has been instrumental in developing both Iran and Syria’s ballistic missile programs. Pyongyang’s cooperation with Tehran is particularly close, so much so that the two countries have been described as maintaining “in effect a joint missile development program.”[17] Iranian teams have regularly attended North Korea’s long-range missile tests, and Tehran has received North Korean technology. Iran’s Shahab-3 missile (1,300-1,500Kms), for example, is based on North Korea’s Nodong missile, the development program which was reportedly financed by Iran.[18]

In 2010, there was a debate on whether Pyongyang had sold Tehran BM-25 missiles that could hit Western Europe. At the time, a senior US intelligence official said that while he was unaware of any sale of a complete BM-25, there was probably a transfer of kits, made up of missile components. “There has been a flow of knowledge and missile parts” from North Korea to Iran, he said.[19] Iran’s quest for a first strike capability and delivery systems for its nuclear weapons program suggests that cooperation with North Korea will only grow.

Pyongyang and Iran have helped Syria develop its ballistic missile program. Syria relied on North Korean technology to upgrade its Scuds. In 2005, Syria tested Scud-D missiles, but the test ended in failure, as the missile fell apart over Turkey. Another test in 2007 was successful, thanks to technological assistance from North Korea that further improved the Scud-D and extended its range. In the early 1990’s, the North Koreans helped the Syrian Scientific Studies and Research Center (SSRC) construct missile complexes in Aleppo and Hama. The Aleppo facility was also used for fitting chemical warheads on Scud missiles. An explosion at the facility in July 2007 shed further light on the Syrian-Iranian-North Korean triangle.

The explosion took place as the Syrian regime was attempting to weaponize Scud-C missiles with chemical agents. According to a report in Jane’s Defence Weekly at the time, the explosion resulted in the death of “dozens” of Iranian engineers.[20] The Japanese daily Sankei Shimbun also claimed that three North Korean engineers were among the dead.[21]

Jane’s described the weaponization effort as part of a joint program with Iran. According to the weekly, Iran helped Syria in “the planning, establishment and management” of five facilities designed for the “indigenous production of CW [chemical weapons] precursors.” The presence of North Korean personnel at the site indicates that this was in fact a trilateral collaboration. More here.

AP Blames FBI for Few Warning on Fancy Bear Hacks

While much of the global hacking came to a scandal status in 2015-16, the Russian ‘Fancy Bear’ activity goes back to at least 2008. The FBI is an investigative wing and works in collaboration with foreign intelligence and outside cyber experts. For official warnings to be provided to U.S. government agencies, contractors, media or political operations, the FBI will generally make an official visit to affected entities to gather evidence. The NSA, Cyber Command and the DHS all have cyber experts that track and work to make accurate attributions of the hackers.

Image result for fancy bear apt 28

The Department of Homeland Security is generally the agency to make official warnings. The Associated Press gathered independent cyber experts to perform an independent study and is ready to blame the FBI for not going far enough in warnings.

When it came to the Clinton presidential campaign hack, the FBI made several attempts to officials there and were met with disdain and distrust. The FBI wanted copies of the ‘log-in’ files for evidence and were denied.

In part the AP report states:

“CLOAK-AND-DAGGER”

In the absence of any official warning, some of those contacted by AP brushed off the idea that they were taken in by a foreign power’s intelligence service.

“I don’t open anything I don’t recognize,” said Joseph Barnard, who headed the personnel recovery branch of the Air Force’s Air Combat Command.

That may well be true of Barnard; Secureworks’ data suggests he never clicked the malicious link sent to him in June 2015. But it isn’t true of everyone.

An AP analysis of the data suggests that out of 312 U.S. military and government figures targeted by Fancy Bear, 131 clicked the links sent to them. That could mean that as many as 2 in 5 came perilously close to handing over their passwords.

It’s not clear how many gave up their credentials in the end or what the hackers may have acquired.

Some of those accounts hold emails that go back years, when even many of the retired officials still occupied sensitive posts.

Overwhelmingly, interviewees told AP they kept classified material out of their Gmail inboxes, but intelligence experts said Russian spies could use personal correspondence as a springboard for further hacking, recruitment or even blackmail.

“You start to have information you might be able to leverage against that person,” said Sina Beaghley, a researcher at the RAND Corp. who served on the NSC until 2014.

In the few cases where the FBI did warn targets, they were sometimes left little wiser about what was going on or what to do.

Rob “Butch” Bracknell, a 20-year military veteran who works as a NATO lawyer in Norfolk, Virginia, said an FBI agent visited him about a year ago to examine his emails and warn him that a “foreign actor” was trying to break into his account.

“He was real cloak-and-dagger about it,” Bracknell said. “He came here to my work, wrote in his little notebook and away he went.”

Left to fend for themselves, some targets have been improvising their cybersecurity.

Retired Gen. Roger A. Brady, who was responsible for American nuclear weapons in Europe as part of his past role as commander of the U.S. Air Force there, turned to Apple support this year when he noticed something suspicious on his computer. Hughes, a former DIA head, said he had his hard drive replaced by the “Geek Squad” at a Best Buy in Florida after his machine began behaving strangely. Keller, the former senior spy satellite official, said it was his son who told him his emails had been posted to the web after getting a Google alert in June 2016.

A former U.S. ambassador to Russia, Michael McFaul, who like many others was repeatedly targeted by Fancy Bear but has yet to receive any warning from the FBI, said the lackluster response risked something worse than last year’s parade of leaks.

“Our government needs to be taking greater responsibility to defend its citizens in both the physical and cyber worlds, now, before a cyberattack produces an even more catastrophic outcome than we have already experienced,” McFaul said. Read the full article here.

Image result for fancy bear apt 28 photo

***

Every organization has a Chief Technology Officer, even small business has a ‘go-to’ person for issues. To be in denial there are any vulnerabilities is reckless and dangerous. To assume systems are adequately protected against cyber intrusions is also derelict in duty.

Fancy Bear is listed as APT 28. APT=Advanced Persistent Threat.

APT28 made at least two attempts to compromise Eastern European government organizations:
In a late 2013 incident, a FireEye device
deployed at an Eastern European Ministry of
Foreign Affairs detected APT28 malware in
the client’s network.
More recently, in August 2014 APT28 used a
lure (Figure 3) about hostilities surrounding a
Malaysia Airlines flight downed in Ukraine in
a probable attempt to compromise the Polish
government. A SOURFACE sample employed
in the same Malaysia Airlines lure was
referenced by a Polish computer security
company in a blog post.
The Polish security
company indicated that the sample was “sent
to the government,” presumably the Polish
government, given the company’s locations and visibility.
Additionally:
Other probable APT28 targets that we have
identified:
Norwegian Army (Forsvaret)
Government of Mexico
Chilean Military
Pakistani Navy
U.S. Defense Contractors
European Embassy in Iraq
Special Operations Forces Exhibition (SOFEX)
in Jordan
Defense Attaches in East Asia
Asia-Pacific Economic Cooperation
There is also NATO, the World Bank and military trade shows. Pure and simple, it is industrial espionage.
MALWARE
Evolves and Maintains Tools for Continued, Long-Term Use
Uses malware with flexible and lasting platforms
Constantly evolves malware samples for continued use
Malware is tailored to specific victims’ environments, and is designed to hamper reverse engineering efforts
Development in a formal code development environment
Various Data Theft Techniques
Backdoors using HTTP protocol
Backdoors using victim mail server
Local copying to defeat closed/air gapped networks
TARGETING
Georgia and the Caucasus
Ministry of Internal Affairs
Ministry of Defense
Journalist writing on Caucasus issues
Kavkaz Center
Eastern European Governments & Militaries
Polish Government
Hungarian Government
Ministry of Foreign Affairs in Eastern Europe
Baltic Host exercises
Security-related Organizations
NATO
OSCE
Defense attaches
Defense events and exhibitions
RUSSIAN ATTRIBUTES
Russian Language Indicators
Consistent use of Russian language in malware over a period of six years
Lure to journalist writing on Caucasus issues suggests APT28 understands both Russian and English
Malware Compile Times Correspond to Work Day in Moscow’s Time Zone
Consistent among APT28 samples with compile times from 2007 to 2014
The compile times align with the standard workday in the UTC + 4 time zone which includes major Russian cities such as Moscow and St. Petersburg
FireEye, is a non-government independent cyber agencies that has performed and continues to perform cyber investigations and attributions. There are others that do the same. To blame exclusively the FBI for lack of warnings is unfair.
Hacking conditions were especially common during the Obama administration and countless hearings have been held on The Hill, while still there is no cyber policy, legislation or real consequence. Remember too, it was the Obama administration that chose to do nothing with regard to Russia’s interference until after the election in November and then only in December did Obama expel several Russians part of diplomatic operations and those possibly working under cover including shuttering two dachas and one mission post in San Francisco.