Category Archives: Department of Defense

Russia has Provided N Korea Additional Hacking Platforms

Posted on by

Hackers from North Korea are reported to have stolen a large cache of military documents from South Korea, including a plan to assassinate North Korea’s leader Kim Jong-un.

Rhee Cheol-hee, a South Korean lawmaker, said the information was from his country’s defence ministry.

The compromised documents include wartime contingency plans drawn up by the US and South Korea.

They also include reports to the allies’ senior commanders.

Plans for the South’s special forces were reportedly accessed, along with information on significant power plants and military facilities in the South.

Mr Rhee belongs to South Korea’s ruling party, and sits on its parliament’s defence committee. He said some 235 gigabytes of military documents had been stolen from the Defence Integrated Data Centre, and that 80% of them have yet to be identified.

The hack took place in September last year. In May, South Korea said a large amount of data had been stolen and that North Korea may have instigated the cyber attack – but gave no details of what was taken.

North Korea denied the claim. The isolated state is believed to have specially-trained hackers based overseas, including in China. More here.

Russia is always part of the rogue nation process, it is curious of the timing as you read on. TransTeleCom is owned by Russia’s state-run railway company and has fiber optic cables that follow all the country’s main train lines, including all the way up to the North Korean border.

photo

Related reading: North Korea gets new internet access via Russia

Reuters: North Korea has opened a second internet connection with the outside world, this time via Russia, a move which cyber security experts said could give Pyongyang greater capability to conduct cyber attacks.

Previously traffic was handled via China Unicom (0762.HK) under a deal dating back to 2010. TransTeleCom now appears to be handling roughly 60 percent of North Korean internet traffic, while Unicom transmits the remaining 40 percent or so, Dyn said.

The new external connection was first reported by 38 North, a project of the U.S.-Korea Institute at Johns Hopkins School of Advanced International Studies (SAIS).

TransTeleCom declined to confirm any new routing deal with the North Korean government or its communications arm. In a statement, it said: “TransTeleCom has historically had a junction of trunk networks with North Korea under an agreement with Korea Posts and Telecommunications Corp signed in 2009.”

North Korea’s internet access is estimated to be limited to somewhere between a few hundred and just over 1,000 connections. These connections are vital for coordinating the country’s cyber attacks, said Bryce Boland, chief technology officer for the Asia-Pacific region at FireEye, a cyber-security company.

Boland said the Russian connection would enhance North Korea’s ability to command future cyber attacks.

Having internet routes via both China and Russia reduces North Korea’s dependence on any one country at a time when it faces intense geo-political pressures, he said.

Many of the cyber attacks conducted on behalf of Pyongyang came from outside North Korea using hijacked computers, Boland said. Those ordering and controlling the attacks communicate to hackers and hijacked computers from within North Korea.

“This will improve the resiliency of their network and increase their ability to conduct command and control over those activities,” Boland said.

The Washington Post reported earlier that the U.S. Cyber Command has been carrying out denial of service attacks against hackers from North Korea designed to limit their access to the internet. (wapo.st/2yRbg8w)

In February 2005, the TTK became the largest party in terms of the European Internet Exchange London Internet Exchange (LINX). In July 2005, the TTK became the fifth operator in Russia, received the right to provide long-distance services (after Rostelecom, Tsentrinfokoma, Golden Telecom and MTT). “TransteleCom” JSC provides communications services in Kazakhstan and for a map of locations and services, go here.

S Korea Pursuit of the Blackout Weapon

Posted on by

As the United States flew B1 Lancers based out of Guam in exercises with South Korea and Japan over the Korean Peninsula, the Trump White House was meeting with Pentagon officials on expanded details and strategies with regard to North Korea.

Meanwhile, China continues to demand that all sides tone down the threatening talk and military activities. Has anyone asked China if they are accepting North Korea’s nuclear weapons as a standard condition?

Additionally, more sanctions are taking place including naming four cargo ships under North Korea’s authority from being received in several ports due to hidden illicit cargo transports as recently exposed in Egypt.

Moving to preemptive strategies, South Korea is developing a new weapon called a ‘blackout weapon’ which is not to be confused with an EMP. This blackout weapon, known as a graphite ordnance was developed and used by the United States during the first Gulf War and later in the Balkans.

The purpose of this weapon is to destroy the power grid in hostile nations as a part of the tactics applied where military actions are likely to escalate.

Known as “blackout bombs,” the warheads can be dropped by a plane over power stations. A form of cluster bombs, they split into several canister-like “sub-munitions,” which in turn release carbon graphite filaments that short-circuit the electricity supplies.

South Korea is adding the weapons to its arsenal as part of one of its recently-developed military programs, the so-called “Kill Chain,” which aims to detect an imminent missile attack from the North and react with a pre-emptive strike.

No shots are actually fired and there is no injury or death component to using the blackout bombs. The objective is the merely destroy power stations by short circuiting the systems.

The BLU-114 was developed as a highly classified weapon intended to effectively neutralize electrical power infrastructure without destroying it. This weapon also has been referred to as the ‘soft-bomb’ or the ‘graphite bomb’. Like many other cluster bombs it can be released from virtually any tactical aircraft operated by the United States or allied countries.

The BLU-114 disperses large numbers of chemically treated carbon graphite filaments which short-circuit electrical power distribution equipment such as transformers and switching stations. Used in large numbers it can even shut down the entire power grid of a given country. This weapon represents an excellent sample of non-lethal weaponry with near zero collateral damage.

The CBU-94 Blackout Bomb is the main application for the BLU-114 warhead. It was reported to be employed during the conflict of the former Yugoslavia in 1999 short-cincturing the electrical power infrastructure of Serbia during operation Allied Force. It has been suggested that the BLU-114 or a very similar warhead was integrated into the Tomahawk missile and the AGM-154 JSOW standoff weapon.

  photo

A tactic known as a ‘kill chain’ does not represent death but rather it is a pillar as part of a first strike mission to begin the process of neutralizing battle-space.

Applying all intelligence including satellite reconnaissance as well as cyber and signals intelligence is part of the operations in the stepped process to execute war strategies.

The second and third prongs of South Korea’s defense strategy include missile defense and retaliatory strikes from aircraft in the event North Korea launches a missile. They include the Korean Air and Missile Defense (KAMD) system, and the Korean Massive Punishment and Retaliation (KMRR) plan. KAMD is a controversial plan to develop a system to intercept short-range missiles. KMRR is a concept for destroying Pyongyang in the event of a North Korean nuclear first strike.

But it is the first and most dangerous part of the new military strategy – the “Kill Chain” – that has diplomatic observers worried. Such a pre-emptive strike would almost certainly lead to war – and not just any war, but regional nuclear war.

 

US Shuttering Diplomatic and Tourism Operations in Cuba

Posted on by

Twenty-one U.S. diplomatic personnel assigned to Cuba have been severely affected by some health condition with the cause still unknown officially. Secretary of State, Rex Tillerson has issued travel warnings to Cuba for civilians and has ordered a large number of government personnel to leave the island. Cuba is allegedly cooperating in the investigation and for more than a year, there have been no clues or resolutions. The FBI additionally sent an expert team to Havana to investigate all associated locations including the housing where these attacks have occurred. The housing for diplomatic personnel is provided by Cuba and as with all laws and standards, the host country must provide safe conditions and be approved by the U.S. State Department.

  photo

So, what are the likely explanations for U.S. personnel and Canadian personnel suffering from hearing loss, brain damage and even speech complications?

Well as submitted by former CIA official John Sipher, who has served in some hostile nations does offer some explanation(s) as to what those nations have history done to U.S. facilities.

During my time overseas, I have had personal experience with several of these “attacks.” In the 1980s and 1990s, the Soviet and then Russian intelligence services deployed doses of nitrophenyl pentaden (NPPD) against American diplomats whom they suspected of managing espionage operations against Russian interests. This so-called “spy dust” was an invisible electromagnetic powder with a customized chemical identifier. It was smeared onto door handles, furniture and cars of suspected American spy handlers. It was a tagging agent used by Russian security elements to covertly monitor their own community by revealing unreported (and potentially espionage related) contacts between Russian and American officials. It was somewhat ingenious. After deploying the invisible material on a suspected U.S. intelligence officer, Russian counter-intelligence would snoop after-hours through the offices of Russian government employees looking for traces of the material. Discovery of the powder in the office of someone who had not reported contact with the American provided significant proof of suspicious activity.

What was not ingenious, however, were the threats to human health. There were concerns at the time that the material was carcinogenic and could be harmful to American diplomats. Following studies, the United States determined there was no specific evidence of a threat to the U.S. diplomatic community since it was only used against a handful of people. As someone who was “dusted,” that explanation didn’t really make me feel much better. However, the substance was at least a step up from earlier Russian tracking devices like radioactive nails hammered into the tires of U.S. diplomatic vehicles, allowing Russian surveillance vehicles to hang back unseen and follow along by using special equipment to track targets’ tire residue.

The Russian security services were also known to flood the U.S. embassy in Moscow with electromagnetic radiation. They would beam concentrated microwaves and electronic pulses at the Embassy in an attempt to eavesdrop on U.S. typewriters and conversations. In the 1970s, a U.S. Ambassador contracted and died of a blood disease that many assumed to be a result of the attacks. The State Department detected high levels of radiation in the embassy staff, and provided hazard pay to personnel who worked in Moscow. A variety of electronic attacks continued over the years to include mobile Russian vans that acted as a giant x-ray that could be directed at diplomats all over town. In a similar fashion, high frequency devices can be used to pulse other devices, perhaps turning on or off collection devices in homes or offices.

Similarly, the Russian security services undertook a massive effort to bug the new embassy building in Moscow with all sorts of technical gear, some of which could potentially affect the health of Americans. Indeed, the new embassy construction was even abandoned in 1985 due to the sheer volume and sophistication of electronic eavesdropping equipment that was found throughout the walls, concrete floors and underground. A second attempt to improve the security of the building also faltered when the United States found an equally aggressive and sophisticated attack, which included building listening devices directly into the steel beams holding the building upright. Even the sidewalks and streets throughout the neighborhood were embedded with electronic collection gear which was designed to turn the embassy building into a giant antenna. The United States lost hundreds of millions of dollars trying to fix the problems, and eventually tore off the top several floors of the Embassy and rebuilt it with specially imported materials put together by American-only labor – an effort the U.S. called the “Top Hat” solution. The decades-long process displayed the remarkable expertise of the Russians in the use of technical sensors and surveillance gear. Russian technology was consistently underestimated by the U.S. and often our best scientists had difficulty understanding what the Russians were up to. Full article here.

photo courtesy CBS

Could Mr. Sipher be missing something or omitting something? Yes.

There is something called vibroacoustic syndrome—the effect of infrasonic output not on your hearing but on the various fluid-filled parts of your body, which can affect hearing and loss of balance.

The low frequency of infrasonic sound and its corresponding long wavelength makes it much more capable of bending around or penetrating your body, creating an oscillating pressure system. Depending on the frequency, different parts of your body will resonate, which can have very unusual non-auditory effects. For example, one of the ones that occur at relatively safe sound levels (< 100 dB) occurs at 19Hz. If you sit in front of a very good-quality subwoofer and play a 19Hz sound (or have access to a sound programmer and get an audible sound to modulate at 19Hz), try taking off your glasses or removing your contacts. Your eyes will twitch. If you turn up the volume so you start approaching 110 dB, you may even start seeing colored lights at the periphery of your vision or ghostly gray regions in the center. This is because 19Hz is the resonant frequency of the human eyeball. The low-frequency pulsations start distorting the eyeball’s shape and pushing on the retina, activating the rods and cones by pressure rather than light.* This non-auditory effect may be the basis of some supernatural folklore. In 1998, Tony Lawrence and Vic Tandy wrote a paper for the Journal of the Society for Psychical Research (not my usual fare) called “Ghosts in the Machine,” in which they describe how they got to the root of stories of a “haunted” laboratory. People in the lab had described seeing “ghostly” gray shapes that disappeared when they turned to face them. Upon examining the area, it turned out that a fan was resonating the room at 18.98Hz, almost exactly the resonant frequency of the human eyeball. When the fan was turned off, so did all stories of ghostly apparitions. More here.

Going back as far as 1998, the Foreign Military Office at Fort Leavenworth published a short summary of what was described then as ‘wonder weapons’. In part:

A recent edition of U.S. News and World Report highlighted several of these “wonder weapons” (acoustics, microwaves, lasers) and noted that scientists are “searching the electromagnetic and sonic spectrums for wavelengths that can affect human behavior.” 3A recent Russian military article offered a slightly different slant to the problem, declaring that “humanity stands on the brink of a psychotropic war” with the mind and body as the focus. That article discussed Russian and international attempts to control the psycho-physical condition of man and his decision making processes by the use of VHF-generators, “noiseless cassettes,” and other technologies.

An entirely new arsenal of weapons, based on devices designed to introduce subliminal messages or to alter the body’s psychological and data processing capabilities, might be used to incapacitate individuals. These weapons aim to control or alter the psyche, or to attack the various sensory and data-processing systems of the human organism. In both cases, the goal is to confuse or destroy the signals that normally keep the body in equilibrium.

This article examines energy-based weapons, psychotropic weapons, and other developments designed to alter the ability of the human body to process stimuli. One consequence of this assessment is that the way we commonly use the term “information warfare” falls short when the individual soldier, not his equipment, becomes the target of attack.

A 2014 study in the journal Royal Society Open Science found that low-frequency sounds below the audible range could disrupt little whistles made by the ear, called spontaneous optoacoustic emissions, in response to noise. (How that mapped to symptoms, however, wasn’t clear.)

In this instance, one possibility is that the infrasound stimulated the part of the ear not dedicated to hearing — the vestibular system that controls balance, Liberman said. In that instance, the symptoms wouldn’t appear immediately.

“You could imagine them being very slow onset and very persistent,” Liberman said. “It might take days before you even notice any funny sensations.”

Sonic weapons

While the idea of a silent sonic weapon sounds like something out of James Bond, Inspector Gadget or the reject pile of DARPA, the idea of using sound as a weapon has a long history.

For instance, studies show that animals exposed to high-intensity, focused ultrasound can experience lung and brain damage. And a cruise line circling the pirate-infested waters off the Somali coast has taken to using a military-grade “sonic weapon” to deter would-be hijackers, the BBC reported. This long-range device, also known as a sound cannon, can cause permanent hearing loss at distances of up to 984 feet (300 meters), according to the BBC. Other companies have developed a magnetic acoustic device, commonly referred to as a sound laser , that deploys incredibly painful, focused beams of sound to deter people from an area, NPR reported. The Israeli army has also used a device known as “The Scream,” which damages the inner ear, causing nausea and dizziness, Wired reported. More here from FNC.

There is more going on than is being reported. Further, I would be asking all allied nations to Cuba that have access to Cuba what they know and I would be challenging all SIGINT communications on the island…surely there is chatter about this very event. Since there are some Canadian personnel involved, has Canada made any inquiries and launched investigations? Crickets…

 

 

Lies in the Sky, Terror on the Ground Part 2

Posted on by

Part one of this investigation, go here.

Additional information regarding the requirements by TSA, go here.

Could 9/11 happen again? The answer is yes but it would not follow the same model as that fateful day. Follow this narrative to see the gaps.

Then, the new director of the FBI gave some compelling testimony this week about the drone threat.

The FAA was warned in 2009 that people with terrorist ties were licensed to fly and repair aircraft. Eight years later, it is, incredibly, still the case.

Nader Ali Sabouri Haghighi’s own pilot certificate, it turned out, had been revoked years earlier for providing false information, but the Federal Aviation Administration conveniently mailed him a new one. Haghighi had called the FAA hot line claiming to be a professional pilot named Daniel George who had lost his license. He then recited George’s license number and other personal details that he’d obtained from their business dealings. Without asking further questions, the FAA agent sent Haghighi a license with George’s name on it.

It ought to have been difficult for the black-haired, brown-eyed Iranian to use a pilot’s license belonging to a fair-skinned, gray-haired American nearly 20 years his senior, except for one factor: FAA pilot licenses do not include photographs of the pilot. Haghighi was able to pull off his ruse for nearly four years until Danish police found the license in the rubble of the crash.

Almost a decade after Haghighi’s brazen identify theft, the FAA still does not include pilot photos on its licenses, and the agency does not fully vet pilot information before issuing them credentials. Last year, a leading congressional overseer of the FAA, then-Representative John Mica, called US pilot licenses “a joke” and said that a day pass to Disney World in his native Florida contains more sophisticated security measures.

FAA officials defend their licensing practices, noting that pilots are also required to carry a government-issued ID such as a driver’s license to prove their identity. The pilot certificate, they say, is more an indicator of the pilot’s level of training than a security tool, and commercial airports and airlines generally issue their own IDs for access to tarmacs, planes, and other secure areas.

But the flawed airman licenses are part of a troubling pattern of lax oversight of more than 1 million FAA-approved airmen — including pilots, mechanics, flight attendants, and other aviation personnel — that has made the agency vulnerable to fraud, and the public vulnerable to those who mean to do harm, a Spotlight Team review has found.

After the 9/11 attacks, Congress called on the FAA to overhaul its licensing for more than 600,000 US-certified pilots. But the FAA’s changes so far have been modest, such as making licenses with higher-quality materials to reduce forgeries. Today, FAA security procedures remain geared more toward the convenience of pilots than the needs of a nation engaged in a “war on terror,” often failing to challenge airmen’s claims on their applications and seemingly unaware of deceptions.

Haghighi, for example, continued to finagle help from the FAA even after he went to jail in Denmark for flying without a valid license and endangering his passenger. After his release, the FAA issued him a medical certificate that helped him land a job at an airline in Indonesia in 2014. All he had to do was change one letter in the spelling of Sabouri and alter his birth year. An official at another federal agency eventually tipped off the FAA to Haghighi’s duplicity.

Or take the case of Richard Hoagland. Beginning in 1994, he purchased homes, registered a plane, obtained a pilot license, and even got married under the name Terry Symansky, according to court records. The ruse wasn’t discovered until Symansky’s nephew was doing family research on Ancestry.com and found that his late uncle was listed as alive. The FAA never caught on that the real Terry Symansky had been dead since 1991, issuing Hoagland a new private pilot certificate in Symansky’s name as recently as 2010. Hoagland is now serving a two-year sentence in federal prison for identity theft.

FAA procedures also make it easy for pilots to hide damaging information, by simply not reporting it. That’s because the agency relies on them to self-report felony convictions and other crimes that could lead to license revocation. Among the licensed pilots currently listed in the airman registry are Carlos Licona and Paul Grebenc, United Airlines pilots who were sentenced to jail in Scotland earlier this year for attempting to fly a commercial airliner with alcohol in their blood. Under FAA rules, an alcohol-related offense, especially related to flying, can be grounds for license revocation or suspension, though the FAA decides on a case by case basis.

But as of Sept. 1, Grebenc and Licona were still listed in the FAA’s active airman registry. Agency records showed that as of January, four months after the men were arrested, there were no reported incidents or enforcement actions related to the pilots.

FAA officials stress that they are not the police officers of the skies, leaving that job to an alphabet soup of agencies including the Transportation Security Administration, Homeland Security, and the FBI. The FAA merely issues the airman certificates and keeps the database that helps these investigators do their work. And, while FAA officials admit they don’t routinely investigate information that pilots, mechanics, and others list on license applications, the TSA says it continuously reviews the FAA database against the Terrorist Screening Database, additional terrorism-related information, and other government watch lists. Since 2010, the TSA has completed 28 million airman threat assessments.

But it is hardly a fail-safe system. Outside reviewers have repeatedly found that the FAA’s Airman Registry is riddled with errors and gaps, making it difficult for law enforcement officials to rely on. More than 43,000 pilots received licenses even though they did not provide the FAA with a permanent address, according to a 2013 audit by the Department of Transportation inspector general. Two years earlier, the Department of Homeland Security inspector general found that 8,000 of the Social Security numbers on file belonged to dead people, in part because the FAA doesn’t purge its files of dated information. Another 15,000 didn’t match the airmen’s personal information on file.

When asked whether the FAA vets the information on airman certificate applications, officials did not answer directly. The FAA issued a statement reading, “Pilots are expected to provide accurate and complete information on all FAA forms.”

Agency officials also said that, when pilots apply for medical certificates — a crucial document needed to fly — they conduct a one-time check against the national drivers’ database for drug- or alcohol-related convictions.

The lack of accurate information can have serious consequences. Last October, when a student pilot from Jordan intentionally crashed a twin-engine plane near a major defense contractor in East Hartford, Conn., law enforcement officials initially feared terrorism and converged on the Illinois address he had given the FAA. But the student, Feras M. Freitekh, had listed the address of a family friend, a place where he had never lived, so law enforcement descended on a house nearly 900 miles from his actual home.

Most worrisome, even with ongoing TSA vetting, people with suspected or proven ties to terrorism still keep active airman certificates.

FAA-Approved offenders

Mark Schiffer couldn’t believe what he was finding.

Schiffer, the chief scientist for a company that helps banks detect fraud, was simply testing an algorithm to check names against publicly available watch lists that included suspected terrorists and other bad actors. In April 2009, he was using data from the FAA Airman Registry for his test because the list was large and readily available.

But he kept turning up terrorists.

There was Fawzi Mustapha Assi, who was on the FBI’s most-wanted list for five years before being convicted of providing material support to Hezbollah in 2008. Though imprisoned, he had an active pilot’s license, which never expires. His release was expected in a few years.

Also on the list was Myron Tereshchuk, an FAA-certified mechanic and student pilot, who was convicted in federal court in 2005 for possession of biological agents or toxins that could be used as weapons. Tereshchuk was also in prison, but he, too, was expected to be released in a few years.

And there was Abdelbaset Ali Mohmed al-Megrahi, who was sentenced to life in prison for his role in the bombing of Flight 103 over Lockerbie, Scotland. Scottish authorities released him in 2009 on compassionate grounds after he was diagnosed with terminal cancer. He still had a valid aircraft dispatcher certificate from the FAA.

“Holy cow,” Schiffer said to himself.

In all, Schiffer and his company, Safe Banking Systems of New York, confirmed eight matches between FAA-approved airmen and various watch lists.

“The results were as unexpected as they are chilling,” Safe Banking Systems said in a June 2009 report distributed to nearly 40 lawmakers and top government officials, including the FAA administrator and then-Secretary of State Hillary Clinton.

But no one responded until a New York Times reporter asked the Transportation Security Administration about the certified airmen with terror ties listed in the Safe Banking Systems report. The following day, in June 2009, the TSA advised the FAA to revoke airman certificates for six of the eight names that SBS gave to the reporter.

The Department of Homeland Security’s inspector general, in an 18-month investigation released in July 2011, found that the TSA’s ability to screen airmen for national security threats is hampered by the quality of information the FAA provides. The TSA could not properly vet thousands of airmen because of missing or inaccurate data within the FAA’s registry, according to the report. From 2007 to 2010, the TSA recommended the revocation of 27 licenses, but that number would likely have been larger had all of the information been complete.

The inspector general also found that the TSA doesn’t screen for broader criminal activity, allowing airmen who “have outstanding warrants or are known fugitives” to escape detection. The IG said that one US-approved pilot was actually a “drug kingpin” serving 20 years in a foreign prison.

Since then, the TSA and FAA have stepped up their screening for national security threats, reviewing the FAA database four times a year to ensure accuracy.

The Spotlight Team wanted to check whether the heightened scrutiny has improved the FAA’s record in preventing bad actors from having pilot’s licenses. At the request of the Globe, Safe Banking Systems tested the public part of the airman registry and again found problems.

Running the same name-matching program in January 2017, SBS found five active airmen on watch lists with possible ties to terrorism or international crime, including Tairod Nathan Webster Pugh, a former Air Force mechanic who bought a one-way ticket to Turkey in 2015. His packed bags included flash drives with maps, a letter to his wife about jihad, and his Federal Aviation Administration airman certificate, according to court records. When he was arrested, Pugh was headed to Syria to offer himself as an aircraft mechanic.

In May, Pugh was sentenced to 35 years in prison for attempting to provide material support to the Islamic State, though he is appealing.

On Aug. 1, Pugh’s name still appeared on the FAA’s list of active airmen. But Pugh was removed by Sept. 1, days after the Globe requested his records. FAA officials now say that Pugh’s license was actually revoked in 2015, though on Friday, they could not explain why his name continued to be on the active list for another two years.

In addition, SBS turned up a long-time American Airlines mechanic who attempted to broker a deal that would have moved seven Airbus A300s to Iran, which the United States has identified as a state sponsor of terrorism; a Florida businessman who was planning on illegally shipping navigation systems used for steering planes, ships, and missiles to Turkey; and an Irish pilot sanctioned by the US Office of Foreign Assets Control for his connections to a company and plane that were also sanctioned. The mechanic and Florida businessman both have been released from prison, while the Irish pilot has not been charged with a crime.

In August, when the Globe requested information about the airmen identified by SBS, FAA records contained no indication that any of the five had faced FAA enforcement action.

“Have things really changed? Does the government know who they are dealing with?” said David Schiffer, Safe Banking Systems’ chief executive officer (and Mark Schiffer’s father). “The fact that some are licensed while still incarcerated is unbelievable. We certainly view this as a very serious threat to national security.”

A History of Deceit

Long before the crash in Denmark, Nader Haghighi had spent years duping the FAA. When his name came across the desk of federal investigator Robert Mancuso in late 2008, Haghighi had already racked up a significant criminal record for stealing a plane, had had his pilot’s license revoked, and had even been deported from the United States in 2006, according to federal investigative reports and court records. And the FAA was receiving two new calls per month about Haghighi’s scams.

Mancuso, a special agent for the US Department of Transportation Inspector General’s Computer Crimes Unit, began investigating a report that Haghighi had tried to illegally obtain a pilot’s license online using Daniel George’s name. Mancuso quickly discovered that George was just one more victim of a con man who used at least a dozen aliases and falsely claimed to have a degree from the Massachusetts Institute of Technology and a job at Lockheed Martin.

But Haghighi made a mistake when he initially tried to get George’s license. He had collected George’s personal information when he hired the professional pilot to fly a plane for him. But when Haghighi entered the stolen information online to get a copy of George’s license, Haghighi neglected to change the e-mail address on the account, so George received notification about the new license and contacted the FAA. The agency intercepted the certificate before it was sent out.

And Mancuso thought that was the end of it, though he kept investigating Haghighi.

Then, when Haghighi crashed with George’s license in his possession a few years later, Mancuso made a stunning discovery: Haghighi had found yet another way to get a license. He called the FAA directly, posing as George and complaining that he had never received the certificate he had requested weeks earlier. The FAA, without further investigation, mailed out a new copy to Haghighi’s post office box in Texas, something an FAA employee told Mancuso was “not uncommon for our office to do, based on a phone call from the airman.”

“I was shocked,” said Mancuso, who traveled to Denmark to testify against Haghighi. “I assumed that some type of fraud alert would be placed on Mr. George’s record to prohibit this from happening, especially when it was sent to the same bad address.”

The FAA said pilots today can no longer request duplicate certificates by telephone, but they can get them online or by mail.

During his trial in Denmark, Haghighi tried yet another scam, insisting that his real name wasn’t Haghighi or George but the one on another passport recovered from the crashed plane. But the judge didn’t believe him and sentenced Haghighi to 10 months in prison for endangering passengers, including children, flying without a valid license or a required co-pilot on multiple occasions.

Even then, Haghighi was not through tricking the FAA. A year after his release from prison, in February 2014, he contacted the agency to secure another medical certificate, which is needed for pilots to fly.

On his application, he changed his name from “Sabouri” to “Saboori” and his birth year from 1972 to 1973. According to a US Department of Transportation investigative report, Haghighi lied repeatedly on the form, claiming that he had not visited a medical professional in three years, even though emergency responders had found him unconscious inside a crashed plane just two years earlier.

His word was good enough for the FAA, which gave Haghighi a new certificate that he promptly used to land a job with Susi Air, an Indonesian airline.

Flying again

Haghighi is an extreme example, but his case is by no means isolated. At least one other pilot on the FAA registry, Re Tabib, won his license back after he went to prison for attempting to smuggle aircraft parts to Iran and was formally declared a security threat by the TSA.

In 2006, federal officers seized thousands of aircraft parts, some packed in suitcases, and “shopping lists” from the California home of Tabib, an Iranian-born FAA certified pilot. He was arrested on charges of attempting to illegally export parts for F-14 Tomcat jets to Iran.

Tabib, a veteran airman who at one time piloted private flights for the designer Gianni Versace, pleaded guilty and served time in federal prison from July 2007 until January 2009. Yet, according to court records, the FAA issued him an Airline Transport Pilot certificate, the highest-level license for pilots, just three months after his release, allowing him to fly large jets.

Unlike other pilots with a criminal record, Tabib made no attempt to hide his past, alerting the agency about his felony conviction on an application form that calls on candidates to disclose any previous arrests or convictions. But the FAA — which can suspend flying privileges for anyone with an ATP license it judges not of “good moral character” — did not revoke or suspend his license.

As of August, FAA records revealed no incidents or enforcement records connected to Tabib. The agency declined to comment further on Tabib’s case but said it examines possible violations of the “good moral character” standard on a case by case basis. The agency said that a criminal conviction is not automatic grounds for action against an ATP license.

In June 2009, just months after Tabib received his new certificates from the FAA, Safe Banking Systems, the New York fraud detection company, matched Tabib’s name to public watch lists and passed it along with others to The New York Times.

The TSA responded to the story by advising the FAA to revoke Tabib’s certificate. Tabib’s airman certificates gave him “insider access” that, combined with his connections to Iran, could render him a security threat, according to a 2010 decision by an administrative law judge.

Tabib fought the decision for years and finally reached a settlement with the TSA in 2012. His attorney, Robert Schultz, said the law permitting the TSA to revoke airman licenses is unconstitutional because it treats airmen as presumed guilty without proper due process.

“Mr. Tabib was a professional pilot who was denied the right to earn a living for years based on mere suspicion,” Schultz said, referring to the TSA threat assessment. Last year, the FAA issued him new commercial pilot and flight instructor certificates.

This time, Tabib’s name was kept out of the FAA database of active airmen that the public can download to review the full list of pilots and mechanics. As a result, his name did not appear this year when Safe Banking Systems checked for airmen who had been on terror watch lists. More than 350,000 airmen were excluded from the public database at their request.

Recent social media posts show Tabib in front of a King Air C90 turboprop aircraft. A photo from this spring shows him wearing an aviation headset in the cockpit of a plane at the Azadi airport in Iran. His Facebook page says he’s now a flight instructor and pilot at John Wayne Airport in Orange County, Calif. Tabib is flying again.

Con air

Mario Jose Donadi-Gafaro, a US-licensed pilot, died along with six others in a horrific plane crash in Venezuela in 2008 when his plane plummeted into a bustling neighborhood a few minutes after takeoff. He never made a distress call, and questions still remain nine years later about the cause of the accident.

But another mystery is how Donadi-Gafaro, a pilot who also moonlighted as a drug trafficker, kept a US pilot’s license as long as he did.

Donadi-Gafaro’s criminal career began at least a decade before the crash. His initial US felony drug conviction in 1999 for importing cocaine into Miami International Airport should, under FAA rules, have immediately triggered agency scrutiny of his license.

But even after the pilot was convicted a second time — this time in Venezuela — in 2006 for attempting to transport cocaine on an aircraft, the FAA did not revoke Donadi-Gafaro’s license. Instead, the agency gave him a promotion. He applied for and was issued his Air Transport Pilot’s License, the gold standard of US airmen ratings, on July 23, 2007. Almost a decade after the crash in Venezuela that killed him, the FAA still listed Donadi-Gafaro as an “active” pilot, including him in its database as recently as March 2016.

The agency finally deactivated his license in 2016 after the Globe began asking questions about it. The FAA declined to comment on whether Donadi-Gafaro had reported his conviction, saying that information is protected under the Privacy Act.

‘We don’t know who they are’

A frustrated John Mica held up a plastic card as he addressed a 2016 hearing of his House subcommittee on the topic of “securing our skies.” The card, borrowed from then-Representative Tammy Duckworth, a pilot, was an example of a modern FAA certificate.

“An airline pilot has access to the controls, flying the plane,” said Mica, but a US pilot’s license lacks basic security features and includes only a decorative picture. “The only photo on this license are the Wright brothers, Orville and Wilbur. Orville and Wilbur, I blew it up here. OK?”

To make his point, the congressman held up an entry pass for Disney World. The card, decorated with Minnie Mouse, has a magnetic strip that is capable of linking identities to fingerprints. This allows Disney to track when cardholders enter or leave the park. The FAA license is primitive by comparison.

“This is Minnie Mouse,” said Mica, referring to the Disney pass. Then, nodding to Duckworth’s certificate in his other hand, he added, “and this is Mickey Mouse.”

Congress long ago called on the FAA to implement significant changes. The Intelligence Reform and Terrorism Prevention Act of 2004 mandated not only pictures of pilots, but also that pilot licenses include biometric capabilities such as fingerprints or iris scans.

“Fifteen years later, we see a system that has not complied with the laws that we have passed multiple times,” said Mica. “We have pilots that are flying planes. We don’t know who they are.”

The FAA said that it has made some improvements. In 2003, the agency switched from paper licenses to new “security-enhanced airman certificates,” the FAA said. The plastic documents include an FAA seal and, according to the FAA, are resistant to tampering, alteration, and counterfeiting.

But lawmakers have repeatedly challenged the agency on why the FAA has not followed congressional mandates regarding the licenses. Mica, in particular, voiced his concern publicly about the licenses in letters and hearings in 2010, 2011, 2013, and most recently, last year.

In 2017, the former congressman says he’s still concerned about the lack of progress and failure to have a “credible” document.

“We tried to get them to comply, but they never did fully comply,” Mica said. “Any credit card in your wallet has better capability.”

Many pilots and flight instructors opposed the photo IDs, some complaining that it could add to the cost of licensing without improving national security. In written comments to the FAA, pilots said the photo on the license was unnecessary because they are already required to carry other photo IDs — and because airport officials never ask to see pilot certificates anyway.

“Many of our members describe this effort as ‘security theater,’ putting a photograph on a document that authorities never ask for,” said Doug Stewart, chairman of the Society of Aviation and Flight Educators, in a 2011 letter.

“What is most critical in the issuance of an FAA pilot certificate from a security standpoint is the accurate establishment of the pilot’s identity, background descriptors, and qualifications,” wrote Robb Powers, chairman of the national security committee at the Air Line Pilots Association, International. “Presently, FAA does not verify the identity of the person requesting a pilot certificate other than through visual inspection of the individual’s driver’s license or passport.”

As of last month, the agency said it, along with the Department of Transportation, is “still evaluating options for including a photo,” a project expected to cost about $1 billion.

While the FAA has pondered additional security requirements for more than a decade, special interest groups have worked to quietly relax regulation for pilots. In a victory for advocates of general aviation, Congress eased the medical requirements for pilots seeking a basic license, requiring only a visit to the family doctor and participation in an online course provided by the Aircraft Owners and Pilots Association. And the FAA reauthorization bill now in the Senate includes an amendment to roll back some commercial pilot training requirements enacted after a 2009 regional airline crash that killed 50 and was blamed on pilot error.

‘What a nightmare’

Early into his new job, officials at Susi Air in Indonesia grew suspicious of Nader Haghighi and discovered that his passport number belonged to someone else. They alerted the United States.

Robert Mancuso, the Department of Transportation investigator who tracked Haghighi for years as the con man fooled authorities while using many aliases, including Nader Schruder, learned about the latest escapade and sent an e-mail to FAA officials.

“Hello all! It’s my yearly e-mail regarding Mr. Nader Schruder. He seems to have popped back up in Indonesia with his revoked FAA certificate . . . Can you also run a search for any pilots with the name ‘Nader Ali Saboori’ to make sure he doesn’t have another certificate.”

The FAA responded the next day: “I do show a record for SABOORI; Nader Ali with a First Class Medical certificate issued 2/27/14 . . . It’s probably the same airman.”

Haghighi soon after found himself without a job. He left Indonesia and was detained during a stopover in Panama after US authorities put out an alert. In November 2014, Haghighi pleaded guilty in US District Court in Houston to four counts of identity theft.

George, the man whose identity Haghighi stole, wrote a letter to the judge detailing the personal toll — hundreds of thousands of dollars in lost revenue from potential pilot positions and thousands of hours spent trying to figure out where Haghighi would turn up next.

“What a nightmare this man has been to me personally and professionally,” George wrote.

After Haghighi was released from federal prison in October 2016, he was deported to his native Iran — ending roughly 15 years of deception.

“It’s sad it went on this long. He was putting the public’s life in danger,” said Mancuso, now a special agent at another federal office of the inspector general.

Haghighi, in Facebook messages to a Globe reporter, expressed no remorse for his behavior and described the FAA in bluntly critical terms: “know the right person, pay the right amount in a right way and then the sky turns green.”

The Globe could find no evidence that Haghighi has a US pilot’s license today, but a Facebook photo update in March suggests he hasn’t given up hope: He was smiling from the cockpit of a plane with his hand inches away from the controls.

For full access to photos and videos go here.

The Rest of the Questions/Conditions Regarding North Korea

Posted on by

The Beijing government knows full well all the ins and outs of North Korea including all banking relationships, cyber attacks, illicit activities, counterfeiting and gets assistance from China on how to skirt international sanctions. Still, China has the ability to make the world safer from the rogue Kim regime including outside assistance from Syria, Venezuela, Iran and Russia. Whatever the future holds for global security and equilibrium, Beijing is responsible.

Photo

North Korean leader Kim Jong Un is fixated on obtaining a serious nuclear arsenal, and continues to thumb his nose at the U.S. and other world powers. The latest round of United Nations Security Council sanctions approved Monday are not going to change that. But one aspect of them — new measures to interdict ships breaking trade embargoes against Pyongyang — could be baby steps toward much stronger sanctions enforcement.

The new resolution gives the U.S. and other countries the power to inspect ships going in and out of North Korea’s ports but, unfortunately, does not authorize the use of force if the target ships don’t comply. Equally bad, the inspections would need the consent of the countries where the ships are registered. This is a far weaker regime than what was initially proposed by the Donald Trump administration, which would have empowered U.S. military vessels to “use all necessary measures” to force compliance. That the language was watered down to avoid a veto from Russia or China.

The fact is, the only way to keep the Kim regime from violating UN sanctions would be a stringent naval blockade. While a full-on blockade would require a Security Council resolution, it would be possible for the U.S. to immediately start putting in place the rudiments of a comprehensive inspection regime on the high seas, which could be easily adapted over time as more allies, partners and ultimately geopolitical competitors like China and Russia can be persuaded to sign on. Indeed, the Trump administration has already been thinking along these lines.

Such a blockade would serve three key purposes: definitively cutting off North Korea’s access to oil imports from the sea; stopping Korean exports, especially textiles and seafood (which are of significant hard currency value to the regime); and ensuring that high-tech machinery and raw materials that might support Kim’s nuclear-weapons and missile programs are not allowed into the Hermit Kingdom.

While China might continue to provide such supplies across the long Chinese-North Korean land border, a naval blockade would increase pressure on Beijing to comply with existing UN sanctions, as any illegal imports would be obvious proof of Chinese violations.

Setting up a naval blockade is a tactical challenge, even for the U.S. North Korea operates commercial and military ports on its east and west coasts of the peninsula, including Nampo on the Bay of Korea and Hungnam on the Sea of Japan. It also has ports in the far northeast of the country on the edge of Russia, which has been one of Kim’s apologists on the world stage. Shutting down the entire flow of goods into and out of North Korea would significantly tax the U.S. Pacific Fleet.

But it wouldn’t be impossible. The blockade would probably be commanded and controlled tactically out of Seoul, at the headquarters of the commander of U.S. Forces Korea, Army General Vincent Brooks. (An odd legacy of the Korean War is that Brooks is also the commander of UN forces on the peninsula.) At sea, the Navy would probably operationalize the blockade under the overall tactical control of the commander of the U.S. Seventh Fleet, which is based across the Sea of Japan in Yokosuka. The flagship of the fleet, the USS Blue Ridge, is optimized for complex combat operations and would be the seagoing base for the blockade. The fleet has a new commander, Admiral Phil Sawyer, who was brought after the collisions of two Navy destroyers, the McCain and Fitzgerald, with commercial ships this year. More here from Bloomberg.

***

There is an international program to practice and plan for anything that North Korea may have in process militarily.

North Korea’s intensifying experiments appear to have prompted the Formidable Shield exercise, which is the first time that Nato allies have practised defending against incoming ballistic missiles with no prior warning in Europe.

It launched the day after the US sent bombers and fighter jets over waters east of North Korea to send a “clear message that the President has many military options to defeat any threat”.

Donald Trump appeared to threaten regime change in the country over the weekend, causing the North Korean foreign minister to accuse the President of “declaring war” in a speech at the United Nations.

American forces are leading the exercise off the coast of the Scotland, alongside troops from Britain, Canada, France, Germany, Italy, Spain and the Netherlands.

The Ministry of Defence (MoD) hailed Formidable Shield as “one of the most sophisticated and complex air and missile exercises ever undertaken in the UK”.

A Royal Navy Type 45 Destroyer and two Type 23 frigates are being joined by 11 other ships, 10 aircraft and 3,300 personnel for the month-long exercise.

They will work together to detect, track and shoot down live anti-ship and ballistic missiles. More here.

***

Earlier this month CIA Director Mike Pompeo suggested “the North Koreans have a long history of being proliferators and sharing their knowledge, their technology, their capacities around the world.”

My research has shown that North Korea is more than willing to breach sanctions to earn cash.

A checkered history

Over the years North Korea has earned millions of dollars from the export of arms and missiles, and its involvement in other illicit activities such as smuggling drugs, endangered wildlife products and counterfeit goods.

North Korean technicians allegedly assisted the Pakistanis in production of Krytrons, likely sometime in the 1990s. Krytrons are devices used to trigger the detonation of a nuclear device.

Later in the 1990s, North Korea allegedly transferred cylinders of low-enriched uranium hexafluoride (UF6) to Pakistan, where notorious proliferator A.Q. Khan shipped them onward to Libya. UF6 is a gaseous uranium compound that’s needed to create the “highly enriched uranium” used in weapons.

The most significant case was revealed in 2007 when Israeli Air Force jets bombed a facility in Syria. The U.S. government alleges this was an “undeclared nuclear reactor,” capable of producing plutonium, that had been under construction with North Korean assistance since the late 1990s. A U.S. intelligence briefing shortly after the strike highlighted the close resemblance between the Syrian reactor and the North Korean Yongbyon reactor. It also noted evidence of unspecified “cargo” being transported from North Korea to the site in 2006.

More recently, a 2017 U.N. report alleged that North Korea had been seeking to sell Lithium-6 (Li-6), an isotope used in the production of thermonuclear weapons. The online ad that caught the attention of researchers suggested North Korea could supply 22 pounds of the substance each month from Dandong, a Chinese city on the North Korean border.

There are striking similarities between this latest case and other recent efforts by North Korea to market arms using companies “hidden in plain sight.”

The Li-6 advertisement was allegedly linked to an alias of a North Korean state arms exporter known as “Green Pine Associated Corporation.” Green Pine and associated individuals were hit with a U.N. asset freeze and travel ban in 2012. The individual named on the ad was a North Korean based in Beijing formerly listed as having diplomatic status. As was noted when the Li-6 story broke, the contact details provided with the ad were made up: The street address did not exist and the phone number didn’t work. However, prospective buyers could contact the seller through the online platform.

This case – our most recent data point – raises significant questions. Was this North Korea testing the water for future sales? Does it suggest that North Korea may be willing to sell materials and goods it can produce in surplus? Was the case an anomaly rather than representative of a trend? More here.