Category Archives: Department of Homeland Security

Hey Moscow, What About the ‘neuroweapons’ Used in Cuba attacks

Posted on by
General view of the U.S. Embassy in Havana after the U.S. government pulled more than half of its diplomatic personnel out of Cuba in September 2017. (Photo: Ernesto Mastrascusa/Getty Images)

Primer:

Neurotechnologies as Weapons of Mass Disruption or Future Asymmetric Warfare: Putative Mechanisms, Emerging Threats, and Bad Actor Scenarios

Intelligence agencies investigating mysterious “attacks” that led to brain injuries in U.S. personnel in Cuba and China consider Russia to be the main suspect, three U.S. officials and two others briefed on the investigation tell NBC News.

The suspicion that Russia is likely behind the alleged attacks is backed up by evidence from communications intercepts, known in the spy world as signals intelligence, amassed during a lengthy and ongoing investigation involving the FBI, the CIA and other U.S. agencies. The officials declined to elaborate on the nature of the intelligence.

The evidence is not yet conclusive enough, however, for the U.S. to formally assign blame to Moscow for incidents that started in late 2016 and have continued in 2018, causing a major rupture in U.S.-Cuba relations.

Since last year, the U.S. military has been working to reverse-engineer the weapon or weapons used to harm the diplomats, according to Trump administration officials, congressional aides and others briefed on the investigation, including by testing various devices on animals. As part of that effort, the U.S. has turned to the Air Force and its directed energy research program at Kirtland Air Force Base in New Mexico, where the military has giant lasers and advanced laboratories to test high-power electromagnetic weapons, including microwaves.

Although the U.S. believes sophisticated microwaves or another type of electromagnetic weapon were likely used on the U.S. government workers, they are also exploring the possibility that one or more additional technologies were also used, possibly in conjunction with microwaves, officials and others involved in the government’s investigation say.

The U.S. has said 26 government workers were injured in unexplained attacks at their homes and hotels in Havana starting in late 2016, causing brain injuries, hearing loss and problems with cognition, balance, vision and hearing problems. Strange sounds heard by the workers initially led investigators to suspect a sonic weapon, but the FBI later determined sound waves by themselves couldn’t have caused the injuries. More here.

*** Truth be told, this investigation and the details are rather disjointed and weird.

Four scientists, including the first doctor to examine the diplomats reporting symptoms in Cuba, took part in a Pentagon-sponsored teleconference on Friday, where they announced new research results, including what they determined to be the probable use of “neuroweapons” in what they called the Havana Effect.

At issue are the more than two dozen U.S. government officials stationed in Havana, who have described hearing strange sounds, followed by a combination of medical symptoms, including dizziness, hearing loss and cognitive problems. More recently, a similar case has been reported in a U.S. embassy worker in Guangzhou, China. For months, a mix of secrecy and speculation has surrounded those incidents, including an increasingly popular theory that the diplomats were the victims of microwave weapons.

Michael Hoffer, an otolaryngologist at the University of Miami, who was the first to conduct tests on the embassy workers, said on the Friday call that the diplomats are suffering from a  “neurosensory dysfunction,” which is primarily affecting their sense of balance.

The Friday call was organized as part of a study program sponsored by the Pentagon and titled “Probable Use of a Neuroweapon to Affect Personnel of US  Embassy in Havana: Findings, Pathology, Possible Causes, and Disruptive Effects.”

A Pentagon official told Yahoo News that the briefing was offered by the scientific team for interested people in the Defense Department and was to gain “general knowledge” about their findings. “This didn’t have an operational element,” the official said.  Read on from here.

N Korean, Park Jin hyok Charged with Global Cyber Attacks

Posted on by

U.S. CHARGES NORTH KOREAN HACKER

Federal prosecutors charged a North Korean man, Park Jin-hyok, with crimes in connection with a series of costly cyberattacks around the globe, including the WannaCry ransomware attack in 2018, the heist of Bangladesh’s central bank in 2017, and the hack of Sony Pictures in 2014. It is the first time the Justice Department has explicitly charged a North Korean hacker backed by the government. Park was allegedly working as a programmer for a North Korean front company in China called Chosun Expo, which had ties to North Korea’s military intelligence.

Legal analysts say the complaint is the most detailed public accounting yet of North Korea’s cyberattacks against foreign adversaries. The Justice Department has now brought hacking-related charges against North Korea, China, Iran, and Russia. (WSJ, NYT, Reuters, DOJ)

Park Jin Hyok, named by officials as a member of the so-called Lazarus Group hacking team behind last year’s WannaCry global ransomware attack and the 2014 digital attack on Sony, apparently used not only advanced technology, but elaborate reconnaissance work to digitally steal money and sensitive information.

First, Park would obtain a number of email addresses of people affiliated with target businesses from traders dealing in large amounts of personal information. Then he would use the emails to gain an understanding of company employees’ fields of interest and personal relationships.

That would let him craft emails that could pass as genuine messages from major companies in content and style, a tactic known as spear phishing. After spending some time building trust, he would send the malicious links to websites that would infect a target’s computer.

In one case, Park apparently masqueraded as a human resources official at a U.S. defense-linked company to exchange messages with workers at one of the company’s competitors.

Last week’s charges were said to be the first in years against a North Korean hacker related to high-profile attacks linked to the state. The attack on Sony came as the company was preparing to release a movie called “The Interview,” which depicted the assassination of a character resembling North Korean leader Kim Jong Un. The group also allegedly stole $81 million from the central bank of Bangladesh in 2016.

A North Korean suspect is wanted by U.S. authorities on suspicion of hacking. (Courtesy of the U.S. Federal Bureau of Investigation)

“We stand with our partners to name the North Korean government as the force behind this destructive global cyber campaign,” Christopher Wray, director of the Federal Bureau of Investigation, said in a statement on Sept. 6.

The U.S. Treasury also imposed sanctions on Park and a Chinese business he was affiliated with. “We will not allow North Korea to undermine global cybersecurity to advance its interests and generate illicit revenues in violation of our sanctions,” Treasury Secretary Steven Mnuchin said in his own statement.

Under Kim, the North has consolidated its cyber forces under its Reconnaissance General Bureau, which handles overseas spying. The state has a team of 6,800, according to the South Korean government, and is counted as one of the five cyber powers along with the U.S., Russia, China and Israel.

The core of cyber operations is a team known as “Bureau 121,” established in 1998 by Kim’s father, then-leader Kim Jong Il. Bureau 121 is known for its willingness to commit crimes for the sake of bringing in cash.

“The technology behind North Korea’s cybercrimes is some of the most advanced in the world,” said a source with the U.S. State Department.

Governments and businesses around the world are hurrying to guard themselves from the North’s attacks even as its methods grow more sophisticated. Further cooperation between countries’ cyberdefense authorities may be key to finding effective solutions.

British Airways: The airline said a “very sophisticated” hacker stole credit card details of hundreds of thousands of its customers in recent days. Anyone who lost out financially as a result of the breach would be compensated, BA officials said. (Reuters)

JPMorgan Hacker: A Russian man, Andrei Tyurin, has been extradited by Georgia to the United States on charges that he participated in the 2014 hack of JPMorgan Chase and other U.S. companies. (Reuters)

Middleweight Boxing Champion Led a Crime Syndicate

Posted on by

The Shulaya Enterprise was an organized criminal group operating under the direction and protection of Razhden Shulaya, a/k/a “Brother,” a/k/a “Roma,” a “vor v zakone” or “vor,” which are Russian phrases translated roughly as “Thief-in-Law” or “Thief,” and which refer to an order of elite criminals from the former Soviet Union who receive tribute from other criminals, offer protection, and use their recognized status as vor to adjudicate disputes among lower-level criminals.  As a vor, Shulaya had substantial influence in the criminal underworld and offered assistance to and protection of the members and associates of the Shulaya Enterprise.  Those members and associates, and Shulaya himself, engaged in widespread criminal activities, including acts of violence, extortion, the operation of illegal gambling businesses, fraud on various casinos, identity theft, credit card frauds, trafficking in large quantities of stolen goods, money laundering through a fraudulently established vodka import-export company, payment of bribes to local law enforcement officers, and the operation of a Brooklyn-based brothel.

The Shulaya Enterprise operated through groups of individuals, often with overlapping members or associates, dedicated to particular criminal tasks.  While many of these crews were based in New York City, the Shulaya Enterprise had operations in various locations throughout the United States (including in New Jersey, Pennsylvania, Florida, and Nevada) and abroad.  Most members and associates of the Shulaya Enterprise were born in the former Soviet Union and many maintained substantial ties to Georgia, Ukraine, and the Russian Federation, including regular travel to those countries, communication with associates in those countries, and the transfer of criminal proceeds to individuals in those countries.

Avtandil Khurtsidze VS Tommy Langford - ITS OFFICIAL - YouTube Not too sure he was not a spy either frankly.

Georgian former boxing champion Avtandil Khurtsidze has been sentenced to 10 years in prison for working as the “chief enforcer” for an “elite” criminal enterprise.

He was convicted in June in New York of racketeering and wire fraud conspiracy.

Prosecutors said the 38-year-old boxer had “substantial influence” in the criminal underworld as part of a Soviet Union crime gang.

They said Khurtsidze used violence in service of the group’s activities.

He and his associates, known as the Shulaya Enterprise, were blamed for crimes across the US including extortion, wire fraud, illegal gambling and operating a brothel in Brooklyn.

Many of the crew’s activities were based in New York but they also operated in other major cities as well as abroad, a justice department statement said.

Officials say most of its members were born in the former Soviet Union, with strong ties to Georgia, where the boxer was born.

Khurtsidze was caught on film twice carrying out assaults, with prosecutors describing him as a “heavyweight enforcer” for the group’s members and leadership.

He was also accused of participating in a complex fraud scheme to predict casino slot machines algorithms, which involved kidnapping a software engineer in Las Vegas in 2014.

Khurtsidze on shoulders with a belt above head
Getty Image
Image caption Khurtsidze was arrested in 2017, scuppering his chances at the WBO middleweight title

On top of his decade federal jail sentence, the Georgian boxer was given two further years supervision on release.

“Thanks to our dedicated law enforcement partners around the globe, Khurtsidze’s reign of extortion and violence has been halted,” US attorney Geoffrey Berman said in a statement.

‘Just a waste’

Khurtsidze held the interim WBO middleweight title in 2017.

His last professional fight was against British boxer Tommy Langford in April 2017, which he won.

A later bout against Billy Joe Sanders was cancelled after Khurtsidze was arrested along with more than 30 others in a swoop against the organised crime syndicate.

Following his conviction, his former promoter Lou DiBella criticised the boxer for squandering his career.

“He let many people down who believed in him, but no one more than himself. Just a waste, and it’s all on him for choosing the dark side,” Mr DiBella told ESPN.

Hey, the Mayor of Atlanta has Joined the anti-ICE Movement

Posted on by

Mayor Keisha Lance Bottoms on Thursday signed an executive order for transferring all remaining U.S. Immigration and Customs Enforcement detainees out of the city jail and declaring that Atlanta will no longer hold anyone for the federal agency.

The Democratic mayor’s move follows a separate executive order from June that blocked the jail from taking in any new ICE detainees amid enforcement of the Trump administration’s “zero-tolerance” immigration policy on the southwest border, which split up many immigrant families. Bottoms has vigorously objected to that federal policy.

“Atlanta will no longer be complicit in a policy that intentionally inflicts misery on a vulnerable population without giving any thought to the horrific fallout,” Bottoms told reporters moments before signing her executive order. “As the birthplace of the civil rights movement we are called to be better than this.”

Secretary of State Brian Kemp, Georgia’s Republican nominee for governor, criticized the mayor’s move in a statement he released Thursday afternoon.

“The City of Atlanta should focus on cleaning up corruption and stopping crime — not creating more of it,” he said.

So….how about it Atlanta…what say you about her oath of office?

ORGANIZATIONAL MEETING; OATH OF OFFICE; MANDATORY TRAINING
.
(As taken from the Atlanta City Code of Ordinances)
Section 2-301.-
Organizational meeting; oath of office; mandatory training
.
(a) Organizational meeting.
The council shall meet for organization in the council chamber, or any
other designated public place, on the first Monday in January following each regular election, or, if such Monday is a legal holiday, then on the next following day not a legal holiday.
(b) Oath of office.
At such organizational meeting, the mayor, president of the council, and
council members shall take and subscribe before a judge of the superior court, or any official authorized to administer oaths, the following oath of office: “I do solemnly swear (or affirm) that I will faithfully discharge the duties of the [mayor, president of the council, council member] City Council of the City of Atlanta, Georgia. I will not knowingly permit my vote to be influenced by fear, favor, affection, or reward, and in all things pertaining to my office. I will be governed by the public good
and the interests of the City. I will observe the provisions of the Charter, ordinances, and regulations of the City of Atlanta, and I will support and defend the Constitutions of the State of Georgia and the United States of America. I am not the holder of any office of trust under the government of the United States, any other state, or any foreign state which I am prohibited from holding by the laws of the State of Georgia; I am not the holder of any unaccounted-for public money due this state or any
political subdivision or authority thereof; I have been a resident of the City of Atlanta [and Council District] and am otherwise qualified to hold this office by the Constitution and laws of this State and the Charter and ordinances of the City of Atlanta, so help me God.” More here.
So….Atlanta, (an international city/hub) how about challenging this Mayor on this topic of which Atlanta was part of for starters?

WASHINGTON – Law enforcement officials from the United States and the United Kingdom wrapped up Friday a “week of action” during which they conducted outreach at major international airports with the goal of education about and prevention of female genital mutilation/cutting (FGM/C). This outreach, called “Operation Limelight”, was conducted at four international airports in the U.S.—John F. Kennedy International Airport, Newark Liberty International Airport, Hartsfield-Jackson Atlanta International Airport, and Los Angeles International Airport—and at Heathrow Airport and train stations throughout the UK.

On August 30, law enforcement from the two nations also gathered at the U.S. embassy in London to sign a proclamation affirming their commitment to end the practice of FGM/C in both countries and around the world. The proclamation reads, in part:

“Female genital mutilation/cutting is a global issue that transcends our borders. FGM/C is a culturally-based, gender-specific form of violence and when performed on girls under the age of 18, it is child abuse. The top priorities of the U.K. and U.S. are safeguarding girls through prevention, multi-agency partnership and education. These efforts require that we learn and share our experiences and cooperate through both our informal and formal engagements. Through existing police to police and mutual assistance agreements and arrangements, the U.S. and U.K. law enforcement intend to share intelligence to enhance our knowledge of, and response to female genital mutilation. This collaboration seeks to build our intelligence capacity to identify those involved in perpetrating or facilitating FGM/C offences whilst safeguarding potential victims.”

Signatories of the proclamation include representatives from U.S. Immigration and Customs Enforcement’s Homeland Security Investigations, the U.S. Federal Bureau of Investigation, U.S. Customs and Border Protection, London Metropolitan Police Service, UK National Police Chiefs Council, UK Border Force, UK Crown Prosecution Service, and British Transport Police.

“Our agency is committed to pursuing those who commit or allow female genital mutilation. Through outreach and investigations, we will work to eradicate this form of abuse,” said Louis A. Rodi, III, Deputy Assistant Director, National Security Investigation Division, U.S. Homeland Security Investigations.  “We value our partnerships with UK law enforcement as well as with other U.S. federal agencies, including the FBI and U.S. Customs and Border Protection. This collaboration strengthens our resolve to carry out this important work to protect women and girls and investigate crimes against them.”

“FGM is a barbaric and violent crime enacted on girls who suffer the results for the rest of their lives. It is child abuse, and no religion, culture or tradition should be allowed to mitigate or make an excuse for such appalling crimes. It is even more traumatic because it is generally committed or facilitated by their families who they should look to for love and protection,” said United Kingdom’s National Police Chiefs’ Council Lead on Female Genital Mutilation Commander Ivan Balhatchet. “FGM is hugely complex to investigate and prosecute. Frequently, the survivor is unwilling to give evidence against those closest to them, and some cases of FGM occur prior to the arrival of the survivor in the UK.

Belhatchet continued, “the US shares the same goal but also the same challenges. This proclamation will mean both the UK and US learn more about FGM, the routes taken by perpetrators and when and where it is committed; this is particularly important because we know that perpetrators continue to adapt to evade detection. We also want this agreement and our joint operation to send a signal to those planning to commit FGM that we will do everything we can to protect girls and prosecute offenders.

“FGM is not something we can eradicate alone. We need everyone who works with children and young people to be alert to signs of FGM and tell [law enforcement] about them. We also need the public and other support groups to speak out and share information with us.”

For more information about the practice of female genital mutilation/cutting, view this video from the U.S. Department of State or visit the United Nations’ Zero Tolerance Day website.

Female genital mutilation/cutting is a federal crime in the United States, and any involvement in committing this crime is a serious human rights violation which may result in imprisonment and potential removal from the U.S. Individuals suspected of female genital mutilation/cutting, including sending girls overseas to be cut, may be investigated by the Human Rights Violators and War Crimes Center (HRVWCC) and prosecuted accordingly.

Established in 2009, the HRVWCC furthers ICE’s efforts to identify, locate and prosecute human rights abusers in the United States, including those who are known or suspected to have participated in persecution, war crimes, genocide, torture, extrajudicial killings, FGM/C, and the use or recruitment of child soldiers. The HRVWCC leverages the expertise of a select group of agents, lawyers, intelligence and research specialists, historians and analysts who direct the agency’s broader enforcement efforts against these offenders.

Since 2003, ICE has arrested more than 410 individuals for human rights-related violations of the law under various criminal and/or immigration statutes. During that same period, ICE obtained deportation orders against and physically removed 908 known or suspected human rights violators from the United States.  Additionally, ICE has facilitated the departure of an additional 122 such individuals from the United States.

Currently, ICE has more than 135 active investigations into suspected human rights violators and is pursuing more than 1,750 leads and removals cases involving suspected human rights violators from 95 different countries. Since 2003, the HRVWCC has issued more than 75,000 lookouts for individuals from more than 110 countries and stopped over 260 human rights violators and war crimes suspects from entering the U.S.

Securing the Elections, FBI Investigating Hacks

Posted on by

Securing the vote.

The states, which under the US system are responsible for conducting elections, remain concerned about the integrity of the ballot. Thirty-six  states have now deployed Albert sensors on their voting infrastructure to allow the Department of Homeland Security to observe state systems that manage either voter information or voting devices (Reuters).

The states also want the Feds to share more threat intelligence. Forty-four states and the District of Columbia took part in a Department of Homeland Security exercise this week  (US Department of Homeland Security). The states appear to have gained enough insight into the value of threat intelligence to decide that they want more of it (Reuters). Some advocate Federal standards for the conduct of elections, perhaps even mandatory standards (Atlantic Council). More here.

Meanwhile:

Then there is the matter the FBI is investigating in California.

The FBI launched investigations after two Southern California Democratic U.S. House candidates were targeted by computer hackers, though it’s unclear whether politics had anything to do with the attacks.

A law enforcement official told The Associated Press the FBI looked into hacks involving David Min in the 45th Congressional District and Hans Keirstead in the adjacent 48th District. Both districts are in Orange County and are seen as potential pickups as the Democratic Party seeks to win control of the Congress in November.

A person with knowledge of the Min investigation told the AP on Monday that two laptops used by senior staffers for the candidate were found infected with malware in March. It’s not clear what, if any, data was stolen, and there is no evidence the breach influenced the contest.

The CEO of a biomedical research company, Keirstead last summer was the victim of a broad “spear-phishing” attack, in which emails that appear to come from a friend or familiar source are designed to help hackers snatch sensitive or confidential information, the law enforcement official said. There is no evidence Keirstead lost valuable information.

The investigations so far have not turned up evidence the two candidates in Orange County were political targets.

The official and the knowledgeable person were not authorized to discuss the cases publicly and spoke only on condition of anonymity.

Keirstead was narrowly defeated in the June primary for the seat held by Republican Rep. Dana Rohrabacher. Min came in third in the contest to unseat Republican Rep. Mimi Walters.

Min’s staff was alerted to a potential cyberattack by a facility manager in the software incubator where his campaign rented space. It was later found the computers were infected with software that records and sends keystrokes, with additional software that concealed it from conventional anti-virus tools used by the campaign.

Hackers also used a broad spear-phishing attack in an attempt to gain access, and FBI investigators are still piecing together additional details, the official said.

The two laptops were replaced, and Min’s computer was not infected. The attack on the computers was first reported by Reuters.

Keirstead campaign officials detected repeated attempts to access the campaign’s website.

Rolling Stone magazine, which first reported that cyberattack, said hackers or bots tried different username-password combinations in a rapid-fire sequence over a two-and-a-half-month period to get inside the campaign’s WordPress-hosted website.

According to the campaign, there were also more than 130,000 so-called brute force attempts over a monthlong period to gain access to the campaign’s server through the cloud-server company that hosted the Keirstead campaign’s website, Rolling Stone said.

Computer security experts say that many attempts to gain access to a site hosted with the popular and free WordPress software is not unusual.

“Every WordPress hosted website sees 130,000 brute force attempts over a monthlong period, regardless whether it’s Bohemian basket weaving, a blog about furry costume construction, or a politician website,” said Robert Graham, a cybersecurity expert who created the BlackICE personal firewall.

“Hackers don’t know or care who you are: they only care that you use WordPress,” Graham said in a text message.

Min finished third behind fellow Democrat Katie Porter, who faces Walters in November. In the 48th District, Rohrabacher will face Democrat Harley Rouda, who snagged the second runoff spot by defeating Keirstead by 125 votes.