Category Archives: FBI

Indictment of Leaker to Media, Wolfe and Watkins Romance

Posted on by

So, many in media were quite upset with the breaking news that the cell phones and messages were seized by the Department of Justice of a journalist. Well, hold on Hannity. There were good reasons, this time.

The New York Times has/had this reporter, Ali Watkins that decided to have a long romantic relationship with James A. Wolfe, a former Senate Intelligence Committee Director of Security. Seems Mr. Wolfe provided Ali Watkins with classified material and information that she exploited and published articles on the same.

Mr. Wolfe was formally indicted on May 2, 2018 and more counts may be added. What is also remarkable is Ali Watkins phones and communications were seized in February of 2018, so much for the New York Times being honest, candid and transparent, right?

The indictment refers to at least 4 reporters. After much cultivating of related stories, those reporters are possibly known as: Reporter #1 Manu Raju at CNN Reporter #1 Ali Watkins at NYT Reporter #3 Marianna Sotomayor NBC Reporter #4 Brian Ross ABC.

Now, this all goes back to Carter Page by the way. And while so many are turning on Trey Gowdy for his position on the FBI inserting moles, informants or spies, let’s go to context shall we?

In 2013, a group of Russian operatives, read spies, were inserted into New York, downtown Manhattan, operating under cover. All of them were part of SVR, known as Russian foreign intelligence. All the while, the FBI was listening to their calls and had bugged the New York office of the SVR. How about those names? Viktor Pododnyy, he worked to recruit Carter Page with some success. Igor Sporyshev, worked covertly as a trade representative and then we have Evgeny Buryakov. He worked under cover at the VEB bank on 3rd Avenue in Manhattan.

The operation included passing off documents at a particular location near a 1960 abstract sculpture at the street level in the foyer. Sporyshev had the job of recruiting Americans willing to become intelligence sources for Russia. One such person was Carter Page. Carter Page is listed in court documents as Male #1. Page has admitted meeting with Russian operatives in 2013. To date, it is unclear if Page did provide any classified material or assistance to any number of Russian operatives as he has not been charged with any counts.

Of note, Evgeny Buryakov was charged and plead guilty in 2016, in Manhattan court with conspiracy and was deported in 2017. In 2015, was charged along with Sporyshev with aiding and abetting Buryakov and also later deported. The United States by the way traded these men and a few others for 4 Russian prisoners.

Russia had dispatched 10 agents to the United States in 2010. That TV show, The Americans was inspired by this whole case.

Meanwhile, the Senate Intelligence Committee Chair, Senator stated the committee has fully cooperated with the FBI/DoJ investigation and it is undetermined yet just how much if any classified material was compromised. Wolfe, the Director of Security for the committee, retired apparently this past March after 29 years in that role.

Back to Ali Watkins, she was so elated with her information at the time she reported for BuzzFeed, she appeared on Rachel Maddow’s show on her story in April 2017.

While all this was going on last December with James Wolfe, lil miss Watkins knew something was up.

Maybe we should ask Senator Feinstein what she was talking about here with Ali:

And the beat goes on eh?

Hey Secret Service, Check it out While in Singapore

Posted on by

10 Best Things to Do in Sentosa Island - Best Attractions ... photo

So, while the United States is finding a discreet way to pay for Kim Jung Un’s travel and hotel stay in Singapore on Sentosa Island as North Korea is cash strapped…ah yeah sure, there are some other things going on in Singapore and Malaysia.

Let’s begin a few years ago. Sit back with this article, it is long but perspective and context is required.

Malaysian authorities shutter two North Korean companies ... photo

(Note, it is allegedly closed, or Singapore denies it, but Secret Service check it all out)

(Reuters) – It is in Kuala Lumpur’s “Little India” neighborhood, behind an unmarked door on the second floor of a rundown building, where a military equipment company called Glocom says it has its office.

Glocom is a front company run by North Korean intelligence agents that sells battlefield radio equipment in violation of United Nations sanctions, according to a United Nations report submitted to the Security Council seen by Reuters.

Reuters found that Glocom advertises over 30 radio systems for “military and paramilitary” organizations on its Malaysian website, glocom.com.my.

Glocom’s Malaysian website, which was taken down late last year, listed the Little India address in its contacts section. No one answers the door there and the mailbox outside is stuffed with unopened letters.

In fact, no company by that name exists in Malaysia. But two Malaysian companies controlled by North Korean shareholders and directors(also known as a Nominee Director) registered Glocom’s website in 2009, according to website and company registration documents.

And it does have a business, the unreleased U.N. report says. Last July, an air shipment of North Korean military communications equipment, sent from China and bound for Eritrea, was intercepted in an unnamed country. The seized equipment included 45 boxes of battlefield radios and accessories labeled “Glocom”, short for Global Communications Co.

Glocom is controlled by the Reconnaissance General Bureau, the North Korean intelligence agency tasked with overseas operations and weapons procurement, the report says, citing undisclosed information it obtained.

A spokesman for North Korea’s mission at the U.N. told Reuters he had no information about Glocom.

U.N. resolution 1874, adopted in 2009, expanded the arms embargo against North Korea to include military equipment and all “related materiel”.

But implementation of the sanctions “remains insufficient and highly inconsistent” among member countries, the U.N. report says, and North Korea is using “evasion techniques that are increasing in scale, scope and sophistication.”

Malaysia is one of the few countries in the world which had strong ties with North Korea. Their citizens can travel to each other’s countries without visas. But those ties have begun to sour after North Korean leader Kim Jong Un’s estranged half-brother was murdered at Kuala Lumpur’s international airport on Feb 13.

PAN SYSTEMS

According to the “WHOIS” database, which discloses website ownership, Glocom.com.my was registered in 2009 by an entity called International Global System using the “Little India” address. A similarly named company, International Golden Services is listed as the contact point on Glocom’s website.

Glocom registered a new website, glocom-corp.com, in mid-December, this one showing no Malaysian contacts. Its most recent post is dated January, 2017 and advertises new products, including a remote control system for a precision-guided missile.

Glocom is operated by the Pyongyang branch of a Singapore-based company called Pan Systems, the U.N. report says, citing an invoice and other information it obtained.

Louis Low, managing director of Pan Systems in Singapore said his company used to have an office in Pyongyang from 1996 but officially ended relations with North Korea in 2010 and was no longer in control of any business there.

“They use (the) Pan Systems (name) and say it’s a foreign company, but they operate everything by themselves,” Low told Reuters referring to the North Koreans at the Pyongyang office.

Pan Systems Pyongyang utilized bank accounts, front companies and agents mostly based in China and Malaysia to buy components and sell completed radio systems, the U.N. report says. Pan Systems Pyongyang could not be reached for comment.

One of the directors of Pan Systems Pyongyang is Ryang Su Nyo. According to a source with direct knowledge of her background, Ryang reports to “Liaison Office 519”, a department in the Reconnaissance General Bureau. Ryang is also listed as a shareholder of International Global System, the company that registered Glocom’s website.

Reuters has not been able to contact Ryang.

SMUGGLING CASH

Ryang frequently traveled to Singapore and Malaysia to meet with Pan Systems representatives, the U.N. report says.

On one such trip in February 2014, she and two other North Koreans were detained in Malaysia for attempting to smuggle $450,000 through customs at Kuala Lumpur’s budget airport terminal, two sources with direct knowledge of the situation told Reuters.

The North Korean trio told Malaysian authorities they all worked for Pan Systems and the cash belonged to the North Korean embassy in Kuala Lumpur, according to the two sources.

The Malaysian Attorney General decided not to press charges because of insufficient evidence. A week later, the trio was allowed to travel, and the North Korean embassy claimed the cash, the sources said. All three had passports assigned to government officials, the sources said.

Malaysia’s Customs Department and the Attorney General’s office did not respond to requests for comment over the weekend.

The Pan Systems representative in Kuala Lumpur is a North Korean by the name of Kim Chang Hyok, the U.N. report says.

Kim, who also goes by James Kim, was a founding director of International Golden Services, the company listed in the contacts section of the Glocom website. Kim is director and shareholder of four other companies in Malaysia operating in the fields of IT and trade, according to the Malaysian company registry.

He did not respond to requests for comment by mail or email.

The United Nations panel, which prepared the draft report, asked the Malaysian government if it would expel Kim and freeze the assets of International Golden Services and International Global System to comply with U.N. sanctions. The U.N. did not say when it made the request.

“The panel has yet to receive an answer,” the report said.

Reuters has not received a response from the Malaysian government to repeated requests for comment about Glocom.

POLITICAL CONNECTION

One of Glocom’s early partners in Malaysia was Mustapha Ya’akub, a prominent member of Malaysia’s ruling United Malays National Organisation (UMNO). Since 2014, he has been listed as a director of International Golden Services

As secretary of the UMNO youth wing’s international affairs bureau, Mustapha fostered political connections in the 1990s with countries, such as Iran, Libya and North Korea. Glocom’s Little India address once housed a company owned by UMNO Youth.

Mustapha, 67, said he had been a Glocom business partner “many years back” and said it has been continuously controlled by several North Koreans, including Kim Chang Hyok, whom he said he knew. He did not divulge his role in the company, and denied any knowledge of Glocom’s current business.

“We thought at the time it might be a good idea to go into business together,” Mustapha told Reuters about his first meeting with his North Korean business contacts. He did not say who those contacts were or what they discussed. He denied any knowledge of Glocom’s current business.

Glocom advertises and exhibits its wares without disclosing its North Korean connections.

“Anywhere, Anytime in Battlefield,” reads the slogan on one of several 2017 Glocom catalogs obtained by Reuters.

An advertisement in the September 2012 edition of the Asian Military Review said Glocom develops radios and equipment for “military and paramilitary organizations”.

A spokesman for the magazine confirmed the ad had been bought by Glocom, but said the magazine was unaware of its alleged links to North Korea.

Glocom has exhibited at least three times since 2006 at Malaysia’s biennial arms show, Defence Services Asia (DSA), according to Glocom’s website.

At DSA 2016, Glocom paid 2,000 ringgit ($450) to share a table in the booth of Malaysia’s Integrated Securities Corporation, its director Hassan Masri told Reuters by email.

Hassan said he had nothing to do with Glocom’s equipment and was unaware of its alleged links to North Korea.

Aside from the North Koreans behind Glocom, clues on its website also point to its North Korean origins.

For instance, one undated photo shows a factory worker testing a Glocom radio system. A plaque nearby shows the machine he is using has won a uniquely North Korean award: The Model Machine No. 26 Prize,” named in honor of late leader Kim Jong Il, who is said to have efficiently operated “Lathe No. 26” at the Pyongyang Textile Factory when he was a student.

*** It gets worse.

Executive Summary

In April 2018, Recorded Future published research on the internet browsing behavior of North Korea’s most senior leaders and revealed stark changes in how North Korea’s ruling elite utilize the internet from our original analysis in July 2017. Utilizing a data set spanning from December to mid-April, we compiled a significant amount of information on North Korea’s technology architecture, including which types, manufacturers, and models of hardware and software North Korean leaders used to access the internet.

Our analysis reveals the overwhelming presence of American hardware and software on North Korean networks and in daily use by senior North Korean leaders. We also examined the broad legal regime that restricts U.S. trade with North Korea and discovered that it is insufficient to prevent U.S. electronics, hardware, and software from reaching North Korea.

Key Judgements

  • This failure to keep American technology from reaching North Korea has enabled North Korea’s destabilizing, disruptive, and destructive cyber operations as well as its internet-enabled circumvention of international sanctions.
  • International inconsistency in the definition of the term “luxury goods” has also facilitated the Kim regime’s acquisition of American technology.
  • For seven years, between 2002 and 2017, the United States allowed the exportation of “computer and electronic products” to North Korea, totaling more than $430,000. Our analysis demonstrates that many of the electronic devices North Korean elite utilize are older models or are running older software, and that at least some of those devices could have been legally acquired from the U.S. during these seven years.
  • All U.S. exporters are liable for any violation of the sanctions regime, but beyond the implementation of a robust compliance program, there’s relatively little that can be done to actually stop prohibited goods from reaching sanctioned countries. This is especially true for North Korea, as they have proven to be sophisticated at utilizing intermediaries or spoofing identities.

History of Export Controls Against North Korea

Since the split of North and South Korea following World War II, the United States has regarded the Democratic People’s Republic of Korea (DPRK or North Korea) as an adversary. Despite the lack of open hostilities for nearly 65 years, the U.S. has never normalized diplomatic relations with the “Hermit Kingdom.” From the 1950s to 1980s, North Korea’s status as a Communist government, and sponsorship of international terrorism, ensured that the two countries remained enemies. Then, in 1988, after the bombing of Korean Air Flight 858, North Korea was officially designated as a state sponsor of terrorism by the Reagan administration, inaugurating the modern export control regime against North Korea.

Separately, export control as a response to North Korea’s nuclear proliferation efforts dates back to 1992 when the U.S. imposed sanctions on two North Korean companies due to their missile proliferation activities. Between June 1992 and June 2000, some restrictions were lifted as a result of the U.S.-North Korea bilateral missile talks, but the respite was short lived and the U.S. ratcheted up sanctions from January 2001 through to 2006. This period included the notorious labeling of North Korea as part of the “Axis of Evil” in President Bush’s 2002 State of the Union Address.

In 2006, the first widespread international sanctions began after North Korea carried out its initial nuclear weapons test. This test prompted the UN Security Council (UNSC) to pass two resolutions imposing sanctions on North Korea — first Resolution 1695, and then Resolution 1718. These resolutions together banned a broad range of both imports and exports to North Korea by any UN member states.

While these resolutions initially focused on military materiel, they were supplemented by broader sanctions from the U.S., Australia, and Japan. After North Korea conducted its second underground nuclear test in May 2009, the UNSC adopted Resolution 1874, which further expanded the arms embargo and sought to target Pyongyang’s financial apparata. From 2009 to the present day, both the U.S. and UNSC have progressively strengthened and expanded earlier sanctions with Resolution 2087, 2094, 2270, 2371, 2375, and 2397, which covered everything from missile materiel to textiles and caps on oil trading.

Despite a perceived thaw in diplomatic relations beginning earlier this year, U.S. officials have re-emphasized numerous times that “all sanctions and maximum pressure must remain,” while denuclearization of the Korean peninsula is negotiated.

State of Current U.S. Sanctions Against North Korea

Current United States sanctions against North Korea can be split into two categories:

  1. Sanctions that specifically target North Korea.
  2. Sanctions related to “Weapons of Mass Destruction Proliferators.”

Until 2008, the bulk of U.S. sanctions specific to North Korea were implemented via the Trading With the Enemy Act (1917), which empowers the federal government to prohibit any and all trade with designated countries. On June 26, 2008, the Bush administration issued Executive Order (E.O.) 13466 under the authority of the International Emergency Economic Powers Act. That same year, the National Emergencies Act. E.O. 13466 was supplemented by Executive Orders 13551, 13570, 13687, 13722, and the North Korea Sanctions Regulations (31 C.F.R. part 510). These measures extended a variety of trade restrictions and blocking of interests belonging to various figures in North Korea.

Pre-dating these sanctions, E.O. 13382 was issued in 2005 targeting various entities engaged in WMD proliferation. Three North Korean entities and numerous North Korean persons were listed as blocked entities.

Today, these regulations have culminated in six prohibited categories of transactions involving North Korea:

  1. Blocked property belonging to the state of North Korea and certain North Korean nationals (E.O. 13466, 13551, 13687, 13722, and 13382).
  2. U.S. persons are prohibited from registering vessels in North Korea, flying the DPRK flag, or operating any vessel flagged by North Korea (E.O. 13466).
  3. Goods, services, and technology from North Korea may not be imported into the U.S. (E.O. 13570).
  4. No new investment in North Korea by U.S. persons is allowed (E.O. 13722).
  5. No financing by a U.S. person involving North Korea is allowed (E.O. 13722).
  6. And most importantly for our purposes, goods, services, and technology may not be exported to North Korea from the U.S., or by a U.S. person wherever located, without a license (E.O. 13722).

U.S. export enforcement responsibility falls under three executive branch agencies: the Office of Foreign Asset Control within the Department of Treasury, the Office of Export Enforcement within the Department of Commerce’s Bureau of Industry and Security, and Homeland Security Investigations within the Department of Homeland Security. These three agencies enforce the Executive Orders, U.S. sanctions, International Trafficking in Arms Regulation, Export Administration Regulation, and other laws which make up the body of export control laws in the United States. In 2010, Executive Order 13558 created the Export Enforcement Coordination Center to further strengthen the partnership between these independent agencies.

The United States is one of the only countries which enforces its export laws outside of its national boundaries. Federal agents located in foreign countries work in conjunction with local authorities to conduct end use license checks, knocking on doors to see whether the parties are still upholding their stated exporting intentions.

Currently, civil penalties of up to the greater of $284,582, or twice the amount of the transaction, can be imposed against any party that violates these sanctions. Similarly, upon conviction, criminal penalties of up to $1 million, imprisonment for up to 20 years, or both, may be imposed on any person that willfully violates the sanctions.

North Korea Leverages a Breadth of U.S. Technology Despite Export Controls

North Korea’s Technology Architecture

Numerous third-party data sources used for this analysis gave Recorded Future visibility into what types of devices North Korea’s most senior leadership use to access the global internet. As has been widely publicized over the past several years, Kim Jong Un has been photographed on several occasions with Apple devices, and North Korean-made mobile phones have been assessed as mimicking Apple technology.

While we cannot confirm the actual users behind the activity we see, our analysis indicates that numerous American and Western-manufactured devices are being used by North Korean elite to access the global internet. Several reports and accounts have documented how few North Koreans are granted access to the global internet. At most, only the inner circle of North Korea’s leadership, such as party, military, and intelligence leaders and their families, are allowed to own computers and independently utilize the global internet. This is one of the data points we use to determine with such certainty that North Korea’s ruling elite are the users of this hardware and software.

North Korea’s use of proxies and load balancers limited our ability to identify exactly how many of each device was present, but we can determine some models and versions:

  • Windows 7
  • Windows 8.1
  • Windows 2000
  • Windows XP
  • Windows 10
  • Microsoft Terminal Server
  • Samsung Galaxy S5
  • Samsung Galaxy J5
  • Samsung Galaxy S7
  • Samsung Galaxy S8 Plus
  • Huawei Mate 95c 6 v6
  • Apple iPhone 4S
  • Apple iPhone 5
  • Apple iPhone 5S
  • Apple iPhone 6
  • Apple iPhone 6S Plus
  • Apple iPhone 7 Plus
  • Apple iPhone 8 Plus
  • Apple iPhone X
  • Apple MacBook
  • IBM Tivoli Storage Manager server
  • Conexant Hasbani web servers
  • Ascend Communications1 switches
  • F5 BIG-IP load balancer

While the majority of North Korean cyber operations are likely conducted from abroad, a small minority historically have been conducted from territorial North Korea. These operations have been conducted utilizing this very same hardware and software. This means that minimally, U.S. technology has enabled North Korea’s destabilizing, disruptive, and destructive cyber operations as well as its internet-enabled circumvention of international sanctions.

Where Technology Export Control Fails

According to a Congressional Research Service study conducted in 2016, U.S. trade restrictions with North Korea are extensive, but do not amount to a comprehensive embargo.

The United States curtails trade with North Korea for reasons of regional stability, that country’s support for acts of international terrorism, lack of cooperation with U.S. antiterrorism efforts, proliferation, and its status as a Communist country and a nonmarket economy. The United States also prohibits transactions relating to trade with certain North Korean entities identified as those who procure luxury goods, launder money, smuggle bulk cash, engage in counterfeiting goods and currency, and traffic in illicit narcotics.

Further, ”a U.S. company may apply for a license to export to North Korea, but for nearly all items other than food and medicine, there is a presumption of denial.”

This is despite the fact that North Korea has been on and off the State Sponsors of Terrorism list twice in the last 10 years (President Bush rescinded the declaration in 2008 and President Trump re-applied it in November 2017). In terms of exportation of technology to North Korea, the State Sponsors of Terrorism designation has relatively little impact in and of itself because the sanctions resulting from that designation govern primarily U.S. foreign aid, defense exports, and dual-use items. There is a provision for sanctions on “miscellaneous financial and other restrictions,” however, it is not clear whether that provision goes above and beyond the existing prohibitions on technology exports to North Korea.

Most electronics, including laptop computers, digital music players, large flat-screen televisions, and “electronic entertainment software” are considered “luxury goods” and fall under the broad trade Export Administration Restrictions (EAR) for North Korea administered by the Department of Commerce.

While the United Nations (UN) clarified its definition of “luxury goods” in Resolution 2321 as not including electronics, each UN member state is allowed to interpret the “luxury goods” term as including different products, “creat[ing] a situation of uneven practice” in the application of export controls. For instance:

  • The European Union bans “electrical/electronic items and appliances for domestic use of a value exceeding EUR 50 each.”
  • Australia bans all “consumer electronics.”
  • Japan prohibits “portable computing devices consisting of at least a central processing unit (CPU), a keyboard, and a display.”
  • South Korea broadly restricts and governs trade with the North including “electronic goods” as a luxury item.
    China has not made a distinction on embargoed luxury goods and does not “honor the luxury goods lists of other countries when it exports to” North Korea.

The Saga of ZTE

In March 2016, Zhongxing Telecommunications Equipment (ZTE), a Chinese cellular device and hardware manufacturer, was added to the Export Administration Regulations (EAR) Entities List. The EAR “imposes additional licensing requirements on and limits the availability of most license exceptions for, exports, reexports, and transfers (in-country) to those listed” on the Entities List. ZTE was initially placed on the Entities List for violating U.S. sanctions by selling American-made goods to Iran and North Korea. Placement on the Entities List prohibited U.S. companies from selling goods to ZTE without a license, and because nearly all ZTE-manufactured products contained U.S. goods, essentially crippled the company.

For more than two years, ZTE and the U.S. government went back and forth attempting to reach an agreement over penalties and validate that ZTE was no longer violating U.S. sanctions. In April 2018, the Department of Commerce (DOC) ended the negotiations by imposing a denial order, prohibiting American companies from selling to ZTE for seven years.

The denial order was the end of a lengthy export control enforcement process which would have bankrupted ZTE. Instead, in late May, the DOC negotiated an agreement which lifted the denial order and re-opened ZTE to U.S. exports.

The case of ZTE, a company which was placed on the Entities List and under a denial order for violating U.S. sanctions against North Korea, is a useful example of how impactful successful export control can be — if allowed to be. Had ZTE been allowed to fail, it would have sent a powerful message to companies around the world indicating how seriously the U.S. considers these violations. Instead, the message is that a company can violate U.S export controls and sanctions if it is large enough and aligned with an economically powerful nation.

Technology Exports to North Korea Were Not Always Prohibited

The question of how U.S. technology gets to North Korea is not entirely a story of failed export control or inconsistent application. According to Department of Commerce data, the U.S. has actually exported over $176 million of goods to North Korea since 2002. While this number pales in comparison to export volume with nations such as China or Canada, it is important to note that the export of “computers and electronic products” to North Korea occurred until this year.

At its peak in 2014, the U.S. exported $215,862 worth of computers and electronic products to North Korea. We do not know exactly which products or how many were exported to North Korea that year. However, based on the Department of Commerce definition of “computers and electronic products,” we have an idea of what kind of electronics these exports might have included. This category includes “computers, computer peripherals (including items like printers, monitors, and storage devices), communications equipment (such as wired and wireless telephones), and similar electronic products (including audio and video equipment and semiconductors),” as well as components for these products.

Again, while we do not know exactly which computer and electronic products were exported to North Korea over the past 15 years, that data can be useful in an exercise to demonstrate exactly how much value North Korea could have derived from that amount of money.

For example, in 2014, a decent desktop could cost around $500, while a similarly specified laptop would cost $700. Hypothetically, if North Koreans were paying the average prices for computers, they could have purchased over 350 computers from U.S. suppliers in 2014 alone. In total, since 2002, the U.S. has legally exported $483,543 worth of computers and electronics to North Korea — a sum that could have legally supplied some of the ruling elites’ electronics needs.

Our analysis demonstrates that many of the electronic devices North Korean elite utilize are older models or are running older software. These legal exports certainly do not account for all of the devices we have observed on North Korean networks, nor is $483,543 sufficient to completely build a moderately sized and proxied network. However, it presents an interesting part of the answer to the question of exactly how North Korea could have acquired all of their Western hardware and software. At least some of the computers and software we observed being used in North Korean networks today was probably acquired during these past 15 years.

Outlook

It is the responsibility of any U.S. exporters to be familiar and compliant with federal export controls, as penalties can include fines, civil or criminal charges, imprisonment, negative publicity, revocation of exporting privileges, or debarment from U.S. government contracting. As explained by the Massachusetts Export Center, “[Even if the exporter is selling only] innocuous products or selling only to ‘friendly’ countries … the exporter is ultimately responsible to have a thorough understanding of export regulations and to establish operating procedures aimed at preventing violations.

For U.S. companies and persons to avoid the risk of being found guilty of violating sanctions, it is expected that an effective export compliance program is implemented. The U.S. Department of Commerce’s Bureau of Industry and Security suggest eight elements for an effective program:

  1. Statements and commitments from management
  2. Risk assessment of potential export violations
  3. Export authorization
  4. Effective record keeping
  5. Instituting training programs for employees
  6. Auditing records
  7. Detecting and correcting export violations
  8. Maintaining an export compliance manual

Generally, all U.S. business are not expected to perfect all eight elements, but any deviation from a robust compliance program poses a risk that an entity could be found in violation of the U.S. export regime. However, while a U.S. company may have a robust program, sanctioned states often use false flags or non-national facilitators to skirt even the most advanced programs. As a recent report from Arms Control Wonk and Reuters pointed out, the North Koreans are adept at falsifying addresses and names to circumvent sanctions programs. This flow of technology is not one way, either — recent reports point out that North Korea has used shell companies and various aliases to export various technologies, including facial recognition software to U.S. allies and encryption software in Asia.

One transaction involving the DPRK shell company Glocom that was widely reported last year demonstrates the ease with which North Korea is able to avoid technology control sanctions. Glocom used a network of Asian-based front companies to purchase components from electronic resellers, and the payment was even cleared through a U.S. bank account. Glocom, the company at the center of these transactions, was tied to Pan Systems Pyongyang via invoices uncovered by the UN and International Global System via WHOIS website registration data. Ryang Su Nyo is listed as a director of Pan Systems Pyongyang and a shareholder of International Global System, and Reuters has reported that Ryang reports to “Liaison Office 519,” a department within the North Korean Reconnaissance General Bureau.

Today, the varied interpretation of the term “luxury goods,” a sophisticated sanctions evasion operation, and lax enforcement of technology and electronics as a subcategory has created a situation where the Kim regime can acquire U.S. electronics, software, and hardware virtually at will. Technology resellers, North Koreans abroad, and the Kim regime’s extensive criminal networks all facilitate the transfer of American technology for daily use by one of the world’s most repressive governments. Unless there’s a globally unified effort to impose comprehensive sanctions on the DPRK, and multilateral cooperation to ensure that these sanctions cannot be thwarted by a web of shell companies, North Korea will be able to continue its cyberwarfare operations unabated with the aid of Western technology.

 

Yet Another American Caught Spying for China

Posted on by

It is an epidemic, only no one will admit that. Mr. Hansen’s charges are found here.

WASHINGTON (Reuters) – A former officer with the U.S. Defense Intelligence Agency was arrested over the weekend for allegedly trying to spy on the United States for China, the Justice Department said on Monday.

The Federal Bureau of Investigation took Ron Rockwell Hansen, 58, into custody on Saturday while he was on his way to the Seattle-Tacoma International Airport to get a connecting flight to China.

The department said he has been accused of trying to transmit national defense information to China and with receiving “hundreds of thousands of dollars” while acting illegally as an agent for the Chinese government.

Reuters could not immediately learn who may be representing Hansen in the case.

Hansen is the latest person in a string of former U.S. intelligence officers to be swept up in criminal probes related to spying for the Chinese.

Earlier this year, former CIA case officer Jerry Chun Shing Lee was indicted for conspiring to gather or deliver national defense information to China.

Another former U.S. intelligence employee named Kevin Mallory is on trial in Virginia, also in connection with selling secrets to China.

In the new case announced Monday, prosecutors said that Hansen speaks fluent Mandarin-Chinese and Russian.

He served as a case officer for the Defense Intelligence Agency while on active military duty from 2000-2006, and later continued that line of work as a civilian employee and a contractor.

He also held a top secret clearance for years.

The government said that between 2013 and 2017, he traveled between the two countries attending conferences and provided the information he learned to China’s intelligence service.

He was paid via wire transfers, cash and credit cards. He also allegedly improperly sold export-controlled technology.

“His alleged actions are a betrayal of our nation’s security and the American people and are an affront to his former intelligence community colleagues,” said John Demers, the head of the Justice Department’s National Security Division.

According to court records, the FBI started investigating his activities in 2014. He was unaware of the probe, and participated in nine voluntary meetings with federal agents in Salt Lake City. Utah.

Prosecutors say that during his meetings, he told the FBI that Chinese intelligence had tried to recruit him, offered to cooperate as a source and even provided thumb drives to the FBI that contained classified materials he was not authorized to have.

Hansen appeared before a magistrate judge in Seattle on Monday, and is charged in a 15-count complaint.

Mr Hansen, who lives in Syracuse, Utah, was charged with attempting to gather or deliver national defense information to aid a foreign government.

Other charges – there are 15 in total – include acting as an unregistered foreign agent for China, bulk cash smuggling, structuring monetary transactions and smuggling goods from the US.

photo, Mallory

*** Now about those phones and Kevin Mallory:

The phone the Chinese intelligence operatives gave Kevin Mallory was a specialized spy gadget. If it had worked like it was supposed to, he might be a free man today.

The former CIA officer, on trial in Alexandria federal court on espionage charges, freely told his old colleagues that he had been approached by those spies on social media in February of 2017. He said he had been invited on two trips to China and given a Samsung Galaxy phone with special encryption capabilities.

What he didn’t tell his U.S. intelligence contacts, and, according to prosecutors, what he thought they would never learn, was that he also traded classified documents to the Chinese agents in exchange for $25,000.

Mallory, a 61-year-old from Leesburg, Va., who also served in the Defense Intelligence Agency, State Department and U.S. Army, was arrested last spring. While prosecutors say he was selling secrets, he contends he was trying to expose the Chinese spies. Whatever jurors decide, the veteran intelligence operative’s trial is offering a glimpse into some of the inner workings of both Chinese espionage and American attempts to counter it.

It’s “very rare” for a foreign intelligence service’s device “to be revealed like that,” FBI agent Paul Lee testified on Thursday. The phone would have cost the Chinese government a lot of money to develop, he had told Mallory last year.

Mallory explained in meetings with the CIA and FBI, which were recorded and played for the jury, that the phone contained an app designed to facilitate steganography, or the hiding of information inside of an image. Documents were merged into a file that appeared as an image — in this case, the Chinese chose horses grazing in front of a mountain range.

To send the files through the secure version of the app, which was a customized version of the Chinese messaging service WeChat, both parties had to be online and type in a password. (The one built into the application, Mallory told the officials, was the word “password,” in English.)

Mallory told the FBI that the Chinese spies told him they had found a “special way” to make the app safer.

But their system was flawed. James Hamrock, an engineer who analyzed the phone for the FBI, said he believes the encrypted application crashed at one point, creating an unintentional log of Mallory’s communications with one of the Chinese spies.

If the app had not crashed, Hamrock testified, he likely would not have been able to see Mallory’s communications. Instead, as Mallory and FBI agents met in a hotel room in Ashburn, Va., last May to look at the phone, they saw conversations in which Mallory had discussed delivering “more documents,” including something related to a foreign intelligence service. (The name of that service was redacted from exhibits shown in court).

“I’m — I’m surprised it kept this much,” Mallory told the agents as they examined the phone.

But defense attorneys stressed that U.S. law enforcement would never have known about the phone — let alone have been able to examine it — had Mallory not brought it to them.

Mallory maintains that as soon as he realized the Chinese recruiters who had approached him on LinkedIn were spies, he decided to deliver them to American hands.

“Kevin Mallory has worn a white hat throughout his career, and he did not take it off for a relatively small amount of money,” public defender Geremy Kamens said in his opening statement. “If he was motivated by money, he would have kept his mouth shut.”

Instead, Mallory caught the attention of authorities because he repeatedly contacted a CIA employee from his church and a CIA contractor he worked with from 2010 to 2012 to say he believed he was in touch with Chinese intelligence.

In a text to the contractor, a covert operative who testified from behind a screen under the pseudonym John Doe, Mallory said the operatives “asked me a few questions that could have only come from our side of the house.”

Doe testified that he took that to mean that the Chinese had penetrated the CIA.

Doe said Mallory’s request to be put in touch with someone in the agency’s East Asia Division “seemed odd.”

Ralph Stevenson, a CIA resources officer, agreed. When Mallory contacted him in a similar manner, Stevenson said, he deleted the texts and responded with a terse email.

At the Montgomery Chinese Branch of the Mormon Church that weekend, Stevenson upbraided Mallory. Read more here.

*** One last item:

China’s influence in New Zealand is so extensive that it threatens the traditionally close intelligence contacts between New Zealand and its Western allies, according to a report written by the Canadian spy agency.

The report, entitled China and the Age of Strategic Rivalry, was authored by experts at the Canadian Security Intelligence Service (CSIS). It contains a summary of views expressed by participants at an academic outreach workshop that was organized in Canada by the CSIS. In a section focusing on Chinese “interference in democratic systems”, the report suggests that, despite its small size, New Zealand is “valuable to China […] as a soft underbelly through which to access Five Eyes intelligence”. In recent years, claims the report, Beijing has adopted “an aggressive strategy” that has sought to co-opt political and economic elites in New Zealand as a means of influencing political decision making in the country. As part of that process, China seeks to gain advantages in trade and business negotiations, suppress negative views of China, facilitate espionage and control the views of the Chinese expatriate community in New Zealand, according to the report. Ultimately, Beijing seeks to “extricate New Zealand from […] its traditional [military and intelligence] partners]” as a means of asserting its regional and —eventually— global influence, the report concludes.

In a separate but connected development, it emerged this week that China expert Peter Mattis told an American Congressional committee last month that New Zealand’s position in the Five Eyes alliance was tenuous due to China’s influence. Mattis, a former China analyst for the United States Central Intelligence Agency, was speaking before the US-China Economic and Security Review Commission, a group of experts that advise the US Congress. He told the Commission that the influence of the Chinese Communist Party in New Zealand is so deep that it raises questions about whether the Pacific Ocean country can continue to share intelligence with the other members of the Five Eyes alliance.

On Wednesday, New Zealand’s Prime Minister Jacinda Ardern emphatically dismissed questions about her country’s role in the Five Eyes alliance. She told reporters in Wellington that the issue of New Zealand’s Five Eyes membership had “never been raised” with her “or anyone else” by Five Eyes partners. Ardern added that her government received its information “from official channels, not opinions expressed at a workshop”.

 

 

Facebook Shared your Data with 60+ Other Tech Companies

Posted on by

New privacy law forces some U.S. media offline in Europe

continue here where it has affected U.S. media.

It is a privacy war. It is data abuse. It is exploitation.

More than 50 companies including Apple and Amazon participated in the Facebook data-sharing partnership.

Have you noticed emails and terms of privacy has changed in volumes with those sites you often visit? Well we can thank Europe as the new privacy law went into effect in recent weeks.

On May 25, however, the power balance will shift towards consumers, thanks to a European privacy law that restricts how personal data is collected and handled. The rule, called General Data Protection Regulation or GDPR, focuses on ensuring that users know, understand, and consent to the data collected about them. Under GDPR, pages of fine print won’t suffice. Neither will forcing users to click yes in order to sign up. Read the details here.

But, it is suggested that you actually read what updates are in fact happening in the U.S., as it may not be all that protective. Fair warning and take caution, abuses may still continue.

Read on…it is no wonder that Facebook is running TV ads, but that still does not assure us our data is being abused.

Facebook: The Social Accelerator? | emergent by design photo

Facebook Gave Device Makers Deep
Access to Data on Users and Friends

The company formed data-sharing partnerships with Apple, Samsung and
dozens of other device makers, raising new concerns about its privacy protections.

As Facebook sought to become the world’s dominant social media service, it struck agreements allowing phone and other device makers access to vast amounts of its users’ personal information.

Facebook has reached data-sharing partnerships with at least 60 device makers — including Apple, Amazon, BlackBerry, Microsoft and Samsung — over the last decade, starting before Facebook apps were widely available on smartphones, company officials said. The deals allowed Facebook to expand its reach and let device makers offer customers popular features of the social network, such as messaging, “like” buttons and address books.

But the partnerships, whose scope has not previously been reported, raise concerns about the company’s privacy protections and compliance with a 2011 consent decree with the Federal Trade Commission. Facebook allowed the device companies access to the data of users’ friends without their explicit consent, even after declaring that it would no longer share such information with outsiders. Some device makers could retrieve personal information even from users’ friends who believed they had barred any sharing, The New York Times found.

Most of the partnerships remain in effect, though Facebook began winding them down in April. The company came under intensifying scrutiny by lawmakers and regulators after news reports in March that a political consulting firm, Cambridge Analytica, misused the private information of tens of millions of Facebook users.

In the furor that followed, Facebook’s leaders said that the kind of access exploited by Cambridge in 2014 was cut off by the next year, when Facebook prohibited developers from collecting information from users’ friends. But the company officials did not disclose that Facebook had exempted the makers of cellphones, tablets and other hardware from such restrictions.

“You might think that Facebook or the device manufacturer is trustworthy,” said Serge Egelman, a privacy researcher at the University of California, Berkeley, who studies the security of mobile apps. “But the problem is that as more and more data is collected on the device — and if it can be accessed by apps on the device — it creates serious privacy and security risks.”

In interviews, Facebook officials defended the data sharing as consistent with its privacy policies, the F.T.C. agreement and pledges to users. They said its partnerships were governed by contracts that strictly limited use of the data, including any stored on partners’ servers. The officials added that they knew of no cases where the information had been misused.

The company views its device partners as extensions of Facebook, serving its more than two billion users, the officials said.

“These partnerships work very differently from the way in which app developers use our platform,” said Ime Archibong, a Facebook vice president. Unlike developers that provide games and services to Facebook users, the device partners can use Facebook data only to provide versions of “the Facebook experience,” the officials said.

Some device partners can retrieve Facebook users’ relationship status, religion, political leaning and upcoming events, among other data. Tests by The Times showed that the partners requested and received data in the same way other third parties did.

Facebook’s view that the device makers are not outsiders lets the partners go even further, The Times found: They can obtain data about a user’s Facebook friends, even those who have denied Facebook permission to share information with any third parties.

In interviews, several former Facebook software engineers and security experts said they were surprised at the ability to override sharing restrictions.

“It’s like having door locks installed, only to find out that the locksmith also gave keys to all of his friends so they can come in and rifle through your stuff without having to ask you for permission,” said Ashkan Soltani, a research and privacy consultant who formerly served as the F.T.C.’s chief technologist.

Details of Facebook’s partnerships have emerged amid a reckoning in Silicon Valley over the volume of personal information collected on the internet and monetized by the tech industry. The pervasive collection of data, while largely unregulated in the United States, has come under growing criticism from elected officials at home and overseas and provoked concern among consumers about how freely their information is shared.

In a tense appearance before Congress in March, Facebook’s chief executive, Mark Zuckerberg, emphasized what he said was a company priority for Facebook users.“Every piece of content that you share on Facebook you own,” he testified. ”You have complete control over who sees it and how you share it.”

But the device partnerships provoked discussion even within Facebook as early as 2012, according to Sandy Parakilas, who at the time led third-party advertising and privacy compliance for Facebook’s platform.

“This was flagged internally as a privacy issue,” said Mr. Parakilas, who left Facebook that year and has recently emerged as a harsh critic of the company. “It is shocking that this practice may still continue six years later, and it appears to contradict Facebook’s testimony to Congress that all friend permissions were disabled.”

The partnerships were briefly mentioned in documents submitted to German lawmakers investigating the social media giant’s privacy practices and released by Facebook in mid-May. But Facebook provided the lawmakers with the name of only one partner — BlackBerry, maker of the once-ubiquitous mobile device — and little information about how the agreements worked.

The submission followed testimony by Joel Kaplan, Facebook’s vice president for global public policy, during a closed-door German parliamentary hearing in April. Elisabeth Winkelmeier-Becker, one of the lawmakers who questioned Mr. Kaplan, said in an interview that she believed the data partnerships disclosed by Facebook violated users’ privacy rights.

“What we have been trying to determine is whether Facebook has knowingly handed over user data elsewhere without explicit consent,” Ms. Winkelmeier-Becker said. “I would never have imagined that this might even be happening secretly via deals with device makers. BlackBerry users seem to have been turned into data dealers, unknowingly and unwillingly.”

In interviews with The Times, Facebook identified other partners: Apple and Samsung, the world’s two biggest smartphone makers, and Amazon, which sells tablets.

An Apple spokesman said the company relied on private access to Facebook data for features that enabled users to post photos to the social network without opening the Facebook app, among other things. Apple said its phones no longer had such access to Facebook as of last September.

Samsung declined to respond to questions about whether it had any data-sharing partnerships with Facebook. Amazon also declined to respond to questions.

Usher Lieberman, a BlackBerry spokesman, said in a statement that the company used Facebook data only to give its own customers access to their Facebook networks and messages. Mr. Lieberman said that the company “did not collect or mine the Facebook data of our customers,” adding that “BlackBerry has always been in the business of protecting, not monetizing, customer data.”

Microsoft entered a partnership with Facebook in 2008 that allowed Microsoft-powered devices to do things like add contacts and friends and receive notifications, according to a spokesman. He added that the data was stored locally on the phone and was not synced to Microsoft’s servers.

Facebook acknowledged that some partners did store users’ data — including friends’ data — on their own servers. A Facebook official said that regardless of where the data was kept, it was governed by strict agreements between the companies.

“I am dumbfounded by the attitude that anybody in Facebook’s corporate office would think allowing third parties access to data would be a good idea,” said Henning Schulzrinne, a computer science professor at Columbia University who specializes in network security and mobile systems. Keep reading here for specific details.

What is the Magnitsky Act Anyway

Posted on by

The Global Magnitsky Act enables the United States to sanction the world’s worst human rights abusers and most corrupt oligarchs and foreign officials, freezing their U.S. assets and preventing them from traveling to the United States. Sanctioned individuals become financial pariahs and the international financial system wants nothing to do with them.

Before proceeding, ask yourself: is Global Magnitsky right for my case? The language of the Global Magnitsky Act as passed by Congress was ex-panded by Executive Order 13818, which is now the implementing authority for Global Magnitsky sanctions. EO 13818 stipulates that sanctions may be considered for individuals who are engaging or have engaged in “serious human rights abuse” against any person, or are engaging or have en-gaged in “corruption.” Individuals who, by virtue of their rank, have ordered others to engage or have facilitated these acts also are liable to be sanctioned.

Keep in mind that prior to the EO’s expansion of the language, human rights sanctions were limited to “gross violations of internationally recognized human rights” as codified in 22 USC § 2304(d)(1). The original language also stipulates that any victim must be working “to expose illegal activity car-ried out by government officials” or to “obtain, exercise, defend, or promote internationally recognized human rights and freedoms.” As for sanctions for corruption, it identifies “acts of significant corruption” as sanctionable offenses. This is generally thought to be a stricter standard than the EO’s term “corruption.” It may be worthwhile to aim for this higher standard to make the tightest case possible for sanctions.

As a rule, reach out to other NGOs and individuals working in the human rights and anti-corruption field, especially those who are advocating for their own Global Magnitsky sanctions. Doing so at the beginning of the process will enable you to build strong relationships, develop a robust network, and speak with a stronger voice.

Download the full guide to learn more.

***  And harass they did. Bill Browder is a distant buddy and I watched his communications this morning as he was arrested in Spain. The warrant:

  It was about 40 minutes later, he was released. He was in Madrid is to give evidence to senior Spanish anti Russian mafia prosecutor Jose Grinda about the huge amount of money from the Magnitsky case that flowed to Spain. Now that I’m released my mission carries on. Meeting with Prosector Grinda now. This was the SIXTH Russian arrest warrant using Interpol channels. It was NOT an expired warrant, but a live one. Interpol is incapable of stopping Russian abuse of their systems. He is right.

 

***

United States citizens are outraged about the Kremlin’s incursion into the U.S. electoral system, but that is unfortunately just the tip of the iceberg. Russia is also trying to hijack the U.S. judiciary for corrupt purposes, expropriation and political repression, which has received little attention.

Unlawful seizure of private assets and private companies by the Kremlin has been the norm since Vladimir Putin became president in 2000. Russia’s law enforcement agencies and courts are regularly used for the enrichment of the ruling elite.

Annual State Department and Freedom House reports underscore that the Russian judicial system lacks independence from the country’s powerful executive branch.

The Sergei Magnitsky case is the best-known example of the Russian state’s co-opting of the courts to support its kleptocracy. A cabal of Russian tax and law enforcement officers conspired to defraud Russian taxpayers of $230 million, the largest tax fraud in Russian history, by targeting Bill Browder’s company, Hermitage Capital.

When Magnitsky, Browder’s tax attorney, discovered the fraud and notified authorities, Hermitage and Magnitsky were charged with their own fraud. Magnitsky was then arrested and died in pre-trial detention at the age of 37.

Since then, Russian authorities have repeatedly called on Interpol to disseminate red notices to harass Browder and other victims. Interpol, which is meant to facilitate cross-border coordination among law enforcement agencies, is susceptible to abuse as it passes on requests and notices from states without much scrutiny.

Russia misuses Interpol’s red notices to gain the support of international law enforcement agencies, including U.S. law enforcement, in pursuing political dissidents and victims of corporate raiding.

Russian legal authorities also abuse the U.S. court system by exploiting U.S. federal discovery laws. Under these laws, a foreign party can use the U.S. federal courts to compel discovery from any person under U.S. jurisdiction.

The Russian authorities used this law repeatedly against Yukos and its affiliates, after confiscating the oil giant from Mikhail Khodorkovsky and other shareholders.

More recently, agents of the Russian state have engaged in two federal court cases in New York: a 2016 attempt to loot the assets of Janna Bullock and her real estate investment firm RIGroup, and a 2018 effort to plunder the personal property of banker Sergei Leontiev, a former shareholder of Probusinessbank.

The Russian state is using the discovery process to extract information to further criminal charges and extortion schemes against individuals who fled to the U.S. seeking the protection, safety and rule of law now being undermined.

The Russian government and its associates have developed similar strategies to use federal and state courts to recognize and validate bogus decisions from Russian courts, exploit the U.S. Bankruptcy Code on behalf of sham creditors aligned with the Russian state and enforce illegitimate claims and orders issued by corrupt Russian judges.

Although U.S. judges are permitted to consider evidence questioning the legitimacy of a foreign judicial decision, they are rightly hesitant to speculate on whether another country upholds the rule of law.

Such a determination requires significant analysis beyond the scope and ability of most courts and therefore leaves the U.S. judiciary ill-equipped to defend itself against Russian incursion.

The U.S. is slowly beginning to fight back against Russian intrusion into our courts. In 2017, the United States sanctioned two Russian private-sector lawyers, Yulia Mayorova and Andrei Pavlov, who repeatedly represented Russian government agencies in the United States.

After passage by Congress of the “Global Magnitsky Human Rights Accountability Act,” the U.S. sanctioned Artem Chaika, the son of Russia’s prosecutor general, who used his father’s position to extort bribes and win contracts for himself and his cronies, while driving out competition.

More needs to be done to keep Russian lawlessness abroad at bay. The House and Senate judiciary committees should investigate the hacking of U.S. courts and hold hearings to examine the threat they pose, with an eye toward developing legislation that will help block future attacks.

The Department of Justice and the State Department should consider establishing a joint task force to coordinate with U.S. courts, where victims of abuse by corrupt governments could submit their evidence.

The State Department already produces annual reports that opine on the state of foreign judiciaries, which can be put to good use to protect the integrity of U.S. courts.