Russia has Provided N Korea Additional Hacking Platforms

Hackers from North Korea are reported to have stolen a large cache of military documents from South Korea, including a plan to assassinate North Korea’s leader Kim Jong-un.

Rhee Cheol-hee, a South Korean lawmaker, said the information was from his country’s defence ministry.

The compromised documents include wartime contingency plans drawn up by the US and South Korea.

They also include reports to the allies’ senior commanders.

Plans for the South’s special forces were reportedly accessed, along with information on significant power plants and military facilities in the South.

Mr Rhee belongs to South Korea’s ruling party, and sits on its parliament’s defence committee. He said some 235 gigabytes of military documents had been stolen from the Defence Integrated Data Centre, and that 80% of them have yet to be identified.

The hack took place in September last year. In May, South Korea said a large amount of data had been stolen and that North Korea may have instigated the cyber attack – but gave no details of what was taken.

North Korea denied the claim. The isolated state is believed to have specially-trained hackers based overseas, including in China. More here.

Russia is always part of the rogue nation process, it is curious of the timing as you read on. TransTeleCom is owned by Russia’s state-run railway company and has fiber optic cables that follow all the country’s main train lines, including all the way up to the North Korean border.

photo

Related reading: North Korea gets new internet access via Russia

Reuters: North Korea has opened a second internet connection with the outside world, this time via Russia, a move which cyber security experts said could give Pyongyang greater capability to conduct cyber attacks.

Previously traffic was handled via China Unicom (0762.HK) under a deal dating back to 2010. TransTeleCom now appears to be handling roughly 60 percent of North Korean internet traffic, while Unicom transmits the remaining 40 percent or so, Dyn said.

The new external connection was first reported by 38 North, a project of the U.S.-Korea Institute at Johns Hopkins School of Advanced International Studies (SAIS).

TransTeleCom declined to confirm any new routing deal with the North Korean government or its communications arm. In a statement, it said: “TransTeleCom has historically had a junction of trunk networks with North Korea under an agreement with Korea Posts and Telecommunications Corp signed in 2009.”

North Korea’s internet access is estimated to be limited to somewhere between a few hundred and just over 1,000 connections. These connections are vital for coordinating the country’s cyber attacks, said Bryce Boland, chief technology officer for the Asia-Pacific region at FireEye, a cyber-security company.

Boland said the Russian connection would enhance North Korea’s ability to command future cyber attacks.

Having internet routes via both China and Russia reduces North Korea’s dependence on any one country at a time when it faces intense geo-political pressures, he said.

Many of the cyber attacks conducted on behalf of Pyongyang came from outside North Korea using hijacked computers, Boland said. Those ordering and controlling the attacks communicate to hackers and hijacked computers from within North Korea.

“This will improve the resiliency of their network and increase their ability to conduct command and control over those activities,” Boland said.

The Washington Post reported earlier that the U.S. Cyber Command has been carrying out denial of service attacks against hackers from North Korea designed to limit their access to the internet. (wapo.st/2yRbg8w)

In February 2005, the TTK became the largest party in terms of the European Internet Exchange London Internet Exchange (LINX). In July 2005, the TTK became the fifth operator in Russia, received the right to provide long-distance services (after Rostelecom, Tsentrinfokoma, Golden Telecom and MTT). “TransteleCom” JSC provides communications services in Kazakhstan and for a map of locations and services, go here.

Chinese Infusion of Spies in the U.S.

Related reading: CHINESE INTELLIGENCE SERVICES AND ESPIONAGE THREATS TO THE UNITED STATES

Related reading: 2015/ U.S. officials: Chinese secret agents in U.S. spikes

Related reading: 2014/ How the F.B.I. Cracked a Chinese Spy Ring

Dissident Reveals Secret Chinese Intelligence Plans Targeting U.S.

Guo Wengui calls China communist system a ‘kleptocracy,’ vows reform

China earlier this year ordered the dispatch of 27 intelligence officers to the United States as part of a larger campaign of subversion, according to a leading Chinese dissident.

Guo Wengui, a billionaire real estate mogul, disclosed what he said was an internal Communist Party document authorizing the Ministry of State Security to send the spies, described as “people’s police officers.”

Guo, who is being sought by the Chinese government in a bid to silence his disclosures of high-level corruption and intelligence activity, denounced the Beijing regime as corrupt and called for a “revolution” to reform the system.

“My only single goal that I set myself to try to achieve is to change China,” Guo said through an interpreter during a National Press Club meeting attended by news reporters and supporters of the exiled dissident.

“What they’re doing is against humanity,” he said. “What the U.S. ought to do is take action, instead of just talking to the Chinese kleptocracy.”

Guo last month requested political asylum in the United States in the face of a high-level Chinese government effort to force the United States to return him to China. China has charged him with several crimes. Guo has denied the charges.

Guo earlier charged that senior Chinese leader Wang Qishan, who controls most of China’s finances, is corrupt and has engaged in moving money and documents outside of China. Wang is leading China’s nationwide anti-corruption drive that critics say is cover for efforts by Xi to consolidate power.

The Chinese campaign against Guo has included high-level diplomatic and economic pressure on American government and business leaders to lobby for Guo’s repatriation.

China’s Minister of Public Security, Guo Shengkun, met with Attorney General Jeff Sessions on Wednesday where China’s demands for the return of fugitives was discussed.

A Justice Department spokesman said Sessions raised the issue of a Chinese-origin cyber attack against the Hudson Institute, a think tank that had canceled its plan to hold the press conference for Guo under pressure from China. The Justice spokesman, Wynn Hornbuckle, said China pledged their cooperation in investigating the incident.

Hornbuckle would not say if Guo Wengui was discussed during the law enforcement and cyber security talks.

David Tell, a Hudson spokesman, told the Washington Free Beacon, the denial of service cyber attack was traced by investigators to Shanghai.

According to an email obtained by the Free Beacon, a Hudson employee stated that he was asked to forward a message to institute leaders sent from a Chinese Embassy official on Sept. 29.

Chinese officials, according to the email, “want Hudson to cancel the Guo Wengui event because he is a criminal and tells lies, that China is about to enter a sensitive time with its Party Congress, that hosting him would hurt China-U.S. relations, and that this event would embarrass Hudson Institute and hurt our ties with the Chinese government.”

The intelligence document released Thursday is one of a number sensitive internal reports obtained by Guo who was once close to MSS Vice Minister Ma Jian, who was imprisoned last year on corruption charges, but who Guo has said was repressed politically because of his knowledge of corruption among Chinese leaders.

Guo said he had planned to disclose three internal Chinese government documents during the Hudson event. But instead he burned the documents after the event was canceled.

Guo said he maintains close ties to supporters within the Chinese government and security system and is able to obtain many internal documents.

According to Guo, for simply holding the top-secret document he distributed at the press conference, a person could be jailed in China for three to five years.

The document was issued by the National Security Council, a new Chinese government and Party entity headed by Chinese leader Xi Jinping.

The MSS operatives will work under cover at the Bank of China branch offices and at Chinese diplomatic facilities in the United States.

The document is labeled “top secret” and dated April 27. It was released by Guo at a press conference in Washington during which he appealed for the U.S. government to wake up to the threat posed by China and counter it.

Guo said the authenticity of the document was confirmed by the U.S. government.

The directive to the MSS was formally called “The Request for Instructions on the Working Plan of Secretly Dispatching and 27 People’s Police Officers, He Jianfeng and Others from the Ministry of State Security to the United States on Field Duty in 2017.”

“We approve in principle,” the report says, adding “please carefully organize and implement.”

According to the document the MSS should follow Chinese ideology set out by the late leader Deng Xiaoping, as well as the concepts outlined in speeches by Xi, the current leader.

The document is one of the first internal documents to reveal how China is expanding intelligence activities targeting what it calls “hostile forces” in the United States.

The MSS, according to the report, was told to “go according to the need of the strategic arrangements” of the Communist Party “against overseas hostile forces, strictly abide by our national principles of state security work on the United States, and use the opportunity of the rise of our comprehensive national strength and Sino-U.S. diplomatic relations tending to ease to further expand the scope and depth of the infiltration into the anti-China hostile forces in the United States.”

The MSS agents are to enter the United States secretly in phases and “use the cover of the executives of the state-owned enterprises in the United States, such as the Bank of China (New York) to carry out solid intelligence collection, to incite defection of relevant individuals, and to conduct counter-espionage, etc.”

The spies also were directed to focus on “extraordinarily significant criminal suspects, including Ling Wancheng, Guo Wengui, and Cheng Muyang, etc.”

Ling is the brother of Ling Jihua, a former high-ranking Chinese official who China has accused of illegal activities and who defected to the United States in 2016. Cheng is a real estate mogul in Canada who China also accused of illegal activities.

“If necessary, they should also actively support, cooperate with, and assist the personnel in the United States who conduct the United Front operations, diplomatic operations, and military intelligence operations to carry out related business,” the document states.

United Front work is what the Chinese government calls influence operations aimed at coopting Americans into supporting Beijing’s policies.

The directive urges the spies to “make contributions for further crushing overseas anti-China hostile forces.”

Lastly, MSS officials should seek to strengthen the organization and provide after actions reports to the senior Party organ.

“We have friends all over the world … those who provide the documents are among the most senior people, including the current Politburo standing committee,” Guo said. “My material is real. Otherwise, they wouldn’t be afraid of it.”

Guo said during his press conference that since the April directive, around 50 additional intelligence operatives were sent to the United States.

An FBI spokeswoman had no comment on the document. A Chinese Embassy spokesman did not respond to an email seeking comment.

On Saturday, China’s Public Security Ministry issued a statement denying China was behind the hack of a law firm representing Guo and the Hudson Institute. The ministry also disputed the authenticity of the document.

“An official of the Ministry of Public Security states that, China paid close attention to such allegations and launched immediate investigation,” the statement said. “But no evidence has been found that China and its government have been involved with these incidents.”

The ministry also called the documents revealed by Guo “utterly clumsily forged and full of obvious mistakes.” It did not elaborate but offered to cooperate in a U.S. investigation into the authenticity of the materials and cooperate in the probe of the cyber attacks.

According to Guo, China is engaged in a three-pronged campaign of subversion in the United States he labeled “Blue-Gold-Yellow,” with each color standing for a different line of attack.

Blue represents large-scale Chinese cyber and internet operations while gold represents China’s use of money and financial power. The yellow is part of a plan to use sex to undermine American society.

Another Chinese government subversion program was described by Guo using the code name the “Three Fs.” It involves China’s systematic programs targeting the United States with the goal to weaken the country, throw the country into turmoil and ultimately defeat America.

Asked about the major Communist Party meeting scheduled for later this month, Guo said: “I would like all members of the Chinese Communist Party to wake up and say no to this ruling clique.”

Guo disclosed that he was imprisoned in China after the 1989 pro-democracy protests in Tiananmen Square and spent 22 months in prison. Chinese police also shot his brother, who later died.

Since then, he has spent the intervening years as an entrepreneur preparing to expose corrupt Chinese leaders, a process he began in January.

China has retaliated by freezing some $17 billion in assets in China and by imprisoning business associates and relatives of Guo.

Radio France’s Chinese-language radio service reported recently that several Chinese have been harassed by authorities for discussing Guo’s disclosures about Wang’s corruption. The report called the activity “Guo Wengui-phobia.”

Chinese censors have cracked down on people online who used the phrases used by Guo, like “Wang-Seven-Three” and “73” for Wang Qishen. Also a person wearing the t-shirt with the word “all of this is only the beginning”—one of Guo’s catch phrases on social media was detained.

“Those who support Guo Wengui call out ‘put a pot on your head,’ a homophone for ‘support Guo,'” the French report said. “Those who desperately want to catch him want to ‘smash that pot,’ literally meaning ‘smash the pot,’ but the term means ‘to fail.'”

China also recently blocked the messaging app WhatsApp, after China tightened controls on WeChat, Weibo, and Baidu message boards that were sharing posts on Guo.

“Looking at social media, every time Guo Wengui has revealed the secrets of a corrupt official, there’s been a reaction on the streets of Beijing,” the report said. “In restaurants, bars, in the streets and alleyways, people see each other and, smiling, ask, ‘What did he say now?’ It’s become a tacit greeting.”

70 WH Points the Democrat Caucus Declared DOA

Poor Chuck and Nancy…

President Trump’s political dalliance with “Chuck and Nancy” already is running into problems, as the top congressional Democrats balk at the president’s new terms for a deal to help the roughly 800,000 young illegal immigrants known as ‘Dreamers.’

“This proposal fails to represent any attempt at compromise,” House Democratic Leader Nancy Pelosi and Senate Democratic Leader Chuck Schumer said in a joint statement, after the administration announced the demands Sunday night.

photo

*** But this could mean no other legislative business will advance for the balance of Trump’s first term.

WT: Determined to finally solve illegal immigration, the White House submitted a 70-point enforcement plan to Congress Sunday proposing the stiffest reforms ever offered by an administration — including a massive rewrite of the law in order to eliminate loopholes illegal immigrants have exploited to gain a foothold in the U.S.

The plans, seen by The Washington Times, include President Trump’s calls for a border wall, more deportation agents, a crackdown on sanctuary cities and stricter limits to chain migration — all issues the White House says need to be part of any bill Congress passes to legalize illegal immigrant “Dreamers” currently protected by the Obama-era deportation amnesty known as DACA.

But the plans break serious new ground on the legal front, giving federal agents more leeway to deny illegal immigrants at the border, to arrest and hold them when they’re spotted in the interior, and to deport them more speedily. The goal, the White House said, is to ensure major changes to border security, interior enforcement and the legal immigration system.

“Anything that is done addressing the status of DACA recipients needs to include these three reforms and solve these three problems,” a senior White House official told The Times. “If you don’t solve these problems then you’re not going to have a secure border, you’re not going to have a lawful immigration system and you’re not going to be able to protect American workers.”

All told, the list includes 27 different suggestions on border security, 39 improvements to interior enforcement and four major changes to the legal immigration system.

The White House said the list was built from the ground up, with input from the Justice, State and Labor Departments and the three main immigration agencies at Homeland Security, each of whom was asked what tools they needed to finally get a handle on illegal immigration.

Ideas poured in, ranging cracking down on sanctuary cities that shield illegal immigrants — a long-running battle — to new proposals, such as doling out assistance to other in the Western Hemisphere, enlisting them as partners in the effort to stop illegal immigrants heading north.

The running theme of the list, though, is closing loopholes that illegal immigrants have exploited:

 

• Lax asylum standards, which illegal immigrants have learned to game through saying “magic words” that earn them instant protections, would be stiffened.

• The Unaccompanied Alien Children — or UAC — who streamed to the U.S. under President Obama would have to prove they really are without parents and are fleeing abuse, in order to access generous humanitarian protections.

• Visitors who come legally but overstay their visas — perhaps now an even larger group of illegal immigrants than those who jump the border — would, for the first time, face a misdemeanor penalty.

• A 2001 Supreme Court decision that has forced the release of tens of thousands of illegal immigrants, including murderers, would be curtailed.

• The ability of federal, state and local authorities to detain illegal immigrants would be fully enshrined in law, helping settle a long-running question that’s fueled some sanctuary cities.

Also on the list are proposals that have been included in past immigration bills that garnered bipartisan support such as canceling the annual visa lottery that doles out 50,000 green cards at random, and requiring all businesses to use E-Verify, the government’s currently voluntary system for checking to make sure new hires are legally eligible to work.

Immigrant-rights advocates had feared the move, saying they believed Mr. Trump was giving in to hard-liners in his administration, including senior adviser Stephen Miller.

“President Trump and Members of Congress need to decide – do they want to resolve this crisis, or do they want to fall prey to Stephen Miller et al’s strategy to kill legislation and expose all 800,000 DACA beneficiaries to deportation?” Frank Sharry, executive director of America’s Voice, said in a statement last week in anticipation of the announcement.

Many of the items on the president’s list have drawn bipartisan support in the past, including more fencing, a massive boost in Border Patrol agents, the end to the diversity visa lottery and mandatory use of E-Verify.

Each of those was, in fact, part of the 2013 immigration bill the Senate approved, with the support of every single Democrat in the chamber.

But Democrats say they only supported those measures at the time as part of a broad compromise that offered legal status to some 8 million of the estimated 11 million illegal immigrants in the country at that point. They said a smaller legalization for Dreamers can’t be coupled with that broad an enforcement surge.

“Please do not put the burden on the Dreamers to accept every aspect of comprehensive immigration reform to get a chance to become citizens of the United States,” Sen. Richard Durbin, a Democrat who was part of the so-called “Gang of Eight” senators that wrote the 2013 bill, told top administration officials at a hearing last week. “That’s too much to ask.”

The senior White House official, though, said Mr. Durbin’s logic amounted to a “false pretense that the safety of the American people should be held hostage to some other goal.”

Congress doesn’t need an excuse to pass laws that make our streets safer or our country safer or make our jobs more secure. It’s just the right thing to do,” the official said.

The administration’s new list is likely to irk Senate Minority Leader Charles E. Schumer and House Minority Leader Nancy Pelosi, who emerged from a meeting with Mr. Trump last month insisting they had the outlines of a Dream Act-style deal that would grant a pathway to citizenship to Dreamers in exchange for limited border security, such as technology, boosting the Coast Guard or adding more inspectors at ports of entry.

The two leaders said they had explicitly won an agreement not to couple the Dream Act with any new action on Mr. Trump’s proposed border wall.

Not an Inch of the US is Safe, Consider This…

Equifax hacked, NSA hacked, active shooters, stolen identity, bad legislation being signed by presidents, townhalls being disrupted by activists, leaked classified material, nefarious people roaming Elm Street and violence on college campuses…..not a complete list but even top people in Washington DC are not protected either.

Check this out…

photo

John Kelly’s personal phone has been compromised for months

White House tech support discovered the suspected breach after Kelly turned his phone in to tech support staff this summer.

White House officials believe that chief of staff John Kelly’s personal cell phone was compromised, potentially as long ago as December, according to three U.S. government officials.

The discovery raises concerns that hackers or foreign governments may have had access to data on Kelly’s phone while he was secretary of the Department of Homeland Security and after he joined the West Wing.

Tech support staff discovered the suspected breach after Kelly turned his phone in to White House tech support this summer complaining that it wasn’t working or updating software properly.

Kelly told the staffers the phone hadn’t been working properly for months, according to the officials.

White House aides prepared a one-page September memo summarizing the incident, which was circulated through the administration.

A White House official, speaking for the administration, said Kelly hadn’t used the personal phone often since joining the administration. This person said Kelly relied on his government-issued phone for most communications.

The official, who did not dispute any of POLITICO’s reporting on the timeline of events or the existence of the memo, said Kelly no longer had possession of the device but declined to say where the phone is now.

Kelly has since begun using a different phone, one of the officials said, though he relies on his government phone when he’s inside the White House.

Several government officials said it was unclear when – or where – Kelly’s phone was first compromised. It is unclear what data may have been accessed, if any.

Kelly’s travel schedule prior to joining the administration in January is under review. The former Marine general retired in 2016 as chief of U.S. Southern Command.

Staffers reviewed the cell phone for several days and tried to decipher what had happened to it, the officials said. Many functions on the phone were not working.

The IT department concluded the phone had been compromised and should not be used further, according to the memo.

The document triggered concern throughout the West Wing about what information may have been exposed, one of the officials said.

The revelation comes amid an internal probe at the White House into personal email use. Senior officials, including Jared Kushner and Ivanka Trump, have at times used personal email for government business, POLITICO has reported.

Additional storage lockers were recently added in the West Wing for personal devices and aides have been warned to limit personal cell phone use in the building.

Bill Marczak, a senior research fellow with the Citizen Lab at the University of Toronto’s Munk School of Global Affairs, said the worst-case scenario would be “full access,” where an attacker would be able to essentially control a device, including its microphone and camera.

“The [attackers] I would be most worried about are nation-states or other actors who may have access to resale of commercial spyware sold to nation-states,” he said.

“The average user won’t notice anything at all. Really the only way to pick up on that is to do forensics on the phone,” he added.

This article was reported in coordination with the Project On Government Oversight, a nonprofit investigative watchdog organization.

Active Shooter Education and Detail

Primer: Active Shooter Workshop Participant

Related Reading: Active Shooter: How to Respond Educational Booklet

Review of active shooter resources and training
The scope of the Las Vegas shooting this week is disturbing and brings the worry of
copycats. It is a good time to review active shooter or mass violence incident plans
and hold training or drills to run through them. It’s also a good time to re-establish
inter- and cross-jurisdictional partnerships with other responding agencies. Good
interagency cooperation doesn’t happen accidentally.

The Department of Homeland Security (DHS) has a dedicated site with active shooter
response resources, documents and training available for first responders and the
public. The resources for the public are translated into eight languages. They also
have information specifically for those in the human resources and security fields.
The FBI has a similar site with resources and training, including the “Run. Hide.
Fight.” video training and an overview of the FBI’s roles in an active shooter incident.
In addition, they have a section of studies on past active shooter incidents and
guides to developing emergency operations plans for schools, institutions of higher
learning and houses of worship.

Firefighters played a significant role in the response. Firefighters and EMTs should
have working knowledge of their role in violent incidents well before being in
the middle of one. The U.S. Fire Administration (USFA) published a report on
operational considerations for fire and EMS during such incidents and the National
Fire Protection Association (NFPA) is currently working on a standard. FireRescue1
and EMS1 both have numerous articles on this topic.

In July, Lexipol hosted three chief fire officers from Prince George’s County, Maryland,
West Webster, New York, and Dallas, Texas, to learn about their tragic active shooter
incidents first hand. The hour-long webinar includes information and downloads.
Finally, concertgoers were very instrumental in initial patient care, hemorrhage
control and moving victims to ambulances and other transport. These actions
can be highlighted as part of an effort to educate the public in your jurisdiction
on rendering aid to a bleeding victim, whether from violence or other means. See
BleedingControl.org for more information and resources.
(Source: DHS)

TRACIE resources page for mass violence incidents
The Las Vegas shooting is in some ways a worst-case scenario many agencies have
feared for years. After action reviews will not be done for some time, but we know
hospitals were taxed beyond capacity in response to this mass casualty incident.
The Technical Resource, Assistance Center, and Information Exchange (TRACIE)
site put together a page of information and resources related to mass violence.
As mentioned above, it would be a good idea to review your jurisdiction’s mass
casualty incident plans, run some drills, and make changes as needed.
One featured topic collection is Patient Movement and Tracking. Patient tracking
and transportation is chaotic without proper coordination and communication,
and those looking to strengthen their plans should find this information helpful.
Other featured topic collections include Emergency Public Information; Explosives and Mass Shooting; Hospital Surge Capacity; Trauma Care and Triage; Fatality
Management; Family Reunification and Support; and Responder Safety and Health.
TRACIE is managed by the Department of Health and Human Services. It has many
Topic Collections (PDF, 105 KB) currently available and many more planned.
(Source: TRACIE)