Category Archives: FBI

Debris Found for EgyptAir #804

Posted on by

Missing EgyptAir Flight Likely Downed by Terror Attack, Minister Says
Airbus A320 carrying 66 passengers, 10 crew lost by radar while flying at 37,000 feet above the Mediterranean; EgyptAir vice president tells CNN wreckage found.

 Previous flights for the same day.
Haaretz: An EgyptAir jet carrying 66 passengers and crew from Paris to Cairo disappeared from radar over the Mediterranean south of Greece on Thursday, with Athens saying the plane swerved in mid-air before plunging from cruising height and vanishing.
Egypt’s aviation minister said a terrorist attack was more likely to have taken down the aircraft than a technical failure.
EgyptAir Vice President Ahmed Adel has since said in an interview with CNN that the wreckage of the missing plane has been found.

“There are so many reasons why a plane can fall from the sky and crash. We have no explanations at this stage. We need more investigation,” he said.
Egypt’s envoy to France said Greek authorities had informed his counterpart in Athens that they had found blue and white debris corresponding to EgyptAir’s colors.
Later, Egypt’s Civil Aviation Ministry said that Greek authorities have found “floating material” that is likely to be debris from the missing aircraft.

Greece deployed aircraft and a frigate to search for the missing Airbus and officials said they had found pieces of plastic and two life vests that appeared to have come from an aircraft in the sea 370 kilometers (230 miles) south of Crete.
Egyptian Prime Minister Sherif Ismail said it was too early to rule out any explanation, including an attack like the one blamed for bringing down a Russian airliner over Egypt’s Sinai Peninsula last year.

Egypt said it would lead the investigation and that France would participate. Other countries also offered to help, including Britain and the United States.
In Washington, U.S. President Barack Obama received a briefing on the disappearance from his adviser for homeland security and counter-terrorism, the White House said.
Greek Defense Minister Panos Kammenos said the Airbus had first swerved 90 degrees to the left, then spun through 360 degrees to the right. After plunging from 37,000 feet to 15,000, it vanished from Greek radar screens.
According to Greece’s civil aviation chief, calls from Greek air traffic controllers to flight MS804 went unanswered just before it left Greek airspace, and it disappeared from radar screens soon afterwards.
There was no official indication of a possible cause, whether technical failure or sabotage by hard-line Islamists who have targeted airports, airliners and tourist sites in Europe, Egypt, Tunisia and other Middle Eastern countries over the past few years.
The aircraft was carrying 56 passengers — with one child and two infants among them — and 10 crew, EgyptAir said. They included 30 Egyptian and 15 French nationals, along with citizens of 10 other countries.


Asked if he could rule terrorist involvement, Prime Minister Ismail told reporters: “We cannot exclude anything at this time or confirm anything. All the search operations must be concluded so we can know the cause.”

French President Francois Hollande also said the cause was unknown. “No hypothesis can be ruled out, nor can any be favored over another.”
With its archaeological sites and Red Sea resorts, Egypt is a traditional destination for Western tourists. But the industry has been badly hit by the downing of a Russian Metrojet flight last October, in which all 224 people on board were killed, as well as by an Islamist insurgency and a string of bomb attacks.
No response
Greek air traffic controllers spoke to the pilot as the jet flew over the island of Kea, in what was thought to be the last broadcast from the aircraft, and no problems were reported.
But just ahead of the handover to Egyptian controllers, calls to the plane went unanswered.
“About seven miles before the aircraft entered the Cairo airspace, Greek controllers tried to contact the pilot but he was not responding,” said Kostas Litzerakis, head of Greece’s civil aviation department. Shortly after exiting Greek airspace, it disappeared from radars, he said.
Greek authorities were searching the sea south of the island of Karpathos, Greece’s Defense Minister Kammenos told a news conference.
“At 3:39 A.M., the course of the aircraft was south and southeast of Kassos and Karpathos (islands),” he said. “Immediately after, it entered Cairo flight information region and made swerves and a descent I describe: 90 degrees left and then 360 degrees to the right.”
The Airbus plunged from a height of 37,000 feet (11,280 meters) to 15,000 feet before vanishing from radar, he added.

Egyptian Civil Aviation Minister Sherif Fathi said authorities had tried to resume contact but without success.
‘No one knows anything’
At Cairo airport, authorities ushered families of the passengers and crew into a closed-off waiting area.
Two women and a man, who said they were related to a crew member, were seen leaving the VIP hall where families were being kept. Asked for details, the man said: “We don’t know anything, they don’t know anything. No one knows anything.”
Ayman Nassar, from the family of one of the passengers, also walked out of the passenger hall with his daughter and wife in a distressed state. “They told us the plane had disappeared, and that they’re still searching for it and not to believe any rumors,” he said.
The mother of a flight attendant rushed out of the hall in tears. She said the last time her daughter called her was Wednesday night. “They haven’t told us anything,” she said.
In Paris, a police source said investigators were now interviewing officers who were on duty at Roissy airport on Wednesday evening to find out whether they heard or saw anything suspicious. “We are in the early stage here,” the source said.
Airbus said the missing A320 was delivered to EgyptAir in November 2003 and had operated about 48,000 flight hours.
The missing flight’s pilot had clocked up 6,275 hours of flying experience, including 2,101 hours on the A320, while the first officer had 2,766 hours, EgyptAir said.
At one point, EgyptAir said the plane had sent an emergency signal at 04:26 A.M., two hours after it disappeared from radar screens. However, Fathi said later that further checks found that no SOS was received.
Egypt and France to cooperate
The weather was clear at the time the plane disappeared, according to Eurocontrol, the European air traffic network.
Under UN aviation rules, if the aircraft is found to have crashed in international or Egyptian waters, Egypt will automatically lead an investigation into the accident, assisted by countries including France, where the jet was assembled, and the United States, where engine maker Pratt & Whitney is based.
Russia and Western governments have said the Metrojet plane that crashed on October 31 was probably brought down by a bomb, and ISIS said it had smuggled an explosive device on board.
That crash called into question Egypt’s campaign to contain Islamist violence. Militants have stepped up attacks on Egyptian soldiers and police since Egypt’s President Abdel-Fattah al-Sissi, then serving as army chief, toppled elected President Mohamed Mursi, an Islamist, in 2013 after mass protests against his rule.
In March, an EgyptAir plane flying from Alexandria to Cairo was hijacked and forced to land in Cyprus by a man with what authorities said was a fake suicide belt. He was arrested after giving himself up.
EgyptAir has a fleet of 57 Airbus and Boeing jets, including 15 of the Airbus A320 family of aircraft, according to airfleets.com.

***** Other details include:

  1. Plane went through full maintenance less than a week ago.
  2. Plane departed about 25 minutes late.
  3. MS804 stopped in Tunisia, Cairo, Brussels, Eritrea prior to Paris.
  4. Passenger list included: 15French 30Egyptian 1British 1Belgian 2Iraqis 1Kuwaiti 1Saudi 1Sudanese 1Chadians 1Portuguese 1Algerian 1Canadian

Final summary: Debris has been spotted some 210 miles southeast of Crete in the Eastern Mediterranean that is believed to have been from EgyptAir Flight MS804. The passenger jet, an Airbus 320, left the Charles De Gaulle Airport in Paris, France at about 9:30pm local time. On board were 56 passengers, 7 crew and 3 air marshals. At around 2:30am Cario-time, Flight 804 was crossing into Egyptian airspace and being handed off from Greek air controllers. The last radio traffic indicated that there were no problems. At an altitude of some 37,000 feet, the Airbus 320 suddenly dove some 22,000 feet and began to swerve and turn, then, disappeared from radar. Search efforts were launched immediately.

Russia’s Other War, Cyber

Posted on by

 

Finding weakness and exploiting it in the cyber realm is hidden warfare, few speak about. For the West, Russia tops the list. China, Iran and North Korea are also on the short list. For Russia’s other targets, the Baltic States are in the Russian target list.

CBS: The U.S. has elevated its appraisal of the cyber threat from Russia, the U.S. intelligence chief said Thursday, as he delivered the annual assessment by intelligence agencies of the top dangers facing the country.

“While I can’t go into detail here, the Russian cyber threat is more severe than we had previously assessed,” James Clapper, the director of national intelligence, told the Senate Armed Services Committee, as he presented the annual worldwide threats assessment.

As they have in recent years, U.S. intelligence agencies once again listed cyber attacks as the top danger to U.S. national security, ahead of terrorism. Saboteurs, spies and thieves are expanding their computer attacks against a vulnerable American internet infrastructure, chipping away at U.S. wealth and security over time, Clapper said.

Russia ‘was behind German parliament hack’

BBC: Germany’s domestic intelligence agency has accused Russia of being behind a series of cyber attacks on German state computer systems.

The BfV said a hacker group thought to work for the Russian state had attacked Germany’s parliament in 2015.

This week it emerged that hackers linked to the same group had also targeted the Christian Democratic Union party of Chancellor Angela Merkel.

Russia has yet to respond publicly to the accusations made by the BfV.

Sabotage threat

BfV head Hans-Georg Maassen said Germany was a perennial target of a hacker gang known as Sofacy/APT 28 that some other experts also believe has close links with the Russian state. This group is believed by security experts to be affiliated with the Pawn Storm group that has been accused of targeting the CDU party.

The Russian Cyber Threat: Views from Estonia

Tensions between Russia and its adversaries in the West are escalating. In recent years, Russia has undermined the security of its neighbors by violating their land borders, crossing into their airspace unannounced and harassing them above and below sea level. Less noticed or understood, however, are Moscow’s aggressive actions in cyberspace. The small Baltic country of Estonia—a global leader in digital affairs—is well-placed to shed light on the tactical and strategic aspects of Russia’s offensive computer network operations.

In fact, three civilian and intelligence agencies responsible for cyber security—the Estonian Information System Authority, Internal Security Service and Information Board—recently issued reports that help put together different pieces of the puzzle. The conclusion is that “in cyberspace, Russia is the source of the greatest threat to Estonia, the European Union and NATO.” Now policymakers on both sides of the Atlantic must decide what to do about it.

Russia has been developing and employing offensive cyber capabilities for years. Russian cyber threat groups consist of professional, highly skilled practitioners whose daily jobs are to prepare and carry out attacks. And they don’t go after low-hanging fruit; instead, they receive specific orders on which institutions to target and what kind of information is needed. Criminals, hacktivists, spies and others linked to Russian strategic interests are usually well-financed, persistent and technologically advanced. They have a wide range of tools and resources, including the ability to carry out denial-of-service attacks, develop sophisticated malware and exploit previously unknown software vulnerabilities. Russian threat actors cloak their identities by using remote servers and anonymizing services. They target everything from the mobile devices of individuals to the IT infrastructure of entire government agencies.

Often, Russian threat actors map target networks for vulnerabilities and conduct test attacks on those systems. After carrying out reconnaissance, they conduct denial-of-service attacks or try to gain user access. Common techniques include sending emails with malicious attachments, modifying websites to infect visitors with malware and spreading malware via removable media devices like USB drives. Once inside, they continue to remotely map networks, attempt to gain administrator-level access to the entire network and extract as much sensitive data as possible. Such access also lets them change or delete data if that’s what the mission requires. They’ll often go after the same targets for years to get what they need. They have the confidence that comes from perceived anonymity and impunity; if they make a mistake or fail, they’ll simply try again.

These tactical activities are carried out in pursuit of strategic objectives. In the long term, this includes undermining and, if possible, helping to dissolve the EU and NATO. Moscow also aims to foster politically divided, strategically vulnerable and economically weak societies on its periphery in order to boost its own ability to project power and influence on those countries’ decisions. Russian cyber threat actors help by stealing military, political or economic data that gives Russia advantages in what it sees as the zero-sum game of foreign relations. The exfiltrated data can be used to recruit intelligence agents or provide economic benefits to its companies. Cyber capabilities can also be used to carry out influence operations that undermine trust between the citizens and the state. Telling examples of that strategy include its multi-week distributed-denial-of-service (DDoS) attacks against Estonia in 2007, its coordinated attacks against Ukraine’s 2014 presidential elections and the false-flag operation against a French telecommunication provider in 2015.

Most worryingly, today’s intelligence operations can enable tomorrow’s military actions. Influence operations, including the use of propaganda and social media, can create confusion and dissatisfaction among the population. Denial-of-service attacks can inhibit domestic and international communication. Coordinated, plausibly deniable attacks on multiple critical national infrastructure sectors can disrupt the provision of vital services such as energy, water, or transportation. This can provide a context for the emergence of “little green men”. Malicious code can be weaponized to hinder military and law enforcement responses. Clearly, cyber capabilities have the potential to be a powerful new tool in the Kremlin’s not-so-new “hybrid warfare” toolbox. With enough resources and preparation, they can be used in attempts to cause physical destruction, loss of life and even to destabilize entire countries and alliances. Such operations could be but a decision or two away in terms of planning, and perhaps several months or years before implementation. What can be done about it?

Preventive and countermeasures exist at the personal, organizational, national and international levels. Individuals should take “cyber hygiene” seriously, since Russian threat actors target both personal and work devices. This includes employing basic security technologies, backing up data, not visiting dubious websites and not opening suspicious emails. Organizations that handle sensitive information should adopt stricter security policies, including for handling of work-related data on personal devices. Information systems managers must be especially vigilant since they are primary targets, and weak personal security on their part may compromise national security. For their part, governments must enact the basics: computer security laws, national cyber strategies, a police focus on cybercrime, national CERTs, public-private partnerships and capable intelligence agencies. They also need continuous training and exercises to keep relevant agencies prepared for their missions. Finally, global cooperation and expeditious exchange of information among cyber security firms, national computer security incident response teams (CSIRTs) and security services are key to identifying Russian attack campaigns and taking defensive countermeasures.

All such countermeasures comprise elements of a deterrence-by-denial strategy that aims to raise the cost of carrying out malicious operations. States have also undertaken diplomatic initiatives to manage the potential instability that could result from the use of weaponized code—namely confidence-building measures, norms of responsible state behavior and attempts to agree on international law. While laudable, none of these have curbed Russian cyber aggression in the short term. For example, Russia’s coordinated December 2015 attack on the Ukrainian electrical grid—highlighted in all three agencies’ reports—was clearly an attack on critical national infrastructure that violated tentative international norms signed by Russia, possibly even while the campaign was being prepared. Defensive and diplomatic countermeasures must be complemented by a cohesive strategy of deterrence-by-punishment by individual countries as well as like-minded allies.

Cyber threat actors with links to Russia (APT28/Sofacy/Pawn Storm, the Dukes/APT29, Red October/Cloud Atlas, Snake/Turla/Uroburos, Energetic Bear/DragonFly, Sandworm Team and others) target NATO members on a daily basis—mainly for espionage and influence operations. But a recent SCMagazineUK article claims that the FSB plans to spend up to $250 million per year on offensive cyber capabilities. “Particular attention is to be paid to the development and delivery of malicious programs which have the ability to destroy the command and control systems of enemy armed forces, as well as elements of critical infrastructure, including the banking system, power supply and airports of an opponent.” Clearly, we had better be prepared.

Mexican Drug Cartels Worldwide, Even Australia

Posted on by

9NewsAustralia: Mexican drug cartels have infiltrated Australia and are supplying bikies, Middle Eastern gangs and Asian triads with cocaine and ice, according to a new report.

The cartels have made Australia a prime target because of “significantly higher” drug prices on our shores compared to the US and South America, The Daily Telegraph quotes a University of Canberra report as saying.

The report found a kilogram of cocaine in Australia can fetch up to $350,000, while the same amount would fetch around $73,000 in the United States.

“Their presence threatens to not only increase the supply of illicit drugs in Australia but encourage turf wars and increase the amount of guns in the country,” associate professor Dr Anthea McCarthy-Jones, and the report’s author, said.

Mexico is the world’s largest producer of ice, according to a 2015 United Nations report.

Actor Sean Penn with El Chapo shortly before he was recaptured. (Sean Penn/Rolling Stone)

Actor Sean Penn with El Chapo shortly before he was recaptured. (Sean Penn/Rolling Stone)

Drug importation offences in NSW have increased by 10.7 percent each year for the past 10 years, according to the NSW Bureau of Crime Statistics and Research.

Mexican drug cartels are some of the most violent and notorious in the world.

The head of the Sinaloa cartel, Joaquin ‘El Chapo’ Guzman, was recaptured in Mexico in January after being on the run for six months.

He is believed to be behind thousands of drug-related murders in the Mexico and the US.
Read more at http://www.9news.com.au/national/2016/05/09/06/28/mexican-drug-cartels-supplying-bikies-with-ice-report#WhI71ukRs8xZTLDk.99

Mexican drug cartels and dark-networks: an emerging threat to Australia’s national security

Over the past decade Mexican drug cartels’ power and the violent struggles between them have increased exponentially. Previously Mexico, and in particular the border regions with the US, were the key battle grounds for control of distribution routes. However, today Mexican drug cartels are now looking abroad in an attempt to extend their operations. This expansion has seen several cartels moving into lucrative international markets in Europe and the Asia Pacific.

It is in this context that Australia has now become a target of several Mexican cartels. They have already established linkages in the Asia Pacific and are further attempting to strengthen and expand these — with a particular focus on penetrating the Australian market. These developments show how Mexican drug cartels operate as ‘dark-networks’, successfully creating a global system that seeks to capture new markets, and further extend their control and dominance of the flow of illicit drugs around the world.

Full white paper document here.

  Source: Strategic and Defence Studies Centre (ANU) Owning Institution: Australian National University

For Australia, the emergence of Mexican drug cartels in local markets presents not only criminal but strategic challenges. The size of these operations, their resources and ‘dark-network’ structure makes

them a difficult opponent. Their presence threatens to not only increase the supply of illicit drugs in Australia, but encourage turf wars, increase the amount of guns in the country, tax border security resources and threaten the stability and good governance of South Pacific transit spots.

This represents the end of Australia’s ‘tyranny of distance’, which previously acted as a buffer and protected Australia from the interests of remote criminal groups such as the Mexican cartels.

9/11 Saudi Supported Memo Released

Posted on by

Memos on Alleged Saudi-Affiliated Support of the 9/11 Attacks

The National Archives released a series of memos written by Sept. 11 Commission staff members, a compilation of numerous possible connections between the hijackers and Saudis inside the United States. The document appears to be a glimpse into what is still contained in the classified 28 pages of the congressional inquiry into the 2001 attacks.