An affordable price is probably the major benefit persuading people to buy drugs at www.americanbestpills.com. The cost of medications in Canadian drugstores is considerably lower than anywhere else simply because the medications here are oriented on international customers. In many cases, you will be able to cut your costs to a great extent and probably even save up a big fortune on your prescription drugs. What's more, pharmacies of Canada offer free-of-charge shipping, which is a convenient addition to all other benefits on offer. Cheap price is especially appealing to those users who are tight on a budget
Service Quality and Reputation Although some believe that buying online is buying a pig in the poke, it is not. Canadian online pharmacies are excellent sources of information and are open for discussions. There one can read tons of users' feedback, where they share their experience of using a particular pharmacy, say what they like or do not like about the drugs and/or service. Reputable online pharmacy canadianrxon.com take this feedback into consideration and rely on it as a kind of expert advice, which helps them constantly improve they service and ensure that their clients buy safe and effective drugs. Last, but not least is their striving to attract professional doctors. As a result, users can directly contact a qualified doctor and ask whatever questions they have about a particular drug. Most likely, a doctor will ask several questions about the condition, for which the drug is going to be used. Based on this information, he or she will advise to use or not to use this medication.

Category Archives: Gangs and Crimes

Hat Tip to the FBI for Operation Wire Wire

Posted on by
Beyond phishing, there is vishing and smishing.
Vishing is using the phone, either a land line or cell.
Smishing is scamming your text messages.
Tactics are constantly being developed. Are you paying attention?
Department of Justice
Office of Public Affairs
FOR IMMEDIATE RELEASE
Monday, June 11, 2018

74 Arrested in Coordinated International Enforcement Operation Targeting Hundreds of Individuals in Business Email Compromise Schemes

42 Alleged Fraudsters Arrested in the United States

Federal authorities announced today a significant coordinated effort to disrupt Business Email Compromise (BEC) schemes that are designed to intercept and hijack wire transfers from businesses and individuals, including many senior citizens.  Operation Wire Wire, a coordinated law enforcement effort by the U.S. Department of Justice, U.S. Department of Homeland Security, U.S. Department of the Treasury and the U.S. Postal Inspection Service, was conducted over a six month period, culminating in over two weeks of intensified law enforcement activity resulting in 74 arrests in the United States and overseas, including 29 in Nigeria, and three in Canada, Mauritius and Poland.  The operation also resulted in the seizure of nearly $2.4 million, and the disruption and recovery of approximately $14 million in fraudulent wire transfers.

BEC, also known as “cyber-enabled financial fraud,” is a sophisticated scam often targeting employees with access to company finances and businesses working with foreign suppliers and/or businesses that regularly perform wire transfer payments.  The same criminal organizations that perpetrate BEC also exploit individual victims, often real estate purchasers, the elderly, and others, by convincing them to make wire transfers to bank accounts controlled by the criminals. This is often accomplished by impersonating a key employee or business partner after obtaining access to that person’s email account or sometimes done through romance and lottery scams.  BEC scams may involve fraudulent requests for checks rather than wire transfers; they may target sensitive information such as personally identifiable information (PII) or employee tax records instead of, or in addition to, money; and they may not involve an actual “compromise” of an email account or computer network.  Foreign citizens perpetrate many BEC scams.  Those individuals are often members of transnational criminal organizations, which originated in Nigeria but have spread throughout the world.

“Fraudsters can rob people of their life’s savings in a matter of minutes,” said Attorney General Sessions. “These are malicious and morally repugnant crimes. The Department of Justice has taken aggressive action against fraudsters in recent months, conducting the largest sweep of fraud against American seniors in history back in February. Now, in this operation alone, we have arrested 42 people in the United States and 29 others have been arrested in Nigeria for alleged financial fraud. And so I want to thank the FBI, nearly a dozen U.S. Attorneys’ Offices, the Secret Service, Postal Inspection Services, Homeland Security Investigations, the Treasury Department, our partners in Nigeria, Poland, Canada, Mauritius, Indonesia, and Malaysia, and our state and local law enforcement partners for all of their hard work. We will continue to go on offense against fraudsters so that the American people can have safety and peace of mind.”

“This operation demonstrates the FBI’s commitment to disrupt and dismantle criminal enterprises that target American citizens and their businesses,” said FBI Director Christopher A. Wray. “We will continue to work together with our law enforcement partners around the world to end these fraud schemes and protect the hard-earned assets of our citizens. The public we serve deserves nothing less.”

“The Secret Service remains committed to aggressively investigating and pursuing those responsible for cyber-enabled financial crimes,” said U.S. Secret Service Director Randolph “Tex” Alles.  “Although the explosive expansion of the cyber domain has forced us to develop innovative ways of conducting these types of investigations, our proven model remains the same.”

“FinCEN has been a leader in the fight against BEC and other cyber-enabled crime,” said FinCEN Director Kenneth A. Blanco. “Since 2014, working with our domestic and international partners, our Rapid Response Program has helped recover over $350 million stolen from innocent Americans.  We must continue to be smarter, quicker, and better than the criminals that we face every day.  Today’s action is a victory, but it will take vigilance, time, and resources to take this fight into the future.  In defense of the victims of these crimes, we are ready for the challenge.”

“The U.S. Postal Inspection Service has a long history of successfully investigating complex fraud and corruption cases,” said Chief Postal Inspector Guy Cottrell. “We are proud to work alongside our fellow law enforcement partners in major efforts, such as Operation Wire Wire, to target those individuals who take advantage of the American public for illegal profits. Anyone who engages in deceptive practices like this should know they will not go undetected and will be held accountable, regardless of where they are. Postal Inspectors will continue to work tirelessly to protect our customers from fraud.”

A number of cases involved international criminal organizations that defrauded small to large sized businesses, while others involved individual victims who transferred high dollar funds or sensitive records in the course of business.  The devastating effects these cases have on victims and victim companies, affect not only the individual business but also the global economy.  Since the Internet Crime Complaint Center (IC3) began keeping track of BEC and its variant, Email Account Compromise (EAC), as a complaint category, there has been a loss of over $3.7 billion reported to the IC3.  BEC and EAC is a prevalent scam and the Justice Department along with our partners will continue to aggressively pursue and prosecute the perpetrators, including money mules, regardless of where they are located.

Money mules may be witting or unwitting accomplices who receive ill-gotten funds from the victims and then transfer the funds as directed by the fraudsters.  The money is wired or sent by check to the money mule who then deposits it in his or her own bank account.  Usually the mules keep a fraction for “their trouble” and then wire the money as directed by the fraudster.  The fraudsters enlist and manipulate the money mules through romance scams or “work-at-home” scams.

Starting in January 2018, this coordinated enforcement action targeted hundreds of BEC scammers.  In addition, law enforcement agents executed over 51 domestic actions including search warrants, money mule warning letters, and asset seizure warrants totaling nearly $1 million.  Local and state law enforcement partners on FBI task forces across the country, with the assistance of multiple District Attorney’s Offices, charged 15 alleged money mules for their role in defrauding victims.  These money mules were employed by the fraudsters to launder their ill-gotten gains by draining the funds into other accounts that are difficult to trace.

Among those arrested on federal charges in BEC schemes include:

  • Following an investigation by the FBI and the U.S. Secret Service, 23 individuals were charged in the Southern District of Florida with laundering at least $10 million from proceeds of BEC scams, including eight people charged in an indictment unsealed last week in Miami. These eight defendants are alleged to have conspired to launder proceeds from numerous BEC scams, totaling at least approximately $5 million, including approximately $1.4 million from a victim corporation in Seattle, as well as various title companies and a law firm.
  • Following an investigation led by the FBI with the assistance of the IRS Criminal Investigation, Gloria Okolie and Paul Aisosa, both Nigerian nationals residing in Dallas, Texas, were charged in an indictment filed on June 6 in the Southern District of Georgia.  According to the indictment, they are alleged to have victimized a real estate closing attorney by sending the lawyer a spoofing email posing as the seller and requesting that proceeds of a real estate sale in the amount of $246,000 be wired to Okolie’s account.  They are charged with laundering approximately $665,000 in illicit funds.  The attorney experienced $130,000 in losses after the bank was notified of the fraud and froze $116,000.
  • Adeyemi Odufuye aka “Micky,” “Micky Bricks,” “Yemi,” “GMB,” “Bawz” and “Jefe,” 32, and Stanley Hugochukwu Nwoke, aka Stanley Banks,” “Banks,” “Hugo Banks,” “Banky,” and “Jose Calderon,” 27, were charged in a seven-count indictment in the District of Connecticut in a BEC scheme involving an attempted loss to victims of approximately $2.6 million, including at least $440,000 in actual losses to one victim in Connecticut.  A third co-conspirator Olumuyiwa Yahtrip Adejumo, aka “Ade,” “Slimwaco,” “Waco,” “Waco Jamon,” “Hade,” and “Hadey,” 32, of Toledo, Ohio, pleaded guilty on April 20 to one count of conspiracy to commit wire fraud.  Odufuye was extradited from the United Kingdom to the United States and on Jan. 3, pleaded guilty to one count of conspiracy to commit wire fraud and one count of aggravated identity theft. Nwoke was extradited to the United States from Mauritius on May 25, marking the first extradition in over 15 years from Mauritius.  His case is pending.
  • Richard Emem Jackson, aka Auwire, 23, of Lagos, Nigeria, was charged in an indictment filed on May 17 in the District of Massachusetts with two counts of unlawful possession of a means of identification as part of a larger fraud scheme. According to the indictment, on two occasions in 2017, Jackson is alleged to have possessed the identifications of two victims with the intent to commit wire fraud conspiracy.  In another case being prosecuted in the District of Massachusetts, a 25-year-old Fort Lauderdale, Florida man was indicted in federal court in Boston on June 6 on one count of money laundering conspiracy. According to the indictment, the individual was part of a conspiracy that engaged in wire fraud. It is alleged that in early 2018, the defendant’s co-conspirators gained access to email accounts belonging to a Massachusetts real estate attorney and sent emails to recipients in Massachusetts that “spoofed” the real estate attorney’s account in an attempt to cause the email recipient to transfer nearly $500,000, which was intended to be used for payment in connection with a real estate transaction, to a shell account belonging to a money mule recruited and controlled by the defendant.

The BEC scam is related to other forms of fraud such as:

  • “Romance scams,” which lull victims to believe that their online paramour needs funds for an international business transaction, a U.S. visit or some other purpose;
  • “Employment opportunities scams,” which recruits prospective employees for work-from-home employment opportunities where employees are required to provide their PII as new “hires” and then are significantly overpaid by check whereby the employees wire the overpayment to the employers’ bank;
  • “Fraudulent online vehicle sales scams,” which convinces intended buyers to purchase prepaid gift cards in the amount of the agreed upon sale price and are instructed to share the prepaid card codes with the “sellers” who ignore future communications and do not deliver the goods;
  • “Rental scams” occur when renters forward a check in excess of the agreed upon deposit for the rental property to the victims and request the remainder be returned via wire or check and back out of the rental agreements and ask for a refund; and
  • “Lottery scams,” which involves persons randomly contacting email addresses advising them they have been selected as the winner of an international lottery.

The cases were investigated by the FBI, U.S. Secret Service, U.S. Postal Inspection Service, U.S. Immigration and Customs Enforcement’s Homeland Security Investigations, the U.S. Department of the Treasury Financial Crimes Enforcement Network (FinCEN) and IRS Criminal Investigation.  U.S. Attorney’s Offices in the Districts of Central California, Connecticut, Eastern Virginia, Massachusetts, Nebraska, New Jersey, Southern Florida, Southern Georgia, Southern Texas, Eastern Pennsylvania, Eastern Washington, Western Pennsylvania, Western Tennessee, Western Washington, Utah, and elsewhere have ongoing investigations some of which have resulted in arrests in Nigeria.  The Justice Department’s Computer Crime and Intellectual Property Section, Money Laundering and Asset Recovery Section and Office of International Affairs of the Criminal Division provided assistance. District Attorney’s Offices of Caddo Parrish in Shreveport, Louisiana; Harris County, Texas and Los Angeles are handling state prosecutions. Additionally, private sector partners and the Nigerian Economic and Financial Crimes Commission, Canadian law enforcement including the Toronto Police Service, the Mauritian Attorney-General and the Commissioner of Police, Polish Police Central Bureau of Investigation, Indonesian National Police Cyber Crimes Unit, and the Royal Malaysia Police provided significant assistance.

This operation, which was funded and coordinated by the FBI, serves as a model for international cooperation against specific threats that endanger the financial well-being of each member country’s residents.  Attorney General Sessions expressed gratitude for the outstanding efforts of the participating countries, including law enforcement actions that were coordinated and executed by the Economic and Financial Crimes Commission (EFCC) in Nigeria to curb business email compromise schemes that defraud businesses and individuals alike.

Victims are encouraged to file a complaint online with the IC3 at bec.ic3.gov. The IC3 staff reviews complaints, looking for patterns or other indicators of significant criminal activity, and refers investigative packages of complaints to the appropriate law enforcement authorities in a particular city or region. The FBI provides a variety of resources relating to BEC through the IC3, which can be reached at www.ic3.gov.

For more information on BEC scams, visit: www.ic3.gov/media/2018/180611.aspx

Hey Secret Service, Check it out While in Singapore

Posted on by

10 Best Things to Do in Sentosa Island - Best Attractions ... photo

So, while the United States is finding a discreet way to pay for Kim Jung Un’s travel and hotel stay in Singapore on Sentosa Island as North Korea is cash strapped…ah yeah sure, there are some other things going on in Singapore and Malaysia.

Let’s begin a few years ago. Sit back with this article, it is long but perspective and context is required.

Malaysian authorities shutter two North Korean companies ... photo

(Note, it is allegedly closed, or Singapore denies it, but Secret Service check it all out)

(Reuters) – It is in Kuala Lumpur’s “Little India” neighborhood, behind an unmarked door on the second floor of a rundown building, where a military equipment company called Glocom says it has its office.

Glocom is a front company run by North Korean intelligence agents that sells battlefield radio equipment in violation of United Nations sanctions, according to a United Nations report submitted to the Security Council seen by Reuters.

Reuters found that Glocom advertises over 30 radio systems for “military and paramilitary” organizations on its Malaysian website, glocom.com.my.

Glocom’s Malaysian website, which was taken down late last year, listed the Little India address in its contacts section. No one answers the door there and the mailbox outside is stuffed with unopened letters.

In fact, no company by that name exists in Malaysia. But two Malaysian companies controlled by North Korean shareholders and directors(also known as a Nominee Director) registered Glocom’s website in 2009, according to website and company registration documents.

And it does have a business, the unreleased U.N. report says. Last July, an air shipment of North Korean military communications equipment, sent from China and bound for Eritrea, was intercepted in an unnamed country. The seized equipment included 45 boxes of battlefield radios and accessories labeled “Glocom”, short for Global Communications Co.

Glocom is controlled by the Reconnaissance General Bureau, the North Korean intelligence agency tasked with overseas operations and weapons procurement, the report says, citing undisclosed information it obtained.

A spokesman for North Korea’s mission at the U.N. told Reuters he had no information about Glocom.

U.N. resolution 1874, adopted in 2009, expanded the arms embargo against North Korea to include military equipment and all “related materiel”.

But implementation of the sanctions “remains insufficient and highly inconsistent” among member countries, the U.N. report says, and North Korea is using “evasion techniques that are increasing in scale, scope and sophistication.”

Malaysia is one of the few countries in the world which had strong ties with North Korea. Their citizens can travel to each other’s countries without visas. But those ties have begun to sour after North Korean leader Kim Jong Un’s estranged half-brother was murdered at Kuala Lumpur’s international airport on Feb 13.

PAN SYSTEMS

According to the “WHOIS” database, which discloses website ownership, Glocom.com.my was registered in 2009 by an entity called International Global System using the “Little India” address. A similarly named company, International Golden Services is listed as the contact point on Glocom’s website.

Glocom registered a new website, glocom-corp.com, in mid-December, this one showing no Malaysian contacts. Its most recent post is dated January, 2017 and advertises new products, including a remote control system for a precision-guided missile.

Glocom is operated by the Pyongyang branch of a Singapore-based company called Pan Systems, the U.N. report says, citing an invoice and other information it obtained.

Louis Low, managing director of Pan Systems in Singapore said his company used to have an office in Pyongyang from 1996 but officially ended relations with North Korea in 2010 and was no longer in control of any business there.

“They use (the) Pan Systems (name) and say it’s a foreign company, but they operate everything by themselves,” Low told Reuters referring to the North Koreans at the Pyongyang office.

Pan Systems Pyongyang utilized bank accounts, front companies and agents mostly based in China and Malaysia to buy components and sell completed radio systems, the U.N. report says. Pan Systems Pyongyang could not be reached for comment.

One of the directors of Pan Systems Pyongyang is Ryang Su Nyo. According to a source with direct knowledge of her background, Ryang reports to “Liaison Office 519”, a department in the Reconnaissance General Bureau. Ryang is also listed as a shareholder of International Global System, the company that registered Glocom’s website.

Reuters has not been able to contact Ryang.

SMUGGLING CASH

Ryang frequently traveled to Singapore and Malaysia to meet with Pan Systems representatives, the U.N. report says.

On one such trip in February 2014, she and two other North Koreans were detained in Malaysia for attempting to smuggle $450,000 through customs at Kuala Lumpur’s budget airport terminal, two sources with direct knowledge of the situation told Reuters.

The North Korean trio told Malaysian authorities they all worked for Pan Systems and the cash belonged to the North Korean embassy in Kuala Lumpur, according to the two sources.

The Malaysian Attorney General decided not to press charges because of insufficient evidence. A week later, the trio was allowed to travel, and the North Korean embassy claimed the cash, the sources said. All three had passports assigned to government officials, the sources said.

Malaysia’s Customs Department and the Attorney General’s office did not respond to requests for comment over the weekend.

The Pan Systems representative in Kuala Lumpur is a North Korean by the name of Kim Chang Hyok, the U.N. report says.

Kim, who also goes by James Kim, was a founding director of International Golden Services, the company listed in the contacts section of the Glocom website. Kim is director and shareholder of four other companies in Malaysia operating in the fields of IT and trade, according to the Malaysian company registry.

He did not respond to requests for comment by mail or email.

The United Nations panel, which prepared the draft report, asked the Malaysian government if it would expel Kim and freeze the assets of International Golden Services and International Global System to comply with U.N. sanctions. The U.N. did not say when it made the request.

“The panel has yet to receive an answer,” the report said.

Reuters has not received a response from the Malaysian government to repeated requests for comment about Glocom.

POLITICAL CONNECTION

One of Glocom’s early partners in Malaysia was Mustapha Ya’akub, a prominent member of Malaysia’s ruling United Malays National Organisation (UMNO). Since 2014, he has been listed as a director of International Golden Services

As secretary of the UMNO youth wing’s international affairs bureau, Mustapha fostered political connections in the 1990s with countries, such as Iran, Libya and North Korea. Glocom’s Little India address once housed a company owned by UMNO Youth.

Mustapha, 67, said he had been a Glocom business partner “many years back” and said it has been continuously controlled by several North Koreans, including Kim Chang Hyok, whom he said he knew. He did not divulge his role in the company, and denied any knowledge of Glocom’s current business.

“We thought at the time it might be a good idea to go into business together,” Mustapha told Reuters about his first meeting with his North Korean business contacts. He did not say who those contacts were or what they discussed. He denied any knowledge of Glocom’s current business.

Glocom advertises and exhibits its wares without disclosing its North Korean connections.

“Anywhere, Anytime in Battlefield,” reads the slogan on one of several 2017 Glocom catalogs obtained by Reuters.

An advertisement in the September 2012 edition of the Asian Military Review said Glocom develops radios and equipment for “military and paramilitary organizations”.

A spokesman for the magazine confirmed the ad had been bought by Glocom, but said the magazine was unaware of its alleged links to North Korea.

Glocom has exhibited at least three times since 2006 at Malaysia’s biennial arms show, Defence Services Asia (DSA), according to Glocom’s website.

At DSA 2016, Glocom paid 2,000 ringgit ($450) to share a table in the booth of Malaysia’s Integrated Securities Corporation, its director Hassan Masri told Reuters by email.

Hassan said he had nothing to do with Glocom’s equipment and was unaware of its alleged links to North Korea.

Aside from the North Koreans behind Glocom, clues on its website also point to its North Korean origins.

For instance, one undated photo shows a factory worker testing a Glocom radio system. A plaque nearby shows the machine he is using has won a uniquely North Korean award: The Model Machine No. 26 Prize,” named in honor of late leader Kim Jong Il, who is said to have efficiently operated “Lathe No. 26” at the Pyongyang Textile Factory when he was a student.

*** It gets worse.

Executive Summary

In April 2018, Recorded Future published research on the internet browsing behavior of North Korea’s most senior leaders and revealed stark changes in how North Korea’s ruling elite utilize the internet from our original analysis in July 2017. Utilizing a data set spanning from December to mid-April, we compiled a significant amount of information on North Korea’s technology architecture, including which types, manufacturers, and models of hardware and software North Korean leaders used to access the internet.

Our analysis reveals the overwhelming presence of American hardware and software on North Korean networks and in daily use by senior North Korean leaders. We also examined the broad legal regime that restricts U.S. trade with North Korea and discovered that it is insufficient to prevent U.S. electronics, hardware, and software from reaching North Korea.

Key Judgements

  • This failure to keep American technology from reaching North Korea has enabled North Korea’s destabilizing, disruptive, and destructive cyber operations as well as its internet-enabled circumvention of international sanctions.
  • International inconsistency in the definition of the term “luxury goods” has also facilitated the Kim regime’s acquisition of American technology.
  • For seven years, between 2002 and 2017, the United States allowed the exportation of “computer and electronic products” to North Korea, totaling more than $430,000. Our analysis demonstrates that many of the electronic devices North Korean elite utilize are older models or are running older software, and that at least some of those devices could have been legally acquired from the U.S. during these seven years.
  • All U.S. exporters are liable for any violation of the sanctions regime, but beyond the implementation of a robust compliance program, there’s relatively little that can be done to actually stop prohibited goods from reaching sanctioned countries. This is especially true for North Korea, as they have proven to be sophisticated at utilizing intermediaries or spoofing identities.

History of Export Controls Against North Korea

Since the split of North and South Korea following World War II, the United States has regarded the Democratic People’s Republic of Korea (DPRK or North Korea) as an adversary. Despite the lack of open hostilities for nearly 65 years, the U.S. has never normalized diplomatic relations with the “Hermit Kingdom.” From the 1950s to 1980s, North Korea’s status as a Communist government, and sponsorship of international terrorism, ensured that the two countries remained enemies. Then, in 1988, after the bombing of Korean Air Flight 858, North Korea was officially designated as a state sponsor of terrorism by the Reagan administration, inaugurating the modern export control regime against North Korea.

Separately, export control as a response to North Korea’s nuclear proliferation efforts dates back to 1992 when the U.S. imposed sanctions on two North Korean companies due to their missile proliferation activities. Between June 1992 and June 2000, some restrictions were lifted as a result of the U.S.-North Korea bilateral missile talks, but the respite was short lived and the U.S. ratcheted up sanctions from January 2001 through to 2006. This period included the notorious labeling of North Korea as part of the “Axis of Evil” in President Bush’s 2002 State of the Union Address.

In 2006, the first widespread international sanctions began after North Korea carried out its initial nuclear weapons test. This test prompted the UN Security Council (UNSC) to pass two resolutions imposing sanctions on North Korea — first Resolution 1695, and then Resolution 1718. These resolutions together banned a broad range of both imports and exports to North Korea by any UN member states.

While these resolutions initially focused on military materiel, they were supplemented by broader sanctions from the U.S., Australia, and Japan. After North Korea conducted its second underground nuclear test in May 2009, the UNSC adopted Resolution 1874, which further expanded the arms embargo and sought to target Pyongyang’s financial apparata. From 2009 to the present day, both the U.S. and UNSC have progressively strengthened and expanded earlier sanctions with Resolution 2087, 2094, 2270, 2371, 2375, and 2397, which covered everything from missile materiel to textiles and caps on oil trading.

Despite a perceived thaw in diplomatic relations beginning earlier this year, U.S. officials have re-emphasized numerous times that “all sanctions and maximum pressure must remain,” while denuclearization of the Korean peninsula is negotiated.

State of Current U.S. Sanctions Against North Korea

Current United States sanctions against North Korea can be split into two categories:

  1. Sanctions that specifically target North Korea.
  2. Sanctions related to “Weapons of Mass Destruction Proliferators.”

Until 2008, the bulk of U.S. sanctions specific to North Korea were implemented via the Trading With the Enemy Act (1917), which empowers the federal government to prohibit any and all trade with designated countries. On June 26, 2008, the Bush administration issued Executive Order (E.O.) 13466 under the authority of the International Emergency Economic Powers Act. That same year, the National Emergencies Act. E.O. 13466 was supplemented by Executive Orders 13551, 13570, 13687, 13722, and the North Korea Sanctions Regulations (31 C.F.R. part 510). These measures extended a variety of trade restrictions and blocking of interests belonging to various figures in North Korea.

Pre-dating these sanctions, E.O. 13382 was issued in 2005 targeting various entities engaged in WMD proliferation. Three North Korean entities and numerous North Korean persons were listed as blocked entities.

Today, these regulations have culminated in six prohibited categories of transactions involving North Korea:

  1. Blocked property belonging to the state of North Korea and certain North Korean nationals (E.O. 13466, 13551, 13687, 13722, and 13382).
  2. U.S. persons are prohibited from registering vessels in North Korea, flying the DPRK flag, or operating any vessel flagged by North Korea (E.O. 13466).
  3. Goods, services, and technology from North Korea may not be imported into the U.S. (E.O. 13570).
  4. No new investment in North Korea by U.S. persons is allowed (E.O. 13722).
  5. No financing by a U.S. person involving North Korea is allowed (E.O. 13722).
  6. And most importantly for our purposes, goods, services, and technology may not be exported to North Korea from the U.S., or by a U.S. person wherever located, without a license (E.O. 13722).

U.S. export enforcement responsibility falls under three executive branch agencies: the Office of Foreign Asset Control within the Department of Treasury, the Office of Export Enforcement within the Department of Commerce’s Bureau of Industry and Security, and Homeland Security Investigations within the Department of Homeland Security. These three agencies enforce the Executive Orders, U.S. sanctions, International Trafficking in Arms Regulation, Export Administration Regulation, and other laws which make up the body of export control laws in the United States. In 2010, Executive Order 13558 created the Export Enforcement Coordination Center to further strengthen the partnership between these independent agencies.

The United States is one of the only countries which enforces its export laws outside of its national boundaries. Federal agents located in foreign countries work in conjunction with local authorities to conduct end use license checks, knocking on doors to see whether the parties are still upholding their stated exporting intentions.

Currently, civil penalties of up to the greater of $284,582, or twice the amount of the transaction, can be imposed against any party that violates these sanctions. Similarly, upon conviction, criminal penalties of up to $1 million, imprisonment for up to 20 years, or both, may be imposed on any person that willfully violates the sanctions.

North Korea Leverages a Breadth of U.S. Technology Despite Export Controls

North Korea’s Technology Architecture

Numerous third-party data sources used for this analysis gave Recorded Future visibility into what types of devices North Korea’s most senior leadership use to access the global internet. As has been widely publicized over the past several years, Kim Jong Un has been photographed on several occasions with Apple devices, and North Korean-made mobile phones have been assessed as mimicking Apple technology.

While we cannot confirm the actual users behind the activity we see, our analysis indicates that numerous American and Western-manufactured devices are being used by North Korean elite to access the global internet. Several reports and accounts have documented how few North Koreans are granted access to the global internet. At most, only the inner circle of North Korea’s leadership, such as party, military, and intelligence leaders and their families, are allowed to own computers and independently utilize the global internet. This is one of the data points we use to determine with such certainty that North Korea’s ruling elite are the users of this hardware and software.

North Korea’s use of proxies and load balancers limited our ability to identify exactly how many of each device was present, but we can determine some models and versions:

  • Windows 7
  • Windows 8.1
  • Windows 2000
  • Windows XP
  • Windows 10
  • Microsoft Terminal Server
  • Samsung Galaxy S5
  • Samsung Galaxy J5
  • Samsung Galaxy S7
  • Samsung Galaxy S8 Plus
  • Huawei Mate 95c 6 v6
  • Apple iPhone 4S
  • Apple iPhone 5
  • Apple iPhone 5S
  • Apple iPhone 6
  • Apple iPhone 6S Plus
  • Apple iPhone 7 Plus
  • Apple iPhone 8 Plus
  • Apple iPhone X
  • Apple MacBook
  • IBM Tivoli Storage Manager server
  • Conexant Hasbani web servers
  • Ascend Communications1 switches
  • F5 BIG-IP load balancer

While the majority of North Korean cyber operations are likely conducted from abroad, a small minority historically have been conducted from territorial North Korea. These operations have been conducted utilizing this very same hardware and software. This means that minimally, U.S. technology has enabled North Korea’s destabilizing, disruptive, and destructive cyber operations as well as its internet-enabled circumvention of international sanctions.

Where Technology Export Control Fails

According to a Congressional Research Service study conducted in 2016, U.S. trade restrictions with North Korea are extensive, but do not amount to a comprehensive embargo.

The United States curtails trade with North Korea for reasons of regional stability, that country’s support for acts of international terrorism, lack of cooperation with U.S. antiterrorism efforts, proliferation, and its status as a Communist country and a nonmarket economy. The United States also prohibits transactions relating to trade with certain North Korean entities identified as those who procure luxury goods, launder money, smuggle bulk cash, engage in counterfeiting goods and currency, and traffic in illicit narcotics.

Further, ”a U.S. company may apply for a license to export to North Korea, but for nearly all items other than food and medicine, there is a presumption of denial.”

This is despite the fact that North Korea has been on and off the State Sponsors of Terrorism list twice in the last 10 years (President Bush rescinded the declaration in 2008 and President Trump re-applied it in November 2017). In terms of exportation of technology to North Korea, the State Sponsors of Terrorism designation has relatively little impact in and of itself because the sanctions resulting from that designation govern primarily U.S. foreign aid, defense exports, and dual-use items. There is a provision for sanctions on “miscellaneous financial and other restrictions,” however, it is not clear whether that provision goes above and beyond the existing prohibitions on technology exports to North Korea.

Most electronics, including laptop computers, digital music players, large flat-screen televisions, and “electronic entertainment software” are considered “luxury goods” and fall under the broad trade Export Administration Restrictions (EAR) for North Korea administered by the Department of Commerce.

While the United Nations (UN) clarified its definition of “luxury goods” in Resolution 2321 as not including electronics, each UN member state is allowed to interpret the “luxury goods” term as including different products, “creat[ing] a situation of uneven practice” in the application of export controls. For instance:

  • The European Union bans “electrical/electronic items and appliances for domestic use of a value exceeding EUR 50 each.”
  • Australia bans all “consumer electronics.”
  • Japan prohibits “portable computing devices consisting of at least a central processing unit (CPU), a keyboard, and a display.”
  • South Korea broadly restricts and governs trade with the North including “electronic goods” as a luxury item.
    China has not made a distinction on embargoed luxury goods and does not “honor the luxury goods lists of other countries when it exports to” North Korea.

The Saga of ZTE

In March 2016, Zhongxing Telecommunications Equipment (ZTE), a Chinese cellular device and hardware manufacturer, was added to the Export Administration Regulations (EAR) Entities List. The EAR “imposes additional licensing requirements on and limits the availability of most license exceptions for, exports, reexports, and transfers (in-country) to those listed” on the Entities List. ZTE was initially placed on the Entities List for violating U.S. sanctions by selling American-made goods to Iran and North Korea. Placement on the Entities List prohibited U.S. companies from selling goods to ZTE without a license, and because nearly all ZTE-manufactured products contained U.S. goods, essentially crippled the company.

For more than two years, ZTE and the U.S. government went back and forth attempting to reach an agreement over penalties and validate that ZTE was no longer violating U.S. sanctions. In April 2018, the Department of Commerce (DOC) ended the negotiations by imposing a denial order, prohibiting American companies from selling to ZTE for seven years.

The denial order was the end of a lengthy export control enforcement process which would have bankrupted ZTE. Instead, in late May, the DOC negotiated an agreement which lifted the denial order and re-opened ZTE to U.S. exports.

The case of ZTE, a company which was placed on the Entities List and under a denial order for violating U.S. sanctions against North Korea, is a useful example of how impactful successful export control can be — if allowed to be. Had ZTE been allowed to fail, it would have sent a powerful message to companies around the world indicating how seriously the U.S. considers these violations. Instead, the message is that a company can violate U.S export controls and sanctions if it is large enough and aligned with an economically powerful nation.

Technology Exports to North Korea Were Not Always Prohibited

The question of how U.S. technology gets to North Korea is not entirely a story of failed export control or inconsistent application. According to Department of Commerce data, the U.S. has actually exported over $176 million of goods to North Korea since 2002. While this number pales in comparison to export volume with nations such as China or Canada, it is important to note that the export of “computers and electronic products” to North Korea occurred until this year.

At its peak in 2014, the U.S. exported $215,862 worth of computers and electronic products to North Korea. We do not know exactly which products or how many were exported to North Korea that year. However, based on the Department of Commerce definition of “computers and electronic products,” we have an idea of what kind of electronics these exports might have included. This category includes “computers, computer peripherals (including items like printers, monitors, and storage devices), communications equipment (such as wired and wireless telephones), and similar electronic products (including audio and video equipment and semiconductors),” as well as components for these products.

Again, while we do not know exactly which computer and electronic products were exported to North Korea over the past 15 years, that data can be useful in an exercise to demonstrate exactly how much value North Korea could have derived from that amount of money.

For example, in 2014, a decent desktop could cost around $500, while a similarly specified laptop would cost $700. Hypothetically, if North Koreans were paying the average prices for computers, they could have purchased over 350 computers from U.S. suppliers in 2014 alone. In total, since 2002, the U.S. has legally exported $483,543 worth of computers and electronics to North Korea — a sum that could have legally supplied some of the ruling elites’ electronics needs.

Our analysis demonstrates that many of the electronic devices North Korean elite utilize are older models or are running older software. These legal exports certainly do not account for all of the devices we have observed on North Korean networks, nor is $483,543 sufficient to completely build a moderately sized and proxied network. However, it presents an interesting part of the answer to the question of exactly how North Korea could have acquired all of their Western hardware and software. At least some of the computers and software we observed being used in North Korean networks today was probably acquired during these past 15 years.

Outlook

It is the responsibility of any U.S. exporters to be familiar and compliant with federal export controls, as penalties can include fines, civil or criminal charges, imprisonment, negative publicity, revocation of exporting privileges, or debarment from U.S. government contracting. As explained by the Massachusetts Export Center, “[Even if the exporter is selling only] innocuous products or selling only to ‘friendly’ countries … the exporter is ultimately responsible to have a thorough understanding of export regulations and to establish operating procedures aimed at preventing violations.

For U.S. companies and persons to avoid the risk of being found guilty of violating sanctions, it is expected that an effective export compliance program is implemented. The U.S. Department of Commerce’s Bureau of Industry and Security suggest eight elements for an effective program:

  1. Statements and commitments from management
  2. Risk assessment of potential export violations
  3. Export authorization
  4. Effective record keeping
  5. Instituting training programs for employees
  6. Auditing records
  7. Detecting and correcting export violations
  8. Maintaining an export compliance manual

Generally, all U.S. business are not expected to perfect all eight elements, but any deviation from a robust compliance program poses a risk that an entity could be found in violation of the U.S. export regime. However, while a U.S. company may have a robust program, sanctioned states often use false flags or non-national facilitators to skirt even the most advanced programs. As a recent report from Arms Control Wonk and Reuters pointed out, the North Koreans are adept at falsifying addresses and names to circumvent sanctions programs. This flow of technology is not one way, either — recent reports point out that North Korea has used shell companies and various aliases to export various technologies, including facial recognition software to U.S. allies and encryption software in Asia.

One transaction involving the DPRK shell company Glocom that was widely reported last year demonstrates the ease with which North Korea is able to avoid technology control sanctions. Glocom used a network of Asian-based front companies to purchase components from electronic resellers, and the payment was even cleared through a U.S. bank account. Glocom, the company at the center of these transactions, was tied to Pan Systems Pyongyang via invoices uncovered by the UN and International Global System via WHOIS website registration data. Ryang Su Nyo is listed as a director of Pan Systems Pyongyang and a shareholder of International Global System, and Reuters has reported that Ryang reports to “Liaison Office 519,” a department within the North Korean Reconnaissance General Bureau.

Today, the varied interpretation of the term “luxury goods,” a sophisticated sanctions evasion operation, and lax enforcement of technology and electronics as a subcategory has created a situation where the Kim regime can acquire U.S. electronics, software, and hardware virtually at will. Technology resellers, North Koreans abroad, and the Kim regime’s extensive criminal networks all facilitate the transfer of American technology for daily use by one of the world’s most repressive governments. Unless there’s a globally unified effort to impose comprehensive sanctions on the DPRK, and multilateral cooperation to ensure that these sanctions cannot be thwarted by a web of shell companies, North Korea will be able to continue its cyberwarfare operations unabated with the aid of Western technology.

 

More Slime from The SWAMP

Posted on by

Mitch McConnell cancels Senate’s traditional August recess

In a brief written statement, he said: “Senators should expect to remain in session in August to pass legislation, including appropriations bills, and to make additional progress on the president’s nominees.” More here.

At least that is something right?

All of us are mad, no furious with members of Congress. Imagine when some of those members are more angry than YOU at the system?

Leadership works with lobbyists and then leaks to the media. And then you think you have the whole story. Ah, not at all.

Just a teaser for Episode 3 is below.

The Swamp from Daniel Lippman on Vimeo.

In 2017, Congressman Ken Buck of Colorado wrote a book titled Drain The Swamp. 

It is a great primer and a book that can be read in a day. What does go on behind closed doors in Congress? Yep, you will learn it fast. What about those committee assignments and chairmanships? Yep, they are bought. Have you considered discretionary spending? It is illegal. A large handful of congressional members are in fact on our side. Some are so disgusted they are leaving Congress.

Run out and buy the book: Drain the Swamp: How Washington Corruption is Worse than You ThinkCongressman Buck is hardly a rebel but there are those colleagues that say he is. BARTELS: Secretary Wayne Williams’ Denver Broncos shirt ... Yes due to the weapon on the wall for which he was investigated a few years ago.

Remember that shooting at the ballfield? Well, as an aside, prior to that these congressional members packed heat. Likely more are doing the same now.

Here are the members of the House Freedom Caucus who say they currently carry, or did as of 2013 (all are Republicans):

  • Alabama Rep. Gary Palmer
  • Alabama Rep. Mo Brooks
  • Arizona Rep. Paul Gosar
  • Arizona Rep. Matt Salmon
  • Arizona Rep. David Schweikert
  • Arizona Rep. Trent Franks
  • Colorado Rep. Ken Buck
  • Florida Rep. Ted Yoho
  • Florida Rep. Bill Posey
  • Indiana Rep. Marlin Stutzman
  • Louisiana Rep. John Fleming
  • Ohio Rep. Jim Jordan
  • South Carolina Rep. Jeff Duncan
  • South Carolina Rep. Mick Mulvaney
  • Tennessee Rep. Scott Desjarlais
  • Texas Rep. Randy Weber
  • Virginia Rep. Dave Brat

Brooks said the Second Amendment is the “bedrock” of all other amendments, and the pro gun-control argument that the Second Amendment only applies to a militia-owning firearms is preposterous.

“The purpose of the Second Amendment was to ensure that the citizenry could protect itself from a dictatorial and out-of-control government,” Brooks told TheDCNF.

“It has long been a primary goal of kings, dictators, communists, fascists and the like to disarm the citizenry so that there is minimal risk of opposition to centralized government, dictating to the citizenry that is unarmed and defenseless, and unable to assert their rights,” he said. (some of them have already left congress)

***

Fed Gov Spent $76 Billion in 2017 for Cyber Security, Fail v Success

Posted on by

Go here for the Forum Part One

Go here for the Forum Part Two

Fascinating speakers from private industry, state government and the Federal government describe where we are, the history on cyber threats and how fast, meaning hour by hour the speed at which real hacks, intrusions or compromise happen.

David Hoge of NSA’s Threat Security Operations Center for non-classified hosts worldwide describes the global reach of NSA including the FBI, DHS and the Department of Defense.

NSA Built Own 'Google-Like' Search Engine To Share ... photo

When the Federal government spent $76 billion in 2017 and we are in much the same condition, Hoge stays awake at night.

With North Korea in the constant news, FireEye published a report in 2017 known as APT37 (Reaper): The Overlooked North Korea Actor. North Korea is hardly the worst actor. Others include Russia, China, Iran and proxies.

Targeting: With North Korea primarily South Korea – though also Japan, Vietnam and the Middle East – in various industry verticals, including chemicals, electronics, manufacturing, aerospace, automotive, and healthcare.
Initial Infection Tactics: Social engineering tactics tailored specifically to desired targets, strategic web compromises typical of targeted cyber espionage operations, and the use of torrent file-sharing sites to distribute malware more indiscriminately.
Exploited Vulnerabilities: Frequent exploitation of vulnerabilities in Hangul Word Processor (HWP), as well as Adobe Flash. The group has demonstrated access to zero-day vulnerabilities (CVE-2018-0802), and the ability to incorporate them into operations.
Command and Control Infrastructure: Compromised servers, messaging platforms, and cloud service providers to avoid detection. The group has shown increasing sophistication by improving their operational security over time.
Malware: A diverse suite of malware for initial intrusion and exfiltration. Along with custom malware used for espionage purposes, APT37 also has access to destructive malware.

More information on this threat actor is found in our report, APT37 (Reaper): The Overlooked North Korean Actor.

** NSA 'building quantum computer to crack security codes ...  photo

Beyond NSA, DHS as with other agencies have cyber divisions. The DHS cyber strategy is found here. The fact sheet has 5 pillars:

DHS CYBERSECURITY GOALS
Goal 1: Assess Evolving
Cybersecurity Risks.
We will understand the evolving
national cybersecurity risk posture
to inform and prioritize risk management activities.
Goal 2: Protect Federal Government
Information Systems.
We will reduce vulnerabilities of federal agencies to ensure they achieve
an adequate level of cybersecurity.
Goal 3: Protect Critical
Infrastructure.
We will partner with key stakeholders
to ensure that national cybersecurity
risks are adequately managed.
Goal 4: Prevent and Disrupt Criminal
Use of Cyberspace.
We will reduce cyber threats by
countering transnational criminal
organizations and sophisticated cyber
criminals.
Goal 5: Respond Effectively to Cyber
Incidents.
We will minimize consequences from
potentially significant cyber incidents
through coordinated community-wide
response efforts.
Goal 6: Strengthen the Security and
Reliability of the Cyber Ecosystem.
We will support policies and activities
that enable improved global cybersecurity risk management.
Goal 7: Improve Management of
DHS Cybersecurity Activities.
We will execute our departmental
cybersecurity efforts in an integrated
and prioritized way.

Related reading:National Protection and Programs Directorate

NPPD’s vision is a safe, secure, and resilient infrastructure where the American way of life can thrive.  NPPD leads the national effort to protect and enhance the resilience of the nation’s physical and cyber infrastructure.

*** Going forward as devices are invented and added to the internet and rogue nations along with criminal actors, the industry is forecasted to expand with experts and costs.

Research reveals in its new report that organizations are expected to increase spending on IT security by almost 9% by 2018 to safeguard their cyberspaces, leading to big growth rates in the global markets for cyber security.

The cyber security market comprises companies that provide products and services to improve security measures for IT assets, data and privacy across different domains such as IT, telecom and industrial sectors.

The global cyber security market should reach $85.3 billion and $187.1 billion in 2016 and 2021, respectively, reflecting a five-year compound annual growth rate (CAGR) of 17.0%. The American market, the largest segment, should grow from $39.5 billion in 2016 to $78.0 billion by 2021, demonstrating a five-year CAGR of 14.6%. The Asia-Pacific region is expected to grow the fastest among all major regions at a five-year CAGR of 21.4%, due to stringent government policies to mitigate cyber threats, and a booming IT industry.

Factors such as the growing complexity and frequency of threats, increasing severity of cyber security, stringent government regulations and compliance requirements, ubiquity of online communication, digital data and social media cumulatively should drive the market. Moreover, organizations are expected to increase IT spending on security solutions and services, as well. Rising adoption of technologies such as Internet of things, evolution of big data and cloud computing, increasing smartphone penetration and the developing market for mobile and web platforms should provide ample opportunities for vendors.

By solution type, the banking and financial segment generated the most revenue in 2015 at $22.2 billion. However, the defense and intelligence segment should generate revenues of $50.7 billion in 2021 to lead all segments. The healthcare sector should experience substantial growth with an anticipated 16.2% five-year CAGR.

Network security, which had the highest market revenue in 2015 based on solution type, should remain dominant through the analysis period. Substantial growth is anticipated in the cloud security market, as the segment is expected to have a 27.2% five-year CAGR, owing to increasing adoption of cloud-based services across different applications.

“IT security is a priority in the prevailing highly competitive environment,” says BCC Research analyst Basudeo Singh. “About $100 billion will be spent globally on information security in 2018, as compared with $76.7 billion in 2015.”

Crimes or War, the Body Collectors in Mosul

Posted on by

Imagine the other cities in Iraq and Syria. Mosul was part of Assyria as early as the 25th century BC. Of note, in 2008, there was a sizeable exodus of Assyrian Christians. They sought sanctuary in Syria and Turkey due to threats of murder unless they converted to Islam.

Related reading: Aleppo: Tell Our Story After we are Gone

Turkish Airlines New Flight Route to Mosul photo

Iraq Mosul picture, Iraq Mosul photo, Iraq Mosul wallpaper photo

Inside the killing rooms of Mosul

Warning: Graphic images

MOSUL, Iraq — In March, VICE News returned to Mosul for the first time since the war against ISIS was declared over eight months ago.

While life may be returning to normal in the eastern half of the city, on the other side of the river — where the fighting was most intense — the scale of rebuilding that needs to be done is monumental. It’s estimated there are still 8 million tons of conflict debris that need to be moved before reconstruction can start, equivalent to three times the size of the Great Pyramid of Egypt. About 75 percent of that rubble is in West Mosul, and it’s mixed with so much unexploded ordnance that experts say this is now one of the most contaminated spots on the planet.

In the Old City, where ISIS made its last stand, residents have slowly started to come back – a few business owners hoping to repair shops, and families who have no other option but to live in their damaged homes. Some water tanks have been trucked in, and electricity cables have been temporarily patched together along some streets, but the place feels deserted, and in some ways the scene was not that different from how it looked shortly after the fighting.

Eight months on, there are hundreds or perhaps thousands of bodies still under the rubble, making life unbearable for the families who have returned.

The putrefied corpses are mainly Islamic State fighters or their families, since many of the non-ISIS civilian bodies have been dug out and reclaimed by family members or civil defense workers. The bodies that remain are a severe health hazard, but there’s little political will to deal with them, and removing them is risky given the unexploded munitions littering the area. Nevertheless, teams of citizen volunteers are going house-to-house carrying out this gruesome, dangerous work on a daily basis.

**

One volunteer team is led by Sroor al-Hosayni, a 23-year-old former nurse. Many of her group are even younger; some are medical students, but most have no formal training in handling corpses. So far, they say they’ve pulled and bagged more than 350 bodies that no one else was willing to deal with. They laid them in white plastic body bags where municipal trucks can easily collect them, labeling them for any potential explosives found with the corpse.

“We saw that there were bodies everywhere, in the alleys and inside the houses,” Hosayni said. “I took my team and started implementing this idea by going to help municipality and government workers in removing these bodies before summer comes and disease spreads in the city.”

At first the authorities complained, telling her: “‘You don’t have to move ISIS bodies. Leave them there; the dogs will eat them.”

Hosayni replied, “But one or two dogs can’t eat them; there are thousands of bodies.”

A suspected execution room inside the basement of a collapsed building Al Maydan, the district of the Old City where ISIS made its last stand. Hosayni and her team say there are more than 100 rotting corpses here. So far they have pulled more than 30 bodies from this room n the last few weeks. (Adam Desiderio/VICE News)

After filming Hosayni’s team at work near the destroyed Al Nuri mosque, we followed them to Al Maydan — the Old City neighborhood where ISIS made its last stand — where they had been working on one particular site for weeks.

Bulldozers have started clearing a path where Souk Al-Samak Street once ran along the river, but almost nothing else has changed since the air bombardment flattened this district.

The ruins of arched and intricately carved stone doorways open onto inner courtyards like dioramas of the war, frozen in time: Human corpses in varying degrees of decay lying amid stray ordnance, broken china, plastic toy trucks, and discarded military apparel.

Two hundred yards up the street and on the right, the team pointed us to a building on the banks of the Tigris River. Scrambling through the collapsed masonry, we emerged into two mostly intact basement rooms with barred windows looking out onto the river. In the far room, buzzing with flies and inescapable stench, were dozens and dozens of corpses, stacked too deep to count, one on top of another. It seemed to be the remains of a mass execution.

The body collectors told us there were at least 100 bodies in here; the team had already cleared more than 30 but had barely made a dent in the mound of corpses.

23 year-old Sroor al-Hosayni, a former nurse, leads a team of volunteer body collectors pulling corpses out of a collapsed building in Al Maydan, the district of the Old City where ISIS made its last stand. Hosayni and her team of volunteers have been pulling bodies from what they say is an execution room in the basement of this building. (Adam Desiderio/VICE News)

We saw what appeared to be the bodies of children, though it was difficult to verify given the level of decay. We saw no weapons or military gear on the bodies. The team told us they could see bullet wounds to their heads.

There are reports that ISIS locked large numbers of people in rooms like this, using them as human shields during the final days of the conflict. Many of those families died in coalition airstrikes — but this room was intact. It’s possible they could have been executed by ISIS fighters as government forces closed in. But it’s not clear why ISIS would kill or dispose of civilians in this way.

There are also reports of Iraqi forces executing captured ISIS members in this exact neighborhood. Beards and long hair were still visible on some of the corpses, leading the body collectors to believe some could be men who may have been affiliated with ISIS. But speaking to VICE, a senior Iraqi military official rejected any notion that Iraqi forces may have been responsible for the killings and told us that the site had already been investigated, without providing further details.

One international organization that has documented instances where Iraqi security forces have been accused of carrying out executions is Human Rights Watch.

Belkis Wille, the lead Iraq investigator at Human Rights Watch, visited the site soon after we did. She told us she was unaware of any investigation having been done at this particular site, and that — whoever was responsible for the deaths — the removal of evidence was troubling given that this was potentially the site of a war crime.

**

“Sites like that need the proper forensic teams securing the site and conducting the analysis needed to determine whether this is indeed the site of a crime,” Wille told VICE News. “Despite promises by the prime minister at the end of the battle to investigate abuses, we haven’t seen any sign of that leading to teams coming in and doing the investigations necessary. And the question really is, at what point do these sites potentially lose their forensic value and lose the evidence?”

Inside the remains of Great Mosque of al-Nuri in Mosul, Iraq where ISIS leader Abu Bakr al-Baghdadi declared an Islamic State caliphate in 2014. (Adam Desiderio/VICE News)

But for the body collectors — and for many residents of Mosul — with the heat of summer approaching, the overwhelming priority right now is to clean up this city and begin rebuilding. The need to properly document and investigate potential war crimes isn’t at the top of the agenda.

“It’s time to focus on the living, not the dead,” was the mantra we heard from authorities and from many families trying to rebuild their shattered lives.

Nevertheless, the question of what happened in neighborhoods like Al Maydan and others in those final stages before victory was announced, and in the days shortly afterward, refuses to disappear.

In the ultimate stages of the battle to extinguish the last pockets of ISIS from Mosul last summer, access to the “fight zone” became increasingly restricted.

Baghdad declared the conflict officially over on July 10. The announcement, broadcast live on state television, came as a surprise to many, since there were explosions and gunfire still echoing out from the Old City where the last dregs of the Islamic State terrorist group were refusing to surrender.

Just a day before that, VICE News was one of the few outlets that managed to get past the cordon to join a general from Iraq’s elite counterterrorism brigade and an advance team of his men as they carefully picked their way across the booby-trapped rooftops of collapsed buildings in the district of Al Maydan to plant an Iraqi flag on the banks of the Tigris.

It was a journey through hell. The neighborhood had been pulverized by airstrikes and shelling throughout the campaign, but the intensity had grown as ISIS fell back to these ancient, narrow streets lined with buildings dating back to the 12th century. There was hardly a structure still intact, ordnance and bodies lined the route, some fresh, some bloated and badly decomposed from days or weeks in the sun.

Reaching the river was a symbol of having decisively broken through ISIS defensive lines, a long-awaited moment of triumph for the soldiers. But as the flag was raised and the soldiers took selfies, gunfire from a sniper still alive among the rubble sent the party scattering for cover. In those final days, as different units of Iraq’s security forces held impromptu victory celebrations after liberating neighborhoods, the question lingered of what the end of hostilities actually looks like when the enemy is hell-bent on fighting to the death.

We will likely never know who killed the people in the basement room of the house on Al-Samak Street — but as long as claims persist that extrajudicial killings by Iraqi security forces may have taken place, the stakes of not investigating those could be high. While there is little sympathy for ISIS right now in the devastated neighborhoods of Mosul, a culture of impunity for any abuses that were committed could set the stage for the same kinds of grievances that contributed to the group’s rise in the first place.

Cover image: The basement of a collapsed building in Al Maydan, the district of the Old City where ISIS made its last stand. Volunteers have been pulling bodies from what they say is an execution room filled with more than 100 corpses in the basement of this building. (Adam Desiderio/VICE News)