Category Archives: Human Rights Violations United Nations

Deport Those Chinese Operatives Now

Posted on by

Have you read the newly released book titled ‘Bully of Asia’ by Steven W. Mosher? China is the single largest threat to global stability and Russia and Iran in second and third place.

Have you heard of the Thucydides Trap? China is an ascending power and just who is paying attention? Have you studied the fact that China is a major enabler of North Korea’s aggression behavior including the most recent launch of the intercontinental ballistic missile?

China is a thief. China has dispatched operatives throughout the West under the guise of cultural exchanges, students, temporary workers and journalists. It is all about espionage and cyberwar.

Image result for china spies photo

Hey State Department and DHS, get these operatives outta here. By the way, are there any sanctions on China with regard to PLA Unit 61398?

photo

Have you wondered what happened to that Obama Asia Pivot that he announced in 2011? The United States needs to pivot again and now.

Why?

This Beijing-Linked Billionaire Is Funding Policy Research at Washington’s Most Influential Institutions

The Chinese Communist Party is quietly reshaping public opinion and policy abroad.

FP: The Johns Hopkins University’s School of Advanced International Studies (SAIS), located just a short walk from Dupont Circle in Washington, D.C., is one of the top international relations schools in the United States. Its graduates feed into a variety of government agencies, from the State Department to the CIA, and the military. Its China studies program is especially well known; many graduates come away with expert knowledge of the language, culture, and politics of the United States’ most important strategic competitor.

In August, SAIS announced a new endowed professorship in the China Studies department as well as a new research project called the Pacific Community Initiative, which aims to examine “what China’s broader role in Asia and the world means for its neighbors and partners.”

What the SAIS press release did not say is that the money for the new initiatives came in part from the China-United States Exchange Foundation (CUSEF), a Hong Kong-based nonprofit. CUSEF is a registered foreign agent bankrolled by a high-ranking Chinese government official with close ties to a sprawling Chinese Communist Party apparatus that handles influence operations abroad, known as the “united front.”

The China-U.S. Exchange Foundation’s partnership with a premier U.S. academic institution comes amid a Chinese Communist Party push to strengthen its influence over policy debate around the globe. The Chinese government has sought to repress ideas it doesn’t like and to amplify those it does, and its efforts have met with growing success.

Even as Washington is embroiled in a debate over Russian influence in U.S. elections, it’s China that has proved adept at inserting itself in American politics.

“The Chinese approach to influence operation is a bit different than the Russian one,” said Peter Mattis, a fellow at the Jamestown Foundation. “The Russian one is much more about an operational objective and they work backward from that objective, saying, ‘How do we achieve that?’” But on the Chinese side, Mattis said, “they focus on relationships — and not on the relationships having specific takeaway value, but that someday, some way, those relationships might become valuable.”

The Chinese seek a kind of “ecological change,” he explained. “If they cultivate enough people in the right places, they start to change the debate without having to directly inject their own voice.”

The China-U.S. Exchange Foundation was founded in 2008 by Tung Chee-hwa, a Hong Kong shipping magnate who later served as the chief executive of the former British colony, where he championed the benefits of close ties to Beijing. Tung’s Hong Kong-based nonprofit conducts academic and professional exchanges, bringing U.S. journalists, scholars, and political and military leaders to mainland China. It also has funded research projects at numerous U.S. institutions, including the Brookings Institution, the Center for Strategic and International Studies, the Atlantic Council, the Center for American Progress, the East-West Institute, the Carter Center, and the Carnegie Endowment for Peace.

Tung’s foundation’s ties to the united front are indirect, but important. Tung currently serves as the vice chairman of one of the united front’s most important entities — the so-called Chinese People’s Political Consultative Conference, which is one of China’s two rubber-stamp assemblies.

The body is one of Beijing’s most crucial tentacles for extending influence.

In its newest project with SAIS, the foundation describes the Pacific Community Initiative as a “joint research project.” David Lampton, director of the university’s China Studies Program, said in an August press release that the new professor “will also be responsible for running our Pacific Community Initiative and work closely with the China-U.S. Exchange Foundation in Hong Kong.”

Lampton also confirmed that CUSEF funded the new programs. “Both the Initiative and the Professorship were made possible through the support of the China-U.S. Exchange Foundation,” he said in an emailed statement to Foreign Policy.

But he denied that CUSEF had attached any intellectual strings to its funding.

“There are absolutely no conditions or limitations imposed upon the Pacific Community Initiative or our faculty members by reason of a gift or otherwise,” Lampton told FP. “We have full confidence in the academic integrity and independence of these endeavors.”

CUSEF denies it acts as a vehicle for Beijing’s ideological agenda or has “any connections” to the united front. “We do not aim to promote or support the policies of any one government,” wrote a spokesperson for the foundation in an email.

This isn’t the first time SAIS and the foundation have worked together; they co-sponsored a conference on China’s economy in Hong Kong in March 2016, according to the school’s website. But a professorship and a major research project offer an opportunity for broader reach — the kind of global influence that Chinese President Xi Jinping has made a centerpiece of his policies. In October, at the meeting of the Communist Party that sets the national agenda for the next five years, Xi called for an expansion of the party’s overseas influence work, referring to the united front as a “magic weapon” of party power.

That quest to shape the global view of China isn’t the same thing as soft power, said James Leibold, a professor at La Trobe University in Melbourne who researches Chinese influence in Australia, where Beijing’s recent influence operations have sparked a national controversy.

China is an authoritarian state where the Communist Party rules with an iron fist, Leibold said — and that is what Beijing is trying to export.

“What we’re talking about here is not Chinese influence per se, but the influence of the Chinese Communist Party.”

In a joint project like the one at SAIS, that influence can be subtle rather than being heavy-handed, said Jamestown’s Mattis. “It’s the ability to privilege certain views over others, to create a platform for someone to speak,” he said. “When you have a role in selecting the platform and generating what I presume they hope are some of the bigger reports on U.S.-China relations in the next few years, that’s important.”

One goal of the joint research project is, in fact, to “yield a white paper to be submitted for endorsement by both the U.S. and Chinese governments,” a CUSEF spokesperson wrote in an emailed statement to FP.

While CUSEF representatives stress that it is not an agent of the Chinese Communist Party, the foundation has cooperated on projects with the the People’s Liberation Army and uses the same Washington public relations firm that the Chinese Embassy does.

One of those PLA projects is the Sanya Initiative, an exchange program that brings together U.S. and Chinese former high-ranking military leaders. On the Chinese side, the Sanya Initiative is led by a bureau of the PLA that engages in political warfare and influence operations, according to Mark Stokes, executive director of the Project 2049 Institute.

Sometimes the results of such high-level exchanges aren’t subtle. In February 2008, PLA participants in the Sanya Initiative asked their U.S. counterparts to persuade the Pentagon to delay publishing a forthcoming report about China’s military buildup, according to a segment excised from the 2011 annual report of the congressional U.S.-China Economic and Security Review Commission.

The U.S. members complied, though their request was not successful.

Exchanges and partnerships are not CUSEF’s only initiatives. As a registered foreign agent, in 2016 it spent just under $668,000 on lobbying, hiring the Podesta Group and other firms to lobby Congress on the topic of “China-U.S. relations.” The foundation has spent $510,000 on lobbying to date in 2017.

CUSEF also keeps on retainer the consulting and public relations firm BLJ Worldwide LTD, the same firm the Chinese Embassy in the United States uses. According to FARA filings, CUSEF currently pays the firm $29,700 a month to promote the foundation’s work and run a pro-Beijing website called China US Focus.

Whether through websites, partnerships, or endowments, China has learned to wrap its message in a palatable wrapper of U.S. academics and intellectuals, according to Mattis.

“Who better to influence Americans than other Americans?” he said.

Due to N Korea, Hawaii Goes to Nuclear Warning Systems

Posted on by

Image result for north korea ballistic missile test

photo

TOKYO/WASHINGTON (Reuters) – Japan has detected radio signals suggesting North Korea may be preparing for another ballistic missile launch, although such signals are not unusual and satellite images did not show fresh activity, a Japanese government source said on Tuesday.

After firing missiles at a pace of about two or three a month since April, North Korean missile launches paused in September, after Pyongyang fired a rocket that passed over Japan’s northern Hokkaido island.

“This is not enough to determine (if a launch is likely soon),” the source told Reuters.

Japan’s Kyodo news agency reported late on Monday that the Japanese government was on alert after catching such radio signals, suggesting a launch could come in a few days. The report also said the signals might be related to winter military training by the North Korean military.

South Korea’s Yonhap news agency, citing a South Korean government source, also reported that intelligence officials of the United States, South Korea and Japan had recently detected signs of a possible missile launch and have been on higher alert.

Image result for hi-ema photo

Hawaii reinstates Cold War-era nuclear attack warning signal amid North Korea tension

Hawaii is reinstating a statewide nuclear attack warning signal in December to prepare for a potential attack from North Korea.

The alarm, which has not been used since the Cold War, will be reinstated on Dec. 1 as part of a ballistic missile preparedness program, according to the Hawaii Emergency Management Agency (HI-EMA).

The agency instructed residents to immediately “Get inside, stay inside and stay tuned” if they hear the siren. Alerts will be sent to resident’s phones and broadcast on television and radio. “When [HI-EMA] started this campaign, there were concerns we would scare the public. What we are putting out is information based on the best science that we have on what would happen if that weapon hit Honolulu or the assumed targets,” said HI-EMA Administrator Vern Miyagi during an emergency preparedness presentation.

Since officials would have only 15 minutes or less of warning time before a North Korean missile’s impact, Hawaii residents are advised to have a designated place to go for shelter. “There will be no time to call our loved ones, pick up our kids and find a designated shelter. We should all prepare and exercise a plan ahead of time so we can take some comfort in knowing what our loved ones are doing,” said Miyagi in an interview with The Honolulu Star Advertiser.

Although the U.S. has conducted successful missile interception tests, there is no guarantee that the Navy would detect and intercept a target, the HI-EMA warns.

An HI-EMA fact sheet explains that, based on the estimated yield of North Korean missiles, there could be anywhere from 50,000 to 120,000 burn casualties and nearly 18,000 fatalities if an attack occurs.

After an attack, residents would have to stay sheltered in place until the HI-EMA has fully assessed the radiation and fallout, which could take a few hours or as long as 14 days, the agency says on its website.

State officials have been holding town halls to answer questions from residents.

Cottage Industry in U.S. for Refugee Resettlement

Posted on by

There was a time when the U.S. State Department along with associated agencies including USAID and the CIA would work to migrate countries from communism to democracies. After the rise of militant Islam and terror attacks around the world, countless gestures have been launched to destroy terror including of course war. Stable countries are now vulnerable and susceptible to radical migrant refugees and migrants.

Europe is in the worst condition and the United States is functioning in much the same manner. We constantly hear that the United States was built on immigrants and we invite legal immigration. Few conceive the notion that immigrants would not seek out America if there home countries were stable, democratic and functioning especially when the United States sends billions each year offshore for assistance and stability.

Meanwhile, America continues to budget and appropriate funds for migrants and refugees in the United States and more coming.

Image result for Reception and Placement Programphoto

For an exact sample on how the states operate, this site provided some great insight using Michigan.

Do you wonder what the total and comprehensive costs are for refugee resettlement? Well, the General Accounting Office is to report those costs, yet there seems to be no recent report. Meanwhile see pages 8-9 for the resettlement numbers by state by clicking here.

FY 2017 Notice of Funding Opportunity for Reception and Placement Program

Funding Procedures

Under current funding procedures, each agency with which the Bureau enters into a Cooperative Agreement (CA) is provided $2,025 for each refugee it sponsors who arrives in the United States during the period of the CA and is verified to have been placed and assisted by the agency. The funding is intended to supplement private resources available to the applicant and may be used at the local affiliates at which refugees are resettled and only for the direct benefit of refugees and for the delivery of services to refugees in accordance with program requirements as described in the CA. In addition, the Bureau funds national R&P Program management costs according to separately negotiated and approved budgets based on the applicant’s sponsorship capacity.

The annual ceiling for refugee admissions will be established by the President following consultations with the Congress towards the end of FY 2016. The FY 2017 appropriation and refugee ceiling have not yet been determined. For planning purposes, applicants should use the following refugee admissions projections as a baseline, although they may not necessarily be the regional or total ceilings that will be set by the President for FY 2017. Projections by region are as follows:

Africa — 30,000

East Asia — 12,000

Europe and Central Asia — 5,000

Latin America and the Caribbean — 5,000

Near East and South Asia — 44,000

Unallocated Reserve — 4,000

In addition, applicants should include 7,000 Special Immigrant Visa (SIV) recipients in their planning.

As in previous years, applicants should base their placement plans provided to PRM in response to this notice of funding opportunity on the capacity of their network of local affiliates, which will have consulted with resettlement partners in their communities in order to ensure that the placement plans are reasonable and appropriate. Should the FY 2017 Presidential Determination and appropriation processes result in ceilings that are different from the total capacity that has been proposed by all approved applicants, the Bureau will work with approved applicants, as necessary, to develop a revised plan, as it has in previous years. If you can stand it, continue the stipulations and grant procedures here.

***

It has become a cottage industry with almost zero checks and balances and your tax dollars? Well glad you asked. Check it:

Requirements to resettle refugees
To be selected as an R&P program agency, a non-governmental organization must apply to the PRM, which stipulates they meet three requirements:
1. Applicants must be “well-established social service providers with demonstrated case management expertise and experience managing a network of affiliates that provide reception and placement or similar services to refugees or other migrant populations in the United States;
2. (they must) have been in operation for at least three full years in non-profit status;
3. and document the availability of private financial resources to contribute to the program” (FY 2012 Funding Opportunity Announcement for Reception and Placement Program).

How it works 
Each agency enters into a Cooperative Agreement (CA) with the PRM and is provided $1800 per refugee it sponsors who arrives in the U.S. during the period of the CA. Resettlement agencies have voluntary agreements with the Office of Refugee Resettlement within the U.S. Department of Health and Human Services (US DHHS). The resettlement agencies generally receive seven to ten days notice prior to the arrival of a refugee so that they can assign a case manager, find housing, furniture, and purchase necessary household items. If the refugee has a relative or other tie already living in the U.S. (called an “anchor”), the resettlement agency usually establishes an agreement before the refugees arrive to determine the role the relative or tie will have in assisting the newly arrived refugee in accessing core services.

Service period & basic services
The R&P service period is thirty days long, but can be extended to up to ninety days if more time is necessary to complete delivery of R&P services, although some service agencies allow extensions of assistance based on a client’s needs. Basic support consists of the provision of:
1. Decent, safe, sanitary, and affordable housing
2. Essential furnishings
3. Appropriate food and food allowances
4. Necessary clothing
5. Assistance in applying for social security cards
6. Assistance in registering children in school
7. Transportation to job interviews and job training
8. At least two home visits
9. An initial housing orientation visit by a designated R&P representative or case manager
10. Assistance in obtaining health screening and mental health services
11. Obtaining employment services
12. Obtaining appropriate benefits
13. Referrals to social service programs
14. Enrollment in English as a Second Language instruction.
15. Pre-arrival processing & reception planning
16. Airport pickup
17. Hot meal on night of arrival
18. General case management
19. Development and implementation of a resettlement plan
20. Cultural orientation classes
21. Employment assessment and possible enrollment in UST’s employment program
22. Referrals to UST internal programs
23. Advocacy within government and social services agencies
24. Coordination of community volunteers that provide additional adjustment assistance
25. Follow up and basic needs support

If refugees are still in need of assistance after this 30-90 day period, they can seek aid from public benefit programs for up to seven years. Refugees retain their status as such for one year, and then are considered permanent residents for four years. After that, they can apply for U.S. citizenship.

Other services listed on our website are also accessible to our clients.  Some services are subject to office location.

 

Tillerson: Child Soldiers Conscription Violations

Posted on by

Image result for child soldiers

photo

The United Nations has a list of shame, fine but it is merely a list and a gesture.

Child soldiers are children (under 18) who are used for military purposes.

Some child soldiers are used for fighting – they’re forced to take part in wars and conflicts, forced to kill, and commit other acts of violence. Some are forced to act as suicide bombers. Some join ‘voluntarily’, driven by poverty, sense of duty, or circumstance.

Other children are used as cooks, porters, messengers, informants, spies or anything their commanders want them to do. Child soldiers are sometimes sexually abused.

Afghanistan, Central African Republic, Democratic Republic of Congo, India, Myanmar, the Occupied Palestinian Territory, Thailand, the UK and Yemen all use child soldiers, meaning on person under the age of 18. 

Image result for child soldiers afghanistan photo (attribution for photo removed due to malware alert)

Exclusive – State Dept. revolt: Tillerson accused of violating U.S. law on child soldiers

WASHINGTON (Reuters) – A group of about a dozen U.S. State Department officials have taken the unusual step of formally accusing Secretary of State Rex Tillerson of violating a federal law designed to stop foreign militaries from enlisting child soldiers, according to internal government documents reviewed by Reuters.

A confidential State Department “dissent” memo not previously reported said Tillerson breached the Child Soldiers Prevention Act when he decided in June to exclude Iraq, Myanmar, and Afghanistan from a U.S. list of offenders in the use of child soldiers. This was despite the department publicly acknowledging that children were being conscripted in those countries.[tmsnrt.rs/2jJ7pav]

Keeping the countries off the annual list makes it easier to provide them with U.S. military assistance. Iraq and Afghanistan are close allies in the fight against Islamist militants, while Myanmar is an emerging ally to offset China’s influence in Southeast Asia.

Documents reviewed by Reuters also show Tillerson’s decision was at odds with a unanimous recommendation by the heads of the State Department’s regional bureaus overseeing embassies in the Middle East and Asia, the U.S. envoy on Afghanistan and Pakistan, the department’s human rights office and its own in-house lawyers. [tmsnrt.rs/2Ah6tB4]

“Beyond contravening U.S. law, this decision risks marring the credibility of a broad range of State Department reports and analyses and has weakened one of the U.S. government’s primary diplomatic tools to deter governmental armed forces and government-supported armed groups from recruiting and using children in combat and support roles around the world,” said the July 28 memo.

Reuters reported in June that Tillerson had disregarded internal recommendations on Iraq, Myanmar and Afghanistan. The new documents reveal the scale of the opposition in the State Department, including the rare use of what is known as the “dissent channel,” which allows officials to object to policies without fear of reprisals.

The views expressed by the U.S. officials illustrate ongoing tensions between career diplomats and the former chief of Exxon Mobil Corp appointed by President Donald Trump to pursue an “America First” approach to diplomacy.

INTERPRETING THE LAW

The child soldiers law passed in 2008 states that the U.S. government must be satisfied that no children under the age of 18 “are recruited, conscripted or otherwise compelled to serve as child soldiers” for a country to be removed from the list. It currently includes the Democratic Republic of Congo, Nigeria, Somalia, South Sudan, Mali, Sudan, Syria and Yemen.

”The Secretary thoroughly reviewed all of the information presented to him and made a determination about whether the facts presented justified a listing pursuant to the law,” a State Department spokesperson said when asked about the officials’ allegation that he had violated the law.

In a written response to the dissent memo on Sept. 1, Tillerson adviser Brian Hook acknowledged that the three countries did use child soldiers. He said, however, it was necessary to distinguish between governments “making little or no effort to correct their child soldier violations … and those which are making sincere – if as yet incomplete – efforts.”

Hook made clear that America’s top diplomat used what he sees as his discretion to interpret the law.

‘A POWERFUL MESSAGE’

Foreign militaries on the list are prohibited from receiving aid, training and weapons from Washington unless the White House issues a waiver based on U.S. “national interest.” In 2016, under the Obama administration, both Iraq and Myanmar, as well as others such as Nigeria and Somalia, received waivers.

At times, the human rights community chided President Barack Obama for being too willing to issue waivers and exemptions, especially for governments that had security ties with Washington, instead of sanctioning more of those countries.

“Human Rights Watch frequently criticized President Barack Obama for giving too many countries waivers, but the law has made a real difference,” Jo Becker, advocacy director for the children’s rights division of Human Rights Watch, wrote in June in a critique of Tillerson’s decision.

The dissenting U.S. officials stressed that Tillerson’s decision to exclude Iraq, Afghanistan and Myanmar went a step further than the Obama administration’s waiver policy by contravening the law and effectively easing pressure on the countries to eradicate the use of child soldiers.

The officials acknowledged in the documents reviewed by Reuters that those three countries had made progress. But in their reading of the law, they said that was not enough to be kept off a list that has been used to shame governments into completely eradicating the use of child soldiers.

‘UNCONSCIONABLE ACTIONS’

Ben Cardin, ranking Democrat on the U.S. Senate Foreign Relations Committee, wrote to Tillerson on Friday saying there were “serious concerns that the State Department may not be complying” with the law and that the secretary’s decision “sent a powerful message to these countries that they were receiving a pass on their unconscionable actions.”

The memo was among a series of previously unreported documents sent this month to the Senate Foreign Relations Committee and the State Department’s independent inspector general’s office that relate to allegations that Tillerson violated the child soldiers law.

Legal scholars say that because of the executive branch’s latitude in foreign policy there is little legal recourse to counter Tillerson’s decision.

Herman Schwartz, a constitutional law professor at American University in Washington, said U.S. courts would be unlikely to accept any challenge to Tillerson’s interpretation of the child soldiers law as allowing him to remove a country from the list on his own discretion.

The signatories to the document were largely senior policy experts with years of involvement in the issues, said an official familiar with the matter. Reuters saw a copy of the document that did not include the names of those who signed it.

Tillerson’s decision to remove Iraq and Myanmar, formerly known as Burma, from the list and reject a recommendation by U.S. officials to add Afghanistan was announced in the release of the government’s annual human trafficking report on June 27.

Six days earlier, a previously unreported memo emailed to Tillerson from a range of senior diplomats said the three countries violated the law based on evidence gathered by U.S. officials in 2016 and recommended that he approve them for the new list.

It noted that in Iraq, the United Nations and non-governmental organizations “reported that some Sunni tribal forces … recruited and used persons younger than the age of 18, including instances of children taking a direct part in hostilities.”

Ali Kareem, who heads Iraq’s High Committee for Human Rights, denied the country’s military or state-backed militias use child soldiers. ”We can say today with full confidence that we have a clean slate on child recruitment issues,” he said.

The memo also said “two confirmed cases of child recruitment” by the Myanmar military “were documented during the reporting period.” Human rights advocates have estimated that dozens of children are still conscripted there.

Myanmar government spokesman Zaw Htay challenged accusers to provide details of where and how child soldiers are being used. He noted that in the latest State Department report on human trafficking, “they already recognized (Myanmar) for reducing of child soldiers” – though the report also made clear some children were still conscripted.

The memo said further there was “credible evidence” that a government-supported militia in Afghanistan “recruited and used a child,” meeting the minimum threshold of a single confirmed case that the State Department had previously used as the legal basis for putting a country on the list.

The Afghan defense and interior ministries both denied there were any child soldiers in Afghan national security forces, an assertion that contradicts the State Department’s reports and human rights activists.

A Wide Look at North Korea’s WMD Operations

Posted on by

Image result for north korea defector shot

photo

Primer:

South Korean surgeons operating on a North Korean defector who escaped across the Demilitarized Zone between the two countries under a hail of gunfire on Nov. 13 have found a parasite in the man’s stomach unlike any other they had seen.

The defector, who was shot five times, remained in critical condition after hours in two rounds of surgery, according to an article in the Korea Biomedical Review published on Nov. 15.

North Korean Cyber Operations: Weapons of Mass Disruption

Over the past 10 years, the escapades of various nation-state actors in the cyber realm have exploded onto the pages of top-tier media, and into prime time network news.

Russian espionage against political targets during the 2016 US presidential election, wide reaching Chinese espionage against Western commercial targets, disruptive attacks against the US financial sector associated with Iran, and the destructive attacks against Sony Pictures Entertainment (SPE) are some of the premier examples of mainstream coverage of ‘cyber.’

Behind every single offensive cyber action conducted in the interest of the capable nation-states is a doctrine,[1] and North Korea, like many other nation-states, has incorporated cyber operations within their own broader military doctrine and has conducted numerous offensive operations in the furtherance of their national agenda. What is particularly alarming about DPRK operations is their willingness to initiate escalatory actions, such as their likely connections to the now infamous WannaCry ransomware, and their targeting of the global financial system.

North Korea’s disregard for the consequences of its actions sets them apart from other nation-states, and is particularly dangerous.

North Korean offensive cyber operations have been conducted to collect sensitive political and military intelligence information, to lash out at enemies who threaten their beliefs and interests, and most interestingly, to generate revenue.

This revenue generation aspect of North Korean operations was thrust into the international spotlight when, in early 2016, unauthorized transfers of funds from the Bangladesh Central Bank were issued using the Society for Worldwide Interbank Financial Telecommunication (SWIFT) network for global banking. The attempted transfers amounting to over $950 million USD sought to move funds to entities in locations such as Sri Lanka and the Philippines; ultimately $81 million USD in funds disappeared into the ether.

The subsequent investigation revealed that the perpetrators of the attack used tools to securely delete records from the SWIFT terminals that would alert Bangladesh Central Bank employees of the transfers. Commonly referred to as a “wiper,” this secure deletion tool contained code that was linked by many in the computer security industry to one used in attacks associated with North Korea, notably the attack on SPE through a US Computer Emergency Response Team (USCERT) alert. The revelation that a state would engage in such a flagrant violation of international norms came as a surprise to many in the information security arena. North Korea watchers were, of course, not surprised as the currency generation activities benefiting the Kim family and their isolated nation have been well understood for some time.

The 2016 SWIFT attacks associated with North Korea are part of the broader currency generation operations of DPRK cyber actors and intelligence organizations. Botnets associated with espionage activity targeting South Korea have been used to generate revenue through a variety of schemes for almost 10 years. Recent DPRK activity suggests an interest in obtaining cryptocurrency, such as bitcoin, through extortion and targeting of cryptocurrency exchanges.

In the third quarter of 2017, for instance, malicious emails containing weaponized documents were used to target international financial organizations, as well as bitcoin exchanges. The ultimate goal of these attacks, which were tracked by the information security community under names such as Stardust Chollima and BlueNoroff, is yet unknown, however theft and sabotage are likely.

Bitcoin provides attractive benefits to the isolated nation due to a lack of regulation and the ability to subvert international sanctions. In May 2017, ‘WannaCry’ exploded across the internet, encrypting sensitive material and holding the keys to decrypt the files for a ransom to be paid in bitcoin. This attack, too, had North Korean fingerprints embedded in the code used to execute the attack, as did the tools that were used to develop that code.

Attribution is a particularly sensitive subject in the cyber domain. Technical artifacts from the executable code that was used to conduct the WannaCry attack overlaps with code used in attacks against South Korean nuclear power plants and the SPE attack of 2014. While the technical artifacts can provide some measurable connections between the attacks, they require deep technical understanding to interpret. Other linkages, such as targeting and operational procedures, are the product of intelligence assessments and have been disputed by various parties muddying the water surrounding the assigning of attribution.

North Korea is an exception to the classical understanding of how most nations implement offensive cyber operations in that they incorporate espionage, disruptive/destructive attacks and financially motivated operations using the same computer code and infrastructure.

The value of cyber operations is likely recognized by North Korea’s most senior leadership through the State Affairs Commission (SAC), the General Staff of the Korean People’s Army, and Kim Jong Un himself. Subordinate units, notably the Reconnaissance General Bureau (RGB), Bureau 121, and the Command Automation Bureau (CAB), are likely responsible for executing the specific operations. The individual units may have a charter to self- finance their operations, or to contribute financial gains back to the regime, but it seems clear that various offensive operations are conducted by differing groups with their own approach and missions. For example, one group may have a primary focus on revenue generation, targeting South Korean banks and SWIFT and conducting extortive attacks, while another group might focus on intelligence collection, while a third conducts sabotage and destructive attacks.

Finally, the maturity of North Korean offensive cyber operations has been demonstrated through the integration of destructive attacks by cyber units during military exercises executed in the midst of escalating tension with South Korea. For instance, following the December 2012 launch of the Kwangmyongsong-3 satellite via the Unha-3 satellite launch vehicle, tensions on the Korean peninsula were high. That March, following the passing of UN Security Council Resolution (UNSCR 2087) and B-52 strategic bomber overflights in South Korea, North Korea responded with a particularly aggressive disruptive attack against South Korea.

This massive wiper attack targeted South Korea’s financial and media sectors and coincided with provocations by North Korean military and escalating political rhetoric. This pairing allowed for maximum psychological impact, while demonstrating North Korea’s ability to integrate offensive cyber activities into well-developed military doctrine. During these attacks, the Korea Broadcasting System (KBS), Munhwa Broadcasting Corporation (MBC), Yonhap Television News (YTN) and several Korean financial institutions reported disruptions. With the threat of military escalation on the table, many in South Korea would have depended on the media outlets for breaking news. Disruption of ATM networks and financial institutions would further add to the chaos as word of media disruptions began to spread.

As tensions are once again escalating between North Korea and the international community, more attacks perpetrated by DPRK cyber actors are likely. The recent increase in financial sector targeting associated with these actors may illustrate the potential for disruptive attacks to demonstrate both the capability of the North Korean actors, as well to achieve objectives in line with their broader military doctrine. While North Korea’s isolation may be detrimental to its economy and international relations, it is an effective shield from which to launch offensive cyber operations against a connected and delicate global system.

  1. [1]

    In order to establish some common definitions, we can look to the United States Department of Defense, who established Computer Network Operations (CNO) as a component of the broader Information Operations (Information Warfare) arena. CNO is further categorized into Computer Network Exploitation (CNE), Computer Network Attack (CNA), and Computer Network Defense (CND). Offensive cyber operations conducted by nation-states using this model would be considered CNE and CNA. The use of CNE can be roughly characterized as espionage, whereas CNA would be used to degrade, deny, disrupt, or destroy the network based systems of an adversary. This model can help provide a clear delineation of how various military, intelligence community, and law enforcement agencies with their authorities are able to conduct operations. China, Russia, Iran and virtually every nation-state in the world conduct CNE/CNA operations in accordance with their legal authorities and national interests.

    ***

    There are other weapons few discuss.

    Pyongyang has already achieved partial coverage of US territories. Last June, in a hearing before the US House Armed Services Committee, the head of the US Missile Defense Agency, Vice Admiral James Syring, said: “The advancement and demonstration of technology of ballistic missiles from North Korea in the last six months have caused great concern to me and others. It is incumbent on us to assume that North Korea today can range the US with an ICBM carrying a nuclear warhead.”

    This particular endeavor was likely assisted by Tehran. A February 2016 report by the Congressional Research Service concluded, “Iran has likely exceeded North Korea’s ability to develop, test, and build ballistic missiles.” Tehran might be, and probably is, helpful to Pyongyang with respect to technological aspects of the nuclear sphere as well.

    The nuclear component within the spectrum of North Korea’s weapons of mass destruction (WMDs) is evidently growing. The big question is whether the country’s despot, Kim Jong-un, will be the first person to use nuclear weapons since 1945.

    Quite recently, Kim elected to employ a highly lethal chemical weapon, the nerve agent VX, for a political assassination. This weapon was used last February by two female operatives, one Indonesian and the other Vietnamese, to murder Kim Jong-un’s estranged half-brother, Kim Jong-nam, in Malaysia. The victim died shortly after being assaulted by the two women, who wiped VX on his face as he prepared to board a flight to the Chinese territory of Macau. Traces of VX were revealed on swabs taken from his eyes and face.

    This deadly chemical agent was probably smuggled from North Korea to Malaysia, which in and of itself was an intriguing and risky move. Six of eight potential suspects were from Pyongyang’s Ministries of State Security and Foreign Affairs. The suspects flew from Kuala Lumpur on the day of the assassination, passing through Vladivostok on their way back to Pyongyang. South Korea’s request to detain four of the suspects was rejected by Russian officials on the grounds of lack of evidence.

    It can be assumed that Kim Jong-un was in on the plot from its inception. Symbolically, at least, this political assassination by VX can be regarded as an indication of Pyongyang’s chemical weapons (CW) capabilities. Whether the regime intended it to or not, the assassination signaled the readiness, usability, and deployability of North Korea’s VX, which can be used for guerrilla warfare, chemical terrorism, or wide-scale chemical attack.

    VX is also weaponized within warheads carried by ballistic missiles in Pyongyang’s  vast CW arsenal. The North Korean ballistic program constitutes the principal, though not the only, vehicle for all three WMD programs. The CW and biological weapons (BW) programs are fully matured and have marked operational offensive capabilities. Inadequate attention is being paid to Pyongyang’s large-scale offensive capacities in terms of CW and BW, but the VX political assassination incident was a wake-up call (if unintentional). More here.