Gen. Flynn, Bijan Rafiekian, and Carter Page, Yikes

Posted on March 10, 2017March 11, 2017 by Denise Simon

It is a matter of procedure to investigate these kinds of activities and the people involved in them. In the case of national security and protocol violations, the checks and balances are required and this includes agencies such as the State Department, the FBI, the Justice Department and the Department of Homeland Security.

Bijan Rafiekian is Chairman, President, CEO and Secretary of the Flynn Intel Group, Inc. Other officers are Michael Flynn and Philip A Oakley.

–> 2 Items UPDATE:

1. More important names in the Flynn affair: Former FBI agent and Admiral

2. Supplemental Lobby Registration document

The Delaware filed NSD/FARA registration document is here. It was filed on March 7, 2017.

Further and quite curious is just how was Flynn lobbying Congress? Here is a document filed to the Senate as well along with payments.

12/21/16, Intelligence Online: “When he was a private consultant, Flynn worked for Inovo, a Dutch firm owned by Kamil Ekim Alptekin, the Turkish chairman of the U.S.-Turkey Business Council (USTBC) and a close advisor to President Recep Tayyip Erdogan. Alptekin is very well-connected to the Turkish government security apparatus. He is the chairman of the board of ATH Defence and Security Solutions Co, which sells monitoring and intelligence equipment. According to our sources, ATH supplies materiel to the Turkish intelligence service MIT (Milli Istihbarat Teskilati, and the Turkish police force’s intelligence units.”

12/15/16: Bloomberg: “[Flynn Intelligence Group] worked as a lobbyist for Inovo BV, a Dutch company with close ties to Turkish President Recep Erdogan.”

11/29/16, Al-Ahram Weekly: “[Trump’s] national security adviser, Lieutenant General Michael Flynn, a former head of the Pentagon’s Defense Intelligence Agency (DIA), has been outed for signing a contract with a Dutch company operating as a front for a Turkish government contractor with close ties to the Erdogan regime.”

11/19/16, AP: “[Flynn’s] his private consulting firm has lobbied for a company headed by a Turkish businessman tied to Turkey’s authoritarian, Islamist-leaning government, which cracked down on dissent and jailed thousands of opponents after a failed coup in July against Turkish President Recep Tayyip Erdogan.”

11/19/16, CNN: “According to the official document, Kelley was working on behalf of Inovo BV, a Dutch firm owned by Turkish businessman, Kamil Ekim Alptekin.
Alptekin told CNN in an email that the firm works to strengthen ‘the transatlantic relationship and Turkey’s future in that alliance.'” More here.

***

Bijan Rafiekian was a member of the Board of Directors of the Export-Import Bank of the United States and earlier in his career, he was president of GLOBTEL and Greezone Systems, Inc. At the Export-Import Bank, Rafiekian was assigned to work deals to export coal to third world countries.

Flynn’s company was paid $535,000 by Alpetkin between September of November of 2016 with an assigned focus to take on Fethullah Gulen, a Turkish cleric living in exile in Pennsylvania. If Trump and his White House press spokesperson declared they did not know about General Flynn’s outside lobby work, it is strains the fact that Bijan Rafiekian actually was named to the Trump transition team. Further, through this process, Flynn hired SGR LLC to do the public affairs work on the Inovo project. In all fairness however, all parties involved here were against Hillary Clinton winning the presidency. More here.

*** Another reason there is scrutiny of members of the early Trump team includes Carter Page.

WASHINGTON (AP) — At Moscow’s New Economic School, the annual graduation ceremony often features a prominent political figure. President Barack Obama addressed graduates at the prestigious institution in 2009. The former presidents of Mexico and the Czech Republic have spoken at recent ceremonies.

Last year, the university invited Carter Page, a little-known former investment banker and foreign policy adviser to then-U.S. presidential hopeful Donald Trump. It wouldn’t be the last time Page would draw unexpected — and some say outsized — attention for his relationship to Trump, his entanglements in Russia and the murky nexus between the two.

Page, who left the campaign before the election, has emerged as a key figure in the controversy surrounding Trump associates’ connections to Russia. The New York Times has reported that Page is among the Trump associates whose potential contacts with Russia are being investigated by the FBI. Congressional committees probing Russia’s hacking during the election and Trump campaign ties have asked Page to preserve materials related to their investigations.

For those who contend the scrutiny of Trump is overblown, Page is the sort of figure often associated with an understaffed presidential campaign that struggled to recruit policy advisers and spent little time vetting those who did join the team. But to those who believe Trump’s campaign was colluding with Russia as it hacked Democratic groups, Page may be the key link between the candidate and Moscow. Page contends he’s the target of a plot hatched by Trump’s former rival Hillary Clinton and allies who engaged in “severe election fraud in the form of disinformation, suppression of dissent, hate crimes and other extensive abuses.”

Page’s appearance at the Russian university immediately raised eyebrows.

For an adviser to an American presidential hopeful speaking overseas, his message was strikingly critical of the U.S. It came as Trump’s calls for warmer relations with the Kremlin were a source of criticism from Democrats and alarm from some fellow Republicans.

Washington had a “hypocritical focus on ideas such as democratization, inequality, corruption and regime change” in its dealings with Russia, Page said at the school.

Page and former Trump campaign officials say he made the trip in a personal capacity and not as a representative of the campaign. But university officials have been clear that Page’s connections and insight into the Trump campaign were the draw.

“We were interested in what was going on — already then, Trump’s candidacy raised eyebrows, and everyone was really curious,” said Shlomo Weber, the academic director at the New Economic School, in an interview with Komsomolskaya Pravda radio station.

A newsletter announcing Page’s visit read. “You are invited to a lecture by Carter Page, foreign policy adviser for Donald Trump’s election campaign.”

Page has said he asked for, and received, permission from the Trump campaign to appear in a personal capacity.

Page has offered contradictory answers about his contacts with Russian officials during his visit. On Thursday, he told The Associated Press he did not meet with Russian Deputy Prime Minister Arkady Dvorkovich, who also spoke at the graduation. But in September, he told The Washington Post that he did speak with Dvorkovich briefly.

Back in the U.S. a few days later, Page talked with Russia’s ambassador to the U.S. at an event on the sidelines of the Republican National Convention, according to a person with knowledge of the meeting. Attorney General Jeff Sessions spoke with the Russian envoy at the same event, a conversation he failed to reveal when asked about contacts with Russians during his Senate confirmation hearings.

Page, a former Merrill Lynch investment banker who worked out of its Moscow office for three years, now runs Global Energy Capital, a firm focused on energy sectors in emerging markets. According to the company’s website, he has advised on transactions for Gazprom and RAO UES, a pair of Russian entities.

In December, Page returned to Moscow, where he noted he had “the opportunity to meet with an executive from Rosneft,” the Russian oil giant, according to a video clip of his remarks posted on YouTube. Rosnet’s chairman, Igor Sechin, a close associate of Russian President Vladimir Putin, has been targeted by U.S. sanctions, though Page says he was not referring to Sechin in his remarks.

Some of the suspicion surrounding Page stems from the fact that no one who worked for the campaign can quite explain how he ended up on Trump’s list of foreign policy advisers. Page has also sidestepped those questions, saying he doesn’t want to put others “in the same damaged pot as myself.”

One campaign official said Page was recruited by Sam Clovis, an Iowa Republican operative who ran the Trump campaign’s policy shop and is now a senior adviser at the Agriculture Department. Clovis did not respond to messages from The Associated Press.

Trump has distanced himself from Page, saying he never met him. Those who served on the campaign’s foreign policy advisory committee also said they had limited contact with Page.

“Only met him once very briefly,” said George Papadopoulos, the director of the Center for International Energy and Natural Resources Law and Security in London.

But in a letter late Wednesday to the Senate Intelligence Committee, Page cast himself as a regular presence in Trump Tower, where the campaign was headquartered.

“I have frequently dined in Trump Grill, had lunch in Trump Café, had coffee meetings in the Starbucks at Trump Tower, attended events and spent many hours in campaign headquarters on the fifth floor last year,” Page wrote. He also noted that his office building in New York “is literally connected to the Trump Tower building by an atrium.”

Page stopped advising the campaign sometime around the end of summer, though the exact circumstances of the separation are unclear. After the campaign, Trump’s lawyers sent Page at least two cease and desist letters, according to another campaign official, who like others, insisted on anonymity because they were not authorized to discuss the matter publicly.

_

AP writers Jim Heintz in Moscow and Maria Danilova contributed to this report.

Operation Foal Eagle/Key Resolve 2017, B52 Bombers Prepare

Posted on March 9, 2017March 9, 2017 by Denise Simon

Foal Eagle 2017

Members of the Republic of Korea (ROK) Navy Underwater Dive Team examine an X-ray image of a possible mine in Jinhae, ROK, March 6, 2017, as part of exercise Foal Eagle 2017. Foal Eagle is an annual, bilateral training exercise designed to enhance the readiness of U.S. and ROK forces and their ability to work together during a crisis. (U.S. Navy Combat Camera photo by Mass Communication Specialist 3rd Class Alfred A. Coffield)

Key Resolve = RSOI, which stands for Reception, Staging, Onward Movement, Integration (and even earlier as Team Spirit). It is an annual command post exercise (CPX) held by United States Forces Korea, and conducted with the Republic of Korea Armed Forces.

Operation Foal Eagle is under way

***

January of 2016, days after North Korea claimed it tested a hydrogen bomb, the United States responded with a display of military might on the Korean Peninsula.

A B-52 bomber jet from Andersen Air Force Base in Guam flew over Osan, South Korea, on Sunday “in response to a recent nuclear test by North Korea,” United States Pacific Command said.

The B-52 was flanked by South Korean F-15 fighter jets and U.S. F-16 fighter jets.

“This was a demonstration of the ironclad U.S. commitment to our allies in South Korea, in Japan, and to the defense of the American homeland,” said PACOM Commander. More here from CNN.

***

A press report is telling us:

(KUNA) South Korea’s military said Thursday the joint annual exercise with the US will continue as planned, one day after China requested a halt according to Yonhap New Agency. The Chinese Foreign Minister Wany Yi proposed North Korea suspend its nuclear and missile activities in return for a halt to the war drills. This was rejected.

Image result for b52 nuclear bomber to south korea

Another press report from a source in the UK reports:

Donald Trump set to send B-52 NUCLEAR BOMBERS to South Korea after North fires missiles at Japan and US warns of ‘overwhelming’ response

Secretary of Defence James Mattis said the US “remains steadfast in its commitment” to the defence of its allies

Now US military chiefs are reportedly planning to fly in B-1 and B-52 bombers – built to carry nuclear bombs – to show America has had enough, according to the Korea Times.

South Korea and the US have also started their annual Foal Eagle military exercise sending a strong warning to North Korea over its actions.

A military official said 300,000 South Korean troops and 15,000 US personnel are taking part in the operation. Washington is also expected to deploy a series of strategic assets from the US as well as from military bases in Guam and Japan, reports the Korea Times.

The USS Carl Vinson, a Nimitz-class supercarrier, will join the Foal Eagle exercise after departing from San Diego.

The nuke-powered aircraft carrier will carry dozens of fighter jets, early warning aircraft and anti-sub craft.

It will be accompanied by the guided-missile cruiser USS Lake Champlain (CG-57) and two Arleigh Burke-class guided-missile destroyers.

From the US Marine Corps in Japan, F-35B stealth fighters will be deployed to the peninsula for the first time.

“An F-35B is capable of evading anti-aircraft radar and making preemptive strikes,” a military official said. More details here.

***

“The USS Carl Vinson is expected to arrive in Busan around March 15 to participate in the Foal Eagle exercise,” a USFK spokesman told reporters.

The South Korean and U.S. militaries on Wednesday kicked off the two-month field training exercise involving ground, air and naval forces. The U.S. supercarrier will make use of its air assets, as well as its escort ships in the maneuvers that aims to deter North Korean aggression.

Separately, the allies plan to start the Key Resolve computer-simulated command post exercise on March 13 for a two-week run. The U.S. is expected to deploy other strategic assets, such as the B-1B and B-52 bombers, with the tiltrotor V-22 Osprey to make an appearance, in a show of force against the North, which has stepped up its nuclear and missile threats. More here.

C’mon Trump, the IRGC IS a Terror Organization

Posted on March 8, 2017March 8, 2017 by Denise Simon

For a full report performed by European Iraqi Freedom Association on Iran’s Destructive Role in the Middle East, click here. In their report, EIFA alleges that the IRGC is “directly involved in the hidden occupation” of Iraq, Yemen, Syria and Lebanon and “meddling” in the internal affairs of at least eight countries, including Egypt, Bahrein, Jordan and Lebanon.

Revolutionary Guards Leading Iran’s Ballistic Missile Drive, Nuclear Weapons Program — Through Control Over Docks

Despite the United States placing the Iranian regime “on notice” for test-firing medium-range ballistic missiles in January, Tehran has taken no steps to change its behavior. Indeed, reports indicate that Iran test launched a new pair of ballistic missiles over the weekend.

New evidence was uncovered about the extent of control that the Islamic Revolutionary Guard Corps (IRGC), which is leading the mullahs’ ballistic missile drive, parallel to the nuclear program and pursuit of weapons of mass destruction, has over this.

In London on Tuesday, the National Council of Resistance of Iran (NCRI) held a press conference revealing that the IRGC has a growing grip over Iran’s key economic hubs. The NCRI cited intelligence gathered by sources linked to the People’s Mojahedin Organization of Iran (PMOI/MEK) from inside the regime, particularly among the IRGC rank and file. The data obtained in recent months clearly proves the IRGC has full control over 90 docks, which amount to 45% of Iran’s total official number of 212 piers.

The IRGC began setting up these “Bahman Docks” in 1982, by order of regime founder Ayatollah Ruhollah Khomeini. The group was instructed to manage its activities outside the authority of any state supervision and beneath the proverbial radar of international institutions.

Over the years since then, Supreme Leader Ali Khamenei has ordered the expansion of IRGC activity at these docks, and the further intertwining of the organization with the country’s economy. The main goal today, and previously, is to bypass international sanctions.

As a result, the IRGC now has complete control over Iran’s ground, sea and air borders, flooding the economy with a variety of imports without paying a single dollar in customs.

The IRGC has ports in Bandar Lengeh in Hormozgan Province, two docks in Abu Musa Island and another two in the Greater Tunb Island — among others.

In addition to exporting arms to Middle East militias, the IRGC takes advantage of these docks to smuggle oil, gasoline, natural gas, chemical products, cigarettes, narcotics, alcoholic beverages, mobile phones and pharmaceuticals. The IRGC reportedly pockets an annual revenue of around $12 billion from importing and exporting illicit goods through the docks.

According to the NCRI, the IRGC has also established a number of front companies tasked specifically with transferring weapons caches through the docks. This flow of arms continues non-stop, with only a small percentage having been discovered and blocked by the international community in recent years. And all this is in addition to the colossal official budget the IRGC receives from Tehran.

The new revelation is but another reason for the international community to take firm and swift action against the IRGC.

***

These PMOI sources helped to identify three organizations – Admiral Group, Hafez Daya Arya and Valfajr – as shipping companies being used as fronts for smuggling weapons to other countries throughout the region, in particular, Yemen.

Since most Yemani docks are closed to Iranian ships, the IRGC’s shell companies began using ports in nearby Oman to smuggle weapons into Yemen. The PMOI alleges that they primarily used Soltan Qaboos Port in Muscat, Sohar Port in North Oman and Salalah Port in South Oman. For the rest of their operations, the guard is operating in ports in the Hormozgan and Bushehr Provinces along the Persian Gulf, as well as, the Farsi and Faror Islands, the group charged. More here.

***

The Islamic Revolutionary Guard Corps (IRGC), reported that the IRGC is using civilian passenger jets operated by the Iranian airline Mahan Air to transfer weapons to Syria and Yemen and also to bring back the bodies of fallen fighters as well as injured fighters requiring treatment.

“In October 2016, a knowledgeable source at the U.S. Treasury Department told AP that the U.S. was trying to convince the E.U. to cooperate with American steps to disrupt Mahan Air’s financial flows. Five years ago, America leveled sanctions on Mahan Air due to its close ties to the IRGC and allegations that it was transferring weapons to Syria and Yemen, but thus far, the E.U. has not complied with these sanctions. More here.

Does the White House Know ‘all’ about North Korea?

Posted on March 8, 2017March 8, 2017 by Denise Simon

Check your personal cell phone, who manufactured it… ZTE is the No. 4 smartphone vendor in the United States, selling handset devices to U.S. mobile carriers AT&T Inc (T.N), T-Mobile US Inc (TMUS.O) and Sprint Corp (S.N).

Since 1995, the United States has provided North Korea with over $1.2 billion in assistance, of which about 60% has paid for food aid and about 40% for energy assistance. As of early March 2010, the United States is not providing any aid to North Korea, except for a small medical assistance program. The Obama Administration, along with the South Korean government, have said that they would be willing to provide large-scale aid if North Korea takes steps to irreversibly dismantle its nuclear program. The main vehicle for persuading Pyongyang to denuclearize is the Six-Party Talks, involving North Korea, the United States, China, South Korea, Japan, and Russia. The Talks have not met since late 2008.

North Korea did not militarily threaten the region until the Obama administration. Since, North Korea has taken exceptional steps in the realm of illicit activities, collusion, theft and shadow companies to finesse sanctions. China is essentially in the diplomatic field responsible for checks and balances on North Korea and once again is calling for a truce of sorts. This objective is not new and has failed each time.

Enter Japan, where the Prime Minister, Shinzo Abe who has been in contact with the White House is escalating responsive military actions against North Korea. This could lead to a much more hostile region. It seems that the recent missile launches coordinated with Iran are part of a mission to strike U.S. bases in the region. There are 3 of distinction, however the United States maintains additional joint locations.

Rattled by North Korean military advances, influential Japanese lawmakers are pushing harder for Japan to develop the ability to strike preemptively at the missile facilities of its nuclear-armed neighbor.

Japan has so far avoided taking the controversial and costly step of acquiring bombers or weapons such as cruise missiles with enough range to strike other countries, relying instead on its U.S. ally to take the fight to its enemies.

But the growing threat posed by Pyongyang, including Monday’s simultaneous launch of four rockets, is adding weight to an argument that aiming for the archer rather than his arrows is a more effective defense.

“If bombers attacked us or warships bombarded us, we would fire back. Striking a country lobbing missiles at us is no different,” said Itsunori Onodera, a former defense minister who heads a ruling Liberal Democratic Party committee looking at how Japan can defend against the North Korean missile threat. “Technology has advanced and the nature of conflict has changed.”

*** Meanwhile, as an indication of illicit activities and fraud, below is a sample.

China’s ZTE pleads guilty, settles with U.S. over Iran, North Korea sales

NEW YORK (Reuters) – Chinese telecom equipment maker ZTE Corp <000063.SZ> has agreed to pay $892 million and plead guilty to criminal charges for violating U.S. laws that restrict the sale of American-made technology to Iran and North Korea.

While a guilty plea deals a blow to ZTE’s reputation, the resolution could lift some uncertainty for a company that relies on U.S. suppliers for 25 percent to 30 percent of its components.

A five-year investigation found ZTE conspired to evade U.S. embargoes by buying U.S. components, incorporating them into ZTE equipment and illegally shipping them to Iran.

In addition, it was charged in connection with 283 shipments of telecommunications equipment to North Korea.

“ZTE Corporation not only violated export controls that keep sensitive American technology out of the hands of hostile regimes like Iran’s, they lied … about their illegal acts,” U.S. Attorney General Jeff Sessions said in a statement.

The investigation, spearheaded by the U.S. Department of Commerce, followed reports by Reuters in 2012 that ZTE had signed contracts to ship millions of dollars worth of hardware and software from some of the best-known U.S. technology companies to Iran’s largest telecoms carrier.

The Justice Department noted one Reuters article in its statement announcing the plea deal on Tuesday. The original report can be read here: http://www.reuters.com/article/us-iran-telecoms-idUSBRE82L0B820120322.

The company’s guilty pleas, which must be approved by a judge, will take place in U.S. District Court in Texas. The Shenzhen-based company has a U.S. subsidiary in Richardson, Texas.

In March 2016, ZTE was placed on a list of entities that U.S. firm could not supply without a license. ZTE acted contrary to U.S. national security or foreign policy interests, the Commerce Department said at the time.

ZTE purchases about $2.6 billion worth of components a year from U.S. technology companies, according to a company spokesman. Qualcomm (QCOM.O), Microsoft (MSFT.O) and Intel (INTC.O) are among its suppliers.

Items shipped in violation of U.S. export laws included routers, microprocessors and servers controlled under export regulations.

Authorities said executives at ZTE approved the scheme to prevent disclosure of the sales. The scheme included a data team that destroyed or sanitized materials involving ZTE’s Iran business after March 2012.

“Despite ZTE’s repeated attempts to thwart the investigation, the dogged determination of investigators uncovered damning evidence,” said Douglas Hassebrock, director of the Commerce Department office that led the investigation.

Last year, Commerce released internal documents showing senior ZTE executives instructing the company to carry out a project for dodging export controls in Iran, North Korea, Syria, Sudan and Cuba.

The company on Tuesday agreed to a seven-year suspended denial of export privileges, which could be activated if there are further violations. A denial order would bar the receipt of U.S. origin goods and technology.

The denial order is key to keeping ZTE in line, said Eric Hirschhorn, former Under Secretary at the Commerce Department, who was involved in the investigation.

“If the suspension is removed, they’ll probably be put out of business,” he said.

ZTE also agreed to three years of probation, a compliance and ethics program, and a corporate monitor.

The settlement includes a $661 million penalty to Commerce; $430 million in combined criminal fines and forfeiture; and $101 million paid to the Treasury’s Office of Foreign Assets Control (OFAC). The action marks OFAC’s largest-ever settlement with a non-financial entity.

ZTE also agreed to an additional penalty of $300 million to the U.S. Commerce Department that will be suspended during a seven-year term on the condition the company complies with requirements in the agreement.

In addition to being one of the world’s biggest telecommunications gear makers, ZTE is the No. 4 smartphone vendor in the United States, selling handset devices to U.S. mobile carriers AT&T Inc (T.N), T-Mobile US Inc (TMUS.O) and Sprint Corp (S.N).

WikiLeaks Releases CIA Cyber Docs, Problem?

Posted on March 7, 2017March 7, 2017 by Denise Simon

Primer: Steve Bannon works for President Trump in the White House.

Steve Bannon is a star – for Al-Qaeda, that featured him on the cover of their newspaper

Then this headline….

The new scandal headlines for today is WikiLeaks, telling us they published the largest cache of secret CIA documents relating to the CIA’s ability to hack, break encryption and install malware. This is a problem? The problem is not the tools the CIA has, the problem is that someone inside the agency stole them and delivered them to WikiLeaks.

It is a good thing that the agency has these resources, why you ask?

Well….try this…The threat is real from Russians, Chinese, North Korea, Iran, Syria, Ukraine, al Qaeda and Islamic State…

Remember Stuxnet? This was a successful joint program under the Bush presidency with Israel to infect the Iranian nuclear program and it was to forces the centrifuges to spin out of control, which they did. Ultimately, it caused the progress of the Iranian infrastructure to be delayed substantially. It was in fact later uncovered by cyber scientists working for Siemens, the hardware and software platform used as the operating system. Good right? Yes.

Well, there is more…

In recent years, Iran and North Korea have been sharing nuclear scientists and engineers, parts, testing and missile collaboration. So far, the missiles launched by North Korea for the most part have been unsuccessful, or at least did not achieve the ultimate objective and that is an official target strike. Why? Because of the United States. How so you ask?

Over the weekend, North Korea fired off 4 missiles in succession toward Japan. They did not reach the mainland but did reach the waterway that is part of the Japanese economic zone for maritime operations. We have American cyberwarriors that are doing effective work causing the missiles to fly off course or to technically fail. The objective is to use non-explosive weaponry to foul the North Korea and hence Iran’s missile program and while North Korea is not especially connected to the internet, some related systems are connected and then there is electronic warfare.

We know that Islamic State is a terror operation that has militant cells in an estimated 30 countries. While they have depraved methods of murder, rape and terror, they too have a cyber operation.

The Will to Act

One question is whether ISIS will be consumed with the protection and continued expansion of its immediate fighting fronts, i.e., the “near enemy,” or whether its scope of vision includes America’s homeland. The Economist advances a strong case that desire for such expansion not only exists but will be exercised: “With its ideological ferocity, platoons of Western passport holders, hatred of America and determination to become the leader of global jihadism, ISIS will surely turn, sooner or later, to the ‘far enemy’ of America and Europe.”

And perhaps any doubt the militant’s sights are on America was removed by ISIS leader Abu Bakr al-Baghdadi’s Sept. 22 call for jihadists to not wait for the order but to rise, take up arms, and “kill Americans and other infidels” wherever they are. Clearly the group is showing no hesitancy in its desire to strike the U.S. heartland on a personal scale.

Cyber Operations Capability?

As to whether ISIS will have the capability to mount cyber operations against the U.S., David DeWalt, head of cybersecurity firm FireEye, believes that ISIS will follow in the footsteps of the Syrian Electronic Army and the Iran-based Ajax Security Team to target the United States and other Western nations.

“We’ve begun to see signs that rebel terrorist organizations are attempting to gain access to cyber weaponry,” DeWalt stated recently. He added that booming underground markets dealing in malicious software make offensive cyber weapons just an “Internet transaction” away for groups such as ISIS. More here.

Is there more to this that we should know? Yes…

There is the Middle East and we have a major vested interest in the region.

***

Cybersecurity in the Gulf: The Middle East’s Virtual Frontline

Cybersecurity is often discussed in relation to the major global powers: China’s economic espionage, Russian influence operations, and U.S. dragnet global surveillance to thwart terrorism.

However, as other countries move to digitize their economies, cybercriminals are zeroing in on these new and lucrative targets while regional players are quickly incorporating cyber capabilities into their own arsenals for achieving strategic ends.

The Middle East, particularly the Gulf states, are quickly recognizing the urgent need for better cybersecurity, while regional adversaries such as Iran have begun weaponizing code as an extension of broader strategic goals within the region. What, though, is the Gulf’s current cybersecurity atmosphere, and how does Iran’s emerging use of offensive cyber capabilities fit into its broader strategy in the Middle East?

Wajdi Al Quliti, the Director of Information Technology at the Organization of Islamic Cooperation, notes that “the region’s dramatic strides towards digitization—expected to add over $800 billion to GDP and over 4 million jobs by 2020—is making the Gulf a major target for fast evolving cyber threats.” Much like other regions, the Gulf is finding it difficult to sufficiently create criminal deterrence due to segmented laws and difficulties in attribution. Al Quliti argues “cross-border cooperation and common cybersecurity structures could prove to be a game-changing advantage in the fight against cybercrime.” However, “the elephant in the room,” according to Al Quliti, “is the issue of state-sponsored hacking, in which case harmonized laws are unlikely to make a difference.”

A critical point in nation-state hacking in the Middle East begins with the Stuxnet worm. Discovered in 2010 burrowed deep in Iranian networks, the worm had slowly been sabotaging Iran’s nuclear ambitions. Then in 2011 CrySyS Lab discovered Duqu, a cyber espionage tool tailored to gather information from industrial control systems, and in 2012, Kaspersky Labs identified Flame, another espionage tool, targeting various organizations in the Middle East. Both Duqu and Flame are associated with Stuxnet and attributed back to the Equation Group, widely considered an arm of the National Security Agency.

In 2012, Iranian officials found a wiper virus erasing files in the network of the Oil Ministry headquarters in Tehran, leading the ministry to disconnect all oil terminals from the Internet to prevent the virus from spreading. It is uncertain who was behind the attacks, but a mere four months later, Saudi Arabia’s largest oil company, Saudi Aramco, was hit with a similar wiper virus known as Disttrack—possibly coopted from the previous attack on Iran’s oil industry.

The data-erasing malware sabotaged three-quarters, some 35,000 of the company’s computers while branding screens with an image of a burning American flag. A few months later, another wiper virus attacked Qatar’s RasGas.

Al Quliti identifies “the region’s heavy dependence on oil and gas—as well as the oil and gas-powered desalination plants that provide much of the region’s fresh water”—as “a source of cyber vulnerability,” adding that “any cyber attack on these installations could prove catastrophic and might result in a humanitarian disaster.”

The sabotage operations against the Gulf’s oil industry have been attributed by various cybersecurity firms—but not officially by any government—to a group called Shamoon, thought to be an arm of the Iranian government.

Michael Eisenstadt, the Director of the Military and Security Studies Program at the Washington Institute for Near East Policy, notes that “cyber allows Iran to strike at adversaries globally, instantaneously, and on a sustained basis, and to potentially achieve strategic effects in ways it cannot in the physical domain.” For example, in March 2016, the Justice Department indicted seven Iranian Revolutionary Guard members for distributed denial of service attacks against U.S. banks in 2012 in retaliation for Iran sanctions imposed the previous year, as well as for infiltrating the systems of a small New York dam in 2013—a possible testing ground for penetrating larger pieces of U.S. critical infrastructure. In 2014, the same year North Korea set its sights on Sony Pictures, Iran’s cyber capabilities again reached into the United States, using another wiper virus to sabotage the operations of the Las Vegas Sands casino, whose chief executive, a staunch supporter of Israel, had suggested detonating a nuclear bomb in the heart of Tehran.

Last November, right before a major OPEC meeting, a variation of the Disttrack wiper used against Saudi Aramco struck again, now fitted with a picture of Alan Kurdi, the drowned Syrian toddler who washed up in Turkey in 2015. The virus targeted six Saudi organizations, most notably the Saudi General Authority of Civil Aviation, delivering its payload at the close of business on a Thursday, the start of the Islamic weekend, for maximum impact. Some experts speculate the November attack could have also been a false-flag operation to derail the Iranian nuclear deal.

Interestingly, for both the 2012 and 2016 Shamoon attacks, the wiper came fitted with stolen login credentials that Symantec now believes could have been gleaned from a cyber espionage tool, known as Greenbug, found on one of the administrator computers of a Saudi organization targeted in November. The potential link between Greenbug and the Shamoon group opens up possible investigations into the group’s involvement in a host of other Greenbug attacks throughout the Middle East, including breaches in Saudi Arabia, Bahrain, Iraq, Qatar, Kuwait, Turkey, and even Iran—though likely for domestic surveillance on dissidents. Just last week, another wiper virus hit 15 Saudi organizations, including the Ministry of Labor, prompting the government to issue an urgent warning of pending Shamoon attacks.

Eisenstadt points out that “Iran’s cyber activities show that a third-tier cyber power can carry out significant nuisance and cost-imposing attacks,” and “its network reconnaissance activities seem to indicate that it is developing contingency plans to attack its enemies’ critical infrastructure.” According to Eisentadt, is now seems that “in the past decade, Iran’s cyber toolkit has evolved from a low-tech means of lashing out at its enemies by defacing websites and conducting DDoS attacks, to a central pillar of its national security concept.”

Beginning to understand why the CIA and the other agencies are building cyber command war-rooms?