China Used ‘Mass Surveillance’ on Thousands of Americans’ Phones

Posted on December 19, 2020December 19, 2020 by Denise Simon

Is the Caribbean Smartphone Market Closer to Asia than America? - Droid Island

Newsweek reports: A mobile security expert has accused China of exploiting cellphone networks in the Caribbean to conduct “mass surveillance” on Americans.

China Regional Snapshot: The Caribbean - Committee on Foreign Affairs

Gary Miller, a former vice president of network security at California-based analytics company Mobileum, told The Guardian he had amassed evidence of espionage conducted via “decades-old vulnerabilities” in the global telecommunications system.

While not explicitly mentioned in the report, the claims appear to be centered around Signaling System 7 (SS7), a communications protocol that routes calls and data around the world and has long been known to have inherent security weaknesses.

According to Miller, his analysis of “signals data” from the Caribbean has shown China was using a state-controlled mobile operator to “target, track, and intercept phone communications of U.S. phone subscribers,” The Guardian reported.

Miller claimed China appeared to exploit Caribbean operators to conduct surveillance on Americans as they were traveling, alleging that attacks on cell phones between 2018 to 2020 likely affected “tens of thousands” of U.S. mobile users in the region.

“Once you get into the tens of thousands, the attacks qualify as mass surveillance,” the mobile researcher said, noting the tactic is “primarily for intelligence collection and not necessarily targeting high-profile targets.” Miller continued: “It might be that there are locations of interest, and these occur primarily while people are abroad.”

A previous analysis paper covering 2018-2019, also titled Far From Home, contained a series of similar espionage claims about SS7, alleging that “mass surveillance attacks” in 2018 were most prevalent by China and Caribbean mobile networks. More here.

But hold on…. it does not stop there….we also have the Channel Islands…

Pin on Guernsey Island

Remarkable investigative details here.

The Bureau: Private intelligence companies are using phone networks based in the Channel Islands to enable surveillance operations to be carried out against people around the world, including British and US citizens, the Bureau of Investigative Journalism can reveal following a joint reporting project with the Guardian.

Leaked data, documents and interviews with industry insiders who have access to sensitive information suggest that systemic weaknesses in the global telecoms infrastructure, and a particular vulnerability in Jersey and Guernsey, are being exploited by corporate spy businesses.

These businesses take advantage of some of the ways mobile phone networks across the world interact in order to access private information on targets, such as location information or, in more sophisticated applications, the content of calls and messages or other highly sensitive data.

The spy companies see phone operators in the Channel Islands as an especially soft route into the UK, according to industry experts, who say the attacks emanating from the islands appear to be targeted at individuals rather than cases of “mass” surveillance. The Bureau understands that the targets of this surveillance have been spread across the globe, and included US citizens as well as people in Europe and Africa.

Ron Wyden, the Oregon senator and privacy advocate, described the use of foreign telecom assets to spy on people in the US as a national security threat.

“Access into US telephone networks is a privilege,” he said in response to the Bureau’s findings. “Foreign telecom regulators need to police their domestic industry – if they don’t, they risk their country being cut off from US roaming agreements.”

Markéta Gregorová, the European Parliament’s chief negotiator on trade legislation for surveillance technology, called for “immediate regulatory, financial and diplomatic costs on companies and rogue jurisdictions” that enabled these practices.

“Any commercial or governmental entity, foreign or domestic which enables the facilitation of warrantless cyber-attacks on European citizens deserves the full force of our justice system,” she told the Bureau.

Pelosi Refusing to Advance China Task Force Legislation Items

Posted on December 17, 2020December 17, 2020 by Denise Simon

Primer: China's Xi Jinping warned Trump could sow 'chaos' after 2016 election - Business Insider

On September 25, 2015, during CCP General Secretary Xi’s state visit to the United States, President Obama and Xi gave remarks to the press in the White House Rose Garden. The two leaders announced that they had agreed “neither the U.S. or the Chinese government will conduct or knowingly support cyber-enabled theft of intellectual property, including trade secrets or other confidential business information for commercial advantage.” Xi also pledged that “China does not intend to pursue militarization” of the South China Sea. Neither of these promises to the American people were made in good faith. Today, “China is using cyber-enabled theft as part of a global campaign to ‘rob, replicate, and replace’ non-Chinese companies in the global marketplace,” according to Assistant Attorney General John Demers. Meanwhile, the PRC’s military outposts in the South China Sea have been proven “capable of supporting military operations and include advanced weapon systems,” according to the Pentagon.

October 01, 2020 Congressional Record

COUNTERING THREAT OF CHINESE COMMUNIST PARTY The SPEAKER pro tempore. The Chair recognizes the gentleman from Pennsylvania (Mr. Joyce) for 5 minutes. Mr. JOYCE of Pennsylvania. Mr. Speaker, after months of hard work and collaboration, the China Task Force has released our final report, which includes more than 400 solutions to counter the growing threat of the Chinese Communist Party.

This report is the framework for combating the aggressive Chinese Communist regime. After meeting with more than 130 experts, we developed realistic and achievable solutions that take a comprehensive approach to strengthening America’s national security and holding the Chinese Government accountable. We realized that out of our 400 recommendations, 180 are legislative solutions, of which 64 percent are bipartisan and one-third have already passed either the House or the Senate.

Mr. Speaker, these are commonsense solutions that we can vote on today to strengthen our strategic position for tomorrow. As the only physician serving on the China Task Force, it was my privilege to delve into opportunities to strengthen our supply chains and ensure that Americans are never again beholden to the Chinese Government for key medicines or healthcare supplies.

On the Health and Technology Subcommittee, I led efforts to strengthen [[Page H5110]] the supply chains for medicines, semiconductors, and other vital materials. Congress has passed several provisions aimed at advancing research and the manufacturing of critical medical supplies here in the United States. We also created new reporting requirements to help us better understand international supply chains and counter vulnerabilities in the system.

To bolster our technology supply chain, I cosponsored H.R. 7178, the CHIPS Act, to increase domestic production of advanced semiconductors, which will help Americans to develop next-generation telecom technology, fully automated systems, and, importantly, new weapons systems. I also introduced the ORE Act, H.R. 7812, to incentivize the domestic production of rare earth materials, which is key to breaking the Chinese monopoly on critical supply chains. America cannot allow China to win the race to next-generation technology. We want innovative breakthroughs to happen here in this country, and the China Task Force is making progress through the legislative process. As a leader on the competitiveness committee, I focused on issues ranging from combating Chinese Communist-sponsored theft of intellectual property to exposing the influence of the Chinese in U.S. research institutions and countering the importation of illicit fentanyl.

Too often, American companies are being coerced to surrender intellectual property to the Chinese Government in order to gain entry into the Chinese marketplace. In extreme cases, we hear of outright theft by Chinese hackers and agents. The China Task Force has produced recommendations that direct the Federal Government to ramp up investigations of individuals acting as pawns of the Chinese Communist Party and enforce antitheft laws.

Our Nation has also seen wholesale efforts of the Chinese Government to steal research and gain influence at United States universities. In my own backyard, the FBI arrested a former Penn State researcher suspected of espionage. The task force has compiled provisions to increase transparency and accountability in the higher education system, and I introduced legislation to close loopholes and force the disclosure of all foreign money in our research systems. Finally, we must stop illicit fentanyl from reaching our communities and killing our neighbors.

The China Task Force has produced recommendations to stop the importation of these devastating analogues from China. In the House, I cosponsored legislation to hold foreign nations, including China, accountable if they fail to cooperate with U.S. narcotics control efforts and prosecute the production of fentanyl in their countries. I thank Senator Toomey for championing this provision in the Senate.

By implementing these solutions, we can make America safer, stronger, and better equipped to lead in the 21st century. The China Task Force final report is a framework. It is our playbook to make a difference. While our work on this report has finished, our commitment to this cause must and will continue. Phase two starts today.

The 141 page report is found here.

Space Command Alarmed at Russia’s Anti-Satellite Weapons Test

Posted on December 17, 2020December 17, 2020 by Denise Simon

WASHINGTON — Russia conducted its second test this year of a direct ascent anti-satellite missile test, according to a U.S. Space Command, yet again drawing sharp criticism from the U.S.

“Russia has made space a war-fighting domain by testing space-based and ground-based weapons intended to target and destroy satellites. This fact is inconsistent with Moscow’s public claims that Russia seeks to prevent conflict in space,” said Space Command head Gen. James Dickinson in a statement. “Space is critical to all nations. It is a shared interest to create the conditions for a safe, stable and operationally sustainable space environment.”

Space Command said the direct-ascent anti-satellite missile tested is a kinetic weapon capable of destroying satellites in low Earth orbit. A similar anti-satellite missile test by India in March 2019 that destroyed the nation’s own satellite on orbit drew criticism from observers, who noted that the debris created from the threat could cause indirect damage to other satellites.

Russia has completed tests of its Nudol ballistic-missile system several times in recent years, including in April of this year. Nudol can be used as an anti-satellite weapon and is capable of destroying satellites in low Earth orbit. According to the CSIS Aerospace Security Project’s “Space Threat Assessment 2020,” Russia conducted its seventh Nudol test in 2018.

Under the Trump administration, the U.S. has used the development and testing of anti-satellite weapons by Russia and China as a justification for creating both Space Command and the U.S. Space Force in 2019.

“The establishment of U.S. Space Command as the nation’s unified combatant command for space and U.S. Space Force as the primary branch of the U.S. Armed Forces that presents space combat and combat support capabilities to U.S. Space Command could not have been timelier. We stand ready and committed to deter aggression and defend our nation and our allies from hostile acts in space,” Dickenson said.

Acting Secretary of Defense Christopher C. Miller made similar comments last week as the White House released a new National Space Policy, which calls for the U.S. to defeat aggression and promote norms of behavior in space

“Our adversaries have made space a war-fighting domain, and we have to adapt our national security organizations, policies, strategies, doctrine, security classification frameworks and capabilities for this new strategic environment. Over the last year we have established the necessary organizations to ensure we can deter hostilities, demonstrate responsible behaviors, defeat aggression and protect the interests of the United States and our allies.”

***

An illustration of a Kilopower nuclear reactor on the moon. Development of surface nuclear power technologies is a key element of the roadmap included in Space Policy Directive 6. Credit: NASA

The White House released a new space policy directive Dec. 16 intended to serve as a strategic roadmap for the development of space nuclear power and propulsion technologies.

Space Policy Directive (SPD) 6, titled “National Strategy for Space Nuclear Power and Propulsion,” discusses responsibilities and areas of cooperation among federal government agencies in the development of capabilities ranging from surface nuclear power systems to nuclear thermal propulsion, collectively known as space nuclear power and propulsion (SNPP).

“This memorandum establishes a national strategy to ensure the development and use of SNPP systems when appropriate to enable and achieve the scientific, exploration, national security, and commercial objectives of the United States,” the 12-page document states.

SPD-6 sets out three principles for the development of space nuclear systems: safety, security and sustainability. It also describes roles and responsibilities for various agencies involved with development, use or oversight of such systems.

Much of the document, though, is a roadmap for the development of nuclear power and propulsion systems. It sets a goal of, by the mid-2020s, developing uranium fuel processing capabilities needed for surface power and in-space propulsion systems. By the mid to late 2020s, NASA would complete the development and testing of a surface nuclear power system for lunar missions that can be scalable for later missions to Mars.

SPD-6 calls for, by the late 2020s, establishing the “technical foundations and capabilities” needed for nuclear thermal propulsion systems. It also sets a goal of developing advanced radioisotope power systems, versions of radioisotope thermoelectric generators (RTGs) long used on NASA missions, by 2030.

Many of the initiatives outlined in SPD-6 are already in progress. NASA has been working with the Department of Energy (DOE) on a project called Kilopower to develop surface nuclear reactors, including efforts to seek proposals to develop a reactor for use on the moon. NASA has also been studying nuclear thermal propulsion, an initiative backed by some in Congress who have set aside funding in NASA’s space technology program for that effort.

“We have these individual initiatives going on — nuclear thermal power, the Kilopower activities — and what we’re trying to do is pull together a common operating picture for Defense, NASA and DOE,” said a senior administration official, speaking on background about SPD-6.

That roadmap and schedule is also intended to prioritize those activities. Surface nuclear power is needed in the nearer term to support lunar missions later in the decade, particularly to handle the two-week lunar night. Nuclear thermal propulsion, as well as alternative nuclear electric propulsion technologies, are less critical since they are primarily intended to support later missions to Mars.

“Those things are important for going to Mars,” the official said of nuclear propulsion, “but first we’re doing the moon and leveraging terrestrial capabilities and technologies to put that foothold on the moon.”

Another issue addressed in SPD-6 is the use of different types of uranium. Tests in 2018 as part of the Kilopower program used highly enriched uranium, or HEU. That project, and discussions by NASA and DOE to use HEU for flight reactors, raised concerns in the nuclear nonproliferation community. They were worried that it could set a precedent for renewed production of HEU, which is also used in nuclear weapons.

SPD-6 restricts, but does not prohibit, the use of HEU in space nuclear systems. “Before selecting HEU or, for fission reactor systems, any nuclear fuel other than low-enriched uranium (LEU), for any given SNPP design or mission, the sponsoring agency shall conduct a thorough technical review to assess the viability of alternative nuclear fuels,” it states.

“We want to keep those proliferation concerns foremost in our minds,” a senior administration official said. “We don’t want to necessarily rule out HEU if that’s the only way to get a mission about, but we want to be very deliberate about it.”

The policy, an official said, “sets an extremely high bar” for non-defense use of HEU on space systems, citing progress on high-assay low enriched uranium, which can provide power levels similar to HEU systems with only a modest mass penalty.

The White House released SPD-6 a week after it issued a new national space policy during a meeting of the National Space Council. That broader policy briefly addressed space nuclear power and propulsion, discussing roles for various agencies, but did not mention the roadmap or other details found in SPD-6.

Many thought the release of the national space policy would conclude the administration’s work on space policy, making SPD-6 something of a surprise. A senior administration official said work on various space policy directives and the national space policy had been slowed down by the coronavirus pandemic, but wouldn’t rule out additional announcements in the remaining five weeks of the Trump administration.

Canadian Armed Forces and China’s People’s Liberation Army

Posted on December 15, 2020December 15, 2020 by Denise Simon

This was not a recent event, in fact the documents confirming this winter training exercise took more than 18 months to acquire as a result of a records request. It should be noted that the Trudeau government officials were reckless by not fully redacting certain text, so the discovery was by accident really.

The documents are found here.

It is suggested to the reader to plow through the documents for context, names, dates and locations including Wuhan (virus epicenter).

Here’s the uncensored 34-page secret military file on the ties between the Canadian Armed Forces and China’s People’s Liberation Army.

It’s shocking that Trudeau would force Canadian soldiers to train their enemies. See for yourself here: https://t.co/XWwXiwjJXa

— Ezra Levant ? (@ezralevant) December 9, 2020

The United States raised serious concerns about having the People’s Liberation Army conduct military exercises just north of the U.S. border with a U.S. ally.

“A senior government official said Gen. Vance, on the urgings of the U.S., cancelled winter exercises with the PLA and later all military interactions,” the publication added. “Gen. Vance did allow Canadian Armed Forces personnel to compete at the 2019 Military World Games held in Wuhan, China, that October.”

Michael Chong, the Conservatives’ foreign affairs critic, and James Bezan, the defense critic, slammed leftist Prime Minister Justin Trudeau in a statement for his “stunning lack of leadership.”

“That cold weather warfare that you’re referring to was just one of 18 different joint projects the Canadian armed forces had with the People’s Liberation Army in 2019 alone,” Levant said. “Canada is training one and two star Chinese generals in our war colleges; we’re training lieutenants, and majors, commanders; we’re sending Canadians over to China; we’re bringing Chinese — I think they’re not just soldiers, I think they’re spies as well — to Canada, and I don’t know a single person in this country who knew about it, but it’s been happening, and we found out about it really by accident when the government sent me freedom of information documents and forgot to black them out or maybe, frankly, someone inside the government wanted to blow the whistle on this incredibly upside down relationship.”

“…In these memos, you can see that the Trump Administration warned Canada that this winter warfare training would transfer knowledge to China that could be used. Now, they don’t explain, would it be used to take on Uyghurs in Xinjiang, Tibetans to fight India in the Himalayas, or even to fight us? And when the military, the Canadian military, said our American allies, or our allies are concerned about this, Trudeau’s staff pushed back and said, is it just the Trump Administration, or is anyone else worried about it? So, there’s an antipathy toward America that seeps through all these secret documents, and the overarching goal is to let China’s president Xi Jinping save face.” More here from DW.

Other revelations include:

Disgraced cabinet minister Catherine McKenna jetted to China for a three-day conference just months after the two Michaels were taken hostage
Trudeau sent nearly 200 CAF personnel to Wuhan in October of 2019 to participate in the Military World Games, a propaganda bonanza for China diplomatic reports that China is using its “belt and road” negotiations to demand that countries drop human rights complaints if they want trade deals
Chinese censorship of Twitter use
Chinese use of a smartphone app to track Uyghur Muslims in Xinjiang
Bureaucrats bizarre protocol of referring to accused fraudster and Huawei CFO Meng Wanzhou as “Ms. Meng”, but refusing to even mention the two Michaels by name
Bureaucrats deriding concerns about military knowledge transfer to China as figments of the “Trump Administration”

Details: Cozy Bear, Solarwinds, FireEye and the Hack of the US Govt

Posted on December 15, 2020December 15, 2020 by Denise Simon

Cozy Bear (also called APT29, a known unit of Russia’s SVR foreign intelligence service) appears to have been behind the attack, the Wall Street Journal reports. Moscow denies any involvement in the incident. Reuters adds that the Kremlin thinks the Americans should have been more mutual, more cooperative.

FireEye calls the backdoor “Sunburst.” Microsoft’s Security Response Center has a detailed account of how the malware functions. Both FireEye and Microsoft have upgraded their security products to include measures for detecting and protecting against the attack. SolarWinds urges its customers to “upgrade to Orion Platform version 2020.2.1 HF 1 as soon as possible.”

Global cybersecurity firm FireEye hacked by foreign ... source

When FireEye Inc. discovered that it was hacked this month, the cybersecurity firm’s investigators immediately set about trying to figure out how attackers got past its defenses.

It wasn’t just FireEye that got attacked, they quickly found out. Investigators discovered a vunerability in a product made by one of its software providers, Texas-based SolarWinds Corp.

“We looked through 50,000 lines of source code, which we were able to determine there was a backdoor within SolarWinds,” said Charles Carmakal, senior vice president and chief technical officer at Mandiant, FireEye’s incident response arm.

After discovering the backdoor, FireEye contacted SolarWinds and law enforcement, Carmakal said.

In part: Washington — U.S. government agencies were ordered to scour their networks for malware and disconnect potentially compromised servers after authorities learned that the Treasury and Commerce departments had been hacked in a months-long global cyberespionage campaign. The campaign was discovered when a prominent cybersecurity firm learned it had been breached.

In a rare emergency directive issued late Sunday, the Department of Homeland Security’s cybersecurity arm warned of an “unacceptable risk” to the executive branch from a feared large-scale penetration of U.S. government agencies that could date back to mid-year or earlier.

“This can turn into one of the most impactful espionage campaigns on record,” said cybersecurity expert Dmitri Alperovitch.

The apparent conduit for the Treasury and Commerce Department hacks – and the FireEye compromise – is a hugely popular piece of server software called SolarWinds. It’s used by hundreds of thousands of organizations globally, including most Fortune 500 companies and multiple U.S. federal agencies that will now be scrambling to patch up their networks, said Alperovitch, the former chief technical officer of the cybersecurity firm CrowdStrike.

On its website, SolarWinds says it has 300,000 customers worldwide, including all five branches of the U.S. military, the Pentagon, the State Department, NASA, the National Security Agency, the Department of Justice and the White House. It says the 10 leading U.S. telecommunications companies and top five U.S. accounting firms are also among customers.

The DHS directive – only the fifth since such directives were created in 2015 – said U.S. agencies should immediately disconnect or power down any machines running the impacted SolarWinds software.

“We believe that this vulnerability is the result of a highly-sophisticated, targeted and manual supply chain attack by a nation state,” said SolarWinds CEO Kevin Thompson said in a statement. He said it was working with the FBI, FireEye and intelligence community. More here.

*** SolarWinds of Austin posts sharp rise in revenue - Austin ... source

Many more details on consequence –>

It turns out that the attackers also compromised the Department of Homeland Security. SolarWinds revealed to the Securities and Exchange Commission that the breach may affect 18,000 customers.

It appears that, in March 2020, someone managed to modify the SolarWinds Orion software during the build process—that is, the process that translates the human-readable code and merges it into a form that a computer can execute. This timing is based on both the Microsoft and FireEye analyses, as well as the reported versions affected by SolarWinds.

This modification included a sophisticated and stealthy Trojan program, designed to remotely control any computer that installed SolarWinds Orion. When customers installed the latest update, the Trojan program would start running on the victims’ computers. This is considered a software “supply chain attack”: The intended victims received a polluted copy of the Orion software directly or indirectly from SolarWinds.

What Now?

Christmas is now officially cancelled for three groups. The first is for the IT staff working for the perhaps 18,000 SolarWinds customers affected by the breach, who are going to have to spend the next weeks rebuilding their networks and going over everything with a fine-toothed comb looking for various backdoors. This is going to be a lot of work to sort out. The only good thing is that most of the customers don’t have secondary backdoors to worry about, because the biggest problem faced by the attacker was simply the target-rich environment. Each effort at exploitation increases the risk of discovery, and in the end, there are only so many people who can conduct these attacks.

The second group is the U.S. intelligence community. This attack started in March with the first exploitation starting in April. Either they didn’t know about it—a failure in the “defend forward” philosophy—or they did know about it, in which case they also failed to defend forward. There are going to be tough questions that the intelligence community will need to answer internally.

The final group is the Russian government. This was an amazingly valuable intelligence feed, capturing U.S. government communication leading up to the transition as well as critical insights into U.S. financial controls. Now the feed has gone dark and Russia has lost a hugely powerful asset. But then again, these are a bunch of Russian spies, so in the immortal words of every sysadmin: “fsck those guys”.

More here.