Anyone Interested in FBI Director Wray’s Cyber Concerns?

New York City, New York
January 9, 2018

Raising Our Game: Cyber Security in an Age of Digital Transformation

Remarks prepared for delivery.

Good morning. It’s great to be here with you, and great to be back here in my hometown. Thank you all for joining us. I want to thank Father McShane and Fordham for continuing to help us bring people together to focus on cyber security.

Let me start by saying how honored I feel to be here representing the men and women of the FBI. The almost 37,000 agents, analysts, and staff I get to work with at Headquarters, in our field offices, and around the world are an extraordinary, dedicated, and quite frankly, inspiring bunch. Not a day goes by that I’m not struck by countless examples of their patriotism, courage, professionalism, and integrity. And I could not be more proud, but also humbled, to stand with them as we face the formidable challenges of today—and tomorrow.

The work of the FBI is complex and hits upon nearly every threat facing our country. Today, I’d like to focus on the cyber threat.

Most of you have been thinking about the challenges in this particular arena for a long time. Before taking this job a few months ago, the last time I had to think seriously about cyber security through a law enforcement or national security lens was 12 years ago. Back then, I was head of the Justice Department’s Criminal Division, which included the Computer Crimes and Intellectual Property Section and handled cyber investigations.

It’s safe to say that no area has evolved more dramatically since then, particularly given the blistering pace of technological change. And I’ve spent much of the past few months getting caught up on all things cyber. So maybe the most useful thing I can do today is to offer the viewpoint of someone who’s looking at this world with fresh eyes. I’d like to talk to you about what the cyber threat picture looks like today; what the FBI is doing about it; and most important of all, what’s the way forward? Where’s the threat going? And where do we need to be to meet that threat? And then if we have time, I hope to answer a few questions.

* * *

The cyber threat has evolved dramatically since I left DOJ in 2005. Back then, social media didn’t really exist as we know it today, and “tweeting” was something only birds did. Now…well, let’s just say it’s something that’s a little more on my radar. Today, we live much of our lives online, and everything that’s important to us lives on the Internet—and that’s a scary thought for a lot of people. What was once a minor threat—people hacking for fun or for bragging rights—has turned into full-blown economic espionage and lucrative cyber crime.

This threat now comes at us from all sides. We’re worried about a range of threat actors, from multi-national cyber syndicates and insider threats to hacktivists. We’re seeing an increase in nation-state sponsored computer intrusions. And we’re also seeing a “blended threat”—nation-states using criminal hackers to carry out their dirty work. We’re also concerned about a wide gamut of methods, from botnets to ransomware.

So what’s the FBI doing about the cyber threat? Realistically, we know we can’t prevent every attack, or punish every hacker. But we can build on our capabilities. We can strengthen our partnerships and our defenses. We can get better at exchanging information to identify the telltale signs that may help us link cyber criminals to their crimes. We can impose a variety of costs on criminals who think they can hide in the shadows of cyber space.

We can do all these things—and we are doing all these things.

We’re improving the way we do business, blending traditional investigative techniques with technical capabilities. We’re now assigning work based on cyber experience and ability, rather than on jurisdiction. We now have Cyber Action Teams of agents and experts who can deploy at a moment’s notice, much like our Counterterrorism Fly Teams. We also now have Cyber Task Forces in every field office—much like our Joint Terrorism Task Forces—that respond to breaches, conduct victim-based investigations, and collect malware signatures and other actionable intelligence.

So we’ve strengthened our investigative capabilities, but we need to do our best to actually lay hands on the culprits and lock them up. And even where we can’t reach them, we’re now using all the tools at our disposal—we’re “naming and shaming” them with indictments, and we’re seeking sanctions from the Treasury Department.

We’re also building on our partnerships. We’re working more closely with our federal partners, because this threat is moving so quickly that there’s no time for turf battles. It doesn’t matter if you call us, or DHS, or any other agency—we all work together, so your information will get where it needs to go and you’ll get the help you need. We care less about who you call than that you call, and that you call as promptly as possible.

We’re also working more closely with our foreign partners. We now have cyber agents embedded with our international counterparts in strategic locations worldwide, helping to build relationships and coordinate investigations.

We’re also trying to work better with our private sector partners. We’re sharing indicators of compromise, tactics cyber criminals are using, and strategic threat information whenever we can. I’m sure you can appreciate there are times when we can’t share as much as we’d like to, but we’re trying to get better and smarter about that.

The good news is, we’ve made progress on a number of important fronts. Just this past summer, we took down AlphaBay—the largest marketplace on the DarkNet. Hundreds of thousands of criminals were anonymously buying and selling drugs, weapons, malware, stolen identities, and all sorts of other illegal goods and services through AlphaBay. We worked with the DEA, the IRS, and Europol, and with partners around the globe, to dismantle the illicit business completely. But we were strategic about the takedown—we didn’t want to rush it and lose these criminals. So, we waited patiently and we watched. When we struck, AlphaBay’s users flocked to another DarkNet marketplace, Hansa Market, in droves—right into the hands of our Dutch law enforcement partners who were there waiting for them, and they shut down that site, too.

So we’re adapting our strategy to be more nimble and effective. But the bad news is, the criminals do that too.

I mentioned the “blended threat” earlier. Recently we had the Yahoo matter, where hackers stole information from more than 500 million Yahoo users. In response, last February we indicted two Russian Federal Security Service officers and two well-known criminal hackers who were working for them. That’s the “blended threat”—you have intelligence operatives from nation-states like Russia now using mercenaries to carry out their crimes.

In March, our partners in the Royal Canadian Mounted Police arrested one of the hackers in Canada. The other three are Russian citizens living in Russia, but we made the judgment that it was worth calling them out, so now they’re also fugitives wanted by the FBI—so their vacation destinations are more limited.

So we’re making strides and we’ve had a number of successes—but the FBI still needs to do more to adapt to meet the cyber challenge.

For example, we want to do more to mitigate emerging threats as they spread. While we may not be able to stop all threats before they begin, we can do more at the beginning to stop threats before they get worse. We can share information, identify signatures, and stop similar attacks from happening elsewhere. But to do that, we need the private sector to work with us. At the FBI, we treat victim companies as victims. So, please: When an intrusion affects critical infrastructure; when there’s a potential for impact to national security, economic security, or public health and safety; when an attack results in a significant loss of data, systems, or control of systems; or when there are indications of unauthorized access to—or malware present on—critical IT systems, call us. Because we want to help you, and our focus will be on doing everything we can to help you.

Another thing driving the FBI’s work is that at some point, we’ll have to stop referring to all technical and digital challenges as “cyber.” Sophisticated intrusions and cyber policy issues are very much at the forefront of the conversation. But we also have to recognize that there’s a technology and digital component to almost every case we have now.

Transnational crime groups, sexual predators, fraudsters, and terrorists are transforming the way they do business as technology evolves. Significant pieces of these crimes—and our investigations of them—have a digital component or occur almost entirely online. And new technical trends are making the investigative environment a lot more complex. The Internet of Things, for example, has led to phenomena like the Mirai botnet—malware that uses all these connected devices to overwhelm websites, like the attacks that took down Netflix and Twitter last year.

The digital environment also presents new challenges that the FBI has to address—all kinds of twists for us in terms of what’s coming down the pike. Advances like artificial intelligence or crypto currencies have implications not only for the commercial sector, but for national security. Encrypted communications are changing the way criminals and terrorists plan their crimes—I’ll have more to say on that in a moment. And the avalanche of data created by our use of technology presents a huge challenge for every organization.

I’m convinced that the FBI—like a lot of other organizations—hasn’t fully gotten our arms around these new technologies and their implications for our national security and cyber security work. On our end, we know we need to be working with the private sector to get a clearer understanding of what’s coming around the bend. We need to put our heads together, in conferences like this and in other ways, so we’re better prepared, not just to face current threats, but the threats that will come at us five, 10, and 15 years from now.

When I was last in government, I saw how the 9/11 attacks spurred the FBI to fundamentally transform itself into a more intelligence-based national security organization. In the same way, I believe the new digital environment demands further fundamental transformation from us.

Over the years, FBI investigators have made huge strides in responding to the investigative challenges posed by the digital realm. We have pockets of excellence and talent that we’ve relied on to tackle our most complex technical challenges. But with the wholesale rise of digital challenges, this model won’t work for us anymore. As a big organization spread across 56 field offices and over 80 international offices, we need a new approach. We’ve got to increase our digital literacy across the board.

Some of our smartest people are looking at these challenges and thinking strategically about how the entire FBI can evolve in this rapidly changing environment. We’re focused on building our digital capabilities. We’re also focusing on our people, making sure we continue to attract the right skills and talent—and develop the right talent internally.

One issue I’m fixated on is whether we’re recruiting, hiring, and training now the kind of tech-savvy people we’ll need in five or 10 years. We know that we need more cyber and digital literacy in every program throughout the Bureau—organized crime, crimes against children, white-collar crime, just to name a few. Raising the average digital proficiency across the organization will allow all of our investigators to counter threats more efficiently and effectively, while freeing our true cyber “black belts” to focus on the most vexing attacks, like nation-state cyber intrusions.

We also need to focus more on innovation, approaching problems in new ways, with new ideas—which isn’t something, to be honest, that always comes naturally in government. We can’t just rely on the way we’ve always done things. And I don’t mean just technological innovation; I mean innovation in how we approach challenges, innovation in partnerships, innovation in who we hire, innovation in how we train, and innovation in how we build our workforce for the future.

So we need more innovation, and more of the right people. But the FBI can’t navigate the digital landscape alone. We also need to build stronger partnerships—with our counterparts in federal agencies, with our international counterparts, with the cyber research community, and with the private sector. And we need to do a better job of focusing our combined resources—trying to get our two together with your two to have it somehow equal more than four; to make it five or six or seven.

Finally, in some cases we may need lawmakers to update our laws to keep pace with technology. In some ways, it’s as if we still had traffic laws that were written for the days of the horse-and-carriage. The digital environment means we don’t simply need improved technical tools; we also need legal clarifications to address gaps.

* * *

I want to wrap up by talking about two challenges connected to the digital revolution. The first is what we call the “Going Dark” problem. This challenge grows larger and more complex every day. Needless to say, we face an enormous and increasing number of cases that rely on electronic evidence. We also face a situation where we’re increasingly unable to access that evidence, despite lawful authority to do so.

Let me give you some numbers to put some meat on the bones of this problem. In fiscal year 2017, we were unable to access the content of 7,775 devices—using appropriate and available technical tools—even though we had the legal authority to do so. Each one of those nearly 7,800 devices is tied to a specific subject, a specific defendant, a specific victim, a specific threat.

I spoke to a group of chief information security officers recently, and someone asked about that number. They basically said, “What’s the big deal? There are millions of devices out there.” But we’re not interested in the millions of devices used by everyday citizens. We’re only interested in those devices that have been used to plan or execute criminal or terrorist activities.

Some have argued that having access to the content of communications isn’t necessary—that we have a great deal of other information available outside of our smart phones and our devices; information including transactional information for calls and text messages, or metadata. While there’s a certain amount we can glean from that, for purposes of prosecuting terrorists and criminals, words can be evidence, while mere association between subjects isn’t evidence.

Being unable to access nearly 7,800 devices is a major public safety issue. That’s more than half of all the devices we attempted to access in that timeframe—and that’s just at the FBI. That’s not even counting a lot of devices sought by other law enforcement agencies—our state, local, and foreign counterparts. It also doesn’t count important situations outside of accessing a specific device, like when terrorists, spies, and criminals use encrypted messaging apps to communicate.

This problem impacts our investigations across the board—human trafficking, counterterrorism, counterintelligence, gangs, organized crime, child exploitation, and cyber. And this issue comes up in almost every conversation I have with leading law enforcement organizations, and with my foreign counterparts from most countries—and typically in the first 30 minutes.

Let me be clear: The FBI supports information security measures, including strong encryption. But information security programs need to be thoughtfully designed so they don’t undermine the lawful tools we need to keep this country safe.

While the FBI and law enforcement happen to be on the front lines of this problem, this is an urgent public safety issue for all of us. Because as horrifying as 7,800 in one year sounds, it’s going to be a lot worse in just a couple of years if we don’t find a responsible solution.

The solution, I’ll admit, isn’t so clear-cut. It will require a thoughtful and sensible approach, and may vary across business models and technologies, but—and I can’t stress this enough—we need to work fast.

We have a whole bunch of folks at FBI Headquarters devoted to explaining this challenge and working with stakeholders to find a way forward. But we need and want the private sector’s help. We need them to respond to lawfully issued court orders, in a way that is consistent with both the rule of law and strong cybersecurity. We need to have both, and can have both.

I recognize this entails varying degrees of innovation by the industry to ensure lawful access is available. But I just don’t buy the claim that it’s impossible.

For one thing, many of us in this room use cloud-based services. You’re able to safely and securely access your e-mail, your files, and your music on your home computer, on your smartphone, or at an Internet café in Tokyo. In fact, if you buy a smartphone today, and a tablet in a year, you’re still able to securely sync them and access your data on either device. That didn’t happen by accident. It’s only possible because tech companies took seriously the real need for both flexible customer access to data and cyber security. We at the Bureau are simply asking that law enforcement’s lawful need to access data be taken just as seriously.

Let me share just one example of how we might strike this balance. Some of you might know about the chat and messaging platform called Symphony, used by a group of major banks. It was marketed as offering “guaranteed data deletion,” among other things. That didn’t sit too well with the regulator for four of these banks, the New York State Department of Financial Services. DFS was concerned that this feature could be used to hamper regulatory investigations on Wall Street.

In response to those concerns, the four banks reached an agreement with the Department to help ensure responsible use of Symphony. They agreed to keep a copy of all e-communications sent to or from them through Symphony for seven years. The banks also agreed to store duplicate copies of the decryption keys for their messages with independent custodians who aren’t controlled by the banks. So the data in Symphony was still secure and encrypted—but also accessible to regulators, so they could do their jobs.

I’m confident that with a similar commitment to working together, we can find solutions to the Going Dark problem. After all, America leads the world in innovation. We have the brightest minds doing and creating fantastic things. If we can develop driverless cars that safely give the blind and disabled the independence to transport themselves; if we can establish entire computer-generated virtual worlds to safely take entertainment and education to the next level, surely we should be able to design devices that both provide data security and permit lawful access with a court order.

We’re not looking for a “back door”—which I understand to mean some type of secret, insecure means of access. What we’re asking for is the ability to access the device once we’ve obtained a warrant from an independent judge, who has said we have probable cause.

We need to work together—the government and the technology sector—to find a way forward, quickly.

In other parts of the world, American industry is encountering requirements for access to data—without any due process—from governments that operate a little differently than ours, to put it diplomatically. It strikes me as odd that American technology providers would grant broad access to user data to foreign governments that may lack all sorts of fundamental process and rule of law protections—while at the same time denying access to specific user data in countries like ours, where law enforcement obtains warrants and court orders signed by independent judges.

I just cannot believe that any of us in this room thinks that paradox is the right way to go. That’s no way to run a railroad, as the old saying goes.

A responsible solution will incorporate the best of two great American traditions—the rule of law and innovation. But for this to work, the private sector needs to recognize that it’s part of the solution. We need them to come to the table with an idea of trying to find a solution, as opposed to trying to find a way to build systems to prevent a solution. I’m open to all kinds of ideas, because I reject this notion that there could be such a place that no matter what kind of lawful authority you have, it’s utterly beyond reach to protect innocent citizens. I also can’t accept that anyone out there reasonably thinks the state of play as it exists now—and the direction it’s going—is acceptable.

Finally, let me briefly mention another issue that has a huge effect on the FBI’s national security work, including cyber—the re-authorization of Section 702 of the Foreign Intelligence Surveillance Act, or FISA.

The speed and scope of the cyber threat demands that we use every lawful, constitutional tool we’ve got to fight it. Section 702 is one of those tools.

I want to stress once again how vital this program is for the FBI’s national security mission. Section 702 is an essential foreign intelligence authority that permits the targeted surveillance of non-U.S. persons overseas. It’s especially valuable to the FBI, because it gives us the agility we need to stay ahead of today’s rapidly changing global threats.

I bring all this up today because unless renewed by Congress, Section 702 is set to expire later this month. Without 702, we would open ourselves up to intelligence gaps that would make it easier for bad cyber actors and terrorists to attack us and our allies—and make it harder for us to detect these threats.

We simply can’t afford for that to happen. So the FBI has spent an enormous amount of time, as have our partners in the intelligence community, working together with Congress to find a way to re-authorize Section 702 while addressing their concerns. My fervent hope is that before the extension expires, Congress will re-authorize Section 702 in a manner that doesn’t significantly affect our operational use of the program, or endanger the security of the American people.

* * *

So that’s a perspective on cyber from the new guy back on the block.

If one thing’s become clear to me after immersing myself again in this world for the past few months, it’s the urgency of the task we all face. High-impact intrusions are becoming more common; the threats are growing more complex; and the stakes are higher than ever.

That requires all of us to raise our game—whether we’re in law enforcement, in government, in the private sector or the tech industry, in the security field, or in academia. We need to work together to stay ahead of the threat and to adapt to changing technologies and their consequences—both expected and unexpected. Because at the end of the day, we all want the same thing: To protect our innovation, our systems, and, above all, our people.

Thank you all for everything you’re doing to make the digital world safer and more secure, and for joining us here in New York. I look forward to working with you in the years to come.

**** Image result for fbi cyber unit operations photo

The FBI’s mission in cybersecurity is to counter the threat by investigating
intrusions to determine criminal, terrorist, and nation-state actor identities, and engaging in activities
to reduce or neutralize these threats. At the same time, the FBI collects and disseminates information significant to those responsible for defending networks, including information regarding threat actor targets and techniques.
The FBI’s jurisdiction is not defined by network boundaries; rather, it includes all territory governed by
U.S. law, whether domestic or overseas, and spans individual citizens, private industry, critical
infrastructure, U.S. government, and other interests alike. Collectively, the FBI and its federal partners
take a whole-of-government approach to help deter future threats and bring closure to current threats
that would otherwise continue to infiltrate and harm our network defenses.
In July 2015, the FBI, in coordination with foreign law enforcement partners, dismantled a computer
hacking forum known as Darkode, which was a one-stop, high-volume shopping venue for some of the
world’s most prolific cyber criminals. This underground, password-protected online forum was a
meeting place for those interested in buying, selling, and trading malware, botnets, stolen personally
identifiable information, and other pieces of data and software that facilitated complex global cyber
crimes. As the result of this multi-year investigation, called Operation Shrouded Horizon, the FBI’s
Cyber Division and international partner agencies took down Darkode through coordinated law
enforcement action.
This international takedown involved Europol and 20 cooperating countries and is
believed to be the largest coordinated law enforcement operation to date against a forum based criminal
enterprise. Operation Shrouded Horizon resulted in charges, arrests, and searches of 70 Darkode
members and associates including indictments in the United States against 12 individuals associated
with the forum including the administrator. As part of the law enforcement action, the FBI seized
Darkode’s domain name and servers. This operation highlighted the FBI Cyber Division’s mission to
identify, pursue, and defeat cyber adversaries targeting global U.S. interests through collaborative
international partnerships. More here.

Space X Zuma Launched Failed, or did it?

Could this have been a classified payload to destroy North Korea’s own spy satellite or their next ICBM launch or Iran’s or Russia’s such that the real answers will never be forthcoming, meaning it is a ploy? Maybe even China?

Image result for zuma payload photo and more information here.

Space-Track has cataloged the Zuma payload as USA 280, international designation 2018-001A. Catalog number 43098. No orbit details given. No reentry date given, but for a secret payload it might not be. Implication is Space-Track thinks it completed at least one orbit.

Related reading: Did SpaceX’s secret Zuma mission actually fail?

SpaceX’s latest rocket may have launched successfully – but the mission didn’t end as a win. The Zuma payload it was carrying, a mysterious classified piece of cargo for the U.S. government believed to be a spy satellite, was lost after it failed to separate from the second stage of the rocket after the first stage of the Falcon 9 separated as planned and returned to Earth.

The WSJ reports, and we’ve confirmed separately, that the payload is thought to have fallen back through the Earth’s atmosphere after reaching space, because of the failure to separate. The failure is one that can happen when cargo doesn’t properly detach as planned, since the second stage is designed to fall back to Earth and burn up in re-entry.

SpaceX had launched as planned on January 7 in its target window, and recovered the first stage of the booster with a landing at its Cape Canaveral facility. Because of the nature of the mission, coverage and information regarding the progress of the rocket and its payload from then on was not disclosed.

The payload, codenamed Zuma, was contracted for launch by Northrop Grumman by the U.S. government, and Northrop selected SpaceX as the launch provider. SpaceX had previously launched the U.S. Air Force’s X-37B spacecraft, and was approved for flying U.S. government payloads with national security missions.

The satellite was likely worth billions, according to the WSJ, which makes this the second billion-dollar plus payload that SpaceX has lost in just over two years; the last was Facebook’s internet satellite, which was destroyed when the Falcon 9 it was supposed to launch on exploded during preflight preparations in September 2016.

This could be a significant setback for SpaceX, since these kinds of contracts can be especially lucrative, and it faces fierce competition from existing launch provider ULA, jointly operated by Boeing and Lockheed Martin.

We’ve reached out to SpaceX and will update if they provide additional comment.

Update – SpaceX provided the following statement regarding the mission, which could suggest the fault lies with something provided by launch partner Northrop Grumman or the payload itself:

“We do not comment on missions of this nature; but as of right now reviews of the data indicate Falcon 9 performed nominally.“

CDC Planning for a Nuclear Attack

“Join us for this session of Grand Rounds to learn what public health programs have done on a federal, state, and local level to prepare for a nuclear detonation,” urges the CDC email advising people on one of the agency’s mailing lists about the session. “Learn how planning and preparation efforts for a nuclear detonation are similar and different from other emergency response planning efforts.”

The CDC holds grand rounds virtually monthly on topics such as birth defects prevention, diseases spread by ticks, and sodium reduction. A previous grand rounds on radiological and nuclear disaster preparedness was offered in March 2010. More here.

Image result for nuclear detonation photo

Hawaii has already been preparing and practicing.

Perhaps CNN and MSNBC would do well to report this rather than the constant harangue of Donald Trump… CNN kinda has reported this, but you had to look hard to find it.

Welcome to 2018. It’s been an apocalyptic start to the new year. And according to the US Centers for Disease Control and Prevention, the worst could be yet to come.

The agency wants the American public to get ready for the possibility of a nuclear strike, reports Politico, and it has posted a notice for a Jan. 16 briefing titled “Public Health Response to a Nuclear Detonation.” The session in Atlanta, Georgia will include experts on radiation and disaster preparedness and discuss what federal, state and local governments are doing to prepare.

The CDC is pictured. | AP Photo Over the weekend, a former chairman of the joint chiefs of staff under two presidents said the U.S. is closer to nuclear war with North Korea “than we have ever been.” | AP Photo

While they are meeting, here is a 204 page document for review.

Kinda serious here:

The CDC wants the public to be prepared for nuclear war.

The agency has posted a notice touting a Jan. 16 briefing about the work that federal, state and local governments are doing in case of a possible nuclear strike.

CDC on Friday said that the event has been in the works since last April.

The briefing is part of the agency’s monthly “Grand Rounds” sessions at its Atlanta headquarters. Upcoming briefings are mostly devoted to more conventional public health concerns, such as childhood vaccinations and hepatitis C. More here.

*** Here is a recommendation document by government agencies for review.

While a nuclear detonation is unlikely, it would have devastating results and there would be limited time to take critical protection steps. Despite the fear surrounding such an event, planning and preparation can lessen deaths and illness. For instance, most people don’t realize that sheltering in place for at least 24 hours is crucial to saving lives and reducing exposure to radiation. While federal, state, and local agencies will lead the immediate response efforts, public health will play a key role in responding.

Join us for this session of Grand Rounds to learn what public health programs have done on a federal, state, and local level to prepare for a nuclear detonation. Learn how planning and preparation efforts for a nuclear detonation are similar and different from other emergency response planning efforts.

 

 

Hey NoKo, You can Keep Your Nukes, Need Missiles?

Frontline reported:

Farley Mesko, CEO of Sayari Analytics, a Washington-based financial intelligence firm, said there is somewhere between 100 and 300 Chinese companies that have joint ventures with North Korean companies. Of those, several dozen work specifically with sanctioned North Korean entities.

For example, in September 2016, the Justice Department filed criminal charges against Ma Xiaohong, owner of the Dandong Hongxiang Industrial Development Company (DHID), an industrial machinery and equipment wholesaler in China, and several associates, for working on behalf of a sanctioned North Korean bank, Korea Kwangson Banking Corp, to help them evade U.S. sanctions. More here.

Back in November:

The US has imposed ​​more sanctions on North Korea as well as​ Chinese firms that trade with the regime, as part of its campaign t​​o convince Pyongyang to abandon its missile and nuclear weapons programmes. The Treasury on Tuesday unveiled sanctions on one Chinese individual, 13 entities that included four Chinese trading companies, and 20 shipping vessels that it says are helping North Korea evade UN sanctions. More here.

***

Image result for china aids north korea photo

FB: China’s Communist Party adopted a secret plan in September to bolster the North Korean government with increased aid and military support, including new missiles, if Pyongyang halts further nuclear tests, according to an internal party document.

The document, labeled “top secret” and dated Sept. 15—12 days after North Korea’s latest underground nuclear blast—outlines China’s plan for dealing with the North Korean nuclear issue. It states China will allow North Korea to keep its current arsenal of nuclear weapons, contrary to Beijing’s public stance that it seeks a denuclearized Korean peninsula.

Chinese leaders also agreed to offer new assurances that the North Korean government will not be allowed to collapse, and that Beijing plans to apply sanctions “symbolically” to avoid punishing the regime of leader Kim Jong Un under a recent U.N. resolution requiring a halt to oil and gas shipments into North Korea.

A copy of the four-page Chinese-language document was obtained by the Washington Free Beacon from a person who once had ties to the Chinese intelligence and security communities. An English translation can be found here.

CIA spokesmen had no immediate comment on the document that could not be independently verified.

A Chinese Embassy spokesman did not return emails seeking comment.

Disclosure of the document comes amid reports China is continuing to send oil to North Korea in violation of United Nations sanctions, prompting criticism from President Trump. Trump tweeted last week that China was caught “red handed” allowing oil shipments to North Korea.

“There will never be a friendly solution to the North Korean problem if this continues to happen,” the president stated on Dec. 28.

Release of the classified internal document is unusual since China’s communist system imposes strict secrecy on all party policies. Exposure of the secret Central Committee directive could indicate high-level opposition within the party to current supreme leader Xi Jinping, who has consolidated more power than any leader since Mao Zedong.

China: Pressure on North Korea won’t work

China’s leaders, according to the document, concluded that international pressure will not force North Korea to give up its nuclear weapons, estimated to be at least 20 warheads.

As a result, the Central Committee of the party directed its International Liaison Department, the organ in charge of communicating with foreign political parties, to inform Pyongyang of China’s continued backing.

The head of the Liaison Department, Song Tao, visited Pyongyang Nov. 17 and met with senior North Korean officials. North Korean state media did not provide details of the talks, other than to say issues of mutual concern were discussed.

The directive appears written in response to the United Nations Security Council resolution passed after the Sept. 3 North Korean nuclear test. Included among the resolution’s new sanctions are restrictions on oil and gas transfers, including a ban on transferring oil between ships in open ocean waters.

On the U.N. requirement to shut down oil and gas transfers from China to North Korea, the party document said after North Korean businesses in China will be closed under the terms of the latest U.N. resolution, “our country will not for the moment restrict Korea from entrusting qualified Chinese agencies from trade with Korea or conducting related trade activities via third countries (region).”

A directive ordered the Liaison Department to offer a promised increase in aid for “daily life and infrastructure building” and a one-time increase in funds for North Korea of 15 percent for 2018. Chinese aid will be then be increased annually from 2019 through 2023 by “no less than 10 percent over the previous year.”

The Chinese also promised the North Koreans that in response to calls to suspend all banking business with North Korea that the financial ban will “only apply to state-owned banks controlled by the central government and some regional banks.”

On military support, the document reveals that China is offering North Korean “defensive military construction” and “high level military science and technology.”

The weaponry will include “more advanced mid- and short-range ballistic missiles, cluster munitions, etc.,” the document said.

“Your department should at the same time seriously warn the Korean authority not to overdo things on the nuclear issue,” the document says.

“Currently, there is no issue for our country to forcefully ask Korea to immediately and completely give up its nuclear weapons. Instead, we ask Korea to maintain restraint and after some years when the conditions are ripe, to apply gradual reforms and eventually meet the requirement of denuclearization on the Korean Peninsula.”

Beijing to warn Kim of ‘punitive measures’

The document then directs the Liaison Department to warn that if North Korea insists on acting rashly, further punitive measures will be imposed on senior North Korean leaders and their family members.

The directive lists “requirements” for the Liaison Department to pursue, including informing the North Koreans of China’s “determination to protect the Korean government on behalf of the Central Committee of CPC.”

Liaison officials also were tasked with informing the North Koreans of promises of support and aid in exchange for Pyongyang making “substantial compromises on its nuclear issues.”

“According to the current deployment of world forces and the geographic position of the Korean Peninsula, to prevent the collapse of the Korean government and the possible direct military confrontation with western hostile forces led by the United States on the Korean Peninsula caused by these issues, our country, Russia, and other countries will have to resort to all the effective measures such as diplomatic mediation and military diversion to firmly ensure the peace and stability on the Korean Peninsula and to prevent ‘chaos and war,’ which is also the common position held firmly by our country, Russia, and others,” the report says.

The document states that if the United States “rushes to war” against North Korea, the conflict would have a huge impact on the political and economic state of the region and the world.

“At such a time, the security of Japan and (South) Korea can be hardly taken care of, especially the security of Seoul, the (South) Korean capital,” the document says.

“Also, our country, Russia, and others will absolutely not look on the chaotic situation on the Korean Peninsula without taking any action.”

The document states that China believes that “theoretically” western powers will not use military force to overthrow the Kim Jong Un regime to solve the nuclear issue.

“However, international provocations by Korea via repeatedly conducting nuclear tests has imposed huge international pressure on our country that is continuously accumulating and becoming unbearably heavy,” the document says.

‘Stern warning’ and ‘assurances’

The deal outlined in the document to be communicated to Pyongyang includes a “stern warning” combined with “related assurances to Korea at the same time.”

“That is, currently Korea will not have to immediately give up its nuclear weapons, that so long as Korea promises not to continue conducting new nuclear tests and immediately puts those promises into action, our country will immediately increase economic, trade, and military assistance to Korea, and will add or continue providing the following benefits,” the report states.

The first item then lists greatly increasing trade with North Korea to keep the government operating and to raise the living standard of North Koreans.

“As for products under international sanctions such as crude oil products (except for the related products clearly defined as related to nuclear tests), under the condition of fully ensuring domestic demand of Korea, we will only make a symbolic handling or punishment,” the Party document said.

Past document leaks have included party documents on decision making related to the 1989 military crackdown on unarmed protesters in Beijing’s Tiananmen Square published in the 2001 book The Tiananmen Paper.

A more recent disclosure in October was the release of an internal Communist Party document authorizing the Ministry of State Security, China’s civilian spy service, to dispatch 27 intelligence officers to the United States to “crush hostile forces.” That document was made public by exiled Chinese businessman-turned-dissident Guo Wengui.

Orville Schell, a China specialist who worked on the Tiananmen Papers, said he could not authenticate the document but said it has “an air of veracity.”

“The language in Chinese is spot on party-speak, and the logic of the argument would appear to be congruent with the current line and what is happening,” said Schell, director of the Center on U.S.-China Relations at the Asia Society in New York.

Columbia University Professor Andrew Nathan also could not authenticate the document but said it looks genuine. “The typeface, layout, header, seal, vocabulary, and diction are all those of an official inner party document,” said Nathan who also worked on the Tiananmen papers.

Nathan said the document appeared to be a directive for International Liaison Department director Song Tao’s mission to Pyongyang two months later, and Beijing’s attempt to press North Korea to halt nuclear tests using a combination of incentives and warnings.

The Chinese language version uses some terms that reveal China’s contempt for North Korea, such as the term “ruling authorities” for the Kim regime, something Nathan said is an “unfriendly” tone.

Former State Department intelligence official John Tkacik, a China affairs specialist, said the document appears genuine and if confirmed as authentic would represent “a bombshell” disclosure.

Tkacik told the Free Beacon the document, may be “evidence that China has no real commitment to pressuring North Korea to give up nuclear weapons, and indeed sees North Korean nuclear arms as an additional strategic threat to the United States, one that China can claim no influence over.”

“Reading between the lines, it is clear that China views North Korea as giving it leverage with the U.S., so long as the U.S. believes that China is doing all it can do,” Tkacik said.

Former U.S. Ambassador to the United Nations John Bolton said if the document is authentic, “it reveals China’s policy to be completely cynical and utterly detached from its publicly stated position.”

“The White House would have to react accordingly,” he added.

Trump criticizes past N. Korea policies

Trump last week tweeted a video showing then-President Bill Clinton praising the 1994 Agreed Framework that Clinton said would freeze and ultimately dismantle the North Korean nuclear program.

The video also included a clip of Trump on NBC’s “Meet the Press” from 1999 urging action then to stop the North Korean nuclear program in its early stages.

Trump told the New York Times after the tweet he was disappointed China is secretly shipping oil to North Korea. “Oil is going into North Korea. So I’m not happy about it,” he said, adding that he has been “soft on China” for its unfair trade practices and technology theft.

“China has a tremendous power over North Korea. Far greater than anyone knows,” Trump said Dec. 28, adding that “China can solve the North Korea problem, and they’re helping us, and they’re even helping us a lot, but they’re not helping us enough.”

“If they don’t help us with North Korea, then I do what I’ve always said I want to do,” the president added. “China can help us much more, and they have to help us much more … We have a nuclear menace out there, which is no good for China, and it’s not good for Russia. It’s no good for anybody.”

The Trump administration has been signaling for months it is prepared to use military force against North Korea to rid the country of nuclear arms and missile delivery systems.

North Korea conducted several long-range missile tests in 2017 that U.S. officials have said indicate rapid progress toward building a missile capable of targeting the United States with a nuclear warhead.

Defense Secretary Jim Mattis said Dec. 29 that he has drawn up military options for operations against North Korea.

“I don’t speculate, as you know, about future operations by our forces,” Mattis told reporters. “But with three U.N. Security Council resolutions in a row, unanimously adopted, each one has put significantly more pressure on the North Korean regime for its provocations, for its outlaw activities. I think you will see increased pressure. What form that pressure takes in terms of physical operations is something that will be determined by the Congress and government.”

Asked if the United States is closer to war with North Korea, Mattis said: “You know, I provide military options right now. This is a clearly a diplomatically led effort with a lot of international diplomatic support. It’s got a lot of economic buttressing, so it’s not like it’s just words. It’s real activities.”

China backs N. Korea as buffer zone

The party directive states that China regards North Korea as a strategic “buffer zone” needed to “fend off hostile western forces.” Ideologically, North Korea also is important to China in promoting its vision of “socialism with Chinese characteristics led by our Party” and identifying North Korea as “irreplaceable.”

According to the document, the Party regards the “continuity of the Korean government,” maintaining peace on the Korean Peninsula and one of its unwavering goals.

“This issue is about the peace and stability of the Korean Peninsula and the fundamental interests of our Party, our country, and all Chinese people,” the document concludes, adding that the department should quickly coordinate with the Foreign and Commerce Ministries and other agencies to develop an operational plan to implement the policy “to ensure the sense of responsibility, to strictly maintain related confidentiality, and to seriously accomplish the heavy tasks entrusted by the Central Committee of CPC.”

The document bears the seal of the General Office of the Communist Party Central Committee, the office in charge of administrative affairs. Copies were sent to the administrative offices of the National People’s Congress, State Council, and Central Military Commission.

The internal document states that the new policy toward the North Korean nuclear issue is based on consultations among key power organs within the ruling party, including the Central Committee and State Council, along with what was termed “the guiding spirit” of meetings held by the National Security Commission, headed by Chinese leader Xi Jinping.

“After research and assessment, the Central Committee of the Communist Party of China decided to authorize your department to lead and organize the communication and coordination work with the Korean administration on its nuclear issues,” the document states.

Remember, Obama Removed Iran/Hezbollah from Terror List

In February of 2015, yup the Obama administration instructed the intelligence community to remove Iran and it’s proxies such as Hezbollah from the terror list mostly due to the Iran nuclear deal and the assistance Iran was providing the Baghdad government in fighting Islamic State…..ahem….sure thing.

“Islamic Revolutionary Guard Corps-Qods Force (IRGC-QF) and Lebanese Hezbollah are instruments of Iran’s foreign policy and its ability to project power in Iraq, Syria, and beyond,” that assessment, also submitted to the Senate of February 26, said in its section on terrorism. “Hezbollah continues to support the Syrian regime, pro-regime militants and Iraqi Shia militants in Syria. Hezbollah trainers and advisors in Iraq assist Iranian and Iraqi Shia militias fighting Sunni extremists there. Select Iraqi Shia militant groups also warned of their willingness to fight US forces returning to Iraq.” More here.

***

But Hezbollah’s more recent moves in Latin America are very much a matter of interest for investigators, too. In October, a joint FBI-NYPD investigation led to the arrest of two individuals who were allegedly acting on behalf of Hezbollah’s terrorist wing, the Islamic Jihad Organization (IJO). At the direction of their Hezbollah handlers, one person allegedly “conducted missions in Panama to locate the U.S. and Israeli Embassies and to assess the vulnerabilities of the Panama Canal and ships in the Canal,” according to a Justice Department press release. The other allegedly “conducted surveillance of potential targets in America, including military and law enforcement facilities in New York City.” In the wake of these arrests, the director of the National Counterterrorism Center warned: “It’s our assessment that Hezbollah is determined to give itself a potential homeland option as a critical component of its terrorism playbook, and that is something that those of us in the counterterrorism community take very, very seriously.” These cases, one official added, are “likely the tip of the iceberg.”

The administration’s counter-Hezbollah campaign is an interagency effort that includes leveraging diplomatic, intelligence, financial and law enforcement tools to expose and disrupt the logistics, fundraising and operational activities of Iran, the Qods Force and the long list of Iranian proxies from Lebanese Hezbollah to other Shia militias in Iraq and elsewhere. But in the words of Ambassador Nathan Sale, the State Department coordinator for counterterrorism, “Countering Hezbollah is a top priority for the Trump administration.” Since it took office, the Trump administration has taken a series of actions against Hezbollah in particular — including indictmentsextraditions, public statements and rewards for information on wanted Hezbollah terrorist leaders — and officials are signaling that more actions are expected, especially in Latin America. Congress has passed a series of bills aimed at Hezbollah as well. The goal, according to an administration official quoted by Politico, is to “expose them for their behavior.” The thinking goes: Hezbollah cannot claim to be a legitimate actor even as it engages in a laundry list of illicit activities that undermine stability at home in Lebanon, across the Middle East region and around the world.

To support this policy, the administration has issued a broad RFI — a request for information — requiring departments and agencies to scour their files and collect new information that could be used to identify targets and help direct and inform the implementation of forthcoming actions. Though it is unclear if it is a result of that RFI, it appears new information is coming in, as evidenced most recently by a little-noticed FBI “Seeking Information” bulletin issued by the Bureau’s Miami Field Office. More here.

***

Image result for iran terror networks photo

All of this has turned quite political on The Hill due in part to recent investigative report published by Politico on how Obama gave Iran, a state sponsor of terror networks worldwide a major pass. In part from Congressional testimony in June of 2017:

Hezbollah has experienced a series of financial setbacks, leading U.S.
officials to describe the group being in the “worst financial shape in decades.”
Indeed, Hezbollah has in recent months resorted to launching an online fundraising crowdsourcing campaign entitled “Equip a Mujahid Campaign” which calls for donations, large or small, payable all at once or in installments, to equip Hezbollah fighters.
Hezbollah has also promoted a fundraising campaign on billboards and posters promoting a program through which supporters whereby supporters can avoid recruitment into Hezbollah’s militia forces for a payment of about $1,000.
These are desperate measures for a group suffering tough financial times.
And yet, Hezbollah continues to collect sufficient funds to deploy a significant militia
at home and next door in Syria, to send smaller groups of operatives to Iraq and Yemen,
and to operate an international terrorist network with deadly effect.
To effectively counter Hezbollah’s financing, the U.S. must lead an international effort to target the group’s illicit financial conduct both at home in Lebanon and around the world. More here.
***
Meanwhile to fully comprehend the full construction of Iranian terror networks globally and the historical facts, go here.
In day 5 of the Iranian people protesting the Iran government, at least a dozen have been killed.

Initially, state TV said that 10 people had been killed overnight, but that figure was later raised to 13 by a regional governor:

  • Six died after shots were fired in the western town of Tuyserkan, 300km (185 miles) south-west of Tehran
  • Later, Hamadan province’s governor told the ISNA agency that another three people had also been killed in the city
  • Two people died in the south-western town of Izeh, an official said
  • Two died in clashes in Dorud in Lorestan province

This has the makings of the conflict seen in Syria as the genesis is the same. Where will this put militant Islamist groups in the mix is an open question. Islamic State did launch a terror attack in June of 2017.

There are other moving parts to the building civil conflicts in Iran and they include Israel, Saudi Arabia, North Korea, Syria, Lebanon, Iraq and the United States.

Image result for protests in iran photo

In part from Reuters: Hundreds have been arrested, according to officials and social media. Online video showed police in the capital Tehran firing water cannon to disperse demonstrators, in footage said to have been filmed on Sunday.

Protests against economic hardships and alleged corruption erupted in Iran’s second city of Mashhad on Thursday and escalated across the country into calls for the religious establishment to step down.

Some of the anger was directed at Ayatollah Ali Khamenei, breaking a taboo surrounding the man who has been supreme leader of Iran since 1989.

Video posted on social media showed crowds of people walking through the streets, some chanting “Death to the dictator!” Reuters was not immediately able to verify the footage. The Fars news agency reported “scattered groups” of protesters in Tehran on Monday and said a ringleader had been arrested.

“The government will show no tolerance for those who damage public property, violate public order and create unrest in society,” Rouhani said in his address on Sunday.

Unsigned statements on social media urged Iranians to continue to demonstrate in 50 towns and cities.

The government said it was temporarily restricting access to the Telegram messaging app and Instagram. There were reports that internet mobile access was blocked in some areas.