Category Archives: NSA Spying

Stuxnet V. 1 Success V. 2 North Korea Failed

Posted on by

Iran wasn’t the only country that had its nuclear ambitions targeted by a sneaky US cyberattack. It turns out the American government also tried to take down North Korea’s nuclear programs with the Stuxnet worm five years ago, Reuters reports. But there was one major difference: That attack ultimately flamed out. While the US managed to get Stuxnet into Iran’s nuclear facilities (reportedly by hacking suppliers), which ultimately led to the destruction of more than a thousand uranium enriching centrifuges, it never managed to get it into North Korea’s core systems. It turns out having an extremely isolated network worked in North Korea’s favor. That’s particularly ironic since Stuxnet quickly made its way out of Iran and wreaked havoc across the web.

The operation began in tandem with the now-famous Stuxnet attack that sabotaged Iran’s nuclear program in 2009 and 2010 by destroying a thousand or more centrifuges that were enriching uranium. Reuters and others have reported that the Iran attack was a joint effort by U.S. and Israeli forces.
According to one U.S. intelligence source, Stuxnet’s developers produced a related virus that would be activated when it encountered Korean-language settings on an infected machine.
But U.S. agents could not access the core machines that ran Pyongyang’s nuclear weapons program, said another source, a former high-ranking intelligence official who was briefed on the program.
The official said the National Security Agency-led campaign was stymied by North Korea’s utter secrecy, as well as the extreme isolation of its communications systems. A third source, also previously with U.S. intelligence, said he had heard about the failed cyber attack but did not know details.
North Korea has some of the most isolated communications networks in the world. Just owning a computer requires police permission, and the open Internet is unknown except to a tiny elite. The country has one main conduit for Internet connections to the outside world, through China.
In contrast, Iranians surfed the Net broadly and had interactions with companies from around the globe.


A spokeswoman for the NSA declined to comment for this story. The spy agency has previously declined to comment on the Stuxnet attack against Iran.
The United States has launched many cyber espionage campaigns, but North Korea is only the second country, after Iran, that the NSA is now known to have targeted with software designed to destroy equipment.
Washington has long expressed concerns about Pyongyang’s nuclear program, which it says breaches international agreements. North Korea has been hit with sanctions because of its nuclear and missile tests, moves that Pyongyang sees as an attack on its sovereign right to defend itself.
U.S. Secretary of State John Kerry said last week that Washington and Beijing were discussing imposing further sanctions on North Korea, which he said was “not even close” to taking steps to end its nuclear program.

Experts in nuclear programs said there are similarities between North Korea and Iran’s operations, and the two countries continue to collaborate on military technology.
Both countries use a system with P-2 centrifuges, obtained by Pakistani nuclear scientist A.Q. Khan, who is regarded as the father of Islamabad’s nuclear bomb, they said.
Like Iran, North Korea probably directs its centrifuges with control software developed by Siemens AG that runs on Microsoft Corp’s Windows operating system, the experts said. Stuxnet took advantage of vulnerabilities in both the Siemens and Microsoft programs.
Because of the overlap between North Korea and Iran’s nuclear programs, the NSA would not have had to tinker much with Stuxnet to make it capable of destroying centrifuges in North Korea, if it could be deployed there.
Despite modest differences between the programs, “Stuxnet can deal with both of them. But you still need to get it in,” said Olli Heinonen, senior fellow at Harvard University’s Belfer Center for Science and International Affairs and former deputy director general of the International Atomic Energy Agency.
NSA Director Keith Alexander said North Korea’s strict limitations on Internet access and human travel make it one of a few nations “who can race out and do damage with relative impunity” since reprisals in cyberspace are so challenging.
When asked about Stuxnet, Alexander said he could not comment on any offensive actions taken during his time at the spy agency.
David Albright, founder of the Institute for Science and International Security and an authority on North Korea’s nuclear program, said U.S. cyber agents probably tried to get to North Korea by compromising technology suppliers from Iran, Pakistan or China.
“There was likely an attempt” to sabotage the North Korean program with software, said Albright, who has frequently written and testified on the country’s nuclear ambitions.

The Stuxnet campaign against Iran, code-named Olympic Games, was discovered in 2010. It remains unclear how the virus was introduced to the Iranian nuclear facility in Natanz, which was not connected to the Internet.
According to cybersecurity experts, Stuxnet was found inside industrial companies in Iran that were tied to the nuclear effort. As for how Stuxnet got there, a leading theory is that it was deposited by a sophisticated espionage program developed by a team closely allied to Stuxnet’s authors, dubbed the Equation Group by researchers at Kaspersky Lab.
The U.S. effort got that far in North Korea as well. Though no versions of Stuxnet have been reported as being discovered in local computers, Kaspersky Lab analyst Costin Raiu said that a piece of software related to Stuxnet had turned up in North Korea.
Kaspersky had previously reported that the software, digitally signed with one of the same stolen certificates that had been used to install Stuxnet, had been submitted to malware analysis site VirusTotal from an electronic address in China. But Raiu told Reuters his contacts had assured him that it originated in North Korea, where it infected a computer in March or April 2010.
Some experts said that even if a Stuxnet attack against North Korea had succeeded, it might not have had that big an impact on its nuclear weapons program. Iran’s nuclear sites were well known, whereas North Korea probably has at least one other facility beyond the known Yongbyon nuclear complex, former officials and inspectors said.
In addition, North Korea likely has plutonium, which does not require a cumbersome enrichment process depending on the cascading centrifuges that were a fat target for Stuxnet, they said.
Jim Lewis, an advisor to the U.S. government on cybersecurity issues and a senior fellow at the Center for Strategic and International Studies, said there are limitations to cyber offense.
A cyber attack “is not something you can release and be sure of the results,” Lewis said.

 

Follow the Nukes, Money and Death(s) to Putin?

Posted on by

Putin clamps down on troop-death data

Rule may hide ‘secret war’ in Ukraine

Putin signed an order Thursday making the deaths of Russian troops lost during “special operations” a secret, amending a previous decree that limited such secrecy to deaths of soldiers in wartime. Some watchers can see only one plausible reason for the change: Russia is gearing up for another military push into Ukraine.

“We’re in a pre-war situation. Right now, there’s going to be another campaign in Ukraine,” said Pavel Felgenhauer, a military analyst based in Moscow, who added that Russia was being secret about losses because “we’re fighting a secret war.” Read much more here.

Embedded image permalink

Who Took Moldovos Millions ~ The Crooks or the Kremlin

On the eve of a national election in tiny Moldova last November, $450 million — equal to 10 percent of the Eastern European country’s entire annual gross domestic product — went missing. So far, no one knows where it went.

Much was at stake in the election. Last June, Moldova’s pro-Europe government signed an association agreement with the European Union. Pro-Russia opponents favored partnership with Moscow’s Eurasian Economic Union instead. The incumbents barely won. Moscow signaled its displeasure with the EU agreement by placing an embargo on the import of Moldovan fruits, vegetables and wine.

Earlier this month, approximately 10,000 Moldovans marched in the streets of the capital, Chisinau, shouting, “Down with the thieves!” and “We want the billions back!”

Kroll, the international risk consultancy, had been engaged to do an initial private investigation. The parliament’s speaker posted this from their report: “There appears to have a deliberate plan to gain control of each of the banks and subsequently manipulate transactions to gain access to credit, whilst giving the appearance to the contrary.” Yet, the National Anti-corruption Center of Moldova claimed the report was based on rumors that leaked to local media. Read more here.

Oppose Putin?

Putin opponent near death in suspected poisoning

An outspoken opponent of Russian President Vladimir Putin was near death Friday from an apparent poisoning just three months after his close political ally was gunned down near the Kremlin, and supporters want him evacuated to Europe or Israel to determine what sickened him.

Vladimir Kara-Murza Jr., who has long been based in Washington, was in a hotel in Moscow when he suddenly lost consciousness May 26 and was hospitalized with what his wife called “symptoms of poisoning.” The 33-year-old is a coordinator for Open Russia, a nongovernmental organization which on the previous day released a documentary film accusing close Putin crony and Chechen strongman Ramzan Kadyrov of human rights abuses including torture and murder.

“Doctors have just confirmed that he was poisoned,” Andrei Bystrov, an opposition activist and friend of the Kara-Murza family, told The Telegraph. “As to what with, they can’t say yet. It could be anything.”

Kara-Murza, a dual Russian-British citizen, was a close associate of opposition leader Boris Nemtsov, who was assassinated in February.

“I am deeply concerned about the mysterious illness of Vladimir Kara-Murza, especially given the recent murder of Boris Nemtsov and the number of Putin’s opponents who have been poisoned,” Rep. Chris Smith, R-N.J., said in a statement

Kara-Murza’s family was trying to get him evacuated to Europe or Israel for toxicology tests after hemodialysis failed to stop complete kidney failure. Read more here.

Nuclear Aggression

NATO Leader Sees Dangerous Trend in Russia’s Nuclear Activities

Russia’s recent use of nuclear rhetoric, exercises and operations are deeply troubling. As are concerns regarding its compliance with the Intermediate Nuclear Forces Treaty.

President Putin’s admission that he considered putting Russia’s nuclear forces on alert while Russia was annexing Crimea is but one example.

Russia has also significantly increased the scale, number and range of provocative flights by nuclear-capable bombers across much of the globe. From Japan to Gibraltar. From Crete to California. And from the Baltic Sea to the Black Sea.

Russian officials announced plans to base modern nuclear-capable missile systems in Kaliningrad. And they claim that Russia has the right to deploy nuclear forces to Crimea.

 

No Longer Nuclear Zero

Posted on by

The nuclear weapons chatter is rising by the day. The Saudis paid for much of Pakistan’s nuclear weapons program that included an agreement to access to weapons at a future date. The ongoing talks the P5+1 with Iran has Saudi Arabia dusting off their immediate options. The White House and John Kerry are seeing a final date slippage with regard to the June 30 deadline, but to what end?

There has been recent inquiries into Israel’s nuclear program exposing their weapons systems, something that has never been previously discussed.

Vladimir Putin has recently increased his own nuclear points and expansion of flights by his nuclear bombers that include the Ukraine, Poland and northern Europe. This has NATO expressing distress and a counter-measures strategy.

Yet Russia has had some chilling nuclear weapons program history putting the world that includes jihadi network into the equation.

Breakdown in U.S.-Russia relations raises risk of nuclear-armed jihadists

In the last several years, a number of troubling events have revealed weaknesses in Russian nuclear security. A Russian general in command of nuclear weapon storage sites was fired due to massive corruption. A colonel in the Russian Ministry of Interior in charge of nuclear security inspections was arrested for soliciting bribes to overlook security violations. One American researcher visiting a nuclear facility was told it would take merely $100 to bribe his way in.

Graft in Russia is rife, and corruption plus available uranium is a troubling combination. This vulnerability is heightened by the fact that at many nuclear sites the accounting systems to track uranium and plutonium could not sufficiently identify thefts of newly manufactured or older stored fissile materials. More broadly, Russia does not possess a master baseline inventory of all nuclear materials produced in the former Soviet Union — and where all of it is today.

At a 2010 summit of world leaders, President Barack Obama described nuclear terrorism as “the single biggest threat to U.S. security.” He’s right — but as the crisis in Ukraine festers, recent U.S. actions have unraveled decades of successful cooperation with Russia to reduce the risk.

While some argue that the United States needs to “punish” Russia due to Moscow’s contribution to the crisis in Ukraine, this is akin to cutting off our nose to spite our face. Given the threat from “loose nukes” to our national security, the United States should take steps to jump-start U.S.-Russian nuclear security cooperation.

When the Soviet Union collapsed in 1991, American policymakers suddenly faced a frightening new threat: Poverty and chaos caused a complete breakdown in security throughout the former Soviet nuclear complex. Insiders at top-secret Russian nuclear weapons plants tried to steal and sell nuclear materials on the black market. Unpaid guards at nuclear sites left their posts to search for food. A senior White House science adviser even discovered more than 150 pounds of highly enriched uranium — enough for several nuclear bombs — sitting unguarded in lockers in the middle of Moscow.

In response to this threat, the United States spent billions of dollars under the Cooperative Threat Reduction (CTR) program to help Russia secure its nuclear materials and facilities. From the deactivation of almost 8,000 Russian nuclear warheads to the building of a massive storage facility for 27 tons of fissile materials, CTR was arguably the most successful American foreign aid program in history.

Following the conclusion of the CTR program in 2013, the U.S. Department of Energy (DOE) and Russia’s state-owned nuclear company Rosatom signed a comprehensive nuclear cooperation agreement. This agreement, which was designed to build trust between the two countries, called for projects ranging from the development of advanced nuclear security and safety technologies, to visits by each side’s scientists to the other’s most sensitive nuclear labs and facilities.

Less than seven months after the agreement was signed, however, the DOE dealt a devastating blow to Russian-American nuclear security cooperation, banning Russian nuclear scientists from visiting the United States while also banning DOE nuclear scientists from visiting Russia.

The current defense budget, passed seven months after the DOE’s action, also bars all funding for nuclear nonproliferation activities and assistance in Russia.

Its pride wounded, Russia retaliated, first announcing it would boycott the 2016 nuclear security summit in Chicago and then informing U.S. officials it would no longer accept American aid to help secure Russia’s weapons-grade uranium and plutonium — a significant blow to U.S. national security.

Nuclear security in Russia is undoubtedly better than it was in the 1990s. Guards at nuclear sites are paid on time. Perimeter fences surrounding these sites no longer have holes. Fissile materials are no longer stored in lockers. That’s the good news.

The bad news is that while physical security at nuclear sites is greatly improved, real problems still remain. Russia continues to have the world’s largest nuclear stockpile and there are more than 200 buildings and bunkers where highly enriched uranium or separated plutonium is stored. Sophisticated criminals could still exploit the remaining weaknesses in Russian nuclear security.

We know that Osama bin Laden considered a nuclear attack targeting American civilians to be a legitimate action, and last year Islamic State stole 88 pounds of non-enriched uranium compounds from a university in Mosul. With nearly 2,000 Russian citizens fighting with Middle East extremist groups, if fissile material does end up in the hands of militants, it is quite possible it will have originated from Russia.

The DOE should work with Rosatom to restart the September 2013 agreement and implement the reciprocal nuclear site visits, scientist-to-scientist cooperation and joint-research the agreement envisions. The personal relationships developed over decades of cooperation between Russian and American scientists are too important to jeopardize — we are only shooting ourselves in the foot by cutting these off.

The United States should also understand that the narrative from the 1990s whereby the United States is a donor and Russia is an aid recipient is no longer acceptable in Moscow. Going forward, nuclear cooperation must be reframed as a partnership of equals, with both sides contributing to the conversation about how and why to strengthen security. Republicans and Democrats should put aside partisan differences and fully fund U.S.-Russian nuclear security cooperation — whatever that ultimately involves. The Obama administration is proposing to spend $348 billion upgrading the U.S. nuclear arsenal over the next ten years. It’s worth spending a tiny fraction of that money to prevent loose nukes.

All of these steps require that the United States end the linkage between nuclear security cooperation with Russia and the crisis in Ukraine. While the current political environment makes this difficult, not doing so is foolhardy.

*** Yet there is nuclear weapons and testing history that is important to understand and an example is the Marshall Islands and the Nuclear Proliferation Treaty. Fascinating read is here. A declassified video is below:

 

al Qaeda, ISIS Success at Force Multiplying

Posted on by

For heavy reading, the UN report on ISIS is here.

Islamist fighters drawn from half the world’s countries, says UN

Report says there are more than 25,000 ‘foreign terrorist fighters’ from 100 countries in jihadi conflicts, who pose an ‘immediate and long-term threat’

More than half the countries in the world are currently generating Islamist extremist fighters for groups such as al-Qaida and Islamic State, the UN has said.

A report by the UN security council says there are more than 25,000 “foreign terrorist fighters” currently involved in jihadi conflicts and they are “travelling from more than 100 member states”.

The number of fighters may have increased by more than 70% worldwide in the past nine months or so, the report says, adding that they “pose an “immediate and long-term [terrorist] threat”.

The sudden rise, though possibly explained by better data, will raise concern about the apparently growing appeal of extremism. The geographic spread of states touched by the phenomenon has expanded, too.

The report notes continuing problems with understanding the processes of radicalisation, but says, despite a concentration on the internet, social networks in conflict zones and western cities play a key role.

“Those who eat together and bond together can bomb together,” the report says.

The report is the first from the UN to take a global view of the problem of “foreign terrorist fighters”, and includes those in Afghanistan, Africa and other theatres as well as Syria and Iraq.

Officials described the estimate of numbers as conservative and said the true total may be more than 30,000. “The rate of flow is higher than ever and mainly focused on movement into the Syrian Arab Republic and Iraq, with a growing problem also evident in Libya,” the report says.

The security council is meeting on Friday to discuss the problem of foreign terrorist fighters and potential measures to combat the threat.

The report comes amid a fierce debate over western strategies to counter Islamic State in Syria and Iraq. Read more here.

The success comes from several tracks, death or solidarity, money and threats of doom to the infidel. Social media efforts by al Qaeda and ISIS wins the hearts and minds, a ground game better defined by mafia tactics. The Muslim Brotherhood invented the concept.

A Twitter account associated with the Syrian branch of al Qaeda (screenshot)

Al Qaeda in Syria ‘Tweeting Jihad to Over 200,000 Followers’

Twitter support for terror group hits high point

Al Qaeda is experiencing a resurgence on Twitter, as feeds associated with the terrorist group are reaching up to 200,000 extremist followers, according to a new report, which criticizes the social networking service for failing to crack down on radical terror groups.

As Twitter works to crack down on accounts affiliated with the Islamic State (IS) terrorist group, it is failing to do the same with al Qaeda-associated accounts, which are routinely “tweeting jihad and martyrdom” to a growing audience of radical followers, according to the Middle East Media Research Institute (MEMRI), which has been tracking the issue for some time.

With terrorist groups becoming increasingly sophisticated on the Internet, Twitter and other social networking services have become key tools for the dissemination of radical propaganda and recruitment.

Though al Qaeda’s ongoing operations have taken a backseat to the exploits of IS, the group founded by Osama bin Laden is thriving on Twitter, according to MEMRI.

“It should be noted that as Twitter’s removal of accounts on its platform linked to the Islamic State (ISIS) has gotten a lot of attention, accounts belonging to many other Designated Terrorist Organizations, notably to Jabhat Al-Nusra (JN), Al-Qaeda’s branch in Syria that was designated a Foreign Terrorist Organization by the U.S. State Department in December 2012, have not received any attention, and its many accounts, which have a total of over 200,000 followers, are thriving,” MEMRI wrote in a recent report.

“This is another reminder of Twitter’s failure to effectively address this issue and its lack of a true strategy for doing so,” the group concluded.

With the attention focused on IS, al Qaeda’s affiliates are freely operating online and continuing to recruit new followers.

“Despite the fact that when people focus on terrorist use of Twitter it is ISIS that comes to mind, many other jihadi groups are using it,” according to MEMRI.

The al Qaeda groups have used Twitter to post graphic footage of public floggings and executions it has performed in lawless areas of Syria under the terrorist group’s control.

MEMRI also found that these accounts have published internal JN documents about its terrorist activity, as well as “military advancements and updates, including official communications documents; and its outreach to children.”

Earlier this month, for instance, JN leader Sheikh Mostafa Mohamed held a two-day question-and-answer session with radical Twitter users in English.

“In his Q&A, [Mohamed] praises JN and its affiliation with Al-Qaeda, stating that they are genuinely Salafi-jihadi organizations, unlike ISIS, and denies that JN aims to end ties with Al-Qaeda,” according to an excerpt of the Twitter conversation published by MEMRI.

Mohamed discussed with users plans by JN and al Qaeda to assume power in Syria following the ouster by rebels of President Bashar al-Assad.

The terrorist leader also “encourages and advises jihadis in Australia” during the session.

Indoctrination is also a key goal for these groups, as Twitter allows them to reach a broad audience both in the Middle East and across the globe.

“The Twitter accounts include many photos of the group’s efforts to indoctrinate the next generation of JN—distributing sweets to children, conducting games and lessons for them and presenting them with achievement awards, providing them with military and religious training for jihad and martyrdom, and more,” according to MEMRI. “The accounts also tweet images of battles and combat situations and their aftermath, including of dead bodies, destroyed buildings, and captured prisoners.”

Twitter has come under counting pressure from advocacy groups and federal lawmakers to crack down on a flurry of jihadist Twitter accounts, which routinely use the service for fundraising and recruiting.

In March, a bipartisan group of lawmakers petitioned Twitter to shut down accounts associated with any foreign terrorist organization designated as such by the United States.

bin Ladin Wrote a Letter to America

Posted on by

Guest house at the bin Ladin compound.

If you wanted to be an al Qaeda fighter, you had to fill out an application, found here.

The entire file of released documents are found here.  You will likely never see all the documents and that should be accepted as it would reveal the sources and methods on the actions today by intelligence and the rules of engagement against global enemies but al Qaeda was never on the run.

Curious timing of the declassification on the documents seized from the Usama bin Ladin compound in Abbottabad, Pakistan, altering the focus from the failed campaign against ISIS in Ramadi to released bin Ladin documents by DNI.

George Bush was right, this was going to be a long slog of a war. Once control was gained in Afghanistan and Iraq, but since 2011, the wider slog of war continues without any campaign definition from the White House that provided a comprehensive foundation of the Authorization for Use of Military Force (AUMF) delivered from Obama to Congress.

The Usama bin Ladin bookshelf is found here.

Here’s Osama Bin Laden’s Letter to the American People

Usama bin Laden wanted to speak directly to the American people.

An undated letter promising endless war is one of hundreds of documents collected in the May 2, 2011 raid on his compound in Pakistan that was released Wednesday. The full text is below.

In the name of Allah, the Compassionate, the Merciful.

From Usama Bin Muhammad Bin Ladin to the American people,

I speak to you about the subject of the ongoing war between you
and us. Even though the consensus of your wise thinkers and
others is that your time (TN: of defeat) will come, compassion
for the women and children who are being unjustly killed,
wounded, and displaced in Iraq, Afghanistan, and Pakistan
motivates me to speak to you.

First of all, I would like to say that your war with us is the
longest war in your history and the most expensive for you
financially. As for us, we see it as being only halfway
finished. If you were to ask your wise thinkers, they would tell
you that there is no way to win it because the indications are
against it. How will you win a war whose leaders are pessimistic
and whose soldiers are committing suicide? If fear enters the
hearts of men, winning the war becomes impossible. How will you
win a war whose cost is like a hurricane blowing violently at
your economy and weakening your dollar?

The Bush administration got you into these wars on the premise
that they were vital to your security. He promised that it would
be a quick war, won within six days or six weeks; however, six
years have passed, and they are still promising you victory and
not achieving it. Then Obama came and delayed the withdrawal
that he had promised you by 16 more months. He promised you
victory in Afghanistan and set a date for withdrawal from there.
Six months later, Petraeus came to you once again with the
number six, requesting that the withdrawal be delayed six months
beyond the date that had been set. All the while you continue to
bleed in Iraq and Afghanistan. You are wading into a war with no
end in sight on the horizon and which has no connection to your
security, which was confirmed by the operation of ‘Umar al-Faruq
(Var.: Umar Farouk), which was not launched from the battlefield
and could have been launched from any place in the world.

As for us, jihad against the tyrants and the aggressors is a
form of great worship in our religion. It is more precious to us
than our fathers and sons. Thus, our jihad against you is
worship, and your killing us is a testimony. Thanks to God, Almighty, we
have been waging jihad for 30 years, against the Russians and
then against you. Not a single one of our men has committed
suicide, whereas every 30 days 30 of your men commit suicide.
Continue the war if you will.

(TN: Two lines of poetry that say the Mujahidin will not stop
fighting until the United States leaves their land.)

Peace be upon those who follow right guidance.

We are defending our right. Jihad against the aggressors is a
form of great worship in our religion, and killing us means a
high status with our Lord. Thanks to God, we have been waging
jihad for 30 years, against the Russians and then against you.
Not a single one of our men has committed suicide, whereas every
30 days 30 of your men commit suicide. Continue the war if you
will. Justice is the strongest army, and security is the best
way of life, but it slipped out of your grasp the day you made
the Jews victorious in occupying our land and killing our
brothers in Palestine. The path to security is for you to lift
your oppression from us.