Global Blackouts, Anywhere in the World, Courtesy Russia

Fitful sleep last night after reading a very long detailed piece on Russian hackers versus Ukraine. Why, well the same tools and language they use have been found on American infrastructure and systems. Last thoughts before sleep were those of life before the internet and how people get emails with attachments that should never be opened. The short summary is just below. The more detailed and terrifying truth follows. It is a long summary, must be read…it is something like a cyber Hitchcock Twilight Zone disaster thriller, but it happened and happened often.

Image result for cyber war russia and us

Further, during a hearing in the House with former DHS Secretary, Jeh Johnson revealed a couple of key facts. One is told that during the election cycle, when the DNC hack, officials on numerous requests refused assistance, cooperation and discussions with DHS and FBI about foreign cyber intrusions. What was the DNC hiding? The other fact is Obama had the full details in intelligence briefings daily leading into November and December and refused to tell the country about Russian interference. He waited until after the elections and into December to take action. Why?

Okay, read on….

Image result for ukraine blackout CommentaryMagazine

Russia’s New Cyber Weapon Can Cause Blackouts Anywhere in the World

Hackers working with the Russian government have developed a cyber weapon that can disrupt power grids, U.S researchers claim. The cyber weapon has the potential to be absolutely disruptive if used on electronic systems necessary for the daily functioning of American cities.

The malicious software was used to shut down one-fifth of the electric power generated in Kiev, Ukraine last December. Called ‘CrashOverride’ the malware only briefly disrupted the power system but its potential was made clear.

With development, the cyber weapon could easily be used against U.S with devastating effects on transmission and distribution systems.

Sergio Caltagirone, director of threat intelligence for Dragos, a cybersecurity firm that examined the malware said, “It’s the culmination of over a decade of theory and attack scenarios, it’s a game changer.”

Dragos has dubbed the group of hackers who created the bug and used it in Ukraine, Electrum. The group and the virus have also been under scrutiny by cyber intelligence firm, FireEye, headed by John Hultquist. Hultquist’s company has nicknamed the group Sandworm and are keeping watch for clues of another attack.

The news of the malware comes in the middle of the ongoing investigation into Russia’s influence on the recent Presidential election. The Russian government is accused of trying to influence the outcome of the election by hacking hundreds of political organizations and leveraging social media.

While there is no hard evidence yet, U.S. officials believe the disruptive power hackers are closely connected to the Russian Government. U.S. based energy sector experts agree the malware is a huge concern and concede they are seeking ways to combat potential attacks.

“U.S utilities have been enhancing their cybersecurity, but attacker tools like this one pose a very real risk to reliable operation of power systems,”said Michael Assante, who worked at Idaho National Labs and is former chief security officer of the North American Electric Reliability Corporation.

CrashOverride

CrashOverride is only the second known instance of malware specifically designed to destroy or disrupt industrial control systems. The U.S. and Israel worked together to create Stuxnet, a bug designed to disrupt Iran’s nuclear enrichment program.

Robert M. Lee, chief executive of Dragos believes CrashOverride could be manipulated to attack other types of industrial control such as gas or water, though there has been no demonstration of that yet. But the sophistication of the entire operation is undeniable. The hackers had the resources to only develop the malware but to test it too.

The malware works by scanning for critical components that operate circuit breakers, then opening these breakers, which stops the flow of electricity. It continues to keep the circuit breakers open, even if a grid operator tries to close them. CrashOverride also cleverly comes with a “wiper” component that erases the existing software on the computer system that controls the circuit breakers. This forces the grid operator to revert to manual operations, which means a longer and more sustained power outage.

Potential outages could last a few hours and probably not more than a couple of days as U.S. power systems are designed to have high manual override capabilities necessary in extreme weather.

As mentioned above, you need to read the full detailed version here and just how the FBI, global cyber experts at the request of Ukraine worked diligently for accurate attribution to a Russian cyber force intruding on power systems. Hat tip to these experts and the story needs to go mainstream, as we are in a cyber war, the depths impossible to fully comprehend. Ukraine is the target and cyber incubation center for Russian cyber terrorists where they test, review, adapts and keep going without consequence.

Image result for ukraine blackout

Okay, read it all here. Hat tip for the detailed summary and the people doing quiet investigative cyber work.

 

Iran and North Korea Historically Team Up on Nukes and Missiles

Iran launched 6 missiles, striking targets in Syria. Revolutionary Guards say in retaliation for last week’s Tehran terror attacks.
Using missiles is  a major escalation of Iran’s role in the Syrian conflict. Until now it provided military advisors, volunteers, money.  The missiles were launched from western Iran, flew over Iraq striking targets in Deir ez Zor, in eastern Syria.  Iranian official Amirabdollahian says attack was  “soft revenge” for twin terror attacks in Tehran last week. 800km away. Israeli defense systems followed the missiles and deemed the operation largely a failure due to some missiles failing and others missing targets.

Image result for u.s. spy satellites north korea

Meanwhile there is some significant activity occurring at a North Korean nuclear test site.  Intelligence officials in the United States and in the region are watching and analyzing the activities including using all high tech systems including spy satellites to determine a probable action by North Korea. There have been recent upgrades and currently several tunnels have seen additional people and vehicle movements.

Image result for north korea nuclear test sites

(CNSNews.com)– Iran has intensified its development of ballistic missiles in recent years, particularly since the conclusion of the nuclear deal, and is doing so with significant collaboration with fellow pariah state North Korea, according to the exiled opposition National Council of Resistance of Iran (NCRI).

The regime has established at least 42 facilities for the production, testing and launching of ballistic missiles, the NCRI reported on Tuesday, revealing for the first time information on 12 previously-unknown sites.

The report was released by Alireza Jafarzadeh, deputy director of the NCRI’s Washington office, at a briefing in Washington.

The revelations come at a critical time, days after the Islamic Revolutionary Guard Corps (IRGC) for the first time fired ballistic missiles from Iranian territory at targets in Syria – ostensibly at ISIS terrorist positions. It’s believed to be the first time Iran has fired missiles at targets beyond its borders since the Iran-Iraq war in the 1980s.

Jafarzadeh said the missiles fired at targets in Syria were launched from an underground IRGC facility called Panj Pelleh, an older site in Kermanshah province in western Iran which he said had been the launchpad for missiles fired at targets in Iraq during the Saddam era.

The new NCRI report also comes shortly after the U.S. Senate passed, by a 98-2 vote, sanctions legislation targeting both Iran’s ballistic missile programs and the IRGC. The Countering Iran’s Destabilizing Activities Act, which Jafarzadeh praised as a good step, has been sent to the House.

The information released Tuesday, based on the opposition group’s sources inside the regime and IRGC, points to Iran having established missile facilities based on North Korean models, with the help of visiting North Korean experts.

“These North Korean experts who were sent to Iran, trained the main IRGC missile experts in IRGC garrisons, including the Almehdi Garrison situated southwest of Tehran,” the report says.

The IRGC has built a special residence in Tehran for the North Korean experts, who have been involved in helping develop warhead and guidance systems for Iranian missiles.

IRGC Aerospace Force personnel regularly visit North Korea to exchange knowledge, the report says.

Defying international condemnation, North Korea’s nuclear-armed regime has carried out a series of missile launches and Kim Jong-un has threatened to soon test an intercontinental ballistic missile (ICBM).

The NCRI report includes satellite imagery and information on the locations of many of 42 identified IRGC-controlled missile-related facilities across Iran – including 12 which the group says have been hitherto-unknown.

The sites include missile manufacturing plants, launching pads, training facilities, missile storage and maintenance units. Some are located or partly located underground, or in mountainous areas.

None of the sites are in eastern Iran. Most are in the central region, or in Iran’s western and southern provinces. The locations of missile launch sites have evidently been selected taking into account potential targets in the Gulf or westward towards Israel and Europe.

“The sites that are involved with deployment, launching operations and testing are on the western side or on the southern border, here, with a clear objective of threatening the neighbors,” Jafarzadeh noted, pointing at the map, observing that Europe and the West lie in that direction too.

“Western countries as well as countries in the region, those are the countries that they threaten, and have been threatening,” he said.

Reaction to missile tests has been ‘mild’

Jafarzadeh said the objective of the ballistic missile program is two-pronged – to deploy shorter-range missiles to threaten their neighbors in the region, and to develop the capability of putting a nuclear warhead on a longer-range missile.

The Joint Comprehensive Plan of Action (JCPOA), the nuclear deal negotiated between Iran and six powers, did not touch on the missile program – at Tehran’s insistence – but the Obama administration asserted that by placing verifiable restrictions on Iran’s nuclear program it shut off all paths to developing a nuclear weapon.

In response to a question, Jafarzadeh said the NCRI does not link the expanding missile work directly to the JCPOA, but “when you lose leverage you want to make up for it somewhere else,” he said of the regime. “There is more emphasis on their missile program now than there was a few years ago.”

He pointed out that the JCPOA left Iran with a lot of “room to maneuver” when it comes to ballistic missile activity, and that international reaction to its missile tests has been “mild, to say the least.”

Of the facilities discussed on Tuesday, one extensive complex (Semnan), in a mountainous area south-east of Tehran, is actively associated with the Organization of Defensive Innovation and Research (Persian acronym SPND), which is believed to be a body tasked with the development of a nuclear weapons capability.

SPND’s existence was first unveiled by the NCRI in 2011, and in August 2014 the U.S. Treasury Department added the organization to its “specially designated nationals” list, making it subject to U.S. sanctions.

“The Iranian regime has remained in power in Iran by relying on two pillars: internal

repression and external export of Islamic fundamentalism and terrorism,” the report states, lumping the ballistic weapons program into the latter “pillar.”

“As the regime becomes more isolated domestically and its grip on Iranian society weakens,

it resorts more frantically to the second pillar of its bid to keep power,” it says.

The report noted that Iran re-asserted its intention to continue advancing its missile program after the U.S.-Arab-Islamic summit in Riyadh last month. The summit saw the U.S. and most of the world’s Sunni Muslim states take a hard line on Iran.

The NCRI called for effective and comprehensive sanctions targeting the ballistic missile program; the designation of the IRGC as a foreign terrorist organization; and for IRGC and proxy militias to be evicted from countries in the region, especially Syria and Iraq.

The NCRI and affiliated People’s Mujahedeen Organization of Iran (MEK) has in the past provided valuable intelligence to the West, including pivotal information in 2002 that exposed nuclear activities Tehran had hidden from the international community for two decades.

The NCRI/MEK was designated a foreign terrorist organization under U.S. law until 2012, and is reviled by the clerical regime in Tehran, not least because it supported Saddam Hussein in his bloody eight year-long war against Iran in the 1980s.

It enjoys strong support from some current and former policymakers from both parties in Washington, as evidenced by the list of confirmed speakers at the NCRI’s annual convention, scheduled for July 1 in Paris.

Among them are former U.S. Ambassador to the U.N. John Bolton, former House Speaker Newt Gingrich, former Homeland Security Secretary Tom Ridge, former FBI Director Louis Freeh, former Attorney General Michael Mukasey, former Sen. Joe Lieberman, former New Mexico Gov. Bill Richardson and former Marine Corps commander Gen. (Ret.) James Conway.

198 Million US Voters Exposed, Vulnerable/Hearing Scheduled

Deep Root Analytics behind data breach on 198 million US voters: security firm

Anyone with an internet connection was able to access a huge database of personal information on US voters ahead of 2016 elections, a security firm says. The database helped the Republican Party’s presidential campaign.

A data analytics firm that helped US President Donald Trump’s election campaign exposed personal information on 198 million Americans, a security firm revealed on Monday.

Chris Vickery, a researcher at the consultancy Upguard, discovered a misconfigured database containing information on almost every registered US voter compiled by data analytics company Deep Root Analytics.

The information was used by the Republican National Committee to help win the 2016 presidential race.

The database contained “names, dates of birth, home addresses, phone numbers, and voter registration details,” as well as data described as predicted data about voter behavior on policy preferences and likelihood of choosing a particular candidate.

Upguard said the database “lacked any protection against access” and was available to “anyone with an internet connection.”

It described it as “a treasure trove of political data and modeled preferences used by the Trump campaign.” It said the information was used to help influence potential voters and accurately predict their behavior.

Deep Root takes responsibility

Deep Root released statements confirming that files were accessed without its knowledge. “The data that was accessed was, to the best of our knowledge, this proprietary information as well as voter data that is publicly available and readily provided by state government offices,” the statement said.

“Since this event has come to our attention, we have updated the access settings and put protocols in place to prevent further access.  We take full responsibility for this situation.”

“We do not believe that our systems have been hacked. To date, the only entity that we are aware of that had access to the data was Chris Vickery,” it added.

Data breach hunter

Analyst Chris Vickery, a self-described “data-breach hunter,” last year discovered a breach of 191 million voter records in Mexico. Upguard said the latest leak was the largest known breach of voter data in history, with the equivalent of 10 billion pages of text.

It said the database modeled voters’ position on almost 50 different issues with the files offering insights into the algorithmic strategy used by Trump’s campaign to target voters.

The exposure “raises significant questions about the privacy and security Americans can expect for their most privileged information,” the researchers said.

“It also comes at a time when the integrity of the US electoral process has been tested by a series of cyberassaults against state voter databases, sparking concern that cyber risk could increasingly pose a threat to our most important democratic and governmental institutions.”

Meanwhile:  Image result for electronic voting

A research group in New Jersey has taken a fresh look at postelection polling data and concluded that the number of noncitizens voting illegally in U.S. elections is likely far greater than previous estimates.

As many as 5.7 million noncitizens may have voted in the 2008 election, which put Barack Obama in the White House.

The research organization Just Facts, a widely cited, independent think tank led by self-described conservatives and libertarians, revealed its number-crunching in a report on national immigration.

Just Facts President James D. Agresti and his team looked at data from an extensive Harvard/YouGov study that every two years questions a sample size of tens of thousands of voters. Some acknowledge they are noncitizens and are thus ineligible to vote.

Just Facts’ conclusions confront both sides in the illegal voting debate: those who say it happens a lot and those who say the problem nonexistent.

In one camp, there are groundbreaking studies by professors at Old Dominion University in Virginia who attempted to compile scientifically derived illegal voting numbers using the Harvard data, called the Cooperative Congressional Election Study.

On the other side are the professors who conducted the study and contended that “zero” noncitizens of about 18 million adults in the U.S. voted. The liberal mainstream media adopted this position and proclaimed the Old Dominion work was “debunked.”

The ODU professors, who stand by their work in the face of attacks from the left, concluded that in 2008 as few as 38,000 and as many as 2.8 million noncitizens voted.

Mr. Agresti’s analysis of the same polling data settled on much higher numbers. He estimated that as many as 7.9 million noncitizens were illegally registered that year and 594,000 to 5.7 million voted.

These numbers are more in line with the unverified estimates given by President Trump, who said the number of ballots cast by noncitizens was the reason he lost the popular vote to Hillary Clinton.

Last month, the president signed an executive order setting up a commission to try to find on-the-ground truth in illegal voting. Headed by Vice President Mike Pence, the panel also will look at outdated voter lists across the nation with names of dead people and multiple registrants.

For 2012, Just Facts said, 3.2 million to 5.6 million noncitizens were registered to vote and 1.2 million to 3.6 million of them voted.

Mr. Agresti lays out his reasoning in a series of complicated calculations, which he compares to U.S. Census Bureau figures for noncitizen residents. Polls show noncitizens vote overwhelmingly Democratic.

“The details are technical, but the figure I calculated is based on a more conservative margin of sampling error and a methodology that I consider to be more accurate,” Mr. Agresti told The Washington Times.

He believes the Harvard/YouGov researchers based their “zero” claim on two flawed assumptions. First, they assumed that people who said they voted and identified a candidate did not vote unless their names showed up in a database.

“This is illogical, because such databases are unlikely to verify voters who use fraudulent identities, and millions of noncitizens use them,” Mr. Agresti said.

He cites government audits that show large numbers of noncitizens use false IDs and Social Security numbers in order to function in the U.S., which could include voting.

Second, Harvard assumed that respondent citizens sometimes misidentified themselves as noncitizens but also concluded that noncitizens never misidentified themselves as citizens, Mr. Agresti said.

“This is irrational, because illegal immigrants often claim they are citizens in order to conceal the fact that they are in the U.S. illegally,” he said.

Some of the polled noncitizens denied they were registered to vote when publicly available databases show that they were, he said.

This conclusion, he said, is backed by the Harvard/YouGov study’s findings of consumer and vote data matches for 90 percent of participants but only 41 percent of noncitizen respondents.

As to why his numbers are higher than the besieged ODU professors’ study, Mr. Agresti said: “I calculated the margin of sampling error in a more cautious way to ensure greater confidence in the results, and I used a slightly different methodology that I think is more accurate.”

There is hard evidence outside of polling that noncitizens do vote. Conservative activists have conducted limited investigations in Maryland and Virginia that found thousands of aliens were registered.

These inquiries, such as comparing noncitizen jury pool rejections to voter rolls, captured just a snapshot. But conservatives say they show there is a much broader problem that a comprehensive probe by the Pence commission could uncover.

The Public Interest Legal Foundation, which fights voter fraud, released one of its most comprehensive reports last month.

Its investigation found that Virginia removed more than 5,500 noncitizens from voter lists, including 1,852 people who had cast more than 7,000 ballots. The people volunteered their status, most likely when acquiring driver’s licenses. The Public Interest Legal Foundation said there are likely many more illegal voters on Virginia’s rolls who have never admitted to being noncitizens.

Here comes the Congressional hearing: Image result for electronic voting NYTimes

The Senate Intelligence Committee will hold a hearing on U.S. election security Wednesday.

Sen. Mark Warner (D-Va.), who is a part of that probe into alleged Russian meddling, will be playing a leading role. Warner says there are states that have not publicly come forward to share that the Russians tried to hack their elections in 2016.

“I’m not trying to embarrass any state. I just want to make sure that Americans realize how serious this threat is,” Warner said.

Warner is working with Sen. Richard Burr (R-N.C.) this week to learn more about the nation’s election systems.

Hearings this week on Capitol Hill will cover Russia’s cyber efforts during the 2016 race, America’s response efforts, and potential threats to future elections.

“We have elections obviously this year in Virginia. I want to make sure that the integrity of our election system is safe from hacking and I’m not sure we’re fully prepared,” Warner said.

While Warner says Russia was not able to change any vote totals, more steps must be taken.

“If you can get into the overall statewide voter file, you could do some mischief. So I just want to make sure that we’re on guard,” Warner said.

One issue Warner raises is that if states faced hacking attempts in 2016, the federal government views them as a victim, and it’s up to the state to come forward.

“It’s up to the state to be willing to volunteer that. I don’t think that’s smart, is it in our country’s security to keep secret the fact that it was literally many many more states?” Warner said.

Virginia just held primaries last week, and now it’s time for the commonwealth to prepare for the general election in the fall.

“We’ve got to redouble our efforts to make sure that our most critical democratic process of free and fair elections continue to be free, fair and non-disputable,” Warner said.

Wednesday’s hearing is set to begin at 9:30 a.m. in Washington, D.C.

 

 

Why is China Protecting North Korea? Reasons Abound

Primer:

The United States Computer Emergency Readiness Team (US-CERT) issued a technical alert about the activity of the North Korea’s ‘Hidden Cobra’ APT group.
The joint Technical Alert (TA) report is the result of the efforts between of the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI).

The US Government has tracked the hacker group as Hidden Cobra, but the APT is most popular as the Lazarus APT Group.

The activity of the Lazarus Group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks and experts that investigated on the crew consider it highly sophisticated.

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems.  Security researchers discovered that North Korean Lazarus APT group was behind recent attacks on banks, including the Bangladesh cyber heist.

According to security experts, the group was behind, other large-scale cyber espionage campaigns against targets worldwide, including the Troy Operation, the DarkSeoul Operation, and the Sony Picture hack.

The joint alert from the FBI and the DHS further details on the group, including indicators of compromise (IoC) for its DeltaCharlie botnet involved in the “Operation Blockbuster” to power DDoS attacks. More here.

*** Most of North Korea’s cyber operations are located in China hosted on Chinese communications internet/communications platforms. It is espionage of an epic standard. But let us go deeper.

Related reading: The North Korea-Cuba Connection including arms sales

Related reading: DPRK-Cuba relations showcase mutual support and solidarity 

(Remember, Obama removed Cuba in 2015 from the terror list as a means to establish the process to normalize relations)

 

*** Image result for north korea minerals

Few think of North Korea as being a prosperous nation. But it is rich in one regard: mineral resources.

Currently North Korea is alarming neighbors with its frequent missile tests, and the US with its attempts to field long-range nuclear missiles that can hit American cities. A sixth nuclear test could be imminent. An attack on the US or its allies would be suicidal, so Pyongyang probably aims to extract “aid” from the international community in exchange for dismantling some of its weaponry—rewind about 10 years to see the last time it pulled off the old “nuclear blackmail” trick.

 AP

But however much North Korea could extract from other nations that way, the result would pale in comparison to the value of its largely untapped underground resources.

Below the nation’s mostly mountainous surface are vast mineral reserves, including iron, gold, magnesite, zinc, copper, limestone, molybdenum, graphite, and more—all told about 200 kinds of minerals. Also present are large amounts of rare earth metals, which factories in nearby countries need to make smartphones and other high-tech products.

Image result for north korea minerals NKNews

Estimates as to the value of the nation’s mineral resources have varied greatly over the years, made difficult by secrecy and lack of access. North Korea itself has made what are likely exaggerated claims about them. According to one estimate from a South Korean state-owned mining company, they’re worth over $6 trillion. Another from a South Korean research institute puts the amount closer to $10 trillion.

State of neglect

North Korea has prioritized its mining sector since the 1970s (pdf, p. 31). But while mining production increased until about 1990—iron ore production peaked in 1985—after that it started to decline. A count in 2012 put the number of mines in the country at about 700 (pdf, p. 2). Many, though, have been poorly run and are in a state of neglect. The nation lacks the equipment, expertise, and even basic infrastructure to properly tap into the jackpot that waits in the ground.

In April, Lloyd R. Vasey, a senior adviser at the Center for Strategic and International Studies, noted that:

North Korean mining production has decreased significantly since the early 1990s. It is likely that the average operational rate of existing mine facilities is below 30 per cent of capacity. There is a shortage of mining equipment and North Korea is unable to purchase new equipment due to its dire economic situation, the energy shortage and the age and generally poor condition of the power grid.

It doesn’t help that private mining is illegal in communist North Korea, as are private enterprises in general (at least technically). Or that the ruling regime, now led by third-generation dictator Kim Jong-un, has been known to, seemingly on a whim, kick out foreign mining companies it’s allowed in, or suddenly change the terms of agreements.

Despite all this, the nation is so blessed with underground resources that mining makes up roughly 14% of the economy.

A “cash cow”

China is the sector’s main customer. Last September, South Korea’s state-run Korea Development Institute said that the mineral trade between North Korea and China remains a “cash cow” for Pyongyang despite UN sanctions, and that it accounted for 54% (paywall) of the North’s total trade volume to China in the first half of 2016. In 2015 China imported $73 million in iron ore from North Korea, and $680,000 worth of zincin the first quarter of this year.

North Korea has been particularly active in coal mining in recent years. In 2015 China imported about $1 billion worth of coal from North Korea. Coal is especially appealing because it can be mined with relatively simple equipment. Large deposits of the stuff are located near major ports and the border with China, making the nation’s bad transportation infrastructure less of an issue.

For years Chinese buyers have purchased coal from North Korea at far below the market rate. As of last summer, coal shipments to China accounted for about 40% (paywall) of all North Korean exports. But global demand for coal is declining as alternatives like natural gas and renewables gain momentum, and earlier this year Beijing, in line with UN sanctions, began restricting coal imports from its neighbor.

The sanctions game

After North Korea conducted its first nuclear test in 2006, the UN began imposing ever stronger sanctions against it. Last year the nation’s underground resources became a focus. In November 2016, the UN passed a resolution capping North Korea’s coal exports and banning shipments of nickel, copper, zinc, and silver. That followed a resolution in March 2016 banning the export (pdf) of gold, vanadium, titanium, and rare earth metals.

The resolutions targeting the mining sector could hurt the Kim regime. Before they were issued, a 2014 report on the country’s mining sector by the United States Geological Survey noted that (pdf, p. 3), “The mining sector in North Korea is not directly subject to international economic sanctions and is, therefore, the only legal, lucrative source of investment trade available to the country.”

That is no longer the case.

Of course, Pyongyang has grown adept at evading such sanctions, especially through shipping. Glimpses of its covert activities come from occasional interceptions of vessels. Last August Egyptian authorities boarded a ship laden with 2,300 tons (2,087 metric tons) of iron ore heading from North Korea to the Suez Canal (they also found 30,000 rocket-propelled grenades below the ore).

Earlier this year a group of UN experts concluded that North Korea, despite sanctions, continues to export banned minerals. They determined, as well, that North Korea uses another mineral—gold—along with cash to “entirely circumvent the formal financial sector.”

Interested neighbors

Meanwhile China’s overall trade with North Korea actually increased 37.4% (paywall) in the first quarter compared to the same period last year. Its imports of iron ore from North Korea shot up 270% in January and February from a year ago. Coal dropped 51.6%.

North Korea’s neighbors have long had their eyes on its bonanza of mineral wealth. About five years ago China spent some $10 billion on an infrastructure project near the border with North Korea, primarily to give it easier access to the mineral resources. Conveniently North Korea’s largest iron ore deposits, in Musan County, are right by the border. An analysis of satellite images published last October by 38 North, a website affiliated with Johns Hopkins University, showed mining activity was alive and well in the area.

China particularly covets North Korea’s rare earth minerals. Pyongyang knows this. It punished Beijing in March by suspending exports of the metals to China in retaliation for the coal trade restrictions.

Meanwhile Russia, which also shares a (smaller) border with North Korea, in 2014 developed plans to overhaul North Korea’s rail network in exchange for access to the country’s mineral resources. That particular plan lost steam (pdf, p. 8), but the general sentiment is still alive.

But South Korea has its own plans for the mineral resources. It sees them as a way to help pay for reunification (should it finally come to pass), which is expected to take decades and cost hundreds of billions or even trillions of dollars. (Germany knows a few things about that.) Overhauling the North’s decrepit infrastructure, including the aging railway line, will be part of the enormous bill.

In May, South Korea’s Ministry of Land, Infrastructure and Transport invited companies to submit bids on possible infrastructure projects in North Korea, especially ones regarding the mining sector. It argued that (paywall) the underground resources could “cover the expense of repairing the North’s poor infrastructure.”

It was, of course, jumping the gun a bit. For now South Korea—and the world—is stuck with a bully in the mineral-blessed North.

***

China is undergoing a major military build up around the world and has even included collaboration with Pakistan.

The new assessment focuses instead on the buildup on Spratly Islands, noting that previous year the Mischief, Subi and Fiery Cross Reefs, three of the largest outposts, saw the construction of 24 administration buildings, barracks, fixed weapons positions, communication facilities and fighter-sized hangars by China, each of them with runways 8,800 feet long.

While the report notes that China has not undertaken any new land reclamation projects on disputed features in the South China Sea during 2016, it did accuse China of further militarizing the contested Spratly Islands via the construction of 24 hangars capable of housing fighter aircraft, fixed weapons positions, barracks and communication facilities.

Beijing has opposed the deployment of a U.S. missile shield in South Korea to defend against attacks from North Korea, in part because it says it could be used to counter China’s capabilities.

Meanwhile Pakistan itself has not made any comments about this statement.

Published Tuesday, the Pentagon report estimated that China spent US$180 billion previous year on its military – the world’s largest – a figure well over the country’s official US$140 billion defence budget.

The report made “irresponsible remarks on China’s national defense development and reasonable actions in defending our territorial sovereignty and security interests in disregard of the facts“, foreign ministry spokeswoman Hua Chunying told reporters yesterday.

China likely will seek to establish additional military bases in countries with which it has longstanding, friendly relationships“, the report predicts.

China has cited anti-piracy patrolling as one of the reasons for developing what it calls a naval logistics center in Djibouti.

“China’s expanding global economic interests are increasing demands for the [Chinese Navy] to operate in more distant maritime environments to protect Chinese citizens, investments, and critical sea lines of communication”, the report reads.

The defence ministry in a statement refuted the U.S. assessment, saying “China is not doing any military expansion and does not seek a sphere of influence”. Pakistan has also emerged as the biggest market for Chinese arms exports, a focus area in Beijing’s expansion plans, the report titled “Military and Security Developments Involving the People’s Republic of China 2017″, said. He harshly criticized China’s construction in the South China Sea and became the first member of President Donald Trump’s cabinet to lay out a comprehensive strategy on Asia. That region accounted for almost half of China’s over $20 billion in arms exports from 2011 to 2015.

Countries including Pakistan and Afghanistan welcome it as a path out of poverty. “To support this modernisation, China uses a variety of methods to acquire foreign military and dual-use technologies, including cyber theft, targeted foreign direct investment and exploitation of the access of private Chinese nationals to such technologies”, the report said.

Regarding the Senkaku Islands, a group of East China Sea islets controlled by Japan but claimed by the mainland and Taiwan, the Pentagon said that previous year Beijing continued to use law-enforcement ships and aircraft to “patrol” near the islands in an attempt to undermine Japan’s administration of them.

China has also always been a strong military, economic, and diplomatic supporter of Pakistan and is considered Islamabad’s largest trade and defense partner.

Senate Hearing to Protect Election Systems from Russia

At least there is a hearing to begin the discussion to harden the software systems related to election processes from further intrusions as 2018 and 2020 approaches.

Russia. Russia is a full-scope cyber actor that will remain a major threat to US Government, military, diplomatic, commercial, and critical infrastructure. Moscow has a highly advanced offensive cyber program, and in recent years, the Kremlin has assumed a more aggressive cyber posture. This aggressiveness was evident in Russia’s efforts to influence the 2016 US election, and we assess that only Russia’s senior-most officials could have authorized the 2016 US election-focused data thefts and disclosures, based on the scope and sensitivity of the targets. Outside the United States, Russian actors have conducted damaging and disruptive cyber attacks, including on critical infrastructure networks. In some cases, Russian intelligence actors have masqueraded as third parties, hiding behind false online personas designed to cause the victim to misattribute the source of the attack. Russia has also leveraged cyberspace to seek to influence public opinion across Europe and Eurasia. We assess that Russian cyber operations will continue to target the United States and its allies to gather intelligence, support Russian decisionmaking, conduct influence operations to support Russian military and political objectives, and prepare the cyber environment for future contingencies.

Furthermore:

Military and Intelligence. Russia aims to improve intelligence collection, missile warning, and military communications systems to better support situational awareness and tactical weapons targeting. Russian plans to expand its imagery constellation and double or possibly triple the number of satellites by 2025. China intends to continue increasing its space-based military and intelligence capabilities to improve global situational awareness and support complex military operations. Many countries in the Middle East, Southeast Asia, and South America are purchasing dual-use imaging satellites to support strategic military activities, some as joint development projects.

Space Warfare. We assess that Russia and China perceive a need to offset any US military advantage derived from military, civil, or commercial space systems and are increasingly considering attacks against satellite systems as part of their future warfare doctrine. Both will continue to pursue a full range of anti-satellite (ASAT) weapons as a means to reduce US military effectiveness. In late 2015, China established a new service—the PLA Strategic Support Force—probably to improve oversight and command of Beijing’s growing military interests in space and cyberspace. Russia and China remain committed to developing capabilities to challenge perceived adversaries in space, especially the United States, while publicly and diplomatically promoting nonweaponization of space and “no first placement” of weapons in space. Such commitment continues despite ongoing US and allied diplomatic efforts to dissuade expansion of threats to the peaceful use of space, including international engagements through the UN.

Counterspace Weapons. The global threat of electronic warfare (EW) attacks against space systems will expand in the coming years in both number and types of weapons. Development will very likely focus on jamming capabilities against dedicated military satellite communications (SATCOM), Synthetic Aperture Radar (SAR) imaging satellites, and enhanced capabilities against Global Navigation Satellite Systems (GNSS), such as the US Global Positioning System (GPS). Blending of EW and cyber-attack capabilities will likely expand in pursuit of sophisticated means to deny and degrade information networks. Chinese researchers have discussed methods to enhance robust jamming capabilities with new systems to jam commonly used frequencies. Russia intends to modernize its EW forces and field a new generation of EW weapons by 2020. Iran and North Korea are also enhancing their abilities to disrupt military communications and navigation.

Some new Russian and Chinese ASAT weapons, including destructive systems, will probably complete development in the next several years. Russian military strategists likely view counterspace weapons as an integral part of broader aerospace defense rearmament and are very likely pursuing a diverse suite of capabilities to affect satellites in all orbital regimes. Russian lawmakers have promoted military pursuit of ASAT missiles to strike low-Earth orbiting satellites, and Russia is testing such a weapon for eventual deployment. A Russian official also acknowledged development of an aircraft-launched missile capable of destroying satellites in low-Earth orbit. Ten years after China intercepted one of its own satellites in low-Earth orbit, its ground-launched ASAT missiles might be nearing operational service within the PLA. Both countries are advancing directed energy weapons technologies for the purpose of fielding ASAT systems that could blind or damage sensitive space-based optical sensors. Russia is developing an airborne laser weapon for use against US satellites. Russia and China continue to conduct sophisticated on-orbit satellite activities, such as rendezvous and proximity operations, at least some of which are likely intended to test dual-use technologies with inherent counterspace functionality. For instance, space robotic technology research for satellite servicing and debris-removal might be used to damage satellites. Such missions will pose a particular challenge in the future, complicating the US ability to characterize the space environment, decipher intent of space activity, and provide advance threat warning.

In 2017, Russia is likely to be more assertive in global affairs, more unpredictable in its approach to the United States, and more authoritarian in its approach to domestic politics. Emboldened by Moscow’s ability to affect battlefield dynamics in Syria and by the emergence of populist and more pro-Russian governments in Europe, President Vladimir Putin is likely to take proactive actions that advance Russia’s great power status.

Putin will seek to prevent any challenges to his rule in the runup to presidential elections scheduled for 2018. Putin remains popular at home, but low turnout in the Duma elections in 2016 and sustained economic hardship will probably enhance Putin’s concerns about his ability to maintain control. Putin is likely to continue to rely on repression, state control over media outlets, and harsh tactics to control the political elite and stifle public dissent.

Russia is likely to emerge from its two-year recession in 2017, but the prospects for a strong recovery are slim. Russia is likely to achieve 1.3 percent GDP growth in 2017 and 1.7 percent in 2018, according to commercial forecasts. Putin has long sought to avoid structural reforms that would weaken his control of the country and is unlikely to implement substantial reforms before the presidential elections.

Russia is likely to emerge from its two-year recession in 2017, but the prospects for a strong recovery are slim. Russia is likely to achieve 1.3 percent GDP growth in 2017 and 1.7 percent in 2018, according to commercial forecasts. Putin has long sought to avoid structural reforms that would weaken his control of the country and is unlikely to implement substantial reforms before the presidential elections.

We assess that Russia will continue to look to leverage its military support to the Asad regime to drive a political settlement process in Syria on its terms. Moscow has demonstrated that it can sustain a modest force at a high-operations tempo in a permissive, expeditionary setting while minimizing Russian casualties and economic costs. Moscow is also likely to use Russia’s military intervention in Syria, in conjunction with efforts to capitalize on fears of a growing ISIS and extremist threat, to expand its role in the Middle East.

We assess that Moscow’s strategic objectives in Ukraine—maintaining long-term influence over Kyiv and frustrating Ukraine’s attempts to integrate into Western institutions—will remain unchanged in 2017. Putin is likely to maintain pressure on Kyiv through multiple channels, including through Russia’s actions in eastern Ukraine, where Russia arms so-called “separatists. Moscow also seeks to undermine Ukraine’s fragile economic system and divided political situation to create opportunities to rebuild and consolidate Russian influence in Ukrainian decisionmaking.

Moscow will also seek to exploit Europe’s fissures and growing populist sentiment in an effort to thwart EU sanctions renewal, justify or at least obfuscate Russian actions in Ukraine and Syria, and weaken the attraction of Western integration for countries on Russia’s periphery. In particular, Russia is likely to sustain or increase its propaganda campaigns. Russia is likely to continue to financially and politically support populist and extremist parties to sow discord within European states and reduce popular support for the European Union. More here from ODNI.