Category Archives: Russia

U.S. Germany to Remove Missile Defense Systems from Turkey

Posted on by
WTH??? Anyone who believes the reasons for these decisions needs to think again.
I personally will throw in my reason, it is part of the Iran Deal where under the P5+1, John Kerry and Wendy Sherman along with The White House gave up yet another major item….missile defense. Iran and the IRGC must be delighted.
 Germany to Withdraw Patriot Missiles From Turkey in 2016
Berlin:  Germany on Saturday said it would withdraw its two Patriot missile batteries from Turkey early next year, ending its role in a three-year NATO mission to help bolster the country’s air defences against threats from Syria’s civil war.

The German army, known as the Bundeswehr, said on its website that the mandate for the mission would run out on January 31, 2016, and would not be renewed.

Germany will also call back around 250 soldiers who are currently deployed in southeastern Turkey as part of the mission, the statement said.

“Along with our NATO partners, we have protected the Turkish people from missile attacks from Syria,” Defence Minister Ursula von der Leyen was quoted as saying in the statement.

“We are ending this deployment in January 2016,” she said, adding that the main threat in the crisis-wracked region now came from the Islamic State group.

Turkey turned to its NATO allies for help over its troubled frontier after a mortar bomb fired from Syrian territory killed five Turkish civilians in the border town of Akcakale in 2012.

The United States, the Netherlands and Germany each sent Patriot missile batteries in response. Germany’s Patriot missile system is based in the Turkish town of Kahramanmaras, some 100 kilometres (60 miles) from the Syrian border.

Originally used as an anti-aircraft missile, Patriots today are used to defend airspace by detecting and destroying incoming missiles. NATO deployed Patriot missiles in Turkey during the 1991 Gulf war and in 2003 during the Iraqi conflict.

U.S. pulling Patriot missiles from Turkey

FNC: The U.S. military is pulling its Patriot missiles from Turkey this fall, the U.S. Embassy in Ankara announced Sunday.

It is unclear if the decision to pull the missiles is in response to Turkey’s unannounced massive airstrike against a Kurdish separatist group in northern Iraq on July 24. The strike endangered U.S. Special Forces on the ground training Kurdish Peshmerga fighters, angering U.S. military officials.

The U.S. military was taken completely by surprise by the Turkish airstrike, which involved 26 jets, military sources told Fox News.

Patriot missiles have been upgraded in recent years to shoot down ballistic missiles, in addition to boasting an ability to bring down enemy aircraft. The U.S. military has deployed these missiles along Turkey’s border with Syria.

When a Kurdish journalist asked the Army’s outgoing top officer, Gen. Raymond Odierno, about the incident over northern Iraq at his final press conference Wednesday, Odierno replied: “We’ve had conversations about this to make sure it doesn’t happen.”

The Kurdistan Workers Party, or PKK, has been listed as a foreign terrorist organization by the U.S. State Department. It is influenced by Marxist ideology and has been responsible for recent attacks in Turkey, killing Turkish police and military personnel. A separate left-wing radical group was responsible for attacking the U.S. Consulate in Istanbul last week.

State Department and Pentagon officials have said in recent days that Turkey has a right to defend itself against the PKK.

A senior military source told Fox News that Turkey is worried about recent gains by Syrian Kurds, some affiliated with the PKK. But the group is seen as an effective ground force against ISIS, helping pinpoint ISIS targets for U.S. warplanes.

The Turks, however, worry Syrian Kurds will take over most of the 560-mile border it shares with Syria.

Currently, ISIS controls a 68-mile strip along the Turkey-Syria border, but Turkey does not want Kurdish fighters involved in the fight to push out ISIS from this portion of the border because it would enable the Kurds to control a large swath of land stretching from northern Iraq to the Mediterranean. Right now Syrian Kurds occupy both sides of the contested 68-mile border controlled by ISIS.

Of the 30 million Kurds living in the Middle East, 14 million reside in Turkey. They are one of the world’s largest ethnic groups without its own country.

Despite Turkey being listed among the 62-nation anti-ISIS coalition, it has yet to be named as a country striking ISIS in the coalition’s daily airstrike report.

A week ago, after months of negotiations, the U.S. Air Force moved six F-16 fighter jets to Incirlik Air Base in Turkey from their base in Italy and several KC-135 refueling planes. Airstrikes against ISIS in Syria soon followed.

The decision to allow manned U.S. military aircraft inside Turkey came days after an ISIS suicide bomber killed dozens of Turkish citizens.

Part of Turkey’s reluctance to do more against ISIS is because Turkey wants the U.S. military to take on the regime of Syrian president Bashar al-Assad. But that is not U.S. policy.

“We are not at war with the Assad regime,” Pentagon spokesman Capt. Jeff Davis said recently.

The animosity between Turkey and Syria goes back decades. In 1939, Turkey annexed its southern most province, Hatay, from Assad family land. Syria has never recognized the move and the two countries have been at odds ever since.

There was no immediate reply from the Pentagon or State Dept. when contacted by Fox News asking what prompted the decision to pull the U.S. missiles from Turkey.

al Qaeda and Taliban New Allegiance in Afghanistan

Posted on by

The Taliban has raised their flag after they take control of the Helmand district in Afghanistan. Afghan soldiers bailed out and the Taliban has seized military gear supplied to the Afghanistan forces after killing 40 Afghan soldiers and police.

Sharia will be imposed and wield deeper power in the region.

After the official declaration of the deal of Mullah Omar was announced, the Taliban leadership was fractured due to a sense of betrayal. During many tribal meetings, it was soon announced that Mullah Akhtar Mansour would be the new leader.

 Omar

 Mansour

Ayman al Zawahiri, who took control of al Qaeda after the death of Usama bin Ladin made a declaration of pledge and cooperation with Akhtar Mansour where new threats against America have been officially broadcasted.


al Zawahiri has been thought to be hiding in the Pakistan border region and recently produced an audio raising news fears in the region. Additionally, while there have been several attempts at peace talks with the Afghanistan government, the Taliban is now formally opposed.

In part from Reuters: The swift announcement that Mansour, Omar’s longtime deputy, would be the new leader has riled many senior Taliban figures, and Omar’s family said this month that it did not endorse the move.

Mansour’s position could be shored up by the vote of confidence by al Qaeda, the global militant group that has maintained ties with the Taliban for almost two decades since the tenure of its founder and late leader Osama bin Laden.

“As leader of the al Qaeda organization for jihad, I offer our pledge of allegiance, renewing the path of Sheikh Osama and the devoted martyrs in their pledge to the commander of the faithful, the holy warrior Mullah Omar,” Zawahiri added.

Reiterating support for the Taliban is also a tacit rejection of Islamic State, the new ultra-radical Sunni Muslim movement that is ensconced in Iraq and Syria and has gained the support of a few Afghan insurgent commanders.

Al Qaeda is being challenged by Islamic State for leadership of the global jihadist movement, as determined backers of IS have cropped up in Libya and Yemen this year.

Al Qaeda was set up by Arab guerrillas who flocked to Afghanistan to fight Soviet occupation forces in the 1980s. It thrived under the Taliban’s 1996-2001 rule in Afghanistan before the U.S. invasion that followed Al Qaeda’s Sept. 11, 2001 attacks on New York and Washington drove both groups underground.

Russia’s Silent Effective War Against the United States

Posted on by

There is no country that is better with propaganda tactics than Russia and they are in use today. The measure of the costs related to Russia’s tactics especially when it comes to the internet is not measurable.

This silent war is noticed even by Secretary of State John Kerry when he declared he was certain that both China and Russia have access or have read his emails. So why no declaration of war or prosecution of espionage?

***

A Russian crime ring has amassed the largest known collection of stolen Internet credentials, including 1.2 billion user name and password combinations and more than 500 million email addresses, security researchers say.

The records, discovered by Hold Security, a firm in Milwaukee, include confidential material gathered from 420,000 websites, including household names, and small Internet sites. Hold Security has a history of uncovering significant hacks, including the theft last year of tens of millions of records from Adobe Systems. More details here.

***

Exclusive: Russian antivirus firm faked malware to harm rivals – Ex-employees

Reuters: Beginning more than a decade ago, one of the largest security companies in the world, Moscow-based Kaspersky Lab, tried to damage rivals in the marketplace by tricking their antivirus software programs into classifying benign files as malicious, according to two former employees.

They said the secret campaign targeted Microsoft Corp (MSFT.O), AVG Technologies NV (AVG.N), Avast Software and other rivals, fooling some of them into deleting or disabling important files on their customers’ PCs.

Some of the attacks were ordered by Kaspersky Lab’s co-founder, Eugene Kaspersky, in part to retaliate against smaller rivals that he felt were aping his software instead of developing their own technology, they said.

“Eugene considered this stealing,” said one of the former employees. Both sources requested anonymity and said they were among a small group of people who knew about the operation.

Kaspersky Lab strongly denied that it had tricked competitors into categorizing clean files as malicious, so-called false positives.

“Our company has never conducted any secret campaign to trick competitors into generating false positives to damage their market standing,” Kaspersky said in a statement to Reuters. “Such actions are unethical, dishonest and their legality is at least questionable.”

Executives at Microsoft, AVG and Avast previously told Reuters that unknown parties had tried to induce false positives in recent years. When contacted this week, they had no comment on the allegation that Kaspersky Lab had targeted them.

The Russian company is one of the most popular antivirus software makers, boasting 400 million users and 270,000 corporate clients. Kaspersky has won wide respect in the industry for its research on sophisticated Western spying programs and the Stuxnet computer worm that sabotaged Iran’s nuclear program in 2009 and 2010.

The two former Kaspersky Lab employees said the desire to build market share also factored into Kaspersky’s selection of competitors to sabotage.

“It was decided to provide some problems” for rivals, said one ex-employee. “It is not only damaging for a competing company but also damaging for users’ computers.”

The former Kaspersky employees said company researchers were assigned to work for weeks or months at a time on the sabotage projects.

Their chief task was to reverse-engineer competitors’ virus detection software to figure out how to fool them into flagging good files as malicious, the former employees said.

The opportunity for such trickery has increased over the past decade and a half as the soaring number of harmful computer programs have prompted security companies to share more information with each other, industry experts said. They licensed each other’s virus-detection engines, swapped samples of malware, and sent suspicious files to third-party aggregators such as Google Inc’s (GOOGL.O) VirusTotal.

By sharing all this data, security companies could more quickly identify new viruses and other malicious content. But the collaboration also allowed companies to borrow heavily from each other’s work instead of finding bad files on their own.

Kaspersky Lab in 2010 complained openly about copycats, calling for greater respect for intellectual property as data-sharing became more prevalent.

In an effort to prove that other companies were ripping off its work, Kaspersky said it ran an experiment: It created 10 harmless files and told VirusTotal that it regarded them as malicious. VirusTotal aggregates information on suspicious files and shares them with security companies.

Within a week and a half, all 10 files were declared dangerous by as many as 14 security companies that had blindly followed Kaspersky’s lead, according to a media presentation given by senior Kaspersky analyst Magnus Kalkuhl in Moscow in January 2010.

When Kaspersky’s complaints did not lead to significant change, the former employees said, it stepped up the sabotage.

INJECTING BAD CODE

In one technique, Kaspersky’s engineers would take an important piece of software commonly found in PCs and inject bad code into it so that the file looked like it was infected, the ex-employees said. They would send the doctored file anonymously to VirusTotal.

Then, when competitors ran this doctored file through their virus detection engines, the file would be flagged as potentially malicious. If the doctored file looked close enough to the original, Kaspersky could fool rival companies into thinking the clean file was problematic as well.

VirusTotal had no immediate comment.

In its response to written questions from Reuters, Kaspersky denied using this technique. It said it too had been a victim of such an attack in November 2012, when an “unknown third party” manipulated Kaspersky into misclassifying files from Tencent (0700.HK), Mail.ru (MAILRq.L) and the Steam gaming platform as malicious.

The extent of the damage from such attacks is hard to assess because antivirus software can throw off false positives for a variety of reasons, and many incidents get caught after a small number of customers are affected, security executives said.

The former Kaspersky employees said Microsoft was one of the rivals that were targeted because many smaller security companies followed the Redmond, Washington-based company’s lead in detecting malicious files. They declined to give a detailed account of any specific attack.

Microsoft’s antimalware research director, Dennis Batchelder, told Reuters in April that he recalled a time in March 2013 when many customers called to complain that a printer code had been deemed dangerous by its antivirus program and placed in “quarantine.”

Batchelder said it took him roughly six hours to figure out that the printer code looked a lot like another piece of code that Microsoft had previously ruled malicious. Someone had taken a legitimate file and jammed a wad of bad code into it, he said. Because the normal printer code looked so much like the altered code, the antivirus program quarantined that as well.

Over the next few months, Batchelder’s team found hundreds, and eventually thousands, of good files that had been altered to look bad. Batchelder told his staff not to try to identify the culprit.

“It doesn’t really matter who it was,” he said. “All of us in the industry had a vulnerability, in that our systems were based on trust. We wanted to get that fixed.”

In a subsequent interview on Wednesday, Batchelder declined to comment on any role Kaspersky may have played in the 2013 printer code problems or any other attacks. Reuters has no evidence linking Kaspersky to the printer code attack.

As word spread in the security industry about the induced false positives found by Microsoft, other companies said they tried to figure out what went wrong in their own systems and what to do differently, but no one identified those responsible.

At Avast, a largely free antivirus software maker with the biggest market share in many European and South American countries, employees found a large range of doctored network drivers, duplicated for different language versions.

Avast Chief Operating Officer Ondrej Vlcek told Reuters in April that he suspected the offenders were well-equipped malware writers and “wanted to have some fun” at the industry’s expense. He did not respond to a request on Thursday for comment on the allegation that Kaspersky had induced false positives.

WAVES OF ATTACKS

The former employees said Kaspersky Lab manipulated false positives off and on for more than 10 years, with the peak period between 2009 and 2013.

It is not clear if the attacks have ended, though security executives say false positives are much less of a problem today.

That is in part because security companies have grown less likely to accept a competitor’s determinations as gospel and are spending more to weed out false positives.

AVG’s former chief technology officer, Yuval Ben-Itzhak, said the company suffered from troves of bad samples that stopped after it set up special filters to screen for them and improved its detection engine.

“There were several waves of these samples, usually four times per year. This crippled-sample generation lasted for about four years. The last wave was received at the beginning of the year 2013,” he told Reuters in April.

AVG’s chief strategy officer, Todd Simpson, declined to comment on Wednesday.

Kaspersky said it had also improved its algorithms to defend against false virus samples. It added that it believed no antivirus company conducted the attacks “as it would have a very bad effect on the whole industry.”

“Although the security market is very competitive, trusted threat-data exchange is definitely part of the overall security of the entire IT ecosystem, and this exchange must not be compromised or corrupted,” Kaspersky said.

Cyber-attack on Power Grid Paralysis

Posted on by

Cyber Attacks on the Power Grid: The Specter of Total Paralysis

Posted in General Security, Hacking, Incident Response on July 27, 2015

The Incidents

Imagine that one day you wake up and trading is halted on the New York Stock Exchange (NYSE) floor; meanwhile systems at United Airlines and the Wall Street Journal newspaper appear out of order.

It is not a scene from a movie; it happened on July 8, when trading at the NYSE stopped around 11:30 a.m. ET.

According the media, the temporary interruption of the services mentioned was a fateful coincidence and the events are unrelated, but the incidents have raised once again the question of the real security of critical infrastructure.

White House spokesperson Josh Earnest confirmed that the incidents weren’t caused by cyber-attacks. President Obama had briefed on the glitch at NYSE by White House counterterrorism and Homeland Security adviser Lisa Monaco as well as Chief Of Staff Denis McDonough.

“It appears from what we know at this stage that the malfunctions at United and at the stock exchange were not the result of any nefarious actor,” said Department of Homeland Security Secretary Jeh Johnson. “We know less about the Wall Street Journal at this point except that their system is back up again as is the United Airline system.”

Which is the impact of a cyber-attack on a critical infrastructure? Are critical infrastructure actually secure?

A major attack on a critical infrastructure like a power grid would cause chaos in the country by interrupting vital services for the population.

The current scenario

The Stock Exchange, transportation, and media are critical to the infrastructure of a country. A contemporary failure of these systems could cause serious problems to the nation, especially when the incident is caused by a cyber-attack.

“I think the Wall Street Journal piece is connected to people flooding their web site in response to the New York Exchange to find out what’s going on.” FBI Director James Comey told the Senate Intelligence committee. “In my business we don’t love coincidences, but it does appear that there is not a cyber-intrusion involved.”

Sen. Bill Nelson, D-FL, the top Democrat on the cyber-security subcommittee, told Fox News that the NYSE incident has “the appearance” of a cyber-attack and noted the coordination of multiple sites.

Thus far, the temporary outage at the New York Stock Exchange, United Airlines and the Wall Street Journal’s website were the results of tech glitches, but we have to consider the US infrastructure remains vulnerable to cyber-attacks that would cause serious problems and would be costly.

To compound the scenario, there is the rapid increase in the number of cyber-attacks, at least of those we fail to detect, and its complexity.

The DHS’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) has issued its new ICS-CERT MONITOR report related to the period September 2014 – February 2015. The ICS-CERT MONITOR report

According to the report, the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) received and responded to 245 incidents in Fiscal Year 2014, more than half of the incidents reported by asset owners and industry partners involved sophisticated APT. ICS/SCADA system were also targeted by other categories of threat actors, including cyber criminals, insider threats and hacktivists.

“Of the total number of incidents reported to ICS-CERT, roughly 55 percent involved advanced persistent threats (APT) or sophisticated actors. Other actor types included hacktivists, insider threats, and criminals. In many cases, the threat actors were unknown due to a lack of attributional data.” states the report.

Analyzing incidents reported by sector, it is possible to note that the majority of the attacks involved entities in the Energy Sector followed by Critical Manufacturing. About 30 percent of the incidents hit infrastructures in the energy sector, meanwhile Critical Manufacturing (i.e. manufacturing of vehicles and aviation and aerospace components) accounted for 27 percent.

The threat actors used a significant number of zero-day vulnerabilities to compromise industrial control systems through the exploitation of web application flaws.

The most common flaws exploited by attackers include authentication, buffer overflow, and denial-of-service . Noteworthy among ICS-CERT’s activities included the multi-vendor coordination that was conducted for the ”

“Noteworthy among ICS-CERT’s activities included the multi-vendor coordination that was conducted for the “Heartbleed” OpenSSL vulnerability. The team worked with the ICS vendor community to release multiple advisories, in addition to conducting briefings and webinars in an effort to raise awareness of the vulnerability and the mitigation strategies for preventing exploitation” states the ICS-CERT report to explain the coordination activities sustained by the agency to address principal vulnerabilities.

The ICS-CERT MONITOR report confirmed that the attackers used a vast range of methods for attempting to compromise control systems infrastructure, including:

Figure 1 – ICS -CERT Attack Methods

Unfortunately, it is quite difficult to attribute an incident to a specific threat actor. In the majority of cases, these offensives have gone under the radar over the years due to high level of sophistication of the Tactics, Techniques, and Procedures (TTPs).

The victims were not able to identify the threat actors. Neither the attack vector exploited by hackers for 38 percent of the reported incidents,

“Many more incidents occur in critical infrastructure that go unreported,” states the ICS-CERT MONITOR report. “Forensic evidence did not point to a method used for intrusion because of a lack of detection and monitoring capabilities within the compromised network”.

US power grid vulnerable to cyber attacks

The US power grid is a privileged target for various categories of attackers, terrorists, cyber criminals, and state-sponsored hackers. Daily, they threaten the backbone of the American society. Security experts and US politicians are aware that the national power grid is vulnerable to a terrorist attack.

“It’s possible; and whether it’s likely to happen soon remains to be seen,” explained by the former Secretary of Defense William Cohen on “The Steve Malzberg Show.”

Attackers have several options to hit a power grid, from a cyber-attack on SCADA systems to an EMP attack, according to Cohen.

“You can do it through cyber-attacks, and that’s the real threat coming up as well. We have to look at cyber-attacks being able to shut down our power grid, which you have to remember is in the private sector’s hands, not the government’s. And we’re vulnerable,” Cohen added. “It’s possible and whether it’s likely to happen soon remains to be seen.”

“That’s because the technology continues to expand and terrorism has become democratized. Many, many people across the globe now have access to information that allows them to be able to put together a very destructive means of carrying out their terrorist plans. We’re better at detecting than we were in the past. We’re much more focused in integrating and sharing the information that we have, but we’re still vulnerable and we’ll continue to be vulnerable as long as groups can operate either on the margins or covertly to build these kind of campaigns of terror.” said Cohen.

Former Department of Homeland Security Secretary Janet Napolitano shared Cohen’s concerns. A major cyber-attack the power grid was a matter of “when,” not “if.”

State-sponsored hackers, cyber terrorists are the main threat actors, but as confirmed by a recent research conducted by TrendMicro, also the cybercrime represents a serious menace.

Former senior CIA analyst and EMP Task Force On National Homeland Security Director, Dr. Peter Vincent Pry, told Newsmax TV that that a cyber attack against the power grid could cause serious destruction and loss of life.

Not only US power grid are under attack. In January 2015, the British Parliament revealed that UK Power Grid is under cyber-attack from foreign hackers, but the emergency is for critical infrastructure worldwide.\

Figure 2 – SCADA control room

Arbuthnot confirmed the incessant attacks on national critical infrastructure and he doesn’t exclude a major incident, despite the enormous effort spent at the National Grid.

“Our National Grid is coming under cyber-attack not just day-by-day but minute-by-minute,” Arbuthnot, whose committee scrutinized the country’s security policy, told a conference in London last year. “There are, at National Grid, people of very high quality who recognize the risks that these attacks pose, and who are fighting them off,” he said, “but we can’t expect them to win forever.”

The power grid is a vital system for our society and the cyber strategy of every government must consider its protection a high priority, a terror attack would leave entire countries sitting in the dark.

A hypothetical attack scenario and estimation of the losses

What will happen in case of a cyber-attack on a critical infrastructure in the US? Which is the economic impact of a cyber-attack against a power grid?

According to a poll conducted by researchers at the Morning Consult firm from May 29 to May 31, cyber-attacks are just behind terrorism attacks on the list of biggest threats to US. The research allowed the experts to estimate that the insurance industry could face losses of about $21 billion. That poll was conducted by interviewing a national sample of 2,173 registered voters.

Nearly 36 percent of voters consider acts of terrorism at the top of a list of major security threats, followed by cyber-attacks at 32 percent.

Figure 3- Morning Consult firm poll results

The Lloyd’s of London has conducted a very interesting study, Business Blackout, that describes the impacts of a cyber-attack on the national power grid.

It is the first time that the insurance industry has elaborated on a similar report. Obviously, the estimates provided are merely indicative due to the large number of factors that can influence the costs.

According to the report prepared by Lloyd’s of London in a joint effort with the University of Cambridge’s Centre for Risk Studies, cyber-attacks would have a catastrophic impact on multiple types of insurance.

The attack scenario described by Business Blackout illustrates the effects of a malware-based attack on systems that controls the national power grid. The attack causes an electrical blackout that plunges 15 US states and principal cities, including New York City and Washington DC, into darkness. Nearly 93 million people will remain without power in the scenario hypothesized by the study.

The attackers spread the ‘Erebos’ Trojan through the network with the effect of compromising the electricity generation control rooms in several locations in the Northeastern United States.

According to the researchers, the attack will cause health and safety systems to fail, disrupting water supplies as electric pumps fail. The chaos will reign causing the failure of main services, including transportation. The malware is able to infect the Internet and search and compromise 50 generators that it will destroy, causing prolonged outages in the region.

The total of claims paid by the insurance industry has been estimated to be included in the interval comprised between $21.4b and $71.1b, depending on the evolution of the scenarios designed by the researchers.

The researchers involved in the simulation have calculated the economic losses could range from $243 million to $1 trillion, depending on the number of components in the power grid compromised by the attack.

“Economic impacts include direct damage to assets and infrastructure, decline in sales revenue to electricity supply companies, loss of sales revenue to business and disruption to the supply chain. The total impact to the US economy is estimated at $243bn, rising to more than $1trn in the most extreme version of the scenario.” states the report.

The experts analyzed the historical outages, estimating that currently the power interruptions, most of which last five minutes or less, already cost the US about $96 billion. The cost related to a prolonged outage is likely to be included in the range of $36 billion to $156 billion. The Commercial and industrial sectors are the sectors most impacted by the attack on the power grid due to their dependency on the electricity supply.

“Evidence from historical outages and indicative modelling suggests that power interruptions already cost the US economy roughly $96bn8 annually.9 However, uncertainty and sensitivity analysis suggest this figure may range from $36b to $156b.” continues the report. “Currently over 95% of outage costs are borne by the commercial and industrial sectors due to the high dependence on electricity as an input factor of production.”

As explained in the report, it is important to identify the risks related to a possible cyber-attack and adopt all the necessary measures to mitigate them. The protection of critical infrastructure like a power grid is an essential part of the cyber strategy of any Government.

Russia Propaganda at Work Blaming MH17 on U.S.

Posted on by

Not all propaganda is created equal. For every piece of elegantly crafted misinformation meant to sway hearts and minds, there is spin so poorly produced that it borders on the absurd. Case in point, a comically bad audio recording released by the Russian tabloid Komsomolskaya Pravda on Wednesday of two alleged CIA agents conspiring to bring down Malaysia Airlines Flight MH17, which crashed in eastern Ukraine on July 17, 2014.

Complete with stilted greetings and cumbersome dialogue that sounds like both men are reading from a script, the recording opens with a series of conversations between the two alleged spies, identified as David Hamilton and David L. Stern. Throughout the recording, they discuss “preparations” for an operation that involves shooting down a plane with a surface-to-air missile and an eventual Plan B, which involves placing a bomb inside the plane — all for the purpose of staging a crash to discredit Russian-backed separatists in Ukraine and the Kremlin itself.

But you don’t have to listen long to question the recording’s authenticity. The men’s accents are curious to say the least. One sounds British for half the recording until he switches to a more American accent. The other man does his best to hide his Russian accent, but it pops up at the beginning as he clumsily asks his co-conspirator, “How are the preparations?” But the most glaring hole is in the conversation itself. The men do not talk with each other like native English speakers and use turns of phrase that sound as if their dialogue was translated to English from Russian via Google Translate. Before signing off, the two say “Luck!” to each other, a common farewell in Russian.

The entire released recording can be heard below.

 

Conspiracy theories and propaganda of this magnitude are hardly new when it comes to the downing of MH17, which killed all 298 people on board. Immediately following the crash in July 2014, Ukraine and the West accused pro-Russia separatists of shooting down the plane with a Buk surface-to-air missile, which they say was likely supplied by Moscow.

Initially, Russian officials said the passenger plane was shot down by a Ukrainian Su-25 fighter jet. On July 21, 2014, Russia’s Defense Ministry hosted a press conference and presented radar data that allegedly showed another aircraft near MH17 before it was shot down. The Russian Union of Engineers said wreckage indicated the plane was destroyed by heat-seeking air-to-air missiles. Russian media then gave heavy attention to a man claiming to be a Spanish air traffic controller in Kiev who said that two Ukrainian fighter jets had followed the airliner. After the Spanish controller was discredited, the Kremlin switched to a new theory — that the plane was hit by a missile launched from Ukrainian territory and fired by troops loyal to Kiev.

The latest theory coming out of the Russian media, and supposedly reinforced by the new recording, is that a bomb was detonated within the airliner and planted by Western agents. “It really doesn’t make any sense,” Eliot Higgins, the founder of Bellingcat, an open source investigative journalism network, told Foreign Policy. Higgins and his team at Bellingcat have been debunking Russian theories around MH17 for over a year using open source information — geolocating social media posts and videos and using satellite imagery to trace the movements of the Buk missile launcher seen in the area before and after the plane was shot down. Based on Bellingcat’s research, Higgins believes that MH17 was most likely shot down by a Buk missile fired by Russia-backed separatists. “No other scenario has the same degree of evidence.”

Still, the case is far from closed on MH17. The Joint Investigation Team, which comprises representatives from several countries, and the Dutch Safety Board are working on separate investigations into what downed the passenger plane. Dutch investigators said Tuesday that fragments of a suspected Russian missile system were found at the crash site in Ukraine. In a joint statement following the new evidence, the JIT and Dutch Safety Board cautiously said that “the parts are of particular interest to the criminal investigation as they can possibly provide more information about who was involved in the crash of MH17.”

A report by the Dutch Safety Board into the cause of the crash is expected by the end of October, while the separate international criminal investigation is likely to take several more months to complete.

On July 29, Russia vetoed a United Nations Security Council draft resolution — introduced by Malaysia — that would have set up an international tribunal to prosecute those suspected of downing the passenger plane. Moscow said the measure was a biased and politically motivated propaganda move to implicate the Kremlin or the Russia-backed Ukrainian separatists.