Category Archives: Russia

The Cyber Panic Begins: FBI, DHS and Defense

Posted on by

Update:  On his last press conference of the year, Barack Obama said that Sony made a mistake by surrendering to the threats posed by the hacks and Barack said he wished that the leadership of Sony has spoken to him personally. Well the truth is, Sony DID call the White House and explained the matter in detail to Obama’s senior staff. Obama lied.

FBI Director James Comey gave an intense interview about cyber war and the risks to America. The single most important job of government is to keep the homeland safe and to ensure national defense and national security. You can bet that real events and the depth of the cyber damage to America is not being told. So how bad could it be? That answer is left up to us. Yet the FBI did publish a statement on the Sony investigation.

FBI Beefs Up Amid Explosion of Cybercrime

Cybercrime is one of the priorities for the FBI, which has 13,260 special agents across the country, according to the agency.

Comey said he sees a “tremendous amount of cyberespionage going on — the Chinese being prominent among them, looking to steal our intellectual property.”

“I see a whole lot of hacktivists, I see a whole lot of international criminal gangs, very sophisticated thieves,” he said. “I see people hurting kids, tons of pedophiles, an explosion of child pornography.”

Cybercrime is one of the priorities for the FBI, which has 13,260 special agents across the country, including on Oahu, Maui and Hawaii island, according to the agency. The FBI had an $8.3 billion budget in fiscal 2014.

Forget the Sony Hack, This Could Be the Biggest Cyber Attack of 2015

By Patrick Tucker

On Friday, the FBI officially named North Korea as the party responsible for a cyber attack and email theft against Sony Pictures. The Sony hack saw many studio executives’ sensitive and embarrassing emails leaked online. The hackers threatened to attack theaters on the opening day of the offending film, “The Interview,” and Sony pulled the plug on the movie, effectively censoring a major Hollywood studio.

The end of “The Interview” is not the end of the world. Technology journalists were quick to point out that, even though the cyber attack could be attributable to a nation state actor, it wasn’t particularly sophisticated. Ars Technica’s Sean Gallagher likened it to a “software pipe bomb.” The fallout, of course, was limited. And while President Barack Obama vowed to respond to the attack, he also said it was a mistake for Sony to back down.

“I think all of us have to anticipate occasionally there are going to be breaches like this. They’re going to be costly. They’re going to be serious. We take them with the utmost seriousness. But we can’t start changing our patterns of behavior any more than we stop going to a football game because there might be the possibility of a terrorist attack; any more than Boston didn’t run its marathon this year because of the possibility that somebody might try to cause harm. So, let’s not get into that — that way of doing business,” he said at a White House briefing on Friday.

But according to cyber-security professionals, the Sony hack may be a prelude to a cyber attack on United States infrastructure that could occur in 2015, as a result of a very different, self-inflicted document dump from the Department of Homeland Security in July.

Important training video.  

2015: The Year of Aurora?

Here’s the background: On July 3, DHS, which plays “key role” in responding to cyber-attacks on the nation, replied to a Freedom of Information Act (FOIA) request on a malware attack on Google called “Operation Aurora.”

Unfortunately, as Threatpost writer Dennis Fisher reports, DHS officials made a grave error in their response. DHS released more than 800 pages of documents related not to Operation Aurora but rather the Aurora Project, a 2007 research effort led by Idaho National Laboratory demonstrating how easy it was to hack elements in power and water systems.

Oops.

The Aurora Project exposed a vulnerability common to many electrical generators, water pumps and other pieces of infrastructure, wherein an attacker remotely opens and closes key circuit breakers, throwing the machine’s rotating parts out of synchronization causing parts of the system to break down.

In 2007, in an effort to caste light on the vulnerability that was common to many electrical components, researchers from Idaho National Lab staged an Aurora attack live on CNN. The video is below.

How widespread is the Aurora vulnerability? In this 2013 article for Power Magazine:

“The Aurora vulnerability affects much more than rotating equipment inside power plants. It affects nearly every electricity system worldwide and potentially any rotating equipment—whether it generates power or is essential to an industrial or commercial facility.”

The article was written by Michael Swearingen, then manager for regulatory policy for Tri-County Electric Cooperative (now retired), Steven Brunasso, a technology operations manager for a municipal electric utility, Booz Allen Hamilton critical infrastructure specialist Dennis Huber and Joe Weiss, a managing partner for Applied Control Solutions.

Weiss today is a Defense Department subcontractor working with the Navy’s Mission Assurance Division. His specific focus is fixing Aurora vulnerabilities. He calls DHS’s error “breathtaking.”

The vast majority of the 800 or so pages are of no consequence, says Weiss, but a small number contain information that could be extremely useful to someone looking to perpetrate an attack. “Three of their slides constitute a hit list of critical infrastructure. They tell you by name which [Pacific Gas and Electric] substations you could use to destroy parts of grid. They give the name of all the large pumping stations in California.”

The publicly available documents that DHS released do indeed contain the names and physical locations of specific Pacific Gas and Electric Substations that may be vulnerable to attack.

Defense One shared the documents with Jeffrey Carr, CEO of the cyber-security firm Taia Global and the author of Inside Cyber Warfare: Mapping the Cyber Underworld. “I’d agree…This release certainly didn’t help make our critical infrastructure any safer and for certain types of attackers, this information could save them some time in their pre-attack planning,” he said.

Perpetrating an Aurora attack is not easy, but it becomes much easier the more knowledge a would-be attacker has on the specific equipment they may want to target.

How easy is it to launch an Aurora attack?

In this 2011 paper for the Protective Relay Engineers’ 64th Annual Conference, Mark Zeller, a service provider with Schweitzer Engineering Laborites lays out—broadly—the information an attacker would have to have to execute a successful Aurora attack. “The perpetrator must have knowledge of the local power system, know and understand the power system interconnections, initiate the attack under vulnerable system load and impedance conditions and select a breaker capable of opening and closing quickly enough to operate within the vulnerability window.”

“Assuming the attack is initiated via remote electronic access, the perpetrator needs to understand and violate the electronic media, find a communications link that is not encrypted or is unknown to the operator, ensure no access alarm is sent to the operators, know all passwords, or enter a system that has no authentication.”

That sounds like a lot of hurdles to jump over. But utilities commonly rely on publicly available equipment and common communication protocols (DNP, Modbus, IEC 60870-5-103, IEC 61850, Telnet, QUIC4/QUIN, and Cooper 2179) to handle links between different parts their systems. It makes equipment easier to run, maintain, repair and replace. But in that convenience lies vulnerability.

In their Power Magazine article, the authors point out that “compromising any of these protocols would allow the malicious party to control these systems outside utility operations.”

Defense One reached out to DHS to ask them if they saw any risk in the accidental document dump. A DHS official wrote back with this response: “As part of a recent Freedom of Information Act (FOIA) request related to Operation Aurora, the Department of Homeland Security (DHS) National Programs and Protection Directorate provided several previously released documents to the requestor. It appears that those documents may not have been specifically what the requestor was seeking; however, the documents were thoroughly reviewed for sensitive or classified information prior to their release to ensure that critical infrastructure security would not be compromised.”

Weiss calls the response “nonsense.”

The risk posed by DHS accidental document release may be large, as Weiss argues, or nonexistent, as DHS would have you believe. But even if it’s the latter, Aurora vulnerabilities remain a key concern.

Perry Pederson, who was the director of Control Systems Security Program at DHS in 2007 when the Aurora vulnerability was first exposed, said as much in a blog post in July after the vulnerability was discovered. He doesn’t lay blame at the feet of DHS. But his words echo those of Weiss in their urgency.

“Fast forward to 2014. What have we learned about the protection of critical cyber-physical assets? Based on various open source media reports in just the first half of 2014, we don’t seem to be learning how to defend at the same rate as others are learning to breach.”

Aurora vs. the Sony Hack

In many ways the Aurora vulnerability is a much harder problem to defend against than the Sony hack, simply because there is no obvious incentive for any utility operator to take any of the relatively simple costs necessary to defend against it. And they are simple. Weiss says that a commonly available device installed on vulnerable equipment could effectively solve the problem, making it impossible to make the moving parts spin out of synchronization. There are two devices on the market iGR-933 rotating equipment isolation device (REID) and an SEL 751A, that purport to shield equipment from “out-of-phase” states.

To his knowledge, Weiss says, Pacific Gas and Electric has not installed any of them anywhere, even though the Defense Department will actually give them away to utility companies that want them, simply because DOD has an interest in making sure that bases don’t have to rely on backup power and water in the event of a blackout. “DOD bought several of the iGR-933, they bought them to give them away to utilities with critical substations,” Weiss said. “Even though DOD was trying to give them away, they couldn’t give them to any of the utilities because any facility they put them in would become a ‘critical facility’ and the facility would be open to NERCCIP audits.”

Aurora is not a zero-day vulnerability, an attack that exploits an entirely new vector giving the victim “zero days” to figure out a patch. The problem is that there is no way to know that they are being implemented until someone, North Korea or someone else, chooses to exploit them.

Can North Korea pull of an Aurora vulnerability? Weiss says yes. “North Korea and Iran and are capable of doing things like this.”

Would such an attack constitute an act of cyber war? The answer is maybe. Speaking to reporters at the Pentagon on Friday, Pentagon Press Secretary Rear Adm. John Kirby said “I’m also not able to lay out in any specificity for you what would be or wouldn’t be an act of war in the cyber domain. It’s not like there’s a demarcation line that exists in some sort of fixed space on what is or isn’t. The cyber domain remains challenging, it remains very fluid. Part of the reason why it’s such a challenging domain for us is because there aren’t internationally accepted norms and protocols. And that’s something that we here in the Defense Department have been arguing for.”

Peter Singer, in conversation with Jason Koebler at Motherboard, says that the bar for actual military engagement against North Korea is a lot higher than hacking a major Hollywood movie studio.

“We didn’t go to war with North Korea when they murdered American soldiers in the 1970s with axes. We didn’t go to war with North Korea when they fired missiles over our allies. We didn’t go to war with North Korea when one of their ships torpedoed an alliance partner and killed some of their sailors. You’re going to tell me we’re now going to go to war because a Sony exec described Angelina Jolie as a diva? It’s not happening.”

Obama said Friday that there would be some sort of response to the hack, but declined to say what. “We have been working up a range of options. They will be presented to me. I will make a decision on those based on what I believe is proportional and appropriate to the nature of this crime,” he said.

Would infrastructure vandalism causing blackouts and water shutdowns constitute an act of war? The question may be moot. Before the United States can consider what sort of response is appropriate to cyber attacks, it must first be able to attribute them.

The FBI was able to finger North Korea for the hack after looking at the malware in the same way a forensics team looks for signs of a perpetrator at the scene of the crime. “Technical analysis of the data deletion malware used in this attack revealed links to other malware that the FBI knows North Korean actors previously developed. For example, there were similarities in specific lines of code, encryption algorithms, data deletion methods, and compromised networks,” according to the FBI statement.

An Aurora vulnerability attack, conversely, leaves no fingerprints except perhaps a single IP address. Unlike the Sony hack, it doesn’t require specially written malware to be uploaded into a system, Malware that could indicate the identity of the attacker, or at least his or her affiliation. Exploiting an Aurora attack is simply a matter of gaining access, remotely, possibly because equipment is still running on factory-installed passwords, and then turning off and on a switch.

“You’re using the substations against whatever’s connected to them. Aurora uses the substations as the attack vector. This is the electric grid being the attack vector,” said Weiss, who calls it “a very, very insidious” attack.

The degree to which we are safe from that eventuality depends entirely on how well utility companies have put in place safeguards. We may know the answer to that question in 2015.

 

CyberWar on America Costs Close to a $Trillion

Posted on by

It is not just North Korea, the cyber warriors are also in Ukraine, China, Syria, Russian and Iran. America has some defenses, but normal users and the business industry has few robust and intolerant choices against cyber attacks.

We need to challenge Congress to declare cyber attacks as an act of war given the heavy costs to theft, risk and attacks on harden targets including the power grid systems, transportation, food, banks, water, yet most of all intelligence and military secrets.

The most recent attack on Sony intranet system is pointing to North Korea as having the cyber-soldiers and that brigade is called Unit 121.

Defense News: Military planners and security experts have intensified their shouts of concern about the development of cyber weapons and the distinct possibility of a cyber war. Cyber warfare is not new. It has been in modern military doctrine for the past decade not to mention the number of terrorist groups who have threatened the use of cyber weapons against the west. However, what has changed is the number of countries that posess these capabilities today.
The North Korean military created a new unit that focuses solely on cyber warfare. The unit, dubbed Unit 121, was first created in 1998 and has steadily grown in size and capability since then. Interest in establishing cyber war forces shouldn’t come as a surprise to anyone, but North Koreas intense effort stands out among the top ten nations developing cyber weapons.
Unit 121 Capabilities Assessment:
Force Size: Originally 1,000 — Current Estimate:17,000
Budget: Total military budget $6 billion USD. Cyber Budget $70+ million. North Koreas military budget is estimated to be the 25th largest in the world.
Goal: To increase their military standing by advancing their asymmetric and cyber warfare.
Ambition: To dominate their enemys information infrastructure, create social unrest and inflict monetary damage.
Strategy: Integrate their cyber forces into an overall battle strategy as part of a combined arms campaign. Additionally they wish to use cyber weapons as a limited non-war time method to project their power and influence.
Experience: Hacked into the South Korea and caused substantial damage; hacked into the U.S. Defense Department Systems.
Threat Rating: North Korea is ranked 8th on the Spy-Ops cyber capabilities threat matrix developed in August of 2007.
Capabilities
Cyber Intelligence/Espionage: Basic to moderately advanced
weapons with significant ongoing development into cyber intelligence.
Offensive Cyber Weapons: Moderately advanced distributed
denial of service (DDoS) capabilities with moderate virus and malicious code capabilities.
North Korea now has the technical capability to construct and deploy an array of cyber weapons as well as battery-driven EMP (electro magnetic pulse) devices that could disrupt electronics and computers at a limited range.
In the late spring of 2007, North Korea conducted another test of one of the cyber weapons in their current arsenal. In October, the North Koreans tested its first logic bomb. A logic bomb is a computer program that contains a piece of malicious code that is designed to execute or be triggered should certain events occur or at a predetermined point of time. Once triggered, the logic bomb can take the computer down, delete data of trigger a denial of service attack by generating bogus transactions.
For example, a programmer might write some software for his employer that includes a logic bomb to disable the software if his contract is terminated.
The N Korean test led to a UN Security Council resolution banning sales of mainframe computers and laptop PCs to the East Asian nation. The action of the United Nations has had little impact and has not deterred the North Korean military for continuing their cyber weapons development program.
Keeping dangerous cyber weapons out of the hands of terrorists or outlaw regimes is next to impossible. As far back as 2002, White House technology adviser Richard Clarke told a congressional panel that North Korea, Iraq and Iran were training people for internet warfare. Most information security experts believe that it is just a matter of time before the world sees a significant cyber attack targeted at one specific country. Many suggest the danger posed by cyber weapons rank along side of nuclear weapons, but without the physical damage. The signs are there. We need to take action and prepare for the impact of a cyber war.

North Korea’s Elite Hackers Who Live Like Stars In Luxury Hotel 

Unit 121 is known to have two distinct functions: to carry out disruptive attacks against systems primarily in the United States and South Korea, both for purposes of sabotage and intelligence gathering, and to defend North Korea from incoming cyber attacks.

North Korea, however, has very little internet infrastructure, which analysts say actually gives the country an advantage. While North Korea can launch massive attacks against the West — the Sony attack being just the latest — outside nations can do little to damage North Korea’s own internal digital systems because they largely don’t exist.

Inside North Korea, use of the internet is strictly limited to government approved personnel. Ordinary citizens may utilize only an intranet run by Kim Jong Un regime, which allows access to government approved sites and state-operated media, but no access to what the rest of the world knows as the internet and the World Wide Web.

Instead, according to a report prepared in 2009 by a U.S. military intelligence analyst, Steve Sin, the Unit 121 hackers operate mostly from the luxurious Chilbosan in Shenyang, China, pictured below, a facility with amenities that would be unknown to all but the top level government elites inside North Korea, an impoverished country racked by famine.

The hotel is located in a military-controlled region of China just three hours from the border with North Korea. The central headquarters of Unit 121 is located in Pyongyang, in a district called Moonshin-dong, near the Taedong River

In fact, by North Korean standards, the cyber hackers of Unit 121 (also referred to as “Bureau 121″) are treated like superstars, afforded high-class lifestyles inconceivable to the vast majority of North Korean citizens.

In addition to Sin’s report, the Hewlett-Packard corporation conducted its own investigation into the threat posed by Unit 121 — which was created in 1998 and operates with a budget of more than $6 billion. Much of the information known about the highly-secretive unit comes from those reports, and from North Korean defectors who have passed information to U.S. and South Korean intelligence.

According to those accounts, the hackers who comprise the unit are the cream of North Korea’s academic crop in math and computer science, hand-picked from high schools around the country, who are then sent to study at Keumseong, the top high school in the North Korea capital of Pyongyang.

From there, the candidates who pass a rigorous series of tests and trials are sent to study at top universities — and then sent to Russia and China for an additional year of specialized training in computer hacking and cyberwar techniques.

Unit 121 is believed responsible for an attack on 30,000 computers inside South Korean banks and media companies in 2013, an attack that security experts say bore strong similarities to the Sony hack.

Against South Korea, North Korea allegedly has already carried out a series of disruptive and destructive operations in the past few years. Discounting previous distributed denial-of-service (DDoS) attacks on websites, the first major cyber-attack attributed to North Korea was on April 12, 2011, which paralyzed online banking and credit card services of Nonghyup Agricultural Bank for its 30 million customers. This is the first instance where North Korea used a disc wiping tool. While its ATMs were fixed within a couple days, some of the online services had taken more than two weeks to return to normal operating status, with 273 out of 587 servers destroyed. The second incident occurred in March 20, 2013, which used similar but improved tactics from April 2011. It was timed to simultaneously target multiple banks and broadcasting agencies with disc wiping tools and was preceded by an extensive advanced persistent threat campaign. The scale of the March 20 attack demonstrated that North Korea has at least one dedicated, permanent cyber unit directed against carefully selected targets and that they have the means to penetrate, exploit, and disrupt target systems and networks with sufficient secrecy.

For One Syrian Militant Group, “Pick-Up Lines” Have a Texas Twang

Posted on by

For One Syrian Militant Group, “Pick-Up Lines” Have a Texas Twang

 

A pick-up truck that belonged to a Texas plumber a year ago wound up in jihadi hands. How did it get there? Here is what we know – and what the mainstream media and a handful of angry, completely confounded Americans do not know.  

By Tom Wyld

For the past week, #HiveInt, the league of strategists and intelligence analysts on Twitter, have been digging deeper into a report, first written by Caleb Weiss, on the appearance of a pick-up truck on the internet.

But this was no ordinary pick-up truck advertised on E-Bay.

The Ford F-250 photo was posted on the website of a self-identified Syria-based militant alliance, and the men onboard were members of a largely Chechen anti-Assad militant group.

And mounted on the truck bed: a Russian-made heavy machine gun.

The truck’s logo captured everyone’s attention – including press here and abroad. The logo was not that of the Chechen fighters’ Jaish al-Muhajireen wal-Ansar (“Army of Emigrants and Supporters”). It was not the sign of the alliance to which this particular Jaish or Army belongs, namely Jabhat Ansar al-Din (“Partisans of the Religion Front”).

The logo was that of Mark-1 Plumbing of Texas City, Texas – complete with the small business’ phone number.

According to the militant posting, the photo was taken in Aleppo, Syria’s largest city ravaged by violence, jihadi infighting and the war against dictator Bashar Al-Assad. Aleppo is also 20 miles west of Al-Safirah, site of Assad’s largest chemical weapons compound. A writer with the blog Line of Steel and a contributor to the warrior-favorite Long War Journal, Caleb Weiss was first to break the story. Bravo Zulu to this young political science student who studies security policy and militant trends. (Unmarked photo from a militant site.)  

I telephoned the Texas firm. Many rings, no answer, no voice mail. Caleb Weiss was more fortunate. He reached a “very nice woman” who was “happy” to answer his questions about the pick-up. When he said he had called about a photo, the woman knew which one. After all, she had received many phone inquiries about it before Caleb’s call.

Not surprisingly, those calls included “about six” that were “threatening” and voiced by people the employee “couldn’t understand.” The woman said the firm had notified the authorities about the photo and the threats. Read Caleb’s post for details here.  Keep in mind his was the first report on the incident posted on Monday, 15 December. Since then, the story has garnered major media attention, has undergone many twists and turns and prompted outraged, threatening phone calls – and the employee understood all to0 well those additional angry calls.

The Fabled Truck – Sold, But By Whom? 

By Tuesday, CBS News reported that the firm had brought an attorney aboard. Presumably this was the small business’ “representative” who told CBS the pick-up was sold in October 2013 to Auto Nation. An Auto Nation representative refused to provide the network the vehicle’s sales history over the phone and hung up.

 

Also on Tuesday, ABC News reported the truck was driven to Auto Nation and traded “last fall.” The truck was then sent to auction and subsequently sold to a “Southwest Houston” company. It may have been sold many times since. A source describes the area in SW Houston as a “heavy immigrant and auto trading” hub – a motor-mecca, if you will.

Today (Wednesday, 17 December), the Galveston County Daily News wrote that the truck was sold to Auto Nation “three years ago,” attributing the statement to Mark-1 owner Mark Oberholtzer. The businessman said he usually takes his firm’s decals off the truck when they are sold, but reckoned Auto Nation would do that for him.

Among the decals on the F-250 in question? A state inspection sticker that expired September 2013. But state inspections must be conducted annually in Texas, casting doubt on the claim by the Galveston County Daily News that the truck was sold “three years ago.”

Also in support of a transaction occurring last year, USA Today reported today that Mr. Oberholtzer drove the truck to Auto Nation and traded it in November 2013. 

In short, give or take a month or two, Mark-1’s pick-up truck was sold legitimately about a year ago to a dealer and, from there, to an auctioneer.

So How Did a Texas Truck Get to a Battlefield in Syria? 

Aboard ship, obviously. But how did the truck get aboard ship? That is the trickier question.

“Technicals” – intelligence parlance for pick-up trucks modified for combat use – are the vehicles-of-choice for militants worldwide. Conflicts and hot zones are expanding, not contracting, and that creates a burgeoning demand and, therefore, a black market, for plain vanilla pick-ups, even from the U.S. Only upon arrival in an area controlled by jihadis are the pick-ups converted to “technicals.”

From the dealership to an auction in Southwest Houston, the truck was likely loaded into a container that was ultimately lifted aboard a container ship (a.k.a. “box ship” among mariners) moored pier-side at the Port of Galveston or Port of Houston. The Port of Galveston accommodates about 1,000 ships and handles 10 million short tons of cargo annually. Much of that cargo is inside containers. The sort of boxes motorists see aboard trains and trucks on the highway, these containers are measured in “Twenty-Foot Equivalent units” or TEUs.

The world’s largest box ship, EMMA MAERSK, can carry more than 18,000 TEUs. If every container aboard EMMA MAERSK held cars or trucks, that would equate to 36,000 vehicles. (Promotional photo from The Maersk Group.) 

Assessment: Jihadi Sympathizers Love East Coast Seaports 

Assessment number one: Alarmingly, citing Mr. Oberholtzer, USA Today reported that recent threats are being conveyed from people across the USA. “We have a secretary here,” he said. “She’s scared to death. We have families. We don’t want no problems.” Presumably, some of those American callers are making the outrageous leap that, by selling the truck last year, he was aiding jihadis.

Here’s an assessment from a former Navy commander in his sixth year of intelligence and counterterrorism analysis – namely, me: Neither Mr. Oberholtzer, his firm nor his employees have anything whatsoever to do with Islamic militants, and Americans have no right or foundation to assert same, much less place angry, threatening phone calls. Basing those angry calls on reports by mainstream media (which those same callers uniformly mistrust) only serves to double their shameful behavior. Knock it off.

Assessment number two: The Ports of Galveston and Houston are not alone. I assess that used car dealers in close proximity to east coast seaports are shipping pick-up trucks to all sorts of legitimate buyers overseas. Some find their way to recipients in, say, Turkey and the Middle East. Most are legit. Some are not.

Shipping is a simple affair. The shipper completes a manifest or cargo declaration (“1 pick-up truck, brand ABC, worth X dollars”), signs the form, seals and locks the container, and off it goes. On arrival, only the recipient listed on the manifest may open the container, and the truck rolls to its final destination.

What about inspecting all containers? Impossible, impractical and wholly disruptive of an extremely time-sensitive business. And also fruitless. The top 25 U.S. ports that accommodate container ships handle 11 million TEUs annually.

What if authorities opened the container that held the Texas truck? What would they find? Why, they’d find a truck – the very one lawfully owned and accurately listed on the manifest. To get a handle on this, law enforcement and port security must look ashore – upstream from the seaport, not along the waterfront.

In closing, I have only one source for the following piece of evidence, but that source has proven impeccable.

In the case of the truck that took to sea from a Galveston or Houston seaport, the shipper was not a plumber in Texas.

He is a Syrian.

[SIDEBAR IS BELOW—–]

Are the New F-250 Owners Al Qaeda?  

Not according to research by Aymenn Jawad Al-Tamimi, an Oxford graduate and analyst with the Middle East Forum, a think-tank devoted to promoting American interests in the region. That said, Chechen jihadis in Syria vs. Al Qaeda may be a difference without a distinction.

The new truck owners’ group, Jaish al-Muhajireen wal-Ansar (JMWA) belongs to an alliance of three other groups formed in July 2013. The alliance is called Jabhat Ansar al-Din (JAD). The pick-up photo was found on the JAD website.

In November 2013, JMWA transformed when its previous leader and a cadre of his followers joined Ad-Dawlah Al-Islamiyya (“The Islamic State” or IS, now mislabeled by the White House, the Pentagon and mainstream media as “ISIS” or “ISIL”). Made up largely of Chechen jihadis, JMWA can best be viewed as the Syria-based wing of the Caucasus Emirate, designated a foreign terrorist organization by the U.S. and many other nations.

Fighters in Syria from the largely Chechen Jaish al-Muhajireen wal-Ansar (JMWA). (Photo from a jihadi site, courtesy of Caleb Weiss) 

JAD and its 4 member-groups advocate Shari’a Law and the formation of a caliphate and oppose the U.S.-led coalition operating above, if not in, Syria and Iraq. The alliance opposes the U.S. and the West for all the usual reasons that prompt militants to kill Westerners: from Afghanistan and Gitmo to the fuel rod of Islamist rage: “the Jews’ occupation of Al-Aqsa” mosque in Jerusalem. So, JAD hardly consists of the “moderate Syrian rebels” Congress has just voted to arm.

So JAD is akin to IS and the Al-Qaeda-linked Jabhat al-Nusra (“Victory Front” or JAN). JAD, however, will not join JAN and wants nothing at all to do with IS. Their fighters don’t even refer to IS by name. Reasons: fierce competition among the groups, persistent enmity between leaders and perhaps a non-aggression pact, however tacit. Said one JAD spokesman to analyst Aymenn Al-Tamimi: “We don’t fight [IS], and they don’t fight us. Anyone who says [JAD] is affiliated with [IS] is lying.”

Thus, the new owners of a Texas plumber’s old pick-up truck hate us for the same reasons IS and JAN hate us. All are driving hard toward the same destination. Each just prefers to travel alone and via a different route.

__________

A former Navy Commander, Tom Wyld served nearly 5 years as director of intelligence for a private security firm specializing in training and operational support of U.S. Navy SEALs. He continues to provide intelligence, investigative and counterterrorism support to former SEALs. Prior assignments include Communications Coordinator, Swift Boat Veterans & POWs for Truth; lobbyist for State Motorcyclists’ Rights Organizations (e.g., ABATEs); and Chief of Staff and PR Director for the Institute for Legislative Action, the lobbying and political arm of the NRA.

Prisoner Swap Normalize Relations with Cuba

Posted on by

It is another prisoner swap, this time with Cuba. New diplomatic relations are a top priority for the State Department and some rich Cuban that was an Obama campaign bundler could probably be the new Ambassador. Cuba’s bad behavior and past history has been rewarded by Barack Obama packaged under the wrappings of humanitarian and economic objectives.

This begs the question, does this ‘normalizing relations with Cuba have something to do with closing Guantanamo? What is the over and under bet on Obama turning over the military base completely to Castro and walking away from Guantanamo completely?

Obama has also demanded that Cuba release many of its prisoners. The Obama administration used Canada as the negotiations mediator.

Washington (CNN)U.S. contractor Alan Gross, held by the Cuban government since 2009, was freed Wednesday as part of a landmark deal with Cuba that paves the way for a major overhaul in U.S. policy toward the island, senior administration officials tell CNN.

President Barack Obama spoke with Cuban President Raul Castro Tuesday in a phone call that lasted about an hour and reflected the first communication at the presidential level with Cuba since the Cuban revolution, according to White House officials. Obama is expected to announce Gross’ release and the new diplomatic stance at noon in Washington. At around the same time, Cuban president Raul Castro will speak in Havana

President Obama is also set to announce a major loosening of travel and economic restrictions on the country. And the two nations are set to re-open embassies, with preliminary discussions on that next step in normalizing diplomatic relations beginning in the coming weeks, a senior administration official tells CNN.

Talks between the U.S. and Cuba have been ongoing since June of 2013 and were facilitated by the Canadians and the Vatican in brokering the deal. Pope Francis — the first pope from Latin America — encouraged Obama in a letter and in their meeting this year to renew talks with Cuba on pursuing a closer relationship.

Gross’ “humanitarian” release by Cuba was accompanied by a separate spy swap, the officials said. Cuba also freed a U.S. intelligence source who has been jailed in Cuba for more than 20 years, although authorities did not identify that person for security reasons. The U.S. released three Cuban intelligence agents convicted of espionage in 2001.

The developments constitute what officials called the most sweeping change in U.S. policy toward Cuba since 1961, when the embassy closed and the embargo was imposed.

Officials described the planned actions as the most forceful changes the president could make without legislation passing through Congress.

For a President who took office promising to engage Cuba, the move could help shape Obama’s foreign policy legacy.

“We are charting a new course toward Cuba,” a senior administration official said. “The President understood the time was right to attempt a new approach, both because of the beginnings of changes in Cuba and because of the impediment this was causing for our regional policy.”

Gross was arrested after traveling under a program under the U.S. Agency for International Development to deliver satellite phones and other communications equipment to the island’s small Jewish population.

Cuban officials charged he was trying to foment a “Cuban Spring.” In 2011, he was convicted and sentenced to 15 years in prison for attempting to set up an Internet network for Cuban dissidents “to promote destabilizing activities and subvert constitutional order.”

Senior administration officials and Cuba observers have said recent reforms on the island and changing attitudes in the United States have created an opening for improved relations. U.S. and Cuban officials say Washington and Havana in recent months have increased official technical-level contacts on a variety of issues.

Obama publicly acknowledged for the first time last week that Washington was negotiating with Havana for Gross’ release through a “variety of channels.”

“We’ve been in conversations about how we can get Alan Gross home for quite some time,” Obama said in an interview with Fusion television network. “We continue to be concerned about him.”

Sen. Jeff Flake, R-Ariz., and Rep. Chris Van Hollen, Gross’ Maryland congressman, are on the plane with Alan Gross and his wife, Judy, according to government officials.

The group of members left at 4 a.m. ET Wednesday from Washington for Cuba.

Gross’ lawyer, Scott Gilbert, told CNN last month the years of confinement have taken their toll on his client. Gross has lost more than 100 pounds and is losing his teeth. His hips are so weak that he can barely walk and he has lost vision in one eye. He has also undertaken hunger strikes and threatened to take his own life.

With Gross’ health in decline, a bipartisan group of 66 senators wrote Obama a letter in November 2013 urging him to “act expeditiously to take whatever steps are in the national interest to obtain [Gross’s] release.”

The three Cubans released as a part of the deal belonged the so-called Cuban Five, a quintet of Cuban intelligence officers convicted in 2001 for espionage. They were part of what was called the Wasp Network, which collected intelligence on prominent Cuban-American exile leaders and U.S. military bases.

The leader of the five, Gerardo Hernandez, was linked to the February 1996 downing of the two civilian planes operated by the U.S.-based dissident group Brothers to the Rescue, in which four men died. He is serving a two life sentences. Luis Medina, also known as Ramon Labanino; and Antonio Guerrero have just a few years left on their sentences.

The remaining two — Rene Gonzalez and Fernando Gonzalez — were released after serving most of their 15-year sentences and have already returned to Cuba, where they were hailed as heroes.

Wednesday’s announcement that the U.S. will move toward restoring diplomatic ties with Cuba will also make it easier for Americans to travel to Cuba and do business with the Cuban people by extending general licenses, officials said. While the more liberal travel restrictions won’t allow for tourism, they will permit greater American travel to the island.

Secretary of State John Kerry has also been instructed to review Cuba’s place on the State Sponsors of Terrorism list, potentially paving the the way a lift on certain economic and political sanctions.

The revised relationship between the U.S. and Cuba comes ahead of the March 2015 Summit of the Americas, where the island country is set to participate for the first time. In the past, Washington has vetoed Havana’s participation on the grounds it is not a democracy. This year, several countries have said they would not participate if Cuba was once again barred.

While only Congress can formally overturn the five decades-long embargo, the White House has some authorities to liberalize trade and travel to the island.

The 1996 Helms-Burton Act, which enshrined the embargo into legislation, allows for the President to extend general or specific licenses through a presidential determination, which could be justified as providing support for the Cuban people or democratic change in Cuba. Both Presidents Clinton and Obama exercised such authority to ease certain provisions of the regulations implementing the Cuba sanctions program.

Gross’ lawyer, Scott Gilbert, told CNN last month the years of confinement have taken their toll on his client. Gross has lost more than 100 pounds and is losing his teeth. His hips are so weak that he can barely walk and he has lost vision in one eye. He has also undertaken hunger strikes and threatened to take his own life.

With Gross’ health in decline, a bipartisan group of 66 senators wrote Obama a letter in November 2013 urging him to “act expeditiously to take whatever steps are in the national interest to obtain [Gross’s] release.”

The three Cubans released as a part of the deal belonged the so-called Cuban Five, a quintet of Cuban intelligence officers convicted in 2001 for espionage. They were part of what was called the Wasp Network, which collected intelligence on prominent Cuban-American exile leaders and U.S. military bases.

The leader of the five, Gerardo Hernandez, was linked to the February 1996 downing of the two civilian planes operated by the U.S.-based dissident group Brothers to the Rescue, in which four men died. He is serving a two life sentences. Luis Medina, also known as Ramon Labanino; and Antonio Guerrero have just a few years left on their sentences.

The remaining two — Rene Gonzalez and Fernando Gonzalez — were released after serving most of their 15-year sentences and have already returned to Cuba, where they were hailed as heroes.

Wednesday’s announcement that the U.S. will move toward restoring diplomatic ties with Cuba will also make it easier for Americans to travel to Cuba and do business with the Cuban people by extending general licenses, officials said. While the more liberal travel restrictions won’t allow for tourism, they will permit greater American travel to the island.

Secretary of State John Kerry has also been instructed to review Cuba’s place on the State Sponsors of Terrorism list, potentially paving the the way a lift on certain economic and political sanctions.

The revised relationship between the U.S. and Cuba comes ahead of the March 2015 Summit of the Americas, where the island country is set to participate for the first time. In the past, Washington has vetoed Havana’s participation on the grounds it is not a democracy. This year, several countries have said they would not participate if Cuba was once again barred.

While only Congress can formally overturn the five decades-long embargo, the White House has some authorities to liberalize trade and travel to the island.

The 1996 Helms-Burton Act, which enshrined the embargo into legislation, allows for the President to extend general or specific licenses through a presidential determination, which could be justified as providing support for the Cuban people or democratic change in Cuba. Both Presidents Clinton and Obama exercised such authority to ease certain provisions of the regulations implementing the Cuba sanctions program.

Then there is the Venezuela component and additional financial ramifications.

Castro Deal With U.S. Fuels Shift Away From Venezuela

Cuba’s decision to reach an accord with the U.S. over prisoner exchanges in return for the easing of a five-decade embargo comes as the Caribbean island’s economy slows and its key benefactor, Venezuela, struggles to avoid default.

Cuba’s economy collapsed in the early 1990s when its closest ally, the Soviet Union, fell. With Venezuelan President Nicolas Maduro unable to contain the world’s fastest inflation and the country’s bonds trading at default levels, Cuba President Raul Castro has been working to diversify the Communist country away from Venezuela, which provides about 100,000 barrels of oil a day in exchange for medical personnel.

Since early 2013, Castro has eased travel restrictions, increased incentives to attract foreign investment and tried to reduce public payrolls. That hasn’t boosted the economy, which is poised to expand 0.8 percent this year according to Moody’s Investors Service, less than the 2.2 percent forecast by the government at the start of 2014.

“You only need to look at the economic disaster that is Venezuela and clearly it’s a bad bet to have all your chips in one basket,” Christopher Sabatini, policy director at Council of the Americas, said in phone interview from New York. “That 100,000 barrels per day gift of oil is going to end very soon.”

U.S. President Barack Obama today said he will use his authority to begin normalizing relations with Cuba, loosening a trade and travel embargo that dates back to the early days of the Cold War. The move came after Castro released an American aid contractor, Alan Gross, who had been imprisoned for five years and an unnamed U.S. intelligence agent.

Credit Cards

Under the new policies, U.S. travelers will be able to use credit and debit cards in Cuba and Americans will be able to legally bring home as much as $100 in previously illegal Cuban cigars treasured by aficionados.

U.S. companies will be permitted to export to Cuba telecommunications equipment, agricultural commodities, construction supplies and materials for small businesses. U.S. financial institutions will be allowed to open accounts with Cuban banks.

“It’s a huge step,” Philip Peters, a Cuba scholar and vice president of the Lexington Institute in Arlington, Virginia, said in a telephone interview. “The travel will help the economy, the sales from the private sector will help.”

 

For Putin and Russia it is Articulus (Crisis)

Posted on by

Since hosting the winter Olympics, Russia has been in the spot light and that light is shining brighter from his aggression on Crimea and Ukraine, so deploying military assets globally. Russia has a spy and surveillance agenda in key locations worldwide but now, Putin is in crisis mode with the Russian economy.

Presently, anyone in Russia with money is spending it quickly before the value of the currency collapses. Russians are buying appliances, cars, homes and are converting currency.

  The foundations on which Vladimir Putin built his 15 years in charge of Russia are giving way.

The meltdown of the ruble, which has plunged 18 percent against the dollar in the last two days alone, is endangering the mantra of stability around which Putin has based his rule. While his approval rating is near an all-time high on the back of his stance over Ukraine, the currency crisis risks eroding it and undermining his authority, Moscow-based analysts said.  The president took over from an ailing Boris Yeltsin in 1999 with pledges to banish the chaos that characterized his nation’s post-communist transition, including the government’s 1998 devaluation and default. While he oversaw economic growth and wage increases in all but one of his years as leader, the collapse in oil prices coupled with U.S. and European sanctions present him with the biggest challenge of his presidency.

“People thought: ‘he’s a strong leader who brought order and helped improve our living standards,” said Dmitry Oreshkin, an independent political analyst in Moscow. “And now it’s the same Putin, he’s still got all the power, but everything is collapsing.”

In a surprise move yesterday, the Russian central bank raised interest rates by the most in 16 years, taking its benchmark to 17 percent. That failed to halt the rout in the ruble, which has plummeted to about 70 rubles a dollar from 34 as oil prices dived by almost half to below $60 a barrel. Russia relies on the energy industry for as much as a quarter of economic output, Moody’s Investors Service said in a Dec. 9 report.

New Era

The ruble meltdown and accompanying economic slump marks the collapse of Putin’s oil-fueled economic system of the past 15 years, said an executive at Gazprombank, the lender affiliated to Russia’s state gas exporter. He asked not to be identified because of the sensitivity of the issue.

The higher interest rate will crush lending to households and businesses and deepen Russia’s looming recession, according to Neil Shearing, chief emerging-markets economist at London-based Capital Economics Ltd.

Gross domestic product will shrink 0.8 percent next year under the Economy Ministry’s latest projection. With oil at $60, it may drop 4.7 percent, the central bank said last week.

“How many bankruptcies await us in January?” opposition lawmaker Dmitry Gudkov said on Twitter. “People will be out of work, out of money. The nightmare is only just beginning.”

Near Critical

Vladimir Gutenev, a lawmaker from the ruling United Russia party, also fretted about the central bank’s actions, calling the scale of the rate increase “unacceptable.”

“The situation concerning the financing of industry from bank credits is getting ever closer to critical,” Gutenev, who’s also first deputy president of the Machinery Construction Union, said by e-mail.

The threats to economic stability have arisen with Putin’s popularity at 85 percent after Russians lauded his approach to Ukraine following ally Viktor Yanukovych’s ouster. In particular, they cheered his annexation of Crimea, part of Russia until 1954, and shrugged off the ensuing U.S. and European sanctions that target the finance and oil industries.

While the unfolding ruble crisis may lead to a gradual erosion of Putin’s support, any protests that occur will mainly be against lower-level officials rather than Putin, said Igor Bunin, head of Moscow’s Center for Political Technologies.

“Putin is the symbol of Russia and the state for ordinary Russians,” according to Bunin, who said some members of the government may be fired as a result of the ruble chaos. “People see him as a lucky star who’ll save them. So they’re afraid to lose him as a symbol.”

Government ‘Incompetent’

Tatiana Barusheva, a 63-year-old pensioner who lives in the Gelendzhik resort city in the southern Krasnodar region, blames Putin’s underlings for the current bout of uncertainty.

“We can’t go far with this government, it’s incompetent,” she said yesterday on Moscow’s Red Square. “It doesn’t matter how hard Putin tries, but his helpers are good-for-nothing.”

Putin has already weathered one economic storm. The global financial crisis that erupted in 2008 wiped out 7.8 percent of Russia’s GDP the following year amid a similar tumble in oil prices. On that occasion, the ruble sank by about a third. The economy has grown each year since.

Even so, the sanctions mean Putin’s in a tougher bind this time round, according to Olga Kryshtanovskaya, a sociologist studying the elite at the Russian Academy of Sciences. Measures to ease the situation, such as imposing capital controls or softening Russia’s position on Ukraine, both carry additional risks, she said.

What’s happening now is worse than five years ago, according to Kirill Rogov, a senior research fellow at the Gaidar Institute for Economic Policy in Moscow. Putin risks losing his image as a leader who’s in control and can steer the country through turmoil, he said.

“After 2009, there was a quick recovery,” Rogov said. “Now we’re facing an uncontrollable shock. This undermines trust in Putin’s whole economic model.”

The other self imposed conditions adding to Putin’s crisis include the falling price of oil and his covert moves in Eastern Europe.

Putin Making Belarus Into Base For Attacking Kyiv, Minsk Analyst Says

Paul Goble

Staunton, December 15 – Even as Moscow appears to be reducing its military actions in southeastern Ukraine, a “reduction” that is at least in part a disinformation campaign, Putin is making Belarus into a base for attacking Kyiv.

The appearance of more Russian “little green men” in Gomel last week prompted some Ukrainians to ask whether the Kremlin was planning to stage a Novorossiya-style move into Belarus, notes Natalya Radina, the editor of the independent Belarusian site Charter97.org.

But such questions are based on a misperception of the situation: Putin has no need of invading Belarus as he did Ukraine, she says. Instead, he has full control of Ukraine’s northern neighbor and is taking steps to prepare it to become a place d’armes from which Moscow can attack Kyiv from the north.

For the last several years, Radina continues, Russian and Belarusian forces have been engaged in joint exercises based on the assumption of countering a NATO threat. But since at least last May, after Moscow moved into Ukraine, Russian military personnel have moved into Belarus, although in an effort to hide this activity, they have dressed in Belarusian uniforms.

At that time, there were roughly 3,000 Russian officers and soldiers in Belarusian garrisons. Now, their numbers are much greater. Moreover, as the Russian defense ministry has said, Moscow is advancing the date for the establishment of a completely Russian air base in Belarus so that it will be operational early next year.

One aspect of this situation is especially worrisome, Radina suggests. Moscow has said that its Belarusian base will have numerous Mi–8 helicopters which are used not for air defense but rather for moving troops. Such planes could be used to move troops quickly in the direction of Kyiv which is not far south of the Belarusian border.

Even if Moscow does not use this base to attack Ukraine, Russia’s ability to do precisely that will force Kyiv to divide its forces and thus make it easier for Putin to put pressure on the Ukrainian government, however much some in the West will try to see any “freezing” of movement in Ukraine’s southeast as a hopeful sign that the crisis is near an end.