Category Archives: Russia

When a Fishing Ship is a Chinese Spy Ship

Posted on by

The Chinese are relentless in all parts of the world.

It may not have looked like much of a match — or a showdown for that matter — but when Australia’s largest warship HMAS Adelaide arrived at the Fijian port of Suva on Saturday, it had an interesting neighbour.

Key points:

  • Chinese fishing boat believed to be carrying wide range of surveillance equipment
  • Fiji tipped off Australian Navy about Chinese spy ship expected to dock next to HMAS Adelaide
  • China has a strong commercial and military presence in the South Pacific

A Chinese ship fitted with communications equipment docked alongside the new Canberra-class landing helicopter dock.

The Royal Australian Navy suspects the Chinese vessel is a spy ship, which deliberately arrived at the same time to carry out surveillance on the Australians.

HMAS Adelaide and other Australian warships visiting Fiji will “take the appropriate security precautions”, but the surveillance craft is “just another ship”, Captain Jim Hutton, Commander of the Navy’s Joint Task Group 661, said.

Deputy Chief of Navy Rear Admiral Mark Hammond also played down concerns about the presence of the Chinese vessel.

“That’s a space surveillance ship, it’s a scientific ship,” he told reporters on board HMAS Adelaide.

ABC News understands the primary purpose of the Chinese ship is to track satellite launches from out on the ocean, but it does have the capability to also collect intelligence on other naval vessels.

Australia’s High Commissioner to Fiji John Feakes also revealed the skipper of the Chinese vessel had even been invited to an on-board reception, although it is not clear whether the offer was accepted.

Australia’s Navy, like every navy around the world, is well-versed in these sorts of nautical games.

“If you’re in the Navy you presume that anytime that a fishing vessel or even merchant fleets of nations like China are around that they may have a dual purpose,” ANU academic and retired Australian Naval Commodore Richard Menhinick said.

“You just presume that they may well be tasked by government for other activities.”

China’s looking for South Pacific foothold

Chinese presence — both commercial and military — is common in the South Pacific.

Beijing sees economic opportunity in the region and economic imperatives commonly herald other strategic interests.

HMAS Adelaide Photo: The HMAS Adelaide is expected to be carefully scrutinised by its temporary neighbour. (File Photo: CPL Kyle Genner)

Agriculture and aquaculture projects in Vanuatu, Fiji, Tonga and other Pacific nations have been given significant help by the Chinese over the years, as have roads, ports and other infrastructure.

Media player: “Space” to play, “M” to mute, “left” and “right” to seek.

Audio: Chinese spy ship tipped to dock next to HMAS Adelaide in Suva (AM)

When you have more than 1.3 billion people back home to feed, finding secure food supplies are critical.

As China grows, Mr Menhinick said it was not surprising that the nation’s presence in the Pacific was also increasing.

“China’s a rising power… economic power’s always led and the military’s followed, and the Chinese economic interest in the south-west Pacific has increased substantially over the last fifteen year,” he said.

But Australia and its strategic partners are anxious China does not use its presence to jeopardise regional structures — political, economic and diplomatic.

Now a visiting US General has given the strongest public indication yet that his nation would like Australia to join in naval and air patrols to challenge Beijing’s claims in the South China Sea.

Asked whether joint American-Australian patrols would be welcomed by America, the commander of US Marines in the Pacific, Lieutenant General David Berger gave an enthusiastic response.

“Obviously that’s Australia’s decision, would we welcome that? Absolutely yes,” Lt Gen Berger said.

Meanwhile, all eyes are on Singapore….but in advance of the talks between the United States and North Korea in Singapore, there was a LOT of nefarious activity.

Related reading: Emissary Panda – A potential new malicious tool

photo

Independent: Hackers from China and Russia are targeting South Korea with cyber espionage attacks ahead of the summit between the US and North Korea, a leading security firm has claimed.

The foreign ministry and financial institutions were identified as potential targets by, US cyber security firm FireEye.

The company’s analysts noted the timing of the attacks and said they expected the intensity of the operations to increase in the build up to the historic meeting between US President Donald Trump and North Korean Chairman Kim Jong-un.

“South Korea has frequently been the target of cyber espionage. Though the biggest threat is North Korea actors. [FireEye] believes that China- and Russia- [based hackers] also target South Korea,” Ben Read, a cyber espionage analyst at the firm, told The Independent.

“With the heightened attention to inter-Korean relations in the lead up to a potential Trump–Kim meeting, we expect this targeting to continue at an increased pace.”

Scheduled to take place on 12 June in Singapore the leader are expected to discuss the denuclearisation of North Korea.

It will be the first meeting between a sitting US president and leader of North Korea.

Some experts have suggested that a formal end to the  Korean War – more than six decades after the 1950-1953 conflict – could be declared.

Although an armistice was signed, no peace treaty has ever been signed to formally end the war.

The two hacking groups identified by the FireEye researchers were TempTick and Turla, both of which are suspected of being state-sponsored operations.

TempTick has previously been involved in attacks on Chinese dissident organisations, as well as Japanese public and private sector institutions. It has been active since 2009.

The earliest known attacks linked to the group known as Turla are from 2006.

FireEye researchers noted: “They consistently target governments worldwide in search of information that can inform Russian government decision making.”

 

Indictment of Leaker to Media, Wolfe and Watkins Romance

Posted on by

So, many in media were quite upset with the breaking news that the cell phones and messages were seized by the Department of Justice of a journalist. Well, hold on Hannity. There were good reasons, this time.

The New York Times has/had this reporter, Ali Watkins that decided to have a long romantic relationship with James A. Wolfe, a former Senate Intelligence Committee Director of Security. Seems Mr. Wolfe provided Ali Watkins with classified material and information that she exploited and published articles on the same.

Mr. Wolfe was formally indicted on May 2, 2018 and more counts may be added. What is also remarkable is Ali Watkins phones and communications were seized in February of 2018, so much for the New York Times being honest, candid and transparent, right?

The indictment refers to at least 4 reporters. After much cultivating of related stories, those reporters are possibly known as: Reporter #1 Manu Raju at CNN Reporter #1 Ali Watkins at NYT Reporter #3 Marianna Sotomayor NBC Reporter #4 Brian Ross ABC.

Now, this all goes back to Carter Page by the way. And while so many are turning on Trey Gowdy for his position on the FBI inserting moles, informants or spies, let’s go to context shall we?

In 2013, a group of Russian operatives, read spies, were inserted into New York, downtown Manhattan, operating under cover. All of them were part of SVR, known as Russian foreign intelligence. All the while, the FBI was listening to their calls and had bugged the New York office of the SVR. How about those names? Viktor Pododnyy, he worked to recruit Carter Page with some success. Igor Sporyshev, worked covertly as a trade representative and then we have Evgeny Buryakov. He worked under cover at the VEB bank on 3rd Avenue in Manhattan.

The operation included passing off documents at a particular location near a 1960 abstract sculpture at the street level in the foyer. Sporyshev had the job of recruiting Americans willing to become intelligence sources for Russia. One such person was Carter Page. Carter Page is listed in court documents as Male #1. Page has admitted meeting with Russian operatives in 2013. To date, it is unclear if Page did provide any classified material or assistance to any number of Russian operatives as he has not been charged with any counts.

Of note, Evgeny Buryakov was charged and plead guilty in 2016, in Manhattan court with conspiracy and was deported in 2017. In 2015, was charged along with Sporyshev with aiding and abetting Buryakov and also later deported. The United States by the way traded these men and a few others for 4 Russian prisoners.

Russia had dispatched 10 agents to the United States in 2010. That TV show, The Americans was inspired by this whole case.

Meanwhile, the Senate Intelligence Committee Chair, Senator stated the committee has fully cooperated with the FBI/DoJ investigation and it is undetermined yet just how much if any classified material was compromised. Wolfe, the Director of Security for the committee, retired apparently this past March after 29 years in that role.

Back to Ali Watkins, she was so elated with her information at the time she reported for BuzzFeed, she appeared on Rachel Maddow’s show on her story in April 2017.

While all this was going on last December with James Wolfe, lil miss Watkins knew something was up.

Maybe we should ask Senator Feinstein what she was talking about here with Ali:

And the beat goes on eh?

AI: Machine Detection of Missile/Nuclear Launches, no Google

Posted on by

Primer: The U.S. holds an enviable lead in pushing artificial-intelligence technology out of labs and into real-world applications. Thank companies like Alphabet (GOOGL), Facebook (FB) and Apple (AAPL) for that.

But China’s government and technology elites aim to overtake the U.S. in AI by 2030 — or so they proclaimed in July at a Beijing political gathering.

Good luck with that.

Yes, China has many strengths as it sets out for worldwide dominance in AI technology. Its internet giants Baidu (BIDU), Alibaba Group Holdings (BABA) and Tencent Holdings (TCEHY) are also pouring money into AI research and hiring top scientists.

China’s huge population will generate massive raw data to train AI systems in how to make predictions.  So there’s good reason to think China will make breakthroughs in developing computer algorithms — the software programs that aim to replicate the human ability to learn, reason and make decisions.

China also has a major weakness: a semiconductor industry that still lags the U.S. in making high-end electronic processors. Chinese companies buy AI chips mainly from Nvidia (NVDA), based in Santa Clara, Calif. Intel (INTC), the dominant supplier of brainy chips for personal computers, is pushing fast into AI. More here.

Google Employees Quit Over Controversial Pentagon Contract Some employees even quit.

Due to Google employees signing a petition for the Pentagon’s Project Maven, the AI project which is a drone contract. Project Maven is known as Algorithmic Warfare Cross-Functional Team. Google at the time of the contract beat out other bidders including Microsoft, Amazon and IBM. More here on Google.

Google will abandon Project Maven, your project of ... photo

WASHINGTON (Reuters) – The U.S. military is increasing spending on a secret research effort to use artificial intelligence to help anticipate the launch of a nuclear-capable missile, as well as track and target mobile launchers in North Korea and elsewhere.

The effort has gone largely unreported, and the few publicly available details about it are buried under a layer of near impenetrable jargon in the latest Pentagon budget. But U.S. officials familiar with the research told Reuters there are multiple classified programs now under way to explore how to develop AI-driven systems to better protect the United States against a potential nuclear missile strike.

If the research is successful, such computer systems would be able to think for themselves, scouring huge amounts of data, including satellite imagery, with a speed and accuracy beyond the capability of humans, to look for signs of preparations for a missile launch, according to more than half a dozen sources. The sources included U.S. officials, who spoke on condition of anonymity because the research is classified.

Forewarned, the U.S. government would be able to pursue diplomatic options or, in the case of an imminent attack, the military would have more time to try to destroy the missiles before they were launched, or try to intercept them.

“We should be doing everything in our power to find that missile before they launch it and make it increasingly harder to get it off (the ground),” one of the officials said.

The Trump administration has proposed more than tripling funding in next year’s budget to $83 million for just one of the AI-driven missile programs, according to several U.S. officials and budget documents. The boost in funding has not been previously reported.

While the amount is still relatively small, it is one indicator of the growing importance of the research on AI-powered anti-missile systems at a time when the United States faces a more militarily assertive Russia and a significant nuclear weapons threat from long-time foe North Korea.

** https://bloximages.newyork1.vip.townnews.com/stltoday.com/content/tncms/assets/v3/editorial/c/d9/cd996bb2-06f0-51ae-ab8b-10a327dcbc19/5b166e9ca3e4c.image.jpg?resize=1200%2C902

“What AI and machine learning allows you to do is find the needle in the haystack,” said Bob Work, a champion of AI technology who was deputy defense secretary until last July, without referring to any individual projects.

One person familiar with the programs said it includes a pilot project focused on North Korea. Washington is increasingly concerned about Pyongyang’s development of mobile missiles that can be hidden in tunnels, forests and caves. The existence of a North Korea-focused project has not been previously reported.

While that project has been kept secret, the military has been clear about its interest in AI. The Pentagon, for example, has disclosed it is using AI to identify objects from video gathered in its drone program, as part of a publicly touted effort launched last year called “Project Maven.”

Still, some U.S. officials say AI spending overall on military programs remains woefully inadequate.

AI ARMS RACE

The Pentagon is in a race against China and Russia to infuse more AI into its war machine, to create more sophisticated autonomous systems that are able to learn by themselves to carry out specific tasks. The Pentagon research on using AI to identify potential missile threats and track mobile launchers is in its infancy and is just one part of that overall effort.

There are scant details on the AI missile research, but one U.S. official told Reuters that an early prototype of a system to track mobile missile launchers was already being tested within the U.S. military.

This project involves military and private researchers in the Washington D.C. area. It is pivoting off technological advances developed by commercial firms financed by In-Q-Tel, the intelligence community’s venture capital fund, officials said.

In order to carry out the research, the project is tapping into the intelligence community’s commercial cloud service, searching for patterns and anomalies in data, including from sophisticated radar that can see through storms and penetrate foliage.

Budget documents reviewed by Reuters noted plans to expand the focus of the mobile missile launcher program to “the remainder of the (Pentagon) 4+1 problem sets.” The Pentagon typically uses the 4+1 terminology to refer to China, Russia, Iran, North Korea and terrorist groups.

TURNING TURTLES INTO RIFLES

Both supporters and critics of using AI to hunt missiles agree that it carries major risks. It could accelerate decision-making in a nuclear crisis. It could increase the chances of computer-generated errors. It might also provoke an AI arms race with Russia and China that could upset the global nuclear balance.

U.S. Air Force General John Hyten, the top commander of U.S. nuclear forces, said once AI-driven systems become fully operational, the Pentagon will need to think about creating safeguards to ensure humans – not machines – control the pace of nuclear decision-making, the “escalation ladder” in Pentagon speak.

“(Artificial intelligence) could force you onto that ladder if you don’t put the safeguards in,” Hyten, head of the U.S. Strategic Command, said in an interview. “Once you’re on it, then everything starts moving.”

Experts at the Rand Corporation, a public policy research body, and elsewhere say there is a high probability that countries like China and Russia could try to trick an AI missile-hunting system, learning to hide their missiles from identification.

There is some evidence to suggest they could be successful.

An experiment by M.I.T. students showed how easy it was to dupe an advanced Google image classifier, in which a computer identifies objects. In that case, students fooled the system into concluding a plastic turtle was actually a rifle. here

Dr. Steven Walker, director of the Defense Advanced Research Projects Agency (DARPA), a pioneer in AI that initially funded what became the Internet, said the Pentagon still needs humans to review AI systems’ conclusions.

“Because these systems can be fooled,” Walker said in an interview.

DARPA is working on a project to make AI-driven systems capable of better explaining themselves to human analysts, something the agency believes will be critical for high stakes national security programs.

‘WE CAN’T BE WRONG’

Among those working to improve the effectiveness of AI is William “Buzz” Roberts, director for automation, AI and augmentation at the National Geospatial Agency. Roberts works on the front lines of the U.S. government’s efforts to develop AI to help analyze satellite imagery, a crucial source of data for missile hunters.

Last year, NGA said it used AI to scan and analyze 12 million images. So far, Roberts said, NGA researchers have made progress in getting AI to help identify the presence or absence of a target of interest, although he declined to discuss individual programs.

In trying to assess potential national security threats, the NGA researchers work under a different kind of pressure from their counterparts in the private sector.

“We can’t be wrong … A lot of the commercial advancements in AI, machine learning, computer vision – If they’re half right, they’re good,” said Roberts.

Although some officials believe elements of the AI missile program could become viable in the early 2020s, others in the U.S. government and the U.S. Congress fear research efforts are too limited.

“The Russians and the Chinese are definitely pursuing these sorts of things,” Representative Mac Thornberry, the House Armed Services Committee’s chairman, told Reuters. “Probably with greater effort in some ways than we have.”

 

Fed Gov Spent $76 Billion in 2017 for Cyber Security, Fail v Success

Posted on by

Go here for the Forum Part One

Go here for the Forum Part Two

Fascinating speakers from private industry, state government and the Federal government describe where we are, the history on cyber threats and how fast, meaning hour by hour the speed at which real hacks, intrusions or compromise happen.

David Hoge of NSA’s Threat Security Operations Center for non-classified hosts worldwide describes the global reach of NSA including the FBI, DHS and the Department of Defense.

NSA Built Own 'Google-Like' Search Engine To Share ... photo

When the Federal government spent $76 billion in 2017 and we are in much the same condition, Hoge stays awake at night.

With North Korea in the constant news, FireEye published a report in 2017 known as APT37 (Reaper): The Overlooked North Korea Actor. North Korea is hardly the worst actor. Others include Russia, China, Iran and proxies.

Targeting: With North Korea primarily South Korea – though also Japan, Vietnam and the Middle East – in various industry verticals, including chemicals, electronics, manufacturing, aerospace, automotive, and healthcare.
Initial Infection Tactics: Social engineering tactics tailored specifically to desired targets, strategic web compromises typical of targeted cyber espionage operations, and the use of torrent file-sharing sites to distribute malware more indiscriminately.
Exploited Vulnerabilities: Frequent exploitation of vulnerabilities in Hangul Word Processor (HWP), as well as Adobe Flash. The group has demonstrated access to zero-day vulnerabilities (CVE-2018-0802), and the ability to incorporate them into operations.
Command and Control Infrastructure: Compromised servers, messaging platforms, and cloud service providers to avoid detection. The group has shown increasing sophistication by improving their operational security over time.
Malware: A diverse suite of malware for initial intrusion and exfiltration. Along with custom malware used for espionage purposes, APT37 also has access to destructive malware.

More information on this threat actor is found in our report, APT37 (Reaper): The Overlooked North Korean Actor.

** NSA 'building quantum computer to crack security codes ...  photo

Beyond NSA, DHS as with other agencies have cyber divisions. The DHS cyber strategy is found here. The fact sheet has 5 pillars:

DHS CYBERSECURITY GOALS
Goal 1: Assess Evolving
Cybersecurity Risks.
We will understand the evolving
national cybersecurity risk posture
to inform and prioritize risk management activities.
Goal 2: Protect Federal Government
Information Systems.
We will reduce vulnerabilities of federal agencies to ensure they achieve
an adequate level of cybersecurity.
Goal 3: Protect Critical
Infrastructure.
We will partner with key stakeholders
to ensure that national cybersecurity
risks are adequately managed.
Goal 4: Prevent and Disrupt Criminal
Use of Cyberspace.
We will reduce cyber threats by
countering transnational criminal
organizations and sophisticated cyber
criminals.
Goal 5: Respond Effectively to Cyber
Incidents.
We will minimize consequences from
potentially significant cyber incidents
through coordinated community-wide
response efforts.
Goal 6: Strengthen the Security and
Reliability of the Cyber Ecosystem.
We will support policies and activities
that enable improved global cybersecurity risk management.
Goal 7: Improve Management of
DHS Cybersecurity Activities.
We will execute our departmental
cybersecurity efforts in an integrated
and prioritized way.

Related reading:National Protection and Programs Directorate

NPPD’s vision is a safe, secure, and resilient infrastructure where the American way of life can thrive.  NPPD leads the national effort to protect and enhance the resilience of the nation’s physical and cyber infrastructure.

*** Going forward as devices are invented and added to the internet and rogue nations along with criminal actors, the industry is forecasted to expand with experts and costs.

Research reveals in its new report that organizations are expected to increase spending on IT security by almost 9% by 2018 to safeguard their cyberspaces, leading to big growth rates in the global markets for cyber security.

The cyber security market comprises companies that provide products and services to improve security measures for IT assets, data and privacy across different domains such as IT, telecom and industrial sectors.

The global cyber security market should reach $85.3 billion and $187.1 billion in 2016 and 2021, respectively, reflecting a five-year compound annual growth rate (CAGR) of 17.0%. The American market, the largest segment, should grow from $39.5 billion in 2016 to $78.0 billion by 2021, demonstrating a five-year CAGR of 14.6%. The Asia-Pacific region is expected to grow the fastest among all major regions at a five-year CAGR of 21.4%, due to stringent government policies to mitigate cyber threats, and a booming IT industry.

Factors such as the growing complexity and frequency of threats, increasing severity of cyber security, stringent government regulations and compliance requirements, ubiquity of online communication, digital data and social media cumulatively should drive the market. Moreover, organizations are expected to increase IT spending on security solutions and services, as well. Rising adoption of technologies such as Internet of things, evolution of big data and cloud computing, increasing smartphone penetration and the developing market for mobile and web platforms should provide ample opportunities for vendors.

By solution type, the banking and financial segment generated the most revenue in 2015 at $22.2 billion. However, the defense and intelligence segment should generate revenues of $50.7 billion in 2021 to lead all segments. The healthcare sector should experience substantial growth with an anticipated 16.2% five-year CAGR.

Network security, which had the highest market revenue in 2015 based on solution type, should remain dominant through the analysis period. Substantial growth is anticipated in the cloud security market, as the segment is expected to have a 27.2% five-year CAGR, owing to increasing adoption of cloud-based services across different applications.

“IT security is a priority in the prevailing highly competitive environment,” says BCC Research analyst Basudeo Singh. “About $100 billion will be spent globally on information security in 2018, as compared with $76.7 billion in 2015.”

List of Issues for Talks Between Trump and Kim Jung Un

Posted on by

North Korea is holding up to 120,000 political prisoners in “horrific conditions” in camps across the country, according to estimates from a newly released State Department report.

The department on Tuesday issued its annual International Religious Freedom Report for 2017, which covers 200 countries and territories, documenting religious freedom and human rights abuses.

The findings on North Korea come as the Trump administration is working to engage the isolated regime. The White House says the administration continues to “actively prepare” for a possible summit with Kim Jong Un.

The report, though, addressed the brutal conditions festering inside Kim’s kingdom. It revealed 1,304 cases of alleged religious freedom violations in the country last year, while detailing the harsh treatment of political and religious prisoners — and persecution of Christians.

Secretary of States Mike Pompeo is meeting with 4 Star General and head of the military intelligence, Kim Yong Chol is a longtime spy chief and vice chairman of the ruling Workers’ Party was responsible for hacking Sony. More here.

North Korea Releases 3 US Citizens Ahead of Trump-Kim ... photo

Then North Korea has 2 satellites in orbit and more planned in 2018-2019.

“The Unha launcher can put maybe 100 kilograms [220 lbs.] into a pretty low orbit, maybe 400 or 500 kilometers [250 to 310 miles]” above the Earth’s surface, Wright said. “By increasing the thrust, it allows North Korea to lift satellites to higher altitudes, or to carry a greater payload to longer distances if it is a ballistic missile.”

Wright noted that the earlier, Nodong engine was essentially a scaled-up version of the one in the Scud, the Soviet missile that Iraq often used during the Gulf War of the 1990s. Whereas the Nodong used Scud-level propellants instead of ones used in more modern rockets, Wright noted that the color of the flame coming from the new engine in photos of the test suggest that this missile uses more advanced propellants that can generate higher thrust. [Top 10 Space Weapons]

“The surprise has been why North Korea has stuck with Scud propellants for so long,” Wright said. “There have been reports for 15 years now that North Korea had bought some submarine-launched missiles from the Soviet Union after it collapsed that used more advanced propellants, yet in all this time, we didn’t see them launch missiles with anything but Scud propellant.

In 2016, At United States Strategic Command, controllers likely had a high-workload evening as STRATCOM monitored the launch of a Russian Soyuz rocket from the Plesetsk Cosmodrome just eight minutes prior to North Korea’s launch, as is typical for launches from Russia’s military launch site. The ascending Unha rocket was tracked using the Space-Based Infrared System in Geostationary Orbit, capable of detecting the infrared signature of ascending rockets from ground level all the way into orbit. This allows the U.S. military to track the vehicle’s trajectory in real time before relying on ground-based radars to track any objects that entered orbit. More here .

Ah but there is but one more issue at least. Yes, North Korea imploded their nuclear test site at Punggye-ri. But…there are 4 more locations.

nk map amanda photo

The most important is Yongbyon, while the other locations appear to have slight or no activity.

Further, North Korea maintains a rather advanced air defense system, listed among the top in the world.

However, while North Korean technology is relatively primitive—the nation’s air defenses are coordinated.

“They do have an old Soviet computerized anti-aircraft command and control system. Most of the radars are old, but they did receive some newer Iranian phased array radars,” Kashin said. “This is what I know, the anti-aircraft units are extensively using underground shelters for cover—not easy to destroy.”

Thus, while generally primitive, North Korean defenses might be a tougher nut to crack than many might expect. Moreover, while their technology is old, North Korea’s philosophy of self-reliance means it can produce most of its own military hardware. More here.

North Korea has a fairly robust chemical and biological weapons program. The 46 page report is found here.

Lastly but hardly finally is the cyber weapons produced and applied by North Korea.

Most recently is: May 29, 2018, The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) released a joint Technical Alert (TA) that identifies two families of malware—referred to as Joanap and Brambul—used by the North Korean government. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA.

In conjunction with the release of this TA, NCCIC has released a Malware Analysis Report (MAR) that provides analysis on samples of Joanap and Brambul malware.

NCCIC encourages users and administrators to review TA18-149A: HIDDEN COBRA – Joanap Backdoor Trojan and Brambul Server Message Block Worm and MAR-10135536-3 – RAT/Worm.

While there has been recent discussions about applying the Libya model to North Korea for removing nuclear weapons, you can bet Kim Jung Un is going to demand the Pakistan model.