Epic Chinese Hacking is Forecasted

 

In 2015: Washington (CNN) A highly trained group of Chinese hackers is targeting defense, commercial and political organizations worldwide, pulling off sophisticated heists of sensitive information, according to new research out Wednesday.

Though Chinese cyberespionage has been well-documented, researchers from Dell SecureWorks Counter Threat Unit — a division of Dell tech company — say this group, nicknamed Emissary Panda by another research firm, has pulled off cyberattacks at a level of sophistication and specialization rarely seen before among Chinese hackers. More here.

Security Firm Warns of
New Chinese Cyber Attacks

FreeBeacon: China’s cyber attacks against U.S. government and private sector databases are part of a major intelligence-gathering operation and are likely to continue, according to a new report by a cyber security firm.

Chinese hackers stole health care data pertaining to some 80 million Americans last year, and the Office of Personnel Management cyber attacks netted sensitive records on 22 million federal workers, according to an annual threat report made public Wednesday by CrowdStrike, a cyber security and intelligence company. The company is widely consulted by both government and private sector organizations.

The gathering of personal data by the Chinese represents a new trend in Beijing’s aggressive cyber attacks.

“This targeting underscores that intrusion operations associated with nation-states pose a significant risk to all data, no matter how uninteresting it may seem,” the report said.

The 49-page “2015 Global Threat Report” also states that the U.S.-China agreement not to conduct commercial cyber theft has had little impact on Beijing’s cyber operations.

“Beneath the surface, however, China has not appeared to change its intentions where cyber is concerned,” the report said.

Any reduction in Chinese cyber attacks this year likely will be temporary, and an apparent reduction may result from the use of more clandestine methods for conducting attacks following a major military reorganization.

The military changes “will likely increase [China’s] reliance on its civilian intelligence agencies and associated contractors, all of which generally employ better tradecraft,” the report said.

“If observed campaigns in late 2015 were any indication, it is unlikely China will completely cease its cyber operations, and 2016 will show the new direction it is headed,” the report said.

More cyber attacks seeking personal data could take place in the future, and organizations that hold such data “should remain alert to the possibility of similar activity going into 2016,” the report said.

China’s cyber spies usually use cyber intrusions to steal strategic information, such as intellectual property, business operations data, and sensitive government documents.

Stolen personal data, on the other hand, “is typically used to facilitate identity theft or other types of financially motivated crimes,” the report said.

However, the compromised personal information from health insurance companies Anthem, Premera, and CareFirst last year could be used by the government or state-run companies.

The large data theft also appears to be part of Chinese efforts to “build out profiles on individuals to support future operations.”

The federal government data breaches were more damaging and included sensitive background investigation information on federal employees, the report said.

“Without doubt, access to this degree of [personally identifiable information] for both successful and unsuccessful applicants represents a treasure trove of information that may be exploited for counterintelligence purposes,” the report said.

The Chinese can now exploit millions of stolen records for intelligence operations.

“Knowledge acquired during these operations could be used to create more individualized, and therefore more effective, spear phishing campaigns, or also in more traditional, real-world espionage activity,” the report said, noting that the background investigation data “would be particularly useful to traditional [human intelligence] operations as it contains details of a very personal nature about current and former government employees, as well as private sector employees working on government contracts.”

The Chinese government, through the Ministry of Public Security, has launched a major domestic campaign to crack down on online dissent. The Ministry is conducting cyber operations against people and websites that post information opposed by communist authorities, including use of an offensive cyber security force called the “Great Cannon,” a supplement to the Great Firewall designed to block online users from accessing unapproved content.

In Russia, hackers linked to the government used malicious software for intelligence-gathering and for political coercion, such as against Ukraine. Moscow hackers also have conducted cyber reconnaissance—preparation of the cyber battlefield—in Europe and elsewhere.

“In February, widespread spear phishing … was detected and analyzed,” the report said. “These attacks targeted numerous entities in government, defense, and non-governmental organizations (NGOs) in the U.S., Europe, Asia, and South America.”

Russian hackers used stolen emails from a hack against the U.S. strategic consulting firm Stratfor, the report said, a tactic not typical of Russian hacking in the past.

International pressure on Moscow over its military activities, such as the annexation of Ukraine’s Crimea “portend increased intelligence collection by Russia-based adversaries particularly against regional targets and global energy companies,” the report said.

A Russian cyber intelligence operation, dubbed Berserk Bear, targeted oil and gas companies in the Middle East. Another operation, called Fancy Bear, targeted Chinese defense firms.

One Russian hacker group called CyberBerkut operating in Ukraine appears linked to Russian intelligence services.

North Korean cyber activities last year principally involved intelligence-gathering operations directed against South Korea.

Pressure from China could prompt Pyongyang to take a more aggressive cyber posture. And North Korean cyber activities also could expand into criminal activities to raise money for the regime, the report said.

Iran is expected to step up cyber attacks against Saudi Arabia. Regional tensions “increase the likelihood that Iran would use its proven cyber capabilities in 2016, targeting Saudi Arabia and regional governments that are becoming involved in the two countries’ dispute by choosing to align with Saudi Arabia.”

The report names more than 70 cyber adversaries and divides them into three types of attackers: Target intruders, such as nation states, cyber criminals, and “hacktivists.”

For cyber crime, attacks on banks and the use of ransom schemes increased during 2015.

“Phishing emails continued to dominate crimeware distribution throughout the year as the primary mechanism used for the aforementioned banking Trojans and ransomware threats,” the report said.

So-called hacktivist activities including politically motivated cyber attacks by groups like the Syrian Electronic Army and pro-ISIS hackers.

Several pro-Iranian hacker groups also were active last year, including Parastoo, Remember EMAD, and SOBH Cyber Jihad.

The group Remember EMAD—named after the Hezbollah terrorist Imad Mughniyah who was killed in a Damascus car bomb in 2009—claimed to have penetrated Pentagon networks and then threatened to release stolen data. No data was ever released.

ISIS hacking was very active last year and included campaigns of web defacement, the release of personal data—known as “doxing”—and the hijacking of social media accounts.

About that Mosque that Barack Visited Today

A deep investigation was performed on the Muslim Brotherhood and organizations in the United States under that umbrella. The full summary is here.

Mosque Obama Visiting Graduated Terrorist Who Targeted Federal Building

The Al-Rahmah School at Islamic Society of Baltimore as seen in 2007. The mosque is hosting President Obama on Wednesday. (AP) According to CIA Director John Brennan ‘jihad’ means struggle…..

InvestorsDaily: Islamophilia: President Obama is conferring legitimacy on a Baltimore mosque the FBI just a few years ago was monitoring as a breeding ground for terrorists, after arresting a member for plotting to blow up a federal building.

IBD has learned that the FBI had been conducting surveillance at the Islamic Society of Baltimore since at least 2010 when it collared one of its members for plotting to bomb an Army recruiting center not far from the mosque in Catonsville, Md.

Agents secretly recorded a number of conversations with a 25-year-old Muslim convert — Antonio Martinez, aka Muhammad Hussain — and other Muslims who worshipped there. According to the criminal complaint, Martinez said he knew “brothers” who could supply him weapons and propane tanks.

“He indicated that if the military continued to kill their Muslim brothers and sisters, they would need to expand their operation by killing U.S. Army personnel where they live,” FBI special agent Keith Bender wrote. Martinez said that in studying the Quran he learned that Islam counsels Muslims to “fight those who fight against you.”

Sentenced to 25 years in prison in 2012, Martinez also stated in a social media posting that he wanted to join the ranks of the “mujahideen” in “Pakistan or Afghanistan (a country that struggle[sic] for the sake of allah).” Most of ISB’s board members are from Pakistan.

To help disrupt the plot, the FBI reportedly put an undercover agent in the mosque, which upset the leadership there. After protests, the FBI sent an official to ISB to take questions and mollify concerns the bureau was spying on Muslims.

Members of the mosque complained that the FBI tried to “entrap” Martinez and other Muslim terrorism suspects by sending “spies with Muslim names” into the mosque.

“If I was the president of the mosque, I would not let you come here without strip(-searching) you,” one member angrily told the FBI official, “because you might drop something (like a bug) to hear what’s going on here.” “The Muslim Link” newspaper described the questioner as Pakistani.

This is the mosque that will be honored with a visit from Obama on Wednesday, the first U.S. mosque visit of his presidency.

It’s now abundantly clear the White House failed to properly vet the venue. Reportedly, it let the Council on American-Islamic Relations choose the site, even though the FBI has banned CAIR from outreach because of known ties to the Hamas terrorist group.

“For a number of years we’ve been encouraging the president to go to an American mosque,” CAIR spokesman Ibrahim Hooper said. “With the tremendous rise in anti-Muslim sentiment in our country, we believe that it will send a message of inclusion and mutual respect.”

As we reported Tuesday, ISB is affiliated with the Islamic Society of North America — which federal prosecutors in 2007 named a radical Muslim Brotherhood and Hamas front and an unindicted terrorist co-conspirator in a scheme to funnel more than $12 million to Hamas suicide bombers — and ISB has helped organize the terror-tied ISNA’s conferences.

The Shariah-compliant mosque was led for 15 years by a radical cleric — Imam Mohamad Adam el-Sheikh — who once represented a federally designated al-Qaida front group. El-Sheikh also has argued for the legitimacy of suicide bombings, according to the Washington Post.

We also first reported that ISB board member and vice president Muhammad Jameel has blamed American foreign policy — namely, U.S. support for Israel — for terrorism and the rise of Osama bin Laden.

“I hope (his death) does not camouflage the bigger picture, which is to look at what gave rise to OBL and what are the root causes of terror,” Jameel said in a local 2011 interview. “Just eliminating him does not resolve the longer-term problems, which I consider to be (U.S.) foreign policy.”

ISB board members are required to have “an in-depth understanding of the Shariah,” and “must take Islam as the way of life,” according to recently amended articles of incorporation papers filed with the state of Maryland.

We have also learned that ISB invited one of the imams of the Boston Marathon bombers’ mosque to headline a 2013 fundraiser for its Islamic school.

Then-Islamic Society of Boston imam Suhaib Webb spoke at the 25th anniversary banquet of ISB’s Al-Rahmah School — even though two days before 9/11, according to an FBI surveillance report, Webb was raising cash for a Muslim cop-killer together with al-Qaida cleric Anwar Awlaki, the hijackers’ spiritual leader.

So let’s recap. The mosque that is hosting the commander in chief, while receiving his historic benediction graduated a terrorist who plotted to blow up a local Army recruiting station, hired an imam who condoned suicide bombings and blames American “foreign policy” for terrorism.

Obama has to be willfully blind not to see all these ties to terror.

Libya, to Be or Not to Be, Mercenaries

ISIS Recruits Poor Africans as Fighters for Libya with Cash Bonus

Rendition for Edward Snowden?

Edward Snowden did perform a duty and that was to expose the NSA programs and the associated intrusions. However, stealing documents and sharing them with roque nations and adversarial countries is best described as high crimes and misdemeanors. Would planning a rendition operation be altogether misguided?

Secret US flight flew over Scottish airspace ‘to capture Snowden’

TheNational: THE UK GOVERNMENT is facing demands to reveal the details of a secret flight through Scottish airspace which was at the centre of a plot to capture whistleblower Edward Snowden.

The plane, which passed above the Outer Hebrides, the Highlands and Aberdeenshire, was dispatched from the American east coast on June 24 2013, the day after Snowden left Hong Kong for Moscow. The craft was used in controversial US ‘rendition’ missions.

Reports by Scottish journalist Duncan Campbell claim the flight, travelling well above the standard aviation height at 45,000 feet and without a filed flight plan, was part of a mission to capture Snowden following his release of documents revealing mass surveillance by US and UK secret services.

That the flight passed over Scotland, airspace regulated by the UK, has raised questions over UK complicity in a covert mission to arrest Snowden and whether any police, aviation or political authorities in Scotland were made aware of the flight path.

Alex Salmond, the SNP foreign affairs spokesman and Scotland’s First Minister when the flight took place, has called for full transparency from the UK Government over the case.

He said: “As a matter of course and courtesy, any country, particularly an ally, should be open about the purposes of a flight and the use of foreign airspace or indeed airports.”

“What we need to know now is, was this information given to the UK Government at the time. If so, then why did they give permission? If not, then why not? As a minimum requirement, the UK authorities should not allow any activity in breach of international law in either its airspace or its airports.

“That is what an independent Scotland should insist on. Of course, since no rendition actually took place in this instance, it is a moot point as to whether intention can constitute a breach of human rights. However, we are entitled to ask what the UK Government knew and when did they know it.”

The flight took place after US federal prosecutors filed a criminal complaint against Snowden on June 14. Regular meetings with the FBI and CIA, convened by US Homeland Security adviser Lisa Monaco, then planned Snowden’s arrest for alleged breaches of the Espionage Act, according to The Washington Post.

New documents, revealed by Danish media group Denfri, confirm that the N977GA plane was held at a Copenhagen airport for “state purposes of a non-commercial nature”. Two days later Danish authorities received an “urgent notification” from the US Department of Justice to cooperate in arresting Snowden.

N977GA was previously identified by Dave Willis in Air Force Monthly as an aircraft used for CIA rendition flights of US prisoners. This included the extradition of cleric Abu Hamza from the UK. Snowden accused the Danish Government of conspiring in his arrest. In response to flight reports, he said: “Remember when the Prime Minister Rasmussen said Denmark shouldn’t respect asylum law in my case? Turns out he had a secret.”

Snowden was behind the largest leak of classified information in history, revealing spying activities that were later deemed illegal on both sides of the Atlantic. He was elected rector at the University of Glasgow in February 2014, yet is unable to fully carry out his duties.

Patrick Harvie, co-convener of the Scottish Green Party, echoed calls for an inquiry into the flight: “It will certainly raise suspicions that an aircraft previously identified as involved in rendition flew through UK airspace at that time. We have a right to know what UK and Scottish authorities knew about this flight given it is implicated in the US response to whistleblowing about global surveillance.”

ATTEMPTS to arrest Snowden have failed as Russian authorities refused to comply. However, pressure from US authorities made it dangerous for Snowden to travel from Russia to Latin America, where Ecuador, Nicaragua, Bolivia, and Venezuela have all offered him asylum.

The presidential plane of Bolivian leader Evo Morales was forced to ground in Vienna, after four EU nations refused airspace access on the mistaken belief that Snowden was hidden on board.

In 2013 Police Scotland launched an investigation into whether other US rendition flights – where prisoners were taken to blacklist torture sites – used Scottish airports or airspace.

In 2006 aviation expert Chris Yates said it was likely that a US rendition flight had passed through Scottish airspace to Syria, in a case where the prisoner, Maher Arar, said he was tortured.

In 2008 then foreign secretary David Miliband admitted that UK airports had been used for US rendition flights and apologised for previous government denials.

American politics lecturer John MacDonald, director of foreign policy group the Scottish Global Forum, said: “Given the constitutional arrangements, there are a number of areas in which the Scottish Government may well have interests or concerns but will be excluded because security arrangements with the US are deemed ‘out of bounds’ for Scotland.

“However, if you take serious the supposition that all responsible governments have a moral and legal obligation to raise questions about flights which may be involved in dubious security and intelligence activities, then the Scottish Government may well have an interest in – or even be obliged to –raise questions.

“Questions have already been raised about the nature of military and intelligence air traffic through Scotland and if this activity is raising concerns within Scottish civil society – and it seems to be – then it is surely incumbent upon the Scottish Government to raise the issue with London.”

National Air Traffic Control Systems (Nats), who control flight access to UK airspace, said rendition flights are an issue for the UK Government. In response to questions, the UK Government refused to provide details on attempts to arrest Snowden or on the passage of the N977GA flight.

The Scottish Government also avoided a direct statement on the case on legal grounds. A spokesman said: “There is already an ongoing Police Scotland investigation, directed by the Lord Advocate. This investigation will seek to gather all available evidence of rendition flights using Scottish airports. As this is a live investigation it would be inappropriate to comment further.”

During his two and a half years in Moscow, Snowden has caused diplomatic ruptures and a worldwide debate on privacy and state security. In October 2015 the European Parliament voted narrowly, in a non-binding motion, to drop charges against him in recognition of “his status as [a] whistle-blower and international human rights defender”.

Passenger Aircraft Emergency Landing with Major Blast

Plane Forced to Land After Apparent Blast Causes Hole in Aircraft

 

A photo taken inside a Daallo Airlines Airbus 321 that made an emergency landing after takeoff from Mogadishu, Somalia on Feb. 2, 2016.

 

ABCNews: A passenger plane bound for Djibouti was forced to make an emergency landing today, minutes after taking off from Mogadishu, due to a hole opening up in the plane after an apparent explosion, according to aviation experts.

On its Facebook page, Daallo Airlines, the national airline of Somalia, said in a statement that an Airbus 321 had “experienced an incident shortly after takeoff” from the airport in Mogadishu, Somalia.

View image on Twitter

“The aircraft landed safely and all our passengers were evacuated safely,” the statement said. “A thorough investigation is being conducted by Somalia Civil Aviation Authority.”

The hole in the plane’s fuselage reached from the ceiling to the floor, according to photos of the damage. The aircraft was carrying 74 passengers and crew, authorities said. A Somali aviation official said that two passengers had been slightly injured in the incident, according to the Associated Press.

The official, however, wouldn’t provide any other details regarding injuries and did not confirm reports that an explosion may have triggered the fire.

 

Passengers aboard the Airbus 321 said they heard a loud bang and then saw smoke. As the cabin depressurized, oxygen masks deployed. Some of the 74 passengers were forced to move to the back of the jetliner as the plane descended, according to the AP.

“I don’t know if it was a bomb or an electric shock — but we heard a bang inside the plane,” said passenger Mohamed Ali, according to the AP.

“The thing that’s most interesting to me is that if you look at the outside of the airplane, some force from within the airplane pushed the sides of the aircraft open. You can see how it’s peeled back and you can actually see the streaking from soot down the back side, which would suggest quite definitively that this was a bomb of some kind, probably something about a hand-grenade size that would have made this hole in the side of the airplane,” said ABC News aviation consultant ret. Col. Steve Ganyard.

In 2015: not necessarily related but in country:

Al-Shabaab Is a Known Terror Group

al-Shabaab, Somalia, Mogadishu

Heavy, in part: Al-Qaeda linked al-Shabaab recruits walk down a street on March 5, 2012 in the Deniile district of Somalian capital, Mogadishu, following their graduation. (Mohamed Abdiwahab/AFP/Getty Images)

Heavy, in part: Al-Shabaab has been identified as a terrorist group, and has claimed responsibility for several attacks since the Somali Council of Islamic Courts took over most of southern Somalia in 2006.

According to the National Counter Terrorism Center:

The group was likely responsible for a wave of five coordinated suicide car bombings in October 2008 that simultaneously hit targets in two cities in northern Somalia, killing at least 26 people.

The group also claimed credit for the 2013 attack on a Kenyan mall that killed 68 over the course of a two-day hostage crisis. Read more here.