Debris Found for EgyptAir #804

Missing EgyptAir Flight Likely Downed by Terror Attack, Minister Says
Airbus A320 carrying 66 passengers, 10 crew lost by radar while flying at 37,000 feet above the Mediterranean; EgyptAir vice president tells CNN wreckage found.

 Previous flights for the same day.
Haaretz: An EgyptAir jet carrying 66 passengers and crew from Paris to Cairo disappeared from radar over the Mediterranean south of Greece on Thursday, with Athens saying the plane swerved in mid-air before plunging from cruising height and vanishing.
Egypt’s aviation minister said a terrorist attack was more likely to have taken down the aircraft than a technical failure.
EgyptAir Vice President Ahmed Adel has since said in an interview with CNN that the wreckage of the missing plane has been found.

“There are so many reasons why a plane can fall from the sky and crash. We have no explanations at this stage. We need more investigation,” he said.
Egypt’s envoy to France said Greek authorities had informed his counterpart in Athens that they had found blue and white debris corresponding to EgyptAir’s colors.
Later, Egypt’s Civil Aviation Ministry said that Greek authorities have found “floating material” that is likely to be debris from the missing aircraft.

Greece deployed aircraft and a frigate to search for the missing Airbus and officials said they had found pieces of plastic and two life vests that appeared to have come from an aircraft in the sea 370 kilometers (230 miles) south of Crete.
Egyptian Prime Minister Sherif Ismail said it was too early to rule out any explanation, including an attack like the one blamed for bringing down a Russian airliner over Egypt’s Sinai Peninsula last year.

Egypt said it would lead the investigation and that France would participate. Other countries also offered to help, including Britain and the United States.
In Washington, U.S. President Barack Obama received a briefing on the disappearance from his adviser for homeland security and counter-terrorism, the White House said.
Greek Defense Minister Panos Kammenos said the Airbus had first swerved 90 degrees to the left, then spun through 360 degrees to the right. After plunging from 37,000 feet to 15,000, it vanished from Greek radar screens.
According to Greece’s civil aviation chief, calls from Greek air traffic controllers to flight MS804 went unanswered just before it left Greek airspace, and it disappeared from radar screens soon afterwards.
There was no official indication of a possible cause, whether technical failure or sabotage by hard-line Islamists who have targeted airports, airliners and tourist sites in Europe, Egypt, Tunisia and other Middle Eastern countries over the past few years.
The aircraft was carrying 56 passengers — with one child and two infants among them — and 10 crew, EgyptAir said. They included 30 Egyptian and 15 French nationals, along with citizens of 10 other countries.


Asked if he could rule terrorist involvement, Prime Minister Ismail told reporters: “We cannot exclude anything at this time or confirm anything. All the search operations must be concluded so we can know the cause.”

French President Francois Hollande also said the cause was unknown. “No hypothesis can be ruled out, nor can any be favored over another.”
With its archaeological sites and Red Sea resorts, Egypt is a traditional destination for Western tourists. But the industry has been badly hit by the downing of a Russian Metrojet flight last October, in which all 224 people on board were killed, as well as by an Islamist insurgency and a string of bomb attacks.
No response
Greek air traffic controllers spoke to the pilot as the jet flew over the island of Kea, in what was thought to be the last broadcast from the aircraft, and no problems were reported.
But just ahead of the handover to Egyptian controllers, calls to the plane went unanswered.
“About seven miles before the aircraft entered the Cairo airspace, Greek controllers tried to contact the pilot but he was not responding,” said Kostas Litzerakis, head of Greece’s civil aviation department. Shortly after exiting Greek airspace, it disappeared from radars, he said.
Greek authorities were searching the sea south of the island of Karpathos, Greece’s Defense Minister Kammenos told a news conference.
“At 3:39 A.M., the course of the aircraft was south and southeast of Kassos and Karpathos (islands),” he said. “Immediately after, it entered Cairo flight information region and made swerves and a descent I describe: 90 degrees left and then 360 degrees to the right.”
The Airbus plunged from a height of 37,000 feet (11,280 meters) to 15,000 feet before vanishing from radar, he added.

Egyptian Civil Aviation Minister Sherif Fathi said authorities had tried to resume contact but without success.
‘No one knows anything’
At Cairo airport, authorities ushered families of the passengers and crew into a closed-off waiting area.
Two women and a man, who said they were related to a crew member, were seen leaving the VIP hall where families were being kept. Asked for details, the man said: “We don’t know anything, they don’t know anything. No one knows anything.”
Ayman Nassar, from the family of one of the passengers, also walked out of the passenger hall with his daughter and wife in a distressed state. “They told us the plane had disappeared, and that they’re still searching for it and not to believe any rumors,” he said.
The mother of a flight attendant rushed out of the hall in tears. She said the last time her daughter called her was Wednesday night. “They haven’t told us anything,” she said.
In Paris, a police source said investigators were now interviewing officers who were on duty at Roissy airport on Wednesday evening to find out whether they heard or saw anything suspicious. “We are in the early stage here,” the source said.
Airbus said the missing A320 was delivered to EgyptAir in November 2003 and had operated about 48,000 flight hours.
The missing flight’s pilot had clocked up 6,275 hours of flying experience, including 2,101 hours on the A320, while the first officer had 2,766 hours, EgyptAir said.
At one point, EgyptAir said the plane had sent an emergency signal at 04:26 A.M., two hours after it disappeared from radar screens. However, Fathi said later that further checks found that no SOS was received.
Egypt and France to cooperate
The weather was clear at the time the plane disappeared, according to Eurocontrol, the European air traffic network.
Under UN aviation rules, if the aircraft is found to have crashed in international or Egyptian waters, Egypt will automatically lead an investigation into the accident, assisted by countries including France, where the jet was assembled, and the United States, where engine maker Pratt & Whitney is based.
Russia and Western governments have said the Metrojet plane that crashed on October 31 was probably brought down by a bomb, and ISIS said it had smuggled an explosive device on board.
That crash called into question Egypt’s campaign to contain Islamist violence. Militants have stepped up attacks on Egyptian soldiers and police since Egypt’s President Abdel-Fattah al-Sissi, then serving as army chief, toppled elected President Mohamed Mursi, an Islamist, in 2013 after mass protests against his rule.
In March, an EgyptAir plane flying from Alexandria to Cairo was hijacked and forced to land in Cyprus by a man with what authorities said was a fake suicide belt. He was arrested after giving himself up.
EgyptAir has a fleet of 57 Airbus and Boeing jets, including 15 of the Airbus A320 family of aircraft, according to airfleets.com.

***** Other details include:

  1. Plane went through full maintenance less than a week ago.
  2. Plane departed about 25 minutes late.
  3. MS804 stopped in Tunisia, Cairo, Brussels, Eritrea prior to Paris.
  4. Passenger list included: 15French 30Egyptian 1British 1Belgian 2Iraqis 1Kuwaiti 1Saudi 1Sudanese 1Chadians 1Portuguese 1Algerian 1Canadian

Final summary: Debris has been spotted some 210 miles southeast of Crete in the Eastern Mediterranean that is believed to have been from EgyptAir Flight MS804. The passenger jet, an Airbus 320, left the Charles De Gaulle Airport in Paris, France at about 9:30pm local time. On board were 56 passengers, 7 crew and 3 air marshals. At around 2:30am Cario-time, Flight 804 was crossing into Egyptian airspace and being handed off from Greek air controllers. The last radio traffic indicated that there were no problems. At an altitude of some 37,000 feet, the Airbus 320 suddenly dove some 22,000 feet and began to swerve and turn, then, disappeared from radar. Search efforts were launched immediately.

‘Unsafe’ intercept over South China Sea

Pentagon: ‘Unsafe’ intercept over South China Sea

 

Washington (CNN)At least two Chinese J-11 tactical aircraft carried out an “unsafe” intercept of a United States EP-3 reconnaissance aircraft that was conducting a routine mission in international airspace over the South China Sea, a U.S. defense official told CNN Wednesday.

The Chinese jets came within 50 feet of the American aircraft at one point, the official said.
The incident took place on Tuesday.
 
“We have made progress reducing risk between our operational forces and those of the People’s Republic of China by improved dialogue at multiple levels under the bilateral Confidence Building Measures and the Military Maritime Consultative Agreement,” Capt. Jeff Davis, a Pentagon spokesman, said.
“Over the past year, we have seen improvements in PRC actions, flying in a safe and professional manner,” he said. “We are addressing the issue through the appropriate diplomatic and military channels.”
A separate defense official told CNN this type of incident is not something the U.S. military frequently sees in that region with Chinese aircraft. Incidents with Russian aircraft in the Black Sea that have been well documented over the past year are much more common.
This is an incident that “definitely has people’s attention” at the Pentagon, the second official said.
“This is potentially part of a disturbing trend line as the Chinese try to push their military envelope into greater parts of the sea surrounding their mainland,” Sen. Chris Murphy, a Democrat who serves on the Senate Committee on Foreign Relations, told CNN’s Wolf Blitzer.
Murphy said that it is important that the U.S. does not overreact to these types of occurrences, which have recently involved Chinese and Russian militaries.
“What the Chinese and the Russians are trying to do is to provoke us into some kind of action that will feed into their domestic narratives, both in China and in Russia,” Murphy said.
****
What is China doing?
 

China’s Putting Anti-Stealth Radar in the South China Sea

Radar installed on an “artificial” island could detect the B-2, F-35, and F-22.

PopularMechanics: China appears to be building an anti-stealth radar system on an artificial island in the middle of the South China Sea, where a military-grade system would be useful in detecting stealth aircraft in the contentious and contested area.

Satellite imagery obtained by the Center for Strategic and International Studies’ Asian Maritime Transparency Initiative and DigitalGlobe (which provided the images above and below) shows the Cuateron Reef recently enlarged by dredging and now measuring about 52 acres. Beijing didn’t stop there. The imagery also shows that China has built or is building two radar towers, a lighthouse, a communications tower, bunker, and quay for the docking of supply ships. The most interesting development is a large field covered with evenly spaced 20 meter poles. This is the kind of thing you’d need for over-the-horizon high-frequency radar systems, which can detect objects at up to 3,000 kilometers (1,864 miles), including stealth aircraft.

While HF radars can spot stealth planes, they cannot guide missiles to targets—for now. Even so, the radars are useful in providing an early warning network, cueing Chinese fighter planes such as the J-11—also based on an artificial island in the South China Sea—to the probable location of stealth aircraft.

The position of the radar would be ideal for detecting American and allied aircraft operating from bases in the Philippines. The Philippines, embroiled in a dispute with China over the Scarborough and Second Thomas shoals—has made its air and naval facilities available to the United States.

In recent years, China has laid claim to 90 percent of the South China Sea. While many countries claim part of the South China Sea, none have claimed—and seized—as much as China. To support its claim, China has taken several shoals and reefs and expanded them dramatically with sand dredged from the sea floor. China believes (or at least claims) that this bit of terraforming amounts to a legal transformation of these shoals from nuisance navigational hazards to full sovereign territory, complete with a12-mile territorial boundary and a 200 mile exclusive right to economic development.

The radar site, first noticed in 2015, became particularly newsworthy after last week’s announcement that China had deployed HQ-9 long-range surface-to-air missiles on another artificial island in the South China Sea. Although the two systems are too far apart to support one another, together they do support the argument that China is fortifying the South China Sea.

Healthcare Provider Lawsuits v. Feds Begin

Blue Cross insurer sues U.S. for funds owed under health care law

BusinessInsurance: Highmark Inc. and its subsidiaries have sued the federal government for failing to pay funds the insurers say they are owed through one of the Affordable Care Act’s public health insurance exchange safety net programs.

Pittsburgh-based Highmark, the fourth-largest Blue Cross and Blue Shield insurer, is demanding $222.9 million, which it argues it is owed through the ACA risk corridor program for 2014 losses, according to the lawsuit filed Tuesday in the U.S. Court of Federal Claims in Washington.

Highmark said the government has paid only $27.3 million of the total owed for 2014. In early April, Highmark President and CEO David Holmberg said during an analyst call that the insurer was owed more than $500 million from the risk corridor program for 2014 and 2015.

The risk corridor program is intended to help stabilize premiums by offsetting insurers’ losses during the first three years of the public health exchanges.

But the U.S. Centers for Medicare and Medicaid Services last year said it would pay only 12.6% of the money insurers requested for 2014 losses. CMS said the rest of the tab would be paid in 2015 and 2016 if necessary.

The suit accuses the government of breach of good faith and fair dealing among other allegations.

CMS could not be immediately reached for comment.

“The United States has specifically admitted in writing its statutory and regulatory obligations to pay the plaintiff insurers the full amount of risk corridor payments owed to them for calendar year 2014, but it has failed to pay the full amount due,” the lawsuit states.

“Instead, the government arbitrarily has paid the plaintiff insurers only a pro-rata share — less than 12.6% — of the total amount due, asserting that full payment to the plaintiff insurers is limited by available appropriations, even though no such limits appear anywhere in the ACA or its implementing regulations or in the plaintiff insurers’ contracts with the government.”

In a statement Monday, Mr. Holmberg said the Highmark has a “fiduciary responsibility to our 5.2 million health plan members to seek payment.”

Still, Mr. Holmberg said the insurer “remains committed” to the public health exchanges.

Highmark said it tried to negotiate with CMS, which the insurer said refused requests for full payment. It also said CMS has taken the position that “none of the risk corridor payments” for 2014, 2015 and 2016 are due until fall 2017 after the program has concluded.

The insurers involved in the lawsuit, First Priority Life Insurance Co. Inc. et al v. USA, include First Priority Life Insurance Co., Highmark BCBSD Inc., Highmark Inc., Highmark Select Resources Inc., Highmark West Virginia Inc., and HM Health Insurance Co.

In February, Lake Oswego, Oregon-based insurer Health Republic Insurance Co. of Oregon, which now is out of business, filed a $5 billion class action against the federal government for failing to make the risk corridor payments.

**** Good news?

Sessions, Cassidy to introduce ‘The World’s Greatest Health Care Bill. Ever’

FNC: House Rules Committee Chairman Pete Sessions, R-Texas, and Sen. Bill Cassidy, R-La., plan to introduce what they are terming an “alternative” health care bill Thursday which will not repeal ObamaCare, but work alongside the existing Affordable Care Act and modify various parts of the system.

 

The legislation is technically called the HELP Act, short for “Health Empowerment Liberty Plan.”  Sessions however prefers a less clinical moniker with a title infused with a dose of Donald Trump-esque hubris. Instead, the Texas Republican calls the legislation “The World’s Greatest Health Care Bill. Ever.”

Sessions notes that the legislation allows people to keep ObamaCare if they so desire, noting that his measure does not entail a full repeal of ObamaCare.

“Someone who repeals (ObamaCare) is left with nothing,” he said.

That’s why his bill works in tandem with the existing law.

Meanwhile, it does get worse.

UnitedHealth Quits 27th Obamacare State as Insurer to Exit N.J.

Bloomberg: UnitedHealth Group Inc. is exiting New Jersey’s Obamacare exchange, marking the 27th state market the insurer is quitting.

UnitedHealth’s Oxford Health Plans unit won’t participate in New Jersey’s individual market in 2017, on the Affordable Care Act exchange or elsewhere, according to a letter obtained by Bloomberg through an open-records request. Another unit will continue selling plans outside of Obamacare, and the company will keep offering coverage to small businesses, according to Marshall McKnight, a spokesman for New Jersey’s Department of Banking & Insurance.

Chief Executive Officer Stephen Hemsley said last month that UnitedHealth would only offer ACA plans in a “handful of states” for 2017, though the company hasn’t listed them. The company is retreating from the markets created by the ACA amid mounting losses on the policies. Bloomberg has confirmed that the insurer is exiting at least 27 of the 34 states where it sold 2016 coverage.

The company will still probably sell ACA plans in at least three states next year: New York and Nevada have confirmed UnitedHealth’s participation and the company has filed plans to participate in Virginia.

In addition to UnitedHealth, several other insurers offered plans in New Jersey last year, according to the Kaiser Family Foundation. They include Oscar Insurance Corp., AmeriHealth, Health Republic Insurance of New Jersey and Horizon Blue Cross Blue Shield of New Jersey.

Russia’s Other War, Cyber

 

Finding weakness and exploiting it in the cyber realm is hidden warfare, few speak about. For the West, Russia tops the list. China, Iran and North Korea are also on the short list. For Russia’s other targets, the Baltic States are in the Russian target list.

CBS: The U.S. has elevated its appraisal of the cyber threat from Russia, the U.S. intelligence chief said Thursday, as he delivered the annual assessment by intelligence agencies of the top dangers facing the country.

“While I can’t go into detail here, the Russian cyber threat is more severe than we had previously assessed,” James Clapper, the director of national intelligence, told the Senate Armed Services Committee, as he presented the annual worldwide threats assessment.

As they have in recent years, U.S. intelligence agencies once again listed cyber attacks as the top danger to U.S. national security, ahead of terrorism. Saboteurs, spies and thieves are expanding their computer attacks against a vulnerable American internet infrastructure, chipping away at U.S. wealth and security over time, Clapper said.

Russia ‘was behind German parliament hack’

BBC: Germany’s domestic intelligence agency has accused Russia of being behind a series of cyber attacks on German state computer systems.

The BfV said a hacker group thought to work for the Russian state had attacked Germany’s parliament in 2015.

This week it emerged that hackers linked to the same group had also targeted the Christian Democratic Union party of Chancellor Angela Merkel.

Russia has yet to respond publicly to the accusations made by the BfV.

Sabotage threat

BfV head Hans-Georg Maassen said Germany was a perennial target of a hacker gang known as Sofacy/APT 28 that some other experts also believe has close links with the Russian state. This group is believed by security experts to be affiliated with the Pawn Storm group that has been accused of targeting the CDU party.

The Russian Cyber Threat: Views from Estonia

Tensions between Russia and its adversaries in the West are escalating. In recent years, Russia has undermined the security of its neighbors by violating their land borders, crossing into their airspace unannounced and harassing them above and below sea level. Less noticed or understood, however, are Moscow’s aggressive actions in cyberspace. The small Baltic country of Estonia—a global leader in digital affairs—is well-placed to shed light on the tactical and strategic aspects of Russia’s offensive computer network operations.

In fact, three civilian and intelligence agencies responsible for cyber security—the Estonian Information System Authority, Internal Security Service and Information Board—recently issued reports that help put together different pieces of the puzzle. The conclusion is that “in cyberspace, Russia is the source of the greatest threat to Estonia, the European Union and NATO.” Now policymakers on both sides of the Atlantic must decide what to do about it.

Russia has been developing and employing offensive cyber capabilities for years. Russian cyber threat groups consist of professional, highly skilled practitioners whose daily jobs are to prepare and carry out attacks. And they don’t go after low-hanging fruit; instead, they receive specific orders on which institutions to target and what kind of information is needed. Criminals, hacktivists, spies and others linked to Russian strategic interests are usually well-financed, persistent and technologically advanced. They have a wide range of tools and resources, including the ability to carry out denial-of-service attacks, develop sophisticated malware and exploit previously unknown software vulnerabilities. Russian threat actors cloak their identities by using remote servers and anonymizing services. They target everything from the mobile devices of individuals to the IT infrastructure of entire government agencies.

Often, Russian threat actors map target networks for vulnerabilities and conduct test attacks on those systems. After carrying out reconnaissance, they conduct denial-of-service attacks or try to gain user access. Common techniques include sending emails with malicious attachments, modifying websites to infect visitors with malware and spreading malware via removable media devices like USB drives. Once inside, they continue to remotely map networks, attempt to gain administrator-level access to the entire network and extract as much sensitive data as possible. Such access also lets them change or delete data if that’s what the mission requires. They’ll often go after the same targets for years to get what they need. They have the confidence that comes from perceived anonymity and impunity; if they make a mistake or fail, they’ll simply try again.

These tactical activities are carried out in pursuit of strategic objectives. In the long term, this includes undermining and, if possible, helping to dissolve the EU and NATO. Moscow also aims to foster politically divided, strategically vulnerable and economically weak societies on its periphery in order to boost its own ability to project power and influence on those countries’ decisions. Russian cyber threat actors help by stealing military, political or economic data that gives Russia advantages in what it sees as the zero-sum game of foreign relations. The exfiltrated data can be used to recruit intelligence agents or provide economic benefits to its companies. Cyber capabilities can also be used to carry out influence operations that undermine trust between the citizens and the state. Telling examples of that strategy include its multi-week distributed-denial-of-service (DDoS) attacks against Estonia in 2007, its coordinated attacks against Ukraine’s 2014 presidential elections and the false-flag operation against a French telecommunication provider in 2015.

Most worryingly, today’s intelligence operations can enable tomorrow’s military actions. Influence operations, including the use of propaganda and social media, can create confusion and dissatisfaction among the population. Denial-of-service attacks can inhibit domestic and international communication. Coordinated, plausibly deniable attacks on multiple critical national infrastructure sectors can disrupt the provision of vital services such as energy, water, or transportation. This can provide a context for the emergence of “little green men”. Malicious code can be weaponized to hinder military and law enforcement responses. Clearly, cyber capabilities have the potential to be a powerful new tool in the Kremlin’s not-so-new “hybrid warfare” toolbox. With enough resources and preparation, they can be used in attempts to cause physical destruction, loss of life and even to destabilize entire countries and alliances. Such operations could be but a decision or two away in terms of planning, and perhaps several months or years before implementation. What can be done about it?

Preventive and countermeasures exist at the personal, organizational, national and international levels. Individuals should take “cyber hygiene” seriously, since Russian threat actors target both personal and work devices. This includes employing basic security technologies, backing up data, not visiting dubious websites and not opening suspicious emails. Organizations that handle sensitive information should adopt stricter security policies, including for handling of work-related data on personal devices. Information systems managers must be especially vigilant since they are primary targets, and weak personal security on their part may compromise national security. For their part, governments must enact the basics: computer security laws, national cyber strategies, a police focus on cybercrime, national CERTs, public-private partnerships and capable intelligence agencies. They also need continuous training and exercises to keep relevant agencies prepared for their missions. Finally, global cooperation and expeditious exchange of information among cyber security firms, national computer security incident response teams (CSIRTs) and security services are key to identifying Russian attack campaigns and taking defensive countermeasures.

All such countermeasures comprise elements of a deterrence-by-denial strategy that aims to raise the cost of carrying out malicious operations. States have also undertaken diplomatic initiatives to manage the potential instability that could result from the use of weaponized code—namely confidence-building measures, norms of responsible state behavior and attempts to agree on international law. While laudable, none of these have curbed Russian cyber aggression in the short term. For example, Russia’s coordinated December 2015 attack on the Ukrainian electrical grid—highlighted in all three agencies’ reports—was clearly an attack on critical national infrastructure that violated tentative international norms signed by Russia, possibly even while the campaign was being prepared. Defensive and diplomatic countermeasures must be complemented by a cohesive strategy of deterrence-by-punishment by individual countries as well as like-minded allies.

Cyber threat actors with links to Russia (APT28/Sofacy/Pawn Storm, the Dukes/APT29, Red October/Cloud Atlas, Snake/Turla/Uroburos, Energetic Bear/DragonFly, Sandworm Team and others) target NATO members on a daily basis—mainly for espionage and influence operations. But a recent SCMagazineUK article claims that the FSB plans to spend up to $250 million per year on offensive cyber capabilities. “Particular attention is to be paid to the development and delivery of malicious programs which have the ability to destroy the command and control systems of enemy armed forces, as well as elements of critical infrastructure, including the banking system, power supply and airports of an opponent.” Clearly, we had better be prepared.