Import a Terrorist, Apply to the Diversity Visa Lottery Program

Even the LATimes calls for the program to be ended. In part: Sayfullo Saipov, who allegedly killed eight and wounded 11 in a truck attack on Tuesday, entered the country from Uzbekistan through the diversity visa lottery. He is not the first presumed terrorist to enter using the program. Lottery terrorists include Hesham Mohamed Ali Hedayet, who shot up an El-Al ticket counter in 2002, killing two, and Imran Mandhai, who planned to bomb power stations in Florida the same year.

photo

The chilling details on Imran Mandhai are located here.

Imran Mandhai.

National security problems with the lottery have long been known. At a 2003 congressional hearing, the inspector general of the State Department, which oversees the lottery, testified that the program “contains significant risks to national security from hostile intelligence officers, criminals and terrorists attempting to use the program for entry into the United States as permanent residents.”

The concerns identified at that hearing 14 years ago remain. In 2016, Immigration and Customs Enforcement created a list of countries that “promote, produce, or protect terrorist organizations or their members.” Of the top 10 source countries for lottery winners in 2016, four were on ICE’s list: Egypt (No. 2), Iran (No. 3), Uzbekistan (No. 5) and Sudan (No. 7). Many other countries on the ICE list also send significant numbers of lottery winners.

In 2015, 14.4 million individuals plus family members successfully registered for the annual drawing. The State Department has to weed out those who do not qualify. After a computer randomly selects 100,000 names. State Department employees interview and vet the finalists, whittling down the list to the 50,000 cap. This is no simple task, since most applicants come from countries where recordkeeping is spotty and documents are hard to verify. Screening for visa lottery fraud takes up valuable State Department resources that could be allocated elsewhere if the program did not exist.

*** Suddenly, Chucky Schumer is suddenly quiet or forgets some facts.

The program was created by the late-Senator Ted Kennedy in the early 1990s, with help from then-Rep. Chuck Schumer, now the Senate Minority Leader, as a way to open the door to more Irish immigrants who could not qualify for immigration opportunities because of our equally nonsensical family chain migration policy. Of course, Schumer (and Kennedy until his death), continues to this day to defend family chain migration, and is fighting efforts to adopt a merit-based immigration policy that would obviate the need for the annual Wheel of Fortune exercise. More here. 

Included in the lottery are all four countries the U.S considers state sponsors of terror — Iran, Sudan, Cuba, and Syria — and 13 of the 14 nations that are coming under special monitoring from the Transportation Security Administration as founts of terrorism. Pakistan is excluded because, like China, it sends over tens of thousands of immigrants each year and doesn’t need to be in the lottery.

Among the winners for 2010 are:

Nigeria: 6,006
Iran: 2,773
Algeria: 1,957
Sudan: 1,084
Afghanistan: 345
Cuba: 298
Somalia: 229
Lebanon:
181
Libya: 152
Iraq: 142
Saudi Arabia:
104
Syria:
98
Yemen:
72

The State Department’s Office of the Inspector General recommended in a 2003 report that terror-sponsoring nations be removed from the diversity visa program.

“OIG believes that this program contains significant vulnerabilities to national security as hostile intelligence officers, criminals and terrorists attempt to use it to enter the United States as permanent residents,” the office’s deputy inspector testified to Congress in 2004.

A separate report filed by the Government Accountability Office also faulted the program for being susceptible to widespread fraud. A cottage industry has emerged abroad to cater to the lottery, and it regularly bilks people out of massive amounts of money and even coerces some into marriage to keep their diversity visas. More here.

Meanwhile:

The resettlement of refugees in the U.S. has been fairly consistent across the country since 2002, with no state resettling a majority of them. In fiscal year 2017, no state resettled more than 10% of the 53,716 refugees the nation admitted that year. California, Texas, New York, Washington, Michigan and Ohio each accounted for at least 5% of refugees resettled, while all other states had a lower share. In fiscal 2002, the earliest year state-level data are publicly available, California resettled 16% of the nation’s 27,110 refugees, the only state to account for more than 15% of the nation’s total that year – or in any following year, according to a Pew Research Center analysis of U.S. State Department data.

Most refugees today come from the Middle East and Africa, but this has not always been the case. Check more details here.

Proposed Tax Plan Called The Cut Cut Cut Bill?

It has been officially introduced. Do we like it? Check it out here.

If Schumer and Pelosi dont like it then perhaps it has some good things in it, right? Anyone talking about the spending and then servicing the debt?

photo

House Republicans are attempting the biggest transformation of the U.S. tax code in more than 30 years. The new bill aims to chop the corporate tax rate from 35% to 20%, as well as trim income tax brackets from seven to four, with the top rate of 39.6% to remain intact.

Here’s a look at the four new proposed tax brackets.

Currently, there are seven tax brackets: 10%, 15%, 25%, 28%, 33%, and 39.6%. 12%: This new rate applies to single filers starting at $12,000 up to $45,000 and married joint filers after the $24,000 deduction up to $90,000. 25%: This rate starts at $45,000 for single filers and $90,000 for married joint filers. 35%: This rate starts at $200,000 for single filers and $260,000 for married joint filers. 39.6%: This rate starts at $500,000 for single filers and one million plus for married couples.

The Heritage Foundation tax experts summarized it this way:

Months ago, conservatives began pressuring their lawmakers to ensure that tax reform followed five conservative principles. Here’s how the bill stacks up to those principles:

Lowering and Simplifying the Individual Tax Rates: The GOP proposal provides long overdue relief to millions of Americans by simplifying and lowering the individual tax rates to 12 percent, 25 percent, 35 percent and 39.6 percent. For married couples, the 25 percent rate starts at $90,000, the 35 percent rate starts at $260,000 and the top rate starts at $1 million. The bill will also double the standard deduction to $12,000 for individuals and $24,000 for families.

Lowering the Corporate Tax Rate: This bill will immediately lower the corporate rate to 20 percent — the rate demanded by conservatives for months — making American businesses more competitive with the rest of the world and providing hard working Americans with a much needed raise. Rates for small business pass throughs were also reduced by 15 percentage points, down to 25 percent.

Tax Free Entrepreneurship (Full Expensing): The GOP proposal includes full expensing for some investments that phases out after 5 years. This is a necessary boost to investment in the short-term, though improvements could be made as the process advances.

Establishing a Territorial Tax System: This bill attempts to eliminate the double taxation that defines our current worldwide tax system, though there are some provisions that could undermine the full value of that reform. Stay tuned for a more in-depth analysis.

Ending Cronyism in the Tax Code: Conservatives have also been fighting back against big-government special interest groups. The plan eliminates many special interest provisions including the State and Local Tax Deduction (SALT), though it allows a write off for property taxes. If not for conservative pushback, the swamp creatures would have been far more successful in defending the broken, corrupt status quo.

Here are some other things included in the bill you should know:

  • Repeals the Alternative Minimum Tax
  • Child tax credit goes to $1600 from $1000 plus additional $300 credit for parents and non-child dependents.
  • State and local deduction converted to property tax deduction with $10K cap
  • 401k’s are untouched
  • The Death Tax exemption will be doubled and eventually phased out after five years.
  • Preserves the home mortgage interest deduction for current mortgages and limits the deduction to $500,000 for new mortgages.
  • Preserves the Charitable Tax Deduction.

At first glance, the preliminary text released today has the potential to unleash economic growth, create American jobs, increase wages for American workers, allow families to keep more of their hard-earned money, and make U.S. businesses competitive across the globe.

According to documents released by Republicans on the House Ways and Means Committee, a typical middle-income family of four, earning $59K (median household income), will receive a $1,182 tax cut under this bill.

 

Russia Hacked the World, DoJ Suing Kremlin Operatives?

photo

FNC: The Justice Department reportedly has garnered enough evidence to charge at least six Russian government operatives with hacking the Democratic National Committee’s computers during the 2016 presidential election.

The Wall Street Journal reported Thursday that federal prosecutors could bring charges early next year. The Journal reported that dozens of others may have also played a role in the cyberattack.

Even tech companies are suing Russia.

How Russia hacked the world: Putin’s spies used ‘digital hit list’ to hunt global targets

  • 19,000 malicious links collected by Secureworks after Fancy Bear mistake.

  • 4,700 Gmail users across the globe were targeted by the state hacking team.

  • Alongside Democrats, a handful of Republican targets were also identified.

The hackers who upended the US presidential election had ambitions well beyond Hillary Clinton’s campaign, targeting the emails of Ukrainian officers, Russian opposition figures, US defence contractors and thousands of others of interest to the Kremlin, according to a previously unpublished digital hit list obtained by The Associated Press.

The list provides the most detailed forensic evidence yet of the close alignment between the hackers and the Russian government, exposing an operation that stretched back years and tried to break into the inboxes of 4,700 Gmail users across the globe — from the pope’s representative in Kiev to the punk band Pussy Riot in Moscow.

“It’s a wish list of who you’d want to target to further Russian interests,” said Keir Giles, director of the Conflict Studies Research Centre in Cambridge, England, and one of five outside experts who reviewed the AP’s findings. He said the data was “a master list of individuals whom Russia would like to spy on, embarrass, discredit or silence.”

The AP findings draw on a database of 19,000 malicious links collected by cybersecurity firm Secureworks, dozens of rogue emails, and interviews with more than 100 hacking targets.

Secureworks stumbled upon the data after a hacking group known as Fancy Bear accidentally exposed part of its phishing operation to the internet.

The list revealed a direct line between the hackers and the leaks that rocked the presidential contest in its final stages, most notably the private emails of Clinton campaign chairman John Podesta.

The issue of who hacked the Democrats is back in the national spotlight following the revelation Monday that a Donald Trump campaign official, George Papadopoulos, was briefed early last year that the Russians had “dirt” on Clinton, including “thousands of emails.”

Kremlin spokesman Dmitry Peskov called the notion that Russia interfered “unfounded.” But the list examined by AP provides powerful evidence that the Kremlin did just that.

“This is the Kremlin and the general staff,” said Andras Racz, a specialist in Russian security policy at Pazmany Peter Catholic University in Hungary, as he examined the data. “I have no doubts.”

New evidence

Secureworks’ list covers the period between March 2015 and May 2016. Most of the identified targets were in the United States, Ukraine, Russia, Georgia and Syria.

In the United States, which was Russia’s Cold War rival, Fancy Bear tried to pry open at least 573 inboxes belonging to those in the top echelons of the country’s diplomatic and security services: then-Secretary of State John Kerry, former Secretary of State Colin Powell, then-NATO Supreme Commander, US Air Force Gen. Philip Breedlove, and one of his predecessors, US Army Gen. Wesley Clark.

The list skewed toward workers for defence contractors such as Boeing, Raytheon and Lockheed Martin or senior intelligence figures, prominent Russia watchers and — especially — Democrats. More than 130 party workers, campaign staffers and supporters of the party were targeted, including Podesta and other members of Clinton’s inner circle.

The AP also found a handful of Republican targets.

Podesta, Powell, Breedlove and more than a dozen Democratic targets besides Podesta would soon find their private correspondence dumped to the web. The AP has determined that all had been targeted by Fancy Bear, most of them three to seven months before the leaks.

“They got two years of email,” Powell recently told AP. He said that while he couldn’t know for sure who was responsible, “I always suspected some Russian connection.”

In Ukraine, which is fighting a grinding war against Russia-backed separatists, Fancy Bear attempted to break into at least 545 accounts, including those of President Petro Poroshenko and his son Alexei, half a dozen current and former ministers such as Interior Minister Arsen Avakov and as many as two dozen current and former lawmakers.

The list includes Serhiy Leshchenko, an opposition parliamentarian who helped uncover the off-the-books payments allegedly made to Trump campaign chairman Paul Manafort — whose indictment was unsealed Monday in Washington.

In Russia, Fancy Bear focused on government opponents and dozens of journalists.

Among the targets were oil tycoon-turned-Kremlin foe Mikhail Khodorkovsky, who spent a decade in prison and now lives in exile, and Pussy Riot’s Maria Alekhina. Along with them were 100 more civil society figures, including anti-corruption campaigner Alexei Navalny and his lieutenants.

“Everything on this list fits,” said Vasily Gatov, a Russian media analyst who was himself among the targets. He said Russian authorities would have been particularly interested in Navalny, one of the few opposition leaders with a national following.

Many of the targets have little in common except that they would have been crossing the Kremlin’s radar: an environmental activist in the remote Russian port city of Murmansk; a small political magazine in Armenia; the Vatican’s representative in Kiev; an adult education organisation in Kazakhstan.

“It’s simply hard to see how any other country would be particularly interested in their activities,” said Michael Kofman, an expert on Russian military affairs at the Woodrow Wilson International Centre in Washington.

He was also on the list.

“If you’re not Russia,” he said, “hacking these people is a colossal waste of time.”

Working 9 to 6 (Moscow Time)

Allegations that Fancy Bear works for Russia aren’t new. But raw data has been hard to come by.

Researchers have been documenting the group’s activities for more than a decade and many have accused it of being an extension of Russia’s intelligence services. The “Fancy Bear” nickname is a none-too-subtle reference to Russia’s national symbol.

In the wake of the 2016 election, US intelligence agencies publicly endorsed the consensus view, saying what American spooks had long alleged privately: Fancy Bear is a creature of the Kremlin.

But the US intelligence community provided little proof, and even media-friendly cybersecurity companies typically publish only summaries of their data.

That makes the Secureworks’ database a key piece of public evidence — all the more remarkable because it’s the result of a careless mistake.

Secureworks effectively stumbled across it when a researcher began working backward from a server tied to one of Fancy Bear’s signature pieces of malicious software.

He found a hyperactive Bitly account Fancy Bear was using to sneak thousands of malicious links past Google’s spam filter. Because Fancy Bear forgot to set the account to private, Secureworks spent the next few months hovering over the group’s shoulder, quietly copying down the details of the thousands of emails it was targeting.

The AP obtained the data recently, boiling it down to 4,700 individual email addresses, and then connecting roughly half to account holders.

The AP validated the list by running it against a sample of phishing emails obtained from people targeted and comparing it to similar rosters gathered independently by other cybersecurity companies, such as Tokyo-based Trend Micro and the Slovakian firm ESET.

The Secureworks data allowed reporters to determine that more than 95% of the malicious links were generated during Moscow office hours — between 9 am and 6 pm Monday to Friday.

The AP’s findings also track with a report that first brought Fancy Bear to the attention of American voters. In 2016, a cybersecurity company known as CrowdStrike said the Democratic National Committee had been compromised by Russian hackers, including Fancy Bear.

Secureworks’ roster shows Fancy Bear making aggressive attempts to hack into DNC technical staffers’ emails in early April 2016 — exactly when CrowdStrike says the hackers broke in.

Hacking hands
Fancy Bear have long been linked to the Russian security services iStock

And the raw data enabled the AP to speak directly to the people who were targeted, many of whom pointed the finger at the Kremlin.

“We have no doubts about who is behind these attacks,” said Artem Torchinskiy, a project coordinator with Navalny’s Anti-Corruption Fund who was targeted three times in 2015. “I am sure these are hackers controlled by Russian secret services.”

The myth if the 400-pound man

Even if only a small fraction of the 4,700 Gmail accounts targeted by Fancy Bear were hacked successfully, the data drawn from them could run into terabytes — easily rivalling the biggest known leaks in journalistic history.

For the hackers to have made sense of that mountain of messages — in English, Ukrainian, Russian, Georgian, Arabic and many other languages — they would have needed a substantial team of analysts and translators. Merely identifying and sorting the targets took six AP reporters eight weeks of work.

The AP’s effort offers “a little feel for how much labour went into this,” said Thomas Rid, a professor of strategic studies at Johns Hopkins University’s School of Advanced International Studies.

He said the investigation should put to rest any theories like the one then-candidate Donald Trump floated last year that the hacks could be the work of “someone sitting on their bed that weighs 400 pounds.”

“The notion that it’s just a lone hacker somewhere is utterly absurd,” Rid said.

***

Axios: Marathon congressional hearings on Russian election interference and social media left execs from Facebook, Google and Twitter badly bruised and with a new view of just how mad Washington is about their handling of content aiming to divide Americans.

The big takeaway: Lawmakers’ rebukes went far beyond the companies’ responses to Russia’s interference. They also repeatedly revealed a discomfort with the size, power and limited accountability of the large web platforms.

What else we learned:

  • Washington isn’t buying that Facebook, Google and Twitter aren’t media companies. Both Republicans and Democrats seemed baffled at times by an assumption that has been fundamental to Google, Facebook and Twitter’s growth: that they are neutral platforms for information, not judges of content. Multiple lawmakers questioned that argument: “That may well be a distinction that is lost on most of us, that you’re just a platform for other people to express their views as opposed to being a publisher in their own right of those views,” said Republican Sen. John Cornyn.
  • We now know what the Russian ads look like. Lawmakers released some of the Russian-bought ads, which were focused largely on divisive political issues like civil rights, immigration and religion. According to the metadata released, the ads targeted both Republicans and Democrats and were paid for in rubles. For example, one “Black Matters” ad targeted adults in Georgia, Maryland, Missouri and Virginia and received more than 200,000 impressions and more than 12,000 clicks. It cost 53,425 rubles ($915).
  • Still no backing for a regulatory fix. The only piece of concrete legislation tied to this issue is the Honest Ads Act, which would require disclosure for online political ads. While the companies all committed to improving transparency, and companies indicated that they could work with lawmakers on the bill, they did not endorse it.
  • Lawmakers felt slighted by the CEOs’ absence. “I wish your CEOs were here,” said Democratic Sen. Joe Manchin, one of many lawmakers who voiced that sentiment. “They need to answer for this.”
  • The companies are putting significant resources toward vetting content. During nine hours of hearings, they repeatedly touted how much they were investing in both money and personnel to solve the election interference issue. Facebook is doubling the people working on safety and security issues to 20,000 by the end of 2018, for example.
  • Democrats were the harshest critics. Silicon Valley has long had a strong relationship with the liberal left, but that didn’t stop California Sens. Dianne Feinstein and Kamala Harris, as well as tech ally Sen. Ron Wyden, from lacing into the witnesses. Republicans, while critical of the companies, stopped short of conceding that social media manipulation was a deciding factor in Donald Trump’s win.
  • Congressional investigators are still learning the basics. One lawmaker asked Twitter’s general counsel to explain the difference between a bot and a troll. Several inquired about the definition of “impressions.” This highlights how steep the learning curve is for elected officials to fully grasp the nuances of what went wrong online in 2016.
  • Tech made a huge political miscalculation in not moving faster. Again and again, the companies were chided for how long it took them to deliver the goods to investigators. “I hear all your words,” said Sen. Mark Warner, “but I have more than a little bit of frustration that many of us on this committee have been raising this issue since the beginning of this year, and our claims were frankly blown off by the leaderships of your companies.”
What’s next? All of the companies indicated their investigations are ongoing, so the scale of the Russian disinformation campaign could turn out to be even bigger than we know now.

Go deeper:

Foreign Agents in DC, at the White House?

Romanian leader seeks more Trump meetings

A Romanian politician sentenced to jail for rigging elections is trying to arrange meetings with Vice President Mike Pence and House Speaker Paul Ryan (R-Wis.), according to recent Justice Department filings.

Liviu Dragnea, who is speaker of Romanian Parliament’s lower chamber and party president, received a two-year suspended jail sentence last year for trying to rig a referendum election to impeach the country’s president.

Now, his Social Democratic Party is paying Washington public-affairs group Madison & Co. $100,000 to introduce Dragnea to Pence and Ryan “as soon as possible” and to arrange “political, media and academic meetings” for Dragnea. Operatives working on the case include Madison & Co. president Al Madison; Democratic lobbyist and “rainmaker” William Oldaker; Drew Willison, Senate Democratic Minority Leader Harry Reid’s (Nev.) final chief of staff; and William Harris, a Republican operative who “has worked for the Trump Organization on a variety of political and business matters,” according to a disclosure filing. The Justice Department has not yet released disclosures forms for Oldaker or Willison.

This wouldn’t be Dragnea’s first brush with members of the current administration. In the days before President Donald Trump’s inauguration, Dragnea met with the president-elect, now-former National Security Adviser Michael Flynn and Ed Royce (R-Calif), who chairs the House Foreign Affairs Committee.

*** Remember Guccifer is Romanian.

The Foreign Agents Registration Act is in fact a joke, but quite a lucrative one if you are part of a Washington DC law firm. As noted on the website, under the guidance and management of the Department of Justice:

The Foreign Agents Registration Act (FARA) was enacted in 1938. FARA is a disclosure statute that requires persons acting as agents of foreign principals in a political or quasi-political capacity to make periodic public disclosure of their relationship with the foreign principal, as well as activities, receipts and disbursements in support of those activities. Disclosure of the required information facilitates evaluation by the government and the American people of the statements and activities of such persons in light of their function as foreign agents. The FARA Registration Unit of the Counterintelligence and Export Control Section (CES) in the National Security Division (NSD) is responsible for the administration and enforcement of the Act.

The person at the Justice Department who is in charge of this division was Dana Boente. He suddenly resigned last week…..hummmm. Boente assumed the position of Deputy Attorney General, when Trump fired Sally Yates when she refused to defend Trump’s travel suspension executive order. Boente declared he would defend in court that executive order, but was that really true since he suddenly resigned?

Seems Boente was selected to oversee the department’s division handling the probe into alleged Russian election interference, overseeing efforts on cybersecurity and counterintelligence.

Another hummm

So back to foreign lobby and continued foreign interference in DC…

*** In part from Politico:

The last time I can remember a stir about a lobby firm evading disclosure law was in 2004, when Qorvis Communications’ offices were raided by the FBI in a probe about its work for the royal family of Saudi Arabia. However, nothing much came of it, and business carried on as usual among Washington lobbyists. Two years ago, reportedly, a number of Qorvis lobbyists quit because they were uncomfortable with the firm’s work. According to this 2015 story in the New York Observer, more than a third of Qorvis partners had left the firm—to start their own lobby shops—“partly because of the firm’s work on behalf of such clients as Yemen, Bahrain, Saudi Arabia and the Central African nation of Equatorial Guinea,” reported the Huffington Post. “‘I just have trouble working with despotic dictators killing their own people,’ said one Qorvis insider.”

The last time I can remember a stir about a lobby firm evading disclosure law was in 2004, when Qorvis Communications’ offices were raided by the FBI in a probe about its work for the royal family of Saudi Arabia. However, nothing much came of it, and business carried on as usual among Washington lobbyists. Two years ago, reportedly, a number of Qorvis lobbyists quit because they were uncomfortable with the firm’s work. According to this 2015 story in the New York Observer, more than a third of Qorvis partners had left the firm—to start their own lobby shops—“partly because of the firm’s work on behalf of such clients as Yemen, Bahrain, Saudi Arabia and the Central African nation of Equatorial Guinea,” reported the Huffington Post. “‘I just have trouble working with despotic dictators killing their own people,’ said one Qorvis insider.”

 

U.S Should Follow Europe’s Lead on Cyber

Imagine that….Europe may be more right on this issue than the United States is due to congress where decisions just cannot be made.

Going back to 2011, the Pentagon has concluded that computer sabotage coming from another country can constitute an act of war, a finding that for the first time opens the door for the U.S. to respond using traditional military force.

In 2016, Pentagon leaders are still working to determine when, exactly, a cyber-attack against the U.S. would constitute an act of war, and when, exactly, the Defense Department would respond to a cyber-attack on civilian infrastructure, a senior Defense Department official told lawmakers on Wednesday.

A cyber strike as an act of war “has not been defined,” Acting Assistant Secretary of Defense for Homeland Defense and Global Security Thomas Atkin told the House Armed Services Committee. “We’re still working toward that definition.” More here.

photo

Related reading: North Korea’s Elite Cyber Soldiers Hacked Top Secret Warship Blueprints, Seoul Lawmaker Says

So, is Europe ahead of the United States on this issue?

EU governments to warn cyber attacks can be an act of war

European Union governments will formally state that cyber attacks can be an act of war in a show of strength to countries such as Russia and North Korea.

Diplomats and ambassadors in Brussels have drafted a document, obtained by The Telegraph, that represents an unprecedented deterrent aimed at countries using hackers and cyber espionage against EU members.

The document, set to be agreed by all 28 EU members states, including Britain, in the coming weeks warns that individual member states could respond “in grave instances” to cyber attacks with conventional weapons.

The British government has now said it was all but certain that North Korea was behind the “WannaCry” malware attack that hit NHS IT systems in May. Work on the EU paper began among fears that Russia would attempt to influence this year’s German elections and over hybrid warfare employed in Ukraine. More here.

This could be a pretext for what is a probable threat.

photo

Banks fearing North Korea hacking prepare defenses: cyber experts

WASHINGTON/TORONTO (Reuters) – Global banks are preparing to defend themselves against North Korea potentially intensifying a years-long hacking spree by seeking to cripple financial networks as Pyongyang weighs the threat of U.S. military action over its nuclear program, cyber security experts said.

North Korean hackers have stolen hundreds of millions of dollars from banks during the past three years, including a heist in 2016 at Bangladesh Bank that yielded $81 million, according to Dmitri Alperovitch, chief technology officer at cyber security firm CrowdStrike.

Alperovitch told the Reuters Cyber Security Summit on Tuesday that banks were concerned Pyongyang’s hackers may become more destructive by using the same type of “wiper” viruses they deployed across South Korea and at Sony Corp’s (6758.T) Hollywood studio.

The North Korean government has repeatedly denied accusations by security researchers and the U.S. government that it has carried out cyber attacks.

North Korean hackers could leverage knowledge about financial networks gathered during cyber heists to disrupt bank operations, according to Alperovitch, who said his firm has conducted “war game” exercises for several banks.

“The difference between theft and destruction is often a few keystrokes,” Alperovitch said.

Security teams at major U.S. banks have shared information on the North Korean cyber threat in recent months, said a second cyber security expert familiar with those talks.

“We know they attacked South Korean banks,” said the source, who added that fears have grown that banks in the United States will be targeted next.

Tensions between Washington and Pyongyang have been building after a series of nuclear and missile tests by North Korea and bellicose verbal exchanges between U.S. President Donald Trump and North Korean leader Kim Jong Un.

John Carlin, a former U.S. assistant attorney general, told the Reuters summit that other firms, among them defense contractors, retailers and social media companies, were also concerned.

“They are thinking ‘Are we going to see an escalation in attacks from North Korea?’” said Carlin, chair of Morrison & Foerster international law firm’s global risk and crisis management team.

Jim Lewis, a cyber expert with Washington’s Center for Strategic and International Studies, said it is unlikely that North Korea would launch destructive attacks on American banks because of concerns about U.S. retaliation.

Representatives of the U.S. Federal Reserve and the Office of the Comptroller of the Currency, the top U.S. banking regulators, declined to comment. Both have ramped up cyber security oversight in recent years.

For other Reuters Cyber Summit news click on www.reuters.com/cyberrisk