Seizure of Three Terror Finance Cyber-Enabled Campaigns

Global Disruption of Three Terror Finance Cyber-Enabled Campaigns

Largest Ever Seizure of Terrorist Organizations’ Cryptocurrency Accounts

The Justice Department today announced the dismantling of three terrorist financing cyber-enabled campaigns, involving the al-Qassam Brigades, Hamas’s military wing, al-Qaeda, and Islamic State of Iraq and the Levant (ISIS).  This coordinated operation is detailed in three forfeiture complaints and a criminal complaint unsealed today in the District of Columbia.  These actions represent the government’s largest-ever seizure of cryptocurrency in the terrorism context.

These three terror finance campaigns all relied on sophisticated cyber-tools, including the solicitation of cryptocurrency donations from around the world.  The action demonstrates how different terrorist groups have similarly adapted their terror finance activities to the cyber age.  Each group used cryptocurrency and social media to garner attention and raise funds for their terror campaigns.  Pursuant to judicially-authorized warrants, U.S. authorities seized millions of dollars, over 300 cryptocurrency accounts, four websites, and four Facebook pages all related to the criminal enterprise.

Funds successfully forfeited with a connection to a state sponsor of terrorism may in whole or in part be directed to the United States Victims of State Sponsored Terrorism Fund (http://www.usvsst.com/) after the conclusion of the case.

“It should not surprise anyone that our enemies use modern technology, social media platforms and cryptocurrency to facilitate their evil and violent agendas,” said Attorney General William P. Barr.   “The Department of Justice will employ all available resources to protect the lives and safety of the American public from terrorist groups.  We will prosecute their money laundering, terrorist financing and violent illegal activities wherever we find them.  And, as announced today, we will seize the funds and the instrumentalities that provide a lifeline for their operations whenever possible.  I want to thank the investigators from the Internal Revenue Service, Department of Homeland Security, Federal Bureau of Investigation, and the prosecutors from the D.C. United States Attorney’s Office and National Security Division for their hard and innovative work in attacking the networks that allow these terrorists to recruit for and fund their dangerous actions.”

“Terrorist networks have adapted to technology, conducting complex financial transactions in the digital world, including through cryptocurrencies. IRS-CI special agents in the DC cybercrimes unit work diligently to unravel these financial networks,” said Secretary of the Treasury Steven T. Mnuchin.  “Today’s actions demonstrate our ongoing commitment to holding malign actors accountable for their crimes.”

“The Department of Homeland Security was born after the September 11, 2001 terrorist attacks and, nearly 20 years later, we remain steadfast in executing our critical mission to safeguard the American people, our homeland, and our values,” said Acting Secretary of Homeland Security Chad F. Wolf.  “Today’s announcement detailing these enforcement actions targeting foreign terrorist organizations is yet another example of the Department’s commitment to our mission. After launching investigations that identified suspected online payments being funneled to and in support of terrorist networks, Homeland Security Investigations skillfully leveraged their cyber, financial, and trade investigative expertise to disrupt and dismantle cyber-criminal networks that sought to fund acts of terrorism against the United States and our allies.  Together with our federal law enforcement partners, the Department will utilize every resource available to ensure that our Homeland is and remains secure.”

“These important cases reflect the resolve of the D.C. United States Attorney’s Office to target and dismantle these sophisticated cyber-terrorism and money laundering actors across the globe,” stated Acting United States Attorney Michael R. Sherwin.  “While these individuals believe they operate anonymously in the digital space, we have the skill and resolve to find, fix and prosecute these actors under the full extent of the law.”

“IRS-CI’s ability to trace funds used by terrorist groups to their source and dismantle these radical group’s communication and financial networks directly prevents them from wreaking havoc throughout the world,” said Don Fort, Chief, IRS Criminal Investigation.  “Today the world is a safer place.”

“As the primary law enforcement agency charged with defeating terrorism, the FBI will continue to combat illicit terrorist financing regardless of platform or method employed by our adversaries,” said FBI Director Christopher Wray. “As demonstrated by this recent operation, the FBI remains committed to cutting off the financial lifeblood of these organizations that seek to harm Americans at home and abroad.”

“Homeland Security Investigations continues to demonstrate their investigative expertise with these enforcement actions,” said ICE Deputy Director and Senior Official Performing the Duties of the Director Matthew T. Albence.  “Together with law enforcement partners, HSI has utilized their unique authorities to bring to justice those cyber-criminal networks who would do us harm.”

Al-Qassam Brigades Campaign

The first action involves the al-Qassam Brigades and its online cryptocurrency fundraising efforts.  In the beginning of 2019, the al-Qassam Brigades posted a call on its social media page for bitcoin donations to fund its campaign of terror.  The al-Qassam Brigades then moved this request to its official websites, alqassam.net, alqassam.ps, and qassam.ps.

al_qassam_1

The al-Qassam Brigades boasted that bitcoin donations were untraceable and would be used for violent causes.  Their websites offered video instruction on how to anonymously make donations, in part by using unique bitcoin addresses generated for each individual donor.

al_qassam_2

 

However, such donations were not anonymous.  Working together, IRS, HSI, and FBI agents tracked and seized all 150 cryptocurrency accounts that laundered funds to and from the al-Qassam Brigades’ accounts.  Simultaneously, law enforcement executed criminal search warrants relating to United States-based subjects who donated to the terrorist campaign.

With judicial authorization, law enforcement seized the infrastructure of the al-Qassam Brigades websites and subsequently covertly operated alqassam.net.   During that covert operation, the website received funds from persons seeking to provide material support to the terrorist organization, however, they instead donated the funds bitcoin wallets controlled by the United States.

The United States Attorney’s Office for the District of Columbia also unsealed criminal charges for two Turkish individuals, Mehmet Akti and Hüsamettin Karataş, who acted as related money launderers while operating an unlicensed money transmitting business.

Al-Qaeda Campaign

The second cyber-enabled terror finance campaign involves a scheme by al-Qaeda and affiliated terrorist groups, largely based out of Syria.  As the forfeiture complaint details, these terrorist organizations operated a bitcoin money laundering network using Telegram channels and other social media platforms to solicit cryptocurrency donations to further their terrorist goals.  In some instances, they purported to act as charities when, in fact, they were openly and explicitly soliciting funds for violent terrorist attacks.  For example, one post from a charity sought donations to equip terrorists in Syria with weapons:

al_qaeda

Undercover HSI agents communicated with the administrator of Reminder for Syria, a related charity that was seeking to finance terrorism via bitcoin donations.  The administrator stated that he hoped for the destruction of the United States, discussed the price for funding surface-to air missles, and warned about possible criminal consequences from carrying out a jihad in the United States.

Posts from another Syrian charity similarly explicitly referenced weapons and extremist activities:

al_qaeda_2
al_qaeda_3.

Al-Qaeda and the affiliated terrorist groups together created these posts and used complicated obfuscation techniques, uncovered by law enforcement, to layer their transactions so to conceal their actions.  Today’s complaint seeks forfeiture of the 155 virtual currency assets tied to this terrorist campaign.

ISIS Campaign

The final complaint combines the Department’s initiatives of combatting COVID-19 related fraud with combatting terrorism financing.  The complaint highlights a scheme by Murat Cakar, an ISIS facilitator who is responsible for managing select ISIS hacking operations, to sell fake personal protective equipment via FaceMaskCenter.com (displayed below)

isis_1.

The website claimed to sell FDA approved N95 respirator masks, when in fact the items were not FDA approved.  Site administrators claimed to have near unlimited supplies of the masks, in spite of such items being officially-designated as scarce.  The site administrators offered to sell these items to customers across the globe, including a customer in the United States who sought to purchase N95 masks and other protective equipment for hospitals, nursing homes, and fire departments.

The unsealed forfeiture complaint seized Cakar’s website as well as four related Facebook pages used to facilitate the scheme.  With this third action, the United States has averted the further victimization of those seeking COVID-19 protective gear, and disrupted the continued funding of ISIS.

The claims made in these three complaints are only allegations and do not constitute a determination of liability.  The burden to prove forfeitability in a civil forfeiture proceeding is upon the government.  Further, charges contained in criminal complaint are merely allegations, and the defendants are presumed innocent unless and until proven guilty beyond a reasonable doubt in a court of law.

IRS-CI Cyber Crimes Unit (Washington, D.C.), HSI’s Philadelphia Office, and FBI’s Washington D.C., New York, and Los Angeles field offices are investigating the case. Assistant U.S Attorneys Jessi Camille Brooks and Zia M. Faruqui, and National Security Division Trial Attorneys Danielle Rosborough and Alexandra Hughes are litigating the case, with assistance from Paralegal Specialists Brian Rickers and Bria Cunningham, and Legal Assistant Jessica McCormick.  Additional assistance has been provided by Chainalysis and Excygent.

Looming Military Conflict in S China Sea?

Chinese military journalists are publicly urging the People’s Liberation Army (PLA) to prepare immediately for an attack by U.S. forces in the South China Sea. One expert at Zhejiang University’s National Institute for South China Sea Studies, Shi Xiaoqin, claims that the U.S. is deliberately trying to provoke China. They also suggest the regime reinforce Chinese installations on reefs claimed by China.

If this analysis gains traction by Chinese political and military leaders, U.S. military commanders in the South China Sea should plan for the possibility that China might initiate hostilities in keeping with its doctrine of preemptive retaliation, a seeming attempt falsely to claim “self-defense.”

One writer suggests that the PLA should immediately move fighter aircraft to Chinese air bases in the Spratly Islands at Fiery Cross, Subi Reef, and Mischief Reef. He also boldly claims that the augmented presence of U.S. naval and air assets in the South China Sea is no longer just a show of force by America.

Chen Hu, a Chinese military journalist, also asserts that the U.S. is now intent on provoking a conflict and is preparing for battle. Chen claims that the return of B1 bombers to Guam and continued deployment of two U.S. aircraft carrier groups in the South China Sea, despite the conclusion of military exercises, is supposedly a sign of Washington’s aggressive intent. Chen suggests that recent U.S. “Freedom of Navigation” maneuvers and the high number of U.S. surveillance collection missions along the Chinese coast is additional proof of American attack planning. Former PLA officer Wang Yunfei and naval equipment expert suggests that flights by American RC-135, E-8c, and RC-12X surveillance aircraft equate to “pre-battle strategic technical surveillance.” As the joke goes from the children’s playground: “It all started when he hit me back.”

Wang further warns that U.S. President Donald J. Trump is likely to initiate a military conflict in the South China Sea region before the November 3 U.S. presidential election, speculating that “stirring up external frictions, especially military conflicts with China, will help the incumbent president for his re-election campaign.”

The leaders of China’s Communist Party (CCP) also see that nothing was done by anyone, including the U.S., to stop China’s grab of Hong Kong this year — 27 years early. This paralysis of the West must have looked to the CCP like a green light to keep on grabbing.

Wang even lays out his analysis on particular avenues of approach by which U.S. bombers might attack their Chinese targets. Wang, now a Chinese naval specialist, writes that the U.S. will probably ship-launch Tomahawk Cruise against Chinese bases in the South China Sea. He further specifies that the PLA should deploy China’s own aircraft carriers in the south central region of the sea, as the best strategy to counter any U.S. assault. He adds that China must also deploy fighter jets and air defense missiles on various Chinese reefs.

Scarborough Shoal could become a flashpoint for a South ...

Wang singled out the Scarborough Shoal in the South China Sea’s Paracel Island Chain as the most likely initial piece of real estate that the U.S. might seek to seize. The Scarborough (Huangyan) Shoal/Reef is claimed by both China and the Republic of the Philippines. Perhaps one reason why China might expect that Scarborough Shoal is a likely target is that the U.S. wants to re-cement military agreements with the Philippines that would allow American military assets access to Clark Air Force Base, Subic Bay Naval Base and other newer facilities. U.S. support for Manila’s claim to the Scarborough Shoal against China’s might be sufficient to convince the mercurial president of the Philippines, Rodrigo Duterte, to patch up relations with the U.S.

Chinese writer Zheng Hao, who assesses that it is possible that U.S.-Chinese tensions in the South China Sea could escalate into a “hot war,” cites U.S. Secretary of State Mike Pompeo’s July 13 statement that the South China Sea is “not China’s maritime empire” as indicative of the Trump Administration’s hostile intent. Zheng appears to be especially concerned about the July 7 U.S.-Japan naval exercise, which included an operation by the U.S. aircraft carrier Ronald Reagan and two warships of the Japanese Maritime Defense Forces. Zheng laments that the 2018 draft of the Code of Conduct in the South China Sea has not yet been signed by the Association of South East Asian Nations (ASEAN) and China.

One hope to avoid or at least postpone an imminent clash in the South China Sea is for China and the U.S. to activate the crisis prevention apparatus established in November 2014. This diplomatic device includes a Memorandum of Understanding on notification of military activities and rules of behavior designed to keep air and naval encounters peaceful. So far, there is no public acknowledgement that either China or the U.S. is employing the crisis prevention mechanism. One recent sign of efforts by both sides to avoid a military incident was the Pentagon’s August 7 announcement that U.S. Secretary of Defense Mark Esper and his Chinese counterpart, Minister of Defense Wei Fenghe, held a 90-minute teleconference last week.

China, however, has been the party with the hostile intent, not only with Hong Kong, but also with an attack on northern India, an extensive military base build-up in the South China Sea, an attempted appropriation of the Japan-administered Senkaku Islands and a “fishing fleet” of 250 vessels showing up near the Galapagos Islands, off Ecuador. Another recent move from Beijing was to conduct live-fire targeting drills in the South China Sea from July 25 through August 2. The announcement of this exercise was promulgated by the PLA and not, as is usual, by the Chinese government’s maritime administration. If China continues its aggressive posture toward the U.S.-allied free states of Asia, especially Taiwan, a direct confrontation between the Chinese and U.S. militaries in the South China may indeed be necessary.

Author: Dr. Lawrence A. Franklin was the Iran Desk Officer for Secretary of Defense Rumsfeld. He also served on active duty with the U.S. Army and as a Colonel in the Air Force Reserve.

Warnings of Ransomware Affecting Elections

According to an intelligence report issued by the Department of Homeland Security, one of the top 2020 election security concerns is ransomware. A report entitled “Cybercriminals and Criminal Hackers Capable of Disrupting Election Infrastructure”, echos concerns CISA head Chris Krebs articulate at the Black Hat security conference in early August.

Department of Homeland Security fears 'ransomware' attacks ... source

The FBI and Department of Homeland Security have issued advisories to local governments, including recommendations for preventing attacks.
“From the standpoint of confidence in the system, I think it is much easier to disrupt a network and prevent it from operating than it is to change votes,” Adam Hickey, a Justice Department deputy assistant attorney general, said in an interview.

US officials state that election interference will not be tolerated. They are proactively working with social media companies, among other groups, to help safeguard the elections.

In addition, the US Department of State’s “Rewards for Justice” program is offering a 10M to anyone who can provide information about foreign interference. The Department of State has reached out to targeted individuals in Iran soliciting information.

US officials are interested in identifying individuals who aim to disrupt campaigns, meddle with election infrastructure, and who pose threats to election officials. This is the third major “Rewards for Justice” initiative this year. More here.

***

“We’re seeing state and local entities targeted with ransomware on a near daily basis,” said Geoff Hale, a top election security official with Homeland Security’s Cybersecurity and Infrastructure Security Agency.

Steps taken to improve security of voter registration systems after the 2016 election could help governments fend off election-related ransomware attacks. They’ve also acted to ensure they can recover quickly in the event of an attack.

Colorado, for example, stores redundant versions of its voter registration data at two separate secure locations so officials can easily shift operations. Backups are regular so the system can be quickly rebuilt if needed.

Even so, ransomware is an added concern for local election officials already confronting staffing and budget constraints while preparing for a shift from in-person voting to absentee balloting because of the pandemic.

In West Virginia, state officials are more concerned about the cyberthreat confronting its 55 county election offices than a direct attack on the statewide voter registration system. One click from a county employee falling victim to a spearphishing attack could grant a hacker access to the county network and eventually to election systems.

“I’m more worried that those people who are working extra hours and working more days, the temporary staff that may be brought in to help process the paperwork, that all this may create a certain malaise or fatigue when they are using tools like email,” said David Tackett, chief information officer for the secretary of state.

In states that rely heavily on in-person voting and use electronic systems to check in voters, a well-timed attack particularly during early voting could prevent officials from immediately verifying a voter’s eligibility, making paper backups critical.

For states conducting elections entirely by mail, including Colorado, an attack near Election Day may have little effect on voting because ballots are sent early to all voters, with few votes cast in-person. But it could disrupt vote-tallying, forcing officials to process ballots by hand.

In many states, local officials will face an influx of new ballot requests. That means they’ll need constant access to voter data as they handle these requests. An attack could cause major disruptions.

Hickey said he was unaware of ransomware attacks directly targeting election infrastructure. But local election offices are often connected to larger county networks and not properly insulated or protected.

A criminal targeting a county or state “may not even know what parts of the network they got into,” Hickey said. But as the malware creeps along and spreads, “what gets bricked is the entire network — and that includes but is not limited to election infrastructure.”

Even if election infrastructure isn’t directly targeted, there would likely be immediate assumptions it was, said Ron Bushar of the FireEye cybersecurity company.

A February advisory issued by the FBI and obtained by The Associated Press recommends local governments separate election-related systems from county and state systems to ensure they aren’t affected in an unrelated attack.

NASA Prepares to Launch Contact Tracing Program

As the COVID-19 pandemic continues its spread in the U.S., NASA is tapping commercial software to start an internal contact tracing program.

Why NASA Needs a New Logo | Space

According to an information collection notice posted Tuesday in the Federal Register, the voluntary program “will be used to determine whether NASA personnel have been exposed to the COVID-19 virus and to track and trace their interactions across the NASA community for identifying possible points of exposure.”

Once the program is stood up, NASA plans to designate a health care-focused employee to act as the NASA Contact Tracer to lead the effort.

When a NASA employee or contractor agrees to sign up for the program, the Contact Tracer will start by going through the privacy considerations so the employee understands their rights and how their personal information will be used, after which the employee “will be asked, orally, to confirm if they have symptoms or not,” by replying “yes” or “no.”

That information—along with the employee’s contact information and the names, phone numbers and email addresses of those they have been in close contact with—will be entered into the new tracking app.

“While participation is voluntary, it is strongly encouraged as failure to provide the requested information may result in potential increased exposure of personnel to the virus,” the notice states.

The “newly developed tracking and tracing digital application” was built on NASA’s Salesforce platform. Salesforce’s workforce management platform has been used by a variety of organizations to start internal contact tracing programs, including some 35 state governments, according to company CEO Marc Benioff.

Interested parties have until October 4 to submit comments.

Specifically, under the Federal Register notice, the agency wants feedback on “whether the proposed collection of information is necessary for the proper performance of the functions of NASA, including whether the information collected has practical utility;” “ways to enhance the quality, utility and clarity of the information to be collected;” and “ways to minimize the burden of the collection of information on respondents, including automated collection techniques or the use of other forms of information technology.”

*** The Flawed World of Contact Tracing: Where’s Carol The Tester? source

“While participation is voluntary, it is strongly encouraged as failure to provide the requested information may result in potential increased exposure of personnel to the virus,” NASA wrote in the notice.

The information collected through NASA’s contact tracing program may also be shared with private or government healthcare providers and other entities with access to all NASA systems of records. By keeping the contact tracing records in a digital format, NASA wrote that it hopes to “ensure higher rate of inclusion and assist in the efficiency of the stages of report processing by human subject matter analysts.”

NASA is estimating that the contact tracing program will cost about $1.9 million per year. The agency is accepting comments on its contact tracing program – such as ways to enhance the quality of its data and ways to minimize the burden of information collection on personnel – through October 4.

Tip Sheet on Kamala Harris

          1. Harris, the daughter of immigrants from Jamaica and India.
          2.  Harris said she believed women who accused Biden of inappropriate touching.’I believe them, and I respect them being able to tell their story and having the courage to do it’.
          3. Harris was the designated pit bull to attack Brett Kavanaugh in his confirmation hearing. At one point when he was holding a worn copy of the Constitution that he kept in his coat pocket, she referred to it as THAT BOOK showing her disdain for his fidelity to the Constitution. Read more here.
          4. As both a district attorney and state attorney general, Harris pushed for a new statewide law that lets prosecutors charge parents with misdemeanors if their children are chronically truant.
          5. Harris strongly supports “familial DNA searching,ˮ in which police take DNA samples from crime scenes and compare them to existing databases to look for not just any direct matches in criminal databases, but any familial matches.
          6. In her first speech on the Senate floor, Harris declared, “An undocumented immigrant is not a criminal.” She later avowed the belief that illegal immigration is “a civil violation, not a crime.”
          7. In October 2017, Harris declared that she would rather shut down the government than vote for a spending bill that did not address the Deferred Action for Childhood Arrivals program and ensure those covered by the program would not be deported. “I will not vote for an end-of-year spending bill until we are clear about what we are going to do to protect and take care of our DACA young people in this country,” she said. And she has kept her word, at least so far. More details here from NR.
          8. Harris did not protect the Catholic Daughters of Charity Health System but rather finessed the sale as a favor to SEIU.
          9. Harris says Americans need to be “educated about the effect of our eating habits on our environment,” and says she would change the dietary guidelines to reduce the amount of red meat you can eat.
          10. Harris will push Congress to provide monthly economic impact payments to qualifying Americans that are recurring.
          11. Harris and her Senate colleagues pushed for the inclusion of a provision that would cancel at least $10,000 of student debt for all borrowers.
          12. Harris insisted that the 2017 tax reform law must be repealed in its entirety.
          13. Harris has a long record of action on climate change including investigating Exxon Mobil XOM in 2016, voting against repeals of methane emissions, and sponsoring the resolution of disapproval for the 2019 rollbacks on power plant carbon pollution limits.
          14. Her plan, by 2045 we will have basically zero emission vehicles only,” but her climate plan calls for 100% of vehicles as soon as 2035.
          15. She lied about smoking pot listening to Snoop and Tupac.

Her sister Maya is a lawyer, public policy advocate, and television commentator. She is a political analyst for MSNBC and in 2015 was appointed as one of three senior policy advisors to lead the development of an agenda for Hillary Clinton’s 2016 presidential campaign. She was formerly a senior fellow at the Center for American Progress. From 2008 until she took her current position, she was Vice President for Democracy, Rights and Justice at the Ford Foundation. Prior to joining the Ford Foundation, she served as the Executive Director of the American Civil Liberties Union (ACLU) of Northern California. Swampy huh? Oh and Maya is married to Tony West. West previously served as the Associate Attorney General of the United States, the third highest-ranking official in the United States Department of Justice; and Assistant Attorney General of the Civil Division, the largest litigating division in the Department of Justice.

California Attorney General Kamal Harris marries Douglas Emhof Kamala Harris’ Criminal Justice Policies Blasted After ...