Category Archives: Trump Administration

Hey Moscow, What About the ‘neuroweapons’ Used in Cuba attacks

Posted on by
General view of the U.S. Embassy in Havana after the U.S. government pulled more than half of its diplomatic personnel out of Cuba in September 2017. (Photo: Ernesto Mastrascusa/Getty Images)

Primer:

Neurotechnologies as Weapons of Mass Disruption or Future Asymmetric Warfare: Putative Mechanisms, Emerging Threats, and Bad Actor Scenarios

Intelligence agencies investigating mysterious “attacks” that led to brain injuries in U.S. personnel in Cuba and China consider Russia to be the main suspect, three U.S. officials and two others briefed on the investigation tell NBC News.

The suspicion that Russia is likely behind the alleged attacks is backed up by evidence from communications intercepts, known in the spy world as signals intelligence, amassed during a lengthy and ongoing investigation involving the FBI, the CIA and other U.S. agencies. The officials declined to elaborate on the nature of the intelligence.

The evidence is not yet conclusive enough, however, for the U.S. to formally assign blame to Moscow for incidents that started in late 2016 and have continued in 2018, causing a major rupture in U.S.-Cuba relations.

Since last year, the U.S. military has been working to reverse-engineer the weapon or weapons used to harm the diplomats, according to Trump administration officials, congressional aides and others briefed on the investigation, including by testing various devices on animals. As part of that effort, the U.S. has turned to the Air Force and its directed energy research program at Kirtland Air Force Base in New Mexico, where the military has giant lasers and advanced laboratories to test high-power electromagnetic weapons, including microwaves.

Although the U.S. believes sophisticated microwaves or another type of electromagnetic weapon were likely used on the U.S. government workers, they are also exploring the possibility that one or more additional technologies were also used, possibly in conjunction with microwaves, officials and others involved in the government’s investigation say.

The U.S. has said 26 government workers were injured in unexplained attacks at their homes and hotels in Havana starting in late 2016, causing brain injuries, hearing loss and problems with cognition, balance, vision and hearing problems. Strange sounds heard by the workers initially led investigators to suspect a sonic weapon, but the FBI later determined sound waves by themselves couldn’t have caused the injuries. More here.

*** Truth be told, this investigation and the details are rather disjointed and weird.

Four scientists, including the first doctor to examine the diplomats reporting symptoms in Cuba, took part in a Pentagon-sponsored teleconference on Friday, where they announced new research results, including what they determined to be the probable use of “neuroweapons” in what they called the Havana Effect.

At issue are the more than two dozen U.S. government officials stationed in Havana, who have described hearing strange sounds, followed by a combination of medical symptoms, including dizziness, hearing loss and cognitive problems. More recently, a similar case has been reported in a U.S. embassy worker in Guangzhou, China. For months, a mix of secrecy and speculation has surrounded those incidents, including an increasingly popular theory that the diplomats were the victims of microwave weapons.

Michael Hoffer, an otolaryngologist at the University of Miami, who was the first to conduct tests on the embassy workers, said on the Friday call that the diplomats are suffering from a  “neurosensory dysfunction,” which is primarily affecting their sense of balance.

The Friday call was organized as part of a study program sponsored by the Pentagon and titled “Probable Use of a Neuroweapon to Affect Personnel of US  Embassy in Havana: Findings, Pathology, Possible Causes, and Disruptive Effects.”

A Pentagon official told Yahoo News that the briefing was offered by the scientific team for interested people in the Defense Department and was to gain “general knowledge” about their findings. “This didn’t have an operational element,” the official said.  Read on from here.

N Korean, Park Jin hyok Charged with Global Cyber Attacks

Posted on by

U.S. CHARGES NORTH KOREAN HACKER

Federal prosecutors charged a North Korean man, Park Jin-hyok, with crimes in connection with a series of costly cyberattacks around the globe, including the WannaCry ransomware attack in 2018, the heist of Bangladesh’s central bank in 2017, and the hack of Sony Pictures in 2014. It is the first time the Justice Department has explicitly charged a North Korean hacker backed by the government. Park was allegedly working as a programmer for a North Korean front company in China called Chosun Expo, which had ties to North Korea’s military intelligence.

Legal analysts say the complaint is the most detailed public accounting yet of North Korea’s cyberattacks against foreign adversaries. The Justice Department has now brought hacking-related charges against North Korea, China, Iran, and Russia. (WSJ, NYT, Reuters, DOJ)

Park Jin Hyok, named by officials as a member of the so-called Lazarus Group hacking team behind last year’s WannaCry global ransomware attack and the 2014 digital attack on Sony, apparently used not only advanced technology, but elaborate reconnaissance work to digitally steal money and sensitive information.

First, Park would obtain a number of email addresses of people affiliated with target businesses from traders dealing in large amounts of personal information. Then he would use the emails to gain an understanding of company employees’ fields of interest and personal relationships.

That would let him craft emails that could pass as genuine messages from major companies in content and style, a tactic known as spear phishing. After spending some time building trust, he would send the malicious links to websites that would infect a target’s computer.

In one case, Park apparently masqueraded as a human resources official at a U.S. defense-linked company to exchange messages with workers at one of the company’s competitors.

Last week’s charges were said to be the first in years against a North Korean hacker related to high-profile attacks linked to the state. The attack on Sony came as the company was preparing to release a movie called “The Interview,” which depicted the assassination of a character resembling North Korean leader Kim Jong Un. The group also allegedly stole $81 million from the central bank of Bangladesh in 2016.

A North Korean suspect is wanted by U.S. authorities on suspicion of hacking. (Courtesy of the U.S. Federal Bureau of Investigation)

“We stand with our partners to name the North Korean government as the force behind this destructive global cyber campaign,” Christopher Wray, director of the Federal Bureau of Investigation, said in a statement on Sept. 6.

The U.S. Treasury also imposed sanctions on Park and a Chinese business he was affiliated with. “We will not allow North Korea to undermine global cybersecurity to advance its interests and generate illicit revenues in violation of our sanctions,” Treasury Secretary Steven Mnuchin said in his own statement.

Under Kim, the North has consolidated its cyber forces under its Reconnaissance General Bureau, which handles overseas spying. The state has a team of 6,800, according to the South Korean government, and is counted as one of the five cyber powers along with the U.S., Russia, China and Israel.

The core of cyber operations is a team known as “Bureau 121,” established in 1998 by Kim’s father, then-leader Kim Jong Il. Bureau 121 is known for its willingness to commit crimes for the sake of bringing in cash.

“The technology behind North Korea’s cybercrimes is some of the most advanced in the world,” said a source with the U.S. State Department.

Governments and businesses around the world are hurrying to guard themselves from the North’s attacks even as its methods grow more sophisticated. Further cooperation between countries’ cyberdefense authorities may be key to finding effective solutions.

British Airways: The airline said a “very sophisticated” hacker stole credit card details of hundreds of thousands of its customers in recent days. Anyone who lost out financially as a result of the breach would be compensated, BA officials said. (Reuters)

JPMorgan Hacker: A Russian man, Andrei Tyurin, has been extradited by Georgia to the United States on charges that he participated in the 2014 hack of JPMorgan Chase and other U.S. companies. (Reuters)

Is that Russian Submarine Threat Still out There?

Posted on by

It is not just the U.S. Navy that is on alert. Europe’s top Navy Commander:

NAPLES, Italy — Russia is deploying more submarines to the Mediterranean, the Black Sea and North Atlantic than at any time since the Cold War as part of a growing power game driving the U.S. to revive a decommissioned fleet and NATO to strengthen its naval defenses, the Navy’s top commander in the theater said.

Russia is upgrading its submarine forces and improving their missile capabilities, all while relations between Moscow and NATO remain tense over Russia’s annexation of Ukraine’s Crimean Peninsula in 2014, Adm. James Foggo, commander of U.S. Naval Forces Europe and Africa, said in an interview earlier this month.

“The illegal annexation of Crimea … that certainly has put a strain on our relationship,” Foggo told Stars and Stripes. “It’s their bad behavior, not ours. It’s the things they are doing.”

The Navy is reviving 2nd Fleet, though on a smaller scale than the one deactivated in 2011, to supply more ships in what Foggo described as growing competition between Russia and NATO in the Atlantic Ocean.

The renewed 2nd Fleet will be a Norfolk, Va.-based joint forces command, with many details yet to be worked out, Foggo said, adding that Navy leaders will know more after NATO’s July summit in Brussels. More here.

***

This is not really a new condition, it has been going on for a few years without any real U.S. response that is until the Omnibus was passed where monies were allocated for air-dropped sonobuoys that can detect submarines and transmit data back to motherships. The warnings began with Russia, operating in the Mediterranean where missiles were fired into Syria on several occasions.

The United States and Britain have been playing cat and mouse with Russia in several locations. Under Exercise Dynamic Mongoose, 10 NATO countries have been practicing hunting tactics of stealth submarines off Norway’s coast.

This past April, Lockheed Martin was awarded a $1 billion contract for a hypersonic cruise missile.

The Hypersonic Conventional Strike Weapon program is one of two hypersonic weapon prototyping efforts being pursued by the Air Force, and comes in addition to the Tactical Boost Glide program, which the Air Force is working on with DARPA and Raytheon. The service plans to have a prototype ready by 2023.

The Tactical Boost Glide is designed to operate at 5 times the speed of sound to enhance current military systems.

The United States has 70 nuclear powered submarines and 52 attack submarines along with 4 cruise missile armed submarines and 14 ballistic missile submarines. They all patrol bodies of water across the globe.

Russian Subs Are Reheating a Cold War Chokepoint - Defense One  photo

Adm. John Richardson, Chief of Naval Operations has confirmed increased foreign submarine operations.

According to GlobalFirePower.com, North Korea has the world’s largest submarine fleet by raw numbers with 76, though most of Pyongyang’s fleet consists of shorter-range, electric-diesel coastal patrol craft. China and Russia, both with modern nuclear-powered fleets that rival the U.S. fleet, have 68 subs and 63 subs, respectively.

NATO Secretary-General Jens Stoltenberg, in an interview with the Frankfurt Allgemeine and other news outlets in December, said the Kremlin is investing heavily in its submarine fleet, with 13 delivered since 2013. NATO countries, he said, have let their underwater firepower lag. “We have practiced less and lost skills,” the NATO chief said.

A particular point of concern, said one former high-level U.S. Navy official, is that Moscow may be attempting to tap into or sever some of the 550,000 miles of underwater fiber-optic cables that span the Atlantic and Arctic sea lanes.

“Russians have had a capability … to do things with these cables for the last 20 to 30 years,” said Tom Callender, who once served as head of capabilities for the Navy’s deputy undersecretary office and is now a senior defense fellow at The Heritage Foundation.

“Russians have had a capability … to do things with these cables for the last 20 to 30 years,” said Tom Callender, who once served as head of capabilities for the Navy’s deputy undersecretary office and is now a senior defense fellow at The Heritage Foundation.More than 95 percent of the global internet traffic — military and civilian, classified and unclassified — is transmitted across the network of submerged cables along the ocean floor, according to Washington-based tech firm TeleGeography. The quantity is massive compared with just a decade ago, when just 1 percent of all online traffic went through the cables.

Seabed vulnerability

The majority of the 285 underwater cables in place crisscross beneath heavily trafficked sea lanes of the Atlantic and Arctic regions. According to TeleGeography, the longest single cable stretches 24,000 miles and relays internet traffic and other electronic communications from Europe, Asia and Africa.

The scale and scope of global communications moving through the network of cables — some of which are only 2 inches thick — present a lucrative target that is vulnerable to attack by U.S. adversaries. It also poses a significant challenge to U.S. forces defending the lines. Read more detail here.

 

Iran Sleeper Cells Parked Around the U.S.

Posted on by

Primer: Two Individuals Charged for Acting as Illegal Agents of the Government of Iran

Could it be that law enforcement officials are working the cases diligently? This adds a deeper dimension to the work of the FBI, ICE and Border Patrol as well as all diplomatic posts in Central America and Latin America. Iran’s economy is in a free-fall, so money/revenue is most important and illicit activities, including attacks are the easiest method to raise operational funds.

Israel and Stuff » Report: Obama WH obstructed Hezbollah ...

Related reading: DoJ’s Bruce Ohr Demoted Again, Project Cassandra?

Iranian-backed militants are operating across the United States mostly unfettered, raising concerns in Congress and among regional experts that these “sleeper cell” agents are poised to launch a large-scale attack on the American homeland, according to testimony before lawmakers.

Iranian agents tied to the terror group Hezbollah have already been discovered in the United States plotting attacks, giving rise to fears that Tehran could order a strike inside America should tensions between the Trump administration and Islamic Republic reach a boiling point.

Intelligence officials and former White House officials confirmed to Congress on Tuesday that such an attack is not only plausible, but relatively easy for Iran to carry out at a time when the Trump administration is considering abandoning the landmark nuclear deal and reapplying sanctions on Tehran.

There is mounting evidence that Iran poses “a direct threat to the homeland,” according to Rep. Peter King (R., N.Y.), a member of the House Homeland Security Committee and chair of its subcommittee on counterterrorism and intelligence.

A chief concern is “Iranian support for Hezbollah, which is active in the Middle East, Latin America, and here in the U.S., where Hezbollah operatives have been arrested for activities conducted in our own country,” King said, referring the recent arrest of two individuals plotting terror attacks in New York City and Michigan.

“Both individuals received significant weapons training from Hezbollah,” King said. “It is clear Hezbollah has the will and capability.”

After more than a decade of receiving intelligence briefs, King said he has concluded that “Hezbollah is probably the most experienced and professional terrorist organization in the world,” even more so than ISIS and Al Qaeda.

Asked if Iran could use Hezbollah to conduct strikes on the United States, a panel of experts including intelligence officials and former White House insiders responded in the affirmative.

“They are as good or better at explosive devices than ISIS, they are better at assassinations and developing assassination cells,” said Michael Pregent, a former intelligence officer who worked to counter Iranian influence in the region. “They’re better at targeting, better at looking at things,” and they can outsource attacks to Hezbollah.

“Hezbollah is smart,” Pregent said. “They’re very good at keeping their communications secure, keeping their operational security secure, and, again, from a high profile attack perspective, they’d be good at improvised explosive devices.”

Others testifying before Congress agreed with this assessment.

“The answer is absolutely. We do face a threat,” said Emanuele Ottolenghi, a senior fellow at the Foundation for Defense of Democracies who has long tracked Iran’s militant efforts. “Their networks are present in the Untied States.”

Iran is believed to have an auxiliary fighting force or around 200,000 militants spread across the Middle East, according to Nader Uskowi, a onetime policy adviser to U.S. Central Command and current visiting fellow at the Washington Institute for Near East Policy.

At least 50 to 60 thousand of these militants are “battle tested” in Syria and elsewhere.

“It doesn’t take many of them to penetrate this country and be a major threat,” Uskowi said. “They can pose a major threat to our homeland.”

While Iran is currently more motivated to use its proxies such as Hezbollah regionally for attacks against Israel or U.S. forces, “those sleeper cells” positioned in the United States could be used to orchestrate an attack, according to Brian Katulis, a former member of the White House National Security Council under President Bill Clinton.

“The potential is there, but the movement’s center of focus is in the region,” said Katulis, a senior fellow at the Center for American Progress.

Among the most pressing threats to the U.S. homeland is Hezbollah’s deep penetration throughout Latin America, where it finances its terror activities by teaming up with drug cartels and crime syndicates.

“Iran’s proxy terror networks in Latin America are run by Tehran’s wholly owned Lebanese franchise Hezbollah,” according to Ottolenghi. “These networks are equal part crime and terror” and have the ability to provide funding and logistics to militant fighters.

“Their presence in Latin America must be viewed as a forward operating base against America’s interest in the region and the homeland itself,” he said.

These Hezbollah operatives exploit loopholes in the U.S. immigration system to enter America under the guise of legitimate business.

Operatives working for Hezbollah and Iran use the United States “as a staging ground for trade-based and real estate-based money laundering.” They “come in through the front door with a legitimate passport and a credible business cover story,” Ottolenghi said.

The matter is further complicated by Iran’s presence in Syria, where it has established not only operating bases, but also weapons factories that have fueled Hezbollah’s and Hamas’s war on Israel.

Iran’s development of advanced ballistic missile and rocket technology—which has continued virtually unimpeded since the nuclear deal was enacted—has benefitted terror groups such as Hezbollah.

“Iran is increasing Hezbollah’s capability to target Israel with more advanced and precision guided rockets and missiles,” according to Pregent. “These missiles are being developed in Syria under the protection of Syrian and Russian air defense networks.”

In Iraq, Iranian forces “have access to U.S. funds and equipment in the Iraqi Ministry of Defense and Iraq’s Ministry of Interior,” Pregent said.

The Trump administration has offered tough talk on Iran, but failed to take adequate action to dismantle its terror networks across the Middle East, as well as in Latin American and the United States itself, according to CAP’s Katulis.

“The Trump administration has talked a good game and has had strong rhetoric, but I would categorize its approach vis-à-vis Iran as one of passive appeasement,” said Katulis. “We simply have not shown up in a meaningful way.”

2 Iranians Indicted for Conducting Surveillance in Chicago

Posted on by

Two Individuals Charged for Acting as Illegal Agents of the Government of Iran

An indictment was returned today charging Ahmadreza Mohammadi-Doostdar, 38, a dual U.S.-Iranian citizen, and Majid Ghorbani, 59, an Iranian citizen and resident of California, with allegedly acting on behalf of the government of the Islamic Republic of Iran by conducting covert surveillance of Israeli and Jewish facilities in the United States, and collecting identifying information about American citizens and U.S. nationals who are members of the group Mujahedin-e Khalq (MEK).

mujahedin-e-khalq

Indictment for Ghorbani

Indictment for Doostdar

The charges were announced by Assistant Attorney General for National Security John Demers, U.S. Attorney Jessie K. Liu for the District of Columbia, and Acting Executive Assistant Director Michael McGarrity of the FBI’s National Security Branch.

“The National Security Division is committed to protecting the United States from individuals within our country who unlawfully act on behalf of hostile foreign nations,” said Assistant Attorney General Demers.  “Doostdar and Ghorbani are alleged to have acted on behalf of Iran, including by conducting surveillance of political opponents and engaging in other activities that could put Americans at risk.  With their arrest and these charges, we are seeking to hold the defendants accountable.”

“This indictment demonstrates the commitment of the Department of Justice to hold accountable agents of foreign governments who act illegally within the United States, especially where those agents are conducting surveillance of individuals and Constitutionally-protected activities in this country,” said Jessie K. Liu, United States Attorney for the District of Columbia.

“This alleged activity demonstrates a continued interest in targeting the United States, as well as potential opposition groups located in the United States,” said Acting Executive Assistant Director McGarrity. “The FBI will continue to identify and disrupt those individuals who seek to engage in unlawful activity, on behalf of Iran, on US soil.”

The indictment charged Doostdar and Ghorbani with knowingly acting as agents of the government of Iran without prior notification to the Attorney General, providing services to Iran in violation of U.S. sanctions, and conspiracy.  Both defendants were arrested on Aug. 9, pursuant to criminal complaints issued by the U.S. District Court for the District of Columbia.  Those complaints were unsealed today.

According to the indictment, in or about July 2017, Doostdar traveled to the United States from Iran in order to collect intelligence information about entities and individuals considered by the government of Iran to be enemies of that regime, including Israeli and Jewish interests, and individuals associated with the MEK, a group that advocates the overthrow of the current Iranian government.

On or about July 21, 2017, Doostdar is alleged to have conducted surveillance of the Rohr Chabad House, a Jewish institution located in Chicago, including photographing the security features surrounding the facility.

On or about Sept. 20, 2017, Ghorbani is alleged to have attended a MEK rally in New York City, during which he photographed individuals participating in the protest against the current Iranian regime.  In or about December 2017, Doostdar returned to the United States from Iran and made contact with Ghorbani in the Los Angeles area.  During the meeting, Doostdar paid Ghorbani approximately $2,000 in cash and Ghorbani delivered to him 28 photographs taken at the September 2017 MEK rally, many of which contained hand-written annotations identifying the individuals who appeared in the photos.  These photographs, along with a hand-written receipt for $2000, were found concealed in Doostdar’s luggage as he transited a U.S. airport on his return to Iran in December 2017.

The indictment also alleges that Ghorbani traveled to Iran in or about March 2018, after informing Doostdar that he would be going to Iran to conduct an “in-person briefing.”  Thereafter, on or about May 4, Ghorbani attended the MEK-affiliated 2018 Iran Freedom Convention for Human Rights in Washington, D.C.  During the course of the conference, Ghorbani appeared to photograph certain speakers and attendees, which included delegations from across the United States.  On May 14, Doostdar called Ghorbani to discuss clandestine methods Ghorbani should use in order to provide this information to Iran.

Ghorbani is scheduled to appear for a detention hearing in the U.S. District Court for the District of Columbia at 9:30 a.m. on Tuesday, Aug. 21, before the Honorable G. Michael Harvey.

The charges in an indictment are merely allegations, and every defendant is presumed innocent unless and until proven guilty beyond a reasonable doubt.  The maximum penalty for conspiracy is five years; the maximum penalty for acting as an agent of a foreign power is ten years; and the maximum penalty for a violation of the International Emergency Economic Powers Act is 20 years.  The maximum statutory sentence is prescribed by Congress and is provided here for informational purposes.  If convicted of any offense, a defendant’s sentence will be determined by the court based on the advisory Sentencing Guidelines and other statutory factors.

The investigation into this matter was conducted by the FBI’s Washington Field Office and Los Angeles Field Office. The case is being prosecuted by the National Security Section of the U.S. Attorney’s Office for the District of Columbia and the Counterintelligence and Export Control Section of the National Security Division of the Department of Justice.